go
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user input to drive autonomous actions.
- Ingestion points: User goals are captured via the $ARGUMENTS parameter in SKILL.md.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the user-provided goals.
- Capability inventory: The skill has the ability to create directories, write files (spec.md, plan.md, metadata.json) in SKILL.md, and trigger execution agents (superpowers:executing-plans) that perform tasks.
- Sanitization: There is no evidence of input validation or sanitization before the goal is used to generate executable plans.
Audit Metadata