using-superpowers
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs extremely strong imperative language ("EXTREMELY-IMPORTANT", "not negotiable", "absolute must", "no choice") designed to override the agent's default decision-making. It explicitly instructs the agent to override default system prompt behavior in favor of the skill's workflow and includes instructions to suppress internal reasoning/rationalization that might lead to bypassing the workflow.
- [COMMAND_EXECUTION]: The documentation instructs users to modify local configuration files (
~/.codex/config.toml) to enable multi-agent capabilities. While intended for feature enablement, providing instructions for modifying system-level configuration files is a sensitive operation. - [PROMPT_INJECTION]: The skill establishes a "China-specific skill routing" system. This logic acts as a trigger mechanism where project data (presence of
.giteefolders, Chinese comments, or commit history) automatically mandates the loading of specific external skill sets, creating a surface for indirect influence over agent behavior based on file content.
Audit Metadata