using-superpowers
Warn
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill explicitly instructs the agent to override default system behavior.
- Evidence: 'Superpowers skills — override default system behavior where they conflict' is listed as priority #2, above the 'Default system prompt' at priority #3.
- [PROMPT_INJECTION]: Employs aggressive psychological framing to bypass the agent's internal reasoning and safety filters regarding tool use.
- Evidence: Uses absolute directives like 'ABSOLUTELY MUST', 'not negotiable', 'not optional', and 'You cannot rationalize your way out of this'.
- Evidence: Includes a 'Red Flags' table that labels normal agent reasoning (e.g., 'I need more context first') as 'rationalizing' and 'undisciplined action'.
- [COMMAND_EXECUTION]: Instructs the user or agent to modify a system configuration file to enable additional capabilities.
- Evidence: 'references/codex-tools.md' provides a TOML snippet and directs the modification of '~/.codex/config.toml' to set 'multi_agent = true'.
- [PROMPT_INJECTION]: Provides specific instructions on how to structure subagent prompts to maximize 'authoritative' instruction adherence, which is a meta-injection technique.
- Evidence: 'references/codex-tools.md' advises wrapping instructions in XML tags because 'the model treats tagged blocks as authoritative' and suggests using specific 'task-delegation framing' to ensure exact execution.
Audit Metadata