sharing-skills
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes
gitandghCLI commands to manage repository state. These actions are aligned with the intended functionality of sharing code. The use of quoted heredocs ('EOF') in bash commands is a security best practice that prevents shell expansion of the content being processed. - DATA_EXFILTRATION (SAFE): The skill facilitates the transfer of data (skills) to remote repositories via
git push. This is the core function of the skill and is appropriately scoped to the local skills directory. - PROMPT_INJECTION (LOW): The skill exhibits a surface for indirect prompt injection as it ingests untrusted data from the local skills directory. Ingestion points: files within
~/.config/superpowers/skills/. Boundary markers: Quoted heredocs are present in the command templates but absent for file content itself. Capability inventory: shell execution ofgitandgh. Sanitization: None provided. This represents a vulnerability surface but no active exploit content was detected.
Audit Metadata