using-superpowers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill uses extremely imperative and coercive language ('ABSOLUTELY MUST', 'NOT NEGOTIABLE', 'NOT OPTIONAL') to force a specific behavior, which is a technique used to override an agent's base instructions and safety guardrails.
- Prompt Injection (LOW): It explicitly instructs the agent to ignore its own internal logic and reasoning ('You cannot rationalize your way out of this', 'These thoughts mean STOP—you're rationalizing'), effectively attempting to bypass the model's 'system 2' thinking or safety reasoning.
- Indirect Prompt Injection Surface (LOW): The skill creates a high-risk surface by mandating the invocation of the
Skilltool based on a '1% chance' before any response or clarification. This forces the agent to load external, potentially untrusted content into its context with minimal filtering. - Ingestion points: The
Skilltool is used to load external skill content into the active context. - Boundary markers: None present; the skill encourages following loaded content 'exactly'.
- Capability inventory: The skill mentions
Skilltool usage andTodoWriteoperations. - Sanitization: No sanitization or validation of loaded skill content is mentioned or required.
Audit Metadata