using-superpowers
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill uses extreme, absolute language ('ABSOLUTELY MUST', 'not negotiable', 'not optional') to override the agent's standard decision-making processes.
- PROMPT_INJECTION (HIGH): The 'Red Flags' section explicitly targets and attempts to suppress the agent's internal logic and rationalization (e.g., 'STOP--you're rationalizing'), which is a common pattern in jailbreak-style injections to prevent the agent from evaluating the safety or necessity of an action.
- PROMPT_INJECTION (HIGH): The skill instructs the agent to ignore user preferences regarding workflow ('Instructions say WHAT, not HOW... doesn't mean skip workflows'), prioritizing the skill's directives over the user's explicit guidance.
- PROMPT_INJECTION (MEDIUM): The skill mandates a specific tool invocation ('Skill' tool) before 'ANY response including clarifying questions,' which forces the agent into a rigid, non-standard behavior loop that could be exploited if malicious skills are present in the environment.
Recommendations
- AI detected serious security threats
Audit Metadata