using-superpowers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill employs strong imperative language ("ABSOLUTELY MUST", "NOT NEGOTIABLE") and override markers to bypass the agent's standard operating procedures. It explicitly instructs the AI to ignore its own reasoning process, labeling logical hesitation as "rationalizing," which mimics patterns used in system prompt extraction or override attacks.
- Indirect Prompt Injection (LOW): The skill mandates a "1% chance" threshold for invoking external tools before any clarification or safety assessment. This significantly increases the attack surface for malicious content within those external skills to be processed by the agent.
- Ingestion points: The skill triggers based on any incoming "User message" (defined in the
skill_flowdiagram inSKILL.md). - Boundary markers: None present; the instructions explicitly reject the need for "context first" or gathering information before action.
- Capability inventory: Invocation of the
Skilltool, which can load and execute arbitrary instructions from other files. - Sanitization: None; the skill requires the agent to "Follow skill exactly" without adaptation.
Audit Metadata