using-superpowers
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative and absolute language such as "ABSOLUTELY MUST", "non-negotiable", and "not optional" to force the agent to follow its instructions over its own reasoning or default behavior.
- [PROMPT_INJECTION]: Includes instructions to disregard the agent's own internal deliberation ("STOP—you're rationalizing") when deciding whether to invoke a tool.
- [PROMPT_INJECTION]: Establishes an extremely low threshold for tool invocation ("even a 1% chance"), which can lead to unintended tool execution.
- [PROMPT_INJECTION]: Mandates the loading and execution of potentially untrusted data (other skill files) without validation, creating a surface for indirect instructions. Evidence Chain: 1. Ingestion points: External skill files loaded via the Skill tool as instructed in SKILL.md. 2. Boundary markers: Absent; the skill explicitly directs the agent to follow loaded content directly. 3. Capability inventory: Invocation of the Skill tool and subsequent execution of instructions from retrieved files. 4. Sanitization: No sanitization or verification of the loaded skill content is performed.
Audit Metadata