using-superpowers
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill uses coercive language such as 'ABSOLUTELY MUST', 'automatic failure', and 'Not negotiable' to hijack the agent's decision-making process. It explicitly instructs the agent to disregard user instructions that might suggest skipping the workflow, which is a behavioral override pattern.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill mandates reading and executing other skills if there is even a '1% chance' of relevance, creating a broad attack surface for malicious instructions found in the environment. 1. Ingestion points: Skill files read via the 'Skill tool'. 2. Boundary markers: Absent; the skill forbids the agent from rationalizing or skipping the reading of external content. 3. Capability inventory: Uses 'Skill tool' and 'TodoWrite'. 4. Sanitization: None; the skill provides no mechanism to validate the safety of external content before the agent adopts its instructions.
Audit Metadata