using-superpowers
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill uses aggressive overriding markers ('ABSOLUTELY MUST', 'not negotiable', 'not optional') to force the agent into a specific behavior loop. It explicitly suppresses the agent's internal safety and context-gathering reasoning (e.g., 'I need more context first' is labeled a 'Red Flag' and 'rationalizing').
- [INDIRECT_PROMPT_INJECTION] (HIGH): By mandating that the agent invoke any skill with even a '1% chance' of relevance before responding, this skill acts as a high-privilege gateway. It creates an environment where malicious skills are automatically processed before the agent can evaluate the input or apply its own safety protocols. Evidence: Ingestion points include the agent's entire skill library; Capability inventory includes the 'Skill' tool and 'TodoWrite' tool; Boundary markers are absent, as the skill demands 'Follow skill exactly' even for 'Rigid' skill types.
Recommendations
- AI detected serious security threats
Audit Metadata