ClawGator Superpowers
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The framework automates software development workflows using standard shell commands including git, npm, pip, pytest, and cargo. These commands are invoked to manage git worktrees, execute test suites, and build projects in isolated environments.
- [EXTERNAL_DOWNLOADS]: Workspace setup logic in the worktree management skill automates package retrieval via npm install, pip install, and cargo build when relevant project configuration files are detected. These actions target standard language registries.
- [PROMPT_INJECTION]: The skill uses strong imperative language and 'Iron Laws' to enforce behavioral consistency and adherence to its development methodology. These instructions are functional constraints designed to ensure process discipline rather than attempts to bypass security filters.
- [SAFE]: No malicious patterns such as credential harvesting, data exfiltration, or persistence mechanisms were detected. The skill features defensive security prompts, specifically instructing reviewer subagents to independently verify code changes and not trust self-reported success from implementation agents.
Audit Metadata