using-superpowers
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs high-pressure language (e.g., 'ABSOLUTELY MUST', 'not negotiable') to ensure the agent invokes skills before performing tasks or responding to queries.
- [PROMPT_INJECTION]: Instructions explicitly direct the agent to override its default system prompt behavior with instructions provided in 'superpowers' skills.
- [COMMAND_EXECUTION]: The documentation for the Codex platform in references/codex-tools.md provides shell command sequences for environment detection using git and instructions for the manual modification of the ~/.codex/config.toml configuration file.
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection risk by requiring the agent to 'Follow skill exactly' for content ingested via tools (Skill/Task tools), without providing boundary markers or sanitization. Ingestion point: Skill/activate_skill tools; Boundary markers: Absent; Capability inventory: subprocess (Bash/run_shell_command), file write (Write/Edit/replace); Sanitization: Absent.
Audit Metadata