Skills
skills/patinaproject/skills/superteam/Gen Agent Trust Hub

superteam

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute git and gh (GitHub CLI) commands for repository operations, including branch switching, issue retrieval, and PR management. These operations are restricted to the context of the active development task.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core function of ingesting data from GitHub issues and repository-hosted design artifacts.
  • Ingestion points: Reads issue content via gh issue view and processes design/plan documents from docs/superpowers/.
  • Boundary markers: Uses structured artifact templates and mandatory Acceptance Criteria (AC) IDs to maintain context, though it lacks explicit technical delimiters for raw external input.
  • Capability inventory: Access to Bash (Git/GH CLI), Write, and Edit tools across the repository.
  • Sanitization: Features a multi-layered defense including a mandatory 'Adversarial Design Review' phase and a 'Forbidden-append denylist (LC5)' in the project delta logic to prevent overrides from weakening core security rules.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:30 AM
Security Audit — agent-trust-hub — superteam