using-superpowers
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses assertive language and mandatory checklists (e.g., 'ABSOLUTELY MUST', 'automatic failure') to enforce its specific methodology and override default agent reasoning paths.
- [EXTERNAL_DOWNLOADS]: References the installation of the 'superpowers' plugin from the 'claude-plugins-official' registry and points to official GitHub repositories for its upstream tools.
- [NO_CODE]: The skill consists entirely of instructional markdown and does not include any accompanying scripts or binary files.
- [PROMPT_INJECTION]: The framework's reliance on processing external specifications creates a surface for indirect prompt injection. Ingestion points: User requirements and specification files managed by spec-kit. Boundary markers: Absent in this routing skill. Capability inventory: Tool execution and code generation via delegated implementation skills. Sanitization: Not specified.
Audit Metadata