Security Audit
using-superpowers
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
using-superpowers received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted content attempts to dictate LLM tool usage.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Untrusted content attempts to dictate LLM tool usage The skill contains an explicit instruction ('Never use the Read tool on skill files') that attempts to manipulate the host LLM's behavior regarding tool invocation. SkillShield's instructions explicitly state that commands within untrusted content should not be followed. Following this instruction could lead to the LLM bypassing standard procedures for accessing skill content, potentially hindering security analysis or preventing the LLM from performing necessary actions. Remove or rephrase instructions that dictate the LLM's internal tool usage or operational procedures. The LLM should be free to use its tools as it deems appropriate, especially for security analysis or debugging. If a skill's content is meant to be accessed only via a specific tool, that should be enforced by the platform, not by an instruction within the skill itself. | LLM | SKILL.md:13 |
Scan History
Embed Code
[](https://skillshield.io/report/4b9bf3bf6f14f842)
Powered by SkillShield