Your agent says 'done' — but did it check? Superpowers turns any OpenClaw agent into a disciplined engineer. Verification iron law (evidence before claims),...
Security Analysis
medium confidenceThe skill is a coherent, instruction-only engineering methodology (no installs or credentials), but its runtime instructions ask agents to change persistent agent behavior and to paste full task/file context into spawned sub-agents — patterns that can be used for prompt-override or leaking sensitive data, so review before enabling.
The name/description (developer workflow, verification, reviews, debugging) matches the SKILL.md content and reference templates. It legitimately needs to read repo files, run tests and spawn sub-agents for code review/verification work.
The instructions tell agents to read repository files, run git/tests, and to spawn sub-agents passing the 'FULL TEXT' of tasks (explicit: 'paste it here, don't make sub-agent read plan file'), which increases the chance of sending sensitive files/credentials to models. It also instructs users to add rules to AGENTS.md to make behavioral rules 'always-on' — this is effectively a system-prompt style override and can change agent behavior persistently. These are in-scope for a coding methodology, but they materially broaden what the agent will access and who/what receives that data.
No install spec and no code files to execute. The skill is instruction-only, so no network downloads or binaries are added by the skill itself.
The skill requests no environment variables or credentials. However, its runtime guidance expects the agent to read repo files, run commands, and paste whole task/file contents into sub-agents — operations that can expose secrets present in the codebase or environment despite no declared creds. This is a proportionality caveat rather than a direct credential request.
The registry flags show the skill is not forced always-on. But the SKILL.md instructs users to add content to AGENTS.md to activate 'always-on behavioral rules' (manual but persistent). Enabling that is a user action that grants persistent behavioral changes; do not apply blindly.
Guidance
This skill is an instruction-only development methodology (no installs or credentials), and its templates are coherent for verification and multi-agent review. Before installing or copying its rules into your AGENTS.md: 1) Do not blindly add the 'always-on' rules — review and scope them first; prefer a transient/test deployment. 2) Audit templates that instruct you to paste 'FULL TEXT' or file contents into spawned sub-agents — avoid including secrets or credentials in tasks/plan text. 3) Limit which models and runtimes sub-agents use, and run them in isolated environments when possible. 4) If you keep the rules, document and peer-review the AGENTS.md change so other operators know persistent behavior changed. 5) If you need higher assurance, test on a non-sensitive repository and validate that spawned sub-agents only receive the minimal context required. These steps reduce the main risks: prompt-override (persistent behavioral change) and accidental exfiltration of sensitive project data.
Latest Release
v1.1.0
Marketia-grade description, metadata, conversion block, skill pairing recommendations
More by @globalcaos
Published by @globalcaos on ClawHub
