Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Using Superpowers 0.1.0
v1.0.0Use when starting any conversation - establishes how to find and use skills, requiring Skill tool invocation before ANY response including clarifying questions
⭐ 0· 195·7 current·9 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description claim to enforce a workflow for invoking skills; SKILL.md contains that exact policy. The skill requires no binaries, secrets, or installs, so requested capabilities are proportionate to the stated purpose.
Instruction Scope
The instructions mandate invoking the Skill tool before any response (including clarifying questions) whenever there's even a 1% chance a skill applies. This is unusually broad and grants the agent little discretion. It also forbids using the Read tool on skill files and presumes tools like TodoWrite exist. These directives can cause excessive/automatic skill invocation, platform incompatibility, and broaden the attack surface by loading many skills unnecessarily.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install profile. Nothing is written to disk or downloaded.
Credentials
No environment variables, credentials, or config paths are requested. The lack of secrets is proportionate to the described purpose.
Persistence & Privilege
Skill is not always:true and does not request elevated agent privileges. However, because its runtime instructions mandate a behavioral rule that forces pre-response skill invocation, it effectively increases the frequency with which other skills are loaded or consulted, raising the practical privilege/attack surface even if it does not itself request persistent privileges.
What to consider before installing
This skill enforces a strict policy: always invoke the Skill tool before responding if any skill might apply. On the positive side, it is coherent with its stated purpose and has no install or secret requirements. However, consider these issues before installing:
- It forces the agent to check skills even when unnecessary, which can cause many skills to be loaded and increase data exposure and attack surface. Ask how your platform sandboxing works: when a skill is loaded, can it read user-provided context or call external endpoints? If so, this policy may accidentally leak data.
- The SKILL.md forbids using the Read tool and assumes specific tools (e.g., Skill tool, TodoWrite). Confirm those tools exist and that forcing that exact workflow won't break your environment.
- This instruction can degrade agent behavior (constant interruptions to check skills) and may be incompatible with platforms that expect clarifying questions first.
Recommendations: only install if you understand how your platform loads and sandboxes skills and you want strict, centralized enforcement of skill usage. If you proceed, monitor which skills get loaded when this policy is used and consider restricting which skills are permitted to be auto-invoked. If you need more assurance, request an implementation that is less absolute (e.g., suggest skill checks for specific categories or make invocation user-confirmed) or provide evidence that loaded skills cannot exfiltrate data.Like a lobster shell, security has layers — review code before you run it.
latestvk977p2n4a76z04ggf9s9760heh834qtq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
