Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Superpowers Dev Workflow
v1.0.0Spec-first, TDD, subagent-driven software development workflow. Use when: (1) building any new feature or app — triggers brainstorm → plan → subagent executi...
⭐ 5· 9.1k·96 current·101 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (spec-first TDD, subagent-driven development) matches the instructions and reference files. However, SKILL.md explicitly says it requires an 'exec tool' and 'sessions_spawn' while the registry metadata lists no required binaries/tools. The workflow also assumes the ability to run git, test commands, and `gh pr create` — capabilities not declared in the metadata. This mismatch is disproportionate to the declared requirements.
Instruction Scope
Instructions direct the agent to read project files, run tests, run git commands (merge, push, delete branches), and call `gh pr create`. They also instruct spawning many subagents via `sessions_spawn`. Reading repository files and running test/git is coherent with the stated purpose, but the instructions permit destructive operations (branch deletion, pushing) and network actions (creating PRs) without documenting required approvals/credentials. The 'HARD GATE' language enforces behavior but is not enforced by code — it's an instruction to the agent which may be applied autonomously.
Install Mechanism
This is an instruction-only skill with no install spec and no code files — low install risk. There is nothing downloaded or written by an installer.
Credentials
The skill will likely need access to repository files, git credentials (SSH keys or HTTPS creds), and potentially GitHub CLI authentication to execute `gh pr create` or push branches, but requires.env and primary credential are empty in the registry. That omission is disproportionate: the runtime actions described require credentials and network push rights that are not declared or gated.
Persistence & Privilege
always:false and default model invocation settings are appropriate. However, the skill's heavy reliance on `sessions_spawn` means it will autonomously create subagents if invoked — increasing the blast radius if the agent has permission to run shell commands or push changes. This is not an immediate policy violation, but combine it with undeclared credential needs and destructive git commands raises caution.
What to consider before installing
This skill implements a strict developer workflow that will read the repo, run tests, commit, push, create PRs, and can delete branches — but the registry metadata does not declare the tools or credentials required. Before installing or enabling it: 1) Confirm the agent platform provides and documents the 'exec' capability and 'sessions_spawn' behavior and that you understand when/why subagents will be spawned. 2) Only enable subagent-driven execution if you trust the agent and want it to perform git pushes/PRs; consider using the 'manual execution' mode instead. 3) Ensure backups exist (don't let an automated skill delete branches without extra confirmation) and verify which credentials (SSH keys, GitHub token, gh CLI auth) the skill will need — ask the publisher to update metadata to list required tools and env vars. 4) If you need higher assurance, request the publisher to (a) declare required binaries/env vars, (b) add explicit confirmation steps before any destructive git operation, and (c) explain how sessions_spawn is authorized and limited. If the publisher cannot explain these points, treat the skill cautiously or avoid enabling autonomous execution.Like a lobster shell, security has layers — review code before you run it.
latestvk979t8w5vvrajxxggd8gnwk1rd81ybmn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.