70High
It dispatches subagents using an unknown external template
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Requesting Code Review: Dispatch superpowers:code-reviewer subagent to catch issues before they cascade. The reviewer gets precisely crafted context for evaluation — never your session's history. This keeps the reviewer focused on the work product, not your thought process, and preserves your own context for continued work.
Actually does
This skill uses `git` commands (`git rev-parse`, `git log`) to identify specific commit SHAs. It then instructs the user to dispatch a `superpowers:code-reviewer` subagent via a `Task` tool, providing it with a structured context including implemented features, requirements, and the identified SHAs, likely using a template file like `code-reviewer.md`.
Skill Info
Nameobra/superpowers/requesting-code-review
Registrygithub
Version917e5f53b16b
PURLpkg:github/obra/superpowers@917e5f53b16b?skill=requesting-code-review
Stars180,084
Installs71,300
Source
SHA-256a5ff68586ccf...
SHA-106f8749dd837...
MD5e03a4360964f...
TLSH2d51b7a7b80a...
Size2,935 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (1)
AI Agent Traps ↗Sub-agent prompt injection via external templatehighsub agent spawning, prompt injection, supply chain
The skill dispatches a subagent using an external template (`code-reviewer.md`) and user-provided inputs. The content of this template is unknown, posing a supply chain risk. If the template is malicious or vulnerable to prompt injection from user inputs, it could lead to arbitrary actions by the subagent.
80% confidenceline 34
Use Task tool with superpowers:code-reviewer type, fill template at `code-reviewer.md`
Placeholders: {WHAT_WAS_IMPLEMENTED} ... {DESCRIPTION}Potential command execution via git commandsmediumcommand execution
The skill provides `git` commands for obtaining SHAs. If the AI is configured to execute these commands and any part of the command string is derived from unsanitized user input, it could lead to command injection.
60% confidenceline 28
BASE_SHA=$(git rev-parse HEAD~1)
Version History (4)
Dependencies (1)
superpowers.claude-plugin/marketplace.jsonnot scanned
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/obra/superpowers/requesting-code-review)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/obra/superpowers/requesting-code-review"><img src="https://mondoo.com/ai-agent-security/api/badge/github/obra/superpowers/requesting-code-review.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/obra/superpowers/requesting-code-review.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow