Writing Plans
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill generates shell commands for
gitandpytest. These commands are strictly for local development workflows (committing code and running tests) and are intended to be part of the documentation provided to the user. - [PROMPT_INJECTION]: The skill generates implementation plans that include instructions for other AI agent sessions (e.g., referencing
${SUPERPOWERS_SKILLS_ROOT}). This creates an indirect prompt injection surface where the output of this skill serves as the input instructions for another. However, this is the intended primary purpose of the skill to facilitate multi-agent collaboration. - [DATA_EXPOSURE]: The skill instructions specify saving plans to the
docs/plans/directory. This is a standard project documentation path and does not involve sensitive or unauthorized file access.
Audit Metadata