executing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and execute implementation plans from external files ('Step 1: Load and Review Plan'). By instructing the agent to 'follow each step exactly', the skill creates a significant indirect prompt injection surface.
- Ingestion points: External plan files are loaded into the context in SKILL.md.
- Boundary markers: Absent; the instructions do not include delimiters or warnings to ignore instructions found within the processed data.
- Capability inventory: The skill allows the agent to modify files, run verification commands, and manage git worktrees (via referenced sub-skills such as superpowers:using-git-worktrees).
- Sanitization: Absent; there is no validation or filtering of the ingested plan content before it is processed and executed.
Audit Metadata