superplan
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes requirements from external issue trackers. Ingestion points: User-provided story text and ticket links (Jira/GitHub). Boundary markers: Implementation plans are isolated to the docs/ directory. Capability inventory: Spawns sub-agents for parallel tasks and generates shell commands. Sanitization: Includes a mandatory human-in-the-loop checkpoint for the user to review and approve generated plans before any code is executed.
- [EXTERNAL_DOWNLOADS]: The skill identifies and recommends the 'superbuild' utility located at github.com/adamos486/skills for executing implementation plans, which is a verified resource provided by the author.
- [COMMAND_EXECUTION]: Uses standard shell commands to detect project metadata and configuration files, and defines build, linting, and testing commands within its generated plans as part of typical software development operations.
- [DATA_EXFILTRATION]: Initiates web searches to retrieve industry-standard patterns and security guidelines for the project's detected technology stack.
Audit Metadata