writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection. It ingests untrusted data (software requirements/specs) and interpolates them into a structured plan that includes code blocks and shell commands designed for execution by other skills.
- Ingestion points: Untrusted 'spec or requirements' provided by the user or another agent.
- Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands within the input specs.
- Capability inventory: While this skill only writes files (docs/plans/), the generated content is explicitly formatted to be consumed by skills like 'superpowers:executing-plans' which likely possess command execution and file modification capabilities.
- Sanitization: None. The skill does not validate or sanitize the input requirements before generating the plan.
Audit Metadata