writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests external specifications to generate plans that include executable commands.
- Ingestion points: Feature specifications or requirements provided by the user (referenced in
SKILL.md). - Boundary markers: Absent; the skill does not use specific delimiters to isolate untrusted input within the generated plan.
- Capability inventory: The generated plans contain shell commands (
git,pytest) and Python code blocks intended for execution by thesuperpowers:executing-planssub-skill. - Sanitization: Absent; requirements are incorporated into the plan document without explicit validation or escaping.
- [Dynamic Execution] (LOW): The skill generates script templates (Python and Bash) based on user-provided inputs. While the skill itself does not execute these scripts, it facilitates the generation of code for later execution by a separate sub-skill.
Audit Metadata