writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external specifications to generate implementation plans, which introduces a surface for indirect prompt injection where instructions hidden in the spec could influence the generated tasks.
- Ingestion points: User-provided specifications or requirements documents are ingested as context in SKILL.md.
- Boundary markers: No specific delimiters or instructions are used to separate the untrusted specification content from the agent's internal planning logic.
- Capability inventory: The skill is capable of writing implementation plan files to the local file system (docs/superpowers/plans/) and initiating subagent-based reviews.
- Sanitization: There is no validation or filtering of the input specification to detect or neutralize embedded instructions.
Audit Metadata