writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user specifications to generate implementation plans and shell commands.
- Ingestion points: The skill ingests user-provided specifications and requirements as defined in the description and Overview section in SKILL.md.
- Boundary markers: No delimiters or specific instructions are provided to the agent to distinguish between the skill's logic and potentially malicious instructions within the input data.
- Capability inventory: The skill writes Markdown files to the filesystem (
docs/plans/) and encourages the use of sub-skills for task execution (e.g.,superpowers:executing-plansandsuperpowers:subagent-driven-development) which may execute the generated commands. - Sanitization: No sanitization, filtering, or validation of the input specifications is performed before they are incorporated into the plan document.
Audit Metadata