Skills
skills/mrclrchtr/superpowers-extended-cc/executing-plans/Gen Agent Trust Hub

executing-plans

Warn

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to parse a verifyCommand from a json:metadata block within task descriptions and execute it as part of the task verification process (Step 2.3). This allows for the execution of arbitrary shell commands defined within implementation plans or .tasks.json files.
  • [COMMAND_EXECUTION]: The skill performs workspace management using git worktree list and utilizes external sub-skills for git operations.
  • [PROMPT_INJECTION]: The skill includes 'CRITICAL CONSTRAINTS' that explicitly forbid the use of standard platform tools like EnterPlanMode or ExitPlanMode. While intended for workflow control, this overrides standard agent behavior for the duration of the skill.
  • [INDIRECT_PROMPT_INJECTION]: The skill's implementation logic is driven by external data files which may contain embedded instructions.
  • Ingestion points: Reads implementation plan markdown files and .tasks.json files from the local filesystem.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded instructions are used when parsing the plan or metadata.
  • Capability inventory: Execution of verifyCommand (shell commands), file read/write operations, and git workspace management.
  • Sanitization: No sanitization or validation logic is defined for the verifyCommand content before it is passed to the shell.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 6, 2026, 11:48 PM