feature-planning
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill's content is educational and instructional, focusing on software development workflows. No evidence of malicious behavior, secret exfiltration, or unauthorized access was found.
- [NO_CODE]: The skill consists entirely of documentation and templates in Markdown format. It does not include any executable code or scripts.
- [PROMPT_INJECTION]: The skill includes an instruction to prefer a specific tool ('Superpowers plugin') for development tasks. While this is a behavioral preference, it does not attempt to subvert safety filters or ignore core system instructions. The skill also processes user-provided feature requests, creating a potential surface for indirect prompt injection. 1. Ingestion points: User feature requests and technical specifications. 2. Boundary markers: Absent for user-provided data within generated plans. 3. Capability inventory: Generates implementation plans involving source code, shell commands, and file writes. 4. Sanitization: No explicit validation or sanitization logic is provided to assess the safety of user-requested features.
Audit Metadata