writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a workflow template designed to help engineers document implementation steps, file changes, and testing procedures. It does not contain any direct prompt injections, data exfiltration patterns, obfuscated code, or unauthorized network operations.
- [SAFE]: While the skill acts as a transformer for user-provided specifications into plans that include shell commands (a potential surface for indirect prompt injection), this is the primary intended purpose of the tool and does not constitute a security violation.
- Ingestion points: Task specifications and requirements are ingested from the user's input.
- Boundary markers: No explicit markers or 'ignore' instructions are used to isolate user data within the generated plan.
- Capability inventory: The skill generates plans meant for subsequent execution by other subagents or skills, such as 'superpowers:executing-plans', which handle file system and command-line operations.
- Sanitization: Input content is not sanitized before being formatted into the markdown implementation plan.
Audit Metadata