writing-plans
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill defines a workflow for processing implementation requirements into actionable plans. This creates a surface where malicious instructions in a feature request could potentially influence the generated code or shell commands.
- Ingestion points: Implementation requirements provided by the user or read from project files.
- Boundary markers: The skill uses strict Markdown header and task templates as delimiters.
- Capability inventory: The generated output includes shell commands (
npm test,git commit) and full code snippets intended for execution by subagents or developers. - Sanitization: No explicit sanitization of input requirements is described in the markdown; the skill relies on the agent's ability to interpret requirements within the 'Plan Structure'.
- [Unverifiable Dependencies] (SAFE): The skill references an external source (github.com/obra/superpowers) which is not in the trusted organization list. However, this is used as a metadata reference and does not trigger any automated downloads or remote script execution.
Audit Metadata