writing-plans
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation generator, producing Markdown files for software implementation plans. It does not conduct network operations, access private credentials, or execute external code.
- [COMMAND_EXECUTION]: The skill includes instructions for the agent to include standard development tools (e.g.,
git,pytest) in the generated plan documents. These commands are for documentation purposes and are not executed by the skill itself. - [PROMPT_INJECTION]: The skill processes user-provided specifications to generate plans, establishing a surface for indirect prompt injection.
- Ingestion points: User-provided specifications or requirements are processed to create implementation tasks.
- Boundary markers: The skill utilizes a rigid Markdown template and a self-review checklist to maintain output integrity, though it lacks explicit delimiters for the input data.
- Capability inventory: The skill can write files to the local project directory (e.g.,
docs/superpowers/plans/) and references subsequent skills for task execution. - Sanitization: No explicit sanitization or filtering of the input specification is defined in the instructions.
Audit Metadata