writing-plans
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a documentation and planning framework. It defines how an agent should structure technical implementation plans and reviewer prompts. No malicious executable content, remote resources, or unauthorized file access patterns were identified.\n- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection as it interprets external specifications to generate planning documents. This is considered acceptable as it is the primary purpose of the skill.\n
- Ingestion points: Technical specifications and requirements files processed by
SKILL.mdandplan-document-reviewer-prompt.md.\n - Boundary markers: None; the instructions do not specify the use of delimiters for isolating external content.\n
- Capability inventory: The skill records plans to the local filesystem (
docs/superpowers/plans/) and suggests task execution via other agent skills.\n - Sanitization: No explicit sanitization or filtering of the input specification is defined.\n- [COMMAND_EXECUTION]: Plan templates include example shell commands for local development workflows, such as
gitandpytest. These commands are generated as part of the documentation and are standard for software engineering tasks.
Audit Metadata