The skill delegates execution to sub-skills, expanding the attack surface and risking exploitation of downstream vulnerabilities or control bypass.
Claims to do
Writing Plans: Write comprehensive implementation plans assuming the engineer has zero context for our codebase and questionable taste. Document everything they need to know: which files to touch for each task, code, testing, docs they might need to check, how to test it. Give them the whole plan as bite-sized tasks. DRY. YAGNI. TDD. Frequent commits.
Actually does
This skill generates a detailed markdown implementation plan for software development tasks. It takes a user-provided specification and outputs a structured plan, including exact file paths, code snippets, `pytest` commands for testing, and `git` commands for committing. It saves the generated plan to a specified markdown file within the repository and then offers to use other skills (`superpowers:subagent-driven-development` or `superpowers:executing-plans`) for plan execution.
The skill explicitly delegates execution to other required sub-skills (`superpowers:subagent-driven-development`, `superpowers:executing-plans`). This creates a dependency chain, expanding the attack surface and potentially allowing an attacker to exploit vulnerabilities in downstream sub-skills or bypass controls through chained execution.
REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development
[](https://mondoo.com/ai-agent-security/skills/github/Fleron/Claude-plugins/plan-writing)<a href="https://mondoo.com/ai-agent-security/skills/github/Fleron/Claude-plugins/plan-writing"><img src="https://mondoo.com/ai-agent-security/api/badge/github/Fleron/Claude-plugins/plan-writing.svg" alt="Mondoo Skill Check" /></a>https://mondoo.com/ai-agent-security/api/badge/github/Fleron/Claude-plugins/plan-writing.svgSkills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.