70High
This skill is vulnerable to prompt injection
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Writing Plans: Write comprehensive implementation plans assuming the engineer has zero context for our codebase and questionable taste. Document everything they need to know: which files to touch for each task, code, testing, docs they might need to check, how to test it. Give them the whole plan as bite-sized tasks. DRY. YAGNI. TDD. Frequent commits.
Actually does
This skill generates a detailed Markdown implementation plan, saved to `docs/superpowers/plans/YYYY-MM-DD-<feature-name>.md`. The plan specifies exact file paths, complete code snippets, `pytest` commands for testing, and `git` commands for committing, broken into small, TDD-oriented steps. It also outlines a self-review process and recommends subsequent execution skills.
Skill Info
Nameobra/superpowers/writing-plans
Registrygithub
Versiona569527b89c1
PURLpkg:github/obra/superpowers@a569527b89c1?skill=writing-plans
Stars180,084
Installs81,600
Source
SHA-25690056bad3d5f...
SHA-1be008098f3d6...
MD53eccd43deb42...
TLSH00c1b8267781...
ssdeep96:d1zZo0bLb...
Size6,046 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (3)
AI Agent Traps ↗Malicious command generation via prompt injectionhighprompt injection, command execution
The skill's primary function is to generate detailed plans, including explicit shell commands. A malicious prompt could manipulate the skill to generate harmful commands (e.g., `rm -rf /`) within the plan, which would then be executed by downstream agents.
90% confidenceline 83
Run: `pytest tests/path/test.py::test_name -v`
Persistence mechanism via generated Git commandsmediumprompt injection, persistence
The skill generates `git commit` commands as part of the plan. A malicious prompt could be used to generate commits that introduce unwanted changes or backdoors into the codebase, establishing a form of persistence.
90% confidenceline 102
git commit -m "feat: add specific feature"
Potential for RAG poisoning via generated planslowrag poisoning
The skill saves generated plans as Markdown files. If these files are later ingested into a RAG system or knowledge base, a malicious prompt could lead to the generation of poisoned content, affecting the cognitive state of other agents.
70% confidenceline 20
Save plans to: `docs/superpowers/plans/YYYY-MM-DD-<feature-name>.md`
Multi-agent chaining and tool uselowsub agent spawning, supply chain
The skill explicitly requires the use of other 'sub-skills' (`subagent-driven-development` or `executing-plans`) to implement the generated plan. This creates a multi-agent workflow where a compromised plan from this skill could act as a supply chain attack vector for downstream execution skills.
90% confidenceline 52
REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans
Version History (4)
Dependencies (1)
superpowers.claude-plugin/marketplace.jsonnot scanned
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/obra/superpowers/writing-plans)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/obra/superpowers/writing-plans"><img src="https://mondoo.com/ai-agent-security/api/badge/github/obra/superpowers/writing-plans.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/obra/superpowers/writing-plans.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow