Security Audit

jnMetaCode/superpowers-zh:skills/writing-plans

github.com/jnMetaCode/superpowers-zh

AI SkillCommit 03baa7805d2c

TRUSTED

Scanned 5 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

jnMetaCode/superpowers-zh:skills/writing-plans received a trust score of 84/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Potential Path Traversal via User-Defined Plan Save Location, Unspecified Dependencies for Sub-Skills.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 25, 2026 (commit 03baa780). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

83%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Path Traversal via User-Defined Plan Save Location The skill explicitly states that the user's preference for the plan's save location takes precedence over the default path (`docs/superpowers/plans/YYYY-MM-DD-<feature-name>.md`). If the agent framework directly uses unsanitized user input for this file path when saving the generated plan, an attacker could specify a path like `../../../etc/passwd` to overwrite arbitrary files, or `../../../.ssh/authorized_keys` for potential remote code execution. This exposes the file system to manipulation. The agent framework responsible for saving the plan must sanitize and validate any user-provided file paths to prevent path traversal attacks. Restrict save locations to a designated, sandboxed directory and enforce strict validation on file names and paths.	LLM	SKILL.md:20
LOW	Unspecified Dependencies for Sub-Skills The skill lists `superpowers:subagent-driven-development` and `superpowers:executing-plans` as required sub-skills. Without specifying exact versions or trusted sources for these dependencies, there is a supply chain risk. A malicious or vulnerable version of these sub-skills could be introduced, potentially compromising the agent's operations. Specify exact versions for all required sub-skills. Ensure all dependencies are sourced from trusted repositories and regularly audited. Implement a mechanism for dependency integrity checking within the agent ecosystem.	LLM	SKILL.md:69

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/67986fbf0d9c0e2e.svg)](https://skillshield.io/report/67986fbf0d9c0e2e)