Plan

Explore codebase and create spec + phased implementation plan with file-level task breakdown. Use when user says "plan this feature", "create implementation...

This skill is coherent and appears to do what it says: it will read your repository to research a task and then create a plan by writing files under docs/plan/. Before installing/using it, consider: 1) review the SKILL.md so you understand which files it will read and where it will write (docs/plan/{track}/spec.md); 2) run it in a feature branch or sandbox so its writes don't change main branches unexpectedly; 3) ensure your repository doesn't contain unintended secrets in files the skill might read (it has no explicit secret exfiltration steps, but it will scan the repo); 4) if you don't want network lookups or access to your session/project history, disable MCP/web tools or run in an environment where those tools are unavailable; 5) inspect created/edited files before committing. If you want stronger guarantees, consider restricting the agent's file access or running the planning step locally and reviewing outputs manually.

Type: OpenClaw Skill Name: solo-plan Version: 2.2.1 The skill is classified as suspicious due to its allowance of high-risk tools like `Bash` and `web_search`, granting significant system and network access. It presents vulnerabilities including potential path traversal in `SKILL.md` (Step 7) if user-provided task descriptions are not properly sanitized before being used to construct `$PLAN_ROOT` for `mkdir -p`. Furthermore, the skill is vulnerable to prompt injection against the `/build` skill, as it generates `plan.md` and `spec.md` based on user input and research findings, and these files are explicitly stated to be parsed by `/build` (SKILL.md, Compatibility Notes), allowing an attacker to stage commands for subsequent execution.