The Agent Skills Directory

[SAFE]: The skill is designed for document generation and does not exhibit malicious behavior or unauthorized access to system resources. It performs legitimate document generation tasks using provided local tools.- [PROMPT_INJECTION]: The skill acts as a document generator, which involves a data ingestion surface. It accepts user input via the AskUserQuestion tool and writes it to a file. Ingestion points: user answers to questions in SKILL.md (Stage 2). Boundary markers: none explicitly used to wrap user content in the PRD. Capability inventory: Write (file-write) and Read (file-read) tools in SKILL.md. Sanitization: none implemented for user-provided input. While this represents a surface for indirect prompt injection, it is identified as a functional requirement of the document creation process and does not indicate malicious intent.- [EXTERNAL_DOWNLOADS]: No remote URLs, external packages, or resources are fetched. The skill relies exclusively on files provided within the references/ directory.- [COMMAND_EXECUTION]: No shell commands or system utilities are executed. The skill strictly uses the Write tool to save the generated PRD document to the local filesystem in standard project directories.

create-prd