The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell commands using bash to retrieve the current date for document metadata and to create directory structures via 'mkdir -p'. It also utilizes the GitHub CLI ('gh search issues') to gather feature context from external repositories.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with external well-known services including Confluence, Notion, HackMD, Linear, and GitHub. These interactions involve sending gathered context to external APIs for document publishing and searching external issue trackers for project requirements.\n- [DATA_EXFILTRATION]: This skill reads sensitive configuration files such as '00-inbox/MY-INTEGRATIONS.md' and '00-inbox/MY-PROFILE.md' to determine active projects and publishing options. It can transmit the resulting documentation to external platforms, though it includes a mandatory review gate requiring explicit user approval before any external publishing occurs.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes and summarizes content from untrusted external sources (GitHub and Linear issues) which could contain malicious instructions designed to influence the generated PRD or subsequent agent actions.\n
Ingestion points: Feature keywords are used to search and ingest issue bodies from GitHub and Linear; existing PRDs are read from the vault at '04-projects//PRDs/.md'.\n
Boundary markers: No specific delimiters or instructions to ignore embedded commands are present when processing gathered context.\n
Capability inventory: Shell command execution (bash), file system write access for saving documents, and network capability via 'WebFetch' and integration tools.\n
Sanitization: No sanitization or escaping of external issue content or existing PRD text is performed before interpolation into the generation template.

generate-prd