The Agent Skills Directory

[DATA_EXFILTRATION]: The skill uses sha256sum to compute hashes of PRD files and stores them in a manifest file. While these hashes are used for integrity checks, a user should ensure the source documents do not contain sensitive data that shouldn't be hashed or indexed.
[COMMAND_EXECUTION]: The skill uses jq to perform complex updates on a JSON manifest file using shell redirection (> tmp.json && mv tmp.json). While it uses --arg for some variables, it relies on environment variables like $PRDS_READ and $RULES_GENERATED which are derived from file system operations.
[DATA_EXFILTRATION]: The skill processes untrusted content from the docs/prds/ directory. If an attacker can influence the content of these PRDs, they could potentially inject instructions that the agent would follow during the rule generation phase (Indirect Prompt Injection).
Ingestion points: Reads all .md files in docs/prds/ using Glob and Read tools.
Boundary markers: None identified; PRD content is parsed and aggregated directly into new rule files.
Capability inventory: Uses Bash (ls, jq, mv, sha256sum), Glob, Read, and Write tools.
Sanitization: No specific sanitization or escaping of the PRD content is described before it is written into rule files or processed by the agent.

blueprint-generate-rules