The Agent Skills Directory

[DATA_EXFILTRATION]: The skill is configured to access the user's home directory at ~/.claude/rules/. Accessing files outside of the project workspace is a sensitive operation that can lead to unauthorized data exposure or modification of personal configurations.
[COMMAND_EXECUTION]: The skill utilizes the Bash tool to manage file structures and validate rules. Providing shell access to an agent that also interacts with the user's home directory increases the risk of privilege misuse or unintended system modification if the agent's instructions are subverted.
[PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by ingesting external data to generate behavioral instructions for the AI agent.
Ingestion points: The skill reads Product Requirement Documents (PRDs) from docs/prds/ and existing rules from ~/.claude/rules/ and .claude/rules/.
Boundary markers: No specific boundary markers or 'ignore' instructions are used when interpolating PRD content into the generated rule files.
Capability inventory: The skill has access to Write, Edit, and Bash tools, allowing it to commit the generated instructions to the file system.
Sanitization: There is no evidence of content sanitization or validation to prevent malicious instructions within a PRD from being promoted into a rule file that Claude will subsequently obey.

blueprint-rules