The Agent Skills Directory

[Indirect Prompt Injection] (INFO): The skill defines a mechanism for the agent to monitor and act upon external data (files and prompts). While this capability could theoretically be targeted by malicious content in a processed file, it is a first-party governance feature designed to enhance security.
Ingestion points: Rules process user prompts and file edits via 'prompt' and 'file' events.
Boundary markers: Policy files are isolated within the .claude/ local directory.
Capability inventory: Provides the ability to warn the user or block agent actions (PreToolUse).
Sanitization: Uses regex pattern matching to identify and flag content.

Writing Hookify Rules