The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes standard shell commands such as ls, cat, and mkdir to inspect the project environment, identify tech stacks from configuration files, and manage the output directory. These operations are essential for generating accurate requirements based on the existing codebase.
[PROMPT_INJECTION]: The skill processes untrusted input from $ARGUMENTS and external markdown files in docs/ideas/ to generate task instructions for an autonomous agent. This creates an indirect prompt injection surface.
Ingestion points: User-provided descriptions and idea files in the docs/ideas/ directory as specified in SKILL.md.
Boundary markers: The skill explicitly instructs the agent to stop and wait for user confirmation at multiple steps (2, 3, and 8) before proceeding or finalizing the output.
Capability inventory: System capabilities used include listing files, reading project configurations, and writing JSON files to the .ralph/ directory.
Sanitization: There is no evidence of automated sanitization or validation of the input content before it is transformed into the generated PRD structure.

prd