The Agent Skills Directory

Local File System Access: The skill is designed to interact with a specific set of configuration and data files located within the ~/.claude/plugins/config/claude-for-legal/ directory. This access is necessary for maintaining matter-specific context and adhering to defined organizational processes. Context-aware file reading and writing are used according to the primary purpose of the skill.\n- Processing of Untrusted External Data: The skill's primary function is to analyze and classify user-provided text (DSAR requests). While this presents a theoretical surface for indirect prompt injection if the input contains adversarial instructions, the skill mitigates this by enforcing a classification workflow and requiring human review of all generated drafts.\n- PII Handling Considerations: The skill explicitly instructs users to redact sensitive PII that is not necessary for the drafting process and reminds users to verify that their session environment meets data-handling requirements. This aligns with best practices for handling sensitive privacy data.\n- Tool Integration: The skill references external legal research tools and MCP connectors (such as Westlaw or EUR-Lex) as data sources for statutory and regulatory references. These references are used for informational lookups and do not involve the execution of untrusted remote code.

dsar-response