The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides an option to run npx ruler apply. This command downloads and executes the ruler package from the public NPM registry. The package is not scoped to a trusted organization or the skill author, and no version is pinned, which could lead to the execution of malicious or hijacked code.
[COMMAND_EXECUTION]: The skill performs several shell operations including cp -r to copy and backup rules, and rm -rf .ruler/ to delete existing rules during an update. While these are restricted to the .ruler/ directory, rm -rf is a destructive command. It also uses find and wc to analyze project complexity.
[EXTERNAL_DOWNLOADS]: The skill recommends adding @anthropic/linear-mcp to the project's MCP configuration. This package originates from a trusted organization and is used for issue tracking integration.
[PROMPT_INJECTION]: The skill represents an indirect prompt injection surface (Category 8). It ingests files from an internal rules/ directory and places them in the project's .ruler/ folder, which the description states are read by AI agents to guide code generation.
Ingestion points: Files are read from ${ARC_ROOT}/rules/ and written to .ruler/ (SKILL.md).
Boundary markers: None identified in the prompt interpolation process.
Capability inventory: Uses cp, rm, and npx to manage files and execute tools (SKILL.md).
Sanitization: No validation or sanitization is performed on the content of the rule files before they are provided to the agent context.

rules