The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data by reading project files like README.md and package.json to extract context for PRD generation.
Ingestion points: The skill reads various project documents in Phase 1 and Phase 2 using the Read tool.
Boundary markers: The skill does not utilize explicit delimiters to wrap untrusted content during the PRD generation phase.
Capability inventory: The skill has the ability to Write files to the local disk and execute Bash commands, including creating issues on GitHub.
Sanitization: Risk is mitigated by the inclusion of AskUserQuestion prompts in Phase 2.2 and Phase 4.4, which require the user to confirm inferred project details and approve the creation of external GitHub issues.
[COMMAND_EXECUTION]: The skill utilizes shell commands for legitimate project management tasks.
Evidence: Uses fd for file discovery, jq for manifest updates, and gh for GitHub issue creation. These commands are localized to the project environment and the user's authenticated GitHub session.
[EXTERNAL_DOWNLOADS]: The skill interacts with GitHub's official API via the gh CLI to track documentation progress. This utilizes a well-known service for its intended purpose in a development workflow.

blueprint-derive-prd