Incorrect rule format?

[3ch035]

The file 11_file_create\include_cve_2021_40444.xml appears to have a outside of the , I cant find other rules like this. Is this an error in the module?

Additonally, as show below the file 10_process_access\include_hook_check.xml is missing a condition, but I am not certain if this is an error?

Discussed in #191

^{Originally posted by 3ch035 November 15, 2023}
I am having trouble finding documentation on how rules lacking a condition work? Such as the ones in:
"sysmon-modular\10_process_access\include_hook_check.xml"
<GrantedAccess name="technique_id=T1055.012,technique_name=Process Hollowing">0x0800</GrantedAccess>