powershell-security-hardening

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs configuring system-wide security features (GPO changes, AppLocker/WDAC, enabling script block logging/transcription, registering JEA endpoints, etc.), which require elevated privileges and modify the machine's state, so it pushes the agent to perform privileged system changes.