team-management

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The create-team.sh script explicitly pulls the Leader's AGENTS.md from external storage at runtime (mc cp "${HICLAW_STORAGE_PREFIX}/agents/${LEADER_NAME}/AGENTS.md" → "${_leader_agents_tmp}") and then injects/pushes that file into the running Leader container, meaning remote MinIO-hosted content can directly control the agent's prompts/skills.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs creating files under /root and running scripts in /opt (and references deleting containers), which are privileged, state-changing operations that can modify the host system and therefore pose a high security risk.