network-forensics

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs changing binary capabilities with "sudo setcap cap_net_raw+ep ..." and directs live captures on network interfaces (operations that require elevated privileges and modify system state), which pushes the agent to perform privileged, state-changing actions.