co-design

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly routes tasks to a background CLI agent with allowedTools including Bash/Read/Edit/Write and instructs agents to edit files, run shell commands, and commit changes — which enables arbitrary filesystem and process changes (and potential privilege escalation) even though it doesn't explicitly ask for sudo or specific system-file edits.