claude-code-mastery

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill explicitly enables write-capable agents, automatic hook execution (running arbitrary shell commands without approval), an "Yolo" allow-all permission mode, and a server-filesystem for access beyond the project—configurations that can enable an agent to modify files or execute destructive commands on the host if misused—so it meaningfully increases risk of compromising machine state even though it doesn't directly instruct sudo or user-creation.