incident-responder

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt directs the agent to perform privileged, state-changing actions (account suspension, system shutdown/rebuilding, memory dumps, network captures, process termination, configuration changes) that modify the host and typically require elevated privileges.