migrate-skill

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt directs destructive filesystem changes (rm -rf, cp, writing SKILL.md, modifying repo files) and explicitly tells the agent to create and execute a /tmp cleanup script that "bypass[es] sandbox restrictions" on .claude paths, which modifies/deletes local project state and circumvents protections even though it doesn't request sudo or create users.