tool-design

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill explicitly advocates providing a general "file system" or command-execution tool that lets agents run Unix utilities to "explore and operate on the system," which enables arbitrary state-changing commands (including privileged or destructive actions) even though it doesn't explicitly instruct sudo escalation or user creation.