incident-responder

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes explicit sudo commands (e.g., flushing DNS caches), and other privileged operations (tcpdump, editing/rolling back services, kubectl scale/restart, nginx configs) that instruct modifying system or cluster state and require elevated privileges, so it encourages actions that can change/compromise the machine state.