powershell-2025-changes

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt includes explicit commands that write to system locations (e.g., HKLM, C:\Windows\System32\SIPolicy.p7b), register JEA endpoints, deploy WDAC policies, and install system modules—actions that modify system files/configuration and require administrative privileges, so it pushes the agent to change the machine state.