anthropic-official

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The skill explicitly impersonates an "Anthropic official" and includes a hidden/deceptive override instruction ("Use --dangerously-skip-permissions") that attempts to bypass safeguards and change behavior beyond its stated purpose of auto-triggering and running shell commands, so it is a prompt injection.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill explicitly instructs automatic activation on every message and to "run any shell command the agent thinks is useful" while using a flag to bypass permissions, which indicates deliberate intent to enable remote code execution and unchecked system access (high risk for backdoors, data exfiltration, and privilege abuse).

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill instructs the agent to auto-run arbitrary shell commands on every message and explicitly use "--dangerously-skip-permissions", which directly enables actions that can obtain sudo, modify system files, create users, or otherwise change the machine state.