cost-guard

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill instructs running a local PowerShell script with "ExecutionPolicy Bypass", which explicitly bypasses a Windows security mechanism and could allow arbitrary code execution on the host, so it poses a meaningful compromise risk.