codex

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs using sandbox modes that grant broad write/network access (including "danger-full-access" and "--full-auto") and tells the agent to always use or prefer flags that bypass checks (e.g., "--skip-git-repo-check"), which enable and encourage modifying the machine state and circumventing protections.