gemini-cli-execution

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill explicitly guides the agent to execute arbitrary shell commands (including examples like "npm install untrusted-package"), enables interactive shell use and an "auto-approve" (--yolo) flag for tool calls, which can modify the host state even though it does not explicitly request sudo, user creation, or editing system-level configs—so it poses a moderate risk of compromising machine state.