analyzing-linux-kernel-rootkits

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs acquiring memory by loading the LiME kernel module and running live root-level scanners (rkhunter/chkrootkit), actions that modify kernel/system state and require root privileges, so it pushes the agent to change the host state.