deploying-ransomware-canary-files
Warn
Audited by Snyk on Mar 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill explicitly instructs the agent to place and modify decoy files across critical and system directories and lists "administrative access for placing canaries in system directories" as a prerequisite, which means it directs actions that change machine state and may require sudo-level access even though it is defensive in intent.
Issues (1)
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata