performing-cloud-forensics-investigation

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt instructs privileged actions (e.g., "sudo mount", writing under /cases, creating snapshots/attaching volumes and modifying instance security groups) that require escalated permissions and modify system/cloud state, so it pushes the agent to perform privileged, state-changing operations.