activation

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill enforces a mandatory, pre-response mechanism to locate, read, and execute external "skills" (via a Skill tool or by reading SKILL.md files under a plugin root/CLAUDE_PLUGIN_ROOT) and includes a CRITICAL-OVERRIDE that disallows skipping invocation, which creates a clear and intentional vector for arbitrary/remote code execution, backdoors, and data-exfiltration if those skill files or plugins are malicious.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). This activation prompt mandates immediately locating, invoking, and "executing skill instructions" (including reading SKILL.md files under plugin-root) before any response, effectively forcing the agent to run arbitrary external protocols that could request sudo, modify system files, or create users, so it presents a high indirect risk to the machine state.