codex-reference

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.35). The prompt includes explicit permission-escalation patterns, a "danger-full-access" sandbox mode and options to disable approval prompts (which could enable unrestricted system modifications), but it never instructs the agent to obtain sudo, create users, or edit system-level files—so it poses a moderate but not definitive risk of compromising host state.