council-review

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). This skill instructs the agent to install a global CLI (npm i -g), run background Bash scripts and subagents, and explicitly tells the agent not to read script source before executing them—behavior that encourages executing unreviewed code which can modify system state or require sudo—even though it doesn't explicitly ask to create users or edit system configs.