benchmark-sandbox

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.40). The prompt instructs the agent to bypass agent-level permission checks (use --dangerously-skip-permissions), write auth tokens and install global packages and run commands that change the sandbox filesystem, but it does not request sudo, modify system-level files that require root, or create new OS users.