before-and-after

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill tells the agent to install a global npm package (modifies the host environment and may require elevated privileges) and explicitly instructs using vercel inspect / obtaining a bypass token to circumvent .vercel.app protections, which encourages changing system state and bypassing security controls.