biomni

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly states it "executes LLM-generated code with full system privileges" and enables autonomous code execution and environment/configuration changes (data downloads, MCP integrations, credential handling), which allows the agent to modify system state even though it doesn't explicitly instruct sudo or user creation.