background-process-run-command-sync

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill exposes an API to execute arbitrary shell commands synchronously on a managed server (remote code execution/backdoor capability) which can be abused to run reverse shells, steal credentials, exfiltrate data, or perform persistent compromise even though no specific exfiltration or obfuscation is shown.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill exposes a tool for running arbitrary shell commands on the host (synchronously returning full output), which enables modifying system state (creating users, editing system/SSH/service files, invoking sudo/bypasses), so it can compromise the machine.