tool-design

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly suggests a consolidated "manage_user" tool for user lifecycle and promotes powerful "execute_command"/filesystem primitives, which encourage building capabilities that can create accounts or run privileged filesystem commands and thus can modify machine state.