The skill prompts the agent to compromise the security or integrity of the user’s machine by modifying system-level services or configurations, such as obtaining elevated privileges, altering startup scripts, or changing system-wide settings.

Why it was flagged

Attempt to modify system services in skill instructions detected (medium risk: 0.60). The prompt explicitly includes a capability eval "Can create new user account," which could direct an agent to create system-level users or otherwise modify machine state, so it poses a non-trivial risk though most other instructions are project-level eval mechanics and non-privileged.

Report incorrect finding

Audited: 4 days ago
Security analysis