Falco Runtime Security Monitor

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill describes installing and configuring kernel-level eBPF probes and automated responses such as pod termination and network-policy enforcement which require privileged access and actively modify host/cluster state, so it poses a significant risk of prompting the agent to perform privileged, state-changing operations.