terminal

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The script contains no explicit exfiltration or obfuscated payloads, but it intentionally accepts and executes arbitrary shell commands from external input (bash -c "$COMMAND"), which is effectively remote code execution/backdoor functionality that can be abused for data exfiltration, credential theft, reverse shells, or system compromise.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill exposes an arbitrary shell execution capability (runs any command the agent is given), which can be used to obtain sudo, modify system files, create users, or otherwise alter the machine state and thus poses a high risk.