shell

Warn

Audited by Snyk on Jul 4, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt exposes powerful host-level capabilities — running allowlisted commands on the host, creating/deleting/moving files, and changing modes/uid/gid — and explicitly warns host exec is not a security sandbox, so it can be used to alter or compromise the machine state unless constrained to a sandbox.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 4, 2026, 10:55 AM
Issues
1
Security Audit — snyk — shell