minecraft-server-admin

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs at runtime to download and run the Paper server JAR via curl (https://api.papermc.io/v2/projects/paper/versions/1.21.1/builds/latest/downloads/paper-1.21.1-latest.jar), which fetches remote executable code that is then executed (java -jar), satisfying the conditions for a runtime external dependency that executes remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes explicit privileged/system-level instructions (e.g., "sudo ufw allow", installing Wings into /usr/local/bin, Docker installation/use, writing to /opt and /var, and adding cron jobs) that direct the agent to modify the host firewall, install daemons, and change system files requiring elevated privileges.