write

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The Write tool explicitly allows creating new files at arbitrary absolute paths (with parent directories auto-created) and contains no restrictions on system locations or sudo, so it can be used to modify system files and otherwise change the host state.