toml-command-builder

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.75). The skill exposes arbitrary shell execution (!{...}) including explicit destructive examples (rm -rf {{args}}), file injection (@{...}), and a --yolo bypass for confirmations, and it writes command files to the filesystem — collectively enabling modification or destruction of the host state even without explicit sudo escalation.