detecting-container-escape-attempts

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt instructs installing and configuring host-level security tooling (Helm install, Falco rules in /etc, /etc/audit/rules.d, seccomp profiles, kernel/module operations) which require root privileges and modify system files and kernel state, so it directs actions that change the machine state.