sdr-email-sms-playbook
Warn
Audited by Snyk on Jul 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill explicitly instructs the agent to write a JSON "outcome sidecar" to ~/.claude/... (outside the repo) and even notes a PreToolUse hook that bypasses external-path protections, which directs the agent to modify persistent filesystem state and evade sandboxing — a potentially unsafe persistence/exfiltration vector.
Issues (1)
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata