Skills
skills/sirn/dotfiles/claude-code-reference/Snyk

claude-code-reference

Warn

Audited by Snyk on Mar 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.95). The prompt explicitly instructs how to escalate and grant broad Edit/Bash permissions (including Bash(*), --allowedTools expansion and a "bypassPermissions"/dontAsk mode) and shows patterns for resuming sessions with elevated capabilities, which enables the agent to execute arbitrary commands and modify system files and thus can compromise the machine state.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 12:57 PM
Issues
1
Security Audit — snyk — claude-code-reference