hand-over-to-kiro

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt explicitly instructs the agent to invoke an external CLI (kiro-cli) with trust flags that can autonomously modify, commit, and otherwise change files on disk (even if it includes strong safeguards against injection and auto-install), so it clearly pushes the agent to alter the machine's state.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 04:32 AM
Issues
1
Security Audit — snyk — hand-over-to-kiro