hand-over-to-kiro
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt explicitly instructs the agent to invoke an external CLI (kiro-cli) with trust flags that can autonomously modify, commit, and otherwise change files on disk (even if it includes strong safeguards against injection and auto-install), so it clearly pushes the agent to alter the machine's state.
Issues (1)
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata