Missing User Warnings
Medium
- Confidence
- 88% confidence
- Finding
- This template explicitly instructs the agent to write directly to AGENTS.md, which modifies persistent configuration and future agent behavior. Even though the purpose is security governance, prompting direct config edits without an explicit confirmation or warning can lead to unintended policy changes, persistence, or misuse if the template is reused in a different context.
