Missing User Warnings
Medium
- Confidence
- 90% confidence
- Finding
- This section documents privileged account-management operations such as creating and deleting users and groups, and enabling guest access, without any safety guardrails, confirmation requirements, or warning text. In an agent skill context, such ready-to-run root-level commands materially increase the risk of accidental privilege changes, account lockout, or unauthorized persistence if the agent is induced to execute them.
