Allen Carr Easy Way Quit Vaping

Security checks across malware telemetry and agentic risk

Overview

This is a text-only quit-vaping coaching skill with broad activation phrases, but no hidden code, data access, credentials, persistence, or account-changing behavior.

Install this only if you want Easyway-style quit-vaping coaching and are comfortable with its firm anti-substitute viewpoint. For severe nicotine dependence, pregnancy, medical conditions, psychiatric concerns, or medication interactions, use qualified medical support rather than relying on this skill alone.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger list is overly broad and includes generic terms like "vape," "vaping," "nicotine," "addiction," and even onboarding-style phrases such as not knowing how to start. This can cause the skill to activate in unrelated contexts, increasing the chance of unsolicited health guidance, misrouting user intent, and overshadowing more appropriate skills or default assistant behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal