ClawHub

Bury My Heart At Wounded Knee

Security checks across malware telemetry and agentic risk

Overview

This is a text-only book framework skill with no hidden code or system access, though its broad activation and charged historical framing deserve user awareness.

Install only if you want a strong historical and advocacy-oriented lens based on this book. For real legal, safety, workplace, or community conflicts, treat its recommendations as reflective prompts, not professional advice, and ask the agent to slow down or use a neutral framework when the analogy feels overstated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are broad enough to match common real-world complaints such as broken promises, unfair systems, or erased culture, causing the skill to activate outside a clearly bounded historical or educational context. That can steer unrelated legal, political, or interpersonal situations into a charged framework about oppression, resistance, and betrayal, increasing the risk of inappropriate advice or unintended ideological persuasion.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The phrase that the skill will appear whenever it 'senses this book could help' creates an ambiguous, subjective activation rule with no clear safety boundary. In practice, this encourages unsolicited intervention in sensitive disputes and may override user intent by inserting the skill's worldview into ordinary conversations where it was not requested.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal