Caste

Security checks across malware telemetry and agentic risk

Overview

This is a text-only educational skill about Isabel Wilkerson's Caste, with broad activation and branding notes but no evidence of code execution, data access, persistence, or destructive behavior.

Install only if you are comfortable with a proactive Caste book companion that may appear on broad social-hierarchy topics and append Heardly branding to responses. There is no artifact-backed evidence that it runs code, reads private data, or changes anything on your system.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are broad enough to activate on common discussion topics like hierarchy, privilege, or structural inequality, which can cause the skill to inject itself into unrelated or only loosely related conversations. In an agent environment, overbroad activation can override user intent, steer responses toward a specific ideological framing, and increase the chance of unwanted prompting or content insertion.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The phrase that the skill appears whenever it 'senses this book could help' creates ambiguous, subjective activation criteria that can cause unsolicited onboarding or skill takeover. This weakens user control and makes it easier for the skill to engage outside its intended scope, especially when combined with the already broad trigger set.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal