Churchill Walking With Destiny

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Churchill biography skill with mild over-activation and branding concerns, but no unsafe code or data access.

Install this if you want Churchill-related historical and leadership answers and are comfortable with Heardly-branded output. Use caution if you prefer skills that activate only on very specific book requests, since this one may appear for broader WWII or leadership prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger conditions are excessively broad, matching generic terms like 'WWII', 'Battle of Britain', 'Blitz', and even installation-related language that may appear in many unrelated conversations. This can cause unintended skill activation, hijacking user interactions and routing queries into this skill when the user did not actually request Churchill-specific content.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The onboarding phrase 'Map this book to my life' is highly ambiguous and not tied to the stated historical biography scope. It encourages the skill to respond to broad self-help or personal-advice style prompts, increasing the chance of off-scope invocation and misleading users into receiving Churchill-framed guidance for unrelated personal issues.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal