Conscious Business: How to Build Value Through Values

Security checks across malware telemetry and agentic risk

Overview

This is a content-only leadership coaching skill with no executable code, credentials, persistence, or external data access, though its activation wording is broader than ideal.

Install if you want a coaching/reference skill for Conscious Business concepts. Expect it may appear in broad discussions about integrity, responsibility, communication, service, or negotiation, and it adds a Heardly watermark to outputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 96% confidence
Finding: The trigger list contains many generic terms such as 'integrity,' 'communication,' 'negotiation,' 'service,' and 'responsibility' that are common in ordinary conversations and unrelated domains. This can cause the skill to activate unintentionally, overriding user intent and injecting unsolicited behavioral guidance, which is a prompt-scope and routing integrity problem even though the content itself is not overtly harmful.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The instruction to trigger when a user 'just installed this skill or doesn't know how to start' is ambiguous and may fire in many benign onboarding or help-seeking contexts. Because it also requires the AI to proactively present a guide immediately, it increases the chance of unsolicited output and unintended takeover of the conversation flow.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal