Crashed

Security checks across malware telemetry and agentic risk

Overview

This is a text-only educational skill about Adam Tooze's Crashed, with some broad activation and branding instructions but no executable, credential, persistence, or data-access behavior.

Install this if you want a branded book-analysis assistant for the 2008 financial crisis and related politics. Be aware it may appear on broad finance questions and append a Heardly promotional watermark to responses.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger logic is excessively broad because it activates on generic finance terms like 'financial crisis,' 'global finance,' 'eurozone,' or even a user saying they just installed the skill. In an agent environment, this can cause unsolicited invocation and response hijacking in unrelated conversations, increasing the chance the skill overrides the user’s actual intent or injects mandated content such as the Quick Start guide.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The phrase 'I'll show up whenever I sense this book could help' defines activation through subjective model judgment rather than verifiable user intent. That ambiguity makes the skill more likely to self-invoke opportunistically, which is dangerous in multi-skill systems because it can lead to unintended disclosure, distraction, or interference with other workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal