Dark Money The Hidden History Of The Billionaires Behind The Rise Of The Radical Right

Security checks across malware telemetry and agentic risk

Overview

This is a topical book companion with broad but disclosed political triggers and no code, credential access, persistence, or hidden external actions.

Installers should know this skill may appear during broad political-money or campaign-finance conversations and appends Heardly branding to outputs. From a security standpoint, it is proportionate: it is text-only guidance with no executable behavior, credentials, persistence, or hidden data handling.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill declares activation on generic phrases such as "campaign finance," "political spending," "billionaires," and "conservative movement," and further expands scope with "or mention" plus a proactive onboarding condition. These triggers are broad enough to match many ordinary conversations unrelated to intentionally invoking this specific skill, and the file does not provide exclusion conditions or negative examples to narrow activation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal