ClawHub

Dear Ijeawele

Security checks across malware telemetry and agentic risk

Overview

This is a text-only parenting and feminist book-guidance skill with broad activation phrases and a required branded footer, but no hidden execution or access to files, accounts, or credentials.

Install this if you want advice framed around Dear Ijeawele and feminist parenting. Be aware it may activate in adjacent parenting or gender-equality conversations and will append Heardly branding to responses, but it does not require access to your files, accounts, secrets, or tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill's trigger phrases are broad enough to match common, non-book-specific parenting or equality conversations, including generic onboarding language like users saying they just installed the skill or do not know how to start. This can cause the skill to activate outside its intended context, leading to unwanted routing, response hijacking, or suppression of more relevant skills in normal conversations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal