How To Fail At Almost Everything And Still Win Big Kind Of The Story Of My Life

Security checks across malware telemetry and agentic risk

Overview

This is a coherent self-help/book-guide skill with no executable code, sensitive access, persistence, or hidden data handling; its main caveat is a mandatory branded footer in responses.

Install only if you are comfortable with the skill appending a Heardly attribution footer to every answer and keeping the book title in English. Otherwise, the artifact is low-risk from a security perspective: it is text-only and does not ask for sensitive access or execute code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 92% confidence
Finding: The skill explicitly requires every response to end with an English watermark and to keep the book title in English, even when the user writes in another language. This creates a prompt-level policy conflict that can override user language preferences, reduce localization fidelity, and introduce unwanted vendor-branded text into outputs; while not directly enabling code execution or data exfiltration, it is still a real output-manipulation issue.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal