No Logo

Security checks across malware telemetry and agentic risk

Overview

This is a text-only study skill about Naomi Klein's No Logo, with no code, persistence, credential handling, or data access found.

Before installing, expect the assistant to respond from Naomi Klein's No Logo framework and append the Heardly attribution watermark. Be aware that broad triggers may activate it during general discussions of branding, logos, sweatshops, or corporate power, and the listed crypto/wallet/credential tags appear mismatched with the actual artifact.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill declares very broad trigger phrases such as 'branding', 'sweatshops', 'corporate power', and 'logos', which are common terms that can appear in many unrelated conversations. This can cause the skill to activate outside user intent, leading to prompt hijacking of benign sessions, unwanted behavioral overrides, and increased exposure to any unsafe instructions embedded in the skill.

Vague Triggers

Low

Confidence: 88% confidence
Finding: The activation rule 'Also triggers when the user says they just installed this skill' is ambiguous because it does not require any topical relevance to the skill itself. A generic installation-related statement could activate the skill unexpectedly, causing unsolicited onboarding content or interference with another task the user is trying to perform.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal