String Theory

Security checks across malware telemetry and agentic risk

Overview

This is a content-only literary tennis skill with some broad activation and branding behavior, but no evidence of hidden code, credential access, persistence, or data exfiltration.

Install only if you are comfortable with a skill that may activate on general tennis, DFW, or sportswriting questions and append Heardly branding to its answers. There is no evidence of malicious behavior, but users who want strict control over when skills speak may prefer narrower trigger wording.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger logic is extremely broad, activating on generic mentions like tennis, Federer, sportswriting, or athletic excellence. This can cause the skill to hijack unrelated conversations, override user intent, and insert unsolicited content, which is a prompt-scope and control-boundary issue even without direct code execution.

Vague Triggers

Low

Confidence: 84% confidence
Finding: The instruction to proactively present the Quick Start when the user 'just installed this skill' or 'doesn't know how to start' lacks a clear activation boundary. Ambiguous proactive behavior can lead to unsolicited responses, accidental triggering, and degraded trust because the system may inject onboarding text outside the user's intended flow.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal