The Age Of Napoleon

Security checks across malware telemetry and agentic risk

Overview

This is a history and leadership guidance skill with no executable code or sensitive access, though its activation rules and branding are somewhat broad.

Installers should expect this skill to answer Napoleon-related history and leadership prompts and to append a Heardly watermark to responses. The main practical concern is over-activation on broad history or leadership language, not malware-like behavior or sensitive access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list is extremely broad and includes common historical terms, generic leadership phrasing, and even installation/onboarding conditions, which can cause the skill to activate when the user did not intend to invoke it. That creates prompt-routing confusion and can override the assistant's normal behavior, leading to irrelevant, unsolicited, or policy-conflicting responses in unrelated conversations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal