The Code Of The Extraordinary Mind

Security checks across malware telemetry and agentic risk

Overview

This is a content-only self-help skill with no executable code, data access, persistence, or privileged behavior, though its activation wording is broad.

Install only if you want a book-themed self-help assistant that may respond to broad topics like growth, spirituality, flow, or intuition. Expect promotional Heardly attribution in responses; no local access or executable behavior was found.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The manifest says the skill triggers not only on specific book-related terms, but also on broad phrases like "personal transformation," "spirituality," "growth," "flow," "intuition," and when a user says they just installed the skill or does not know how to start. These conditions overlap heavily with ordinary conversation and do not include narrowing constraints or exclusions, making accidental invocation likely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal