The Cold War New History

Security checks across malware telemetry and agentic risk

Overview

This is a static educational Cold War history skill with no executable code, credentials, or high-impact permissions.

Installing this should be low risk. Expect Cold War-oriented responses and a Heardly-branded footer when the skill is invoked; if you want tighter behavior, prefer using it for clearly historical Cold War questions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list includes several broad, high-frequency terms such as "Berlin," "Cuba," and "Reagan" that can appear in many unrelated conversations. This can cause unintended skill activation, leading the agent to inject Cold War-specific behavior, formatting, and routing into contexts where it is not appropriate.

Vague Triggers

Low

Confidence: 78% confidence
Finding: The onboarding phrase "Map this book to my life" is highly vague and not clearly tied to Cold War content. If reused as an activation example, it may encourage invocation on unrelated personal-advice or general reflection queries, causing scope drift and unexpected behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal