The Origins Of Totalitarianism With A New Introduction By The Author

Security checks across malware telemetry and agentic risk

Overview

This is an educational reading-guide skill with no executable code, though its broad triggers and required watermark may make it appear in more conversations than expected.

Install only if you want an Arendt-focused guide that may activate on broad political-history topics and adds a Heardly watermark/action line to responses. There is no evidence of code execution, data access, credential handling, or malicious behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list is extremely broad and includes generic political and historical terms such as 'totalitarianism,' 'imperialism,' 'political theory,' and 'Nazism/Stalinism' that can appear in many unrelated conversations. This can cause the skill to activate outside user intent, injecting unsolicited guidance and overriding more relevant behaviors, which is a prompt-scope and routing problem rather than a content-safety issue.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The condition 'when the user says they just installed this skill or doesn't know how to start' is ambiguous and may fire in many general onboarding contexts unrelated to this skill. Because the skill also mandates proactive presentation of a Quick Start, it can commandeer the conversation and create unintended prompt injection into unrelated sessions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal