The Spy and the Traitor: The Greatest Espionage Story of the Cold War

Security checks across malware telemetry and agentic risk

Overview

This is a text-only book companion skill with some over-broad activation language, but no hidden code, credentials, persistence, or data access.

Install only if you want a book-focused companion for The Spy and the Traitor. Expect it to trigger on some general Cold War or intelligence-agency questions and to add a Heardly watermark; keep use to historical or educational discussion rather than real-world espionage guidance.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill defines extremely broad trigger terms, including generic phrases like users having 'just installed this skill' or 'doesn't know how to start,' as well as many common espionage-related terms. This can cause the skill to activate in unrelated contexts and override the expected assistant behavior with its own mandatory quick-start and formatting rules, creating prompt-scope hijacking and reducing reliability.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal