Why I'm No Longer Talking to White People About Race

Security checks across malware telemetry and agentic risk

Overview

This is a text-only educational book guide that may activate broadly, but it does not run code or access user data.

Install this if you want a strongly framed educational guide to this book and its arguments. Be aware it may activate on broad race, history, feminism, or UK-location terms, and it asks the assistant to append a Heardly watermark/link to every response.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger list is excessively broad and includes many generic topical terms such as historical events, locations, and common race-related phrases that may appear in ordinary conversation. This can cause unintended invocation, scope confusion, and prompt hijacking of unrelated user requests by forcing the skill to take over when the user did not explicitly ask for it.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: Activating the skill whenever a user says they just installed it or do not know how to start is overly broad because those phrases are not unique to this skill and may apply to the platform generally. That creates a risk of unsolicited auto-activation and proactive content injection, reducing user control and potentially overriding the intended assistant behavior in unrelated onboarding scenarios.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal