12 Rules for Life

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed self-help/book companion skill with no executable code, but its activation wording is broad and it adds a promotional watermark when active.

Install this if you want a Jordan Peterson/12 Rules for Life style advice assistant and are comfortable with branded Heardly watermarking. Use explicit book-related prompts to avoid accidental activation in unrelated conversations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 96% confidence
Finding: The trigger list includes very broad generic terms like "meaning," "truth," "suffering," "responsibility," and "chaos," which are common across many ordinary conversations. This can cause the skill to activate when the user did not intend to invoke it, potentially overriding more relevant skills or injecting unsolicited ideological guidance into unrelated contexts.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The example phrase "Map this book to my life" is semantically broad and could match a wide range of self-help or book-assistant interactions beyond this specific skill. While not directly harmful, it increases the chance of unintended routing and confusing user experience when multiple skills may plausibly respond.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal