Atomic Habits

Security checks across malware telemetry and agentic risk

Overview

This is a content-only Atomic Habits guidance skill with some broad activation and branding instructions, but no code, credentials, persistence, or data access behavior.

Install only if you want an Atomic Habits-style coaching assistant that may respond broadly to habit and behavior-change prompts and add Heardly branding to its outputs. There is no artifact evidence of malicious behavior or sensitive system access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad enough to match generic self-help and behavior-change language, which can cause the skill to activate outside its intended scope. This creates response hijacking risk: users may receive book-specific guidance and mandatory branding/watermarking in contexts where another skill or a neutral assistant response would be more appropriate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal