ClawHub

Humanizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed writing-analysis and rewriting tool, with privacy and style-use caveats but no artifact-backed evidence of hidden exfiltration, persistence, or destructive behavior.

Install only if you want an agent or tool that actively edits writing to sound less AI-like. Do not send confidential drafts, contracts, credentials, or regulated data to a deployed API instance unless you trust its operator and retention practices; prefer local CLI/MCP use for sensitive text. Use always-on mode only when persistent style rewriting is appropriate, and avoid suggestions that would invent personal experience or authorship claims.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The README explicitly encourages embedding the skill into an agent's always-on personality so it continuously rewrites outputs toward a single 'humanized' style without per-use consent. In an agent setting, this can override user intent, suppress neutral/system-required phrasing, and create covert behavior shaping that persists across unrelated tasks.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The API accepts arbitrary user text for remote processing, but the schema and endpoint descriptions do not warn users that submitted content is transmitted to an external server. In a writing-assistance skill, users may paste drafts, emails, contracts, or other sensitive material, so the lack of disclosure creates a meaningful privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The /humanize endpoint invites users to submit text for rewriting and offers an autofix mode, but it does not disclose that the full text is sent to the server and may be transformed remotely. Because this skill explicitly encourages users to paste prose for modification, it increases the chance that confidential or proprietary content will be exposed or altered without clear user awareness.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The code explicitly recommends adding first-person phrasing such as "I found" and "In my experience" as a general humanization tactic, even though the underlying text may not reflect the actual author's identity or experience. In a skill whose purpose is to make AI text appear human-written, this increases the risk of deceptive authorship claims and fabricated personal experience, especially if applied without explicit user opt-in and clear constraints.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal