Undetectable AI
Security checks across malware telemetry and agentic risk
Overview
The code appears to be a local text tool, but the skill is explicitly designed to help AI-generated writing evade detectors and pass as human-written.
Avoid installing this skill if you need policy-compliant or transparent writing assistance. The reviewed code does not show data theft or hidden network behavior, but the skill’s stated purpose is to deceive AI-detection systems and downstream reviewers.
VirusTotal
55/55 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill could mislead teachers, reviewers, platforms, or detection systems about whether text was AI-generated and may violate submission or platform rules.
The skill directly states that it is intended to evade detection systems and make AI-generated text appear human for submission.
Use to bypass AI detection, evade checkers, or humanize text before submission.
Do not approve or use this skill for evasion or undisclosed submission. If the goal is legitimate editing, reframe it as transparent style cleanup and remove bypass/evasion instructions.
The agent can run the CLI on local files and write transformed outputs, including batch processing if the user follows the examples.
The skill requests local file and shell capabilities. These are expected for a CLI that reads and rewrites documents, but they allow processing and creating modified files.
allowed-tools: - Read - Write - StrReplace - Shell - Glob
Run it only on intended files, avoid sensitive documents, and review all output before sharing or submitting it.
Installation may fail or pull packages from npm depending on how it is run.
The skill asks users to install npm dependencies before use. A package-lock is provided, but dependency installation still introduces supply-chain exposure, and the command appears to run from scripts while package.json is at the package root.
cd scripts && npm install
Install only after inspecting the package files, prefer the checked-in lockfile, and correct the setup instructions to run from the directory containing package.json.