ClawHub
Back to skill
v1.0.0

Verified Humanizer New

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 11:10 AM.

Analysis

This skill is a coherent local text-rewriting workflow with privacy guardrails, with only minor notes about optional verification, a bootstrap hook, and packaging metadata consistency.

GuidanceThis appears safe for local text rewriting. Before installing, confirm the package identity because metadata is inconsistent, and if you use optional verification, make sure only evaluation metrics—not the actual text—are sent.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack
SeverityInfoConfidenceHighStatusNote
hooks/openclaw/handler.js
return { role: "system", content: "[Verified Humanizer] Rewrite locally, measure before/after changes, and only verify structured metrics if verification is needed. Never send original or rewritten text to external verification." };

The hook can add a system-role instruction when active. The instruction is limited to the skill's stated workflow and privacy constraints, so it is a notice rather than a concern.

User impactWhen the skill is active, the agent may receive an extra high-priority reminder about how to perform the rewriting workflow.
RecommendationInstall only if you are comfortable with the skill adding this limited workflow reminder to the agent context.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
_meta.json
"ownerId": "kn71nqqcxyxyst7f2s3f2nzz0h80jf78", "slug": "verified-humanizer", "version": "0.0.7"

The packaged metadata does not match the supplied registry metadata for owner, slug, and version, which lists a different owner ID, slug 'verified-humanizer-new', and version '1.0.0'.

User impactThe package identity is slightly inconsistent, which can make provenance and version tracking less clear.
RecommendationConfirm that this package is the intended release before installing or distributing it.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
If verification is used, send only structured evaluation data ... do not include text content ... verification is optional

The skill allows an optional verification step that may send evaluation metrics outside the local rewrite flow, while explicitly forbidding raw original or rewritten text.

User impactIf optional verification is used, some non-text metrics about the transformation may leave the local session.
RecommendationUse verification only with a trusted verifier, and keep original and rewritten text out of that flow as the skill instructs.