Back to skill

Security audit

Paper Polisher

Security checks across malware telemetry and agentic risk

Overview

This does not look like malware, but it is explicitly designed to help academic writing avoid AI-detection signals.

Install only if you are comfortable with a tool whose central workflow is reducing AI-detection signals in academic writing. It appears local and user-directed, but users should not use it to misrepresent authorship, bypass institutional rules, or process confidential manuscripts without authorization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger list contains broad phrases such as general writing-help and paper-polishing requests that can match ordinary academic assistance, increasing the chance the skill is invoked in contexts the user did not intend. In this skill, that matters because the advertised functionality includes AI-detection evasion and concealment of machine-generated text, so overbroad activation can route benign requests into misuse-oriented behavior.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The skill encourages analysis of academic manuscripts but does not clearly warn users that papers may contain unpublished research, personal data, regulated content, or confidential institutional material. Even though the text claims '100% Local' and 'Zero Upload,' the absence of explicit sensitivity handling guidance increases the risk of unsafe processing, mishandling of confidential manuscripts, or inappropriate use in restricted environments.

Ssd 2

Medium
Confidence
97% confidence
Finding
The skill is explicitly marketed around 'reduce ai detection,' 'remove AI traces,' and 'humanize AI text,' which indicates an evasion objective rather than ordinary proofreading or style editing. That makes the skill dangerous because it facilitates concealment of AI-generated academic work from reviewers, institutions, or detection systems, enabling academic dishonesty and policy circumvention.

Ssd 2

High
Confidence
99% confidence
Finding
The documented 'De-AI Rewriting' workflow provides systematic instructions for altering text features that detectors use while preserving meaning, which is effectively an operational guide for evading AI-authorship detection. The surrounding context makes this more dangerous, not less, because the rest of the skill pairs detection, paragraph scoring, and targeted rewriting into a closed-loop evasion pipeline for academic manuscripts.

Ssd 2

Medium
Confidence
98% confidence
Finding
These sections explicitly describe how to rewrite text to lower AI-detection scores, including removing signature phrases, varying sentence structure, and 'humanizing' output. That is detector-evasion guidance, which can enable academic fraud, policy circumvention, and concealment of AI-generated content while preserving deceptive intent.

Ssd 2

Medium
Confidence
97% confidence
Finding
The trigger phrases and marketing language center on '降AI检测', '去除AI痕迹', and '人化AI文本', which position the skill as a tool for defeating AI-authorship detection rather than neutral proofreading. In context, this increases danger because the whole workflow is aimed at helping users disguise AI-generated academic writing.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.