ClawHub

Humanize Text

Security checks across malware telemetry and agentic risk

Overview

This text-rewriting skill does what it says, but it can send pasted text, stdin, or selected local files to Evolink's remote API without a runtime confirmation step.

Review before installing. Use this only for text you are comfortable sending to Evolink.ai, and avoid secrets, private documents, regulated data, source files, or internal drafts unless your policy permits that upload. A safer version would require an explicit confirmation or opt-in flag before sending file, stdin, or pasted content to the remote API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The README advertises very broad trigger phrases such as 'Make this sound more natural' and 'Rewrite this to sound like a real person wrote it,' which overlap with ordinary editing and rewriting requests. In an agent environment, broad invocation cues can cause the skill to activate unintentionally on sensitive drafts or unrelated user content, increasing the chance that private text is sent to the external API without deliberate user intent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README markets the feature as simple text rewriting but does not clearly warn that submitted content is transmitted to Evolink's external API for processing. This creates a data-handling transparency issue: users may provide confidential drafts, emails, reports, or other sensitive text without understanding that the content leaves the local environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script sends user-provided text, stdin, or file contents to a third-party API, but it does not present a clear user-facing disclosure or confirmation at the point of transmission. In a skill/agent context, this can cause accidental exfiltration of sensitive workspace data because users may think processing is local, especially since the tool reads files directly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal