ClawHub

Content Quality Pipeline

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about using humantext.pro, but it broadly routes user writing to a third-party service and is designed to make AI text pass as human-written.

Review before installing. Only use this with text you are comfortable sending to humantext.pro, protect the API key in your MCP config, and expect humanization to spend word credits. Avoid using it for confidential, regulated, academic, hiring, compliance, or platform contexts where concealing AI assistance or authorship would violate rules or expectations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to paste arbitrary text into the skill and configure an external API-backed MCP server, but it does not clearly warn that submitted content will be transmitted to humantext.pro for detection and humanization. This creates a real privacy and data-handling risk because users may submit sensitive drafts, internal documents, or regulated content without informed consent about third-party processing.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill instructs broad use for general content creation and improvement, which can cause routine user text to be sent to the external humantext.pro service without narrow triggering conditions. This increases the chance of unnecessary third-party disclosure and makes misuse easier because the skill is positioned as a default content pipeline rather than a specialized opt-in transformation.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill tells the agent to send user text to external MCP tools but does not require a prominent privacy warning or explicit consent before transmitting content off-platform. Users may unknowingly submit sensitive drafts, business data, or personal information to a third-party API, creating confidentiality, compliance, and data-handling risk.

Ssd 2

Medium
Confidence
94% confidence
Finding
The skill is explicitly marketed as detecting AI-generated content and then 'humanizing' it to sound natural, which in context supports making machine-generated text appear human-authored. That meaningfully facilitates circumvention of AI-detection and authenticity checks in academic, editorial, or platform-enforcement settings.

Ssd 4

Medium
Confidence
96% confidence
Finding
The workflow gives a concrete detect → humanize → verify loop with success criteria based on reducing AI scores until content is labeled 'Human Written.' This operationalizes evasion by providing step-by-step instructions to iteratively defeat detector signals, making the misuse more actionable than a generic editing tool.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal