v1.0.0

Russian Humanizer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:38 AM.

Analysis

This is a coherent Russian text-editing skill, with the main cautions being optional third-party text analysis and optional persistent style instructions.

GuidanceThis skill appears benign for local Russian text cleanup. Before installing, decide whether you want the optional Glavred integration, avoid sending confidential drafts to external analysis, and do not paste the anti-slop prompt into global AI instructions unless you want it to affect future writing tasks.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityInfoConfidenceHighStatusNote

anti_slop_prompt.md

вставьте этот промпт в раздел **System Prompt** или **Custom Instructions** ... "Твоя главная задача — писать максимально живым..."

The artifact recommends installing a strong style prompt into persistent AI instructions, which can influence future outputs beyond a single rewrite request.

User impactIf copied globally, the assistant may apply these Russian anti-slop rules to unrelated tasks where that style is not desired.

RecommendationUse the prompt only in a project or session where this writing style is wanted, rather than as a permanent global rule.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

README.md

openclaw plugins install https://github.com/Horosheff/russian-humanizer

The README instructs users to install the plugin from a GitHub URL, while the registry metadata lists the source as unknown.

User impactInstalling from a remote repository means the user depends on that repository's integrity and provenance.

RecommendationInstall from a trusted repository or reviewed package version, and avoid installing if the source cannot be verified.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityInfoConfidenceHighStatusNote

openclaw.plugin.json

"glavredApiKey": { "type": "string", "description": "API-ключ для интеграции с glvrd.ru (Опционально)" }

The plugin schema supports an optional API key for the Glavred integration, even though no required primary credential is declared.

User impactSupplying this key may grant the plugin access to the user's Glavred account or quota.

RecommendationProvide the API key only if you need the Glavred feature, store it in a trusted configuration, and rotate it if it may have been exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

index.ts

description: "Отправляет текст на анализ в официальный API Главреда (glvrd.ru)." ... fetch("https://api.glvrd.ru/v2/session"

The optional Glavred tool is explicitly designed to send the user's text to an external API for analysis.

User impactIf used on private drafts, the text may leave the local environment and be processed by glvrd.ru.

RecommendationUse the local analyzer for confidential text, and only use the Glavred integration when you are comfortable sending that text to the external service.