ClawHub

Humanizer-zh (Elatia Enhanced)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese writing-editing skill with no executable code, network behavior, credential access, persistence, or hidden destructive actions.

Install only if you want a style editor that can make text sound less AI-generated. Review any file edits it makes, be careful with formal or policy-governed writing, and separately review the referenced narrative-voice skill if that integration is present in your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to read another local skill file, which expands its data-access scope beyond the declared humanization task. Cross-skill file access can create prompt-surface chaining, where instructions or sensitive content from another skill influence behavior unexpectedly, increasing the risk of data exposure or instruction injection.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad, generic editing requests such as '润色' and '改写', which can match many ordinary user intents unrelated to removing AI-detection signals. That makes the skill likely to activate in situations where the user only wants normal copyediting, causing unrequested transformation of content toward 'less detectable' AI-authorship characteristics.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are broad, common expressions such as requests to polish or rewrite text, which can cause the skill to activate in situations outside its intended scope. Over-broad triggering can apply this skill to sensitive, formal, or safety-relevant content and alter outputs in ways the user did not intend.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The metadata.trigger field is high-level and lacks operational boundaries or negative examples, making routing decisions ambiguous. That ambiguity increases the chance of accidental invocation and inappropriate rewriting of content that should remain formal, verbatim, or minimally edited.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The description uses very broad trigger phrases such as “润色”, “改写”, and “更像人写的”, which overlap with many ordinary editing requests. This can cause the skill to activate in situations where the user did not specifically ask to remove AI-detection signals, potentially overriding user intent and routing general writing tasks into a behavior designed to obfuscate machine-generated text.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal