ClawHub

Essay Humanize Iterator

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it is built to rewrite essays so they are less likely to be flagged as AI-written and it can trigger on broad writing-help requests.

Install only if you deliberately want a local essay style-scoring and rewriting workflow and understand that it is optimized around AI-detector signals. Do not use it to misrepresent authorship or bypass school, workplace, platform, or review policies. Consider narrowing the triggers and adding explicit acceptable-use checks before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (13)

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
The README explicitly advertises iterative rewriting to reduce AI-detector hits by removing recognizable AI-writing patterns and matching human baselines, which is functionality aimed at evading detection rather than improving ordinary style alone. In context, the detailed metrics, thresholds, and trigger phrases make the evasion goal operational and scalable, increasing the likelihood of academic fraud, policy circumvention, or deceptive content laundering.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The description defines a broadly scoped skill that can be invoked to iteratively rewrite essays so they fall within human-writer baselines and reduce AI-detection false positives, but it does not specify clear boundaries, authorized use cases, or exclusions. In practice, this can enable misuse for evading academic, platform, or compliance-related AI-origin detection systems, especially because the stated goal is optimization against detector signals rather than ordinary proofreading alone.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation criteria are broad enough to catch ordinary writing-assistance requests, which increases the chance the skill runs without clear user intent to invoke an AI-detector-evasion workflow. In this skill's context, overbroad activation is more dangerous because the core function is to reduce detectable AI-writing signals, making accidental invocation a policy and misuse risk rather than a mere UX issue.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Several listed keywords are generic writing-help phrases that can match routine editing requests, causing the skill to activate in situations where users did not request detector-evasion functionality. Because the skill is specifically designed to minimize AI-pattern scores, generic triggers increase the likelihood of unauthorized or unintended assistance in concealing AI-generated text.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is explicitly designed to reduce detectable AI-writing patterns, but it does not warn users about academic-integrity, deception, or policy risks. That omission makes misuse more likely by normalizing detector-evasion as ordinary writing assistance and reducing friction for harmful or dishonest use cases.

Vague Triggers

Medium
Confidence
92% confidence
Finding
These trigger phrases are broad enough to match ordinary writing-help requests rather than a narrowly scoped skill invocation. That can cause unintended activation of this skill in unrelated contexts, leading to misrouting, unexpected behavior, or abuse of the skill’s capabilities when users did not explicitly intend to invoke it.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The Chinese triggers include common editing and polishing terms that are widely used in benign everyday writing workflows. Because they are not specific to a distinct skill function, they can cause accidental activation for normal user requests, expanding the skill’s reach beyond intended scenarios and increasing the chance of inappropriate handling or policy bypass through trigger collision.

Ssd 2

Medium
Confidence
98% confidence
Finding
The skill is explicitly framed around rewriting essays to reduce AI-detector identification by removing AI-like signals and aligning output with human baselines. That is a classic concealment/evasion use case: even if described as avoiding false positives, the operational effect is to help users disguise AI-assisted authorship and defeat detection mechanisms relied on by schools or reviewers.

Ssd 2

Medium
Confidence
98% confidence
Finding
The workflow operationalizes evasion by measuring AI-pattern scores, applying targeted rewrites to reduce them, and iterating until thresholds are met. This creates a closed-loop optimization system for bypassing detectors, which materially increases misuse potential compared with ordinary editing because it provides systematic feedback for concealment.

Ssd 2

Medium
Confidence
97% confidence
Finding
The trigger list includes multiple English and Chinese paraphrases for reducing AI traces, lowering AI style scores, and humanizing text, showing deliberate discoverability for detector-evasion requests. Multilingual trigger coverage increases abuse reach and makes the skill easier to invoke for concealment across a wider user population.

Ssd 2

Medium
Confidence
96% confidence
Finding
The stated purpose is to iteratively rewrite text to minimize AI-detector false positives by removing stereotypical AI patterns and aligning with human-writing norms. In context, this is a detector-evasion capability: it helps transform machine-generated or suspect text so it is less likely to be flagged by downstream authenticity checks.

Ssd 4

Medium
Confidence
97% confidence
Finding
The workflow operationalizes evasion through a closed-loop process: measure, rewrite, re-measure, and repeat until the text passes detector-oriented thresholds. This iterative optimization materially increases effectiveness because it gives users systematic feedback for converging on text that is less likely to be identified by heuristic detectors.

Ssd 2

Medium
Confidence
97% confidence
Finding
The iteration strategy explicitly instructs removal of high-weight detector features and targeted semantic or syntactic adjustments to avoid pattern-based identification. Because the guidance is specific and staged, it meaningfully improves a user's ability to evade screening systems rather than merely improve prose quality.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal