Humanizer 1.0.0
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: humanizer-1-0-0 Version: 1.0.0 The skill requests broad file system access via `allowed-tools` including `Read`, `Write`, `Edit`, `Grep`, and `Glob` in `SKILL.md`. While the detailed instructions within `SKILL.md` are complex and consistently align with the stated purpose of humanizing text, and do not contain any malicious prompt injection attempts or instructions for harmful actions, the extensive file system permissions granted create a significant attack surface. This capability, if combined with a malicious user prompt or another compromised skill, could potentially lead to unauthorized file access, modification, or data exfiltration, classifying it as suspicious due to the inherent risk rather than explicit malicious intent within the skill's own instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may help polish text, but it could also make AI-generated writing harder for others to recognize.
The skill transparently states that it is designed to make AI-written text appear more human, which is purpose-aligned but can affect downstream readers' trust if authorship disclosure is expected.
A Clawdbot skill that removes signs of AI-generated writing from text, making it sound more natural and human.
Use it for legitimate editing, and do not use it to misrepresent authorship where disclosure, academic rules, workplace policies, or publication standards require transparency.
If used on files, the agent could read or change documents rather than only rewriting pasted text.
The skill permits file reading, searching, and editing tools. This is consistent with document editing, but file modification authority should be directed and reviewed by the user.
allowed-tools:\n - Read\n - Write\n - Edit\n - Grep\n - Glob\n - AskUserQuestion
Provide text directly when possible, or name the specific files to edit and review changes before accepting or saving them.
Metadata inconsistencies can make it harder to confirm exactly which package or version is being installed.
The local metadata does not fully align with the supplied registry metadata, which lists a different owner ID and slug, while SKILL.md declares version 2.1.1. This is a provenance/versioning note; the artifacts do not show hidden code or unsafe install behavior.
"ownerId": "kn7fsrcz4428cmw3xb91h4t4dh7ztjxx",\n "slug": "humanizer",\n "version": "1.0.0"
Verify the package identity and publisher in the registry before installing, especially if relying on a specific trusted source.