Verified Humanizer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a benign local writing-rewrite skill, with only minor notes about its hook, helper script, optional metrics-only verification, and package provenance.
This skill looks safe for local rewriting and evaluation. Before installing, verify the publisher/version because the packaged metadata differs from the registry, and only use optional verification if you are sure it sends metrics rather than the original or rewritten text.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may remind the agent to keep work local and avoid sending raw text to verification services.
The skill includes a hook that can add a high-priority instruction to the agent. The instruction is disclosed and aligned with the skill’s privacy-first rewriting purpose.
return { role: "system", content: "[Verified Humanizer] Rewrite locally, measure before/after changes, and only verify structured metrics if verification is needed. Never send original or rewritten text to external verification." };Accept the hook only if you want this session-level reminder; review hook files before enabling them in sensitive environments.
It may be harder to confirm exactly which publisher or version produced this package.
The packaged metadata does not match the supplied registry metadata, which lists a different owner ID and version. This is a provenance/version ambiguity, not evidence of malicious behavior.
"ownerId": "nutstrut", "slug": "verified-humanizer", "version": "2.0.0"
Verify the package source, owner, and version in the registry before installing.
If you run the helper, your supplied text is processed by local shell tools.
The package includes a local shell helper that counts writing patterns in provided text. It is purpose-aligned and shows no network calls, eval, file writes, or destructive behavior.
printf '%s' "$TEXT" | grep -Eio "$pattern" | wc -l
Run the script only locally and only on text you intend to inspect; avoid including secrets in drafts unless necessary.
If optional verification is used, evaluation metrics may leave the local environment, while the original and rewritten text should remain private.
The skill describes an optional verification flow that may involve sending data outside the local rewrite process, but it clearly limits that data to structured metrics rather than raw text.
If verification is used, send only structured evaluation data ... do not include text content ... only include evaluation metrics
Use optional verification only with a trusted verifier and confirm that no raw text or sensitive content is included.