Back to skill

Security audit

AI Paragraph Rewriter

Security checks across malware telemetry and agentic risk

Overview

This is not malware, but it is designed to help conceal AI-written text from detector and authenticity-review systems.

Review carefully before installing. The skill does not appear to access your device, accounts, or files, but its main use is to make AI-written text appear human-written to detection systems. Avoid using it for schoolwork, hiring or compliance submissions, plagiarism checks, workplace disclosure requirements, or any situation where hiding AI assistance would mislead someone.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger section is broad and explicitly activates on requests to 'bypass AI detection,' 'make text undetectable,' and similar paraphrasing prompts without any limiting policy checks. That makes the skill easy to invoke for deceptive use cases such as academic dishonesty, policy evasion, or misrepresentation of authorship.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill description openly promotes bypassing GPTZero, Turnitin, and Originality.ai but provides no warning, restriction, or integrity safeguard. In this context, the absence of misuse warnings materially increases risk because the stated purpose is evasion of systems commonly used to assess authenticity and plagiarism-related concerns.

Ssd 2

Medium
Confidence
99% confidence
Finding
The skill is explicitly designed to transform AI-generated text into text that 'passes all major AI content detectors,' which is direct guidance for evading authenticity screening. The context makes this more dangerous, not less, because the skill's core functionality is not neutral paraphrasing but concealment of machine-generated authorship.

Ssd 4

Medium
Confidence
98% confidence
Finding
The document provides a procedural playbook for systematically altering text to avoid detection, including a dedicated 'Bypass' mode with instructions to rewrite from scratch and add human-like quirks. This stepwise operational guidance lowers the barrier to misuse and directly enables deception at scale in academic, professional, or compliance-sensitive settings.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.