Security audit

Humanizer AI

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only writing helper that rewrites text to sound less AI-generated, with no code execution, installs, credentials, network use, or persistence.

Install only if you are comfortable with a skill that can make AI-written text appear more human. Review rewrites for factual accuracy, voice, and provenance-sensitive contexts such as school, hiring, journalism, legal, or compliance work. Consider invoking it explicitly rather than allowing it to handle every generic polishing request.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list is broad enough to catch generic editing requests such as "polish text," which are not specific to AI-humanization. In an agent environment, this can cause the skill to activate outside its intended scope, overriding more appropriate writing or editing behaviors and potentially steering users toward evasion-oriented rewriting they did not explicitly request.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal