Back to skill

Security audit

Content Humanizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed writing-aid workflow with a local scoring script and no evidence of hidden access, exfiltration, persistence, or destructive behavior.

Installers should expect this skill to analyze and rewrite supplied marketing copy, and it may read a local marketing-context.md file for brand voice if present. Do not treat its humanity score as definitive authorship detection, but there is no artifact-backed security reason to block installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
This is a mismatch because the description presents the skill as a humanizing editor that makes writing sound genuinely human, but the code is only an evaluator/scorer. Its primary purpose is detection and reporting of AI-like writing patterns, not rewriting or injecting voice/personality. While scoring could support a humanization workflow, the code's actual behavior materially differs from the declared purpose.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
This code emits prescriptive natural-language classifications such as 'AI fingerprint — full rewrite required 🔴' for low scores. That wording imposes a fixed judgment about acceptable writing style and can be interpreted as a policy-like directive rather than a neutral score, especially since the tool does not offer an opt-in framing or alternative locale/style expectations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.