ClawHub

Humanization

Security checks across malware telemetry and agentic risk

Overview

This skill is designed to upload essays to ZeroGPT and repeatedly rewrite them to pass AI-detection thresholds, creating academic-integrity and privacy concerns.

Install only if you are comfortable with essay text being submitted to a third-party website and if your institution or publisher permits this kind of detector-targeted rewriting. For normal writing help, prefer a skill that improves clarity, grammar, citations, and structure without optimizing against AI-detection tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation criteria are broad enough to trigger on ordinary requests to rewrite or polish academic text, which can silently route benign editing tasks into a workflow designed to reduce AI-detection scores. That increases the chance of misuse and unintended policy violations because the skill is framed around evasion rather than neutral writing assistance.

Missing User Warnings

High
Confidence
97% confidence
Finding
The workflow sends full essay content to a third-party website without a clear upfront warning, consent step, or data-handling disclosure. Essays may contain personal data, educational records, or proprietary material, so silent transmission creates privacy, confidentiality, and compliance risk.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The skill description explicitly states its purpose is to check AI-detection scores and rewrite text until it falls below a threshold for submission. That is a direct detector-evasion workflow aimed at bypassing academic scrutiny, not a neutral editing function.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The usage examples openly encourage users to 'humanize' text and pass AI detection tools for academic or journal submission. This makes the prohibited purpose user-facing and operationalizes misuse rather than merely implying it.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The rewrite loop is explicitly optimized around a numerical detector threshold, repeatedly testing and modifying content until the tool reports a passing score. This is a classic iterative evasion pattern that systematically tunes output against a defensive classifier.

Ssd 2

High
Confidence
99% confidence
Finding
The skill's top-level purpose is to disguise AI-generated text through iterative rewriting under the benign label of 'humanization.' That framing conceals an evasion objective and materially assists users attempting to defeat academic integrity controls.

Ssd 2

High
Confidence
98% confidence
Finding
The usage guidance encourages reducing detector scores and passing screening tools through softened wording like 'humanize' rather than directly saying 'evade.' This semantic indirection still clearly promotes bypassing detection mechanisms and increases the chance the behavior is normalized or overlooked.

Ssd 4

High
Confidence
99% confidence
Finding
The multi-round rewrite-and-retest design compounds risk because each iteration uses detector feedback to progressively improve evasiveness. Even if individual edits look benign, the cumulative workflow is purpose-built to defeat classifier thresholds and is therefore more dangerous in context.

Ssd 2

High
Confidence
100% confidence
Finding
The notes explicitly state that the goal is to break the statistical patterns AI detectors look for, which directly articulates evasion intent. This is strong evidence that the skill is not merely improving prose but adversarially modifying text to avoid detection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal