ClawHub

AI writing pattern detection and removal tool for Chinese MBA thesis

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it is built to help MBA thesis text avoid AI-detection and plagiarism/similarity checks, which creates a serious academic-integrity risk.

Install only if you are using it for transparent proofreading of your own original work and your institution allows that use. Do not use it to hide AI authorship, bypass AI detectors, reduce plagiarism/similarity scores, or disguise copied or insufficiently cited material. The code appears locally scoped, but the content guidance should be reviewed carefully before enabling it in academic workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (37)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The README expands the skill from text humanization into lowering plagiarism-check rates, which materially changes the security and policy profile of the tool. In the context of academic-thesis assistance, this broadening enables evasion of integrity controls and can facilitate dishonest submission of AI- or source-derived content.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
Documenting a capability to lower plagiarism-check rates directly supports circumvention of academic-integrity enforcement. In an MBA-thesis skill, this is especially risky because it can be used to disguise copied or heavily machine-generated work and defeat institutional review processes.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The README explicitly frames plagiarism/duplication-rate reduction as an optimization goal alongside AI-trace removal for MBA theses. In an academic-writing skill, this goes beyond benign style polishing and can enable users to disguise AI-assisted or recycled work to evade institutional integrity checks.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
Claiming support for lowering duplication/plagiarism rates expands the skill's scope from humanization into concealment of potentially non-original academic content. Because the stated use case is thesis writing, this materially increases the risk of facilitating academic misconduct.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The risk-based rewrite guidance instructs users to add data and examples as part of reducing AI-risk scores, which encourages substantive content generation rather than merely revising user-authored text. In an academic context, this can lead to fabricated support or misleadingly polished arguments designed to evade scrutiny.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The document claims it does not assess academic-content depth, yet earlier sections direct theory, data, and substantive analytical enrichment. This inconsistency obscures the tool's actual behavior and weakens user understanding of the academic-integrity risks posed by the skill.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill goes beyond style improvement and explicitly adds lowering plagiarism/check-rate as an optimization goal. That is an evasion use case: it helps users conceal AI authorship and reduce similarity signals that academic integrity systems rely on. In the context of MBA thesis writing, this materially increases the risk of facilitating cheating and fraudulent submission.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The file is explicitly framed around '降低查重率' and repeatedly teaches users how to preserve meaning while altering wording to avoid duplicate-check systems. That goes beyond benign style improvement and directly enables academic-integrity evasion, especially in the context of MBA thesis writing where originality and proper attribution are required.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The later sections include checklists and workflow steps such as synonym-replacement targets, structural changes, and '查重验证', which operationalize plagiarism evasion as a process. This is not necessary for removing AI-like tone and makes the skill more dangerous by giving users a practical recipe for misconduct.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This code explicitly encourages rewriting text to add first-person voice and subjective praise (for example, adding '本文/我们' and words like '显著' or '优异') rather than merely improving fluency. In the context of a skill whose purpose is to remove AI-detection traces from academic writing, this crosses into deceptive content manipulation by helping users disguise machine-generated authorship and alter scholarly tone in a misleading way.

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
Several auto-fix rules use empty-string replacements for broad regex matches, so the tool can silently delete phrases, clauses, or discourse markers from user text. In an academic-writing context, this can materially change meaning, weaken attribution, and remove qualifiers or evidentiary framing while presenting the result as a stylistic cleanup.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill’s declared purpose is to humanize or rewrite MBA text to reduce AI traces, but the implementation is an AI-text detector that scores detectability and produces a modification plan for lowering that score. In context, this materially enables evasion of AI-detection and academic integrity controls, making the mismatch more dangerous than a simple product-quality issue.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
Presenting the skill as removing AI-writing traces for academic work creates a clear academic-integrity abuse path. The educational context makes this more dangerous because the intended artifact is an assessed thesis, so concealment of AI authorship can directly undermine grading, authenticity, and institutional trust.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
The strategy text explicitly encourages reducing AI-detection signals in theses, which is actionable guidance for evading oversight systems. Because the skill is tailored to academic submissions, the context increases harm by operationalizing concealment in a high-stakes integrity setting.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad enough to activate on ordinary editing requests, which can cause the skill to intervene when a user did not explicitly opt into AI-trace removal behavior. In this context, that matters because the skill is centered on concealing AI authorship signals in academic writing, so overbroad activation increases the chance of misuse and accidental policy-bypassing assistance.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README promotes AI-trace removal and rewriting of academic text without a clear warning that using the tool to evade AI-detection or alter thesis submissions may violate academic-integrity rules. In context, the omission normalizes deceptive use and makes misuse more likely.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad and directly activate the skill for requests like 'remove AI traces' without scope limits, exclusions, or compliance checks. That makes the skill easy to invoke for deceptive post-processing of academic submissions, especially in a thesis-focused environment.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger phrases are broad enough to match ordinary requests such as 'make this sound more human' or 'rewrite this text,' which can cause the skill to activate unexpectedly outside the user's intended context. In a rewriting skill focused on removing AI traces, over-broad activation is risky because it may steer routine writing tasks into covert-humanization or academic-evasion behavior without clear user consent.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The document provides concrete paraphrasing methods, examples, and success criteria specifically intended to reduce plagiarism-detection similarity while keeping substantive content unchanged. In an academic-writing skill, this materially facilitates cheating by helping users disguise reused source material instead of producing original work or properly attributing sources.

Ssd 2

Medium
Confidence
95% confidence
Finding
Reframing detector evasion as 'humanization' is still assistance for concealing machine-generated authorship. Even without explicit jailbreak phrasing, the practical effect is the same: helping users transform text to avoid detection and misrepresent origin.

Ssd 2

Medium
Confidence
98% confidence
Finding
The README explicitly states that the tool reduces AI detection rates through rewriting and stylistic transformation, which is direct evasion guidance. In an academic-thesis context, this meaningfully increases the likelihood of misuse to bypass review and submit concealed AI-assisted work.

Ssd 2

Medium
Confidence
96% confidence
Finding
Trigger phrases like 'remove AI traces' solicit the skill for concealment of AI origin, which is semantically an evasion request. The academic setting makes this more dangerous because the likely target is assessed coursework or a thesis rather than casual prose.

Ssd 2

Medium
Confidence
97% confidence
Finding
The modification strategy recommends deep rewriting and removing all AI-signature vocabulary when detection risk is high, which is systematic advice for bypassing detectors. This goes beyond normal editing into an optimization loop for concealment, making misuse practical and repeatable.

Ssd 2

Medium
Confidence
98% confidence
Finding
The skill explicitly aims to detect and remove signs that text was AI-generated, which is effectively guidance for evading AI-authorship detection in an academic setting. Because the target use case is theses, this can facilitate academic dishonesty and undermine provenance and integrity checks used by institutions.

Ssd 2

Medium
Confidence
97% confidence
Finding
The invocation examples directly instruct users to paste text and ask the skill to 'remove AI traces,' which operationalizes concealment of AI authorship. This lowers friction for misuse and makes the evasion workflow readily accessible to users seeking to bypass academic scrutiny.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal