Humanizer Zh Cn

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Chinese text-editing skill for rewriting AI-like prose, with no hidden code, credential access, network behavior, or persistence beyond normal installation.

Install from the reviewed package or verify the referenced GitHub repository before using the README commands. Use the skill only on documents you intend to rewrite, and review edits before saving or publishing because it is designed to change wording, tone, and style.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger "编辑或审阅文本，去除 AI 写作痕迹" is broad enough to match many ordinary editing or review requests, which can cause the skill to activate in contexts the user did not explicitly intend. That can lead to unsolicited rewriting of content, loss of original tone or meaning, and accidental application in sensitive workflows such as legal, academic, or compliance review.

Natural-Language Policy Violations

Medium

Confidence: 71% confidence
Finding: The skill instructions are entirely in Chinese and implicitly assume Chinese output without offering language negotiation or stating limits. In multilingual environments, this can cause unintended language switching, misunderstood edits, or corruption of user content when the source text is in another language or requires preservation of original language.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal