ClawHub

Ai Humanizer Local

Security checks across malware telemetry and agentic risk

Overview

This is a local writing helper with disclosed humanization behavior and no evidence of hidden data access or automatic persistence.

Reasonable to install for local draft review. Only process documents you intend the tool to read, review all rewritten output before publishing, and only add the always-on rules to agent settings if you want this style preference to affect future responses broadly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The README instructs users to bake a permanent behavioral policy into an agent's system prompt so the model 'always' writes in a prescribed way, including hard bans on words and response patterns. In an agent skill context, this acts as prompt-level behavior modification without task-level consent, which can override user intent, distort outputs, and create covert policy shaping across unrelated tasks.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The invocation description is broad enough to match many generic editing or writing-improvement requests, which can cause the skill to activate when the user did not ask for AI-detector-style rewriting. That creates scope creep: the agent may over-edit content, alter tone or intent, and apply anti-AI stylistic rules in contexts where faithful editing or domain-specific help was expected.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill explicitly recommends adding its rules to an agent's personality/system prompt for 'ALWAYS' writing like a human, without requiring per-request user consent. That is dangerous because it persistently changes agent behavior across unrelated tasks, can override higher-priority style or safety expectations, and may lead to deceptive output by systematically masking AI provenance.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The guide advertises automatic rewriting of user text via `humanize --autofix` but does not warn that the tool may materially change meaning, tone, factual nuance, citations, or compliance-sensitive wording. In a text-rewriting skill, silent content modification is a real safety issue because users may trust the output and publish altered content without review.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The usage guide encourages piping arbitrary user text and files into the analysis/humanization workflow but provides no privacy or data-handling warning. Even if the tool is local, users may input sensitive drafts, personal data, regulated content, or proprietary material without being prompted to verify storage, logging, or downstream exposure risks.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The code explicitly recommends adding first-person perspective ("I found", "We noticed", "In my experience") as a generic humanization tactic, without checking whether the speaker actually has that perspective. In a tool whose purpose is to make AI-generated text seem human, this guidance can encourage deceptive authorship claims or fabricated personal experience, which crosses from style assistance into misrepresentation.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal