ClawHub
Back to skill

Security audit

Unclecheng Reduce Ai Perception V2 1.0.4

Security checks across malware telemetry and agentic risk

Overview

This skill shows no malware-like behavior, but it is designed to make AI-written text look human-written and may run on ordinary editing requests.

Install only if you intentionally want an opinionated AI-style rewriting assistant. Do not use it to falsely claim human authorship, bypass disclosure rules, or submit work where AI assistance must be identified. Review all file edits carefully, especially for quoted text, citations, technical material, legal or academic writing, and formatting-sensitive documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes broad, common phrases such as '润色', '自然一点', and '改写' that can match many ordinary editing requests, causing the skill to activate when the user did not specifically ask for AI-trace removal. That can unexpectedly apply style rewriting rules and humanization behavior to unrelated tasks, reducing user control and increasing the chance of deceptive rewriting.

Natural-Language Policy Violations

Medium
Confidence
85% confidence
Finding
The skill mandates a fixed punctuation/style policy, including replacing certain punctuation regardless of the source language or user preference. This can corrupt meaning, break formatting conventions, and silently override locale-appropriate writing norms, especially for bilingual or technical content.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The repeated blanket ban on punctuation conventions creates a rigid transformation pipeline that ignores context, language, and user intent. In practice this can damage quotations, dialogue, code-adjacent text, or English-language content while making the output less accurate and less faithful to the original.

Ssd 4

Medium
Confidence
97% confidence
Finding
These instructions explicitly direct the model to make text seem more like it was written by a human and less like AI-generated content. That is deception-oriented behavior: it helps conceal AI origin and can be used to evade AI-use disclosure policies, authenticity checks, academic rules, or platform moderation.

Ssd 4

Medium
Confidence
98% confidence
Finding
The self-check process explicitly optimizes for the reader to conclude 'this looks like a real person wrote it' rather than an AI. This creates a deliberate deception workflow, systematically refining output to pass as human-authored and making policy evasion more reliable.

Ssd 4

Medium
Confidence
96% confidence
Finding
The examples normalize concrete techniques for stripping AI markers and substituting cues of human authenticity, including more current details, subjective voice, and realism signals. Providing operational examples lowers misuse barriers and makes the deceptive objective easier to reproduce at scale.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal