humanizer
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill is a purely instructional text-processing tool. It focuses on improving writing style and rhythm without performing suspicious network operations, hardcoding credentials, or attempting to hide its logic.
- [PROMPT_INJECTION]: The skill ingests untrusted input via the
$ARGUMENTSvariable and the--fileparameter, interpolating this data directly into the agent's context. This creates a potential surface for indirect prompt injection. - Ingestion points: User-supplied text in arguments and file content read through the
--fileflag in SKILL.md. - Boundary markers: Absent; the skill lacks delimiters or instructions to ignore embedded commands within the text being humanized.
- Capability inventory: The skill utilizes
Read,Write,Edit,Grep, andGlobtools, granting the agent the ability to modify local files based on instructions. - Sanitization: None; the input is processed directly without escaping or validation logic.
- [NO_CODE]: The skill is implemented as a set of sophisticated prompt instructions within a Markdown structure. It does not include any Python, JavaScript, or shell script files, minimizing the risk of traditional code-based exploits.
Audit Metadata