humanizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to process untrusted text from users, which introduces a surface for indirect prompt injection.
- Ingestion points: User-provided text processed via the /humanizer command.
- Boundary markers: No delimiters or 'ignore' instructions are documented in the provided files.
- Capability inventory: The skill utilizes
allowed-toolsas specified in its metadata. - Sanitization: No evidence of input sanitization or validation.
- External Download (SAFE): The documentation includes instructions to clone the repository from an untrusted GitHub source. However, this is for initial installation of the skill itself and does not involve automated remote code execution.
Audit Metadata