humanizer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to process arbitrary user text ("When given text to humanize") and possesses powerful file system capabilities (
Read,Write,Edit,Grep,Glob). The prompt lacks explicit delimiters (such as XML tags or triple quotes) or negative constraints to prevent the agent from executing instructions that may be embedded within the text provided for humanization.\n - Ingestion points: Processes untrusted text provided by users for transformation (SKILL.md).\n
- Boundary markers: Absent; the prompt does not define specific delimiters for user-provided content.\n
- Capability inventory: Includes tools for reading, writing, and editing files on the local file system (SKILL.md).\n
- Sanitization: Absent; the skill does not include mechanisms to validate or sanitize input content.\n- [EXTERNAL_DOWNLOADS]: The documentation (README.md, WARP.md) directs users to clone the skill's repository from
https://github.com/blader/humanizer.git. While this is the standard installation method for the skill, the repository is hosted outside of the known trusted vendor list provided for the author SZoloth.
Audit Metadata