Skills
skills/visualxintelligence/agent-toolkit/humanizer/Gen Agent Trust Hub

humanizer

Warn

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis

================================================================================

🟡 VERDICT: MEDIUM

This skill is designed to help Claude humanize text by identifying and rewriting AI-generated patterns. The core functionality described in SKILL.md appears benign and focused on text transformation. However, the installation instructions in README.md involve cloning a GitHub repository that is not from a trusted source, introducing an unverifiable dependency. Additionally, the skill declares broad tool access, which, while not exploited by the current instructions, presents a potential risk.

Total Findings: 3

🟡 MEDIUM Findings: • Unverifiable Dependency

  • README.md Line 8: git clone https://github.com/blader/humanizer.git ~/.claude/skills/humanizer
  • The skill's installation instructions direct the user to clone a repository from github.com/blader/humanizer. The blader organization is not listed as a trusted GitHub organization. This means the source code for the skill is not from a verified, trusted entity, and its contents cannot be fully guaranteed at the time of analysis without direct inspection of the remote repository. While the provided SKILL.md is analyzed and appears benign, the act of cloning from an untrusted source is a medium risk.

🔵 LOW Findings: • Broad Tool Access Declared

  • SKILL.md Line 10: `allowed-tools:
  • Read
  • Write
  • Edit
  • Grep
  • Glob
  • AskUserQuestion`
  • The skill declares access to powerful tools such as Read, Write, Edit, Grep, and Glob. While the current instructions within SKILL.md do not direct the agent to misuse these tools (e.g., for data exfiltration or arbitrary file modification), the declaration of such broad capabilities means the agent could perform these actions if instructed to do so by a malicious prompt or a future update to the skill's instructions. This is a general concern for skills with extensive tool access.

ℹ️ INFO Findings: • Susceptibility to Indirect Prompt Injection

  • SKILL.md
  • The skill's primary function is to process and rewrite user-provided text. As such, it is inherently susceptible to indirect prompt injection, where malicious instructions could be embedded within the text the user asks the skill to humanize. This is a general risk for any skill that processes arbitrary user input, rather than a specific vulnerability introduced by the skill's own code.

================================================================================

Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 12, 2026, 10:45 PM