中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:2 days ago Rescan
5 /100
humanizer
Detect and remove AI writing patterns in text. Uses 24 pattern detectors, 500+ vocabulary terms, and statistical analysis (burstiness, type-token ratio, readability) to score text and suggest humanization fixes.
Pure text-processing Node.js skill with no runtime dependencies, no network access, no shell execution beyond invoking the CLI, and no sensitive filesystem access.
Skill Namehumanizer
Duration37.8s
Enginepi
Safe to install
This skill is safe to use. No security concerns identified.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned cli.js reads input files via fs.readFileSync; declared in SKILL.md
Network NONE NONE No network imports (fetch/http) in any source file
Shell NONE NONE scripts/*.sh only invoke 'node'; no subprocess or raw shell commands
Environment NONE NONE No os.environ iteration or credential access
Clipboard NONE NONE No clipboard access
Database NONE NONE No database access
Skill Invoke NONE NONE No skill invocation chains
Browser NONE NONE No browser automation
6 findings
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/License-MIT-yellow.svg
README.md:3
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/tests-128%20passing-brightgreen
README.md:4
🔗
Medium External URL 外部 URL
https://img.shields.io/badge/node-%3E%3D18-brightgreen
README.md:5
🔗
Medium External URL 外部 URL
https://en.wikipedia.org/wiki/Wikipedia:Signs_of_AI_writing
README.md:11
🔗
Medium External URL 外部 URL
https://arxiv.org/abs/2503.01659
README.md:11
🔗
Medium External URL 外部 URL
http://test.org/path?query=1&foo=bar
tests/edge-cases.test.js:163

File Tree

30 files · 206.6 KB · 5931 lines
JavaScript 14f · 4486L Markdown 9f · 1336L JSON 2f · 54L Text 3f · 31L Shell 2f · 24L
├─ 📁 assets
│ └─ 📝 banner.md Markdown 10L · 331 B
├─ 📁 docs
│ ├─ 📝 CONTRIBUTING.md Markdown 69L · 2.0 KB
│ ├─ 📝 EXAMPLES.md Markdown 79L · 5.3 KB
│ └─ 📝 PATTERNS.md Markdown 59L · 2.4 KB
├─ 📁 references
│ ├─ 📝 ai-vocabulary.md Markdown 171L · 5.5 KB
│ ├─ 📝 patterns.md Markdown 332L · 10.0 KB
│ └─ 📝 style-guide.md Markdown 106L · 3.9 KB
├─ 📁 scripts
│ ├─ 🔧 analyze.sh Shell 12L · 301 B
│ └─ 🔧 humanize.sh Shell 12L · 315 B
├─ 📁 src
│ ├─ 📜 analyzer.js JavaScript 419L · 14.8 KB
│ ├─ 📜 cli.js JavaScript 574L · 19.6 KB
│ ├─ 📜 humanizer.js JavaScript 411L · 14.2 KB
│ ├─ 📜 patterns.js JavaScript 986L · 28.1 KB
│ ├─ 📜 stats.js JavaScript 275L · 9.5 KB
│ └─ 📜 vocabulary.js JavaScript 617L · 15.1 KB
├─ 📁 tests
│ ├─ 📁 fixtures
│ │ ├─ 📄 ai-sample-1.txt Text 15L · 2.2 KB
│ │ ├─ 📄 ai-sample-2.txt Text 7L · 1.1 KB
│ │ └─ 📄 human-sample-1.txt Text 9L · 1.1 KB
│ ├─ 📜 analyzer.test.js JavaScript 337L · 13.2 KB
│ ├─ 📜 calibration.test.js JavaScript 141L · 7.2 KB
│ ├─ 📜 edge-cases.test.js JavaScript 201L · 7.1 KB
│ ├─ 📜 humanizer.test.js JavaScript 174L · 6.4 KB
│ ├─ 📜 performance.test.js JavaScript 86L · 3.2 KB
│ └─ 📜 statistics.test.js JavaScript 226L · 7.9 KB
├─ 📋 _meta.json JSON 5L · 131 B
├─ 📜 eslint.config.js JavaScript 31L · 559 B
├─ 📋 package.json JSON 49L · 1.3 KB
├─ 📝 README.md Markdown 361L · 15.8 KB
├─ 📝 SKILL.md Markdown 149L · 7.8 KB
└─ 📜 vitest.config.js JavaScript 8L · 152 B

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
eslint ^9.0.0 npm dev No Dev dependency only; not bundled with skill
prettier ^3.0.0 npm dev No Dev dependency only; not bundled with skill
vitest ^3.0.0 npm dev No Dev dependency only; not bundled with skill

Security Positives

✓ No runtime external dependencies — only devDependencies for linting and testing
✓ No network requests in any source file
✓ No subprocess, exec, or shell command execution beyond invoking node
✓ No credential, SSH, AWS, or .env file access
✓ No eval, Function(), or dynamic code execution
✓ No base64 encoding/decoding with shell piping
✓ No hidden instructions or obfuscated code
✓ Doc-to-code alignment is strong — declared capabilities match implementation
✓ No data exfiltration channels
✓ Shell scripts are simple wrappers with no curl/wget remote execution