Description

Pixelate chat/messaging app screenshots (WeChat, WhatsApp, Telegram, iMessage, Slack, Discord, etc.) to hide chat name, profile pics, and/or display names. U...

README (SKILL.md)

\r \r

ChatMask Skill\r

Name: ChatMask
Author: frankz2020

\r When the user sends chat screenshots and asks to pixelate or hide identity\r elements, follow the steps below in order: Setup → Workflow.\r \r No external API key is required. This skill uses your existing AI\r capabilities to locate regions in the image, then delegates only the image\r manipulation to the local Python script.\r \r ---\r \r

Setup (run once, idempotent)\r

\r Run this block before the first job. Every step is guarded so re-running is safe.\r \r

# Default install path — override by setting CHAT_PIXELATE_PATH before calling the skill\r
CHAT_PIXELATE_PATH="${CHAT_PIXELATE_PATH:-$HOME/.openclaw/skills/chatmask}"\r
\r
# 1. Clone repo and checkout the pinned, audited commit\r
#    Audited commit: 62b0d1132e8cad8455ef29f74a98da486ff102d4 (frankz2020/chatmask, v1.1.0)\r
PINNED_SHA="62b0d1132e8cad8455ef29f74a98da486ff102d4"\r
if [ ! -d "$CHAT_PIXELATE_PATH/.git" ]; then\r
  git clone https://github.com/frankz2020/chatmask.git "$CHAT_PIXELATE_PATH"\r
fi\r
# Enforce the pinned commit — prevents silent drift if the branch moves\r
(cd "$CHAT_PIXELATE_PATH" && git fetch --quiet origin && git checkout --quiet "$PINNED_SHA")\r
\r
# 2. Create virtualenv if not already present\r
if [ ! -d "$CHAT_PIXELATE_PATH/.venv" ]; then\r
  python3 -m venv "$CHAT_PIXELATE_PATH/.venv" \\r
    || { apt-get install -y python3-venv && python3 -m venv "$CHAT_PIXELATE_PATH/.venv"; }\r
fi\r
\r
# 3. Install / upgrade dependencies (Pillow, python-dotenv — no network calls at runtime)\r
"$CHAT_PIXELATE_PATH/.venv/bin/pip" install -q -r "$CHAT_PIXELATE_PATH/requirements.txt"\r
\r
export CHAT_PIXELATE_PATH\r
PYTHON="$CHAT_PIXELATE_PATH/.venv/bin/python3"\r
```\r
\r
> **What this installs:** Pillow (image processing) and python-dotenv (.env loader\r
> for standalone use only). The `requests` package is **not** installed by the\r
> skill — it is only needed for standalone/non-skill mode and lives in\r
> `requirements-standalone.txt`. No network calls are made by the script at runtime.\r
\r
> **Network behavior:** The only outbound calls in Setup are `git clone` (one-time)\r
> and `pip install` (one-time). During Workflow, `process.py` makes **no network\r
> calls** when `--bbox-json` is supplied — all processing is local.\r
\r
---\r
\r
## Workflow\r
\r
Read **Element Selection** and **Option Configuration** to translate natural-language\r
requests into the correct flags before running.\r
\r
### 1. Prepare directories\r
\r
```bash\r
JOB_ID="job_$(date +%s)"\r
OUT_DIR="/tmp/chat_pixelate_out_$JOB_ID"\r
mkdir -p "$OUT_DIR"\r
```\r
\r
### 2. Process each image individually\r
\r
**Each image must be analysed and pixelated separately.** Different screenshots\r
have different element positions — passing one image's bounding boxes to another\r
would leave sensitive regions unredacted. Repeat the following block for every\r
image the user sent.\r
\r
> **Why per-image?** `--bbox-json` is scoped to a single image. `process.py`\r
> enforces this: it exits with an error if more than one image is present in the\r
> input directory when `--bbox-json` is used.\r
\r
For each image `\x3Cfilename.png>`:\r
\r
#### 2a. Copy the image into its own input directory\r
\r
```bash\r
# Use a fresh single-image input dir for each file\r
IMG_FILE="\x3Cfilename.png>"   # replace with the actual filename\r
IN_DIR="/tmp/chat_pixelate_in_${JOB_ID}_${IMG_FILE%.*}"\r
mkdir -p "$IN_DIR"\r
cp "$HOME/.openclaw/media/inbound/$IMG_FILE" "$IN_DIR/"\r
```\r
\r
#### 2b. Analyse the image with your vision capabilities\r
\r
Use the prompt below on `$IN_DIR/$IMG_FILE` and capture the JSON output.\r
The schema uses **normalized coordinates (0-1000)** where (0,0) is top-left\r
and (1000,1000) is bottom-right, in `y_min, x_min, y_max, x_max` order.\r
\r
```\r
You are a privacy specialist analyzing a chat/messaging app screenshot.\r
The app could be WeChat, WhatsApp, Telegram, iMessage, Slack, Discord, LINE,\r
KakaoTalk, or any other messaging application. The UI may be in English,\r
Chinese, or any other language. Identify the requested elements by their\r
visual layout and position, not by app-specific labels.\r
\r
YOUR TASK:\r
Locate ALL occurrences of the following elements and return their bounding boxes:\r
1. chat_names   — The text title in the top navigation/header bar (conversation\r
                   name, group name, channel title, back-button contact name).\r
2. profile_pics — Circular or rounded avatar images next to message bubbles,\r
                   in the header, or on the participants list. Each distinct\r
                   avatar occurrence is its own region.\r
3. display_names — Text username/nickname labels directly next to or above\r
                   message bubbles (sender names, distinct from the header title).\r
\r
RULES:\r
- Return ONLY the elements listed above.\r
- Each element occurrence must be its own region.\r
- Cover the full visible area with a small amount of padding.\r
- If an element type is not visible, return an empty list for that key.\r
- Use normalized coordinates (0-1000) where (0,0) is top-left and (1000,1000) is bottom-right.\r
- Coordinate order: y_min, x_min, y_max, x_max (top, left, bottom, right).\r
- All values must be integers between 0 and 1000.\r
\r
Respond ONLY with a JSON object using this exact schema (no extra text outside the JSON):\r
{\r
  "chat_names":    [{"y_min": int, "x_min": int, "y_max": int, "x_max": int}],\r
  "profile_pics":  [{"y_min": int, "x_min": int, "y_max": int, "x_max": int}],\r
  "display_names": [{"y_min": int, "x_min": int, "y_max": int, "x_max": int}]\r
}\r
```\r
\r
Omit keys for elements the user did not request (see **Element Selection** below).\r
\r
#### 2c. Run pixelation for this image\r
\r
Pass the JSON from 2b via `--bbox-json`. No API key is read or written.\r
\r
```bash\r
BBOX='\x3CJSON output from 2b>'\r
"$PYTHON" "$CHAT_PIXELATE_PATH/process.py" \\r
    "$IN_DIR" \\r
    "$OUT_DIR" \\r
    --bbox-json "$BBOX" \\r
    [OPTIONS]   # see Element Selection and Option Configuration below\r
```\r
\r
Repeat steps 2a–2c for every image before proceeding.\r
\r
### 3. Return results to user\r
\r
```bash\r
ls "$OUT_DIR/"*_pixelated.png\r
```\r
\r
Attach or share all processed images from `$OUT_DIR/`.\r
\r
---\r
\r
## Element Selection\r
\r
Translate the user's intent to `--elements`. Default (no flag) pixelates all three.\r
\r
| User says (EN / 中文) | `--elements` flag |\r
|---|---|\r
| all / default / 全部 / 默认 / 全部打码 | *(omit flag — default: all three)* |\r
| chat name only / 只隐藏聊天名称 | `--elements chat_name` |\r
| profile pics only / 只隐藏头像 | `--elements profile_pic` |\r
| display names only / 只隐藏昵称 / 只隐藏用户名 | `--elements display_name` |\r
| avatars and display names / 隐藏头像和昵称 | `--elements profile_pic,display_name` |\r
| chat name and avatars / 隐藏聊天名称和头像 | `--elements chat_name,profile_pic` |\r
| chat name and display names / 隐藏聊天名称和昵称 | `--elements chat_name,display_name` |\r
\r
When not all three elements are requested, omit the unused keys from the\r
bounding-box JSON prompt in step 2 to reduce noise.\r
\r
**Element definitions:**\r
- **chat_name**: Title text in the top navigation bar (group name, contact name, channel title)\r
- **profile_pic**: Circular/rounded avatar images next to message bubbles\r
- **display_name**: Text username/nickname labels next to or above message bubbles\r
\r
---\r
\r
## Option Configuration\r
\r
| User says (EN / 中文) | Flag |\r
|---|---|\r
| soft blur / mist effect / 模糊效果 / 雾化（默认）| `--pixel-mode A` *(default)* |\r
| block / mosaic / pixelate blocks / 马赛克 / 方块效果 | `--pixel-mode B` |\r
\r
---\r
\r
## Full Example (copy-paste ready)\r
\r
Two images processed, each with its own per-image bounding-box analysis:\r
\r
```bash\r
# (Assumes Setup block has already run and exported CHAT_PIXELATE_PATH and PYTHON)\r
\r
JOB_ID="job_$(date +%s)"\r
OUT_DIR="/tmp/chat_pixelate_out_$JOB_ID"\r
mkdir -p "$OUT_DIR"\r
\r
# --- Image 1: screenshot_a.png ---\r
IN_A="/tmp/chat_pixelate_in_${JOB_ID}_a"\r
mkdir -p "$IN_A"\r
cp "$HOME/.openclaw/media/inbound/screenshot_a.png" "$IN_A/"\r
# (analyse screenshot_a.png with your vision model, capture JSON as BBOX_A)\r
BBOX_A='{"chat_names":[{"y_min":20,"x_min":100,"y_max":80,"x_max":900}],"profile_pics":[{"y_min":150,"x_min":10,"y_max":220,"x_max":80}],"display_names":[{"y_min":160,"x_min":90,"y_max":190,"x_max":350}]}'\r
"$PYTHON" "$CHAT_PIXELATE_PATH/process.py" "$IN_A" "$OUT_DIR" --bbox-json "$BBOX_A"\r
\r
# --- Image 2: screenshot_b.png --- (analyse separately; elements at different positions)\r
IN_B="/tmp/chat_pixelate_in_${JOB_ID}_b"\r
mkdir -p "$IN_B"\r
cp "$HOME/.openclaw/media/inbound/screenshot_b.png" "$IN_B/"\r
# (analyse screenshot_b.png with your vision model, capture JSON as BBOX_B)\r
BBOX_B='{"chat_names":[{"y_min":10,"x_min":200,"y_max":70,"x_max":800}],"profile_pics":[],"display_names":[{"y_min":200,"x_min":60,"y_max":240,"x_max":400}]}'\r
"$PYTHON" "$CHAT_PIXELATE_PATH/process.py" "$IN_B" "$OUT_DIR" --bbox-json "$BBOX_B"\r
\r
echo "=== Output images ==="\r
ls "$OUT_DIR/"*_pixelated.png\r
```\r
\r
### More examples\r
\r
```bash\r
# Only blur profile pics for one image — omit unused keys from JSON\r
IN_IMG="/tmp/chat_pixelate_in_${JOB_ID}_img"\r
mkdir -p "$IN_IMG"\r
cp "$HOME/.openclaw/media/inbound/chat.png" "$IN_IMG/"\r
BBOX='{"profile_pics":[{"y_min":150,"x_min":10,"y_max":220,"x_max":80}]}'\r
"$PYTHON" "$CHAT_PIXELATE_PATH/process.py" "$IN_IMG" "$OUT_DIR" \\r
    --elements profile_pic \\r
    --bbox-json "$BBOX"\r
\r
# Hide chat name and display names, block mosaic style\r
BBOX='{"chat_names":[{"y_min":0,"x_min":100,"y_max":60,"x_max":900}],"display_names":[{"y_min":160,"x_min":90,"y_max":190,"x_max":350}]}'\r
"$PYTHON" "$CHAT_PIXELATE_PATH/process.py" "$IN_IMG" "$OUT_DIR" \\r
    --elements chat_name,display_name \\r
    --pixel-mode B \\r
    --bbox-json "$BBOX"\r
```\r
\r
---\r
\r
## Troubleshooting\r
\r
| Symptom | Cause | Fix |\r
|---|---|---|\r
| `--bbox-json ... but N images were found` | Multiple images in input dir with `--bbox-json` | Use a separate `$IN_DIR` per image and run `process.py` once per image |\r
| `python3 -m venv` fails | Missing venv module | Run `apt-get install -y python3-venv` then re-run Setup |\r
| `git clone` fails | No git installed or no network | Run `apt-get install -y git` or check network connectivity |\r
| `No images found in input directory` | Copy step failed | Check `ls $IN_DIR/` and confirm the filename is exact |\r
| Image copied unchanged with `SKIPPED` in summary | JSON parse failure | Check printed warning; verify the bbox JSON is valid |\r
| Wrong regions pixelated | Bounding boxes were inaccurate | Re-analyse the image and adjust coordinates; try `--pixel-mode B` |\r

Usage Guidance

This skill appears to do what it says: it asks the agent to locate sensitive areas in screenshots and runs a local Python script to pixelate them. Before installing, consider these points: - The Setup step clones a GitHub repo and pip-installs packages into a virtualenv on your machine. Although the commit SHA and dependency pins are present (good), you should review the repository at the pinned SHA (62b0d113...) and the requirements.txt to confirm you trust the code. - Setup will perform network operations once (git clone, pip install). If you prefer, run the Setup steps manually in an isolated environment or inspect the code first instead of running them automatically. - The skill reads images from $HOME/.openclaw/media/inbound and writes temp files to /tmp; ensure you’re comfortable with the agent having access to those locations for the intended task. - The skill does not require API keys for normal skill usage. However, if you run the script standalone (without --bbox-json), it may use an OpenRouter key found in .env — avoid placing secrets there unless intended. If you want to be extra cautious: review the pinned commit contents (process.py, vision.py, requirements files) before running Setup, or run Setup in a disposable account/VM.

Capability Analysis

Type: OpenClaw Skill Name: chatmask Version: 1.1.1 The chatmask skill is a utility for redacting sensitive information (names, avatars) from chat screenshots using local image processing. It demonstrates strong security hygiene by pinning its external dependency to a specific audited GitHub commit (62b0d1132e8cad8455ef29f74a98da486ff102d4), utilizing the agent's native vision capabilities instead of external APIs, and explicitly removing network-capable libraries like 'requests' from its runtime environment. The workflow in SKILL.md and the detailed security improvements documented in RELEASE_NOTES.md align with its stated privacy-preserving purpose.

Capability Assessment

✓ Purpose & Capability

Name/description match the requested binaries (python3, git) and the actions (image processing). Requiring Python and Git is expected for a skill that clones a repo and runs a local script. Minor omission: the workflow reads images from $HOME/.openclaw/media/inbound (and writes to /tmp) but the skill metadata does not list any required config paths — this is consistent with normal agent media usage but is worth noting.

ℹ Instruction Scope

SKILL.md confines runtime behavior to: clone repo once, create a venv, install pinned Pillow and python-dotenv, prompt the agent to produce bounding-box JSON, and call a local process.py with --bbox-json to pixelate images. The instructions explicitly avoid runtime network calls in skill mode and limit analysis to specified elements. The skill copies inbound media into per-job temp dirs (/tmp) and expects the agent to provide vision output; these file reads/writes are necessary for the task but should be understood by the user.

ℹ Install Mechanism

No package install metadata in the registry (instruction-only), but Setup will perform a one-time 'git clone' from GitHub and 'pip install -r requirements.txt' in a created virtualenv. The commit SHA is pinned and the release notes indicate pinned dependency versions, which reduces supply-chain drift risk. Still, Setup executes network operations and installs third-party packages into a venv on disk — review the pinned commit and requirements before first run. The fallback apt-get step (python3-venv) may attempt system package install if venv creation fails.

✓ Credentials

The skill declares no required environment variables or credentials, and SKILL.md states no API key is required for skill mode. Release notes explain that standalone CLI mode can read a .env with an OpenRouter key, but the skill's documented runtime path (using --bbox-json) does not make outbound calls and does not require secrets. This is proportionate to the described functionality. Users with an existing .env should be aware that standalone usage (outside skill mode) may use it.

✓ Persistence & Privilege

The skill is not always-enabled, is user-invocable, and does not request system-wide changes. Setup writes to a per-user path ($HOME/.openclaw/skills/chatmask) and creates a venv there; it does not modify other skills or system-wide agent settings. Autonomous invocation is permitted (platform default) but not paired with elevated privileges in this skill.

Version History

v1.1.1

## [1.1.1] — 2026-03-19 ### Added - `--bbox-json` flag on `process.py`: accepts pre-computed bounding-box JSON (or `-` for stdin), bypassing the vision API entirely. No `OPENROUTER_API_KEY` is required when this flag is used. Input directory must contain exactly one image per invocation. - OpenClaw skill (`SKILL.md`) now uses the agent's own built-in AI for image analysis instead of routing through OpenRouter — zero credentials required, zero runtime network calls. - `metadata` frontmatter in `SKILL.md`: explicit `requires.bins` gates (`python3`, `git`) and `homepage` link so OpenClaw can surface and gate the skill correctly. - `requirements-standalone.txt`: separates the `requests` package (only needed for standalone/OpenRouter mode) from the skill-mode install, so the skill setup installs the minimum possible footprint. ### Changed - `SKILL.md` workflow restructured for correctness: each image is now analysed and pixelated in its own isolated invocation (separate `$IN_DIR` per image). Previously a single `process.py` call covered all images with one shared bounding-box dict, which would silently apply one image's coordinates to all others. - `process.py` enforces the single-image constraint when `--bbox-json` is supplied: exits with a clear error if more than one image is found in the input directory. - `vision.py`: replaced bare `assert` on missing API key with a `ValueError` whose message explicitly identifies the standalone-only context and points OpenClaw users to `--bbox-json`. - `dotenv` and `vision` imports are now lazy (loaded only in the standalone code path), so `process.py` has zero module-level side-effects and passes ruff E402. - Removed three spurious `f`-string prefixes (ruff F541). - Removed `OpenRouter` badge from README header; updated Features table, How It Works diagrams, Requirements, Installation, Usage, Configuration, and module descriptions to accurately reflect both operating modes. - Dependency versions in `requirements.txt` pinned exactly (`Pillow==11.2.1`, `python-dotenv==1.2.2`) — previously `>=` floor bounds allowed silent upgrades to unreviewed versions. ### Security - Eliminated credential prompt and `.env` write from the OpenClaw skill Setup block. No secret is ever requested, stored on disk, or written by the skill. - Narrowed inbound file copy from a wildcard glob (`*.{png,jpg,jpeg}`) to explicit per-image copy, limiting file-system access to only the files the user sent. - Skill Setup now executes `git checkout <sha>` after cloning, enforcing the pinned audited commit (`62b0d1132e8cad8455ef29f74a98da486ff102d4`). Previously the SHA was documented in a comment but never actually checked out, so installs silently tracked the branch tip. - Replaced all remaining `assert` statements in `process.py` with explicit `ValueError` / `sys.exit(1)` calls. `assert` can be silenced by running Python with `-O`, which would have bypassed input validation in `_parse_elements()`, `_parse_json_response()`, and the input-directory existence check. - Removed `requests` from `requirements.txt` (skill-mode install). The package is only used by `vision.py` in standalone mode and had no purpose in skill operation; its presence in the install unnecessarily added a network-capable dependency.

v1.1.0

## v1.1.0 — 2026-03-19 ### No API key required ChatMask no longer requires an OpenRouter API key when used as an OpenClaw skill. The agent's own built-in AI now handles image analysis directly. Bounding-box coordinates are passed to the local Python script via `--bbox-json`; the script performs only image manipulation using Pillow. No credentials are requested, stored, or written to disk. **Before:** Setup prompted for an `OPENROUTER_API_KEY`, wrote it to `.env`, and made one outbound HTTP call per image to OpenRouter. **After:** Zero credentials. Zero runtime network calls. All processing is local. ### What changed for existing users - If you previously configured a key in `.env`, it is still read by `process.py` in standalone CLI mode — nothing breaks. - The skill Setup block no longer includes step 4 (API key configuration). Re-running Setup is safe and idempotent. - The workflow now processes each image individually in its own isolated invocation. If you have a custom wrapper that called `process.py` with a shared directory of multiple images together with `--bbox-json`, update it to call once per image. ### Per-image correctness fix The previous workflow staged all user images into one directory and called `process.py` once with a single bounding-box JSON. Since different screenshots have different element positions, images beyond the first received incorrect coordinates. This is now prevented at two levels: 1. `process.py` exits with an error if `--bbox-json` is used with more than one image in the input directory. 2. The SKILL.md workflow explicitly loops per image — analyse one, pixelate it, then move to the next. ### Security improvements | Concern | Resolution | |---|---| | Credential prompt and `.env` write in skill Setup | Removed entirely | | Wildcard glob copying all inbound media | Replaced with explicit per-filename copy | | `assert` on missing API key (could be silenced) | Replaced with `ValueError` with a message that explains standalone-only context | | No `metadata` gates in skill frontmatter | Added `requires.bins: [python3, git]` and `homepage` | | No audited commit reference in `git clone` | Pinned commit SHA annotated in Setup block | ### Standalone CLI unchanged Running `process.py` directly without `--bbox-json` still works exactly as before — it calls the OpenRouter API using the key from `.env`. The key is now described as "standalone only" in `.env.example` and all relevant docs.

v1.0.0

Initial release

Metadata

Slug chatmask

Version 1.1.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is ChatMask?

Pixelate chat/messaging app screenshots (WeChat, WhatsApp, Telegram, iMessage, Slack, Discord, etc.) to hide chat name, profile pics, and/or display names. U... It is an AI Agent Skill for Claude Code / OpenClaw, with 153 downloads so far.

How do I install ChatMask?

Run "/install chatmask" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ChatMask free?

Yes, ChatMask is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ChatMask support?

ChatMask is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ChatMask?

It is built and maintained by frankz2020 (@frankz2020); the current version is v1.1.1.

More Skills

ChatMask