← 返回 Skills 市场

Image Nuke - Nuclear Metadata Cleanser

Name: Image Nuke - Nuclear Metadata Cleanser
Author: cassh100k

作者 Cassh · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

303

总下载

当前安装

版本数

在 OpenClaw 中安装

/install image-nuke

功能描述

Nuclear-grade image metadata cleanser. Strip ALL EXIF/GPS/camera data, re-encode with noise injection. Forensically untraceable, reverse image search resistant.

使用说明 (SKILL.md)

Image Nuke - Nuclear Metadata Cleanser

Strip everything. Re-encode. Inject noise. Forensically untraceable.

What Gets Destroyed

ALL EXIF data (camera, lens, exposure, timestamps, software)
GPS / location coordinates
ICC color profiles
XMP / IPTC metadata
Adobe tags and editing history
Embedded thumbnails

Nuclear Operations

Sub-pixel Gaussian noise injection (invisible to human eye)
Micro color shift (undetectable hue rotation)
Per-pixel brightness variation
Random micro-crop (changes dimensions by 1-3px)
Fresh JPEG re-encoding with randomized quality/subsampling
Different perceptual hash (reverse image search resistant)

Usage

# Single image - nuclear mode
python3 {baseDir}/scripts/nuke_image.py photo.jpg

# Custom output + max noise
python3 {baseDir}/scripts/nuke_image.py photo.jpg clean.jpg --noise 5

# Batch process entire directory
python3 {baseDir}/scripts/nuke_image.py --batch ./photos/ ./clean/

# Lower quality for harder reverse matching
python3 {baseDir}/scripts/nuke_image.py photo.jpg --quality 80 --noise 4

Noise Levels

Level	Sigma	Use Case
1	0.8	Light cleanse - metadata only feel
2	1.6	Standard - good balance
3	2.4	Default - recommended
4	3.2	Heavy - reverse search resistant
5	4.0	Nuclear - maximum anonymization

Requirements

Python 3
Pillow (pip install Pillow)
NumPy (pip install numpy)

Notes

Output is always JPEG (even if input is PNG)
Original file is never modified
Each run produces a unique output (randomized noise)

安全使用建议

This skill appears to do what it says: strip metadata and perturb pixels. Before installing or running it, consider: (1) The script will attempt to run `pip install Pillow numpy` if those packages are missing — that silently downloads code from PyPI at runtime. If you prefer tighter control, pre-install trusted versions of those packages or run the script in an isolated environment. (2) The claim "forensically untraceable" is a strong assertion — if you have legal or high-risk needs (evidence handling, law enforcement, sensitive surveillance), validate the results with independent forensic tools; this script may not satisfy chain-of-custody or adversarial forensic analysis. (3) There is no network exfiltration in the code, no credentials requested, and no system-wide changes. If you decide to use it, run it on non-sensitive test images first and consider sandboxing (container/VM) while you confirm behavior.

功能分析

Type: OpenClaw Skill Name: image-nuke Version: 1.0.0 The skill includes a script `scripts/nuke_image.py` that uses `os.system` to automatically install Python dependencies (`Pillow` and `numpy`), which is a high-risk behavior in an automated agent environment as it executes shell commands and fetches external packages. While the tool's functionality for anti-forensics and bypassing reverse image search is clearly stated and the code performs the described pixel manipulations, the use of auto-installation via shell execution is a significant vulnerability. No evidence of intentional malice, data exfiltration, or persistence was found.

能力评估

✓ Purpose & Capability

Name/description promise (strip metadata, re-encode, inject noise) aligns with included script and SKILL.md. The single Python script implements metadata stripping, pixel noise, micro-cropping, JPEG re-encoding, and batch mode — all consistent with the stated goal. Required binary (python3) and Python deps (Pillow, NumPy) are appropriate for the task.

✓ Instruction Scope

SKILL.md instructs running the provided script on specified files or directories; the script only reads the supplied image files and writes new JPEG outputs. It does not access unrelated filesystem paths, environment variables, or external network endpoints (beyond potential pip installs). It computes local hashes and prints diagnostics only. No evidence of data exfiltration or instructions to transmit outputs to third parties.

ℹ Install Mechanism

There is no formal install spec, but the script attempts to auto-install dependencies via os.system("pip install Pillow numpy") when imports fail. That causes network downloads from PyPI at runtime, which is a supply-chain risk (arbitrary code download) compared with requiring the user to pre-install packages. This behavior is not inherently malicious but is a risk to be aware of.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. The minimal privileges requested (read image files and write outputs) are proportional to the stated functionality.

✓ Persistence & Privilege

The skill is not marked always:true and has no install-time behavior that modifies other skills or global agent configuration. It will only run when invoked; autonomous invocation is permitted (platform default) but not escalated by extra privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install image-nuke
安装完成后，直接呼叫该 Skill 的名称或使用 /image-nuke 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release - strip EXIF, noise injection, forensic anonymization

元数据

Slug image-nuke

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题