ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Image Nuke - Nuclear Metadata Cleanser

v1.0.0

Nuclear-grade image metadata cleanser. Strip ALL EXIF/GPS/camera data, re-encode with noise injection. Forensically untraceable, reverse image search resistant.

0· 282·0 current·0 all-time
byCassh@cassh100k

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cassh100k/image-nuke.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Image Nuke - Nuclear Metadata Cleanser" (cassh100k/image-nuke) from ClawHub.
Skill page: https://clawhub.ai/cassh100k/image-nuke
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install cassh100k/image-nuke

ClawHub CLI

Package manager switcher

npx clawhub@latest install image-nuke
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise (strip metadata, re-encode, inject noise) aligns with included script and SKILL.md. The single Python script implements metadata stripping, pixel noise, micro-cropping, JPEG re-encoding, and batch mode — all consistent with the stated goal. Required binary (python3) and Python deps (Pillow, NumPy) are appropriate for the task.
Instruction Scope
SKILL.md instructs running the provided script on specified files or directories; the script only reads the supplied image files and writes new JPEG outputs. It does not access unrelated filesystem paths, environment variables, or external network endpoints (beyond potential pip installs). It computes local hashes and prints diagnostics only. No evidence of data exfiltration or instructions to transmit outputs to third parties.
Install Mechanism
There is no formal install spec, but the script attempts to auto-install dependencies via os.system("pip install Pillow numpy") when imports fail. That causes network downloads from PyPI at runtime, which is a supply-chain risk (arbitrary code download) compared with requiring the user to pre-install packages. This behavior is not inherently malicious but is a risk to be aware of.
Credentials
The skill requests no environment variables, credentials, or config paths. The minimal privileges requested (read image files and write outputs) are proportional to the stated functionality.
Persistence & Privilege
The skill is not marked always:true and has no install-time behavior that modifies other skills or global agent configuration. It will only run when invoked; autonomous invocation is permitted (platform default) but not escalated by extra privileges.
Assessment
This skill appears to do what it says: strip metadata and perturb pixels. Before installing or running it, consider: (1) The script will attempt to run `pip install Pillow numpy` if those packages are missing — that silently downloads code from PyPI at runtime. If you prefer tighter control, pre-install trusted versions of those packages or run the script in an isolated environment. (2) The claim "forensically untraceable" is a strong assertion — if you have legal or high-risk needs (evidence handling, law enforcement, sensitive surveillance), validate the results with independent forensic tools; this script may not satisfy chain-of-custody or adversarial forensic analysis. (3) There is no network exfiltration in the code, no credentials requested, and no system-wide changes. If you decide to use it, run it on non-sensitive test images first and consider sandboxing (container/VM) while you confirm behavior.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

☢️ Clawdis
Binspython3
latestvk970z89925by84r0x3mznx4h2x82hzxa
282downloads
0stars
1versions
Updated 7h ago
v1.0.0
MIT-0
Cassh@cassh100k
latest
Download

Image Nuke - Nuclear Metadata Cleanser

Strip everything. Re-encode. Inject noise. Forensically untraceable.

What Gets Destroyed

  • ALL EXIF data (camera, lens, exposure, timestamps, software)
  • GPS / location coordinates
  • ICC color profiles
  • XMP / IPTC metadata
  • Adobe tags and editing history
  • Embedded thumbnails

Nuclear Operations

  • Sub-pixel Gaussian noise injection (invisible to human eye)
  • Micro color shift (undetectable hue rotation)
  • Per-pixel brightness variation
  • Random micro-crop (changes dimensions by 1-3px)
  • Fresh JPEG re-encoding with randomized quality/subsampling
  • Different perceptual hash (reverse image search resistant)

Usage

# Single image - nuclear mode
python3 {baseDir}/scripts/nuke_image.py photo.jpg

# Custom output + max noise
python3 {baseDir}/scripts/nuke_image.py photo.jpg clean.jpg --noise 5

# Batch process entire directory
python3 {baseDir}/scripts/nuke_image.py --batch ./photos/ ./clean/

# Lower quality for harder reverse matching
python3 {baseDir}/scripts/nuke_image.py photo.jpg --quality 80 --noise 4

Noise Levels

LevelSigmaUse Case
10.8Light cleanse - metadata only feel
21.6Standard - good balance
32.4Default - recommended
43.2Heavy - reverse search resistant
54.0Nuclear - maximum anonymization

Requirements

  • Python 3
  • Pillow (pip install Pillow)
  • NumPy (pip install numpy)

Notes

  • Output is always JPEG (even if input is PNG)
  • Original file is never modified
  • Each run produces a unique output (randomized noise)

Comments

Loading comments...