Privacy Mask
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill has a sensible privacy purpose, but it declares an automatic pre-send hook that runs a missing script and can modify Claude’s image cache in place.
Only install this if you are comfortable with a skill that may automatically process attached images before they are sent. Prefer disabling the automatic hook until the missing script is included and reviewed, and verify the external privacy-mask CLI source before using it on highly sensitive screenshots.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Images attached to prompts could be changed automatically before the conversation proceeds, which may hide important details or alter evidence unexpectedly.
This declares automatic processing and in-place modification of cached images at prompt submission time, without clear per-image confirmation, scope limits, or rollback guidance.
event: UserPromptSubmit ... Intercepts images in Claude's local image cache and applies privacy masking ... in-place before they are sent to the API.
Make the hook opt-in, show a dry-run/preview before masking, and avoid in-place modification unless the user explicitly requests it.
The most sensitive behavior—the automatic pre-send masking hook—depends on code that is not included in the reviewed artifacts, so users cannot verify what it does.
The supplied manifest contains only SKILL.md and no scripts directory, so the hook script that would run automatically is missing and cannot be reviewed.
command: scripts/mask-images.sh
Include the hook script in the skill package, remove the hook, or document a verifiable pinned source for the exact script that will run.
Users may rely on the offline/privacy claim for sensitive screenshots even though the reviewed artifacts do not include the executable implementation.
This is a strong privacy assurance, but the actual CLI implementation and the referenced hook script are not present in the supplied artifacts, so the claim is not independently verifiable from this review set.
All processing runs 100% locally and offline — no data leaves your machine.
Install only from a trusted source, review or pin the privacy-mask CLI package, and verify that the hook and CLI do not make network calls.