Stego Text — Steganographic Message Encoding for AI Agents
v1.0.1Encode and decode hidden messages within natural-looking text using steganographic techniques. Use when asked to hide a message in text, encode a secret mess...
⭐ 0· 94·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, and all included documentation (SKILL.md and reference files) describe only text-based steganographic encoding/decoding methods; there are no unrelated env vars, binaries, or install steps requested. The requested surface (instruction-only, no credentials) is proportionate for the stated purpose.
Instruction Scope
The SKILL.md and deep-dive references strictly describe how to encode and decode hidden messages in natural text and verification practices — they do not instruct reading system files, accessing credentials, or network exfiltration. However, the techniques defined (especially multi-channel and resonance methods) are explicitly capable of hiding arbitrary plaintext in ordinary outputs, which could be misused to conceal sensitive data in agent responses. This is a behavioral risk (misuse), not an inconsistency with the skill's stated purpose.
Install Mechanism
No install spec and no code files that would be written to disk; instruction-only skills have minimal install risk. The provided files are documentation only.
Credentials
The skill declares no required environment variables, credentials, or config paths. Nothing in the instructions attempts to read undeclared env vars or system configuration.
Persistence & Privilege
always is false and autonomous invocation is the platform default. The skill does not request persistent presence or elevated privileges, nor does it instruct modifying other skills or system-wide settings.
Assessment
This skill is coherent for its stated purpose: it teaches multiple ways to hide and recover messages in ordinary text and requires no extra permissions. Before installing, consider these practical cautions: (1) the encoding methods can be repurposed to hide sensitive information in otherwise-normal outputs, so avoid enabling the skill for agents that handle secrets or private data; (2) if you allow autonomous invocation, monitor outputs for hidden channels (acrostics, unusual word choices, sentence-length patterns) because the skill makes it easy to embed exfiltration channels; (3) test the skill in a safe sandbox with non-sensitive data to verify decode/verification steps work as expected; and (4) if you need to limit risk, disallow autonomous invocation for this skill or require human approval before it runs. If you'd like, I can suggest guardrails or detection checks you can apply to agent outputs to detect common steganographic patterns described here.Like a lobster shell, security has layers — review code before you run it.
latestvk9780a0vpy8t51v414eat1hbnd841fkg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.