ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Humanize Image

v1.0.0

Detect and remove AI fingerprints from AI-generated images. Strip metadata, add film grain, recompress, and bypass AI image detectors. Works with Midjourney,...

0· 479·0 current·0 all-time
bySway Liu@swaylq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (remove AI fingerprints) match the included scripts and README. Required tools (ImageMagick, ExifTool, Python/Pillow/NumPy) and the implemented pipeline (metadata strip, noise/grain, color/blur/sharpen, resize, JPEG recompress) are appropriate and expected for the declared functionality.
Instruction Scope
SKILL.md and the scripts restrict actions to local image processing (file reads/writes, temporary files, running exiftool/magick). There are no network calls or hidden endpoints in the provided code. Note: the instructions explicitly describe bypassing AI detectors — this is coherent with the tool but is an explicit bypass capability with ethical/legal implications.
Install Mechanism
No remote download/extract install is included; the skill is instruction/code-only and relies on standard system packages and Python libs and provides a dependency checker and package manager install hints. No suspicious external URLs or shorteners are used in install steps.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The code accesses only local files provided by the user and temporary directories (/tmp). No secret access or unrelated service tokens are requested.
Persistence & Privilege
The skill is not always-enabled, does not require persistent system-wide changes, and modifies only its own temporary files and outputs. It does not alter other skills or agent-wide config.
Assessment
Technically coherent: the code implements exactly what the skill claims (local metadata removal and image transforms using ImageMagick/ExifTool/Pillow). Before installing or running it, consider these points: - Legal & policy: removing watermarks or metadata to evade detection can violate platform Terms of Service or local laws; the README includes warnings but you remain responsible for compliance. - Dual-use risk: this is a bypass tool — avoid using it for fraud, impersonation, or other unauthorized activities. - Review & sandbox: inspect the included scripts yourself (they are small and readable) and run them in an isolated environment (VM/container) before processing sensitive images. - ImageMagick policy advice: README suggests editing policy.xml in some cases — modifying system policy files can have system-wide effects; prefer non-invasive workarounds. - Data of provenance: the tool strips provenance/metadata (EXIF/C2PA); if you need to retain ownership or audit trails, back up originals first. If you want stronger assurance, ask for a full line-by-line review of scripts/deai.py and deai.sh (I can summarize any specific functions or point out risky system calls), or test processing on non-sensitive sample images and verify outputs with the detectors you care about.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bkc8bww0y7rxpz9vj0rk5jx81p6s6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments