STEG — Steganographic Data Channel

What It Does

STEG embeds secret data into the least significant bits of image pixels — invisible to the human eye, extractable by anyone with the tool. Payloads are compressed and optionally encrypted with AES-256-GCM.

zlib Compress

→

AES-256 Encrypt

→

LSB Encode into pixels

→

PNG output

Install

Dependencies pip3 install Pillow pycryptodome

Clone + Link

git clone https://github.com/ExpertVagabond/steg-tool.git

chmod +x steg-tool/steg

ln -s "$(pwd)/steg-tool/steg" /usr/local/bin/steg

Usage

# Hide a message
steg hide photo.jpg "This is a secret" -p mypassword

# Reveal it
steg reveal photo_steg.png -p mypassword

# Hide a file
steg hide-file photo.jpg wallet-backup.json -p strongpass -o innocent.png

# Extract it
steg reveal-file innocent.png -p strongpass

# Check capacity
steg capacity photo.jpg

Commands

Command	Description
steg hide	Hide text message in an image
steg reveal	Extract hidden text from an image
steg hide-file	Hide any file inside an image
steg reveal-file	Extract a hidden file
steg capacity	Show how much data an image can hold

How It Works

STEG internals — encoding pipeline and LSB embedding — Encoding pipeline: data → compress → encrypt → LSB embed into pixel channels

LSB Encoding

Each pixel has 4 channels (R, G, B, A), each stored as 8 bits. The last bit of each channel is replaced with one bit of your data. Changing a value by ±1 out of 256 is invisible.

Original:  R: 10110100  G: 11001010  B: 01110110  A: 11111111
Data bits:          1            0            1            1
Modified:  R: 10110101  G: 11001010  B: 01110111  A: 11111111

Encryption

With -p password, the payload is encrypted using AES-256-GCM with a PBKDF2-derived key (100,000 iterations). Wrong passwords fail with an authentication error — no partial data leaks.

Capacity

Image Size	Capacity	With Compression
200 × 200	~19 KB	~60-100 KB text
1000 × 1000	~488 KB	~1-3 MB text
4000 × 3000	~5.8 MB	~15-40 MB text

Agent Swarm Integration

STEG is designed as a covert data channel for AI agent swarms. Agents embed structured JSON in images shared through social platforms, workflow checkpoints, or direct transfer.

Agent signal flow — Token Strategist embeds signal, Coldstar decodes — Example: Token Strategist embeds a trade signal in a chart image posted to Moltbook. Coldstar decodes it.

Agent Protocol Envelope

{
  "steg_version": 1,
  "from": "token-strategist",
  "to": "*",
  "timestamp": "2026-03-11T12:00:00Z",
  "type": "signal",
  "payload": {
    "token": "SOL",
    "action": "buy",
    "confidence": 0.87
  }
}

checkpoint

Workflow state handoff between agents. Antfarm pipeline steps embed their output in screenshots.

signal

Actionable instructions — trade signals, signing requests, coordination commands.

payload

Raw data transfer — JSON configs, credentials, keys. Encrypted with per-agent passwords.

watermark

Content provenance — embed author ID, license terms, timestamps in generated images.

STEG + OpenClaw architecture diagram — Full architecture: OpenClaw swarm agents → steg skill → encoding pipeline → distribution channels

MCP Server

Also available as a Claude Code MCP server for direct tool integration.

MCP Tool	Description
steg_hide_message	Hide text in an image
steg_reveal_message	Extract hidden text
steg_hide_file	Hide a file in an image
steg_reveal_file	Extract a hidden file
steg_capacity	Check image capacity

Constraints

PNG Only

Output must be PNG. JPEG compression destroys LSB data. Any input format is fine — output is always lossless PNG.

Platform Limits

Twitter/Instagram re-encode to JPEG. Use Telegram (send as file), email, AirDrop, or Signal (original quality).

Not Steganalysis-Proof

LSB encoding is detectable via chi-square analysis. The encryption makes the data unreadable, but the presence of hidden data can be flagged.

Easter egg: The hero image on this page contains a hidden message. Download it and run steg reveal steg-hero-steg.png to find it.