Implement Steganography Multi-Tool (SYNOPSES/beginner) — proposed as 3 phased PRs

[sntyuri]

Hi! I'd like to implement the Steganography Multi-Tool from SYNOPSES/beginner/Steganography.Multi.Tool.md. I confirmed it's not in PROJECTS/beginner/ and didn't find related open PRs.

Given the spec covers 6 different stego formats plus a unified CLI and AES wrapper, I'd like to propose splitting it into 3 sequential PRs rather than one massive submission. Easier to review, easier to course-correct if any design decision doesn't match your vision, and keeps each PR focused.
Proposed split:

PR 1 — Foundation: project scaffolding, unified CLI with subcommands, AES encryption wrapper, image LSB (PNG/BMP), zero-width Unicode text. Establishes the architecture that the other formats will plug into.

PR 2 — Audio + QR: WAV/FLAC sample LSB encoding, QR via Reed-Solomon error-correction exploitation.

PR 3 — PDF + Git commits: PDF whitespace/invisible-text/metadata techniques, git metadata encoding.

Each PR ships with tests and docs for its scope.

A few questions before I start:

Are you happy with this phased approach, or would you prefer a single PR? Any preference on dependencies (Pillow for images, cryptography for AES, qrcode + reedsolo, etc.) or should I keep it as minimal as possible? Looking at metadata-scrubber-tool and keylogger as references for code style and the learn/ docs structure — anything else I should look at to stay consistent?

Thanks!

[CarterPerez-dev]

Hi! I'd like to implement the Steganography Multi-Tool from SYNOPSES/beginner/Steganography.Multi.Tool.md. I confirmed it's not in PROJECTS/beginner/ and didn't find related open PRs.

Given the spec covers 6 different stego formats plus a unified CLI and AES wrapper, I'd like to propose splitting it into 3 sequential PRs rather than one massive submission. Easier to review, easier to course-correct if any design decision doesn't match your vision, and keeps each PR focused. Proposed split:

PR 1 — Foundation: project scaffolding, unified CLI with subcommands, AES encryption wrapper, image LSB (PNG/BMP), zero-width Unicode text. Establishes the architecture that the other formats will plug into.

PR 2 — Audio + QR: WAV/FLAC sample LSB encoding, QR via Reed-Solomon error-correction exploitation.

PR 3 — PDF + Git commits: PDF whitespace/invisible-text/metadata techniques, git metadata encoding.

Each PR ships with tests and docs for its scope.

A few questions before I start:

Are you happy with this phased approach, or would you prefer a single PR? Any preference on dependencies (Pillow for images, cryptography for AES, qrcode + reedsolo, etc.) or should I keep it as minimal as possible? Looking at metadata-scrubber-tool and keylogger as references for code style and the learn/ docs structure — anything else I should look at to stay consistent?

Thanks!

Hey, thanks for picking this up and for thinking it through before opening a PR, appreciate it.

A few things upfront so you've got room to do this your way:

On the synopsis — SYNOPSES/beginner/Steganography.Multi.Tool.md is a suggestion, not a spec. You don't have to follow it exactly. The only thing I really care about is that the scale/complexity is at least equivalent to what the synopsis implies. If you want to swap stacks entirely or different language, add a web frontend, whatever, go for it, as long as the end result isn't smaller in scope than what's described.

On the core idea — the one thing that should stay is the "multi" part. This is a steganography tool (not a detector), and it should cover at least 5 different stego formats/techniques, ideally 6. They all need to be solid implementations — I'd rather have 5 good ones than 6 where one is half-baked.

On the 3-PR split — fine by me. Each PR should ship with tests for what it adds — not exhaustive, just enough to confirm each technique actually round-trips correctly. Don't go overboard. You can save the lint pass for the end if that's easier.

On stack/tooling — pick whatever you want, but a few hard requirements per language:

• Python: ruff + mypy are required. pylint is optional but I'll probably run it during review, so I'd recommend it — you'll need to disable a lot of rules to make it sane; look at the pyproject.toml in any of my recent Python projects for what I ignore. Format with yapf, column limit around 90ish.
• Go: golangci-lint (+ gofmt/goimports).
• TypeScript: Biome for format + lint. (And yes — if you go JS, it has to be TypeScript, not plain JS.)
• Any language: a justfile for install / lint / test / run targets. I keep this consistent across the whole repo, so please get familiar with it. Think of it as a better Makefile.

On references — the two you picked aren't the best choices:

• keylogger/ was one the very first project in the repo. It works and is good code/structure, but a lot has improved since then.
• metadata-scrubber-tool/ was an external contribution — useful as a "another contributor did this" example but not really written in my style.

Better references for senior-level Python style in this repo:

• PROJECTS/intermediate/dlp-scanner/ — most recent intermediate Python project, closest in scale/feel to what you're proposing
• PROJECTS/beginner/base64-tool/ and PROJECTS/beginner/caesar-cipher/
• PROJECTS/foundations/password-manager/ — technically foundations, but it's the most complex one in that tier and pretty close to intermediate in style

Look at those for code structure, pyproject.toml, justfile, and overall layout.

On the learn/ folder and README — I write/standardize those across every project to keep them consistent, so don't sweat matching the exact format. If you take a shot at them, great, but if not I'll handle them after merge. Same for install.sh and any other dev-tooling polish — I can clean up around you, the main thing is the code itself.

On AI usage — I'm going to be direct because it's relevant to how I'll review:

Using AI to write code is totally fine even heavily, if anything I recommend it. What I push back on is unsupervised AI work (the "let it rip and come back when it says it's done" approach). The distinction matters: you're the project manager, the AI is the dev. You make the big calls, you micromanage the scope, and you verify the output.

A few things that meaningfully raise the quality bar when working with AI on a project this size:

1. Amplify the model with research before it codes. AI training data is not omniscient — it's training data. Spend time gathering up-to-date info on the libraries you'll use, senior-level patterns specific to this stack and this domain, advanced/nuanced techniques in steganography itself, recent changes in the ecosystem etc etc etc. Feed that to the model before it writes anything. The gap between "AI that knows generic and even good Python" and "AI that's been primed with senior/advanced patterns + current best practices in stego + the specific libraries you chose" is enormous.

2. The project scope is bigger than any single context window. You will burn through multiple AI sessions before this is done. The seams between those sessions — what gets carried forward, what gets re-established, what assumptions silently drift are exactly where quality usually dies. Most of the time the drift is subtle and you don't catch it until the project is "finished" and inconsistent. Plan for those handoffs deliberately.

3. Senior dev with AI ≠ junior dev with AI. The same model produces wildly different output depending on who's driving. I can spot low-effort AI output quickly, and I review strictly because AI can be above excellent when used well, which now means the floor for what counts as "good enough" is much higher, not lower.

None of this is gatekeeping or meant to scare you off, but fair warning: there are ~70 projects in this repo and the bar I'm holding them all to is "role-model code people study," not "good enough and it works," so expect strict review feedback even when the work is solid.

Go ahead and start on PR 1 whenever you're ready. Ping me if anything's unclear as you go.

[yatinsayania]

Proposed Implementation Plan: STEGANOGRAPHY Multi-Tool

Hello,

I have reviewed the project documentation for the STEGANOGRAPHY Multi-Tool described in SYNOPSES/beginner/Steganography.Multi.Tool.md. I also confirmed that the project does not currently exist under PROJECTS/beginner/ and that there are no open pull requests related to this implementation.

To keep development organized and maintainable, I propose implementing the project in three sequential pull requests rather than a single large contribution. This approach provides several advantages:

• Easier and faster code review
• Greater flexibility to adjust direction based on feedback
• Clear, focused scope for each development phase
• Reduced risk when introducing new functionality

Project Scope

The tool will provide a unified CLI interface and support the following steganography techniques:

• PNG/BMP image steganography (LSB-based)
• Zero-width Unicode text encoding
• WAV/FLAC audio steganography
• QR code steganography with Reed-Solomon error correction
• PDF metadata-based techniques
• Git metadata encoding
• Optional AES encryption wrapper for payload protection

PR 1: Foundation and Core Architecture

Objectives:

• Project scaffolding and package structure
• Unified CLI implementation
• AES encryption/decryption wrapper
• PNG/BMP image LSB encoding and decoding
• Zero-width Unicode text encoding and decoding
• Core architecture, interfaces, and extensibility patterns

PR 2: Audio and QR Support

Objectives:

• WAV/FLAC audio steganography implementation
• QR code generation and extraction workflows
• Reed-Solomon error-correction integration
• Associated tests and user documentation

PR 3: PDF and Git Metadata Techniques

Objectives:

• PDF metadata-based steganography features
• Git metadata encoding and decoding mechanisms
• Final integration, testing, and documentation updates

Each pull request will include appropriate unit tests, integration tests where applicable, and documentation updates to ensure maintainability and ease of adoption.

Feedback Requested

1. Are you aligned with this phased implementation approach, or would you prefer the entire project delivered as a single pull request?
2. Do you have preferred dependencies (for example, Pillow, cryptography, qrcode, reedsolo), or should I prioritize keeping external dependencies to a minimum?
3. Are there additional projects, such as metadata-scrubber-tool, keylogger, or others, that I should review to maintain consistency in coding style, architecture, and documentation structure?

I am happy to adapt the plan, scope, or technology choices based on project requirements and maintainer feedback. My goal is to ensure the implementation aligns with the repository’s standards while keeping the review and integration process as smooth as possible.

Thank you, and I look forward to your feedback.

[yatinsayania]

Proposed Implementation Plan: STEGANOGRAPHY Multi-Tool

Hello,

I have reviewed the project documentation for the STEGANOGRAPHY Multi-Tool described in SYNOPSES/beginner/Steganography.Multi.Tool.md. I also confirmed that the project does not currently exist under PROJECTS/beginner/ and that there are no open pull requests related to this implementation.

To keep development organized and maintainable, I propose implementing the project in three sequential pull requests rather than a single large contribution. This approach provides several advantages:

• Easier and faster code review
• Greater flexibility to adjust direction based on feedback
• Clear, focused scope for each development phase
• Reduced risk when introducing new functionality

Project Scope

The tool will provide a unified CLI interface and support the following steganography techniques:

• PNG/BMP image steganography (LSB-based)
• Zero-width Unicode text encoding
• WAV/FLAC audio steganography
• QR code steganography with Reed-Solomon error correction
• PDF metadata-based techniques
• Git metadata encoding
• Optional AES encryption wrapper for payload protection

PR 1: Foundation and Core Architecture

Objectives:

• Project scaffolding and package structure
• Unified CLI implementation
• AES encryption/decryption wrapper
• PNG/BMP image LSB encoding and decoding
• Zero-width Unicode text encoding and decoding
• Core architecture, interfaces, and extensibility patterns

PR 2: Audio and QR Support

Objectives:

• WAV/FLAC audio steganography implementation
• QR code generation and extraction workflows
• Reed-Solomon error-correction integration
• Associated tests and user documentation

PR 3: PDF and Git Metadata Techniques

Objectives:

• PDF metadata-based steganography features
• Git metadata encoding and decoding mechanisms
• Final integration, testing, and documentation updates

Each pull request will include appropriate unit tests, integration tests where applicable, and documentation updates to ensure maintainability and ease of adoption.

Feedback Requested

1. Are you aligned with this phased implementation approach, or would you prefer the entire project delivered as a single pull request?
2. Do you have preferred dependencies (for example, Pillow, cryptography, qrcode, reedsolo), or should I prioritize keeping external dependencies to a minimum?
3. Are there additional projects, such as metadata-scrubber-tool, keylogger, or others, that I should review to maintain consistency in coding style, architecture, and documentation structure?

I am happy to adapt the plan, scope, or technology choices based on project requirements and maintainer feedback. My goal is to ensure the implementation aligns with the repository’s standards while keeping the review and integration process as smooth as possible.

Thank you, and I look forward to your feedback.

[sntyuri]

Broo im already doing this project

[CarterPerez-dev]

Brother😂

Did you just rewrite what the original guy proposed initially? Of which I also replied to him answering the questions he asked....the same ones you did.

Dude are you brain dead or something? I mean that genuinely.

—C
sent from a device