Post Content Moderation

Overview

Apply a strict moderation workflow to the full post package, not just plain text. Default goal: review title, body content, images, and videos together, then reject content that contains advertising intent or contact information unless the match falls inside an explicit whitelist or a user-provided custom rule.

Skill maintenance note

If this skill is published to ClawHub, keep the local version in the sibling VERSION file in sync with the published version.

Recommended release flow:

1. 1. update skill content
2. bump INLINECODE1
3. publish with the same version number
4. keep VERSION as the last published version after success

Recommended publish command template:

CODEBLOCK0

Security and capability notice

Before using this skill in production, treat it as a networked moderation integration, not a purely local rules engine.

Important boundaries:

• - bundled PHP scripts can send moderation payloads to external APIs
• bundled PHP scripts can pull pending content from a remote API and callback results to a remote API
• any post text, comment text, whitelist, custom rules, image URLs, or video URLs included in the payload may leave the local environment
• the bundled media inspector in scripts/moderation_support.php is currently a placeholder and does not perform real image OCR, QR decoding, frame extraction, speech recognition, or video inspection by itself
• if you claim image/video moderation in production, implement and verify real media preprocessing first

Recommended safety baseline:

• - use environment variables for all secrets
• use narrowly scoped allowlisted API hosts only
• keep timeout and fail-close policy explicit
• add dry-run testing before enabling callback writes
• do not send unnecessary user data to external models
• document to operators that media URLs may be exposed to third-party services if passed through
• avoid presenting the bundled PHP scripts as a full local media-audit engine

Quick operating modes

Choose one mode before moderating:

1. Strict full-auto mode

Use when the business requires no human intervention.

Rule:

• - clear violation -> INLINECODE4
• clear clean content -> INLINECODE5
• ambiguous but risky -> INLINECODE6
• media unreadable / model output invalid / upstream failed -> INLINECODE7

2. Balanced mode

Use when manual review is available.

Rule:

• - clear violation -> INLINECODE8
• clear clean content -> INLINECODE9
• ambiguous or partially unreadable -> INLINECODE10

Moderation scope

Always review every available part of a post:

• - 标题
• 正文
• 图片
• 视频
• 图片或视频内可见文字
• 配文、字幕、贴纸文字、水印、角标、二维码、头像/昵称引流信息

Do not approve a post only because the body text is clean. If any one component violates policy, the whole post should normally be marked 拒绝 or 需人工复核.

Field-specific rules

标题规则

Reject or review titles that contain:

• - direct promotion, recruitment, rebate, agency, commission, guaranteed results
• diversion language such as "私聊", "加我", "主页联系", "扫码了解"
• visible contact IDs, domain names, or disguised contact phrases
• exaggerated ad-style hooks whose main purpose is conversion rather than discussion

正文规则

Reject or review body text that contains:

• - product/service promotion with obvious conversion intent
• calls to contact off-platform or move to private chat
• direct or disguised联系方式
• repeated promotional copy, pricing slogans, or enrollment / agency / lead-generation language

图片规则

Reject or review images that contain:

• - QR codes, mini-program codes, payment codes, group invite codes
• contact cards, business cards, chat screenshots, profile screenshots
• watermarks with account IDs, brands plus CTA, or sales copy
• posters with price, discount, recruitment, or diversion wording
• corner text, decorative background text, or hidden overlaid text carrying contact or ad signals

视频规则

Reject or review videos that contain:

• - cover image text with promotion or contact details
• subtitles or spoken content that guide users off-platform
• opening cards, ending cards, or fixed watermarks with contact info
• flash frames showing QR codes, account IDs, phone numbers, or group invitations
• oral CTA such as "想了解私信我" / "主页联系" / "加V备注"

Default moderation policy

Treat the following as violations unless explicitly whitelisted:

1. Advertising / promotion

Block content that obviously promotes:

• - products, services, channels, groups, websites, apps, stores, or paid offers
• traffic diversion such as "加我", "私聊了解", "点击链接", "扫码进群", "代理/加盟/返利/推广"
• recruitment, lead collection, account selling, brushing orders, betting, gray-market promotion, or obvious marketing copy
• repeated brand exposure plus calls to action
• image or video overlays that guide users to off-platform contact or purchase

Common ad signals:

• - strong call-to-action language
• price, discount, rebate, agency, invitation, commission, guaranteed results
• external platform redirection
• excessive emoji / symbols used for promotion
• intentionally obfuscated promotional wording
• promotional subtitles, end cards, cover text, or watermark copy

2. Contact information

Block direct or disguised contact details, including:
- phone or mobile numbers
- WeChat / VX / V / vx / wx variants
- QQ numbers or QQ group numbers
- email addresses
- URLs, domains, short links, QR-code invitations expressed in text or shown in media
- WhatsApp, Line, Discord, Skype, social account IDs
- platform handles or IDs whose clear purpose is off-platform contact
- QR codes, payment codes, contact cards, business cards, profile screenshots, or group invitation screenshots

Also treat as violations when contact information is deliberately obfuscated, for example:

• - replacing digits with spaces, symbols, Chinese numerals, or homophones
• mixing letters and punctuation to bypass detection
• replacing keywords with variants such as v, vx, wx, 薇, 微, 卫星, 扣扣, 邮箱, INLINECODE21
• splitting numbers across spaces or punctuation
• using Chinese numerals, homophones, or mixed scripts to hide IDs
• "微❤", "薇", "卫星", "扣扣", "油箱", "点我头像", "看签名"
• showing contact text only in image corners, cover image, video ending card, or subtitle frames

Multi-modal review workflow

For each moderation task, follow this order:

1. 1. Review title.
2. Review body text.
3. Review each image for:

- visible text - QR codes - watermarks - contact cards / screenshots / profile clues - promotional posters or pricing posters

1. 4. Review each video for:

- spoken or subtitled contact info - cover image text - opening/ending cards - watermarks and persistent corner text - QR codes or account IDs shown in frames

1. 5. Merge findings across all components.
2. Check whitelist and custom rules.
3. Produce one final result: 通过, 拒绝, or 需人工复核.

Quick decision tree

Use this shortcut when speed matters:

• - any clear contact info in title/body/image/video -> INLINECODE25
• any clear ad/diversion language in title/body/image/video -> INLINECODE26
• whitelist clearly covers the matched content and scenario -> INLINECODE27
• model cannot inspect a required field:

- strict full-auto -> 拒绝 - balanced mode -> 需人工复核

• - no hit across all fields -> INLINECODE30

Cross-field judgment rule

Judge the post as a whole.

Examples:

• - title is normal but image contains a WeChat ID -> reject
• body is normal but video end card says "扫码领取" -> reject
• image shows a QR code but context is unclear and whitelist is absent -> manual review
• title/body mention a brand normally, but video repeatedly induces purchase or contact -> reject

Whitelist handling

Whitelist is an exception layer, not a blanket bypass.

Allow content when the whitelist clearly covers the matched item, for example:

• - allowed brand names
• allowed official accounts or official domains
• approved merchant names
• approved phrases that would otherwise look promotional
• internal business terms that resemble blocked words
• approved official QR codes or approved official service accounts in a narrowly defined scenario

Apply whitelist with these constraints:

• - whitelist only the exact item or exact scenario the user approved
• do not expand a narrow whitelist into a broad exemption
• if promotional intent still exists outside the whitelisted fragment, reject
• if the post contains extra contact details beyond the whitelist scope, reject or send to manual review
• if only one image/video asset is whitelisted, do not automatically whitelist all assets in the same post

If the user says "可以自己定义自己的规则", ask for or accept custom rules in plain language and merge them after the default policy.

Result priority

Use these priorities:

• - clear ad or contact evidence in any field -> INLINECODE31
• weak or ambiguous evidence, especially in image/video details -> INLINECODE32
• all fields clean, or only narrowly whitelisted content appears -> INLINECODE33

Standard output

Prefer this fixed output:

CODEBLOCK1

Risk level guidance

• - 高：明确广告、明确联系方式、明确二维码、明确引流
• INLINECODE35：存在明显嫌疑但证据不完整，或有混淆空间
• INLINECODE36：未命中风险，仅正常讨论或明确白名单放行

JSON output option

If the user requests structured output, use:

CODEBLOCK2

Rewrite behavior

When asked to revise a rejected post:

• - remove ad-like calls to action
• remove all contact information and diversion hints
• remove or replace violating images/videos when needed
• preserve the user's main legitimate meaning
• keep wording natural, not robotic
• do not silently keep risky borderline phrases
• if media itself is违规, state that the media asset must be removed or replaced

Custom rule intake

When the user provides extra moderation rules, normalize them into this structure before applying:

CODEBLOCK3

If custom rules are incomplete, still perform moderation with defaults and state which defaults were used.

Media-specific guidance

Images

Pay extra attention to:

• - posters, flyers, screenshots, chat records, contact cards
• QR codes, mini-program codes, payment codes
• watermarks with account IDs or brand recruitment copy
• text hidden in corners, borders, or background decorations

Videos

Pay extra attention to:

• - cover image text
• subtitles and speech transcription
• opening/ending cards
• repeated corner watermarks
• flash frames showing contact info
• spoken diversion like "私信我" or "主页联系"

If video cannot be fully inspected, do not guess. Return 需人工复核 and specify what could not be confirmed.

Examples

Example 1: reject because image contains contact info

Input:

CODEBLOCK4

Output:

CODEBLOCK5

Example 2: reject because video end card is promotional

Input:

CODEBLOCK6

Output:

CODEBLOCK7

Example 3: whitelist exception

Input rule:

CODEBLOCK8

Input content:

CODEBLOCK9

Output:

CODEBLOCK10

References

• - Read references/rule-template.md when converting user-provided business rules into a reusable moderation policy.
• Read references/install-and-usage.md when the user asks how to install, import, distribute, or operate this skill in a workspace.
• Read references/api-integration.md when the user wants pull APIs, callback APIs, comment moderation APIs, or a fully automatic no-human-review moderation workflow.
• Read references/api-spec.md when the user needs a backend-facing API contract with request fields, response fields, error codes, action enums, and implementation flow.
• Read references/prompt-templates.md when the user needs reusable moderation prompts, JSON-only response constraints, or full-auto conservative suffixes.
• Read references/php-example-notes.md and use scripts/php_xai_client_example.php when the user wants a PHP 7.3 integration example for x.ai moderation, callback handling, or comment moderation.
• Read references/php-demo-suite.md and use the bundled scripts when the user wants runnable PHP demos for pull, audit, callback, and comment-review flows.