Your artwork stays on this device.
The browser decodes, crops and re-encodes your selected image locally. ZIP generation also happens in the browser. CodexSkin does not need an image upload endpoint or account to create the package.
Follow the data from image to installer.
- Choose an imageYour browser reads a local PNG, JPEG or WebP. The file is not posted to an image-processing API.
- Prepare the backgroundCanvas crops, positions and re-encodes the artwork as a 2560 × 1440 JPEG on this device.
- Load the pinned templateThe browser downloads the published macOS or Windows installer template from CodexSkin storage.
- Build and download the ZIPYour background and settings are inserted locally. The browser calculates a SHA-256 hash for the finished archive.
Installer boundary
The generated ZIP contains local code.
A generated package includes your processed artwork, theme settings, the pinned open-source Dream Skin engine and visible installation and recovery entries. It is not an inert image archive. Review the upstream source and build record before running it.
The current templates use upstream version 1.2.0 at commit 5fd8af532efbaa87d2d0092297fd2d45cd56574e. Every generated ZIP displays its own SHA-256 checksum in Studio.
| Package part | Purpose | Runs code? |
|---|---|---|
| Prepared background | Your locally processed 2560 × 1440 artwork | No |
| Theme configuration | Name, focal position, veil, blur, safe area and accent settings | No |
| Dream Skin engine | Applies the visual layer to the running Codex renderer | Yes |
| Install / Start entries | Install the pinned engine and launch the themed session | Yes |
| Verify / Restore entries | Inspect the installation or return to normal Codex | Yes |
GENERATED.txt | Records the generator, upstream version and source commit | No |
Know what this design protects—and what it does not.
Designed to protect
- Your selected artwork from image-upload processing.
- The official Codex bundle,
app.asarand code signature from patching. - A clear route back to the normal Codex appearance.
- Traceability to a pinned engine version and source commit.
Not a security guarantee
- Executable installer code still requires your trust and review.
- Same-user local processes may reach CDP while it is active.
- A future Codex or engine update can change compatibility.
- Local generation does not make untrusted artwork or software safe.
Loopback CDP is local, but still powerful.
The engine launches the Codex renderer with Chromium DevTools Protocol bound to 127.0.0.1. This prevents access from the wider network, but CDP has no same-user authentication. Another untrusted process running on your computer could potentially reach the endpoint while the themed session is active.
- Do not run unknown local applications while a themed session is active.
- Use Restore before inspecting untrusted projects or tools.
- Keep Codex and the open-source engine current.
- Do not expose the debugging port to another network interface.
Official Codex files stay untouched.
The documented macOS and Windows flows do not replace the official application bundle, patch app.asar, write into WindowsApps or alter the official code signature. They launch a separate themed session and keep custom files in user storage.
Practice Restore once after installation.
The generated package creates a Restore launcher. It stops the saved CDP session and reopens Codex normally. Test this path while everything is working so it is familiar after a Codex update or theme issue.
Open the Restore instructionsSupply chain
Verify the exact version you run.
First compare the template records below. After Studio creates your personalized ZIP, save the SHA-256 shown on screen and compare it with a fresh local hash before running the installer.
shasum -a 256 your-skin-macos-installable.zip(Get-FileHash .\your-skin-windows-installable.zip -Algorithm SHA256).HashFound a security issue or a mismatch in these records? Open an upstream issue without including private artwork, credentials or sensitive logs.
Common Codex skin safety questions
Is a Codex skin safe to install?
CodexSkin keeps image processing local, pins the open-source Dream Skin engine, records its source commit and includes Restore. The installer and engine still run local code, so review the source and avoid untrusted local software while CDP is active.
Does CodexSkin modify app.asar or the official app?
No. The documented Mac and Windows flows do not patch app.asar, the official app bundle, WindowsApps files or the official code signature.
Why does a Codex skin use CDP?
The Dream Skin engine uses Chromium DevTools Protocol to apply visual styling to the running Codex interface. It binds to 127.0.0.1, but another process running as the same user could still reach that local debugging endpoint.
How do I return to the original Codex appearance?
Use the Restore launcher included in the generated Mac or Windows package. It stops the saved themed session and opens Codex normally.
Does a Codex skin receive my API keys or model settings?
The documented CodexSkin flow does not read or change API keys, provider settings or model configuration. It prepares visual assets and launches a separate themed Codex session.
Is a locally generated ZIP automatically trustworthy?
No. Local generation protects the privacy of your artwork, but the installer template and bundled engine still contain executable code. Verify the published build record and checksums, and review the pinned source before running it.
