Moderation providers

Moderation providers check uploaded avatar images for inappropriate content. It’s optional, and without a moderation provider, every avatar gets accepted.

Configuration#

avatarsModeration:
  provider:
    name: moderation/openai
    options:
      apiKey: sk-...
  allowOnInternalError: true

Field	Type	Default	Description
`avatarsModeration.provider`	`object`	-	Moderation provider configuration
`avatarsModeration.allowOnInternalError`	`boolean`	`true`	Whether to allow avatar uploads when the moderation API fails

Tip

Setting allowOnInternalError to true (the default) means a temporary OpenAI API outage doesn’t block avatar uploads. Set it to false if you need strict moderation.

Providers#

moderation/openai#

Uses OpenAI’s moderation API to check avatar images for policy violations.

avatarsModeration:
  provider:
    name: moderation/openai
    options:
      apiKey: sk-...
      model: omni-moderation-latest # Optional

Option	Environment Variable	Default	Description
`apiKey`	`RCTF_MODERATION_OPENAI_API_KEY` or `OPENAI_API_KEY`	-	OpenAI API key
`model`	`RCTF_MODERATION_OPENAI_MODEL`	`omni-moderation-latest`	OpenAI moderation model

The provider sends the avatar image (resized to 256x256 WebP) to the OpenAI moderation endpoint. If the image gets flagged as inappropriate, the upload is rejected with an error.

Moderation pipeline#

When a user uploads an avatar, the pipeline runs in this order:

Check the image against maxAvatarSize (default 1 MB).
Resize to 256x256 pixels and convert to WebP.
If a moderation provider is configured, run the image through it.
If approved (or no provider configured), hand the image to the upload provider.
Delete the previous avatar, if any.