The Agent Skills Directory

[SAFE]: No malicious behavior, obfuscation, or unauthorized network activity was detected. The skill's operations are confined to the local filesystem and serve its stated purpose of managing code tweaks.
[INDIRECT_PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes content from potentially untrusted HTML files and YAML configurations. However, it mitigates this by validating keys and values against a schema before performing edits. Ingestion points: pending.yaml, state.yaml, and target HTML files. Boundary markers: Absent. Capability inventory: Read, Write, Edit, and restricted Bash (ls, cat, mkdir, date, mv) tools. Sanitization: Strict validation of keys and data types against a schema block extracted from the HTML.

apply-tweaks