tweek 0.2.1__py3-none-any.whl → 0.3.0__py3-none-any.whl

tweek/cli_helpers.py

@@ -32,7 +32,7 @@ def print_error(message: str, fix_hint: str = "") -> None:
     """Print an error message with red X and optional fix hint."""
     console.print(f"[red]\u2717[/red] {message}")
     if fix_hint:
-        console.print(f"  [dim]Hint: {fix_hint}[/dim]")
+        console.print(f"  [white]Hint: {fix_hint}[/white]")
 
 
 def print_health_banner(checks: "List") -> None:
@@ -51,7 +51,7 @@ def print_health_banner(checks: "List") -> None:
 
     panel = Panel(
         f"[bold {color}]{verdict_text}[/bold {color}]\n"
-        f"[dim]Run 'tweek doctor' for details[/dim]",
+        f"[white]Run 'tweek doctor' for details[/white]",
         border_style=color,
         padding=(0, 2),
     )
@@ -63,11 +63,11 @@ def format_command_example(command: str, description: str) -> str:
     Format a single command example line.
 
     Args:
-        command: The command string, e.g., "tweek install --scope global"
+        command: The command string, e.g., "tweek protect claude-code --scope global"
         description: Brief explanation of what it does.
 
     Returns:
-        Formatted string like "  tweek install --scope global    Install globally"
+        Formatted string like "  tweek protect claude-code --scope global    Install globally"
     """
     return f"  {command:<40s} {description}"
 
@@ -141,11 +141,11 @@ def print_doctor_results(checks: "List") -> None:
         CheckStatus.OK: ("[green]OK[/green]    ", "green"),
         CheckStatus.WARNING: ("[yellow]WARN[/yellow]  ", "yellow"),
         CheckStatus.ERROR: ("[red]ERROR[/red] ", "red"),
-        CheckStatus.SKIPPED: ("[dim]SKIP[/dim]  ", "dim"),
+        CheckStatus.SKIPPED: ("[white]SKIP[/white]  ", "white"),
     }
 
     for check in checks:
-        style_text, _ = status_styles.get(check.status, ("[dim]???[/dim]   ", "dim"))
+        style_text, _ = status_styles.get(check.status, ("[white]???[/white]   ", "white"))
         console.print(f"  {style_text}  {check.label:<22s} {check.message}")
 
     # Verdict

tweek/cli_model.py

@@ -90,7 +90,7 @@ def model_download(name: str, force: bool):
         console.print()
         console.print(f"[green]Model downloaded to {model_dir}[/green]")
         console.print(
-            f"[dim]Local screening is now active for risky/dangerous operations.[/dim]"
+            f"[white]Local screening is now active for risky/dangerous operations.[/white]"
         )
 
     except ModelDownloadError as e:
@@ -130,8 +130,8 @@ def model_list(available: bool):
                 defn.display_name,
                 f"~{defn.size_mb:.0f} MB",
                 defn.license,
-                "[green]yes[/green]" if installed else "[dim]no[/dim]",
-                "[green]yes[/green]" if active else "[dim]-[/dim]",
+                "[green]yes[/green]" if installed else "[white]no[/white]",
+                "[green]yes[/green]" if active else "[white]-[/white]",
             )
 
         console.print(table)
@@ -158,7 +158,7 @@ def model_list(available: bool):
                 name,
                 defn.display_name if defn else name,
                 size_str,
-                "[green]yes[/green]" if active else "[dim]-[/dim]",
+                "[green]yes[/green]" if active else "[white]-[/white]",
             )
 
         console.print(table)
@@ -221,10 +221,10 @@ def model_status():
             )
         else:
             fallback_lines.append(
-                "  Cloud LLM:    [dim]none (no API keys configured)[/dim]"
+                "  Cloud LLM:    [white]none (no API keys configured)[/white]"
             )
     except Exception:
-        fallback_lines.append("  Cloud LLM:    [dim]unavailable[/dim]")
+        fallback_lines.append("  Cloud LLM:    [white]unavailable[/white]")
 
     # Overall status
     if LOCAL_MODEL_AVAILABLE and installed:
@@ -232,7 +232,7 @@ def model_status():
     elif LOCAL_MODEL_AVAILABLE and not installed:
         status = "[yellow]Ready[/yellow] - Dependencies installed, model not downloaded"
     else:
-        status = "[dim]Inactive[/dim] - Install dependencies: pip install tweek[local-models]"
+        status = "[white]Inactive[/white] - Install dependencies: pip install tweek[local-models]"
 
     content = f"Status: {status}\n\n"
     content += "[bold]Dependencies[/bold]\n" + "\n".join(deps_lines) + "\n\n"

tweek/config/manager.py

@@ -173,7 +173,7 @@ class ConfigManager:
         "plugins", "mcp", "proxy", "sandbox", "isolation_chamber",
         "llm_review", "local_model", "rate_limiting", "session_analysis",
         "path_boundary", "non_english_handling", "version", "tiers",
-        "heuristic_scorer",
+        "heuristic_scorer", "openclaw",
     }
 
     def __init__(

tweek/diagnostics.py

@@ -3,7 +3,7 @@
 Tweek Diagnostics Engine
 
 Health check system for verifying Tweek installation, configuration,
-and runtime dependencies. Used by `tweek doctor` and the status banner.
+and runtime dependencies. Used by `tweek doctor` and the health banner.
 """
 
 import json
@@ -30,7 +30,7 @@ class HealthCheck:
     label: str          # Human label: "Hook Installation"
     status: CheckStatus
     message: str        # Description: "Global hooks installed at ~/.claude/"
-    fix_hint: str = ""  # Recovery: "Run: tweek install --scope global"
+    fix_hint: str = ""  # Recovery: "Run: tweek protect claude-code --global"
 
 
 def run_health_checks(verbose: bool = False) -> List[HealthCheck]:
@@ -168,7 +168,7 @@ def _check_hooks_installed(verbose: bool = False) -> HealthCheck:
             label="Hook Installation",
             status=CheckStatus.WARNING,
             message="Installed in project only (./.claude)",
-            fix_hint="Run: tweek install --scope global  (to protect all projects)",
+            fix_hint="Run: tweek protect claude-code --global  (to protect all projects)",
         )
     else:
         return HealthCheck(
@@ -176,7 +176,7 @@ def _check_hooks_installed(verbose: bool = False) -> HealthCheck:
             label="Hook Installation",
             status=CheckStatus.ERROR,
             message="No hooks installed",
-            fix_hint="Run: tweek install",
+            fix_hint="Run: tweek protect claude-code",
         )
 
 
@@ -597,18 +597,53 @@ def _check_llm_review(verbose: bool = False) -> HealthCheck:
             get_llm_reviewer,
             _detect_local_server,
             FallbackReviewProvider,
+            DEFAULT_API_KEY_ENVS,
         )
+        from tweek.security.local_model import LOCAL_MODEL_AVAILABLE
 
         reviewer = get_llm_reviewer()
 
         if not reviewer.enabled:
+            # Check which env vars are missing to give specific guidance
+            missing_keys = []
+            for provider, env_names in DEFAULT_API_KEY_ENVS.items():
+                if isinstance(env_names, list):
+                    if not any(os.environ.get(e) for e in env_names):
+                        missing_keys.append(f"{' or '.join(env_names)} ({provider})")
+                else:
+                    if not os.environ.get(env_names):
+                        missing_keys.append(f"{env_names} ({provider})")
+
+            hint_parts = [
+                "To enable cloud LLM review for uncertain classifications:",
+                "  Set one of: " + ", ".join(
+                    k.split(" (")[0] for k in missing_keys
+                ),
+            ]
+
+            if not LOCAL_MODEL_AVAILABLE:
+                hint_parts.append(
+                    "  Or install the local model: pip install 'tweek[local]'"
+                )
+            else:
+                hint_parts.append(
+                    "  Local ONNX model is available but could not initialize"
+                )
+
+            hint_parts.append(
+                "  Or install Ollama (https://ollama.ai) for local LLM review"
+            )
+            hint_parts.append(
+                "  See: docs/CONFIGURATION.md or ~/.tweek/config.yaml"
+            )
+
             return HealthCheck(
                 name="llm_review",
                 label="LLM Review",
                 status=CheckStatus.WARNING,
-                message="No LLM provider available (review disabled)",
-                fix_hint="Set ANTHROPIC_API_KEY, OPENAI_API_KEY, or GOOGLE_API_KEY. "
-                         "Or install Ollama: https://ollama.ai",
+                message="No LLM provider available — review disabled, "
+                        "pattern matching and heuristic scoring still active",
+                fix_hint="\n".join(hint_parts),
             )
 
         # Build status message
@@ -636,6 +671,23 @@ def _check_llm_review(verbose: bool = False) -> HealthCheck:
         except Exception:
             pass
 
+        # In verbose mode, report escalation path
+        if verbose:
+            if provider_name == "local":
+                # Check if cloud escalation is available
+                cloud_env_found = any(
+                    os.environ.get(e) if isinstance(e, str)
+                    else any(os.environ.get(v) for v in e)
+                    for e in DEFAULT_API_KEY_ENVS.values()
+                )
+                if cloud_env_found:
+                    parts.append("cloud escalation: available")
+                else:
+                    parts.append("cloud escalation: not configured")
+
+            if LOCAL_MODEL_AVAILABLE:
+                parts.append("local ONNX: available")
+
         return HealthCheck(
             name="llm_review",
             label="LLM Review",

tweek/hooks/pre_tool_use.py

@@ -925,10 +925,10 @@ def process_hook(input_data: dict, logger: SecurityLogger) -> dict:
                 }
             }
 
-        # Block AI from running tweek trust/untrust/uninstall — human-only commands
+        # Block AI from running tweek trust/untrust/uninstall/unprotect — human-only commands
         command_stripped = command.strip()
-        if re.match(r"tweek\s+(trust|untrust|uninstall)\b", command_stripped):
-            if "uninstall" in command_stripped:
+        if re.match(r"tweek\s+(trust|untrust|uninstall|unprotect)\b", command_stripped):
+            if "uninstall" in command_stripped or "unprotect" in command_stripped:
                 reason = (
                     "TWEEK SELF-PROTECTION: Uninstall must be done by a human.\n"
                     "Run this command directly in your terminal:\n"

tweek/mcp/approval_cli.py

@@ -39,7 +39,7 @@ def display_pending(queue: ApprovalQueue) -> int:
     pending = queue.get_pending()
 
     if not pending:
-        console.print("[dim]No pending approval requests.[/dim]")
+        console.print("[white]No pending approval requests.[/white]")
         return 0
 
     table = Table(title="Pending Approval Requests", show_lines=True)
@@ -112,7 +112,7 @@ def display_request_detail(request: ApprovalRequest):
     remaining = request.time_remaining
     if remaining > 0:
         lines.append("")
-        lines.append(f"[dim]Auto-deny in {int(remaining)}s[/dim]")
+        lines.append(f"[white]Auto-deny in {int(remaining)}s[/white]")
 
     panel = Panel(
         "\n".join(lines),
@@ -160,7 +160,7 @@ def run_approval_daemon(
                 # Prompt for decision
                 decision = _prompt_decision(console, req)
                 if decision == "quit":
-                    console.print("[dim]Exiting approval daemon.[/dim]")
+                    console.print("[white]Exiting approval daemon.[/white]")
                     return
                 elif decision == "skip":
                     continue
@@ -200,7 +200,7 @@ def run_approval_daemon(
             time.sleep(poll_interval)
 
     except KeyboardInterrupt:
-        console.print("\n[dim]Approval daemon stopped.[/dim]")
+        console.print("\n[white]Approval daemon stopped.[/white]")
 
     # Print summary
     stats = queue.get_stats()

tweek/sandbox/linux.py

@@ -237,13 +237,13 @@ def prompt_install_firejail(console) -> bool:
     pkg_info = get_linux_package_manager()
 
     if not pkg_info:
-        console.print("[dim]Could not detect package manager.[/dim]")
+        console.print("[white]Could not detect package manager.[/white]")
         console.print("Install firejail manually: https://firejail.wordpress.com/download-2/")
         return False
 
     manager, command = pkg_info
-    console.print(f"[dim]Detected package manager: {manager}[/dim]")
-    console.print(f"[dim]Command: {' '.join(command)}[/dim]\n")
+    console.print(f"[white]Detected package manager: {manager}[/white]")
+    console.print(f"[white]Command: {' '.join(command)}[/white]\n")
 
     if Confirm.ask("Install firejail for full sandbox protection?", default=False):
         try:
@@ -260,13 +260,13 @@ def prompt_install_firejail(console) -> bool:
 
         except subprocess.CalledProcessError as e:
             console.print(f"[red]Installation failed (exit code {e.returncode})[/red]")
-            console.print("[dim]Try running the install command manually with sudo[/dim]")
+            console.print("[white]Try running the install command manually with sudo[/white]")
             return False
         except KeyboardInterrupt:
             console.print("\n[yellow]Installation cancelled.[/yellow]")
             return False
     else:
-        console.print("[dim]Skipping firejail. Sandbox layer will be disabled.[/dim]")
+        console.print("[white]Skipping firejail. Sandbox layer will be disabled.[/white]")
         return False
 
 

tweek/skill_template/SKILL.md

@@ -28,7 +28,7 @@ The script returns JSON with these fields:
 | Field | Meaning |
 |-------|---------|
 | `status: "fully_operational"` | Tweek is installed and hooks are active. Proceed to help user with their question. |
-| `status: "installed_no_hooks"` | Tweek is installed but hooks are not registered. Tell user to run `tweek install`. |
+| `status: "installed_no_hooks"` | Tweek is installed but hooks are not registered. Tell user to run `tweek protect claude-code`. |
 | `status: "hooks_only"` | Hooks reference tweek but the package is missing. Tell user to reinstall. |
 | `status: "not_installed"` | Tweek is not present. Check `install_declined` before offering to install. |
 | `install_declined: true` | User previously declined installation. **Do not offer to install again** unless the user explicitly asks. |
@@ -142,7 +142,6 @@ Trust mode is auto-detected from the terminal environment. It can be overridden
 
 | Command | What It Does |
 |---------|-------------|
-| `tweek status` | Show installation status and active configuration |
 | `tweek doctor` | Health check — verify all layers are active |
 | `tweek doctor --verbose` | Detailed diagnostics with fix suggestions |
 | `tweek logs show` | View recent security events |
@@ -185,7 +184,7 @@ For the full configuration format and examples, see `overrides-reference.md` in
 | "Tweek isn't working" | Run `tweek doctor --verbose` and review the output. Common issues: hooks not registered, outdated patterns, missing dependencies. |
 | "How do I update patterns?" | Run `tweek update` to fetch the latest pattern definitions. |
 | "I want to pause tweek for this project" | Tell the user to run `tweek trust` in their terminal. This exempts the current project from screening. They can resume with `tweek untrust`. |
-| "I want to disable tweek entirely" | Tell the user to run `tweek uninstall` to remove hooks. Run `tweek install` to re-enable later. |
+| "I want to disable tweek entirely" | Tell the user to run `tweek unprotect claude-code` to remove hooks. Run `tweek protect claude-code` to re-enable later. |
 | "What has tweek blocked recently?" | Run `tweek logs show` to see recent security events with details. |
 
 ---

tweek/skill_template/cli-reference.md

@@ -6,12 +6,21 @@ Complete command reference for the `tweek` command-line tool.
 
 ## Installation & Setup
 
-### `tweek install`
+### `tweek protect`
 
-Install Tweek hooks into the AI assistant's configuration.
+Set up Tweek protection for AI tools. With no arguments, launches an interactive wizard.
 
 ```
-tweek install [OPTIONS]
+tweek protect                          # Interactive wizard — detects and protects all tools
+tweek protect --status                 # Show protection status for all tools
+```
+
+### `tweek protect claude-code`
+
+Install Tweek hooks into Claude Code (replaces the former `tweek install` command).
+
+```
+tweek protect claude-code [OPTIONS]
 ```
 
 | Option | Description |
@@ -25,15 +34,29 @@ tweek install [OPTIONS]
 | `--skip-env-scan` | Skip scanning for credential files to migrate |
 | `--backup / --no-backup` | Backup existing hooks before installation (default: backup) |
 
-### `tweek uninstall`
+### `tweek protect claude-desktop`
+
+Install Tweek as MCP server for Claude Desktop.
+
+### `tweek protect chatgpt`
+
+Install Tweek as MCP server for ChatGPT Desktop.
 
-Remove Tweek hooks from configuration.
+### `tweek protect gemini`
+
+Install Tweek as MCP server for Gemini CLI.
+
+### `tweek unprotect`
+
+Remove Tweek protection from an AI tool (replaces the former `tweek uninstall` command).
 
 ```
-tweek uninstall [--global] [--confirm]
+tweek unprotect <tool> [--confirm]
+tweek unprotect --all [--confirm]
 ```
 
-By default removes from `./.claude/` (current project). Use `--global` to remove from `~/.claude/`.
+By default removes from `./.claude/` (current project). Use `--global` to remove from `~/.claude/` (for claude-code).
+Use `--all` to remove Tweek from all tools at once.
 
 ---
 
@@ -82,14 +105,6 @@ tweek untrust /path/to/project        # Untrust specific directory
 
 ## Diagnostics
 
-### `tweek status`
-
-Show installation status and active configuration.
-
-```
-tweek status
-```
-
 ### `tweek doctor`
 
 Run health checks on all screening layers.
@@ -313,12 +328,12 @@ tweek plugins search QUERY
 
 ## Proxy (API Interception)
 
-### `tweek protect`
+### `tweek protect openclaw`
 
-Set up protection for an AI gateway.
+Set up proxy protection for OpenClaw.
 
 ```
-tweek protect [openclaw|claude]
+tweek protect openclaw
 ```
 
 ### `tweek proxy start / stop`

tweek/skill_template/scripts/check_installed.py

@@ -144,18 +144,18 @@ def check_installation():
         result["status"] = "fully_operational"
     elif result["tweek_in_path"] and not result["hooks_registered"]:
         result["status"] = "installed_no_hooks"
-        result["install_command"] = "tweek install"
+        result["install_command"] = "tweek protect claude-code"
     elif not result["tweek_in_path"] and result["hooks_registered"]:
         result["status"] = "hooks_only"
         result["install_command"] = "pip install tweek"
     else:
         result["status"] = "not_installed"
         if result["pipx_available"]:
-            result["install_command"] = "pipx install tweek && tweek install"
+            result["install_command"] = "pipx install tweek && tweek protect claude-code"
         elif result["pip_available"]:
-            result["install_command"] = "pip install tweek && tweek install"
+            result["install_command"] = "pip install tweek && tweek protect claude-code"
         else:
-            result["install_command"] = "python3 -m pip install tweek && tweek install"
+            result["install_command"] = "python3 -m pip install tweek && tweek protect claude-code"
 
     return result
 

{tweek-0.2.1.dist-info → tweek-0.3.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: tweek
-Version: 0.2.1
+Version: 0.3.0
 Summary: Defense-in-depth security for AI coding assistants - protect credentials, code, and system from prompt injection attacks
 Author: Tommy Mancino
 License-Expression: Apache-2.0
@@ -21,7 +21,9 @@ Classifier: Topic :: Software Development :: Quality Assurance
 Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
+License-File: NOTICE
 Requires-Dist: click>=8.0
+Requires-Dist: pydantic>=2.0
 Requires-Dist: pyyaml>=6.0
 Requires-Dist: rich>=13.0
 Requires-Dist: keyring>=25.0
@@ -42,6 +44,7 @@ Requires-Dist: mitmproxy>=10.0; extra == "proxy"
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0; extra == "dev"
 Requires-Dist: pytest-cov>=4.0; extra == "dev"
+Requires-Dist: pytest-xdist>=3.5.0; extra == "dev"
 Requires-Dist: black>=23.0; extra == "dev"
 Requires-Dist: ruff>=0.1.0; extra == "dev"
 Requires-Dist: twine>=4.0; extra == "dev"
@@ -105,11 +108,12 @@ pip install --user tweek
 ### Protect Your Tools
 
 ```bash
-tweek install                           # Claude Code (CLI hooks)
+tweek protect                           # Interactive wizard — detects and protects all tools
+tweek protect claude-code               # Claude Code (CLI hooks)
 tweek protect openclaw                  # OpenClaw (HTTP proxy)
-tweek mcp install claude-desktop        # Claude Desktop (MCP proxy)
-tweek mcp install chatgpt-desktop       # ChatGPT Desktop (MCP proxy)
-tweek mcp install gemini                # Gemini CLI (MCP proxy)
+tweek protect claude-desktop            # Claude Desktop (MCP proxy)
+tweek protect chatgpt                   # ChatGPT Desktop (MCP proxy)
+tweek protect gemini                    # Gemini CLI (MCP proxy)
 tweek proxy setup                       # Cursor, Windsurf, Continue.dev (HTTP proxy)
 ```
 
@@ -127,11 +131,11 @@ That's it. Tweek auto-detects your tools, applies all 259 attack patterns across
 
 | Client | Integration | Setup |
 |--------|------------|-------|
-| **Claude Code** | CLI hooks (native) | `tweek install` |
+| **Claude Code** | CLI hooks (native) | `tweek protect claude-code` |
 | **OpenClaw** | Proxy wrapping | `tweek protect openclaw` |
-| **Claude Desktop** | MCP proxy | `tweek mcp install claude-desktop` |
-| **ChatGPT Desktop** | MCP proxy | `tweek mcp install chatgpt-desktop` |
-| **Gemini CLI** | MCP proxy | `tweek mcp install gemini` |
+| **Claude Desktop** | MCP proxy | `tweek protect claude-desktop` |
+| **ChatGPT Desktop** | MCP proxy | `tweek protect chatgpt` |
+| **Gemini CLI** | MCP proxy | `tweek protect gemini` |
 | **Cursor** | HTTP proxy | `tweek proxy setup` |
 | **Windsurf** | HTTP proxy | `tweek proxy setup` |
 | **Continue.dev** | HTTP proxy | `tweek proxy setup` |
@@ -169,14 +173,16 @@ See the full [Attack Patterns Reference](docs/ATTACK_PATTERNS.md) for all 259 pa
 
 Most security tools that use AI send your data to an API. Tweek doesn't.
 
-Tweek ships with a **custom-trained prompt injection classifier** ([DeBERTa-v3-base](https://huggingface.co/protectai/deberta-v3-base-prompt-injection-v2)) that runs entirely on your machine via ONNX Runtime. No API keys. No cloud calls. No data leaves your computer.
+Tweek uses [ProtectAI's DeBERTa-v3-base Prompt Injection v2](https://huggingface.co/protectai/deberta-v3-base-prompt-injection-v2) classifier, fine-tuned from [Microsoft's DeBERTa-v3-base](https://huggingface.co/microsoft/deberta-v3-base), running entirely on your machine via [ONNX Runtime](https://onnxruntime.ai). No API keys. No cloud calls. No data leaves your computer.
 
 | Property | Value |
 |----------|-------|
-| **Model** | DeBERTa-v3-base, fine-tuned for prompt injection |
-| **Runtime** | ONNX (CPU-only, single thread) |
+| **Model** | [ProtectAI DeBERTa-v3-base Prompt Injection v2](https://huggingface.co/protectai/deberta-v3-base-prompt-injection-v2) (Apache 2.0) |
+| **Base Model** | [Microsoft DeBERTa-v3-base](https://huggingface.co/microsoft/deberta-v3-base) (MIT) |
+| **Runtime** | ONNX Runtime (CPU-only, single thread) |
 | **Privacy** | 100% on-device — zero network calls |
-| **License** | Apache 2.0 |
+
+See [NOTICE](./NOTICE) for full third-party license texts and attribution.
 
 The local model handles the gray-area attacks that pattern matching alone cannot catch — encoded instructions, novel injection techniques, social engineering disguised as legitimate content. High-confidence results are returned instantly. Uncertain results can optionally escalate to a cloud LLM for deeper analysis (you bring your own API key).
 
@@ -278,4 +284,4 @@ To report a security vulnerability, email security@gettweek.com.
 
 ## License
 
-[Apache 2.0](LICENSE)
+[Apache 2.0](LICENSE) | [Third-Party Notices](NOTICE)

{tweek-0.2.1.dist-info → tweek-0.3.0.dist-info}/RECORD

@@ -1,15 +1,15 @@
-tweek/__init__.py,sha256=mZ5RaMD3SVWt8mcinSq8KlCaNLoVqgVu-9cewcMVlt0,360
+tweek/__init__.py,sha256=v1mBM39Sp-MgonHi8fotmfcN7dxbow_Eh9xdbSYnjN4,360
 tweek/_keygen.py,sha256=UapwIKNSwaRWdqHoJoF3hmKuiux6aIiFGe8WVskTbI8,1286
 tweek/audit.py,sha256=Bp4RETwdiHpT2EEi45atZa0LlJUOtALhrc3UT8MHvF8,8868
-tweek/cli.py,sha256=J7L0xhfZ1DmzrVGwvEBTCRLYd5w5UakSGWH9DikOOSg,245768
-tweek/cli_helpers.py,sha256=adczf-8oHsc-TDdfJqPQoG4IgWEfJmRORm2NmVWaCOw,5494
-tweek/cli_model.py,sha256=QO6Q3iy0d-hsMLdgWwDiigqN0rjep4Ufa73VCZjVguc,12825
-tweek/diagnostics.py,sha256=eOiI6MlfqimzUeG7Uvwhcnen_FlINejfawLun5DY59o,22472
+tweek/cli.py,sha256=0AxYSIQ56Y2OHNVGSocNksYkiiLfUFNx5XvBUzCtZZI,254670
+tweek/cli_helpers.py,sha256=Q2NTOkyRTOIPNLMqY2jA5_tuzDPksAGwGXYPRK3bzoY,5538
+tweek/cli_model.py,sha256=iMZStFqA0Nqyzm4rxSbhD4v-AqcO6h5NI72AR7cldoY,12853
+tweek/diagnostics.py,sha256=KbtXQH8QrRBoyIFWumL6q9--aQQdR0tUo2GzjMhwpII,24601
 tweek/licensing.py,sha256=4Pt34t8Y60jaLMBYLjnmLs_0o_LUahOhGflhXeZtuPU,11703
 tweek/config/__init__.py,sha256=C_kQm0LqYdM67E9wNi6bsX2V7xz7GY4HiICb_XlrX8A,362
 tweek/config/allowed_dirs.yaml,sha256=dMF_DqKgQThzkdIEoXzDBfAjbopGrk0HTkiM7ENmBaU,788
 tweek/config/families.yaml,sha256=jkNO0UsmX3MFlTKC9Or3p8_MlD3ZtHM0SrQIYFqx9i8,18212
-tweek/config/manager.py,sha256=Cg6gG9c4zZpDTxy8WZ_T-diPBzV8DL2Hny-Yu9DBV6I,39335
+tweek/config/manager.py,sha256=FTBJ4sMwnENH9tfvKB5d1SFve1R__k5j2KXb38vn1CA,39347
 tweek/config/patterns.yaml,sha256=8ow--0qdPJNjIY94j-vDEcrHt-TYgf9uuPCiqSMCIEQ,85376
 tweek/config/tiers.yaml,sha256=9hIXQ9izVKXd8ptoCsQiBo2r_XY8RvIk7VWrhWggkbc,10191
 tweek/hooks/__init__.py,sha256=GcgDjPdhZayxmyZ4-GfBa-ISARNtt9087RsuprRq2-s,54
@@ -17,7 +17,7 @@ tweek/hooks/break_glass.py,sha256=GNMhCtLWPylNMlQ5QfsoUkEjgIT1Uk1Ik7HvRWeE5N8,46
 tweek/hooks/feedback.py,sha256=uuA4opHYyBHC5sElBz-fr2Je3cg2DAv-aRHvETZcag0,6555
 tweek/hooks/overrides.py,sha256=1Yw_NPpZMvcFG_uyNY-ouBKSSomnxOptRedSjzkkhmE,18635
 tweek/hooks/post_tool_use.py,sha256=DiAnWOBd9t4vpMz1JsgUjYzToU6i-igesP2Vk83AAAc,17195
-tweek/hooks/pre_tool_use.py,sha256=Y4uIz-vB_39KHgL54HBOUCmX01Ze-8F-2vZIwK4655c,71688
+tweek/hooks/pre_tool_use.py,sha256=70XbonRSGh8rYpDlI4R_Z5Ug2LwU4iLyLsS87I5xlqc,71743
 tweek/integrations/__init__.py,sha256=sl7wFwbygmnruugX4bO2EUjoXxBlCpzTKbj-1zHuUPg,78
 tweek/integrations/openclaw.py,sha256=jX99__ODGI7Cq6gclSTK2pI5lsI7UGh5_iCHmq1R8RY,13798
 tweek/integrations/openclaw_server.py,sha256=Ah7wxsxKE2lQmIdlrFINvt5jW9U_bqqERfG3X2N5Aps,12533
@@ -27,7 +27,7 @@ tweek/logging/json_logger.py,sha256=zXOsFAufj3MF0TboM5zSS7V8uNBDJea7YkJHR-uQgBA,
 tweek/logging/security_log.py,sha256=BwHDdrN0VCpqssStvsZdASFnyxVpANCq9xiSkFsEFFk,28486
 tweek/mcp/__init__.py,sha256=AOFDrzDfjOvICMcN15Hz-iNCT0Kf6oyUBB-iNEW5Vr4,791
 tweek/mcp/approval.py,sha256=WIFQi4ryXEFtgQyzQIshwgP5h_Th7Cxepx9NIhf2o_4,17885
-tweek/mcp/approval_cli.py,sha256=yXIDh75lci3DWyJtZG3izryIoO4jSXGDuaJRch3K1rg,11265
+tweek/mcp/approval_cli.py,sha256=8WtmJF7KTLmdEF5wHqENaUJUzKEQej4CjRtFey4RcGg,11281
 tweek/mcp/proxy.py,sha256=0p5OEaRsFuNRcGR3rnqprkPjTdSSYgrsU_XXQiFPS8c,24819
 tweek/mcp/screening.py,sha256=ax5TK8ZSXb9uo5DFx3mxiYrBKjDBP0cTLNhA05TXb80,5421
 tweek/mcp/server.py,sha256=3pF3piXUNtIf2-SUJPCjGZPD42esg2KFsVXpaBXrq3E,10901
@@ -83,7 +83,7 @@ tweek/sandbox/__init__.py,sha256=bT4ZAQkY2WOELdrRwf87hVdePXq6QPmvBgDs4WqDWgU,229
 tweek/sandbox/docker_bridge.py,sha256=QD17ZuPVRgrbg0zFHdvji-VA11Jo5Td73_Kn6gbRaxc,5030
 tweek/sandbox/executor.py,sha256=MLgMps4CNH_rtbbvseIKuuusMUznv6U7njPKwVCT-Bo,13186
 tweek/sandbox/layers.py,sha256=Qd-kRfEKnBWax6n9h9COJeCTkvqnLAf157bHpGMfRYg,3263
-tweek/sandbox/linux.py,sha256=rF-w4q6uSt3rBoUnw0UXS1lFBdjooqV9YWVwQBaeTzM,8686
+tweek/sandbox/linux.py,sha256=mKA3rI--TmJnVU6uE2kAxBAD8DGZjHUHlZ-sSLzuoWs,8706
 tweek/sandbox/profile_generator.py,sha256=J-nNold-J1YxuSaX5BdQ_lcCC03ElwPJT7fJ4UciXfc,10957
 tweek/sandbox/project.py,sha256=SqD4g4i1VqfWTdm--6gBzTC8AZCdHuyPLR37Y9jp30k,19575
 tweek/sandbox/registry.py,sha256=ZZDQYeJMNAJ0FrFEayo1KyC5r3qXSBx6Tu-JcXIMjtI,5060
@@ -98,12 +98,12 @@ tweek/security/model_registry.py,sha256=XscpZcWaaJwHldX2T9C1T1zSvJ3lm0aSW4nIhwRp
 tweek/security/rate_limiter.py,sha256=bY8VIkQ-wCbNOYTLwD4MsMBoHk59zPWeZCkuE8Zntm8,24185
 tweek/security/secret_scanner.py,sha256=G-bbMwsAJD197BEOnZJdn_qphS4RNPK_wpLfkpiLuFU,18774
 tweek/security/session_analyzer.py,sha256=-Ylp583VZ_YJRkN5JZrYpaK1sVbiM6KP7ZwLBzWpiCI,24260
-tweek/skill_template/SKILL.md,sha256=dLMlJOdUrzJ8hz2R3bcFEjtxCT0xIKMZnX2UQFZDwTs,10309
+tweek/skill_template/SKILL.md,sha256=gBk_Ken77scVYeCs8imm1ASnNLDpBl-C0ufgWrrkQIA,10274
 tweek/skill_template/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-tweek/skill_template/cli-reference.md,sha256=I9Uj_RgRINW2uYguj4dQ3uGmxzxm83zPQt20XkqlawA,6277
+tweek/skill_template/cli-reference.md,sha256=DdXIEfTPvYn6iybVwA-r3CKkV1Mlx5Ub_sJf_lJrV2k,6913
 tweek/skill_template/overrides-reference.md,sha256=xlc07wXXsCOrx60wMD7LZ7fn5Z_dhLuj5Mgx04-xGQ0,4509
 tweek/skill_template/scripts/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-tweek/skill_template/scripts/check_installed.py,sha256=tYXZn49EThoQTexD0ehBue5T2qFQEXot2rJqw3T9p0s,5830
+tweek/skill_template/scripts/check_installed.py,sha256=-pMmfgBjdbwb5u2t9rJ0dMBz7MGYgiZM5db3tiNZgO4,5878
 tweek/skills/__init__.py,sha256=DyTvK8n5Lb-idkJhXCVytpiZjNfWveCtNkSL6o8dxHM,1209
 tweek/skills/config.py,sha256=I95wK9CBj_UiHwFuxfE8yRl7cmFiqdY0hXfF3BHP0X8,4782
 tweek/skills/fingerprints.py,sha256=YjPsTxqotzGlyMIgfgewSoNDTLU8_-p9fY_a44LJTjU,6027
@@ -113,10 +113,11 @@ tweek/skills/scanner.py,sha256=PaeZNnwxLTGls2O3hQaDgBhGw9jVJThPjfKCY_05_nI,27574
 tweek/vault/__init__.py,sha256=L408fjdRYL8-VqLEsyyHSO9PkBDhd_2mPIbrCu53YhM,980
 tweek/vault/cross_platform.py,sha256=D4UvX_7OpSo8iRx5sc2OUUWQIk8JHhgeFBYk1MbyIj4,8251
 tweek/vault/keychain.py,sha256=XL18-SUj7HwuqxLXZDViuCH81--KMu68jN9Szn1aeyw,10624
-tweek-0.2.1.dist-info/licenses/LICENSE,sha256=rjoDzr1vAf0bsqZglpIyekU5aewIkCk4jHZZDvVI2BE,15269
+tweek-0.3.0.dist-info/licenses/LICENSE,sha256=rjoDzr1vAf0bsqZglpIyekU5aewIkCk4jHZZDvVI2BE,15269
+tweek-0.3.0.dist-info/licenses/NOTICE,sha256=taQokyDes5UTRNEC67G-13VmqvUyTOncrrT33pCcWL0,8729
 tweek-openclaw-plugin/node_modules/flatted/python/flatted.py,sha256=UYburBDqkySaTfSpntPCUJRxiBGcplusJM7ECX8FEgA,3860
-tweek-0.2.1.dist-info/METADATA,sha256=7ahRw8rb7M0OV4xVZpI_5e1MMrk2KZGont3GRymkhmw,11318
-tweek-0.2.1.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-tweek-0.2.1.dist-info/entry_points.txt,sha256=YXThD6UiF5XQXwqW33sphsvz-Bl4Zm6pm-xq-5wcCYE,1337
-tweek-0.2.1.dist-info/top_level.txt,sha256=jtNcCxjoGXN8IBqEVL0F3LHDrZD_B0S-4XF9-Ur7Pbc,28
-tweek-0.2.1.dist-info/RECORD,,
+tweek-0.3.0.dist-info/METADATA,sha256=4eLu77u_VjfeqHnZ_-sIXRthm3In7dOHRnGkAaqQy2Y,11889
+tweek-0.3.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+tweek-0.3.0.dist-info/entry_points.txt,sha256=YXThD6UiF5XQXwqW33sphsvz-Bl4Zm6pm-xq-5wcCYE,1337
+tweek-0.3.0.dist-info/top_level.txt,sha256=jtNcCxjoGXN8IBqEVL0F3LHDrZD_B0S-4XF9-Ur7Pbc,28
+tweek-0.3.0.dist-info/RECORD,,