codex-plusplus-tweak-system

SUSPICIOUS: the skill's purpose matches its capabilities, but its footprint is high risk. It instructs the agent/user to install an externally published patching tool via remote execution, modifies official app integrity controls, adds persistence for silent re-patching, and pulls in additional tweak repos. There is no direct credential theft or exfiltration described, but the install trust and app-tampering model are disproportionate enough to classify it as suspicious rather than benign.