Teknium 2c0d648397 fix(cron): sanitize invisible unicode in vetted skill content instead of hard-blocking (#37245) ... A stray zero-width space (U+200B), BOM, or bidi control in loaded skill markdown permanently killed any cron that loaded it. The skills-attached assembled-prompt scan hard-blocked on any invisible-unicode char, even though skill bodies are already install-time vetted by skills_guard.py and the chars commonly appear in copy-pasted unicode docs / code examples. The skills path now strips invisibles (logging the codepoints) and runs the cleaned prompt. The raw user-prompt path (_scan_cron_prompt) keeps the hard block — that is the actual #3968 injection surface, where a small directive prompt with a ZWSP is a smoking gun, not prose. Stripping does not let a real injection slip through: the directive still matches after sanitization. _scan_cron_skill_assembled now returns (cleaned_prompt, error).		2026-06-02 00:29:44 -07:00
..
__init__.py	docs: clarify gateway service scopes (#1378)	2026-03-14 21:17:41 -07:00
jobs.py	fix: batch of small robustness/correctness fixes from @kyssta-exe	2026-06-01 19:51:03 -07:00
scheduler.py	fix(cron): sanitize invisible unicode in vetted skill content instead of hard-blocking (#37245)	2026-06-02 00:29:44 -07:00