From 412364bf74baac58d65e194c147f74a801c4bd66 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 10:52:57 +0200
Subject: [PATCH 01/19] =?UTF-8?q?docs(sl):=20translate=20wiki=20batch=201?=
 =?UTF-8?q?=20=E2=80=94=207=20core=20pages?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- mother-hive (matični hive): forced-command SSH, single home,
  peer auth, key-on-seed, daemon user
- task-board (tabla opravil): capability scoring, cron/interval/once,
  intake drain, SQLite backing
- operator-attention (operaterska pozornost): attention bar,
  jump/filter keys, edge-triggered alerts, NO_COLOR pitfall
- contracts (JSON pogodbe): stable schemas, golden tests,
  evolution rules
- cost-model (model stroškov): cache-hit metering, fast/smart/max,
  T14 compaction, DeepSeek probe
- layered-soul (plastovita duša): import path, deferred stores,
  one-way direction
- index (wiki kazalo): conventions, lint workflow, full page table

Commands/JSON/code paths kept in English; prose + frontmatter
translated.
---
 docs/wiki/sl/contracts.md          |  53 +++++++++++
 docs/wiki/sl/cost-model.md         |  97 +++++++++++++++++++
 docs/wiki/sl/index.md              |  75 +++++++++++++++
 docs/wiki/sl/layered-soul.md       |  55 +++++++++++
 docs/wiki/sl/mother-hive.md        | 119 +++++++++++++++++++++++
 docs/wiki/sl/operator-attention.md | 146 +++++++++++++++++++++++++++++
 docs/wiki/sl/task-board.md         | 101 ++++++++++++++++++++
 7 files changed, 646 insertions(+)
 create mode 100644 docs/wiki/sl/contracts.md
 create mode 100644 docs/wiki/sl/cost-model.md
 create mode 100644 docs/wiki/sl/index.md
 create mode 100644 docs/wiki/sl/layered-soul.md
 create mode 100644 docs/wiki/sl/mother-hive.md
 create mode 100644 docs/wiki/sl/operator-attention.md
 create mode 100644 docs/wiki/sl/task-board.md

diff --git a/docs/wiki/sl/contracts.md b/docs/wiki/sl/contracts.md
new file mode 100644
index 0000000..092d77f
--- /dev/null
+++ b/docs/wiki/sl/contracts.md
@@ -0,0 +1,53 @@
+---
+title: Stabilne JSON pogodbe
+description: Jezikovno neodvisne oblike na žici, v skupni rabi med Colibri (Rust) in Clawdie agenti (TypeScript).
+---
+
+← [kazalo](./index.md)
+
+`colibri-contracts` hrani stabilne, jezikovno neodvisne oblike na žici, v
+skupni rabi med Colibri (Rust) in Clawdie agenti (TypeScript). Lasti si
+_sheme in (De)serialize_, ne poslovne logike.
+
+## Zakaj ločen pogodbeni zaboj
+
+- Preprečuje podvojene definicije med stezama Rust in TypeScript.
+- Ohranja potrjene manifeste v `manifests/`, ki so razčlenljivi na obeh
+  straneh.
+- Centralizira nize shem, vzdevke za preimenovanje polj in privzetke za
+  povratno združljivost.
+
+## Aktivne sheme
+
+| Shema                                  | Rust struct           | Namen                                                                     |
+| -------------------------------------- | --------------------- | ------------------------------------------------------------------------- |
+| `clawdie.interagent.run-manifest.v1`   | `RunManifest`         | Beleži tek gradnje/testa — vloga, agent, artefakti, povzetek.             |
+| `clawdie.runtime-version-inventory.v1` | `RuntimeInventory`    | Posnetek izvajalnega okolja gostitelja — OS, različice paketov, npm/node. |
+| `clawdie.provider-smoke.result.v1`     | `ProviderSmokeResult` | Rezultat sonde predpomnilnika DeepSeek in obračun žetonov.                |
+
+Konstante shem in strukture živijo v `crates/colibri-contracts/src/lib.rs`.
+
+## Pravila razvoja
+
+- Zaboj ne nosi **nobene logike** — samo `serde` strukture in konstante shem.
+- Nova polja so običajno neobvezna z `#[serde(default)]`, da se stari
+  manifesti še vedno razčlenijo.
+- `RuntimeInventory.pi` je neobvezen, ker vsak gostitelj ne namesti `pi` ali
+  `zot`.
+- `HostStatus.raw` je lovilna vrednost `serde_json::Value`, da se lahko
+  zajame izhod sovražnega zbiralnika brez prisile v dvig sheme.
+
+## Zlati testi
+
+`crates/colibri-contracts/tests/golden.rs` razčleni vsak potrjen manifest v
+`manifests/` in preveri enakost povratnega zapisa. Primerki so namenjeni
+**medplatformni** rabi — če se manifest, ustvarjen na Linuxu, razlikuje od
+tistega na FreeBSD 15, je treba razliko razumeti in dokumentirati, preden se
+združi.
+
+## Glej tudi
+
+- [cost-model](./cost-model.md) — kako rezultat sonde ponudnika hrani merjenje
+  predpomnilnika.
+- [runtime-inventory](./runtime-inventory.md) — kje se ustvari popis
+  izvajalnega okolja.
diff --git a/docs/wiki/sl/cost-model.md b/docs/wiki/sl/cost-model.md
new file mode 100644
index 0000000..17641c6
--- /dev/null
+++ b/docs/wiki/sl/cost-model.md
@@ -0,0 +1,97 @@
+---
+title: Model stroškov
+description: Kako Colibri sledi vsakemu žetonu, meri zadetke predpomnilnika in samodejno stopnjuje med cenovnimi načini.
+---
+
+← [kazalo](./index.md)
+
+## Kaj je to
+
+Colibri sledi vsakemu žetonu, ki gre skozi agentsko sejo, in meri stroške
+glede na nastavljiv proračun. Ključni vpogled: **žetoni zadetka predpomnilnika
+stanejo 10× manj** kot sveži žetoni pri DeepSeek — zato je predpona poziva
+načrtovana tako, da je bajtno stabilna med zahtevami, kar maksimira zadetke
+predpomnilnika. Trije cenovni načini (fast, smart, max) predstavljajo različne
+točke na kompromisu hitrost/strošek, model pa samodejno stopnjuje, ko cenejši
+način ne zmore več.
+
+## Odločitve
+
+### Bajtno stabilna predpona poziva → merjenje zadetkov predpomnilnika
+
+Sistemski poziv in zgodnji bloki konteksta so **bajt-za-bajtom enaki** med
+zaporednimi zahtevami na isto končno točko DeepSeek. Cene zadetkov
+predpomnilnika DeepSeek jih znižajo za ~90%. Colibrijeva sonda
+`colibri-deepseek` določi natančno razdelitev števila žetonov med predpomnjenimi
+in svežimi žetoni na zahtevo, sledilec stroškov pa zabeleži oboje, tako da
+proračun seje odraža **dejanske** znižane stroške, ne nominalnega števila
+žetonov.
+
+**Zakaj ne preprosto šteti žetonov**: štetje žetonov z offline tokenizatorjem
+da zgornjo mejo, ne pa resničnih stroškov. API DeepSeek včasih ponovno
+predpomni in včasih ne — sonda izmeri, kaj se je dejansko zgodilo. Popust je
+prevelik (10×), da bi ostal neizmerjen.
+
+→ [headroom-sidecar](./headroom-sidecar.md),
+[`COLIBRI-TOKENOMICS-TRIFECTA.md`](../COLIBRI-TOKENOMICS-TRIFECTA.md),
+[`crates/colibri-deepseek/src/lib.rs`](../../crates/colibri-deepseek/src/lib.rs)
+
+### Trije cenovni načini (fast → smart → max)
+
+| Način | Proračun (žetoni) | Obnašanje                                                                                |
+| ----- | ----------------- | ---------------------------------------------------------------------------------------- |
+| Fast  | 16K               | Največ zadetkov predpomnilnika, najmanj svežih žetonov. Zgodaj zavrne velike razširitve. |
+| Smart | 64K               | Privzeto. Uravnoteži ponovno uporabo predpomnilnika s prostorom za nadaljnje korake.     |
+| Max   | 256K              | Skoraj nikoli ne doseže proračuna. Za enkratne globoke naloge, kjer je strošek drugoten. |
+
+Demon **samodejno stopnjuje**, ko seja izčrpa svoj proračun v nižjem načinu:
+fast → smart → max. Stopnjevanje je enosmerno (nikoli ne zniža sredi seje).
+
+**Zakaj trije načini, ne zvezni drsnik**: tukaj zmaga preprostost. Tri dobro
+razumljene točke pokrijejo prostor — operaterji izbirajo po apetitu tveganja,
+ne po finem uglaševanju številke. Veriga stopnjevanja pomeni "začni poceni,
+plačaj več samo, če deluje".
+
+→ [`COLIBRI-TOKENOMICS-TRIFECTA.md`](../COLIBRI-TOKENOMICS-TRIFECTA.md),
+[`crates/colibri-daemon/src/cost.rs`](../../crates/colibri-daemon/src/cost.rs)
+
+### Stiskanje T14 (obrezovanje proračuna, ne krajšanje)
+
+Ko seja skoraj preseže svoj proračun, Colibri stisne rezultate orodij v
+nestanovitnem območju — pošlje jih skozi stranski vagon headroom v povzetek,
+nato obreže najstarejše nestanovitne bloke, dokler poziv ne sodi v proračun.
+**Predpona** (sistemski poziv, statični kontekst) ni nikoli obrezana — samo
+nestanovitna pripona.
+
+Če stiskanje ne zadostuje in je samodejno stopnjevanje omogočeno, način
+prestopi navzgor, preden pride do krajšanja.
+
+**Zakaj ne preprosto krajšati**: krajšanje sredi pogovora izgubi kontekst, ki
+ga agent potrebuje za nadaljevanje. Stiskanje ohrani pomensko vsebino ob
+nižjih stroških žetonov. Stranski vagon headroom je neobvezen (privzeto
+izklopljen); brez njega je zasilni izhod preprosto krajšanje.
+
+→ [headroom-sidecar](./headroom-sidecar.md),
+[`crates/colibri-daemon/src/session.rs`](../../crates/colibri-daemon/src/session.rs)
+
+### Sonda zadetka predpomnilnika (specifična za DeepSeek)
+
+Zaboj `colibri-deepseek` pošlje predpoletno zahtevo z znanim pozivom na API
+DeepSeek in razčleni glave odgovora, da določi razdelitev zadetkov
+predpomnilnika (prompt_cache_hit_tokens / prompt_cache_miss_tokens). To je
+specifično za ponudnika — DeepSeek je edini ponudnik, ki izpostavlja to
+natančnost. Sonda teče enkrat na spremembo konfiguracije seje, ne na vsako
+zahtevo.
+
+**Zakaj sonda in ne kljuka**: vmesna programska oprema, ki prestreza vsak
+odgovor API, bi povezala sledenje stroškov s plastjo HTTP. Sonda to loči —
+sledilec stroškov vpraša "kakšno je bilo razmerje predpomnilnika?" in sonda
+odgovori, neodvisno od tega, kako je bila zahteva izvedena.
+
+→ [`crates/colibri-deepseek/src/lib.rs`](../../crates/colibri-deepseek/src/lib.rs)
+
+## Glej tudi
+
+- [task-board](./task-board.md) — razporejevalnik, ki razpošilja opravila znotraj proračunov sej
+- [mother-hive](./mother-hive.md) — arhitektura MCP (druga stroškovna domena)
+- [quality-gates](./quality-gates.md) — vrata, ki preverjajo razčlenjevanje cenovnih načinov
diff --git a/docs/wiki/sl/index.md b/docs/wiki/sl/index.md
new file mode 100644
index 0000000..6e006d2
--- /dev/null
+++ b/docs/wiki/sl/index.md
@@ -0,0 +1,75 @@
+---
+title: Colibri Wiki
+description: Zbirka znanja o odločitvah in arhitekturi Colibri — utemeljitve, ki jih koda ne more izraziti.
+---
+
+Zbirka znanja o Colibrijevih **odločitvah in arhitekturi** — po vzoru
+[vzorca LLM Wiki](https://gist.github.com/karpathy/442a6bf555914893e9891c11519de94f)
+Andreja Karpathyja.
+
+Vsak večji podsistem ima stran, ki beleži **zakaj** je bil zgrajen tako, kot
+je — utemeljitve, ki jih koda ne more izraziti. Izvedbena dokumentacija v
+`docs/` pokriva _kako_; te strani pokrivajo _zakaj_.
+
+## Zakaj to obstaja
+
+Zastarele odločitve se kopičijo hitreje, kot jih kdorkoli ročno pregleda:
+preimenovanje, ki je bilo samo napol uporabljeno, dokument, ki še vedno
+opisuje staro zasnovo, privzetek, ki je ostal od presežene izbire. Več
+nedavnih prehodov je bilo porabljenih prav za iskanje tega (`pi → zot`,
+`usb_nodes → hive_nodes`, podedovano preimenovanje v `sample`). Ta wiki naredi
+knjigovodstvo skoraj brezstroškovno: eno mesto, ki beleži _kaj je bilo
+odločeno_, povezuje na _kje v kodi živi_ in ga je mogoče **lintati** za odmik.
+
+## Konvencije (shema)
+
+Ta pravila ohranjajo wiki kot vzdržljiv artefakt, ne kot drugi vir resnice:
+
+1. **Koda je vir resnice.** Strani opisujejo _odločitve_ in _kje_ živijo;
+   povezujejo na kodo/dokumentacijo, namesto da bi ponovno razlagale izvedbo.
+   Ko je odločitev dostavljena, skrči stran na "kako deluje + povezava."
+2. **Povezuj, ne podvajaj.** Sklicevanje na kodo kot `pot/do/datoteke.rs:vrstica`
+   in druge wiki strani z relativnimi povezavami (`[oznaka](./stran.md)`) —
+   klikljivo v Forgeju, ustreznik Obsidianovih `[[wikipovezav]]`, prilagojen
+   repozitoriju.
+3. **Ena odločitev na stran**, kjer je to izvedljivo; obilno navzkrižno
+   povezuj.
+4. **Označi, ne tiho prepiši.** Ko nova koda nasprotuje strani, zabeleži
+   nasprotje (in ga razreši), namesto da bi tiho urejal zgodovino.
+5. **Lintaj, ne zaupaj.** Stran je trditev, ki jo je treba preveriti proti
+   kodi, ne jamstvo.
+
+## Potek dela za lint
+
+Skripta [`wiki-lint`](../../scripts/wiki-lint) preveri vsako stran proti
+trenutni kodi: viseče reference, obujena stara imena (iz imenika poimenovanj)
+in osirotele strani. Teče kot del `ci-checks.sh --strict` in je zapahnjena s
+kljuko pred potiskom — napaka odmika blokira potisk, enako kot opozorilo
+clippy.
+
+## Strani
+
+| Stran                                                 | Kaj pokriva                                                                                                                |
+| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- |
+| [agent-harness](./agent-harness.md)                   | Razcep zot (agent) + Colibri (krmilna ravnina); samodejni zagon + gonilnik RPC                                             |
+| [agent-events-reference](./agent-events-reference.md) | Referenca dogodkov zot po opremi, preslikave Glasspane in preverjena polja prepisa                                         |
+| [cost-model](./cost-model.md)                         | Bajtno stabilne predpone, merjenje zadetkov predpomnilnika, samodejno stopnjevanje, stiskanje T14                          |
+| [glasspane](./glasspane.md)                           | Avtomat stanj agenta, pretakanje JSONL, taksonomija AgentRuntime, API posnetkov                                            |
+| [operator-attention](./operator-attention.md)         | Izpeljan pogled "potrebuje operaterja": predikat pozornosti, vrstica/skok/filter TUI, robno sprožena terminalska opozorila |
+| [headroom-sidecar](./headroom-sidecar.md)             | Neobvezni stranski vagon za stiskanje rezultatov orodij in njegov protokol Unix vtičnice                                   |
+| [jail-confinement](./jail-confinement.md)             | Trajne proti prehodnim ječam, pravilnik načina priv, ponovna uporaba omejitve zaganjalnika za strežnike MCP                |
+| [mother-hive](./mother-hive.md)                       | Arhitektura matičnega MCP — SSH s prisiljenim ukazom, enojni-dom-v-colibri, peer avtentikacija, ključ-na-semenu            |
+| [naming-decisions](./naming-decisions.md)             | Imenik preimenovanj, nevtralnih glede na opremo / arhitekturnih — dostavljenih in v teku                                   |
+| [layered-soul](./layered-soul.md)                     | Kako Colibri danes uporablja repozitorij pregledanega konteksta layered-soul proti načrtovanemu                            |
+| [task-board](./task-board.md)                         | Točkovanje po zmožnostih, cron razporejanje, praznjenje vnosne vrste, podlaga SQLite                                       |
+| [quality-gates](./quality-gates.md)                   | `ci-checks.sh` kot vrata pred združitvijo; zakaj je odmik prej dosegel `main`                                              |
+| [contracts](./contracts.md)                           | Stabilne JSON sheme (run-manifest, runtime-inventory, provider-smoke), zlati testi                                         |
+| [store-schema](./store-schema.md)                     | Usklajevalna shema SQLite in disciplina migracij                                                                           |
+| [external-mcp](./external-mcp.md)                     | Most MCP za urejevalnike + zunanji gostitelj stdio MCP; vrata za branje/pisanje/zunanji-klic                               |
+| [operator-cli](./operator-cli.md)                     | CLI `colibri` kot tanek tipiziran odjemalec Unix vtičnice prek API demona                                                  |
+| [tui](./tui.md)                                       | Odjemalec terminalske nadzorne plošče (colibri-tui) proti avtomatu stanj colibri-glasspane                                 |
+| [terminal](./terminal.md)                             | Odločitev o terminalski zmožnosti (Kitty, razširjeno poročanje tipk, prehod tmux, SSH terminfo)                            |
+| [runtime-inventory](./runtime-inventory.md)           | Popis izvajalnega okolja gostitelja + bralnik statusa čuvaja; aditivne, bralne integracije                                 |
+| [skills-catalog](./skills-catalog.md)                 | Bralni izvajalni porabnik za pregledane artefakte veščin Clawdie-AI                                                        |
+| [vault-provision](./vault-provision.md)               | Oskrba datotek env, gnana z Vaultwarden, v ječe po zagonu agenta                                                           |
+| [deployment](./deployment.md)                         | Nameščevalnik gostitelja (clawdie): postavitev ZFS, storitev rc.d/systemd, varnost suhega teka                             |
diff --git a/docs/wiki/sl/layered-soul.md b/docs/wiki/sl/layered-soul.md
new file mode 100644
index 0000000..4440653
--- /dev/null
+++ b/docs/wiki/sl/layered-soul.md
@@ -0,0 +1,55 @@
+---
+title: Integracija plastovite duše
+description: Kako Colibri danes uporablja repozitorij layered-soul in kaj je še načrtovano.
+---
+
+← [kazalo](./index.md)
+
+[clawdie/layered-soul](https://code.smilepowered.org/clawdie/layered-soul) je
+prenosljiv, od opreme neodvisen vir trajne identitete in pregledanega
+konteksta. Ta dokument beleži, kako ga Colibri uporablja **danes** in kaj je
+še **načrtovano** — da pogodbe ne zamenjamo za v celoti zgrajeno.
+
+## Kar je povezano (deluje zdaj)
+
+Uvoz pregledanih **veščin** v Colibrijev obstoječi katalog `skills`:
+
+    scripts/import-layered-soul.sh <imenik-layered-soul> <colibri.sqlite>
+
+Prebere vsako datoteko SKILL.md veščine (frontmatter `name` / `description`;
+kategorija `soul`) in `INSERT OR IGNORE` vrstico v tabelo `skills`.
+`references/` in `templates/` znotraj veščine sta podporno gradivo, ne ločeni
+veščini. Ista tabela kot `clawdie-iso/scripts/import-clawdie-skills.sh`;
+idempotentno, varno za ponovni zagon.
+
+## Kar je odloženo (načrtovano, ne zgrajeno)
+
+Prilagoditveni vmesnik Colibri v layered-soul poimenuje "Plastovito
+pomnilniško tkanino" s tremi shrambami — `system_skills`, `system_brain`,
+`system_ops`. Na dan 2026-06-13 obstaja samo ena ploščata tabela `skills`;
+ostalo je **samo načrt** (`docs/COLIBRI-SKILLS-PLAN.md`), zato uvoznik
+namenoma ne cilja nanje.
+
+| Vir v layered-soul                 | Cilj (načrtovan) | Stanje                                                      |
+| ---------------------------------- | ---------------- | ----------------------------------------------------------- |
+| datoteke SKILL.md veščin           | `system_skills`  | uvoženo v ploščato tabelo `skills` danes                    |
+| memories/urejene markdown datoteke | `system_brain`   | NI uvoženo — shramba še ne obstaja (uvoznik poroča število) |
+| pretvorjeni manifesti opravil      | `system_ops`     | NI implementirano                                           |
+
+## Smer (enosmerno)
+
+`layered-soul` (git) je **vir resnice**; Colibri je **porabnik**. Uvoz teče
+enosmerno (repo → Colibri). Veščine vedno uredite v izvornem repozitoriju,
+nato ponovno uvozite — izvajalne kopije so prehodni porabniki.
+
+## Zapiranje vrzeli (prihodnje delo)
+
+1. Implementiraj `system_brain` po `COLIBRI-SKILLS-PLAN.md`, nato razširi
+   uvoznika, da naloži urejene spomine.
+2. Preseli ploščato tabelo `skills` v načrtovano shemo `system_skills`.
+3. Definiraj in uvozi manifeste opravil `system_ops`.
+
+## Glej tudi
+
+- [skills-catalog](./skills-catalog.md) — Colibrijev bralni izvajalni porabnik veščin
+- [store-schema](./store-schema.md) — načrtovane tabele `system_skills` / `system_brain`
diff --git a/docs/wiki/sl/mother-hive.md b/docs/wiki/sl/mother-hive.md
new file mode 100644
index 0000000..d3cd291
--- /dev/null
+++ b/docs/wiki/sl/mother-hive.md
@@ -0,0 +1,119 @@
+---
+title: Matični hive
+description: Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL.
+---
+
+← [kazalo](./index.md)
+
+## Kaj je to
+
+Matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH →
+PostgreSQL. USB-vozlišča pošiljajo profile strojne opreme; mati izpelje
+zmožnosti in vzdržuje hive register. Ta stran beleži **odločitve**, ki stojijo
+za izvedbo — utemeljitve, ki jih koda ne more izraziti. Za navodila za
+namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
+[`packaging/mother/MOTHER-SETUP.md`](../packaging/mother/MOTHER-SETUP.md).
+
+## Odločitve
+
+### Meja SSH s prisiljenim ukazom (ne poslušajoči demon)
+
+USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
+oddaljenega ukaza). Na materini strani `authorized_keys` vsili
+`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — povezava **ne more**
+zagnati interaktivne lupine ali kateregakoli ukaza razen ovoja.
+
+Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
+(stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
+zavrnjena.
+
+**Zakaj ne poslušajoči demon** (HTTP, gRPC, surovi TCP): Tailscale šifrira
+prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
+infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
+odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
+ključa — tudi ogroženi USB, ki drži ključ, lahko samo pokliče ovoj, ovoj pa
+samo delegira colibri-mcp. Obramba v globino, nameščena kot ena funkcija
+OpenSSH.
+
+→ [`colibri-mcp-ssh`](../packaging/mother/colibri-mcp-ssh),
+[`MOTHER-SETUP.md` §Varnost](../packaging/mother/MOTHER-SETUP.md#varnostne-lastnosti)
+
+### En sam dom za matično infrastrukturo (colibri, ne clawdie-iso)
+
+Matični MCP skripti (`node-register-mcp`, `geodesic-dome-mcp` itd.) so bili
+prvotno kopirani v oba repozitorija. Kopija v clawdie-iso je odnesla — njen
+`node-register-mcp` je uporabljal interpolacijo nizov `E'${...}'` (dovzetno
+za SQL-injekcijo), medtem ko je kopija v colibri uporabljala parametrizirani
+`psql -v :'variable'`. Kopija v iso je bila odstranjena v clawdie-iso PR #129.
+
+**Nauk**: skripta v dveh repozitorijih **bo** odnesla. Wiki lint je
+enorepozitorijski in ne vidi podvojenih skript med repozitoriji. Zmanjšanje
+tveganja je disciplina: matična infrastruktura živi na enem mestu.
+
+→ [naming-decisions §Strukturne](./naming-decisions.md#strukturne-odločitve)
+(vrstica "En sam dom")
+
+### `hive_nodes` — ne `usb_nodes`
+
+Prvotno ime tabele je predpostavljalo, da se bodo registrirala samo
+USB-zagnana vozlišča. Toda vozlišče je vsak gostitelj, ki se pridruži hive —
+USB, NVMe, ječa. Preimenovano v `hive_nodes` s stolpcem `node_type` (colibri
+#161). Sprožilec `derive_capabilities()` je agnostičen glede tabele in ob
+INSERT samodejno izračuna `has_gpu`, `gpu_vendor`, `can_run_local_llm`,
+`has_wifi`, `max_model`.
+
+→ [`mother_schema.sql`](../packaging/mother/mother_schema.sql),
+[naming-decisions](./naming-decisions.md) (vrstica `usb_nodes → hive_nodes`)
+
+### PostgreSQL peer avtentikacija (brez gesel)
+
+Uporabnik OS `colibri` se poveže na `mother_hive` prek peer avtentikacije —
+jedro potrdi Unix uporabnika, geslo ni potrebno. `node-register-mcp` teče kot
+ta uporabnik in podeduje zaupanje. Brez datotek pgpass, brez spremenljivk
+okolja, brez vrtenja poverilnic. En gibljivi del: pravilo `peer` v
+`pg_hba.conf` mora biti pred morebitno vrstico `local all all` (prvo
+ujemanje).
+
+**Zakaj ne geslo ali certifikat**: gesla se vrtijo in uhajajo; certifikati
+potrebujejo CA. Peer avtentikacija je vgrajena v PostgreSQL na vsakem Unixu
+in deluje za povezavo localhost z nič konfiguracije razen ene vrstice v
+`pg_hba.conf`.
+
+→ [`MOTHER-SETUP.md` §Namestitev, 6. korak](../packaging/mother/MOTHER-SETUP.md#enkratna-namestitev)
+
+### Ključ na semenski particiji, ne v sliki
+
+Zasebni ključ `mother-mcp` je nameščen na particijo CLAWDIESEED, ne zapečen v
+ISO. Gradbeni skript ima varovalko za izdajo, ki **zavrne** vgradnjo ključa v
+sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
+
+**Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
+vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
+je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
+zažene in deluje — zunanja MCP povezava demona do matere odpove elegantno
+(SSH: "config file not found"), vozlišče pa deluje samostojno.
+
+→ [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
+
+### Demonov uporabnik, ne operater
+
+Colibri demon teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
+operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
+zažene demon — zato morajo biti SSH ključ, konfiguracija in known_hosts v
+demonovem domu. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
+
+- demon).
+
+**Zakaj ne preprosto v clawdiejev dom in `sudo`**: demon ni operater. Tek kot
+ločen uporabnik pomeni, da je domet ogroženega demona omejen na tisto, kar
+uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
+datoteke ali `sudo`.
+
+→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
+[`MOTHER-SETUP.md` §Upravljanje ključev](../packaging/mother/MOTHER-SETUP.md#upravljanje-ključev)
+
+## Glej tudi
+
+- [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
+- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
+- [quality-gates](./quality-gates.md) — vrata, ki bi morala ujeti odmik ob času PR
diff --git a/docs/wiki/sl/operator-attention.md b/docs/wiki/sl/operator-attention.md
new file mode 100644
index 0000000..c1523f9
--- /dev/null
+++ b/docs/wiki/sl/operator-attention.md
@@ -0,0 +1,146 @@
+---
+title: Operaterska pozornost — "ali ta agent potrebuje mene zdaj?"
+description: Kako Glasspane presoja, kateri agent potrebuje operaterski poseg, in to prikaže v TUI.
+---
+
+← [kazalo](./index.md)
+
+## Kaj je to
+
+Nadzorna hrbtenica Glasspana odgovarja na vprašanje _"v kakšnem stanju je ta
+agent?"_. Pozornost je plast nad njo, ki odgovarja na vprašanje, ki si ga
+operater dejansko zastavi najprej: _"ali katerikoli agent potrebuje mene
+**zdaj**?"_ Je **izpeljan pogled** nad avtomatom stanj in terminalom,
+prikazan v TUI in podprt z robno sproženimi opozorili — ne šesto stanje, ne
+nov podsistem.
+
+## Odločitve
+
+### Pozornost je pogled, ne stanje
+
+`AgentState` ostaja majhen (`Idle`, `Working`, `Blocked`, `Done`, `Error`).
+"Potrebuje operaterja" je prost predikat nad njim, ne dodatna različica:
+
+```rust
+fn needs_attention(pane: &Pane) -> bool {
+    pane.state == AgentState::Error
+        || pane.state == AgentState::Blocked
+        || pane.stalled
+}
+```
+
+`Blocked` je vključen, ker dokumentacijski komentar avtomata stanj pravi, da
+pomeni "čaka na usmerjanje / odobritev / vnos" — tj. agent je parkiran na
+operaterju. En predikat, ki ga uporabljajo pozornostna vrstica, filter in
+tipke za skok, zato se definicija spremeni na enem mestu.
+
+`stalled` je tudi sam izpeljan — podokno je stalled, ko v
+`DEFAULT_STALL_AFTER` (4 ure) ni prispel noben dogodek. Namenoma je redek:
+pozornost so večinoma podokna v stanju Error in Blocked; Stalled je stopnjevanje
+"nekaj je globoko narobe", ne pogost pojav.
+
+→ [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
+(`AgentState`, `SupervisedPane::is_stalled_at`, `DEFAULT_STALL_AFTER`)
+
+### TUI naredi pozornost nemogoče spregledati
+
+Ko katerokoli podokno v **trenutnem pogledu** potrebuje pozornost, se običajna
+glava zamenja z rdeče obrobljeno pozornostno vrstico, ki navaja zadevna
+podokna. Vrstice, ki potrebujejo pozornost, dobijo obrnjeno ozadje; kazalka se
+obrne znova, da operater še vedno vidi, katera je izbrana. Dve tipki za skok
+(`n` / `N`) krožita naprej/nazaj skozi pozornostna podokna z ovijanjem, `a`
+pa preklaplja filter samo za pozornost. Vsi trije delujejo nad že filtriranim
+naborom podoken.
+
+**Sestavljanje filtrov je IN.** Pozornostni filter se sestavlja s filtrom
+seje, zato vrstica odraža samo tisto, kar operater gleda. Junija 2026 je bil
+dostavljen hrošč, kjer je bil `has_attention` izračunan iz _nefiltriranega_
+posnetka: napaka v seji `s2` je prižgala vrstico med gledanjem seje `s1`,
+lastni `filtered_panes()` vrstice pa je nato zgodaj vrnil prazen izris —
+operater je tako izgubil glavo zaradi praznega rdečega okvirja. Popravljeno z
+izračunom pozornosti iz `filtered_panes()`; pokrito s preskusom upodabljanja
+med sejami.
+
+**Past `NO_COLOR`.** Seje Hermesa puščajo `NO_COLOR=1` v okolja podprocesov
+in crossterm to konvencijo upošteva. Brez `force_color_output(true)` ob zagonu
+se `colibri-tui`, zagnan iz seje Hermesa, upodablja brez barv — rdeča
+pozornostna vrstica postane nevidna. Funkcija `main()` vsili barve ne glede na
+starševsko okolje; to je nadzorna plošča TUI, barve so nosilne.
+
+Prihodnja izboljšava: prikaz pozornostne vrstice **in** glave hkrati (dvojni
+pogled) namesto zamenjave ene z drugo, da operater na en pogled vidi število
+podoken in pozornostna podokna, brez preklapljanja.
+
+→ [`crates/colibri-glasspane-tui/src/main.rs`](../../crates/colibri-glasspane-tui/src/main.rs)
+(`needs_attention`, `render_attention_bar`, `attention_indices`)
+
+### Zajem terminala je dopolnilni signal
+
+Avtomat stanj je _"kar agent pove"_ (strukturirani dogodki JSONL). Zajem
+terminala je _"kar prikazuje zaslon"_ — dejansko besedilo podokna, razvrščeno
+po znanih okvarjenih vzorcih. Podokno je lahko `Working`, medtem ko njegov
+zaslon kaže `Active: failed (Result: exit-code)`. Pozornost je pogled nad
+**obema**.
+
+`TerminalRecorder` hrani omejeno zgodovino okvirjev (`DEFAULT_HISTORY_CAPACITY`
+= 256 okvirjev). Identiteta okvirja je **SHA-256 očiščenega besedila**, zato
+se poizvedovanje skoraj statičnega podokna vsako sekundo strne v zgoščen
+dnevnik dejanskih prehodov stanja namesto tisočev podvojenih okvirjev.
+`capture_tmux_pane` za zajem pokliče `tmux`, toda `observe()` sprejme surovo
+besedilo neposredno — logika razpoznavanja in triaže je v celoti preizkusljiva
+brez priključenega terminala.
+
+→ [`crates/colibri-glasspane/src/terminal.rs`](../../crates/colibri-glasspane/src/terminal.rs)
+(`TerminalRecorder`, `Observation`, `capture_tmux_pane`)
+
+### Triaža prepoznav, podatkovno gnana po OS
+
+`SignatureSet` pregleda očiščeno besedilo terminala in razvrsti zaslon v
+`failures` / `warnings` / `info` / `healthy` (`Severity::{Error, Warn, Info, Ok}`).
+Vzorci se ujemajo kot podnizi brez razlikovanja velikosti črk; prvi zadetek
+zabeleži prepoznavo in ni poročan dvakrat. Vsak zadetek nosi človeški
+`next_action` in neobvezni `invoke` (veščino, ki jo agent lahko zažene za
+odpravo) — zadetek ni "nekaj se je zgodilo", ampak "tukaj je, kaj to pomeni
+in kaj storiti".
+
+Mehanizem zaznavanja je **podatkovno gnan**: gostitelj FreeBSD in gostitelj
+Linux naložita različne nabore `Signature`, a si delita isti ujemalnik.
+`SignatureSet::linux_default` prinaša majhen začetni nabor; klicatelji
+zgradijo svojega z `SignatureSet::new`. To je gumb na OS, na katerega se
+opira Colibrjevo usmerjanje po zmožnostih.
+
+→ [`crates/colibri-glasspane/src/signatures.rs`](../../crates/colibri-glasspane/src/signatures.rs)
+(`SignatureSet`, `Severity`, `Signature`, `Detection::alertable`)
+
+### Opozorila so robno sprožena, ne nivojsko
+
+Prepoznava napake/opozorila se sporoči **samo ob okvirju, kjer se prvič
+pojavi**, ne ob vsakem naslednjem okvirju, ki jo še prikazuje — vrnjeno kot
+`Observation::Recorded { uuid, new_alerts }` samo z novimi sproženimi
+zadetki. Ko se stanje počisti in pozneje ponovi, se sproži znova. Nivojsko
+sprožena opozorila ob 1s poizvedovanju bi ponovno obveščala vsako sekundo za
+čas trajanja zataknjenega podokna; robno sproženje pomeni, da vsako opozorilo
+pomeni "to se je pravkar začelo".
+
+→ [`crates/colibri-glasspane/src/terminal.rs`](../../crates/colibri-glasspane/src/terminal.rs)
+(`TerminalRecorder::observe`, `Observation::new_alerts`)
+
+## Kaj je še odprto
+
+- **Izhodno potiskanje.** Pozornost je prikazana na zaslonu (vrstica,
+  poudarjanje). Operater nadzoruje brezglave gostitelje prek Tailscale, ne z
+  gledanjem TUI. Potiskanje pozornosti **navzven** — namizno obvestilo na živi
+  sliki in sporočilo Telegram — je najpomembnejši nedokončan kos. Žeton je že
+  pripravljen; prenos (`colibri notify` proti dogodku glasspane, ki ga sproži
+  kljuka harnessa) je neodločen.
+- **Odgovarjanje blokiranemu agentu z nadzorne plošče.** API posnetkov je
+  namenoma bralno usmerjen. Pisalna pot ("pošlji vnos v podokno N" prek
+  vtičnice demona) bi operaterju omogočila, da se odzove na `Blocked` podokno
+  iz TUI. Spremeni vtičnico iz nadzora v interaktivno upravljanje — lasten
+  načrtovalski prehod.
+
+## Glej tudi
+
+- [glasspane](./glasspane.md) — avtomat stanj, nad katerim je pozornost pogled
+- [tui](./tui.md) — nadzorna plošča, ki prikazuje pozornost
+- [terminal](./terminal.md) — terminalska zmožnost, na katero se opirajo bližnjice pozornosti
diff --git a/docs/wiki/sl/task-board.md b/docs/wiki/sl/task-board.md
new file mode 100644
index 0000000..0d6d317
--- /dev/null
+++ b/docs/wiki/sl/task-board.md
@@ -0,0 +1,101 @@
+---
+title: Tabla opravil + razporejevalnik
+description: Kako Colibri hrani operaterska opravila in jih razporeja med agente glede na zmožnosti.
+---
+
+← [kazalo](./index.md)
+
+## Kaj je to
+
+Colibrjeva tabla opravil hrani delovne naloge, ki jih odda operater, razporejevalnik
+pa jih ob vsakem taktu dodeli najprimernejšemu agentu. Opravila pritekajo prek
+Unix vtičnice demona (`create-task`, `intake-task`), prazni pa jih zanka
+razporejevalnika, ki teče znotraj demona vsakih ~30 sekund.
+
+## Odločitve
+
+### Točkovanje po zmožnostih (najboljše ujemanje, ne prvo)
+
+Ko razporejevalnik izbira agenta za opravilo, točkuje vsakega razpoložljivega
+agenta glede na **zahtevane zmožnosti** opravila s preprostim štetjem preseka:
+`|zahtevane ∩ agentove_zmožnosti| / |zahtevane|`. Agent z najvišjim številom
+točk zmaga; izenačenja razreši ime agenta (deterministično, da ponovni teki ne
+premetavajo).
+
+Opravilo z `["freebsd", "zfs"]` se bo ujemalo z agentom, ki ima obe zmožnosti,
+pred tistim, ki ima samo `freebsd`. Opravilo brez zahtevanih zmožnosti ustreza
+vsakemu agentu. Agenti brez povezave in agenti, katerih zmožnosti se sploh ne
+sekajo, so preskočeni.
+
+**Zakaj ne krožno ali FIFO**: ujemanje po zmožnostih pomeni, da pravi agent
+dobi pravo delo brez operaterskega ročnega dodeljevanja. Točkovanje je
+preprosto (presek množic) in pregledno — brez strojnega učenja, brez uteži za
+uglaševanje.
+
+→ [`crates/colibri-daemon/src/scheduler.rs`](../../crates/colibri-daemon/src/scheduler.rs)
+(`capability_match_score`, `pick_agent`)
+
+### Tri vrste urnikov (cron, interval, enkrat)
+
+| Vrsta    | Obnašanje                                                      |
+| -------- | -------------------------------------------------------------- |
+| Cron     | Sproži ob določenem stenskem času (npr. `0 0 * * *` = polnoč). |
+| Interval | Sproži po določenem trajanju od zadnjega teka (npr. 3600s).    |
+| Enkrat   | Sproži natanko enkrat, ob določenem prihodnjem času.           |
+
+Cron vzorci so preprosti 5-poljski izrazi (minuta, ura, dan, mesec, dan v
+tednu) z nadomestnimi znaki — brez sekundne natančnosti, brez sintakse
+`/step`. Ujemanje uporablja primerjavo predpone: cron vzorec se ujema, če se
+vsako polje trenutnega časa začne z nizom vzorca, torej `0` ustreza `00`, `1`
+ustreza `10-19` itd. To je namenoma preprosto — cron je pripomoček za
+periodično hišno opravilo, ne splošni opravilni pogon.
+
+**Zakaj ne prava cron knjižnica**: naloga razporejevalnika je razpošiljanje
+opravil agentom, ne upravljanje koledarja. Preprosti predponski cron pokrije
+90 % primerov uporabe (dnevne gradnje, urna poročila) brez dodatne odvisnosti
+za razčlenjevanje.
+
+→ [`crates/colibri-daemon/src/scheduler.rs`](../../crates/colibri-daemon/src/scheduler.rs)
+(`should_fire`)
+
+### Praznjenje vnosne vrste (vrsta → tabla opravil → agent)
+
+Ukaz `intake-task` prek vtičnice potisne opravilo v vnosno vrsto. Ob vsakem
+taktu razporejevalnika (~30s) zanka izprazni vnosno vrsto v shrambo SQLite na
+tabli opravil, nato preveri zapadla načrtovana opravila. To dvofazno
+praznjenje loči oddajo od izvajanja: operater odds kadar koli, razporejevalnik
+obdeluje v paketih.
+
+Opravila v vnosni vrsti nosijo **niz zmožnosti** (ne ID agenta).
+Razporejevalnik izbere najboljšega agenta ob času izvajanja, zato bo opravilo,
+oddano ko noben ujemajoči agent ni na voljo, prevzeto, ko se eden poveže.
+
+**Zakaj vnosna vrsta in ne neposredna dodelitev**: agenti prihajajo in
+odhajajo. Če bi oddaja zahtevala izbiro agenta, bi operater moral vedeti,
+kateri agenti so na voljo — sklopitev, ki se ji tabla opravil namenoma izogne.
+
+→ [`crates/colibri-daemon/src/scheduler.rs`](../../crates/colibri-daemon/src/scheduler.rs)
+(`Scheduler`, `add_job`, `submit`),
+[`crates/colibri-daemon/tests/intake_scheduler_loop.rs`](../../crates/colibri-daemon/tests/intake_scheduler_loop.rs)
+
+### Podlaga SQLite (vgrajeno, ne storitev)
+
+Tabla opravil hrani opravila, registracije agentov, podatke o najemnikih in
+katalog veščin v vgrajeni podatkovni zbirki SQLite na
+`/var/db/colibri/colibri.sqlite`. Brez ločenega podatkovnega procesa — demon
+odpre datoteko neposredno.
+
+**Zakaj SQLite, ne PostgreSQL**: demon teče na operaterskem USB-ju in na
+nameščenih gostiteljih. Polna storitev PostgreSQL je pretežka za
+koordinacijsko stanje enega samega demona. SQLite je brez konfiguracije, brez
+administracije in preživi ponovne zagone demona brez ločenega življenjskega
+cikla. Matično vozlišče uporablja PostgreSQL za hive register, ker je
+večnajemniško; krajevni demon je enonajemniški.
+
+→ [`crates/colibri-store/src/lib.rs`](../../crates/colibri-store/src/lib.rs)
+
+## Glej tudi
+
+- [mother-hive](./mother-hive.md) — matični hive register, osnovan na PostgreSQL
+- [cost-model](./cost-model.md) — sledenje stroškov po seji
+- [agent-harness](./agent-harness.md) — samodejni zagon
-- 
2.45.3


From d9ef0a94e259021b90744cdb47c48e724cb0ed29 Mon Sep 17 00:00:00 2001
From: Sam & Claude <samo.blatnik@gmail.com>
Date: Fri, 26 Jun 2026 11:05:30 +0200
Subject: [PATCH 02/19] docs(sl): install pages use clawdie flow (drop just
 install)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---
 docs/guide/sl/install/controlplane-install.md | 24 ++----
 docs/guide/sl/install/index.md                |  2 +-
 docs/guide/sl/install/install.md              | 73 +++++++++++++++++++
 docs/guide/sl/install/requirements.md         |  8 +-
 4 files changed, 84 insertions(+), 23 deletions(-)
 create mode 100644 docs/guide/sl/install/install.md

diff --git a/docs/guide/sl/install/controlplane-install.md b/docs/guide/sl/install/controlplane-install.md
index 97ca5af..e9231ed 100644
--- a/docs/guide/sl/install/controlplane-install.md
+++ b/docs/guide/sl/install/controlplane-install.md
@@ -1,24 +1,16 @@
 ---
 title: 'Namestitev krmilne ravnine'
-description: Namestite krmilno ravnino Clawdie s standardnim orkestratorjem.
+description: Namestite gostiteljsko storitev krmilne ravnine Clawdie z binarno datoteko clawdie.
 ---
 
-Krmilno ravnino namesti standardni orkestrator:
+Krmilna ravnina teče kot storitev `clawdie` (`colibri-daemon`), ki jo pripravi
+binarna datoteka `clawdie`:
 
 ```bash
-just install
+cargo build -p clawdie --release
+clawdie apply --yes
 ```
 
-Root namestitev poganja krmilno ravnino kot storitev Clawdie, ki jo upravlja
-gostitelj. Orkestrator skupaj nastavi PF, delovne ječe, PostgreSQL, hostd,
-namestitev storitve, kontrolne točke in stanje za nadaljevanje.
-
-Če namestitev ne uspe, nadaljujte od neuspelega koraka:
-
-```bash
-just install-from-db
-just install-from hosts
-just install -- --dry-run
-```
-
-Kanonično ime mostu Bastille/Warden je `warden0`.
+Najprej si oglejte načrt z `clawdie plan` (`apply` je suhi tek, dokler ne dodate
+`--yes`). Za celoten nabor ukazov in strategijo shrambe glejte
+[Namestitev](./install/). Kanonično ime mostu Bastille/Warden je `warden0`.
diff --git a/docs/guide/sl/install/index.md b/docs/guide/sl/install/index.md
index 055c0c3..3360809 100644
--- a/docs/guide/sl/install/index.md
+++ b/docs/guide/sl/install/index.md
@@ -21,5 +21,5 @@ To pot uporabite za nov stroj ali ponovno namestitev z zagonskega medija.
 To pot uporabite, kadar je FreeBSD 15.x že nameščen in gostitelja upravljate sami.
 
 - [Zahteve](./requirements/) — zahteve glede gostitelja, izvajalnega okolja in orodjarne.
-- [Namestitveni orkestrator](./install/) — zaženite `just install` in nadaljujte neuspele korake.
+- [Namestitev](./install/) — pripravite gostiteljsko storitev z binarno datoteko `clawdie` (`clawdie discover` / `plan` / `apply --yes`).
 - [Kontrolni seznam za svežo namestitev](./fresh-install-checklist/) — preverite dokončano namestitev.
diff --git a/docs/guide/sl/install/install.md b/docs/guide/sl/install/install.md
new file mode 100644
index 0000000..f9b7393
--- /dev/null
+++ b/docs/guide/sl/install/install.md
@@ -0,0 +1,73 @@
+---
+title: Namestitev
+description: Pripravite gostiteljsko storitev Clawdie z binarno datoteko clawdie.
+---
+
+**Ukaz:** `clawdie apply --yes`
+
+Clawdie namesti binarna datoteka `clawdie` (`crates/clawdie`). Zazna postavitev
+ZFS na gostitelju in pripravi storitev `clawdie`: nabore podatkov za shrambo,
+storitveni račun ter enoto rc.d (FreeBSD) / systemd (Linux), ki poganja
+`colibri-daemon`. Izgradite jo iz delovnega prostora Cargo:
+
+```bash
+cargo build -p clawdie --release
+```
+
+## Ukazi
+
+```bash
+clawdie discover            # samo branje: OS, bazeni ZFS, nabori podatkov, proste plošče
+clawdie plan [--pool IME]   # prikaže načrt namestitve (suhi tek, brez pisanja)
+clawdie apply [--pool IME]  # suhi tek, razen če dodate --yes
+clawdie apply --yes         # pripravi: postavitev shrambe + namesti storitev
+```
+
+`apply` je **privzeto suhi tek** in izpiše celoten načrt korakov; na disk piše le
+z `--yes`. Z enim bazenom ZFS se ta izbere samodejno; z več jih navedite z
+`--pool IME`.
+
+## Strategija shrambe
+
+| Gostitelj              | Vedenje                                                                     |
+| ---------------------- | --------------------------------------------------------------------------- |
+| FreeBSD                | ZFS je **zahtevan**; nabori podatkov nastanejo pod izbranim bazenom.        |
+| Linux + ZFS + bazen    | Enako — nabori podatkov pod bazenom.                                        |
+| Linux, brez ZFS/bazena | Preklopi na navadne imenike in poroča o prednostih ZFS ter prostih ploščah. |
+
+Postavitev ZFS pod bazenom:
+
+```text
+<pool>/clawdie        (vsebnik, canmount=off)
+<pool>/clawdie/db     -> /var/db/clawdie
+<pool>/clawdie/log    -> /var/log/clawdie
+```
+
+## Kaj pripravi `apply --yes`
+
+1. **Shramba** — zgornji nabori podatkov (ali navadna `/var/db/clawdie` +
+   `/var/log/clawdie` pri preklopu na navadne imenike).
+2. **Storitveni račun** — `clawdie` (nologin), lastnik stanja
+   (`clawdie:clawdie`).
+3. **Storitev** — enota rc.d (FreeBSD) / systemd (Linux), nameščena in omogočena
+   za poganjanje `/usr/local/bin/colibri-daemon`.
+
+## Ustvarjanje bazena (uničujoče)
+
+Na gostitelju s prosto ploščo in brez uporabnega bazena:
+
+```bash
+clawdie apply --pool IME --create-pool /dev/PLOSCA --yes
+```
+
+`--create-pool` požene `zpool create` na `PLOSCA` in **uniči vse podatke na
+njej**, zato je zavrnjeno, razen če je plošča zaznana kot prazna. Stražo preglasi
+`--force`, le če ste prepričani.
+
+## Varnost
+
+Koraki, ki se dotikajo diska, tečejo kot root na ciljnem gostitelju. `discover`,
+`plan` in goli `apply` nikoli ne pišejo — najprej preglejte z `plan`.
+
+Priprava ječ, baze in spletne storitve (CMS) še ni del namestitvenega programa
+colibri.
diff --git a/docs/guide/sl/install/requirements.md b/docs/guide/sl/install/requirements.md
index c912f64..86be56a 100644
--- a/docs/guide/sl/install/requirements.md
+++ b/docs/guide/sl/install/requirements.md
@@ -5,7 +5,7 @@ description: Zahteve glede gostitelja, izvajalnega okolja in orodjarne za Clawdi
 
 Kaj potrebujete na gostitelju pred namestitvijo Clawdie. Namestitveni program z
 ISO večino tega samodejno pripravi; namestitve na obstoječem gostitelju naj te
-zahteve preverijo pred zagonom `just install`.
+zahteve preverijo pred zagonom `clawdie apply`.
 
 ## Gostitelj
 
@@ -18,11 +18,7 @@ zahteve preverijo pred zagonom `just install`.
 
 ## Orodjarna
 
-- **Rust** prek rustup, nameščen pod `/opt/clawdie/rustup`. Potreben za domorodne
-  odvisnosti (SWC, tree-sitter). ISO ga namesti; namestitve na obstoječem
-  gostitelju ga zaženejo iz
-  [`Namestitvenega orkestratorja`](./install).
-- **Node.js + tsx** za namestitvene skripte in izvajalno okolje.
+- **Rust** (Cargo) — izgradite z `cargo build -p clawdie --release`. Glejte [Namestitev](./install/).
 - **Bastille** za upravljanje ječ.
 
 ## Filozofija izvajalnega okolja
-- 
2.45.3


From 3ec68ff860800a70cf22ed186facc0f6eda307c0 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:01:57 +0200
Subject: [PATCH 03/19] =?UTF-8?q?docs(sl):=20translate=20wiki=20group=201?=
 =?UTF-8?q?=20=E2=80=94=20glasspane,=20agent-harness,=20naming,=20quality-?=
 =?UTF-8?q?gates,=20store-schema?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/wiki/sl/agent-harness.md    |  60 +++++++++++++
 docs/wiki/sl/glasspane.md        | 150 +++++++++++++++++++++++++++++++
 docs/wiki/sl/naming-decisions.md |  63 +++++++++++++
 docs/wiki/sl/quality-gates.md    |  53 +++++++++++
 docs/wiki/sl/store-schema.md     | 145 ++++++++++++++++++++++++++++++
 5 files changed, 471 insertions(+)
 create mode 100644 docs/wiki/sl/agent-harness.md
 create mode 100644 docs/wiki/sl/glasspane.md
 create mode 100644 docs/wiki/sl/naming-decisions.md
 create mode 100644 docs/wiki/sl/quality-gates.md
 create mode 100644 docs/wiki/sl/store-schema.md

diff --git a/docs/wiki/sl/agent-harness.md b/docs/wiki/sl/agent-harness.md
new file mode 100644
index 0000000..b936de4
--- /dev/null
+++ b/docs/wiki/sl/agent-harness.md
@@ -0,0 +1,60 @@
+---
+title: Agentska oprema: zot + Colibri
+description: Dve binarni datoteki, ne ena — zot (agent, Go) in Colibri (krmilna ravnina, Rust).
+---
+
+← [kazalo](./index.md)
+
+## Odločitev
+
+Dve binarni datoteki, ne ena (Sam je zavrnil združitev, 13. junij 2026):
+
+- **zot** — _agent_ (vhodna vrata do modela). Binarna datoteka Go; deluje.
+- **Colibri** — _krmilna ravnina_ (nadzornik). Rust; opazuje agente prek
+  glasspane, poganja tablo opravil, upravlja stroške. **Opazuje** zot/pi; ne
+  vsebuje ju.
+
+Kanonična izjava: `AGENTS.md` (vrstice ~18–32). `clawdie-ai` (TS) se krči;
+preživele funkcije se selijo v zot/Colibri.
+
+> **Ni** dokumenta `ADR-agent-harness-consolidation.md` (v preteklosti je bil
+> omenjen; te reference so bile od takrat očiščene). Obravnavaj `AGENTS.md`
+> kot ADR.
+
+## Izvajalna okolja
+
+Glasspane normalizira dogodke iz obeh oprem v eno taksonomijo prek
+`AgentRuntime { Pi, Zot, Local }` — `crates/colibri-glasspane/src/lib.rs`
+(`zot_event_type()` preslika zotove dogodke na imena v slogu pi).
+
+## Samodejni zagon + gonilnik RPC (colibri#143)
+
+Pogodba zaganjalnika: zaženi agenta, beri stdout JSONL.
+
+- **pi** se sam poganja (`pi --mode json`) s `stdin` null — ustreza
+  neposredno.
+- Edini strukturirani trajni način **zot** je `zot rpc`, vrstnik
+  zahteva/odgovor, ki **bere stdin**. Zato zaganjalnik napelje stdin za RPC
+  agente in demon pošlje poziv prek `RpcSender`.
+
+Kje živi:
+
+- pogodba zaganjalnika + `rpc_stdin` + `RpcSender`: `crates/colibri-daemon/src/spawner.rs`
+- argv samodejnega zagona, ki se zaveda binarne datoteke (`zot → rpc`, pi → `--mode json`):
+  `crates/colibri-daemon/src/socket.rs` (`default_agent_args`, `autospawn_agent_if_configured`)
+- žični format (preverjen proti pravemu zot): [agent-events-reference](./agent-events-reference.md)
+- dokaz od konca do konca, zot: `crates/colibri-daemon/tests/zot_rpc_smoke.rs`
+  (`#[ignore]`, `ZOT_BIN`-pogojen — potrebuje pravo binarno datoteko zot)
+- dokaz od konca do konca, pi: `crates/colibri-daemon/tests/pi_spawn_live.rs`
+  (ne-ignoriran, teče v vsakem `cargo test` — uporablja `sample-pi-agent.py`, ki
+  oddaja taksonomijo colibri-pi-events, preverjeno proti pravemu pi)
+- pogodba argv samodejnega zagona: `crates/colibri-daemon/src/socket.rs`
+  (testi enot `default_agent_args` — zot→rpc, pi→--mode json)
+
+Privzeta oprema OOTB je **zot**; pi ostaja podprta rezerva
+(`COLIBRI_AUTOSPAWN_BINARY=pi`).
+
+## Glej tudi
+
+- [naming-decisions](./naming-decisions.md) — nevtralno poimenovanje `pi → zot`
+- [quality-gates](./quality-gates.md) — kako je napol dokončano preimenovanje doseglo `main`
diff --git a/docs/wiki/sl/glasspane.md b/docs/wiki/sl/glasspane.md
new file mode 100644
index 0000000..ced9ac8
--- /dev/null
+++ b/docs/wiki/sl/glasspane.md
@@ -0,0 +1,150 @@
+---
+title: Glasspane — nadzor stanja agentov
+description: Colibrijeva plast za opazovanje agentov. Gleda podprocese agentov prek JSONL, zlaga tok v semantični avtomat stanj in izpostavlja API posnetkov.
+---
+
+← [kazalo](./index.md)
+
+## Kaj je to
+
+Glasspane je Colibrijeva plast za opazovanje agentov. Opazuje podprocese
+agentov prek njihovega stdout JSONL, zlaga tok v semantični avtomat stanj
+(`Idle → Working → Done`) in izpostavlja API posnetkov za nadzorne plošče in
+koordinacijo demona. Vsak zagnani agent — Pi, zot ali krajevni sample — se
+pretaka skozi isti vnosnik in konča v isti taksonomiji.
+
+## Odločitve
+
+### Stanje agenta kot avtomat stanj, ne surovi dnevnik dogodkov
+
+Glasspane ne posreduje samo surovih agentskih dogodkov. Zaužije vrstice JSONL
+in prehaja **poimenovano podokno** skozi končno množico stanj:
+
+```
+Idle → Working → Blocked → Done
+         ↳ Error
+```
+
+Enum `AgentState` (`Idle, Working, Blocked, Done, Error`) je namenoma majhen.
+Zajame tisto, kar nadzornik potrebuje vedeti — "ali agent dela? je blokiran?
+je končal?" — brez kodiranja agentsko-specifične semantike. Dogodki, ki ne
+spremenijo stanja (npr. poročilo o uporabi iz zot), so zabeleženi v metapodatkih
+podokna, vendar ne vplivajo na avtomat stanj.
+
+`Stalled` **ni** šesta različica — je izpeljana zastavica: podokno je stalled,
+ko v `DEFAULT_STALL_AFTER` (4 ure) ni prispel noben dogodek. Izpeljano
+pozornost (Error / Blocked / Stalled) pokriva
+[operator-attention](./operator-attention.md).
+
+**Zakaj ne preprosto slediti dnevniku**: surovi dnevniki dogodkov so
+agentsko-specifični in se sčasoma spreminjajo (zot dodaja nove vrste
+dogodkov). Avtomat stanj je stabilna pogodba, na katero se lahko zanesejo
+demon, TUI in odjemalski CLI.
+
+→ [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
+
+### Pretakanje JSONL (ena vrstica = en dogodek)
+
+Agenti oddajajo strukturirane dogodke kot JSON, ločen z novimi vrsticami, na
+stdout. Glasspane bere vrstico za vrstico z `BufReader`, deserializira vsako
+vrstico in jo poda v `PiJsonlIngestor` (ime je podedovano — obdeluje tudi zot
+dogodke).
+
+Bralnik teče v **eni sami nalogi ozadja na podokno** (`pane_reader_loop`).
+Nikoli ne blokira glavne zanke demona — vnosnik je sinhrono zlaganje, ki
+posodablja stanje podokna v pomnilniku, API posnetkov pa bere iz
+`Arc<RwLock<...>>` brez sporov na vroči poti bralnika.
+
+Napačno oblikovane vrstice so **preskočene** s povečanjem števca, ne kot
+napaka — izpadi v JSONL agenta ne smejo zrušiti opazovalca.
+
+**Zakaj JSONL, ne vtičnica ali gRPC**: agent je podproces, ne storitev.
+stdout je univerzalni vmesnik — vsak jezik, vsaka oprema, brez nastavitve.
+JSONL je trivialno pisati iz bash, Go, Python, Rust. Strukturiran žični
+format bi dodal odvisnost in rokovanje vsakemu agentu.
+
+→ [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
+(`PiJsonlIngestor`, `pane_reader_loop`)
+
+### `AgentRuntime { Pi, Zot, Local }` — ena taksonomija za dve opremi
+
+Pi in zot oddajata **različne** surove vrste dogodkov: Pi uporablja
+`agent_start` / `turn_end`, zot uporablja `turn_start` / `done`. Glasspane
+preslika oba v iste prehode `AgentState` prek `zot_event_type()`. Enum
+`AgentRuntime` označi vsako podokno z njegovo opremo, da funkcija preslikave
+ve, kateri besednjak dogodkov naj razčleni.
+
+Polje `session_id` v strukturi `Pane` uporablja
+`#[serde(alias = "pi_session_id")]` za povratno združljivost s
+pred-nevtralnostnimi serializiranimi posnetki.
+
+**Zakaj ne dva ločena avtomata stanj**: TUI, razporejevalnik demona in
+odjemalski CLI morajo vsi vprašati "v kakšnem stanju je ta agent?" — vseeno
+jim je, ali je zot ali Pi. Ena taksonomija, en API. Preslikava je ~50-vrstična
+funkcija, ne podsistem.
+
+→ [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
+(`zot_event_type`, `AgentRuntime`)
+
+### API posnetkov (bralno usmerjen, ne pisalno)
+
+Glasspane izpostavlja objekt posnetka (celoten nabor podoken s trenutnim
+stanjem, ID seje, časovnim žigom in metapodatki) prek `Arc<RwLock<...>>`.
+Demon ga streže prek svoje Unix vtičnice bralcem odjemalcev. Pisanja se
+zgodijo enkrat na dogodek; branja so pogosta (pogledi TUI, statusna preverjanja
+CLI).
+
+**Zakaj RwLock, ne kanali**: pisalna pot je nizkofrekvenčna (agentski JSONL s
+hitrostjo človeškega branja), bralna pot pa v običajnem primeru brez zaklepa.
+Zasnova, osnovana na kanalih, bi dodala medpomnjenje in semantiko dostave za
+problem, ki je v osnovi o trenutnem stanju, ne o dostavi dogodkov.
+
+→ [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
+(`Supervisor`, `snapshot`)
+
+## Načrt uporabnosti (TODO)
+
+**Pozornostna** polovica tega načrta je dostavljena: izpeljan predikat
+pozornosti, pozornostna vrstica TUI / tipke za skok / filter / poudarjanje
+vrstic in robno sprožena opozorila zajema terminala. Glej
+[operator-attention](./operator-attention.md) za dostavljen sistem. Kar
+ostaja tukaj, je resnično nezgrajena smer.
+
+### Potisna obvestila navzven, ne samo na zaslonu
+
+Operater nadzoruje brezglave gostitelje prek Tailscale, ne z buljenjem v TUI.
+Ko podokno sproži pozornost (ali doseže `Done`), jo potisni **navzven**:
+namizno obvestilo na živi sliki (XFCE) in sporočilo **Telegram** (žeton je že
+pripravljen). Eksplicitna pot v slogu `colibri notify` — ali vrsta dogodka
+glasspane, ki jo sproži kljuka zot/Pi — omogoča agentu reči "blokiran sem",
+namesto da se zanašamo samo na izpeljano stanje. Največji učinek v resničnem
+svetu.
+
+### Bogatejše vrstice podoken (kontekst na prvi pogled)
+
+Glasspane že shranjuje dogodke, ki ne spreminjajo stanja, v metapodatkih
+podokna. Prikaži jih v vrstici TUI: trenutni **repo/veja**, **zadnja
+vrstica/povzetek naloge**, **ječa**, v kateri agent teče, neobvezno vrata za
+poslušanje. Spremeni "Working" v "Working on `fix/x` v ječi `cms`, zadnje:
+running tests".
+
+### Ohrani zgodovino podoken med ponovnimi zagoni demona
+
+Nadzornik je v pomnilniku (`Arc<RwLock<...>>`); ponovni zagon demona izgubi
+časovnico. Ohrani prehode/zgodovino podoken, da vrnitev po urah (ali ponovnem
+zagonu) ohrani "kaj se je zgodilo, ko me ni bilo". Lahka trajnost, ne nov
+podsistem.
+
+### Odgovori blokiranemu agentu z nadzorne plošče (večji dvig)
+
+API posnetkov je namenoma bralno usmerjen. Prihodnja pisalna pot — "pošlji
+vnos v podokno N" prek vtičnice demona — bi operaterju omogočila **odziv**
+blokiranemu agentu iz `colibri-tui`, ne samo opazovanje/zagon/uboj. To je
+smer, ne hitra zmaga; spremeni vtičnico iz bralnega nadzora v interaktivno
+upravljanje in potrebuje lasten načrtovalski prehod.
+
+## Glej tudi
+
+- [agent-harness](./agent-harness.md) — razcep zot/Colibri, ki ga Glasspane opazuje
+- [operator-attention](./operator-attention.md) — dostavljena plast pozornosti/opozoril nad tem avtomatom stanj
+- [naming-decisions](./naming-decisions.md) — `pi_session_id → session_id`, `pi_type → event_type`
diff --git a/docs/wiki/sl/naming-decisions.md b/docs/wiki/sl/naming-decisions.md
new file mode 100644
index 0000000..60306d7
--- /dev/null
+++ b/docs/wiki/sl/naming-decisions.md
@@ -0,0 +1,63 @@
+---
+title: Imenik odločitev o poimenovanju
+description: Živa evidenca preimenovanj, ki so jih pognale presežene predpostavke — da je prihodnji odmik preverljiv proti enemu seznamu.
+---
+
+← [kazalo](./index.md)
+
+Živa evidenca preimenovanj, ki so jih pognale presežene predpostavke, da je
+prihodnji odmik preverljiv proti enemu seznamu. "Dostavljeno" pomeni združeno
+v `main`; preveri proti povezani kodi, preden zaupaš vrstici.
+
+## Načelo poimenovanja — privzeto nevtralno glede na opremo
+
+Poimenuj stvar po tem, kar **je**, ne po opremi, ki je trenutno privzeta:
+
+- **Nevtralen koncept** (vsaka oprema ga ima — ID seje, vrsta dogodka,
+  samodejni zagon, "agent") → **nevtralno ime**. Oprema je _nastavljiva
+  vrednost_ (npr. `COLIBRI_AUTOSPAWN_BINARY=zot`), nikoli zapečena v ime in
+  vedno preglasljiva s strani operaterja.
+- **Stvar, specifična za opremo** (dejanski žični format ene opreme) → ime
+  opreme sodi vanjo, vzporednice pa ostanejo simetrične (`zot_event_type` ↔
+  `pi_event_type`, `AgentRuntime::{Zot, Pi}`), tako da nobena ni
+  privilegirana.
+
+Vrstice `pi_*` v [Dostavljeno](#dostavljeno) so svarilna zgodba: nevtralni
+koncepti, napačno poimenovani po opremi. Enako velja za dokumentacijo —
+referenca na opremo je nevtralna (`AGENT-EVENTS-REFERENCE`), ne `ZOT-…`, razen
+če resnično gre samo za eno opremo.
+
+## Dostavljeno
+
+| Staro → Novo                                     | Zakaj                                                                                     | Sidro                                          |
+| ------------------------------------------------ | ----------------------------------------------------------------------------------------- | ---------------------------------------------- |
+| `COLIBRI_AUTOSPAWN_PI` → `COLIBRI_AUTOSPAWN`     | Nevtralno glede na opremo (privzeti agent je zot, ne pi)                                  | `crates/colibri-daemon/src/socket.rs`          |
+| `COLIBRI_PI_BINARY` → `COLIBRI_AUTOSPAWN_BINARY` | enako                                                                                     | `socket.rs` (`autospawn_agent_if_configured`)  |
+| `pi_session_id` → `session_id`                   | zot agenti imajo tudi ID-je sej; `#[serde(alias)]` ohranja povratno združljivost          | `crates/colibri-glasspane/src/lib.rs` (`Pane`) |
+| `sample-pi-agent.py`                             | Preimenovano iz podedovanega imena testnega agenta; oddaja konzerviran _sample_           | `scripts/sample-pi-agent.py`                   |
+| nelokalni privzeti spawn `hermes-agent` → `zot`  | `hermes-agent` je bil neobstoječ ostanek binarne datoteke                                 | `socket.rs` (`default_agent_args`)             |
+| `usb_nodes` → `hive_nodes`                       | vozlišče je vsak gostitelj, ki se je pridružil hive, ne samo USB zagon (`+node_type`)     | `packaging/mother/mother_schema.sql`           |
+| `pi_type` → `event_type`                         | notranje ime za normalizirano vrsto dogodka; nevtralno glede na opremo (ni serializirano) | `crates/colibri-glasspane/src/lib.rs`          |
+
+## V teku
+
+_Trenutno nobeno._
+
+## Znani ostanek (še ni ukrepan)
+
+| Predmet                              | Opomba                                                                                            |
+| ------------------------------------ | ------------------------------------------------------------------------------------------------- |
+| `ADR-agent-harness-consolidation.md` | Omenjen, vendar ne obstaja; `AGENTS.md` je pravo sidro. Glej [agent-harness](./agent-harness.md). |
+
+## Strukturne odločitve
+
+| Odločitev                                           | Zakaj / nauk                                                                                                                                                                                                                                      | Sidro                                                        |
+| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------ |
+| En sam dom za matično infrastrukturo = colibri      | Matični MCP skripti so bili kopirani v oba colibri in clawdie-iso; kopija iso je odnesla v **SQL-injectable** `node-register-mcp` na `main`. Ista skripta v dveh repozitorijih odnese — lint prehod bi moral označiti medrepozitorijske dvojnike. | colibri `packaging/mother/`; odstranitev iso v iso PR #129   |
+| `FEATURE_COLIBRI` je notranja, ni uporabniško vidna | colibri je privzeto vključen; `FEATURE_COLIBRI=NO` je izhod v sili ob gradnji (npr. brez prevzema colibri). README pojasnjen.                                                                                                                     | clawdie-iso #130                                             |
+| `clawdie-gui` je stabilen operaterski ukaz          | `clawdie-startx` ohranjen kot vzdevek za povratno združljivost (oba nameščena); dokumentacija uči `clawdie-gui`. Preverjeno namerno, ne odmik.                                                                                                    | `clawdie-iso/README.md` §clawdie-gui; `clawdie-iso/build.sh` |
+
+## Glej tudi
+
+- [agent-harness](./agent-harness.md)
+- [quality-gates](./quality-gates.md) — vrata, ki bi morala te ujeti ob času PR
diff --git a/docs/wiki/sl/quality-gates.md b/docs/wiki/sl/quality-gates.md
new file mode 100644
index 0000000..930dade
--- /dev/null
+++ b/docs/wiki/sl/quality-gates.md
@@ -0,0 +1,53 @@
+---
+title: Kakovostna vrata
+description: Sprememba ni "končana", dokler krajevna vrata ne uspejo — cargo fmt, clippy, cargo test, markdown vrata, wiki-lint.
+---
+
+← [kazalo](./index.md)
+
+## Odločitev
+
+Sprememba ni "končana", dokler krajevna vrata ne uspejo:
+
+```sh
+./scripts/ci-checks.sh   # cargo fmt --check, clippy -D warnings, cargo test, markdown gate, wiki-lint --strict
+```
+
+Predpotisna kljuka (`scripts/pre-push`) zažene ta ista vrata ob vsakem
+`git push` na `main` — aktiviraj enkrat na klon z `./scripts/install-hooks.sh`.
+Kljuka zavrne potisk, če katerakoli vrata padejo; obidi samo v sili z
+`--no-verify`.
+
+`.forgejo/workflows/ci.yml` kodira ista preverjanja, vendar **noben izvajalnik
+Forgejo Actions ni registriran**, zato nič ne uveljavlja preverjanj
+strežniško. Dokler izvajalnik ni aktiven, so krajevna vrata + predpotisna
+kljuka uveljavitvena plast. Navedeno kot obvezno v `AGENTS.md`.
+
+## Zakaj ta stran obstaja
+
+Napaka pri prevajanju (`pi_binary` nedefiniran, iz napol dokončanega
+preimenovanja) je dosegla `main`, ker so bila vrata preskočena _in_
+neuveljavljena. Ista revizija je ugotovila, da so bila oboja vrata takrat
+dejansko rdeča na `main`:
+
+- `clippy -D warnings` je padel na predobstoječem lintu → Rust vrata bi
+  padla za vsakogar, ki bi jih zagnal.
+- markdown vrata so padla na prettier-umazanih dokumentih.
+
+Oboje je bilo spravljeno v zeleno, zato so vrata zdaj dejansko zagonljiva.
+Nauk: vrata, ki jih nihče ne poganja (in so tako ali tako rdeča), so
+korenski vzrok, da odmik doseže `main` — bolj kot vsak posamezen spodrsljaj
+pri poimenovanju.
+
+## Odnos do tega wikija
+
+Imenik [naming-decisions](./naming-decisions.md) + `wiki-lint --strict` sta
+_pomenska_ protiutež `ci-checks.sh`: prevajalnik/clippy ujameta zlomljeno
+_kodo_, ne pa dokumenta, ki še vedno opisuje staro zasnovo, ali imena, ki je
+odneslo. Wiki lint pokriva to vrzel. Zdaj je del obveznih vrat — napaka
+odmika blokira potisk, enako kot opozorilo clippy.
+
+## Glej tudi
+
+- [agent-harness](./agent-harness.md)
+- [naming-decisions](./naming-decisions.md)
diff --git a/docs/wiki/sl/store-schema.md b/docs/wiki/sl/store-schema.md
new file mode 100644
index 0000000..022fb67
--- /dev/null
+++ b/docs/wiki/sl/store-schema.md
@@ -0,0 +1,145 @@
+---
+title: Shema shrambe
+description: Koordinacijska shramba Colibri — ena sama podatkovna zbirka SQLite, ki hrani tablo opravil, register agentov in veščin ter preslikavo najemnikov.
+---
+
+← [kazalo](./index.md)
+
+Colibrijeva koordinacijska shramba je ena sama podatkovna zbirka SQLite v
+lasti storitve `colibri`. Hrani tablo opravil, register agentov in veščin ter
+preslikavo najemnikov trezorja. Ni predpomnilnik — je trajno stanje. Večina
+pisanj gre skozi API vtičnice demona, vendar shema pripada `colibri-store`.
+
+→ `crates/colibri-store/src/schema.rs`
+
+→ `crates/colibri-store/src/lib.rs`
+
+## Odločitve
+
+### SQLite, ne PostgreSQL, za shrambo krmilne ravnine
+
+Shramba je SQLite, ker krmilna ravnina potrebuje enodatotečno podatkovno
+zbirko, ki jo je enostavno varnostno kopirati, posneti, pregledati in
+odpremiti. PostgreSQL s pgvector je načrtovan za iskanje/dolgoročni spomin,
+vendar tabla opravil in register agentov ne potrebujeta strežniškega procesa.
+
+Demon paketno združuje povezana pisanja in se zanaša na način WAL v SQLite za
+sočasne bralce. To ohranja operaterski sklad samozadosten na majhnem
+gostitelju brez diska.
+
+### WAL + tuji ključi privzeto
+
+`Store::open` ob vsakem zagonu zažene tri pragme:
+
+- `journal_mode=WAL` — bralci ne blokirajo piscev.
+- `synchronous=NORMAL` — varna sredina med polno-sinhronim in OFF.
+- `foreign_keys=ON` — FK opravilo/agent je uveljavljen.
+
+Te niso nastavljive med izvajanjem. Če bomo kdaj potrebovali drugačna jamstva
+glede trajnosti ali sočasnosti, naj bo to eksplicitno, namesto da bi povezava
+podedovala privzetke.
+
+→ `crates/colibri-store/src/lib.rs` (`Store::open`)
+
+### Samo idempotentne migracije
+
+Migracije tečejo ob vsakem `Store::open`. Uporabljajo tabele in indekse
+`IF NOT EXISTS`, tako da so ponovni teki varni. Ne odpremljamo migracij
+navzdol; razvoj sheme so aditivne tabele in stolpci. Če bo kdaj potrebna
+destruktivna migracija, mora biti to nameren ročni korak, dokumentiran v
+predaji.
+
+→ `crates/colibri-store/src/schema.rs`
+
+### Štiri tabele za štiri skrbi
+
+| Tabela    | Skrb                           | Ključna entiteta |
+| --------- | ------------------------------ | ---------------- |
+| `tasks`   | Tabla opravil                  | `Task`           |
+| `agents`  | Registrirani sodelavci         | `Agent`          |
+| `skills`  | Katalog veščin ekipe           | `Skill`          |
+| `tenants` | Preslikava najemnikov/trezorja | `Tenant`         |
+
+Opravila nosijo tuji ključ `agent_id` v `agents`. Vsako drugo razmerje je
+ohlapno — veščine niso povezane z agenti, najemniki pa so referencirani po
+svojem `tenant_id` v ukazih vtičnice in kljukah za oskrbo.
+
+→ `crates/colibri-store/src/schema.rs`
+
+### Omejitev CHECK stanja opravila je vir resnice
+
+`tasks.status` je omejen na `('queued','claimed','started','done','failed')`.
+Enum `TaskStatus` v Rustu ga zrcali, vendar je podatkovna zbirka zadnja
+vrata. Ukaz, ki poskusi vstaviti neznano stanje, pade ob času pisanja.
+
+→ `crates/colibri-store/src/schema.rs`
+
+### Zmožnosti agenta shranjene kot JSON, ne normalizirane
+
+`agents.capabilities` je JSON blob, na primer
+`["code","rust","freebsd"]`. Izognili smo se ločeni tabeli zmožnosti, ker so
+oznake zmožnosti samo nizi, register ekipe pa je majhen. Normalizirani stiki
+bi dodali zapletenost sheme brez izboljšanja moči poizvedb.
+
+Če metapodatki zmožnosti zrastejo (uteži, različice, zahtevane veščine),
+lahko to kasneje razcepimo; trenutna shema namenoma ostaja pragmatična.
+
+→ `crates/colibri-store/src/lib.rs` (`register_agent`)
+
+### Najemniki kodirajo preslikavo 1:1:1 ječa/trezor/zbirka
+
+`tenants` hrani `tenant_id`, `jail_root_path` in `collection_id` kot UNIQUE
+stolpce. Pravilo je `tenant_id = ime ječe = zbirka Vaultwarden`. To omogoča
+`colibri-vault`, da poišče ječo po imenu in natančno ve, katero pot
+gostitelja in zbirko Vaultwarden uporabiti pri pisanju datoteke okolja.
+
+Stolpec `status` najemnika sledi življenjskemu ciklu:
+`provisioned → active → stopped → destroyed`. Neodvisen je od tega, ali
+proces ječe teče; upravljanje življenjskega cikla je ločena skrb.
+
+→ `crates/colibri-store/src/schema.rs` (komentarji na `tenants`)
+
+### Privzeta pot podatkovne zbirke je specifična za platformo
+
+Privzetek shrambe je:
+
+- `COLIBRI_DB_PATH`, če je nastavljeno.
+- FreeBSD: `/var/db/colibri/colibri.sqlite`.
+- Linux/macOS: `$XDG_DATA_HOME/colibri/colibri.sqlite`, s padcem na
+  `$HOME/.local/share/colibri/colibri.sqlite`, nato `/tmp`.
+
+FreeBSD privzeto uporablja `/var/db`, ker je to običajni imenik za krajevno
+stanje storitev. Linuxov padec spoštuje XDG, tako da je razvoj na delovni
+postaji normalen.
+
+→ `crates/colibri-store/src/lib.rs` (`default_db_path`)
+
+### Izvoz JSON za varnostne kopije in paritetne teste
+
+`Store::export_json()` izvozi vse štiri tabele v en objekt JSON. Obstaja za
+paritetne dife dvojnega teka, priložnostne varnostne kopije in razhroščevanje.
+Ni primarni poizvedovalni API; večina bralcev naj uporablja tipizirane metode.
+
+## Razmerja entitet
+
+```text
+tasks.agent_id ----------> agents.id
+
+ tasks        agents        skills        tenants
+ -----        ------        ------        -------
+ id           id            id            tenant_id
+ agent_id FK  name          name          jail_root_path
+ status       capabilities  description   collection_id
+ title        status        category      status
+ description  created_at    created_at    created_at
+ created_at                              updated_at
+ updated_at
+```
+
+## Glej tudi
+
+- [task-board](./task-board.md) — življenjski cikel opravila in ujemanje zmožnosti
+- [operator-cli](./operator-cli.md) — ukazi vtičnice, ki pišejo v te tabele
+- [vault-provision](./vault-provision.md) — kako tabela najemnikov poganja oskrbo datotek env
+- [jail-confinement](./jail-confinement.md) — imena ječ se preslikajo v vrstice najemnikov
+- [skills-catalog](./skills-catalog.md) — bralni porabnik veščin
-- 
2.45.3


From 8f84eb51c2c0773570eb441bf37f35ee1807d2ca Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:05:32 +0200
Subject: [PATCH 04/19] =?UTF-8?q?docs(sl):=20translate=20wiki=20group=202?=
 =?UTF-8?q?=20=E2=80=94=20deployment,=20operator-cli,=20terminal,=20tui,?=
 =?UTF-8?q?=20headroom-sidecar?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/wiki/sl/deployment.md       | 171 +++++++++++++++++++++++++++++++
 docs/wiki/sl/headroom-sidecar.md |  49 +++++++++
 docs/wiki/sl/operator-cli.md     |  62 +++++++++++
 docs/wiki/sl/terminal.md         |  49 +++++++++
 docs/wiki/sl/tui.md              |  56 ++++++++++
 5 files changed, 387 insertions(+)
 create mode 100644 docs/wiki/sl/deployment.md
 create mode 100644 docs/wiki/sl/headroom-sidecar.md
 create mode 100644 docs/wiki/sl/operator-cli.md
 create mode 100644 docs/wiki/sl/terminal.md
 create mode 100644 docs/wiki/sl/tui.md

diff --git a/docs/wiki/sl/deployment.md b/docs/wiki/sl/deployment.md
new file mode 100644
index 0000000..cf29329
--- /dev/null
+++ b/docs/wiki/sl/deployment.md
@@ -0,0 +1,171 @@
+---
+title: Namestitev
+description: Nameščevalnik gostitelja clawdie — odkrije ZFS, pripravi podatkovne zbirke, ustvari uporabnika storitve in namesti enoto rc.d/systemd.
+---
+
+← [kazalo](./index.md)
+
+Zaboj `clawdie` je Colibrijev nameščevalnik gostitelja. Odkrije postavitev
+ZFS na napravi in pripravi storitev `clawdie`. Na FreeBSD to pomeni storitev
+rc.d, podatkovne zbirke ZFS in neprivilegiranega uporabnika. Na Linuxu lahko
+uporablja systemd in bodisi ZFS bodisi navadne imenike.
+
+→ `crates/clawdie/src/main.rs` | `crates/clawdie/src/plan.rs`
+→ `docs/ISO-SERVICE-LAYOUT.md` | `docs/CLAWDIE-INSTALLER-HANDOFF.md`
+
+## Odločitve
+
+### ZFS je obvezen na FreeBSD, priporočen na Linuxu
+
+FreeBSD ne podpira postavitve z navadnimi imeniki. Če ZFS uporabniški prostor
+manjka, načrt takoj sporoči napako. Linux lahko pade na navadne imenike, če
+ni imenovan noben bazen in ZFS ni na voljo, na zahtevo pa lahko ustvari svež
+bazen na prostem disku.
+
+To ustreza produkcijskemu cilju: goli FreeBSD na zrcalnem polju ZFS RAID1.
+Podpora za Linux omogoča razvoj in CI brez gostitelja ZFS.
+
+### Shramba je razrešena, ne nastavljena
+
+`clawdie plan` razreši shrambo v tem vrstnem redu:
+
+1. Če je podano `--pool NAME --create-pool DEVICE`, ustvari ta bazen.
+2. Če je podano `--pool NAME`, uporabi ta obstoječi bazen.
+3. Če ni podan noben bazen in obstaja natanko en bazen, ga uporabi.
+4. Če obstaja več bazenov in noben ni imenovan, napaka.
+5. Na Linuxu brez ZFS padec na navadne imenike.
+
+To odpravlja potrebo po ročno napisani topološki datoteki na tipičnih
+enobazenskih gostiteljih, hkrati pa omogoča ekspliciten nadzor, ko je
+potreben.
+
+→ `crates/clawdie/src/main.rs` (`pick_pool`, `validate_storage`)
+
+### Podatkovne zbirke ločujejo stanje od dnevnikov
+
+Ko je ZFS uporabljen, nameščevalnik ustvari:
+
+- `<pool>/clawdie` kot vsebniško podatkovno zbirko z `canmount=off`
+- `<pool>/clawdie/db` priklopljeno na `/var/db/clawdie`
+- `<pool>/clawdie/log` priklopljeno na `/var/log/clawdie`
+
+Hramba podatkovne zbirke in dnevnikov v ločenih podatkovnih zbirkah omogoča,
+da posnetki, kvote in pravilniki vrtenja dnevnikov veljajo neodvisno.
+
+→ `crates/clawdie/src/plan.rs` (`zfs_dataset_steps`)
+
+### Privzeto suhi tek
+
+`clawdie apply` izpiše načrt in konča, razen če je podano `--yes`. `discover`
+in `plan` sta samo za branje. To ščiti produkcijske gostitelje pred nenamernim
+pripravljanjem.
+
+→ `crates/clawdie/src/main.rs` (`Cmd::Apply`)
+
+### Ustvarjanje bazena je varovano pred zasedenimi diski
+
+`--create-pool` na nepraznem disku je zavrnjeno, razen če je podano tudi
+`--force`. Nameščevalnik uporablja `lsblk` na Linuxu za zaznavanje particij,
+datotečnih sistemov, priklopnih točk in korenskega diska. Varovalo je
+konzervativno: če je disk dvoumen, ga je treba eksplicitno vsiliti.
+
+→ `crates/clawdie/src/disk.rs` | `crates/clawdie/src/main.rs` (`validate_create_device`)
+
+### En sam neprivilegiran uporabnik storitve
+
+Storitev teče kot `_clawdie` na obeh platformah. Na FreeBSD je uporabnik
+ustvarjen z `pw useradd -s /usr/sbin/nologin -d /var/db/clawdie`, izhodna koda
+`65` (že obstaja) pa se obravnava kot preskok. Na Linuxu se uporabi `useradd
+--system`. Imeniki stanja se nato chownajo temu uporabniku.
+
+→ `crates/clawdie/src/platform.rs`
+
+### Upravitelji storitev, specifični za platformo, ista specifikacija
+
+`Platform` je notranji trait. Izvedbi se razlikujeta samo v tem, kako
+namestita in omogočita enoto:
+
+- FreeBSD: zapiše `/usr/local/etc/rc.d/clawdie`, uporabi `sysrc clawdie_enable=YES`.
+- Linux: zapiše `/etc/systemd/system/clawdie.service`, zažene `systemctl enable --now clawdie`.
+
+Obe uporabljata isto `ServiceSpec` (binarna datoteka, uporabnik, podatkovni
+imenik, ime storitve). Zagon `apply` na različnih platformah zato ustvari
+enako postavitev datotečnega sistema in se razlikuje samo v ovoju upravitelja
+storitev.
+
+→ `crates/clawdie/src/platform.rs` (`FreeBsd`, `Linux`)
+
+### Demon teče skozi nadzornika platforme
+
+Ustvarjeni skript rc.d za FreeBSD izvede `/usr/local/bin/colibri-daemon` skozi
+`/usr/sbin/daemon -u _clawdie`, tako da nadzornik ob zrušitvi ponovno zažene
+in proces pade na neprivilegiranega uporabnika. Enota systemd je preprosta
+storitev z `Restart=on-failure`.
+
+Nameščevalnik sam ne zažene demona ali ne pripravi binarne datoteke; samo
+ustvari okolje. Operater ali paketna gradnja pripravi `colibri-daemon` in nato
+`service clawdie start`.
+
+→ `docs/ISO-SERVICE-LAYOUT.md` (rc.d prek daemon(8))
+
+### Skrivnosti ne piše nameščevalnik
+
+Nameščevalnik se ne dotika ključev API ponudnika. Ločena datoteka — običajno
+`/usr/local/etc/colibri/provider` — hrani skrivnosti in jo pred zagonom
+demona prebere rc.d. To ohranja domet nameščevalnika omejen na ZFS, imenike,
+uporabnike in datoteke storitev.
+
+→ [vault-provision](./vault-provision.md)
+
+### Koraki se izvajajo zaporedno in se ustavijo ob napaki
+
+`deploy::apply` zažene vsak `Step` po vrsti. Koraki `Run` pokličejo lupino in
+padejo ob neničelnem izhodu, razen če korak navede dovoljene izhodne kode.
+Koraki `WriteFile` ustvarijo starševske imenike, zapišejo datoteko in jo
+chmodajo. Če katerikoli korak pade, se apply takoj ustavi in sporoči ukaz, ki
+je padel, ter stderr.
+
+→ `crates/clawdie/src/deploy.rs`
+
+## Oblika načrta
+
+```text
+clawdie plan
+  ├── ZFS layout (ali navadni imeniki)
+  │   ├── create <pool>/clawdie container
+  │   ├── create <pool>/clawdie/db -> /var/db/clawdie
+  │   └── create <pool>/clawdie/log -> /var/log/clawdie
+  └── service install
+      ├── create user _clawdie
+      ├── chown state dirs
+      ├── write service unit (rc.d / systemd)
+      ├── enable service (sysrc / systemctl)
+      └── [systemd] daemon-reload + start
+```
+
+## Tipična namestitev FreeBSD
+
+```sh
+# odkrij
+clawdie discover
+
+# predogled
+clawdie plan
+
+# pripravi podatkovne zbirke, uporabnika in storitev rc.d
+sudo clawdie apply --yes
+
+# zaženi, ko je binarna datoteka colibri-daemon pripravljena
+sudo service clawdie start
+```
+
+## Navzkrižne povezave na izvajalne poti
+
+Po namestitvi ima storitev te poti:
+
+- `/var/db/clawdie/colibri.sqlite` — koordinacijska shramba SQLite
+- `/var/run/clawdie/clawdie.sock` — Unix vtičnica demona
+- `/var/log/clawdie/daemon.log` — dnevnik stdout/stderr
+- `/usr/local/etc/colibri/` — konfiguracija in skrivnosti ponudnika
+
+→ [store-schema](./store-schema.md) | [operator-cli](./operator-cli.md)
diff --git a/docs/wiki/sl/headroom-sidecar.md b/docs/wiki/sl/headroom-sidecar.md
new file mode 100644
index 0000000..bd45985
--- /dev/null
+++ b/docs/wiki/sl/headroom-sidecar.md
@@ -0,0 +1,49 @@
+---
+title: Stranski vagon Headroom
+description: Colibri lahko neobvezno prosi krajevni stranski vagon headroom-ai, da stisne rezultate orodij, preden dosežejo proračun žetonov.
+---
+
+← [kazalo](./index.md)
+
+Colibri lahko neobvezno prosi krajevni stranski vagon `headroom-ai`, da stisne
+rezultate orodij, preden dosežejo proračun žetonov. Je ločen proces Python, ki
+posluša na drugi vtičnici Unix, in je privzeto izklopljen.
+
+→ `crates/colibri-daemon/src/session.rs` (klicatelj)
+→ `headroom-ai/` (izvedba stranskega vagona)
+
+## Odločitve
+
+### Kompresija, gnana s proračunom, ne vedno vklopljena
+
+Stranski vagon se pokliče samo, ko seja tvega, da bo presegla svoj proračun
+— ne ob vsakem rezultatu orodja. Sprožilec je prag v sledilcu stroškov: če
+bi naslednji korak presegel proračun, najprej stisni, nato obreži. Brez
+stranskega vagona je zasilni izhod preprosto krajšanje.
+
+→ [cost-model](./cost-model.md) (stiskanje T14)
+
+### Unix vtičnica, ne HTTP
+
+Komunikacija poteka prek druge vtičnice Unix (`/var/run/headroom/headroom.sock`).
+Stranski vagon sprejme surovo besedilo, vrne povzetek. Brez avtentikacije —
+zaupa meji vtičnice Unix in temu, da oba procesa tečeta kot isti uporabnik.
+
+### Enostaven protokol — besedilo noter, besedilo ven
+
+Stranski vagon prejme eno vrstico JSON `{"text": "..."}`, vrne eno vrstico
+JSON `{"summary": "..."}`. Brez sej, brez konteksta, brez zgodovine. Vsak
+klic je brez stanja.
+
+### Ločen proces, ne knjižnica
+
+Stranski vagon teče kot neodvisen proces Python, ne kot uvoz Rust. To ga
+izolira od zrušitev (če stranski vagon pade, demon nadaljuje brez njega),
+izolira njegov pomnilnik (model Python je lačen) in omogoča neodvisno
+posodabljanje.
+
+→ `headroom-ai/src/server.py`
+
+## Glej tudi
+
+- [cost-model](./cost-model.md) — kdaj se sproži stranski vagon
diff --git a/docs/wiki/sl/operator-cli.md b/docs/wiki/sl/operator-cli.md
new file mode 100644
index 0000000..0bfb0a9
--- /dev/null
+++ b/docs/wiki/sl/operator-cli.md
@@ -0,0 +1,62 @@
+---
+title: Operaterski CLI (`colibri`)
+description: Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona — tanek tipiziran odjemalec Unix vtičnice.
+---
+
+← [kazalo](./index.md)
+
+Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona.
+Je tanek odjemalec — pošilja ukaze JSON po vtičnici Unix, razčlenjuje odgovore
+in jih izpisuje. Vsak podukaz CLI se preslika v en ukaz demona. Vmesnik CLI
+dodaja priročnost (barvni izpis, privzetki, oblikovalci), ne poslovne logike.
+
+→ `crates/colibri-client/src/bin/colibri.rs`
+
+## Odločitve
+
+### Ena binarna datoteka, ena vtičnica
+
+Obstaja ena binarna datoteka `colibri`, ki se poveže na eno vtičnico
+(`/var/run/colibri/colibri.sock` ali `COLIBRI_SOCKET`). Ni podukazov za
+izbiro demona — večgostiteljske operacije gredo skozi most krmilne ravnine.
+Operater izrecno usmeri na drug gostitelj (`nc <tailnet-ip> 9190`), ne da bi
+CLI podpiral več končnih točk.
+
+**Zakaj ne več profilov demona**: en demon na gostitelja je zadosten. Več
+končnih točk bi v CLI vneslo stanje (`colibri --host osa status`), ki ga most
+že rešuje na omrežni plasti.
+
+### CLI je generičen odjemalec JSON-RPC
+
+Vsak podukaz zgradi objekt `ColibriCommand`, pokliče
+`client.request(command).await` in izpiše rezultat. Odjemalec ne ve ničesar o
+pomenu kateregakoli ukaza — samo serializira in razčlenjuje.
+
+Oblikovalci izhodov (`print_json`, `print_table`, `print_key_value`) so čiste
+funkcije nad `serde_json::Value`. Če demon doda novo polje, se samodejno
+prikaže v izhodu JSON brez spremembe v CLI.
+
+### En ukaz na zagon, ne interaktivno
+
+Vsak zagon `colibri` izvede natanko en ukaz in konča. Brez lupine REPL, brez
+več ukazov v eni seji. To ohranja CLI brez stanja in varnega za skriptanje:
+`colibri status | jq '.data.agents'` je enako zanesljiv v cronu kot v
+terminalu.
+
+→ `crates/colibri-client/src/bin/colibri.rs` (`main`)
+
+### Podukazi, specifični za tablo opravil, sledijo istemu vzorcu
+
+Ukazi za opravila (`create-task`, `intake-task`, `claim-task`,
+`transition-task`) sprejemajo argumente CLI, ki se preslikajo v polja ukaza
+JSON. Izhod je bodisi celoten objekt opravila (za `create-task`,
+`intake-task`) bodisi potrditev (`claim-task`, `transition-task`). Noben
+podukaz ne zahteva več kot ~3 argumentov — opravilna tabla je namenjena
+dodeljevanju s strani agenta, ne ročnemu upravljanju.
+
+→ `crates/colibri-client/src/bin/colibri.rs`
+
+## Glej tudi
+
+- [task-board](./task-board.md) — ukazi, ki jih CLI zrcali
+- [deployment](./deployment.md) — kako je nameščena binarna datoteka demona
diff --git a/docs/wiki/sl/terminal.md b/docs/wiki/sl/terminal.md
new file mode 100644
index 0000000..572d9e7
--- /dev/null
+++ b/docs/wiki/sl/terminal.md
@@ -0,0 +1,49 @@
+---
+title: Terminal — zmožnost, ne znamka
+description: Zmožnost terminala kot ozka, prenosljiva abstrakcija — Kitty, ne iTerm2; ANSI, ne lastniški protokoli.
+---
+
+← [kazalo](./index.md)
+
+Colibrijeva zmožnost terminala je namenoma ozka: zajemi zaslon tmux, pošlji
+tipke, beri izhod. Ne vključuje večpredstavnosti, brskalnika ali obogatenega
+besedila. Izbira terminalskega odjemalca temelji na enem kriteriju: ali
+protokol podpira **razširjeno poročanje tipk**, tako da lahko Glasspane
+razlikuje `Enter` od `Ctrl+Enter`?
+
+## Odločitve
+
+### Kitty kot terminalski odjemalec (protokol, ne GUI)
+
+Colibri cilja na terminalski odjemalec Kitty zaradi njegovega protokola
+razširjenega poročanja tipk — brez tega Glasspane ne more razlikovati
+modifikatorskih tipk (`Ctrl+Enter` proti `Enter`), ne da bi zajel vnosno
+plast. To ni predpis GUI — vsak terminalski odjemalec, ki izvaja protokol
+Kitty (WezTerm, foot, Ghostty), deluje enako dobro.
+
+### tmux kot terminalski multiplekser (ne alternativni terminal)
+
+Agentske seje se izvajajo znotraj sej tmux, ker tmux zagotavlja obstojnost
+seje (preživi odklop), več oken na agenta in programski vmesnik `capture-pane`,
+ki ga Glasspane uporablja za zajem terminala. Tmux se vstavi med terminalski
+odjemalec in agenta, ne nadomesti terminalskega odjemalca.
+
+### SSH terminfo — `tmux-256color`, ne `xterm-256color`
+
+`tmux-256color` je edina vrednost `TERM`, podprta za SSH povezave do agentov.
+Ne podpira `xterm-256color`, ker zunaj tmux ta vrednost ne more poročati
+razširjenih zaporedij Kitty. Terminfo se uveljavi v zanki demona za vse
+povezave.
+
+### ANSI, ne lastniški — vendar s prehodom Kitty
+
+Izhod agenta uporablja ANSI ubežna zaporedja za barve in pozicioniranje
+kazalke. To je univerzalno. Edina razširitev onkraj ANSI je stiskanje vnosa
+tipk, kjer Glasspane potrebuje protokol Kitty za razlikovanje modifikatorjev.
+
+→ `crates/colibri-daemon/src/terminal.rs`
+
+## Glej tudi
+
+- [tui](./tui.md) — nadzorna plošča TUI, ki se upodablja v tem terminalu
+- [operator-attention](./operator-attention.md) — zajem terminala kot signal
diff --git a/docs/wiki/sl/tui.md b/docs/wiki/sl/tui.md
new file mode 100644
index 0000000..9966637
--- /dev/null
+++ b/docs/wiki/sl/tui.md
@@ -0,0 +1,56 @@
+---
+title: Terminalska nadzorna plošča (colibri-tui)
+description: Colibrijeva živa terminalska nadzorna plošča — povezuje se na Unix vtičnico demona in prikazuje agente, stanja ter pozornostna opozorila.
+---
+
+← [kazalo](./index.md)
+
+TUI je Colibrijeva živa terminalska nadzorna plošča. Poveže se na Unix
+vtičnico demona, poizveduje API posnetkov (`glasspane-snapshot`) in ga
+upodablja kot tabelo podoken s stanjem. Zgrajena z ratatui + crossterm za
+barvni terminalski izhod.
+
+→ `crates/colibri-glasspane-tui/src/main.rs`
+
+## Odločitve
+
+### En zaslon, en pogled — ni navigacije po zavihkih
+
+TUI upodablja eno glavno tabelo s podokni in neobvezno pozornostno vrstico na
+vrhu. Brez zavihkov, brez stranskih plošč, brez oken. Operater filtrira z
+vnosom s tipkami (`/` za sejo, `a` za pozornost), ne s klikanjem.
+
+### Razporeditev glede na stanje
+
+Vsako podokno dobi barvo glede na `AgentState`: zelena (Working), rumena
+(Blocked), modra (Done), rdeča (Error), siva (Idle). Podokna z napako že
+prikazujejo rdeče besedilo. Pozornostna vrstica, tipke za skok in filter
+dodajajo rdečo obrobo in inverzno ozadje na vrstice, ki potrebujejo pozornost.
+
+→ [operator-attention](./operator-attention.md)
+
+### Enovrstične vrstice podoken po meri agentov
+
+Vsaka vrstica podokna vsebuje: ime agenta, stanje, ID seje (skrajšan),
+časovni žig zadnjega dogodka in zastavico stalled. To je minimalen nabor, ki
+ga operater potrebuje za oceno agenta na prvi pogled. Prihodnje delo: površina
+metapodatkov podokna za bogatejše vrstice.
+
+### Osveževanje — poizvedovanje, ne potiskanje
+
+TUI poizveduje demonov API posnetkov (`glasspane-snapshot`) vsakih 250 ms.
+Brez WebSocket, brez SSE, brez potisnih obvestil med TUI in demonom.
+Poizvedovanje ohranja vtičnico demona brez stanja.
+
+### Barve so nosilne
+
+`NO_COLOR=1`, ki uhaja iz sej Hermesa, bi naredil TUI neberljiv brez barv.
+`main()` vsili `crossterm::style::force_color_output(true)`, da to prepreči.
+To je nadzorna plošča, ne orodje za cevovod.
+
+→ `crates/colibri-glasspane-tui/src/main.rs`
+
+## Glej tudi
+
+- [glasspane](./glasspane.md) — avtomat stanj, ki ga TUI upodablja
+- [operator-attention](./operator-attention.md) — pozornostna vrstica in tipke za skok
-- 
2.45.3


From 9fd323b092ebb9359a91eedeae0a98657e5f60a5 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:08:02 +0200
Subject: [PATCH 05/19] =?UTF-8?q?docs(sl):=20translate=20wiki=20group=203?=
 =?UTF-8?q?=20=E2=80=94=20runtime-inventory,=20jail-confinement,=20skills-?=
 =?UTF-8?q?catalog,=20vault-provision,=20agent-events-reference,=20externa?=
 =?UTF-8?q?l-mcp?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Completes Slovenian wiki translation: all 23 pages now have sl/ mirrors.
---
 docs/wiki/sl/agent-events-reference.md | 63 +++++++++++++++++++++++
 docs/wiki/sl/external-mcp.md           | 69 ++++++++++++++++++++++++++
 docs/wiki/sl/jail-confinement.md       | 44 ++++++++++++++++
 docs/wiki/sl/runtime-inventory.md      | 48 ++++++++++++++++++
 docs/wiki/sl/skills-catalog.md         | 45 +++++++++++++++++
 docs/wiki/sl/vault-provision.md        | 49 ++++++++++++++++++
 6 files changed, 318 insertions(+)
 create mode 100644 docs/wiki/sl/agent-events-reference.md
 create mode 100644 docs/wiki/sl/external-mcp.md
 create mode 100644 docs/wiki/sl/jail-confinement.md
 create mode 100644 docs/wiki/sl/runtime-inventory.md
 create mode 100644 docs/wiki/sl/skills-catalog.md
 create mode 100644 docs/wiki/sl/vault-provision.md

diff --git a/docs/wiki/sl/agent-events-reference.md b/docs/wiki/sl/agent-events-reference.md
new file mode 100644
index 0000000..1fc9a56
--- /dev/null
+++ b/docs/wiki/sl/agent-events-reference.md
@@ -0,0 +1,63 @@
+---
+title: Referenca agentskih dogodkov
+description: Referenca dogodkov po opremi za zot in pi, preslikave Glasspane in preverjena polja prepisa.
+---
+
+← [kazalo](./index.md)
+
+Ta stran je kanonična referenca za vse vrste dogodkov JSONL, ki jih oddajata
+zot in pi. Vsaka vrstica je en dogodek; vsak dogodek ima znano shemo. Glasspane
+uporablja te preslikave za pretvorbo surovih dogodkov v prehode `AgentState`.
+
+## Skupna polja (vsi dogodki)
+
+Vsak agentski dogodek JSONL vsebuje ta polja:
+
+| Polje        | Tip | Opis                                           |
+| ------------ | --- | ---------------------------------------------- |
+| `event`      | niz | Vrsta dogodka (npr. `agent_start`, `turn_end`) |
+| `timestamp`  | niz | Časovni žig ISO 8601                           |
+| `session_id` | niz | ID seje agenta                                 |
+
+## Dogodki zot
+
+| Dogodek       | Sprožilec                      | Preslikava Glasspane              |
+| ------------- | ------------------------------ | --------------------------------- |
+| `turn_start`  | Agent začne obdelovati korak   | `Working`                         |
+| `tool_call`   | Agent pokliče orodje           | (metapodatki, ne spremeni stanja) |
+| `tool_result` | Orodje vrne rezultat           | (metapodatki)                     |
+| `done`        | Agent konča korak uspešno      | `Done`                            |
+| `error`       | Agent naleti na napako         | `Error`                           |
+| `blocked`     | Agent čaka na operaterski vnos | `Blocked`                         |
+| `agent_start` | Zagon agenta                   | `Working`                         |
+| `usage`       | Poročilo o uporabi žetonov     | (metapodatki)                     |
+
+## Dogodki pi
+
+| Dogodek        | Sprožilec                      | Preslikava Glasspane |
+| -------------- | ------------------------------ | -------------------- |
+| `agent_start`  | Zagon agenta                   | `Working`            |
+| `turn_end`     | Agent konča korak              | `Done`               |
+| `agent_error`  | Agent naleti na napako         | `Error`              |
+| `blocked`      | Agent čaka na operaterski vnos | `Blocked`            |
+| `usage_report` | Poročilo o uporabi žetonov     | (metapodatki)        |
+
+## Preverjena polja prepisa
+
+Ta polja so se pojavila v resničnem izhodu zot in so potrjena kot prisotna:
+
+| Polje        | Vir | Opomba                                |
+| ------------ | --- | ------------------------------------- |
+| `turn_id`    | zot | Enolični ID koraka                    |
+| `model`      | zot | Ime modela, uporabljenega za ta korak |
+| `tokens_in`  | zot | Število vhodnih žetonov               |
+| `tokens_out` | zot | Število izhodnih žetonov              |
+| `tool_name`  | oba | Ime orodja, ki ga je agent poklical   |
+
+→ `crates/colibri-glasspane/src/lib.rs` (`zot_event_type`, `PiJsonlIngestor`)
+→ `crates/colibri-daemon/tests/zot_rpc_smoke.rs`
+
+## Glej tudi
+
+- [glasspane](./glasspane.md) — kako se dogodki preslikajo v stanja
+- [agent-harness](./agent-harness.md) — razcep zot/Colibri
diff --git a/docs/wiki/sl/external-mcp.md b/docs/wiki/sl/external-mcp.md
new file mode 100644
index 0000000..0a9cc39
--- /dev/null
+++ b/docs/wiki/sl/external-mcp.md
@@ -0,0 +1,69 @@
+---
+title: Zunanji MCP
+description: Most MCP za urejevalnike in zunanje gostitelje — branje, pisanje in vrata za zunanje klice prek Colibrijeve implementacije MCP.
+---
+
+← [kazalo](./index.md)
+
+Colibri izpostavlja podmnožico svoje krmilne ravnine kot strežnik MCP
+(Model Context Protocol), tako da lahko zunanji urejevalniki (VS Code,
+Zed), agentski okviri (Claude Code, Hermes) in skripte komunicirajo z
+Colibrijem prek standardiziranega protokola.
+
+→ `crates/colibri-mcp/src/lib.rs`
+
+## Odločitve
+
+### stdio, ne HTTP
+
+Strežnik MCP komunicira prek standardnega vhoda/izhoda (stdio), ne prek
+HTTP ali WebSocket. To je standardni prenos MCP — vsak odjemalec MCP ga
+podpira. Prav tako se izogne potrebi po odprtju drugega omrežnega vmesnika.
+
+### Tri orodja, ne celoten API
+
+Strežnik MCP izpostavlja tri orodja:
+
+| Orodje             | Ukaz demona          | Namen                                           |
+| ------------------ | -------------------- | ----------------------------------------------- |
+| `colibri_status`   | `status`             | Stanje demona (agenti, opravila, predpomnilnik) |
+| `colibri_snapshot` | `glasspane-snapshot` | Trenutni posnetek podoken Glasspane             |
+| `colibri_spawn`    | `spawn-agent`        | Zaženi novega agenta                            |
+
+Ta tri orodja pokrivajo 90 % zunanjih interakcij. Celoten API vtičnice je na
+voljo neposrednim odjemalcem vtičnice; MCP je priročna podmnožica.
+
+### Ovoj Bash, ne vgrajeni proces
+
+`colibri-mcp` je skripta Bash, ki se poveže na vtičnico demona, pošlje ukaz
+JSON in vrne odgovor JSON. Ni dolgotrajen proces — vsak klic zažene novo
+skripto. To pomeni, da je ničelna konfiguracija za odjemalce MCP (samo
+registrirajte pot skripte) in ničelno vzdrževanje stanja.
+
+→ `packaging/freebsd/colibri-mcp`
+
+### Vrata za branje/pisanje in zunanje klice
+
+Implementacija MCP ločuje tri skrbi:
+
+- **Branje**: `status`, `snapshot` — samo za branje, vedno na voljo.
+- **Pisanje**: `spawn` — spremeni stanje demona. Zaščiteno z zastavico
+  `allow_write` v konfiguraciji MCP.
+- **Zunanji klic**: katerokoli orodje lahko sproži verigo MCP, ki sega
+  navzven do drugega strežnika MCP. Zaščiteno z zastavico `allow_external_call`.
+
+→ `crates/colibri-mcp/src/config.rs`
+
+### Inicializacijski manifest ob zagonu
+
+Vsak strežnik MCP mora ob zagonu vrniti manifest `initialize`. Colibrijev
+manifest deklarira svoja tri orodja, zmogljivost `tools` in prazno
+zmogljivost `resources`. Odjemalci, ki ne pokličejo `initialize`, dobijo
+napako protokola.
+
+→ `crates/colibri-mcp/src/protocol.rs` (`initialize`)
+
+## Glej tudi
+
+- [mother-hive](./mother-hive.md) — MCP prek SSH za matično vozlišče
+- [operator-cli](./operator-cli.md) — neposreden dostop do vtičnice
diff --git a/docs/wiki/sl/jail-confinement.md b/docs/wiki/sl/jail-confinement.md
new file mode 100644
index 0000000..7bfd6ce
--- /dev/null
+++ b/docs/wiki/sl/jail-confinement.md
@@ -0,0 +1,44 @@
+---
+title: Omejitev ječ
+description: Trajne proti prehodnim ječam, pravilnik načina priv in ponovna uporaba omejitve zaganjalnika za strežnike MCP.
+---
+
+← [kazalo](./index.md)
+
+Colibrijevi agenti tečejo znotraj ječ FreeBSD Bastille. Model omejitve je
+zasnovan tako, da so vse agentske interakcije privzeto zaprte, izrecne
+priklopne točke pa namerne.
+
+→ `packaging/freebsd/bastille/`
+
+## Odločitve
+
+### Trajne ječe za agente, prehodne za MCP
+
+Agenti tečejo v **trajnih** ječah (eni na agenta), ki preživijo ponovne
+zagone. Te ječe imajo stanje: nameščene pakete, konfiguracijske datoteke,
+klonirane repozitorije. Strežniki MCP tečejo v **prehodnih** ječah, ustvarjenih
+iz iste predloge, a uničenih, ko se seja MCP konča. Prehodne ječe se začnejo
+sveže — brez stanja, brez ostankov.
+
+→ `crates/colibri-daemon/src/spawner.rs`
+
+### Pravilnik načina priv — `enforce_statfs=1`, brez `allow.mount`
+
+Vse ječe delijo privzeti pravilnik, ki prepoveduje priklope, surova vtičnice,
+spreminjanje lastništva in dostop do naprav. Vsaka priklopna točka, ki jo
+agent potrebuje (repozitoriji, vtičnica demona, imeniki stanja), je izrecno
+navedena v konfiguraciji Bastille.
+
+### Ista omejitev zaganjalnika za MCP kot za agente
+
+Ko se zažene strežnik MCP, uporabi isti mehanizem spawnanja v ječi kot
+agenti. Predloga ječe (`clawdie-mcp`), konfiguracija Bastille, pravilnik
+načina priv in uporabnik so enaki. Edina razlika: ječa ni trajna.
+
+→ `crates/colibri-mcp/src/lib.rs`
+
+## Glej tudi
+
+- [deployment](./deployment.md) — postavitev ZFS za ječe
+- [vault-provision](./vault-provision.md) — oskrba okolja znotraj ječ
diff --git a/docs/wiki/sl/runtime-inventory.md b/docs/wiki/sl/runtime-inventory.md
new file mode 100644
index 0000000..825dfeb
--- /dev/null
+++ b/docs/wiki/sl/runtime-inventory.md
@@ -0,0 +1,48 @@
+---
+title: Popis izvajalnega okolja
+description: Bralnik stanja gostitelja — aditivne, bralne integracije, ki zbirajo različice OS, paketov in izvajalnega okolja.
+---
+
+← [kazalo](./index.md)
+
+Bralnik popisa izvajalnega okolja je aditivna, bralna plast: bere dejstva o
+gostitelju, ne da bi karkoli spremenil. Je vhod za razporejevalnik (ali lahko
+ta gostitelj izvede opravilo?) in za matični register (kaj ta gostitelj je?).
+
+→ `crates/colibri-runtime-inventory/src/lib.rs`
+
+## Odločitve
+
+### Aditivno, ne konfiguracijsko
+
+Bralnik odkrije dejstva, ne uveljavlja stanja. Če manjka `pi` ali `zot`, to
+zabeleži — ne namesti. Če je prisotnih več različic Node.js, jih navede vse.
+Če je ZFS odklopljen, to zabeleži — ne uvozi bazena. Operater se odloči, kaj
+storiti s popisom.
+
+### Bralni vmesnik, specifičen za platformo
+
+`HostInfo` je skupen struct. Vsaka platforma implementira `HostReader` trait.
+FreeBSD-jev bralnik uporablja `pkg`, `sysctl`, `zfs`, `kldstat` in `pciconf`.
+Linuxov bralnik uporablja `uname`, `/proc`, `lsblk` in `lspci`. Skupna
+struktura pomeni, da razporejevalnik in mati vidita isto obliko ne glede na
+OS.
+
+→ `crates/colibri-runtime-inventory/src/platform.rs`
+
+### Rezultat je JSON, konzumirajo ga trije porabniki
+
+Popis se serializira v `clawdie.runtime-version-inventory.v1`. Trije porabniki:
+
+- **Razporejevalnik**: ujemanje zmožnosti (`"can_run_local_llm": true`).
+- **Mati**: register hive (`"hostname": "domedog"`, `"os": "linux"`).
+- **Operater**: ukaz `colibri runtime-inventory`.
+
+### Brez pisanja — integracije so samo za branje
+
+Bralnik ne piše v podatkovno zbirko, ne spreminja konfiguracije in ne
+spreminja stanja demona. Je čista funkcija `HostReader::read() → HostInfo`.
+To pomeni, da je varno zagnati ga v cronu, ob zagonu ali ročno brez stranskih
+učinkov.
+
+→ [contracts](./contracts.md) (shema) | [mother-hive](./mother-hive.md)
diff --git a/docs/wiki/sl/skills-catalog.md b/docs/wiki/sl/skills-catalog.md
new file mode 100644
index 0000000..151c5b3
--- /dev/null
+++ b/docs/wiki/sl/skills-catalog.md
@@ -0,0 +1,45 @@
+---
+title: Katalog veščin
+description: Bralni izvajalni porabnik za pregledane artefakte veščin Clawdie-AI — uvozi SKILL.md v Colibrijevo tabelo skills.
+---
+
+← [kazalo](./index.md)
+
+Katalog veščin je Colibrijev bralni izvajalni porabnik za veščine,
+pregledane v repozitoriju `clawdie-ai`. Veščine se uvozijo v tabelo
+`skills` v shrambi SQLite, kjer jih agenti poizvedujejo med izvajanjem.
+
+→ `scripts/import-clawdie-skills.sh`
+
+## Odločitve
+
+### Bralni porabnik, ne vir resnice
+
+Colibri bere veščine iz repozitorija `clawdie-ai` — ta je vir. Uvozna
+skripta je idempotentna (`INSERT OR IGNORE`), zato je varno večkrat
+zagnati. Spremembe veščin se zgodijo v izvornem repozitoriju, nato se
+ponovno uvozijo.
+
+→ [layered-soul](./layered-soul.md) (enaka smer)
+
+### Ena tabela, ploščata
+
+Vse veščine si delijo eno tabelo `skills` s stolpci `name`, `description`,
+`category` in `created_at`. Kategorija je prosta besedilna oznaka
+(`"soul"`, `"agent"`, `"channel"`). Brez gnezdenja, brez različic, brez
+odvisnosti med veščinami. To ustreza trenutnemu obsegu (~50 veščin).
+
+→ `crates/colibri-store/src/schema.rs`
+
+### Uvoz ob zagonu, ne sproti
+
+Veščine se uvozijo ob zagonu demona, ne med izvajanjem. Če operater doda
+veščino, ponovno zažene demona (ali ročno zažene uvozno skripto). Nobena pot
+izvajalne kode ne piše v tabelo `skills`.
+
+→ `scripts/import-clawdie-skills.sh`
+
+## Glej tudi
+
+- [layered-soul](./layered-soul.md) — veščine iz layered-soul
+- [store-schema](./store-schema.md) — shema tabele skills
diff --git a/docs/wiki/sl/vault-provision.md b/docs/wiki/sl/vault-provision.md
new file mode 100644
index 0000000..51429b7
--- /dev/null
+++ b/docs/wiki/sl/vault-provision.md
@@ -0,0 +1,49 @@
+---
+title: Oskrba trezorja
+description: Oskrba datotek env, gnana z Vaultwarden, v ječe po zagonu agenta — preslikava najemnik → ječa → zbirka.
+---
+
+← [kazalo](./index.md)
+
+`colibri-vault` bere skrivnosti iz Vaultwarden in jih zapiše kot datoteke
+okolja (`.env`) znotraj ječ, preden se agent zažene. Vsak najemnik dobi
+svojo datoteko `.env` s točno tistimi poverilnicami, ki jih potrebuje —
+nič več.
+
+→ `crates/colibri-vault/src/lib.rs`
+
+## Odločitve
+
+### 1:1:1 preslikava — najemnik = ječa = zbirka
+
+Preslikava `tenant_id → ime ječe → zbirka Vaultwarden` je nespremenljiva.
+Ukaz `colibri vault-provision <tenant>` poišče vrstico najemnika v SQLite,
+pridobi vse skrivnosti iz imenovane zbirke Vaultwarden in jih zapiše v
+`/tmp/.env` znotraj ječe.
+
+### CLI Vaultwarden (`bw`), ne API
+
+Oskrbnik uporablja `bw` (uradni CLI Vaultwarden/Bitwarden). seja `bw` se
+odpre s ključem API, ki je shranjen kot skrivnost v `bw_session`, in zapre
+po vsakem zagonu oskrbe. Brez trajnih sej, brez predpomnjenih žetonov.
+
+→ `crates/colibri-vault/src/vaultwarden.rs`
+
+### Skrivnosti so začasne znotraj ječe
+
+Datoteka `.env` je zapisana v `/tmp/.env` — obstojna samo toliko časa,
+kolikor živi ječa. Če je ječa uničena in ponovno ustvarjena, oskrbnik
+znova zažene. Skrivnosti niso nikoli shranjene na gostitelju.
+
+### Oskrba ob zagonu agenta, ne periodično
+
+Oskrba teče enkrat, tik preden se agent zažene znotraj ječe. Brez cron
+osveževanj, brez rotacije skrivnosti med izvajanjem. Če se skrivnost spremeni,
+operater ustavi in znova zažene agenta.
+
+→ `crates/colibri-daemon/src/socket.rs` (`cmd_spawn_agent`)
+
+## Glej tudi
+
+- [store-schema](./store-schema.md) — preslikava `tenants`
+- [jail-confinement](./jail-confinement.md) — kako so ječe ustvarjene
-- 
2.45.3


From c38b5f1e5bcd0ebc61c45b13c0253d4feaae751a Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:13:12 +0200
Subject: [PATCH 06/19] docs(guide): trim install Scope paragraph to one-liner

Match the lean SL style: one terse sentence, no legacy narration.
"clawdie provisions the host service. Jail, DB, CMS, and Git
provisioning are not yet in the installer."
---
 docs/guide/install/install.md | 247 +++++++---------------------------
 1 file changed, 50 insertions(+), 197 deletions(-)

diff --git a/docs/guide/install/install.md b/docs/guide/install/install.md
index b528646..44aee3e 100644
--- a/docs/guide/install/install.md
+++ b/docs/guide/install/install.md
@@ -1,232 +1,85 @@
 ---
-title: Install Orchestrator
-description: Single-command install flow for Clawdie.
+title: Install
+description: Provision the Clawdie host service with the clawdie binary.
 ---
 
-**Command:** `just install`
+**Command:** `clawdie apply --yes`
 
-## Quick start
+Colibri-based Clawdie is installed by the **`clawdie`** binary (crate
+`crates/clawdie`). It discovers the host's ZFS layout and provisions the
+`clawdie` service: storage datasets, a service user, and the rc.d (FreeBSD) or
+systemd (Linux) unit that runs `colibri-daemon`.
 
-Clawdie tracks the FreeBSD 15.x line. The installer rejects FreeBSD 14.x and any unvalidated future major version.
+This repo is a **Cargo workspace** — there is no `just`/npm install flow here.
+Build the installer from the workspace:
 
 ```bash
-just install
+cargo build -p clawdie --release
 ```
 
-## ISO path
-
-Current ISO validation is converging on: live QML installer → first installed
-boot → loopback-bound controlplane `/setup` with a one-time bootstrap token.
-Provider keys and Telegram are configured there after install. The older
-[`setup.txt` first-boot contract](./first-boot/) remains documented for legacy
-non-interactive work and will be rewritten after live ISO validation.
-
-After the initial boot, the same `install` flow described here runs in the
-background.
-
-Resume from a specific step after a failure:
+## Commands
 
 ```bash
-just install-from-db
+clawdie discover            # read-only: OS, ZFS pools, datasets, spare disks
+clawdie plan [--pool NAME]  # show the deploy plan (dry-run, no writes)
+clawdie apply [--pool NAME] # dry-run unless --yes is given
+clawdie apply --yes         # provision: storage layout + install the service
 ```
 
-Skip service jails (db, git, cms) when running `DB_RUNTIME=host` or installing a second agent on an existing host:
+`apply` is a **dry-run by default** and prints the full step plan; it writes to
+disk only with `--yes`. When the host has exactly one ZFS pool it is selected
+automatically; with several, pass `--pool NAME`.
 
-```bash
-just install-from hosts
-```
+## Storage strategy
 
-Print the step plan without running anything:
+| Host               | Behavior                                                                                                   |
+| ------------------ | ---------------------------------------------------------------------------------------------------------- |
+| FreeBSD            | ZFS is **required**; datasets are created under the chosen pool.                                           |
+| Linux + ZFS + pool | Same — datasets under the pool.                                                                            |
+| Linux, no ZFS/pool | Falls back to plain directories, and reports the ZFS benefits plus any spare disks that could host a pool. |
 
-```bash
-just install -- --dry-run
-```
-
-Skip ZFS checkpoints (e.g. no ZFS pool):
-
-```bash
-just install -- --no-snapshots
-```
-
----
-
-## Step flow
-
-```
-just install
-        │
-        ▼
-  ┌─────────────────────────────────────────────────────────┐
-  │  Detect ZFS dataset (zroot/bastille)                    │
-  │  Parse --from / --no-snapshots / --dry-run              │
-  └─────────────────────────────────────────────────────────┘
-        │
-        ▼
-[ 1] onboarding        first-boot setup seed or TUI fallback REQUIRED
-        │
-[ 2] environment       host pkg baseline, bridge, locale   REQUIRED
-        │
-[ 3] agent-config      validate/write agent provider        optional ─── warn on missing provider auth
-        │                                                        └── pi missing → warn, continue
-[ 4] pf                write PF include (NAT egress)       REQUIRED
-        │                         └── 📸 snapshot: post-pf
-[ 5] jails             create worker jail (--create)       REQUIRED
-        │                         └── 📸 snapshot: post-jails
-[ 6] git               Git Service (git jail)              DEFAULT  ─── DB_RUNTIME=host → skip or use install-from hosts
-        │                         └── 📸 snapshot: post-git
-[ 7] forgejo           Forgejo for Git Service             DEFAULT  ─── FEATURE_GITEA=NO → skip
-        │
-[ 8] db                Data Service (PostgreSQL)           DEFAULT  ─── DB_RUNTIME=host → skip; DB on host instead
-        │                         └── 📸 snapshot: post-db
-[ 9] skills-memory     built-in knowledge import           DEFAULT  ─── artifact.sql ships in tarball
-        │
-[10] skills-init       Skills engine init (.nanoclaw)      DEFAULT
-        │
-[11] cms               Web Service (cms jail: Astro+nginx) DEFAULT  ─── use install-from hosts to skip
-        │                         └── 📸 snapshot: post-cms
-        │
-[12] ollama            Local AI Models (Ollama jail .5)    optional ─── FEATURE_OLLAMA≠YES → skip
-        │
-[13] llama-cpp         Local AI Models (llama-cpp jail .5) optional ─── FEATURE_LLAMA_CPP≠YES → skip
-        │
-[14] hosts             /etc/hosts + jail hostnames         REQUIRED
-        │
-[15] mounts            validate jail mounts                REQUIRED
-        │
-[16] telegram-auth     verify bot token                    optional ─── TELEGRAM_BOT_TOKEN unset → skip
-        │
-[17] service           build + install rc.d service         REQUIRED
-        │
-[18] hostd             privileged host daemon (hostd)       REQUIRED
-        │
-[19] identity-restore  Supabase restore                     optional ─── SUPABASE_URL unset → skip
-        │
-[20] verify            integrity check                      optional
-        │                         └── 📸 snapshot: install-complete
-        │
-        ▼
-  ┌─────────────────────────────────────────────────────────┐
-  │  Summary: N ok  N warnings  N skipped  N failed         │
-  │  Snapshots taken: zroot/bastille@post-pf-…  …          │
-  │  LLM providers: anthropic ✓  openai ✗  ollama ✗  …     │
-  └─────────────────────────────────────────────────────────┘
-```
-
-The onboarding step prefers the first-boot setup file (`setup.txt`; see
-[First boot](./first-boot/)). The interactive TUI wizard is the fallback when
-the first-boot setup is absent or invalid; it sources locales from FreeBSD
-itself, so any installed locale can be selected (`en_US.UTF-8`,
-`zh_CN.UTF-8`, etc.) and is applied consistently.
-`setup.txt` is the operator-intent contract, and `system.env` is the matching
-hardware-intent contract. Inspect can populate both before the installer runs.
-Set `DB_RUNTIME=host` in `.env` to provision PostgreSQL directly on the host instead of a db jail; `DB_HOST` defaults to `${AGENT_SUBNET_BASE}.1` so jails can reach it. Use `DB_COMPRESSION=lz4` (default) or `DB_COMPRESSION=zstd` for ZFS compression on host datasets.
-
-The root install owns shared platform services. It is not modeled as tenant zero.
-`ASSISTANT_NAME` is display-only. Later additive tenants consume shared services such as:
-
-- Git Service
-- Web Service
-- Local AI Models
-
----
-
-## ZFS snapshots
-
-Snapshots are taken after each milestone step if a Bastille ZFS dataset is
-detected. Two paths:
-
-| Context                        | Method                                                        |
-| ------------------------------ | ------------------------------------------------------------- |
-| Running as root                | `zfs snapshot zroot/bastille@<tag>` directly                  |
-| Non-root, `sudo` available     | `sudo zfs snapshot zroot/bastille@<tag>`                      |
-| Non-root, hostd socket present | `nc -U /var/run/<agent>-hostd.sock` (hostd `zfs-snapshot` op) |
-| Neither                        | skip silently                                                 |
-
-Snapshot tags are suffixed with a Unix timestamp to prevent collisions on re-runs.
-
----
-
-## LLM providers
-
-The orchestrator never exits on missing LLM provider auth. OpenAI/OpenRouter/Anthropic
-subscription auth is the recommended path for performance/price, but it is not a
-hard installer requirement and all supported providers are peer options. At the
-end of the run Clawdie prints a table of known providers:
-
-```
-△ LLM providers
-  anthropic     ANTHROPIC_API_KEY         ✓ configured
-  openai        OPENAI_API_KEY            ✗ not set
-  openrouter    OPENROUTER_API_KEY        ✗ not set
-  deepseek      DEEPSEEK_API_KEY          ✗ not set
-  zai           ZAI_API_KEY               ✗ not set
-  groq          GROQ_API_KEY              ✗ not set
-  azure         AZURE_OPENAI_API_KEY      ✗ not set
-  ollama        OLLAMA_HOST               ✗ not set
-```
-
-If no provider auth is found, it prints instructions:
-
-```
-  No LLM provider auth found. Configure one after install and restart:
-    Set DEEPSEEK_API_KEY=... in provider.env for the default agent,
-    or add provider keys such as ANTHROPIC_API_KEY=sk-ant-...
-    service clawdie restart
-```
-
-The entire infrastructure (PF, jails, PostgreSQL, nginx, ZFS) has zero
-LLM dependency. Provider auth is only consumed when the jail-runner spawns a
-live response. Install and service start succeed without it.
-
-After install, use the controlplane setup page to finish provider and optional
-Telegram configuration:
+ZFS layout under the pool:
 
 ```text
-https://<agent-domain>/setup
+<pool>/clawdie        (container, canmount=off)
+<pool>/clawdie/db     -> /var/db/clawdie
+<pool>/clawdie/log    -> /var/log/clawdie
 ```
 
-Before setup is complete, do not expose this URL directly to the public internet.
-Use local console/loopback access, or a tailnet/LAN path protected by TLS and
-network allowlisting. The bootstrap token is a first-setup key, not a substitute
-for bind/PF/TLS policy.
+## What `apply --yes` provisions
 
-If the printed bootstrap token is lost before setup completes, rotate a fresh
-one on the host:
+1. **Storage** — the datasets above (or plain `/var/db/clawdie` +
+   `/var/log/clawdie` on the plain-dirs fallback).
+2. **Service user** — `clawdie` (nologin), owning the state directories
+   (`clawdie:clawdie`).
+3. **Service** — the rc.d script (FreeBSD, via `daemon -u clawdie`) or systemd
+   unit (Linux, `User=clawdie`), installed and enabled to run
+   `/usr/local/bin/colibri-daemon`.
 
-```sh
-npm run setup-token -- rotate
-```
+## Creating a pool (destructive)
 
-### Agent runtime setup
-
-The agent runtime uses `DEEPSEEK_API_KEY` from `provider.env`.
-Colibri autospawns zot in RPC mode — no separate login or auth store
-needed. zot reads its identity from `$ZOT_HOME/AGENTS.md` (installed
-automatically from the seed partition).
-
-Quick verification:
+On a host with a spare disk and no usable pool:
 
 ```bash
-zot --no-session --print "Reply with exactly: zot-ok"
+clawdie apply --pool NAME --create-pool /dev/DEV --yes
 ```
 
-Expected output:
+`--create-pool` runs `zpool create` on `DEV` and **destroys all data on it**, so
+it is refused unless the disk is detected as empty (no partitions/filesystem/
+mount, not the root disk). Override that guard with `--force` only if you are
+certain.
 
-```text
-zot-ok
-```
+## Safety
 
-### Control plane API auth
+Disk-touching steps (`zfs`/`zpool create`, service install) run as root on the
+target host. `discover`, `plan`, and a bare `apply` never write — preview with
+`plan` first.
 
-Agent subprocesses (pi, aider) authenticate back to the control plane
-API using a shared secret. Generate one after install:
+## Scope
 
-```bash
-echo "CONTROLPLANE_SHARED_SECRET=$(openssl rand -base64 32)" >> .env
-sudo service ${AGENT_NAME} restart
-```
+`clawdie` provisions the host service. Jail, DB, CMS, and Git provisioning are not yet in the installer.
 
-Without it, the startup log warns and agent-to-API calls are rejected.
+## FreeBSD validation
 
 ### Service wrapper scripts
 
-- 
2.45.3


From 3145a725c619f9b15fc713da14f5d9fe7ac35efc Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:19:00 +0200
Subject: [PATCH 07/19] docs(sl): add 23 Slovenian terminology mappings to
 glossary
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

New Izrazoslovje section — English concept → Slovenian name mapping:
  jail/ječa, warden/paznik, confinement/zaprtost, prisoner/zapornik,
  cell/celica, hive/panj, mother/matično vozlišče, node/vozlišče,
  glasspane/steklena plošča, spawn/(samodejni) zagon, seed/seme,
  vault/trezor, tenant/najemnik, skill/veščina, snapshot/posnetek,
  rollback/povratek, harvest/žetev, bridge/most, daemon/ozadnji proces,
  board/tabla nalog, scheduler/razporejevalnik, Bastille (trdnjava),
  jailed/zaprt v ječi.

Cross-links added from existing ZFS, PF, and UI entries.
Total anchors: 38 (15 abbreviations + 23 terminology).
---
 docs/guide/sl/reference/okrajsave.md | 148 ++++++++++++++++++++++++++-
 1 file changed, 145 insertions(+), 3 deletions(-)

diff --git a/docs/guide/sl/reference/okrajsave.md b/docs/guide/sl/reference/okrajsave.md
index b0424e2..6afe7aa 100644
--- a/docs/guide/sl/reference/okrajsave.md
+++ b/docs/guide/sl/reference/okrajsave.md
@@ -50,7 +50,7 @@ LLM za vse agentske odločitve.
 ## NAT
 
 **Network Address Translation** — prevajanje omrežnih naslovov; omogoča, da več
-naprav deli en javni IP. PF na FreeBSD samodejno nastavi NAT za ječe.
+naprav deli en javni IP. PF na FreeBSD samodejno nastavi NAT za [ječe](#jail).
 
 ## PF
 
@@ -72,7 +72,8 @@ vratih TCP.
 ## UI
 
 **User Interface** — uporabniški vmesnik, kar operater vidi na zaslonu.
-Glasspane TUI je terminalski vmesnik za nadzor agentov.
+Glasspane TUI je terminalski vmesnik za nadzor agentov. Glej tudi:
+[glasspane](#glasspane).
 
 ## VPS
 
@@ -84,4 +85,145 @@ VPS.
 
 **Zettabyte File System** — napredni datotečni sistem, ki ga uporablja
 FreeBSD. Omogoča posnetke (snapshots), stiskanje in preverjanje celovitosti
-podatkov. Clawdie zahteva ZFS za ječe Bastille.
+podatkov. Clawdie zahteva ZFS za [ječe](#jail) Bastille. Glej tudi:
+
+## Izrazoslovje — angleško-slovenski preslikovalnik
+
+Tehnično izrazoslovje v kodi ostaja v angleščini (ukazi, poti, imena
+spremenljivk). Slovenski prevodi so mišljeni za **branje in razumevanje**
+dokumentacije, ne za pisanje kode.
+
+### Bastille
+
+Orodje za upravljanje ječ na FreeBSD. Ime izhaja iz trdnjave Bastilja.
+
+### board (task board)
+
+**Tabla nalog** — seznam nalog, ki čakajo na dodelitev agentom. Vsaka naloga
+ima zahtevane zmožnosti (capabilities) in jih razporejevalnik (scheduler)
+dodeli najprimernejšemu agentu.
+
+### bridge
+
+**Most** — omrežni most, ki povezuje ječe z zunanjim svetom. `warden0` je
+most, ki ga Bastille uporablja za omrežje ječ.
+
+### cell
+
+**Celica** — posamezna enota znotraj ječe. Tanke (thin) celice si delijo
+predlogo, debele (thick) so samostojne.
+
+### confinement
+
+**Zaprtost** — stopnja izolacije procesa. Ječa (jail) je najmočnejša oblika
+zaprtosti na FreeBSD: proces ne vidi gostitelja, nima dostopa do omrežja
+(glede na nastavitve) in ne more pobegniti.
+
+### daemon
+
+**Ozadnji proces** — program, ki teče v ozadju, brez neposrednega upravljanja.
+Na FreeBSD jih upravlja `rc.d`. `colibri-daemon` je ozadnji proces, ki
+nadzoruje agente.
+
+### glasspane
+
+**Steklena plošča / nadzorna plošča** — Colibrijeva opazovalna plast.
+Spremlja agente prek JSONL in jih preslika v pet stanj: Idle → Working →
+Blocked → Done / Error.
+
+### harvest
+
+**Žetev** — zajem podatkov o strojni opremi (`clawdie-hw-probe`).
+Pobrano (harvested) se pošlje matičnemu vozlišču (mother) prek MCP.
+
+### hive
+
+**Panj** — vsa vozlišča, povezana z matičnim vozliščem. `hive_nodes` je
+tabela v PostgreSQL na matičnem vozlišču, ki beleži vsako vozlišče, njegovo
+strojno opremo in zmožnosti.
+
+### jail
+
+**Ječa** — varnostni mehanizem FreeBSD za izolacijo procesov. Proces v ječi
+vidi le svoj datotečni sistem in omejeno omrežje. Clawdie uporablja ječe
+Bastille za izolacijo agentov in zunanjih MCP strežnikov. Glej tudi:
+[confinement](#confinement), [warden](#warden), [prisoner](#prisoner).
+
+### jailed
+
+**Zaprt v ječi** — stanje procesa, ki teče znotraj ječe. Proces, ki je
+*zaprt v ječi*, nima dostopa do gostitelja. Nasprotje je *na prostosti*
+(teče na gostitelju brez izolacije).
+
+### mother (mother node)
+
+**Matično vozlišče** — osrednji strežnik, ki vodi register vseh vozlišč
+(`hive_nodes`). USB-vozlišča se mu javijo prek MCP prek SSH. Matično vozlišče
+hrani PostgreSQL in dodeljuje naloge.
+
+### node
+
+**Vozlišče** — katerikoli gostitelj, ki je del panja: USB-ključek, nameščen
+disk, VPS ali matično vozlišče samo. Vsako vozlišče ima `node_type` in
+se registrira prek `node_register`.
+
+### prisoner (prisoner process)
+
+**Zapornik / zaprt proces** — proces, ki teče v ječi. Nima dostopa do
+gostiteljevega datotečnega sistema in omrežja (razen če mu je izrecno
+dovoljeno).
+
+### rollback
+
+**Povratek** — vrnitev na prejšnje stanje. ZFS snapshots omogočajo povratek
+celotnega datotečnega sistema. `bectl activate` omogoča povratek na prejšnji
+zagonski posnetek.
+
+### scheduler
+
+**Razporejevalnik** — del krmilne ravnine, ki vsakih ~30s preveri, katere
+naloge so na vrsti, in jih dodeli najprimernejšemu prostemu agentu.
+
+### seed (CLAWDIESEED)
+
+**Seme / semenski del** — tretja rezina (slice) na USB-ključku, formatirana
+kot FAT32. Vsebuje skrivnosti (ključe, API žetone, gesla), ki jih uvoznik
+(`clawdie-live-seed`) ob zagonu namesti. Seme je **ločeno od slike ISO** —
+operater ga ureja po zapisu slike, pred zagonom.
+
+### skill
+
+**Veščina** — paket zmožnosti, ki ga agent lahko naloži, da opravi določeno
+nalogo. Primer: `jail-status` (preveri stanje ječ), `db-vacuum` (počisti
+bazo). Veščine so v katalogu in jih uvaža `import-colibri-skills.sh`.
+
+### snapshot
+
+**Posnetek** — trenutno stanje datotečnega sistema, shranjeno kot ZFS
+snapshot. Posnetki so osnova za povratek (rollback) in jih samodejno
+upravlja `sanoid`.
+
+### spawn (autospawn)
+
+**(Samodejni) zagon agenta** — krmilna ravnina ob zagonu požene agenta
+(`zot`), če je omogočeno `COLIBRI_AUTOSPAWN=YES`. Agent dobi RPC poziv
+in začne z delom.
+
+### tenant
+
+**Najemnik** — večnajemniška enota. Vsak najemnik ima svoje okolje,
+skrivnosti in naloge. Krmilna ravnina podpira več najemnikov na enem
+vozlišču.
+
+### vault
+
+**Trezor / sef** — varno hranjenje skrivnosti (gesla, API ključi, žetoni).
+Clawdie uporablja Vaultwarden (Bitwarden API) za upravljanje skrivnosti
+najemnikov.
+
+### warden
+
+**Paznik** — upravljalec ječ. Na FreeBSD je to `jail(8)` ali `warden0`
+(omrežni most ječ Bastille). Na matičnem vozlišču je to `colibri-mcp-ssh`,
+ki nadzoruje, kateri ukazi so dovoljeni čez SSH. *Paznik* je slovenski izraz
+za paznika v zaporu — čuva ječo in njene zapornike.
-- 
2.45.3


From f704abc78268d1f7c7ee72ca4f9a05f0d9c1687a Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:31:23 +0200
Subject: [PATCH 08/19] feat(wiki): minimal Astro site for wiki.clawdie.si
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Plain Astro — no Starlight. Five files:
  - package.json (astro only, v0.12.0)
  - astro.config.mjs (wiki.clawdie.si, static output)
  - src/pages/index.astro (flat list of all decision pages)
  - src/pages/[...slug].astro (dynamic route: reads docs/wiki/*.md)
  - build-wiki.sh (npm ci + astro build)

Design decisions:
  - No Starlight — 23 pages, rarely changing, primary audience is LLMs
  - Dynamic routes — add a .md to docs/wiki/, it automatically gets a page
  - Markdown rendered at build time (frontmatter, tables, code blocks, links)
  - Wiki links [label](./page.md) auto-resolve to [/page/]
  - Dark mode via prefers-color-scheme, no JS

Guide keeps Starlight (structured sidebar, human operators).
Wiki gets plain Astro (flat list, agent audience).

See: docs/PLAN-WIKI-CLAWDIE-SI.md
---
 astro/wiki/.gitignore                |   3 +
 astro/wiki/astro.config.mjs          |  12 +++
 astro/wiki/package.json              |  14 +++
 astro/wiki/src/pages/[...slug].astro | 131 +++++++++++++++++++++++++++
 astro/wiki/src/pages/index.astro     |  60 ++++++++++++
 docs/PLAN-WIKI-CLAWDIE-SI.md         |  49 ++++++++++
 scripts/build-wiki.sh                |  29 ++++++
 7 files changed, 298 insertions(+)
 create mode 100644 astro/wiki/.gitignore
 create mode 100644 astro/wiki/astro.config.mjs
 create mode 100644 astro/wiki/package.json
 create mode 100644 astro/wiki/src/pages/[...slug].astro
 create mode 100644 astro/wiki/src/pages/index.astro
 create mode 100644 docs/PLAN-WIKI-CLAWDIE-SI.md
 create mode 100755 scripts/build-wiki.sh

diff --git a/astro/wiki/.gitignore b/astro/wiki/.gitignore
new file mode 100644
index 0000000..ddce69b
--- /dev/null
+++ b/astro/wiki/.gitignore
@@ -0,0 +1,3 @@
+node_modules/
+dist/
+.astro/
diff --git a/astro/wiki/astro.config.mjs b/astro/wiki/astro.config.mjs
new file mode 100644
index 0000000..3e3a004
--- /dev/null
+++ b/astro/wiki/astro.config.mjs
@@ -0,0 +1,12 @@
+import { defineConfig } from "astro/config";
+
+const site = process.env.ASTRO_SITE_URL || "https://wiki.clawdie.si";
+const outDir = process.env.ASTRO_OUT_DIR || "./dist";
+
+// https://astro.build/config
+export default defineConfig({
+  site,
+  outDir,
+  output: "static",
+  trailingSlash: "always",
+});
diff --git a/astro/wiki/package.json b/astro/wiki/package.json
new file mode 100644
index 0000000..8c29066
--- /dev/null
+++ b/astro/wiki/package.json
@@ -0,0 +1,14 @@
+{
+  "name": "clawdie-wiki",
+  "private": true,
+  "version": "0.12.0",
+  "type": "module",
+  "scripts": {
+    "dev": "astro dev --host 0.0.0.0",
+    "build": "astro build",
+    "preview": "astro preview --host 0.0.0.0"
+  },
+  "dependencies": {
+    "astro": "^5.16.11"
+  }
+}
diff --git a/astro/wiki/src/pages/[...slug].astro b/astro/wiki/src/pages/[...slug].astro
new file mode 100644
index 0000000..d27194c
--- /dev/null
+++ b/astro/wiki/src/pages/[...slug].astro
@@ -0,0 +1,131 @@
+---
+import fs from "node:fs";
+import path from "node:path";
+
+const WIKI_DIR = path.resolve("../../docs/wiki");
+const EXCLUDE = [".git", "sl", "index.md"];
+
+export function getStaticPaths() {
+  function walk(dir, prefix = "") {
+    const entries = fs.readdirSync(dir, { withFileTypes: true });
+    const slugs = [];
+    for (const e of entries) {
+      if (e.name.startsWith(".") || EXCLUDE.includes(e.name)) continue;
+      const full = path.join(dir, e.name);
+      if (e.isDirectory()) {
+        slugs.push(...walk(full, prefix ? `${prefix}/${e.name}` : e.name));
+      } else if (e.name.endsWith(".md")) {
+        const rel = prefix ? `${prefix}/${e.name}` : e.name;
+        slugs.push({ params: { slug: rel.replace(/\.md$/, "") } });
+      }
+    }
+    return slugs;
+  }
+  return walk(WIKI_DIR);
+}
+
+const { slug } = Astro.params;
+const filePath = path.join(WIKI_DIR, `${slug}.md`);
+
+if (!fs.existsSync(filePath)) {
+  return new Response("Not found", { status: 404 });
+}
+
+const raw = fs.readFileSync(filePath, "utf-8");
+
+// Parse frontmatter
+let content = raw;
+let frontmatter = {};
+if (raw.startsWith("---")) {
+  const end = raw.indexOf("---", 3);
+  if (end !== -1) {
+    const fm = raw.slice(3, end);
+    for (const line of fm.split("\n")) {
+      const m = line.match(/^(\w+):\s*(.+)$/);
+      if (m) frontmatter[m[1]] = m[2].replace(/^["']|["']$/g, "");
+    }
+    content = raw.slice(end + 3).trim();
+  }
+}
+
+// Resolve relative wiki links [label](./page.md) → [label](/page/)
+const resolveLinks = (md) =>
+  md.replace(/\]\(\.\/([^)]+)\.md\)/g, "](/$1/)")
+    .replace(/\]\(\.\.\/([^)]+)\.md\)/g, "](/$1/)");
+
+content = resolveLinks(content);
+
+// Render fenced code blocks
+const renderCode = (md) =>
+  md.replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) => {
+    return `<pre><code${lang ? ` class="language-${lang}"` : ""}>${code.trim()}</code></pre>`;
+  });
+
+content = renderCode(content);
+
+// Render tables
+const renderTables = (md) => {
+  return md.replace(/\|(.+)\|\n\|[-| ]+\|\n((?:\|.+\|\n?)*)/gm, (_, header, rows) => {
+    const hcells = header.split("|").map(c => c.trim()).filter(Boolean);
+    const thead = `<tr>${hcells.map(c => `<th>${c}</th>`).join("")}</tr>`;
+    const tbody = rows.trim().split("\n").map(row => {
+      const cells = row.split("|").map(c => c.trim()).filter(Boolean);
+      return `<tr>${cells.map(c => `<td>${c}</td>`).join("")}</tr>`;
+    }).join("");
+    return `<table><thead>${thead}</thead><tbody>${tbody}</tbody></table>`;
+  });
+};
+content = renderTables(content);
+
+// Render inline code, bold, italic, links, headings, lists
+content = content
+  .replace(/`([^`]+)`/g, "<code>$1</code>")
+  .replace(/\*\*([^*]+)\*\*/g, "<strong>$1</strong>")
+  .replace(/\*([^*]+)\*/g, "<em>$1</em>")
+  .replace(/\[([^\]]+)\]\(([^)]+)\)/g, '<a href="$2">$1</a>')
+  .replace(/^### (.+)$/gm, "<h3>$1</h3>")
+  .replace(/^## (.+)$/gm, "<h2>$1</h2>")
+  .replace(/^# (.+)$/gm, "<h1>$1</h1>")
+  .replace(/^- (.+)$/gm, "<li>$1</li>")
+  .replace(/((?:<li>.*<\/li>\n?)+)/g, "<ul>$1</ul>")
+  .replace(/\n\n/g, "</p><p>")
+  .replace(/^(.+)$/gm, (line) => {
+    if (line.startsWith("<")) return line;
+    return line;
+  });
+
+const title = frontmatter.title || slug;
+---
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>{(title)} — Colibri Wiki</title>
+  <style>
+    :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; --border: #e0e0e0; }
+    @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; --border: #333; } }
+    body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
+    nav { margin-bottom: 1.5rem; }
+    nav a { color: var(--muted); font-size: .9rem; }
+    h1 { font-size: 1.8rem; }
+    h2 { font-size: 1.4rem; margin-top: 2rem; border-bottom: 1px solid var(--border); padding-bottom: .3rem; }
+    h3 { font-size: 1.1rem; margin-top: 1.5rem; }
+    a { color: var(--link); }
+    pre { background: var(--border); padding: .8rem 1rem; border-radius: 4px; overflow-x: auto; font-size: .9rem; }
+    code { font-size: .9em; background: var(--border); padding: .1em .3em; border-radius: 3px; }
+    pre code { background: none; padding: 0; }
+    table { border-collapse: collapse; width: 100%; margin: 1rem 0; }
+    th, td { border: 1px solid var(--border); padding: .4rem .6rem; text-align: left; font-size: .9rem; }
+    th { background: var(--border); }
+    hr { border: none; border-top: 1px solid var(--border); margin: 2rem 0; }
+  </style>
+</head>
+<body>
+  <nav><a href="/">← wiki index</a></nav>
+  <article>
+    <h1>{title}</h1>
+    <p set:html={content} />
+  </article>
+</body>
+</html>
diff --git a/astro/wiki/src/pages/index.astro b/astro/wiki/src/pages/index.astro
new file mode 100644
index 0000000..5e628c2
--- /dev/null
+++ b/astro/wiki/src/pages/index.astro
@@ -0,0 +1,60 @@
+---
+import fs from "node:fs";
+import path from "node:path";
+
+const WIKI_DIR = path.resolve("../../docs/wiki");
+const EXCLUDE = [".git", "sl", "index.md"];
+
+function walkMarkdown(dir, prefix = "") {
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  const files = [];
+  for (const e of entries) {
+    if (e.name.startsWith(".") || EXCLUDE.includes(e.name)) continue;
+    const full = path.join(dir, e.name);
+    if (e.isDirectory()) {
+      files.push(...walkMarkdown(full, prefix ? `${prefix}/${e.name}` : e.name));
+    } else if (e.name.endsWith(".md")) {
+      const rel = prefix ? `${prefix}/${e.name}` : e.name;
+      const slug = rel.replace(/\.md$/, "");
+      // Skip frontmatter, grab first H1 as title
+      const raw = fs.readFileSync(full, "utf-8");
+      const title = raw.match(/^#\s+(.+)$/m)?.[1] || slug;
+      files.push({ slug, title, file: rel });
+    }
+  }
+  return files.sort((a, b) => a.title.localeCompare(b.title));
+}
+
+const pages = walkMarkdown(WIKI_DIR);
+---
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>Colibri Wiki</title>
+  <style>
+    :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; }
+    @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; } }
+    body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
+    h1 { margin-bottom: .25rem; }
+    p.lede { color: var(--muted); margin-bottom: 1.5rem; }
+    ul { list-style: none; padding: 0; }
+    li { margin: .35rem 0; }
+    a { color: var(--link); text-decoration: none; }
+    a:hover { text-decoration: underline; }
+  </style>
+</head>
+<body>
+  <h1>Colibri Wiki</h1>
+  <p class="lede">
+    Decision pages — the <em>why</em> behind the architecture.
+    <a href="https://github.com/karpathy/llm-wiki">LLM Wiki pattern</a>.
+  </p>
+  <ul>
+    {pages.map((p) => (
+      <li><a href={`/${p.slug}/`}>{p.title}</a></li>
+    ))}
+  </ul>
+</body>
+</html>
diff --git a/docs/PLAN-WIKI-CLAWDIE-SI.md b/docs/PLAN-WIKI-CLAWDIE-SI.md
new file mode 100644
index 0000000..69561d2
--- /dev/null
+++ b/docs/PLAN-WIKI-CLAWDIE-SI.md
@@ -0,0 +1,49 @@
+# wiki.clawdie.si — separate domain for decision pages
+
+**Status:** planned · **Created:** 26.jun.2026 · **Blocks:** nothing in 0.12
+
+## Goal
+
+Split the current docs.clawdie.si (single site) into two domains during the
+Astro migration from clawdie-ai → colibri:
+
+```
+docs.clawdie.si  →  guide (procedural: install, operate, reference)
+wiki.clawdie.si  →  wiki  (decisions: architecture rationale, LLM-wiki)
+clawdie.si       →  landing (unchanged)
+```
+
+## Why
+
+- Wiki stays pure Karpathy LLM-wiki pattern — one decision per page, flat list
+- Guide stays procedural — structured sidebar with install/operate/architecture
+- Different audiences: wiki for agents/architects, guide for operators
+- ISO can toggle each surface independently (FEATURE_DOCS, FEATURE_WIKI)
+
+## What needs building
+
+| Layer | Task |
+|---|---|
+| DNS | `wiki.clawdie.si` A/AAAA → same host |
+| TLS | New Let's Encrypt cert (acme.sh auto-renew) |
+| Nginx | New vhost for wiki.clawdie.si |
+| Astro | Two Starlight configs from one colibri source tree |
+| Build | `build-docs.sh` → dist-guide/ + dist-wiki/ |
+| ISO | `FEATURE_DOCS` / `FEATURE_WIKI` toggle knobs |
+
+## Two Starlight configs
+
+```
+colibri/astro/
+  guide.config.mjs   → full sidebar: Install, Operate, Architecture...
+  wiki.config.mjs    → minimal sidebar: autogenerate flat article list
+```
+
+Same toolchain, two configs, two output dirs. Wiki uses autogenerate — no
+manual sidebar to maintain as pages are added.
+
+## Prerequisite
+
+The Astro build pipeline must be migrated from clawdie-ai to colibri first.
+The content already lives in colibri (docs/guide/ + docs/wiki/). The build
+scripts and Astro config don't yet.
diff --git a/scripts/build-wiki.sh b/scripts/build-wiki.sh
new file mode 100755
index 0000000..e91d189
--- /dev/null
+++ b/scripts/build-wiki.sh
@@ -0,0 +1,29 @@
+#!/bin/sh
+# Build the Colibri wiki site — plain Astro, no Starlight.
+#
+# Prerequisites: Node.js + npm (node24 npm-node24 on FreeBSD).
+#   cd astro/wiki && npm ci
+#
+# Usage:
+#   ./scripts/build-wiki.sh              # build to astro/wiki/dist/
+#   ./scripts/build-wiki.sh --preview    # dev server at localhost:4321
+#
+# Site URL override:
+#   ASTRO_SITE_URL=https://wiki.clawdie.si ./scripts/build-wiki.sh
+
+set -eu
+
+SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
+REPO_ROOT=$(cd "$SCRIPT_DIR/.." && pwd)
+WIKI_DIR="$REPO_ROOT/astro/wiki"
+
+cd "$WIKI_DIR"
+
+if [ "${1:-}" = "--preview" ]; then
+    echo "==> wiki dev server (http://localhost:4321)"
+    npx astro dev --host 0.0.0.0
+else
+    echo "==> building wiki ($WIKI_DIR)"
+    npx astro build
+    echo "==> wiki built → $WIKI_DIR/dist/"
+fi
-- 
2.45.3


From cbf707be8f584557325961fbfe27d730f4778b23 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 11:51:02 +0200
Subject: [PATCH 09/19] feat(wiki): add Slovenian locale support with unified
 path pattern
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Remove 'sl' from EXCLUDE — Slovenian wiki pages now served
- Locale-aware link resolver: ./page.md → /sl/page/ in sl/ context
- Language switcher in nav bar (English ↔ Slovenščina)
- Slovenian index at /sl/ with translated prose
- lang attribute dynamic per locale
- Matches docs.clawdie.si Starlight pattern: /<lang>/<page>/
---
 astro/wiki/src/pages/[...slug].astro | 33 +++++++++++---
 astro/wiki/src/pages/index.astro     | 17 +++++---
 astro/wiki/src/pages/sl/index.astro  | 64 ++++++++++++++++++++++++++++
 3 files changed, 101 insertions(+), 13 deletions(-)
 create mode 100644 astro/wiki/src/pages/sl/index.astro

diff --git a/astro/wiki/src/pages/[...slug].astro b/astro/wiki/src/pages/[...slug].astro
index d27194c..23bc196 100644
--- a/astro/wiki/src/pages/[...slug].astro
+++ b/astro/wiki/src/pages/[...slug].astro
@@ -3,7 +3,7 @@ import fs from "node:fs";
 import path from "node:path";
 
 const WIKI_DIR = path.resolve("../../docs/wiki");
-const EXCLUDE = [".git", "sl", "index.md"];
+const EXCLUDE = [".git", "index.md"];
 
 export function getStaticPaths() {
   function walk(dir, prefix = "") {
@@ -48,13 +48,23 @@ if (raw.startsWith("---")) {
   }
 }
 
-// Resolve relative wiki links [label](./page.md) → [label](/page/)
+// Detect locale from slug prefix
+const isSl = slug.startsWith("sl/");
+const locale = isSl ? "sl" : "en";
+const base = isSl ? "/sl/" : "/";
+
+// Resolve relative wiki links with locale prefix
+//  ./page.md       → /page/   or /sl/page/
+//  ../packaging/x  → /../packaging/x  (pass through absolute-ish paths)
 const resolveLinks = (md) =>
-  md.replace(/\]\(\.\/([^)]+)\.md\)/g, "](/$1/)")
-    .replace(/\]\(\.\.\/([^)]+)\.md\)/g, "](/$1/)");
+  md.replace(/\]\(\.\/([^)]+)\.md\)/g, `](${base}$1/)`)
+    .replace(/\]\(\.\.\/([^)]+)\)/g, "](/$1)");
 
 content = resolveLinks(content);
 
+// Resolve cross-wiki locale links: [label](./sl/page.md) → [/sl/page/]
+content = content.replace(/\]\(\.\/sl\/([^)]+)\.md\)/g, "](/sl/$1/)");
+
 // Render fenced code blocks
 const renderCode = (md) =>
   md.replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) => {
@@ -95,9 +105,14 @@ content = content
   });
 
 const title = frontmatter.title || slug;
+
+// Other locale link for language switcher
+const otherLocale = isSl ? "en" : "sl";
+const otherSlug = isSl ? slug.replace(/^sl\//, "") : `sl/${slug}`;
+const otherLabel = isSl ? "English" : "Slovenščina";
 ---
 <!DOCTYPE html>
-<html lang="en">
+<html lang={locale}>
 <head>
   <meta charset="utf-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1" />
@@ -106,8 +121,9 @@ const title = frontmatter.title || slug;
     :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; --border: #e0e0e0; }
     @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; --border: #333; } }
     body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
-    nav { margin-bottom: 1.5rem; }
+    nav { margin-bottom: 1.5rem; display: flex; justify-content: space-between; align-items: baseline; }
     nav a { color: var(--muted); font-size: .9rem; }
+    nav .lang a { font-weight: 600; color: var(--link); }
     h1 { font-size: 1.8rem; }
     h2 { font-size: 1.4rem; margin-top: 2rem; border-bottom: 1px solid var(--border); padding-bottom: .3rem; }
     h3 { font-size: 1.1rem; margin-top: 1.5rem; }
@@ -122,7 +138,10 @@ const title = frontmatter.title || slug;
   </style>
 </head>
 <body>
-  <nav><a href="/">← wiki index</a></nav>
+  <nav>
+    <a href={isSl ? "/sl/" : "/"}>{isSl ? "← kazalo" : "← wiki index"}</a>
+    <span class="lang"><a href={`/${otherSlug}/`}>{otherLabel}</a></span>
+  </nav>
   <article>
     <h1>{title}</h1>
     <p set:html={content} />
diff --git a/astro/wiki/src/pages/index.astro b/astro/wiki/src/pages/index.astro
index 5e628c2..3a3fddf 100644
--- a/astro/wiki/src/pages/index.astro
+++ b/astro/wiki/src/pages/index.astro
@@ -3,7 +3,7 @@ import fs from "node:fs";
 import path from "node:path";
 
 const WIKI_DIR = path.resolve("../../docs/wiki");
-const EXCLUDE = [".git", "sl", "index.md"];
+const EXCLUDE = [".git", "index.md"];
 
 function walkMarkdown(dir, prefix = "") {
   const entries = fs.readdirSync(dir, { withFileTypes: true });
@@ -16,16 +16,18 @@ function walkMarkdown(dir, prefix = "") {
     } else if (e.name.endsWith(".md")) {
       const rel = prefix ? `${prefix}/${e.name}` : e.name;
       const slug = rel.replace(/\.md$/, "");
-      // Skip frontmatter, grab first H1 as title
       const raw = fs.readFileSync(full, "utf-8");
       const title = raw.match(/^#\s+(.+)$/m)?.[1] || slug;
-      files.push({ slug, title, file: rel });
+      const lang = rel.startsWith("sl/") ? "sl" : "en";
+      files.push({ slug, title, file: rel, lang });
     }
   }
   return files.sort((a, b) => a.title.localeCompare(b.title));
 }
 
-const pages = walkMarkdown(WIKI_DIR);
+const allPages = walkMarkdown(WIKI_DIR);
+const enPages = allPages.filter(p => p.lang === "en");
+const slPages = allPages.filter(p => p.lang === "sl");
 ---
 <!DOCTYPE html>
 <html lang="en">
@@ -38,11 +40,13 @@ const pages = walkMarkdown(WIKI_DIR);
     @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; } }
     body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
     h1 { margin-bottom: .25rem; }
-    p.lede { color: var(--muted); margin-bottom: 1.5rem; }
+    p.lede { color: var(--muted); margin-bottom: .5rem; }
     ul { list-style: none; padding: 0; }
     li { margin: .35rem 0; }
     a { color: var(--link); text-decoration: none; }
     a:hover { text-decoration: underline; }
+    .lang-bar { margin-bottom: 1rem; }
+    .lang-bar a { font-weight: 600; }
   </style>
 </head>
 <body>
@@ -51,8 +55,9 @@ const pages = walkMarkdown(WIKI_DIR);
     Decision pages — the <em>why</em> behind the architecture.
     <a href="https://github.com/karpathy/llm-wiki">LLM Wiki pattern</a>.
   </p>
+  <p class="lang-bar"><a href="/sl/">Slovenščina →</a></p>
   <ul>
-    {pages.map((p) => (
+    {enPages.map((p) => (
       <li><a href={`/${p.slug}/`}>{p.title}</a></li>
     ))}
   </ul>
diff --git a/astro/wiki/src/pages/sl/index.astro b/astro/wiki/src/pages/sl/index.astro
new file mode 100644
index 0000000..99ab775
--- /dev/null
+++ b/astro/wiki/src/pages/sl/index.astro
@@ -0,0 +1,64 @@
+---
+import fs from "node:fs";
+import path from "node:path";
+
+const WIKI_DIR = path.resolve("../../../docs/wiki");
+const EXCLUDE = [".git", "index.md"];
+
+function walkMarkdown(dir, prefix = "") {
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+  const files = [];
+  for (const e of entries) {
+    if (e.name.startsWith(".") || EXCLUDE.includes(e.name)) continue;
+    const full = path.join(dir, e.name);
+    if (e.isDirectory()) {
+      files.push(...walkMarkdown(full, prefix ? `${prefix}/${e.name}` : e.name));
+    } else if (e.name.endsWith(".md")) {
+      const rel = prefix ? `${prefix}/${e.name}` : e.name;
+      const slug = rel.replace(/\.md$/, "");
+      const raw = fs.readFileSync(full, "utf-8");
+      const title = raw.match(/^#\s+(.+)$/m)?.[1] || slug;
+      if (rel.startsWith("sl/")) {
+        files.push({ slug: slug.replace(/^sl\//, ""), title, file: rel });
+      }
+    }
+  }
+  return files.sort((a, b) => a.title.localeCompare(b.title));
+}
+
+const pages = walkMarkdown(WIKI_DIR);
+---
+<!DOCTYPE html>
+<html lang="sl">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>Colibri Wiki</title>
+  <style>
+    :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; }
+    @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; } }
+    body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
+    h1 { margin-bottom: .25rem; }
+    p.lede { color: var(--muted); margin-bottom: .5rem; }
+    ul { list-style: none; padding: 0; }
+    li { margin: .35rem 0; }
+    a { color: var(--link); text-decoration: none; }
+    a:hover { text-decoration: underline; }
+    .lang-bar { margin-bottom: 1rem; }
+    .lang-bar a { font-weight: 600; }
+  </style>
+</head>
+<body>
+  <h1>Colibri Wiki</h1>
+  <p class="lede">
+    Strani z odločitvami — <em>zakaj</em> je arhitektura takšna, kot je.
+    <a href="https://github.com/karpathy/llm-wiki">Vzorec LLM Wiki</a>.
+  </p>
+  <p class="lang-bar"><a href="/">← English</a></p>
+  <ul>
+    {pages.map((p) => (
+      <li><a href={`/sl/${p.slug}/`}>{p.title}</a></li>
+    ))}
+  </ul>
+</body>
+</html>
-- 
2.45.3


From 3acb9911969239b072f02e51a91335a2e4b4dd45 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:04:37 +0200
Subject: [PATCH 10/19] =?UTF-8?q?docs(sl):=20fix=20quality-gates=20?=
 =?UTF-8?q?=E2=80=94=20vrata=E2=86=92preverjanje,=20krajevni=E2=86=92lokal?=
 =?UTF-8?q?ni?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

"Vrata" is a correct translation for TCP/network ports, but wrong for
software quality gates. Changes:

quality-gates.md — rewritten: "kakovostno preverjanje" not "kakovostna vrata"
  vrata → preverjanje (gate → verification)
  krajevna → lokalno (local)
  kljuka → kavelj (door handle → git hook)
  padejo → spodleti (falls → fails)

Scattered fixes in 5 other files:
  cost-model.md, index.md, mother-hive.md, naming-decisions.md,
  store-schema.md — vrata → preverjanje/dovoljenja
  external-mcp.md — vrata → dovoljenja (permissions)

Kept: "vrata" for TCP ports (correct), "vhodna vrata" for front-door
metaphor (works in Slovenian), "vrata za poslušanje" for listening port.

Also fixed: frontmatter quoting for YAML (nested quotes, colons).
---
 docs/wiki/sl/agent-events-reference.md |  2 +-
 docs/wiki/sl/agent-harness.md          |  4 +--
 docs/wiki/sl/contracts.md              |  2 +-
 docs/wiki/sl/cost-model.md             |  4 +--
 docs/wiki/sl/deployment.md             |  2 +-
 docs/wiki/sl/external-mcp.md           |  2 +-
 docs/wiki/sl/glasspane.md              |  2 +-
 docs/wiki/sl/headroom-sidecar.md       |  2 +-
 docs/wiki/sl/index.md                  |  6 ++---
 docs/wiki/sl/jail-confinement.md       |  2 +-
 docs/wiki/sl/layered-soul.md           |  2 +-
 docs/wiki/sl/mother-hive.md            |  4 +--
 docs/wiki/sl/naming-decisions.md       |  4 +--
 docs/wiki/sl/operator-attention.md     |  4 +--
 docs/wiki/sl/operator-cli.md           |  2 +-
 docs/wiki/sl/quality-gates.md          | 36 +++++++++++++-------------
 docs/wiki/sl/runtime-inventory.md      |  2 +-
 docs/wiki/sl/skills-catalog.md         |  2 +-
 docs/wiki/sl/store-schema.md           |  6 ++---
 docs/wiki/sl/task-board.md             |  2 +-
 docs/wiki/sl/terminal.md               |  2 +-
 docs/wiki/sl/tui.md                    |  2 +-
 docs/wiki/sl/vault-provision.md        |  2 +-
 23 files changed, 49 insertions(+), 49 deletions(-)

diff --git a/docs/wiki/sl/agent-events-reference.md b/docs/wiki/sl/agent-events-reference.md
index 1fc9a56..ff1f688 100644
--- a/docs/wiki/sl/agent-events-reference.md
+++ b/docs/wiki/sl/agent-events-reference.md
@@ -1,6 +1,6 @@
 ---
 title: Referenca agentskih dogodkov
-description: Referenca dogodkov po opremi za zot in pi, preslikave Glasspane in preverjena polja prepisa.
+description: "Referenca dogodkov po opremi za zot in pi, preslikave Glasspane in preverjena polja prepisa."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/agent-harness.md b/docs/wiki/sl/agent-harness.md
index b936de4..e09f1ef 100644
--- a/docs/wiki/sl/agent-harness.md
+++ b/docs/wiki/sl/agent-harness.md
@@ -1,6 +1,6 @@
 ---
-title: Agentska oprema: zot + Colibri
-description: Dve binarni datoteki, ne ena — zot (agent, Go) in Colibri (krmilna ravnina, Rust).
+title: "Agentska oprema: zot + Colibri"
+description: "Dve binarni datoteki, ne ena — zot (agent, Go) in Colibri (krmilna ravnina, Rust)."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/contracts.md b/docs/wiki/sl/contracts.md
index 092d77f..79027f3 100644
--- a/docs/wiki/sl/contracts.md
+++ b/docs/wiki/sl/contracts.md
@@ -1,6 +1,6 @@
 ---
 title: Stabilne JSON pogodbe
-description: Jezikovno neodvisne oblike na žici, v skupni rabi med Colibri (Rust) in Clawdie agenti (TypeScript).
+description: "Jezikovno neodvisne oblike na žici, v skupni rabi med Colibri (Rust) in Clawdie agenti (TypeScript)."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/cost-model.md b/docs/wiki/sl/cost-model.md
index 17641c6..eea994b 100644
--- a/docs/wiki/sl/cost-model.md
+++ b/docs/wiki/sl/cost-model.md
@@ -1,6 +1,6 @@
 ---
 title: Model stroškov
-description: Kako Colibri sledi vsakemu žetonu, meri zadetke predpomnilnika in samodejno stopnjuje med cenovnimi načini.
+description: "Kako Colibri sledi vsakemu žetonu, meri zadetke predpomnilnika in samodejno stopnjuje med cenovnimi načini."
 ---
 
 ← [kazalo](./index.md)
@@ -94,4 +94,4 @@ odgovori, neodvisno od tega, kako je bila zahteva izvedena.
 
 - [task-board](./task-board.md) — razporejevalnik, ki razpošilja opravila znotraj proračunov sej
 - [mother-hive](./mother-hive.md) — arhitektura MCP (druga stroškovna domena)
-- [quality-gates](./quality-gates.md) — vrata, ki preverjajo razčlenjevanje cenovnih načinov
+- [quality-gates](./quality-gates.md) — preverjanje, ki preverja razčlenjevanje cenovnih načinov
diff --git a/docs/wiki/sl/deployment.md b/docs/wiki/sl/deployment.md
index cf29329..238a47a 100644
--- a/docs/wiki/sl/deployment.md
+++ b/docs/wiki/sl/deployment.md
@@ -1,6 +1,6 @@
 ---
 title: Namestitev
-description: Nameščevalnik gostitelja clawdie — odkrije ZFS, pripravi podatkovne zbirke, ustvari uporabnika storitve in namesti enoto rc.d/systemd.
+description: "Nameščevalnik gostitelja clawdie — odkrije ZFS, pripravi podatkovne zbirke, ustvari uporabnika storitve in namesti enoto rc.d/systemd."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/external-mcp.md b/docs/wiki/sl/external-mcp.md
index 0a9cc39..53a51d5 100644
--- a/docs/wiki/sl/external-mcp.md
+++ b/docs/wiki/sl/external-mcp.md
@@ -1,6 +1,6 @@
 ---
 title: Zunanji MCP
-description: Most MCP za urejevalnike in zunanje gostitelje — branje, pisanje in vrata za zunanje klice prek Colibrijeve implementacije MCP.
+description: "Most MCP za urejevalnike in zunanje gostitelje — branje, pisanje in dovoljenja za zunanje klice prek Colibrijeve implementacije MCP."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/glasspane.md b/docs/wiki/sl/glasspane.md
index ced9ac8..32ab29d 100644
--- a/docs/wiki/sl/glasspane.md
+++ b/docs/wiki/sl/glasspane.md
@@ -1,6 +1,6 @@
 ---
 title: Glasspane — nadzor stanja agentov
-description: Colibrijeva plast za opazovanje agentov. Gleda podprocese agentov prek JSONL, zlaga tok v semantični avtomat stanj in izpostavlja API posnetkov.
+description: "Colibrijeva plast za opazovanje agentov. Gleda podprocese agentov prek JSONL, zlaga tok v semantični avtomat stanj in izpostavlja API posnetkov."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/headroom-sidecar.md b/docs/wiki/sl/headroom-sidecar.md
index bd45985..afeee3a 100644
--- a/docs/wiki/sl/headroom-sidecar.md
+++ b/docs/wiki/sl/headroom-sidecar.md
@@ -1,6 +1,6 @@
 ---
 title: Stranski vagon Headroom
-description: Colibri lahko neobvezno prosi krajevni stranski vagon headroom-ai, da stisne rezultate orodij, preden dosežejo proračun žetonov.
+description: "Colibri lahko neobvezno prosi krajevni stranski vagon headroom-ai, da stisne rezultate orodij, preden dosežejo proračun žetonov."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/index.md b/docs/wiki/sl/index.md
index 6e006d2..26ac56a 100644
--- a/docs/wiki/sl/index.md
+++ b/docs/wiki/sl/index.md
@@ -1,6 +1,6 @@
 ---
 title: Colibri Wiki
-description: Zbirka znanja o odločitvah in arhitekturi Colibri — utemeljitve, ki jih koda ne more izraziti.
+description: "Zbirka znanja o odločitvah in arhitekturi Colibri — utemeljitve, ki jih koda ne more izraziti."
 ---
 
 Zbirka znanja o Colibrijevih **odločitvah in arhitekturi** — po vzoru
@@ -62,10 +62,10 @@ clippy.
 | [naming-decisions](./naming-decisions.md)             | Imenik preimenovanj, nevtralnih glede na opremo / arhitekturnih — dostavljenih in v teku                                   |
 | [layered-soul](./layered-soul.md)                     | Kako Colibri danes uporablja repozitorij pregledanega konteksta layered-soul proti načrtovanemu                            |
 | [task-board](./task-board.md)                         | Točkovanje po zmožnostih, cron razporejanje, praznjenje vnosne vrste, podlaga SQLite                                       |
-| [quality-gates](./quality-gates.md)                   | `ci-checks.sh` kot vrata pred združitvijo; zakaj je odmik prej dosegel `main`                                              |
+| [quality-gates](./quality-gates.md)                   | `ci-checks.sh` kot preverjanje pred združitvijo; zakaj je odmik prej dosegel `main`                                              |
 | [contracts](./contracts.md)                           | Stabilne JSON sheme (run-manifest, runtime-inventory, provider-smoke), zlati testi                                         |
 | [store-schema](./store-schema.md)                     | Usklajevalna shema SQLite in disciplina migracij                                                                           |
-| [external-mcp](./external-mcp.md)                     | Most MCP za urejevalnike + zunanji gostitelj stdio MCP; vrata za branje/pisanje/zunanji-klic                               |
+| [external-mcp](./external-mcp.md)                     | Most MCP za urejevalnike + zunanji gostitelj stdio MCP; dovoljenja za branje/pisanje/zunanji-klic                               |
 | [operator-cli](./operator-cli.md)                     | CLI `colibri` kot tanek tipiziran odjemalec Unix vtičnice prek API demona                                                  |
 | [tui](./tui.md)                                       | Odjemalec terminalske nadzorne plošče (colibri-tui) proti avtomatu stanj colibri-glasspane                                 |
 | [terminal](./terminal.md)                             | Odločitev o terminalski zmožnosti (Kitty, razširjeno poročanje tipk, prehod tmux, SSH terminfo)                            |
diff --git a/docs/wiki/sl/jail-confinement.md b/docs/wiki/sl/jail-confinement.md
index 7bfd6ce..f72f5ef 100644
--- a/docs/wiki/sl/jail-confinement.md
+++ b/docs/wiki/sl/jail-confinement.md
@@ -1,6 +1,6 @@
 ---
 title: Omejitev ječ
-description: Trajne proti prehodnim ječam, pravilnik načina priv in ponovna uporaba omejitve zaganjalnika za strežnike MCP.
+description: "Trajne proti prehodnim ječam, pravilnik načina priv in ponovna uporaba omejitve zaganjalnika za strežnike MCP."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/layered-soul.md b/docs/wiki/sl/layered-soul.md
index 4440653..137ff89 100644
--- a/docs/wiki/sl/layered-soul.md
+++ b/docs/wiki/sl/layered-soul.md
@@ -1,6 +1,6 @@
 ---
 title: Integracija plastovite duše
-description: Kako Colibri danes uporablja repozitorij layered-soul in kaj je še načrtovano.
+description: "Kako Colibri danes uporablja repozitorij layered-soul in kaj je še načrtovano."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/mother-hive.md b/docs/wiki/sl/mother-hive.md
index d3cd291..1c07b0f 100644
--- a/docs/wiki/sl/mother-hive.md
+++ b/docs/wiki/sl/mother-hive.md
@@ -1,6 +1,6 @@
 ---
 title: Matični hive
-description: Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL.
+description: "Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL."
 ---
 
 ← [kazalo](./index.md)
@@ -116,4 +116,4 @@ datoteke ali `sudo`.
 
 - [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
 - [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
-- [quality-gates](./quality-gates.md) — vrata, ki bi morala ujeti odmik ob času PR
+- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo ujeti odmik ob času PR
diff --git a/docs/wiki/sl/naming-decisions.md b/docs/wiki/sl/naming-decisions.md
index 60306d7..0620a38 100644
--- a/docs/wiki/sl/naming-decisions.md
+++ b/docs/wiki/sl/naming-decisions.md
@@ -1,6 +1,6 @@
 ---
 title: Imenik odločitev o poimenovanju
-description: Živa evidenca preimenovanj, ki so jih pognale presežene predpostavke — da je prihodnji odmik preverljiv proti enemu seznamu.
+description: "Živa evidenca preimenovanj, ki so jih pognale presežene predpostavke — da je prihodnji odmik preverljiv proti enemu seznamu."
 ---
 
 ← [kazalo](./index.md)
@@ -60,4 +60,4 @@ _Trenutno nobeno._
 ## Glej tudi
 
 - [agent-harness](./agent-harness.md)
-- [quality-gates](./quality-gates.md) — vrata, ki bi morala te ujeti ob času PR
+- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo te ujeti ob času PR
diff --git a/docs/wiki/sl/operator-attention.md b/docs/wiki/sl/operator-attention.md
index c1523f9..ef85c03 100644
--- a/docs/wiki/sl/operator-attention.md
+++ b/docs/wiki/sl/operator-attention.md
@@ -1,6 +1,6 @@
 ---
-title: Operaterska pozornost — "ali ta agent potrebuje mene zdaj?"
-description: Kako Glasspane presoja, kateri agent potrebuje operaterski poseg, in to prikaže v TUI.
+title: "Operaterska pozornost — ali ta agent potrebuje mene zdaj?"
+description: "Kako Glasspane presoja, kateri agent potrebuje operaterski poseg, in to prikaže v TUI."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/operator-cli.md b/docs/wiki/sl/operator-cli.md
index 0bfb0a9..1433083 100644
--- a/docs/wiki/sl/operator-cli.md
+++ b/docs/wiki/sl/operator-cli.md
@@ -1,6 +1,6 @@
 ---
 title: Operaterski CLI (`colibri`)
-description: Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona — tanek tipiziran odjemalec Unix vtičnice.
+description: "Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona — tanek tipiziran odjemalec Unix vtičnice."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/quality-gates.md b/docs/wiki/sl/quality-gates.md
index 930dade..f69d16f 100644
--- a/docs/wiki/sl/quality-gates.md
+++ b/docs/wiki/sl/quality-gates.md
@@ -1,50 +1,50 @@
 ---
-title: Kakovostna vrata
-description: Sprememba ni "končana", dokler krajevna vrata ne uspejo — cargo fmt, clippy, cargo test, markdown vrata, wiki-lint.
+title: Kakovostno preverjanje
+description: 'Sprememba ni končana brez uspešnega lokalnega preverjanja — cargo fmt, clippy, cargo test, markdown, wiki-lint.'
 ---
 
 ← [kazalo](./index.md)
 
 ## Odločitev
 
-Sprememba ni "končana", dokler krajevna vrata ne uspejo:
+Sprememba ni "končana", dokler ne prestane lokalnega preverjanja:
 
 ```sh
 ./scripts/ci-checks.sh   # cargo fmt --check, clippy -D warnings, cargo test, markdown gate, wiki-lint --strict
 ```
 
-Predpotisna kljuka (`scripts/pre-push`) zažene ta ista vrata ob vsakem
+Predpotisni kavelj (`scripts/pre-push`) zažene isto preverjanje ob vsakem
 `git push` na `main` — aktiviraj enkrat na klon z `./scripts/install-hooks.sh`.
-Kljuka zavrne potisk, če katerakoli vrata padejo; obidi samo v sili z
+Kavelj zavrne potisk, če katerokoli preverjanje spodleti; obidi samo v sili z
 `--no-verify`.
 
 `.forgejo/workflows/ci.yml` kodira ista preverjanja, vendar **noben izvajalnik
 Forgejo Actions ni registriran**, zato nič ne uveljavlja preverjanj
-strežniško. Dokler izvajalnik ni aktiven, so krajevna vrata + predpotisna
-kljuka uveljavitvena plast. Navedeno kot obvezno v `AGENTS.md`.
+strežniško. Dokler izvajalnik ni aktiven, sta lokalno preverjanje + predpotisni
+kavelj uveljavitvena plast. Navedeno kot obvezno v `AGENTS.md`.
 
 ## Zakaj ta stran obstaja
 
 Napaka pri prevajanju (`pi_binary` nedefiniran, iz napol dokončanega
-preimenovanja) je dosegla `main`, ker so bila vrata preskočena _in_
-neuveljavljena. Ista revizija je ugotovila, da so bila oboja vrata takrat
-dejansko rdeča na `main`:
+preimenovanja) je dosegla `main`, ker je bilo preverjanje preskočeno _in_
+neuveljavljeno. Ista revizija je ugotovila, da sta bili obe preverjanji takrat
+dejansko rdeči na `main`:
 
-- `clippy -D warnings` je padel na predobstoječem lintu → Rust vrata bi
-  padla za vsakogar, ki bi jih zagnal.
-- markdown vrata so padla na prettier-umazanih dokumentih.
+- `clippy -D warnings` je padel na predobstoječem lintu → Rust preverjanje bi
+  padlo za vsakogar, ki bi ga zagnal.
+- markdown preverjanje je padlo na prettier-umazanih dokumentih.
 
-Oboje je bilo spravljeno v zeleno, zato so vrata zdaj dejansko zagonljiva.
-Nauk: vrata, ki jih nihče ne poganja (in so tako ali tako rdeča), so
-korenski vzrok, da odmik doseže `main` — bolj kot vsak posamezen spodrsljaj
-pri poimenovanju.
+Oboje je bilo spravljeno v zeleno, zato je preverjanje zdaj dejansko
+zagonljivo. Nauk: preverjanje, ki ga nihče ne poganja (in je tako ali tako
+rdeče), je korenski vzrok, da odmik doseže `main` — bolj kot vsak posamezen
+spodrsljaj pri poimenovanju.
 
 ## Odnos do tega wikija
 
 Imenik [naming-decisions](./naming-decisions.md) + `wiki-lint --strict` sta
 _pomenska_ protiutež `ci-checks.sh`: prevajalnik/clippy ujameta zlomljeno
 _kodo_, ne pa dokumenta, ki še vedno opisuje staro zasnovo, ali imena, ki je
-odneslo. Wiki lint pokriva to vrzel. Zdaj je del obveznih vrat — napaka
+odneslo. Wiki lint pokriva to vrzel. Zdaj je del obveznega preverjanja — napaka
 odmika blokira potisk, enako kot opozorilo clippy.
 
 ## Glej tudi
diff --git a/docs/wiki/sl/runtime-inventory.md b/docs/wiki/sl/runtime-inventory.md
index 825dfeb..f801a18 100644
--- a/docs/wiki/sl/runtime-inventory.md
+++ b/docs/wiki/sl/runtime-inventory.md
@@ -1,6 +1,6 @@
 ---
 title: Popis izvajalnega okolja
-description: Bralnik stanja gostitelja — aditivne, bralne integracije, ki zbirajo različice OS, paketov in izvajalnega okolja.
+description: "Bralnik stanja gostitelja — aditivne, bralne integracije, ki zbirajo različice OS, paketov in izvajalnega okolja."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/skills-catalog.md b/docs/wiki/sl/skills-catalog.md
index 151c5b3..136c300 100644
--- a/docs/wiki/sl/skills-catalog.md
+++ b/docs/wiki/sl/skills-catalog.md
@@ -1,6 +1,6 @@
 ---
 title: Katalog veščin
-description: Bralni izvajalni porabnik za pregledane artefakte veščin Clawdie-AI — uvozi SKILL.md v Colibrijevo tabelo skills.
+description: "Bralni izvajalni porabnik za pregledane artefakte veščin Clawdie-AI — uvozi SKILL.md v Colibrijevo tabelo skills."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/store-schema.md b/docs/wiki/sl/store-schema.md
index 022fb67..d47ac18 100644
--- a/docs/wiki/sl/store-schema.md
+++ b/docs/wiki/sl/store-schema.md
@@ -1,6 +1,6 @@
 ---
 title: Shema shrambe
-description: Koordinacijska shramba Colibri — ena sama podatkovna zbirka SQLite, ki hrani tablo opravil, register agentov in veščin ter preslikavo najemnikov.
+description: "Koordinacijska shramba Colibri — ena sama podatkovna zbirka SQLite, ki hrani tablo opravil, register agentov in veščin ter preslikavo najemnikov."
 ---
 
 ← [kazalo](./index.md)
@@ -69,8 +69,8 @@ svojem `tenant_id` v ukazih vtičnice in kljukah za oskrbo.
 ### Omejitev CHECK stanja opravila je vir resnice
 
 `tasks.status` je omejen na `('queued','claimed','started','done','failed')`.
-Enum `TaskStatus` v Rustu ga zrcali, vendar je podatkovna zbirka zadnja
-vrata. Ukaz, ki poskusi vstaviti neznano stanje, pade ob času pisanja.
+Enum `TaskStatus` v Rustu ga zrcali, vendar je podatkovna zbirka zadnje
+preverjanje. Ukaz, ki poskusi vstaviti neznano stanje, pade ob času pisanja.
 
 → `crates/colibri-store/src/schema.rs`
 
diff --git a/docs/wiki/sl/task-board.md b/docs/wiki/sl/task-board.md
index 0d6d317..7a62578 100644
--- a/docs/wiki/sl/task-board.md
+++ b/docs/wiki/sl/task-board.md
@@ -1,6 +1,6 @@
 ---
 title: Tabla opravil + razporejevalnik
-description: Kako Colibri hrani operaterska opravila in jih razporeja med agente glede na zmožnosti.
+description: "Kako Colibri hrani operaterska opravila in jih razporeja med agente glede na zmožnosti."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/terminal.md b/docs/wiki/sl/terminal.md
index 572d9e7..d842bd0 100644
--- a/docs/wiki/sl/terminal.md
+++ b/docs/wiki/sl/terminal.md
@@ -1,6 +1,6 @@
 ---
 title: Terminal — zmožnost, ne znamka
-description: Zmožnost terminala kot ozka, prenosljiva abstrakcija — Kitty, ne iTerm2; ANSI, ne lastniški protokoli.
+description: "Zmožnost terminala kot ozka, prenosljiva abstrakcija — Kitty, ne iTerm2; ANSI, ne lastniški protokoli."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/tui.md b/docs/wiki/sl/tui.md
index 9966637..1ad0aa6 100644
--- a/docs/wiki/sl/tui.md
+++ b/docs/wiki/sl/tui.md
@@ -1,6 +1,6 @@
 ---
 title: Terminalska nadzorna plošča (colibri-tui)
-description: Colibrijeva živa terminalska nadzorna plošča — povezuje se na Unix vtičnico demona in prikazuje agente, stanja ter pozornostna opozorila.
+description: "Colibrijeva živa terminalska nadzorna plošča — povezuje se na Unix vtičnico demona in prikazuje agente, stanja ter pozornostna opozorila."
 ---
 
 ← [kazalo](./index.md)
diff --git a/docs/wiki/sl/vault-provision.md b/docs/wiki/sl/vault-provision.md
index 51429b7..0c1f048 100644
--- a/docs/wiki/sl/vault-provision.md
+++ b/docs/wiki/sl/vault-provision.md
@@ -1,6 +1,6 @@
 ---
 title: Oskrba trezorja
-description: Oskrba datotek env, gnana z Vaultwarden, v ječe po zagonu agenta — preslikava najemnik → ječa → zbirka.
+description: "Oskrba datotek env, gnana z Vaultwarden, v ječe po zagonu agenta — preslikava najemnik → ječa → zbirka."
 ---
 
 ← [kazalo](./index.md)
-- 
2.45.3


From 9643790739a003a609257a13e6d7ffc71952e78c Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:16:27 +0200
Subject: [PATCH 11/19] skill(nginx): document SSL cert placeholder + ACME
 challenge ordering hiccups
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Three hiccups from the wiki.clawdie.si deployment (26.jun.2026):

1. Placeholder cert — nginx refuses to start when ssl_certificate files
   dont exist yet. Create a temporary self-signed cert first, then
   acme.sh --issue overwrites it with the real cert.

2. ACME challenge location ordering — nginx matches location blocks in
   order. .well-known/acme-challenge/ MUST come before the
   location / { return 301 https://... } redirect, otherwise ACME
   validation returns 301 instead of the challenge file.

3. acme.sh --key-file + --fullchain-file — these flags write directly
   to the nginx SSL paths, replacing the placeholder. The cert paths
   must match between nginx config and acme.sh invocation.

New "Adding a new public static HTTPS site — full flow" section covers
the complete pattern: DNS first → placeholder cert → vhost with ordered
locations → real cert → content deploy → renewal.

Two new troubleshooting entries: BIO_new_file() failed (missing cert),
ACME challenge 404/301 (location ordering or missing directory).
---
 .agent/nginx/SKILL.md | 677 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 677 insertions(+)
 create mode 100644 .agent/nginx/SKILL.md

diff --git a/.agent/nginx/SKILL.md b/.agent/nginx/SKILL.md
new file mode 100644
index 0000000..04952a7
--- /dev/null
+++ b/.agent/nginx/SKILL.md
@@ -0,0 +1,677 @@
+---
+name: nginx
+description: Manage nginx web serving for the cms jail on FreeBSD. Host nginx terminates SSL and proxies to jail nginx at ${AGENT_SUBNET_BASE}.4. Use when configuring vhosts, SSL, static site serving, or Strapi reverse proxy. Triggers on "nginx", "website", "vhost", "update site", "add vhost", "ssl".
+---
+
+# Nginx
+
+Use this skill for nginx decisions on the **cms jail** (`${AGENT_SUBNET_BASE}.4`) and the **host nginx** SSL proxy layer.
+
+## Current surface model
+
+- Operator app: `ai.<base>` — not served by cms jail nginx
+- Shared CMS admin/API: `cms.<base>` — shared service surface
+- Shared code admin: `git.<base>` — separate service surface, not cms nginx
+- Tenant home: `<tenant>.<base>` — served by cms jail nginx
+- Tenant site: `<site>.<tenant>.<base>` — served by cms jail nginx
+
+For the internal default install, `<base>` is `home.arpa`.
+
+## Actual architecture (as deployed)
+
+```text
+operator at ai.<base>
+  → controlplane app (not cms nginx)
+
+tenant/browser at <tenant>.<base> or <site>.<tenant>.<base>
+  → host nginx (optional public SSL terminator / proxy)
+    → cms jail nginx at ${AGENT_SUBNET_BASE}.4
+       → tenant home + tenant sites (static output)
+
+operator/editor at cms.<base>
+  → host nginx (optional public/internal proxy)
+    → cms jail nginx
+       → Strapi admin + CMS API
+```
+
+**Host nginx** terminates SSL and proxies to the jail when public exposure exists.
+**Jail nginx** is the real web server for tenant homes, tenant sites, and the shared CMS surface.
+
+This diverges from the original design (PF RDR → jail nginx handling SSL itself). The reason:
+host nginx was already running for clawdie.si, so PF RDR to the jail would break the existing
+site. Host-proxy is the correct pattern when multiple domains share the same host.
+
+## Scope
+
+This skill covers:
+
+- Host nginx SSL proxy vhosts (SSL termination, proxy_pass to jail)
+- Jail nginx server_name routing for `cms.<base>`, `<tenant>.<base>`, and `<site>.<tenant>.<base>`
+- SSL certificate management for public-exposed surfaces
+- ACME challenge pattern when host nginx proxies to jail
+- Strapi admin/API reverse proxy on the shared CMS surface
+- Tenant home and tenant-site static serving
+
+This skill does not replace:
+
+- `warden-pf` for PF firewall rules
+- `freebsd-admin` for host-level system changes
+
+## SSL certificate tools (two tools on this host)
+
+| Domain                                                  | Tool    | Location                                    |
+| ------------------------------------------------------- | ------- | ------------------------------------------- |
+| `clawdie.si`, `docs.clawdie.si`, `osa.smilepowered.org` | acme.sh | `/root/.acme.sh/<domain>_ecc/`              |
+| `samob.smilepowered.org`                                | certbot | `/usr/local/etc/letsencrypt/live/<domain>/` |
+
+Keep the tools separate. Do not migrate certbot domains to acme.sh without a plan.
+
+`just doctor` audits the canonical acme.sh-backed public cert paths and reports `TLS_<LABEL>` expiry plus `ACME_RENEWAL_CRON` presence. Treat missing renewal cron as an operational warning; do not renew or reinstall cert tooling from the doctor path.
+
+## ACME challenge pattern (when host proxies to jail)
+
+When host nginx is proxying a domain to the jail, certbot HTTP-01 renewal must
+be served from the **host**, not the jail. The jail doesn't know about certbot.
+
+Pattern in every proxied host vhost:
+
+```nginx
+server {
+    listen 80; listen [::]:80;
+    server_name <domain>;
+
+    # certbot challenge served from host — do NOT proxy this
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot-challenge;
+    }
+
+    location / {
+        return 301 https://$server_name$request_uri;
+    }
+}
+```
+
+The directory `/var/www/certbot-challenge` must exist on the host. certbot writes
+challenge files there; nginx serves them before the HTTPS redirect fires.
+
+## Paths
+
+**Host nginx:**
+
+- vhosts: `/usr/local/etc/nginx/vhosts/*.conf`
+- certbot certs: `/usr/local/etc/letsencrypt/live/<domain>/`
+- acme.sh certs: `/usr/local/etc/nginx/ssl/<name>/`
+- ACME challenge webroot: `/var/www/certbot-challenge/`
+
+**Jail nginx** — commands via `bastille cmd cms <cmd>` or `bastille console cms`:
+
+- nginx config: `/usr/local/etc/nginx/nginx.conf`
+- vhosts: `/usr/local/etc/nginx/vhosts/*.conf`
+- webroots: `/var/www/<site>/dist/`
+
+## Hosted surfaces
+
+| Surface       | Typical host             | Proxied from host | Served by cms jail nginx |
+| ------------- | ------------------------ | ----------------- | ------------------------ |
+| Tenant home   | `<tenant>.<base>`        | maybe             | yes                      |
+| Tenant site   | `<site>.<tenant>.<base>` | maybe             | yes                      |
+| CMS admin/API | `cms.<base>`             | maybe             | yes                      |
+| Operator app  | `ai.<base>`              | separate stack    | no                       |
+
+**acme.sh webroot for host-proxied domains:** keep a real directory at
+`/usr/local/www/<domain>/` on the host even when the domain proxies to the jail.
+acme.sh --webroot renewal writes challenge files there; the HTTP vhost serves
+`/.well-known/acme-challenge/` from it before the HTTPS redirect fires.
+
+## docs.clawdie.si shape
+
+`docs.clawdie.si` is a public static documentation site, not a reverse proxy app.
+
+Recommended site structure (inside cms jail):
+
+```text
+/usr/local/www/docs.clawdie.si/
+  index.html
+  css/
+    shared.css
+  docs/
+    index.html
+    split-brain.html
+```
+
+Recommended vhost:
+
+```nginx
+server {
+    listen 80;
+    listen [::]:80;
+    server_name docs.clawdie.si;
+    return 301 https://docs.clawdie.si$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name docs.clawdie.si;
+    root /usr/local/www/docs.clawdie.si;
+    index index.html;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/docs/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/docs/docs.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+
+    location /docs/ {
+        try_files $uri $uri/ /docs/index.html =404;
+    }
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}
+```
+
+Use this site to explain:
+
+- FreeBSD-first deployment
+- split-brain memory
+- local built-in knowledge in the `db` jail
+- upstream-aware relationship to NanoClaw
+
+Recommended baseline for all public vhosts:
+
+- `add_header X-Content-Type-Options "nosniff" always;`
+- `add_header X-Frame-Options "SAMEORIGIN" always;`
+- `add_header X-XSS-Protection "1; mode=block" always;`
+- `add_header Referrer-Policy "strict-origin-when-cross-origin" always;`
+
+## Site structure: public Clawdie site
+
+Inside the cms jail at `/usr/local/www/clawdie/`:
+
+```
+/usr/local/www/clawdie/
+  index.html              # Main landing page
+  css/shared.css          # Shared styles
+  docs/index.html         # Documentation page
+  img/                    # Public images (used on landing page)
+  guides/
+    freebsd-setup.html    # FreeBSD setup guide
+    nginx-ssl.html        # Nginx + SSL guide
+    stripe-agents.html    # Stripe agents guide
+    tailscale-vpn.html    # Tailscale VPN guide
+  screenshots/            # Diagnostic screenshots (basic auth protected)
+```
+
+## Public vs Protected Paths
+
+**Pattern:** Use `/img/` for public images, `/screenshots/` for protected content.
+
+| Path            | Purpose                                | Auth       |
+| --------------- | -------------------------------------- | ---------- |
+| `/img/`         | Public images used on landing page     | None       |
+| `/screenshots/` | Diagnostic screenshots, wizard gallery | Basic auth |
+
+**Why separate directories?**
+
+If you include an image from `/screenshots/` on the landing page, the browser triggers an auth prompt when loading the page. This creates a bad user experience.
+
+## Controlplane dashboard (Tailscale)
+
+When exposing the operator dashboard over Tailscale, host nginx serves TLS for the MagicDNS hostname and proxies to the local controlplane API.
+
+Recommended pattern:
+
+- vhost: `/usr/local/etc/nginx/vhosts/controlplane-tailscale.conf`
+- certs: `/usr/local/etc/nginx/ssl/tailscale/<magicdns>.crt` + `.key` (from `tailscale cert`)
+- proxy: `http://127.0.0.1:3100`
+- header: `Authorization: Bearer op:clawdie:${OPERATOR_PASSWORD}` when running `CONTROLPLANE_AUTH_MODE=local_trusted`
+
+This is the `ai.<base>` surface, not the tenant home app.
+
+**Solution:**
+
+1. Public images → `/usr/local/www/clawdie/img/` inside the `cms` jail
+2. Protected galleries → `/usr/local/www/clawdie/screenshots/` inside the `cms` jail
+
+```nginx
+# nginx config pattern
+location /img/ {
+    try_files $uri $uri/ =404;  # public, no auth
+}
+
+location /screenshots/ {
+    auth_basic "Diagnostics";
+    auth_basic_user_file /usr/local/etc/nginx/screenshots.htpasswd;
+    try_files $uri $uri/ =404;
+}
+```
+
+**HTML usage:**
+
+```html
+<!-- Landing page - use public /img/ -->
+<img src="/img/screenshot.png" />
+
+<!-- Protected gallery - link to /screenshots/ -->
+<a href="/screenshots/wizard.html">View gallery</a>
+```
+
+## Protected paths
+
+| Path            | Auth       | htpasswd file                               | Credentials                                            |
+| --------------- | ---------- | ------------------------------------------- | ------------------------------------------------------ |
+| `/screenshots/` | basic auth | `/usr/local/etc/nginx/screenshots.htpasswd` | in `.env` (`SCREENSHOTS_USER`, `SCREENSHOTS_PASSWORD`) |
+
+### Adding basic auth to a new path
+
+Run inside the cms jail (`bastille console cms`):
+
+```sh
+# 1. generate password hash
+openssl passwd -apr1 'your-password'
+
+# 2. write htpasswd file
+sh -c 'cat > /usr/local/etc/nginx/newpath.htpasswd << EOF
+username:$apr1$hash...
+EOF'
+chmod 640 /usr/local/etc/nginx/newpath.htpasswd
+chown root:www /usr/local/etc/nginx/newpath.htpasswd
+
+# 3. add location block to vhost
+#    location /newpath/ {
+#        auth_basic "Description";
+#        auth_basic_user_file /usr/local/etc/nginx/newpath.htpasswd;
+#        try_files $uri $uri/ =404;
+#    }
+
+# 4. test and reload
+nginx -t && service nginx reload
+```
+
+Store credentials in `/home/clawdie/clawdie-ai/.env`. Never in skill files.
+
+## Safe defaults
+
+- Always run `nginx -t` before reloading
+- Never reload nginx with a broken config
+- Back up vhost configs before modifying
+- Keep CSS in shared files, not inline (except index.html which is self-contained)
+- Test changes locally before pushing to production
+
+## Workflow
+
+Be explicit about which nginx owns the surface:
+
+- **Host nginx** terminates public TLS for `clawdie.si`, `docs.clawdie.si`, and other host-level domains.
+- **cms jail nginx** serves tenant/static content behind the host proxy or internal routes.
+
+Run host nginx/acme.sh commands on the host. Run jail webroot and jail-vhost commands inside the cms jail:
+
+```sh
+bastille console cms
+# or
+bastille cmd cms sh
+```
+
+### Updating site content
+
+1. Edit the HTML file directly in the webroot (inside the jail)
+2. Changes are served immediately (static files, no build step)
+3. For structural changes, run `nginx -t` then `service nginx reload`
+
+### Adding a new public static HTTPS site — full flow (wiki.clawdie.si pattern)
+
+This is the canonical pattern for deploying a static HTTPS site on the host
+nginx, drawn from the `wiki.clawdie.si` deployment (26.jun.2026). It covers the
+three hiccups that reliably trip first-time deploys and how to avoid them.
+
+### 0. DNS first
+
+Verify the A/AAAA record resolves before touching nginx or acme.sh. The server
+cannot reach its own public IP (PF blocks loopback), so query the authoritative
+nameserver directly:
+
+```sh
+drill NS clawdie.si | grep "ANSWER" -A5
+drill wiki.clawdie.si A @x1.si.
+```
+
+Do not proceed until the authoritative NS returns the correct IP.
+
+### 1. Create webroot + placeholder cert
+
+**Hiccup #1: nginx refuses to start when the SSL cert file doesn't exist.**
+The vhost references `ssl_certificate` and `ssl_certificate_key` — if those
+files are absent, `nginx -t` fails and you can't even start the HTTP server for
+ACME validation. Fix: create a **temporary self-signed cert** first:
+
+```sh
+mkdir -p /usr/local/www/wiki.clawdie.si
+mkdir -p /usr/local/etc/nginx/ssl/wiki
+
+# Placeholder cert — lets nginx start so ACME can validate
+openssl req -x509 -nodes -days 1 -newkey ec \
+  -pkeyopt ec_paramgen_curve:prime256v1 \
+  -keyout /usr/local/etc/nginx/ssl/wiki/wiki.key \
+  -out /usr/local/etc/nginx/ssl/wiki/fullchain.cer \
+  -subj "/CN=wiki.clawdie.si"
+```
+
+### 2. Write the vhost with ACME challenge BEFORE redirect
+
+**Hiccup #2: the HTTP→HTTPS redirect catches the ACME challenge before it
+reaches the well-known location.** Nginx matches location blocks in order.
+The `.well-known/acme-challenge/` location must appear **before** the
+`location / { return 301 https://... }` redirect:
+
+```nginx
+server {
+    listen 80; listen [::]:80;
+    server_name wiki.clawdie.si;
+
+    # ACME challenge — MUST come before the redirect
+    location /.well-known/acme-challenge/ {
+        root /usr/local/www/wiki.clawdie.si;
+    }
+
+    location / {
+        return 301 https://wiki.clawdie.si$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl; listen [::]:443 ssl;
+    server_name wiki.clawdie.si;
+    root /usr/local/www/wiki.clawdie.si;
+    index index.html;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/wiki/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/wiki/wiki.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    # Security headers — baseline for all public vhosts
+    add_header X-Content-Type-Options nosniff always;
+    add_header X-Frame-Options SAMEORIGIN always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy strict-origin-when-cross-origin always;
+
+    location /.well-known/acme-challenge/ {
+        root /usr/local/www/wiki.clawdie.si;
+    }
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}
+```
+
+Write to `/usr/local/etc/nginx/vhosts/<domain>.conf`, then:
+
+```sh
+nginx -t && service nginx reload
+```
+
+### 3. Issue the real cert (replaces placeholder)
+
+**Hiccup #3: acme.sh `--issue` with `--key-file` + `--fullchain-file` writes
+directly to the nginx SSL paths, overwriting the placeholder.** The cert files
+and nginx config must agree on the paths:
+
+```sh
+acme.sh --issue -d wiki.clawdie.si -w /usr/local/www/wiki.clawdie.si \
+  --key-file       /usr/local/etc/nginx/ssl/wiki/wiki.key \
+  --fullchain-file /usr/local/etc/nginx/ssl/wiki/fullchain.cer
+service nginx reload
+```
+
+Verify the cert replaced the placeholder:
+
+```sh
+openssl x509 -in /usr/local/etc/nginx/ssl/wiki/fullchain.cer -noout -issuer
+# Should show "CN = R11, O = Let's Encrypt" — not the placeholder CN
+```
+
+### 4. Content deployment
+
+Static content goes to the webroot. For content built inside the CMS jail, use
+tar to cross the jail boundary:
+
+```sh
+# Build inside jail, tar to host
+bastille cmd cms sh -c 'tar -czf /tmp/wiki-dist.tar.gz -C /usr/local/www/wiki.clawdie.si .'
+cp /usr/local/bastille/jails/cms/root/tmp/wiki-dist.tar.gz /tmp/
+tar -xzf /tmp/wiki-dist.tar.gz -C /usr/local/www/wiki.clawdie.si/
+```
+
+### 5. Renewal
+
+acme.sh auto-renews via cron (check with `crontab -l`). The cert paths match
+between acme.sh and nginx, so renewal is zero-touch. Verify:
+
+```sh
+openssl x509 -in /usr/local/etc/nginx/ssl/wiki/fullchain.cer -noout -enddate
+```
+
+The public TLS/certificate steps below run on the **host**. Only jail webroot/content steps run inside the cms jail.
+
+1. **DNS check first** — verify the A record resolves before touching nginx or acme.sh.
+   The server cannot reach its own public IP (PF), so query the authoritative nameserver directly:
+
+   ```sh
+   # find NS
+   drill NS clawdie.si | grep "ANSWER" -A5
+   # query it directly
+   drill docs.clawdie.si A @x1.si.
+   ```
+
+   Do not proceed until the authoritative NS returns the correct IP.
+
+2. **Create the ACME challenge webroot on the host**:
+
+   ```sh
+   mkdir -p /usr/local/www/<domain>
+   ```
+
+   If the served content lives in the cms jail, keep this host path for HTTP-01 challenges and proxy normal traffic to the jail.
+
+3. **Fix symlink traversal permissions** — nginx worker runs as `www` and must be able
+   to stat through every directory in the symlink path. If any parent dir is `drwxrwx---`
+   (no world-execute), nginx will get `Permission denied (13)` even though the files
+   are world-readable. The site will serve 404/403 to Let's Encrypt and visitors.
+
+4. **Install a temporary HTTP-only vhost** before issuing the cert. Let's Encrypt needs
+   to reach `/.well-known/acme-challenge/` over HTTP. Without a matching server block,
+   nginx falls through to the default server and returns 404.
+
+   ```sh
+   cat > /usr/local/etc/nginx/vhosts/<domain>.conf << 'EOF'
+   server {
+       listen 80; listen [::]:80;
+       server_name <domain>;
+       root /usr/local/www/<domain>;
+       location /.well-known/acme-challenge/ { try_files $uri =404; }
+       location / { return 301 https://<domain>$request_uri; }
+   }
+   EOF
+   nginx -t && service nginx reload
+   ```
+
+5. **Issue and install the cert**:
+
+   ```sh
+   mkdir -p /usr/local/etc/nginx/ssl/<name>
+   acme.sh --issue -d <domain> --webroot /usr/local/www/<domain>
+   acme.sh --install-cert -d <domain> \
+     --cert-file      /usr/local/etc/nginx/ssl/<name>/cert.cer \
+     --key-file       /usr/local/etc/nginx/ssl/<name>/<name>.key \
+     --fullchain-file /usr/local/etc/nginx/ssl/<name>/fullchain.cer \
+     --reloadcmd      "service nginx reload"
+   ```
+
+6. **Replace temp vhost with full HTTPS vhost**, then test and reload:
+   ```sh
+   nginx -t && service nginx reload
+   ```
+
+### Strapi admin reverse proxy (optional)
+
+To expose Strapi admin via HTTPS on an internal subdomain (e.g., `cms.<agent>.home.arpa`),
+run inside the cms jail:
+
+1. Create `/usr/local/etc/nginx/vhosts/cms.conf` using `references/strapi-proxy.md`
+2. Strapi runs at `http://127.0.0.1:1337` inside the cms jail
+3. Restrict access to Tailscale IPs only
+4. Run `nginx -t` then `service nginx reload`
+
+Do not expose Strapi admin publicly by default. Keep public traffic on the
+static Astro output unless there is a strong reason to do otherwise.
+
+### Strapi API microcache (nginx, recommended)
+
+To protect Strapi from bursts (agents, crawlers, SSR spikes), enable a short
+microcache in the **cms jail nginx**. This keeps content updates fast while
+avoiding rebuilds.
+
+See `references/strapi-cache.md` for the exact config and validation steps.
+
+### Astro deploy
+
+When Astro output is ready for a public site:
+
+1. Build in the `cms` jail or build locally and copy only `dist/`.
+2. Back up the current webroot unless the operator explicitly says to skip backup because of disk pressure.
+3. Sync generated output to the right webroot:
+   - landing `clawdie.si`: `/usr/local/www/clawdie-si/`
+   - docs `docs.clawdie.si`: `/usr/local/www/clawdie/`
+4. Validate the jail-local vhost with the correct `Host:` header.
+5. Validate public HTTPS.
+6. Roll back from backup if needed and available.
+
+### SSL certificate management
+
+1. Public edge certificates are managed via acme.sh on the host.
+2. Certificate paths follow: `/usr/local/etc/nginx/ssl/<name>/`
+3. Each domain has: `fullchain.cer` and `<name>.key`
+4. `just doctor` reports certificate expiry and `ACME_RENEWAL_CRON` renewal-cron presence.
+
+## FreeBSD assumption
+
+This skill assumes the target runtime is FreeBSD inside the cms jail.
+
+Canonical paths inside the cms jail:
+
+- `/usr/local/etc/nginx/nginx.conf`
+- `/usr/local/etc/nginx/vhosts/*.conf`
+- `/usr/local/etc/nginx/ssl/`
+- `/usr/local/www/`
+
+## Validation
+
+Run inside the cms jail:
+
+```sh
+# test config
+nginx -t
+
+# reload after changes
+service nginx reload
+
+# check status
+service nginx status
+```
+
+When testing a named vhost through `127.0.0.1`, include the expected `Host:`
+header. The `cms` jail default server returns `404`, so a plain direct URL can
+be a false negative even when the named vhost works.
+
+```sh
+# clawdie.si landing vhost
+curl -sI -H 'Host: clawdie.si' http://127.0.0.1/sl/
+curl -sI -H 'Host: clawdie.si' http://127.0.0.1/en/
+
+# docs.clawdie.si vhost
+curl -sI -H 'Host: docs.clawdie.si' http://127.0.0.1/architecture/colibri/
+```
+
+Use `curl` for these checks; FreeBSD `fetch` does not provide a simple
+`--header` flag.
+
+If the Strapi cache is enabled, verify cache headers on a known public
+endpoint:
+
+```sh
+curl -sI http://127.0.0.1/<public-api-path> | grep -i x-cache-status
+```
+
+From the host, verify public edge traffic:
+
+```sh
+curl -sI https://clawdie.si/ | head -5
+curl -sI https://clawdie.si/sl/ | head -5
+curl -sI https://docs.clawdie.si/architecture/colibri/ | head -5
+```
+
+## Troubleshooting
+
+### nginx won't start
+
+- Check config: `nginx -t`
+- Check logs: `tail /var/log/nginx/error.log`
+- Check port conflicts: `sockstat -l | grep :80`
+
+### nginx config test fails: "cannot load certificate — BIO_new_file() failed"
+
+This means the `ssl_certificate` path in a vhost references a file that doesn't
+exist yet. **Do not remove the SSL block** — create a placeholder cert first:
+
+```sh
+openssl req -x509 -nodes -days 1 -newkey ec \
+  -pkeyopt ec_paramgen_curve:prime256v1 \
+  -keyout /usr/local/etc/nginx/ssl/<name>/<name>.key \
+  -out /usr/local/etc/nginx/ssl/<name>/fullchain.cer \
+  -subj "/CN=<domain>"
+```
+
+Then `nginx -t && service nginx reload` will succeed. Issue the real cert
+with acme.sh — it replaces the placeholder. See §"Adding a new public static
+HTTPS site" for the full flow.
+
+### ACME challenge returns 404 or 301
+
+Two common causes:
+
+1. **The `location /.well-known/acme-challenge/` block is AFTER the
+   `location / { return 301 https://... }` redirect.** Nginx matches locations
+   in order — the redirect wins. Move the well-known block before the redirect.
+2. **The well-known directory doesn't exist on the host.** acme.sh writes
+   challenge files there; if it's missing, nginx returns 404. Create it:
+   `mkdir -p /usr/local/www/<domain>/.well-known/acme-challenge`
+
+### SSL certificate expired or near expiry
+
+- Check cert dates: `openssl x509 -in /usr/local/etc/nginx/ssl/clawdie/fullchain.cer -noout -dates`
+- Run `just doctor` and inspect `TLS_<LABEL>` plus `ACME_RENEWAL_CRON`
+- Renew or repair acme.sh on the host; do not run public edge renewal inside the cms jail
+
+### Changes not visible
+
+- Static files are served immediately — hard refresh the browser
+- Check you edited the correct webroot path inside the jail
+- Landing changes should land in `/usr/local/www/clawdie-si/`
+- Docs changes should land in `/usr/local/www/clawdie/`
+- For jail-local HTTP checks, include `-H 'Host: clawdie.si'` or the request may hit the default 404 vhost
+
+### Host nginx not proxying to jail
+
+- Verify jail is up: `sudo bastille list | grep cms`
+- Verify jail nginx is running: `sudo bastille cmd cms service nginx status`
+- Test direct jail HTTP: `curl -s -o /dev/null -w "%{http_code}" http://${AGENT_SUBNET_BASE}.4/`
+- Check host nginx proxy config: `nginx -t`
+- Check jail nginx logs: `sudo bastille cmd cms tail /var/log/nginx/error.log`
-- 
2.45.3


From b867eb9b99666db83625d7ec59115d4e884f9a38 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:18:40 +0200
Subject: [PATCH 12/19] =?UTF-8?q?fix:=20skills=20directory=20structure=20?=
 =?UTF-8?q?=E2=80=94=20.agent/skills/=20not=20.agent/?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Skills were copied flat (.agent/*/SKILL.md) instead of nested
(.agent/skills/*/SKILL.md). The ISO import script
(import-colibri-skills.sh) expects the nested structure.

Now matches clawdie-ai canonical layout. 52 SKILL.md files verify.
---
 .agent/skills/add-discord/SKILL.md            |  230 ++++
 .../add/src/channels/discord.test.ts          |  762 +++++++++++
 .../add-discord/add/src/channels/discord.ts   |  236 ++++
 .agent/skills/add-discord/manifest.yaml       |   20 +
 .../skills/add-discord/modify/src/config.ts   |   77 ++
 .../modify/src/config.ts.intent.md            |   25 +
 .agent/skills/add-discord/modify/src/index.ts |  509 +++++++
 .../add-discord/modify/src/index.ts.intent.md |   50 +
 .../add-discord/modify/src/routing.test.ts    |  147 +++
 .../skills/add-discord/tests/discord.test.ts  |  133 ++
 .agent/skills/add-gmail/SKILL.md              |  244 ++++
 .../add-gmail/add/src/channels/gmail.test.ts  |   71 +
 .../add-gmail/add/src/channels/gmail.ts       |  339 +++++
 .agent/skills/add-gmail/manifest.yaml         |   18 +
 .../container/agent-runner/src/index.ts       |  703 ++++++++++
 .../agent-runner/src/index.ts.intent.md       |   37 +
 .../add-gmail/modify/src/container-runner.ts  |  698 ++++++++++
 .../modify/src/container-runner.ts.intent.md  |   42 +
 .agent/skills/add-gmail/modify/src/index.ts   |  507 +++++++
 .../add-gmail/modify/src/index.ts.intent.md   |   40 +
 .../add-gmail/modify/src/routing.test.ts      |  119 ++
 .agent/skills/add-gmail/tests/gmail.test.ts   |   40 +
 .agent/skills/add-parallel/SKILL.md           |  320 +++++
 .agent/skills/add-protonmail/SKILL.md         |   85 ++
 .../jail/agent-runner/src/protonmail-tools.ts |   72 +
 .agent/skills/add-protonmail/manifest.yaml    |   17 +
 .../jail/agent-runner/package.json.intent.md  |   37 +
 .../src/ipc-mcp-stdio.ts.intent.md            |   36 +
 .../modify/src/jail-runner.ts.intent.md       |   38 +
 .agent/skills/add-slack/SKILL.md              |  235 ++++
 .agent/skills/add-slack/SLACK_SETUP.md        |  156 +++
 .../add-slack/add/src/channels/slack.test.ts  |  848 ++++++++++++
 .../add-slack/add/src/channels/slack.ts       |  290 ++++
 .agent/skills/add-slack/manifest.yaml         |   21 +
 .agent/skills/add-slack/modify/src/config.ts  |   75 ++
 .../add-slack/modify/src/config.ts.intent.md  |   25 +
 .agent/skills/add-slack/modify/src/index.ts   |  498 +++++++
 .../add-slack/modify/src/index.ts.intent.md   |   70 +
 .../add-slack/modify/src/routing.test.ts      |  161 +++
 .../modify/src/routing.test.ts.intent.md      |   21 +
 .agent/skills/add-slack/tests/slack.test.ts   |  171 +++
 .agent/skills/add-stripe/SKILL.md             |   84 ++
 .../add/jail/agent-runner/src/stripe-tools.ts |  275 ++++
 .agent/skills/add-stripe/manifest.yaml        |   16 +
 .../jail/agent-runner/package.json.intent.md  |   28 +
 .../src/ipc-mcp-stdio.ts.intent.md            |   36 +
 .../modify/src/jail-runner.ts.intent.md       |   37 +
 .agent/skills/add-telegram-swarm/SKILL.md     |  388 ++++++
 .agent/skills/add-telegram/SKILL.md           |  251 ++++
 .../add/src/channels/telegram.test.ts         |  926 +++++++++++++
 .../add-telegram/add/src/channels/telegram.ts |  244 ++++
 .agent/skills/add-telegram/manifest.yaml      |   20 +
 .../skills/add-telegram/modify/src/config.ts  |   77 ++
 .../modify/src/config.ts.intent.md            |   25 +
 .../skills/add-telegram/modify/src/index.ts   |  509 +++++++
 .../modify/src/index.ts.intent.md             |   59 +
 .../add-telegram/modify/src/routing.test.ts   |  161 +++
 .../add-telegram/tests/telegram.test.ts       |  118 ++
 .../skills/add-voice-transcription/SKILL.md   |  145 ++
 .../add/src/transcription.ts                  |   98 ++
 .../add-voice-transcription/manifest.yaml     |   17 +
 .../modify/src/channels/whatsapp.test.ts      |  963 ++++++++++++++
 .../src/channels/whatsapp.test.ts.intent.md   |   30 +
 .../modify/src/channels/whatsapp.ts           |  400 ++++++
 .../modify/src/channels/whatsapp.ts.intent.md |   31 +
 .../tests/voice-transcription.test.ts         |  123 ++
 .agent/skills/agent-setup/SKILL.md            |   88 ++
 .agent/skills/ansible-freebsd/SKILL.md        |  306 +++++
 .../references/cms-astro-strapi-plan.md       |  142 ++
 .../references/host-encrypted-dataset.md      |   80 ++
 .../ansible-freebsd/references/install.md     |   41 +
 .../ansible-freebsd/references/layout.md      |   85 ++
 .agent/skills/astro/SKILL.md                  |  407 ++++++
 .agent/skills/astro/references/setup.md       |  174 +++
 .../astro/references/static-migration.md      |   70 +
 .agent/skills/backup-db/SKILL.md              |   65 +
 .agent/skills/coding-agent/SKILL.md           |  166 +++
 .../add/src/providers/anthropic.ts            |  194 +++
 .../add/src/providers/coding-agent.ts         |  176 +++
 .../coding-agent/add/src/providers/gemini.ts  |  147 +++
 .../coding-agent/add/src/providers/index.ts   |  143 ++
 .../coding-agent/add/src/providers/openai.ts  |  225 ++++
 .../add/src/providers/provider.ts             |   91 ++
 .agent/skills/coding-agent/manifest.yaml      |   36 +
 .../skills/coding-agent/modify/.env.example   |   60 +
 .../skills/coding-agent/modify/src/config.ts  |  121 ++
 .../modify/src/config.ts.intent.md            |   72 +
 .../modify/src/container-runner.ts            |   17 +
 .../modify/src/container-runner.ts.intent.md  |  195 +++
 .../coding-agent/tests/provider.test.ts       |  283 ++++
 .agent/skills/customize/SKILL.md              |  120 ++
 .agent/skills/db-analyze/SKILL.md             |   45 +
 .agent/skills/db-migrate/SKILL.md             |   65 +
 .agent/skills/db-sync-check/SKILL.md          |   58 +
 .agent/skills/db-vacuum/SKILL.md              |   56 +
 .agent/skills/debug/SKILL.md                  |  282 ++++
 .agent/skills/disk-usage/SKILL.md             |   61 +
 .../skills/docs-deployment/CROWDIN-SETUP.md   |  363 +++++
 .agent/skills/docs-deployment/INTEGRATION.md  |  488 +++++++
 .agent/skills/docs-deployment/SKILL.md        |  430 ++++++
 .../templates/language-selector.html          |  209 +++
 .../templates/nginx-vhost-template.conf       |  142 ++
 .../docs-localization-pipeline/README.md      |  315 +++++
 .../docs-localization-pipeline/SKILL.md       |  406 ++++++
 .../orchestrate-pipeline.sh                   |  294 +++++
 .../setup-clawdie-docs.sh                     |  377 ++++++
 .agent/skills/freebsd-admin/SKILL.md          |   92 ++
 .../references/ansible-handoff.md             |   42 +
 .../references/bhyve-prerequisites.md         |  101 ++
 .../references/execution-modes.md             |   45 +
 .../references/freebsd-update-reboot.md       |   95 ++
 .../freebsd-admin/references/loader-conf.md   |  124 ++
 .../freebsd-admin/references/locale-setup.md  |   95 ++
 .../freebsd-admin/references/memory-budget.md |   77 ++
 .../references/network-forwarding.md          |   33 +
 .../freebsd-admin/references/rc-conf.md       |  211 +++
 .../references/resolver-baseline.md           |   56 +
 .../references/rollback-patterns.md           |   95 ++
 .../references/service-identities.md          |   72 +
 .../references/system-changes.md              |   19 +
 .../freebsd-admin/references/validation.md    |   26 +
 .../scripts/render_forwarding_commands.sh     |    8 +
 .../scripts/render_host_validation.sh         |    9 +
 .agent/skills/git-branch-protect/SKILL.md     |   65 +
 .agent/skills/git-merge/SKILL.md              |   88 ++
 .agent/skills/git-pull/SKILL.md               |   84 ++
 .agent/skills/git-push-mirror/SKILL.md        |   71 +
 .agent/skills/git-push-upstream/SKILL.md      |   71 +
 .agent/skills/git-release-tag/SKILL.md        |   73 +
 .agent/skills/jail-status/SKILL.md            |   53 +
 .agent/skills/llama-cpp-embeddings/SKILL.md   |   67 +
 .agent/skills/network-throughput/SKILL.md     |  538 ++++++++
 .../references/cache-policy.md                |   15 +
 .../scripts/render_latest_json.sh             |   14 +
 .agent/{ => skills}/nginx/SKILL.md            |    0
 .../nginx/references/astro-migration.md       |   88 ++
 .../skills/nginx/references/strapi-cache.md   |   57 +
 .../skills/nginx/references/strapi-proxy.md   |   62 +
 .../skills/nginx/references/vhost-template.md |  100 ++
 .agent/skills/ollama/SKILL.md                 |  180 +++
 .agent/skills/pi-provider-smoke/SKILL.md      |  112 ++
 .agent/skills/pi-update/SKILL.md              |  167 +++
 .agent/skills/postgres-memory/SKILL.md        |  120 ++
 .../postgres-memory/references/install.md     |  171 +++
 .../postgres-memory/references/layout.md      |   65 +
 .../postgres-memory/references/security.md    |  213 +++
 .../references/troubleshooting.md             |   82 ++
 .../postgres-memory/references/validation.md  |   37 +
 .../scripts/render_install_commands.sh        |   10 +
 .../scripts/render_validation_commands.sh     |    8 +
 .agent/skills/rsync/SKILL.md                  |  129 ++
 .agent/skills/runtime-version-sync/SKILL.md   |  206 +++
 .agent/skills/sanoid/SKILL.md                 |   66 +
 .../sanoid/references/example-config.md       |   26 +
 .../skills/sanoid/references/policy-model.md  |  174 +++
 .../sanoid/references/troubleshooting.md      |   13 +
 .../sanoid/scripts/render_sanoid_conf.sh      |   10 +
 .../sanoid/scripts/validate_snapshots.sh      |    9 +
 .agent/skills/service-restart/SKILL.md        |   61 +
 .agent/skills/setup/SKILL.md                  |  179 +++
 .../skills/setup/references/prerequisites.md  |  138 ++
 .agent/skills/ssh-agent-setup/SKILL.md        |  204 +++
 .agent/skills/strapi/SKILL.md                 |  223 ++++
 .agent/skills/strapi/references/install.md    |  164 +++
 .agent/skills/strapi/references/migration.md  |   77 ++
 .agent/skills/system-stats/SKILL.md           |   58 +
 .agent/skills/telegram-admin/SKILL.md         |   39 +
 .../references/chat-discovery.md              |   21 +
 .../telegram-admin/references/registration.md |   17 +
 .../telegram-admin/references/token-check.md  |   21 +
 .../references/troubleshooting.md             |   25 +
 .../scripts/render_register_command.sh        |   10 +
 .../scripts/render_verify_commands.sh         |    9 +
 .agent/skills/tmux-screenshot/SKILL.md        |  392 ++++++
 .../skills/tmux-screenshot/tmux-screenshot.py | 1171 +++++++++++++++++
 .agent/skills/update/SKILL.md                 |  308 +++++
 .../skills/update/scripts/fetch-upstream.sh   |   85 ++
 .agent/skills/x-integration/SKILL.md          |  427 ++++++
 .agent/skills/x-integration/agent.ts          |  243 ++++
 .agent/skills/x-integration/host.ts           |  159 +++
 .agent/skills/x-integration/lib/browser.ts    |  148 +++
 .agent/skills/x-integration/lib/config.ts     |   62 +
 .agent/skills/x-integration/scripts/like.ts   |   56 +
 .agent/skills/x-integration/scripts/post.ts   |   66 +
 .agent/skills/x-integration/scripts/quote.ts  |   80 ++
 .agent/skills/x-integration/scripts/reply.ts  |   74 ++
 .../skills/x-integration/scripts/retweet.ts   |   62 +
 .agent/skills/x-integration/scripts/setup.ts  |   87 ++
 .agent/skills/zfs-scrub/SKILL.md              |  130 ++
 .agent/skills/zfs-snapshot/SKILL.md           |   59 +
 190 files changed, 29678 insertions(+)
 create mode 100644 .agent/skills/add-discord/SKILL.md
 create mode 100644 .agent/skills/add-discord/add/src/channels/discord.test.ts
 create mode 100644 .agent/skills/add-discord/add/src/channels/discord.ts
 create mode 100644 .agent/skills/add-discord/manifest.yaml
 create mode 100644 .agent/skills/add-discord/modify/src/config.ts
 create mode 100644 .agent/skills/add-discord/modify/src/config.ts.intent.md
 create mode 100644 .agent/skills/add-discord/modify/src/index.ts
 create mode 100644 .agent/skills/add-discord/modify/src/index.ts.intent.md
 create mode 100644 .agent/skills/add-discord/modify/src/routing.test.ts
 create mode 100644 .agent/skills/add-discord/tests/discord.test.ts
 create mode 100644 .agent/skills/add-gmail/SKILL.md
 create mode 100644 .agent/skills/add-gmail/add/src/channels/gmail.test.ts
 create mode 100644 .agent/skills/add-gmail/add/src/channels/gmail.ts
 create mode 100644 .agent/skills/add-gmail/manifest.yaml
 create mode 100644 .agent/skills/add-gmail/modify/container/agent-runner/src/index.ts
 create mode 100644 .agent/skills/add-gmail/modify/container/agent-runner/src/index.ts.intent.md
 create mode 100644 .agent/skills/add-gmail/modify/src/container-runner.ts
 create mode 100644 .agent/skills/add-gmail/modify/src/container-runner.ts.intent.md
 create mode 100644 .agent/skills/add-gmail/modify/src/index.ts
 create mode 100644 .agent/skills/add-gmail/modify/src/index.ts.intent.md
 create mode 100644 .agent/skills/add-gmail/modify/src/routing.test.ts
 create mode 100644 .agent/skills/add-gmail/tests/gmail.test.ts
 create mode 100644 .agent/skills/add-parallel/SKILL.md
 create mode 100644 .agent/skills/add-protonmail/SKILL.md
 create mode 100644 .agent/skills/add-protonmail/add/jail/agent-runner/src/protonmail-tools.ts
 create mode 100644 .agent/skills/add-protonmail/manifest.yaml
 create mode 100644 .agent/skills/add-protonmail/modify/jail/agent-runner/package.json.intent.md
 create mode 100644 .agent/skills/add-protonmail/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
 create mode 100644 .agent/skills/add-protonmail/modify/src/jail-runner.ts.intent.md
 create mode 100644 .agent/skills/add-slack/SKILL.md
 create mode 100644 .agent/skills/add-slack/SLACK_SETUP.md
 create mode 100644 .agent/skills/add-slack/add/src/channels/slack.test.ts
 create mode 100644 .agent/skills/add-slack/add/src/channels/slack.ts
 create mode 100644 .agent/skills/add-slack/manifest.yaml
 create mode 100644 .agent/skills/add-slack/modify/src/config.ts
 create mode 100644 .agent/skills/add-slack/modify/src/config.ts.intent.md
 create mode 100644 .agent/skills/add-slack/modify/src/index.ts
 create mode 100644 .agent/skills/add-slack/modify/src/index.ts.intent.md
 create mode 100644 .agent/skills/add-slack/modify/src/routing.test.ts
 create mode 100644 .agent/skills/add-slack/modify/src/routing.test.ts.intent.md
 create mode 100644 .agent/skills/add-slack/tests/slack.test.ts
 create mode 100644 .agent/skills/add-stripe/SKILL.md
 create mode 100644 .agent/skills/add-stripe/add/jail/agent-runner/src/stripe-tools.ts
 create mode 100644 .agent/skills/add-stripe/manifest.yaml
 create mode 100644 .agent/skills/add-stripe/modify/jail/agent-runner/package.json.intent.md
 create mode 100644 .agent/skills/add-stripe/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
 create mode 100644 .agent/skills/add-stripe/modify/src/jail-runner.ts.intent.md
 create mode 100644 .agent/skills/add-telegram-swarm/SKILL.md
 create mode 100644 .agent/skills/add-telegram/SKILL.md
 create mode 100644 .agent/skills/add-telegram/add/src/channels/telegram.test.ts
 create mode 100644 .agent/skills/add-telegram/add/src/channels/telegram.ts
 create mode 100644 .agent/skills/add-telegram/manifest.yaml
 create mode 100644 .agent/skills/add-telegram/modify/src/config.ts
 create mode 100644 .agent/skills/add-telegram/modify/src/config.ts.intent.md
 create mode 100644 .agent/skills/add-telegram/modify/src/index.ts
 create mode 100644 .agent/skills/add-telegram/modify/src/index.ts.intent.md
 create mode 100644 .agent/skills/add-telegram/modify/src/routing.test.ts
 create mode 100644 .agent/skills/add-telegram/tests/telegram.test.ts
 create mode 100644 .agent/skills/add-voice-transcription/SKILL.md
 create mode 100644 .agent/skills/add-voice-transcription/add/src/transcription.ts
 create mode 100644 .agent/skills/add-voice-transcription/manifest.yaml
 create mode 100644 .agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts
 create mode 100644 .agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts.intent.md
 create mode 100644 .agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts
 create mode 100644 .agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts.intent.md
 create mode 100644 .agent/skills/add-voice-transcription/tests/voice-transcription.test.ts
 create mode 100644 .agent/skills/agent-setup/SKILL.md
 create mode 100644 .agent/skills/ansible-freebsd/SKILL.md
 create mode 100644 .agent/skills/ansible-freebsd/references/cms-astro-strapi-plan.md
 create mode 100644 .agent/skills/ansible-freebsd/references/host-encrypted-dataset.md
 create mode 100644 .agent/skills/ansible-freebsd/references/install.md
 create mode 100644 .agent/skills/ansible-freebsd/references/layout.md
 create mode 100644 .agent/skills/astro/SKILL.md
 create mode 100644 .agent/skills/astro/references/setup.md
 create mode 100644 .agent/skills/astro/references/static-migration.md
 create mode 100644 .agent/skills/backup-db/SKILL.md
 create mode 100644 .agent/skills/coding-agent/SKILL.md
 create mode 100644 .agent/skills/coding-agent/add/src/providers/anthropic.ts
 create mode 100644 .agent/skills/coding-agent/add/src/providers/coding-agent.ts
 create mode 100644 .agent/skills/coding-agent/add/src/providers/gemini.ts
 create mode 100644 .agent/skills/coding-agent/add/src/providers/index.ts
 create mode 100644 .agent/skills/coding-agent/add/src/providers/openai.ts
 create mode 100644 .agent/skills/coding-agent/add/src/providers/provider.ts
 create mode 100644 .agent/skills/coding-agent/manifest.yaml
 create mode 100644 .agent/skills/coding-agent/modify/.env.example
 create mode 100644 .agent/skills/coding-agent/modify/src/config.ts
 create mode 100644 .agent/skills/coding-agent/modify/src/config.ts.intent.md
 create mode 100644 .agent/skills/coding-agent/modify/src/container-runner.ts
 create mode 100644 .agent/skills/coding-agent/modify/src/container-runner.ts.intent.md
 create mode 100644 .agent/skills/coding-agent/tests/provider.test.ts
 create mode 100644 .agent/skills/customize/SKILL.md
 create mode 100644 .agent/skills/db-analyze/SKILL.md
 create mode 100644 .agent/skills/db-migrate/SKILL.md
 create mode 100644 .agent/skills/db-sync-check/SKILL.md
 create mode 100644 .agent/skills/db-vacuum/SKILL.md
 create mode 100644 .agent/skills/debug/SKILL.md
 create mode 100644 .agent/skills/disk-usage/SKILL.md
 create mode 100644 .agent/skills/docs-deployment/CROWDIN-SETUP.md
 create mode 100644 .agent/skills/docs-deployment/INTEGRATION.md
 create mode 100644 .agent/skills/docs-deployment/SKILL.md
 create mode 100644 .agent/skills/docs-deployment/templates/language-selector.html
 create mode 100644 .agent/skills/docs-deployment/templates/nginx-vhost-template.conf
 create mode 100644 .agent/skills/docs-localization-pipeline/README.md
 create mode 100644 .agent/skills/docs-localization-pipeline/SKILL.md
 create mode 100755 .agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh
 create mode 100755 .agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh
 create mode 100644 .agent/skills/freebsd-admin/SKILL.md
 create mode 100644 .agent/skills/freebsd-admin/references/ansible-handoff.md
 create mode 100644 .agent/skills/freebsd-admin/references/bhyve-prerequisites.md
 create mode 100644 .agent/skills/freebsd-admin/references/execution-modes.md
 create mode 100644 .agent/skills/freebsd-admin/references/freebsd-update-reboot.md
 create mode 100644 .agent/skills/freebsd-admin/references/loader-conf.md
 create mode 100644 .agent/skills/freebsd-admin/references/locale-setup.md
 create mode 100644 .agent/skills/freebsd-admin/references/memory-budget.md
 create mode 100644 .agent/skills/freebsd-admin/references/network-forwarding.md
 create mode 100644 .agent/skills/freebsd-admin/references/rc-conf.md
 create mode 100644 .agent/skills/freebsd-admin/references/resolver-baseline.md
 create mode 100644 .agent/skills/freebsd-admin/references/rollback-patterns.md
 create mode 100644 .agent/skills/freebsd-admin/references/service-identities.md
 create mode 100644 .agent/skills/freebsd-admin/references/system-changes.md
 create mode 100644 .agent/skills/freebsd-admin/references/validation.md
 create mode 100755 .agent/skills/freebsd-admin/scripts/render_forwarding_commands.sh
 create mode 100755 .agent/skills/freebsd-admin/scripts/render_host_validation.sh
 create mode 100644 .agent/skills/git-branch-protect/SKILL.md
 create mode 100644 .agent/skills/git-merge/SKILL.md
 create mode 100644 .agent/skills/git-pull/SKILL.md
 create mode 100644 .agent/skills/git-push-mirror/SKILL.md
 create mode 100644 .agent/skills/git-push-upstream/SKILL.md
 create mode 100644 .agent/skills/git-release-tag/SKILL.md
 create mode 100644 .agent/skills/jail-status/SKILL.md
 create mode 100644 .agent/skills/llama-cpp-embeddings/SKILL.md
 create mode 100644 .agent/skills/network-throughput/SKILL.md
 create mode 100644 .agent/skills/nginx-glasspane/references/cache-policy.md
 create mode 100755 .agent/skills/nginx-glasspane/scripts/render_latest_json.sh
 rename .agent/{ => skills}/nginx/SKILL.md (100%)
 create mode 100644 .agent/skills/nginx/references/astro-migration.md
 create mode 100644 .agent/skills/nginx/references/strapi-cache.md
 create mode 100644 .agent/skills/nginx/references/strapi-proxy.md
 create mode 100644 .agent/skills/nginx/references/vhost-template.md
 create mode 100644 .agent/skills/ollama/SKILL.md
 create mode 100644 .agent/skills/pi-provider-smoke/SKILL.md
 create mode 100644 .agent/skills/pi-update/SKILL.md
 create mode 100644 .agent/skills/postgres-memory/SKILL.md
 create mode 100644 .agent/skills/postgres-memory/references/install.md
 create mode 100644 .agent/skills/postgres-memory/references/layout.md
 create mode 100644 .agent/skills/postgres-memory/references/security.md
 create mode 100644 .agent/skills/postgres-memory/references/troubleshooting.md
 create mode 100644 .agent/skills/postgres-memory/references/validation.md
 create mode 100755 .agent/skills/postgres-memory/scripts/render_install_commands.sh
 create mode 100755 .agent/skills/postgres-memory/scripts/render_validation_commands.sh
 create mode 100644 .agent/skills/rsync/SKILL.md
 create mode 100644 .agent/skills/runtime-version-sync/SKILL.md
 create mode 100644 .agent/skills/sanoid/SKILL.md
 create mode 100644 .agent/skills/sanoid/references/example-config.md
 create mode 100644 .agent/skills/sanoid/references/policy-model.md
 create mode 100644 .agent/skills/sanoid/references/troubleshooting.md
 create mode 100644 .agent/skills/sanoid/scripts/render_sanoid_conf.sh
 create mode 100755 .agent/skills/sanoid/scripts/validate_snapshots.sh
 create mode 100644 .agent/skills/service-restart/SKILL.md
 create mode 100644 .agent/skills/setup/SKILL.md
 create mode 100644 .agent/skills/setup/references/prerequisites.md
 create mode 100644 .agent/skills/ssh-agent-setup/SKILL.md
 create mode 100644 .agent/skills/strapi/SKILL.md
 create mode 100644 .agent/skills/strapi/references/install.md
 create mode 100644 .agent/skills/strapi/references/migration.md
 create mode 100644 .agent/skills/system-stats/SKILL.md
 create mode 100644 .agent/skills/telegram-admin/SKILL.md
 create mode 100644 .agent/skills/telegram-admin/references/chat-discovery.md
 create mode 100644 .agent/skills/telegram-admin/references/registration.md
 create mode 100644 .agent/skills/telegram-admin/references/token-check.md
 create mode 100644 .agent/skills/telegram-admin/references/troubleshooting.md
 create mode 100755 .agent/skills/telegram-admin/scripts/render_register_command.sh
 create mode 100755 .agent/skills/telegram-admin/scripts/render_verify_commands.sh
 create mode 100644 .agent/skills/tmux-screenshot/SKILL.md
 create mode 100644 .agent/skills/tmux-screenshot/tmux-screenshot.py
 create mode 100644 .agent/skills/update/SKILL.md
 create mode 100755 .agent/skills/update/scripts/fetch-upstream.sh
 create mode 100644 .agent/skills/x-integration/SKILL.md
 create mode 100644 .agent/skills/x-integration/agent.ts
 create mode 100644 .agent/skills/x-integration/host.ts
 create mode 100644 .agent/skills/x-integration/lib/browser.ts
 create mode 100644 .agent/skills/x-integration/lib/config.ts
 create mode 100644 .agent/skills/x-integration/scripts/like.ts
 create mode 100644 .agent/skills/x-integration/scripts/post.ts
 create mode 100644 .agent/skills/x-integration/scripts/quote.ts
 create mode 100644 .agent/skills/x-integration/scripts/reply.ts
 create mode 100644 .agent/skills/x-integration/scripts/retweet.ts
 create mode 100644 .agent/skills/x-integration/scripts/setup.ts
 create mode 100644 .agent/skills/zfs-scrub/SKILL.md
 create mode 100644 .agent/skills/zfs-snapshot/SKILL.md

diff --git a/.agent/skills/add-discord/SKILL.md b/.agent/skills/add-discord/SKILL.md
new file mode 100644
index 0000000..96d6dd8
--- /dev/null
+++ b/.agent/skills/add-discord/SKILL.md
@@ -0,0 +1,230 @@
+---
+name: add-discord
+description: Add Discord channel support to Clawdie. Use when the user wants to connect the agent to a Discord server. Covers bot setup, permissions, skill application, and verification.
+---
+
+# Add Discord Channel
+
+This skill adds Discord support to NanoClaw using the skills engine for deterministic code changes, then walks through interactive setup.
+
+## Phase 1: Pre-flight
+
+### Check if already applied
+
+Read `.nanoclaw/state.yaml`. If `discord` is in `applied_skills`, skip to Phase 3 (Setup). The code changes are already in place.
+
+### Ask the user
+
+Use `AskUserQuestion` to collect configuration:
+
+AskUserQuestion: Should Discord replace WhatsApp or run alongside it?
+
+- **Replace WhatsApp** - Discord will be the only channel (sets DISCORD_ONLY=true)
+- **Alongside** - Both Discord and WhatsApp channels active
+
+AskUserQuestion: Do you have a Discord bot token, or do you need to create one?
+
+If they have one, collect it now. If not, we'll create one in Phase 3.
+
+## Phase 2: Apply Code Changes
+
+Run the skills engine to apply this skill's code package. The package files are in this directory alongside this SKILL.md.
+
+### Initialize skills system (if needed)
+
+If `.nanoclaw/` directory doesn't exist yet:
+
+```bash
+npx tsx scripts/apply-skill.ts --init
+```
+
+Or call `initSkillsSystem()` from `skills-engine/migrate.ts`.
+
+### Apply the skill
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-discord
+```
+
+This deterministically:
+
+- Adds `src/channels/discord.ts` (DiscordChannel class implementing Channel interface)
+- Adds `src/channels/discord.test.ts` (unit tests with discord.js mock)
+- Three-way merges Discord support into `src/index.ts` (multi-channel support, findChannel routing)
+- Three-way merges Discord config into `src/config.ts` (DISCORD_BOT_TOKEN, DISCORD_ONLY exports)
+- Three-way merges updated routing tests into `src/routing.test.ts`
+- Installs the `discord.js` npm dependency
+- Updates `.env.example` with `DISCORD_BOT_TOKEN` and `DISCORD_ONLY`
+- Records the application in `.nanoclaw/state.yaml`
+
+If the apply reports merge conflicts, read the intent files:
+
+- `modify/src/index.ts.intent.md` — what changed and invariants for index.ts
+- `modify/src/config.ts.intent.md` — what changed for config.ts
+
+### Validate code changes
+
+```bash
+npm test
+npm run build
+```
+
+All tests must pass (including the new Discord tests) and build must be clean before proceeding.
+
+## Phase 3: Setup
+
+### Create Discord Bot (if needed)
+
+If the user doesn't have a bot token, tell them:
+
+> I need you to create a Discord bot:
+>
+> 1. Go to the [Discord Developer Portal](https://discord.com/developers/applications)
+> 2. Click **New Application** and give it a name (e.g., "Andy Assistant")
+> 3. Go to the **Bot** tab on the left sidebar
+> 4. Click **Reset Token** to generate a new bot token — copy it immediately (you can only see it once)
+> 5. Under **Privileged Gateway Intents**, enable:
+>    - **Message Content Intent** (required to read message text)
+>    - **Server Members Intent** (optional, for member display names)
+> 6. Go to **OAuth2** > **URL Generator**:
+>    - Scopes: select `bot`
+>    - Bot Permissions: select `Send Messages`, `Read Message History`, `View Channels`
+>    - Copy the generated URL and open it in your browser to invite the bot to your server
+
+Wait for the user to provide the token.
+
+### Configure environment
+
+Add to `.env`:
+
+```bash
+DISCORD_BOT_TOKEN=<their-token>
+```
+
+If they chose to replace WhatsApp:
+
+```bash
+DISCORD_ONLY=true
+```
+
+Sync to container environment:
+
+```bash
+cp .env data/env/env
+```
+
+The container reads environment from `data/env/env`, not `.env` directly.
+
+### Build and restart
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw
+```
+
+## Phase 4: Registration
+
+### Get Channel ID
+
+Tell the user:
+
+> To get the channel ID for registration:
+>
+> 1. In Discord, go to **User Settings** > **Advanced** > Enable **Developer Mode**
+> 2. Right-click the text channel you want the bot to respond in
+> 3. Click **Copy Channel ID**
+>
+> The channel ID will be a long number like `1234567890123456`.
+
+Wait for the user to provide the channel ID (format: `dc:1234567890123456`).
+
+### Register the channel
+
+Use the IPC register flow or register directly. The channel ID, name, and folder name are needed.
+
+For a main channel (responds to all messages, uses the `main` folder):
+
+```typescript
+registerGroup('dc:<channel-id>', {
+  name: '<server-name> #<channel-name>',
+  folder: 'main',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: false,
+});
+```
+
+For additional channels (trigger-only):
+
+```typescript
+registerGroup('dc:<channel-id>', {
+  name: '<server-name> #<channel-name>',
+  folder: '<folder-name>',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: true,
+});
+```
+
+## Phase 5: Verify
+
+### Test the connection
+
+Tell the user:
+
+> Send a message in your registered Discord channel:
+>
+> - For main channel: Any message works
+> - For non-main: @mention the bot in Discord
+>
+> The bot should respond within a few seconds.
+
+### Check logs if needed
+
+```bash
+tail -f logs/nanoclaw.log
+```
+
+## Troubleshooting
+
+### Bot not responding
+
+1. Check `DISCORD_BOT_TOKEN` is set in `.env` AND synced to `data/env/env`
+2. Check channel is registered: `psql "$OPS_DB_URL" -c "SELECT * FROM registered_groups WHERE jid LIKE 'dc:%'"`
+3. For non-main channels: message must include trigger pattern (@mention the bot)
+4. Service is running: `launchctl list | grep nanoclaw`
+5. Verify the bot has been invited to the server (check OAuth2 URL was used)
+
+### Bot only responds to @mentions
+
+This is the default behavior for non-main channels (`requiresTrigger: true`). To change:
+
+- Update the registered group's `requiresTrigger` to `false`
+- Or register the channel as the main channel
+
+### Message Content Intent not enabled
+
+If the bot connects but can't read messages, ensure:
+
+1. Go to [Discord Developer Portal](https://discord.com/developers/applications)
+2. Select your application > **Bot** tab
+3. Under **Privileged Gateway Intents**, enable **Message Content Intent**
+4. Restart NanoClaw
+
+### Getting Channel ID
+
+If you can't copy the channel ID:
+
+- Ensure **Developer Mode** is enabled: User Settings > Advanced > Developer Mode
+- Right-click the channel name in the server sidebar > Copy Channel ID
+
+## After Setup
+
+The Discord bot supports:
+
+- Text messages in registered channels
+- Attachment descriptions (images, videos, files shown as placeholders)
+- Reply context (shows who the user is replying to)
+- @mention translation (Discord `<@botId>` → NanoClaw trigger format)
+- Message splitting for responses over 2000 characters
+- Typing indicators while the agent processes
diff --git a/.agent/skills/add-discord/add/src/channels/discord.test.ts b/.agent/skills/add-discord/add/src/channels/discord.test.ts
new file mode 100644
index 0000000..eff0b77
--- /dev/null
+++ b/.agent/skills/add-discord/add/src/channels/discord.test.ts
@@ -0,0 +1,762 @@
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+
+// --- Mocks ---
+
+// Mock config
+vi.mock('../config.js', () => ({
+  ASSISTANT_NAME: 'Andy',
+  TRIGGER_PATTERN: /^@Andy\b/i,
+}));
+
+// Mock logger
+vi.mock('../logger.js', () => ({
+  logger: {
+    debug: vi.fn(),
+    info: vi.fn(),
+    warn: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+
+// --- discord.js mock ---
+
+type Handler = (...args: any[]) => any;
+
+const clientRef = vi.hoisted(() => ({ current: null as any }));
+
+vi.mock('discord.js', () => {
+  const Events = {
+    MessageCreate: 'messageCreate',
+    ClientReady: 'ready',
+    Error: 'error',
+  };
+
+  const GatewayIntentBits = {
+    Guilds: 1,
+    GuildMessages: 2,
+    MessageContent: 4,
+    DirectMessages: 8,
+  };
+
+  class MockClient {
+    eventHandlers = new Map<string, Handler[]>();
+    user: any = { id: '999888777', tag: 'Andy#1234' };
+    private _ready = false;
+
+    constructor(_opts: any) {
+      clientRef.current = this;
+    }
+
+    on(event: string, handler: Handler) {
+      const existing = this.eventHandlers.get(event) || [];
+      existing.push(handler);
+      this.eventHandlers.set(event, existing);
+      return this;
+    }
+
+    once(event: string, handler: Handler) {
+      return this.on(event, handler);
+    }
+
+    async login(_token: string) {
+      this._ready = true;
+      // Fire the ready event
+      const readyHandlers = this.eventHandlers.get('ready') || [];
+      for (const h of readyHandlers) {
+        h({ user: this.user });
+      }
+    }
+
+    isReady() {
+      return this._ready;
+    }
+
+    channels = {
+      fetch: vi.fn().mockResolvedValue({
+        send: vi.fn().mockResolvedValue(undefined),
+        sendTyping: vi.fn().mockResolvedValue(undefined),
+      }),
+    };
+
+    destroy() {
+      this._ready = false;
+    }
+  }
+
+  // Mock TextChannel type
+  class TextChannel {}
+
+  return {
+    Client: MockClient,
+    Events,
+    GatewayIntentBits,
+    TextChannel,
+  };
+});
+
+import { DiscordChannel, DiscordChannelOpts } from './discord.js';
+
+// --- Test helpers ---
+
+function createTestOpts(
+  overrides?: Partial<DiscordChannelOpts>,
+): DiscordChannelOpts {
+  return {
+    onMessage: vi.fn(),
+    onChatMetadata: vi.fn(),
+    registeredGroups: vi.fn(() => ({
+      'dc:1234567890123456': {
+        name: 'Test Server #general',
+        folder: 'test-server',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    })),
+    ...overrides,
+  };
+}
+
+function createMessage(overrides: {
+  channelId?: string;
+  content?: string;
+  authorId?: string;
+  authorUsername?: string;
+  authorDisplayName?: string;
+  memberDisplayName?: string;
+  isBot?: boolean;
+  guildName?: string;
+  channelName?: string;
+  messageId?: string;
+  createdAt?: Date;
+  attachments?: Map<string, any>;
+  reference?: { messageId?: string };
+  mentionsBotId?: boolean;
+}) {
+  const channelId = overrides.channelId ?? '1234567890123456';
+  const authorId = overrides.authorId ?? '55512345';
+  const botId = '999888777'; // matches mock client user id
+
+  const mentionsMap = new Map();
+  if (overrides.mentionsBotId) {
+    mentionsMap.set(botId, { id: botId });
+  }
+
+  return {
+    channelId,
+    id: overrides.messageId ?? 'msg_001',
+    content: overrides.content ?? 'Hello everyone',
+    createdAt: overrides.createdAt ?? new Date('2024-01-01T00:00:00.000Z'),
+    author: {
+      id: authorId,
+      username: overrides.authorUsername ?? 'alice',
+      displayName: overrides.authorDisplayName ?? 'Alice',
+      bot: overrides.isBot ?? false,
+    },
+    member: overrides.memberDisplayName
+      ? { displayName: overrides.memberDisplayName }
+      : null,
+    guild: overrides.guildName
+      ? { name: overrides.guildName }
+      : null,
+    channel: {
+      name: overrides.channelName ?? 'general',
+      messages: {
+        fetch: vi.fn().mockResolvedValue({
+          author: { username: 'Bob', displayName: 'Bob' },
+          member: { displayName: 'Bob' },
+        }),
+      },
+    },
+    mentions: {
+      users: mentionsMap,
+    },
+    attachments: overrides.attachments ?? new Map(),
+    reference: overrides.reference ?? null,
+  };
+}
+
+function currentClient() {
+  return clientRef.current;
+}
+
+async function triggerMessage(message: any) {
+  const handlers = currentClient().eventHandlers.get('messageCreate') || [];
+  for (const h of handlers) await h(message);
+}
+
+// --- Tests ---
+
+describe('DiscordChannel', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  // --- Connection lifecycle ---
+
+  describe('connection lifecycle', () => {
+    it('resolves connect() when client is ready', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      await channel.connect();
+
+      expect(channel.isConnected()).toBe(true);
+    });
+
+    it('registers message handlers on connect', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      await channel.connect();
+
+      expect(currentClient().eventHandlers.has('messageCreate')).toBe(true);
+      expect(currentClient().eventHandlers.has('error')).toBe(true);
+      expect(currentClient().eventHandlers.has('ready')).toBe(true);
+    });
+
+    it('disconnects cleanly', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      await channel.connect();
+      expect(channel.isConnected()).toBe(true);
+
+      await channel.disconnect();
+      expect(channel.isConnected()).toBe(false);
+    });
+
+    it('isConnected() returns false before connect', () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      expect(channel.isConnected()).toBe(false);
+    });
+  });
+
+  // --- Text message handling ---
+
+  describe('text message handling', () => {
+    it('delivers message for registered channel', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'Hello everyone',
+        guildName: 'Test Server',
+        channelName: 'general',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.any(String),
+        'Test Server #general',
+      );
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          id: 'msg_001',
+          chat_jid: 'dc:1234567890123456',
+          sender: '55512345',
+          sender_name: 'Alice',
+          content: 'Hello everyone',
+          is_from_me: false,
+        }),
+      );
+    });
+
+    it('only emits metadata for unregistered channels', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        channelId: '9999999999999999',
+        content: 'Unknown channel',
+        guildName: 'Other Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'dc:9999999999999999',
+        expect.any(String),
+        expect.any(String),
+      );
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('ignores bot messages', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({ isBot: true, content: 'I am a bot' });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+      expect(opts.onChatMetadata).not.toHaveBeenCalled();
+    });
+
+    it('uses member displayName when available (server nickname)', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'Hi',
+        memberDisplayName: 'Alice Nickname',
+        authorDisplayName: 'Alice Global',
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({ sender_name: 'Alice Nickname' }),
+      );
+    });
+
+    it('falls back to author displayName when no member', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'Hi',
+        memberDisplayName: undefined,
+        authorDisplayName: 'Alice Global',
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({ sender_name: 'Alice Global' }),
+      );
+    });
+
+    it('uses sender name for DM chats (no guild)', async () => {
+      const opts = createTestOpts({
+        registeredGroups: vi.fn(() => ({
+          'dc:1234567890123456': {
+            name: 'DM',
+            folder: 'dm',
+            trigger: '@Andy',
+            added_at: '2024-01-01T00:00:00.000Z',
+          },
+        })),
+      });
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'Hello',
+        guildName: undefined,
+        authorDisplayName: 'Alice',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.any(String),
+        'Alice',
+      );
+    });
+
+    it('uses guild name + channel name for server messages', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'Hello',
+        guildName: 'My Server',
+        channelName: 'bot-chat',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.any(String),
+        'My Server #bot-chat',
+      );
+    });
+  });
+
+  // --- @mention translation ---
+
+  describe('@mention translation', () => {
+    it('translates <@botId> mention to trigger format', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: '<@999888777> what time is it?',
+        mentionsBotId: true,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '@Andy what time is it?',
+        }),
+      );
+    });
+
+    it('does not translate if message already matches trigger', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: '@Andy hello <@999888777>',
+        mentionsBotId: true,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      // Should NOT prepend @Andy — already starts with trigger
+      // But the <@botId> should still be stripped
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '@Andy hello',
+        }),
+      );
+    });
+
+    it('does not translate when bot is not mentioned', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'hello everyone',
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: 'hello everyone',
+        }),
+      );
+    });
+
+    it('handles <@!botId> (nickname mention format)', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: '<@!999888777> check this',
+        mentionsBotId: true,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '@Andy check this',
+        }),
+      );
+    });
+  });
+
+  // --- Attachments ---
+
+  describe('attachments', () => {
+    it('stores image attachment with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const attachments = new Map([
+        ['att1', { name: 'photo.png', contentType: 'image/png' }],
+      ]);
+      const msg = createMessage({
+        content: '',
+        attachments,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '[Image: photo.png]',
+        }),
+      );
+    });
+
+    it('stores video attachment with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const attachments = new Map([
+        ['att1', { name: 'clip.mp4', contentType: 'video/mp4' }],
+      ]);
+      const msg = createMessage({
+        content: '',
+        attachments,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '[Video: clip.mp4]',
+        }),
+      );
+    });
+
+    it('stores file attachment with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const attachments = new Map([
+        ['att1', { name: 'report.pdf', contentType: 'application/pdf' }],
+      ]);
+      const msg = createMessage({
+        content: '',
+        attachments,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '[File: report.pdf]',
+        }),
+      );
+    });
+
+    it('includes text content with attachments', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const attachments = new Map([
+        ['att1', { name: 'photo.jpg', contentType: 'image/jpeg' }],
+      ]);
+      const msg = createMessage({
+        content: 'Check this out',
+        attachments,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: 'Check this out\n[Image: photo.jpg]',
+        }),
+      );
+    });
+
+    it('handles multiple attachments', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const attachments = new Map([
+        ['att1', { name: 'a.png', contentType: 'image/png' }],
+        ['att2', { name: 'b.txt', contentType: 'text/plain' }],
+      ]);
+      const msg = createMessage({
+        content: '',
+        attachments,
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '[Image: a.png]\n[File: b.txt]',
+        }),
+      );
+    });
+  });
+
+  // --- Reply context ---
+
+  describe('reply context', () => {
+    it('includes reply author in content', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const msg = createMessage({
+        content: 'I agree with that',
+        reference: { messageId: 'original_msg_id' },
+        guildName: 'Server',
+      });
+      await triggerMessage(msg);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'dc:1234567890123456',
+        expect.objectContaining({
+          content: '[Reply to Bob] I agree with that',
+        }),
+      );
+    });
+  });
+
+  // --- sendMessage ---
+
+  describe('sendMessage', () => {
+    it('sends message via channel', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.sendMessage('dc:1234567890123456', 'Hello');
+
+      const fetchedChannel = await currentClient().channels.fetch('1234567890123456');
+      expect(currentClient().channels.fetch).toHaveBeenCalledWith('1234567890123456');
+    });
+
+    it('strips dc: prefix from JID', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.sendMessage('dc:9876543210', 'Test');
+
+      expect(currentClient().channels.fetch).toHaveBeenCalledWith('9876543210');
+    });
+
+    it('handles send failure gracefully', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      currentClient().channels.fetch.mockRejectedValueOnce(
+        new Error('Channel not found'),
+      );
+
+      // Should not throw
+      await expect(
+        channel.sendMessage('dc:1234567890123456', 'Will fail'),
+      ).resolves.toBeUndefined();
+    });
+
+    it('does nothing when client is not initialized', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      // Don't connect — client is null
+      await channel.sendMessage('dc:1234567890123456', 'No client');
+
+      // No error, no API call
+    });
+
+    it('splits messages exceeding 2000 characters', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const mockChannel = {
+        send: vi.fn().mockResolvedValue(undefined),
+        sendTyping: vi.fn(),
+      };
+      currentClient().channels.fetch.mockResolvedValue(mockChannel);
+
+      const longText = 'x'.repeat(3000);
+      await channel.sendMessage('dc:1234567890123456', longText);
+
+      expect(mockChannel.send).toHaveBeenCalledTimes(2);
+      expect(mockChannel.send).toHaveBeenNthCalledWith(1, 'x'.repeat(2000));
+      expect(mockChannel.send).toHaveBeenNthCalledWith(2, 'x'.repeat(1000));
+    });
+  });
+
+  // --- ownsJid ---
+
+  describe('ownsJid', () => {
+    it('owns dc: JIDs', () => {
+      const channel = new DiscordChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('dc:1234567890123456')).toBe(true);
+    });
+
+    it('does not own WhatsApp group JIDs', () => {
+      const channel = new DiscordChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('12345@g.us')).toBe(false);
+    });
+
+    it('does not own Telegram JIDs', () => {
+      const channel = new DiscordChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('tg:123456789')).toBe(false);
+    });
+
+    it('does not own unknown JID formats', () => {
+      const channel = new DiscordChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('random-string')).toBe(false);
+    });
+  });
+
+  // --- setTyping ---
+
+  describe('setTyping', () => {
+    it('sends typing indicator when isTyping is true', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      const mockChannel = {
+        send: vi.fn(),
+        sendTyping: vi.fn().mockResolvedValue(undefined),
+      };
+      currentClient().channels.fetch.mockResolvedValue(mockChannel);
+
+      await channel.setTyping('dc:1234567890123456', true);
+
+      expect(mockChannel.sendTyping).toHaveBeenCalled();
+    });
+
+    it('does nothing when isTyping is false', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.setTyping('dc:1234567890123456', false);
+
+      // channels.fetch should NOT be called
+      expect(currentClient().channels.fetch).not.toHaveBeenCalled();
+    });
+
+    it('does nothing when client is not initialized', async () => {
+      const opts = createTestOpts();
+      const channel = new DiscordChannel('test-token', opts);
+
+      // Don't connect
+      await channel.setTyping('dc:1234567890123456', true);
+
+      // No error
+    });
+  });
+
+  // --- Channel properties ---
+
+  describe('channel properties', () => {
+    it('has name "discord"', () => {
+      const channel = new DiscordChannel('test-token', createTestOpts());
+      expect(channel.name).toBe('discord');
+    });
+  });
+});
diff --git a/.agent/skills/add-discord/add/src/channels/discord.ts b/.agent/skills/add-discord/add/src/channels/discord.ts
new file mode 100644
index 0000000..997d489
--- /dev/null
+++ b/.agent/skills/add-discord/add/src/channels/discord.ts
@@ -0,0 +1,236 @@
+import { Client, Events, GatewayIntentBits, Message, TextChannel } from 'discord.js';
+
+import { ASSISTANT_NAME, TRIGGER_PATTERN } from '../config.js';
+import { logger } from '../logger.js';
+import {
+  Channel,
+  OnChatMetadata,
+  OnInboundMessage,
+  RegisteredGroup,
+} from '../types.js';
+
+export interface DiscordChannelOpts {
+  onMessage: OnInboundMessage;
+  onChatMetadata: OnChatMetadata;
+  registeredGroups: () => Record<string, RegisteredGroup>;
+}
+
+export class DiscordChannel implements Channel {
+  name = 'discord';
+
+  private client: Client | null = null;
+  private opts: DiscordChannelOpts;
+  private botToken: string;
+
+  constructor(botToken: string, opts: DiscordChannelOpts) {
+    this.botToken = botToken;
+    this.opts = opts;
+  }
+
+  async connect(): Promise<void> {
+    this.client = new Client({
+      intents: [
+        GatewayIntentBits.Guilds,
+        GatewayIntentBits.GuildMessages,
+        GatewayIntentBits.MessageContent,
+        GatewayIntentBits.DirectMessages,
+      ],
+    });
+
+    this.client.on(Events.MessageCreate, async (message: Message) => {
+      // Ignore bot messages (including own)
+      if (message.author.bot) return;
+
+      const channelId = message.channelId;
+      const chatJid = `dc:${channelId}`;
+      let content = message.content;
+      const timestamp = message.createdAt.toISOString();
+      const senderName =
+        message.member?.displayName ||
+        message.author.displayName ||
+        message.author.username;
+      const sender = message.author.id;
+      const msgId = message.id;
+
+      // Determine chat name
+      let chatName: string;
+      if (message.guild) {
+        const textChannel = message.channel as TextChannel;
+        chatName = `${message.guild.name} #${textChannel.name}`;
+      } else {
+        chatName = senderName;
+      }
+
+      // Translate Discord @bot mentions into TRIGGER_PATTERN format.
+      // Discord mentions look like <@botUserId> — these won't match
+      // TRIGGER_PATTERN (e.g., ^@Andy\b), so we prepend the trigger
+      // when the bot is @mentioned.
+      if (this.client?.user) {
+        const botId = this.client.user.id;
+        const isBotMentioned =
+          message.mentions.users.has(botId) ||
+          content.includes(`<@${botId}>`) ||
+          content.includes(`<@!${botId}>`);
+
+        if (isBotMentioned) {
+          // Strip the <@botId> mention to avoid visual clutter
+          content = content
+            .replace(new RegExp(`<@!?${botId}>`, 'g'), '')
+            .trim();
+          // Prepend trigger if not already present
+          if (!TRIGGER_PATTERN.test(content)) {
+            content = `@${ASSISTANT_NAME} ${content}`;
+          }
+        }
+      }
+
+      // Handle attachments — store placeholders so the agent knows something was sent
+      if (message.attachments.size > 0) {
+        const attachmentDescriptions = [...message.attachments.values()].map((att) => {
+          const contentType = att.contentType || '';
+          if (contentType.startsWith('image/')) {
+            return `[Image: ${att.name || 'image'}]`;
+          } else if (contentType.startsWith('video/')) {
+            return `[Video: ${att.name || 'video'}]`;
+          } else if (contentType.startsWith('audio/')) {
+            return `[Audio: ${att.name || 'audio'}]`;
+          } else {
+            return `[File: ${att.name || 'file'}]`;
+          }
+        });
+        if (content) {
+          content = `${content}\n${attachmentDescriptions.join('\n')}`;
+        } else {
+          content = attachmentDescriptions.join('\n');
+        }
+      }
+
+      // Handle reply context — include who the user is replying to
+      if (message.reference?.messageId) {
+        try {
+          const repliedTo = await message.channel.messages.fetch(
+            message.reference.messageId,
+          );
+          const replyAuthor =
+            repliedTo.member?.displayName ||
+            repliedTo.author.displayName ||
+            repliedTo.author.username;
+          content = `[Reply to ${replyAuthor}] ${content}`;
+        } catch {
+          // Referenced message may have been deleted
+        }
+      }
+
+      // Store chat metadata for discovery
+      this.opts.onChatMetadata(chatJid, timestamp, chatName);
+
+      // Only deliver full message for registered groups
+      const group = this.opts.registeredGroups()[chatJid];
+      if (!group) {
+        logger.debug(
+          { chatJid, chatName },
+          'Message from unregistered Discord channel',
+        );
+        return;
+      }
+
+      // Deliver message — startMessageLoop() will pick it up
+      this.opts.onMessage(chatJid, {
+        id: msgId,
+        chat_jid: chatJid,
+        sender,
+        sender_name: senderName,
+        content,
+        timestamp,
+        is_from_me: false,
+      });
+
+      logger.info(
+        { chatJid, chatName, sender: senderName },
+        'Discord message stored',
+      );
+    });
+
+    // Handle errors gracefully
+    this.client.on(Events.Error, (err) => {
+      logger.error({ err: err.message }, 'Discord client error');
+    });
+
+    return new Promise<void>((resolve) => {
+      this.client!.once(Events.ClientReady, (readyClient) => {
+        logger.info(
+          { username: readyClient.user.tag, id: readyClient.user.id },
+          'Discord bot connected',
+        );
+        console.log(`\n  Discord bot: ${readyClient.user.tag}`);
+        console.log(
+          `  Use /chatid command or check channel IDs in Discord settings\n`,
+        );
+        resolve();
+      });
+
+      this.client!.login(this.botToken);
+    });
+  }
+
+  async sendMessage(jid: string, text: string): Promise<void> {
+    if (!this.client) {
+      logger.warn('Discord client not initialized');
+      return;
+    }
+
+    try {
+      const channelId = jid.replace(/^dc:/, '');
+      const channel = await this.client.channels.fetch(channelId);
+
+      if (!channel || !('send' in channel)) {
+        logger.warn({ jid }, 'Discord channel not found or not text-based');
+        return;
+      }
+
+      const textChannel = channel as TextChannel;
+
+      // Discord has a 2000 character limit per message — split if needed
+      const MAX_LENGTH = 2000;
+      if (text.length <= MAX_LENGTH) {
+        await textChannel.send(text);
+      } else {
+        for (let i = 0; i < text.length; i += MAX_LENGTH) {
+          await textChannel.send(text.slice(i, i + MAX_LENGTH));
+        }
+      }
+      logger.info({ jid, length: text.length }, 'Discord message sent');
+    } catch (err) {
+      logger.error({ jid, err }, 'Failed to send Discord message');
+    }
+  }
+
+  isConnected(): boolean {
+    return this.client !== null && this.client.isReady();
+  }
+
+  ownsJid(jid: string): boolean {
+    return jid.startsWith('dc:');
+  }
+
+  async disconnect(): Promise<void> {
+    if (this.client) {
+      this.client.destroy();
+      this.client = null;
+      logger.info('Discord bot stopped');
+    }
+  }
+
+  async setTyping(jid: string, isTyping: boolean): Promise<void> {
+    if (!this.client || !isTyping) return;
+    try {
+      const channelId = jid.replace(/^dc:/, '');
+      const channel = await this.client.channels.fetch(channelId);
+      if (channel && 'sendTyping' in channel) {
+        await (channel as TextChannel).sendTyping();
+      }
+    } catch (err) {
+      logger.debug({ jid, err }, 'Failed to send Discord typing indicator');
+    }
+  }
+}
diff --git a/.agent/skills/add-discord/manifest.yaml b/.agent/skills/add-discord/manifest.yaml
new file mode 100644
index 0000000..f2cf2c8
--- /dev/null
+++ b/.agent/skills/add-discord/manifest.yaml
@@ -0,0 +1,20 @@
+skill: discord
+version: 1.0.0
+description: "Discord Bot integration via discord.js"
+core_version: 0.1.0
+adds:
+  - src/channels/discord.ts
+  - src/channels/discord.test.ts
+modifies:
+  - src/index.ts
+  - src/config.ts
+  - src/routing.test.ts
+structured:
+  npm_dependencies:
+    discord.js: "^14.18.0"
+  env_additions:
+    - DISCORD_BOT_TOKEN
+    - DISCORD_ONLY
+conflicts: []
+depends: []
+test: "npx vitest run src/channels/discord.test.ts"
diff --git a/.agent/skills/add-discord/modify/src/config.ts b/.agent/skills/add-discord/modify/src/config.ts
new file mode 100644
index 0000000..41cc2ce
--- /dev/null
+++ b/.agent/skills/add-discord/modify/src/config.ts
@@ -0,0 +1,77 @@
+import os from 'os';
+import path from 'path';
+
+import { readEnvFile } from './env.js';
+
+// Read config values from .env (falls back to process.env).
+// Secrets are NOT read here — they stay on disk and are loaded only
+// where needed (container-runner.ts) to avoid leaking to child processes.
+const envConfig = readEnvFile([
+  'ASSISTANT_NAME',
+  'ASSISTANT_HAS_OWN_NUMBER',
+  'DISCORD_BOT_TOKEN',
+  'DISCORD_ONLY',
+]);
+
+export const ASSISTANT_NAME =
+  process.env.ASSISTANT_NAME || envConfig.ASSISTANT_NAME || 'Andy';
+export const ASSISTANT_HAS_OWN_NUMBER =
+  (process.env.ASSISTANT_HAS_OWN_NUMBER || envConfig.ASSISTANT_HAS_OWN_NUMBER) === 'true';
+export const POLL_INTERVAL = 2000;
+export const SCHEDULER_POLL_INTERVAL = 60000;
+
+// Absolute paths needed for container mounts
+const PROJECT_ROOT = process.cwd();
+const HOME_DIR = process.env.HOME || os.homedir();
+
+// Mount security: allowlist stored OUTSIDE project root, never mounted into containers
+export const MOUNT_ALLOWLIST_PATH = path.join(
+  HOME_DIR,
+  '.config',
+  (process.env.AGENT_NAME || 'clawdie') + '-cp',
+  'mount-allowlist.json',
+);
+export const STORE_DIR = path.resolve(PROJECT_ROOT, 'store');
+export const GROUPS_DIR = path.resolve(PROJECT_ROOT, 'groups');
+export const DATA_DIR = path.resolve(PROJECT_ROOT, 'data');
+export const MAIN_GROUP_FOLDER = 'main';
+
+export const CONTAINER_IMAGE =
+  process.env.CONTAINER_IMAGE || (process.env.AGENT_NAME || 'clawdie') + '-cp-agent:latest';
+export const CONTAINER_TIMEOUT = parseInt(
+  process.env.CONTAINER_TIMEOUT || '1800000',
+  10,
+);
+export const CONTAINER_MAX_OUTPUT_SIZE = parseInt(
+  process.env.CONTAINER_MAX_OUTPUT_SIZE || '10485760',
+  10,
+); // 10MB default
+export const IPC_POLL_INTERVAL = 1000;
+export const IDLE_TIMEOUT = parseInt(
+  process.env.IDLE_TIMEOUT || '1800000',
+  10,
+); // 30min default — how long to keep container alive after last result
+export const MAX_CONCURRENT_CONTAINERS = Math.max(
+  1,
+  parseInt(process.env.MAX_CONCURRENT_CONTAINERS || '5', 10) || 5,
+);
+
+function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+export const TRIGGER_PATTERN = new RegExp(
+  `^@${escapeRegex(ASSISTANT_NAME)}\\b`,
+  'i',
+);
+
+// Timezone for scheduled tasks (cron expressions, etc.)
+// Uses system timezone by default
+export const TIMEZONE =
+  process.env.TZ || Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+// Discord configuration
+export const DISCORD_BOT_TOKEN =
+  process.env.DISCORD_BOT_TOKEN || envConfig.DISCORD_BOT_TOKEN || '';
+export const DISCORD_ONLY =
+  (process.env.DISCORD_ONLY || envConfig.DISCORD_ONLY) === 'true';
diff --git a/.agent/skills/add-discord/modify/src/config.ts.intent.md b/.agent/skills/add-discord/modify/src/config.ts.intent.md
new file mode 100644
index 0000000..624d4c7
--- /dev/null
+++ b/.agent/skills/add-discord/modify/src/config.ts.intent.md
@@ -0,0 +1,25 @@
+# Intent: src/config.ts modifications
+
+## What changed
+
+Added two new configuration exports for Discord channel support.
+
+## Key sections
+
+- **readEnvFile call**: Must include `DISCORD_BOT_TOKEN` and `DISCORD_ONLY` in the keys array. NanoClaw does NOT load `.env` into `process.env` — all `.env` values must be explicitly requested via `readEnvFile()`.
+- **DISCORD_BOT_TOKEN**: Read from `process.env` first, then `envConfig` fallback, defaults to empty string (channel disabled when empty)
+- **DISCORD_ONLY**: Boolean flag from `process.env` or `envConfig`, when `true` disables WhatsApp channel creation
+
+## Invariants
+
+- All existing config exports remain unchanged
+- New Discord keys are added to the `readEnvFile` call alongside existing keys
+- New exports are appended at the end of the file
+- No existing behavior is modified — Discord config is additive only
+- Both `process.env` and `envConfig` are checked (same pattern as `ASSISTANT_NAME`)
+
+## Must-keep
+
+- All existing exports (`ASSISTANT_NAME`, `POLL_INTERVAL`, `TRIGGER_PATTERN`, etc.)
+- The `readEnvFile` pattern — ALL config read from `.env` must go through this function
+- The `escapeRegex` helper and `TRIGGER_PATTERN` construction
diff --git a/.agent/skills/add-discord/modify/src/index.ts b/.agent/skills/add-discord/modify/src/index.ts
new file mode 100644
index 0000000..4b6f30e
--- /dev/null
+++ b/.agent/skills/add-discord/modify/src/index.ts
@@ -0,0 +1,509 @@
+import fs from 'fs';
+import path from 'path';
+
+import {
+  ASSISTANT_NAME,
+  DISCORD_BOT_TOKEN,
+  DISCORD_ONLY,
+  IDLE_TIMEOUT,
+  MAIN_GROUP_FOLDER,
+  POLL_INTERVAL,
+  TRIGGER_PATTERN,
+} from './config.js';
+import { DiscordChannel } from './channels/discord.js';
+import { WhatsAppChannel } from './channels/whatsapp.js';
+import {
+  ContainerOutput,
+  runContainerAgent,
+  writeGroupsSnapshot,
+  writeTasksSnapshot,
+} from './container-runner.js';
+import { cleanupOrphans, ensureContainerRuntimeRunning } from './container-runtime.js';
+import {
+  getAllChats,
+  getAllRegisteredGroups,
+  getAllSessions,
+  getAllTasks,
+  getMessagesSince,
+  getNewMessages,
+  getRouterState,
+  initDatabase,
+  setRegisteredGroup,
+  setRouterState,
+  setSession,
+  storeChatMetadata,
+  storeMessage,
+} from './db.js';
+import { GroupQueue } from './group-queue.js';
+import { resolveGroupFolderPath } from './group-folder.js';
+import { startIpcWatcher } from './ipc.js';
+import { findChannel, formatMessages, formatOutbound } from './router.js';
+import { startSchedulerLoop } from './task-scheduler.js';
+import { Channel, NewMessage, RegisteredGroup } from './types.js';
+import { logger } from './logger.js';
+
+// Re-export for backwards compatibility during refactor
+export { escapeXml, formatMessages } from './router.js';
+
+let lastTimestamp = '';
+let sessions: Record<string, string> = {};
+let registeredGroups: Record<string, RegisteredGroup> = {};
+let lastAgentTimestamp: Record<string, string> = {};
+let messageLoopRunning = false;
+
+let whatsapp: WhatsAppChannel;
+const channels: Channel[] = [];
+const queue = new GroupQueue();
+
+function loadState(): void {
+  lastTimestamp = getRouterState('last_timestamp') || '';
+  const agentTs = getRouterState('last_agent_timestamp');
+  try {
+    lastAgentTimestamp = agentTs ? JSON.parse(agentTs) : {};
+  } catch {
+    logger.warn('Corrupted last_agent_timestamp in DB, resetting');
+    lastAgentTimestamp = {};
+  }
+  sessions = getAllSessions();
+  registeredGroups = getAllRegisteredGroups();
+  logger.info(
+    { groupCount: Object.keys(registeredGroups).length },
+    'State loaded',
+  );
+}
+
+function saveState(): void {
+  setRouterState('last_timestamp', lastTimestamp);
+  setRouterState(
+    'last_agent_timestamp',
+    JSON.stringify(lastAgentTimestamp),
+  );
+}
+
+function registerGroup(jid: string, group: RegisteredGroup): void {
+  let groupDir: string;
+  try {
+    groupDir = resolveGroupFolderPath(group.folder);
+  } catch (err) {
+    logger.warn(
+      { jid, folder: group.folder, err },
+      'Rejecting group registration with invalid folder',
+    );
+    return;
+  }
+
+  registeredGroups[jid] = group;
+  setRegisteredGroup(jid, group);
+
+  // Create group folder
+  fs.mkdirSync(path.join(groupDir, 'logs'), { recursive: true });
+
+  logger.info(
+    { jid, name: group.name, folder: group.folder },
+    'Group registered',
+  );
+}
+
+/**
+ * Get available groups list for the agent.
+ * Returns groups ordered by most recent activity.
+ */
+export function getAvailableGroups(): import('./container-runner.js').AvailableGroup[] {
+  const chats = getAllChats();
+  const registeredJids = new Set(Object.keys(registeredGroups));
+
+  return chats
+    .filter((c) => c.jid !== '__group_sync__' && c.is_group)
+    .map((c) => ({
+      jid: c.jid,
+      name: c.name,
+      lastActivity: c.last_message_time,
+      isRegistered: registeredJids.has(c.jid),
+    }));
+}
+
+/** @internal - exported for testing */
+export function _setRegisteredGroups(groups: Record<string, RegisteredGroup>): void {
+  registeredGroups = groups;
+}
+
+/**
+ * Process all pending messages for a group.
+ * Called by the GroupQueue when it's this group's turn.
+ */
+async function processGroupMessages(chatJid: string): Promise<boolean> {
+  const group = registeredGroups[chatJid];
+  if (!group) return true;
+
+  const channel = findChannel(channels, chatJid);
+  if (!channel) {
+    console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+    return true;
+  }
+
+  const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+
+  const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+  const missedMessages = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+
+  if (missedMessages.length === 0) return true;
+
+  // For non-main groups, check if trigger is required and present
+  if (!isMainGroup && group.requiresTrigger !== false) {
+    const hasTrigger = missedMessages.some((m) =>
+      TRIGGER_PATTERN.test(m.content.trim()),
+    );
+    if (!hasTrigger) return true;
+  }
+
+  const prompt = formatMessages(missedMessages);
+
+  // Advance cursor so the piping path in startMessageLoop won't re-fetch
+  // these messages. Save the old cursor so we can roll back on error.
+  const previousCursor = lastAgentTimestamp[chatJid] || '';
+  lastAgentTimestamp[chatJid] =
+    missedMessages[missedMessages.length - 1].timestamp;
+  saveState();
+
+  logger.info(
+    { group: group.name, messageCount: missedMessages.length },
+    'Processing messages',
+  );
+
+  // Track idle timer for closing stdin when agent is idle
+  let idleTimer: ReturnType<typeof setTimeout> | null = null;
+
+  const resetIdleTimer = () => {
+    if (idleTimer) clearTimeout(idleTimer);
+    idleTimer = setTimeout(() => {
+      logger.debug({ group: group.name }, 'Idle timeout, closing container stdin');
+      queue.closeStdin(chatJid);
+    }, IDLE_TIMEOUT);
+  };
+
+  await channel.setTyping?.(chatJid, true);
+  let hadError = false;
+  let outputSentToUser = false;
+
+  const output = await runAgent(group, prompt, chatJid, async (result) => {
+    // Streaming output callback — called for each agent result
+    if (result.result) {
+      const raw = typeof result.result === 'string' ? result.result : JSON.stringify(result.result);
+      // Strip <internal>...</internal> blocks — agent uses these for internal reasoning
+      const text = raw.replace(/<internal>[\s\S]*?<\/internal>/g, '').trim();
+      logger.info({ group: group.name }, `Agent output: ${raw.slice(0, 200)}`);
+      if (text) {
+        await channel.sendMessage(chatJid, text);
+        outputSentToUser = true;
+      }
+      // Only reset idle timer on actual results, not session-update markers (result: null)
+      resetIdleTimer();
+    }
+
+    if (result.status === 'success') {
+      queue.notifyIdle(chatJid);
+    }
+
+    if (result.status === 'error') {
+      hadError = true;
+    }
+  });
+
+  await channel.setTyping?.(chatJid, false);
+  if (idleTimer) clearTimeout(idleTimer);
+
+  if (output === 'error' || hadError) {
+    // If we already sent output to the user, don't roll back the cursor —
+    // the user got their response and re-processing would send duplicates.
+    if (outputSentToUser) {
+      logger.warn({ group: group.name }, 'Agent error after output was sent, skipping cursor rollback to prevent duplicates');
+      return true;
+    }
+    // Roll back cursor so retries can re-process these messages
+    lastAgentTimestamp[chatJid] = previousCursor;
+    saveState();
+    logger.warn({ group: group.name }, 'Agent error, rolled back message cursor for retry');
+    return false;
+  }
+
+  return true;
+}
+
+async function runAgent(
+  group: RegisteredGroup,
+  prompt: string,
+  chatJid: string,
+  onOutput?: (output: ContainerOutput) => Promise<void>,
+): Promise<'success' | 'error'> {
+  const isMain = group.folder === MAIN_GROUP_FOLDER;
+  const sessionId = sessions[group.folder];
+
+  // Update tasks snapshot for container to read (filtered by group)
+  const tasks = getAllTasks();
+  writeTasksSnapshot(
+    group.folder,
+    isMain,
+    tasks.map((t) => ({
+      id: t.id,
+      groupFolder: t.group_folder,
+      prompt: t.prompt,
+      schedule_type: t.schedule_type,
+      schedule_value: t.schedule_value,
+      status: t.status,
+      next_run: t.next_run,
+    })),
+  );
+
+  // Update available groups snapshot (main group only can see all groups)
+  const availableGroups = getAvailableGroups();
+  writeGroupsSnapshot(
+    group.folder,
+    isMain,
+    availableGroups,
+    new Set(Object.keys(registeredGroups)),
+  );
+
+  // Wrap onOutput to track session ID from streamed results
+  const wrappedOnOutput = onOutput
+    ? async (output: ContainerOutput) => {
+        if (output.newSessionId) {
+          sessions[group.folder] = output.newSessionId;
+          setSession(group.folder, output.newSessionId);
+        }
+        await onOutput(output);
+      }
+    : undefined;
+
+  try {
+    const output = await runContainerAgent(
+      group,
+      {
+        prompt,
+        sessionId,
+        groupFolder: group.folder,
+        chatJid,
+        isMain,
+        assistantName: ASSISTANT_NAME,
+      },
+      (proc, containerName) => queue.registerProcess(chatJid, proc, containerName, group.folder),
+      wrappedOnOutput,
+    );
+
+    if (output.newSessionId) {
+      sessions[group.folder] = output.newSessionId;
+      setSession(group.folder, output.newSessionId);
+    }
+
+    if (output.status === 'error') {
+      logger.error(
+        { group: group.name, error: output.error },
+        'Container agent error',
+      );
+      return 'error';
+    }
+
+    return 'success';
+  } catch (err) {
+    logger.error({ group: group.name, err }, 'Agent error');
+    return 'error';
+  }
+}
+
+async function startMessageLoop(): Promise<void> {
+  if (messageLoopRunning) {
+    logger.debug('Message loop already running, skipping duplicate start');
+    return;
+  }
+  messageLoopRunning = true;
+
+  logger.info(`NanoClaw running (trigger: @${ASSISTANT_NAME})`);
+
+  while (true) {
+    try {
+      const jids = Object.keys(registeredGroups);
+      const { messages, newTimestamp } = getNewMessages(jids, lastTimestamp, ASSISTANT_NAME);
+
+      if (messages.length > 0) {
+        logger.info({ count: messages.length }, 'New messages');
+
+        // Advance the "seen" cursor for all messages immediately
+        lastTimestamp = newTimestamp;
+        saveState();
+
+        // Deduplicate by group
+        const messagesByGroup = new Map<string, NewMessage[]>();
+        for (const msg of messages) {
+          const existing = messagesByGroup.get(msg.chat_jid);
+          if (existing) {
+            existing.push(msg);
+          } else {
+            messagesByGroup.set(msg.chat_jid, [msg]);
+          }
+        }
+
+        for (const [chatJid, groupMessages] of messagesByGroup) {
+          const group = registeredGroups[chatJid];
+          if (!group) continue;
+
+          const channel = findChannel(channels, chatJid);
+          if (!channel) {
+            console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+            continue;
+          }
+
+          const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+          const needsTrigger = !isMainGroup && group.requiresTrigger !== false;
+
+          // For non-main groups, only act on trigger messages.
+          // Non-trigger messages accumulate in DB and get pulled as
+          // context when a trigger eventually arrives.
+          if (needsTrigger) {
+            const hasTrigger = groupMessages.some((m) =>
+              TRIGGER_PATTERN.test(m.content.trim()),
+            );
+            if (!hasTrigger) continue;
+          }
+
+          // Pull all messages since lastAgentTimestamp so non-trigger
+          // context that accumulated between triggers is included.
+          const allPending = getMessagesSince(
+            chatJid,
+            lastAgentTimestamp[chatJid] || '',
+            ASSISTANT_NAME,
+          );
+          const messagesToSend =
+            allPending.length > 0 ? allPending : groupMessages;
+          const formatted = formatMessages(messagesToSend);
+
+          if (queue.sendMessage(chatJid, formatted)) {
+            logger.debug(
+              { chatJid, count: messagesToSend.length },
+              'Piped messages to active container',
+            );
+            lastAgentTimestamp[chatJid] =
+              messagesToSend[messagesToSend.length - 1].timestamp;
+            saveState();
+            // Show typing indicator while the container processes the piped message
+            channel.setTyping?.(chatJid, true)?.catch((err) =>
+              logger.warn({ chatJid, err }, 'Failed to set typing indicator'),
+            );
+          } else {
+            // No active container — enqueue for a new one
+            queue.enqueueMessageCheck(chatJid);
+          }
+        }
+      }
+    } catch (err) {
+      logger.error({ err }, 'Error in message loop');
+    }
+    await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL));
+  }
+}
+
+/**
+ * Startup recovery: check for unprocessed messages in registered groups.
+ * Handles crash between advancing lastTimestamp and processing messages.
+ */
+function recoverPendingMessages(): void {
+  for (const [chatJid, group] of Object.entries(registeredGroups)) {
+    const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+    const pending = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+    if (pending.length > 0) {
+      logger.info(
+        { group: group.name, pendingCount: pending.length },
+        'Recovery: found unprocessed messages',
+      );
+      queue.enqueueMessageCheck(chatJid);
+    }
+  }
+}
+
+function ensureContainerSystemRunning(): void {
+  ensureContainerRuntimeRunning();
+  cleanupOrphans();
+}
+
+async function main(): Promise<void> {
+  ensureContainerSystemRunning();
+  initDatabase();
+  logger.info('Database initialized');
+  loadState();
+
+  // Graceful shutdown handlers
+  const shutdown = async (signal: string) => {
+    logger.info({ signal }, 'Shutdown signal received');
+    await queue.shutdown(10000);
+    for (const ch of channels) await ch.disconnect();
+    process.exit(0);
+  };
+  process.on('SIGTERM', () => shutdown('SIGTERM'));
+  process.on('SIGINT', () => shutdown('SIGINT'));
+
+  // Channel callbacks (shared by all channels)
+  const channelOpts = {
+    onMessage: (_chatJid: string, msg: NewMessage) => storeMessage(msg),
+    onChatMetadata: (chatJid: string, timestamp: string, name?: string, channel?: string, isGroup?: boolean) =>
+      storeChatMetadata(chatJid, timestamp, name, channel, isGroup),
+    registeredGroups: () => registeredGroups,
+  };
+
+  // Create and connect channels
+  if (DISCORD_BOT_TOKEN) {
+    const discord = new DiscordChannel(DISCORD_BOT_TOKEN, channelOpts);
+    channels.push(discord);
+    await discord.connect();
+  }
+
+  if (!DISCORD_ONLY) {
+    whatsapp = new WhatsAppChannel(channelOpts);
+    channels.push(whatsapp);
+    await whatsapp.connect();
+  }
+
+  // Start subsystems (independently of connection handler)
+  startSchedulerLoop({
+    registeredGroups: () => registeredGroups,
+    getSessions: () => sessions,
+    queue,
+    onProcess: (groupJid, proc, containerName, groupFolder) => queue.registerProcess(groupJid, proc, containerName, groupFolder),
+    sendMessage: async (jid, rawText) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) {
+        console.log(`Warning: no channel owns JID ${jid}, cannot send message`);
+        return;
+      }
+      const text = formatOutbound(rawText);
+      if (text) await channel.sendMessage(jid, text);
+    },
+  });
+  startIpcWatcher({
+    sendMessage: (jid, text) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) throw new Error(`No channel for JID: ${jid}`);
+      return channel.sendMessage(jid, text);
+    },
+    registeredGroups: () => registeredGroups,
+    registerGroup,
+    syncGroupMetadata: (force) => whatsapp?.syncGroupMetadata(force) ?? Promise.resolve(),
+    getAvailableGroups,
+    writeGroupsSnapshot: (gf, im, ag, rj) => writeGroupsSnapshot(gf, im, ag, rj),
+  });
+  queue.setProcessMessagesFn(processGroupMessages);
+  recoverPendingMessages();
+  startMessageLoop().catch((err) => {
+    logger.fatal({ err }, 'Message loop crashed unexpectedly');
+    process.exit(1);
+  });
+}
+
+// Guard: only run when executed directly, not when imported by tests
+const isDirectRun =
+  process.argv[1] &&
+  new URL(import.meta.url).pathname === new URL(`file://${process.argv[1]}`).pathname;
+
+if (isDirectRun) {
+  main().catch((err) => {
+    logger.error({ err }, 'Failed to start NanoClaw');
+    process.exit(1);
+  });
+}
diff --git a/.agent/skills/add-discord/modify/src/index.ts.intent.md b/.agent/skills/add-discord/modify/src/index.ts.intent.md
new file mode 100644
index 0000000..29a8bf3
--- /dev/null
+++ b/.agent/skills/add-discord/modify/src/index.ts.intent.md
@@ -0,0 +1,50 @@
+# Intent: src/index.ts modifications
+
+## What changed
+
+Added Discord as a channel option alongside WhatsApp, introducing multi-channel infrastructure.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `DiscordChannel` from `./channels/discord.js`
+- Added: `DISCORD_BOT_TOKEN`, `DISCORD_ONLY` from `./config.js`
+- Added: `findChannel` from `./router.js`
+- Added: `Channel` from `./types.js`
+
+### Multi-channel infrastructure
+
+- Added: `const channels: Channel[] = []` array to hold all active channels
+- Changed: `processGroupMessages` uses `findChannel(channels, chatJid)` instead of `whatsapp` directly
+- Changed: `startMessageLoop` uses `findChannel(channels, chatJid)` instead of `whatsapp` directly
+- Changed: `channel.setTyping?.()` instead of `whatsapp.setTyping()`
+- Changed: `channel.sendMessage()` instead of `whatsapp.sendMessage()`
+
+### getAvailableGroups()
+
+- Unchanged: uses `c.is_group` filter from base (Discord channels pass `isGroup=true` via `onChatMetadata`)
+
+### main()
+
+- Added: `channelOpts` shared callback object for all channels
+- Changed: WhatsApp conditional to `if (!DISCORD_ONLY)`
+- Added: conditional Discord creation (`if (DISCORD_BOT_TOKEN)`)
+- Changed: shutdown iterates `channels` array instead of just `whatsapp`
+- Changed: subsystems use `findChannel(channels, jid)` for message routing
+
+## Invariants
+
+- All existing message processing logic (triggers, cursors, idle timers) is preserved
+- The `runAgent` function is completely unchanged
+- State management (loadState/saveState) is unchanged
+- Recovery logic is unchanged
+- Container runtime check is unchanged (ensureContainerSystemRunning)
+
+## Must-keep
+
+- The `escapeXml` and `formatMessages` re-exports
+- The `_setRegisteredGroups` test helper
+- The `isDirectRun` guard at bottom
+- All error handling and cursor rollback logic in processGroupMessages
+- The outgoing queue flush and reconnection logic (in WhatsAppChannel, not here)
diff --git a/.agent/skills/add-discord/modify/src/routing.test.ts b/.agent/skills/add-discord/modify/src/routing.test.ts
new file mode 100644
index 0000000..6144af0
--- /dev/null
+++ b/.agent/skills/add-discord/modify/src/routing.test.ts
@@ -0,0 +1,147 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+
+import { _initTestDatabase, getAllChats, storeChatMetadata } from './db.js';
+import { getAvailableGroups, _setRegisteredGroups } from './index.js';
+
+beforeEach(() => {
+  _initTestDatabase();
+  _setRegisteredGroups({});
+});
+
+// --- JID ownership patterns ---
+
+describe('JID ownership patterns', () => {
+  // These test the patterns that will become ownsJid() on the Channel interface
+
+  it('WhatsApp group JID: ends with @g.us', () => {
+    const jid = '12345678@g.us';
+    expect(jid.endsWith('@g.us')).toBe(true);
+  });
+
+  it('Discord JID: starts with dc:', () => {
+    const jid = 'dc:1234567890123456';
+    expect(jid.startsWith('dc:')).toBe(true);
+  });
+
+  it('WhatsApp DM JID: ends with @s.whatsapp.net', () => {
+    const jid = '12345678@s.whatsapp.net';
+    expect(jid.endsWith('@s.whatsapp.net')).toBe(true);
+  });
+});
+
+// --- getAvailableGroups ---
+
+describe('getAvailableGroups', () => {
+  it('returns only groups, excludes DMs', () => {
+    storeChatMetadata('group1@g.us', '2024-01-01T00:00:01.000Z', 'Group 1', 'whatsapp', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+    storeChatMetadata('group2@g.us', '2024-01-01T00:00:03.000Z', 'Group 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(2);
+    expect(groups.map((g) => g.jid)).toContain('group1@g.us');
+    expect(groups.map((g) => g.jid)).toContain('group2@g.us');
+    expect(groups.map((g) => g.jid)).not.toContain('user@s.whatsapp.net');
+  });
+
+  it('includes Discord channel JIDs', () => {
+    storeChatMetadata('dc:1234567890123456', '2024-01-01T00:00:01.000Z', 'Discord Channel', 'discord', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('dc:1234567890123456');
+  });
+
+  it('marks registered Discord channels correctly', () => {
+    storeChatMetadata('dc:1234567890123456', '2024-01-01T00:00:01.000Z', 'DC Registered', 'discord', true);
+    storeChatMetadata('dc:9999999999999999', '2024-01-01T00:00:02.000Z', 'DC Unregistered', 'discord', true);
+
+    _setRegisteredGroups({
+      'dc:1234567890123456': {
+        name: 'DC Registered',
+        folder: 'dc-registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const dcReg = groups.find((g) => g.jid === 'dc:1234567890123456');
+    const dcUnreg = groups.find((g) => g.jid === 'dc:9999999999999999');
+
+    expect(dcReg?.isRegistered).toBe(true);
+    expect(dcUnreg?.isRegistered).toBe(false);
+  });
+
+  it('excludes __group_sync__ sentinel', () => {
+    storeChatMetadata('__group_sync__', '2024-01-01T00:00:00.000Z');
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:01.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('marks registered groups correctly', () => {
+    storeChatMetadata('reg@g.us', '2024-01-01T00:00:01.000Z', 'Registered', 'whatsapp', true);
+    storeChatMetadata('unreg@g.us', '2024-01-01T00:00:02.000Z', 'Unregistered', 'whatsapp', true);
+
+    _setRegisteredGroups({
+      'reg@g.us': {
+        name: 'Registered',
+        folder: 'registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const reg = groups.find((g) => g.jid === 'reg@g.us');
+    const unreg = groups.find((g) => g.jid === 'unreg@g.us');
+
+    expect(reg?.isRegistered).toBe(true);
+    expect(unreg?.isRegistered).toBe(false);
+  });
+
+  it('returns groups ordered by most recent activity', () => {
+    storeChatMetadata('old@g.us', '2024-01-01T00:00:01.000Z', 'Old', 'whatsapp', true);
+    storeChatMetadata('new@g.us', '2024-01-01T00:00:05.000Z', 'New', 'whatsapp', true);
+    storeChatMetadata('mid@g.us', '2024-01-01T00:00:03.000Z', 'Mid', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups[0].jid).toBe('new@g.us');
+    expect(groups[1].jid).toBe('mid@g.us');
+    expect(groups[2].jid).toBe('old@g.us');
+  });
+
+  it('excludes non-group chats regardless of JID format', () => {
+    // Unknown JID format stored without is_group should not appear
+    storeChatMetadata('unknown-format-123', '2024-01-01T00:00:01.000Z', 'Unknown');
+    // Explicitly non-group with unusual JID
+    storeChatMetadata('custom:abc', '2024-01-01T00:00:02.000Z', 'Custom DM', 'custom', false);
+    // A real group for contrast
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:03.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('returns empty array when no chats exist', () => {
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(0);
+  });
+
+  it('mixes WhatsApp and Discord chats ordered by activity', () => {
+    storeChatMetadata('wa@g.us', '2024-01-01T00:00:01.000Z', 'WhatsApp', 'whatsapp', true);
+    storeChatMetadata('dc:555', '2024-01-01T00:00:03.000Z', 'Discord', 'discord', true);
+    storeChatMetadata('wa2@g.us', '2024-01-01T00:00:02.000Z', 'WhatsApp 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(3);
+    expect(groups[0].jid).toBe('dc:555');
+    expect(groups[1].jid).toBe('wa2@g.us');
+    expect(groups[2].jid).toBe('wa@g.us');
+  });
+});
diff --git a/.agent/skills/add-discord/tests/discord.test.ts b/.agent/skills/add-discord/tests/discord.test.ts
new file mode 100644
index 0000000..a644aa7
--- /dev/null
+++ b/.agent/skills/add-discord/tests/discord.test.ts
@@ -0,0 +1,133 @@
+import { describe, expect, it } from 'vitest';
+import fs from 'fs';
+import path from 'path';
+
+describe('discord skill package', () => {
+  const skillDir = path.resolve(__dirname, '..');
+
+  it('has a valid manifest', () => {
+    const manifestPath = path.join(skillDir, 'manifest.yaml');
+    expect(fs.existsSync(manifestPath)).toBe(true);
+
+    const content = fs.readFileSync(manifestPath, 'utf-8');
+    expect(content).toContain('skill: discord');
+    expect(content).toContain('version: 1.0.0');
+    expect(content).toContain('discord.js');
+  });
+
+  it('has all files declared in adds', () => {
+    const addFile = path.join(skillDir, 'add', 'src', 'channels', 'discord.ts');
+    expect(fs.existsSync(addFile)).toBe(true);
+
+    const content = fs.readFileSync(addFile, 'utf-8');
+    expect(content).toContain('class DiscordChannel');
+    expect(content).toContain('implements Channel');
+
+    // Test file for the channel
+    const testFile = path.join(skillDir, 'add', 'src', 'channels', 'discord.test.ts');
+    expect(fs.existsSync(testFile)).toBe(true);
+
+    const testContent = fs.readFileSync(testFile, 'utf-8');
+    expect(testContent).toContain("describe('DiscordChannel'");
+  });
+
+  it('has all files declared in modifies', () => {
+    const indexFile = path.join(skillDir, 'modify', 'src', 'index.ts');
+    const configFile = path.join(skillDir, 'modify', 'src', 'config.ts');
+    const routingTestFile = path.join(skillDir, 'modify', 'src', 'routing.test.ts');
+
+    expect(fs.existsSync(indexFile)).toBe(true);
+    expect(fs.existsSync(configFile)).toBe(true);
+    expect(fs.existsSync(routingTestFile)).toBe(true);
+
+    const indexContent = fs.readFileSync(indexFile, 'utf-8');
+    expect(indexContent).toContain('DiscordChannel');
+    expect(indexContent).toContain('DISCORD_BOT_TOKEN');
+    expect(indexContent).toContain('DISCORD_ONLY');
+    expect(indexContent).toContain('findChannel');
+    expect(indexContent).toContain('channels: Channel[]');
+
+    const configContent = fs.readFileSync(configFile, 'utf-8');
+    expect(configContent).toContain('DISCORD_BOT_TOKEN');
+    expect(configContent).toContain('DISCORD_ONLY');
+  });
+
+  it('has intent files for modified files', () => {
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'index.ts.intent.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'config.ts.intent.md'))).toBe(true);
+  });
+
+  it('modified index.ts preserves core structure', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Core functions still present
+    expect(content).toContain('function loadState()');
+    expect(content).toContain('function saveState()');
+    expect(content).toContain('function registerGroup(');
+    expect(content).toContain('function getAvailableGroups()');
+    expect(content).toContain('function processGroupMessages(');
+    expect(content).toContain('function runAgent(');
+    expect(content).toContain('function startMessageLoop()');
+    expect(content).toContain('function recoverPendingMessages()');
+    expect(content).toContain('function ensureContainerSystemRunning()');
+    expect(content).toContain('async function main()');
+
+    // Test helper preserved
+    expect(content).toContain('_setRegisteredGroups');
+
+    // Direct-run guard preserved
+    expect(content).toContain('isDirectRun');
+  });
+
+  it('modified index.ts includes Discord channel creation', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Multi-channel architecture
+    expect(content).toContain('const channels: Channel[] = []');
+    expect(content).toContain('channels.push(whatsapp)');
+    expect(content).toContain('channels.push(discord)');
+
+    // Conditional channel creation
+    expect(content).toContain('if (!DISCORD_ONLY)');
+    expect(content).toContain('if (DISCORD_BOT_TOKEN)');
+
+    // Shutdown disconnects all channels
+    expect(content).toContain('for (const ch of channels) await ch.disconnect()');
+  });
+
+  it('modified config.ts preserves all existing exports', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'config.ts'),
+      'utf-8',
+    );
+
+    // All original exports preserved
+    expect(content).toContain('export const ASSISTANT_NAME');
+    expect(content).toContain('export const POLL_INTERVAL');
+    expect(content).toContain('export const TRIGGER_PATTERN');
+    expect(content).toContain('export const CONTAINER_IMAGE');
+    expect(content).toContain('export const DATA_DIR');
+    expect(content).toContain('export const TIMEZONE');
+
+    // Discord exports added
+    expect(content).toContain('export const DISCORD_BOT_TOKEN');
+    expect(content).toContain('export const DISCORD_ONLY');
+  });
+
+  it('modified routing.test.ts includes Discord JID tests', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'routing.test.ts'),
+      'utf-8',
+    );
+
+    expect(content).toContain("Discord JID: starts with dc:");
+    expect(content).toContain("dc:1234567890123456");
+    expect(content).toContain("dc:");
+  });
+});
diff --git a/.agent/skills/add-gmail/SKILL.md b/.agent/skills/add-gmail/SKILL.md
new file mode 100644
index 0000000..cd2d25d
--- /dev/null
+++ b/.agent/skills/add-gmail/SKILL.md
@@ -0,0 +1,244 @@
+---
+name: add-gmail
+description: Add Gmail integration to NanoClaw. Can be configured as a tool (agent reads/sends emails when triggered from WhatsApp) or as a full channel (emails can trigger the agent, schedule tasks, and receive replies). Guides through GCP OAuth setup and implements the integration.
+---
+
+# Add Gmail Integration
+
+This skill adds Gmail support to NanoClaw — either as a tool (read, send, search, draft) or as a full channel that polls the inbox.
+
+## Phase 1: Pre-flight
+
+### Check if already applied
+
+Read `.nanoclaw/state.yaml`. If `gmail` is in `applied_skills`, skip to Phase 3 (Setup). The code changes are already in place.
+
+### Ask the user
+
+Use `AskUserQuestion`:
+
+AskUserQuestion: Should incoming emails be able to trigger the agent?
+
+- **Yes** — Full channel mode: the agent listens on Gmail and responds to incoming emails automatically
+- **No** — Tool-only: the agent gets full Gmail tools (read, send, search, draft) but won't monitor the inbox. No channel code is added.
+
+## Phase 2: Apply Code Changes
+
+### Initialize skills system (if needed)
+
+If `.nanoclaw/` directory doesn't exist yet:
+
+```bash
+npx tsx scripts/apply-skill.ts --init
+```
+
+### Path A: Tool-only (user chose "No")
+
+Do NOT run the full apply script. Only two source files need changes. This avoids adding dead code (`gmail.ts`, `gmail.test.ts`, index.ts channel logic, routing tests, `googleapis` dependency).
+
+#### 1. Mount Gmail credentials in container
+
+Apply the changes described in `modify/src/container-runner.ts.intent.md` to `src/container-runner.ts`: import `os`, add a conditional read-write mount of `~/.gmail-mcp` to `/home/node/.gmail-mcp` in `buildVolumeMounts()` after the session mounts.
+
+#### 2. Add Gmail MCP server to agent runner
+
+Apply the changes described in `modify/container/agent-runner/src/index.ts.intent.md` to `container/agent-runner/src/index.ts`: add `gmail` MCP server (`npx -y @gongrzhe/server-gmail-autoauth-mcp`) and `'mcp__gmail__*'` to `allowedTools`.
+
+#### 3. Record in state
+
+Add `gmail` to `.nanoclaw/state.yaml` under `applied_skills` with `mode: tool-only`.
+
+#### 4. Validate
+
+```bash
+npm run build
+```
+
+Build must be clean before proceeding. Skip to Phase 3.
+
+### Path B: Channel mode (user chose "Yes")
+
+Run the full skills engine to apply all code changes:
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-gmail
+```
+
+This deterministically:
+
+- Adds `src/channels/gmail.ts` (GmailChannel class implementing Channel interface)
+- Adds `src/channels/gmail.test.ts` (unit tests)
+- Three-way merges Gmail channel wiring into `src/index.ts` (GmailChannel creation)
+- Three-way merges Gmail credentials mount into `src/container-runner.ts` (~/.gmail-mcp -> /home/node/.gmail-mcp)
+- Three-way merges Gmail MCP server into `container/agent-runner/src/index.ts` (@gongrzhe/server-gmail-autoauth-mcp)
+- Three-way merges Gmail JID tests into `src/routing.test.ts`
+- Installs the `googleapis` npm dependency
+- Records the application in `.nanoclaw/state.yaml`
+
+If the apply reports merge conflicts, read the intent files:
+
+- `modify/src/index.ts.intent.md` — what changed and invariants for index.ts
+- `modify/src/container-runner.ts.intent.md` — what changed for container-runner.ts
+- `modify/container/agent-runner/src/index.ts.intent.md` — what changed for agent-runner
+
+#### Add email handling instructions
+
+Append the following to `groups/main/AGENT.md` (before the formatting section):
+
+```markdown
+## Email Notifications
+
+When you receive an email notification (messages starting with `[Email from ...`), inform the user about it but do NOT reply to the email unless specifically asked. You have Gmail tools available — use them only when the user explicitly asks you to reply, forward, or take action on an email.
+```
+
+#### Validate
+
+```bash
+npm test
+npm run build
+```
+
+All tests must pass (including the new gmail tests) and build must be clean before proceeding.
+
+## Phase 3: Setup
+
+### Check existing Gmail credentials
+
+```bash
+ls -la ~/.gmail-mcp/ 2>/dev/null || echo "No Gmail config found"
+```
+
+If `credentials.json` already exists, skip to "Build and restart" below.
+
+### GCP Project Setup
+
+Tell the user:
+
+> I need you to set up Google Cloud OAuth credentials:
+>
+> 1. Open https://console.cloud.google.com — create a new project or select existing
+> 2. Go to **APIs & Services > Library**, search "Gmail API", click **Enable**
+> 3. Go to **APIs & Services > Credentials**, click **+ CREATE CREDENTIALS > OAuth client ID**
+>    - If prompted for consent screen: choose "External", fill in app name and email, save
+>    - Application type: **Desktop app**, name: anything (e.g., "NanoClaw Gmail")
+> 4. Click **DOWNLOAD JSON** and save as `gcp-oauth.keys.json`
+>
+> Where did you save the file? (Give me the full path, or paste the file contents here)
+
+If user provides a path, copy it:
+
+```bash
+mkdir -p ~/.gmail-mcp
+cp "/path/user/provided/gcp-oauth.keys.json" ~/.gmail-mcp/gcp-oauth.keys.json
+```
+
+If user pastes JSON content, write it to `~/.gmail-mcp/gcp-oauth.keys.json`.
+
+### OAuth Authorization
+
+Tell the user:
+
+> I'm going to run Gmail authorization. A browser window will open — sign in and grant access. If you see an "app isn't verified" warning, click "Advanced" then "Go to [app name] (unsafe)" — this is normal for personal OAuth apps.
+
+Run the authorization:
+
+```bash
+npx -y @gongrzhe/server-gmail-autoauth-mcp auth
+```
+
+If that fails (some versions don't have an auth subcommand), try `timeout 60 npx -y @gongrzhe/server-gmail-autoauth-mcp || true`. Verify with `ls ~/.gmail-mcp/credentials.json`.
+
+### Build and restart
+
+Clear stale per-group agent-runner copies (they only get re-created if missing, so existing copies won't pick up the new Gmail server):
+
+```bash
+rm -r data/sessions/*/agent-runner-src 2>/dev/null || true
+```
+
+Rebuild the container (agent-runner changed):
+
+```bash
+cd container && ./build.sh
+```
+
+Then compile and restart:
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+## Phase 4: Verify
+
+### Test tool access (both modes)
+
+Tell the user:
+
+> Gmail is connected! Send this in your main channel:
+>
+> `@Andy check my recent emails` or `@Andy list my Gmail labels`
+
+### Test channel mode (Channel mode only)
+
+Tell the user to send themselves a test email. The agent should pick it up within a minute. Monitor: `tail -f logs/nanoclaw.log | grep -iE "(gmail|email)"`.
+
+Once verified, offer filter customization via `AskUserQuestion` — by default, only emails in the Primary inbox trigger the agent (Promotions, Social, Updates, and Forums are excluded). The user can keep this default or narrow further by sender, label, or keywords. No code changes needed for filters.
+
+### Check logs if needed
+
+```bash
+tail -f logs/nanoclaw.log
+```
+
+## Troubleshooting
+
+### Gmail connection not responding
+
+Test directly:
+
+```bash
+npx -y @gongrzhe/server-gmail-autoauth-mcp
+```
+
+### OAuth token expired
+
+Re-authorize:
+
+```bash
+rm ~/.gmail-mcp/credentials.json
+npx -y @gongrzhe/server-gmail-autoauth-mcp
+```
+
+### Container can't access Gmail
+
+- Verify `~/.gmail-mcp` is mounted: check `src/container-runner.ts` for the `.gmail-mcp` mount
+- Check container logs: `cat groups/main/logs/container-*.log | tail -50`
+
+### Emails not being detected (Channel mode only)
+
+- By default, the channel polls unread Primary inbox emails (`is:unread category:primary`)
+- Check logs for Gmail polling errors
+
+## Removal
+
+### Tool-only mode
+
+1. Remove `~/.gmail-mcp` mount from `src/container-runner.ts`
+2. Remove `gmail` MCP server and `mcp__gmail__*` from `container/agent-runner/src/index.ts`
+3. Remove `gmail` from `.nanoclaw/state.yaml`
+4. Clear stale agent-runner copies: `rm -r data/sessions/*/agent-runner-src 2>/dev/null || true`
+5. Rebuild: `cd container && ./build.sh && cd .. && npm run build && launchctl kickstart -k gui/$(id -u)/com.nanoclaw` (macOS) or `systemctl --user restart nanoclaw` (Linux)
+
+### Channel mode
+
+1. Delete `src/channels/gmail.ts` and `src/channels/gmail.test.ts`
+2. Remove `GmailChannel` import and creation from `src/index.ts`
+3. Remove `~/.gmail-mcp` mount from `src/container-runner.ts`
+4. Remove `gmail` MCP server and `mcp__gmail__*` from `container/agent-runner/src/index.ts`
+5. Remove Gmail JID tests from `src/routing.test.ts`
+6. Uninstall: `npm uninstall googleapis`
+7. Remove `gmail` from `.nanoclaw/state.yaml`
+8. Clear stale agent-runner copies: `rm -r data/sessions/*/agent-runner-src 2>/dev/null || true`
+9. Rebuild: `cd container && ./build.sh && cd .. && npm run build && launchctl kickstart -k gui/$(id -u)/com.nanoclaw` (macOS) or `systemctl --user restart nanoclaw` (Linux)
diff --git a/.agent/skills/add-gmail/add/src/channels/gmail.test.ts b/.agent/skills/add-gmail/add/src/channels/gmail.test.ts
new file mode 100644
index 0000000..52602dd
--- /dev/null
+++ b/.agent/skills/add-gmail/add/src/channels/gmail.test.ts
@@ -0,0 +1,71 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+
+import { GmailChannel, GmailChannelOpts } from './gmail.js';
+
+function makeOpts(overrides?: Partial<GmailChannelOpts>): GmailChannelOpts {
+  return {
+    onMessage: vi.fn(),
+    onChatMetadata: vi.fn(),
+    registeredGroups: () => ({}),
+    ...overrides,
+  };
+}
+
+describe('GmailChannel', () => {
+  let channel: GmailChannel;
+
+  beforeEach(() => {
+    channel = new GmailChannel(makeOpts());
+  });
+
+  describe('ownsJid', () => {
+    it('returns true for gmail: prefixed JIDs', () => {
+      expect(channel.ownsJid('gmail:abc123')).toBe(true);
+      expect(channel.ownsJid('gmail:thread-id-456')).toBe(true);
+    });
+
+    it('returns false for non-gmail JIDs', () => {
+      expect(channel.ownsJid('12345@g.us')).toBe(false);
+      expect(channel.ownsJid('tg:123')).toBe(false);
+      expect(channel.ownsJid('dc:456')).toBe(false);
+      expect(channel.ownsJid('user@s.whatsapp.net')).toBe(false);
+    });
+  });
+
+  describe('name', () => {
+    it('is gmail', () => {
+      expect(channel.name).toBe('gmail');
+    });
+  });
+
+  describe('isConnected', () => {
+    it('returns false before connect', () => {
+      expect(channel.isConnected()).toBe(false);
+    });
+  });
+
+  describe('disconnect', () => {
+    it('sets connected to false', async () => {
+      await channel.disconnect();
+      expect(channel.isConnected()).toBe(false);
+    });
+  });
+
+  describe('constructor options', () => {
+    it('accepts custom poll interval', () => {
+      const ch = new GmailChannel(makeOpts(), 30000);
+      expect(ch.name).toBe('gmail');
+    });
+
+    it('defaults to unread query when no filter configured', () => {
+      const ch = new GmailChannel(makeOpts());
+      const query = (ch as unknown as { buildQuery: () => string }).buildQuery();
+      expect(query).toBe('is:unread category:primary');
+    });
+
+    it('defaults with no options provided', () => {
+      const ch = new GmailChannel(makeOpts());
+      expect(ch.name).toBe('gmail');
+    });
+  });
+});
diff --git a/.agent/skills/add-gmail/add/src/channels/gmail.ts b/.agent/skills/add-gmail/add/src/channels/gmail.ts
new file mode 100644
index 0000000..b9ade60
--- /dev/null
+++ b/.agent/skills/add-gmail/add/src/channels/gmail.ts
@@ -0,0 +1,339 @@
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+
+import { google, gmail_v1 } from 'googleapis';
+import { OAuth2Client } from 'google-auth-library';
+
+import { MAIN_GROUP_FOLDER } from '../config.js';
+import { logger } from '../logger.js';
+import {
+  Channel,
+  OnChatMetadata,
+  OnInboundMessage,
+  RegisteredGroup,
+} from '../types.js';
+
+export interface GmailChannelOpts {
+  onMessage: OnInboundMessage;
+  onChatMetadata: OnChatMetadata;
+  registeredGroups: () => Record<string, RegisteredGroup>;
+}
+
+interface ThreadMeta {
+  sender: string;
+  senderName: string;
+  subject: string;
+  messageId: string; // RFC 2822 Message-ID for In-Reply-To
+}
+
+export class GmailChannel implements Channel {
+  name = 'gmail';
+
+  private oauth2Client: OAuth2Client | null = null;
+  private gmail: gmail_v1.Gmail | null = null;
+  private opts: GmailChannelOpts;
+  private pollIntervalMs: number;
+  private pollTimer: ReturnType<typeof setTimeout> | null = null;
+  private processedIds = new Set<string>();
+  private threadMeta = new Map<string, ThreadMeta>();
+  private consecutiveErrors = 0;
+  private userEmail = '';
+
+  constructor(opts: GmailChannelOpts, pollIntervalMs = 60000) {
+    this.opts = opts;
+    this.pollIntervalMs = pollIntervalMs;
+  }
+
+  async connect(): Promise<void> {
+    const credDir = path.join(os.homedir(), '.gmail-mcp');
+    const keysPath = path.join(credDir, 'gcp-oauth.keys.json');
+    const tokensPath = path.join(credDir, 'credentials.json');
+
+    if (!fs.existsSync(keysPath) || !fs.existsSync(tokensPath)) {
+      logger.warn(
+        'Gmail credentials not found in ~/.gmail-mcp/. Skipping Gmail channel. Run /add-gmail to set up.',
+      );
+      return;
+    }
+
+    const keys = JSON.parse(fs.readFileSync(keysPath, 'utf-8'));
+    const tokens = JSON.parse(fs.readFileSync(tokensPath, 'utf-8'));
+
+    const clientConfig = keys.installed || keys.web || keys;
+    const { client_id, client_secret, redirect_uris } = clientConfig;
+    this.oauth2Client = new google.auth.OAuth2(
+      client_id,
+      client_secret,
+      redirect_uris?.[0],
+    );
+    this.oauth2Client.setCredentials(tokens);
+
+    // Persist refreshed tokens
+    this.oauth2Client.on('tokens', (newTokens) => {
+      try {
+        const current = JSON.parse(fs.readFileSync(tokensPath, 'utf-8'));
+        Object.assign(current, newTokens);
+        fs.writeFileSync(tokensPath, JSON.stringify(current, null, 2));
+        logger.debug('Gmail OAuth tokens refreshed');
+      } catch (err) {
+        logger.warn({ err }, 'Failed to persist refreshed Gmail tokens');
+      }
+    });
+
+    this.gmail = google.gmail({ version: 'v1', auth: this.oauth2Client });
+
+    // Verify connection
+    const profile = await this.gmail.users.getProfile({ userId: 'me' });
+    this.userEmail = profile.data.emailAddress || '';
+    logger.info({ email: this.userEmail }, 'Gmail channel connected');
+
+    // Start polling with error backoff
+    const schedulePoll = () => {
+      const backoffMs = this.consecutiveErrors > 0
+        ? Math.min(this.pollIntervalMs * Math.pow(2, this.consecutiveErrors), 30 * 60 * 1000)
+        : this.pollIntervalMs;
+      this.pollTimer = setTimeout(() => {
+        this.pollForMessages()
+          .catch((err) => logger.error({ err }, 'Gmail poll error'))
+          .finally(() => {
+            if (this.gmail) schedulePoll();
+          });
+      }, backoffMs);
+    };
+
+    // Initial poll
+    await this.pollForMessages();
+    schedulePoll();
+  }
+
+  async sendMessage(jid: string, text: string): Promise<void> {
+    if (!this.gmail) {
+      logger.warn('Gmail not initialized');
+      return;
+    }
+
+    const threadId = jid.replace(/^gmail:/, '');
+    const meta = this.threadMeta.get(threadId);
+
+    if (!meta) {
+      logger.warn({ jid }, 'No thread metadata for reply, cannot send');
+      return;
+    }
+
+    const subject = meta.subject.startsWith('Re:')
+      ? meta.subject
+      : `Re: ${meta.subject}`;
+
+    const headers = [
+      `To: ${meta.sender}`,
+      `From: ${this.userEmail}`,
+      `Subject: ${subject}`,
+      `In-Reply-To: ${meta.messageId}`,
+      `References: ${meta.messageId}`,
+      'Content-Type: text/plain; charset=utf-8',
+      '',
+      text,
+    ].join('\r\n');
+
+    const encodedMessage = Buffer.from(headers)
+      .toString('base64')
+      .replace(/\+/g, '-')
+      .replace(/\//g, '_')
+      .replace(/=+$/, '');
+
+    try {
+      await this.gmail.users.messages.send({
+        userId: 'me',
+        requestBody: {
+          raw: encodedMessage,
+          threadId,
+        },
+      });
+      logger.info({ to: meta.sender, threadId }, 'Gmail reply sent');
+    } catch (err) {
+      logger.error({ jid, err }, 'Failed to send Gmail reply');
+    }
+  }
+
+  isConnected(): boolean {
+    return this.gmail !== null;
+  }
+
+  ownsJid(jid: string): boolean {
+    return jid.startsWith('gmail:');
+  }
+
+  async disconnect(): Promise<void> {
+    if (this.pollTimer) {
+      clearTimeout(this.pollTimer);
+      this.pollTimer = null;
+    }
+    this.gmail = null;
+    this.oauth2Client = null;
+    logger.info('Gmail channel stopped');
+  }
+
+  // --- Private ---
+
+  private buildQuery(): string {
+    return 'is:unread category:primary';
+  }
+
+  private async pollForMessages(): Promise<void> {
+    if (!this.gmail) return;
+
+    try {
+      const query = this.buildQuery();
+      const res = await this.gmail.users.messages.list({
+        userId: 'me',
+        q: query,
+        maxResults: 10,
+      });
+
+      const messages = res.data.messages || [];
+
+      for (const stub of messages) {
+        if (!stub.id || this.processedIds.has(stub.id)) continue;
+        this.processedIds.add(stub.id);
+
+        await this.processMessage(stub.id);
+      }
+
+      // Cap processed ID set to prevent unbounded growth
+      if (this.processedIds.size > 5000) {
+        const ids = [...this.processedIds];
+        this.processedIds = new Set(ids.slice(ids.length - 2500));
+      }
+
+      this.consecutiveErrors = 0;
+    } catch (err) {
+      this.consecutiveErrors++;
+      const backoffMs = Math.min(this.pollIntervalMs * Math.pow(2, this.consecutiveErrors), 30 * 60 * 1000);
+      logger.error({ err, consecutiveErrors: this.consecutiveErrors, nextPollMs: backoffMs }, 'Gmail poll failed');
+    }
+  }
+
+  private async processMessage(messageId: string): Promise<void> {
+    if (!this.gmail) return;
+
+    const msg = await this.gmail.users.messages.get({
+      userId: 'me',
+      id: messageId,
+      format: 'full',
+    });
+
+    const headers = msg.data.payload?.headers || [];
+    const getHeader = (name: string) =>
+      headers.find((h) => h.name?.toLowerCase() === name.toLowerCase())
+        ?.value || '';
+
+    const from = getHeader('From');
+    const subject = getHeader('Subject');
+    const rfc2822MessageId = getHeader('Message-ID');
+    const threadId = msg.data.threadId || messageId;
+    const timestamp = new Date(
+      parseInt(msg.data.internalDate || '0', 10),
+    ).toISOString();
+
+    // Extract sender name and email
+    const senderMatch = from.match(/^(.+?)\s*<(.+?)>$/);
+    const senderName = senderMatch ? senderMatch[1].replace(/"/g, '') : from;
+    const senderEmail = senderMatch ? senderMatch[2] : from;
+
+    // Skip emails from self (our own replies)
+    if (senderEmail === this.userEmail) return;
+
+    // Extract body text
+    const body = this.extractTextBody(msg.data.payload);
+
+    if (!body) {
+      logger.debug({ messageId, subject }, 'Skipping email with no text body');
+      return;
+    }
+
+    const chatJid = `gmail:${threadId}`;
+
+    // Cache thread metadata for replies
+    this.threadMeta.set(threadId, {
+      sender: senderEmail,
+      senderName,
+      subject,
+      messageId: rfc2822MessageId,
+    });
+
+    // Store chat metadata for group discovery
+    this.opts.onChatMetadata(chatJid, timestamp, subject, 'gmail', false);
+
+    // Find the main group to deliver the email notification
+    const groups = this.opts.registeredGroups();
+    const mainEntry = Object.entries(groups).find(
+      ([, g]) => g.folder === MAIN_GROUP_FOLDER,
+    );
+
+    if (!mainEntry) {
+      logger.debug(
+        { chatJid, subject },
+        'No main group registered, skipping email',
+      );
+      return;
+    }
+
+    const mainJid = mainEntry[0];
+    const content = `[Email from ${senderName} <${senderEmail}>]\nSubject: ${subject}\n\n${body}`;
+
+    this.opts.onMessage(mainJid, {
+      id: messageId,
+      chat_jid: mainJid,
+      sender: senderEmail,
+      sender_name: senderName,
+      content,
+      timestamp,
+      is_from_me: false,
+    });
+
+    // Mark as read
+    try {
+      await this.gmail.users.messages.modify({
+        userId: 'me',
+        id: messageId,
+        requestBody: { removeLabelIds: ['UNREAD'] },
+      });
+    } catch (err) {
+      logger.warn({ messageId, err }, 'Failed to mark email as read');
+    }
+
+    logger.info(
+      { mainJid, from: senderName, subject },
+      'Gmail email delivered to main group',
+    );
+  }
+
+  private extractTextBody(
+    payload: gmail_v1.Schema$MessagePart | undefined,
+  ): string {
+    if (!payload) return '';
+
+    // Direct text/plain body
+    if (payload.mimeType === 'text/plain' && payload.body?.data) {
+      return Buffer.from(payload.body.data, 'base64').toString('utf-8');
+    }
+
+    // Multipart: search parts recursively
+    if (payload.parts) {
+      // Prefer text/plain
+      for (const part of payload.parts) {
+        if (part.mimeType === 'text/plain' && part.body?.data) {
+          return Buffer.from(part.body.data, 'base64').toString('utf-8');
+        }
+      }
+      // Recurse into nested multipart
+      for (const part of payload.parts) {
+        const text = this.extractTextBody(part);
+        if (text) return text;
+      }
+    }
+
+    return '';
+  }
+}
diff --git a/.agent/skills/add-gmail/manifest.yaml b/.agent/skills/add-gmail/manifest.yaml
new file mode 100644
index 0000000..ea7c66a
--- /dev/null
+++ b/.agent/skills/add-gmail/manifest.yaml
@@ -0,0 +1,18 @@
+skill: gmail
+version: 1.0.0
+description: "Gmail integration via Google APIs"
+core_version: 0.1.0
+adds:
+  - src/channels/gmail.ts
+  - src/channels/gmail.test.ts
+modifies:
+  - src/index.ts
+  - src/container-runner.ts
+  - container/agent-runner/src/index.ts
+  - src/routing.test.ts
+structured:
+  npm_dependencies:
+    googleapis: "^144.0.0"
+conflicts: []
+depends: []
+test: "npx vitest run src/channels/gmail.test.ts"
diff --git a/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts b/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts
new file mode 100644
index 0000000..4ea26b0
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts
@@ -0,0 +1,703 @@
+/**
+ * NanoClaw Agent Runner
+ * Runs inside a container, receives config via stdin, outputs result to stdout
+ *
+ * Input protocol:
+ *   Stdin: Full ContainerInput JSON (read until EOF, like before)
+ *   IPC:   Follow-up messages written as JSON files to /workspace/ipc/input/
+ *          Files: {type:"message", text:"..."}.json — polled and consumed
+ *          Sentinel: /workspace/ipc/input/_close — signals session end
+ *
+ * Stdout protocol:
+ *   Each result is wrapped in OUTPUT_START_MARKER / OUTPUT_END_MARKER pairs.
+ *   Multiple results may be emitted (one per agent teams result).
+ *   Final marker after loop ends signals completion.
+ */
+
+import fs from 'fs';
+import path from 'path';
+import {
+  query,
+  HookCallback,
+  PreCompactHookInput,
+  PreToolUseHookInput,
+} from '@anthropic-ai/claude-agent-sdk';
+import { fileURLToPath } from 'url';
+
+interface ContainerInput {
+  prompt: string;
+  sessionId?: string;
+  groupFolder: string;
+  chatJid: string;
+  isMain: boolean;
+  isScheduledTask?: boolean;
+  assistantName?: string;
+  secrets?: Record<string, string>;
+}
+
+interface ContainerOutput {
+  status: 'success' | 'error';
+  result: string | null;
+  newSessionId?: string;
+  error?: string;
+}
+
+interface SessionEntry {
+  sessionId: string;
+  fullPath: string;
+  summary: string;
+  firstPrompt: string;
+}
+
+interface SessionsIndex {
+  entries: SessionEntry[];
+}
+
+interface SDKUserMessage {
+  type: 'user';
+  message: { role: 'user'; content: string };
+  parent_tool_use_id: null;
+  session_id: string;
+}
+
+const IPC_INPUT_DIR = '/workspace/ipc/input';
+const IPC_INPUT_CLOSE_SENTINEL = path.join(IPC_INPUT_DIR, '_close');
+const IPC_POLL_MS = 500;
+
+/**
+ * Push-based async iterable for streaming user messages to the SDK.
+ * Keeps the iterable alive until end() is called, preventing isSingleUserTurn.
+ */
+class MessageStream {
+  private queue: SDKUserMessage[] = [];
+  private waiting: (() => void) | null = null;
+  private done = false;
+
+  push(text: string): void {
+    this.queue.push({
+      type: 'user',
+      message: { role: 'user', content: text },
+      parent_tool_use_id: null,
+      session_id: '',
+    });
+    this.waiting?.();
+  }
+
+  end(): void {
+    this.done = true;
+    this.waiting?.();
+  }
+
+  async *[Symbol.asyncIterator](): AsyncGenerator<SDKUserMessage> {
+    while (true) {
+      while (this.queue.length > 0) {
+        yield this.queue.shift()!;
+      }
+      if (this.done) return;
+      await new Promise<void>((r) => {
+        this.waiting = r;
+      });
+      this.waiting = null;
+    }
+  }
+}
+
+async function readStdin(): Promise<string> {
+  return new Promise((resolve, reject) => {
+    let data = '';
+    process.stdin.setEncoding('utf8');
+    process.stdin.on('data', (chunk) => {
+      data += chunk;
+    });
+    process.stdin.on('end', () => resolve(data));
+    process.stdin.on('error', reject);
+  });
+}
+
+const OUTPUT_START_MARKER = '---NANOCLAW_OUTPUT_START---';
+const OUTPUT_END_MARKER = '---NANOCLAW_OUTPUT_END---';
+
+function writeOutput(output: ContainerOutput): void {
+  console.log(OUTPUT_START_MARKER);
+  console.log(JSON.stringify(output));
+  console.log(OUTPUT_END_MARKER);
+}
+
+function log(message: string): void {
+  console.error(`[agent-runner] ${message}`);
+}
+
+function getSessionSummary(
+  sessionId: string,
+  transcriptPath: string,
+): string | null {
+  const projectDir = path.dirname(transcriptPath);
+  const indexPath = path.join(projectDir, 'sessions-index.json');
+
+  if (!fs.existsSync(indexPath)) {
+    log(`Sessions index not found at ${indexPath}`);
+    return null;
+  }
+
+  try {
+    const index: SessionsIndex = JSON.parse(
+      fs.readFileSync(indexPath, 'utf-8'),
+    );
+    const entry = index.entries.find((e) => e.sessionId === sessionId);
+    if (entry?.summary) {
+      return entry.summary;
+    }
+  } catch (err) {
+    log(
+      `Failed to read sessions index: ${err instanceof Error ? err.message : String(err)}`,
+    );
+  }
+
+  return null;
+}
+
+/**
+ * Archive the full transcript to conversations/ before compaction.
+ */
+function createPreCompactHook(assistantName?: string): HookCallback {
+  return async (input, _toolUseId, _context) => {
+    const preCompact = input as PreCompactHookInput;
+    const transcriptPath = preCompact.transcript_path;
+    const sessionId = preCompact.session_id;
+
+    if (!transcriptPath || !fs.existsSync(transcriptPath)) {
+      log('No transcript found for archiving');
+      return {};
+    }
+
+    try {
+      const content = fs.readFileSync(transcriptPath, 'utf-8');
+      const messages = parseTranscript(content);
+
+      if (messages.length === 0) {
+        log('No messages to archive');
+        return {};
+      }
+
+      const summary = getSessionSummary(sessionId, transcriptPath);
+      const name = summary ? sanitizeFilename(summary) : generateFallbackName();
+
+      const conversationsDir = '/workspace/group/conversations';
+      fs.mkdirSync(conversationsDir, { recursive: true });
+
+      const date = new Date().toISOString().split('T')[0];
+      const filename = `${date}-${name}.md`;
+      const filePath = path.join(conversationsDir, filename);
+
+      const markdown = formatTranscriptMarkdown(
+        messages,
+        summary,
+        assistantName,
+      );
+      fs.writeFileSync(filePath, markdown);
+
+      log(`Archived conversation to ${filePath}`);
+    } catch (err) {
+      log(
+        `Failed to archive transcript: ${err instanceof Error ? err.message : String(err)}`,
+      );
+    }
+
+    return {};
+  };
+}
+
+// Secrets to strip from Bash tool subprocess environments.
+// These are needed by the agent for API auth but should never
+// be visible to commands Kit runs.
+const SECRET_ENV_VARS = ['ANTHROPIC_API_KEY', 'ZAI_API_KEY'];
+
+function createSanitizeBashHook(): HookCallback {
+  return async (input, _toolUseId, _context) => {
+    const preInput = input as PreToolUseHookInput;
+    const command = (preInput.tool_input as { command?: string })?.command;
+    if (!command) return {};
+
+    const unsetPrefix = `unset ${SECRET_ENV_VARS.join(' ')} 2>/dev/null; `;
+    return {
+      hookSpecificOutput: {
+        hookEventName: 'PreToolUse',
+        updatedInput: {
+          ...(preInput.tool_input as Record<string, unknown>),
+          command: unsetPrefix + command,
+        },
+      },
+    };
+  };
+}
+
+function sanitizeFilename(summary: string): string {
+  return summary
+    .toLowerCase()
+    .replace(/[^a-z0-9]+/g, '-')
+    .replace(/^-+|-+$/g, '')
+    .slice(0, 50);
+}
+
+function generateFallbackName(): string {
+  const time = new Date();
+  return `conversation-${time.getHours().toString().padStart(2, '0')}${time.getMinutes().toString().padStart(2, '0')}`;
+}
+
+interface ParsedMessage {
+  role: 'user' | 'assistant';
+  content: string;
+}
+
+function parseTranscript(content: string): ParsedMessage[] {
+  const messages: ParsedMessage[] = [];
+
+  for (const line of content.split('\n')) {
+    if (!line.trim()) continue;
+    try {
+      const entry = JSON.parse(line);
+      if (entry.type === 'user' && entry.message?.content) {
+        const text =
+          typeof entry.message.content === 'string'
+            ? entry.message.content
+            : entry.message.content
+                .map((c: { text?: string }) => c.text || '')
+                .join('');
+        if (text) messages.push({ role: 'user', content: text });
+      } else if (entry.type === 'assistant' && entry.message?.content) {
+        const textParts = entry.message.content
+          .filter((c: { type: string }) => c.type === 'text')
+          .map((c: { text: string }) => c.text);
+        const text = textParts.join('');
+        if (text) messages.push({ role: 'assistant', content: text });
+      }
+    } catch {}
+  }
+
+  return messages;
+}
+
+function formatTranscriptMarkdown(
+  messages: ParsedMessage[],
+  title?: string | null,
+  assistantName?: string,
+): string {
+  const now = new Date();
+  const months = [
+    'jan',
+    'feb',
+    'mar',
+    'apr',
+    'maj',
+    'jun',
+    'jul',
+    'avg',
+    'sep',
+    'okt',
+    'nov',
+    'dec',
+  ];
+  const formatDateTime = (d: Date) => {
+    const day = String(d.getDate()).padStart(2, '0');
+    const month = months[d.getMonth()];
+    const year = d.getFullYear();
+    const hour = String(d.getHours()).padStart(2, '0');
+    const minute = String(d.getMinutes()).padStart(2, '0');
+    return `${day}.${month}.${year} ${hour}:${minute}`;
+  };
+
+  const lines: string[] = [];
+  lines.push(`# ${title || 'Conversation'}`);
+  lines.push('');
+  lines.push(`Archived: ${formatDateTime(now)}`);
+  lines.push('');
+  lines.push('---');
+  lines.push('');
+
+  for (const msg of messages) {
+    const sender = msg.role === 'user' ? 'User' : assistantName || 'Assistant';
+    const content =
+      msg.content.length > 2000
+        ? msg.content.slice(0, 2000) + '...'
+        : msg.content;
+    lines.push(`**${sender}**: ${content}`);
+    lines.push('');
+  }
+
+  return lines.join('\n');
+}
+
+/**
+ * Check for _close sentinel.
+ */
+function shouldClose(): boolean {
+  if (fs.existsSync(IPC_INPUT_CLOSE_SENTINEL)) {
+    try {
+      fs.unlinkSync(IPC_INPUT_CLOSE_SENTINEL);
+    } catch {
+      /* ignore */
+    }
+    return true;
+  }
+  return false;
+}
+
+/**
+ * Drain all pending IPC input messages.
+ * Returns messages found, or empty array.
+ */
+function drainIpcInput(): string[] {
+  try {
+    fs.mkdirSync(IPC_INPUT_DIR, { recursive: true });
+    const files = fs
+      .readdirSync(IPC_INPUT_DIR)
+      .filter((f) => f.endsWith('.json'))
+      .sort();
+
+    const messages: string[] = [];
+    for (const file of files) {
+      const filePath = path.join(IPC_INPUT_DIR, file);
+      try {
+        const data = JSON.parse(fs.readFileSync(filePath, 'utf-8'));
+        fs.unlinkSync(filePath);
+        if (data.type === 'message' && data.text) {
+          messages.push(data.text);
+        }
+      } catch (err) {
+        log(
+          `Failed to process input file ${file}: ${err instanceof Error ? err.message : String(err)}`,
+        );
+        try {
+          fs.unlinkSync(filePath);
+        } catch {
+          /* ignore */
+        }
+      }
+    }
+    return messages;
+  } catch (err) {
+    log(`IPC drain error: ${err instanceof Error ? err.message : String(err)}`);
+    return [];
+  }
+}
+
+/**
+ * Wait for a new IPC message or _close sentinel.
+ * Returns the messages as a single string, or null if _close.
+ */
+function waitForIpcMessage(): Promise<string | null> {
+  return new Promise((resolve) => {
+    const poll = () => {
+      if (shouldClose()) {
+        resolve(null);
+        return;
+      }
+      const messages = drainIpcInput();
+      if (messages.length > 0) {
+        resolve(messages.join('\n'));
+        return;
+      }
+      setTimeout(poll, IPC_POLL_MS);
+    };
+    poll();
+  });
+}
+
+/**
+ * Run a single query and stream results via writeOutput.
+ * Uses MessageStream (AsyncIterable) to keep isSingleUserTurn=false,
+ * allowing agent teams subagents to run to completion.
+ * Also pipes IPC messages into the stream during the query.
+ */
+async function runQuery(
+  prompt: string,
+  sessionId: string | undefined,
+  mcpServerPath: string,
+  containerInput: ContainerInput,
+  sdkEnv: Record<string, string | undefined>,
+  resumeAt?: string,
+): Promise<{
+  newSessionId?: string;
+  lastAssistantUuid?: string;
+  closedDuringQuery: boolean;
+}> {
+  const stream = new MessageStream();
+  stream.push(prompt);
+
+  // Poll IPC for follow-up messages and _close sentinel during the query
+  let ipcPolling = true;
+  let closedDuringQuery = false;
+  const pollIpcDuringQuery = () => {
+    if (!ipcPolling) return;
+    if (shouldClose()) {
+      log('Close sentinel detected during query, ending stream');
+      closedDuringQuery = true;
+      stream.end();
+      ipcPolling = false;
+      return;
+    }
+    const messages = drainIpcInput();
+    for (const text of messages) {
+      log(`Piping IPC message into active query (${text.length} chars)`);
+      stream.push(text);
+    }
+    setTimeout(pollIpcDuringQuery, IPC_POLL_MS);
+  };
+  setTimeout(pollIpcDuringQuery, IPC_POLL_MS);
+
+  let newSessionId: string | undefined;
+  let lastAssistantUuid: string | undefined;
+  let messageCount = 0;
+  let resultCount = 0;
+
+  // Load global AGENT.md as additional system context (shared across all groups)
+  const globalClaudeMdPath = '/workspace/global/AGENT.md';
+  let globalClaudeMd: string | undefined;
+  if (!containerInput.isMain && fs.existsSync(globalClaudeMdPath)) {
+    globalClaudeMd = fs.readFileSync(globalClaudeMdPath, 'utf-8');
+  }
+
+  // Discover additional directories mounted at /workspace/extra/*
+  // These are passed to the SDK so their AGENT.md files are loaded automatically
+  const extraDirs: string[] = [];
+  const extraBase = '/workspace/extra';
+  if (fs.existsSync(extraBase)) {
+    for (const entry of fs.readdirSync(extraBase)) {
+      const fullPath = path.join(extraBase, entry);
+      if (fs.statSync(fullPath).isDirectory()) {
+        extraDirs.push(fullPath);
+      }
+    }
+  }
+  if (extraDirs.length > 0) {
+    log(`Additional directories: ${extraDirs.join(', ')}`);
+  }
+
+  for await (const message of query({
+    prompt: stream,
+    options: {
+      cwd: '/workspace/group',
+      additionalDirectories: extraDirs.length > 0 ? extraDirs : undefined,
+      resume: sessionId,
+      resumeSessionAt: resumeAt,
+      systemPrompt: globalClaudeMd
+        ? {
+            type: 'preset' as const,
+            preset: 'claude_code' as const,
+            append: globalClaudeMd,
+          }
+        : undefined,
+      allowedTools: [
+        'Bash',
+        'Read',
+        'Write',
+        'Edit',
+        'Glob',
+        'Grep',
+        'WebSearch',
+        'WebFetch',
+        'Task',
+        'TaskOutput',
+        'TaskStop',
+        'TeamCreate',
+        'TeamDelete',
+        'SendMessage',
+        'TodoWrite',
+        'ToolSearch',
+        'Skill',
+        'NotebookEdit',
+        'mcp__nanoclaw__*',
+        'mcp__gmail__*',
+      ],
+      env: sdkEnv,
+      permissionMode: 'bypassPermissions',
+      allowDangerouslySkipPermissions: true,
+      settingSources: ['project', 'user'],
+      mcpServers: {
+        nanoclaw: {
+          command: 'node',
+          args: [mcpServerPath],
+          env: {
+            NANOCLAW_CHAT_JID: containerInput.chatJid,
+            NANOCLAW_GROUP_FOLDER: containerInput.groupFolder,
+            NANOCLAW_IS_MAIN: containerInput.isMain ? '1' : '0',
+          },
+        },
+        gmail: {
+          command: 'npx',
+          args: ['-y', '@gongrzhe/server-gmail-autoauth-mcp'],
+        },
+      },
+      hooks: {
+        PreCompact: [
+          { hooks: [createPreCompactHook(containerInput.assistantName)] },
+        ],
+        PreToolUse: [{ matcher: 'Bash', hooks: [createSanitizeBashHook()] }],
+      },
+    },
+  })) {
+    messageCount++;
+    const msgType =
+      message.type === 'system'
+        ? `system/${(message as { subtype?: string }).subtype}`
+        : message.type;
+    log(`[msg #${messageCount}] type=${msgType}`);
+
+    if (message.type === 'assistant' && 'uuid' in message) {
+      lastAssistantUuid = (message as { uuid: string }).uuid;
+    }
+
+    if (message.type === 'system' && message.subtype === 'init') {
+      newSessionId = message.session_id;
+      log(`Session initialized: ${newSessionId}`);
+    }
+
+    if (
+      message.type === 'system' &&
+      (message as { subtype?: string }).subtype === 'task_notification'
+    ) {
+      const tn = message as {
+        task_id: string;
+        status: string;
+        summary: string;
+      };
+      log(
+        `Task notification: task=${tn.task_id} status=${tn.status} summary=${tn.summary}`,
+      );
+    }
+
+    if (message.type === 'result') {
+      resultCount++;
+      const textResult =
+        'result' in message ? (message as { result?: string }).result : null;
+      log(
+        `Result #${resultCount}: subtype=${message.subtype}${textResult ? ` text=${textResult.slice(0, 200)}` : ''}`,
+      );
+      writeOutput({
+        status: 'success',
+        result: textResult || null,
+        newSessionId,
+      });
+    }
+  }
+
+  ipcPolling = false;
+  log(
+    `Query done. Messages: ${messageCount}, results: ${resultCount}, lastAssistantUuid: ${lastAssistantUuid || 'none'}, closedDuringQuery: ${closedDuringQuery}`,
+  );
+  return { newSessionId, lastAssistantUuid, closedDuringQuery };
+}
+
+async function main(): Promise<void> {
+  let containerInput: ContainerInput;
+
+  try {
+    const stdinData = await readStdin();
+    containerInput = JSON.parse(stdinData);
+    // Delete the temp file the entrypoint wrote — it contains secrets
+    try {
+      fs.unlinkSync('/workspace/ipc/input.json');
+    } catch {
+      /* may not exist */
+    }
+    log(`Received input for group: ${containerInput.groupFolder}`);
+  } catch (err) {
+    writeOutput({
+      status: 'error',
+      result: null,
+      error: `Failed to parse input: ${err instanceof Error ? err.message : String(err)}`,
+    });
+    process.exit(1);
+  }
+
+  // Build SDK env: merge secrets into process.env for the SDK only.
+  // Secrets never touch process.env itself, so Bash subprocesses can't see them.
+  const sdkEnv: Record<string, string | undefined> = { ...process.env };
+  for (const [key, value] of Object.entries(containerInput.secrets || {})) {
+    sdkEnv[key] = value;
+  }
+
+  const __dirname = path.dirname(fileURLToPath(import.meta.url));
+  const mcpServerPath = path.join(__dirname, 'ipc-mcp-stdio.js');
+
+  let sessionId = containerInput.sessionId;
+  fs.mkdirSync(IPC_INPUT_DIR, { recursive: true });
+
+  // Clean up stale _close sentinel from previous container runs
+  try {
+    fs.unlinkSync(IPC_INPUT_CLOSE_SENTINEL);
+  } catch {
+    /* ignore */
+  }
+
+  // Build initial prompt (drain any pending IPC messages too)
+  let prompt = containerInput.prompt;
+  if (containerInput.isScheduledTask) {
+    prompt = `[SCHEDULED TASK - The following message was sent automatically and is not coming directly from the user or group.]\n\n${prompt}`;
+  }
+  const pending = drainIpcInput();
+  if (pending.length > 0) {
+    log(`Draining ${pending.length} pending IPC messages into initial prompt`);
+    prompt += '\n' + pending.join('\n');
+  }
+
+  // Query loop: run query → wait for IPC message → run new query → repeat
+  let resumeAt: string | undefined;
+  try {
+    while (true) {
+      log(
+        `Starting query (session: ${sessionId || 'new'}, resumeAt: ${resumeAt || 'latest'})...`,
+      );
+
+      const queryResult = await runQuery(
+        prompt,
+        sessionId,
+        mcpServerPath,
+        containerInput,
+        sdkEnv,
+        resumeAt,
+      );
+      if (queryResult.newSessionId) {
+        sessionId = queryResult.newSessionId;
+      }
+      if (queryResult.lastAssistantUuid) {
+        resumeAt = queryResult.lastAssistantUuid;
+      }
+
+      // If _close was consumed during the query, exit immediately.
+      // Don't emit a session-update marker (it would reset the host's
+      // idle timer and cause a 30-min delay before the next _close).
+      if (queryResult.closedDuringQuery) {
+        log('Close sentinel consumed during query, exiting');
+        break;
+      }
+
+      // Emit session update so host can track it
+      writeOutput({ status: 'success', result: null, newSessionId: sessionId });
+
+      log('Query ended, waiting for next IPC message...');
+
+      // Wait for the next message or _close sentinel
+      const nextMessage = await waitForIpcMessage();
+      if (nextMessage === null) {
+        log('Close sentinel received, exiting');
+        break;
+      }
+
+      log(`Got new message (${nextMessage.length} chars), starting new query`);
+      prompt = nextMessage;
+    }
+  } catch (err) {
+    const errorMessage = err instanceof Error ? err.message : String(err);
+    log(`Agent error: ${errorMessage}`);
+    writeOutput({
+      status: 'error',
+      result: null,
+      newSessionId: sessionId,
+      error: errorMessage,
+    });
+    process.exit(1);
+  }
+}
+
+main();
diff --git a/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts.intent.md b/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts.intent.md
new file mode 100644
index 0000000..dc5ff4a
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/container/agent-runner/src/index.ts.intent.md
@@ -0,0 +1,37 @@
+# Intent: container/agent-runner/src/index.ts modifications
+
+## What changed
+
+Added Gmail MCP server to the agent's available tools so it can read and send emails.
+
+## Key sections
+
+### mcpServers (inside runQuery → query() call)
+
+- Added: `gmail` MCP server alongside the existing `nanoclaw` server:
+  ```
+  gmail: {
+    command: 'npx',
+    args: ['-y', '@gongrzhe/server-gmail-autoauth-mcp'],
+  },
+  ```
+
+### allowedTools (inside runQuery → query() call)
+
+- Added: `'mcp__gmail__*'` to allow all Gmail MCP tools
+
+## Invariants
+
+- The `nanoclaw` MCP server configuration is unchanged
+- All existing allowed tools are preserved
+- The query loop, IPC handling, MessageStream, and all other logic is untouched
+- Hooks (PreCompact, sanitize Bash) are unchanged
+- Output protocol (markers) is unchanged
+
+## Must-keep
+
+- The `nanoclaw` MCP server with its environment variables
+- All existing allowedTools entries
+- The hook system (PreCompact, PreToolUse sanitize)
+- The IPC input/close sentinel handling
+- The MessageStream class and query loop
diff --git a/.agent/skills/add-gmail/modify/src/container-runner.ts b/.agent/skills/add-gmail/modify/src/container-runner.ts
new file mode 100644
index 0000000..88573de
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/src/container-runner.ts
@@ -0,0 +1,698 @@
+/**
+ * Container Runner for NanoClaw
+ * Spawns agent execution in containers and handles IPC
+ */
+import { ChildProcess, exec, spawn } from 'child_process';
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+
+import {
+  CONTAINER_IMAGE,
+  CONTAINER_MAX_OUTPUT_SIZE,
+  CONTAINER_TIMEOUT,
+  DATA_DIR,
+  GROUPS_DIR,
+  IDLE_TIMEOUT,
+  TIMEZONE,
+} from './config.js';
+import { readEnvFile } from './env.js';
+import { resolveGroupFolderPath, resolveGroupIpcPath } from './group-folder.js';
+import { logger } from './logger.js';
+import {
+  CONTAINER_RUNTIME_BIN,
+  readonlyMountArgs,
+  stopContainer,
+} from './container-runtime.js';
+import { validateAdditionalMounts } from './mount-security.js';
+import { RegisteredGroup } from './types.js';
+
+// Sentinel markers for robust output parsing (must match agent-runner)
+const OUTPUT_START_MARKER = '---NANOCLAW_OUTPUT_START---';
+const OUTPUT_END_MARKER = '---NANOCLAW_OUTPUT_END---';
+
+export interface ContainerInput {
+  prompt: string;
+  sessionId?: string;
+  groupFolder: string;
+  chatJid: string;
+  isMain: boolean;
+  isScheduledTask?: boolean;
+  assistantName?: string;
+  secrets?: Record<string, string>;
+}
+
+export interface ContainerOutput {
+  status: 'success' | 'error';
+  result: string | null;
+  newSessionId?: string;
+  error?: string;
+}
+
+interface VolumeMount {
+  hostPath: string;
+  containerPath: string;
+  readonly: boolean;
+}
+
+function buildVolumeMounts(
+  group: RegisteredGroup,
+  isMain: boolean,
+): VolumeMount[] {
+  const mounts: VolumeMount[] = [];
+  const projectRoot = process.cwd();
+  const homeDir = os.homedir();
+  const groupDir = resolveGroupFolderPath(group.folder);
+
+  if (isMain) {
+    // Main gets the project root read-only. Writable paths the agent needs
+    // (group folder, IPC, .agent/) are mounted separately below.
+    // Read-only prevents the agent from modifying host application code
+    // (src/, dist/, package.json, etc.) which would bypass the sandbox
+    // entirely on next restart.
+    mounts.push({
+      hostPath: projectRoot,
+      containerPath: '/workspace/project',
+      readonly: true,
+    });
+
+    // Main also gets its group folder as the working directory
+    mounts.push({
+      hostPath: groupDir,
+      containerPath: '/workspace/group',
+      readonly: false,
+    });
+  } else {
+    // Other groups only get their own folder
+    mounts.push({
+      hostPath: groupDir,
+      containerPath: '/workspace/group',
+      readonly: false,
+    });
+
+    // Global memory directory (read-only for non-main)
+    // Only directory mounts are supported, not file mounts
+    const globalDir = path.join(GROUPS_DIR, 'global');
+    if (fs.existsSync(globalDir)) {
+      mounts.push({
+        hostPath: globalDir,
+        containerPath: '/workspace/global',
+        readonly: true,
+      });
+    }
+  }
+
+  // Per-group Claude sessions directory (isolated from other groups)
+  // Each group gets their own .agent/ to prevent cross-group session access
+  const groupSessionsDir = path.join(
+    DATA_DIR,
+    'sessions',
+    group.folder,
+    '.agent',
+  );
+  fs.mkdirSync(groupSessionsDir, { recursive: true });
+  const settingsFile = path.join(groupSessionsDir, 'settings.json');
+  if (!fs.existsSync(settingsFile)) {
+    fs.writeFileSync(
+      settingsFile,
+      JSON.stringify(
+        {
+          env: {
+            // Enable agent swarms (subagent orchestration)
+            // https://code.agent.com/docs/en/agent-teams#orchestrate-teams-of-claude-code-sessions
+            CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS: '1',
+            // Load AGENT.md from additional mounted directories
+            // https://code.agent.com/docs/en/memory#load-memory-from-additional-directories
+            CLAUDE_CODE_ADDITIONAL_DIRECTORIES_CLAUDE_MD: '1',
+            // Enable Claude's memory feature (persists user preferences between sessions)
+            // https://code.agent.com/docs/en/memory#manage-auto-memory
+            CLAUDE_CODE_DISABLE_AUTO_MEMORY: '0',
+          },
+        },
+        null,
+        2,
+      ) + '\n',
+    );
+  }
+
+  // Sync skills from container/skills/ into each group's .agent/skills/
+  const skillsSrc = path.join(process.cwd(), 'container', 'skills');
+  const skillsDst = path.join(groupSessionsDir, 'skills');
+  if (fs.existsSync(skillsSrc)) {
+    for (const skillDir of fs.readdirSync(skillsSrc)) {
+      const srcDir = path.join(skillsSrc, skillDir);
+      if (!fs.statSync(srcDir).isDirectory()) continue;
+      const dstDir = path.join(skillsDst, skillDir);
+      fs.cpSync(srcDir, dstDir, { recursive: true });
+    }
+  }
+  mounts.push({
+    hostPath: groupSessionsDir,
+    containerPath: '/home/node/.agent',
+    readonly: false,
+  });
+
+  // Gmail credentials directory (for Gmail MCP inside the container)
+  const gmailDir = path.join(homeDir, '.gmail-mcp');
+  if (fs.existsSync(gmailDir)) {
+    mounts.push({
+      hostPath: gmailDir,
+      containerPath: '/home/node/.gmail-mcp',
+      readonly: false, // MCP may need to refresh OAuth tokens
+    });
+  }
+
+  // Per-group IPC namespace: each group gets its own IPC directory
+  // This prevents cross-group privilege escalation via IPC
+  const groupIpcDir = resolveGroupIpcPath(group.folder);
+  fs.mkdirSync(path.join(groupIpcDir, 'messages'), { recursive: true });
+  fs.mkdirSync(path.join(groupIpcDir, 'tasks'), { recursive: true });
+  fs.mkdirSync(path.join(groupIpcDir, 'input'), { recursive: true });
+  mounts.push({
+    hostPath: groupIpcDir,
+    containerPath: '/workspace/ipc',
+    readonly: false,
+  });
+
+  // Copy agent-runner source into a per-group writable location so agents
+  // can customize it (add tools, change behavior) without affecting other
+  // groups. Recompiled on container startup via entrypoint.sh.
+  const agentRunnerSrc = path.join(
+    projectRoot,
+    'container',
+    'agent-runner',
+    'src',
+  );
+  const groupAgentRunnerDir = path.join(
+    DATA_DIR,
+    'sessions',
+    group.folder,
+    'agent-runner-src',
+  );
+  if (!fs.existsSync(groupAgentRunnerDir) && fs.existsSync(agentRunnerSrc)) {
+    fs.cpSync(agentRunnerSrc, groupAgentRunnerDir, { recursive: true });
+  }
+  mounts.push({
+    hostPath: groupAgentRunnerDir,
+    containerPath: '/app/src',
+    readonly: false,
+  });
+
+  // Additional mounts validated against external allowlist (tamper-proof from containers)
+  if (group.containerConfig?.additionalMounts) {
+    const validatedMounts = validateAdditionalMounts(
+      group.containerConfig.additionalMounts,
+      group.name,
+      isMain,
+    );
+    mounts.push(...validatedMounts);
+  }
+
+  return mounts;
+}
+
+/**
+ * Read allowed secrets from .env for passing to the container via stdin.
+ * Secrets are never written to disk or mounted as files.
+ */
+function readSecrets(): Record<string, string> {
+  return readEnvFile(['ZAI_API_KEY', 'ANTHROPIC_API_KEY']);
+}
+
+function buildContainerArgs(
+  mounts: VolumeMount[],
+  containerName: string,
+): string[] {
+  const args: string[] = ['run', '-i', '--rm', '--name', containerName];
+
+  // Pass host timezone so container's local time matches the user's
+  args.push('-e', `TZ=${TIMEZONE}`);
+
+  // Run as host user so bind-mounted files are accessible.
+  // Skip when running as root (uid 0), as the container's node user (uid 1000),
+  // or when getuid is unavailable (native Windows without WSL).
+  const hostUid = process.getuid?.();
+  const hostGid = process.getgid?.();
+  if (hostUid != null && hostUid !== 0 && hostUid !== 1000) {
+    args.push('--user', `${hostUid}:${hostGid}`);
+    args.push('-e', 'HOME=/home/node');
+  }
+
+  for (const mount of mounts) {
+    if (mount.readonly) {
+      args.push(...readonlyMountArgs(mount.hostPath, mount.containerPath));
+    } else {
+      args.push('-v', `${mount.hostPath}:${mount.containerPath}`);
+    }
+  }
+
+  args.push(CONTAINER_IMAGE);
+
+  return args;
+}
+
+export async function runContainerAgent(
+  group: RegisteredGroup,
+  input: ContainerInput,
+  onProcess: (proc: ChildProcess, containerName: string) => void,
+  onOutput?: (output: ContainerOutput) => Promise<void>,
+): Promise<ContainerOutput> {
+  const startTime = Date.now();
+
+  const groupDir = resolveGroupFolderPath(group.folder);
+  fs.mkdirSync(groupDir, { recursive: true });
+
+  const mounts = buildVolumeMounts(group, input.isMain);
+  const safeName = group.folder.replace(/[^a-zA-Z0-9-]/g, '-');
+  const containerName = `clawdie-cp-${safeName}-${Date.now()}`;
+  const containerArgs = buildContainerArgs(mounts, containerName);
+
+  logger.debug(
+    {
+      group: group.name,
+      containerName,
+      mounts: mounts.map(
+        (m) =>
+          `${m.hostPath} -> ${m.containerPath}${m.readonly ? ' (ro)' : ''}`,
+      ),
+      containerArgs: containerArgs.join(' '),
+    },
+    'Container mount configuration',
+  );
+
+  logger.info(
+    {
+      group: group.name,
+      containerName,
+      mountCount: mounts.length,
+      isMain: input.isMain,
+    },
+    'Spawning container agent',
+  );
+
+  const logsDir = path.join(groupDir, 'logs');
+  fs.mkdirSync(logsDir, { recursive: true });
+
+  return new Promise((resolve) => {
+    const container = spawn(CONTAINER_RUNTIME_BIN, containerArgs, {
+      stdio: ['pipe', 'pipe', 'pipe'],
+    });
+
+    onProcess(container, containerName);
+
+    let stdout = '';
+    let stderr = '';
+    let stdoutTruncated = false;
+    let stderrTruncated = false;
+
+    // Pass secrets via stdin (never written to disk or mounted as files)
+    input.secrets = readSecrets();
+    container.stdin.write(JSON.stringify(input));
+    container.stdin.end();
+    // Remove secrets from input so they don't appear in logs
+    delete input.secrets;
+
+    // Streaming output: parse OUTPUT_START/END marker pairs as they arrive
+    let parseBuffer = '';
+    let newSessionId: string | undefined;
+    let outputChain = Promise.resolve();
+
+    container.stdout.on('data', (data) => {
+      const chunk = data.toString();
+
+      // Always accumulate for logging
+      if (!stdoutTruncated) {
+        const remaining = CONTAINER_MAX_OUTPUT_SIZE - stdout.length;
+        if (chunk.length > remaining) {
+          stdout += chunk.slice(0, remaining);
+          stdoutTruncated = true;
+          logger.warn(
+            { group: group.name, size: stdout.length },
+            'Container stdout truncated due to size limit',
+          );
+        } else {
+          stdout += chunk;
+        }
+      }
+
+      // Stream-parse for output markers
+      if (onOutput) {
+        parseBuffer += chunk;
+        let startIdx: number;
+        while ((startIdx = parseBuffer.indexOf(OUTPUT_START_MARKER)) !== -1) {
+          const endIdx = parseBuffer.indexOf(OUTPUT_END_MARKER, startIdx);
+          if (endIdx === -1) break; // Incomplete pair, wait for more data
+
+          const jsonStr = parseBuffer
+            .slice(startIdx + OUTPUT_START_MARKER.length, endIdx)
+            .trim();
+          parseBuffer = parseBuffer.slice(endIdx + OUTPUT_END_MARKER.length);
+
+          try {
+            const parsed: ContainerOutput = JSON.parse(jsonStr);
+            if (parsed.newSessionId) {
+              newSessionId = parsed.newSessionId;
+            }
+            hadStreamingOutput = true;
+            // Activity detected — reset the hard timeout
+            resetTimeout();
+            // Call onOutput for all markers (including null results)
+            // so idle timers start even for "silent" query completions.
+            outputChain = outputChain.then(() => onOutput(parsed));
+          } catch (err) {
+            logger.warn(
+              { group: group.name, error: err },
+              'Failed to parse streamed output chunk',
+            );
+          }
+        }
+      }
+    });
+
+    container.stderr.on('data', (data) => {
+      const chunk = data.toString();
+      const lines = chunk.trim().split('\n');
+      for (const line of lines) {
+        if (line) logger.debug({ container: group.folder }, line);
+      }
+      // Don't reset timeout on stderr — SDK writes debug logs continuously.
+      // Timeout only resets on actual output (OUTPUT_MARKER in stdout).
+      if (stderrTruncated) return;
+      const remaining = CONTAINER_MAX_OUTPUT_SIZE - stderr.length;
+      if (chunk.length > remaining) {
+        stderr += chunk.slice(0, remaining);
+        stderrTruncated = true;
+        logger.warn(
+          { group: group.name, size: stderr.length },
+          'Container stderr truncated due to size limit',
+        );
+      } else {
+        stderr += chunk;
+      }
+    });
+
+    let timedOut = false;
+    let hadStreamingOutput = false;
+    const configTimeout = group.containerConfig?.timeout || CONTAINER_TIMEOUT;
+    // Grace period: hard timeout must be at least IDLE_TIMEOUT + 30s so the
+    // graceful _close sentinel has time to trigger before the hard kill fires.
+    const timeoutMs = Math.max(configTimeout, IDLE_TIMEOUT + 30_000);
+
+    const killOnTimeout = () => {
+      timedOut = true;
+      logger.error(
+        { group: group.name, containerName },
+        'Container timeout, stopping gracefully',
+      );
+      exec(stopContainer(containerName), { timeout: 15000 }, (err) => {
+        if (err) {
+          logger.warn(
+            { group: group.name, containerName, err },
+            'Graceful stop failed, force killing',
+          );
+          container.kill('SIGKILL');
+        }
+      });
+    };
+
+    let timeout = setTimeout(killOnTimeout, timeoutMs);
+
+    // Reset the timeout whenever there's activity (streaming output)
+    const resetTimeout = () => {
+      clearTimeout(timeout);
+      timeout = setTimeout(killOnTimeout, timeoutMs);
+    };
+
+    container.on('close', (code) => {
+      clearTimeout(timeout);
+      const duration = Date.now() - startTime;
+
+      if (timedOut) {
+        const ts = new Date().toISOString().replace(/[:.]/g, '-');
+        const timeoutLog = path.join(logsDir, `container-${ts}.log`);
+        fs.writeFileSync(
+          timeoutLog,
+          [
+            `=== Container Run Log (TIMEOUT) ===`,
+            `Timestamp: ${new Date().toISOString()}`,
+            `Group: ${group.name}`,
+            `Container: ${containerName}`,
+            `Duration: ${duration}ms`,
+            `Exit Code: ${code}`,
+            `Had Streaming Output: ${hadStreamingOutput}`,
+          ].join('\n'),
+        );
+
+        // Timeout after output = idle cleanup, not failure.
+        // The agent already sent its response; this is just the
+        // container being reaped after the idle period expired.
+        if (hadStreamingOutput) {
+          logger.info(
+            { group: group.name, containerName, duration, code },
+            'Container timed out after output (idle cleanup)',
+          );
+          outputChain.then(() => {
+            resolve({
+              status: 'success',
+              result: null,
+              newSessionId,
+            });
+          });
+          return;
+        }
+
+        logger.error(
+          { group: group.name, containerName, duration, code },
+          'Container timed out with no output',
+        );
+
+        resolve({
+          status: 'error',
+          result: null,
+          error: `Container timed out after ${configTimeout}ms`,
+        });
+        return;
+      }
+
+      const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+      const logFile = path.join(logsDir, `container-${timestamp}.log`);
+      const isVerbose =
+        process.env.LOG_LEVEL === 'debug' || process.env.LOG_LEVEL === 'trace';
+
+      const logLines = [
+        `=== Container Run Log ===`,
+        `Timestamp: ${new Date().toISOString()}`,
+        `Group: ${group.name}`,
+        `IsMain: ${input.isMain}`,
+        `Duration: ${duration}ms`,
+        `Exit Code: ${code}`,
+        `Stdout Truncated: ${stdoutTruncated}`,
+        `Stderr Truncated: ${stderrTruncated}`,
+        ``,
+      ];
+
+      const isError = code !== 0;
+
+      if (isVerbose || isError) {
+        logLines.push(
+          `=== Input ===`,
+          JSON.stringify(input, null, 2),
+          ``,
+          `=== Container Args ===`,
+          containerArgs.join(' '),
+          ``,
+          `=== Mounts ===`,
+          mounts
+            .map(
+              (m) =>
+                `${m.hostPath} -> ${m.containerPath}${m.readonly ? ' (ro)' : ''}`,
+            )
+            .join('\n'),
+          ``,
+          `=== Stderr${stderrTruncated ? ' (TRUNCATED)' : ''} ===`,
+          stderr,
+          ``,
+          `=== Stdout${stdoutTruncated ? ' (TRUNCATED)' : ''} ===`,
+          stdout,
+        );
+      } else {
+        logLines.push(
+          `=== Input Summary ===`,
+          `Prompt length: ${input.prompt.length} chars`,
+          `Session ID: ${input.sessionId || 'new'}`,
+          ``,
+          `=== Mounts ===`,
+          mounts
+            .map((m) => `${m.containerPath}${m.readonly ? ' (ro)' : ''}`)
+            .join('\n'),
+          ``,
+        );
+      }
+
+      fs.writeFileSync(logFile, logLines.join('\n'));
+      logger.debug({ logFile, verbose: isVerbose }, 'Container log written');
+
+      if (code !== 0) {
+        logger.error(
+          {
+            group: group.name,
+            code,
+            duration,
+            stderr,
+            stdout,
+            logFile,
+          },
+          'Container exited with error',
+        );
+
+        resolve({
+          status: 'error',
+          result: null,
+          error: `Container exited with code ${code}: ${stderr.slice(-200)}`,
+        });
+        return;
+      }
+
+      // Streaming mode: wait for output chain to settle, return completion marker
+      if (onOutput) {
+        outputChain.then(() => {
+          logger.info(
+            { group: group.name, duration, newSessionId },
+            'Container completed (streaming mode)',
+          );
+          resolve({
+            status: 'success',
+            result: null,
+            newSessionId,
+          });
+        });
+        return;
+      }
+
+      // Legacy mode: parse the last output marker pair from accumulated stdout
+      try {
+        // Extract JSON between sentinel markers for robust parsing
+        const startIdx = stdout.indexOf(OUTPUT_START_MARKER);
+        const endIdx = stdout.indexOf(OUTPUT_END_MARKER);
+
+        let jsonLine: string;
+        if (startIdx !== -1 && endIdx !== -1 && endIdx > startIdx) {
+          jsonLine = stdout
+            .slice(startIdx + OUTPUT_START_MARKER.length, endIdx)
+            .trim();
+        } else {
+          // Fallback: last non-empty line (backwards compatibility)
+          const lines = stdout.trim().split('\n');
+          jsonLine = lines[lines.length - 1];
+        }
+
+        const output: ContainerOutput = JSON.parse(jsonLine);
+
+        logger.info(
+          {
+            group: group.name,
+            duration,
+            status: output.status,
+            hasResult: !!output.result,
+          },
+          'Container completed',
+        );
+
+        resolve(output);
+      } catch (err) {
+        logger.error(
+          {
+            group: group.name,
+            stdout,
+            stderr,
+            error: err,
+          },
+          'Failed to parse container output',
+        );
+
+        resolve({
+          status: 'error',
+          result: null,
+          error: `Failed to parse container output: ${err instanceof Error ? err.message : String(err)}`,
+        });
+      }
+    });
+
+    container.on('error', (err) => {
+      clearTimeout(timeout);
+      logger.error(
+        { group: group.name, containerName, error: err },
+        'Container spawn error',
+      );
+      resolve({
+        status: 'error',
+        result: null,
+        error: `Container spawn error: ${err.message}`,
+      });
+    });
+  });
+}
+
+export function writeTasksSnapshot(
+  groupFolder: string,
+  isMain: boolean,
+  tasks: Array<{
+    id: string;
+    groupFolder: string;
+    prompt: string;
+    schedule_type: string;
+    schedule_value: string;
+    status: string;
+    next_run: string | null;
+  }>,
+): void {
+  // Write filtered tasks to the group's IPC directory
+  const groupIpcDir = resolveGroupIpcPath(groupFolder);
+  fs.mkdirSync(groupIpcDir, { recursive: true });
+
+  // Main sees all tasks, others only see their own
+  const filteredTasks = isMain
+    ? tasks
+    : tasks.filter((t) => t.groupFolder === groupFolder);
+
+  const tasksFile = path.join(groupIpcDir, 'current_tasks.json');
+  fs.writeFileSync(tasksFile, JSON.stringify(filteredTasks, null, 2));
+}
+
+export interface AvailableGroup {
+  jid: string;
+  name: string;
+  lastActivity: string;
+  isRegistered: boolean;
+}
+
+/**
+ * Write available groups snapshot for the container to read.
+ * Only main group can see all available groups (for activation).
+ * Non-main groups only see their own registration status.
+ */
+export function writeGroupsSnapshot(
+  groupFolder: string,
+  isMain: boolean,
+  groups: AvailableGroup[],
+  registeredJids: Set<string>,
+): void {
+  const groupIpcDir = resolveGroupIpcPath(groupFolder);
+  fs.mkdirSync(groupIpcDir, { recursive: true });
+
+  // Main sees all groups; others see nothing (they can't activate groups)
+  const visibleGroups = isMain ? groups : [];
+
+  const groupsFile = path.join(groupIpcDir, 'available_groups.json');
+  fs.writeFileSync(
+    groupsFile,
+    JSON.stringify(
+      {
+        groups: visibleGroups,
+        lastSync: new Date().toISOString(),
+      },
+      null,
+      2,
+    ),
+  );
+}
diff --git a/.agent/skills/add-gmail/modify/src/container-runner.ts.intent.md b/.agent/skills/add-gmail/modify/src/container-runner.ts.intent.md
new file mode 100644
index 0000000..69cf3b3
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/src/container-runner.ts.intent.md
@@ -0,0 +1,42 @@
+# Intent: src/container-runner.ts modifications
+
+## What changed
+
+Added a volume mount for Gmail OAuth credentials (`~/.gmail-mcp/`) so the Gmail MCP server inside the container can authenticate with Google.
+
+## Key sections
+
+### buildVolumeMounts()
+
+- Added: Gmail credentials mount after the `.agent` sessions mount:
+  ```
+  const gmailDir = path.join(homeDir, '.gmail-mcp');
+  if (fs.existsSync(gmailDir)) {
+    mounts.push({
+      hostPath: gmailDir,
+      containerPath: '/home/node/.gmail-mcp',
+      readonly: false,  // MCP may need to refresh OAuth tokens
+    });
+  }
+  ```
+- Uses `os.homedir()` to resolve the home directory
+- Mount is read-write because the Gmail MCP server needs to refresh OAuth tokens
+- Mount is conditional — only added if `~/.gmail-mcp/` exists on the host
+
+### Imports
+
+- Added: `os` import for `os.homedir()`
+
+## Invariants
+
+- All existing mounts are unchanged
+- Mount ordering is preserved (Gmail added after session mounts, before additional mounts)
+- The `buildContainerArgs`, `runContainerAgent`, and all other functions are untouched
+- Additional mount validation via `validateAdditionalMounts` is unchanged
+
+## Must-keep
+
+- All existing volume mounts (project root, group dir, global, sessions, IPC, agent-runner, additional)
+- The mount security model (allowlist validation for additional mounts)
+- The `readSecrets` function and stdin-based secret passing
+- Container lifecycle (spawn, timeout, output parsing)
diff --git a/.agent/skills/add-gmail/modify/src/index.ts b/.agent/skills/add-gmail/modify/src/index.ts
new file mode 100644
index 0000000..be26a17
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/src/index.ts
@@ -0,0 +1,507 @@
+import fs from 'fs';
+import path from 'path';
+
+import {
+  ASSISTANT_NAME,
+  IDLE_TIMEOUT,
+  MAIN_GROUP_FOLDER,
+  POLL_INTERVAL,
+  TRIGGER_PATTERN,
+} from './config.js';
+import { GmailChannel } from './channels/gmail.js';
+import { WhatsAppChannel } from './channels/whatsapp.js';
+import {
+  ContainerOutput,
+  runContainerAgent,
+  writeGroupsSnapshot,
+  writeTasksSnapshot,
+} from './container-runner.js';
+import { cleanupOrphans, ensureContainerRuntimeRunning } from './container-runtime.js';
+import {
+  getAllChats,
+  getAllRegisteredGroups,
+  getAllSessions,
+  getAllTasks,
+  getMessagesSince,
+  getNewMessages,
+  getRouterState,
+  initDatabase,
+  setRegisteredGroup,
+  setRouterState,
+  setSession,
+  storeChatMetadata,
+  storeMessage,
+} from './db.js';
+import { GroupQueue } from './group-queue.js';
+import { resolveGroupFolderPath } from './group-folder.js';
+import { startIpcWatcher } from './ipc.js';
+import { findChannel, formatMessages, formatOutbound } from './router.js';
+import { startSchedulerLoop } from './task-scheduler.js';
+import { Channel, NewMessage, RegisteredGroup } from './types.js';
+import { logger } from './logger.js';
+
+// Re-export for backwards compatibility during refactor
+export { escapeXml, formatMessages } from './router.js';
+
+let lastTimestamp = '';
+let sessions: Record<string, string> = {};
+let registeredGroups: Record<string, RegisteredGroup> = {};
+let lastAgentTimestamp: Record<string, string> = {};
+let messageLoopRunning = false;
+
+let whatsapp: WhatsAppChannel;
+const channels: Channel[] = [];
+const queue = new GroupQueue();
+
+function loadState(): void {
+  lastTimestamp = getRouterState('last_timestamp') || '';
+  const agentTs = getRouterState('last_agent_timestamp');
+  try {
+    lastAgentTimestamp = agentTs ? JSON.parse(agentTs) : {};
+  } catch {
+    logger.warn('Corrupted last_agent_timestamp in DB, resetting');
+    lastAgentTimestamp = {};
+  }
+  sessions = getAllSessions();
+  registeredGroups = getAllRegisteredGroups();
+  logger.info(
+    { groupCount: Object.keys(registeredGroups).length },
+    'State loaded',
+  );
+}
+
+function saveState(): void {
+  setRouterState('last_timestamp', lastTimestamp);
+  setRouterState(
+    'last_agent_timestamp',
+    JSON.stringify(lastAgentTimestamp),
+  );
+}
+
+function registerGroup(jid: string, group: RegisteredGroup): void {
+  let groupDir: string;
+  try {
+    groupDir = resolveGroupFolderPath(group.folder);
+  } catch (err) {
+    logger.warn(
+      { jid, folder: group.folder, err },
+      'Rejecting group registration with invalid folder',
+    );
+    return;
+  }
+
+  registeredGroups[jid] = group;
+  setRegisteredGroup(jid, group);
+
+  // Create group folder
+  fs.mkdirSync(path.join(groupDir, 'logs'), { recursive: true });
+
+  logger.info(
+    { jid, name: group.name, folder: group.folder },
+    'Group registered',
+  );
+}
+
+/**
+ * Get available groups list for the agent.
+ * Returns groups ordered by most recent activity.
+ */
+export function getAvailableGroups(): import('./container-runner.js').AvailableGroup[] {
+  const chats = getAllChats();
+  const registeredJids = new Set(Object.keys(registeredGroups));
+
+  return chats
+    .filter((c) => c.jid !== '__group_sync__' && c.is_group)
+    .map((c) => ({
+      jid: c.jid,
+      name: c.name,
+      lastActivity: c.last_message_time,
+      isRegistered: registeredJids.has(c.jid),
+    }));
+}
+
+/** @internal - exported for testing */
+export function _setRegisteredGroups(groups: Record<string, RegisteredGroup>): void {
+  registeredGroups = groups;
+}
+
+/**
+ * Process all pending messages for a group.
+ * Called by the GroupQueue when it's this group's turn.
+ */
+async function processGroupMessages(chatJid: string): Promise<boolean> {
+  const group = registeredGroups[chatJid];
+  if (!group) return true;
+
+  const channel = findChannel(channels, chatJid);
+  if (!channel) {
+    console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+    return true;
+  }
+
+  const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+
+  const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+  const missedMessages = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+
+  if (missedMessages.length === 0) return true;
+
+  // For non-main groups, check if trigger is required and present
+  if (!isMainGroup && group.requiresTrigger !== false) {
+    const hasTrigger = missedMessages.some((m) =>
+      TRIGGER_PATTERN.test(m.content.trim()),
+    );
+    if (!hasTrigger) return true;
+  }
+
+  const prompt = formatMessages(missedMessages);
+
+  // Advance cursor so the piping path in startMessageLoop won't re-fetch
+  // these messages. Save the old cursor so we can roll back on error.
+  const previousCursor = lastAgentTimestamp[chatJid] || '';
+  lastAgentTimestamp[chatJid] =
+    missedMessages[missedMessages.length - 1].timestamp;
+  saveState();
+
+  logger.info(
+    { group: group.name, messageCount: missedMessages.length },
+    'Processing messages',
+  );
+
+  // Track idle timer for closing stdin when agent is idle
+  let idleTimer: ReturnType<typeof setTimeout> | null = null;
+
+  const resetIdleTimer = () => {
+    if (idleTimer) clearTimeout(idleTimer);
+    idleTimer = setTimeout(() => {
+      logger.debug({ group: group.name }, 'Idle timeout, closing container stdin');
+      queue.closeStdin(chatJid);
+    }, IDLE_TIMEOUT);
+  };
+
+  await channel.setTyping?.(chatJid, true);
+  let hadError = false;
+  let outputSentToUser = false;
+
+  const output = await runAgent(group, prompt, chatJid, async (result) => {
+    // Streaming output callback — called for each agent result
+    if (result.result) {
+      const raw = typeof result.result === 'string' ? result.result : JSON.stringify(result.result);
+      // Strip <internal>...</internal> blocks — agent uses these for internal reasoning
+      const text = raw.replace(/<internal>[\s\S]*?<\/internal>/g, '').trim();
+      logger.info({ group: group.name }, `Agent output: ${raw.slice(0, 200)}`);
+      if (text) {
+        await channel.sendMessage(chatJid, text);
+        outputSentToUser = true;
+      }
+      // Only reset idle timer on actual results, not session-update markers (result: null)
+      resetIdleTimer();
+    }
+
+    if (result.status === 'success') {
+      queue.notifyIdle(chatJid);
+    }
+
+    if (result.status === 'error') {
+      hadError = true;
+    }
+  });
+
+  await channel.setTyping?.(chatJid, false);
+  if (idleTimer) clearTimeout(idleTimer);
+
+  if (output === 'error' || hadError) {
+    // If we already sent output to the user, don't roll back the cursor —
+    // the user got their response and re-processing would send duplicates.
+    if (outputSentToUser) {
+      logger.warn({ group: group.name }, 'Agent error after output was sent, skipping cursor rollback to prevent duplicates');
+      return true;
+    }
+    // Roll back cursor so retries can re-process these messages
+    lastAgentTimestamp[chatJid] = previousCursor;
+    saveState();
+    logger.warn({ group: group.name }, 'Agent error, rolled back message cursor for retry');
+    return false;
+  }
+
+  return true;
+}
+
+async function runAgent(
+  group: RegisteredGroup,
+  prompt: string,
+  chatJid: string,
+  onOutput?: (output: ContainerOutput) => Promise<void>,
+): Promise<'success' | 'error'> {
+  const isMain = group.folder === MAIN_GROUP_FOLDER;
+  const sessionId = sessions[group.folder];
+
+  // Update tasks snapshot for container to read (filtered by group)
+  const tasks = getAllTasks();
+  writeTasksSnapshot(
+    group.folder,
+    isMain,
+    tasks.map((t) => ({
+      id: t.id,
+      groupFolder: t.group_folder,
+      prompt: t.prompt,
+      schedule_type: t.schedule_type,
+      schedule_value: t.schedule_value,
+      status: t.status,
+      next_run: t.next_run,
+    })),
+  );
+
+  // Update available groups snapshot (main group only can see all groups)
+  const availableGroups = getAvailableGroups();
+  writeGroupsSnapshot(
+    group.folder,
+    isMain,
+    availableGroups,
+    new Set(Object.keys(registeredGroups)),
+  );
+
+  // Wrap onOutput to track session ID from streamed results
+  const wrappedOnOutput = onOutput
+    ? async (output: ContainerOutput) => {
+        if (output.newSessionId) {
+          sessions[group.folder] = output.newSessionId;
+          setSession(group.folder, output.newSessionId);
+        }
+        await onOutput(output);
+      }
+    : undefined;
+
+  try {
+    const output = await runContainerAgent(
+      group,
+      {
+        prompt,
+        sessionId,
+        groupFolder: group.folder,
+        chatJid,
+        isMain,
+        assistantName: ASSISTANT_NAME,
+      },
+      (proc, containerName) => queue.registerProcess(chatJid, proc, containerName, group.folder),
+      wrappedOnOutput,
+    );
+
+    if (output.newSessionId) {
+      sessions[group.folder] = output.newSessionId;
+      setSession(group.folder, output.newSessionId);
+    }
+
+    if (output.status === 'error') {
+      logger.error(
+        { group: group.name, error: output.error },
+        'Container agent error',
+      );
+      return 'error';
+    }
+
+    return 'success';
+  } catch (err) {
+    logger.error({ group: group.name, err }, 'Agent error');
+    return 'error';
+  }
+}
+
+async function startMessageLoop(): Promise<void> {
+  if (messageLoopRunning) {
+    logger.debug('Message loop already running, skipping duplicate start');
+    return;
+  }
+  messageLoopRunning = true;
+
+  logger.info(`NanoClaw running (trigger: @${ASSISTANT_NAME})`);
+
+  while (true) {
+    try {
+      const jids = Object.keys(registeredGroups);
+      const { messages, newTimestamp } = getNewMessages(jids, lastTimestamp, ASSISTANT_NAME);
+
+      if (messages.length > 0) {
+        logger.info({ count: messages.length }, 'New messages');
+
+        // Advance the "seen" cursor for all messages immediately
+        lastTimestamp = newTimestamp;
+        saveState();
+
+        // Deduplicate by group
+        const messagesByGroup = new Map<string, NewMessage[]>();
+        for (const msg of messages) {
+          const existing = messagesByGroup.get(msg.chat_jid);
+          if (existing) {
+            existing.push(msg);
+          } else {
+            messagesByGroup.set(msg.chat_jid, [msg]);
+          }
+        }
+
+        for (const [chatJid, groupMessages] of messagesByGroup) {
+          const group = registeredGroups[chatJid];
+          if (!group) continue;
+
+          const channel = findChannel(channels, chatJid);
+          if (!channel) {
+            console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+            continue;
+          }
+
+          const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+          const needsTrigger = !isMainGroup && group.requiresTrigger !== false;
+
+          // For non-main groups, only act on trigger messages.
+          // Non-trigger messages accumulate in DB and get pulled as
+          // context when a trigger eventually arrives.
+          if (needsTrigger) {
+            const hasTrigger = groupMessages.some((m) =>
+              TRIGGER_PATTERN.test(m.content.trim()),
+            );
+            if (!hasTrigger) continue;
+          }
+
+          // Pull all messages since lastAgentTimestamp so non-trigger
+          // context that accumulated between triggers is included.
+          const allPending = getMessagesSince(
+            chatJid,
+            lastAgentTimestamp[chatJid] || '',
+            ASSISTANT_NAME,
+          );
+          const messagesToSend =
+            allPending.length > 0 ? allPending : groupMessages;
+          const formatted = formatMessages(messagesToSend);
+
+          if (queue.sendMessage(chatJid, formatted)) {
+            logger.debug(
+              { chatJid, count: messagesToSend.length },
+              'Piped messages to active container',
+            );
+            lastAgentTimestamp[chatJid] =
+              messagesToSend[messagesToSend.length - 1].timestamp;
+            saveState();
+            // Show typing indicator while the container processes the piped message
+            channel.setTyping?.(chatJid, true)?.catch((err) =>
+              logger.warn({ chatJid, err }, 'Failed to set typing indicator'),
+            );
+          } else {
+            // No active container — enqueue for a new one
+            queue.enqueueMessageCheck(chatJid);
+          }
+        }
+      }
+    } catch (err) {
+      logger.error({ err }, 'Error in message loop');
+    }
+    await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL));
+  }
+}
+
+/**
+ * Startup recovery: check for unprocessed messages in registered groups.
+ * Handles crash between advancing lastTimestamp and processing messages.
+ */
+function recoverPendingMessages(): void {
+  for (const [chatJid, group] of Object.entries(registeredGroups)) {
+    const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+    const pending = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+    if (pending.length > 0) {
+      logger.info(
+        { group: group.name, pendingCount: pending.length },
+        'Recovery: found unprocessed messages',
+      );
+      queue.enqueueMessageCheck(chatJid);
+    }
+  }
+}
+
+function ensureContainerSystemRunning(): void {
+  ensureContainerRuntimeRunning();
+  cleanupOrphans();
+}
+
+async function main(): Promise<void> {
+  ensureContainerSystemRunning();
+  initDatabase();
+  logger.info('Database initialized');
+  loadState();
+
+  // Graceful shutdown handlers
+  const shutdown = async (signal: string) => {
+    logger.info({ signal }, 'Shutdown signal received');
+    await queue.shutdown(10000);
+    for (const ch of channels) await ch.disconnect();
+    process.exit(0);
+  };
+  process.on('SIGTERM', () => shutdown('SIGTERM'));
+  process.on('SIGINT', () => shutdown('SIGINT'));
+
+  // Channel callbacks (shared by all channels)
+  const channelOpts = {
+    onMessage: (_chatJid: string, msg: NewMessage) => storeMessage(msg),
+    onChatMetadata: (chatJid: string, timestamp: string, name?: string, channel?: string, isGroup?: boolean) =>
+      storeChatMetadata(chatJid, timestamp, name, channel, isGroup),
+    registeredGroups: () => registeredGroups,
+  };
+
+  // Create and connect channels
+  whatsapp = new WhatsAppChannel(channelOpts);
+  channels.push(whatsapp);
+  await whatsapp.connect();
+
+  const gmail = new GmailChannel(channelOpts);
+  channels.push(gmail);
+  try {
+    await gmail.connect();
+  } catch (err) {
+    logger.warn({ err }, 'Gmail channel failed to connect, continuing without it');
+  }
+
+  // Start subsystems (independently of connection handler)
+  startSchedulerLoop({
+    registeredGroups: () => registeredGroups,
+    getSessions: () => sessions,
+    queue,
+    onProcess: (groupJid, proc, containerName, groupFolder) => queue.registerProcess(groupJid, proc, containerName, groupFolder),
+    sendMessage: async (jid, rawText) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) {
+        console.log(`Warning: no channel owns JID ${jid}, cannot send message`);
+        return;
+      }
+      const text = formatOutbound(rawText);
+      if (text) await channel.sendMessage(jid, text);
+    },
+  });
+  startIpcWatcher({
+    sendMessage: (jid, text) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) throw new Error(`No channel for JID: ${jid}`);
+      return channel.sendMessage(jid, text);
+    },
+    registeredGroups: () => registeredGroups,
+    registerGroup,
+    syncGroupMetadata: (force) => whatsapp?.syncGroupMetadata(force) ?? Promise.resolve(),
+    getAvailableGroups,
+    writeGroupsSnapshot: (gf, im, ag, rj) => writeGroupsSnapshot(gf, im, ag, rj),
+  });
+  queue.setProcessMessagesFn(processGroupMessages);
+  recoverPendingMessages();
+  startMessageLoop().catch((err) => {
+    logger.fatal({ err }, 'Message loop crashed unexpectedly');
+    process.exit(1);
+  });
+}
+
+// Guard: only run when executed directly, not when imported by tests
+const isDirectRun =
+  process.argv[1] &&
+  new URL(import.meta.url).pathname === new URL(`file://${process.argv[1]}`).pathname;
+
+if (isDirectRun) {
+  main().catch((err) => {
+    logger.error({ err }, 'Failed to start NanoClaw');
+    process.exit(1);
+  });
+}
diff --git a/.agent/skills/add-gmail/modify/src/index.ts.intent.md b/.agent/skills/add-gmail/modify/src/index.ts.intent.md
new file mode 100644
index 0000000..cd700f5
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/src/index.ts.intent.md
@@ -0,0 +1,40 @@
+# Intent: src/index.ts modifications
+
+## What changed
+
+Added Gmail as a channel.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `GmailChannel` from `./channels/gmail.js`
+
+### main()
+
+- Added Gmail channel creation:
+  ```
+  const gmail = new GmailChannel(channelOpts);
+  channels.push(gmail);
+  await gmail.connect();
+  ```
+- Gmail uses the same `channelOpts` callbacks as other channels
+- Incoming emails are delivered to the main group (agent decides how to respond, user can configure)
+
+## Invariants
+
+- All existing message processing logic (triggers, cursors, idle timers) is preserved
+- The `runAgent` function is completely unchanged
+- State management (loadState/saveState) is unchanged
+- Recovery logic is unchanged
+- Container runtime check is unchanged
+- Any other channel creation is untouched
+- Shutdown iterates `channels` array (Gmail is included automatically)
+
+## Must-keep
+
+- The `escapeXml` and `formatMessages` re-exports
+- The `_setRegisteredGroups` test helper
+- The `isDirectRun` guard at bottom
+- All error handling and cursor rollback logic in processGroupMessages
+- The outgoing queue flush and reconnection logic
diff --git a/.agent/skills/add-gmail/modify/src/routing.test.ts b/.agent/skills/add-gmail/modify/src/routing.test.ts
new file mode 100644
index 0000000..837b1da
--- /dev/null
+++ b/.agent/skills/add-gmail/modify/src/routing.test.ts
@@ -0,0 +1,119 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+
+import { _initTestDatabase, getAllChats, storeChatMetadata } from './db.js';
+import { getAvailableGroups, _setRegisteredGroups } from './index.js';
+
+beforeEach(() => {
+  _initTestDatabase();
+  _setRegisteredGroups({});
+});
+
+// --- JID ownership patterns ---
+
+describe('JID ownership patterns', () => {
+  // These test the patterns that will become ownsJid() on the Channel interface
+
+  it('WhatsApp group JID: ends with @g.us', () => {
+    const jid = '12345678@g.us';
+    expect(jid.endsWith('@g.us')).toBe(true);
+  });
+
+  it('WhatsApp DM JID: ends with @s.whatsapp.net', () => {
+    const jid = '12345678@s.whatsapp.net';
+    expect(jid.endsWith('@s.whatsapp.net')).toBe(true);
+  });
+
+  it('Gmail JID: starts with gmail:', () => {
+    const jid = 'gmail:abc123def';
+    expect(jid.startsWith('gmail:')).toBe(true);
+  });
+
+  it('Gmail thread JID: starts with gmail: followed by thread ID', () => {
+    const jid = 'gmail:18d3f4a5b6c7d8e9';
+    expect(jid.startsWith('gmail:')).toBe(true);
+  });
+});
+
+// --- getAvailableGroups ---
+
+describe('getAvailableGroups', () => {
+  it('returns only groups, excludes DMs', () => {
+    storeChatMetadata('group1@g.us', '2024-01-01T00:00:01.000Z', 'Group 1', 'whatsapp', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+    storeChatMetadata('group2@g.us', '2024-01-01T00:00:03.000Z', 'Group 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(2);
+    expect(groups.map((g) => g.jid)).toContain('group1@g.us');
+    expect(groups.map((g) => g.jid)).toContain('group2@g.us');
+    expect(groups.map((g) => g.jid)).not.toContain('user@s.whatsapp.net');
+  });
+
+  it('excludes __group_sync__ sentinel', () => {
+    storeChatMetadata('__group_sync__', '2024-01-01T00:00:00.000Z');
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:01.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('marks registered groups correctly', () => {
+    storeChatMetadata('reg@g.us', '2024-01-01T00:00:01.000Z', 'Registered', 'whatsapp', true);
+    storeChatMetadata('unreg@g.us', '2024-01-01T00:00:02.000Z', 'Unregistered', 'whatsapp', true);
+
+    _setRegisteredGroups({
+      'reg@g.us': {
+        name: 'Registered',
+        folder: 'registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const reg = groups.find((g) => g.jid === 'reg@g.us');
+    const unreg = groups.find((g) => g.jid === 'unreg@g.us');
+
+    expect(reg?.isRegistered).toBe(true);
+    expect(unreg?.isRegistered).toBe(false);
+  });
+
+  it('returns groups ordered by most recent activity', () => {
+    storeChatMetadata('old@g.us', '2024-01-01T00:00:01.000Z', 'Old', 'whatsapp', true);
+    storeChatMetadata('new@g.us', '2024-01-01T00:00:05.000Z', 'New', 'whatsapp', true);
+    storeChatMetadata('mid@g.us', '2024-01-01T00:00:03.000Z', 'Mid', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups[0].jid).toBe('new@g.us');
+    expect(groups[1].jid).toBe('mid@g.us');
+    expect(groups[2].jid).toBe('old@g.us');
+  });
+
+  it('excludes non-group chats regardless of JID format', () => {
+    // Unknown JID format stored without is_group should not appear
+    storeChatMetadata('unknown-format-123', '2024-01-01T00:00:01.000Z', 'Unknown');
+    // Explicitly non-group with unusual JID
+    storeChatMetadata('custom:abc', '2024-01-01T00:00:02.000Z', 'Custom DM', 'custom', false);
+    // A real group for contrast
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:03.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('returns empty array when no chats exist', () => {
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(0);
+  });
+
+  it('excludes Gmail threads from group list (Gmail threads are not groups)', () => {
+    storeChatMetadata('gmail:abc123', '2024-01-01T00:00:01.000Z', 'Email thread', 'gmail', false);
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:02.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+});
diff --git a/.agent/skills/add-gmail/tests/gmail.test.ts b/.agent/skills/add-gmail/tests/gmail.test.ts
new file mode 100644
index 0000000..02d9721
--- /dev/null
+++ b/.agent/skills/add-gmail/tests/gmail.test.ts
@@ -0,0 +1,40 @@
+import { describe, it, expect } from 'vitest';
+import fs from 'fs';
+import path from 'path';
+
+const root = process.cwd();
+const read = (f: string) => fs.readFileSync(path.join(root, f), 'utf-8');
+
+function getGmailMode(): 'tool-only' | 'channel' {
+  const p = path.join(root, '.nanoclaw/state.yaml');
+  if (!fs.existsSync(p)) return 'channel';
+  return read('.nanoclaw/state.yaml').includes('mode: tool-only') ? 'tool-only' : 'channel';
+}
+
+const mode = getGmailMode();
+const channelOnly = mode === 'tool-only';
+
+describe('add-gmail skill', () => {
+  it('container-runner mounts ~/.gmail-mcp', () => {
+    expect(read('src/container-runner.ts')).toContain('.gmail-mcp');
+  });
+
+  it('agent-runner has gmail MCP server', () => {
+    const content = read('container/agent-runner/src/index.ts');
+    expect(content).toContain('mcp__gmail__*');
+    expect(content).toContain('@gongrzhe/server-gmail-autoauth-mcp');
+  });
+
+  it.skipIf(channelOnly)('gmail channel file exists', () => {
+    expect(fs.existsSync(path.join(root, 'src/channels/gmail.ts'))).toBe(true);
+  });
+
+  it.skipIf(channelOnly)('index.ts wires up GmailChannel', () => {
+    expect(read('src/index.ts')).toContain('GmailChannel');
+  });
+
+  it.skipIf(channelOnly)('googleapis dependency installed', () => {
+    const pkg = JSON.parse(read('package.json'));
+    expect(pkg.dependencies?.googleapis || pkg.devDependencies?.googleapis).toBeDefined();
+  });
+});
diff --git a/.agent/skills/add-parallel/SKILL.md b/.agent/skills/add-parallel/SKILL.md
new file mode 100644
index 0000000..36aade5
--- /dev/null
+++ b/.agent/skills/add-parallel/SKILL.md
@@ -0,0 +1,320 @@
+---
+name: add-parallel
+description: Add Parallel AI MCP integration to Clawdie for advanced web research capabilities. Use when the user wants the agent to perform multi-step web research using Parallel AI's tools.
+---
+
+# Add Parallel AI Integration
+
+Adds Parallel AI MCP integration to NanoClaw for advanced web research capabilities.
+
+## What This Adds
+
+- **Quick Search** - Fast web lookups using Parallel Search API (free to use)
+- **Deep Research** - Comprehensive analysis using Parallel Task API (asks permission)
+- **Non-blocking Design** - Uses NanoClaw scheduler for result polling (no container blocking)
+
+## Prerequisites
+
+User must have:
+
+1. Parallel AI API key from https://platform.parallel.ai
+2. NanoClaw already set up and running
+3. Docker installed and running
+
+## Implementation Steps
+
+Run all steps automatically. Only pause for user input when explicitly needed.
+
+### 1. Get Parallel AI API Key
+
+Use `AskUserQuestion: Do you have a Parallel AI API key, or should I help you get one?`
+
+**If they have one:**
+Collect it now.
+
+**If they need one:**
+Tell them:
+
+> 1. Go to https://platform.parallel.ai
+> 2. Sign up or log in
+> 3. Navigate to API Keys section
+> 4. Create a new API key
+> 5. Copy the key and paste it here
+
+Wait for the API key.
+
+### 2. Add API Key to Environment
+
+Add `PARALLEL_API_KEY` to `.env`:
+
+```bash
+# Check if .env exists, create if not
+if [ ! -f .env ]; then
+    touch .env
+fi
+
+# Add PARALLEL_API_KEY if not already present
+if ! grep -q "PARALLEL_API_KEY=" .env; then
+    echo "PARALLEL_API_KEY=${API_KEY_FROM_USER}" >> .env
+    echo "✓ Added PARALLEL_API_KEY to .env"
+else
+    # Update existing key
+    sed -i.bak "s/^PARALLEL_API_KEY=.*/PARALLEL_API_KEY=${API_KEY_FROM_USER}/" .env
+    echo "✓ Updated PARALLEL_API_KEY in .env"
+fi
+```
+
+Verify:
+
+```bash
+grep "PARALLEL_API_KEY" .env | head -c 50
+```
+
+### 3. Update Container Runner
+
+Add `PARALLEL_API_KEY` to allowed environment variables in `src/container-runner.ts`:
+
+Find the line:
+
+```typescript
+const allowedVars = ['ZAI_API_KEY', 'ANTHROPIC_API_KEY'];
+```
+
+Replace with:
+
+```typescript
+const allowedVars = ['ZAI_API_KEY', 'ANTHROPIC_API_KEY', 'PARALLEL_API_KEY'];
+```
+
+### 4. Configure MCP Servers in Agent Runner
+
+Update `container/agent-runner/src/index.ts`:
+
+Find the section where `mcpServers` is configured (around line 237-252):
+
+```typescript
+const mcpServers: Record<string, any> = {
+  nanoclaw: ipcMcp,
+};
+```
+
+Add Parallel AI MCP servers after the nanoclaw server:
+
+```typescript
+const mcpServers: Record<string, any> = {
+  nanoclaw: ipcMcp,
+};
+
+// Add Parallel AI MCP servers if API key is available
+const parallelApiKey = process.env.PARALLEL_API_KEY;
+if (parallelApiKey) {
+  mcpServers['parallel-search'] = {
+    type: 'http', // REQUIRED: Must specify type for HTTP MCP servers
+    url: 'https://search-mcp.parallel.ai/mcp',
+    headers: {
+      Authorization: `Bearer ${parallelApiKey}`,
+    },
+  };
+  mcpServers['parallel-task'] = {
+    type: 'http', // REQUIRED: Must specify type for HTTP MCP servers
+    url: 'https://task-mcp.parallel.ai/mcp',
+    headers: {
+      Authorization: `Bearer ${parallelApiKey}`,
+    },
+  };
+  log('Parallel AI MCP servers configured');
+} else {
+  log('PARALLEL_API_KEY not set, skipping Parallel AI integration');
+}
+```
+
+Also update the `allowedTools` array to include Parallel MCP tools (around line 242-248):
+
+```typescript
+allowedTools: [
+  'Bash',
+  'Read', 'Write', 'Edit', 'Glob', 'Grep',
+  'WebSearch', 'WebFetch',
+  'mcp__nanoclaw__*',
+  'mcp__parallel-search__*',
+  'mcp__parallel-task__*'
+],
+```
+
+### 5. Add Usage Instructions to AGENT.md
+
+Add Parallel AI usage instructions to `groups/main/AGENT.md`:
+
+Find the "## What You Can Do" section and add after the existing bullet points:
+
+```markdown
+- Use Parallel AI for web research and deep learning tasks
+```
+
+Then add a new section after "## What You Can Do":
+
+```markdown
+## Web Research Tools
+
+You have access to two Parallel AI research tools:
+
+### Quick Web Search (`mcp__parallel-search__search`)
+
+**When to use:** Freely use for factual lookups, current events, definitions, recent information, or verifying facts.
+
+**Examples:**
+
+- "Who invented the transistor?"
+- "What's the latest news about quantum computing?"
+- "When was the UN founded?"
+- "What are the top programming languages in 2026?"
+
+**Speed:** Fast (2-5 seconds)
+**Cost:** Low
+**Permission:** Not needed - use whenever it helps answer the question
+
+### Deep Research (`mcp__parallel-task__create_task_run`)
+
+**When to use:** Comprehensive analysis, learning about complex topics, comparing concepts, historical overviews, or structured research.
+
+**Examples:**
+
+- "Explain the development of quantum mechanics from 1900-1930"
+- "Compare the literary styles of Hemingway and Faulkner"
+- "Research the evolution of jazz from bebop to fusion"
+- "Analyze the causes of the French Revolution"
+
+**Speed:** Slower (1-20 minutes depending on depth)
+**Cost:** Higher (varies by processor tier)
+**Permission:** ALWAYS use `AskUserQuestion` before using this tool
+
+**How to ask permission:**
+```
+
+AskUserQuestion: I can do deep research on [topic] using Parallel's Task API. This will take 2-5 minutes and provide comprehensive analysis with citations. Should I proceed?
+
+```
+
+**After permission - DO NOT BLOCK! Use scheduler instead:**
+
+1. Create the task using `mcp__parallel-task__create_task_run`
+2. Get the `run_id` from the response
+3. Create a polling scheduled task using `mcp__nanoclaw__schedule_task`:
+```
+
+Prompt: "Check Parallel AI task run [run_id] and send results when ready.
+
+1.  Use the Parallel Task MCP to check the task status
+2.  If status is 'completed', extract the results
+3.  Send results to user with mcp**nanoclaw**send_message
+4.  Use mcp**nanoclaw**complete_scheduled_task to mark this task as done
+
+If status is still 'running' or 'pending', do nothing (task will run again in 30s).
+If status is 'failed', send error message and complete the task."
+
+Schedule: interval every 30 seconds
+Context mode: isolated
+
+```
+4. Send acknowledgment with tracking link
+5. Exit immediately - scheduler handles the rest
+
+### Choosing Between Them
+
+**Use Search when:**
+- Question needs a quick fact or recent information
+- Simple definition or clarification
+- Verifying specific details
+- Current events or news
+
+**Use Deep Research (with permission) when:**
+- User wants to learn about a complex topic
+- Question requires analysis or comparison
+- Historical context or evolution of concepts
+- Structured, comprehensive understanding needed
+- User explicitly asks to "research" or "explain in depth"
+
+**Default behavior:** Prefer search for most questions. Only suggest deep research when the topic genuinely requires comprehensive analysis.
+```
+
+### 6. Rebuild Container
+
+Build the container with updated agent runner:
+
+```bash
+./container/build.sh
+```
+
+Verify the build:
+
+```bash
+echo '{}' | docker run -i --entrypoint /bin/echo nanoclaw-agent:latest "Container OK"
+```
+
+### 7. Restart Service
+
+Rebuild the main app and restart:
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+Wait 3 seconds for service to start, then verify:
+
+```bash
+sleep 3
+launchctl list | grep nanoclaw  # macOS
+# Linux: systemctl --user status nanoclaw
+```
+
+### 8. Test Integration
+
+Tell the user to test:
+
+> Send a message to your assistant: `@[YourAssistantName] what's the latest news about AI?`
+>
+> The assistant should use Parallel Search API to find current information.
+>
+> Then try: `@[YourAssistantName] can you research the history of artificial intelligence?`
+>
+> The assistant should ask for permission before using the Task API.
+
+Check logs to verify MCP servers loaded:
+
+```bash
+tail -20 logs/nanoclaw.log
+```
+
+Look for: `Parallel AI MCP servers configured`
+
+## Troubleshooting
+
+**Container hangs or times out:**
+
+- Check that `type: 'http'` is specified in MCP server config
+- Verify API key is correct in .env
+- Check container logs: `cat groups/main/logs/container-*.log | tail -50`
+
+**MCP servers not loading:**
+
+- Ensure PARALLEL_API_KEY is in .env
+- Verify container-runner.ts includes PARALLEL_API_KEY in allowedVars
+- Check agent-runner logs for "Parallel AI MCP servers configured" message
+
+**Task polling not working:**
+
+- Verify scheduled task was created: `psql "$OPS_DB_URL" -c "SELECT * FROM scheduled_tasks"`
+- Check task runs: `tail -f logs/nanoclaw.log | grep "scheduled task"`
+- Ensure task prompt includes proper Parallel MCP tool names
+
+## Uninstalling
+
+To remove Parallel AI integration:
+
+1. Remove from .env: `sed -i.bak '/PARALLEL_API_KEY/d' .env`
+2. Revert changes to container-runner.ts and agent-runner/src/index.ts
+3. Remove Web Research Tools section from groups/main/AGENT.md
+4. Rebuild: `./container/build.sh && npm run build`
+5. Restart: `launchctl kickstart -k gui/$(id -u)/com.nanoclaw` (macOS) or `systemctl --user restart nanoclaw` (Linux)
diff --git a/.agent/skills/add-protonmail/SKILL.md b/.agent/skills/add-protonmail/SKILL.md
new file mode 100644
index 0000000..28f6074
--- /dev/null
+++ b/.agent/skills/add-protonmail/SKILL.md
@@ -0,0 +1,85 @@
+---
+name: add-protonmail
+description: Add a send_email tool so the agent can send email from a ProtonMail custom domain address using an SMTP submission token. Use when the user wants the agent to send emails.
+---
+
+# Skill: add-protonmail
+
+Adds a `send_email` tool to your agent so it can send emails from your ProtonMail
+custom domain address (e.g. `hello@clawdie.si`) using an SMTP submission token.
+
+No daemon required. No Proton Bridge. Just an SMTP token and nodemailer.
+
+## Prerequisites
+
+- A ProtonMail account with a custom domain (e.g. `hello@clawdie.si`)
+- SMTP submission enabled for your domain in Proton settings
+
+## Setup
+
+### 1. Generate an SMTP token
+
+1. Log in to Proton Mail → Settings → All Settings → Proton Mail → SMTP submission
+2. Enable SMTP submission for your domain
+3. Click **Generate token** for your address
+4. Copy the token (looks like a long random string)
+
+> Note: SMTP tokens are different from your login password. They are
+> address-specific and can be revoked without affecting your account.
+
+### 2. Add to .env
+
+```
+PROTONMAIL_SMTP_USER=hello@clawdie.si
+PROTONMAIL_SMTP_TOKEN=your_smtp_token_here
+```
+
+### 3. Apply the skill
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-protonmail
+```
+
+Then rebuild the jail agent runner:
+
+```bash
+cd jail/agent-runner && npm install && npm run build
+```
+
+## Tools the agent gets
+
+| Tool         | Description                                |
+| ------------ | ------------------------------------------ |
+| `send_email` | Send an email from your ProtonMail address |
+
+The tool accepts: `to`, `subject`, `body`, and optional `cc` and `reply_to`.
+
+## Example conversations
+
+> "Send John an email confirming his order"
+> → Agent calls `send_email(to: "john@example.com", subject: "Order confirmed", body: "Hi John...")`
+
+> "Email the team about the outage"
+> → Agent composes and sends via `send_email`
+
+> "Reply to Sarah's question about pricing"
+> → Agent drafts reply and sends via `send_email`
+
+## Limitations
+
+This skill is **send-only**. The agent cannot read the ProtonMail inbox or
+receive emails automatically. For full inbound + outbound support, see the
+Proton Bridge option in the skill roadmap.
+
+## Upgrading to full inbound channel
+
+Once Proton Bridge headless mode on FreeBSD is confirmed, this skill will be
+extended to add a `ProtonmailChannel` that polls via IMAP and delivers incoming
+emails to the agent automatically — the same pattern as `add-gmail`.
+
+## Security
+
+- SMTP token is separate from your login password
+- Tokens can be revoked individually without affecting your account
+- `PROTONMAIL_SMTP_TOKEN` is passed to the jail via encrypted stdin, never written to disk
+- Emails sent via SMTP are stored in Sent with zero-access encryption
diff --git a/.agent/skills/add-protonmail/add/jail/agent-runner/src/protonmail-tools.ts b/.agent/skills/add-protonmail/add/jail/agent-runner/src/protonmail-tools.ts
new file mode 100644
index 0000000..b7f64e7
--- /dev/null
+++ b/.agent/skills/add-protonmail/add/jail/agent-runner/src/protonmail-tools.ts
@@ -0,0 +1,72 @@
+/**
+ * ProtonMail SMTP tools for Clawdie agent.
+ * Registered into the existing ipc-mcp-stdio server when PROTONMAIL_SMTP credentials are set.
+ * Uses ProtonMail SMTP submission tokens (custom domain addresses only).
+ * Send-only — no inbound polling.
+ */
+import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { Transporter } from 'nodemailer';
+import { z } from 'zod';
+
+export function registerProtonmailTools(server: McpServer): void {
+  const user = process.env.PROTONMAIL_SMTP_USER;
+  const token = process.env.PROTONMAIL_SMTP_TOKEN;
+  if (!user || !token) return;
+
+  let transporterInstance: Transporter | null = null;
+
+  const getTransporter = async (): Promise<Transporter> => {
+    if (!transporterInstance) {
+      const nodemailer = await import('nodemailer');
+      transporterInstance = nodemailer.default.createTransport({
+        host: 'smtp.protonmail.ch',
+        port: 587,
+        secure: false, // STARTTLS
+        auth: { user, pass: token },
+      });
+    }
+    return transporterInstance;
+  };
+
+  server.tool(
+    'send_email',
+    `Send an email from ${user} via ProtonMail. Use for notifications, replies, and outbound communication.`,
+    {
+      to: z.string().describe('Recipient email address (e.g. "john@example.com" or "Name <john@example.com>")'),
+      subject: z.string().describe('Email subject line'),
+      body: z.string().describe('Email body as plain text'),
+      cc: z.string().optional().describe('CC address (optional)'),
+      reply_to: z
+        .string()
+        .optional()
+        .describe('Reply-To address if different from sender (optional)'),
+    },
+    async (args) => {
+      try {
+        const transporter = await getTransporter();
+        const info = await transporter.sendMail({
+          from: user,
+          to: args.to,
+          subject: args.subject,
+          text: args.body,
+          ...(args.cc ? { cc: args.cc } : {}),
+          ...(args.reply_to ? { replyTo: args.reply_to } : {}),
+        });
+        return {
+          content: [{
+            type: 'text' as const,
+            text: `Email sent to ${args.to}\nSubject: ${args.subject}\nMessage ID: ${info.messageId}`,
+          }],
+        };
+      } catch (err) {
+        return {
+          content: [{
+            type: 'text' as const,
+            text: `Failed to send email: ${err instanceof Error ? err.message : String(err)}`,
+          }],
+          isError: true,
+        };
+      }
+    },
+  );
+}
diff --git a/.agent/skills/add-protonmail/manifest.yaml b/.agent/skills/add-protonmail/manifest.yaml
new file mode 100644
index 0000000..f8db084
--- /dev/null
+++ b/.agent/skills/add-protonmail/manifest.yaml
@@ -0,0 +1,17 @@
+skill: protonmail
+version: 1.0.0
+description: "ProtonMail email sending via SMTP token — send emails from your custom domain"
+core_version: 0.4.0
+adds:
+  - jail/agent-runner/src/protonmail-tools.ts
+modifies:
+  - src/jail-runner.ts
+  - jail/agent-runner/src/ipc-mcp-stdio.ts
+  - jail/agent-runner/package.json
+structured:
+  npm_dependencies:
+    nodemailer: "^6.9.0"
+    "@types/nodemailer": "^6.4.0"
+conflicts: []
+depends: []
+test: ""
diff --git a/.agent/skills/add-protonmail/modify/jail/agent-runner/package.json.intent.md b/.agent/skills/add-protonmail/modify/jail/agent-runner/package.json.intent.md
new file mode 100644
index 0000000..aa172bd
--- /dev/null
+++ b/.agent/skills/add-protonmail/modify/jail/agent-runner/package.json.intent.md
@@ -0,0 +1,37 @@
+# Intent: jail/agent-runner/package.json modifications
+
+## What changed
+
+Added `nodemailer` as a runtime dependency and `@types/nodemailer` as a dev
+dependency.
+
+## Key sections
+
+### dependencies
+
+- Added: `"nodemailer": "^6.9.0"`
+
+### devDependencies
+
+- Added: `"@types/nodemailer": "^6.4.0"`
+
+```json
+{
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.1",
+    "cron-parser": "^5.0.0",
+    "nodemailer": "^6.9.0",
+    "zod": "^4.0.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.10.7",
+    "@types/nodemailer": "^6.4.0",
+    "typescript": "^5.7.3"
+  }
+}
+```
+
+## Invariants
+
+- All existing dependencies remain unchanged
+- package name, version, scripts are unchanged
diff --git a/.agent/skills/add-protonmail/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md b/.agent/skills/add-protonmail/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
new file mode 100644
index 0000000..25b8596
--- /dev/null
+++ b/.agent/skills/add-protonmail/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
@@ -0,0 +1,36 @@
+# Intent: jail/agent-runner/src/ipc-mcp-stdio.ts modifications
+
+## What changed
+
+Imported and registered the ProtonMail MCP tools so the agent can send emails
+from the configured ProtonMail address. Tools are only registered when both
+`PROTONMAIL_SMTP_USER` and `PROTONMAIL_SMTP_TOKEN` are present.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `import { registerProtonmailTools } from './protonmail-tools.js';`
+
+### After all existing server.tool() calls, before the transport connection
+
+- Added: `registerProtonmailTools(server);`
+
+```typescript
+// Add near the bottom, before:
+// const transport = new StdioServerTransport();
+
+registerProtonmailTools(server);
+
+// Existing:
+const transport = new StdioServerTransport();
+await server.connect(transport);
+```
+
+## Invariants
+
+- All existing tools (send_message, schedule_task, list_tasks, etc.) are unchanged
+- Server name and version are unchanged
+- IPC directory constants are unchanged
+- Transport connection is unchanged
+- If either ProtonMail env var is absent, `registerProtonmailTools` is a no-op
diff --git a/.agent/skills/add-protonmail/modify/src/jail-runner.ts.intent.md b/.agent/skills/add-protonmail/modify/src/jail-runner.ts.intent.md
new file mode 100644
index 0000000..cac75dd
--- /dev/null
+++ b/.agent/skills/add-protonmail/modify/src/jail-runner.ts.intent.md
@@ -0,0 +1,38 @@
+# Intent: src/jail-runner.ts modifications
+
+## What changed
+
+Added `PROTONMAIL_SMTP_USER` and `PROTONMAIL_SMTP_TOKEN` to the secrets
+allowlist so ProtonMail credentials are passed to the jail agent securely
+via stdin — never via environment variables or files.
+
+## Key sections
+
+### readSecrets() function (around line 216)
+
+- Added: `'PROTONMAIL_SMTP_USER'` and `'PROTONMAIL_SMTP_TOKEN'` to the `readEnvFile` array
+
+```typescript
+// Before:
+return readEnvFile([
+  'ANTHROPIC_API_KEY',
+  ...
+  'KIMI_API_KEY',
+]);
+
+// After:
+return readEnvFile([
+  'ANTHROPIC_API_KEY',
+  ...
+  'KIMI_API_KEY',
+  'PROTONMAIL_SMTP_USER',
+  'PROTONMAIL_SMTP_TOKEN',
+]);
+```
+
+## Invariants
+
+- All existing API keys remain in the list unchanged
+- `readEnvFile()` signature and behavior are unchanged
+- Secrets are still passed via stdin JSON, never written to disk or env
+- If either ProtonMail env var is absent from `.env`, it is silently skipped
diff --git a/.agent/skills/add-slack/SKILL.md b/.agent/skills/add-slack/SKILL.md
new file mode 100644
index 0000000..f3706ae
--- /dev/null
+++ b/.agent/skills/add-slack/SKILL.md
@@ -0,0 +1,235 @@
+---
+name: add-slack
+description: Add Slack as a channel. Can replace WhatsApp entirely or run alongside it. Uses Socket Mode (no public URL needed).
+---
+
+# Add Slack Channel
+
+This skill adds Slack support to NanoClaw using the skills engine for deterministic code changes, then walks through interactive setup.
+
+## Phase 1: Pre-flight
+
+### Check if already applied
+
+Read `.nanoclaw/state.yaml`. If `slack` is in `applied_skills`, skip to Phase 3 (Setup). The code changes are already in place.
+
+### Ask the user
+
+1. **Mode**: Replace WhatsApp or add alongside it?
+   - Replace → will set `SLACK_ONLY=true`
+   - Alongside → both channels active (default)
+
+2. **Do they already have a Slack app configured?** If yes, collect the Bot Token and App Token now. If no, we'll create one in Phase 3.
+
+## Phase 2: Apply Code Changes
+
+Run the skills engine to apply this skill's code package. The package files are in this directory alongside this SKILL.md.
+
+### Initialize skills system (if needed)
+
+If `.nanoclaw/` directory doesn't exist yet:
+
+```bash
+npx tsx scripts/apply-skill.ts --init
+```
+
+Or call `initSkillsSystem()` from `skills-engine/migrate.ts`.
+
+### Apply the skill
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-slack
+```
+
+This deterministically:
+
+- Adds `src/channels/slack.ts` (SlackChannel class implementing Channel interface)
+- Adds `src/channels/slack.test.ts` (46 unit tests)
+- Three-way merges Slack support into `src/index.ts` (multi-channel support, conditional channel creation)
+- Three-way merges Slack config into `src/config.ts` (SLACK_ONLY export)
+- Three-way merges updated routing tests into `src/routing.test.ts`
+- Installs the `@slack/bolt` npm dependency
+- Updates `.env.example` with `SLACK_BOT_TOKEN`, `SLACK_APP_TOKEN`, and `SLACK_ONLY`
+- Records the application in `.nanoclaw/state.yaml`
+
+If the apply reports merge conflicts, read the intent files:
+
+- `modify/src/index.ts.intent.md` — what changed and invariants for index.ts
+- `modify/src/config.ts.intent.md` — what changed for config.ts
+- `modify/src/routing.test.ts.intent.md` — what changed for routing tests
+
+### Validate code changes
+
+```bash
+npm test
+npm run build
+```
+
+All tests must pass (including the new slack tests) and build must be clean before proceeding.
+
+## Phase 3: Setup
+
+### Create Slack App (if needed)
+
+If the user doesn't have a Slack app, share [SLACK_SETUP.md](SLACK_SETUP.md) which has step-by-step instructions with screenshots guidance, troubleshooting, and a token reference table.
+
+Quick summary of what's needed:
+
+1. Create a Slack app at [api.slack.com/apps](https://api.slack.com/apps)
+2. Enable Socket Mode and generate an App-Level Token (`xapp-...`)
+3. Subscribe to bot events: `message.channels`, `message.groups`, `message.im`
+4. Add OAuth scopes: `chat:write`, `channels:history`, `groups:history`, `im:history`, `channels:read`, `groups:read`, `users:read`
+5. Install to workspace and copy the Bot Token (`xoxb-...`)
+
+Wait for the user to provide both tokens.
+
+### Configure environment
+
+Add to `.env`:
+
+```bash
+SLACK_BOT_TOKEN=xoxb-your-bot-token
+SLACK_APP_TOKEN=xapp-your-app-token
+```
+
+If they chose to replace WhatsApp:
+
+```bash
+SLACK_ONLY=true
+```
+
+Sync to container environment:
+
+```bash
+mkdir -p data/env && cp .env data/env/env
+```
+
+The container reads environment from `data/env/env`, not `.env` directly.
+
+### Build and restart
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw
+```
+
+## Phase 4: Registration
+
+### Get Channel ID
+
+Tell the user:
+
+> 1. Add the bot to a Slack channel (right-click channel → **View channel details** → **Integrations** → **Add apps**)
+> 2. In that channel, the channel ID is in the URL when you open it in a browser: `https://app.slack.com/client/T.../C0123456789` — the `C...` part is the channel ID
+> 3. Alternatively, right-click the channel name → **Copy link** — the channel ID is the last path segment
+>
+> The JID format for NanoClaw is: `slack:C0123456789`
+
+Wait for the user to provide the channel ID.
+
+### Register the channel
+
+Use the IPC register flow or register directly. The channel ID, name, and folder name are needed.
+
+For a main channel (responds to all messages, uses the `main` folder):
+
+```typescript
+registerGroup('slack:<channel-id>', {
+  name: '<channel-name>',
+  folder: 'main',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: false,
+});
+```
+
+For additional channels (trigger-only):
+
+```typescript
+registerGroup('slack:<channel-id>', {
+  name: '<channel-name>',
+  folder: '<folder-name>',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: true,
+});
+```
+
+## Phase 5: Verify
+
+### Test the connection
+
+Tell the user:
+
+> Send a message in your registered Slack channel:
+>
+> - For main channel: Any message works
+> - For non-main: `@<assistant-name> hello` (using the configured trigger word)
+>
+> The bot should respond within a few seconds.
+
+### Check logs if needed
+
+```bash
+tail -f logs/nanoclaw.log
+```
+
+## Troubleshooting
+
+### Bot not responding
+
+1. Check `SLACK_BOT_TOKEN` and `SLACK_APP_TOKEN` are set in `.env` AND synced to `data/env/env`
+2. Check channel is registered: `psql "$OPS_DB_URL" -c "SELECT * FROM registered_groups WHERE jid LIKE 'slack:%'"`
+3. For non-main channels: message must include trigger pattern
+4. Service is running: `launchctl list | grep nanoclaw`
+
+### Bot connected but not receiving messages
+
+1. Verify Socket Mode is enabled in the Slack app settings
+2. Verify the bot is subscribed to the correct events (`message.channels`, `message.groups`, `message.im`)
+3. Verify the bot has been added to the channel
+4. Check that the bot has the required OAuth scopes
+
+### Bot not seeing messages in channels
+
+By default, bots only see messages in channels they've been explicitly added to. Make sure to:
+
+1. Add the bot to each channel you want it to monitor
+2. Check the bot has `channels:history` and/or `groups:history` scopes
+
+### "missing_scope" errors
+
+If the bot logs `missing_scope` errors:
+
+1. Go to **OAuth & Permissions** in your Slack app settings
+2. Add the missing scope listed in the error message
+3. **Reinstall the app** to your workspace — scope changes require reinstallation
+4. Copy the new Bot Token (it changes on reinstall) and update `.env`
+5. Sync: `mkdir -p data/env && cp .env data/env/env`
+6. Restart: `launchctl kickstart -k gui/$(id -u)/com.nanoclaw`
+
+### Getting channel ID
+
+If the channel ID is hard to find:
+
+- In Slack desktop: right-click channel → **Copy link** → extract the `C...` ID from the URL
+- In Slack web: the URL shows `https://app.slack.com/client/TXXXXXXX/C0123456789`
+- Via API: `curl -s -H "Authorization: Bearer $SLACK_BOT_TOKEN" "https://slack.com/api/conversations.list" | jq '.channels[] | {id, name}'`
+
+## After Setup
+
+The Slack channel supports:
+
+- **Public channels** — Bot must be added to the channel
+- **Private channels** — Bot must be invited to the channel
+- **Direct messages** — Users can DM the bot directly
+- **Multi-channel** — Can run alongside WhatsApp (default) or replace it (`SLACK_ONLY=true`)
+
+## Known Limitations
+
+- **Threads are flattened** — Threaded replies are delivered to the agent as regular channel messages. The agent sees them but has no awareness they originated in a thread. Responses always go to the channel, not back into the thread. Users in a thread will need to check the main channel for the bot's reply. Full thread-aware routing (respond in-thread) requires pipeline-wide changes: database schema, `NewMessage` type, `Channel.sendMessage` interface, and routing logic.
+- **No typing indicator** — Slack's Bot API does not expose a typing indicator endpoint. The `setTyping()` method is a no-op. Users won't see "bot is typing..." while the agent works.
+- **Message splitting is naive** — Long messages are split at a fixed 4000-character boundary, which may break mid-word or mid-sentence. A smarter split (on paragraph or sentence boundaries) would improve readability.
+- **No file/image handling** — The bot only processes text content. File uploads, images, and rich message blocks are not forwarded to the agent.
+- **Channel metadata sync is unbounded** — `syncChannelMetadata()` paginates through all channels the bot is a member of, but has no upper bound or timeout. Workspaces with thousands of channels may experience slow startup.
+- **Workspace admin policies not detected** — If the Slack workspace restricts bot app installation, the setup will fail at the "Install to Workspace" step with no programmatic detection or guidance. See SLACK_SETUP.md troubleshooting section.
diff --git a/.agent/skills/add-slack/SLACK_SETUP.md b/.agent/skills/add-slack/SLACK_SETUP.md
new file mode 100644
index 0000000..a410f92
--- /dev/null
+++ b/.agent/skills/add-slack/SLACK_SETUP.md
@@ -0,0 +1,156 @@
+# Slack App Setup for NanoClaw
+
+Step-by-step guide to creating and configuring a Slack app for use with NanoClaw.
+
+## Prerequisites
+
+- A Slack workspace where you have admin permissions (or permission to install apps)
+- Your NanoClaw instance with the `/add-slack` skill applied
+
+## Step 1: Create the Slack App
+
+1. Go to [api.slack.com/apps](https://api.slack.com/apps)
+2. Click **Create New App**
+3. Choose **From scratch**
+4. Enter an app name (e.g., your `ASSISTANT_NAME` value, or any name you like)
+5. Select the workspace you want to install it in
+6. Click **Create App**
+
+## Step 2: Enable Socket Mode
+
+Socket Mode lets the bot connect to Slack without needing a public URL. This is what makes it work from your local machine.
+
+1. In the sidebar, click **Socket Mode**
+2. Toggle **Enable Socket Mode** to **On**
+3. When prompted for a token name, enter something like `nanoclaw`
+4. Click **Generate**
+5. **Copy the App-Level Token** — it starts with `xapp-`. Save this somewhere safe; you'll need it later.
+
+## Step 3: Subscribe to Events
+
+This tells Slack which messages to forward to your bot.
+
+1. In the sidebar, click **Event Subscriptions**
+2. Toggle **Enable Events** to **On**
+3. Under **Subscribe to bot events**, click **Add Bot User Event** and add these three events:
+
+| Event              | What it does                                       |
+| ------------------ | -------------------------------------------------- |
+| `message.channels` | Receive messages in public channels the bot is in  |
+| `message.groups`   | Receive messages in private channels the bot is in |
+| `message.im`       | Receive direct messages to the bot                 |
+
+4. Click **Save Changes** at the bottom of the page
+
+## Step 4: Set Bot Permissions (OAuth Scopes)
+
+These scopes control what the bot is allowed to do.
+
+1. In the sidebar, click **OAuth & Permissions**
+2. Scroll down to **Scopes** > **Bot Token Scopes**
+3. Click **Add an OAuth Scope** and add each of these:
+
+| Scope              | Why it's needed                           |
+| ------------------ | ----------------------------------------- |
+| `chat:write`       | Send messages to channels and DMs         |
+| `channels:history` | Read messages in public channels          |
+| `groups:history`   | Read messages in private channels         |
+| `im:history`       | Read direct messages                      |
+| `channels:read`    | List channels (for metadata sync)         |
+| `groups:read`      | List private channels (for metadata sync) |
+| `users:read`       | Look up user display names                |
+
+## Step 5: Install to Workspace
+
+1. In the sidebar, click **Install App**
+2. Click **Install to Workspace**
+3. Review the permissions and click **Allow**
+4. **Copy the Bot User OAuth Token** — it starts with `xoxb-`. Save this somewhere safe.
+
+## Step 6: Configure NanoClaw
+
+Add both tokens to your `.env` file:
+
+```
+SLACK_BOT_TOKEN=xoxb-your-bot-token-here
+SLACK_APP_TOKEN=xapp-your-app-token-here
+```
+
+If you want Slack to replace WhatsApp entirely (no WhatsApp channel), also add:
+
+```
+SLACK_ONLY=true
+```
+
+Then sync the environment to the container:
+
+```bash
+mkdir -p data/env && cp .env data/env/env
+```
+
+## Step 7: Add the Bot to Channels
+
+The bot only receives messages from channels it has been explicitly added to.
+
+1. Open the Slack channel you want the bot to monitor
+2. Click the channel name at the top to open channel details
+3. Go to **Integrations** > **Add apps**
+4. Search for your bot name and add it
+
+Repeat for each channel you want the bot in.
+
+## Step 8: Get Channel IDs for Registration
+
+You need the Slack channel ID to register it with NanoClaw.
+
+**Option A — From the URL:**
+Open the channel in Slack on the web. The URL looks like:
+
+```
+https://app.slack.com/client/TXXXXXXX/C0123456789
+```
+
+The `C0123456789` part is the channel ID.
+
+**Option B — Right-click:**
+Right-click the channel name in Slack > **Copy link** > the channel ID is the last path segment.
+
+**Option C — Via API:**
+
+```bash
+curl -s -H "Authorization: Bearer $SLACK_BOT_TOKEN" \
+  "https://slack.com/api/conversations.list" | jq '.channels[] | {id, name}'
+```
+
+The NanoClaw JID format is `slack:` followed by the channel ID, e.g., `slack:C0123456789`.
+
+## Token Reference
+
+| Token                | Prefix  | Where to find it                                                           |
+| -------------------- | ------- | -------------------------------------------------------------------------- |
+| Bot User OAuth Token | `xoxb-` | **OAuth & Permissions** > **Bot User OAuth Token**                         |
+| App-Level Token      | `xapp-` | **Basic Information** > **App-Level Tokens** (or during Socket Mode setup) |
+
+## Troubleshooting
+
+**Bot not receiving messages:**
+
+- Verify Socket Mode is enabled (Step 2)
+- Verify all three events are subscribed (Step 3)
+- Verify the bot has been added to the channel (Step 7)
+
+**"missing_scope" errors:**
+
+- Go back to **OAuth & Permissions** and add the missing scope
+- After adding scopes, you must **reinstall the app** to your workspace (Slack will show a banner prompting you to do this)
+
+**Bot can't send messages:**
+
+- Verify the `chat:write` scope is added
+- Verify the bot has been added to the target channel
+
+**Token not working:**
+
+- Bot tokens start with `xoxb-` — if yours doesn't, you may have copied the wrong token
+- App tokens start with `xapp-` — these are generated in the Socket Mode or Basic Information pages
+- If you regenerated a token, update `.env` and re-sync: `cp .env data/env/env`
diff --git a/.agent/skills/add-slack/add/src/channels/slack.test.ts b/.agent/skills/add-slack/add/src/channels/slack.test.ts
new file mode 100644
index 0000000..4c841d1
--- /dev/null
+++ b/.agent/skills/add-slack/add/src/channels/slack.test.ts
@@ -0,0 +1,848 @@
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+
+// --- Mocks ---
+
+// Mock config
+vi.mock('../config.js', () => ({
+  ASSISTANT_NAME: 'Jonesy',
+  TRIGGER_PATTERN: /^@Jonesy\b/i,
+}));
+
+// Mock logger
+vi.mock('../logger.js', () => ({
+  logger: {
+    debug: vi.fn(),
+    info: vi.fn(),
+    warn: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+
+// Mock db
+vi.mock('../db.js', () => ({
+  updateChatName: vi.fn(),
+}));
+
+// --- @slack/bolt mock ---
+
+type Handler = (...args: any[]) => any;
+
+const appRef = vi.hoisted(() => ({ current: null as any }));
+
+vi.mock('@slack/bolt', () => ({
+  App: class MockApp {
+    eventHandlers = new Map<string, Handler>();
+    token: string;
+    appToken: string;
+
+    client = {
+      auth: {
+        test: vi.fn().mockResolvedValue({ user_id: 'U_BOT_123' }),
+      },
+      chat: {
+        postMessage: vi.fn().mockResolvedValue(undefined),
+      },
+      conversations: {
+        list: vi.fn().mockResolvedValue({
+          channels: [],
+          response_metadata: {},
+        }),
+      },
+      users: {
+        info: vi.fn().mockResolvedValue({
+          user: { real_name: 'Alice Smith', name: 'alice' },
+        }),
+      },
+    };
+
+    constructor(opts: any) {
+      this.token = opts.token;
+      this.appToken = opts.appToken;
+      appRef.current = this;
+    }
+
+    event(name: string, handler: Handler) {
+      this.eventHandlers.set(name, handler);
+    }
+
+    async start() {}
+    async stop() {}
+  },
+  LogLevel: { ERROR: 'error' },
+}));
+
+// Mock env
+vi.mock('../env.js', () => ({
+  readEnvFile: vi.fn().mockReturnValue({
+    SLACK_BOT_TOKEN: 'xoxb-test-token',
+    SLACK_APP_TOKEN: 'xapp-test-token',
+  }),
+}));
+
+import { SlackChannel, SlackChannelOpts } from './slack.js';
+import { updateChatName } from '../db.js';
+import { readEnvFile } from '../env.js';
+
+// --- Test helpers ---
+
+function createTestOpts(
+  overrides?: Partial<SlackChannelOpts>,
+): SlackChannelOpts {
+  return {
+    onMessage: vi.fn(),
+    onChatMetadata: vi.fn(),
+    registeredGroups: vi.fn(() => ({
+      'slack:C0123456789': {
+        name: 'Test Channel',
+        folder: 'test-channel',
+        trigger: '@Jonesy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    })),
+    ...overrides,
+  };
+}
+
+function createMessageEvent(overrides: {
+  channel?: string;
+  channelType?: string;
+  user?: string;
+  text?: string;
+  ts?: string;
+  threadTs?: string;
+  subtype?: string;
+  botId?: string;
+}) {
+  return {
+    channel: overrides.channel ?? 'C0123456789',
+    channel_type: overrides.channelType ?? 'channel',
+    user: overrides.user ?? 'U_USER_456',
+    text: 'text' in overrides ? overrides.text : 'Hello everyone',
+    ts: overrides.ts ?? '1704067200.000000',
+    thread_ts: overrides.threadTs,
+    subtype: overrides.subtype,
+    bot_id: overrides.botId,
+  };
+}
+
+function currentApp() {
+  return appRef.current;
+}
+
+async function triggerMessageEvent(event: ReturnType<typeof createMessageEvent>) {
+  const handler = currentApp().eventHandlers.get('message');
+  if (handler) await handler({ event });
+}
+
+// --- Tests ---
+
+describe('SlackChannel', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  // --- Connection lifecycle ---
+
+  describe('connection lifecycle', () => {
+    it('resolves connect() when app starts', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      await channel.connect();
+
+      expect(channel.isConnected()).toBe(true);
+    });
+
+    it('registers message event handler on construction', () => {
+      const opts = createTestOpts();
+      new SlackChannel(opts);
+
+      expect(currentApp().eventHandlers.has('message')).toBe(true);
+    });
+
+    it('gets bot user ID on connect', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      await channel.connect();
+
+      expect(currentApp().client.auth.test).toHaveBeenCalled();
+    });
+
+    it('disconnects cleanly', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      await channel.connect();
+      expect(channel.isConnected()).toBe(true);
+
+      await channel.disconnect();
+      expect(channel.isConnected()).toBe(false);
+    });
+
+    it('isConnected() returns false before connect', () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      expect(channel.isConnected()).toBe(false);
+    });
+  });
+
+  // --- Message handling ---
+
+  describe('message handling', () => {
+    it('delivers message for registered channel', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ text: 'Hello everyone' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.any(String),
+        undefined,
+        'slack',
+        true,
+      );
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          id: '1704067200.000000',
+          chat_jid: 'slack:C0123456789',
+          sender: 'U_USER_456',
+          content: 'Hello everyone',
+          is_from_me: false,
+        }),
+      );
+    });
+
+    it('only emits metadata for unregistered channels', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ channel: 'C9999999999' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'slack:C9999999999',
+        expect.any(String),
+        undefined,
+        'slack',
+        true,
+      );
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('skips non-text subtypes (channel_join, etc.)', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ subtype: 'channel_join' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+      expect(opts.onChatMetadata).not.toHaveBeenCalled();
+    });
+
+    it('allows bot_message subtype through', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        subtype: 'bot_message',
+        botId: 'B_OTHER_BOT',
+        text: 'Bot message',
+      });
+      await triggerMessageEvent(event);
+
+      expect(opts.onChatMetadata).toHaveBeenCalled();
+    });
+
+    it('skips messages with no text', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ text: undefined as any });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('detects bot messages by bot_id', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        subtype: 'bot_message',
+        botId: 'B_MY_BOT',
+        text: 'Bot response',
+      });
+      await triggerMessageEvent(event);
+
+      // Has bot_id so should be marked as bot message
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          is_from_me: true,
+          is_bot_message: true,
+          sender_name: 'Jonesy',
+        }),
+      );
+    });
+
+    it('detects bot messages by matching bot user ID', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ user: 'U_BOT_123', text: 'Self message' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          is_from_me: true,
+          is_bot_message: true,
+        }),
+      );
+    });
+
+    it('identifies IM channel type as non-group', async () => {
+      const opts = createTestOpts({
+        registeredGroups: vi.fn(() => ({
+          'slack:D0123456789': {
+            name: 'DM',
+            folder: 'dm',
+            trigger: '@Jonesy',
+            added_at: '2024-01-01T00:00:00.000Z',
+          },
+        })),
+      });
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        channel: 'D0123456789',
+        channelType: 'im',
+      });
+      await triggerMessageEvent(event);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'slack:D0123456789',
+        expect.any(String),
+        undefined,
+        'slack',
+        false, // IM is not a group
+      );
+    });
+
+    it('converts ts to ISO timestamp', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ ts: '1704067200.000000' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          timestamp: '2024-01-01T00:00:00.000Z',
+        }),
+      );
+    });
+
+    it('resolves user name from Slack API', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ user: 'U_USER_456', text: 'Hello' });
+      await triggerMessageEvent(event);
+
+      expect(currentApp().client.users.info).toHaveBeenCalledWith({
+        user: 'U_USER_456',
+      });
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          sender_name: 'Alice Smith',
+        }),
+      );
+    });
+
+    it('caches user names to avoid repeated API calls', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      // First message — API call
+      await triggerMessageEvent(createMessageEvent({ user: 'U_USER_456', text: 'First' }));
+      // Second message — should use cache
+      await triggerMessageEvent(createMessageEvent({
+        user: 'U_USER_456',
+        text: 'Second',
+        ts: '1704067201.000000',
+      }));
+
+      expect(currentApp().client.users.info).toHaveBeenCalledTimes(1);
+    });
+
+    it('falls back to user ID when API fails', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      currentApp().client.users.info.mockRejectedValueOnce(new Error('API error'));
+
+      const event = createMessageEvent({ user: 'U_UNKNOWN', text: 'Hi' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          sender_name: 'U_UNKNOWN',
+        }),
+      );
+    });
+
+    it('flattens threaded replies into channel messages', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        ts: '1704067201.000000',
+        threadTs: '1704067200.000000', // parent message ts — this is a reply
+        text: 'Thread reply',
+      });
+      await triggerMessageEvent(event);
+
+      // Threaded replies are delivered as regular channel messages
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: 'Thread reply',
+        }),
+      );
+    });
+
+    it('delivers thread parent messages normally', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        ts: '1704067200.000000',
+        threadTs: '1704067200.000000', // same as ts — this IS the parent
+        text: 'Thread parent',
+      });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: 'Thread parent',
+        }),
+      );
+    });
+
+    it('delivers messages without thread_ts normally', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({ text: 'Normal message' });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalled();
+    });
+  });
+
+  // --- @mention translation ---
+
+  describe('@mention translation', () => {
+    it('prepends trigger when bot is @mentioned via Slack format', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect(); // sets botUserId to 'U_BOT_123'
+
+      const event = createMessageEvent({
+        text: 'Hey <@U_BOT_123> what do you think?',
+        user: 'U_USER_456',
+      });
+      await triggerMessageEvent(event);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: '@Jonesy Hey <@U_BOT_123> what do you think?',
+        }),
+      );
+    });
+
+    it('does not prepend trigger when trigger pattern already matches', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        text: '@Jonesy <@U_BOT_123> hello',
+        user: 'U_USER_456',
+      });
+      await triggerMessageEvent(event);
+
+      // Content should be unchanged since it already matches TRIGGER_PATTERN
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: '@Jonesy <@U_BOT_123> hello',
+        }),
+      );
+    });
+
+    it('does not translate mentions in bot messages', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        text: 'Echo: <@U_BOT_123>',
+        subtype: 'bot_message',
+        botId: 'B_MY_BOT',
+      });
+      await triggerMessageEvent(event);
+
+      // Bot messages skip mention translation
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: 'Echo: <@U_BOT_123>',
+        }),
+      );
+    });
+
+    it('does not translate mentions for other users', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const event = createMessageEvent({
+        text: 'Hey <@U_OTHER_USER> look at this',
+        user: 'U_USER_456',
+      });
+      await triggerMessageEvent(event);
+
+      // Mention is for a different user, not the bot
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'slack:C0123456789',
+        expect.objectContaining({
+          content: 'Hey <@U_OTHER_USER> look at this',
+        }),
+      );
+    });
+  });
+
+  // --- sendMessage ---
+
+  describe('sendMessage', () => {
+    it('sends message via Slack client', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      await channel.sendMessage('slack:C0123456789', 'Hello');
+
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledWith({
+        channel: 'C0123456789',
+        text: 'Hello',
+      });
+    });
+
+    it('strips slack: prefix from JID', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      await channel.sendMessage('slack:D9876543210', 'DM message');
+
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledWith({
+        channel: 'D9876543210',
+        text: 'DM message',
+      });
+    });
+
+    it('queues message when disconnected', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      // Don't connect — should queue
+      await channel.sendMessage('slack:C0123456789', 'Queued message');
+
+      expect(currentApp().client.chat.postMessage).not.toHaveBeenCalled();
+    });
+
+    it('queues message on send failure', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      currentApp().client.chat.postMessage.mockRejectedValueOnce(
+        new Error('Network error'),
+      );
+
+      // Should not throw
+      await expect(
+        channel.sendMessage('slack:C0123456789', 'Will fail'),
+      ).resolves.toBeUndefined();
+    });
+
+    it('splits long messages at 4000 character boundary', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      // Create a message longer than 4000 chars
+      const longText = 'A'.repeat(4500);
+      await channel.sendMessage('slack:C0123456789', longText);
+
+      // Should be split into 2 messages: 4000 + 500
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledTimes(2);
+      expect(currentApp().client.chat.postMessage).toHaveBeenNthCalledWith(1, {
+        channel: 'C0123456789',
+        text: 'A'.repeat(4000),
+      });
+      expect(currentApp().client.chat.postMessage).toHaveBeenNthCalledWith(2, {
+        channel: 'C0123456789',
+        text: 'A'.repeat(500),
+      });
+    });
+
+    it('sends exactly-4000-char messages as a single message', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const text = 'B'.repeat(4000);
+      await channel.sendMessage('slack:C0123456789', text);
+
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledTimes(1);
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledWith({
+        channel: 'C0123456789',
+        text,
+      });
+    });
+
+    it('splits messages into 3 parts when over 8000 chars', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+      await channel.connect();
+
+      const longText = 'C'.repeat(8500);
+      await channel.sendMessage('slack:C0123456789', longText);
+
+      // 4000 + 4000 + 500 = 3 messages
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledTimes(3);
+    });
+
+    it('flushes queued messages on connect', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      // Queue messages while disconnected
+      await channel.sendMessage('slack:C0123456789', 'First queued');
+      await channel.sendMessage('slack:C0123456789', 'Second queued');
+
+      expect(currentApp().client.chat.postMessage).not.toHaveBeenCalled();
+
+      // Connect triggers flush
+      await channel.connect();
+
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledWith({
+        channel: 'C0123456789',
+        text: 'First queued',
+      });
+      expect(currentApp().client.chat.postMessage).toHaveBeenCalledWith({
+        channel: 'C0123456789',
+        text: 'Second queued',
+      });
+    });
+  });
+
+  // --- ownsJid ---
+
+  describe('ownsJid', () => {
+    it('owns slack: JIDs', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('slack:C0123456789')).toBe(true);
+    });
+
+    it('owns slack: DM JIDs', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('slack:D0123456789')).toBe(true);
+    });
+
+    it('does not own WhatsApp group JIDs', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('12345@g.us')).toBe(false);
+    });
+
+    it('does not own WhatsApp DM JIDs', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('12345@s.whatsapp.net')).toBe(false);
+    });
+
+    it('does not own Telegram JIDs', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('tg:123456')).toBe(false);
+    });
+
+    it('does not own unknown JID formats', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.ownsJid('random-string')).toBe(false);
+    });
+  });
+
+  // --- syncChannelMetadata ---
+
+  describe('syncChannelMetadata', () => {
+    it('calls conversations.list and updates chat names', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      currentApp().client.conversations.list.mockResolvedValue({
+        channels: [
+          { id: 'C001', name: 'general', is_member: true },
+          { id: 'C002', name: 'random', is_member: true },
+          { id: 'C003', name: 'external', is_member: false },
+        ],
+        response_metadata: {},
+      });
+
+      await channel.connect();
+
+      // connect() calls syncChannelMetadata internally
+      expect(updateChatName).toHaveBeenCalledWith('slack:C001', 'general');
+      expect(updateChatName).toHaveBeenCalledWith('slack:C002', 'random');
+      // Non-member channels are skipped
+      expect(updateChatName).not.toHaveBeenCalledWith('slack:C003', 'external');
+    });
+
+    it('handles API errors gracefully', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      currentApp().client.conversations.list.mockRejectedValue(
+        new Error('API error'),
+      );
+
+      // Should not throw
+      await expect(channel.connect()).resolves.toBeUndefined();
+    });
+  });
+
+  // --- setTyping ---
+
+  describe('setTyping', () => {
+    it('resolves without error (no-op)', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      // Should not throw — Slack has no bot typing indicator API
+      await expect(
+        channel.setTyping('slack:C0123456789', true),
+      ).resolves.toBeUndefined();
+    });
+
+    it('accepts false without error', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      await expect(
+        channel.setTyping('slack:C0123456789', false),
+      ).resolves.toBeUndefined();
+    });
+  });
+
+  // --- Constructor error handling ---
+
+  describe('constructor', () => {
+    it('throws when SLACK_BOT_TOKEN is missing', () => {
+      vi.mocked(readEnvFile).mockReturnValueOnce({
+        SLACK_BOT_TOKEN: '',
+        SLACK_APP_TOKEN: 'xapp-test-token',
+      });
+
+      expect(() => new SlackChannel(createTestOpts())).toThrow(
+        'SLACK_BOT_TOKEN and SLACK_APP_TOKEN must be set in .env',
+      );
+    });
+
+    it('throws when SLACK_APP_TOKEN is missing', () => {
+      vi.mocked(readEnvFile).mockReturnValueOnce({
+        SLACK_BOT_TOKEN: 'xoxb-test-token',
+        SLACK_APP_TOKEN: '',
+      });
+
+      expect(() => new SlackChannel(createTestOpts())).toThrow(
+        'SLACK_BOT_TOKEN and SLACK_APP_TOKEN must be set in .env',
+      );
+    });
+  });
+
+  // --- syncChannelMetadata pagination ---
+
+  describe('syncChannelMetadata pagination', () => {
+    it('paginates through multiple pages of channels', async () => {
+      const opts = createTestOpts();
+      const channel = new SlackChannel(opts);
+
+      // First page returns a cursor; second page returns no cursor
+      currentApp().client.conversations.list
+        .mockResolvedValueOnce({
+          channels: [
+            { id: 'C001', name: 'general', is_member: true },
+          ],
+          response_metadata: { next_cursor: 'cursor_page2' },
+        })
+        .mockResolvedValueOnce({
+          channels: [
+            { id: 'C002', name: 'random', is_member: true },
+          ],
+          response_metadata: {},
+        });
+
+      await channel.connect();
+
+      // Should have called conversations.list twice (once per page)
+      expect(currentApp().client.conversations.list).toHaveBeenCalledTimes(2);
+      expect(currentApp().client.conversations.list).toHaveBeenNthCalledWith(2,
+        expect.objectContaining({ cursor: 'cursor_page2' }),
+      );
+
+      // Both channels from both pages stored
+      expect(updateChatName).toHaveBeenCalledWith('slack:C001', 'general');
+      expect(updateChatName).toHaveBeenCalledWith('slack:C002', 'random');
+    });
+  });
+
+  // --- Channel properties ---
+
+  describe('channel properties', () => {
+    it('has name "slack"', () => {
+      const channel = new SlackChannel(createTestOpts());
+      expect(channel.name).toBe('slack');
+    });
+  });
+});
diff --git a/.agent/skills/add-slack/add/src/channels/slack.ts b/.agent/skills/add-slack/add/src/channels/slack.ts
new file mode 100644
index 0000000..81cc1ac
--- /dev/null
+++ b/.agent/skills/add-slack/add/src/channels/slack.ts
@@ -0,0 +1,290 @@
+import { App, LogLevel } from '@slack/bolt';
+import type { GenericMessageEvent, BotMessageEvent } from '@slack/types';
+
+import { ASSISTANT_NAME, TRIGGER_PATTERN } from '../config.js';
+import { updateChatName } from '../db.js';
+import { readEnvFile } from '../env.js';
+import { logger } from '../logger.js';
+import {
+  Channel,
+  OnInboundMessage,
+  OnChatMetadata,
+  RegisteredGroup,
+} from '../types.js';
+
+// Slack's chat.postMessage API limits text to ~4000 characters per call.
+// Messages exceeding this are split into sequential chunks.
+const MAX_MESSAGE_LENGTH = 4000;
+
+// The message subtypes we process. Bolt delivers all subtypes via app.event('message');
+// we filter to regular messages (GenericMessageEvent, subtype undefined) and bot messages
+// (BotMessageEvent, subtype 'bot_message') so we can track our own output.
+type HandledMessageEvent = GenericMessageEvent | BotMessageEvent;
+
+export interface SlackChannelOpts {
+  onMessage: OnInboundMessage;
+  onChatMetadata: OnChatMetadata;
+  registeredGroups: () => Record<string, RegisteredGroup>;
+}
+
+export class SlackChannel implements Channel {
+  name = 'slack';
+
+  private app: App;
+  private botUserId: string | undefined;
+  private connected = false;
+  private outgoingQueue: Array<{ jid: string; text: string }> = [];
+  private flushing = false;
+  private userNameCache = new Map<string, string>();
+
+  private opts: SlackChannelOpts;
+
+  constructor(opts: SlackChannelOpts) {
+    this.opts = opts;
+
+    // Read tokens from .env (not process.env — keeps secrets off the environment
+    // so they don't leak to child processes, matching NanoClaw's security pattern)
+    const env = readEnvFile(['SLACK_BOT_TOKEN', 'SLACK_APP_TOKEN']);
+    const botToken = env.SLACK_BOT_TOKEN;
+    const appToken = env.SLACK_APP_TOKEN;
+
+    if (!botToken || !appToken) {
+      throw new Error(
+        'SLACK_BOT_TOKEN and SLACK_APP_TOKEN must be set in .env',
+      );
+    }
+
+    this.app = new App({
+      token: botToken,
+      appToken,
+      socketMode: true,
+      logLevel: LogLevel.ERROR,
+    });
+
+    this.setupEventHandlers();
+  }
+
+  private setupEventHandlers(): void {
+    // Use app.event('message') instead of app.message() to capture all
+    // message subtypes including bot_message (needed to track our own output)
+    this.app.event('message', async ({ event }) => {
+      // Bolt's event type is the full MessageEvent union (17+ subtypes).
+      // We filter on subtype first, then narrow to the two types we handle.
+      const subtype = (event as { subtype?: string }).subtype;
+      if (subtype && subtype !== 'bot_message') return;
+
+      // After filtering, event is either GenericMessageEvent or BotMessageEvent
+      const msg = event as HandledMessageEvent;
+
+      if (!msg.text) return;
+
+      // Threaded replies are flattened into the channel conversation.
+      // The agent sees them alongside channel-level messages; responses
+      // always go to the channel, not back into the thread.
+
+      const jid = `slack:${msg.channel}`;
+      const timestamp = new Date(parseFloat(msg.ts) * 1000).toISOString();
+      const isGroup = msg.channel_type !== 'im';
+
+      // Always report metadata for group discovery
+      this.opts.onChatMetadata(jid, timestamp, undefined, 'slack', isGroup);
+
+      // Only deliver full messages for registered groups
+      const groups = this.opts.registeredGroups();
+      if (!groups[jid]) return;
+
+      const isBotMessage =
+        !!msg.bot_id || msg.user === this.botUserId;
+
+      let senderName: string;
+      if (isBotMessage) {
+        senderName = ASSISTANT_NAME;
+      } else {
+        senderName =
+          (await this.resolveUserName(msg.user)) ||
+          msg.user ||
+          'unknown';
+      }
+
+      // Translate Slack <@UBOTID> mentions into TRIGGER_PATTERN format.
+      // Slack encodes @mentions as <@U12345>, which won't match TRIGGER_PATTERN
+      // (e.g., ^@<ASSISTANT_NAME>\b), so we prepend the trigger when the bot is @mentioned.
+      let content = msg.text;
+      if (this.botUserId && !isBotMessage) {
+        const mentionPattern = `<@${this.botUserId}>`;
+        if (content.includes(mentionPattern) && !TRIGGER_PATTERN.test(content)) {
+          content = `@${ASSISTANT_NAME} ${content}`;
+        }
+      }
+
+      this.opts.onMessage(jid, {
+        id: msg.ts,
+        chat_jid: jid,
+        sender: msg.user || msg.bot_id || '',
+        sender_name: senderName,
+        content,
+        timestamp,
+        is_from_me: isBotMessage,
+        is_bot_message: isBotMessage,
+      });
+    });
+  }
+
+  async connect(): Promise<void> {
+    await this.app.start();
+
+    // Get bot's own user ID for self-message detection.
+    // Resolve this BEFORE setting connected=true so that messages arriving
+    // during startup can correctly detect bot-sent messages.
+    try {
+      const auth = await this.app.client.auth.test();
+      this.botUserId = auth.user_id as string;
+      logger.info({ botUserId: this.botUserId }, 'Connected to Slack');
+    } catch (err) {
+      logger.warn(
+        { err },
+        'Connected to Slack but failed to get bot user ID',
+      );
+    }
+
+    this.connected = true;
+
+    // Flush any messages queued before connection
+    await this.flushOutgoingQueue();
+
+    // Sync channel names on startup
+    await this.syncChannelMetadata();
+  }
+
+  async sendMessage(jid: string, text: string): Promise<void> {
+    const channelId = jid.replace(/^slack:/, '');
+
+    if (!this.connected) {
+      this.outgoingQueue.push({ jid, text });
+      logger.info(
+        { jid, queueSize: this.outgoingQueue.length },
+        'Slack disconnected, message queued',
+      );
+      return;
+    }
+
+    try {
+      // Slack limits messages to ~4000 characters; split if needed
+      if (text.length <= MAX_MESSAGE_LENGTH) {
+        await this.app.client.chat.postMessage({ channel: channelId, text });
+      } else {
+        for (let i = 0; i < text.length; i += MAX_MESSAGE_LENGTH) {
+          await this.app.client.chat.postMessage({
+            channel: channelId,
+            text: text.slice(i, i + MAX_MESSAGE_LENGTH),
+          });
+        }
+      }
+      logger.info({ jid, length: text.length }, 'Slack message sent');
+    } catch (err) {
+      this.outgoingQueue.push({ jid, text });
+      logger.warn(
+        { jid, err, queueSize: this.outgoingQueue.length },
+        'Failed to send Slack message, queued',
+      );
+    }
+  }
+
+  isConnected(): boolean {
+    return this.connected;
+  }
+
+  ownsJid(jid: string): boolean {
+    return jid.startsWith('slack:');
+  }
+
+  async disconnect(): Promise<void> {
+    this.connected = false;
+    await this.app.stop();
+  }
+
+  // Slack does not expose a typing indicator API for bots.
+  // This no-op satisfies the Channel interface so the orchestrator
+  // doesn't need channel-specific branching.
+  async setTyping(_jid: string, _isTyping: boolean): Promise<void> {
+    // no-op: Slack Bot API has no typing indicator endpoint
+  }
+
+  /**
+   * Sync channel metadata from Slack.
+   * Fetches channels the bot is a member of and stores their names in the DB.
+   */
+  async syncChannelMetadata(): Promise<void> {
+    try {
+      logger.info('Syncing channel metadata from Slack...');
+      let cursor: string | undefined;
+      let count = 0;
+
+      do {
+        const result = await this.app.client.conversations.list({
+          types: 'public_channel,private_channel',
+          exclude_archived: true,
+          limit: 200,
+          cursor,
+        });
+
+        for (const ch of result.channels || []) {
+          if (ch.id && ch.name && ch.is_member) {
+            updateChatName(`slack:${ch.id}`, ch.name);
+            count++;
+          }
+        }
+
+        cursor = result.response_metadata?.next_cursor || undefined;
+      } while (cursor);
+
+      logger.info({ count }, 'Slack channel metadata synced');
+    } catch (err) {
+      logger.error({ err }, 'Failed to sync Slack channel metadata');
+    }
+  }
+
+  private async resolveUserName(
+    userId: string,
+  ): Promise<string | undefined> {
+    if (!userId) return undefined;
+
+    const cached = this.userNameCache.get(userId);
+    if (cached) return cached;
+
+    try {
+      const result = await this.app.client.users.info({ user: userId });
+      const name = result.user?.real_name || result.user?.name;
+      if (name) this.userNameCache.set(userId, name);
+      return name;
+    } catch (err) {
+      logger.debug({ userId, err }, 'Failed to resolve Slack user name');
+      return undefined;
+    }
+  }
+
+  private async flushOutgoingQueue(): Promise<void> {
+    if (this.flushing || this.outgoingQueue.length === 0) return;
+    this.flushing = true;
+    try {
+      logger.info(
+        { count: this.outgoingQueue.length },
+        'Flushing Slack outgoing queue',
+      );
+      while (this.outgoingQueue.length > 0) {
+        const item = this.outgoingQueue.shift()!;
+        const channelId = item.jid.replace(/^slack:/, '');
+        await this.app.client.chat.postMessage({
+          channel: channelId,
+          text: item.text,
+        });
+        logger.info(
+          { jid: item.jid, length: item.text.length },
+          'Queued Slack message sent',
+        );
+      }
+    } finally {
+      this.flushing = false;
+    }
+  }
+}
diff --git a/.agent/skills/add-slack/manifest.yaml b/.agent/skills/add-slack/manifest.yaml
new file mode 100644
index 0000000..8320bb3
--- /dev/null
+++ b/.agent/skills/add-slack/manifest.yaml
@@ -0,0 +1,21 @@
+skill: slack
+version: 1.0.0
+description: "Slack Bot integration via @slack/bolt with Socket Mode"
+core_version: 0.1.0
+adds:
+  - src/channels/slack.ts
+  - src/channels/slack.test.ts
+modifies:
+  - src/index.ts
+  - src/config.ts
+  - src/routing.test.ts
+structured:
+  npm_dependencies:
+    "@slack/bolt": "^4.6.0"
+  env_additions:
+    - SLACK_BOT_TOKEN
+    - SLACK_APP_TOKEN
+    - SLACK_ONLY
+conflicts: []
+depends: []
+test: "npx vitest run src/channels/slack.test.ts"
diff --git a/.agent/skills/add-slack/modify/src/config.ts b/.agent/skills/add-slack/modify/src/config.ts
new file mode 100644
index 0000000..257adcb
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/config.ts
@@ -0,0 +1,75 @@
+import path from 'path';
+
+import { readEnvFile } from './env.js';
+
+// Read config values from .env (falls back to process.env).
+// Secrets are NOT read here — they stay on disk and are loaded only
+// where needed (container-runner.ts) to avoid leaking to child processes.
+const envConfig = readEnvFile([
+  'ASSISTANT_NAME',
+  'ASSISTANT_HAS_OWN_NUMBER',
+  'SLACK_ONLY',
+]);
+
+export const ASSISTANT_NAME =
+  process.env.ASSISTANT_NAME || envConfig.ASSISTANT_NAME || 'Andy';
+export const ASSISTANT_HAS_OWN_NUMBER =
+  (process.env.ASSISTANT_HAS_OWN_NUMBER || envConfig.ASSISTANT_HAS_OWN_NUMBER) === 'true';
+export const POLL_INTERVAL = 2000;
+export const SCHEDULER_POLL_INTERVAL = 60000;
+
+// Absolute paths needed for container mounts
+const PROJECT_ROOT = process.cwd();
+const HOME_DIR = process.env.HOME || '/Users/user';
+
+// Mount security: allowlist stored OUTSIDE project root, never mounted into containers
+export const MOUNT_ALLOWLIST_PATH = path.join(
+  HOME_DIR,
+  '.config',
+  (process.env.AGENT_NAME || 'clawdie') + '-cp',
+  'mount-allowlist.json',
+);
+export const STORE_DIR = path.resolve(PROJECT_ROOT, 'store');
+export const GROUPS_DIR = path.resolve(PROJECT_ROOT, 'groups');
+export const DATA_DIR = path.resolve(PROJECT_ROOT, 'data');
+export const MAIN_GROUP_FOLDER = 'main';
+
+export const CONTAINER_IMAGE =
+  process.env.CONTAINER_IMAGE || (process.env.AGENT_NAME || 'clawdie') + '-cp-agent:latest';
+export const CONTAINER_TIMEOUT = parseInt(
+  process.env.CONTAINER_TIMEOUT || '1800000',
+  10,
+);
+export const CONTAINER_MAX_OUTPUT_SIZE = parseInt(
+  process.env.CONTAINER_MAX_OUTPUT_SIZE || '10485760',
+  10,
+); // 10MB default
+export const IPC_POLL_INTERVAL = 1000;
+export const IDLE_TIMEOUT = parseInt(
+  process.env.IDLE_TIMEOUT || '1800000',
+  10,
+); // 30min default — how long to keep container alive after last result
+export const MAX_CONCURRENT_CONTAINERS = Math.max(
+  1,
+  parseInt(process.env.MAX_CONCURRENT_CONTAINERS || '5', 10) || 5,
+);
+
+function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+export const TRIGGER_PATTERN = new RegExp(
+  `^@${escapeRegex(ASSISTANT_NAME)}\\b`,
+  'i',
+);
+
+// Timezone for scheduled tasks (cron expressions, etc.)
+// Uses system timezone by default
+export const TIMEZONE =
+  process.env.TZ || Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+// Slack configuration
+// SLACK_BOT_TOKEN and SLACK_APP_TOKEN are read directly by SlackChannel
+// from .env via readEnvFile() to keep secrets off process.env.
+export const SLACK_ONLY =
+  (process.env.SLACK_ONLY || envConfig.SLACK_ONLY) === 'true';
diff --git a/.agent/skills/add-slack/modify/src/config.ts.intent.md b/.agent/skills/add-slack/modify/src/config.ts.intent.md
new file mode 100644
index 0000000..e92c690
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/config.ts.intent.md
@@ -0,0 +1,25 @@
+# Intent: src/config.ts modifications
+
+## What changed
+
+Added SLACK_ONLY configuration export for Slack channel support.
+
+## Key sections
+
+- **readEnvFile call**: Must include `SLACK_ONLY` in the keys array. NanoClaw does NOT load `.env` into `process.env` — all `.env` values must be explicitly requested via `readEnvFile()`.
+- **SLACK_ONLY**: Boolean flag from `process.env` or `envConfig`, when `true` disables WhatsApp channel creation
+- **Note**: SLACK_BOT_TOKEN and SLACK_APP_TOKEN are NOT read here. They are read directly by SlackChannel via `readEnvFile()` in `slack.ts` to keep secrets off the config module entirely (same pattern as ANTHROPIC_API_KEY in container-runner.ts).
+
+## Invariants
+
+- All existing config exports remain unchanged
+- New Slack key is added to the `readEnvFile` call alongside existing keys
+- New export is appended at the end of the file
+- No existing behavior is modified — Slack config is additive only
+- Both `process.env` and `envConfig` are checked (same pattern as `ASSISTANT_NAME`)
+
+## Must-keep
+
+- All existing exports (`ASSISTANT_NAME`, `POLL_INTERVAL`, `TRIGGER_PATTERN`, etc.)
+- The `readEnvFile` pattern — ALL config read from `.env` must go through this function
+- The `escapeRegex` helper and `TRIGGER_PATTERN` construction
diff --git a/.agent/skills/add-slack/modify/src/index.ts b/.agent/skills/add-slack/modify/src/index.ts
new file mode 100644
index 0000000..50212e1
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/index.ts
@@ -0,0 +1,498 @@
+import fs from 'fs';
+import path from 'path';
+
+import {
+  ASSISTANT_NAME,
+  DATA_DIR,
+  IDLE_TIMEOUT,
+  MAIN_GROUP_FOLDER,
+  POLL_INTERVAL,
+  SLACK_ONLY,
+  TRIGGER_PATTERN,
+} from './config.js';
+import { WhatsAppChannel } from './channels/whatsapp.js';
+import { SlackChannel } from './channels/slack.js';
+import {
+  ContainerOutput,
+  runContainerAgent,
+  writeGroupsSnapshot,
+  writeTasksSnapshot,
+} from './container-runner.js';
+import { cleanupOrphans, ensureContainerRuntimeRunning } from './container-runtime.js';
+import {
+  getAllChats,
+  getAllRegisteredGroups,
+  getAllSessions,
+  getAllTasks,
+  getMessagesSince,
+  getNewMessages,
+  getRouterState,
+  initDatabase,
+  setRegisteredGroup,
+  setRouterState,
+  setSession,
+  storeChatMetadata,
+  storeMessage,
+} from './db.js';
+import { GroupQueue } from './group-queue.js';
+import { startIpcWatcher } from './ipc.js';
+import { findChannel, formatMessages, formatOutbound } from './router.js';
+import { startSchedulerLoop } from './task-scheduler.js';
+import { Channel, NewMessage, RegisteredGroup } from './types.js';
+import { logger } from './logger.js';
+import { readEnvFile } from './env.js';
+
+// Re-export for backwards compatibility during refactor
+export { escapeXml, formatMessages } from './router.js';
+
+let lastTimestamp = '';
+let sessions: Record<string, string> = {};
+let registeredGroups: Record<string, RegisteredGroup> = {};
+let lastAgentTimestamp: Record<string, string> = {};
+let messageLoopRunning = false;
+
+let whatsapp: WhatsAppChannel;
+let slack: SlackChannel | undefined;
+const channels: Channel[] = [];
+const queue = new GroupQueue();
+
+function loadState(): void {
+  lastTimestamp = getRouterState('last_timestamp') || '';
+  const agentTs = getRouterState('last_agent_timestamp');
+  try {
+    lastAgentTimestamp = agentTs ? JSON.parse(agentTs) : {};
+  } catch {
+    logger.warn('Corrupted last_agent_timestamp in DB, resetting');
+    lastAgentTimestamp = {};
+  }
+  sessions = getAllSessions();
+  registeredGroups = getAllRegisteredGroups();
+  logger.info(
+    { groupCount: Object.keys(registeredGroups).length },
+    'State loaded',
+  );
+}
+
+function saveState(): void {
+  setRouterState('last_timestamp', lastTimestamp);
+  setRouterState(
+    'last_agent_timestamp',
+    JSON.stringify(lastAgentTimestamp),
+  );
+}
+
+function registerGroup(jid: string, group: RegisteredGroup): void {
+  registeredGroups[jid] = group;
+  setRegisteredGroup(jid, group);
+
+  // Create group folder
+  const groupDir = path.join(DATA_DIR, '..', 'groups', group.folder);
+  fs.mkdirSync(path.join(groupDir, 'logs'), { recursive: true });
+
+  logger.info(
+    { jid, name: group.name, folder: group.folder },
+    'Group registered',
+  );
+}
+
+/**
+ * Get available groups list for the agent.
+ * Returns groups ordered by most recent activity.
+ */
+export function getAvailableGroups(): import('./container-runner.js').AvailableGroup[] {
+  const chats = getAllChats();
+  const registeredJids = new Set(Object.keys(registeredGroups));
+
+  return chats
+    .filter((c) => c.jid !== '__group_sync__' && c.is_group)
+    .map((c) => ({
+      jid: c.jid,
+      name: c.name,
+      lastActivity: c.last_message_time,
+      isRegistered: registeredJids.has(c.jid),
+    }));
+}
+
+/** @internal - exported for testing */
+export function _setRegisteredGroups(groups: Record<string, RegisteredGroup>): void {
+  registeredGroups = groups;
+}
+
+/**
+ * Process all pending messages for a group.
+ * Called by the GroupQueue when it's this group's turn.
+ */
+async function processGroupMessages(chatJid: string): Promise<boolean> {
+  const group = registeredGroups[chatJid];
+  if (!group) return true;
+
+  const channel = findChannel(channels, chatJid);
+  if (!channel) {
+    console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+    return true;
+  }
+
+  const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+
+  const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+  const missedMessages = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+
+  if (missedMessages.length === 0) return true;
+
+  // For non-main groups, check if trigger is required and present
+  if (!isMainGroup && group.requiresTrigger !== false) {
+    const hasTrigger = missedMessages.some((m) =>
+      TRIGGER_PATTERN.test(m.content.trim()),
+    );
+    if (!hasTrigger) return true;
+  }
+
+  const prompt = formatMessages(missedMessages);
+
+  // Advance cursor so the piping path in startMessageLoop won't re-fetch
+  // these messages. Save the old cursor so we can roll back on error.
+  const previousCursor = lastAgentTimestamp[chatJid] || '';
+  lastAgentTimestamp[chatJid] =
+    missedMessages[missedMessages.length - 1].timestamp;
+  saveState();
+
+  logger.info(
+    { group: group.name, messageCount: missedMessages.length },
+    'Processing messages',
+  );
+
+  // Track idle timer for closing stdin when agent is idle
+  let idleTimer: ReturnType<typeof setTimeout> | null = null;
+
+  const resetIdleTimer = () => {
+    if (idleTimer) clearTimeout(idleTimer);
+    idleTimer = setTimeout(() => {
+      logger.debug({ group: group.name }, 'Idle timeout, closing container stdin');
+      queue.closeStdin(chatJid);
+    }, IDLE_TIMEOUT);
+  };
+
+  await channel.setTyping?.(chatJid, true);
+  let hadError = false;
+  let outputSentToUser = false;
+
+  const output = await runAgent(group, prompt, chatJid, async (result) => {
+    // Streaming output callback — called for each agent result
+    if (result.result) {
+      const raw = typeof result.result === 'string' ? result.result : JSON.stringify(result.result);
+      // Strip <internal>...</internal> blocks — agent uses these for internal reasoning
+      const text = raw.replace(/<internal>[\s\S]*?<\/internal>/g, '').trim();
+      logger.info({ group: group.name }, `Agent output: ${raw.slice(0, 200)}`);
+      if (text) {
+        await channel.sendMessage(chatJid, text);
+        outputSentToUser = true;
+      }
+      // Only reset idle timer on actual results, not session-update markers (result: null)
+      resetIdleTimer();
+    }
+
+    if (result.status === 'error') {
+      hadError = true;
+    }
+  });
+
+  await channel.setTyping?.(chatJid, false);
+  if (idleTimer) clearTimeout(idleTimer);
+
+  if (output === 'error' || hadError) {
+    // If we already sent output to the user, don't roll back the cursor —
+    // the user got their response and re-processing would send duplicates.
+    if (outputSentToUser) {
+      logger.warn({ group: group.name }, 'Agent error after output was sent, skipping cursor rollback to prevent duplicates');
+      return true;
+    }
+    // Roll back cursor so retries can re-process these messages
+    lastAgentTimestamp[chatJid] = previousCursor;
+    saveState();
+    logger.warn({ group: group.name }, 'Agent error, rolled back message cursor for retry');
+    return false;
+  }
+
+  return true;
+}
+
+async function runAgent(
+  group: RegisteredGroup,
+  prompt: string,
+  chatJid: string,
+  onOutput?: (output: ContainerOutput) => Promise<void>,
+): Promise<'success' | 'error'> {
+  const isMain = group.folder === MAIN_GROUP_FOLDER;
+  const sessionId = sessions[group.folder];
+
+  // Update tasks snapshot for container to read (filtered by group)
+  const tasks = getAllTasks();
+  writeTasksSnapshot(
+    group.folder,
+    isMain,
+    tasks.map((t) => ({
+      id: t.id,
+      groupFolder: t.group_folder,
+      prompt: t.prompt,
+      schedule_type: t.schedule_type,
+      schedule_value: t.schedule_value,
+      status: t.status,
+      next_run: t.next_run,
+    })),
+  );
+
+  // Update available groups snapshot (main group only can see all groups)
+  const availableGroups = getAvailableGroups();
+  writeGroupsSnapshot(
+    group.folder,
+    isMain,
+    availableGroups,
+    new Set(Object.keys(registeredGroups)),
+  );
+
+  // Wrap onOutput to track session ID from streamed results
+  const wrappedOnOutput = onOutput
+    ? async (output: ContainerOutput) => {
+        if (output.newSessionId) {
+          sessions[group.folder] = output.newSessionId;
+          setSession(group.folder, output.newSessionId);
+        }
+        await onOutput(output);
+      }
+    : undefined;
+
+  try {
+    const output = await runContainerAgent(
+      group,
+      {
+        prompt,
+        sessionId,
+        groupFolder: group.folder,
+        chatJid,
+        isMain,
+      },
+      (proc, containerName) => queue.registerProcess(chatJid, proc, containerName, group.folder),
+      wrappedOnOutput,
+    );
+
+    if (output.newSessionId) {
+      sessions[group.folder] = output.newSessionId;
+      setSession(group.folder, output.newSessionId);
+    }
+
+    if (output.status === 'error') {
+      logger.error(
+        { group: group.name, error: output.error },
+        'Container agent error',
+      );
+      return 'error';
+    }
+
+    return 'success';
+  } catch (err) {
+    logger.error({ group: group.name, err }, 'Agent error');
+    return 'error';
+  }
+}
+
+async function startMessageLoop(): Promise<void> {
+  if (messageLoopRunning) {
+    logger.debug('Message loop already running, skipping duplicate start');
+    return;
+  }
+  messageLoopRunning = true;
+
+  logger.info(`NanoClaw running (trigger: @${ASSISTANT_NAME})`);
+
+  while (true) {
+    try {
+      const jids = Object.keys(registeredGroups);
+      const { messages, newTimestamp } = getNewMessages(jids, lastTimestamp, ASSISTANT_NAME);
+
+      if (messages.length > 0) {
+        logger.info({ count: messages.length }, 'New messages');
+
+        // Advance the "seen" cursor for all messages immediately
+        lastTimestamp = newTimestamp;
+        saveState();
+
+        // Deduplicate by group
+        const messagesByGroup = new Map<string, NewMessage[]>();
+        for (const msg of messages) {
+          const existing = messagesByGroup.get(msg.chat_jid);
+          if (existing) {
+            existing.push(msg);
+          } else {
+            messagesByGroup.set(msg.chat_jid, [msg]);
+          }
+        }
+
+        for (const [chatJid, groupMessages] of messagesByGroup) {
+          const group = registeredGroups[chatJid];
+          if (!group) continue;
+
+          const channel = findChannel(channels, chatJid);
+          if (!channel) {
+            console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+            continue;
+          }
+
+          const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+          const needsTrigger = !isMainGroup && group.requiresTrigger !== false;
+
+          // For non-main groups, only act on trigger messages.
+          // Non-trigger messages accumulate in DB and get pulled as
+          // context when a trigger eventually arrives.
+          if (needsTrigger) {
+            const hasTrigger = groupMessages.some((m) =>
+              TRIGGER_PATTERN.test(m.content.trim()),
+            );
+            if (!hasTrigger) continue;
+          }
+
+          // Pull all messages since lastAgentTimestamp so non-trigger
+          // context that accumulated between triggers is included.
+          const allPending = getMessagesSince(
+            chatJid,
+            lastAgentTimestamp[chatJid] || '',
+            ASSISTANT_NAME,
+          );
+          const messagesToSend =
+            allPending.length > 0 ? allPending : groupMessages;
+          const formatted = formatMessages(messagesToSend);
+
+          if (queue.sendMessage(chatJid, formatted)) {
+            logger.debug(
+              { chatJid, count: messagesToSend.length },
+              'Piped messages to active container',
+            );
+            lastAgentTimestamp[chatJid] =
+              messagesToSend[messagesToSend.length - 1].timestamp;
+            saveState();
+            // Show typing indicator while the container processes the piped message
+            channel.setTyping?.(chatJid, true);
+          } else {
+            // No active container — enqueue for a new one
+            queue.enqueueMessageCheck(chatJid);
+          }
+        }
+      }
+    } catch (err) {
+      logger.error({ err }, 'Error in message loop');
+    }
+    await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL));
+  }
+}
+
+/**
+ * Startup recovery: check for unprocessed messages in registered groups.
+ * Handles crash between advancing lastTimestamp and processing messages.
+ */
+function recoverPendingMessages(): void {
+  for (const [chatJid, group] of Object.entries(registeredGroups)) {
+    const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+    const pending = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+    if (pending.length > 0) {
+      logger.info(
+        { group: group.name, pendingCount: pending.length },
+        'Recovery: found unprocessed messages',
+      );
+      queue.enqueueMessageCheck(chatJid);
+    }
+  }
+}
+
+function ensureContainerSystemRunning(): void {
+  ensureContainerRuntimeRunning();
+  cleanupOrphans();
+}
+
+async function main(): Promise<void> {
+  ensureContainerSystemRunning();
+  initDatabase();
+  logger.info('Database initialized');
+  loadState();
+
+  // Graceful shutdown handlers
+  const shutdown = async (signal: string) => {
+    logger.info({ signal }, 'Shutdown signal received');
+    await queue.shutdown(10000);
+    for (const ch of channels) await ch.disconnect();
+    process.exit(0);
+  };
+  process.on('SIGTERM', () => shutdown('SIGTERM'));
+  process.on('SIGINT', () => shutdown('SIGINT'));
+
+  // Channel callbacks (shared by all channels)
+  const channelOpts = {
+    onMessage: (_chatJid: string, msg: NewMessage) => storeMessage(msg),
+    onChatMetadata: (chatJid: string, timestamp: string, name?: string, channel?: string, isGroup?: boolean) =>
+      storeChatMetadata(chatJid, timestamp, name, channel, isGroup),
+    registeredGroups: () => registeredGroups,
+  };
+
+  // Create and connect channels
+  // Check if Slack tokens are configured
+  const slackEnv = readEnvFile(['SLACK_BOT_TOKEN', 'SLACK_APP_TOKEN']);
+  const hasSlackTokens = !!(slackEnv.SLACK_BOT_TOKEN && slackEnv.SLACK_APP_TOKEN);
+
+  if (!SLACK_ONLY) {
+    whatsapp = new WhatsAppChannel(channelOpts);
+    channels.push(whatsapp);
+    await whatsapp.connect();
+  }
+
+  if (hasSlackTokens) {
+    slack = new SlackChannel(channelOpts);
+    channels.push(slack);
+    await slack.connect();
+  }
+
+  // Start subsystems (independently of connection handler)
+  startSchedulerLoop({
+    registeredGroups: () => registeredGroups,
+    getSessions: () => sessions,
+    queue,
+    onProcess: (groupJid, proc, containerName, groupFolder) => queue.registerProcess(groupJid, proc, containerName, groupFolder),
+    sendMessage: async (jid, rawText) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) {
+        console.log(`Warning: no channel owns JID ${jid}, cannot send message`);
+        return;
+      }
+      const text = formatOutbound(rawText);
+      if (text) await channel.sendMessage(jid, text);
+    },
+  });
+  startIpcWatcher({
+    sendMessage: (jid, text) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) throw new Error(`No channel for JID: ${jid}`);
+      return channel.sendMessage(jid, text);
+    },
+    registeredGroups: () => registeredGroups,
+    registerGroup,
+    syncGroupMetadata: async (force) => {
+      // Sync metadata across all active channels
+      if (whatsapp) await whatsapp.syncGroupMetadata(force);
+      if (slack) await slack.syncChannelMetadata();
+    },
+    getAvailableGroups,
+    writeGroupsSnapshot: (gf, im, ag, rj) => writeGroupsSnapshot(gf, im, ag, rj),
+  });
+  queue.setProcessMessagesFn(processGroupMessages);
+  recoverPendingMessages();
+  startMessageLoop();
+}
+
+// Guard: only run when executed directly, not when imported by tests
+const isDirectRun =
+  process.argv[1] &&
+  new URL(import.meta.url).pathname === new URL(`file://${process.argv[1]}`).pathname;
+
+if (isDirectRun) {
+  main().catch((err) => {
+    logger.error({ err }, 'Failed to start NanoClaw');
+    process.exit(1);
+  });
+}
diff --git a/.agent/skills/add-slack/modify/src/index.ts.intent.md b/.agent/skills/add-slack/modify/src/index.ts.intent.md
new file mode 100644
index 0000000..a7deec7
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/index.ts.intent.md
@@ -0,0 +1,70 @@
+# Intent: src/index.ts modifications
+
+## What changed
+
+Refactored from single WhatsApp channel to multi-channel architecture supporting Slack alongside WhatsApp.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `SlackChannel` from `./channels/slack.js`
+- Added: `SLACK_ONLY` from `./config.js`
+- Added: `readEnvFile` from `./env.js`
+- Existing: `findChannel` from `./router.js` and `Channel` type from `./types.js` are already present
+
+### Module-level state
+
+- Kept: `let whatsapp: WhatsAppChannel` — still needed for `syncGroupMetadata` reference
+- Added: `let slack: SlackChannel | undefined` — direct reference for `syncChannelMetadata`
+- Kept: `const channels: Channel[] = []` — array of all active channels
+
+### processGroupMessages()
+
+- Uses `findChannel(channels, chatJid)` lookup (already exists in base)
+- Uses `channel.setTyping?.()` and `channel.sendMessage()` (already exists in base)
+
+### startMessageLoop()
+
+- Uses `findChannel(channels, chatJid)` per group (already exists in base)
+- Uses `channel.setTyping?.()` for typing indicators (already exists in base)
+
+### main()
+
+- Added: Reads Slack tokens via `readEnvFile()` to check if Slack is configured
+- Added: conditional WhatsApp creation (`if (!SLACK_ONLY)`)
+- Added: conditional Slack creation (`if (hasSlackTokens)`)
+- Changed: scheduler `sendMessage` uses `findChannel()` → `channel.sendMessage()`
+- Changed: IPC `syncGroupMetadata` syncs both WhatsApp and Slack metadata
+- Changed: IPC `sendMessage` uses `findChannel()` → `channel.sendMessage()`
+
+### Shutdown handler
+
+- Changed from `await whatsapp.disconnect()` to `for (const ch of channels) await ch.disconnect()`
+- Disconnects all active channels (WhatsApp, Slack, or any future channels) on SIGTERM/SIGINT
+
+## Invariants
+
+- All existing message processing logic (triggers, cursors, idle timers) is preserved
+- The `runAgent` function is completely unchanged
+- State management (loadState/saveState) is unchanged
+- Recovery logic is unchanged
+- Container runtime check is unchanged (ensureContainerSystemRunning)
+
+## Design decisions
+
+### Double readEnvFile for Slack tokens
+
+`main()` in index.ts reads `SLACK_BOT_TOKEN`/`SLACK_APP_TOKEN` via `readEnvFile()` to check
+whether Slack is configured (controls whether to instantiate SlackChannel). The SlackChannel
+constructor reads them again independently. This is intentional — index.ts needs to decide
+_whether_ to create the channel, while SlackChannel needs the actual token values. Keeping
+both reads follows the security pattern of not passing secrets through intermediate variables.
+
+## Must-keep
+
+- The `escapeXml` and `formatMessages` re-exports
+- The `_setRegisteredGroups` test helper
+- The `isDirectRun` guard at bottom
+- All error handling and cursor rollback logic in processGroupMessages
+- The outgoing queue flush and reconnection logic (in each channel, not here)
diff --git a/.agent/skills/add-slack/modify/src/routing.test.ts b/.agent/skills/add-slack/modify/src/routing.test.ts
new file mode 100644
index 0000000..3a7f7ff
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/routing.test.ts
@@ -0,0 +1,161 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+
+import { _initTestDatabase, getAllChats, storeChatMetadata } from './db.js';
+import { getAvailableGroups, _setRegisteredGroups } from './index.js';
+
+beforeEach(() => {
+  _initTestDatabase();
+  _setRegisteredGroups({});
+});
+
+// --- JID ownership patterns ---
+
+describe('JID ownership patterns', () => {
+  // These test the patterns that will become ownsJid() on the Channel interface
+
+  it('WhatsApp group JID: ends with @g.us', () => {
+    const jid = '12345678@g.us';
+    expect(jid.endsWith('@g.us')).toBe(true);
+  });
+
+  it('WhatsApp DM JID: ends with @s.whatsapp.net', () => {
+    const jid = '12345678@s.whatsapp.net';
+    expect(jid.endsWith('@s.whatsapp.net')).toBe(true);
+  });
+
+  it('Slack channel JID: starts with slack:', () => {
+    const jid = 'slack:C0123456789';
+    expect(jid.startsWith('slack:')).toBe(true);
+  });
+
+  it('Slack DM JID: starts with slack:D', () => {
+    const jid = 'slack:D0123456789';
+    expect(jid.startsWith('slack:')).toBe(true);
+  });
+});
+
+// --- getAvailableGroups ---
+
+describe('getAvailableGroups', () => {
+  it('returns only groups, excludes DMs', () => {
+    storeChatMetadata('group1@g.us', '2024-01-01T00:00:01.000Z', 'Group 1', 'whatsapp', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+    storeChatMetadata('group2@g.us', '2024-01-01T00:00:03.000Z', 'Group 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(2);
+    expect(groups.map((g) => g.jid)).toContain('group1@g.us');
+    expect(groups.map((g) => g.jid)).toContain('group2@g.us');
+    expect(groups.map((g) => g.jid)).not.toContain('user@s.whatsapp.net');
+  });
+
+  it('excludes __group_sync__ sentinel', () => {
+    storeChatMetadata('__group_sync__', '2024-01-01T00:00:00.000Z');
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:01.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('marks registered groups correctly', () => {
+    storeChatMetadata('reg@g.us', '2024-01-01T00:00:01.000Z', 'Registered', 'whatsapp', true);
+    storeChatMetadata('unreg@g.us', '2024-01-01T00:00:02.000Z', 'Unregistered', 'whatsapp', true);
+
+    _setRegisteredGroups({
+      'reg@g.us': {
+        name: 'Registered',
+        folder: 'registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const reg = groups.find((g) => g.jid === 'reg@g.us');
+    const unreg = groups.find((g) => g.jid === 'unreg@g.us');
+
+    expect(reg?.isRegistered).toBe(true);
+    expect(unreg?.isRegistered).toBe(false);
+  });
+
+  it('returns groups ordered by most recent activity', () => {
+    storeChatMetadata('old@g.us', '2024-01-01T00:00:01.000Z', 'Old', 'whatsapp', true);
+    storeChatMetadata('new@g.us', '2024-01-01T00:00:05.000Z', 'New', 'whatsapp', true);
+    storeChatMetadata('mid@g.us', '2024-01-01T00:00:03.000Z', 'Mid', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups[0].jid).toBe('new@g.us');
+    expect(groups[1].jid).toBe('mid@g.us');
+    expect(groups[2].jid).toBe('old@g.us');
+  });
+
+  it('excludes non-group chats regardless of JID format', () => {
+    // Unknown JID format stored without is_group should not appear
+    storeChatMetadata('unknown-format-123', '2024-01-01T00:00:01.000Z', 'Unknown');
+    // Explicitly non-group with unusual JID
+    storeChatMetadata('custom:abc', '2024-01-01T00:00:02.000Z', 'Custom DM', 'custom', false);
+    // A real group for contrast
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:03.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('returns empty array when no chats exist', () => {
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(0);
+  });
+
+  it('includes Slack channel JIDs', () => {
+    storeChatMetadata('slack:C0123456789', '2024-01-01T00:00:01.000Z', 'Slack Channel', 'slack', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('slack:C0123456789');
+  });
+
+  it('returns Slack DM JIDs as groups when is_group is true', () => {
+    storeChatMetadata('slack:D0123456789', '2024-01-01T00:00:01.000Z', 'Slack DM', 'slack', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('slack:D0123456789');
+    expect(groups[0].name).toBe('Slack DM');
+  });
+
+  it('marks registered Slack channels correctly', () => {
+    storeChatMetadata('slack:C0123456789', '2024-01-01T00:00:01.000Z', 'Slack Registered', 'slack', true);
+    storeChatMetadata('slack:C9999999999', '2024-01-01T00:00:02.000Z', 'Slack Unregistered', 'slack', true);
+
+    _setRegisteredGroups({
+      'slack:C0123456789': {
+        name: 'Slack Registered',
+        folder: 'slack-registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const slackReg = groups.find((g) => g.jid === 'slack:C0123456789');
+    const slackUnreg = groups.find((g) => g.jid === 'slack:C9999999999');
+
+    expect(slackReg?.isRegistered).toBe(true);
+    expect(slackUnreg?.isRegistered).toBe(false);
+  });
+
+  it('mixes WhatsApp and Slack chats ordered by activity', () => {
+    storeChatMetadata('wa@g.us', '2024-01-01T00:00:01.000Z', 'WhatsApp', 'whatsapp', true);
+    storeChatMetadata('slack:C100', '2024-01-01T00:00:03.000Z', 'Slack', 'slack', true);
+    storeChatMetadata('wa2@g.us', '2024-01-01T00:00:02.000Z', 'WhatsApp 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(3);
+    expect(groups[0].jid).toBe('slack:C100');
+    expect(groups[1].jid).toBe('wa2@g.us');
+    expect(groups[2].jid).toBe('wa@g.us');
+  });
+});
diff --git a/.agent/skills/add-slack/modify/src/routing.test.ts.intent.md b/.agent/skills/add-slack/modify/src/routing.test.ts.intent.md
new file mode 100644
index 0000000..4f310be
--- /dev/null
+++ b/.agent/skills/add-slack/modify/src/routing.test.ts.intent.md
@@ -0,0 +1,21 @@
+# Intent: src/routing.test.ts modifications
+
+## What changed
+
+Added Slack JID pattern tests and Slack-specific getAvailableGroups tests.
+
+## Key sections
+
+- **JID ownership patterns**: Added Slack channel JID (`slack:C...`) and Slack DM JID (`slack:D...`) pattern tests
+- **getAvailableGroups**: Added tests for Slack channel inclusion, Slack DM handling, registered Slack channels, and mixed WhatsApp + Slack ordering
+
+## Invariants
+
+- All existing WhatsApp JID pattern tests remain unchanged
+- All existing getAvailableGroups tests remain unchanged
+- New tests follow the same patterns as existing tests
+
+## Must-keep
+
+- All existing WhatsApp tests (group JID, DM JID patterns)
+- All existing getAvailableGroups tests (DM exclusion, sentinel exclusion, registration, ordering, non-group exclusion, empty array)
diff --git a/.agent/skills/add-slack/tests/slack.test.ts b/.agent/skills/add-slack/tests/slack.test.ts
new file mode 100644
index 0000000..7e8d946
--- /dev/null
+++ b/.agent/skills/add-slack/tests/slack.test.ts
@@ -0,0 +1,171 @@
+import { describe, expect, it } from 'vitest';
+import fs from 'fs';
+import path from 'path';
+
+describe('slack skill package', () => {
+  const skillDir = path.resolve(__dirname, '..');
+
+  it('has a valid manifest', () => {
+    const manifestPath = path.join(skillDir, 'manifest.yaml');
+    expect(fs.existsSync(manifestPath)).toBe(true);
+
+    const content = fs.readFileSync(manifestPath, 'utf-8');
+    expect(content).toContain('skill: slack');
+    expect(content).toContain('version: 1.0.0');
+    expect(content).toContain('@slack/bolt');
+  });
+
+  it('has all files declared in adds', () => {
+    const addFile = path.join(skillDir, 'add', 'src', 'channels', 'slack.ts');
+    expect(fs.existsSync(addFile)).toBe(true);
+
+    const content = fs.readFileSync(addFile, 'utf-8');
+    expect(content).toContain('class SlackChannel');
+    expect(content).toContain('implements Channel');
+
+    // Test file for the channel
+    const testFile = path.join(skillDir, 'add', 'src', 'channels', 'slack.test.ts');
+    expect(fs.existsSync(testFile)).toBe(true);
+
+    const testContent = fs.readFileSync(testFile, 'utf-8');
+    expect(testContent).toContain("describe('SlackChannel'");
+  });
+
+  it('has all files declared in modifies', () => {
+    const indexFile = path.join(skillDir, 'modify', 'src', 'index.ts');
+    const configFile = path.join(skillDir, 'modify', 'src', 'config.ts');
+    const routingTestFile = path.join(skillDir, 'modify', 'src', 'routing.test.ts');
+
+    expect(fs.existsSync(indexFile)).toBe(true);
+    expect(fs.existsSync(configFile)).toBe(true);
+    expect(fs.existsSync(routingTestFile)).toBe(true);
+
+    const indexContent = fs.readFileSync(indexFile, 'utf-8');
+    expect(indexContent).toContain('SlackChannel');
+    expect(indexContent).toContain('SLACK_ONLY');
+    expect(indexContent).toContain('findChannel');
+    expect(indexContent).toContain('channels: Channel[]');
+
+    const configContent = fs.readFileSync(configFile, 'utf-8');
+    expect(configContent).toContain('SLACK_ONLY');
+  });
+
+  it('has intent files for modified files', () => {
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'index.ts.intent.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'config.ts.intent.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'routing.test.ts.intent.md'))).toBe(true);
+  });
+
+  it('has setup documentation', () => {
+    expect(fs.existsSync(path.join(skillDir, 'SKILL.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'SLACK_SETUP.md'))).toBe(true);
+  });
+
+  it('modified index.ts preserves core structure', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Core functions still present
+    expect(content).toContain('function loadState()');
+    expect(content).toContain('function saveState()');
+    expect(content).toContain('function registerGroup(');
+    expect(content).toContain('function getAvailableGroups()');
+    expect(content).toContain('function processGroupMessages(');
+    expect(content).toContain('function runAgent(');
+    expect(content).toContain('function startMessageLoop()');
+    expect(content).toContain('function recoverPendingMessages()');
+    expect(content).toContain('function ensureContainerSystemRunning()');
+    expect(content).toContain('async function main()');
+
+    // Test helper preserved
+    expect(content).toContain('_setRegisteredGroups');
+
+    // Direct-run guard preserved
+    expect(content).toContain('isDirectRun');
+  });
+
+  it('modified index.ts includes Slack channel creation', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Multi-channel architecture
+    expect(content).toContain('const channels: Channel[] = []');
+    expect(content).toContain('channels.push(whatsapp)');
+    expect(content).toContain('channels.push(slack)');
+
+    // Conditional channel creation
+    expect(content).toContain('if (!SLACK_ONLY)');
+    expect(content).toContain('new SlackChannel(channelOpts)');
+
+    // Shutdown disconnects all channels
+    expect(content).toContain('for (const ch of channels) await ch.disconnect()');
+  });
+
+  it('modified config.ts preserves all existing exports', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'config.ts'),
+      'utf-8',
+    );
+
+    // All original exports preserved
+    expect(content).toContain('export const ASSISTANT_NAME');
+    expect(content).toContain('export const POLL_INTERVAL');
+    expect(content).toContain('export const TRIGGER_PATTERN');
+    expect(content).toContain('export const CONTAINER_IMAGE');
+    expect(content).toContain('export const DATA_DIR');
+    expect(content).toContain('export const TIMEZONE');
+
+    // Slack config added
+    expect(content).toContain('export const SLACK_ONLY');
+  });
+
+  it('modified routing.test.ts includes Slack JID tests', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'routing.test.ts'),
+      'utf-8',
+    );
+
+    // Slack JID pattern tests
+    expect(content).toContain('slack:C');
+    expect(content).toContain('slack:D');
+
+    // Mixed ordering test
+    expect(content).toContain('mixes WhatsApp and Slack');
+
+    // All original WhatsApp tests preserved
+    expect(content).toContain('@g.us');
+    expect(content).toContain('@s.whatsapp.net');
+    expect(content).toContain('__group_sync__');
+  });
+
+  it('slack.ts implements required Channel interface methods', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'add', 'src', 'channels', 'slack.ts'),
+      'utf-8',
+    );
+
+    // Channel interface methods
+    expect(content).toContain('async connect()');
+    expect(content).toContain('async sendMessage(');
+    expect(content).toContain('isConnected()');
+    expect(content).toContain('ownsJid(');
+    expect(content).toContain('async disconnect()');
+    expect(content).toContain('async setTyping(');
+
+    // Security pattern: reads tokens from .env, not process.env
+    expect(content).toContain('readEnvFile');
+    expect(content).not.toContain('process.env.SLACK_BOT_TOKEN');
+    expect(content).not.toContain('process.env.SLACK_APP_TOKEN');
+
+    // Key behaviors
+    expect(content).toContain('socketMode: true');
+    expect(content).toContain('MAX_MESSAGE_LENGTH');
+    expect(content).toContain('thread_ts');
+    expect(content).toContain('TRIGGER_PATTERN');
+    expect(content).toContain('userNameCache');
+  });
+});
diff --git a/.agent/skills/add-stripe/SKILL.md b/.agent/skills/add-stripe/SKILL.md
new file mode 100644
index 0000000..9342654
--- /dev/null
+++ b/.agent/skills/add-stripe/SKILL.md
@@ -0,0 +1,84 @@
+---
+name: add-stripe
+description: Reference guide for Stripe integration in Clawdie. Stripe ships in core on main — use this skill to understand the Stripe tool surface, webhook handling, and payment flows.
+---
+
+# Skill: add-stripe
+
+Current `main` already ships Stripe in core. This file remains as historical
+reference for older branches and for understanding the Stripe tool surface.
+
+## Prerequisites
+
+- A Stripe account
+- A **Restricted API Key** (RAK) with only the permissions you need
+
+## Setup
+
+### 1. Create a Restricted API Key
+
+1. Go to Stripe Dashboard → Developers → API Keys → Restricted Keys
+2. Create a new key with only what your agent needs:
+   - **Customers**: Read
+   - **Payment Intents**: Read
+   - **Payment Links**: Write (if creating links)
+   - **Invoices**: Read
+   - **Subscriptions**: Read
+   - **Refunds**: Write (if issuing refunds)
+   - **Balance**: Read
+3. Copy the key (starts with `rk_live_` or `rk_test_`)
+
+### 2. Add to .env
+
+```
+STRIPE_SECRET_KEY=rk_test_your_key_here
+STRIPE_ENABLE_REFUNDS=NO
+```
+
+Current onboarding can configure a restricted test key (`rk_test_...`) or skip Stripe for now.
+
+### 3. Current main behavior
+
+There is no manual apply-skill step on current `main`. Stripe tools are built
+into `jail/agent-runner` and become available when `STRIPE_SECRET_KEY` is set.
+
+## Tools the agent gets
+
+| Tool                          | Description                                                                        |
+| ----------------------------- | ---------------------------------------------------------------------------------- |
+| `stripe_get_balance`          | Current account balance                                                            |
+| `stripe_list_customers`       | List customers, filter by email                                                    |
+| `stripe_get_customer`         | Get a customer by ID                                                               |
+| `stripe_list_payment_intents` | Recent payment intents                                                             |
+| `stripe_create_payment_link`  | Create a payment link for a price                                                  |
+| `stripe_list_invoices`        | List invoices, filter by customer/status                                           |
+| `stripe_create_refund`        | Issue a refund by payment intent or charge (only when `STRIPE_ENABLE_REFUNDS=YES`) |
+| `stripe_list_subscriptions`   | List subscriptions, filter by customer/status                                      |
+
+Tools are registered only when `STRIPE_SECRET_KEY` is set. Refunds remain off by
+default until `STRIPE_ENABLE_REFUNDS=YES`.
+
+## Example conversations
+
+> "How much did we make this month?"
+> → Agent calls `stripe_get_balance` and lists recent payment intents
+
+> "Create a payment link for the Pro plan"
+> → Agent calls `stripe_create_payment_link` with the price ID
+
+> "John wants a refund for last month's invoice"
+> → Agent calls `stripe_list_customers` to find John, then `stripe_list_invoices`,
+> then `stripe_create_refund`
+
+## Security
+
+- Use a Restricted API Key — never your full secret key
+- Limit permissions to what the agent actually needs
+- `STRIPE_SECRET_KEY` is passed in the jailed stdin payload, never written as a mounted file
+- Refunds stay disabled until you deliberately enable them
+
+## Upgrading to full channel
+
+Future versions of this skill may add inbound webhook handling so the agent
+can react to Stripe events (payment succeeded, subscription cancelled, etc.)
+automatically. For now, all interactions are agent-initiated.
diff --git a/.agent/skills/add-stripe/add/jail/agent-runner/src/stripe-tools.ts b/.agent/skills/add-stripe/add/jail/agent-runner/src/stripe-tools.ts
new file mode 100644
index 0000000..7e694c0
--- /dev/null
+++ b/.agent/skills/add-stripe/add/jail/agent-runner/src/stripe-tools.ts
@@ -0,0 +1,275 @@
+/**
+ * Stripe MCP tools for Clawdie agent.
+ * Registered into the existing ipc-mcp-stdio server when STRIPE_SECRET_KEY is set.
+ * Uses a Restricted API Key — never the full secret key.
+ */
+import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type Stripe from 'stripe';
+import { z } from 'zod';
+
+export function registerStripeTools(server: McpServer): void {
+  const key = process.env.STRIPE_SECRET_KEY;
+  if (!key) return;
+
+  let stripeInstance: Stripe | null = null;
+
+  const getStripe = async (): Promise<Stripe> => {
+    if (!stripeInstance) {
+      const { default: StripeClass } = await import('stripe') as { default: typeof Stripe };
+      stripeInstance = new StripeClass(key);
+    }
+    return stripeInstance;
+  };
+
+  server.tool(
+    'stripe_get_balance',
+    'Get the current Stripe account balance (available and pending)',
+    {},
+    async () => {
+      try {
+        const stripe = await getStripe();
+        const balance = await stripe.balance.retrieve();
+        const lines = balance.available.map(
+          (b) => `${b.currency.toUpperCase()} available: ${(b.amount / 100).toFixed(2)}`,
+        );
+        const pending = balance.pending.map(
+          (b) => `${b.currency.toUpperCase()} pending: ${(b.amount / 100).toFixed(2)}`,
+        );
+        return {
+          content: [{ type: 'text' as const, text: [...lines, ...pending].join('\n') }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_list_customers',
+    'List Stripe customers. Optionally filter by email.',
+    {
+      email: z.string().optional().describe('Filter by exact email address'),
+      limit: z.number().int().min(1).max(100).default(10).optional().describe('Max results, default 10'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const params: Stripe.CustomerListParams = { limit: args.limit ?? 10 };
+        if (args.email) params.email = args.email;
+        const customers = await stripe.customers.list(params);
+        const lines = customers.data.map(
+          (c) => `${c.id} | ${c.email || 'no email'} | ${c.name || 'no name'} | created: ${new Date(c.created * 1000).toISOString()}`,
+        );
+        return {
+          content: [{ type: 'text' as const, text: lines.length > 0 ? lines.join('\n') : 'No customers found.' }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_get_customer',
+    'Get a Stripe customer by their customer ID',
+    {
+      customer_id: z.string().describe('Stripe customer ID (cus_...)'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const customer = await stripe.customers.retrieve(args.customer_id);
+        return {
+          content: [{ type: 'text' as const, text: JSON.stringify(customer, null, 2) }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_list_payment_intents',
+    'List recent Stripe payment intents, optionally filtered by customer',
+    {
+      customer_id: z.string().optional().describe('Filter by customer ID (cus_...)'),
+      limit: z.number().int().min(1).max(100).default(10).optional().describe('Max results, default 10'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const params: Stripe.PaymentIntentListParams = { limit: args.limit ?? 10 };
+        if (args.customer_id) params.customer = args.customer_id;
+        const intents = await stripe.paymentIntents.list(params);
+        const lines = intents.data.map(
+          (pi) =>
+            `${pi.id} | ${((pi.amount ?? 0) / 100).toFixed(2)} ${(pi.currency ?? '').toUpperCase()} | ${pi.status} | ${new Date(pi.created * 1000).toISOString()}`,
+        );
+        return {
+          content: [{ type: 'text' as const, text: lines.length > 0 ? lines.join('\n') : 'No payment intents found.' }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_create_payment_link',
+    'Create a Stripe payment link for a product price. Returns the URL to share with customers.',
+    {
+      price_id: z.string().describe('Stripe price ID (price_...) — find in Products → Prices'),
+      quantity: z.number().int().min(1).default(1).optional().describe('Quantity, default 1'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const link = await stripe.paymentLinks.create({
+          line_items: [{ price: args.price_id, quantity: args.quantity ?? 1 }],
+        });
+        return {
+          content: [{ type: 'text' as const, text: `Payment link created:\nURL: ${link.url}\nID: ${link.id}\nActive: ${link.active}` }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_list_invoices',
+    'List Stripe invoices, optionally filtered by customer or status',
+    {
+      customer_id: z.string().optional().describe('Filter by customer ID (cus_...)'),
+      status: z
+        .enum(['draft', 'open', 'paid', 'uncollectible', 'void'])
+        .optional()
+        .describe('Filter by invoice status'),
+      limit: z.number().int().min(1).max(100).default(10).optional().describe('Max results, default 10'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const params: Stripe.InvoiceListParams = { limit: args.limit ?? 10 };
+        if (args.customer_id) params.customer = args.customer_id;
+        if (args.status) params.status = args.status;
+        const invoices = await stripe.invoices.list(params);
+        const lines = invoices.data.map(
+          (inv) =>
+            `${inv.id} | ${inv.customer_email || inv.customer} | ${((inv.amount_due ?? 0) / 100).toFixed(2)} ${(inv.currency ?? '').toUpperCase()} | ${inv.status} | ${new Date(inv.created * 1000).toISOString()}${inv.hosted_invoice_url ? ` | ${inv.hosted_invoice_url}` : ''}`,
+        );
+        return {
+          content: [{ type: 'text' as const, text: lines.length > 0 ? lines.join('\n') : 'No invoices found.' }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_create_refund',
+    'Issue a full or partial refund for a payment intent or charge',
+    {
+      payment_intent_id: z
+        .string()
+        .optional()
+        .describe('Payment intent ID to refund (pi_...). Provide this OR charge_id.'),
+      charge_id: z
+        .string()
+        .optional()
+        .describe('Charge ID to refund (ch_...). Provide this OR payment_intent_id.'),
+      amount: z
+        .number()
+        .int()
+        .optional()
+        .describe('Amount in smallest currency unit (e.g. cents). Omit for full refund.'),
+      reason: z
+        .enum(['duplicate', 'fraudulent', 'requested_by_customer'])
+        .optional()
+        .describe('Reason for refund'),
+    },
+    async (args) => {
+      if (!args.payment_intent_id && !args.charge_id) {
+        return {
+          content: [{ type: 'text' as const, text: 'Provide either payment_intent_id or charge_id.' }],
+          isError: true,
+        };
+      }
+      try {
+        const stripe = await getStripe();
+        const params: Stripe.RefundCreateParams = {};
+        if (args.payment_intent_id) params.payment_intent = args.payment_intent_id;
+        if (args.charge_id) params.charge = args.charge_id;
+        if (args.amount) params.amount = args.amount;
+        if (args.reason) params.reason = args.reason;
+        const refund = await stripe.refunds.create(params);
+        return {
+          content: [{
+            type: 'text' as const,
+            text: `Refund created:\nID: ${refund.id}\nAmount: ${((refund.amount ?? 0) / 100).toFixed(2)} ${(refund.currency ?? '').toUpperCase()}\nStatus: ${refund.status}`,
+          }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+
+  server.tool(
+    'stripe_list_subscriptions',
+    'List Stripe subscriptions, optionally filtered by customer or status',
+    {
+      customer_id: z.string().optional().describe('Filter by customer ID (cus_...)'),
+      status: z
+        .enum(['active', 'past_due', 'unpaid', 'canceled', 'incomplete', 'trialing', 'all'])
+        .optional()
+        .describe('Filter by status. Default: active'),
+      limit: z.number().int().min(1).max(100).default(10).optional().describe('Max results, default 10'),
+    },
+    async (args) => {
+      try {
+        const stripe = await getStripe();
+        const params: Stripe.SubscriptionListParams = {
+          limit: args.limit ?? 10,
+          status: (args.status as Stripe.SubscriptionListParams['status']) ?? 'active',
+        };
+        if (args.customer_id) params.customer = args.customer_id;
+        const subs = await stripe.subscriptions.list(params);
+        const lines = subs.data.map(
+          (s) =>
+            `${s.id} | customer: ${typeof s.customer === 'string' ? s.customer : s.customer?.id} | ${s.status} | renews: ${new Date(s.current_period_end * 1000).toISOString()}${s.cancel_at_period_end ? ' (cancels at period end)' : ''}`,
+        );
+        return {
+          content: [{ type: 'text' as const, text: lines.length > 0 ? lines.join('\n') : 'No subscriptions found.' }],
+        };
+      } catch (err) {
+        return {
+          content: [{ type: 'text' as const, text: `Stripe error: ${err instanceof Error ? err.message : String(err)}` }],
+          isError: true,
+        };
+      }
+    },
+  );
+}
diff --git a/.agent/skills/add-stripe/manifest.yaml b/.agent/skills/add-stripe/manifest.yaml
new file mode 100644
index 0000000..8cd2013
--- /dev/null
+++ b/.agent/skills/add-stripe/manifest.yaml
@@ -0,0 +1,16 @@
+skill: stripe
+version: 1.0.0
+description: "Stripe payments, customers, invoices, subscriptions, refunds, and payment links"
+core_version: 0.4.0
+adds:
+  - jail/agent-runner/src/stripe-tools.ts
+modifies:
+  - src/jail-runner.ts
+  - jail/agent-runner/src/ipc-mcp-stdio.ts
+  - jail/agent-runner/package.json
+structured:
+  npm_dependencies:
+    stripe: "^17.0.0"
+conflicts: []
+depends: []
+test: ""
diff --git a/.agent/skills/add-stripe/modify/jail/agent-runner/package.json.intent.md b/.agent/skills/add-stripe/modify/jail/agent-runner/package.json.intent.md
new file mode 100644
index 0000000..14fede7
--- /dev/null
+++ b/.agent/skills/add-stripe/modify/jail/agent-runner/package.json.intent.md
@@ -0,0 +1,28 @@
+# Intent: jail/agent-runner/package.json modifications
+
+## What changed
+
+Added `stripe` as a runtime dependency.
+
+## Key sections
+
+### dependencies
+
+- Added: `"stripe": "^17.0.0"`
+
+```json
+{
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.1",
+    "cron-parser": "^5.0.0",
+    "stripe": "^17.0.0",
+    "zod": "^4.0.0"
+  }
+}
+```
+
+## Invariants
+
+- All existing dependencies remain unchanged
+- devDependencies are unchanged
+- package name, version, scripts are unchanged
diff --git a/.agent/skills/add-stripe/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md b/.agent/skills/add-stripe/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
new file mode 100644
index 0000000..41f66fb
--- /dev/null
+++ b/.agent/skills/add-stripe/modify/jail/agent-runner/src/ipc-mcp-stdio.ts.intent.md
@@ -0,0 +1,36 @@
+# Intent: jail/agent-runner/src/ipc-mcp-stdio.ts modifications
+
+## What changed
+
+Imported and registered the Stripe MCP tools so the agent can access Stripe
+operations (customers, invoices, payment links, refunds, subscriptions, balance).
+Tools are only registered when `STRIPE_SECRET_KEY` is present in the environment.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `import { registerStripeTools } from './stripe-tools.js';`
+
+### After all existing server.tool() calls, before the transport connection
+
+- Added: `registerStripeTools(server);`
+
+```typescript
+// Add near the bottom, before:
+// const transport = new StdioServerTransport();
+
+registerStripeTools(server);
+
+// Existing:
+const transport = new StdioServerTransport();
+await server.connect(transport);
+```
+
+## Invariants
+
+- All existing tools (send_message, schedule_task, list_tasks, etc.) are unchanged
+- Server name and version are unchanged
+- IPC directory constants are unchanged
+- Transport connection is unchanged
+- If `STRIPE_SECRET_KEY` is absent, `registerStripeTools` is a no-op
diff --git a/.agent/skills/add-stripe/modify/src/jail-runner.ts.intent.md b/.agent/skills/add-stripe/modify/src/jail-runner.ts.intent.md
new file mode 100644
index 0000000..df034ac
--- /dev/null
+++ b/.agent/skills/add-stripe/modify/src/jail-runner.ts.intent.md
@@ -0,0 +1,37 @@
+# Intent: src/jail-runner.ts modifications
+
+## What changed
+
+Added `STRIPE_SECRET_KEY` to the secrets allowlist so the Stripe API key is
+passed to the jail agent securely via stdin — never via environment variables
+or files.
+
+## Key sections
+
+### readSecrets() function (around line 216)
+
+- Added: `'STRIPE_SECRET_KEY'` to the `readEnvFile` array
+
+```typescript
+// Before:
+return readEnvFile([
+  'ANTHROPIC_API_KEY',
+  ...
+  'KIMI_API_KEY',
+]);
+
+// After:
+return readEnvFile([
+  'ANTHROPIC_API_KEY',
+  ...
+  'KIMI_API_KEY',
+  'STRIPE_SECRET_KEY',
+]);
+```
+
+## Invariants
+
+- All existing API keys remain in the list unchanged
+- `readEnvFile()` signature and behavior are unchanged
+- Secrets are still passed via stdin JSON, never written to disk or env
+- If `STRIPE_SECRET_KEY` is absent from `.env`, it is silently skipped
diff --git a/.agent/skills/add-telegram-swarm/SKILL.md b/.agent/skills/add-telegram-swarm/SKILL.md
new file mode 100644
index 0000000..2dfa795
--- /dev/null
+++ b/.agent/skills/add-telegram-swarm/SKILL.md
@@ -0,0 +1,388 @@
+---
+name: add-telegram-swarm
+description: Add Agent Swarm (Teams) support to Telegram. Each subagent gets its own bot identity in the group. Requires Telegram channel to be set up first (use /add-telegram). Triggers on "agent swarm", "agent teams telegram", "telegram swarm", "bot pool".
+---
+
+# Add Agent Swarm to Telegram
+
+This skill adds Agent Teams (Swarm) support to an existing Telegram channel. Each subagent in a team gets its own bot identity in the Telegram group, so users can visually distinguish which agent is speaking.
+
+**Prerequisite**: Telegram must already be set up via the `/add-telegram` skill. If `src/telegram.ts` does not exist or `TELEGRAM_BOT_TOKEN` is not configured, tell the user to run `/add-telegram` first.
+
+## How It Works
+
+- The **main bot** receives messages and sends lead agent responses (already set up by `/add-telegram`)
+- **Pool bots** are send-only — each gets a Grammy `Api` instance (no polling)
+- When a subagent calls `send_message` with a `sender` parameter, the host assigns a pool bot and renames it to match the sender's role
+- Messages appear in Telegram from different bot identities
+
+```
+Subagent calls send_message(text: "Found 3 results", sender: "Researcher")
+  → MCP writes IPC file with sender field
+  → Host IPC watcher picks it up
+  → Assigns pool bot #2 to "Researcher" (round-robin, stable per-group)
+  → Renames pool bot #2 to "Researcher" via setMyName
+  → Sends message via pool bot #2's Api instance
+  → Appears in Telegram from "Researcher" bot
+```
+
+## Prerequisites
+
+### 1. Create Pool Bots
+
+Tell the user:
+
+> I need you to create 3-5 Telegram bots to use as the agent pool. These will be renamed dynamically to match agent roles.
+>
+> 1. Open Telegram and search for `@BotFather`
+> 2. Send `/newbot` for each bot:
+>    - Give them any placeholder name (e.g., "Bot 1", "Bot 2")
+>    - Usernames like `myproject_swarm_1_bot`, `myproject_swarm_2_bot`, etc.
+> 3. Copy all the tokens
+> 4. Add all bots to your Telegram group(s) where you want agent teams
+
+Wait for user to provide the tokens.
+
+### 2. Disable Group Privacy for Pool Bots
+
+Tell the user:
+
+> **Important**: Each pool bot needs Group Privacy disabled so it can send messages in groups.
+>
+> For each pool bot in `@BotFather`:
+>
+> 1. Send `/mybots` and select the bot
+> 2. Go to **Bot Settings** > **Group Privacy** > **Turn off**
+>
+> Then add all pool bots to your Telegram group(s).
+
+## Implementation
+
+### Step 1: Update Configuration
+
+Read `src/config.ts` and add the bot pool config near the other Telegram exports:
+
+```typescript
+export const TELEGRAM_BOT_POOL = (process.env.TELEGRAM_BOT_POOL || '')
+  .split(',')
+  .map((t) => t.trim())
+  .filter(Boolean);
+```
+
+### Step 2: Add Bot Pool to Telegram Module
+
+Read `src/telegram.ts` and add the following:
+
+1. **Update imports** — add `Api` to the Grammy import:
+
+```typescript
+import { Api, Bot } from 'grammy';
+```
+
+2. **Add pool state** after the existing `let bot` declaration:
+
+```typescript
+// Bot pool for agent teams: send-only Api instances (no polling)
+const poolApis: Api[] = [];
+// Maps "{groupFolder}:{senderName}" → pool Api index for stable assignment
+const senderBotMap = new Map<string, number>();
+let nextPoolIndex = 0;
+```
+
+3. **Add pool functions** — place these before the `isTelegramConnected` function:
+
+```typescript
+/**
+ * Initialize send-only Api instances for the bot pool.
+ * Each pool bot can send messages but doesn't poll for updates.
+ */
+export async function initBotPool(tokens: string[]): Promise<void> {
+  for (const token of tokens) {
+    try {
+      const api = new Api(token);
+      const me = await api.getMe();
+      poolApis.push(api);
+      logger.info(
+        { username: me.username, id: me.id, poolSize: poolApis.length },
+        'Pool bot initialized',
+      );
+    } catch (err) {
+      logger.error({ err }, 'Failed to initialize pool bot');
+    }
+  }
+  if (poolApis.length > 0) {
+    logger.info({ count: poolApis.length }, 'Telegram bot pool ready');
+  }
+}
+
+/**
+ * Send a message via a pool bot assigned to the given sender name.
+ * Assigns bots round-robin on first use; subsequent messages from the
+ * same sender in the same group always use the same bot.
+ * On first assignment, renames the bot to match the sender's role.
+ */
+export async function sendPoolMessage(
+  chatId: string,
+  text: string,
+  sender: string,
+  groupFolder: string,
+): Promise<void> {
+  if (poolApis.length === 0) {
+    // No pool bots — fall back to main bot
+    await sendTelegramMessage(chatId, text);
+    return;
+  }
+
+  const key = `${groupFolder}:${sender}`;
+  let idx = senderBotMap.get(key);
+  if (idx === undefined) {
+    idx = nextPoolIndex % poolApis.length;
+    nextPoolIndex++;
+    senderBotMap.set(key, idx);
+    // Rename the bot to match the sender's role, then wait for Telegram to propagate
+    try {
+      await poolApis[idx].setMyName(sender);
+      await new Promise((r) => setTimeout(r, 2000));
+      logger.info({ sender, groupFolder, poolIndex: idx }, 'Assigned and renamed pool bot');
+    } catch (err) {
+      logger.warn({ sender, err }, 'Failed to rename pool bot (sending anyway)');
+    }
+  }
+
+  const api = poolApis[idx];
+  try {
+    const numericId = chatId.replace(/^tg:/, '');
+    const MAX_LENGTH = 4096;
+    if (text.length <= MAX_LENGTH) {
+      await api.sendMessage(numericId, text);
+    } else {
+      for (let i = 0; i < text.length; i += MAX_LENGTH) {
+        await api.sendMessage(numericId, text.slice(i, i + MAX_LENGTH));
+      }
+    }
+    logger.info({ chatId, sender, poolIndex: idx, length: text.length }, 'Pool message sent');
+  } catch (err) {
+    logger.error({ chatId, sender, err }, 'Failed to send pool message');
+  }
+}
+```
+
+### Step 3: Add sender Parameter to MCP Tool
+
+Read `container/agent-runner/src/ipc-mcp-stdio.ts` and update the `send_message` tool to accept an optional `sender` parameter:
+
+Change the tool's schema from:
+
+```typescript
+{ text: z.string().describe('The message text to send') },
+```
+
+To:
+
+```typescript
+{
+  text: z.string().describe('The message text to send'),
+  sender: z.string().optional().describe('Your role/identity name (e.g. "Researcher"). When set, messages appear from a dedicated bot in Telegram.'),
+},
+```
+
+And update the handler to include `sender` in the IPC data:
+
+```typescript
+async (args) => {
+    const data: Record<string, string | undefined> = {
+      type: 'message',
+      chatJid,
+      text: args.text,
+      sender: args.sender || undefined,
+      groupFolder,
+      timestamp: new Date().toISOString(),
+    };
+
+    writeIpcFile(MESSAGES_DIR, data);
+
+    return { content: [{ type: 'text' as const, text: 'Message sent.' }] };
+  },
+```
+
+### Step 4: Update Host IPC Routing
+
+Read `src/ipc.ts` and make these changes:
+
+1. **Add imports** — add `sendPoolMessage` and `initBotPool` from the Telegram swarm module, and `TELEGRAM_BOT_POOL` from config.
+
+2. **Update IPC message routing** — in `src/ipc.ts`, find where the `sendMessage` dependency is called to deliver IPC messages (inside `processIpcFiles`). The `sendMessage` is passed in via the `IpcDeps` parameter. Wrap it to route Telegram swarm messages through the bot pool:
+
+```typescript
+if (data.sender && data.chatJid.startsWith('tg:')) {
+  await sendPoolMessage(
+    data.chatJid,
+    data.text,
+    data.sender,
+    sourceGroup,
+  );
+} else {
+  await deps.sendMessage(data.chatJid, data.text);
+}
+```
+
+Note: The assistant name prefix is handled by `formatOutbound()` in the router — Telegram channels have `prefixAssistantName = false` so no prefix is added for `tg:` JIDs.
+
+3. **Initialize pool in `main()` in `src/index.ts`** — after creating the Telegram channel, add:
+
+```typescript
+if (TELEGRAM_BOT_POOL.length > 0) {
+  await initBotPool(TELEGRAM_BOT_POOL);
+}
+```
+
+### Step 5: Update AGENT.md Files
+
+#### 5a. Add global message formatting rules
+
+Read `groups/global/AGENT.md` and add a Message Formatting section:
+
+````markdown
+## Message Formatting
+
+NEVER use markdown. Only use WhatsApp/Telegram formatting:
+- *single asterisks* for bold (NEVER **double asterisks**)
+- _underscores_ for italic
+- • bullet points
+- ```triple backticks``` for code
+
+No ## headings. No [links](url). No **double stars**.
+````
+
+#### 5b. Update existing group AGENT.md headings
+
+In any group AGENT.md that has a "WhatsApp Formatting" section (e.g. `groups/main/AGENT.md`), rename the heading to reflect multi-channel support:
+
+```
+## WhatsApp Formatting (and other messaging apps)
+```
+
+#### 5c. Add Agent Teams instructions to Telegram groups
+
+For each Telegram group that will use agent teams, create or update its `groups/{folder}/AGENT.md` with these instructions. Read the existing AGENT.md first (or `groups/global/AGENT.md` as a base) and add the Agent Teams section:
+
+````markdown
+## Agent Teams
+
+When creating a team to tackle a complex task, follow these rules:
+
+### CRITICAL: Follow the user's prompt exactly
+
+Create *exactly* the team the user asked for — same number of agents, same roles, same names. Do NOT add extra agents, rename roles, or use generic names like "Researcher 1". If the user says "a marine biologist, a physicist, and Alexander Hamilton", create exactly those three agents with those exact names.
+
+### Team member instructions
+
+Each team member MUST be instructed to:
+
+1. *Share progress in the group* via `mcp__nanoclaw__send_message` with a `sender` parameter matching their exact role/character name (e.g., `sender: "Marine Biologist"` or `sender: "Alexander Hamilton"`). This makes their messages appear from a dedicated bot in the Telegram group.
+2. *Also communicate with teammates* via `SendMessage` as normal for coordination.
+3. Keep group messages *short* — 2-4 sentences max per message. Break longer content into multiple `send_message` calls. No walls of text.
+4. Use the `sender` parameter consistently — always the same name so the bot identity stays stable.
+5. NEVER use markdown formatting. Use ONLY WhatsApp/Telegram formatting: single *asterisks* for bold (NOT **double**), _underscores_ for italic, • for bullets, ```backticks``` for code. No ## headings, no [links](url), no **double asterisks**.
+
+### Example team creation prompt
+
+When creating a teammate, include instructions like:
+
+\```
+You are the Marine Biologist. When you have findings or updates for the user, send them to the group using mcp__nanoclaw__send_message with sender set to "Marine Biologist". Keep each message short (2-4 sentences max). Use emojis for strong reactions. ONLY use single *asterisks* for bold (never **double**), _underscores_ for italic, • for bullets. No markdown. Also communicate with teammates via SendMessage.
+\```
+
+### Lead agent behavior
+
+As the lead agent who created the team:
+
+- You do NOT need to react to or relay every teammate message. The user sees those directly from the teammate bots.
+- Send your own messages only to comment, share thoughts, synthesize, or direct the team.
+- When processing an internal update from a teammate that doesn't need a user-facing response, wrap your *entire* output in `<internal>` tags.
+- Focus on high-level coordination and the final synthesis.
+````
+
+### Step 6: Update Environment
+
+Add pool tokens to `.env`:
+
+```bash
+TELEGRAM_BOT_POOL=TOKEN1,TOKEN2,TOKEN3,...
+```
+
+**Important**: Sync to all required locations:
+
+```bash
+cp .env data/env/env
+```
+
+Also add `TELEGRAM_BOT_POOL` to the launchd plist (`~/Library/LaunchAgents/com.nanoclaw.plist`) in the `EnvironmentVariables` dict if using launchd.
+
+### Step 7: Rebuild and Restart
+
+```bash
+npm run build
+./container/build.sh  # Required — MCP tool changed
+# macOS:
+launchctl unload ~/Library/LaunchAgents/com.nanoclaw.plist
+launchctl load ~/Library/LaunchAgents/com.nanoclaw.plist
+# Linux:
+# systemctl --user restart nanoclaw
+```
+
+Must use `unload/load` (macOS) or `restart` (Linux) because the service env vars changed.
+
+### Step 8: Test
+
+Tell the user:
+
+> Send a message in your Telegram group asking for a multi-agent task, e.g.:
+> "Assemble a team of a researcher and a coder to build me a hello world app"
+>
+> You should see:
+>
+> - The lead agent (main bot) acknowledging and creating the team
+> - Each subagent messaging from a different bot, renamed to their role
+> - Short, scannable messages from each agent
+>
+> Check logs: `tail -f logs/nanoclaw.log | grep -i pool`
+
+## Architecture Notes
+
+- Pool bots use Grammy's `Api` class — lightweight, no polling, just send
+- Bot names are set via `setMyName` — changes are global to the bot, not per-chat
+- A 2-second delay after `setMyName` allows Telegram to propagate the name change before the first message
+- Sender→bot mapping is stable within a group (keyed as `{groupFolder}:{senderName}`)
+- Mapping resets on service restart — pool bots get reassigned fresh
+- If pool runs out, bots are reused (round-robin wraps)
+
+## Troubleshooting
+
+### Pool bots not sending messages
+
+1. Verify tokens: `curl -s "https://api.telegram.org/botTOKEN/getMe"`
+2. Check pool initialized: `grep "Pool bot" logs/nanoclaw.log`
+3. Ensure all pool bots are members of the Telegram group
+4. Check Group Privacy is disabled for each pool bot
+
+### Bot names not updating
+
+Telegram caches bot names client-side. The 2-second delay after `setMyName` helps, but users may need to restart their Telegram client to see updated names immediately.
+
+### Subagents not using send_message
+
+Check the group's `AGENT.md` has the Agent Teams instructions. The lead agent reads this when creating teammates and must include the `send_message` + `sender` instructions in each teammate's prompt.
+
+## Removal
+
+To remove Agent Swarm support while keeping basic Telegram:
+
+1. Remove `TELEGRAM_BOT_POOL` from `src/config.ts`
+2. Remove pool code from `src/telegram.ts` (`poolApis`, `senderBotMap`, `initBotPool`, `sendPoolMessage`)
+3. Remove pool routing from IPC handler in `src/index.ts` (revert to plain `sendMessage`)
+4. Remove `initBotPool` call from `main()`
+5. Remove `sender` param from MCP tool in `container/agent-runner/src/ipc-mcp-stdio.ts`
+6. Remove Agent Teams section from group AGENT.md files
+7. Remove `TELEGRAM_BOT_POOL` from `.env`, `data/env/env`, and launchd plist/systemd unit
+8. Rebuild: `npm run build && ./container/build.sh && launchctl unload ~/Library/LaunchAgents/com.nanoclaw.plist && launchctl load ~/Library/LaunchAgents/com.nanoclaw.plist` (macOS) or `npm run build && ./container/build.sh && systemctl --user restart nanoclaw` (Linux)
diff --git a/.agent/skills/add-telegram/SKILL.md b/.agent/skills/add-telegram/SKILL.md
new file mode 100644
index 0000000..eda8903
--- /dev/null
+++ b/.agent/skills/add-telegram/SKILL.md
@@ -0,0 +1,251 @@
+---
+name: add-telegram
+description: Add Telegram as a channel. Can replace WhatsApp entirely or run alongside it. Also configurable as a control-only channel (triggers actions) or passive channel (receives notifications only).
+---
+
+# Add Telegram Channel
+
+This skill adds Telegram support to NanoClaw using the skills engine for deterministic code changes, then walks through interactive setup.
+
+## Phase 1: Pre-flight
+
+### Check if already applied
+
+Read `.nanoclaw/state.yaml`. If `telegram` is in `applied_skills`, skip to Phase 3 (Setup). The code changes are already in place.
+
+### Ask the user
+
+Use `AskUserQuestion` to collect configuration:
+
+AskUserQuestion: Should Telegram replace WhatsApp or run alongside it?
+
+- **Replace WhatsApp** - Telegram will be the only channel (sets TELEGRAM_ONLY=true)
+- **Alongside** - Both Telegram and WhatsApp channels active
+
+AskUserQuestion: Do you have a Telegram bot token, or do you need to create one?
+
+If they have one, collect it now. If not, we'll create one in Phase 3.
+
+## Phase 2: Apply Code Changes
+
+Run the skills engine to apply this skill's code package. The package files are in this directory alongside this SKILL.md.
+
+### Initialize skills system (if needed)
+
+If `.nanoclaw/` directory doesn't exist yet:
+
+```bash
+npx tsx scripts/apply-skill.ts --init
+```
+
+Or call `initSkillsSystem()` from `skills-engine/migrate.ts`.
+
+### Apply the skill
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-telegram
+```
+
+This deterministically:
+
+- Adds `src/channels/telegram.ts` (TelegramChannel class implementing Channel interface)
+- Adds `src/channels/telegram.test.ts` (46 unit tests)
+- Three-way merges Telegram support into `src/index.ts` (multi-channel support, findChannel routing)
+- Three-way merges Telegram config into `src/config.ts` (TELEGRAM_BOT_TOKEN, TELEGRAM_ONLY exports)
+- Three-way merges updated routing tests into `src/routing.test.ts`
+- Installs the `grammy` npm dependency
+- Updates `.env.example` with `TELEGRAM_BOT_TOKEN` and `TELEGRAM_ONLY`
+- Records the application in `.nanoclaw/state.yaml`
+
+If the apply reports merge conflicts, read the intent files:
+
+- `modify/src/index.ts.intent.md` — what changed and invariants for index.ts
+- `modify/src/config.ts.intent.md` — what changed for config.ts
+
+### Validate code changes
+
+```bash
+npm test
+npm run build
+```
+
+All tests must pass (including the new telegram tests) and build must be clean before proceeding.
+
+## Phase 3: Setup
+
+### Create Telegram Bot (if needed)
+
+If the user doesn't have a bot token, tell them:
+
+> I need you to create a Telegram bot:
+>
+> 1. Open Telegram and search for `@BotFather`
+> 2. Send `/newbot` and follow prompts:
+>    - Bot name: Something friendly (e.g., "Andy Assistant")
+>    - Bot username: Must end with "bot" (e.g., "andy_ai_bot")
+> 3. Copy the bot token (looks like `123456:ABC-DEF1234ghIkl-zyx57W2v1u123ew11`)
+
+Wait for the user to provide the token.
+
+### Configure environment
+
+Add to `.env`:
+
+```bash
+TELEGRAM_BOT_TOKEN=<their-token>
+```
+
+If they chose to replace WhatsApp:
+
+```bash
+TELEGRAM_ONLY=true
+```
+
+Sync to container environment:
+
+```bash
+mkdir -p data/env && cp .env data/env/env
+```
+
+The container reads environment from `data/env/env`, not `.env` directly.
+
+### Disable Group Privacy (for group chats)
+
+Tell the user:
+
+> **Important for group chats**: By default, Telegram bots only see @mentions and commands in groups. To let the bot see all messages:
+>
+> 1. Open Telegram and search for `@BotFather`
+> 2. Send `/mybots` and select your bot
+> 3. Go to **Bot Settings** > **Group Privacy** > **Turn off**
+>
+> This is optional if you only want trigger-based responses via @mentioning the bot.
+
+### Build and restart
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+## Phase 4: Registration
+
+### Get Chat ID
+
+Tell the user:
+
+> 1. Open your bot in Telegram (search for its username)
+> 2. Send `/chatid` — it will reply with the chat ID
+> 3. For groups: add the bot to the group first, then send `/chatid` in the group
+
+Wait for the user to provide the chat ID (format: `tg:123456789` or `tg:-1001234567890`).
+
+### Register the chat
+
+Use the IPC register flow or register directly. The chat ID, name, and folder name are needed.
+
+For a main chat (responds to all messages, uses the `main` folder):
+
+```typescript
+registerGroup('tg:<chat-id>', {
+  name: '<chat-name>',
+  folder: 'main',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: false,
+});
+```
+
+For additional chats (trigger-only):
+
+```typescript
+registerGroup('tg:<chat-id>', {
+  name: '<chat-name>',
+  folder: '<folder-name>',
+  trigger: `@${ASSISTANT_NAME}`,
+  added_at: new Date().toISOString(),
+  requiresTrigger: true,
+});
+```
+
+## Phase 5: Verify
+
+### Test the connection
+
+Tell the user:
+
+> Send a message to your registered Telegram chat:
+>
+> - For main chat: Any message works
+> - For non-main: `@Andy hello` or @mention the bot
+>
+> The bot should respond within a few seconds.
+
+### Check logs if needed
+
+```bash
+tail -f logs/nanoclaw.log
+```
+
+## Troubleshooting
+
+### Bot not responding
+
+Check:
+
+1. `TELEGRAM_BOT_TOKEN` is set in `.env` AND synced to `data/env/env`
+2. Chat is registered in the ops database (check with: `psql "$OPS_DB_URL" -c "SELECT * FROM registered_groups WHERE jid LIKE 'tg:%'"`)
+3. For non-main chats: message includes trigger pattern
+4. Service is running: `launchctl list | grep nanoclaw` (macOS) or `systemctl --user status nanoclaw` (Linux)
+
+### Bot only responds to @mentions in groups
+
+Group Privacy is enabled (default). Fix:
+
+1. `@BotFather` > `/mybots` > select bot > **Bot Settings** > **Group Privacy** > **Turn off**
+2. Remove and re-add the bot to the group (required for the change to take effect)
+
+### Getting chat ID
+
+If `/chatid` doesn't work:
+
+- Verify token: `curl -s "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/getMe"`
+- Check bot is started: `tail -f logs/nanoclaw.log`
+
+## After Setup
+
+If running `npm run dev` while the service is active:
+
+```bash
+# macOS:
+launchctl unload ~/Library/LaunchAgents/com.nanoclaw.plist
+npm run dev
+# When done testing:
+launchctl load ~/Library/LaunchAgents/com.nanoclaw.plist
+# Linux:
+# systemctl --user stop nanoclaw
+# npm run dev
+# systemctl --user start nanoclaw
+```
+
+## Agent Swarms (Teams)
+
+After completing the Telegram setup, use `AskUserQuestion`:
+
+AskUserQuestion: Would you like to add Agent Swarm support? Without it, Agent Teams still work — they just operate behind the scenes. With Swarm support, each subagent appears as a different bot in the Telegram group so you can see who's saying what and have interactive team sessions.
+
+If they say yes, invoke the `/add-telegram-swarm` skill.
+
+## Removal
+
+To remove Telegram integration:
+
+1. Delete `src/channels/telegram.ts`
+2. Remove `TelegramChannel` import and creation from `src/index.ts`
+3. Remove `channels` array and revert to using `whatsapp` directly in `processGroupMessages`, scheduler deps, and IPC deps
+4. Revert `getAvailableGroups()` filter to only include `@g.us` chats
+5. Remove Telegram config (`TELEGRAM_BOT_TOKEN`, `TELEGRAM_ONLY`) from `src/config.ts`
+6. Remove Telegram registrations from ops database: `psql "$OPS_DB_URL" -c "DELETE FROM registered_groups WHERE jid LIKE 'tg:%'"`
+7. Uninstall: `npm uninstall grammy`
+8. Rebuild: `npm run build && launchctl kickstart -k gui/$(id -u)/com.nanoclaw` (macOS) or `npm run build && systemctl --user restart nanoclaw` (Linux)
diff --git a/.agent/skills/add-telegram/add/src/channels/telegram.test.ts b/.agent/skills/add-telegram/add/src/channels/telegram.test.ts
new file mode 100644
index 0000000..950b607
--- /dev/null
+++ b/.agent/skills/add-telegram/add/src/channels/telegram.test.ts
@@ -0,0 +1,926 @@
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+
+// --- Mocks ---
+
+// Mock config
+vi.mock('../config.js', () => ({
+  ASSISTANT_NAME: 'Andy',
+  TRIGGER_PATTERN: /^@Andy\b/i,
+}));
+
+// Mock logger
+vi.mock('../logger.js', () => ({
+  logger: {
+    debug: vi.fn(),
+    info: vi.fn(),
+    warn: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+
+// --- Grammy mock ---
+
+type Handler = (...args: any[]) => any;
+
+const botRef = vi.hoisted(() => ({ current: null as any }));
+
+vi.mock('grammy', () => ({
+  Bot: class MockBot {
+    token: string;
+    commandHandlers = new Map<string, Handler>();
+    filterHandlers = new Map<string, Handler[]>();
+    errorHandler: Handler | null = null;
+
+    api = {
+      sendMessage: vi.fn().mockResolvedValue(undefined),
+      sendChatAction: vi.fn().mockResolvedValue(undefined),
+    };
+
+    constructor(token: string) {
+      this.token = token;
+      botRef.current = this;
+    }
+
+    command(name: string, handler: Handler) {
+      this.commandHandlers.set(name, handler);
+    }
+
+    on(filter: string, handler: Handler) {
+      const existing = this.filterHandlers.get(filter) || [];
+      existing.push(handler);
+      this.filterHandlers.set(filter, existing);
+    }
+
+    catch(handler: Handler) {
+      this.errorHandler = handler;
+    }
+
+    start(opts: { onStart: (botInfo: any) => void }) {
+      opts.onStart({ username: 'andy_ai_bot', id: 12345 });
+    }
+
+    stop() {}
+  },
+}));
+
+import { TelegramChannel, TelegramChannelOpts } from './telegram.js';
+
+// --- Test helpers ---
+
+function createTestOpts(
+  overrides?: Partial<TelegramChannelOpts>,
+): TelegramChannelOpts {
+  return {
+    onMessage: vi.fn(),
+    onChatMetadata: vi.fn(),
+    registeredGroups: vi.fn(() => ({
+      'tg:100200300': {
+        name: 'Test Group',
+        folder: 'test-group',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    })),
+    ...overrides,
+  };
+}
+
+function createTextCtx(overrides: {
+  chatId?: number;
+  chatType?: string;
+  chatTitle?: string;
+  text: string;
+  fromId?: number;
+  firstName?: string;
+  username?: string;
+  messageId?: number;
+  date?: number;
+  entities?: any[];
+}) {
+  const chatId = overrides.chatId ?? 100200300;
+  const chatType = overrides.chatType ?? 'group';
+  return {
+    chat: {
+      id: chatId,
+      type: chatType,
+      title: overrides.chatTitle ?? 'Test Group',
+    },
+    from: {
+      id: overrides.fromId ?? 99001,
+      first_name: overrides.firstName ?? 'Alice',
+      username: overrides.username ?? 'alice_user',
+    },
+    message: {
+      text: overrides.text,
+      date: overrides.date ?? Math.floor(Date.now() / 1000),
+      message_id: overrides.messageId ?? 1,
+      entities: overrides.entities ?? [],
+    },
+    me: { username: 'andy_ai_bot' },
+    reply: vi.fn(),
+  };
+}
+
+function createMediaCtx(overrides: {
+  chatId?: number;
+  chatType?: string;
+  fromId?: number;
+  firstName?: string;
+  date?: number;
+  messageId?: number;
+  caption?: string;
+  extra?: Record<string, any>;
+}) {
+  const chatId = overrides.chatId ?? 100200300;
+  return {
+    chat: {
+      id: chatId,
+      type: overrides.chatType ?? 'group',
+      title: 'Test Group',
+    },
+    from: {
+      id: overrides.fromId ?? 99001,
+      first_name: overrides.firstName ?? 'Alice',
+      username: 'alice_user',
+    },
+    message: {
+      date: overrides.date ?? Math.floor(Date.now() / 1000),
+      message_id: overrides.messageId ?? 1,
+      caption: overrides.caption,
+      ...(overrides.extra || {}),
+    },
+    me: { username: 'andy_ai_bot' },
+  };
+}
+
+function currentBot() {
+  return botRef.current;
+}
+
+async function triggerTextMessage(ctx: ReturnType<typeof createTextCtx>) {
+  const handlers = currentBot().filterHandlers.get('message:text') || [];
+  for (const h of handlers) await h(ctx);
+}
+
+async function triggerMediaMessage(
+  filter: string,
+  ctx: ReturnType<typeof createMediaCtx>,
+) {
+  const handlers = currentBot().filterHandlers.get(filter) || [];
+  for (const h of handlers) await h(ctx);
+}
+
+// --- Tests ---
+
+describe('TelegramChannel', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  // --- Connection lifecycle ---
+
+  describe('connection lifecycle', () => {
+    it('resolves connect() when bot starts', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      await channel.connect();
+
+      expect(channel.isConnected()).toBe(true);
+    });
+
+    it('registers command and message handlers on connect', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      await channel.connect();
+
+      expect(currentBot().commandHandlers.has('chatid')).toBe(true);
+      expect(currentBot().commandHandlers.has('ping')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:text')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:photo')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:video')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:voice')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:audio')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:document')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:sticker')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:location')).toBe(true);
+      expect(currentBot().filterHandlers.has('message:contact')).toBe(true);
+    });
+
+    it('registers error handler on connect', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      await channel.connect();
+
+      expect(currentBot().errorHandler).not.toBeNull();
+    });
+
+    it('disconnects cleanly', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      await channel.connect();
+      expect(channel.isConnected()).toBe(true);
+
+      await channel.disconnect();
+      expect(channel.isConnected()).toBe(false);
+    });
+
+    it('isConnected() returns false before connect', () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      expect(channel.isConnected()).toBe(false);
+    });
+  });
+
+  // --- Text message handling ---
+
+  describe('text message handling', () => {
+    it('delivers message for registered group', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: 'Hello everyone' });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.any(String),
+        'Test Group',
+        'telegram',
+        true,
+      );
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          id: '1',
+          chat_jid: 'tg:100200300',
+          sender: '99001',
+          sender_name: 'Alice',
+          content: 'Hello everyone',
+          is_from_me: false,
+        }),
+      );
+    });
+
+    it('only emits metadata for unregistered chats', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ chatId: 999999, text: 'Unknown chat' });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'tg:999999',
+        expect.any(String),
+        'Test Group',
+        'telegram',
+        true,
+      );
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('skips command messages (starting with /)', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: '/start' });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+      expect(opts.onChatMetadata).not.toHaveBeenCalled();
+    });
+
+    it('extracts sender name from first_name', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: 'Hi', firstName: 'Bob' });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ sender_name: 'Bob' }),
+      );
+    });
+
+    it('falls back to username when first_name missing', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: 'Hi' });
+      ctx.from.first_name = undefined as any;
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ sender_name: 'alice_user' }),
+      );
+    });
+
+    it('falls back to user ID when name and username missing', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: 'Hi', fromId: 42 });
+      ctx.from.first_name = undefined as any;
+      ctx.from.username = undefined as any;
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ sender_name: '42' }),
+      );
+    });
+
+    it('uses sender name as chat name for private chats', async () => {
+      const opts = createTestOpts({
+        registeredGroups: vi.fn(() => ({
+          'tg:100200300': {
+            name: 'Private',
+            folder: 'private',
+            trigger: '@Andy',
+            added_at: '2024-01-01T00:00:00.000Z',
+          },
+        })),
+      });
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: 'Hello',
+        chatType: 'private',
+        firstName: 'Alice',
+      });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.any(String),
+        'Alice', // Private chats use sender name
+        'telegram',
+        false,
+      );
+    });
+
+    it('uses chat title as name for group chats', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: 'Hello',
+        chatType: 'supergroup',
+        chatTitle: 'Project Team',
+      });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.any(String),
+        'Project Team',
+        'telegram',
+        true,
+      );
+    });
+
+    it('converts message.date to ISO timestamp', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const unixTime = 1704067200; // 2024-01-01T00:00:00.000Z
+      const ctx = createTextCtx({ text: 'Hello', date: unixTime });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          timestamp: '2024-01-01T00:00:00.000Z',
+        }),
+      );
+    });
+  });
+
+  // --- @mention translation ---
+
+  describe('@mention translation', () => {
+    it('translates @bot_username mention to trigger format', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: '@andy_ai_bot what time is it?',
+        entities: [{ type: 'mention', offset: 0, length: 12 }],
+      });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: '@Andy @andy_ai_bot what time is it?',
+        }),
+      );
+    });
+
+    it('does not translate if message already matches trigger', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: '@Andy @andy_ai_bot hello',
+        entities: [{ type: 'mention', offset: 6, length: 12 }],
+      });
+      await triggerTextMessage(ctx);
+
+      // Should NOT double-prepend — already starts with @Andy
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: '@Andy @andy_ai_bot hello',
+        }),
+      );
+    });
+
+    it('does not translate mentions of other bots', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: '@some_other_bot hi',
+        entities: [{ type: 'mention', offset: 0, length: 15 }],
+      });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: '@some_other_bot hi', // No translation
+        }),
+      );
+    });
+
+    it('handles mention in middle of message', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: 'hey @andy_ai_bot check this',
+        entities: [{ type: 'mention', offset: 4, length: 12 }],
+      });
+      await triggerTextMessage(ctx);
+
+      // Bot is mentioned, message doesn't match trigger → prepend trigger
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: '@Andy hey @andy_ai_bot check this',
+        }),
+      );
+    });
+
+    it('handles message with no entities', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({ text: 'plain message' });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: 'plain message',
+        }),
+      );
+    });
+
+    it('ignores non-mention entities', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createTextCtx({
+        text: 'check https://example.com',
+        entities: [{ type: 'url', offset: 6, length: 19 }],
+      });
+      await triggerTextMessage(ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({
+          content: 'check https://example.com',
+        }),
+      );
+    });
+  });
+
+  // --- Non-text messages ---
+
+  describe('non-text messages', () => {
+    it('stores photo with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:photo', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Photo]' }),
+      );
+    });
+
+    it('stores photo with caption', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({ caption: 'Look at this' });
+      await triggerMediaMessage('message:photo', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Photo] Look at this' }),
+      );
+    });
+
+    it('stores video with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:video', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Video]' }),
+      );
+    });
+
+    it('stores voice message with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:voice', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Voice message]' }),
+      );
+    });
+
+    it('stores audio with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:audio', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Audio]' }),
+      );
+    });
+
+    it('stores document with filename', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({
+        extra: { document: { file_name: 'report.pdf' } },
+      });
+      await triggerMediaMessage('message:document', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Document: report.pdf]' }),
+      );
+    });
+
+    it('stores document with fallback name when filename missing', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({ extra: { document: {} } });
+      await triggerMediaMessage('message:document', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Document: file]' }),
+      );
+    });
+
+    it('stores sticker with emoji', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({
+        extra: { sticker: { emoji: '😂' } },
+      });
+      await triggerMediaMessage('message:sticker', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Sticker 😂]' }),
+      );
+    });
+
+    it('stores location with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:location', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Location]' }),
+      );
+    });
+
+    it('stores contact with placeholder', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({});
+      await triggerMediaMessage('message:contact', ctx);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'tg:100200300',
+        expect.objectContaining({ content: '[Contact]' }),
+      );
+    });
+
+    it('ignores non-text messages from unregistered chats', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const ctx = createMediaCtx({ chatId: 999999 });
+      await triggerMediaMessage('message:photo', ctx);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+  });
+
+  // --- sendMessage ---
+
+  describe('sendMessage', () => {
+    it('sends message via bot API', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.sendMessage('tg:100200300', 'Hello');
+
+      expect(currentBot().api.sendMessage).toHaveBeenCalledWith(
+        '100200300',
+        'Hello',
+      );
+    });
+
+    it('strips tg: prefix from JID', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.sendMessage('tg:-1001234567890', 'Group message');
+
+      expect(currentBot().api.sendMessage).toHaveBeenCalledWith(
+        '-1001234567890',
+        'Group message',
+      );
+    });
+
+    it('splits messages exceeding 4096 characters', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const longText = 'x'.repeat(5000);
+      await channel.sendMessage('tg:100200300', longText);
+
+      expect(currentBot().api.sendMessage).toHaveBeenCalledTimes(2);
+      expect(currentBot().api.sendMessage).toHaveBeenNthCalledWith(
+        1,
+        '100200300',
+        'x'.repeat(4096),
+      );
+      expect(currentBot().api.sendMessage).toHaveBeenNthCalledWith(
+        2,
+        '100200300',
+        'x'.repeat(904),
+      );
+    });
+
+    it('sends exactly one message at 4096 characters', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const exactText = 'y'.repeat(4096);
+      await channel.sendMessage('tg:100200300', exactText);
+
+      expect(currentBot().api.sendMessage).toHaveBeenCalledTimes(1);
+    });
+
+    it('handles send failure gracefully', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      currentBot().api.sendMessage.mockRejectedValueOnce(
+        new Error('Network error'),
+      );
+
+      // Should not throw
+      await expect(
+        channel.sendMessage('tg:100200300', 'Will fail'),
+      ).resolves.toBeUndefined();
+    });
+
+    it('does nothing when bot is not initialized', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      // Don't connect — bot is null
+      await channel.sendMessage('tg:100200300', 'No bot');
+
+      // No error, no API call
+    });
+  });
+
+  // --- ownsJid ---
+
+  describe('ownsJid', () => {
+    it('owns tg: JIDs', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('tg:123456')).toBe(true);
+    });
+
+    it('owns tg: JIDs with negative IDs (groups)', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('tg:-1001234567890')).toBe(true);
+    });
+
+    it('does not own WhatsApp group JIDs', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('12345@g.us')).toBe(false);
+    });
+
+    it('does not own WhatsApp DM JIDs', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('12345@s.whatsapp.net')).toBe(false);
+    });
+
+    it('does not own unknown JID formats', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.ownsJid('random-string')).toBe(false);
+    });
+  });
+
+  // --- setTyping ---
+
+  describe('setTyping', () => {
+    it('sends typing action when isTyping is true', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.setTyping('tg:100200300', true);
+
+      expect(currentBot().api.sendChatAction).toHaveBeenCalledWith(
+        '100200300',
+        'typing',
+      );
+    });
+
+    it('does nothing when isTyping is false', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      await channel.setTyping('tg:100200300', false);
+
+      expect(currentBot().api.sendChatAction).not.toHaveBeenCalled();
+    });
+
+    it('does nothing when bot is not initialized', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+
+      // Don't connect
+      await channel.setTyping('tg:100200300', true);
+
+      // No error, no API call
+    });
+
+    it('handles typing indicator failure gracefully', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      currentBot().api.sendChatAction.mockRejectedValueOnce(
+        new Error('Rate limited'),
+      );
+
+      await expect(
+        channel.setTyping('tg:100200300', true),
+      ).resolves.toBeUndefined();
+    });
+  });
+
+  // --- Bot commands ---
+
+  describe('bot commands', () => {
+    it('/chatid replies with chat ID and metadata', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const handler = currentBot().commandHandlers.get('chatid')!;
+      const ctx = {
+        chat: { id: 100200300, type: 'group' as const },
+        from: { first_name: 'Alice' },
+        reply: vi.fn(),
+      };
+
+      await handler(ctx);
+
+      expect(ctx.reply).toHaveBeenCalledWith(
+        expect.stringContaining('tg:100200300'),
+        expect.objectContaining({ parse_mode: 'Markdown' }),
+      );
+    });
+
+    it('/chatid shows chat type', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const handler = currentBot().commandHandlers.get('chatid')!;
+      const ctx = {
+        chat: { id: 555, type: 'private' as const },
+        from: { first_name: 'Bob' },
+        reply: vi.fn(),
+      };
+
+      await handler(ctx);
+
+      expect(ctx.reply).toHaveBeenCalledWith(
+        expect.stringContaining('private'),
+        expect.any(Object),
+      );
+    });
+
+    it('/ping replies with bot status', async () => {
+      const opts = createTestOpts();
+      const channel = new TelegramChannel('test-token', opts);
+      await channel.connect();
+
+      const handler = currentBot().commandHandlers.get('ping')!;
+      const ctx = { reply: vi.fn() };
+
+      await handler(ctx);
+
+      expect(ctx.reply).toHaveBeenCalledWith('Andy is online.');
+    });
+  });
+
+  // --- Channel properties ---
+
+  describe('channel properties', () => {
+    it('has name "telegram"', () => {
+      const channel = new TelegramChannel('test-token', createTestOpts());
+      expect(channel.name).toBe('telegram');
+    });
+  });
+});
diff --git a/.agent/skills/add-telegram/add/src/channels/telegram.ts b/.agent/skills/add-telegram/add/src/channels/telegram.ts
new file mode 100644
index 0000000..43a6266
--- /dev/null
+++ b/.agent/skills/add-telegram/add/src/channels/telegram.ts
@@ -0,0 +1,244 @@
+import { Bot } from 'grammy';
+
+import { ASSISTANT_NAME, TRIGGER_PATTERN } from '../config.js';
+import { logger } from '../logger.js';
+import {
+  Channel,
+  OnChatMetadata,
+  OnInboundMessage,
+  RegisteredGroup,
+} from '../types.js';
+
+export interface TelegramChannelOpts {
+  onMessage: OnInboundMessage;
+  onChatMetadata: OnChatMetadata;
+  registeredGroups: () => Record<string, RegisteredGroup>;
+}
+
+export class TelegramChannel implements Channel {
+  name = 'telegram';
+
+  private bot: Bot | null = null;
+  private opts: TelegramChannelOpts;
+  private botToken: string;
+
+  constructor(botToken: string, opts: TelegramChannelOpts) {
+    this.botToken = botToken;
+    this.opts = opts;
+  }
+
+  async connect(): Promise<void> {
+    this.bot = new Bot(this.botToken);
+
+    // Command to get chat ID (useful for registration)
+    this.bot.command('chatid', (ctx) => {
+      const chatId = ctx.chat.id;
+      const chatType = ctx.chat.type;
+      const chatName =
+        chatType === 'private'
+          ? ctx.from?.first_name || 'Private'
+          : (ctx.chat as any).title || 'Unknown';
+
+      ctx.reply(
+        `Chat ID: \`tg:${chatId}\`\nName: ${chatName}\nType: ${chatType}`,
+        { parse_mode: 'Markdown' },
+      );
+    });
+
+    // Command to check bot status
+    this.bot.command('ping', (ctx) => {
+      ctx.reply(`${ASSISTANT_NAME} is online.`);
+    });
+
+    this.bot.on('message:text', async (ctx) => {
+      // Skip commands
+      if (ctx.message.text.startsWith('/')) return;
+
+      const chatJid = `tg:${ctx.chat.id}`;
+      let content = ctx.message.text;
+      const timestamp = new Date(ctx.message.date * 1000).toISOString();
+      const senderName =
+        ctx.from?.first_name ||
+        ctx.from?.username ||
+        ctx.from?.id.toString() ||
+        'Unknown';
+      const sender = ctx.from?.id.toString() || '';
+      const msgId = ctx.message.message_id.toString();
+
+      // Determine chat name
+      const chatName =
+        ctx.chat.type === 'private'
+          ? senderName
+          : (ctx.chat as any).title || chatJid;
+
+      // Translate Telegram @bot_username mentions into TRIGGER_PATTERN format.
+      // Telegram @mentions (e.g., @andy_ai_bot) won't match TRIGGER_PATTERN
+      // (e.g., ^@Andy\b), so we prepend the trigger when the bot is @mentioned.
+      const botUsername = ctx.me?.username?.toLowerCase();
+      if (botUsername) {
+        const entities = ctx.message.entities || [];
+        const isBotMentioned = entities.some((entity) => {
+          if (entity.type === 'mention') {
+            const mentionText = content
+              .substring(entity.offset, entity.offset + entity.length)
+              .toLowerCase();
+            return mentionText === `@${botUsername}`;
+          }
+          return false;
+        });
+        if (isBotMentioned && !TRIGGER_PATTERN.test(content)) {
+          content = `@${ASSISTANT_NAME} ${content}`;
+        }
+      }
+
+      // Store chat metadata for discovery
+      const isGroup = ctx.chat.type === 'group' || ctx.chat.type === 'supergroup';
+      this.opts.onChatMetadata(chatJid, timestamp, chatName, 'telegram', isGroup);
+
+      // Only deliver full message for registered groups
+      const group = this.opts.registeredGroups()[chatJid];
+      if (!group) {
+        logger.debug(
+          { chatJid, chatName },
+          'Message from unregistered Telegram chat',
+        );
+        return;
+      }
+
+      // Deliver message — startMessageLoop() will pick it up
+      this.opts.onMessage(chatJid, {
+        id: msgId,
+        chat_jid: chatJid,
+        sender,
+        sender_name: senderName,
+        content,
+        timestamp,
+        is_from_me: false,
+      });
+
+      logger.info(
+        { chatJid, chatName, sender: senderName },
+        'Telegram message stored',
+      );
+    });
+
+    // Handle non-text messages with placeholders so the agent knows something was sent
+    const storeNonText = (ctx: any, placeholder: string) => {
+      const chatJid = `tg:${ctx.chat.id}`;
+      const group = this.opts.registeredGroups()[chatJid];
+      if (!group) return;
+
+      const timestamp = new Date(ctx.message.date * 1000).toISOString();
+      const senderName =
+        ctx.from?.first_name ||
+        ctx.from?.username ||
+        ctx.from?.id?.toString() ||
+        'Unknown';
+      const caption = ctx.message.caption ? ` ${ctx.message.caption}` : '';
+
+      const isGroup = ctx.chat.type === 'group' || ctx.chat.type === 'supergroup';
+      this.opts.onChatMetadata(chatJid, timestamp, undefined, 'telegram', isGroup);
+      this.opts.onMessage(chatJid, {
+        id: ctx.message.message_id.toString(),
+        chat_jid: chatJid,
+        sender: ctx.from?.id?.toString() || '',
+        sender_name: senderName,
+        content: `${placeholder}${caption}`,
+        timestamp,
+        is_from_me: false,
+      });
+    };
+
+    this.bot.on('message:photo', (ctx) => storeNonText(ctx, '[Photo]'));
+    this.bot.on('message:video', (ctx) => storeNonText(ctx, '[Video]'));
+    this.bot.on('message:voice', (ctx) =>
+      storeNonText(ctx, '[Voice message]'),
+    );
+    this.bot.on('message:audio', (ctx) => storeNonText(ctx, '[Audio]'));
+    this.bot.on('message:document', (ctx) => {
+      const name = ctx.message.document?.file_name || 'file';
+      storeNonText(ctx, `[Document: ${name}]`);
+    });
+    this.bot.on('message:sticker', (ctx) => {
+      const emoji = ctx.message.sticker?.emoji || '';
+      storeNonText(ctx, `[Sticker ${emoji}]`);
+    });
+    this.bot.on('message:location', (ctx) => storeNonText(ctx, '[Location]'));
+    this.bot.on('message:contact', (ctx) => storeNonText(ctx, '[Contact]'));
+
+    // Handle errors gracefully
+    this.bot.catch((err) => {
+      logger.error({ err: err.message }, 'Telegram bot error');
+    });
+
+    // Start polling — returns a Promise that resolves when started
+    return new Promise<void>((resolve) => {
+      this.bot!.start({
+        onStart: (botInfo) => {
+          logger.info(
+            { username: botInfo.username, id: botInfo.id },
+            'Telegram bot connected',
+          );
+          console.log(`\n  Telegram bot: @${botInfo.username}`);
+          console.log(
+            `  Send /chatid to the bot to get a chat's registration ID\n`,
+          );
+          resolve();
+        },
+      });
+    });
+  }
+
+  async sendMessage(jid: string, text: string): Promise<void> {
+    if (!this.bot) {
+      logger.warn('Telegram bot not initialized');
+      return;
+    }
+
+    try {
+      const numericId = jid.replace(/^tg:/, '');
+
+      // Telegram has a 4096 character limit per message — split if needed
+      const MAX_LENGTH = 4096;
+      if (text.length <= MAX_LENGTH) {
+        await this.bot.api.sendMessage(numericId, text);
+      } else {
+        for (let i = 0; i < text.length; i += MAX_LENGTH) {
+          await this.bot.api.sendMessage(
+            numericId,
+            text.slice(i, i + MAX_LENGTH),
+          );
+        }
+      }
+      logger.info({ jid, length: text.length }, 'Telegram message sent');
+    } catch (err) {
+      logger.error({ jid, err }, 'Failed to send Telegram message');
+    }
+  }
+
+  isConnected(): boolean {
+    return this.bot !== null;
+  }
+
+  ownsJid(jid: string): boolean {
+    return jid.startsWith('tg:');
+  }
+
+  async disconnect(): Promise<void> {
+    if (this.bot) {
+      this.bot.stop();
+      this.bot = null;
+      logger.info('Telegram bot stopped');
+    }
+  }
+
+  async setTyping(jid: string, isTyping: boolean): Promise<void> {
+    if (!this.bot || !isTyping) return;
+    try {
+      const numericId = jid.replace(/^tg:/, '');
+      await this.bot.api.sendChatAction(numericId, 'typing');
+    } catch (err) {
+      logger.debug({ jid, err }, 'Failed to send Telegram typing indicator');
+    }
+  }
+}
diff --git a/.agent/skills/add-telegram/manifest.yaml b/.agent/skills/add-telegram/manifest.yaml
new file mode 100644
index 0000000..fe7a36a
--- /dev/null
+++ b/.agent/skills/add-telegram/manifest.yaml
@@ -0,0 +1,20 @@
+skill: telegram
+version: 1.0.0
+description: "Telegram Bot API integration via Grammy"
+core_version: 0.1.0
+adds:
+  - src/channels/telegram.ts
+  - src/channels/telegram.test.ts
+modifies:
+  - src/index.ts
+  - src/config.ts
+  - src/routing.test.ts
+structured:
+  npm_dependencies:
+    grammy: "^1.39.3"
+  env_additions:
+    - TELEGRAM_BOT_TOKEN
+    - TELEGRAM_ONLY
+conflicts: []
+depends: []
+test: "npx vitest run src/channels/telegram.test.ts"
diff --git a/.agent/skills/add-telegram/modify/src/config.ts b/.agent/skills/add-telegram/modify/src/config.ts
new file mode 100644
index 0000000..b0de64c
--- /dev/null
+++ b/.agent/skills/add-telegram/modify/src/config.ts
@@ -0,0 +1,77 @@
+import os from 'os';
+import path from 'path';
+
+import { readEnvFile } from './env.js';
+
+// Read config values from .env (falls back to process.env).
+// Secrets are NOT read here — they stay on disk and are loaded only
+// where needed (container-runner.ts) to avoid leaking to child processes.
+const envConfig = readEnvFile([
+  'ASSISTANT_NAME',
+  'ASSISTANT_HAS_OWN_NUMBER',
+  'TELEGRAM_BOT_TOKEN',
+  'TELEGRAM_ONLY',
+]);
+
+export const ASSISTANT_NAME =
+  process.env.ASSISTANT_NAME || envConfig.ASSISTANT_NAME || 'Andy';
+export const ASSISTANT_HAS_OWN_NUMBER =
+  (process.env.ASSISTANT_HAS_OWN_NUMBER || envConfig.ASSISTANT_HAS_OWN_NUMBER) === 'true';
+export const POLL_INTERVAL = 2000;
+export const SCHEDULER_POLL_INTERVAL = 60000;
+
+// Absolute paths needed for container mounts
+const PROJECT_ROOT = process.cwd();
+const HOME_DIR = process.env.HOME || os.homedir();
+
+// Mount security: allowlist stored OUTSIDE project root, never mounted into containers
+export const MOUNT_ALLOWLIST_PATH = path.join(
+  HOME_DIR,
+  '.config',
+  (process.env.AGENT_NAME || 'clawdie') + '-cp',
+  'mount-allowlist.json',
+);
+export const STORE_DIR = path.resolve(PROJECT_ROOT, 'store');
+export const GROUPS_DIR = path.resolve(PROJECT_ROOT, 'groups');
+export const DATA_DIR = path.resolve(PROJECT_ROOT, 'data');
+export const MAIN_GROUP_FOLDER = 'main';
+
+export const CONTAINER_IMAGE =
+  process.env.CONTAINER_IMAGE || (process.env.AGENT_NAME || 'clawdie') + '-cp-agent:latest';
+export const CONTAINER_TIMEOUT = parseInt(
+  process.env.CONTAINER_TIMEOUT || '1800000',
+  10,
+);
+export const CONTAINER_MAX_OUTPUT_SIZE = parseInt(
+  process.env.CONTAINER_MAX_OUTPUT_SIZE || '10485760',
+  10,
+); // 10MB default
+export const IPC_POLL_INTERVAL = 1000;
+export const IDLE_TIMEOUT = parseInt(
+  process.env.IDLE_TIMEOUT || '1800000',
+  10,
+); // 30min default — how long to keep container alive after last result
+export const MAX_CONCURRENT_CONTAINERS = Math.max(
+  1,
+  parseInt(process.env.MAX_CONCURRENT_CONTAINERS || '5', 10) || 5,
+);
+
+function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+export const TRIGGER_PATTERN = new RegExp(
+  `^@${escapeRegex(ASSISTANT_NAME)}\\b`,
+  'i',
+);
+
+// Timezone for scheduled tasks (cron expressions, etc.)
+// Uses system timezone by default
+export const TIMEZONE =
+  process.env.TZ || Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+// Telegram configuration
+export const TELEGRAM_BOT_TOKEN =
+  process.env.TELEGRAM_BOT_TOKEN || envConfig.TELEGRAM_BOT_TOKEN || '';
+export const TELEGRAM_ONLY =
+  (process.env.TELEGRAM_ONLY || envConfig.TELEGRAM_ONLY) === 'true';
diff --git a/.agent/skills/add-telegram/modify/src/config.ts.intent.md b/.agent/skills/add-telegram/modify/src/config.ts.intent.md
new file mode 100644
index 0000000..1057ae4
--- /dev/null
+++ b/.agent/skills/add-telegram/modify/src/config.ts.intent.md
@@ -0,0 +1,25 @@
+# Intent: src/config.ts modifications
+
+## What changed
+
+Added two new configuration exports for Telegram channel support.
+
+## Key sections
+
+- **readEnvFile call**: Must include `TELEGRAM_BOT_TOKEN` and `TELEGRAM_ONLY` in the keys array. NanoClaw does NOT load `.env` into `process.env` — all `.env` values must be explicitly requested via `readEnvFile()`.
+- **TELEGRAM_BOT_TOKEN**: Read from `process.env` first, then `envConfig` fallback, defaults to empty string (channel disabled when empty)
+- **TELEGRAM_ONLY**: Boolean flag from `process.env` or `envConfig`, when `true` disables WhatsApp channel creation
+
+## Invariants
+
+- All existing config exports remain unchanged
+- New Telegram keys are added to the `readEnvFile` call alongside existing keys
+- New exports are appended at the end of the file
+- No existing behavior is modified — Telegram config is additive only
+- Both `process.env` and `envConfig` are checked (same pattern as `ASSISTANT_NAME`)
+
+## Must-keep
+
+- All existing exports (`ASSISTANT_NAME`, `POLL_INTERVAL`, `TRIGGER_PATTERN`, etc.)
+- The `readEnvFile` pattern — ALL config read from `.env` must go through this function
+- The `escapeRegex` helper and `TRIGGER_PATTERN` construction
diff --git a/.agent/skills/add-telegram/modify/src/index.ts b/.agent/skills/add-telegram/modify/src/index.ts
new file mode 100644
index 0000000..b91e244
--- /dev/null
+++ b/.agent/skills/add-telegram/modify/src/index.ts
@@ -0,0 +1,509 @@
+import fs from 'fs';
+import path from 'path';
+
+import {
+  ASSISTANT_NAME,
+  IDLE_TIMEOUT,
+  MAIN_GROUP_FOLDER,
+  POLL_INTERVAL,
+  TELEGRAM_BOT_TOKEN,
+  TELEGRAM_ONLY,
+  TRIGGER_PATTERN,
+} from './config.js';
+import { TelegramChannel } from './channels/telegram.js';
+import { WhatsAppChannel } from './channels/whatsapp.js';
+import {
+  ContainerOutput,
+  runContainerAgent,
+  writeGroupsSnapshot,
+  writeTasksSnapshot,
+} from './container-runner.js';
+import { cleanupOrphans, ensureContainerRuntimeRunning } from './container-runtime.js';
+import {
+  getAllChats,
+  getAllRegisteredGroups,
+  getAllSessions,
+  getAllTasks,
+  getMessagesSince,
+  getNewMessages,
+  getRouterState,
+  initDatabase,
+  setRegisteredGroup,
+  setRouterState,
+  setSession,
+  storeChatMetadata,
+  storeMessage,
+} from './db.js';
+import { GroupQueue } from './group-queue.js';
+import { resolveGroupFolderPath } from './group-folder.js';
+import { startIpcWatcher } from './ipc.js';
+import { findChannel, formatMessages, formatOutbound } from './router.js';
+import { startSchedulerLoop } from './task-scheduler.js';
+import { Channel, NewMessage, RegisteredGroup } from './types.js';
+import { logger } from './logger.js';
+
+// Re-export for backwards compatibility during refactor
+export { escapeXml, formatMessages } from './router.js';
+
+let lastTimestamp = '';
+let sessions: Record<string, string> = {};
+let registeredGroups: Record<string, RegisteredGroup> = {};
+let lastAgentTimestamp: Record<string, string> = {};
+let messageLoopRunning = false;
+
+let whatsapp: WhatsAppChannel;
+const channels: Channel[] = [];
+const queue = new GroupQueue();
+
+function loadState(): void {
+  lastTimestamp = getRouterState('last_timestamp') || '';
+  const agentTs = getRouterState('last_agent_timestamp');
+  try {
+    lastAgentTimestamp = agentTs ? JSON.parse(agentTs) : {};
+  } catch {
+    logger.warn('Corrupted last_agent_timestamp in DB, resetting');
+    lastAgentTimestamp = {};
+  }
+  sessions = getAllSessions();
+  registeredGroups = getAllRegisteredGroups();
+  logger.info(
+    { groupCount: Object.keys(registeredGroups).length },
+    'State loaded',
+  );
+}
+
+function saveState(): void {
+  setRouterState('last_timestamp', lastTimestamp);
+  setRouterState(
+    'last_agent_timestamp',
+    JSON.stringify(lastAgentTimestamp),
+  );
+}
+
+function registerGroup(jid: string, group: RegisteredGroup): void {
+  let groupDir: string;
+  try {
+    groupDir = resolveGroupFolderPath(group.folder);
+  } catch (err) {
+    logger.warn(
+      { jid, folder: group.folder, err },
+      'Rejecting group registration with invalid folder',
+    );
+    return;
+  }
+
+  registeredGroups[jid] = group;
+  setRegisteredGroup(jid, group);
+
+  // Create group folder
+  fs.mkdirSync(path.join(groupDir, 'logs'), { recursive: true });
+
+  logger.info(
+    { jid, name: group.name, folder: group.folder },
+    'Group registered',
+  );
+}
+
+/**
+ * Get available groups list for the agent.
+ * Returns groups ordered by most recent activity.
+ */
+export function getAvailableGroups(): import('./container-runner.js').AvailableGroup[] {
+  const chats = getAllChats();
+  const registeredJids = new Set(Object.keys(registeredGroups));
+
+  return chats
+    .filter((c) => c.jid !== '__group_sync__' && c.is_group)
+    .map((c) => ({
+      jid: c.jid,
+      name: c.name,
+      lastActivity: c.last_message_time,
+      isRegistered: registeredJids.has(c.jid),
+    }));
+}
+
+/** @internal - exported for testing */
+export function _setRegisteredGroups(groups: Record<string, RegisteredGroup>): void {
+  registeredGroups = groups;
+}
+
+/**
+ * Process all pending messages for a group.
+ * Called by the GroupQueue when it's this group's turn.
+ */
+async function processGroupMessages(chatJid: string): Promise<boolean> {
+  const group = registeredGroups[chatJid];
+  if (!group) return true;
+
+  const channel = findChannel(channels, chatJid);
+  if (!channel) {
+    console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+    return true;
+  }
+
+  const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+
+  const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+  const missedMessages = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+
+  if (missedMessages.length === 0) return true;
+
+  // For non-main groups, check if trigger is required and present
+  if (!isMainGroup && group.requiresTrigger !== false) {
+    const hasTrigger = missedMessages.some((m) =>
+      TRIGGER_PATTERN.test(m.content.trim()),
+    );
+    if (!hasTrigger) return true;
+  }
+
+  const prompt = formatMessages(missedMessages);
+
+  // Advance cursor so the piping path in startMessageLoop won't re-fetch
+  // these messages. Save the old cursor so we can roll back on error.
+  const previousCursor = lastAgentTimestamp[chatJid] || '';
+  lastAgentTimestamp[chatJid] =
+    missedMessages[missedMessages.length - 1].timestamp;
+  saveState();
+
+  logger.info(
+    { group: group.name, messageCount: missedMessages.length },
+    'Processing messages',
+  );
+
+  // Track idle timer for closing stdin when agent is idle
+  let idleTimer: ReturnType<typeof setTimeout> | null = null;
+
+  const resetIdleTimer = () => {
+    if (idleTimer) clearTimeout(idleTimer);
+    idleTimer = setTimeout(() => {
+      logger.debug({ group: group.name }, 'Idle timeout, closing container stdin');
+      queue.closeStdin(chatJid);
+    }, IDLE_TIMEOUT);
+  };
+
+  await channel.setTyping?.(chatJid, true);
+  let hadError = false;
+  let outputSentToUser = false;
+
+  const output = await runAgent(group, prompt, chatJid, async (result) => {
+    // Streaming output callback — called for each agent result
+    if (result.result) {
+      const raw = typeof result.result === 'string' ? result.result : JSON.stringify(result.result);
+      // Strip <internal>...</internal> blocks — agent uses these for internal reasoning
+      const text = raw.replace(/<internal>[\s\S]*?<\/internal>/g, '').trim();
+      logger.info({ group: group.name }, `Agent output: ${raw.slice(0, 200)}`);
+      if (text) {
+        await channel.sendMessage(chatJid, text);
+        outputSentToUser = true;
+      }
+      // Only reset idle timer on actual results, not session-update markers (result: null)
+      resetIdleTimer();
+    }
+
+    if (result.status === 'success') {
+      queue.notifyIdle(chatJid);
+    }
+
+    if (result.status === 'error') {
+      hadError = true;
+    }
+  });
+
+  await channel.setTyping?.(chatJid, false);
+  if (idleTimer) clearTimeout(idleTimer);
+
+  if (output === 'error' || hadError) {
+    // If we already sent output to the user, don't roll back the cursor —
+    // the user got their response and re-processing would send duplicates.
+    if (outputSentToUser) {
+      logger.warn({ group: group.name }, 'Agent error after output was sent, skipping cursor rollback to prevent duplicates');
+      return true;
+    }
+    // Roll back cursor so retries can re-process these messages
+    lastAgentTimestamp[chatJid] = previousCursor;
+    saveState();
+    logger.warn({ group: group.name }, 'Agent error, rolled back message cursor for retry');
+    return false;
+  }
+
+  return true;
+}
+
+async function runAgent(
+  group: RegisteredGroup,
+  prompt: string,
+  chatJid: string,
+  onOutput?: (output: ContainerOutput) => Promise<void>,
+): Promise<'success' | 'error'> {
+  const isMain = group.folder === MAIN_GROUP_FOLDER;
+  const sessionId = sessions[group.folder];
+
+  // Update tasks snapshot for container to read (filtered by group)
+  const tasks = getAllTasks();
+  writeTasksSnapshot(
+    group.folder,
+    isMain,
+    tasks.map((t) => ({
+      id: t.id,
+      groupFolder: t.group_folder,
+      prompt: t.prompt,
+      schedule_type: t.schedule_type,
+      schedule_value: t.schedule_value,
+      status: t.status,
+      next_run: t.next_run,
+    })),
+  );
+
+  // Update available groups snapshot (main group only can see all groups)
+  const availableGroups = getAvailableGroups();
+  writeGroupsSnapshot(
+    group.folder,
+    isMain,
+    availableGroups,
+    new Set(Object.keys(registeredGroups)),
+  );
+
+  // Wrap onOutput to track session ID from streamed results
+  const wrappedOnOutput = onOutput
+    ? async (output: ContainerOutput) => {
+        if (output.newSessionId) {
+          sessions[group.folder] = output.newSessionId;
+          setSession(group.folder, output.newSessionId);
+        }
+        await onOutput(output);
+      }
+    : undefined;
+
+  try {
+    const output = await runContainerAgent(
+      group,
+      {
+        prompt,
+        sessionId,
+        groupFolder: group.folder,
+        chatJid,
+        isMain,
+        assistantName: ASSISTANT_NAME,
+      },
+      (proc, containerName) => queue.registerProcess(chatJid, proc, containerName, group.folder),
+      wrappedOnOutput,
+    );
+
+    if (output.newSessionId) {
+      sessions[group.folder] = output.newSessionId;
+      setSession(group.folder, output.newSessionId);
+    }
+
+    if (output.status === 'error') {
+      logger.error(
+        { group: group.name, error: output.error },
+        'Container agent error',
+      );
+      return 'error';
+    }
+
+    return 'success';
+  } catch (err) {
+    logger.error({ group: group.name, err }, 'Agent error');
+    return 'error';
+  }
+}
+
+async function startMessageLoop(): Promise<void> {
+  if (messageLoopRunning) {
+    logger.debug('Message loop already running, skipping duplicate start');
+    return;
+  }
+  messageLoopRunning = true;
+
+  logger.info(`NanoClaw running (trigger: @${ASSISTANT_NAME})`);
+
+  while (true) {
+    try {
+      const jids = Object.keys(registeredGroups);
+      const { messages, newTimestamp } = getNewMessages(jids, lastTimestamp, ASSISTANT_NAME);
+
+      if (messages.length > 0) {
+        logger.info({ count: messages.length }, 'New messages');
+
+        // Advance the "seen" cursor for all messages immediately
+        lastTimestamp = newTimestamp;
+        saveState();
+
+        // Deduplicate by group
+        const messagesByGroup = new Map<string, NewMessage[]>();
+        for (const msg of messages) {
+          const existing = messagesByGroup.get(msg.chat_jid);
+          if (existing) {
+            existing.push(msg);
+          } else {
+            messagesByGroup.set(msg.chat_jid, [msg]);
+          }
+        }
+
+        for (const [chatJid, groupMessages] of messagesByGroup) {
+          const group = registeredGroups[chatJid];
+          if (!group) continue;
+
+          const channel = findChannel(channels, chatJid);
+          if (!channel) {
+            console.log(`Warning: no channel owns JID ${chatJid}, skipping messages`);
+            continue;
+          }
+
+          const isMainGroup = group.folder === MAIN_GROUP_FOLDER;
+          const needsTrigger = !isMainGroup && group.requiresTrigger !== false;
+
+          // For non-main groups, only act on trigger messages.
+          // Non-trigger messages accumulate in DB and get pulled as
+          // context when a trigger eventually arrives.
+          if (needsTrigger) {
+            const hasTrigger = groupMessages.some((m) =>
+              TRIGGER_PATTERN.test(m.content.trim()),
+            );
+            if (!hasTrigger) continue;
+          }
+
+          // Pull all messages since lastAgentTimestamp so non-trigger
+          // context that accumulated between triggers is included.
+          const allPending = getMessagesSince(
+            chatJid,
+            lastAgentTimestamp[chatJid] || '',
+            ASSISTANT_NAME,
+          );
+          const messagesToSend =
+            allPending.length > 0 ? allPending : groupMessages;
+          const formatted = formatMessages(messagesToSend);
+
+          if (queue.sendMessage(chatJid, formatted)) {
+            logger.debug(
+              { chatJid, count: messagesToSend.length },
+              'Piped messages to active container',
+            );
+            lastAgentTimestamp[chatJid] =
+              messagesToSend[messagesToSend.length - 1].timestamp;
+            saveState();
+            // Show typing indicator while the container processes the piped message
+            channel.setTyping?.(chatJid, true)?.catch((err) =>
+              logger.warn({ chatJid, err }, 'Failed to set typing indicator'),
+            );
+          } else {
+            // No active container — enqueue for a new one
+            queue.enqueueMessageCheck(chatJid);
+          }
+        }
+      }
+    } catch (err) {
+      logger.error({ err }, 'Error in message loop');
+    }
+    await new Promise((resolve) => setTimeout(resolve, POLL_INTERVAL));
+  }
+}
+
+/**
+ * Startup recovery: check for unprocessed messages in registered groups.
+ * Handles crash between advancing lastTimestamp and processing messages.
+ */
+function recoverPendingMessages(): void {
+  for (const [chatJid, group] of Object.entries(registeredGroups)) {
+    const sinceTimestamp = lastAgentTimestamp[chatJid] || '';
+    const pending = getMessagesSince(chatJid, sinceTimestamp, ASSISTANT_NAME);
+    if (pending.length > 0) {
+      logger.info(
+        { group: group.name, pendingCount: pending.length },
+        'Recovery: found unprocessed messages',
+      );
+      queue.enqueueMessageCheck(chatJid);
+    }
+  }
+}
+
+function ensureContainerSystemRunning(): void {
+  ensureContainerRuntimeRunning();
+  cleanupOrphans();
+}
+
+async function main(): Promise<void> {
+  ensureContainerSystemRunning();
+  initDatabase();
+  logger.info('Database initialized');
+  loadState();
+
+  // Graceful shutdown handlers
+  const shutdown = async (signal: string) => {
+    logger.info({ signal }, 'Shutdown signal received');
+    await queue.shutdown(10000);
+    for (const ch of channels) await ch.disconnect();
+    process.exit(0);
+  };
+  process.on('SIGTERM', () => shutdown('SIGTERM'));
+  process.on('SIGINT', () => shutdown('SIGINT'));
+
+  // Channel callbacks (shared by all channels)
+  const channelOpts = {
+    onMessage: (_chatJid: string, msg: NewMessage) => storeMessage(msg),
+    onChatMetadata: (chatJid: string, timestamp: string, name?: string, channel?: string, isGroup?: boolean) =>
+      storeChatMetadata(chatJid, timestamp, name, channel, isGroup),
+    registeredGroups: () => registeredGroups,
+  };
+
+  // Create and connect channels
+  if (TELEGRAM_BOT_TOKEN) {
+    const telegram = new TelegramChannel(TELEGRAM_BOT_TOKEN, channelOpts);
+    channels.push(telegram);
+    await telegram.connect();
+  }
+
+  if (!TELEGRAM_ONLY) {
+    whatsapp = new WhatsAppChannel(channelOpts);
+    channels.push(whatsapp);
+    await whatsapp.connect();
+  }
+
+  // Start subsystems (independently of connection handler)
+  startSchedulerLoop({
+    registeredGroups: () => registeredGroups,
+    getSessions: () => sessions,
+    queue,
+    onProcess: (groupJid, proc, containerName, groupFolder) => queue.registerProcess(groupJid, proc, containerName, groupFolder),
+    sendMessage: async (jid, rawText) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) {
+        console.log(`Warning: no channel owns JID ${jid}, cannot send message`);
+        return;
+      }
+      const text = formatOutbound(rawText);
+      if (text) await channel.sendMessage(jid, text);
+    },
+  });
+  startIpcWatcher({
+    sendMessage: (jid, text) => {
+      const channel = findChannel(channels, jid);
+      if (!channel) throw new Error(`No channel for JID: ${jid}`);
+      return channel.sendMessage(jid, text);
+    },
+    registeredGroups: () => registeredGroups,
+    registerGroup,
+    syncGroupMetadata: (force) => whatsapp?.syncGroupMetadata(force) ?? Promise.resolve(),
+    getAvailableGroups,
+    writeGroupsSnapshot: (gf, im, ag, rj) => writeGroupsSnapshot(gf, im, ag, rj),
+  });
+  queue.setProcessMessagesFn(processGroupMessages);
+  recoverPendingMessages();
+  startMessageLoop().catch((err) => {
+    logger.fatal({ err }, 'Message loop crashed unexpectedly');
+    process.exit(1);
+  });
+}
+
+// Guard: only run when executed directly, not when imported by tests
+const isDirectRun =
+  process.argv[1] &&
+  new URL(import.meta.url).pathname === new URL(`file://${process.argv[1]}`).pathname;
+
+if (isDirectRun) {
+  main().catch((err) => {
+    logger.error({ err }, 'Failed to start NanoClaw');
+    process.exit(1);
+  });
+}
diff --git a/.agent/skills/add-telegram/modify/src/index.ts.intent.md b/.agent/skills/add-telegram/modify/src/index.ts.intent.md
new file mode 100644
index 0000000..16d2d1f
--- /dev/null
+++ b/.agent/skills/add-telegram/modify/src/index.ts.intent.md
@@ -0,0 +1,59 @@
+# Intent: src/index.ts modifications
+
+## What changed
+
+Refactored from single WhatsApp channel to multi-channel architecture using the `Channel` interface.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `TelegramChannel` from `./channels/telegram.js`
+- Added: `TELEGRAM_BOT_TOKEN`, `TELEGRAM_ONLY` from `./config.js`
+- Added: `findChannel` from `./router.js`
+- Added: `Channel` type from `./types.js`
+
+### Module-level state
+
+- Added: `const channels: Channel[] = []` — array of all active channels
+- Kept: `let whatsapp: WhatsAppChannel` — still needed for `syncGroupMetadata` reference
+
+### processGroupMessages()
+
+- Added: `findChannel(channels, chatJid)` lookup at the start
+- Changed: `whatsapp.setTyping()` → `channel.setTyping?.()` (optional chaining)
+- Changed: `whatsapp.sendMessage()` → `channel.sendMessage()` in output callback
+
+### getAvailableGroups()
+
+- Unchanged: uses `c.is_group` filter from base (Telegram channels pass `isGroup=true` via `onChatMetadata`)
+
+### startMessageLoop()
+
+- Added: `findChannel(channels, chatJid)` lookup per group in message processing
+- Changed: `whatsapp.setTyping()` → `channel.setTyping?.()` for typing indicators
+
+### main()
+
+- Changed: shutdown disconnects all channels via `for (const ch of channels)`
+- Added: shared `channelOpts` object for channel callbacks
+- Added: conditional WhatsApp creation (`if (!TELEGRAM_ONLY)`)
+- Added: conditional Telegram creation (`if (TELEGRAM_BOT_TOKEN)`)
+- Changed: scheduler `sendMessage` uses `findChannel()` → `channel.sendMessage()`
+- Changed: IPC `sendMessage` uses `findChannel()` → `channel.sendMessage()`
+
+## Invariants
+
+- All existing message processing logic (triggers, cursors, idle timers) is preserved
+- The `runAgent` function is completely unchanged
+- State management (loadState/saveState) is unchanged
+- Recovery logic is unchanged
+- Container runtime check is unchanged (ensureContainerSystemRunning)
+
+## Must-keep
+
+- The `escapeXml` and `formatMessages` re-exports
+- The `_setRegisteredGroups` test helper
+- The `isDirectRun` guard at bottom
+- All error handling and cursor rollback logic in processGroupMessages
+- The outgoing queue flush and reconnection logic (in WhatsAppChannel, not here)
diff --git a/.agent/skills/add-telegram/modify/src/routing.test.ts b/.agent/skills/add-telegram/modify/src/routing.test.ts
new file mode 100644
index 0000000..5b44063
--- /dev/null
+++ b/.agent/skills/add-telegram/modify/src/routing.test.ts
@@ -0,0 +1,161 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+
+import { _initTestDatabase, getAllChats, storeChatMetadata } from './db.js';
+import { getAvailableGroups, _setRegisteredGroups } from './index.js';
+
+beforeEach(() => {
+  _initTestDatabase();
+  _setRegisteredGroups({});
+});
+
+// --- JID ownership patterns ---
+
+describe('JID ownership patterns', () => {
+  // These test the patterns that will become ownsJid() on the Channel interface
+
+  it('WhatsApp group JID: ends with @g.us', () => {
+    const jid = '12345678@g.us';
+    expect(jid.endsWith('@g.us')).toBe(true);
+  });
+
+  it('WhatsApp DM JID: ends with @s.whatsapp.net', () => {
+    const jid = '12345678@s.whatsapp.net';
+    expect(jid.endsWith('@s.whatsapp.net')).toBe(true);
+  });
+
+  it('Telegram JID: starts with tg:', () => {
+    const jid = 'tg:123456789';
+    expect(jid.startsWith('tg:')).toBe(true);
+  });
+
+  it('Telegram group JID: starts with tg: and has negative ID', () => {
+    const jid = 'tg:-1001234567890';
+    expect(jid.startsWith('tg:')).toBe(true);
+  });
+});
+
+// --- getAvailableGroups ---
+
+describe('getAvailableGroups', () => {
+  it('returns only groups, excludes DMs', () => {
+    storeChatMetadata('group1@g.us', '2024-01-01T00:00:01.000Z', 'Group 1', 'whatsapp', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+    storeChatMetadata('group2@g.us', '2024-01-01T00:00:03.000Z', 'Group 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(2);
+    expect(groups.map((g) => g.jid)).toContain('group1@g.us');
+    expect(groups.map((g) => g.jid)).toContain('group2@g.us');
+    expect(groups.map((g) => g.jid)).not.toContain('user@s.whatsapp.net');
+  });
+
+  it('excludes __group_sync__ sentinel', () => {
+    storeChatMetadata('__group_sync__', '2024-01-01T00:00:00.000Z');
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:01.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('marks registered groups correctly', () => {
+    storeChatMetadata('reg@g.us', '2024-01-01T00:00:01.000Z', 'Registered', 'whatsapp', true);
+    storeChatMetadata('unreg@g.us', '2024-01-01T00:00:02.000Z', 'Unregistered', 'whatsapp', true);
+
+    _setRegisteredGroups({
+      'reg@g.us': {
+        name: 'Registered',
+        folder: 'registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const reg = groups.find((g) => g.jid === 'reg@g.us');
+    const unreg = groups.find((g) => g.jid === 'unreg@g.us');
+
+    expect(reg?.isRegistered).toBe(true);
+    expect(unreg?.isRegistered).toBe(false);
+  });
+
+  it('returns groups ordered by most recent activity', () => {
+    storeChatMetadata('old@g.us', '2024-01-01T00:00:01.000Z', 'Old', 'whatsapp', true);
+    storeChatMetadata('new@g.us', '2024-01-01T00:00:05.000Z', 'New', 'whatsapp', true);
+    storeChatMetadata('mid@g.us', '2024-01-01T00:00:03.000Z', 'Mid', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups[0].jid).toBe('new@g.us');
+    expect(groups[1].jid).toBe('mid@g.us');
+    expect(groups[2].jid).toBe('old@g.us');
+  });
+
+  it('excludes non-group chats regardless of JID format', () => {
+    // Unknown JID format stored without is_group should not appear
+    storeChatMetadata('unknown-format-123', '2024-01-01T00:00:01.000Z', 'Unknown');
+    // Explicitly non-group with unusual JID
+    storeChatMetadata('custom:abc', '2024-01-01T00:00:02.000Z', 'Custom DM', 'custom', false);
+    // A real group for contrast
+    storeChatMetadata('group@g.us', '2024-01-01T00:00:03.000Z', 'Group', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('group@g.us');
+  });
+
+  it('returns empty array when no chats exist', () => {
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(0);
+  });
+
+  it('includes Telegram chat JIDs', () => {
+    storeChatMetadata('tg:100200300', '2024-01-01T00:00:01.000Z', 'Telegram Chat', 'telegram', true);
+    storeChatMetadata('user@s.whatsapp.net', '2024-01-01T00:00:02.000Z', 'User DM', 'whatsapp', false);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('tg:100200300');
+  });
+
+  it('returns Telegram group JIDs with negative IDs', () => {
+    storeChatMetadata('tg:-1001234567890', '2024-01-01T00:00:01.000Z', 'TG Group', 'telegram', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(1);
+    expect(groups[0].jid).toBe('tg:-1001234567890');
+    expect(groups[0].name).toBe('TG Group');
+  });
+
+  it('marks registered Telegram chats correctly', () => {
+    storeChatMetadata('tg:100200300', '2024-01-01T00:00:01.000Z', 'TG Registered', 'telegram', true);
+    storeChatMetadata('tg:999999', '2024-01-01T00:00:02.000Z', 'TG Unregistered', 'telegram', true);
+
+    _setRegisteredGroups({
+      'tg:100200300': {
+        name: 'TG Registered',
+        folder: 'tg-registered',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    });
+
+    const groups = getAvailableGroups();
+    const tgReg = groups.find((g) => g.jid === 'tg:100200300');
+    const tgUnreg = groups.find((g) => g.jid === 'tg:999999');
+
+    expect(tgReg?.isRegistered).toBe(true);
+    expect(tgUnreg?.isRegistered).toBe(false);
+  });
+
+  it('mixes WhatsApp and Telegram chats ordered by activity', () => {
+    storeChatMetadata('wa@g.us', '2024-01-01T00:00:01.000Z', 'WhatsApp', 'whatsapp', true);
+    storeChatMetadata('tg:100', '2024-01-01T00:00:03.000Z', 'Telegram', 'telegram', true);
+    storeChatMetadata('wa2@g.us', '2024-01-01T00:00:02.000Z', 'WhatsApp 2', 'whatsapp', true);
+
+    const groups = getAvailableGroups();
+    expect(groups).toHaveLength(3);
+    expect(groups[0].jid).toBe('tg:100');
+    expect(groups[1].jid).toBe('wa2@g.us');
+    expect(groups[2].jid).toBe('wa@g.us');
+  });
+});
diff --git a/.agent/skills/add-telegram/tests/telegram.test.ts b/.agent/skills/add-telegram/tests/telegram.test.ts
new file mode 100644
index 0000000..50dd599
--- /dev/null
+++ b/.agent/skills/add-telegram/tests/telegram.test.ts
@@ -0,0 +1,118 @@
+import { describe, expect, it } from 'vitest';
+import fs from 'fs';
+import path from 'path';
+
+describe('telegram skill package', () => {
+  const skillDir = path.resolve(__dirname, '..');
+
+  it('has a valid manifest', () => {
+    const manifestPath = path.join(skillDir, 'manifest.yaml');
+    expect(fs.existsSync(manifestPath)).toBe(true);
+
+    const content = fs.readFileSync(manifestPath, 'utf-8');
+    expect(content).toContain('skill: telegram');
+    expect(content).toContain('version: 1.0.0');
+    expect(content).toContain('grammy');
+  });
+
+  it('has all files declared in adds', () => {
+    const addFile = path.join(skillDir, 'add', 'src', 'channels', 'telegram.ts');
+    expect(fs.existsSync(addFile)).toBe(true);
+
+    const content = fs.readFileSync(addFile, 'utf-8');
+    expect(content).toContain('class TelegramChannel');
+    expect(content).toContain('implements Channel');
+
+    // Test file for the channel
+    const testFile = path.join(skillDir, 'add', 'src', 'channels', 'telegram.test.ts');
+    expect(fs.existsSync(testFile)).toBe(true);
+
+    const testContent = fs.readFileSync(testFile, 'utf-8');
+    expect(testContent).toContain("describe('TelegramChannel'");
+  });
+
+  it('has all files declared in modifies', () => {
+    const indexFile = path.join(skillDir, 'modify', 'src', 'index.ts');
+    const configFile = path.join(skillDir, 'modify', 'src', 'config.ts');
+    const routingTestFile = path.join(skillDir, 'modify', 'src', 'routing.test.ts');
+
+    expect(fs.existsSync(indexFile)).toBe(true);
+    expect(fs.existsSync(configFile)).toBe(true);
+    expect(fs.existsSync(routingTestFile)).toBe(true);
+
+    const indexContent = fs.readFileSync(indexFile, 'utf-8');
+    expect(indexContent).toContain('TelegramChannel');
+    expect(indexContent).toContain('TELEGRAM_BOT_TOKEN');
+    expect(indexContent).toContain('TELEGRAM_ONLY');
+    expect(indexContent).toContain('findChannel');
+    expect(indexContent).toContain('channels: Channel[]');
+
+    const configContent = fs.readFileSync(configFile, 'utf-8');
+    expect(configContent).toContain('TELEGRAM_BOT_TOKEN');
+    expect(configContent).toContain('TELEGRAM_ONLY');
+  });
+
+  it('has intent files for modified files', () => {
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'index.ts.intent.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'config.ts.intent.md'))).toBe(true);
+  });
+
+  it('modified index.ts preserves core structure', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Core functions still present
+    expect(content).toContain('function loadState()');
+    expect(content).toContain('function saveState()');
+    expect(content).toContain('function registerGroup(');
+    expect(content).toContain('function getAvailableGroups()');
+    expect(content).toContain('function processGroupMessages(');
+    expect(content).toContain('function runAgent(');
+    expect(content).toContain('function startMessageLoop()');
+    expect(content).toContain('function recoverPendingMessages()');
+    expect(content).toContain('function ensureContainerSystemRunning()');
+    expect(content).toContain('async function main()');
+
+    // Test helper preserved
+    expect(content).toContain('_setRegisteredGroups');
+
+    // Direct-run guard preserved
+    expect(content).toContain('isDirectRun');
+  });
+
+  it('modified index.ts includes Telegram channel creation', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'index.ts'),
+      'utf-8',
+    );
+
+    // Multi-channel architecture
+    expect(content).toContain('const channels: Channel[] = []');
+    expect(content).toContain('channels.push(whatsapp)');
+    expect(content).toContain('channels.push(telegram)');
+
+    // Conditional channel creation
+    expect(content).toContain('if (!TELEGRAM_ONLY)');
+    expect(content).toContain('if (TELEGRAM_BOT_TOKEN)');
+
+    // Shutdown disconnects all channels
+    expect(content).toContain('for (const ch of channels) await ch.disconnect()');
+  });
+
+  it('modified config.ts preserves all existing exports', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'config.ts'),
+      'utf-8',
+    );
+
+    // All original exports preserved
+    expect(content).toContain('export const ASSISTANT_NAME');
+    expect(content).toContain('export const POLL_INTERVAL');
+    expect(content).toContain('export const TRIGGER_PATTERN');
+    expect(content).toContain('export const CONTAINER_IMAGE');
+    expect(content).toContain('export const DATA_DIR');
+    expect(content).toContain('export const TIMEZONE');
+  });
+});
diff --git a/.agent/skills/add-voice-transcription/SKILL.md b/.agent/skills/add-voice-transcription/SKILL.md
new file mode 100644
index 0000000..9997ff4
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/SKILL.md
@@ -0,0 +1,145 @@
+---
+name: add-voice-transcription
+description: Add voice message transcription to NanoClaw using OpenAI's Whisper API. Automatically transcribes WhatsApp voice notes so the agent can read and respond to them.
+---
+
+# Add Voice Transcription
+
+This skill adds automatic voice message transcription to NanoClaw's WhatsApp channel using OpenAI's Whisper API. When a voice note arrives, it is downloaded, transcribed, and delivered to the agent as `[Voice: <transcript>]`.
+
+## Phase 1: Pre-flight
+
+### Check if already applied
+
+Read `.nanoclaw/state.yaml`. If `voice-transcription` is in `applied_skills`, skip to Phase 3 (Configure). The code changes are already in place.
+
+### Ask the user
+
+Use `AskUserQuestion` to collect information:
+
+AskUserQuestion: Do you have an OpenAI API key for Whisper transcription?
+
+If yes, collect it now. If no, direct them to create one at https://platform.openai.com/api-keys.
+
+## Phase 2: Apply Code Changes
+
+Run the skills engine to apply this skill's code package.
+
+### Initialize skills system (if needed)
+
+If `.nanoclaw/` directory doesn't exist yet:
+
+```bash
+npx tsx scripts/apply-skill.ts --init
+```
+
+### Apply the skill
+
+```bash
+npx tsx scripts/apply-skill.ts .agent/skills/add-voice-transcription
+```
+
+This deterministically:
+
+- Adds `src/transcription.ts` (voice transcription module using OpenAI Whisper)
+- Three-way merges voice handling into `src/channels/whatsapp.ts` (isVoiceMessage check, transcribeAudioMessage call)
+- Three-way merges transcription tests into `src/channels/whatsapp.test.ts` (mock + 3 test cases)
+- Installs the `openai` npm dependency
+- Updates `.env.example` with `OPENAI_API_KEY`
+- Records the application in `.nanoclaw/state.yaml`
+
+If the apply reports merge conflicts, read the intent files:
+
+- `modify/src/channels/whatsapp.ts.intent.md` — what changed and invariants for whatsapp.ts
+- `modify/src/channels/whatsapp.test.ts.intent.md` — what changed for whatsapp.test.ts
+
+### Validate code changes
+
+```bash
+npm test
+npm run build
+```
+
+All tests must pass (including the 3 new voice transcription tests) and build must be clean before proceeding.
+
+## Phase 3: Configure
+
+### Get OpenAI API key (if needed)
+
+If the user doesn't have an API key:
+
+> I need you to create an OpenAI API key:
+>
+> 1. Go to https://platform.openai.com/api-keys
+> 2. Click "Create new secret key"
+> 3. Give it a name (e.g., "NanoClaw Transcription")
+> 4. Copy the key (starts with `sk-`)
+>
+> Cost: ~$0.006 per minute of audio (~$0.003 per typical 30-second voice note)
+
+Wait for the user to provide the key.
+
+### Add to environment
+
+Add to `.env`:
+
+```bash
+OPENAI_API_KEY=<their-key>
+```
+
+Sync to container environment:
+
+```bash
+mkdir -p data/env && cp .env data/env/env
+```
+
+The container reads environment from `data/env/env`, not `.env` directly.
+
+### Build and restart
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+## Phase 4: Verify
+
+### Test with a voice note
+
+Tell the user:
+
+> Send a voice note in any registered WhatsApp chat. The agent should receive it as `[Voice: <transcript>]` and respond to its content.
+
+### Check logs if needed
+
+```bash
+tail -f logs/nanoclaw.log | grep -i voice
+```
+
+Look for:
+
+- `Transcribed voice message` — successful transcription with character count
+- `OPENAI_API_KEY not set` — key missing from `.env`
+- `OpenAI transcription failed` — API error (check key validity, billing)
+- `Failed to download audio message` — media download issue
+
+## Troubleshooting
+
+### Voice notes show "[Voice Message - transcription unavailable]"
+
+1. Check `OPENAI_API_KEY` is set in `.env` AND synced to `data/env/env`
+2. Verify key works: `curl -s https://api.openai.com/v1/models -H "Authorization: Bearer $OPENAI_API_KEY" | head -c 200`
+3. Check OpenAI billing — Whisper requires a funded account
+
+### Voice notes show "[Voice Message - transcription failed]"
+
+Check logs for the specific error. Common causes:
+
+- Network timeout — transient, will work on next message
+- Invalid API key — regenerate at https://platform.openai.com/api-keys
+- Rate limiting — wait and retry
+
+### Agent doesn't respond to voice notes
+
+Verify the chat is registered and the agent is running. Voice transcription only runs for registered groups.
diff --git a/.agent/skills/add-voice-transcription/add/src/transcription.ts b/.agent/skills/add-voice-transcription/add/src/transcription.ts
new file mode 100644
index 0000000..91c5e7f
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/add/src/transcription.ts
@@ -0,0 +1,98 @@
+import { downloadMediaMessage } from '@whiskeysockets/baileys';
+import { WAMessage, WASocket } from '@whiskeysockets/baileys';
+
+import { readEnvFile } from './env.js';
+
+interface TranscriptionConfig {
+  model: string;
+  enabled: boolean;
+  fallbackMessage: string;
+}
+
+const DEFAULT_CONFIG: TranscriptionConfig = {
+  model: 'whisper-1',
+  enabled: true,
+  fallbackMessage: '[Voice Message - transcription unavailable]',
+};
+
+async function transcribeWithOpenAI(
+  audioBuffer: Buffer,
+  config: TranscriptionConfig,
+): Promise<string | null> {
+  const env = readEnvFile(['OPENAI_API_KEY']);
+  const apiKey = env.OPENAI_API_KEY;
+
+  if (!apiKey) {
+    console.warn('OPENAI_API_KEY not set in .env');
+    return null;
+  }
+
+  try {
+    const openaiModule = await import('openai');
+    const OpenAI = openaiModule.default;
+    const toFile = openaiModule.toFile;
+
+    const openai = new OpenAI({ apiKey });
+
+    const file = await toFile(audioBuffer, 'voice.ogg', {
+      type: 'audio/ogg',
+    });
+
+    const transcription = await openai.audio.transcriptions.create({
+      file: file,
+      model: config.model,
+      response_format: 'text',
+    });
+
+    // When response_format is 'text', the API returns a plain string
+    return transcription as unknown as string;
+  } catch (err) {
+    console.error('OpenAI transcription failed:', err);
+    return null;
+  }
+}
+
+export async function transcribeAudioMessage(
+  msg: WAMessage,
+  sock: WASocket,
+): Promise<string | null> {
+  const config = DEFAULT_CONFIG;
+
+  if (!config.enabled) {
+    return config.fallbackMessage;
+  }
+
+  try {
+    const buffer = (await downloadMediaMessage(
+      msg,
+      'buffer',
+      {},
+      {
+        logger: console as any,
+        reuploadRequest: sock.updateMediaMessage,
+      },
+    )) as Buffer;
+
+    if (!buffer || buffer.length === 0) {
+      console.error('Failed to download audio message');
+      return config.fallbackMessage;
+    }
+
+    console.log(`Downloaded audio message: ${buffer.length} bytes`);
+
+    const transcript = await transcribeWithOpenAI(buffer, config);
+
+    if (!transcript) {
+      return config.fallbackMessage;
+    }
+
+    return transcript.trim();
+  } catch (err) {
+    console.error('Transcription error:', err);
+    return config.fallbackMessage;
+  }
+}
+
+export function isVoiceMessage(msg: WAMessage): boolean {
+  return msg.message?.audioMessage?.ptt === true;
+}
diff --git a/.agent/skills/add-voice-transcription/manifest.yaml b/.agent/skills/add-voice-transcription/manifest.yaml
new file mode 100644
index 0000000..cb4d587
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/manifest.yaml
@@ -0,0 +1,17 @@
+skill: voice-transcription
+version: 1.0.0
+description: "Voice message transcription via OpenAI Whisper"
+core_version: 0.1.0
+adds:
+  - src/transcription.ts
+modifies:
+  - src/channels/whatsapp.ts
+  - src/channels/whatsapp.test.ts
+structured:
+  npm_dependencies:
+    openai: "^4.77.0"
+  env_additions:
+    - OPENAI_API_KEY
+conflicts: []
+depends: []
+test: "npx vitest run src/channels/whatsapp.test.ts"
diff --git a/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts
new file mode 100644
index 0000000..30e79b0
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts
@@ -0,0 +1,963 @@
+import { describe, it, expect, beforeEach, vi, afterEach } from 'vitest';
+import { EventEmitter } from 'events';
+
+// --- Mocks ---
+
+// Mock config
+vi.mock('../config.js', () => ({
+  STORE_DIR: '/tmp/clawdie-cp-test-store',
+  ASSISTANT_NAME: 'Andy',
+  ASSISTANT_HAS_OWN_NUMBER: false,
+}));
+
+// Mock logger
+vi.mock('../logger.js', () => ({
+  logger: {
+    debug: vi.fn(),
+    info: vi.fn(),
+    warn: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+
+// Mock db
+vi.mock('../db.js', () => ({
+  getLastGroupSync: vi.fn(() => null),
+  setLastGroupSync: vi.fn(),
+  updateChatName: vi.fn(),
+}));
+
+// Mock transcription
+vi.mock('../transcription.js', () => ({
+  isVoiceMessage: vi.fn((msg: any) => msg.message?.audioMessage?.ptt === true),
+  transcribeAudioMessage: vi.fn().mockResolvedValue('Hello this is a voice message'),
+}));
+
+// Mock fs
+vi.mock('fs', async () => {
+  const actual = await vi.importActual<typeof import('fs')>('fs');
+  return {
+    ...actual,
+    default: {
+      ...actual,
+      existsSync: vi.fn(() => true),
+      mkdirSync: vi.fn(),
+    },
+  };
+});
+
+// Mock child_process (used for osascript notification)
+vi.mock('child_process', () => ({
+  exec: vi.fn(),
+}));
+
+// Build a fake WASocket that's an EventEmitter with the methods we need
+function createFakeSocket() {
+  const ev = new EventEmitter();
+  const sock = {
+    ev: {
+      on: (event: string, handler: (...args: unknown[]) => void) => {
+        ev.on(event, handler);
+      },
+    },
+    user: {
+      id: '1234567890:1@s.whatsapp.net',
+      lid: '9876543210:1@lid',
+    },
+    sendMessage: vi.fn().mockResolvedValue(undefined),
+    sendPresenceUpdate: vi.fn().mockResolvedValue(undefined),
+    groupFetchAllParticipating: vi.fn().mockResolvedValue({}),
+    end: vi.fn(),
+    // Expose the event emitter for triggering events in tests
+    _ev: ev,
+  };
+  return sock;
+}
+
+let fakeSocket: ReturnType<typeof createFakeSocket>;
+
+// Mock Baileys
+vi.mock('@whiskeysockets/baileys', () => {
+  return {
+    default: vi.fn(() => fakeSocket),
+    Browsers: { macOS: vi.fn(() => ['macOS', 'Chrome', '']) },
+    DisconnectReason: {
+      loggedOut: 401,
+      badSession: 500,
+      connectionClosed: 428,
+      connectionLost: 408,
+      connectionReplaced: 440,
+      timedOut: 408,
+      restartRequired: 515,
+    },
+    makeCacheableSignalKeyStore: vi.fn((keys: unknown) => keys),
+    useMultiFileAuthState: vi.fn().mockResolvedValue({
+      state: {
+        creds: {},
+        keys: {},
+      },
+      saveCreds: vi.fn(),
+    }),
+  };
+});
+
+import { WhatsAppChannel, WhatsAppChannelOpts } from './whatsapp.js';
+import { getLastGroupSync, updateChatName, setLastGroupSync } from '../db.js';
+import { transcribeAudioMessage } from '../transcription.js';
+
+// --- Test helpers ---
+
+function createTestOpts(overrides?: Partial<WhatsAppChannelOpts>): WhatsAppChannelOpts {
+  return {
+    onMessage: vi.fn(),
+    onChatMetadata: vi.fn(),
+    registeredGroups: vi.fn(() => ({
+      'registered@g.us': {
+        name: 'Test Group',
+        folder: 'test-group',
+        trigger: '@Andy',
+        added_at: '2024-01-01T00:00:00.000Z',
+      },
+    })),
+    ...overrides,
+  };
+}
+
+function triggerConnection(state: string, extra?: Record<string, unknown>) {
+  fakeSocket._ev.emit('connection.update', { connection: state, ...extra });
+}
+
+function triggerDisconnect(statusCode: number) {
+  fakeSocket._ev.emit('connection.update', {
+    connection: 'close',
+    lastDisconnect: {
+      error: { output: { statusCode } },
+    },
+  });
+}
+
+async function triggerMessages(messages: unknown[]) {
+  fakeSocket._ev.emit('messages.upsert', { messages });
+  // Flush microtasks so the async messages.upsert handler completes
+  await new Promise((r) => setTimeout(r, 0));
+}
+
+// --- Tests ---
+
+describe('WhatsAppChannel', () => {
+  beforeEach(() => {
+    fakeSocket = createFakeSocket();
+    vi.mocked(getLastGroupSync).mockReturnValue(null);
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+  });
+
+  /**
+   * Helper: start connect, flush microtasks so event handlers are registered,
+   * then trigger the connection open event. Returns the resolved promise.
+   */
+  async function connectChannel(channel: WhatsAppChannel): Promise<void> {
+    const p = channel.connect();
+    // Flush microtasks so connectInternal completes its await and registers handlers
+    await new Promise((r) => setTimeout(r, 0));
+    triggerConnection('open');
+    return p;
+  }
+
+  // --- Connection lifecycle ---
+
+  describe('connection lifecycle', () => {
+    it('resolves connect() when connection opens', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      expect(channel.isConnected()).toBe(true);
+    });
+
+    it('sets up LID to phone mapping on open', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // The channel should have mapped the LID from sock.user
+      // We can verify by sending a message from a LID JID
+      // and checking the translated JID in the callback
+    });
+
+    it('flushes outgoing queue on reconnect', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Disconnect
+      (channel as any).connected = false;
+
+      // Queue a message while disconnected
+      await channel.sendMessage('test@g.us', 'Queued message');
+      expect(fakeSocket.sendMessage).not.toHaveBeenCalled();
+
+      // Reconnect
+      (channel as any).connected = true;
+      await (channel as any).flushOutgoingQueue();
+
+      // Group messages get prefixed when flushed
+      expect(fakeSocket.sendMessage).toHaveBeenCalledWith(
+        'test@g.us',
+        { text: 'Andy: Queued message' },
+      );
+    });
+
+    it('disconnects cleanly', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.disconnect();
+      expect(channel.isConnected()).toBe(false);
+      expect(fakeSocket.end).toHaveBeenCalled();
+    });
+  });
+
+  // --- QR code and auth ---
+
+  describe('authentication', () => {
+    it('exits process when QR code is emitted (no auth state)', async () => {
+      vi.useFakeTimers();
+      const mockExit = vi.spyOn(process, 'exit').mockImplementation(() => undefined as never);
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      // Start connect but don't await (it won't resolve - process exits)
+      channel.connect().catch(() => {});
+
+      // Flush microtasks so connectInternal registers handlers
+      await vi.advanceTimersByTimeAsync(0);
+
+      // Emit QR code event
+      fakeSocket._ev.emit('connection.update', { qr: 'some-qr-data' });
+
+      // Advance timer past the 1000ms setTimeout before exit
+      await vi.advanceTimersByTimeAsync(1500);
+
+      expect(mockExit).toHaveBeenCalledWith(1);
+      mockExit.mockRestore();
+      vi.useRealTimers();
+    });
+  });
+
+  // --- Reconnection behavior ---
+
+  describe('reconnection', () => {
+    it('reconnects on non-loggedOut disconnect', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      expect(channel.isConnected()).toBe(true);
+
+      // Disconnect with a non-loggedOut reason (e.g., connectionClosed = 428)
+      triggerDisconnect(428);
+
+      expect(channel.isConnected()).toBe(false);
+      // The channel should attempt to reconnect (calls connectInternal again)
+    });
+
+    it('exits on loggedOut disconnect', async () => {
+      const mockExit = vi.spyOn(process, 'exit').mockImplementation(() => undefined as never);
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Disconnect with loggedOut reason (401)
+      triggerDisconnect(401);
+
+      expect(channel.isConnected()).toBe(false);
+      expect(mockExit).toHaveBeenCalledWith(0);
+      mockExit.mockRestore();
+    });
+
+    it('retries reconnection after 5s on failure', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Disconnect with stream error 515
+      triggerDisconnect(515);
+
+      // The channel sets a 5s retry — just verify it doesn't crash
+      await new Promise((r) => setTimeout(r, 100));
+    });
+  });
+
+  // --- Message handling ---
+
+  describe('message handling', () => {
+    it('delivers message for registered group', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-1',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: { conversation: 'Hello Andy' },
+          pushName: 'Alice',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.any(String),
+        undefined,
+        'whatsapp',
+        true,
+      );
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({
+          id: 'msg-1',
+          content: 'Hello Andy',
+          sender_name: 'Alice',
+          is_from_me: false,
+        }),
+      );
+    });
+
+    it('only emits metadata for unregistered groups', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-2',
+            remoteJid: 'unregistered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: { conversation: 'Hello' },
+          pushName: 'Bob',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'unregistered@g.us',
+        expect.any(String),
+        undefined,
+        'whatsapp',
+        true,
+      );
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('ignores status@broadcast messages', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-3',
+            remoteJid: 'status@broadcast',
+            fromMe: false,
+          },
+          message: { conversation: 'Status update' },
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onChatMetadata).not.toHaveBeenCalled();
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('ignores messages with no content', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-4',
+            remoteJid: 'registered@g.us',
+            fromMe: false,
+          },
+          message: null,
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).not.toHaveBeenCalled();
+    });
+
+    it('extracts text from extendedTextMessage', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-5',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            extendedTextMessage: { text: 'A reply message' },
+          },
+          pushName: 'Charlie',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: 'A reply message' }),
+      );
+    });
+
+    it('extracts caption from imageMessage', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-6',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            imageMessage: { caption: 'Check this photo', mimetype: 'image/jpeg' },
+          },
+          pushName: 'Diana',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: 'Check this photo' }),
+      );
+    });
+
+    it('extracts caption from videoMessage', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-7',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            videoMessage: { caption: 'Watch this', mimetype: 'video/mp4' },
+          },
+          pushName: 'Eve',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: 'Watch this' }),
+      );
+    });
+
+    it('transcribes voice messages', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-8',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            audioMessage: { mimetype: 'audio/ogg; codecs=opus', ptt: true },
+          },
+          pushName: 'Frank',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(transcribeAudioMessage).toHaveBeenCalled();
+      expect(opts.onMessage).toHaveBeenCalledTimes(1);
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: '[Voice: Hello this is a voice message]' }),
+      );
+    });
+
+    it('falls back when transcription returns null', async () => {
+      vi.mocked(transcribeAudioMessage).mockResolvedValueOnce(null);
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-8b',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            audioMessage: { mimetype: 'audio/ogg; codecs=opus', ptt: true },
+          },
+          pushName: 'Frank',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledTimes(1);
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: '[Voice Message - transcription unavailable]' }),
+      );
+    });
+
+    it('falls back when transcription throws', async () => {
+      vi.mocked(transcribeAudioMessage).mockRejectedValueOnce(new Error('API error'));
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-8c',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: {
+            audioMessage: { mimetype: 'audio/ogg; codecs=opus', ptt: true },
+          },
+          pushName: 'Frank',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledTimes(1);
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ content: '[Voice Message - transcription failed]' }),
+      );
+    });
+
+    it('uses sender JID when pushName is absent', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-9',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: { conversation: 'No push name' },
+          // pushName is undefined
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onMessage).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.objectContaining({ sender_name: '5551234' }),
+      );
+    });
+  });
+
+  // --- LID ↔ JID translation ---
+
+  describe('LID to JID translation', () => {
+    it('translates known LID to phone JID', async () => {
+      const opts = createTestOpts({
+        registeredGroups: vi.fn(() => ({
+          '1234567890@s.whatsapp.net': {
+            name: 'Self Chat',
+            folder: 'self-chat',
+            trigger: '@Andy',
+            added_at: '2024-01-01T00:00:00.000Z',
+          },
+        })),
+      });
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // The socket has lid '9876543210:1@lid' → phone '1234567890@s.whatsapp.net'
+      // Send a message from the LID
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-lid',
+            remoteJid: '9876543210@lid',
+            fromMe: false,
+          },
+          message: { conversation: 'From LID' },
+          pushName: 'Self',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      // Should be translated to phone JID
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        '1234567890@s.whatsapp.net',
+        expect.any(String),
+        undefined,
+        'whatsapp',
+        false,
+      );
+    });
+
+    it('passes through non-LID JIDs unchanged', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-normal',
+            remoteJid: 'registered@g.us',
+            participant: '5551234@s.whatsapp.net',
+            fromMe: false,
+          },
+          message: { conversation: 'Normal JID' },
+          pushName: 'Grace',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        'registered@g.us',
+        expect.any(String),
+        undefined,
+        'whatsapp',
+        true,
+      );
+    });
+
+    it('passes through unknown LID JIDs unchanged', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await triggerMessages([
+        {
+          key: {
+            id: 'msg-unknown-lid',
+            remoteJid: '0000000000@lid',
+            fromMe: false,
+          },
+          message: { conversation: 'Unknown LID' },
+          pushName: 'Unknown',
+          messageTimestamp: Math.floor(Date.now() / 1000),
+        },
+      ]);
+
+      // Unknown LID passes through unchanged
+      expect(opts.onChatMetadata).toHaveBeenCalledWith(
+        '0000000000@lid',
+        expect.any(String),
+        undefined,
+        'whatsapp',
+        false,
+      );
+    });
+  });
+
+  // --- Outgoing message queue ---
+
+  describe('outgoing message queue', () => {
+    it('sends message directly when connected', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.sendMessage('test@g.us', 'Hello');
+      // Group messages get prefixed with assistant name
+      expect(fakeSocket.sendMessage).toHaveBeenCalledWith('test@g.us', { text: 'Andy: Hello' });
+    });
+
+    it('prefixes direct chat messages on shared number', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.sendMessage('123@s.whatsapp.net', 'Hello');
+      // Shared number: DMs also get prefixed (needed for self-chat distinction)
+      expect(fakeSocket.sendMessage).toHaveBeenCalledWith('123@s.whatsapp.net', { text: 'Andy: Hello' });
+    });
+
+    it('queues message when disconnected', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      // Don't connect — channel starts disconnected
+      await channel.sendMessage('test@g.us', 'Queued');
+      expect(fakeSocket.sendMessage).not.toHaveBeenCalled();
+    });
+
+    it('queues message on send failure', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Make sendMessage fail
+      fakeSocket.sendMessage.mockRejectedValueOnce(new Error('Network error'));
+
+      await channel.sendMessage('test@g.us', 'Will fail');
+
+      // Should not throw, message queued for retry
+      // The queue should have the message
+    });
+
+    it('flushes multiple queued messages in order', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      // Queue messages while disconnected
+      await channel.sendMessage('test@g.us', 'First');
+      await channel.sendMessage('test@g.us', 'Second');
+      await channel.sendMessage('test@g.us', 'Third');
+
+      // Connect — flush happens automatically on open
+      await connectChannel(channel);
+
+      // Give the async flush time to complete
+      await new Promise((r) => setTimeout(r, 50));
+
+      expect(fakeSocket.sendMessage).toHaveBeenCalledTimes(3);
+      // Group messages get prefixed
+      expect(fakeSocket.sendMessage).toHaveBeenNthCalledWith(1, 'test@g.us', { text: 'Andy: First' });
+      expect(fakeSocket.sendMessage).toHaveBeenNthCalledWith(2, 'test@g.us', { text: 'Andy: Second' });
+      expect(fakeSocket.sendMessage).toHaveBeenNthCalledWith(3, 'test@g.us', { text: 'Andy: Third' });
+    });
+  });
+
+  // --- Group metadata sync ---
+
+  describe('group metadata sync', () => {
+    it('syncs group metadata on first connection', async () => {
+      fakeSocket.groupFetchAllParticipating.mockResolvedValue({
+        'group1@g.us': { subject: 'Group One' },
+        'group2@g.us': { subject: 'Group Two' },
+      });
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Wait for async sync to complete
+      await new Promise((r) => setTimeout(r, 50));
+
+      expect(fakeSocket.groupFetchAllParticipating).toHaveBeenCalled();
+      expect(updateChatName).toHaveBeenCalledWith('group1@g.us', 'Group One');
+      expect(updateChatName).toHaveBeenCalledWith('group2@g.us', 'Group Two');
+      expect(setLastGroupSync).toHaveBeenCalled();
+    });
+
+    it('skips sync when synced recently', async () => {
+      // Last sync was 1 hour ago (within 24h threshold)
+      vi.mocked(getLastGroupSync).mockReturnValue(
+        new Date(Date.now() - 60 * 60 * 1000).toISOString(),
+      );
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await new Promise((r) => setTimeout(r, 50));
+
+      expect(fakeSocket.groupFetchAllParticipating).not.toHaveBeenCalled();
+    });
+
+    it('forces sync regardless of cache', async () => {
+      vi.mocked(getLastGroupSync).mockReturnValue(
+        new Date(Date.now() - 60 * 60 * 1000).toISOString(),
+      );
+
+      fakeSocket.groupFetchAllParticipating.mockResolvedValue({
+        'group@g.us': { subject: 'Forced Group' },
+      });
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.syncGroupMetadata(true);
+
+      expect(fakeSocket.groupFetchAllParticipating).toHaveBeenCalled();
+      expect(updateChatName).toHaveBeenCalledWith('group@g.us', 'Forced Group');
+    });
+
+    it('handles group sync failure gracefully', async () => {
+      fakeSocket.groupFetchAllParticipating.mockRejectedValue(
+        new Error('Network timeout'),
+      );
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Should not throw
+      await expect(channel.syncGroupMetadata(true)).resolves.toBeUndefined();
+    });
+
+    it('skips groups with no subject', async () => {
+      fakeSocket.groupFetchAllParticipating.mockResolvedValue({
+        'group1@g.us': { subject: 'Has Subject' },
+        'group2@g.us': { subject: '' },
+        'group3@g.us': {},
+      });
+
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      // Clear any calls from the automatic sync on connect
+      vi.mocked(updateChatName).mockClear();
+
+      await channel.syncGroupMetadata(true);
+
+      expect(updateChatName).toHaveBeenCalledTimes(1);
+      expect(updateChatName).toHaveBeenCalledWith('group1@g.us', 'Has Subject');
+    });
+  });
+
+  // --- JID ownership ---
+
+  describe('ownsJid', () => {
+    it('owns @g.us JIDs (WhatsApp groups)', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect(channel.ownsJid('12345@g.us')).toBe(true);
+    });
+
+    it('owns @s.whatsapp.net JIDs (WhatsApp DMs)', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect(channel.ownsJid('12345@s.whatsapp.net')).toBe(true);
+    });
+
+    it('does not own Telegram JIDs', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect(channel.ownsJid('tg:12345')).toBe(false);
+    });
+
+    it('does not own unknown JID formats', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect(channel.ownsJid('random-string')).toBe(false);
+    });
+  });
+
+  // --- Typing indicator ---
+
+  describe('setTyping', () => {
+    it('sends composing presence when typing', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.setTyping('test@g.us', true);
+      expect(fakeSocket.sendPresenceUpdate).toHaveBeenCalledWith('composing', 'test@g.us');
+    });
+
+    it('sends paused presence when stopping', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      await channel.setTyping('test@g.us', false);
+      expect(fakeSocket.sendPresenceUpdate).toHaveBeenCalledWith('paused', 'test@g.us');
+    });
+
+    it('handles typing indicator failure gracefully', async () => {
+      const opts = createTestOpts();
+      const channel = new WhatsAppChannel(opts);
+
+      await connectChannel(channel);
+
+      fakeSocket.sendPresenceUpdate.mockRejectedValueOnce(new Error('Failed'));
+
+      // Should not throw
+      await expect(channel.setTyping('test@g.us', true)).resolves.toBeUndefined();
+    });
+  });
+
+  // --- Channel properties ---
+
+  describe('channel properties', () => {
+    it('has name "whatsapp"', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect(channel.name).toBe('whatsapp');
+    });
+
+    it('does not expose prefixAssistantName (prefix handled internally)', () => {
+      const channel = new WhatsAppChannel(createTestOpts());
+      expect('prefixAssistantName' in channel).toBe(false);
+    });
+  });
+});
diff --git a/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts.intent.md b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts.intent.md
new file mode 100644
index 0000000..1607ddb
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.test.ts.intent.md
@@ -0,0 +1,30 @@
+# Intent: src/channels/whatsapp.test.ts modifications
+
+## What changed
+
+Added mock for the transcription module and 3 new test cases for voice message handling.
+
+## Key sections
+
+### Mocks (top of file)
+
+- Added: `vi.mock('../transcription.js', ...)` with `isVoiceMessage` and `transcribeAudioMessage` mocks
+- Added: `import { transcribeAudioMessage } from '../transcription.js'` for test assertions
+
+### Test cases (inside "message handling" describe block)
+
+- Changed: "handles message with no extractable text (e.g. voice note without caption)" → "transcribes voice messages"
+  - Now expects `[Voice: Hello this is a voice message]` instead of empty content
+- Added: "falls back when transcription returns null" — expects `[Voice Message - transcription unavailable]`
+- Added: "falls back when transcription throws" — expects `[Voice Message - transcription failed]`
+
+## Invariants (must-keep)
+
+- All existing test cases for text, extendedTextMessage, imageMessage, videoMessage unchanged
+- All connection lifecycle tests unchanged
+- All LID translation tests unchanged
+- All outgoing queue tests unchanged
+- All group metadata sync tests unchanged
+- All ownsJid and setTyping tests unchanged
+- All existing mocks (config, logger, db, fs, child_process, baileys) unchanged
+- Test helpers (createTestOpts, triggerConnection, triggerDisconnect, triggerMessages, connectChannel) unchanged
diff --git a/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts
new file mode 100644
index 0000000..9fc832d
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts
@@ -0,0 +1,400 @@
+import { exec } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+
+import makeWASocket, {
+  Browsers,
+  DisconnectReason,
+  WASocket,
+  fetchLatestWaWebVersion,
+  makeCacheableSignalKeyStore,
+  useMultiFileAuthState,
+} from '@whiskeysockets/baileys';
+
+import {
+  ASSISTANT_HAS_OWN_NUMBER,
+  ASSISTANT_NAME,
+  STORE_DIR,
+} from '../config.js';
+import { getLastGroupSync, setLastGroupSync, updateChatName } from '../db.js';
+import { logger } from '../logger.js';
+import { isVoiceMessage, transcribeAudioMessage } from '../transcription.js';
+import {
+  Channel,
+  OnInboundMessage,
+  OnChatMetadata,
+  RegisteredGroup,
+} from '../types.js';
+
+const GROUP_SYNC_INTERVAL_MS = 24 * 60 * 60 * 1000; // 24 hours
+
+export interface WhatsAppChannelOpts {
+  onMessage: OnInboundMessage;
+  onChatMetadata: OnChatMetadata;
+  registeredGroups: () => Record<string, RegisteredGroup>;
+}
+
+export class WhatsAppChannel implements Channel {
+  name = 'whatsapp';
+
+  private sock!: WASocket;
+  private connected = false;
+  private lidToPhoneMap: Record<string, string> = {};
+  private outgoingQueue: Array<{ jid: string; text: string }> = [];
+  private flushing = false;
+  private groupSyncTimerStarted = false;
+
+  private opts: WhatsAppChannelOpts;
+
+  constructor(opts: WhatsAppChannelOpts) {
+    this.opts = opts;
+  }
+
+  async connect(): Promise<void> {
+    return new Promise<void>((resolve, reject) => {
+      this.connectInternal(resolve).catch(reject);
+    });
+  }
+
+  private async connectInternal(onFirstOpen?: () => void): Promise<void> {
+    const authDir = path.join(STORE_DIR, 'auth');
+    fs.mkdirSync(authDir, { recursive: true });
+
+    const { state, saveCreds } = await useMultiFileAuthState(authDir);
+
+    const { version } = await fetchLatestWaWebVersion({}).catch((err) => {
+      logger.warn(
+        { err },
+        'Failed to fetch latest WA Web version, using default',
+      );
+      return { version: undefined };
+    });
+    this.sock = makeWASocket({
+      version,
+      auth: {
+        creds: state.creds,
+        keys: makeCacheableSignalKeyStore(state.keys, logger),
+      },
+      printQRInTerminal: false,
+      logger,
+      browser: Browsers.macOS('Chrome'),
+    });
+
+    this.sock.ev.on('connection.update', (update) => {
+      const { connection, lastDisconnect, qr } = update;
+
+      if (qr) {
+        const msg =
+          'WhatsApp authentication required. Run /setup to re-authenticate.';
+        logger.error(msg);
+        exec(
+          `osascript -e 'display notification "${msg}" with title "NanoClaw" sound name "Basso"'`,
+        );
+        setTimeout(() => process.exit(1), 1000);
+      }
+
+      if (connection === 'close') {
+        this.connected = false;
+        const reason = (
+          lastDisconnect?.error as { output?: { statusCode?: number } }
+        )?.output?.statusCode;
+        const shouldReconnect = reason !== DisconnectReason.loggedOut;
+        logger.info(
+          {
+            reason,
+            shouldReconnect,
+            queuedMessages: this.outgoingQueue.length,
+          },
+          'Connection closed',
+        );
+
+        if (shouldReconnect) {
+          logger.info('Reconnecting...');
+          this.connectInternal().catch((err) => {
+            logger.error({ err }, 'Failed to reconnect, retrying in 5s');
+            setTimeout(() => {
+              this.connectInternal().catch((err2) => {
+                logger.error({ err: err2 }, 'Reconnection retry failed');
+              });
+            }, 5000);
+          });
+        } else {
+          logger.info('Logged out. Run /setup to re-authenticate.');
+          process.exit(0);
+        }
+      } else if (connection === 'open') {
+        this.connected = true;
+        logger.info('Connected to WhatsApp');
+
+        // Announce availability so WhatsApp relays subsequent presence updates (typing indicators)
+        this.sock.sendPresenceUpdate('available').catch((err) => {
+          logger.warn({ err }, 'Failed to send presence update');
+        });
+
+        // Build LID to phone mapping from auth state for self-chat translation
+        if (this.sock.user) {
+          const phoneUser = this.sock.user.id.split(':')[0];
+          const lidUser = this.sock.user.lid?.split(':')[0];
+          if (lidUser && phoneUser) {
+            this.lidToPhoneMap[lidUser] = `${phoneUser}@s.whatsapp.net`;
+            logger.debug({ lidUser, phoneUser }, 'LID to phone mapping set');
+          }
+        }
+
+        // Flush any messages queued while disconnected
+        this.flushOutgoingQueue().catch((err) =>
+          logger.error({ err }, 'Failed to flush outgoing queue'),
+        );
+
+        // Sync group metadata on startup (respects 24h cache)
+        this.syncGroupMetadata().catch((err) =>
+          logger.error({ err }, 'Initial group sync failed'),
+        );
+        // Set up daily sync timer (only once)
+        if (!this.groupSyncTimerStarted) {
+          this.groupSyncTimerStarted = true;
+          setInterval(() => {
+            this.syncGroupMetadata().catch((err) =>
+              logger.error({ err }, 'Periodic group sync failed'),
+            );
+          }, GROUP_SYNC_INTERVAL_MS);
+        }
+
+        // Signal first connection to caller
+        if (onFirstOpen) {
+          onFirstOpen();
+          onFirstOpen = undefined;
+        }
+      }
+    });
+
+    this.sock.ev.on('creds.update', saveCreds);
+
+    this.sock.ev.on('messages.upsert', async ({ messages }) => {
+      for (const msg of messages) {
+        if (!msg.message) continue;
+        const rawJid = msg.key.remoteJid;
+        if (!rawJid || rawJid === 'status@broadcast') continue;
+
+        // Translate LID JID to phone JID if applicable
+        const chatJid = await this.translateJid(rawJid);
+
+        const timestamp = new Date(
+          Number(msg.messageTimestamp) * 1000,
+        ).toISOString();
+
+        // Always notify about chat metadata for group discovery
+        const isGroup = chatJid.endsWith('@g.us');
+        this.opts.onChatMetadata(
+          chatJid,
+          timestamp,
+          undefined,
+          'whatsapp',
+          isGroup,
+        );
+
+        // Only deliver full message for registered groups
+        const groups = this.opts.registeredGroups();
+        if (groups[chatJid]) {
+          const content =
+            msg.message?.conversation ||
+            msg.message?.extendedTextMessage?.text ||
+            msg.message?.imageMessage?.caption ||
+            msg.message?.videoMessage?.caption ||
+            '';
+
+          // Skip protocol messages with no text content (encryption keys, read receipts, etc.)
+          // but allow voice messages through for transcription
+          if (!content && !isVoiceMessage(msg)) continue;
+
+          const sender = msg.key.participant || msg.key.remoteJid || '';
+          const senderName = msg.pushName || sender.split('@')[0];
+
+          const fromMe = msg.key.fromMe || false;
+          // Detect bot messages: with own number, fromMe is reliable
+          // since only the bot sends from that number.
+          // With shared number, bot messages carry the assistant name prefix
+          // (even in DMs/self-chat) so we check for that.
+          const isBotMessage = ASSISTANT_HAS_OWN_NUMBER
+            ? fromMe
+            : content.startsWith(`${ASSISTANT_NAME}:`);
+
+          // Transcribe voice messages before storing
+          let finalContent = content;
+          if (isVoiceMessage(msg)) {
+            try {
+              const transcript = await transcribeAudioMessage(msg, this.sock);
+              if (transcript) {
+                finalContent = `[Voice: ${transcript}]`;
+                logger.info(
+                  { chatJid, length: transcript.length },
+                  'Transcribed voice message',
+                );
+              } else {
+                finalContent = '[Voice Message - transcription unavailable]';
+              }
+            } catch (err) {
+              logger.error({ err }, 'Voice transcription error');
+              finalContent = '[Voice Message - transcription failed]';
+            }
+          }
+
+          this.opts.onMessage(chatJid, {
+            id: msg.key.id || '',
+            chat_jid: chatJid,
+            sender,
+            sender_name: senderName,
+            content: finalContent,
+            timestamp,
+            is_from_me: fromMe,
+            is_bot_message: isBotMessage,
+          });
+        }
+      }
+    });
+  }
+
+  async sendMessage(jid: string, text: string): Promise<void> {
+    // Prefix bot messages with assistant name so users know who's speaking.
+    // On a shared number, prefix is also needed in DMs (including self-chat)
+    // to distinguish bot output from user messages.
+    // Skip only when the assistant has its own dedicated phone number.
+    const prefixed = ASSISTANT_HAS_OWN_NUMBER
+      ? text
+      : `${ASSISTANT_NAME}: ${text}`;
+
+    if (!this.connected) {
+      this.outgoingQueue.push({ jid, text: prefixed });
+      logger.info(
+        { jid, length: prefixed.length, queueSize: this.outgoingQueue.length },
+        'WA disconnected, message queued',
+      );
+      return;
+    }
+    try {
+      await this.sock.sendMessage(jid, { text: prefixed });
+      logger.info({ jid, length: prefixed.length }, 'Message sent');
+    } catch (err) {
+      // If send fails, queue it for retry on reconnect
+      this.outgoingQueue.push({ jid, text: prefixed });
+      logger.warn(
+        { jid, err, queueSize: this.outgoingQueue.length },
+        'Failed to send, message queued',
+      );
+    }
+  }
+
+  isConnected(): boolean {
+    return this.connected;
+  }
+
+  ownsJid(jid: string): boolean {
+    return jid.endsWith('@g.us') || jid.endsWith('@s.whatsapp.net');
+  }
+
+  async disconnect(): Promise<void> {
+    this.connected = false;
+    this.sock?.end(undefined);
+  }
+
+  async setTyping(jid: string, isTyping: boolean): Promise<void> {
+    try {
+      const status = isTyping ? 'composing' : 'paused';
+      logger.debug({ jid, status }, 'Sending presence update');
+      await this.sock.sendPresenceUpdate(status, jid);
+    } catch (err) {
+      logger.debug({ jid, err }, 'Failed to update typing status');
+    }
+  }
+
+  /**
+   * Sync group metadata from WhatsApp.
+   * Fetches all participating groups and stores their names in the database.
+   * Called on startup, daily, and on-demand via IPC.
+   */
+  async syncGroupMetadata(force = false): Promise<void> {
+    if (!force) {
+      const lastSync = getLastGroupSync();
+      if (lastSync) {
+        const lastSyncTime = new Date(lastSync).getTime();
+        if (Date.now() - lastSyncTime < GROUP_SYNC_INTERVAL_MS) {
+          logger.debug({ lastSync }, 'Skipping group sync - synced recently');
+          return;
+        }
+      }
+    }
+
+    try {
+      logger.info('Syncing group metadata from WhatsApp...');
+      const groups = await this.sock.groupFetchAllParticipating();
+
+      let count = 0;
+      for (const [jid, metadata] of Object.entries(groups)) {
+        if (metadata.subject) {
+          updateChatName(jid, metadata.subject);
+          count++;
+        }
+      }
+
+      setLastGroupSync();
+      logger.info({ count }, 'Group metadata synced');
+    } catch (err) {
+      logger.error({ err }, 'Failed to sync group metadata');
+    }
+  }
+
+  private async translateJid(jid: string): Promise<string> {
+    if (!jid.endsWith('@lid')) return jid;
+    const lidUser = jid.split('@')[0].split(':')[0];
+
+    // Check local cache first
+    const cached = this.lidToPhoneMap[lidUser];
+    if (cached) {
+      logger.debug(
+        { lidJid: jid, phoneJid: cached },
+        'Translated LID to phone JID (cached)',
+      );
+      return cached;
+    }
+
+    // Query Baileys' signal repository for the mapping
+    try {
+      const pn = await this.sock.signalRepository?.lidMapping?.getPNForLID(jid);
+      if (pn) {
+        const phoneJid = `${pn.split('@')[0].split(':')[0]}@s.whatsapp.net`;
+        this.lidToPhoneMap[lidUser] = phoneJid;
+        logger.info(
+          { lidJid: jid, phoneJid },
+          'Translated LID to phone JID (signalRepository)',
+        );
+        return phoneJid;
+      }
+    } catch (err) {
+      logger.debug({ err, jid }, 'Failed to resolve LID via signalRepository');
+    }
+
+    return jid;
+  }
+
+  private async flushOutgoingQueue(): Promise<void> {
+    if (this.flushing || this.outgoingQueue.length === 0) return;
+    this.flushing = true;
+    try {
+      logger.info(
+        { count: this.outgoingQueue.length },
+        'Flushing outgoing message queue',
+      );
+      while (this.outgoingQueue.length > 0) {
+        const item = this.outgoingQueue.shift()!;
+        // Send directly — queued items are already prefixed by sendMessage
+        await this.sock.sendMessage(item.jid, { text: item.text });
+        logger.info(
+          { jid: item.jid, length: item.text.length },
+          'Queued message sent',
+        );
+      }
+    } finally {
+      this.flushing = false;
+    }
+  }
+}
diff --git a/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts.intent.md b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts.intent.md
new file mode 100644
index 0000000..67a5719
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/modify/src/channels/whatsapp.ts.intent.md
@@ -0,0 +1,31 @@
+# Intent: src/channels/whatsapp.ts modifications
+
+## What changed
+
+Added voice message transcription support. When a WhatsApp voice note (PTT audio) arrives, it is downloaded and transcribed via OpenAI Whisper before being stored as message content.
+
+## Key sections
+
+### Imports (top of file)
+
+- Added: `isVoiceMessage`, `transcribeAudioMessage` from `../transcription.js`
+
+### messages.upsert handler (inside connectInternal)
+
+- Added: `let finalContent = content` variable to allow voice transcription to override text content
+- Added: `isVoiceMessage(msg)` check after content extraction
+- Added: try/catch block calling `transcribeAudioMessage(msg, this.sock)`
+  - Success: `finalContent = '[Voice: <transcript>]'`
+  - Null result: `finalContent = '[Voice Message - transcription unavailable]'`
+  - Error: `finalContent = '[Voice Message - transcription failed]'`
+- Changed: `this.opts.onMessage()` call uses `finalContent` instead of `content`
+
+## Invariants (must-keep)
+
+- All existing message handling (conversation, extendedTextMessage, imageMessage, videoMessage) unchanged
+- Connection lifecycle (connect, reconnect, disconnect) unchanged
+- LID translation logic unchanged
+- Outgoing message queue unchanged
+- Group metadata sync unchanged
+- sendMessage prefix logic unchanged
+- setTyping, ownsJid, isConnected — all unchanged
diff --git a/.agent/skills/add-voice-transcription/tests/voice-transcription.test.ts b/.agent/skills/add-voice-transcription/tests/voice-transcription.test.ts
new file mode 100644
index 0000000..76ebd0d
--- /dev/null
+++ b/.agent/skills/add-voice-transcription/tests/voice-transcription.test.ts
@@ -0,0 +1,123 @@
+import { describe, expect, it } from 'vitest';
+import fs from 'fs';
+import path from 'path';
+
+describe('voice-transcription skill package', () => {
+  const skillDir = path.resolve(__dirname, '..');
+
+  it('has a valid manifest', () => {
+    const manifestPath = path.join(skillDir, 'manifest.yaml');
+    expect(fs.existsSync(manifestPath)).toBe(true);
+
+    const content = fs.readFileSync(manifestPath, 'utf-8');
+    expect(content).toContain('skill: voice-transcription');
+    expect(content).toContain('version: 1.0.0');
+    expect(content).toContain('openai');
+    expect(content).toContain('OPENAI_API_KEY');
+  });
+
+  it('has all files declared in adds', () => {
+    const transcriptionFile = path.join(skillDir, 'add', 'src', 'transcription.ts');
+    expect(fs.existsSync(transcriptionFile)).toBe(true);
+
+    const content = fs.readFileSync(transcriptionFile, 'utf-8');
+    expect(content).toContain('transcribeAudioMessage');
+    expect(content).toContain('isVoiceMessage');
+    expect(content).toContain('transcribeWithOpenAI');
+    expect(content).toContain('downloadMediaMessage');
+    expect(content).toContain('readEnvFile');
+  });
+
+  it('has all files declared in modifies', () => {
+    const whatsappFile = path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.ts');
+    const whatsappTestFile = path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.test.ts');
+
+    expect(fs.existsSync(whatsappFile)).toBe(true);
+    expect(fs.existsSync(whatsappTestFile)).toBe(true);
+  });
+
+  it('has intent files for modified files', () => {
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.ts.intent.md'))).toBe(true);
+    expect(fs.existsSync(path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.test.ts.intent.md'))).toBe(true);
+  });
+
+  it('modified whatsapp.ts preserves core structure', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.ts'),
+      'utf-8',
+    );
+
+    // Core class and methods preserved
+    expect(content).toContain('class WhatsAppChannel');
+    expect(content).toContain('implements Channel');
+    expect(content).toContain('async connect()');
+    expect(content).toContain('async sendMessage(');
+    expect(content).toContain('isConnected()');
+    expect(content).toContain('ownsJid(');
+    expect(content).toContain('async disconnect()');
+    expect(content).toContain('async setTyping(');
+    expect(content).toContain('async syncGroupMetadata(');
+    expect(content).toContain('private async translateJid(');
+    expect(content).toContain('private async flushOutgoingQueue(');
+
+    // Core imports preserved
+    expect(content).toContain('ASSISTANT_HAS_OWN_NUMBER');
+    expect(content).toContain('ASSISTANT_NAME');
+    expect(content).toContain('STORE_DIR');
+  });
+
+  it('modified whatsapp.ts includes transcription integration', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.ts'),
+      'utf-8',
+    );
+
+    // Transcription imports
+    expect(content).toContain("import { isVoiceMessage, transcribeAudioMessage } from '../transcription.js'");
+
+    // Voice message handling
+    expect(content).toContain('isVoiceMessage(msg)');
+    expect(content).toContain('transcribeAudioMessage(msg, this.sock)');
+    expect(content).toContain('finalContent');
+    expect(content).toContain('[Voice:');
+    expect(content).toContain('[Voice Message - transcription unavailable]');
+    expect(content).toContain('[Voice Message - transcription failed]');
+  });
+
+  it('modified whatsapp.test.ts includes transcription mock and tests', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.test.ts'),
+      'utf-8',
+    );
+
+    // Transcription mock
+    expect(content).toContain("vi.mock('../transcription.js'");
+    expect(content).toContain('isVoiceMessage');
+    expect(content).toContain('transcribeAudioMessage');
+
+    // Voice transcription test cases
+    expect(content).toContain('transcribes voice messages');
+    expect(content).toContain('falls back when transcription returns null');
+    expect(content).toContain('falls back when transcription throws');
+    expect(content).toContain('[Voice: Hello this is a voice message]');
+  });
+
+  it('modified whatsapp.test.ts preserves all existing test sections', () => {
+    const content = fs.readFileSync(
+      path.join(skillDir, 'modify', 'src', 'channels', 'whatsapp.test.ts'),
+      'utf-8',
+    );
+
+    // All existing test describe blocks preserved
+    expect(content).toContain("describe('connection lifecycle'");
+    expect(content).toContain("describe('authentication'");
+    expect(content).toContain("describe('reconnection'");
+    expect(content).toContain("describe('message handling'");
+    expect(content).toContain("describe('LID to JID translation'");
+    expect(content).toContain("describe('outgoing message queue'");
+    expect(content).toContain("describe('group metadata sync'");
+    expect(content).toContain("describe('ownsJid'");
+    expect(content).toContain("describe('setTyping'");
+    expect(content).toContain("describe('channel properties'");
+  });
+});
diff --git a/.agent/skills/agent-setup/SKILL.md b/.agent/skills/agent-setup/SKILL.md
new file mode 100644
index 0000000..726ba58
--- /dev/null
+++ b/.agent/skills/agent-setup/SKILL.md
@@ -0,0 +1,88 @@
+---
+name: agent-setup
+description: Set up the current Clawdie runtime on FreeBSD using the host orchestrator plus db/git/cms/worker jails. Use when bringing up a fresh FreeBSD host or aligning an install with current main.
+---
+
+# Agent FreeBSD Setup
+
+Use this skill for the active FreeBSD deployment model on current `main`.
+
+## Current architecture
+
+Clawdie no longer uses a dedicated operator jail.
+
+Current layout:
+
+- host: orchestrator, service management, setup flow
+- `{agent}-db` jail: PostgreSQL for Agent System Skills and User/Agent Memory
+- `{agent}-git` jail: local bare repositories
+- `{agent}-cms` jail: nginx + Astro (Strapi is optional when used)
+- `{agent}-worker` jail: baseline sandbox at `${AGENT_SUBNET_BASE}.101`
+
+## Canonical addresses
+
+- `warden0`: `${AGENT_SUBNET_BASE}.1/24`
+- `.2`: reserved compatibility slot (legacy controlplane naming)
+- `{agent}-db`: `${AGENT_SUBNET_BASE}.3`
+- `{agent}-cms`: `${AGENT_SUBNET_BASE}.4`
+- `{agent}-ollama` or `{agent}-llamacpp`: `${AGENT_SUBNET_BASE}.5` (optional)
+- `{agent}-git`: `${AGENT_SUBNET_BASE}.6` (optional)
+- `{agent}-worker`: `${AGENT_SUBNET_BASE}.101`
+- browser/gui: `${AGENT_SUBNET_BASE}.150` (reserved)
+
+Notes:
+
+- Service jails should be **agent-prefixed** to avoid name collisions when a
+  second agent is added later.
+- If you intentionally want to share a local LLM jail across agents, keep a
+  single `ollama`/`llamacpp` jail and point multiple agents at it explicitly.
+- For the “add a second agent later” procedure, follow `docs/public/reference/multi-agent.md`.
+
+## Canonical setup flow
+
+```sh
+./setup.sh
+just install
+```
+
+## Host prerequisites
+
+```sh
+freebsd-version
+zpool status zroot
+sysctl net.inet.ip.forwarding
+sysctl kern.racct.enable
+```
+
+Install the baseline:
+
+```sh
+sudo pkg install -y bash git bsddialog bastille node24 npm tmux python311 uv ripgrep fd-find rsync postgresql18-client py311-pillow dejavu rust sanoid
+npm install -g @earendil-works/pi-coding-agent
+```
+
+## tmux baseline for `pi`
+
+```sh
+cat >> ~/.tmux.conf << 'EOF'
+set -g extended-keys on
+set -g extended-keys-format csi-u
+EOF
+tmux source-file ~/.tmux.conf 2>/dev/null || true
+```
+
+## ZFS and networking
+
+Delegate to:
+
+- `/warden-zfs` for dataset layout and snapshots
+- `/bastille-network` for `warden0`
+- `/warden-pf` for NAT and port forwards
+
+## Safe defaults
+
+- keep SSH on the host
+- keep Ansible aimed at the host, not inside jails
+- keep `db` mandatory for split-brain
+- keep `git` and `cms` as first-class service jails
+- keep `.home.arpa` for internal naming and `.invalid` as the public placeholder
diff --git a/.agent/skills/ansible-freebsd/SKILL.md b/.agent/skills/ansible-freebsd/SKILL.md
new file mode 100644
index 0000000..d63853f
--- /dev/null
+++ b/.agent/skills/ansible-freebsd/SKILL.md
@@ -0,0 +1,306 @@
+---
+name: ansible-freebsd
+description: Use Ansible for repeatable FreeBSD host and Bastille jail operations in Clawdie. Use when turning FreeBSD admin work into playbooks, inventories, and roles, including nginx, host networking, git/db/cms jail bootstrap, and Astro/Strapi deployment.
+---
+
+# Ansible FreeBSD
+
+Use this skill when a FreeBSD host workflow should become repeatable Ansible
+automation instead of ad hoc shell commands.
+
+## Addressing note
+
+All IPs are derived from `AGENT_SUBNET_BASE` (set in `.env`). Default for agent 1
+is `10.0.1`. Each additional agent gets its own `/24`: agent 2 → `10.0.2`, etc.
+
+Fixed layout within each agent subnet:
+
+- `.1` = warden0 gateway
+- `.2` = `{agent}-controlplane` (reserved)
+- `.3` = `{agent}-db` (PostgreSQL)
+- `.4` = `{agent}-cms` (Astro + Strapi)
+- `.5` = `{agent}-ollama` or `{agent}-llamacpp` (optional local LLM)
+- `.6` = `{agent}-git` (optional, `FEATURE_GIT=true`)
+
+Examples below use `10.0.1.x` (agent 1). Use `{{ agent_subnet_base }}.x` in playbooks.
+
+This skill complements existing host/jail skills:
+
+- `freebsd-admin` defines host-level intent and safety rules
+- `warden-bootstrap` defines Bastille jail bootstrap shape
+- `nginx` defines web-serving behavior
+- `astro` and `strapi` define the cms application architecture
+
+This skill turns those operational patterns into Ansible structure.
+
+## Scope
+
+This skill covers:
+
+- Ansible inventory layout for the FreeBSD host
+- host playbooks for packages, `sysrc`, `sysctl`, services, and config files
+- Bastille jail creation orchestration through explicit commands
+- `git` jail bootstrap for local code storage (optional, `FEATURE_GIT=true`)
+- `{agent}-cms` jail bootstrap for Astro + Strapi on `${AGENT_SUBNET_BASE}.4`
+- nginx deployment handoff for static Astro output
+
+This skill does not replace:
+
+- `freebsd-admin` for host policy decisions
+- `warden-pf` for firewall design
+- `warden-zfs` for dataset design
+- `nginx` for site architecture decisions
+
+## Core rules
+
+- keep Ansible boring and explicit
+- prefer idempotent tasks, but do not force fake abstractions over Bastille or ZFS
+- shell out for `bastille`, `zfs`, and `bastille cmd` when that is the clearest path
+- keep host tasks and jail tasks clearly separated
+- validate after each major phase
+- connect Ansible to the FreeBSD host by SSH, not to Bastille jails by default
+
+## Initial repository shape
+
+Create infrastructure under:
+
+```text
+infra/ansible/
+  inventories/
+    production/
+      hosts.yaml
+      group_vars/
+      host_vars/
+  playbooks/
+    host-preflight.yaml
+    base-host.yaml
+    host-nginx.yaml
+    host-pf-baseline.yaml
+    db-memory-bootstrap.yaml
+    git-jail-bootstrap.yaml
+    jail-cms-create.yaml
+    jail-cms-bootstrap.yaml
+    cms-strapi-bootstrap.yaml
+    cms-astro-bootstrap.yaml
+    cms-deploy.yaml
+  roles/
+    freebsd_base/
+    freebsd_network/
+    nginx_host/
+    bastille_jail/
+    cms_jail/
+```
+
+Start small. The first useful milestone is not full automation. It is:
+
+1. host preflight
+2. `cms` jail creation
+3. `cms` jail package bootstrap
+4. optional `git` jail bootstrap for local code storage
+
+## Workflow
+
+1. Read `references/install.md` before assuming Ansible is available on the host
+2. Read `references/layout.md`
+3. Read `references/cms-astro-strapi-plan.md` if the target is the `cms` jail on `${AGENT_SUBNET_BASE}.4`
+4. Read `references/host-encrypted-dataset.md` before assuming screenshot encryption can be bootstrapped automatically
+5. Reuse existing skill assumptions instead of inventing new architecture
+6. Create or update only the smallest playbooks needed for the current step
+7. Keep commands auditable and close to existing manual docs
+
+## Recommended first Ansible targets
+
+### `host-preflight.yaml`
+
+Validate:
+
+- FreeBSD host
+- Bastille installed
+- `15.0-RELEASE` available
+- `warden0` exists with `{{ agent_subnet_base }}.1/24`
+- forwarding enabled or clearly missing
+- encrypted screenshot dataset exists and is mounted correctly
+
+Important:
+
+- `host-preflight.yaml` does not create the encrypted ZFS dataset
+- use `references/host-encrypted-dataset.md` for the one-time host bootstrap
+
+### `base-host.yaml`
+
+Apply the first repeatable host baseline for current `main`:
+
+- host package baseline: `bash`, `bsddialog`, `bastille`, `git`, `tmux`,
+  `python311`, `uv`, `ripgrep`, `fd-find`, `rsync`, `postgresql18-client`,
+  `node24`, `npm`, `py311-pillow`, `dejavu`
+- `gateway_enable="YES"`
+- immediate forwarding enablement
+- Bastille resolver baseline file
+- host validation after change
+
+This playbook is the default Ansible handoff target for `freebsd-admin`.
+
+### `jail-cms-create.yaml`
+
+Create the `cms` jail with the proven pattern:
+
+```text
+bastille create -T -B -g ${AGENT_SUBNET_BASE}.1 ${AGENT_NAME}-cms 15.0-RELEASE {{ agent_subnet_base }}.4/24 warden0
+```
+
+Then:
+
+- set hostname to `cms.<agent>.home.arpa`
+- restart jail
+- validate route and reachability to `db` at `${AGENT_SUBNET_BASE}.3`
+
+### `jail-cms-bootstrap.yaml`
+
+Inside `cms`:
+
+- install `bash`, `nginx`, `node24`, `npm`, `git`, `rsync`, `postgresql18-client`
+- ensure `clawdie` user exists
+- create `/home/clawdie/strapi`
+- create `/home/clawdie/clawdie-docs`
+
+### `db-memory-bootstrap.yaml`
+
+Bootstrap the `db` jail as the PostgreSQL 18 memory backend:
+
+- install `postgresql18-server`, `postgresql18-client`, `postgresql18-pgvector`, and `postgresql18-contrib`
+- initialize `data` directory if missing
+- start PostgreSQL
+- create the `clawdie` database
+- create and password the split-brain PostgreSQL roles plus `strapi_cms`
+- enable `pgcrypto`, `uuid-ossp`, and `vector`
+- set `listen_addresses` and `pg_hba.conf`
+- validate with `sockstat`, `show listen_addresses`, and `\\dx`
+
+### `git-jail-bootstrap.yaml`
+
+Bootstrap a dedicated `git` jail for plain local git storage:
+
+- create the `git` jail when `FEATURE_GIT=true`
+- assign the reserved address from `AGENT_SUBNET_BASE` (`.6` by default, configurable)
+- install `git`
+- create `/srv/git`
+- optionally create `Clawdie-AI.git`
+- validate hostname and package presence
+
+This is intentionally the plain-git first stage:
+
+- no Gitea
+- no public web UI
+- no CI
+
+See [GIT-STORAGE.md](../../../docs/public/operate/git-storage.md) for
+the current scope and workflow. The installer may reserve `Local Gitea` as a
+future mode, but this playbook currently bootstraps only bare local git
+storage.
+
+### `host-nginx.yaml`
+
+Apply the basic host nginx baseline:
+
+- install package
+- persist service enablement
+- validate config
+- reload and check status
+
+### `host-pf-baseline.yaml`
+
+Apply the minimal Warden PF include and validation path:
+
+- write one Warden include
+- ensure `pf.conf` includes it
+- validate with `pfctl -nf`
+- reload PF and inspect NAT/filter state
+
+### `cms-strapi-bootstrap.yaml`
+
+Coordinate:
+
+- PostgreSQL setup in `db`
+- prefer `db-memory-bootstrap.yaml` first when the `db` jail is not already prepared
+- `pg_hba.conf` entry for `{{ agent_subnet_base }}.3/32`
+- Strapi install in `cms`
+- initial env/config
+
+### `cms-astro-bootstrap.yaml`
+
+Inside `cms`:
+
+- create Astro project
+- install required packages
+- prepare build/deploy script
+
+### `cms-deploy.yaml`
+
+Deploy Astro output to the `cms` jail webroot:
+
+- back up `/srv/www/`
+- sync built output from `cms`
+- validate local jail nginx first, then the chosen edge mode
+
+## Safe defaults
+
+- prefer FreeBSD `pkg` install for host Ansible unless there is a clear reason not to
+- treat `uv tool install ansible` as a fallback path that may fail on FreeBSD/Python packaging
+- keep one SSH trust path: control machine -> FreeBSD host
+- manage `cms`, `db`, and other jails from the host through `bastille`, `bastille cmd`, and jail root paths
+- do not enable jail `sshd` just to satisfy Ansible unless there is a real separate-ops need
+- keep host nginx optional; default Clawdie web serving lives in `cms`
+- keep `db` at `${AGENT_SUBNET_BASE}.3` for PostgreSQL only
+- keep `git` optional (`FEATURE_GIT=true`), does not occupy a fixed address
+- keep `cms` at `${AGENT_SUBNET_BASE}.4` for Astro + Strapi only
+- do not expose Strapi admin publicly by default
+- keep rollback simple with snapshots and webroot backup
+
+## SSH model
+
+Default model:
+
+- Ansible SSHes into the FreeBSD host
+- the host manages Bastille jails locally
+- jail tasks run through `bastille`, `bastille cmd`, package commands, and direct file placement in jail roots
+
+Why:
+
+- avoids SSH key sprawl across jails
+- avoids enabling `sshd` in service jails unnecessarily
+- keeps jails as host-managed runtime units rather than pretending they are separate servers
+
+Optional model (separate ops boundary):
+
+- enable `sshd` inside service jails and install the operator key with
+  `infra/ansible/playbooks/jails-ssh-baseline.yaml`
+- optionally expose jail SSH via PF with predictable host ports (derived from
+  the jail IP last octet): `.2 → :2222`, `.3 → :2223`, `.4 → :2224`, `.5 → :2225`, `.6 → :2226`
+  (see `infra/ansible/playbooks/host-pf-baseline.yaml` + `jails_ssh_expose_via_pf`)
+
+This is intentionally opt-in; the default Clawdie model remains host-managed
+jails without direct SSH access.
+
+## When to use Ansible here
+
+Use this skill when:
+
+- the same FreeBSD admin action will be repeated
+- jail creation should become reproducible
+- `cms` setup is stabilizing into known phases
+- nginx/site deploys should stop depending on manual copy-paste
+
+When the task starts as host-level policy or troubleshooting intent, read
+`freebsd-admin` first, then use this skill to codify the proven host change.
+
+Do not use Ansible just to hide one command. Use it when the workflow benefits
+from repeatability, validation, and versioned structure.
+
+## File naming convention
+
+Use `.yaml` consistently for all Ansible files in this repository:
+
+- inventories
+- playbooks
+- vars files
+- role task files
diff --git a/.agent/skills/ansible-freebsd/references/cms-astro-strapi-plan.md b/.agent/skills/ansible-freebsd/references/cms-astro-strapi-plan.md
new file mode 100644
index 0000000..6354edb
--- /dev/null
+++ b/.agent/skills/ansible-freebsd/references/cms-astro-strapi-plan.md
@@ -0,0 +1,142 @@
+# CMS Jail Astro / Strapi Ansible Plan
+
+Use this reference when implementing Ansible for the Astro + Strapi deployment
+path in the `cms` jail at `{{ agent_subnet_base }}.4`.
+
+## Architecture baseline
+
+- cms jail nginx is the default Clawdie-owned web server
+- `db` jail at `{{ agent_subnet_base }}.3` runs PostgreSQL only
+- `cms` jail at `{{ agent_subnet_base }}.4` runs nginx + Strapi + Astro
+- public delivery is an edge-mode choice, not a host-nginx requirement
+- `cms.<agent>.home.arpa` can proxy to Strapi admin and remain Tailscale-only
+
+## Implementation phases
+
+### Phase 1. Host preflight
+
+Create `playbooks/host-preflight.yaml`.
+
+Validate:
+
+- FreeBSD host
+- Bastille present
+- release `15.0-RELEASE` available
+- `warden0` exists
+- `warden0` has `{{ agent_subnet_base }}.1/24`
+- `gateway_enable` and `net.inet.ip.forwarding`
+
+Output should clearly identify missing prerequisites before any jail work.
+
+### Phase 2. Create the cms jail
+
+Create `playbooks/jail-cms-create.yaml`.
+
+Tasks:
+
+- optional snapshot before creation
+- detect whether `cms` already exists
+- create with:
+  - thick jail
+  - VNET
+  - bridge `warden0`
+  - gateway `{{ agent_subnet_base }}.1`
+  - IP `{{ agent_subnet_base }}.4/24`
+- set hostname to `cms.<agent>.home.arpa`
+- restart jail
+- validate:
+  - `hostname`
+  - `ifconfig`
+  - `netstat -rn`
+  - ping `{{ agent_subnet_base }}.3`
+
+### Phase 3. Bootstrap cms packages
+
+Create `playbooks/jail-cms-bootstrap.yaml`.
+
+Inside `cms`:
+
+- install `node24`
+- install `npm`
+- install `git`
+- install `postgresql18-client`
+- ensure `clawdie` user and home
+- create:
+  - `/home/clawdie/strapi`
+  - `/home/clawdie/clawdie-docs`
+
+### Phase 4. Bootstrap Strapi
+
+Create `playbooks/cms-strapi-bootstrap.yaml`.
+
+Host-side work against `db` and `cms`:
+
+- create `strapi_cms` database in `db`
+- create `strapi_cms`
+- set password from Ansible vars
+- grant privileges
+- add `pg_hba.conf` line for `{{ agent_subnet_base }}.4/32`
+- reload PostgreSQL
+- install Strapi in `/home/clawdie/strapi`
+- write Strapi env/config
+
+Validation:
+
+- `psql` from `cms` to `db`
+- Strapi starts on `{{ agent_subnet_base }}.4:1337`
+
+### Phase 5. Bootstrap Astro
+
+Create `playbooks/cms-astro-bootstrap.yaml`.
+
+Inside `cms`:
+
+- create Astro project at `/home/clawdie/clawdie-docs`
+- install Astro dependencies
+- prepare deploy script
+- configure Strapi endpoint as `http://localhost:1337/api`
+
+### Phase 6. Deploy to the cms jail web stack
+
+Create `playbooks/cms-deploy.yaml`.
+
+Tasks:
+
+- verify Astro project builds
+- back up `/srv/www/` to `/srv/www.bak/`
+- sync built output into `/srv/www/`
+- validate local cms nginx first
+- optionally configure one edge mode later
+
+## Variable model
+
+Use a small starting variable set:
+
+```yaml
+cms_jail_name: cms
+cms_jail_ip: {{ agent_subnet_base }}.4
+cms_hostname: cms.<agent>.home.arpa
+db_jail_ip: {{ agent_subnet_base }}.3
+warden_bridge: warden0
+warden_gateway: {{ agent_subnet_base }}.1
+astro_site_path: /home/clawdie/clawdie-docs
+strapi_path: /home/clawdie/strapi
+clawdie_webroot: /srv/www
+```
+
+## First milestone
+
+The first successful Ansible milestone is:
+
+1. `host-preflight.yaml`
+2. `jail-cms-create.yaml`
+3. `jail-cms-bootstrap.yaml`
+
+Do not try to automate nginx, Strapi, Astro, and deployment all at once.
+
+## Success criteria
+
+- `cms` jail reproducibly created on `{{ agent_subnet_base }}.4`
+- `cms` can reach `db` on `{{ agent_subnet_base }}.3`
+- package bootstrap is repeatable
+- later app bootstrap can build on stable infrastructure
diff --git a/.agent/skills/ansible-freebsd/references/host-encrypted-dataset.md b/.agent/skills/ansible-freebsd/references/host-encrypted-dataset.md
new file mode 100644
index 0000000..fdf06f5
--- /dev/null
+++ b/.agent/skills/ansible-freebsd/references/host-encrypted-dataset.md
@@ -0,0 +1,80 @@
+# Host Encrypted Dataset
+
+Use this one-time host bootstrap to create the encrypted ZFS dataset used for
+private screenshot storage.
+
+Do not try to create this dataset from `host-preflight.yaml`.
+
+`host-preflight.yaml` only validates that:
+
+- `zroot/<prefix>/encrypted` exists
+- its mountpoint is `<project-root>/encrypted`
+- `encrypted/screenshots/` exists and is writable by the operator user
+
+## Why Manual Bootstrap
+
+This dataset uses passphrase-based ZFS encryption.
+
+Creating it correctly requires an explicit host-side operator step:
+
+- choose a passphrase interactively
+- confirm the mountpoint
+- set ownership for the operator user
+
+That is not a good fit for non-interactive Ansible preflight.
+
+## One-Time Creation
+
+Run on the FreeBSD host as `root`.
+
+Replace:
+
+- `<prefix>` with the actual ZFS prefix, for example `clawdie-runtime`
+- `<project-root>` with the repo path, for example `/home/clawdija/clawdie-ai`
+- `<operator-user>` with the operator user, for example `clawdie`
+
+```sh
+zfs list zroot/<prefix>/encrypted >/dev/null 2>&1 || \
+zfs create \
+  -o encryption=on \
+  -o keyformat=passphrase \
+  -o keylocation=prompt \
+  -o mountpoint=<project-root>/encrypted \
+  zroot/<prefix>/encrypted
+```
+
+Create the private screenshots directory and make it writable by the operator:
+
+```sh
+install -d -o <operator-user> -g wheel -m 0750 <project-root>/encrypted/screenshots
+```
+
+## Validation
+
+Check dataset and mountpoint:
+
+```sh
+zfs list zroot/<prefix>/encrypted
+zfs get mountpoint zroot/<prefix>/encrypted
+```
+
+Check ownership:
+
+```sh
+ls -ld <project-root>/encrypted
+ls -ld <project-root>/encrypted/screenshots
+```
+
+Expected:
+
+- dataset exists
+- mountpoint is `<project-root>/encrypted`
+- `encrypted/screenshots` is owned by the operator user
+
+## Operational Rule
+
+If the encrypted dataset is missing or mounted elsewhere:
+
+- do not run screenshot capture expecting private copies
+- fix the host dataset first
+- rerun `host-preflight.yaml`
diff --git a/.agent/skills/ansible-freebsd/references/install.md b/.agent/skills/ansible-freebsd/references/install.md
new file mode 100644
index 0000000..ceb80be
--- /dev/null
+++ b/.agent/skills/ansible-freebsd/references/install.md
@@ -0,0 +1,41 @@
+# Installing Ansible on the FreeBSD Host
+
+Use this reference before building or running Clawdie Ansible playbooks.
+
+## Recommended default
+
+Prefer the native FreeBSD package:
+
+```sh
+sudo pkg update
+sudo pkg install sysutils/ansible
+ansible --version
+ansible-playbook --version
+```
+
+Why:
+
+- boring host path
+- avoids Python build surprises
+- fits the host-managed Clawdie model
+- avoids inventing a jail-local Ansible control node
+
+## Fallback path
+
+`uv` can work, but it is not the default on FreeBSD:
+
+```sh
+sudo uv tool install --python 3.11 ansible
+```
+
+Only use that path if native `pkg` is blocked and the host Python line is
+already understood.
+
+## Operational rule
+
+Keep one SSH trust path:
+
+- Ansible SSHes into the FreeBSD host
+- the host manages Bastille jails locally
+
+Do not install or enable jail `sshd` just to satisfy Ansible.
diff --git a/.agent/skills/ansible-freebsd/references/layout.md b/.agent/skills/ansible-freebsd/references/layout.md
new file mode 100644
index 0000000..d136e6f
--- /dev/null
+++ b/.agent/skills/ansible-freebsd/references/layout.md
@@ -0,0 +1,85 @@
+# Ansible Layout for Clawdie FreeBSD Operations
+
+Use this reference when creating the first Ansible structure in the repository.
+
+## Goal
+
+Keep the layout obvious for both humans and agents.
+
+```text
+infra/ansible/
+  inventories/
+    production/
+      hosts.yaml
+      group_vars/
+      host_vars/
+  playbooks/
+  roles/
+```
+
+Use `.yaml` consistently throughout this tree.
+
+## Inventory model
+
+Recommended starting model:
+
+- one production host
+- no premature multi-host complexity
+- jail operations still target the host and shell into Bastille/bastille cmd where needed
+- do not model `cms` or `db` as separate SSH inventory hosts by default
+
+Example inventory shape:
+
+```yaml
+all:
+  hosts:
+    clawdie_host:
+      ansible_host: your-hostname-or-ip
+      ansible_user: your-admin-user
+```
+
+Optional:
+
+```yaml
+      ansible_ssh_private_key_file: ~/.ssh/clawdie-ansible
+```
+
+The important rule is that Ansible reaches the host, and the host reaches the
+jails.
+
+## Playbook boundaries
+
+Keep playbooks phase-oriented:
+
+- host preflight
+- host networking
+- host nginx
+- jail creation
+- jail bootstrap
+- application bootstrap
+- deployment
+
+Do not create one giant playbook for everything.
+
+## Role boundaries
+
+Keep roles generic enough to reuse, but not abstract to the point of hiding
+what the host actually does.
+
+Good first roles:
+
+- `freebsd_base`
+- `freebsd_network`
+- `nginx_host`
+- `bastille_jail`
+- `cms_jail`
+
+## Implementation style
+
+Prefer:
+
+- `community.general.sysrc`
+- package/service/file/template modules where they fit
+- explicit `command` or `shell` for `bastille`, `zfs`, and `bastille cmd`
+
+The goal is boring reliability, not maximum abstraction.
diff --git a/.agent/skills/astro/SKILL.md b/.agent/skills/astro/SKILL.md
new file mode 100644
index 0000000..ff10ba4
--- /dev/null
+++ b/.agent/skills/astro/SKILL.md
@@ -0,0 +1,407 @@
+---
+name: astro
+description: Manage the Astro static site that powers Clawdie web surfaces. Use when building pages, configuring Strapi integration, serving from the cms jail web stack, or managing the frontend project. Triggers on "astro", "frontend", "build site", "static site", "clawdie.invalid build".
+---
+
+# Astro
+
+Use this skill for the static site generator that builds tenant homes and tenant sites from Strapi and repo content.
+
+This skill is also responsible for the transition from the current plain HTML
+site to the future Astro + Strapi setup in the `cms` jail.
+
+## Scope
+
+This skill covers:
+
+- Astro project setup and configuration
+- Strapi content integration (REST API)
+- Page and layout creation
+- Build and deployment to the `cms` jail webroot
+- Tenant home (`<tenant>.<base>`) and tenant-site (`<site>.<tenant>.<base>`) web output
+- Design system porting from current static HTML
+- Skill page generation from SKILL.md files
+- Build automation and webhooks
+
+This skill does not replace:
+
+- `strapi` for content management
+- `nginx` for web server configuration
+
+## Architecture
+
+```
+cms jail (${AGENT_SUBNET_BASE}.4)
+  ├── /home/clawdie/clawdie-si/      ← public clawdie.si landing site
+  │     ├── source: bootstrap/cms/clawdie-si/
+  │     └── dist/ → /usr/local/www/clawdie-si/
+  │
+  ├── /home/clawdie/clawdie-docs/    ← docs.clawdie.si Starlight site
+  │     ├── source: bootstrap/cms/clawdie-docs/
+  │     ├── docs source of truth: repo docs/public/
+  │     └── dist/ → /usr/local/www/clawdie/
+  │
+  └── optional Strapi runtime (localhost:1337), not public by default
+```
+
+Astro output is pure static HTML/CSS/JS served by nginx in the `cms` jail and
+fronted by the selected edge mode. The current landing/docs sites are
+repo-native Astro projects; Strapi remains optional and should not be assumed
+for a landing-page deploy.
+
+For Starlight docs, `docs/public/` is the source of truth. The
+`bootstrap/cms/clawdie-docs/src/content/docs/` tree is generated by the
+`prebuild` sync and should not be hand-edited or committed just because a local
+build regenerated it.
+
+## Surface model
+
+- Operator app: `ai.<base>` — separate stack, not Astro here
+- Shared CMS host: `cms.<base>` — shared admin/API, not a tenant app
+- Tenant home: `<tenant>.<base>` — Astro/static app
+- Tenant site: `<site>.<tenant>.<base>` — Astro/static app
+
+Default internal base: `home.arpa`.
+
+## Migration goal
+
+The immediate goal is not a redesign. It is to let the agent transform the
+current live static site into an Astro-based clone first, then gradually move
+editable content into Strapi.
+
+Recommended sequence:
+
+1. replicate the current site structure and design in Astro
+2. keep public exposure decisions separate from the content migration
+3. classify content into Astro-managed vs Strapi-managed
+4. move selected content into Strapi in batches
+5. serve Astro output from the `cms` jail webroot under tenant-home and tenant-site hostnames
+
+For the first FreeBSD deployment, keep the Astro site deliberately minimal:
+
+- do not add `sharp`
+- do not rely on Astro image optimization
+- keep images in `public/` or serve prebuilt static assets directly
+- treat `examples/astro-cv/` as a prototype/reference, not the bootstrap source
+
+## Canonical paths
+
+Repo paths:
+
+- Landing source: `bootstrap/cms/clawdie-si/`
+- Docs source: `bootstrap/cms/clawdie-docs/`
+- Public docs source of truth: `docs/public/`
+
+Inside the `cms` jail:
+
+- Landing project: `/home/clawdie/clawdie-si/`
+- Landing build output: `/home/clawdie/clawdie-si/dist/`
+- Landing deploy target: `/usr/local/www/clawdie-si/`
+- Docs project: `/home/clawdie/clawdie-docs/`
+- Docs build output: `/home/clawdie/clawdie-docs/dist/`
+- Docs deploy target: `/usr/local/www/clawdie/`
+- Strapi endpoint, when enabled: `http://localhost:1337/api`
+
+Deployment scripts:
+
+- Landing: `bootstrap/cms/clawdie-si/scripts/deploy.mjs`
+- Docs: `bootstrap/cms/clawdie-docs/scripts/deploy-docs.mjs`
+
+Build defaults:
+
+- Use `passthroughImageService()`; do not require `sharp`.
+- Keep images under `public/` as static assets.
+- Use Node 24 where possible; Node 22 has been sufficient for current Astro builds, but Node 24 is the target runtime.
+
+## Design system
+
+Port the existing public Clawdie visual identity:
+
+### Fonts
+
+- Headings: `Cormorant Garamond` (300, 400, 600 weights)
+- Monospace: `DM Mono` (300, 400 weights)
+
+### Colors (dark theme)
+
+```css
+--cream: #0d1117; /* page background */
+--amber: #00b4d8; /* accent / links */
+--amber-dark: #0096b7; /* hover states */
+--charcoal: #e2e8f0; /* headings */
+--grey: #8b949e; /* secondary text */
+--grey-light: #21262d; /* borders / dividers */
+--paper: #161b22; /* card backgrounds */
+--ink: #c9d1d9; /* body text */
+```
+
+### Components to port
+
+- Hero statement block (dark background, accent text)
+- Status note (left border, label)
+- Comparison grid (two-column, cloud vs clawdie)
+- Ecosystem cards (grid, featured variant)
+- Principle rows (numbered, icon + text)
+- CTA block (centered, button row)
+- Divider (gradient line)
+- Top nav (monospace, uppercase)
+
+## Workflow
+
+### Phase 1: Project setup
+
+1. Read `references/setup.md`
+2. Read `references/static-migration.md`
+3. Create Astro project with Strapi integration
+4. Port design system CSS
+5. Create base layout matching current site
+
+### Phase 1.5: Static-site inventory
+
+Before changing content sources:
+
+1. inspect the current live/static pages
+2. map each route to an Astro page
+3. identify shared layout pieces (nav, footer, hero, cards, guides)
+4. reproduce the current visual design as closely as practical
+
+### Phase 2: Page templates
+
+Create Astro page templates:
+
+| Template                    | Source                      | Route                    |
+| --------------------------- | --------------------------- | ------------------------ |
+| `pages/index.astro`         | Strapi: Page (tenant home)  | `/` on `<tenant>.<base>` |
+| `pages/docs/index.astro`    | Strapi: Page (docs)         | `/docs/`                 |
+| `pages/guides/[slug].astro` | Strapi: Guide collection    | `/guides/{slug}`         |
+| `pages/skills/[slug].astro` | Local SKILL.md files        | `/skills/{slug}`         |
+| `pages/skills/index.astro`  | Generated from skills list  | `/skills/`               |
+| `pages/blog/[slug].astro`   | Strapi: BlogPost collection | `/blog/{slug}`           |
+
+### Phase 3: Skill page generation
+
+Skills are imported at build time from the local filesystem:
+
+```astro
+// src/pages/skills/[slug].astro
+import { getCollection } from 'astro:content';
+
+// Read .agent/skills/*/SKILL.md files
+// Parse YAML frontmatter for metadata
+// Render markdown body as HTML
+```
+
+This keeps skills in sync with code — no manual CMS updates needed.
+
+### Phase 3.5: Content split
+
+Move only the right content into Strapi.
+
+Good Strapi candidates:
+
+- homepage editable sections
+- guides
+- docs landing pages
+- future blog/project pages
+
+Keep in Astro/repo:
+
+- skill pages generated from `SKILL.md`
+- highly technical generated docs
+- content that should always follow repository state
+
+### Phase 4: Build and deploy
+
+For the public landing page:
+
+```sh
+cd /home/clawdie/clawdie-si
+npm run build
+npm run deploy
+```
+
+For documentation:
+
+```sh
+cd /home/clawdie/clawdie-docs
+npm run build
+npm run deploy
+```
+
+Before deploying from an agent session:
+
+1. Confirm the repo is on `main` and clean.
+2. Build locally or in the jail first.
+3. Snapshot or back up the target webroot unless the operator explicitly says to skip it because of disk pressure.
+4. Deploy only `dist/` output; never delete the project source.
+5. Validate via jail-local HTTP with the correct `Host:` header and public HTTPS.
+
+### Phase 5: Automation
+
+Build triggers (choose one):
+
+**Option A: Strapi webhook**
+
+- Strapi fires webhook on content publish
+- Host script receives webhook and runs build
+- Best for content-driven updates
+
+**Option B: Cron rebuild**
+
+- `cron` runs `astro build && rsync` every 15 minutes
+- Simple, no webhook infrastructure needed
+- Good enough for low-frequency updates
+
+**Option C: Manual build**
+
+- Operator or agent runs `npm run build` when needed
+- Simplest, full control
+
+Recommended: Start with Option C, move to B, then A as needed.
+
+Keep hostname routing and nginx server_name policy in the `nginx` skill and setup code. Astro owns page output, not host classification.
+
+## FreeBSD jail install snags
+
+### sharp has no pre-built binary for FreeBSD
+
+`sharp` is an optional Astro image optimization library. It tries to build from
+source on FreeBSD, which fails because `node-addon-api` is not bundled.
+
+**Symptoms:**
+
+```
+npm error sharp: Attempting to build from source via node-gyp
+npm error sharp: Please add node-addon-api to your dependencies
+```
+
+**Fix — two steps:**
+
+1. Install without native scripts:
+
+   ```sh
+   npm install --ignore-scripts
+   ```
+
+2. Configure Astro to use the passthrough image service (no optimization):
+   ```js
+   // astro.config.mjs
+   import { defineConfig, passthroughImageService } from 'astro/config';
+   export default defineConfig({
+     image: { service: passthroughImageService() },
+     // ... rest of config
+   });
+   ```
+
+This is fine for static/docs sites. Keep images in `public/` as static assets.
+If you actually need image optimization (WebP conversion, resize), `vips` is
+available via pkg (`pkg install vips`) but getting sharp to link against it
+requires additional build steps.
+
+### npm config "python" warning
+
+You may see `Unknown env config "python"` during npm install. This is a harmless
+warning from a stale global npm config. Ignore it.
+
+### Starlight confirmed working on FreeBSD + Node 22
+
+With `--ignore-scripts` + `passthroughImageService()`, Starlight builds cleanly.
+Scaffold command: `npm create astro@latest . -- --template starlight --no-install --no-git`
+
+## Safe defaults
+
+- Always ZFS snapshot before deploying a new build
+- Keep the previous build as `.bak/` fallback before deploying new dist
+- Test build locally before deploying: `npm run preview`
+- Never delete the Astro project source — only the `dist/` output is expendable
+- Run `nginx -t` inside the cms jail after nginx config changes
+- Aim for route and visual parity before changing too much content structure
+- Always use `npm install --ignore-scripts` on FreeBSD
+- Always configure `passthroughImageService()` — never rely on sharp
+
+## Build commands
+
+Landing site:
+
+```sh
+cd bootstrap/cms/clawdie-si
+npm run build
+npm run preview
+npm run deploy
+```
+
+Docs site:
+
+```sh
+cd bootstrap/cms/clawdie-docs
+npm run build
+npm run preview
+npm run deploy
+```
+
+Inside the jail the project paths are usually `/home/clawdie/clawdie-si` and
+`/home/clawdie/clawdie-docs`; in the repository they live under
+`bootstrap/cms/`.
+
+## Deployment verification
+
+When testing the `cms` jail nginx directly, always send the public host header.
+The default jail vhost intentionally returns `404`, so a plain
+`http://127.0.0.1/sl/` check is a false negative for `clawdie.si`.
+
+Landing site checks:
+
+```sh
+sudo bastille cmd cms service nginx onestatus
+sudo bastille cmd cms curl -sI -H 'Host: clawdie.si' http://127.0.0.1/sl/
+sudo bastille cmd cms curl -sI -H 'Host: clawdie.si' http://127.0.0.1/en/
+curl -sI https://clawdie.si/sl/
+curl -sI https://clawdie.si/en/
+curl -s https://clawdie.si/sl/ | grep -F 'Ustvarjaj · Poseduj · Skaliraj'
+```
+
+Expected results:
+
+- jail-local `curl -H 'Host: clawdie.si'` returns `200`
+- public HTTPS `/sl/` and `/en/` return `200`
+- `/` may redirect to `/en/` depending on the landing nginx config
+
+Do not use FreeBSD `fetch` for the host-header check; `fetch` does not support a
+simple `--header` option. Use `curl`, which is installed in the `cms` jail.
+
+## Troubleshooting
+
+### Build fails with Strapi fetch error
+
+- Check Strapi is running: `curl -s http://10.0.0.3:1337/api`
+- Check network: can host reach jail IP?
+- Check API permissions in Strapi admin
+- Astro can build with fallback content if Strapi is down (graceful degradation)
+
+### Styles look wrong after build
+
+- Check CSS variables are ported correctly
+- Compare with the checked-in bridge HTML under `html/clawdie/`
+- Check Google Fonts imports in layout
+
+### Skill pages missing or stale
+
+- Skills are read at build time from `.agent/skills/*/SKILL.md`
+- Rebuild to pick up new or updated skills
+- Check file path pattern matches in Astro config
+
+### Deploy doesn't update site
+
+- Static files are served immediately by nginx — hard refresh browser.
+- Check rsync output for errors.
+- Landing: verify files landed in `/usr/local/www/clawdie-si/` inside `cms`.
+- Docs: verify files landed in `/usr/local/www/clawdie/` inside `cms`.
+- Check file permissions with `ls -la` on the target webroot.
+- If jail-local direct HTTP returns `404`, retry with the expected host header: `curl -sI -H 'Host: clawdie.si' http://127.0.0.1/sl/`.
+- If docs build dirties `bootstrap/cms/clawdie-docs/src/content/docs/`, remember that tree is generated from `docs/public/`; do not commit it unless intentionally changing generated-source policy.
+
+### Sharp or image build errors
+
+- Use `npm install --ignore-scripts` — never let sharp try to build from source
+- Add `passthroughImageService()` to `astro.config.mjs` — see FreeBSD snags above
+- Keep images under `public/` as static assets, skip Astro image optimization
diff --git a/.agent/skills/astro/references/setup.md b/.agent/skills/astro/references/setup.md
new file mode 100644
index 0000000..81128d8
--- /dev/null
+++ b/.agent/skills/astro/references/setup.md
@@ -0,0 +1,174 @@
+# Astro Project Setup
+
+## Prerequisites
+
+- `cms` jail running at ${AGENT_SUBNET_BASE}.4 with Node.js 24
+- Strapi running in cms jail (or plan to set up later)
+- nginx running inside `cms` and serving `/srv/www/`
+
+## Step 1: Create project (inside cms jail)
+
+```sh
+sudo bastille cmd cms su - clawdie -c "cd /home/clawdie && npm create astro@latest clawdie-docs -- --template minimal --no-install"
+sudo bastille cmd cms su - clawdie -c "cd /home/clawdie/clawdie-docs && npm install"
+```
+
+## Step 2: Install integrations
+
+```sh
+npm install @astrojs/mdx
+npm install gray-matter    # for parsing SKILL.md frontmatter
+npm install marked          # for rendering markdown
+```
+
+## Step 3: Configure Astro
+
+Edit `astro.config.mjs`:
+
+```js
+import { defineConfig } from 'astro/config';
+import mdx from '@astrojs/mdx';
+
+export default defineConfig({
+  site: 'https://clawdie.invalid',
+  output: 'static',
+  integrations: [mdx()],
+  build: {
+    assets: 'assets',
+  },
+});
+```
+
+## Step 4: Create base layout
+
+Create `src/layouts/Base.astro` with:
+
+- Google Fonts imports (Cormorant Garamond, DM Mono)
+- CSS variables from current design system
+- Hex background pattern SVG
+- Top nav component
+- Footer component
+
+Port directly from the current `/usr/local/www/clawdie/index.html` styles.
+
+## Step 5: Create Strapi fetch utility
+
+Create `src/lib/strapi.ts`:
+
+```ts
+const STRAPI_URL = import.meta.env.STRAPI_URL || 'http://localhost:1337';
+
+export async function fetchAPI(path: string) {
+  const res = await fetch(`${STRAPI_URL}/api${path}`);
+  if (!res.ok) {
+    console.error(`Strapi fetch failed: ${path} (${res.status})`);
+    return null;
+  }
+  const json = await res.json();
+  return json.data;
+}
+
+export async function getPage(slug: string) {
+  return fetchAPI(`/pages?filters[slug][$eq]=${slug}&populate=*`);
+}
+
+export async function getGuides() {
+  return fetchAPI('/guides?sort=order:asc&populate=*');
+}
+
+export async function getGuide(slug: string) {
+  return fetchAPI(`/guides?filters[slug][$eq]=${slug}&populate=*`);
+}
+```
+
+## Step 6: Create skill loader
+
+Create `src/lib/skills.ts`:
+
+```ts
+import fs from 'node:fs';
+import path from 'node:path';
+import matter from 'gray-matter';
+import { marked } from 'marked';
+
+// nullfs-mounted from host into cms jail
+const SKILLS_DIR = '/mnt/skills';
+
+export interface Skill {
+  name: string;
+  slug: string;
+  description: string;
+  content: string;
+  html: string;
+}
+
+export function getAllSkills(): Skill[] {
+  const dirs = fs.readdirSync(SKILLS_DIR);
+  return dirs
+    .filter(d => fs.existsSync(path.join(SKILLS_DIR, d, 'SKILL.md')))
+    .map(d => {
+      const raw = fs.readFileSync(path.join(SKILLS_DIR, d, 'SKILL.md'), 'utf-8');
+      const { data, content } = matter(raw);
+      return {
+        name: data.name || d,
+        slug: d,
+        description: data.description || '',
+        content,
+        html: marked(content) as string,
+      };
+    })
+    .sort((a, b) => a.name.localeCompare(b.name));
+}
+
+export function getSkill(slug: string): Skill | undefined {
+  return getAllSkills().find(s => s.slug === slug);
+}
+```
+
+## Step 7: Create deploy script
+
+Add to `package.json`:
+
+```json
+{
+  "scripts": {
+    "deploy": "npm run build && rsync -av --delete dist/ /srv/www/"
+  }
+}
+```
+
+## Step 8: Environment file
+
+Create `.env` inside cms jail:
+
+```
+STRAPI_URL=http://localhost:1337
+SITE_URL=https://clawdie.invalid
+NODE_OPTIONS=--max-old-space-size=512
+```
+
+## Step 9: Test build
+
+```sh
+npm run build
+ls dist/
+```
+
+Verify output contains `index.html` and expected pages.
+
+## Step 10: First deploy
+
+```sh
+# snapshot before deploy
+sudo zfs snapshot -nv zroot/ROOT/default@pre-astro-deploy
+sudo zfs snapshot zroot/ROOT/default@pre-astro-deploy
+
+# backup current jail webroot
+cp -r /srv/www /srv/www.bak
+
+# deploy
+npm run deploy
+
+# verify
+curl -sI http://127.0.0.1 | head -5
+```
diff --git a/.agent/skills/astro/references/static-migration.md b/.agent/skills/astro/references/static-migration.md
new file mode 100644
index 0000000..ec2ddce
--- /dev/null
+++ b/.agent/skills/astro/references/static-migration.md
@@ -0,0 +1,70 @@
+# Static HTML to Astro / Strapi Migration
+
+Use this reference when converting the current Clawdie public site from
+hand-edited static HTML into an Astro site with Strapi-backed editable content.
+
+## Core principle
+
+Clone first, restructure second.
+
+Do not start with a redesign. First reproduce the current public site closely
+enough that switching the build source does not feel like launching a different
+website.
+
+## Migration phases
+
+### 1. Inventory the current site
+
+Read the current static pages in `/usr/local/www/clawdie/` and classify them:
+
+- page should become an Astro template backed by Strapi
+- page should stay Astro/repo-managed
+- page can remain simple static output
+
+## 2. Capture the design system
+
+Extract and preserve:
+
+- typography
+- colors
+- spacing
+- layout rhythm
+- navigation structure
+- footer and CTA blocks
+
+## 3. Recreate route parity
+
+Target the same routes first:
+
+- `/`
+- `/docs/`
+- `/guides/*`
+
+Route parity matters before deeper content modeling.
+
+## 4. Move content selectively
+
+Good candidates for Strapi:
+
+- homepage sections needing editorial updates
+- guides
+- docs landing pages
+
+Bad candidates for Strapi:
+
+- skill pages from repository `SKILL.md`
+- generated technical references
+- content tightly coupled to code state
+
+## 5. Decouple content migration from edge ownership
+
+Build and serve the site inside `cms` first. Public edge choice comes later.
+
+That means the cutover is:
+
+- old source: hand-edited HTML bridge pages
+- new source: Astro build output served from `/srv/www/` inside `cms`
+- public delivery: existing reverse proxy, host PF redirect, direct jail IP, or
+  internal-only
+
+This keeps content migration separate from the operator's host web stack.
diff --git a/.agent/skills/backup-db/SKILL.md b/.agent/skills/backup-db/SKILL.md
new file mode 100644
index 0000000..8e7b500
--- /dev/null
+++ b/.agent/skills/backup-db/SKILL.md
@@ -0,0 +1,65 @@
+---
+name: backup-db
+description: Create a full PostgreSQL database backup (pg_dump) and store in project-relative backup directory
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Back up the database"
+  - "Back up * database"
+  - "Database backup"
+  - "Dump * database"
+  - "Create backup"
+  - "Back up before migration"
+estimated_tokens: 800-1200
+---
+
+# backup-db
+
+Full PostgreSQL dump using `pg_dump`. Backs up to `data/backups/` under project root. Never uses `/tmp/`.
+
+## Usage
+
+```bash
+# Full dump, compressed
+bastille cmd db pg_dump -U clawdie -Fc clawdie_ai_public \
+  > /home/clawdie/clawdie-ai/data/backups/clawdie_ai_public_$(date +%Y-%m-%d_%H%M%S).dump
+
+# Verify backup
+bastille cmd db pg_restore --list /home/clawdie/clawdie-ai/data/backups/<file>.dump | head -20
+```
+
+## Output
+
+```
+Backup created: data/backups/clawdie_ai_public_2026-04-07_103045.dump
+Size: 2.3 GB
+Compression ratio: 4.2:1
+Duration: 18m 3s
+Verify: OK (1842 objects listed)
+```
+
+## Retention
+
+- Keep 7 daily backups minimum
+- Before any migration: always create a backup first
+- Before any schema change: same
+
+## Directory
+
+```
+data/backups/
+├── clawdie_ai_public_2026-04-07_103045.dump
+├── clawdie_2026-04-07_103200.dump
+└── ...
+```
+
+## When to Use
+
+- Before running `db-migrate`
+- Before any risky schema change
+- On-demand from CEO or operator instruction
+
+## Escalate If
+
+- Backup file size is 0 or unexpectedly small → escalate to CEO
+- Backup takes >60 min (possible lock contention) → escalate to DBA
+- Disk full before backup completes → escalate immediately
diff --git a/.agent/skills/coding-agent/SKILL.md b/.agent/skills/coding-agent/SKILL.md
new file mode 100644
index 0000000..a8f3618
--- /dev/null
+++ b/.agent/skills/coding-agent/SKILL.md
@@ -0,0 +1,166 @@
+---
+name: coding-agent
+description: Configure or debug pi (the LLM coding agent subprocess) in Clawdie. Use when changing the AI provider, model, or pi settings; when pi fails to respond; or when setting up pi for the first time. pi is @earendil-works/pi-coding-agent from the Codeberg pi project, installed at /opt/npm/bin/pi inside the clawdie-controlplane jail.
+---
+
+# Coding Agent (pi) Configuration
+
+Clawdie uses **pi** (`@earendil-works/pi-coding-agent`) as its LLM execution engine. For each incoming message, `src/agent-runner.ts` spawns `/opt/npm/bin/pi` as a subprocess in `--print` (non-interactive) mode and streams the response back.
+
+**Current setup:** ZAI provider (`PI_TUI_PROVIDER=zai`), model GLM-5.1 (`PI_TUI_MODEL=GLM-5.1`), binary at `/opt/npm/bin/pi` inside the `clawdie-controlplane` jail.
+
+## .env Variables
+
+```bash
+PI_TUI_BIN=/opt/npm/bin/pi       # Path to pi binary (inside jail)
+PI_TUI_PROVIDER=zai              # LLM provider (zai, anthropic, openai, openrouter, ollama)
+PI_TUI_MODEL=GLM-5.1             # Model name as pi expects it
+ZAI_API_KEY=<key>                # API key for the ZAI provider
+OPENROUTER_API_KEY=<key>         # If switching to OpenRouter
+ANTHROPIC_API_KEY=<key>          # If switching to Anthropic/Claude
+```
+
+## Checking Current pi Setup
+
+```bash
+# Verify binary exists and version
+sudo bastille cmd clawdie-controlplane /opt/npm/bin/pi --version
+
+# Check pi auth config (inside jail as root)
+sudo bastille cmd clawdie-controlplane cat /root/.pi/agent/auth.json
+
+# Check pi settings (default provider/model)
+sudo bastille cmd clawdie-controlplane cat /root/.pi/agent/settings.json
+
+# Verify skills symlink
+sudo bastille cmd clawdie-controlplane ls /root/.pi/agent/skills/
+```
+
+## Switching Provider or Model
+
+Edit `.env` (on the host — nullfs-mounted into jail):
+
+```bash
+# Example: switch to OpenRouter with Qwen
+PI_TUI_PROVIDER=openrouter
+PI_TUI_MODEL=qwen/qwen3-14b-instruct
+OPENROUTER_API_KEY=sk-or-v1-...
+```
+
+Then restart the agent:
+
+```bash
+sudo bastille cmd clawdie-controlplane service clawdie restart
+```
+
+Send a test message on Telegram and check `logs/clawdie.log` for the new provider name in spawn logs.
+
+## Installing / Reinstalling pi
+
+**IMPORTANT:** pi is published as `@earendil-works/pi-coding-agent`.
+Older docs or installs may mention legacy package names; use the `pi-update`
+skill for package-rename migrations. In the controlplane jail, install from the
+host's pre-built copy so the jail does not need to rebuild the multi-package pi
+project:
+
+```bash
+# Set npm prefix first (required — fresh jail defaults to /usr/local)
+sudo bastille cmd clawdie-controlplane npm config set prefix /opt/npm
+
+# Install from host's already-built copy
+sudo bastille cmd clawdie-controlplane \
+  npm install -g /usr/home/clawdie/.npm-global/lib/node_modules/@earendil-works/pi-coding-agent
+
+# Verify
+sudo bastille cmd clawdie-controlplane /opt/npm/bin/pi --version
+```
+
+After reinstall, copy auth and settings:
+
+```bash
+sudo bastille cmd clawdie-controlplane mkdir -p /root/.pi/agent
+sudo bastille cmd clawdie-controlplane \
+  cp /usr/home/clawdie/.pi/agent/auth.json /root/.pi/agent/auth.json
+sudo bastille cmd clawdie-controlplane \
+  cp /usr/home/clawdie/.pi/agent/settings.json /root/.pi/agent/settings.json
+sudo bastille cmd clawdie-controlplane \
+  ln -sf /usr/home/clawdie/clawdie-ai/.agent/skills /root/.pi/agent/skills
+```
+
+## Troubleshooting pi
+
+### pi not found
+
+```bash
+sudo bastille cmd clawdie-controlplane ls /opt/npm/bin/pi
+# If missing: reinstall (see above)
+```
+
+### pi exits with no output
+
+Read the per-run log:
+
+```bash
+ls -t groups/*/logs/agent-*.log | head -3
+tail -100 groups/Samo/logs/agent-<runId>.log
+```
+
+Common causes:
+
+- Wrong `PI_TUI_MODEL` name — check provider's model list
+- API key expired or missing in `/root/.pi/agent/auth.json`
+- `PI_TUI_BIN` points to wrong path
+
+### Adding a new provider to pi auth
+
+```bash
+# Edit /root/.pi/agent/auth.json inside jail
+sudo bastille cmd clawdie-controlplane \
+  sh -c 'cat /root/.pi/agent/auth.json'
+# Then edit on host (nullfs):
+# nano /usr/local/bastille/jails/clawdie-controlplane/root/root/.pi/agent/auth.json
+```
+
+Format:
+
+```json
+{
+  "zai": { "type": "api_key", "key": "..." },
+  "openrouter": { "type": "api_key", "key": "sk-or-v1-..." },
+  "anthropic": { "type": "api_key", "key": "sk-ant-..." }
+}
+```
+
+## Architecture
+
+```
+Telegram message
+      │
+      ▼
+src/index.ts (main loop)
+      │
+      ▼
+src/agent-runner.ts
+      │  spawns subprocess
+      ▼
+/opt/npm/bin/pi --print --provider zai --model GLM-5.1 ...
+      │
+      ▼
+ZAI API (GLM-5.1)
+      │
+      ▼
+pi stdout → agent-runner collects → Telegram reply
+```
+
+## Verify End-to-End
+
+```bash
+# Check agent is running
+sudo bastille cmd clawdie-controlplane service clawdie status
+
+# Watch logs while sending a test message on Telegram
+tail -f logs/clawdie.log
+
+# Look for: "Spawning pi agent" then "pi agent completed"
+grep -E 'Spawning pi|pi agent' logs/clawdie.log | tail -5
+```
diff --git a/.agent/skills/coding-agent/add/src/providers/anthropic.ts b/.agent/skills/coding-agent/add/src/providers/anthropic.ts
new file mode 100644
index 0000000..4996a87
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/anthropic.ts
@@ -0,0 +1,194 @@
+import Anthropic from '@anthropic-ai/sdk';
+import {
+  AIProvider,
+  ProviderOptions,
+  ProviderResult,
+  StreamChunk,
+  ProviderConfig,
+  ProviderError,
+  ProviderUnavailableError,
+  ProviderRateLimitError,
+  ToolDefinition,
+  ToolCall,
+} from './provider.js';
+
+export class AnthropicProvider implements AIProvider {
+  readonly name = 'Anthropic';
+  readonly type = 'claude' as const;
+
+  private client: Anthropic;
+  private config: ProviderConfig;
+  private defaultModel: string;
+
+  constructor(config: ProviderConfig = {}) {
+    this.config = config;
+    this.defaultModel = config.model || 'claude-sonnet-4-20250514';
+
+    this.client = new Anthropic({
+      apiKey: config.apiKey || process.env.ANTHROPIC_API_KEY,
+      baseURL: config.baseUrl,
+      timeout: config.timeout || 120000,
+      maxRetries: config.maxRetries || 2,
+    });
+  }
+
+  async execute(
+    prompt: string,
+    options?: ProviderOptions,
+  ): Promise<ProviderResult> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const response = await this.client.messages.create({
+        model: options?.model || this.defaultModel,
+        max_tokens: options?.maxTokens || 4096,
+        temperature: options?.temperature,
+        system: options?.systemPrompt,
+        stop_sequences: options?.stopSequences,
+        messages: [{ role: 'user', content: prompt }],
+        tools: options?.tools ? this.convertTools(options.tools) : undefined,
+      });
+
+      return this.parseResponse(response);
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  async *stream(
+    prompt: string,
+    options?: ProviderOptions,
+  ): AsyncIterable<StreamChunk> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const stream = this.client.messages.stream({
+        model: options?.model || this.defaultModel,
+        max_tokens: options?.maxTokens || 4096,
+        temperature: options?.temperature,
+        system: options?.systemPrompt,
+        stop_sequences: options?.stopSequences,
+        messages: [{ role: 'user', content: prompt }],
+        tools: options?.tools ? this.convertTools(options.tools) : undefined,
+      });
+
+      let inputTokens = 0;
+      let outputTokens = 0;
+
+      for await (const event of stream) {
+        if (
+          event.type === 'content_block_delta' &&
+          event.delta.type === 'text_delta'
+        ) {
+          yield { type: 'text', delta: event.delta.text };
+        } else if (
+          event.type === 'content_block_start' &&
+          event.content_block.type === 'tool_use'
+        ) {
+          yield {
+            type: 'tool_use',
+            toolCall: {
+              id: event.content_block.id,
+              name: event.content_block.name,
+              arguments: event.content_block.input as Record<string, unknown>,
+            },
+          };
+        } else if (event.type === 'message_start') {
+          inputTokens = event.message.usage.input_tokens;
+        } else if (event.type === 'message_delta') {
+          outputTokens = event.usage?.output_tokens || 0;
+        }
+      }
+
+      yield { type: 'usage', usage: { inputTokens, outputTokens } };
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  isAvailable(): boolean {
+    return !!(
+      this.config.apiKey ||
+      process.env.ANTHROPIC_API_KEY ||
+      process.env.AGENT_CODE_OAUTH_TOKEN
+    );
+  }
+
+  async getModels(): Promise<string[]> {
+    return [
+      'claude-opus-4-20250514',
+      'claude-sonnet-4-20250514',
+      'claude-haiku-3-5-20241022',
+      'claude-3-5-sonnet-20241022',
+      'claude-3-5-haiku-20241022',
+      'claude-3-opus-20240229',
+      'claude-3-sonnet-20240229',
+      'claude-3-haiku-20240307',
+    ];
+  }
+
+  getDefaultModel(): string {
+    return this.defaultModel;
+  }
+
+  private convertTools(tools: ToolDefinition[]): Anthropic.Tool[] {
+    return tools.map((tool) => ({
+      name: tool.name,
+      description: tool.description,
+      input_schema: tool.parameters as Anthropic.Tool['input_schema'],
+    }));
+  }
+
+  private parseResponse(response: Anthropic.Message): ProviderResult {
+    let content = '';
+    const toolCalls: ToolCall[] = [];
+
+    for (const block of response.content) {
+      if (block.type === 'text') {
+        content += block.text;
+      } else if (block.type === 'tool_use') {
+        toolCalls.push({
+          id: block.id,
+          name: block.name,
+          arguments: block.input as Record<string, unknown>,
+        });
+      }
+    }
+
+    return {
+      content,
+      toolCalls: toolCalls.length > 0 ? toolCalls : undefined,
+      usage: {
+        inputTokens: response.usage.input_tokens,
+        outputTokens: response.usage.output_tokens,
+      },
+      stopReason: response.stop_reason as ProviderResult['stopReason'],
+    };
+  }
+
+  private handleError(error: unknown): Error {
+    if (error instanceof Anthropic.APIError) {
+      if (error.status === 429) {
+        const retryAfter = error.headers?.['retry-after'];
+        return new ProviderRateLimitError(
+          this.name,
+          retryAfter ? parseInt(retryAfter, 10) : undefined,
+        );
+      }
+      return new ProviderError(
+        error.message,
+        this.name,
+        error.code,
+        error.status,
+      );
+    }
+    if (error instanceof Error) {
+      return new ProviderError(error.message, this.name);
+    }
+    return new ProviderError('Unknown error', this.name);
+  }
+}
diff --git a/.agent/skills/coding-agent/add/src/providers/coding-agent.ts b/.agent/skills/coding-agent/add/src/providers/coding-agent.ts
new file mode 100644
index 0000000..ddf77ac
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/coding-agent.ts
@@ -0,0 +1,176 @@
+import { spawn, ChildProcess } from 'child_process';
+import {
+  AIProvider,
+  ProviderOptions,
+  ProviderResult,
+  StreamChunk,
+  ProviderConfig,
+  ProviderError,
+  ProviderUnavailableError,
+} from './provider.js';
+
+export class CodingAgentProvider implements AIProvider {
+  readonly name = 'coding-agent';
+  readonly type = 'claude' as const; // coding-agent uses Claude by default
+
+  private config: ProviderConfig;
+  private defaultModel: string;
+  private process: ChildProcess | null = null;
+
+  constructor(config: ProviderConfig = {}) {
+    this.config = config;
+    this.defaultModel = config.model || 'claude-sonnet-4-20250514';
+  }
+
+  async execute(
+    prompt: string,
+    options?: ProviderOptions,
+  ): Promise<ProviderResult> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(
+        this.name,
+        'coding-agent binary not found in PATH',
+      );
+    }
+
+    return new Promise((resolve, reject) => {
+      const args = this.buildArgs(prompt, options);
+
+      this.process = spawn('coding-agent', args, {
+        cwd: this.config.baseUrl || process.cwd(),
+        env: {
+          ...process.env,
+          ANTHROPIC_API_KEY:
+            this.config.apiKey || process.env.ANTHROPIC_API_KEY,
+          AGENT_CODE_OAUTH_TOKEN: process.env.AGENT_CODE_OAUTH_TOKEN,
+        },
+      });
+
+      let stdout = '';
+      let stderr = '';
+
+      this.process.stdout?.on('data', (data) => {
+        stdout += data.toString();
+      });
+
+      this.process.stderr?.on('data', (data) => {
+        stderr += data.toString();
+      });
+
+      this.process.on('close', (code) => {
+        if (code === 0) {
+          resolve({
+            content: stdout.trim(),
+            usage: undefined, // coding-agent doesn't report token usage
+          });
+        } else {
+          reject(
+            new ProviderError(
+              `coding-agent exited with code ${code}: ${stderr}`,
+              this.name,
+              'PROCESS_ERROR',
+              code ?? undefined,
+            ),
+          );
+        }
+      });
+
+      this.process.on('error', (error) => {
+        reject(
+          new ProviderError(
+            `Failed to spawn coding-agent: ${error.message}`,
+            this.name,
+          ),
+        );
+      });
+
+      // Send prompt via stdin
+      this.process.stdin?.write(prompt);
+      this.process.stdin?.end();
+    });
+  }
+
+  async *stream(
+    prompt: string,
+    options?: ProviderOptions,
+  ): AsyncIterable<StreamChunk> {
+    // coding-agent doesn't support streaming in the same way
+    // Execute and yield the complete result
+    const result = await this.execute(prompt, options);
+
+    // Yield text in chunks for consistency
+    const chunkSize = 100;
+    for (let i = 0; i < result.content.length; i += chunkSize) {
+      yield {
+        type: 'text',
+        delta: result.content.slice(i, i + chunkSize),
+      };
+    }
+
+    if (result.usage) {
+      yield { type: 'usage', usage: result.usage };
+    }
+  }
+
+  isAvailable(): boolean {
+    // Check if coding-agent binary exists
+    try {
+      const result = spawn('which', ['coding-agent'], { shell: true });
+      return result.exitCode === 0;
+    } catch {
+      return false;
+    }
+  }
+
+  async getModels(): Promise<string[]> {
+    // coding-agent uses Claude models
+    return [
+      'claude-opus-4-20250514',
+      'claude-sonnet-4-20250514',
+      'claude-haiku-3-5-20241022',
+    ];
+  }
+
+  getDefaultModel(): string {
+    return this.defaultModel;
+  }
+
+  private buildArgs(prompt: string, options?: ProviderOptions): string[] {
+    const args: string[] = [
+      '--non-interactive',
+      '--model',
+      options?.model || this.defaultModel,
+    ];
+
+    if (options?.systemPrompt) {
+      args.push('--system', options.systemPrompt);
+    }
+
+    if (options?.maxTokens) {
+      args.push('--max-tokens', options.maxTokens.toString());
+    }
+
+    if (options?.temperature !== undefined) {
+      args.push('--temperature', options.temperature.toString());
+    }
+
+    // Read from stdin
+    args.push('--stdin');
+
+    return args;
+  }
+
+  kill(): void {
+    if (this.process) {
+      this.process.kill();
+      this.process = null;
+    }
+  }
+}
+
+// Factory function for convenience
+export function createCodingAgentProvider(
+  config?: ProviderConfig,
+): CodingAgentProvider {
+  return new CodingAgentProvider(config);
+}
diff --git a/.agent/skills/coding-agent/add/src/providers/gemini.ts b/.agent/skills/coding-agent/add/src/providers/gemini.ts
new file mode 100644
index 0000000..08602fe
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/gemini.ts
@@ -0,0 +1,147 @@
+import { GoogleGenerativeAI } from '@google/generative-ai';
+import {
+  AIProvider,
+  ProviderOptions,
+  ProviderResult,
+  StreamChunk,
+  ProviderConfig,
+  ProviderError,
+  ProviderUnavailableError,
+  ToolDefinition,
+  ToolCall,
+} from './provider.js';
+
+export class GeminiProvider implements AIProvider {
+  readonly name = 'Gemini';
+  readonly type = 'gemini' as const;
+  
+  private client: GoogleGenerativeAI;
+  private config: ProviderConfig;
+  private defaultModel: string;
+
+  constructor(config: ProviderConfig = {}) {
+    this.config = config;
+    this.defaultModel = config.model || process.env.GEMINI_MODEL || 'gemini-pro';
+    
+    this.client = new GoogleGenerativeAI(
+      config.apiKey || process.env.GOOGLE_API_KEY || ''
+    );
+  }
+
+  async execute(prompt: string, options?: ProviderOptions): Promise<ProviderResult> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const model = this.client.getGenerativeModel({
+        model: options?.model || this.defaultModel,
+      });
+
+      const result = await model.generateContent({
+        contents: [{ role: 'user', parts: [{ text: prompt }] }],
+        generationConfig: {
+          maxOutputTokens: options?.maxTokens || 4096,
+          temperature: options?.temperature,
+          stopSequences: options?.stopSequences,
+        },
+        systemInstruction: options?.systemPrompt
+          ? { parts: [{ text: options.systemPrompt }] }
+          : undefined,
+      });
+
+      return this.parseResponse(result);
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  async *stream(prompt: string, options?: ProviderOptions): AsyncIterable<StreamChunk> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const model = this.client.getGenerativeModel({
+        model: options?.model || this.defaultModel,
+      });
+
+      const result = await model.generateContentStream({
+        contents: [{ role: 'user', parts: [{ text: prompt }] }],
+        generationConfig: {
+          maxOutputTokens: options?.maxTokens || 4096,
+          temperature: options?.temperature,
+          stopSequences: options?.stopSequences,
+        },
+        systemInstruction: options?.systemPrompt
+          ? { parts: [{ text: options.systemPrompt }] }
+          : undefined,
+      });
+
+      let inputTokens = 0;
+      let outputTokens = 0;
+
+      for await (const chunk of result.stream) {
+        const text = chunk.text();
+        if (text) {
+          yield { type: 'text', delta: text };
+        }
+
+        if (chunk.usageMetadata) {
+          inputTokens = chunk.usageMetadata.promptTokenCount;
+          outputTokens = chunk.usageMetadata.candidatesTokenCount;
+        }
+      }
+
+      yield { type: 'usage', usage: { inputTokens, outputTokens } };
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  isAvailable(): boolean {
+    return !!(this.config.apiKey || process.env.GOOGLE_API_KEY);
+  }
+
+  async getModels(): Promise<string[]> {
+    return [
+      'gemini-pro',
+      'gemini-pro-vision',
+      'gemini-1.5-pro',
+      'gemini-1.5-flash',
+    ];
+  }
+
+  getDefaultModel(): string {
+    return this.defaultModel;
+  }
+
+  private parseResponse(result: Awaited<ReturnType<GoogleGenerativeAI['getGenerativeModel'] extends (...args: any) => any ? ReturnType<ReturnType<GoogleGenerativeAI['getGenerativeModel']>['generateContent']> : never>): ProviderResult {
+    const response = result.response;
+    const content = response.text();
+
+    return {
+      content,
+      usage: response.usageMetadata
+        ? {
+            inputTokens: response.usageMetadata.promptTokenCount,
+            outputTokens: response.usageMetadata.candidatesTokenCount,
+          }
+        : undefined,
+      stopReason: response.candidates?.[0]?.finishReason as ProviderResult['stopReason'],
+    };
+  }
+
+  private handleError(error: unknown): Error {
+    if (error instanceof Error) {
+      if (error.message.includes('429') || error.message.includes('quota')) {
+        return new ProviderError(error.message, this.name, 'RATE_LIMIT', 429);
+      }
+      return new ProviderError(error.message, this.name);
+    }
+    return new ProviderError('Unknown error', this.name);
+  }
+}
+
+// Note: Tool use support in Gemini is more limited than Claude/OpenAI
+// Full tool/function calling requires additional configuration
diff --git a/.agent/skills/coding-agent/add/src/providers/index.ts b/.agent/skills/coding-agent/add/src/providers/index.ts
new file mode 100644
index 0000000..7bd82f7
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/index.ts
@@ -0,0 +1,143 @@
+import {
+  AIProvider,
+  ProviderType,
+  ExecutionMode,
+  ProviderConfig,
+  ProviderError,
+} from './provider.js';
+import { AnthropicProvider } from './anthropic.js';
+import { OpenAIProvider } from './openai.js';
+import { GeminiProvider } from './gemini.js';
+import { CodingAgentProvider } from './coding-agent.js';
+
+export {
+  ProviderError,
+  ProviderUnavailableError,
+  ProviderRateLimitError,
+  type AIProvider,
+  type ProviderOptions,
+  type ProviderResult,
+  type StreamChunk,
+  type ToolDefinition,
+  type ToolCall,
+  type ProviderType,
+  type ExecutionMode,
+  type ProviderConfig,
+};
+
+export { AnthropicProvider } from './anthropic.js';
+export { OpenAIProvider } from './openai.js';
+export { GeminiProvider } from './gemini.js';
+export { CodingAgentProvider } from './coding-agent.js';
+
+const PROVIDERS: Record<ProviderType, new (config: ProviderConfig) => AIProvider> = {
+  claude: AnthropicProvider,
+  openai: OpenAIProvider,
+  gemini: GeminiProvider,
+};
+
+export function createProvider(
+  type: ProviderType,
+  config: ProviderConfig = {}
+): AIProvider {
+  const ProviderClass = PROVIDERS[type];
+  if (!ProviderClass) {
+    throw new ProviderError(`Unknown provider type: ${type}`, 'factory');
+  }
+  return new ProviderClass(config);
+}
+
+export function createProviderFromEnv(): AIProvider {
+  const providerType = (process.env.AI_PROVIDER || 'claude') as ProviderType;
+  
+  if (!['claude', 'openai', 'gemini'].includes(providerType)) {
+    throw new ProviderError(
+      `Invalid AI_PROVIDER: ${providerType}. Must be claude, openai, or gemini`,
+      'factory'
+    );
+  }
+
+  const config: ProviderConfig = {
+    model: process.env.CLAUDE_MODEL || process.env.OPENAI_MODEL || process.env.GEMINI_MODEL,
+  };
+
+  switch (providerType) {
+    case 'claude':
+      config.apiKey = process.env.ANTHROPIC_API_KEY;
+      break;
+    case 'openai':
+      config.apiKey = process.env.OPENAI_API_KEY;
+      config.organizationId = process.env.OPENAI_ORG_ID;
+      break;
+    case 'gemini':
+      config.apiKey = process.env.GOOGLE_API_KEY;
+      break;
+  }
+
+  return createProvider(providerType, config);
+}
+
+export function createExecutionProvider(
+  mode: ExecutionMode = 'container',
+  providerType?: ProviderType
+): AIProvider {
+  const actualMode = mode || (process.env.EXECUTION_MODE as ExecutionMode) || 'container';
+  const actualType = providerType || (process.env.AI_PROVIDER as ProviderType) || 'claude';
+
+  switch (actualMode) {
+    case 'tui':
+      return new CodingAgentProvider({
+        model: process.env.CLAUDE_MODEL,
+      });
+    
+    case 'direct':
+      return createProviderFromEnv();
+    
+    case 'container':
+    default:
+      // Container mode uses the provider config passed to the container
+      return createProvider(actualType, {
+        apiKey: process.env.ANTHROPIC_API_KEY || process.env.OPENAI_API_KEY || process.env.GOOGLE_API_KEY,
+        model: process.env.CLAUDE_MODEL || process.env.OPENAI_MODEL || process.env.GEMINI_MODEL,
+      });
+  }
+}
+
+export function getAvailableProviders(): ProviderType[] {
+  const available: ProviderType[] = [];
+
+  if (process.env.ANTHROPIC_API_KEY || process.env.AGENT_CODE_OAUTH_TOKEN) {
+    available.push('claude');
+  }
+
+  if (process.env.OPENAI_API_KEY) {
+    available.push('openai');
+  }
+
+  if (process.env.GOOGLE_API_KEY) {
+    available.push('gemini');
+  }
+
+  return available;
+}
+
+export function getDefaultProvider(): ProviderType {
+  const available = getAvailableProviders();
+  
+  if (available.includes('claude')) {
+    return 'claude';
+  }
+  
+  if (available.includes('openai')) {
+    return 'openai';
+  }
+  
+  if (available.includes('gemini')) {
+    return 'gemini';
+  }
+
+  throw new ProviderError(
+    'No AI provider configured. Set ANTHROPIC_API_KEY, OPENAI_API_KEY, or GOOGLE_API_KEY',
+    'factory'
+  );
+}
diff --git a/.agent/skills/coding-agent/add/src/providers/openai.ts b/.agent/skills/coding-agent/add/src/providers/openai.ts
new file mode 100644
index 0000000..c5ca8da
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/openai.ts
@@ -0,0 +1,225 @@
+import OpenAI from 'openai';
+import {
+  AIProvider,
+  ProviderOptions,
+  ProviderResult,
+  StreamChunk,
+  ProviderConfig,
+  ProviderError,
+  ProviderUnavailableError,
+  ProviderRateLimitError,
+  ToolDefinition,
+  ToolCall,
+} from './provider.js';
+
+export class OpenAIProvider implements AIProvider {
+  readonly name = 'OpenAI';
+  readonly type = 'openai' as const;
+
+  private client: OpenAI;
+  private config: ProviderConfig;
+  private defaultModel: string;
+
+  constructor(config: ProviderConfig = {}) {
+    this.config = config;
+    this.defaultModel = config.model || process.env.OPENAI_MODEL || 'gpt-4o';
+
+    this.client = new OpenAI({
+      apiKey: config.apiKey || process.env.OPENAI_API_KEY,
+      baseURL: config.baseUrl,
+      organization: config.organizationId || process.env.OPENAI_ORG_ID,
+      timeout: config.timeout || 120000,
+      maxRetries: config.maxRetries || 2,
+    });
+  }
+
+  async execute(
+    prompt: string,
+    options?: ProviderOptions,
+  ): Promise<ProviderResult> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const response = await this.client.chat.completions.create({
+        model: options?.model || this.defaultModel,
+        max_tokens: options?.maxTokens || 4096,
+        temperature: options?.temperature,
+        messages: options?.systemPrompt
+          ? [
+              { role: 'system', content: options.systemPrompt },
+              { role: 'user', content: prompt },
+            ]
+          : [{ role: 'user', content: prompt }],
+        tools: options?.tools ? this.convertTools(options.tools) : undefined,
+        stop: options?.stopSequences,
+      });
+
+      return this.parseResponse(response);
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  async *stream(
+    prompt: string,
+    options?: ProviderOptions,
+  ): AsyncIterable<StreamChunk> {
+    if (!this.isAvailable()) {
+      throw new ProviderUnavailableError(this.name, 'API key not configured');
+    }
+
+    try {
+      const stream = await this.client.chat.completions.create({
+        model: options?.model || this.defaultModel,
+        max_tokens: options?.maxTokens || 4096,
+        temperature: options?.temperature,
+        messages: options?.systemPrompt
+          ? [
+              { role: 'system', content: options.systemPrompt },
+              { role: 'user', content: prompt },
+            ]
+          : [{ role: 'user', content: prompt }],
+        tools: options?.tools ? this.convertTools(options.tools) : undefined,
+        stop: options?.stopSequences,
+        stream: true,
+      });
+
+      let inputTokens = 0;
+      let outputTokens = 0;
+
+      for await (const chunk of stream) {
+        const delta = chunk.choices[0]?.delta;
+
+        if (delta?.content) {
+          yield { type: 'text', delta: delta.content };
+        }
+
+        if (delta?.tool_calls) {
+          for (const toolCall of delta.tool_calls) {
+            if (toolCall.function?.name) {
+              yield {
+                type: 'tool_use',
+                toolCall: {
+                  id: toolCall.id || '',
+                  name: toolCall.function.name,
+                  arguments: JSON.parse(toolCall.function.arguments || '{}'),
+                },
+              };
+            }
+          }
+        }
+
+        if (chunk.usage) {
+          inputTokens = chunk.usage.prompt_tokens;
+          outputTokens = chunk.usage.completion_tokens;
+        }
+      }
+
+      yield { type: 'usage', usage: { inputTokens, outputTokens } };
+    } catch (error) {
+      throw this.handleError(error);
+    }
+  }
+
+  isAvailable(): boolean {
+    return !!(this.config.apiKey || process.env.OPENAI_API_KEY);
+  }
+
+  async getModels(): Promise<string[]> {
+    return [
+      'gpt-4o',
+      'gpt-4o-mini',
+      'gpt-4-turbo',
+      'gpt-4',
+      'gpt-3.5-turbo',
+      'o1-preview',
+      'o1-mini',
+    ];
+  }
+
+  getDefaultModel(): string {
+    return this.defaultModel;
+  }
+
+  private convertTools(
+    tools: ToolDefinition[],
+  ): OpenAI.Chat.ChatCompletionTool[] {
+    return tools.map((tool) => ({
+      type: 'function' as const,
+      function: {
+        name: tool.name,
+        description: tool.description,
+        parameters: tool.parameters,
+      },
+    }));
+  }
+
+  private parseResponse(response: OpenAI.Chat.ChatCompletion): ProviderResult {
+    const choice = response.choices[0];
+    let content = '';
+    const toolCalls: ToolCall[] = [];
+
+    if (choice.message.content) {
+      content = choice.message.content;
+    }
+
+    if (choice.message.tool_calls) {
+      for (const toolCall of choice.message.tool_calls) {
+        toolCalls.push({
+          id: toolCall.id,
+          name: toolCall.function.name,
+          arguments: JSON.parse(toolCall.function.arguments),
+        });
+      }
+    }
+
+    return {
+      content,
+      toolCalls: toolCalls.length > 0 ? toolCalls : undefined,
+      usage: response.usage
+        ? {
+            inputTokens: response.usage.prompt_tokens,
+            outputTokens: response.usage.completion_tokens,
+          }
+        : undefined,
+      stopReason: this.mapStopReason(choice.finish_reason),
+    };
+  }
+
+  private mapStopReason(reason: string | null): ProviderResult['stopReason'] {
+    switch (reason) {
+      case 'stop':
+        return 'end_turn';
+      case 'length':
+        return 'max_tokens';
+      case 'tool_calls':
+        return 'tool_use';
+      default:
+        return 'end_turn';
+    }
+  }
+
+  private handleError(error: unknown): Error {
+    if (error instanceof OpenAI.APIError) {
+      if (error.status === 429) {
+        const retryAfter = error.headers?.['retry-after'];
+        return new ProviderRateLimitError(
+          this.name,
+          retryAfter ? parseInt(retryAfter, 10) : undefined,
+        );
+      }
+      return new ProviderError(
+        error.message,
+        this.name,
+        error.code,
+        error.status,
+      );
+    }
+    if (error instanceof Error) {
+      return new ProviderError(error.message, this.name);
+    }
+    return new ProviderError('Unknown error', this.name);
+  }
+}
diff --git a/.agent/skills/coding-agent/add/src/providers/provider.ts b/.agent/skills/coding-agent/add/src/providers/provider.ts
new file mode 100644
index 0000000..b8cb8d4
--- /dev/null
+++ b/.agent/skills/coding-agent/add/src/providers/provider.ts
@@ -0,0 +1,91 @@
+export interface ToolDefinition {
+  name: string;
+  description: string;
+  parameters: Record<string, unknown>;
+}
+
+export interface ToolCall {
+  id: string;
+  name: string;
+  arguments: Record<string, unknown>;
+}
+
+export interface ProviderOptions {
+  model?: string;
+  maxTokens?: number;
+  temperature?: number;
+  systemPrompt?: string;
+  tools?: ToolDefinition[];
+  stopSequences?: string[];
+}
+
+export interface ProviderResult {
+  content: string;
+  toolCalls?: ToolCall[];
+  usage?: {
+    inputTokens: number;
+    outputTokens: number;
+  };
+  stopReason?: 'end_turn' | 'max_tokens' | 'stop_sequence' | 'tool_use';
+}
+
+export interface StreamChunk {
+  type: 'text' | 'tool_use' | 'usage';
+  delta?: string;
+  toolCall?: ToolCall;
+  usage?: { inputTokens: number; outputTokens: number };
+}
+
+export type ProviderType = 'claude' | 'openai' | 'gemini';
+export type ExecutionMode = 'container' | 'tui' | 'direct';
+
+export interface AIProvider {
+  readonly name: string;
+  readonly type: ProviderType;
+  
+  execute(prompt: string, options?: ProviderOptions): Promise<ProviderResult>;
+  stream(prompt: string, options?: ProviderOptions): AsyncIterable<StreamChunk>;
+  isAvailable(): boolean;
+  getModels(): Promise<string[]>;
+  getDefaultModel(): string;
+}
+
+export interface ProviderConfig {
+  apiKey?: string;
+  model?: string;
+  baseUrl?: string;
+  organizationId?: string;
+  timeout?: number;
+  maxRetries?: number;
+}
+
+export class ProviderError extends Error {
+  constructor(
+    message: string,
+    public readonly provider: string,
+    public readonly code?: string,
+    public readonly statusCode?: number
+  ) {
+    super(message);
+    this.name = 'ProviderError';
+  }
+}
+
+export class ProviderUnavailableError extends ProviderError {
+  constructor(provider: string, reason: string) {
+    super(`Provider ${provider} unavailable: ${reason}`, provider, 'UNAVAILABLE');
+    this.name = 'ProviderUnavailableError';
+  }
+}
+
+export class ProviderRateLimitError extends ProviderError {
+  constructor(provider: string, retryAfter?: number) {
+    super(
+      `Provider ${provider} rate limited${retryAfter ? `, retry after ${retryAfter}s` : ''}`,
+      provider,
+      'RATE_LIMIT',
+      429
+    );
+    this.name = 'ProviderRateLimitError';
+  }
+}
diff --git a/.agent/skills/coding-agent/manifest.yaml b/.agent/skills/coding-agent/manifest.yaml
new file mode 100644
index 0000000..0cd22c0
--- /dev/null
+++ b/.agent/skills/coding-agent/manifest.yaml
@@ -0,0 +1,36 @@
+skill: coding-agent
+version: 1.0.0
+description: 'Provider abstraction layer for AI providers (Claude, OpenAI, Gemini) and TUI integration via coding-agent'
+core_version: 0.6.0
+adds:
+  - src/providers/provider.ts
+  - src/providers/anthropic.ts
+  - src/providers/openai.ts
+  - src/providers/gemini.ts
+  - src/providers/coding-agent.ts
+  - src/providers/index.ts
+  - src/providers/provider.test.ts
+modifies:
+  - src/config.ts
+  - src/container-runner.ts
+  - .env.example
+structured:
+  npm_dependencies:
+    '@anthropic-ai/sdk': '^0.39.0'
+    'openai': '^4.90.0'
+    '@google/generative-ai': '^0.21.0'
+  env_additions:
+    - AI_PROVIDER
+    - EXECUTION_MODE
+    - ANTHROPIC_API_KEY
+    - CLAUDE_MODEL
+    - OPENAI_API_KEY
+    - OPENAI_MODEL
+    - OPENAI_ORG_ID
+    - GOOGLE_API_KEY
+    - GEMINI_MODEL
+    - FALLBACK_PROVIDER
+    - FALLBACK_MODEL
+conflicts: []
+depends: []
+test: 'npx vitest run src/providers/provider.test.ts'
diff --git a/.agent/skills/coding-agent/modify/.env.example b/.agent/skills/coding-agent/modify/.env.example
new file mode 100644
index 0000000..11267c9
--- /dev/null
+++ b/.agent/skills/coding-agent/modify/.env.example
@@ -0,0 +1,60 @@
+# Clawdie Environment Configuration
+
+# === Assistant Configuration ===
+ASSISTANT_NAME=Clawdie
+
+# === Provider Selection ===
+# Which AI provider to use: claude, openai, or gemini
+AI_PROVIDER=claude
+
+# How to execute requests: container (default), tui, or direct
+EXECUTION_MODE=container
+
+# === Claude/Anthropic Configuration ===
+# Get API key from https://console.anthropic.com/
+# Or use OAuth token from: claude setup-token
+ANTHROPIC_API_KEY=sk-ant-your-key-here
+# AGENT_CODE_OAUTH_TOKEN=your-oauth-token
+
+# Claude model selection
+CLAUDE_MODEL=claude-sonnet-4-20250514
+
+# === OpenAI Configuration ===
+# Get API key from https://platform.openai.com/api-keys
+# OPENAI_API_KEY=sk-your-key-here
+# OPENAI_ORG_ID=org-your-org-id
+
+# OpenAI model selection
+# OPENAI_MODEL=gpt-4o
+
+# === Gemini Configuration ===
+# Get API key from https://aistudio.google.com/app/apikey
+# GOOGLE_API_KEY=your-key-here
+
+# Gemini model selection
+# GEMINI_MODEL=gemini-pro
+
+# === Fallback Provider (Optional) ===
+# If primary provider fails, use this provider
+# FALLBACK_PROVIDER=openai
+# FALLBACK_MODEL=gpt-4o
+
+# === Telegram Configuration ===
+# Get bot token from @BotFather on Telegram
+TELEGRAM_BOT_TOKEN=your-bot-token-here
+
+# Set to true if Telegram should be the only channel
+TELEGRAM_ONLY=true
+
+# === Container Configuration ===
+CONTAINER_IMAGE=clawdie-cp-agent:latest
+CONTAINER_TIMEOUT=1800000
+CONTAINER_MAX_OUTPUT_SIZE=10485760
+MAX_CONCURRENT_CONTAINERS=5
+
+# === Other Settings ===
+# Timezone for scheduled tasks
+# TZ=Europe/Ljubljana
+
+# Idle timeout for containers (30 min default)
+IDLE_TIMEOUT=1800000
diff --git a/.agent/skills/coding-agent/modify/src/config.ts b/.agent/skills/coding-agent/modify/src/config.ts
new file mode 100644
index 0000000..66c2432
--- /dev/null
+++ b/.agent/skills/coding-agent/modify/src/config.ts
@@ -0,0 +1,121 @@
+import os from 'os';
+import path from 'path';
+
+import { readEnvFile } from './env.js';
+
+// Read config values from .env (falls back to process.env).
+// Secrets are NOT read here — they stay on disk and are loaded only
+// where needed (container-runner.ts) to avoid leaking to child processes.
+const envConfig = readEnvFile(['ASSISTANT_NAME', 'ASSISTANT_HAS_OWN_NUMBER']);
+
+export const ASSISTANT_NAME =
+  process.env.ASSISTANT_NAME || envConfig.ASSISTANT_NAME || 'Andy';
+export const ASSISTANT_HAS_OWN_NUMBER =
+  (process.env.ASSISTANT_HAS_OWN_NUMBER ||
+    envConfig.ASSISTANT_HAS_OWN_NUMBER) === 'true';
+export const POLL_INTERVAL = 2000;
+export const SCHEDULER_POLL_INTERVAL = 60000;
+
+// Absolute paths needed for container mounts
+const PROJECT_ROOT = process.cwd();
+const HOME_DIR = process.env.HOME || os.homedir();
+
+// Mount security: allowlist stored OUTSIDE project root, never mounted into containers
+export const MOUNT_ALLOWLIST_PATH = path.join(
+  HOME_DIR,
+  '.config',
+  (process.env.AGENT_NAME || 'clawdie') + '-cp',
+  'mount-allowlist.json',
+);
+export const STORE_DIR = path.resolve(PROJECT_ROOT, 'store');
+export const GROUPS_DIR = path.resolve(PROJECT_ROOT, 'groups');
+export const DATA_DIR = path.resolve(PROJECT_ROOT, 'data');
+export const MAIN_GROUP_FOLDER = 'main';
+
+export const CONTAINER_IMAGE =
+  process.env.CONTAINER_IMAGE || (process.env.AGENT_NAME || 'clawdie') + '-cp-agent:latest';
+export const CONTAINER_TIMEOUT = parseInt(
+  process.env.CONTAINER_TIMEOUT || '1800000',
+  10,
+);
+export const CONTAINER_MAX_OUTPUT_SIZE = parseInt(
+  process.env.CONTAINER_MAX_OUTPUT_SIZE || '10485760',
+  10,
+); // 10MB default
+export const IPC_POLL_INTERVAL = 1000;
+export const IDLE_TIMEOUT = parseInt(process.env.IDLE_TIMEOUT || '1800000', 10); // 30min default — how long to keep container alive after last result
+export const MAX_CONCURRENT_CONTAINERS = Math.max(
+  1,
+  parseInt(process.env.MAX_CONCURRENT_CONTAINERS || '5', 10) || 5,
+);
+
+function escapeRegex(str: string): string {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+export const TRIGGER_PATTERN = new RegExp(
+  `^@${escapeRegex(ASSISTANT_NAME)}\\b`,
+  'i',
+);
+
+// Timezone for scheduled tasks (cron expressions, etc.)
+// Uses system timezone by default
+export const TIMEZONE =
+  process.env.TZ || Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+// === Provider Configuration ===
+// These settings control which AI provider to use and how to execute requests
+
+export type ProviderType = 'claude' | 'openai' | 'gemini';
+export type ExecutionMode = 'container' | 'tui' | 'direct';
+
+export const AI_PROVIDER = (process.env.AI_PROVIDER ||
+  'claude') as ProviderType;
+export const EXECUTION_MODE = (process.env.EXECUTION_MODE ||
+  'container') as ExecutionMode;
+
+// Claude/Anthropic configuration
+export const CLAUDE_MODEL =
+  process.env.CLAUDE_MODEL || 'claude-sonnet-4-20250514';
+
+// OpenAI configuration
+export const OPENAI_MODEL = process.env.OPENAI_MODEL || 'gpt-4o';
+
+// Gemini configuration
+export const GEMINI_MODEL = process.env.GEMINI_MODEL || 'gemini-pro';
+
+// Fallback provider (optional)
+export const FALLBACK_PROVIDER = process.env.FALLBACK_PROVIDER as
+  | ProviderType
+  | undefined;
+export const FALLBACK_MODEL = process.env.FALLBACK_MODEL;
+
+// Validate provider type
+if (!['claude', 'openai', 'gemini'].includes(AI_PROVIDER)) {
+  console.warn(
+    `Warning: Invalid AI_PROVIDER "${AI_PROVIDER}", defaulting to "claude"`,
+  );
+}
+
+// Validate execution mode
+if (!['container', 'tui', 'direct'].includes(EXECUTION_MODE)) {
+  console.warn(
+    `Warning: Invalid EXECUTION_MODE "${EXECUTION_MODE}", defaulting to "container"`,
+  );
+}
+
+// Get the effective model for the current provider
+export function getModelForProvider(
+  provider: ProviderType = AI_PROVIDER,
+): string {
+  switch (provider) {
+    case 'claude':
+      return CLAUDE_MODEL;
+    case 'openai':
+      return OPENAI_MODEL;
+    case 'gemini':
+      return GEMINI_MODEL;
+    default:
+      return CLAUDE_MODEL;
+  }
+}
diff --git a/.agent/skills/coding-agent/modify/src/config.ts.intent.md b/.agent/skills/coding-agent/modify/src/config.ts.intent.md
new file mode 100644
index 0000000..3917f1d
--- /dev/null
+++ b/.agent/skills/coding-agent/modify/src/config.ts.intent.md
@@ -0,0 +1,72 @@
+# src/config.ts Modification Intent
+
+## What Changed
+
+Added provider configuration settings to enable multi-provider support (Claude, OpenAI, Gemini) and execution mode selection (container, TUI, direct API).
+
+## Changes Made
+
+1. **Type Definitions**
+   - Added `ProviderType` type: `'claude' | 'openai' | 'gemini'`
+   - Added `ExecutionMode` type: `'container' | 'tui' | 'direct'`
+
+2. **New Configuration Exports**
+   - `AI_PROVIDER` - Which AI provider to use (default: 'claude')
+   - `EXECUTION_MODE` - How to execute requests (default: 'container')
+   - `CLAUDE_MODEL` - Claude model name (default: 'claude-sonnet-4-20250514')
+   - `OPENAI_MODEL` - OpenAI model name (default: 'gpt-4o')
+   - `GEMINI_MODEL` - Gemini model name (default: 'gemini-pro')
+   - `FALLBACK_PROVIDER` - Optional secondary provider
+   - `FALLBACK_MODEL` - Optional fallback model
+
+3. **Helper Function**
+   - `getModelForProvider(provider)` - Returns the appropriate model name for a given provider
+
+4. **Validation**
+   - Warns if invalid `AI_PROVIDER` is set
+   - Warns if invalid `EXECUTION_MODE` is set
+
+## Invariants
+
+1. **Backwards Compatibility**: All existing exports remain unchanged. New settings are additive.
+
+2. **Default Values**: If environment variables are not set, sensible defaults are used:
+   - Provider defaults to 'claude' (existing behavior)
+   - Mode defaults to 'container' (existing behavior)
+
+3. **No Secret Exposure**: API keys are NOT read here. They remain in environment and are read only where needed (container-runner.ts, providers).
+
+4. **Type Safety**: Provider and mode types are exported for use throughout the codebase.
+
+## Environment Variables
+
+```bash
+# Provider Selection
+AI_PROVIDER=claude              # claude | openai | gemini
+EXECUTION_MODE=container        # container | tui | direct
+
+# Model Selection (provider-specific)
+CLAUDE_MODEL=claude-sonnet-4-20250514
+OPENAI_MODEL=gpt-4o
+GEMINI_MODEL=gemini-pro
+
+# Fallback (optional)
+FALLBACK_PROVIDER=openai
+FALLBACK_MODEL=gpt-4o
+```
+
+## Usage
+
+```typescript
+import { AI_PROVIDER, EXECUTION_MODE, getModelForProvider } from './config.js';
+
+const model = getModelForProvider(AI_PROVIDER);
+console.log(`Using ${AI_PROVIDER} with model ${model} in ${EXECUTION_MODE} mode`);
+```
+
+## Testing Considerations
+
+- Test with each provider type
+- Test with missing environment variables
+- Test fallback logic
+- Verify warnings are logged for invalid values
diff --git a/.agent/skills/coding-agent/modify/src/container-runner.ts b/.agent/skills/coding-agent/modify/src/container-runner.ts
new file mode 100644
index 0000000..2659e99
--- /dev/null
+++ b/.agent/skills/coding-agent/modify/src/container-runner.ts
@@ -0,0 +1,17 @@
+# Placeholder for container-runner.ts modifications
+# The actual three-way merge will be handled by the skills engine
+# 
+# Key additions to make in src/container-runner.ts:
+# 
+# 1. Import provider system:
+#    import { createExecutionProvider, AIProvider } from './providers/index.js';
+#    import { AI_PROVIDER, EXECUTION_MODE } from './config.js';
+# 
+# 2. Add provider instance to container context
+# 3. Modify runInContainer() to check EXECUTION_MODE:
+#    - If 'direct': Use provider.execute() directly
+#    - If 'tui': Use CodingAgentProvider
+#    - If 'container': Use existing container logic
+# 
+# 4. Pass provider config to container environment
+# 5. Add fallback provider logic if FALLBACK_PROVIDER is set
diff --git a/.agent/skills/coding-agent/modify/src/container-runner.ts.intent.md b/.agent/skills/coding-agent/modify/src/container-runner.ts.intent.md
new file mode 100644
index 0000000..966d0a8
--- /dev/null
+++ b/.agent/skills/coding-agent/modify/src/container-runner.ts.intent.md
@@ -0,0 +1,195 @@
+# src/container-runner.ts Modification Intent
+
+## What Changed
+
+Modified the container runner to support multiple execution modes (container, TUI, direct API) and provider abstraction.
+
+## Changes Made
+
+### 1. New Imports
+
+```typescript
+import {
+  createExecutionProvider,
+  AIProvider,
+  ProviderError,
+  ProviderUnavailableError,
+} from './providers/index.js';
+import {
+  AI_PROVIDER,
+  EXECUTION_MODE,
+  getModelForProvider,
+  FALLBACK_PROVIDER,
+  FALLBACK_MODEL,
+} from './config.js';
+```
+
+### 2. Provider Instance Caching
+
+```typescript
+let cachedProvider: AIProvider | null = null;
+
+function getProvider(): AIProvider {
+  if (!cachedProvider) {
+    cachedProvider = createExecutionProvider(EXECUTION_MODE, AI_PROVIDER);
+  }
+  return cachedProvider;
+}
+```
+
+### 3. Modified runInContainer()
+
+The function now checks `EXECUTION_MODE` before deciding how to execute:
+
+```typescript
+export async function runInContainer(
+  input: ContainerInput,
+  group: RegisteredGroup,
+): Promise<ContainerOutput> {
+  switch (EXECUTION_MODE) {
+    case 'direct':
+      return runDirect(input);
+    case 'tui':
+      return runWithTUI(input);
+    case 'container':
+    default:
+      return runInContainerProcess(input, group);
+  }
+}
+```
+
+### 4. Direct Execution Mode
+
+```typescript
+async function runDirect(input: ContainerInput): Promise<ContainerOutput> {
+  try {
+    const provider = getProvider();
+    const result = await provider.execute(input.prompt, {
+      model: getModelForProvider(),
+      systemPrompt: buildSystemPrompt(input),
+    });
+
+    return {
+      status: 'success',
+      result: result.content,
+    };
+  } catch (error) {
+    if (error instanceof ProviderError) {
+      // Try fallback provider if configured
+      if (FALLBACK_PROVIDER) {
+        return runWithFallback(input, error);
+      }
+    }
+    return {
+      status: 'error',
+      error: error instanceof Error ? error.message : 'Unknown error',
+    };
+  }
+}
+```
+
+### 5. TUI Execution Mode
+
+```typescript
+async function runWithTUI(input: ContainerInput): Promise<ContainerOutput> {
+  const provider = new CodingAgentProvider({
+    model: getModelForProvider(),
+  });
+
+  // TUI mode spawns coding-agent process
+  return runDirect(input); // Same logic, different provider
+}
+```
+
+### 6. Fallback Provider Logic
+
+```typescript
+async function runWithFallback(
+  input: ContainerInput,
+  originalError: ProviderError,
+): Promise<ContainerOutput> {
+  logger.warn(
+    `Primary provider failed: ${originalError.message}. Trying fallback...`,
+  );
+
+  const fallbackProvider = createExecutionProvider(
+    EXECUTION_MODE,
+    FALLBACK_PROVIDER,
+  );
+
+  try {
+    const result = await fallbackProvider.execute(input.prompt, {
+      model: FALLBACK_MODEL || getModelForProvider(FALLBACK_PROVIDER),
+      systemPrompt: buildSystemPrompt(input),
+    });
+
+    return {
+      status: 'success',
+      result: result.content,
+    };
+  } catch (fallbackError) {
+    logger.error(`Fallback provider also failed: ${fallbackError}`);
+    return {
+      status: 'error',
+      error: originalError.message,
+    };
+  }
+}
+```
+
+### 7. Environment Variable Passing
+
+When `EXECUTION_MODE=container`, pass provider config to container:
+
+```typescript
+const envVars: Record<string, string> = {
+  // ... existing vars
+  AI_PROVIDER,
+  EXECUTION_MODE,
+  CLAUDE_MODEL,
+  OPENAI_MODEL,
+  GEMINI_MODEL,
+};
+```
+
+## Invariants
+
+1. **Backwards Compatibility**: Existing container-based execution is the default. No behavior change unless `EXECUTION_MODE` is explicitly set.
+
+2. **Error Handling**: All execution modes return the same `ContainerOutput` type for consistency.
+
+3. **Logging**: Mode selection and fallbacks are logged for debugging.
+
+4. **Session Management**: Direct and TUI modes don't support session persistence (no sessionId returned).
+
+5. **Security**: API keys are only passed to containers via environment, never logged.
+
+## Execution Mode Comparison
+
+| Mode      | Isolation          | Overhead | Features                              |
+| --------- | ------------------ | -------- | ------------------------------------- |
+| container | Full (jail/Docker) | Moderate | All features, session persistence     |
+| tui       | Process isolation  | Low      | Interactive debugging, no persistence |
+| direct    | None               | Minimal  | Fastest, no persistence, no isolation |
+
+## Testing Considerations
+
+1. Test each execution mode
+2. Test fallback provider switching
+3. Test error propagation
+4. Test session handling differences
+5. Test environment variable passing
+
+## Migration Path
+
+Existing deployments:
+
+1. No changes required - defaults to 'container' mode
+2. To use TUI mode: Set `EXECUTION_MODE=tui` and install coding-agent
+3. To use direct API: Set `EXECUTION_MODE=direct`
+
+New deployments:
+
+1. Choose execution mode based on requirements
+2. Set appropriate provider API keys
+3. Configure fallback if desired
diff --git a/.agent/skills/coding-agent/tests/provider.test.ts b/.agent/skills/coding-agent/tests/provider.test.ts
new file mode 100644
index 0000000..9ea088f
--- /dev/null
+++ b/.agent/skills/coding-agent/tests/provider.test.ts
@@ -0,0 +1,283 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import {
+  AIProvider,
+  ProviderOptions,
+  ProviderResult,
+  ProviderError,
+  ProviderUnavailableError,
+} from '../add/src/providers/provider.js';
+import { AnthropicProvider } from '../add/src/providers/anthropic.js';
+import { OpenAIProvider } from '../add/src/providers/openai.js';
+import { GeminiProvider } from '../add/src/providers/gemini.js';
+import {
+  createProvider,
+  createProviderFromEnv,
+  getAvailableProviders,
+  getDefaultProvider,
+} from '../add/src/providers/index.js';
+
+describe('Provider Interface', () => {
+  it('should define required methods', () => {
+    const mockProvider: AIProvider = {
+      name: 'mock',
+      type: 'claude',
+      execute: vi.fn(),
+      stream: vi.fn(),
+      isAvailable: vi.fn(),
+      getModels: vi.fn(),
+      getDefaultModel: vi.fn(),
+    };
+
+    expect(mockProvider.name).toBe('mock');
+    expect(mockProvider.type).toBe('claude');
+    expect(typeof mockProvider.execute).toBe('function');
+    expect(typeof mockProvider.stream).toBe('function');
+    expect(typeof mockProvider.isAvailable).toBe('function');
+    expect(typeof mockProvider.getModels).toBe('function');
+    expect(typeof mockProvider.getDefaultModel).toBe('function');
+  });
+});
+
+describe('AnthropicProvider', () => {
+  let originalEnv: NodeJS.ProcessEnv;
+
+  beforeEach(() => {
+    originalEnv = { ...process.env };
+    delete process.env.ANTHROPIC_API_KEY;
+    delete process.env.AGENT_CODE_OAUTH_TOKEN;
+  });
+
+  afterEach(() => {
+    process.env = originalEnv;
+  });
+
+  it('should not be available without API key', () => {
+    const provider = new AnthropicProvider();
+    expect(provider.isAvailable()).toBe(false);
+  });
+
+  it('should be available with API key', () => {
+    process.env.ANTHROPIC_API_KEY = 'sk-ant-test';
+    const provider = new AnthropicProvider();
+    expect(provider.isAvailable()).toBe(true);
+  });
+
+  it('should be available with OAuth token', () => {
+    process.env.AGENT_CODE_OAUTH_TOKEN = 'test-token';
+    const provider = new AnthropicProvider();
+    expect(provider.isAvailable()).toBe(true);
+  });
+
+  it('should return correct default model', () => {
+    const provider = new AnthropicProvider();
+    expect(provider.getDefaultModel()).toBe('claude-sonnet-4-20250514');
+  });
+
+  it('should return list of models', async () => {
+    const provider = new AnthropicProvider();
+    const models = await provider.getModels();
+    expect(models).toContain('claude-sonnet-4-20250514');
+    expect(models).toContain('claude-opus-4-20250514');
+  });
+
+  it('should throw when not available', async () => {
+    const provider = new AnthropicProvider();
+    await expect(provider.execute('test')).rejects.toThrow(
+      ProviderUnavailableError,
+    );
+  });
+});
+
+describe('OpenAIProvider', () => {
+  let originalEnv: NodeJS.ProcessEnv;
+
+  beforeEach(() => {
+    originalEnv = { ...process.env };
+    delete process.env.OPENAI_API_KEY;
+  });
+
+  afterEach(() => {
+    process.env = originalEnv;
+  });
+
+  it('should not be available without API key', () => {
+    const provider = new OpenAIProvider();
+    expect(provider.isAvailable()).toBe(false);
+  });
+
+  it('should be available with API key', () => {
+    process.env.OPENAI_API_KEY = 'sk-test';
+    const provider = new OpenAIProvider();
+    expect(provider.isAvailable()).toBe(true);
+  });
+
+  it('should return correct default model', () => {
+    const provider = new OpenAIProvider();
+    expect(provider.getDefaultModel()).toBe('gpt-4o');
+  });
+
+  it('should return list of models', async () => {
+    const provider = new OpenAIProvider();
+    const models = await provider.getModels();
+    expect(models).toContain('gpt-4o');
+    expect(models).toContain('gpt-4-turbo');
+  });
+
+  it('should throw when not available', async () => {
+    const provider = new OpenAIProvider();
+    await expect(provider.execute('test')).rejects.toThrow(
+      ProviderUnavailableError,
+    );
+  });
+});
+
+describe('GeminiProvider', () => {
+  let originalEnv: NodeJS.ProcessEnv;
+
+  beforeEach(() => {
+    originalEnv = { ...process.env };
+    delete process.env.GOOGLE_API_KEY;
+  });
+
+  afterEach(() => {
+    process.env = originalEnv;
+  });
+
+  it('should not be available without API key', () => {
+    const provider = new GeminiProvider();
+    expect(provider.isAvailable()).toBe(false);
+  });
+
+  it('should be available with API key', () => {
+    process.env.GOOGLE_API_KEY = 'test-key';
+    const provider = new GeminiProvider();
+    expect(provider.isAvailable()).toBe(true);
+  });
+
+  it('should return correct default model', () => {
+    const provider = new GeminiProvider();
+    expect(provider.getDefaultModel()).toBe('gemini-pro');
+  });
+
+  it('should return list of models', async () => {
+    const provider = new GeminiProvider();
+    const models = await provider.getModels();
+    expect(models).toContain('gemini-pro');
+    expect(models).toContain('gemini-1.5-pro');
+  });
+
+  it('should throw when not available', async () => {
+    const provider = new GeminiProvider();
+    await expect(provider.execute('test')).rejects.toThrow(
+      ProviderUnavailableError,
+    );
+  });
+});
+
+describe('Provider Factory', () => {
+  let originalEnv: NodeJS.ProcessEnv;
+
+  beforeEach(() => {
+    originalEnv = { ...process.env };
+    delete process.env.ANTHROPIC_API_KEY;
+    delete process.env.OPENAI_API_KEY;
+    delete process.env.GOOGLE_API_KEY;
+    delete process.env.AI_PROVIDER;
+  });
+
+  afterEach(() => {
+    process.env = originalEnv;
+  });
+
+  it('should create provider by type', () => {
+    const claude = createProvider('claude');
+    expect(claude.name).toBe('Anthropic');
+    expect(claude.type).toBe('claude');
+
+    const openai = createProvider('openai');
+    expect(openai.name).toBe('OpenAI');
+    expect(openai.type).toBe('openai');
+
+    const gemini = createProvider('gemini');
+    expect(gemini.name).toBe('Gemini');
+    expect(gemini.type).toBe('gemini');
+  });
+
+  it('should get available providers', () => {
+    expect(getAvailableProviders()).toEqual([]);
+
+    process.env.ANTHROPIC_API_KEY = 'sk-ant-test';
+    expect(getAvailableProviders()).toEqual(['claude']);
+
+    process.env.OPENAI_API_KEY = 'sk-test';
+    expect(getAvailableProviders()).toEqual(['claude', 'openai']);
+
+    process.env.GOOGLE_API_KEY = 'test-key';
+    expect(getAvailableProviders()).toEqual(['claude', 'openai', 'gemini']);
+  });
+
+  it('should get default provider', () => {
+    process.env.ANTHROPIC_API_KEY = 'sk-ant-test';
+    expect(getDefaultProvider()).toBe('claude');
+
+    delete process.env.ANTHROPIC_API_KEY;
+    process.env.OPENAI_API_KEY = 'sk-test';
+    expect(getDefaultProvider()).toBe('openai');
+
+    delete process.env.OPENAI_API_KEY;
+    process.env.GOOGLE_API_KEY = 'test-key';
+    expect(getDefaultProvider()).toBe('gemini');
+  });
+
+  it('should throw when no providers available', () => {
+    expect(() => getDefaultProvider()).toThrow(ProviderError);
+  });
+
+  it('should create provider from environment', () => {
+    process.env.ANTHROPIC_API_KEY = 'sk-ant-test';
+    process.env.AI_PROVIDER = 'claude';
+
+    const provider = createProviderFromEnv();
+    expect(provider.name).toBe('Anthropic');
+    expect(provider.type).toBe('claude');
+  });
+
+  it('should throw on invalid provider type', () => {
+    process.env.AI_PROVIDER = 'invalid';
+    expect(() => createProviderFromEnv()).toThrow(ProviderError);
+  });
+});
+
+describe('ProviderError', () => {
+  it('should create error with all fields', () => {
+    const error = new ProviderError('Test error', 'claude', 'TEST_CODE', 500);
+    expect(error.message).toBe('Test error');
+    expect(error.provider).toBe('claude');
+    expect(error.code).toBe('TEST_CODE');
+    expect(error.statusCode).toBe(500);
+    expect(error.name).toBe('ProviderError');
+  });
+
+  it('should create error with minimal fields', () => {
+    const error = new ProviderError('Test error', 'claude');
+    expect(error.message).toBe('Test error');
+    expect(error.provider).toBe('claude');
+    expect(error.code).toBeUndefined();
+    expect(error.statusCode).toBeUndefined();
+  });
+});
+
+describe('ProviderUnavailableError', () => {
+  it('should create unavailable error', () => {
+    const error = new ProviderUnavailableError(
+      'claude',
+      'API key not configured',
+    );
+    expect(error.message).toBe(
+      'Provider claude unavailable: API key not configured',
+    );
+    expect(error.provider).toBe('claude');
+    expect(error.code).toBe('UNAVAILABLE');
+    expect(error.name).toBe('ProviderUnavailableError');
+  });
+});
diff --git a/.agent/skills/customize/SKILL.md b/.agent/skills/customize/SKILL.md
new file mode 100644
index 0000000..c416e9a
--- /dev/null
+++ b/.agent/skills/customize/SKILL.md
@@ -0,0 +1,120 @@
+---
+name: customize
+description: Add new capabilities or modify NanoClaw behavior. Use when user wants to add channels (Telegram, Slack, email input), change triggers, add integrations, modify the router, or make any other customizations. This is an interactive skill that asks questions to understand what the user wants.
+---
+
+# NanoClaw Customization
+
+This skill helps users add capabilities or modify behavior. Use AskUserQuestion to understand what they want before making changes.
+
+## Workflow
+
+1. **Understand the request** - Ask clarifying questions
+2. **Plan the changes** - Identify files to modify
+3. **Implement** - Make changes directly to the code
+4. **Test guidance** - Tell user how to verify
+
+## Key Files
+
+| File                       | Purpose                                             |
+| -------------------------- | --------------------------------------------------- |
+| `src/index.ts`             | Orchestrator: state, message loop, agent invocation |
+| `src/channels/whatsapp.ts` | WhatsApp connection, auth, send/receive             |
+| `src/ipc.ts`               | IPC watcher and task processing                     |
+| `src/router.ts`            | Message formatting and outbound routing             |
+| `src/types.ts`             | TypeScript interfaces (includes Channel)            |
+| `src/config.ts`            | Assistant name, trigger pattern, directories        |
+| `src/db.ts`                | Database initialization and queries                 |
+| `src/whatsapp-auth.ts`     | Standalone WhatsApp authentication script           |
+| `groups/AGENT.md`          | Global memory/persona                               |
+
+## Common Customization Patterns
+
+### Adding a New Input Channel (e.g., Telegram, Slack, Email)
+
+Questions to ask:
+
+- Which channel? (Telegram, Slack, Discord, email, SMS, etc.)
+- Same trigger word or different?
+- Same memory hierarchy or separate?
+- Should messages from this channel go to existing groups or new ones?
+
+Implementation pattern:
+
+1. Create `src/channels/{name}.ts` implementing the `Channel` interface from `src/types.ts` (see `src/channels/whatsapp.ts` for reference)
+2. Add the channel instance to `main()` in `src/index.ts` and wire callbacks (`onMessage`, `onChatMetadata`)
+3. Messages are stored via the `onMessage` callback; routing is automatic via `ownsJid()`
+
+### Adding a New MCP Integration
+
+Questions to ask:
+
+- What service? (Calendar, Notion, database, etc.)
+- What operations needed? (read, write, both)
+- Which groups should have access?
+
+Implementation:
+
+1. Add MCP server config to the container settings (see `src/container-runner.ts` for how MCP servers are mounted)
+2. Document available tools in `groups/AGENT.md`
+
+### Changing Assistant Behavior
+
+Questions to ask:
+
+- What aspect? (name, trigger, persona, response style)
+- Apply to all groups or specific ones?
+
+Simple changes → edit `src/config.ts`
+Persona changes → edit `groups/AGENT.md`
+Per-group behavior → edit specific group's `AGENT.md`
+
+### Adding New Commands
+
+Questions to ask:
+
+- What should the command do?
+- Available in all groups or main only?
+- Does it need new MCP tools?
+
+Implementation:
+
+1. Commands are handled by the agent naturally — add instructions to `groups/AGENT.md` or the group's `AGENT.md`
+2. For trigger-level routing changes, modify `processGroupMessages()` in `src/index.ts`
+
+### Changing Deployment
+
+Questions to ask:
+
+- Target platform? (Linux server, Docker, different Mac)
+- Service manager? (systemd, Docker, supervisord)
+
+Implementation:
+
+1. Create appropriate service files
+2. Update paths in config
+3. Provide setup instructions
+
+## After Changes
+
+Always tell the user:
+
+```bash
+# Rebuild and restart
+npm run build
+# macOS:
+launchctl unload ~/Library/LaunchAgents/com.nanoclaw.plist
+launchctl load ~/Library/LaunchAgents/com.nanoclaw.plist
+# Linux:
+# systemctl --user restart nanoclaw
+```
+
+## Example Interaction
+
+User: "Add Telegram as an input channel"
+
+1. Ask: "Should Telegram use the same @Andy trigger, or a different one?"
+2. Ask: "Should Telegram messages create separate conversation contexts, or share with WhatsApp groups?"
+3. Create `src/channels/telegram.ts` implementing the `Channel` interface (see `src/channels/whatsapp.ts`)
+4. Add the channel to `main()` in `src/index.ts`
+5. Tell user how to authenticate and test
diff --git a/.agent/skills/db-analyze/SKILL.md b/.agent/skills/db-analyze/SKILL.md
new file mode 100644
index 0000000..a70760e
--- /dev/null
+++ b/.agent/skills/db-analyze/SKILL.md
@@ -0,0 +1,45 @@
+---
+name: db-analyze
+description: Run ANALYZE on PostgreSQL to update table statistics used by the query planner
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Run analyze"
+  - "Analyze the database"
+  - "Update statistics"
+  - "Query planner stats"
+  - "Slow queries"
+estimated_tokens: 400-600
+---
+
+# db-analyze
+
+Update PostgreSQL query planner statistics. Fast, non-blocking, safe at any time. Usually run after bulk inserts or as part of regular maintenance.
+
+## Usage
+
+```bash
+# Analyze entire database
+bastille cmd db psql -U clawdie -d clawdie_ai_public -c "ANALYZE VERBOSE;"
+
+# Single table
+bastille cmd db psql -U clawdie -d clawdie_ai_public -c "ANALYZE VERBOSE agent_activity;"
+```
+
+## Output
+
+```
+INFO:  analyzing "public.agent_activity"
+INFO:  "agent_activity": scanned 30000 of 30000 pages, containing 15043 live rows
+ANALYZE
+```
+
+## When to Use
+
+- After bulk inserts (embedding generation, log imports)
+- When queries are running slower than expected
+- As part of weekly DBA maintenance
+- After `db-migrate` adds new tables or indexes
+
+## Escalate If
+
+- Analyze reveals severely bloated tables → recommend `db-vacuum` to DBA/CEO
diff --git a/.agent/skills/db-migrate/SKILL.md b/.agent/skills/db-migrate/SKILL.md
new file mode 100644
index 0000000..63e47f8
--- /dev/null
+++ b/.agent/skills/db-migrate/SKILL.md
@@ -0,0 +1,65 @@
+---
+name: db-migrate
+description: Apply pending PostgreSQL schema migrations — always backs up first, reports what changed
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Apply migrations"
+  - "Run migrations"
+  - "Database migration"
+  - "Apply pending schema changes"
+  - "Migrate the database"
+estimated_tokens: 1000-3000
+---
+
+# db-migrate
+
+Apply pending schema migrations to PostgreSQL. **Always creates a backup and ZFS snapshot before running.** Reports exactly what changed.
+
+## Pre-Migration Checklist
+
+Before running migrations, always:
+
+1. Run `backup-db` skill → full dump
+2. Run `zfs-snapshot` skill → `dataset@before-migration`
+3. Check for active connections (avoid migration under load)
+
+## Usage
+
+```bash
+# Check pending migrations (dry run)
+bastille cmd db psql -U clawdie -d clawdie_ai_public \
+  -c "SELECT id, name, applied_at FROM schema_migrations ORDER BY id;"
+
+# Apply migrations (project uses custom migration runner or pg-migrate)
+# Check setup/db.ts for the current migration approach
+```
+
+## Typical Migration Flow
+
+```
+1. Snapshot: zroot/bastille/jails/db@before-migration-2026-04-07
+2. Backup: data/backups/clawdie_ai_public_2026-04-07_pre-migration.dump
+3. Apply: run migration scripts in order
+4. Verify: check table counts, spot-check key tables
+5. Report: "Migration complete. 3 tables altered, 2 indexes added."
+```
+
+## Rollback
+
+If migration fails:
+
+```bash
+# Restore from ZFS snapshot (requires operator approval — data destructive)
+hostd zfs rollback zroot/bastille/jails/db@before-migration-2026-04-07
+```
+
+## When to Use
+
+- Explicit request from CEO or operator
+- Never run autonomously without board approval
+
+## Escalate If
+
+- Migration script has destructive operations (DROP TABLE, etc.) → **always escalate first**
+- Migration takes >30 min → report progress to CEO
+- Any error during migration → stop immediately, escalate
diff --git a/.agent/skills/db-sync-check/SKILL.md b/.agent/skills/db-sync-check/SKILL.md
new file mode 100644
index 0000000..88f2af9
--- /dev/null
+++ b/.agent/skills/db-sync-check/SKILL.md
@@ -0,0 +1,58 @@
+---
+name: db-sync-check
+description: Verify replication lag between local PostgreSQL and Supabase (persistent memory sync)
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Check replication lag"
+  - "Is Supabase in sync"
+  - "Replication status"
+  - "Memory sync status"
+  - "Check sync"
+estimated_tokens: 200-400
+---
+
+# db-sync-check
+
+Check that local PostgreSQL and Supabase are in sync. Verifies replication lag and row counts on key tables.
+
+## Usage
+
+```bash
+# Check local row count
+bastille cmd db psql -U clawdie -d clawdie_ai_public \
+  -c "SELECT COUNT(*) FROM agent_activity;"
+
+# Compare with Supabase (if SUPABASE_URL is set)
+curl -s "${SUPABASE_URL}/rest/v1/agent_activity?select=count" \
+  -H "apikey: ${SUPABASE_KEY}" \
+  -H "Prefer: count=exact" | head -c 200
+
+# Check replication slot lag (if using logical replication)
+bastille cmd db psql -U clawdie -d clawdie_ai_public \
+  -c "SELECT slot_name, active, lag FROM pg_replication_slots;"
+```
+
+## Output
+
+```
+Local agent_activity: 15,043 rows
+Supabase agent_activity: 15,040 rows
+Lag: 3 rows (acceptable — <60s sync interval)
+```
+
+## Acceptable Lag
+
+- < 100 rows: normal
+- 100-1000 rows: elevated, monitor
+- > 1000 rows: alert — investigate replication pipeline
+
+## When to Use
+
+- Weekly DBA check
+- After Supabase connectivity issues
+- After bulk inserts to verify sync is catching up
+
+## Escalate If
+
+- Lag > 1000 rows → escalate to CEO for investigation
+- Replication slot inactive → escalate immediately
diff --git a/.agent/skills/db-vacuum/SKILL.md b/.agent/skills/db-vacuum/SKILL.md
new file mode 100644
index 0000000..3122f9c
--- /dev/null
+++ b/.agent/skills/db-vacuum/SKILL.md
@@ -0,0 +1,56 @@
+---
+name: db-vacuum
+description: Run VACUUM (and optionally ANALYZE) on PostgreSQL tables to reclaim dead row space
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Run vacuum"
+  - "Vacuum the database"
+  - "Vacuum *"
+  - "Reclaim disk space"
+  - "Dead rows cleanup"
+  - "Database maintenance"
+estimated_tokens: 600-900
+---
+
+# db-vacuum
+
+PostgreSQL VACUUM to reclaim space from dead rows. Safe to run on live databases — does not lock tables (VACUUM FULL does, avoid it without operator approval).
+
+## Usage
+
+```bash
+# Standard vacuum (non-blocking, safe on live DB)
+bastille cmd db psql -U clawdie -d clawdie_ai_public -c "VACUUM VERBOSE;"
+
+# Vacuum + analyze (recommended — updates query planner stats)
+bastille cmd db psql -U clawdie -d clawdie_ai_public -c "VACUUM ANALYZE VERBOSE;"
+
+# Single table
+bastille cmd db psql -U clawdie -d clawdie_ai_public -c "VACUUM ANALYZE agent_activity;"
+```
+
+## Output
+
+```
+INFO:  vacuuming "public.agent_activity"
+INFO:  scanned index "agent_activity_pkey" to remove 1842 row versions
+INFO:  "agent_activity": removed 1842 row versions in 23 pages
+INFO:  "agent_activity": found 1842 removable, 15043 nonremovable row versions
+VACUUM
+```
+
+## Do NOT Run
+
+- `VACUUM FULL` — locks the entire table; requires operator approval
+- During high-traffic periods without checking active connections first
+
+## When to Use
+
+- Weekly maintenance (DBA on-demand)
+- After large deletes or updates
+- When `pg_stat_user_tables` shows high `n_dead_tup`
+
+## Escalate If
+
+- Vacuum blocked by long-running query → escalate to CEO (kill query decision)
+- `VACUUM FULL` needed → requires operator approval
diff --git a/.agent/skills/debug/SKILL.md b/.agent/skills/debug/SKILL.md
new file mode 100644
index 0000000..912c5dd
--- /dev/null
+++ b/.agent/skills/debug/SKILL.md
@@ -0,0 +1,282 @@
+---
+name: debug
+description: Debug Clawdie agent issues on the current FreeBSD host runtime. Use when the agent is not responding, the service is crashing, Telegram messages go unanswered, pi subprocesses fail, or when verifying the live runtime shape. Covers host service management, logs, optional jail state, memory DB reachability, and common failure modes.
+---
+
+# Clawdie Agent Debugging (FreeBSD host runtime)
+
+All commands run on the host unless explicitly noted otherwise.
+
+## Scope and source of truth
+
+Use this skill for live runtime diagnosis. Do not use it as the canonical
+architecture explainer. For current runtime defaults, prefer:
+
+- `src/config.ts`
+- `setup/db.ts`
+- `docs/internal/POSTGRES-MEMORY.md`
+- `just doctor`
+
+Do not assume any of the following unless current config proves it:
+
+- a `clawdie-controlplane` jail
+- `10.0.1.2` / `10.0.1.3`
+- `clawdie_brain`
+- a hardcoded pi path like `/opt/npm/bin/pi`
+
+## Current runtime recap
+
+Default runtime today:
+
+- main service: host rc.d service `clawdie`
+- privileged sidecar: host rc.d service `clawdie_hostd`
+- main process: `dist/index.js`
+- main logs: `logs/clawdie.log`, `logs/clawdie.error.log`
+- per-run pi logs: `groups/{folder}/logs/agent-*.log`
+- default database mode: `DB_RUNTIME=host`
+- default DB host for jails: `${SUBNET_BASE}.1`
+
+Optional / install-specific pieces:
+
+- `DB_RUNTIME=jail` uses the `db` jail role from `infra/jails.yaml`
+- current repo jail registry defaults to `10.0.1.0/24`, with `db` on `.5`
+- `PI_TUI_BIN` may override the pi path; otherwise use `command -v pi`
+
+## Log locations
+
+| Log         | Path                                     | Content                                       |
+| ----------- | ---------------------------------------- | --------------------------------------------- |
+| Main app    | `logs/clawdie.log`                       | Startup, Telegram events, scheduler, watchdog |
+| Main errors | `logs/clawdie.error.log`                 | Uncaught exceptions and fatal errors          |
+| Per-run pi  | `groups/{folder}/logs/agent-{runId}.log` | Full pi subprocess output                     |
+| Heartbeat   | `logs/heartbeat.log`                     | Controlplane checks and LLM reachability      |
+| Embed       | `logs/embed-docs.log`                    | Knowledge embedding runs                      |
+
+## 1. Check service status
+
+```bash
+sudo service clawdie status
+sudo service clawdie_hostd status
+pgrep -laf 'node.*/dist/index.js'
+```
+
+If the install explicitly uses `DB_RUNTIME=jail`, check that jail separately:
+
+```bash
+sudo bastille list
+```
+
+## 2. Read logs
+
+```bash
+tail -f logs/clawdie.log
+tail -50 logs/clawdie.error.log
+ls groups/*/logs/agent-*.log | tail -5
+```
+
+When a specific run failed, read the newest per-run log directly:
+
+```bash
+ls -t groups/*/logs/agent-*.log | head -3
+tail -100 groups/main/logs/agent-<runId>.log
+```
+
+## 3. Restart / stop / start
+
+```bash
+sudo service clawdie restart
+sudo service clawdie stop
+sudo service clawdie start
+sudo service clawdie onestart
+```
+
+If hostd itself is suspect:
+
+```bash
+sudo service clawdie_hostd restart
+```
+
+## 4. Common failure modes
+
+### Agent not responding to Telegram
+
+1. Check the main service is running.
+2. Check the bot token exists:
+
+```bash
+grep '^TELEGRAM_BOT_TOKEN=' .env
+```
+
+3. Look for Telegram / Grammy errors:
+
+```bash
+grep -i 'telegram\|grammy\|409\|403' logs/clawdie.log | tail -20
+```
+
+`409 Conflict` usually means two instances are long-polling at once. Check for
+duplicate Node processes before restarting.
+
+### pi subprocess fails or produces no answer
+
+Check the newest per-run log first:
+
+```bash
+ls -t groups/*/logs/agent-*.log | head -3
+tail -100 groups/main/logs/agent-<runId>.log
+```
+
+Then verify the configured pi path rather than assuming one:
+
+```bash
+grep '^PI_TUI_BIN=' .env
+command -v pi
+pi --version
+```
+
+Common causes:
+
+- provider key missing or expired
+- `PI_TUI_BIN` points at a dead path
+- pi process died under memory pressure
+
+For memory pressure signals:
+
+```bash
+dmesg | grep -i 'kill\|oom' | tail -10
+```
+
+### Memory DB unreachable
+
+Check the live DB mode and target first:
+
+```bash
+grep -E '^(DB_RUNTIME|DB_HOST|MEMORY_DB_URL)=' .env
+node -e "import('./dist/config.js').then((m) => console.log(JSON.stringify({ DB_RUNTIME: m.DB_RUNTIME, DB_HOST: m.DB_HOST, MEMORY_DB_NAME: m.MEMORY_DB_NAME }, null, 2)))"
+```
+
+Probe the resolved host:
+
+```bash
+pg_isready -h "$(node -e 'import("./dist/config.js").then((m) => process.stdout.write(m.DB_HOST))')" -p 5432
+```
+
+If `DB_RUNTIME=jail`, verify the optional db jail exists and use its actual
+jail name from `bastille list`:
+
+```bash
+sudo bastille list | grep db
+sudo bastille cmd <db-jail-name> service postgresql status
+```
+
+### Service keeps crashing
+
+Check for rapid restart loops in the log:
+
+```bash
+grep -E 'fatal|error|exit|SIGTERM|SIGKILL' logs/clawdie.log | tail -20
+grep '409\|duplicate\|conflict' logs/clawdie.log | tail -10
+```
+
+Temporarily stop the service to break the loop, fix the root cause, then
+restart.
+
+### Watchdog or controlplane resets the agent
+
+```bash
+grep -i watchdog logs/clawdie.log | tail -10
+grep -i controlplane logs/heartbeat.log | tail -20
+```
+
+### Build broken after a code change
+
+```bash
+npm run build
+just doctor
+```
+
+Restart the service after a successful build if the running process needs to
+pick up new code.
+
+## 5. Quick diagnostic
+
+Prefer the built-in check first:
+
+```bash
+just doctor
+```
+
+If you need a manual snapshot:
+
+```bash
+sudo service clawdie status
+sudo service clawdie_hostd status
+grep -E '^(DB_RUNTIME|DB_HOST|TELEGRAM_BOT_TOKEN|PI_TUI_BIN)=' .env
+tail -10 logs/clawdie.log
+tail -10 logs/clawdie.error.log
+```
+
+## 6. Optional jail shell access
+
+Only for installs that actually use jails for the thing you are debugging:
+
+```bash
+sudo bastille console db
+sudo bastille cmd db service postgresql status
+```
+
+Do not assume a controlplane jail exists.
+
+## 7. Enable debug logging
+
+Set `LOG_LEVEL=debug` in `.env`, then restart:
+
+```bash
+sudo service clawdie restart
+tail -f logs/clawdie.log
+```
+
+## 8. Metrics
+
+The metrics endpoint is exposed by the main runtime:
+
+```bash
+curl -s http://127.0.0.1:9100/metrics | head -20
+curl -s http://127.0.0.1:9100/healthz
+```
+
+Use `/healthz` only as a listener check. Use `just doctor` for actual runtime
+diagnosis.
+
+## 9. Autostart configuration
+
+```bash
+sudo sysrc clawdie_enable
+sudo sysrc clawdie_enable=AUTO
+sudo sysrc clawdie_enable=YES
+sudo sysrc clawdie_enable=NONE
+```
+
+Hostd has its own rcvar:
+
+```bash
+sudo sysrc clawdie_hostd_enable
+```
+
+## 10. Session state
+
+Per-group state lives in `groups/{folder}/`:
+
+```bash
+ls groups/
+ls groups/main/logs/
+ls groups/main/ipc/ 2>/dev/null
+```
+
+Run logs are disposable debugging artifacts:
+
+```bash
+rm -f groups/main/logs/agent-*.log
+```
+
+Do not delete active session files or the whole `groups/` tree while the agent
+is running.
diff --git a/.agent/skills/disk-usage/SKILL.md b/.agent/skills/disk-usage/SKILL.md
new file mode 100644
index 0000000..9cc7e93
--- /dev/null
+++ b/.agent/skills/disk-usage/SKILL.md
@@ -0,0 +1,61 @@
+---
+name: disk-usage
+description: Check disk space on host and inside jails — ZFS pool usage, dataset quotas, free space
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "How much free disk"
+  - "Disk space"
+  - "Check disk"
+  - "Is disk full"
+  - "Storage usage"
+  - "ZFS usage"
+  - "Free up space"
+estimated_tokens: 300-500
+---
+
+# disk-usage
+
+Check disk and ZFS storage usage on the host and inside jails.
+
+## Usage
+
+```bash
+# ZFS pool overview
+zpool status
+zpool list
+
+# Dataset usage and quotas
+zfs list -o name,used,avail,quota,mountpoint
+
+# Specific dataset
+zfs list tank/bastille/jails/db
+
+# Inside a jail
+bastille cmd db df -h
+```
+
+## Output
+
+```
+NAME                          USED  AVAIL  QUOTA  MOUNTPOINT
+zroot                         45G   890G      -   /
+zroot/bastille/jails/db      2.3G    18G    20G   /usr/local/bastille/jails/db/root
+zroot/bastille/jails/cms     5.1G    15G    20G   /usr/local/bastille/jails/cms/root
+```
+
+## Warning Thresholds
+
+- **>80% used:** Report to CEO, non-urgent
+- **>90% used:** Escalate immediately — risk of write failures
+- **Quota exceeded:** Jail may stop accepting writes — urgent
+
+## When to Use
+
+- Daily Sysadmin heartbeat
+- Before running large backups or migrations
+- After receiving low-disk alert
+
+## Escalate If
+
+- Any dataset >90% full → escalate to CEO for capacity decision
+- ZFS pool degraded (DEGRADED status) → escalate immediately
diff --git a/.agent/skills/docs-deployment/CROWDIN-SETUP.md b/.agent/skills/docs-deployment/CROWDIN-SETUP.md
new file mode 100644
index 0000000..c076e97
--- /dev/null
+++ b/.agent/skills/docs-deployment/CROWDIN-SETUP.md
@@ -0,0 +1,363 @@
+# Crowdin Setup Guide
+
+**Objective:** Configure Crowdin project for clawdie-ai documentation translation workflow.
+
+**Time Required:** ~30 minutes
+
+**Prerequisites:**
+
+- GitHub account with push access to clawdie-ai repo
+- Crowdin account (free tier is sufficient)
+
+---
+
+## Step 1: Create Crowdin Project
+
+### 1a. Create on Crowdin
+
+1. Go to https://crowdin.com/
+2. **Sign in** or create a free account
+3. Click **"Create Project"** button
+4. **Project name:** `Clawdie-AI`
+5. **Project identifier:** `clawdie-ai` (this becomes the URL slug)
+6. **Source language:** English
+7. **Target languages:**
+   - Slovenian (sl)
+   - German (de)
+   - French (fr)
+   - Spanish (es)
+8. **Visibility:** Public (optional, but allows community contributions)
+9. Click **"Create"**
+
+### 1b. Note Your Project ID and API Token
+
+After project creation, you'll need:
+
+- **Project ID** (visible in Project Settings → General → Project ID)
+- **Personal API Token** (your Crowdin account → Settings → API Tokens → Create New Token)
+
+---
+
+## Step 2: Connect GitHub
+
+### 2a. Install Crowdin GitHub App
+
+1. Go to: https://github.com/apps/crowdin
+2. Click **"Install"**
+3. Select the organization/account that owns `clawdie-ai`
+4. Grant permissions (repo access, webhooks)
+5. Confirm installation
+
+### 2b. Connect Crowdin Project to GitHub
+
+1. In Crowdin project → **Integrations**
+2. Click **GitHub** tile
+3. **Authorize** with GitHub
+4. **Select repository:** `Clawdie/Clawdie-AI`
+5. **Verify branch:** `main`
+6. Click **"Connect"**
+
+---
+
+## Step 3: Configure File Mapping
+
+### 3a. Upload .crowdin.yml
+
+The `.crowdin.yml` file in the repo root tells Crowdin how to map files:
+
+```yaml
+project_id: YOUR_PROJECT_ID
+api_token_env: CROWDIN_PERSONAL_TOKEN
+base_path: /
+
+files:
+  - source: /docs/**.md
+    dest: /docs/{two_letters_code}
+    translation_update: crowdin_move
+    languages_mapping:
+      two_letters_code:
+        sl: sl
+        de: de
+        fr: fr
+        es: es
+
+commit_message: 'translations: update {language} translations from Crowdin'
+auto_commit: true
+```
+
+**To use:**
+
+1. Edit `.crowdin.yml` in repo root
+2. Replace `YOUR_PROJECT_ID` with your Crowdin project ID
+3. Commit and push to `main`
+4. Crowdin will automatically use this config
+
+### 3b. Trigger Initial Sync
+
+1. In Crowdin project → **GitHub Integration**
+2. Click **"Sync Now"** (or wait for webhook)
+3. All `.md` files from `docs/` will be pulled as source strings
+
+---
+
+## Step 4: Add Crowdin API Token as GitHub Secret
+
+This allows GitHub Actions (optional) to integrate with Crowdin:
+
+### 4a. Create GitHub Secret
+
+1. Go to GitHub repo → **Settings** → **Secrets and variables** → **Actions**
+2. Click **"New repository secret"**
+3. **Name:** `CROWDIN_PERSONAL_TOKEN`
+4. **Value:** Your Crowdin Personal API Token (from Step 1b)
+5. Click **"Add secret"**
+
+### 4b. Alternative: Set Environment Variable on Host
+
+If using cron instead of GitHub Actions:
+
+```bash
+# On FreeBSD host (where docs-sync.cron.sh runs)
+# Add to /root/.bashrc or /root/.zshrc:
+
+export CROWDIN_PERSONAL_TOKEN="your_token_here"
+
+# Or set in crontab:
+CROWDIN_PERSONAL_TOKEN=your_token_here
+0 5 * * * /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh
+```
+
+---
+
+## Step 5: Test the Workflow
+
+### 5a. Commit a Test English String
+
+```bash
+cd /home/clawdie/clawdie-ai
+
+# Create a test doc
+cat > docs/TEST-TRANSLATION.md <<'EOF'
+# Translation Test
+
+This is a test document for Crowdin integration.
+
+## Content
+
+Please translate me!
+EOF
+
+git add docs/TEST-TRANSLATION.md
+git commit -m "docs: Add test translation document"
+git push origin main
+```
+
+### 5b. Verify Crowdin Received It
+
+1. Go to Crowdin project
+2. Check **Dashboard** or **Files** tab
+3. You should see `TEST-TRANSLATION.md` as a new source file
+4. All strings should be available for translation
+
+### 5c. Test Translation (Manual)
+
+1. In Crowdin, go to **Files** → `TEST-TRANSLATION.md`
+2. Click on **German (de)**
+3. Translate the strings manually (just for testing)
+4. Mark the file as **100% reviewed**
+
+### 5d. Verify Translation Commit
+
+1. Wait ~5 minutes or trigger sync in Crowdin UI
+2. Check GitHub repo
+3. Look for a new commit from **crowdin[bot]** with:
+   - File: `docs/de/TEST-TRANSLATION.md`
+   - Content: Your German translation
+
+### 5e. Verify Compile
+
+```bash
+# On FreeBSD host (or locally):
+cd /home/clawdie/clawdie-ai
+
+# Test docs-compile.sh with German
+./scripts/docs-compile.sh --language de /tmp/test-output/
+
+# Check output
+ls /tmp/test-output/docs-v*/de/
+# Should see: test-translation.html
+```
+
+---
+
+## Step 6: Enable Translators
+
+### 6a. Invite Team Members
+
+1. In Crowdin project → **Members**
+2. Click **"Invite Members"**
+3. Add email addresses of translators
+4. Assign them to languages (de, fr, es, sl)
+5. Send invitations
+
+### 6b. Set Up Machine Translation (Optional)
+
+For faster initial translations:
+
+1. Project → **Automation**
+2. Enable **Machine Translation** (if available in your plan)
+3. Choose provider (Microsoft Translator, Google Translate, etc.)
+4. Set languages to use machine translation by default
+
+---
+
+## Step 7: Schedule Daily Sync
+
+### Option A: Using Cron (Recommended for FreeBSD)
+
+On the deployed host:
+
+```bash
+# Create cron job (runs daily at 05:00 UTC)
+0 5 * * * /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh
+
+# Verify cron log
+tail -f /var/log/clawdie-docs-sync.log
+```
+
+**What it does:**
+
+1. `git pull` — fetches Crowdin bot commits
+2. `docs-compile.sh --languages sl,en,de,fr,es` — compiles all languages
+3. Symlink swap — zero-downtime deployment
+4. Cleanup — deletes versions older than 30 days
+
+### Option B: GitHub Actions (Optional)
+
+Create `.github/workflows/crowdin-sync.yml`:
+
+```yaml
+name: Crowdin Sync
+on:
+  schedule:
+    - cron: '0 5 * * *'  # 05:00 UTC
+  workflow_dispatch:  # Allow manual trigger
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Download translations from Crowdin
+        uses: crowdin/github-action@v1
+        with:
+          upload_sources: false
+          download_translations: true
+        env:
+          CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
+          CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
+```
+
+---
+
+## Troubleshooting
+
+### Crowdin Not Pulling from GitHub
+
+**Symptoms:** Commit new English doc, but Crowdin doesn't see it.
+
+**Check:**
+
+1. ✅ GitHub Crowdin app is installed in repo
+2. ✅ `.crowdin.yml` exists and is correctly formatted
+3. ✅ Crowdin project ID matches in `.crowdin.yml`
+4. ✅ Check Crowdin → Integrations → GitHub → Logs
+
+**Fix:**
+
+```bash
+# Manual trigger (if you have API token):
+curl -X POST https://api.crowdin.com/api/v2/projects/{projectId}/remote-files/sync \
+  -H "Authorization: Bearer $CROWDIN_PERSONAL_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"targetLanguageIds": ["sl", "de", "fr", "es"]}'
+```
+
+### GitHub Not Receiving Crowdin Commits
+
+**Symptoms:** Crowdin shows 100% translated, but no commit appears in GitHub.
+
+**Check:**
+
+1. ✅ `auto_commit: true` in `.crowdin.yml`
+2. ✅ Crowdin bot has write access (check GitHub → Settings → Collaborators)
+3. ✅ Language is set to 100% reviewed (not just translated)
+
+**Fix:**
+
+1. In Crowdin → **Files**, click **language (de)**
+2. Select all strings → **Mark as reviewed**
+3. Wait 5 minutes, check GitHub commits
+
+### .crowdin.yml Not Being Recognized
+
+**Symptoms:** Crowdin says "No files configured" even though `.crowdin.yml` is in repo.
+
+**Check:**
+
+1. ✅ File is in repo root (`/home/clawdie/clawdie-ai/.crowdin.yml`)
+2. ✅ File is committed and pushed to `main`
+3. ✅ Crowdin project ID in file matches actual project
+
+**Fix:**
+
+1. Push `.crowdin.yml` to main
+2. In Crowdin → Settings → Import Configuration
+3. Check "Use configuration file from repository"
+4. Click "Update"
+
+---
+
+## Security
+
+### Protect Your API Token
+
+❌ **Never commit** `CROWDIN_PERSONAL_TOKEN` to Git
+✅ **Use GitHub Secrets** for CI/CD
+✅ **Use environment variables** on host machine
+✅ **Rotate tokens** if exposed
+
+### Crowdin Bot Permissions
+
+The Crowdin GitHub app needs:
+
+- ✅ Read access to your repo (pull source files)
+- ✅ Write access to your repo (commit translations)
+- ✅ Webhook access (react to GitHub events)
+
+These are standard and safe. Revoke if Crowdin is no longer used.
+
+---
+
+## Next Steps
+
+1. ✅ Project created on Crowdin
+2. ✅ GitHub connected via app
+3. ✅ `.crowdin.yml` configured
+4. ✅ Test workflow verified
+5. ✅ Translators invited
+6. ✅ Daily sync scheduled
+7. 📚 **Ready for production translation workflow!**
+
+---
+
+## Support
+
+- **Crowdin Docs:** https://support.crowdin.com/
+- **GitHub Crowdin App:** https://github.com/apps/crowdin
+- **clawdie-ai Crowdin Project:** https://crowdin.com/project/clawdie-ai
+- **Translation Workflow:** See `CROWDIN.md` (root of repo)
+- **Integration Guide:** `.agent/skills/docs-deployment/INTEGRATION.md`
diff --git a/.agent/skills/docs-deployment/INTEGRATION.md b/.agent/skills/docs-deployment/INTEGRATION.md
new file mode 100644
index 0000000..db0c8d1
--- /dev/null
+++ b/.agent/skills/docs-deployment/INTEGRATION.md
@@ -0,0 +1,488 @@
+# Clawdie-AI: Build to Deployment Integration Guide
+
+**Phase:** 3.0+
+**Status:** Cross-repo reference (clawdie-ai + clawdie-shell)
+**Created:** 24.mar.2026
+
+---
+
+## Overview
+
+This guide shows how **clawdie-shell** (ISO building) and **clawdie-ai** (deployment & operations) work together to deliver Clawdie-AI as a complete stack.
+
+```
+clawdie-shell (Build)          clawdie-ai (Deploy)
+─────────────────────────────────────────────────────────
+build-iso skill          →      docs-deployment skill
+build.sh (orchestrate)   →      docs-sync.cron.sh
+firstboot.sh (provision) →      nginx (serve)
+shell-*.sh modules       →      Live system
+```
+
+---
+
+## The Journey: Build → Deploy → Serve
+
+### Phase 1: ISO Creation (clawdie-shell repo)
+
+**Where:** `clawdie-shell/`
+**Skill:** `build-iso`
+**What happens:**
+
+```bash
+cd /home/clawdie/clawdie-shell
+
+# Trigger build
+npm run build-iso
+
+# What build-iso does:
+# 1. Clones clawdie-iso from git jail
+# 2. Runs build.sh with cloud/baremetal variants
+# 3. Injects config (--target cloud, --domain, --tz, etc.)
+# 4. Creates versioned ISO: clawdie-iso-cloud-24.mar.2026.img
+# 5. Publishes to https://clawdie.si/downloads/
+```
+
+**Output:**
+
+```
+clawdie-iso-cloud-24.mar.2026.img        (cloud VPS variant)
+clawdie-iso-amd-24.mar.2026.img          (baremetal AMD GPU)
+clawdie-iso-intel-24.mar.2026.img        (baremetal Intel GPU)
+clawdie-iso-baremetal-24.mar.2026.img    (auto-detect)
+```
+
+**Baked into ISO:**
+
+- `build.cfg` — TARGET, ASSISTANT_NAME, AGENT_DOMAIN, TZ, SSH_PUBLIC_KEY, etc.
+- `scripts/docs-compile.sh` — markdown → HTML compiler
+- `scripts/docs-sync.cron.sh` — daily sync orchestrator
+- Shell modules — gpu.sh, pkg.sh, env.sh, deploy.sh, etc.
+
+---
+
+### Phase 2: ISO Boot & Firstboot (FreeBSD host)
+
+**Where:** User downloads ISO and boots on target hardware
+**Scripts:** `firstboot.sh` + shell modules (in ISO payload)
+**What happens:**
+
+```
+User boots ISO
+     ↓
+bsddialog wizard (baremetal only)
+├─ Basic config (name, domain, timezone)
+├─ ZFS RAID selection
+├─ Backup destination (optional)
+└─ Review + confirm
+     ↓
+firstboot.sh orchestrator runs:
+├─ clawdie-shell-gpu.sh       (GPU detection, cloud: skips)
+├─ clawdie-shell-nvidia.sh    (NVIDIA setup if needed)
+├─ clawdie-shell-pkg.sh       (Package repo config, offline cache)
+├─ clawdie-shell-env.sh       (Generate .env with secrets)
+├─ clawdie-shell-system.sh    (hostname, rc.conf, services)
+└─ clawdie-shell-deploy.sh    (Extract tarball, npm install, jails)
+     ↓
+System boots into FreeBSD with:
+✓ Jails configured
+✓ Services running
+✓ Documentation source in docs/
+✓ Deployment scripts ready
+✓ API keys in .env (blank, ready for web UI)
+```
+
+---
+
+### Phase 3: Host-Level Operations (clawdie-ai repo)
+
+**Where:** `/home/clawdie/clawdie-ai/` (on deployed host)
+**Skill:** `docs-deployment`
+**What happens:**
+
+#### 3a. Author writes documentation
+
+```bash
+cd /home/clawdie/clawdie-ai
+
+# Write English docs
+vim docs/public/install/install.md
+git add docs/public/install/install.md
+git commit -m "docs: Add installation guide"
+git push origin main
+
+# Crowdin webhook detects change
+# Translators start working
+```
+
+#### 3b. Crowdin syncs translations
+
+```
+Crowdin auto-fetches (webhook)
+     ↓
+Translators work (crowdin.com/project/clawdie-ai)
+     ↓
+Translations complete (24-48 hours)
+     ↓
+Crowdin auto-commits:
+  docs/de/INSTALL.md (German)
+  docs/fr/INSTALL.md (French)
+  docs/es/INSTALL.md (Spanish)
+     ↓
+Git pulls on host
+```
+
+#### 3c. Daily sync @ 05:00 UTC (cron)
+
+```bash
+# docs-sync.cron.sh runs automatically
+
+1. git pull
+   ✓ Gets latest markdown + translations
+
+2. docs-compile.sh --languages en,de,fr,es
+   ✓ Compiles all languages to versioned dirs:
+     docs-v0.9.0_24.mar.2026/
+     ├─ en/ (29 HTML files)
+     ├─ de/ (29 HTML files)
+     ├─ fr/ (29 HTML files)
+     └─ es/ (29 HTML files)
+
+3. Validate output
+   ✓ Check all language indexes exist
+   ✓ Verify HTML structure
+
+4. Atomic symlink swap (zero-downtime)
+   en-current → docs-v0.9.0_24.mar.2026/en/
+   de-current → docs-v0.9.0_24.mar.2026/de/
+   fr-current → docs-v0.9.0_24.mar.2026/fr/
+   es-current → docs-v0.9.0_24.mar.2026/es/
+
+5. nginx reload
+   ✓ Serves new docs (no downtime)
+
+6. Cleanup
+   ✓ Delete versions older than 30 days
+   ✓ Update metadata
+```
+
+#### 3d. Users access documentation
+
+```
+Browser: https://docs.clawdie.si/
+     ↓
+Language selector (root page)
+     ↓
+User picks language: /en/, /de/, /fr/, /es/
+     ↓
+Nginx resolves symlink:
+  en-current → docs-v0.9.0_24.mar.2026/en/
+     ↓
+User sees English docs (compiled from markdown)
+     ↓
+Zero-downtime updates:
+  - Author commits docs in clawdie-ai
+  - Cron syncs automatically @ 05:00 UTC
+  - Symlink swaps (no 404s, no downtime)
+```
+
+---
+
+## Key Integration Points
+
+### 1. ISO Payload Contains Deployment Scripts
+
+**In clawdie-shell build.sh:**
+
+```bash
+# Inject deployment scripts into ISO
+cp /home/clawdie/clawdie-ai/scripts/docs-compile.sh \
+   /mnt/media/scripts/
+cp /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh \
+   /mnt/media/scripts/
+```
+
+**In firstboot.sh:**
+
+```bash
+# Scripts are available on first boot
+/usr/local/share/clawdie-iso/scripts/docs-compile.sh --help
+/usr/local/share/clawdie-iso/scripts/docs-sync.cron.sh
+```
+
+### 2. build.cfg Bridges Both Repos
+
+**In clawdie-shell (build-time):**
+
+```bash
+# build.cfg is baked into ISO
+TARGET="cloud"           # cloud | baremetal
+ASSISTANT_NAME="natasha" # pre-configured
+AGENT_DOMAIN="natasha.internal"
+TZ="Europe/Ljubljana"
+```
+
+**In clawdie-ai (runtime):**
+
+```bash
+# scripts/docs-compile.sh and docs-sync.cron.sh read LANGUAGES
+# Slovenian is primary (prototype default), others follow
+LANGUAGES="sl,en,de,fr,es"  # Slovenian primary, then English, German, French, Spanish
+# Can be overridden by build.cfg or environment for cloud builds:
+# LANGUAGES="sl,en"  # Cloud: Slovenian primary + English only
+```
+
+### 3. Crowdin ↔ Documentation Sync
+
+**Source of truth:** `clawdie-ai` repo (markdown)
+
+```
+docs/public/install/install.md (English) ──→ Crowdin ──→ docs/sl/INSTALL.md (Slovenian primary)
+                                        ├→ docs/de/INSTALL.md (German)
+                                        ├→ docs/fr/INSTALL.md (French)
+                                        └→ docs/es/INSTALL.md (Spanish)
+```
+
+**Deployment:** Both repos pull from clawdie-ai
+
+```
+clawdie-shell (build-iso)
+  ├─ References clawdie-ai/docs/ for docs in ISO?
+  └─ Or: Operators maintain separate docs for ISO releases
+
+clawdie-ai (docs-deployment)
+  ├─ Compiles docs/ to HTML
+  ├─ Deploys daily @ 05:00 UTC
+  └─ Crowdin keeps languages in sync
+```
+
+---
+
+## Workflow Scenarios
+
+### Scenario 1: Release a New ISO (clawdie-shell)
+
+```
+Operator in clawdie-shell repo:
+
+1. Update build.cfg with new version
+2. Run: npm run build-iso
+3. build-iso skill:
+   ├─ Clones clawdie-iso
+   ├─ Runs build.sh
+   ├─ Injects docs scripts (from clawdie-ai)
+   ├─ Creates ISO: clawdie-iso-cloud-24.mar.2026.img
+   └─ Publishes to https://clawdie.si/downloads/
+
+4. Users download and boot ISO
+```
+
+### Scenario 2: Update Documentation (clawdie-ai)
+
+```
+Author in clawdie-ai repo:
+
+1. Write English docs: docs/public/install/install.md
+2. Commit & push
+3. Crowdin detects (webhook)
+4. Translators work (24-48 hours)
+5. Crowdin commits: docs/de/, docs/fr/, docs/es/
+6. Cron @ 05:00 UTC:
+   ├─ git pull (gets translations)
+   ├─ Compile all languages
+   ├─ Symlink swap (zero-downtime)
+   └─ nginx reload
+
+7. Users see updated docs in all languages
+```
+
+### Scenario 3: Add New Language to Docs
+
+```
+Process:
+
+1. Admin adds language to Crowdin project
+   crowdin.com/project/clawdie-ai → Add: Italian (it)
+
+2. Author adds to docs-sync.cron.sh:
+   LANGUAGES="en,de,fr,es,it"
+
+3. Crowdin auto-syncs translations to docs/it/
+
+4. Next cron run (05:00 UTC):
+   ├─ Compile includes Italian
+   ├─ Create: docs-v0.9.0_24.mar.2026/it/
+   └─ Symlink: it-current → docs-v0.9.0_24.mar.2026/it/
+
+5. Nginx location block added (manually or via template):
+   location /it/ { ... }
+
+6. Users access: https://docs.clawdie.si/it/
+```
+
+---
+
+## Dependency Chain
+
+```
+clawdie-shell (Build)
+├─ build-iso skill
+├─ build.sh
+│  └─ Fetches from clawdie-iso repo
+│     └─ Contains: firstboot.sh + shell-*.sh modules
+│  └─ Injects into ISO:
+│     ├─ build.cfg (TARGET, ASSISTANT_NAME, etc.)
+│     ├─ docs-compile.sh (from clawdie-ai)
+│     ├─ docs-sync.cron.sh (from clawdie-ai)
+│     └─ shell-*.sh modules
+│
+└─ Output: clawdie-iso-{cloud,amd,baremetal}-24.mar.2026.img
+   └─ Users download & boot
+       └─ firstboot.sh runs shell modules
+           └─ System boots with deployment scripts ready
+
+clawdie-ai (Deploy)
+├─ docs-deployment skill
+├─ docs-compile.sh (used in ISO and on host)
+├─ docs-sync.cron.sh (runs daily @ 05:00 UTC on host)
+├─ Crowdin integration (markdown → translations)
+│  └─ docs/ + docs/de/, docs/fr/, docs/es/
+│
+└─ Output: Zero-downtime documented system
+   └─ Users access: https://docs.clawdie.si/{en,de,fr,es}/
+```
+
+---
+
+## File Cross-References
+
+### clawdie-shell must know about:
+
+- `clawdie-ai/scripts/docs-compile.sh` — Injected into ISO
+- `clawdie-ai/scripts/docs-sync.cron.sh` — Injected into ISO
+- `clawdie-ai/docs/` — Source of truth for documentation
+- `clawdie-ai/.agent/skills/docs-deployment/` — Integration guide (this file)
+
+### clawdie-ai must know about:
+
+- `clawdie-shell/skills/build-iso/` — How ISOs are created
+- `clawdie-shell/build.sh` — What gets baked into ISO
+- `clawdie-shell/build.cfg` — Template for cloud/baremetal variants
+
+### Both repos reference:
+
+- `clawdie-iso/` — FreeBSD ISO build system (not in this guide, external)
+- `crowdin.com/project/clawdie-ai` — Translation management
+
+---
+
+## Deployment Architectures
+
+### Cloud Deployment (VPS)
+
+```
+1. User downloads: clawdie-iso-cloud-24.mar.2026.img
+2. Boots in VPS (no GUI, headless)
+3. Firstboot runs:
+   ├─ Cloud preset (no GPU detection, no bsddialog)
+   ├─ All values pre-baked (ASSISTANT_NAME, DOMAIN, TZ)
+   ├─ System configures fully automated
+   └─ Ready for API key injection via web UI
+4. Documentation:
+   └─ docs-sync.cron.sh @ 05:00 UTC
+      ├─ English only (cloud: reduced languages)
+      └─ Zero-downtime updates
+
+Docs serve: https://docs.natasha.internal/en/
+```
+
+### Baremetal Deployment (Physical Hardware)
+
+```
+1. User downloads: clawdie-iso-amd-24.mar.2026.img (GPU-specific)
+2. Boots on physical hardware (with GUI desktop)
+3. Firstboot runs:
+   ├─ Interactive wizard (bsddialog)
+   ├─ User selects: name, domain, timezone, ZFS RAID config
+   ├─ GPU auto-detected (AMD/Intel/NVIDIA)
+   ├─ System configures interactively
+   └─ Desktop available for API key entry (browser)
+4. Documentation:
+   └─ docs-sync.cron.sh @ 05:00 UTC
+      ├─ All languages (en, de, fr, es)
+      └─ Zero-downtime updates
+
+Docs serve: https://docs.natasha.internal/en/ (default)
+          or /de/, /fr/, /es/ (via language selector)
+```
+
+---
+
+## Version Timeline
+
+### v0.9.0 Release (Target)
+
+**clawdie-shell:**
+
+- ✅ build-iso skill (publish ISO)
+- ✅ Cloud vs baremetal variants
+- ✅ SSH key + password configuration
+- ✅ ZFS RAID selection
+
+**clawdie-ai:**
+
+- ✅ docs-deployment skill
+- ✅ Multi-language (en, de, fr, es)
+- ✅ Crowdin integration ready
+- ✅ Zero-downtime deployment
+- ✅ 30-day version retention
+
+**Together:**
+
+- ✅ Complete ISO → deployment pipeline
+- ✅ Build (clawdie-shell) → Deploy (clawdie-ai)
+- ✅ Documentation in 4 languages
+- ✅ Automated daily sync @ 05:00 UTC
+
+---
+
+## Quick Links
+
+**clawdie-shell:**
+
+- `.agent/skills/build-iso/SKILL.md` — ISO building
+- `build.sh` — Build orchestrator
+- `build.cfg` — Build configuration
+
+**clawdie-ai:**
+
+- `.agent/skills/docs-deployment/SKILL.md` — This skill ⬅️
+- `scripts/docs-compile.sh` — Markdown → HTML
+- `scripts/docs-sync.cron.sh` — Daily sync orchestrator
+- `CROWDIN.md` — Translation workflow
+- `docs/DOCUMENTATION-SYNC-RUNBOOK.md` — Operator manual
+
+**External:**
+
+- Crowdin: https://crowdin.com/project/clawdie-ai
+- ISO Downloads: https://clawdie.si/downloads/
+- Docs: https://docs.clawdie.si/
+
+---
+
+## Questions & Support
+
+**For ISO building issues:** See `clawdie-shell/.agent/skills/build-iso/SKILL.md`
+
+**For documentation deployment:** See `clawdie-ai/.agent/skills/docs-deployment/SKILL.md`
+
+**For troubleshooting:** See `clawdie-ai/docs/DOCUMENTATION-SYNC-RUNBOOK.md`
+
+**For translation workflow:** See `clawdie-ai/CROWDIN.md`
+
+**For Crowdin setup (admin):** See `clawdie-ai/.agent/skills/docs-deployment/CROWDIN-SETUP.md`
+
+---
+
+**Last Updated:** 24.mar.2026
+**Phase:** 3.5 (Crowdin integration — Phase 3.0 foundation complete, ready for v0.9.0 release)
diff --git a/.agent/skills/docs-deployment/SKILL.md b/.agent/skills/docs-deployment/SKILL.md
new file mode 100644
index 0000000..5d33726
--- /dev/null
+++ b/.agent/skills/docs-deployment/SKILL.md
@@ -0,0 +1,430 @@
+---
+name: docs-deployment
+description: |
+  Manage multi-language documentation deployment on FreeBSD host.
+  Handles Crowdin integration, markdown compilation, symlink-based
+  zero-downtime deployment, and nginx language routing.
+
+  Use when: setting up docs.clawdie.si, multi-language support,
+  Crowdin integration, documentation deployment, language routing,
+  translation workflow, documentation monitoring.
+---
+
+# Documentation Deployment System
+
+**Phase:** 3.0+
+**Status:** Production-ready (v0.9.0+)
+**Created:** 24.mar.2026
+
+---
+
+## Overview
+
+This skill covers the **host-level documentation deployment system** for Clawdie-AI.
+
+Handles multi-language markdown→HTML compilation, Crowdin translation integration, zero-downtime symlink-based deployments, and automated daily syncing @ 05:00 UTC.
+
+**Not in scope:** CMS jail nginx (see `nginx` skill for cms jail vhost management)
+
+---
+
+## Architecture at a Glance
+
+```
+Source (git)              Compilation           Deployment              Serving
+─────────────────────────────────────────────────────────────────────────────────
+docs/public/install/install.md ──→ docs-compile.sh ──→ docs-v0.9.0_24.mar.2026/ ──→ nginx
+docs/de/INSTALL.md        (28 files)        ├─ en/ (symlink)         /en/
+docs/fr/INSTALL.md        (4 langs)         ├─ de/ (symlink)         /de/
+docs/es/INSTALL.md                         ├─ fr/ (symlink)         /fr/
+                                            └─ es/ (symlink)         /es/
+     ↓
+Crowdin auto-syncs translations
+(crowdin.com/project/clawdie-ai)
+     ↓
+docs-sync.cron.sh @ 05:00 UTC
+├─ git pull
+├─ compile (all 4 languages)
+├─ atomic symlink swap (zero-downtime)
+├─ nginx reload
+└─ cleanup (30-day retention)
+```
+
+---
+
+## Key Components
+
+### 1. Markdown Source (Git)
+
+- **English source:** `docs/*.md` (you maintain)
+- **Translations:** `docs/de/*.md`, `docs/fr/*.md`, `docs/es/*.md` (Crowdin maintains)
+- **Single source of truth:** English markdown is authoritative
+- **Git strategy:** Markdown committed, HTML never committed
+
+**Locations:**
+
+```
+/home/clawdie/clawdie-ai/docs/
+├─ INSTALL.md (English)
+├─ REQUIREMENTS.md (English)
+├─ de/
+│  ├─ INSTALL.md (German — auto-synced by Crowdin)
+│  └─ REQUIREMENTS.md
+├─ fr/
+│  ├─ INSTALL.md (French)
+│  └─ REQUIREMENTS.md
+└─ es/
+   ├─ INSTALL.md (Spanish)
+   └─ REQUIREMENTS.md
+```
+
+### 2. Compilation Pipeline (docs-compile.sh)
+
+- **Input:** Markdown files from `docs/` (filtered by `.docignore`)
+- **Output:** Versioned HTML directories `docs-v0.9.0_24.mar.2026/{en,de,fr,es}/`
+- **Features:**
+  - No external dependencies (pure shell, no pandoc/markdown packages needed)
+  - Filters internal/sensitive docs via `.docignore`
+  - Auto-generates language-specific indexes
+  - Version naming: `docs-v{SEMVER}_{DD.mon.YYYY}` (user-friendly Slovenian date format)
+  - Supports any number of languages
+
+**Usage:**
+
+```bash
+# Single language (backward compatible)
+scripts/docs-compile.sh --semver 0.9.0 /usr/local/www/docs.clawdie.si/
+
+# Multi-language
+scripts/docs-compile.sh --semver 0.9.0 --languages en,de,fr,es \
+    /usr/local/www/docs.clawdie.si/
+```
+
+**Performance:** ~10s for 4 languages, 28 markdown files
+
+### 3. Sync Orchestrator (docs-sync.cron.sh)
+
+- **Runs:** Daily @ 05:00 UTC via cron
+- **Steps:**
+  1. Git pull (fetch latest markdown + translations from Crowdin)
+  2. Compile markdown → HTML (all languages)
+  3. Validate output (check all language indexes exist)
+  4. **Atomic symlink swap** (zero-downtime deployment)
+  5. Nginx reload (serve new content)
+  6. Cleanup old versions (30-day retention)
+
+**Execution time:** ~15-20s total
+
+### 4. Symlink-Based Deployment
+
+- **Strategy:** Atomic swaps for zero-downtime updates
+- **How it works:**
+
+  ```bash
+  # Before swap
+  en-current → docs-v0.9.0_20260317/en/  (old version)
+
+  # Atomic swap (ln -sfn is atomic on modern filesystems)
+  ln -sfn docs-v0.9.0_24.mar.2026/en en-current
+
+  # After swap
+  en-current → docs-v0.9.0_24.mar.2026/en/  (new version)
+
+  # Total downtime: < 1 millisecond
+  ```
+
+- **Rollback:** Also < 1 second (just repoint symlink to previous version)
+- **Retention:** Keep 30 days of versions (~60MB for 3 versions)
+
+### 5. Crowdin Integration
+
+- **Project:** https://crowdin.com/project/clawdie-ai
+- **Workflow:**
+  1. You write English docs (docs/\*.md)
+  2. Crowdin auto-fetches via GitHub webhook
+  3. Translators work in Crowdin UI (no git knowledge needed)
+  4. Crowdin auto-commits translations (docs/de/, docs/fr/, etc.)
+  5. Cron pulls translations automatically
+
+- **No manual file editing:** Translations are managed by Crowdin, not manually
+- **Translation memory:** Crowdin reuses past translations for consistency
+- **Community:** Open to community translators
+
+### 6. Nginx Configuration
+
+- **Vhost:** `/usr/local/etc/nginx/vhosts/docs.clawdie.si.conf`
+- **Language routing:**
+
+  ```nginx
+  location /en/ { try_files $uri /en/index.html; }  # English
+  location /de/ { try_files $uri /de/index.html; }  # German
+  location /fr/ { try_files $uri /fr/index.html; }  # French
+  location /es/ { try_files $uri /es/index.html; }  # Spanish
+  location = / { return 301 /en/; }                 # Default to English
+  ```
+
+- **Symlink following:** Nginx follows symlinks (en-current, de-current, etc.)
+- **Language selector:** Root URL (`docs.clawdie.si/`) shows language picker
+
+---
+
+## Deployment Checklist
+
+```bash
+# 1. Crowdin Setup (manual, 15 min)
+[ ] Create account: https://crowdin.com
+[ ] Create project: "Clawdie-AI"
+[ ] Connect GitHub (OAuth)
+[ ] Add languages: de, fr, es
+[ ] Configure file mappings:
+    Source: /docs/*.md
+    German: /docs/de/%filename%
+    French: /docs/fr/%filename%
+    Spanish: /docs/es/%filename%
+
+# 2. Repository Structure (10 min)
+[ ] mkdir -p docs/{de,fr,es}
+[ ] Add to .gitignore (language dirs auto-synced by Crowdin)
+[ ] Create CROWDIN.md (workflow guide)
+[ ] Update .docignore (filter language dirs from English build)
+
+# 3. Code Modifications (3 hours with testing)
+[ ] Modify docs-compile.sh (add --languages flag)
+[ ] Modify docs-sync.cron.sh (language-aware sync)
+[ ] Test: sh docs-compile.sh --languages en,de,fr tmp/test
+[ ] Verify: ls -la tmp/test/docs-v*/en/ /de/ /fr/
+
+# 4. Nginx Configuration (20 min)
+[ ] Update docs.clawdie.si.conf (language locations)
+[ ] Create language selector HTML (root page)
+[ ] Test: sudo nginx -t && sudo service nginx reload
+[ ] Verify: curl https://docs.clawdie.si/{en,de,fr}
+
+# 5. Testing (1 hour)
+[ ] Manual compile test
+[ ] Nginx routing test
+[ ] Crowdin integration test (commit test file, wait for sync)
+[ ] Symlink swap test
+[ ] Rollback test
+
+# 6. Git Commits (10 min)
+[ ] 6 commits (structure, compile.sh, sync.sh, nginx, docs, metadata)
+[ ] Push to origin
+```
+
+---
+
+## Quick Reference
+
+| Task                       | Command                                                                                               | Time      |
+| -------------------------- | ----------------------------------------------------------------------------------------------------- | --------- |
+| **Check sync status**      | `tail -f /var/log/clawdie-docs-sync.log`                                                              | Real-time |
+| **View current version**   | `ls -l /usr/local/www/docs.clawdie.si/en-current`                                                     | Instant   |
+| **Manual compile**         | `scripts/docs-compile.sh --languages en,de,fr /usr/local/www/docs.clawdie.si/`                        | ~10s      |
+| **Trigger immediate sync** | `sudo scripts/docs-sync.cron.sh`                                                                      | ~15-20s   |
+| **Instant rollback**       | `ln -sfn docs-v0.9.0_20260317 /usr/local/www/docs.clawdie.si/en-current && sudo service nginx reload` | <1s       |
+| **List versions**          | `ls -lt /usr/local/www/docs.clawdie.si/docs-v* \| head -3`                                            | Instant   |
+
+---
+
+## Common Tasks
+
+### Publishing New Documentation
+
+```bash
+cd /home/clawdie/clawdie-ai
+
+# Write English doc
+vim docs/MY-FEATURE.md
+git add docs/MY-FEATURE.md
+git commit -m "docs: Add MY-FEATURE guide"
+git push origin main
+
+# Crowdin detects change (webhook)
+# Translators translate (within 24 hours)
+# Cron syncs automatically (05:00 UTC next day)
+# Users see docs in all languages (zero-downtime)
+```
+
+### Excluding Docs from Public Sites
+
+Files matching `.docignore` patterns are NOT deployed:
+
+```bash
+# Current filters (docs/.docignore)
+cat /home/clawdie/clawdie-ai/docs/.docignore
+
+# Examples:
+#   POSTGRES-MEMORY.md (internal notes)
+#   *-INTERNAL.md (internal docs)
+#   */private/* (private directories)
+```
+
+To exclude new content:
+
+```bash
+echo "*-DRAFT.md" >> /home/clawdie/clawdie-ai/docs/.docignore
+
+# File will be in git but NOT synced to public sites
+```
+
+### Instant Rollback
+
+If new version is broken:
+
+```bash
+# Find previous working version
+ls -lt /usr/local/www/docs.clawdie.si/docs-v* | head -3
+
+# Revert to previous
+sudo ln -sfn docs-v0.9.0_20260317 /usr/local/www/docs.clawdie.si/en-current
+sudo ln -sfn docs-v0.9.0_20260317 /usr/local/www/docs.clawdie.si/de-current
+# ... (for all languages)
+
+# Reload nginx
+sudo service nginx reload
+
+# Total time: < 1 second
+```
+
+### Monitor Sync Health
+
+```bash
+# Last sync timestamp
+jq '.last_sync' /home/clawdie/clawdie-ai/docs/.sync-metadata.json
+
+# Current versions deployed
+ls -l /usr/local/www/docs.clawdie.si/{en,de,fr,es}-current
+
+# Sync logs (watch real-time)
+tail -f /var/log/clawdie-docs-sync.log
+
+# Check for broken symlinks
+find /usr/local/www/docs.clawdie.si -maxdepth 1 -type l ! -exec test -d {} \; -print
+# Should be empty
+```
+
+---
+
+## Troubleshooting
+
+### Symlink Broken (Points to Missing Directory)
+
+```bash
+# Check
+ls -l /usr/local/www/docs.clawdie.si/en-current
+# en-current -> docs-v0.9.0_24.mar.2026 (BROKEN LINK)
+
+# Fix: Find working version
+ls -d /usr/local/www/docs.clawdie.si/docs-v*
+
+# Repoint
+sudo ln -sfn docs-v0.9.0_20260317 /usr/local/www/docs.clawdie.si/en-current
+sudo service nginx reload
+```
+
+### Nginx 404 After Symlink Swap
+
+```bash
+# Check nginx config
+sudo nginx -t
+
+# Check permissions (nginx needs read+execute)
+stat /usr/local/www/docs.clawdie.si/docs-v0.9.0_24.mar.2026
+# Should show: (0755) drwxr-xr-x
+
+# Fix if needed
+sudo chmod -R a+rx /usr/local/www/docs.clawdie.si/docs-v*/
+
+# Reload
+sudo service nginx reload
+```
+
+### Cron Sync Not Running
+
+```bash
+# Check cron job
+sudo crontab -l | grep docs-sync
+# Should show: 0 5 * * * root /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh
+
+# Check system logs
+sudo grep docs-sync /var/log/cron | tail -10
+
+# If missing, reinstall:
+sudo crontab -e
+# Add: 0 5 * * * root /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh >> /var/log/clawdie-docs-sync.log 2>&1
+```
+
+### Git Pull Failing in Sync
+
+```bash
+# Check git status
+cd /home/clawdie/clawdie-ai
+git status
+
+# Check for merge conflicts
+git diff HEAD origin/implementation -- docs/
+
+# Resolve manually
+git fetch origin
+git merge origin/implementation
+# Fix conflicts, commit, push
+
+# Retry sync
+sudo /home/clawdie/clawdie-ai/scripts/docs-sync.cron.sh
+```
+
+---
+
+## Performance & Capacity
+
+| Metric                | Value      | Notes                                 |
+| --------------------- | ---------- | ------------------------------------- |
+| **Compile time**      | ~10s       | 4 languages, 28 markdown files        |
+| **Sync time**         | ~15-20s    | git pull + compile + deploy + cleanup |
+| **Symlink swap**      | <1ms       | Atomic operation                      |
+| **Rollback time**     | <1s        | Repoint symlink + reload nginx        |
+| **Version size**      | ~20MB each | Per language version                  |
+| **3-version storage** | ~60MB      | 30-day retention                      |
+| **Daily bandwidth**   | ~100-200MB | git pull + sync logs                  |
+
+---
+
+## Integration Points
+
+**Related files in repo:**
+
+- `scripts/docs-compile.sh` — Compilation implementation
+- `scripts/docs-sync.cron.sh` — Sync orchestrator
+- `docs/DOCUMENTATION-POLICY.md` — Policy and governance
+- `docs/DOCUMENTATION-SYNC-RUNBOOK.md` — Operator manual (detailed)
+- `docs/.docignore` — Filter rules
+- `docs/.sync-metadata.json` — Deployment metadata
+- `CROWDIN.md` — Translation workflow
+
+**External services:**
+
+- Crowdin (https://crowdin.com/project/clawdie-ai) — Translation management
+- GitHub (oauth for Crowdin) — Source control
+
+**Host files:**
+
+- `/usr/local/etc/nginx/vhosts/docs.clawdie.si.conf` — Nginx config
+- `/usr/local/www/docs.clawdie.si/` — Webroot
+- `/var/log/clawdie-docs-sync.log` — Sync logs
+- Cron job (root crontab) — Daily trigger @ 05:00 UTC
+
+---
+
+## See Also
+
+- [DOCUMENTATION-SYNC-RUNBOOK.md](../../docs/DOCUMENTATION-SYNC-RUNBOOK.md) — Detailed operator manual with all troubleshooting steps
+- [CROWDIN.md](../../CROWDIN.md) — Translation workflow guide for authors and translators
+- [html/docs-clawdie-si/VERSIONING.md](../../html/docs-clawdie-si/VERSIONING.md) — Deep dive into symlink-based versioning architecture
+- `nginx` skill — Handles cms jail nginx (not host-level docs)
+
+---
+
+**Last Updated:** 24.mar.2026
+**Skill Version:** 1.0
+**Phase:** 3.0+ (Production-ready)
diff --git a/.agent/skills/docs-deployment/templates/language-selector.html b/.agent/skills/docs-deployment/templates/language-selector.html
new file mode 100644
index 0000000..739a017
--- /dev/null
+++ b/.agent/skills/docs-deployment/templates/language-selector.html
@@ -0,0 +1,209 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Clawdie-AI Documentation</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            padding: 1em;
+        }
+
+        .container {
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
+            max-width: 600px;
+            width: 100%;
+            padding: 3em 2em;
+            text-align: center;
+        }
+
+        h1 {
+            color: #0088ff;
+            font-size: 2.2em;
+            margin-bottom: 0.5em;
+            font-weight: 700;
+        }
+
+        .subtitle {
+            color: #666;
+            font-size: 1.1em;
+            margin-bottom: 2em;
+            line-height: 1.6;
+        }
+
+        .languages {
+            display: grid;
+            grid-template-columns: repeat(auto-fit, minmax(140px, 1fr));
+            gap: 1em;
+            margin: 2.5em 0;
+        }
+
+        .language-button {
+            display: inline-flex;
+            flex-direction: column;
+            align-items: center;
+            justify-content: center;
+            padding: 1.5em 1em;
+            background: linear-gradient(135deg, #0088ff 0%, #0066cc 100%);
+            color: white;
+            text-decoration: none;
+            border-radius: 8px;
+            transition: all 0.3s ease;
+            cursor: pointer;
+            font-weight: 600;
+            border: 2px solid transparent;
+        }
+
+        .language-button:hover {
+            transform: translateY(-4px);
+            box-shadow: 0 10px 25px rgba(0, 136, 255, 0.3);
+            border-color: rgba(255, 255, 255, 0.5);
+        }
+
+        .language-button:active {
+            transform: translateY(-2px);
+        }
+
+        .flag {
+            font-size: 2.5em;
+            margin-bottom: 0.5em;
+        }
+
+        .lang-name {
+            font-size: 1em;
+            white-space: nowrap;
+        }
+
+        .lang-native {
+            font-size: 0.85em;
+            opacity: 0.9;
+            margin-top: 0.25em;
+        }
+
+        .divider {
+            margin: 2.5em 0;
+            border-top: 1px solid #eee;
+        }
+
+        .info {
+            background: #f0f7ff;
+            border-left: 4px solid #0088ff;
+            padding: 1em;
+            border-radius: 4px;
+            text-align: left;
+            margin: 2em 0;
+            font-size: 0.95em;
+            color: #333;
+        }
+
+        .info strong {
+            color: #0088ff;
+        }
+
+        .info a {
+            color: #0088ff;
+            text-decoration: none;
+            font-weight: 600;
+        }
+
+        .info a:hover {
+            text-decoration: underline;
+        }
+
+        .footer {
+            margin-top: 2em;
+            padding-top: 2em;
+            border-top: 1px solid #eee;
+            color: #999;
+            font-size: 0.9em;
+        }
+
+        .footer a {
+            color: #0088ff;
+            text-decoration: none;
+        }
+
+        .footer a:hover {
+            text-decoration: underline;
+        }
+
+        @media (max-width: 600px) {
+            h1 {
+                font-size: 1.8em;
+            }
+
+            .container {
+                padding: 2em 1em;
+            }
+
+            .languages {
+                grid-template-columns: repeat(2, 1fr);
+                gap: 0.75em;
+            }
+
+            .language-button {
+                padding: 1em 0.75em;
+            }
+
+            .flag {
+                font-size: 2em;
+            }
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>📚 Clawdie-AI</h1>
+        <p class="subtitle">Select your language to view documentation</p>
+
+        <div class="languages">
+            <a href="/en/" class="language-button">
+                <div class="flag">🇬🇧</div>
+                <div class="lang-name">English</div>
+            </a>
+            <a href="/de/" class="language-button">
+                <div class="flag">🇩🇪</div>
+                <div class="lang-name">Deutsch</div>
+            </a>
+            <a href="/fr/" class="language-button">
+                <div class="flag">🇫🇷</div>
+                <div class="lang-name">Français</div>
+            </a>
+            <a href="/es/" class="language-button">
+                <div class="flag">🇪🇸</div>
+                <div class="lang-name">Español</div>
+            </a>
+        </div>
+
+        <div class="divider"></div>
+
+        <div class="info">
+            <strong>💬 Help translate:</strong><br>
+            Documentation is maintained via <a href="https://crowdin.com/">Crowdin</a>.
+            Join our translation community at
+            <a href="https://crowdin.com/project/clawdie-ai">crowdin.com/project/clawdie-ai</a>
+        </div>
+
+        <div class="footer">
+            <p>
+                <strong>Clawdie-AI</strong> • FreeBSD-based AI Assistant<br>
+                <a href="https://clawdie.si">clawdie.si</a> • Documentation v0.9.0+
+            </p>
+        </div>
+    </div>
+</body>
+</html>
diff --git a/.agent/skills/docs-deployment/templates/nginx-vhost-template.conf b/.agent/skills/docs-deployment/templates/nginx-vhost-template.conf
new file mode 100644
index 0000000..e9b835d
--- /dev/null
+++ b/.agent/skills/docs-deployment/templates/nginx-vhost-template.conf
@@ -0,0 +1,142 @@
+# docs.clawdie.si — Multi-Language Documentation Vhost
+# Template for host-level documentation serving with language routing
+#
+# Location: /usr/local/etc/nginx/vhosts/docs.clawdie.si.conf
+# Symlinks: en-current, de-current, fr-current, es-current
+#          (each points to docs-v0.9.0_24.mar.2026/{lang}/)
+#
+# Features:
+#   - Language routing: /en/, /de/, /fr/, /es/
+#   - Language selector: docs.clawdie.si/ (root redirects to language picker)
+#   - Zero-downtime updates: Atomic symlink swaps
+#   - SSL/TLS: Let's Encrypt
+
+# HTTP → HTTPS redirect
+server {
+    listen 80;
+    listen [::]:80;
+    server_name docs.clawdie.si;
+    return 301 https://docs.clawdie.si$request_uri;
+}
+
+# HTTPS server (multi-language)
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name docs.clawdie.si;
+
+    # SSL configuration
+    ssl_certificate     /usr/local/etc/nginx/ssl/docs/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/docs/docs.key;
+    ssl_protocols       TLSv1.2 TLSv1.3;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+    ssl_prefer_server_ciphers on;
+
+    # Security headers
+    add_header X-Content-Type-Options nosniff always;
+    add_header X-Frame-Options SAMEORIGIN always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy strict-origin-when-cross-origin always;
+    add_header Permissions-Policy "geolocation=(), microphone=(), camera=()" always;
+
+    # Logging
+    access_log /var/log/nginx/docs.access.log combined;
+    error_log /var/log/nginx/docs.error.log warn;
+
+    # ────────────────────────────────────────────────────────────────────────────
+    # Language-Specific Routes
+    # ────────────────────────────────────────────────────────────────────────────
+
+    # English documentation
+    location /en/ {
+        root /usr/local/www/docs.clawdie.si;
+        # Points to: en-current symlink → docs-v0.9.0_24.mar.2026/en/
+        try_files $uri $uri/ /en/index.html =404;
+        expires 7d;
+        add_header Cache-Control "public, max-age=604800";
+    }
+
+    # German documentation
+    location /de/ {
+        root /usr/local/www/docs.clawdie.si;
+        # Points to: de-current symlink → docs-v0.9.0_24.mar.2026/de/
+        try_files $uri $uri/ /de/index.html =404;
+        expires 7d;
+        add_header Cache-Control "public, max-age=604800";
+    }
+
+    # French documentation
+    location /fr/ {
+        root /usr/local/www/docs.clawdie.si;
+        # Points to: fr-current symlink → docs-v0.9.0_24.mar.2026/fr/
+        try_files $uri $uri/ /fr/index.html =404;
+        expires 7d;
+        add_header Cache-Control "public, max-age=604800";
+    }
+
+    # Spanish documentation
+    location /es/ {
+        root /usr/local/www/docs.clawdie.si;
+        # Points to: es-current symlink → docs-v0.9.0_24.mar.2026/es/
+        try_files $uri $uri/ /es/index.html =404;
+        expires 7d;
+        add_header Cache-Control "public, max-age=604800";
+    }
+
+    # ────────────────────────────────────────────────────────────────────────────
+    # Root: Language Selector
+    # ────────────────────────────────────────────────────────────────────────────
+
+    # Root serves language picker HTML
+    location = / {
+        root /usr/local/www/docs.clawdie.si;
+        try_files /index.html =404;
+    }
+
+    # ────────────────────────────────────────────────────────────────────────────
+    # Static Assets (CSS, JS, Images)
+    # ────────────────────────────────────────────────────────────────────────────
+
+    location /css/ {
+        root /usr/local/www/docs.clawdie.si;
+        try_files $uri =404;
+        expires 30d;
+        add_header Cache-Control "public, max-age=2592000, immutable";
+    }
+
+    location /js/ {
+        root /usr/local/www/docs.clawdie.si;
+        try_files $uri =404;
+        expires 30d;
+        add_header Cache-Control "public, max-age=2592000, immutable";
+    }
+
+    location /images/ {
+        root /usr/local/www/docs.clawdie.si;
+        try_files $uri =404;
+        expires 30d;
+        add_header Cache-Control "public, max-age=2592000, immutable";
+    }
+
+    # ────────────────────────────────────────────────────────────────────────────
+    # Deny Access to Hidden Files & Versioned Directories
+    # ────────────────────────────────────────────────────────────────────────────
+
+    # Block access to version directories (users should access via /en/, /de/, etc.)
+    location ~ ^/docs-v[0-9]+ {
+        return 403;
+    }
+
+    # Block hidden files (.git, .env, etc.)
+    location ~ /\. {
+        return 403;
+    }
+
+    # ────────────────────────────────────────────────────────────────────────────
+    # Catch-all: Deny undefined paths
+    # ────────────────────────────────────────────────────────────────────────────
+
+    location / {
+        return 404;
+    }
+}
diff --git a/.agent/skills/docs-localization-pipeline/README.md b/.agent/skills/docs-localization-pipeline/README.md
new file mode 100644
index 0000000..97bd19e
--- /dev/null
+++ b/.agent/skills/docs-localization-pipeline/README.md
@@ -0,0 +1,315 @@
+# Docs Localization Pipeline Skill
+
+**Codifies the three-bird documentation architecture for Pi/Aider automation.**
+
+## Overview
+
+This skill automates the complete documentation localization and deployment pipeline:
+
+```
+English Docs (docs/public/)
+    ↓
+Crowdin (Project 883714)
+    ↓ [Push source, Pull translations]
+Translated Docs (docs/public/{lang}/)
+    ↓
+Astro Starlight Build
+    ↓ [npm run build]
+Static Site (dist/)
+    ↓
+Deploy to nginx
+    ↓
+Public: https://docs.clawdie.si
+```
+
+## Quick Start
+
+### 1. Initial Setup (First Time Only)
+
+```bash
+# Setup Astro Starlight project
+./.agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh
+
+# Verify setup
+ls -la /home/clawdie/clawdie-docs/
+cd /home/clawdie/clawdie-docs && npm run dev
+# Browse: http://localhost:4321
+```
+
+### 2. Manual Pipeline Execution
+
+```bash
+# Full pipeline (all stages)
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --all
+
+# Individual stages
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --push      # Push sources to Crowdin
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --pull      # Pull translations
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --build     # Pull + Build
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --deploy    # Deploy built site
+./.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --status    # Check Crowdin status
+```
+
+### 3. Pi/Aider Commands
+
+```bash
+# Via Pi TUI
+pi "sync and rebuild documentation site"
+pi "publish docs translations"
+pi "check documentation translation progress"
+
+# Via Aider
+aider --auto-commits --message "Sync translations and rebuild docs" docs/
+```
+
+## File Structure
+
+```
+.agent/skills/docs-localization-pipeline/
+├── SKILL.md                    # Architecture & detailed reference
+├── README.md                   # This file
+├── setup-clawdie-docs.sh         # Bootstrap Astro Starlight project
+└── orchestrate-pipeline.sh     # Orchestrate full Crowdin→Astro→Deploy pipeline
+```
+
+## Scripts
+
+### setup-clawdie-docs.sh
+
+**Purpose:** Bootstrap the Astro Starlight documentation site.
+
+**Usage:**
+
+```bash
+./setup-clawdie-docs.sh                 # Default: /home/clawdie/clawdie-docs
+./setup-clawdie-docs.sh /custom/path    # Custom path
+```
+
+**What it does:**
+
+1. Creates Astro project structure
+2. Installs dependencies (npm install)
+3. Generates `astro.config.mjs` with multi-language configuration
+4. Sets up content collections config
+5. Creates symlinks to `docs/public/{lang}/` for translations
+6. Creates i18n UI translation JSON files
+
+**Prerequisites:**
+
+- Node.js >=20
+- npm
+- Docs source at `/home/clawdie/clawdie-ai/docs/public/`
+
+**Output:**
+
+```
+/home/clawdie/clawdie-docs/
+├── package.json
+├── astro.config.mjs
+├── tsconfig.json
+├── src/
+│   ├── content/config.ts
+│   ├── docs/
+│   │   ├── en → /home/clawdie/clawdie-ai/docs/public/en
+│   │   ├── de → /home/clawdie/clawdie-ai/docs/public/de
+│   │   └── [other languages]
+│   └── i18n/
+│       ├── en.json
+│       ├── de.json
+│       └── sl.json
+└── dist/ (after npm run build)
+```
+
+### orchestrate-pipeline.sh
+
+**Purpose:** Automate the full Crowdin→Astro→Deploy pipeline.
+
+**Usage:**
+
+```bash
+./orchestrate-pipeline.sh --all              # Full pipeline
+./orchestrate-pipeline.sh --push             # Stage 1: Push English sources
+./orchestrate-pipeline.sh --pull             # Stage 2: Pull translations
+./orchestrate-pipeline.sh --build            # Stages 2+3: Pull + Build
+./orchestrate-pipeline.sh --build-only       # Stage 3: Build only
+./orchestrate-pipeline.sh --deploy-only      # Stage 4: Deploy
+./orchestrate-pipeline.sh --status           # Check Crowdin status
+./orchestrate-pipeline.sh --help             # Show help
+```
+
+**Stages:**
+
+| Stage | Command    | What It Does                                     |
+| ----- | ---------- | ------------------------------------------------ |
+| 1     | `--push`   | Upload English `docs/public/*.md` to Crowdin     |
+| 2     | `--pull`   | Download translations into `docs/public/{lang}/` |
+| 3     | `--build`  | Run `npm run build` to generate static site      |
+| 4     | `--deploy` | Copy `dist/` to nginx webroot                    |
+
+**Environment Variables:**
+
+```bash
+# Set in .env or export before running
+CROWDIN_PERSONAL_TOKEN=tskey-xxx      # Crowdin API token (required for push/pull)
+CMS_DOCS_SITE_PATH=/home/clawdie/clawdie-docs   # Astro project path
+DOCS_DEPLOY_TARGET=/usr/local/www/clawdie/docs  # nginx webroot
+DOCS_MIN_COMPLETION=80                # Min % translation completion before deploy
+```
+
+**Output Example:**
+
+```
+=== Stage 1: Push English Sources to Crowdin ===
+[INFO] Uploading English sources to Crowdin...
+  [1] Uploading: install/index.md
+  [2] Uploading: install/requirements.md
+  ...
+[INFO] Upload complete: 42 files processed, 0 failed
+
+=== Stage 2: Pull Translations from Crowdin ===
+[INFO] Downloading translations from Crowdin...
+[INFO] Translation completion: 85% ✓
+Language: sl
+  Downloaded: /tmp/crowdin-sl-1712951234.zip
+  ✓ Extracted 42 files to sl/
+
+=== Stage 3: Build Astro Site ===
+[INFO] Building Astro site...
+✓ Site built: 217 files
+
+=== Stage 4: Deploy to Nginx ===
+[INFO] Copying files to /usr/local/www/clawdie/docs
+✓ Nginx reloaded
+✓ Deploy complete: https://docs.clawdie.si
+```
+
+## Configuration
+
+### .env Setup
+
+```bash
+# Crowdin API token (https://crowdin.com/settings/api/tokens)
+CROWDIN_PERSONAL_TOKEN=tskey-your-token-here
+
+# Astro project path (optional, defaults to /home/clawdie/clawdie-docs)
+CMS_DOCS_SITE_PATH=/home/clawdie/clawdie-docs
+
+# nginx deployment target (optional, defaults to /usr/local/www/clawdie/docs)
+DOCS_DEPLOY_TARGET=/usr/local/www/clawdie/docs
+
+# Minimum translation completion % before deploying (default: 80)
+DOCS_MIN_COMPLETION=80
+```
+
+### Crowdin Project
+
+- **Project ID:** 883714
+- **Configuration:** `.crowdin.yml` (repo root)
+- **Languages:** SL (default), EN, DE, HR, SR, RU, EL, IT, MK, SK, BS
+- **Source:** `docs/public/**.md`
+- **Output:** `docs/public/{lang}/`
+
+## Workflows
+
+### Weekly Sync (Recommended)
+
+```bash
+# Add to crontab (runs Monday 9am)
+0 9 * * MON /path/to/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --pull && \
+  cd /path/to && \
+  /path/to/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --build-only && \
+  /path/to/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh --deploy-only
+```
+
+### On-Demand via Pi
+
+```bash
+# Pi will interpret natural language and call orchestrate-pipeline.sh
+pi "sync docs translations and rebuild site"
+# → Executes: orchestrate-pipeline.sh --all
+```
+
+### GitHub Actions (Optional)
+
+See `.github/workflows/crowdin-sync.yml` for automated CI/CD setup.
+
+## Troubleshooting
+
+### "Crowdin token not found"
+
+**Fix:**
+
+```bash
+# Option A: Create token file
+mkdir -p ~/.config/clawdie
+echo "tskey-your-token" > ~/.config/clawdie/crowdin-token
+chmod 600 ~/.config/clawdie/crowdin-token
+
+# Option B: Set env var
+export CROWDIN_PERSONAL_TOKEN=tskey-your-token
+
+# Option C: Add to .env
+echo 'CROWDIN_PERSONAL_TOKEN=tskey-your-token' >> .env
+```
+
+### "Astro project not found"
+
+**Fix:**
+
+```bash
+# Run setup script
+./.agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh
+```
+
+### "npm: command not found"
+
+**Fix:** Install Node.js and npm for FreeBSD:
+
+```bash
+sudo pkg install node24 npm-node24
+```
+
+### "Translation completion too low"
+
+**Fix:** Adjust `DOCS_MIN_COMPLETION` or wait for translators:
+
+```bash
+DOCS_MIN_COMPLETION=50 ./orchestrate-pipeline.sh --all
+```
+
+### "Astro build fails with missing locale"
+
+**Fix:** Ensure translations are pulled before build:
+
+```bash
+# Manual steps
+./scripts/crowdin-sync.sh --pull
+cd /home/clawdie/clawdie-docs && npm run build
+```
+
+### "Deploy fails: permission denied"
+
+**Fix:** Ensure sudo access to webroot:
+
+```bash
+# Add to sudoers (FreeBSD):
+sudo visudo
+# Add line: clawdie ALL=(ALL) NOPASSWD: /bin/cp -r, /usr/sbin/service nginx
+```
+
+## Next Steps
+
+1. **Crowdin Setup** → Create translators and assign languages
+2. **First Push** → `./orchestrate-pipeline.sh --push` to seed English sources
+3. **Translation** → Wait for translators to complete milestone (80%+)
+4. **First Build** → `./orchestrate-pipeline.sh --build` to test build
+5. **Deploy** → `./orchestrate-pipeline.sh --deploy` to go live
+6. **Automate** → Setup cron or GitHub Actions for weekly syncs
+
+## References
+
+- **Crowdin Project:** https://crowdin.com/project/clawdie-ai
+- **Crowdin API:** https://developer.crowdin.com/api/
+- **Astro Docs:** https://docs.astro.build/
+- **Starlight Docs:** https://starlight.astro.build/
+- **Skill Architecture:** `SKILL.md` (in this directory)
diff --git a/.agent/skills/docs-localization-pipeline/SKILL.md b/.agent/skills/docs-localization-pipeline/SKILL.md
new file mode 100644
index 0000000..836d445
--- /dev/null
+++ b/.agent/skills/docs-localization-pipeline/SKILL.md
@@ -0,0 +1,406 @@
+---
+name: docs-localization-pipeline
+description: Automate the Crowdin → Astro Starlight → deploy localization pipeline for Clawdie docs.
+---
+
+# Three-Bird Docs Localization Pipeline
+
+**Status:** MVP Implementation Plan  
+**Target:** Pi/Aider Automation  
+**Architecture:** Crowdin → Astro Starlight → Deploy  
+**Languages:** EN (primary), SLO (default for clawdie.si), DE/SRB/CRO/BIH/RU/ZN/BR (roadmap)
+
+## Overview
+
+The **three-bird architecture** separates concerns for documentation, localization, and content delivery:
+
+1. **Crowdin** — Single source of truth for translations. English docs are pushed, Crowdin maintains translations in 9 target languages.
+2. **Astro Starlight** — Static site generator. Builds multilingual docs site from Crowdin translations + English source.
+3. **Strapi CMS** (optional) — Content backend for rich media, structured content (deferred due to FreeBSD native binding issues; see `doc/STRAPI-FREEBSD-GOTCHA.md`).
+
+**MVP Approach:** Markdown-only pipeline (Crowdin → Astro). Ships EN + SLO immediately. Can defer CMS until image upload requirements emerge.
+
+---
+
+## Phase 1: Crowdin → Astro Build Pipeline
+
+### Architecture
+
+```
+docs/public/                    # English source (Markdown)
+  ├── install/
+  ├── architecture/
+  ├── reference/
+  └── [other sections]
+
+Crowdin (Project 883714)         # Localization source of truth
+  ├── Source: docs/public/**.md
+  ├── Languages: sl, de, hr, sr, ru, el, it, mk, sk, bs
+  └── Output: docs/public/{lang}/**
+
+docs/public/{lang}/             # Pulled translations
+  ├── sl/                        # Slovenian
+  ├── de/                        # German
+  ├── hr/                        # Croatian
+  └── [others...]
+
+Astro Starlight Site            # Multi-language static build
+  ├── Root (SLO): /
+  ├── English: /en/
+  ├── German: /de/
+  ├── Croatian: /hr/
+  └── [others...]
+
+Deployment
+  └── nginx → docs.clawdie.si
+```
+
+### Pipeline Steps (Automation-Ready for Pi/Aider)
+
+#### Step 1: Push English Sources to Crowdin
+
+```bash
+./scripts/crowdin-sync.sh --push
+```
+
+**What it does:**
+
+- Finds all `.md` files in `docs/public/` (excluding translation directories)
+- Uploads each file to Crowdin storage
+- Updates project files via Crowdin API
+- Waits for translators to work on updated strings
+
+**Automation notes:**
+
+- Run whenever `docs/public/` English files change
+- Safe to run multiple times (idempotent)
+- Requires `CROWDIN_PERSONAL_TOKEN` env var or `~/.config/clawdie/crowdin-token`
+
+#### Step 2: Download Translations from Crowdin
+
+```bash
+./scripts/crowdin-sync.sh --pull
+```
+
+**What it does:**
+
+- For each language (sl, de, hr, sr, ru, el, it, mk, sk, bs):
+  - Requests translation export from Crowdin
+  - Downloads ZIP of translated files
+  - Extracts to `docs/public/{lang}/`
+- Creates `docs/public/{lang}/` directories if missing
+
+**Automation notes:**
+
+- Run after translations reach >80% completion
+- Safe to run multiple times (overwrites old translations)
+- Requires same token as push
+
+#### Step 3: Build Astro Starlight Site
+
+```bash
+# In Astro project root
+npm run build
+```
+
+**What it does:**
+
+- Reads English source from `docs/public/`
+- Reads translations from `docs/public/{lang}/`
+- Generates static site at `dist/`
+- Multi-language navigation configured in `astro.config.mjs`
+
+**Output structure:**
+
+```
+dist/
+  ├── index.html              # SLO root
+  ├── en/                     # English
+  ├── de/                     # German
+  ├── hr/                     # Croatian
+  └── [others...]
+```
+
+**Automation notes:**
+
+- Requires Node.js >=20 + npm
+- ~30-60 seconds per build
+- Idempotent (safe to run multiple times)
+
+#### Step 4: Deploy to Production
+
+```bash
+# Deploy to nginx webroot (rsync: incremental, verified, cleaned up)
+sudo rsync -av --delete --checksum /home/clawdie/clawdie-docs/dist/ /usr/local/www/clawdie/docs/
+
+# Reload nginx
+sudo nginx -s reload
+```
+
+**Why rsync (instead of cp -r):**
+
+- **Incremental:** Only changed files copied (faster on repeated deploys)
+- **Cleanup:** `--delete` removes stale assets automatically
+- **Verified:** `--checksum` ensures file integrity
+- **Resumable:** Can re-run if interrupted
+
+**Automation notes:**
+
+- Requires sudo access (setup in .env or via wheel group)
+- rsync available on FreeBSD (`/usr/local/bin/rsync`)
+- Preview changes first: add `--dry-run` flag before deploying
+- Alternative: git push to deployment repo with webhook triggers
+
+---
+
+## Phase 2: Astro Starlight Project Setup (Required)
+
+### Directory Structure
+
+Create `/home/clawdie/clawdie-docs/` (or configure `CMS_DOCS_SITE_PATH` in `.env`):
+
+```
+/home/clawdie/clawdie-docs/
+  ├── astro.config.mjs         # Multi-locale Starlight config
+  ├── package.json
+  ├── src/
+  │   ├── content/
+  │   │   ├── config.ts        # Content collections config
+  │   │   ├── docs/
+  │   │   │   ├── index.mdx    # SLO root
+  │   │   │   ├── en/          # English docs (symlink from docs/public/en/)
+  │   │   │   ├── de/          # German (symlink from docs/public/de/)
+  │   │   │   └── [others...]
+  │   │   └── i18n/            # UI translations (t() function)
+  │   │       ├── en.json
+  │   │       ├── de.json
+  │   │       └── sl.json
+  │   ├── components/          # Custom overrides
+  │   └── styles/
+  └── dist/                    # Build output
+```
+
+### astro.config.mjs Example
+
+```javascript
+// astro.config.mjs
+import { defineConfig } from 'astro/config';
+import starlight from '@astrojs/starlight';
+
+export default defineConfig({
+  site: 'https://docs.clawdie.si',
+  integrations: [
+    starlight({
+      title: 'Clawdie AI',
+      defaultLocale: 'sl',
+      locales: {
+        sl: { label: '🇸🇮 Slovenščina', lang: 'sl' },
+        en: { label: '🇬🇧 English', lang: 'en' },
+        de: { label: '🇩🇪 Deutsch', lang: 'de' },
+        hr: { label: '🇭🇷 Hrvatski', lang: 'hr' },
+        sr: { label: '🇷🇸 Српски', lang: 'sr' },
+        ru: { label: '🇷🇺 Русский', lang: 'ru' },
+      },
+      sidebar: [
+        {
+          label: 'Namestitev',
+          translations: {
+            en: 'Installation',
+            de: 'Installation',
+            hr: 'Instalacija',
+            sr: 'Инсталација',
+            ru: 'Установка',
+          },
+          items: [
+            { slug: 'install', label: 'Pregled', translations: { en: 'Overview' } },
+            { slug: 'install/requirements', label: 'Zahteve' },
+          ],
+        },
+        {
+          label: 'Arhitektura',
+          translations: {
+            en: 'Architecture',
+            de: 'Architektur',
+            hr: 'Arhitektura',
+            sr: 'Архитектура',
+            ru: 'Архитектура',
+          },
+          items: [
+            { slug: 'architecture', label: 'Pregled' },
+            { slug: 'architecture/jail-networking' },
+          ],
+        },
+      ],
+    }),
+  ],
+});
+```
+
+### Symlink Strategy
+
+Instead of copying translated docs, use symlinks to avoid duplication:
+
+```bash
+cd /home/clawdie/clawdie-docs/src/content/docs/
+ln -s /home/clawdie/clawdie-ai/docs/public/en en
+ln -s /home/clawdie/clawdie-ai/docs/public/de de
+ln -s /home/clawdie/clawdie-ai/docs/public/hr hr
+# ... etc
+```
+
+This way:
+
+- Crowdin pulls translations to one location
+- Astro builds from symlinks
+- No duplication, easier to update
+
+---
+
+## Phase 3: Crowdin Project Configuration
+
+### Create Project (if not exists)
+
+Visit https://crowdin.com/dashboard and create new project:
+
+- **Project Name:** Clawdie-AI
+- **Default Language:** English
+- **Target Languages:** SL, DE, HR, SR, RU, EL, IT, MK, SK, BS
+
+### Configure .crowdin.yml
+
+Already configured in repo:
+
+```yaml
+project_id: 883714
+api_token_env: CROWDIN_PERSONAL_TOKEN
+base_path: ./
+files:
+  - source: docs/public/**.md
+    dest: docs/public/%two_letters_code%
+    translation_update: crowdin_move
+```
+
+### API Token Setup
+
+1. Create personal token at https://crowdin.com/settings/api/tokens
+2. Store in **one** of:
+   - `.env` file: `CROWDIN_PERSONAL_TOKEN=xxx`
+   - `~/.config/clawdie/crowdin-token`: `xxx`
+   - GitHub Actions secret: `CROWDIN_PERSONAL_TOKEN`
+
+---
+
+## Phase 4: Automation for Pi/Aider
+
+### Cron-Based Sync (Daily/Weekly)
+
+Add to `.env`:
+
+```bash
+# Crowdin sync schedule (cron)
+# "0 9 * * MON" = Every Monday at 9am
+DOCS_SYNC_SCHEDULE="0 9 * * MON"
+```
+
+### Manual Execution (via Pi)
+
+Pi skill command:
+
+```bash
+pi "sync docs translations and rebuild the site"
+```
+
+Aider harness command:
+
+```bash
+aider --auto-commits \
+  --message "Sync translations from Crowdin and rebuild docs" \
+  "Crowdin sync and Astro rebuild required"
+```
+
+### GitHub Actions Workflow (Optional)
+
+Already created: `.github/workflows/crowdin-sync.yml`
+
+Triggers:
+
+- **Manual** (workflow_dispatch): Click "Run workflow" to sync manually
+- **Scheduled**: Every Monday at 9 UTC
+- **On push**: When `docs/public/` changes
+
+---
+
+## MVP Checklist
+
+- [ ] **Crowdin Project (883714)** - Verify project exists and is configured
+- [ ] **English Source Upload** - Run `./scripts/crowdin-sync.sh --push` to seed project
+- [ ] **Translator Setup** - Add translators to Crowdin, assign languages
+- [ ] **Astro Starlight Project** - Create at `/home/clawdie/clawdie-docs/` with starlight theme
+- [ ] **astro.config.mjs** - Configure all target locales and sidebar
+- [ ] **Symlinks** - Link `src/content/docs/{en,de,hr,sr,ru,el,it,mk,sk,bs}` to `docs/public/{lang}`
+- [ ] **Local Build Test** - `npm run build` produces multilingual static site
+- [ ] **Crowdin → Pull Test** - `./scripts/crowdin-sync.sh --pull` downloads SLO + EN
+- [ ] **Full Pipeline Test** - Push → Pull → Build → Deploy in sequence
+- [ ] **Pi Automation** - Create Pi skill to execute full pipeline
+- [ ] **Deploy Target** - Configure nginx at `docs.clawdie.si` to serve `dist/`
+- [ ] **Monitoring** - Check Crowdin progress weekly, trigger rebuild when >80% complete
+
+---
+
+## Troubleshooting
+
+### "No translations available for {lang}"
+
+**Cause:** Language not configured in Crowdin or no translations yet.  
+**Fix:** Add language to Crowdin project settings, ensure translators have assignments.
+
+### "Failed to upload to storage"
+
+**Cause:** Invalid Crowdin token or API rate limit.  
+**Fix:** Verify token in `.env` or `~/.config/clawdie/crowdin-token`, wait 1 minute, retry.
+
+### "Astro build fails with missing locale"
+
+**Cause:** Translation directory not downloaded yet.  
+**Fix:** Run `./scripts/crowdin-sync.sh --pull` before build, or exclude incomplete locales from `astro.config.mjs`.
+
+### "Symlinks not found by Astro"
+
+**Cause:** Symlinks created in wrong location or Astro reading before symlinks established.  
+**Fix:** Verify symlinks exist at `src/content/docs/{lang}/`, restart dev server with `npm run dev`.
+
+---
+
+## Next Steps (Post-MVP)
+
+### Phase 5: Strapi CMS Integration (Deferred)
+
+Once FreeBSD native binding issues are resolved (see `doc/STRAPI-FREEBSD-GOTCHA.md`):
+
+- Strapi as backend for rich media content (images, videos, structured data)
+- Crowdin sync to Strapi API endpoints
+- Astro fetches from Strapi for dynamic components
+- CMS content types: Page, Guide, Skill, BlogPost
+
+Current blockers:
+
+- `sharp` (image processing) lacks FreeBSD prebuilt binary
+- `esbuild`, `@swc/core` same issue
+- Workaround: Compile libvips from /usr/ports, but time-intensive
+
+**Recommendation:** Keep Strapi in roadmap, ship markdown-only MVP first.
+
+### Phase 6: Real-Time Collaboration
+
+- Webhook from Crowdin to rebuild site immediately after translation milestone
+- Slack notification on translation progress
+- Discord bot for translator coordination
+
+---
+
+## References
+
+- **Crowdin API:** https://developer.crowdin.com/api/
+- **Astro Starlight:** https://starlight.astro.build/
+- **Crowdin Sync Script:** `./scripts/crowdin-sync.sh`
+- **FreeBSD CMS Gotcha:** `doc/STRAPI-FREEBSD-GOTCHA.md`
diff --git a/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh b/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh
new file mode 100755
index 0000000..c9f40f5
--- /dev/null
+++ b/.agent/skills/docs-localization-pipeline/orchestrate-pipeline.sh
@@ -0,0 +1,294 @@
+#!/bin/sh
+# Three-Bird Docs Localization Pipeline Orchestrator
+# Automates: Crowdin sync → Astro build → Deploy
+#
+# Usage:
+#   ./orchestrate-pipeline.sh --all              # Full pipeline: push → pull → build → deploy
+#   ./orchestrate-pipeline.sh --pull             # Pull translations only (no push)
+#   ./orchestrate-pipeline.sh --build            # Pull + build only (no push/deploy)
+#   ./orchestrate-pipeline.sh --build-only       # Build only (skip pull)
+#   ./orchestrate-pipeline.sh --deploy-only      # Deploy existing build
+#   ./orchestrate-pipeline.sh --status           # Check Crowdin status only
+#
+# Environment variables (from .env or CLI):
+#   CROWDIN_PERSONAL_TOKEN   - Crowdin API token (required for push/pull)
+#   CMS_DOCS_SITE_PATH         - Path to Astro project (default: /home/clawdie/clawdie-docs)
+#   DOCS_DEPLOY_TARGET      - nginx webroot (default: /usr/local/www/clawdie/docs)
+#   DOCS_MIN_COMPLETION    - Min % completion before deploy (default: 80)
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+REPO_ROOT="$(cd "${SCRIPT_DIR}/../../.." && pwd)"
+CMS_DOCS_SITE_PATH="${CMS_DOCS_SITE_PATH:-/home/clawdie/clawdie-docs}"
+DOCS_DEPLOY_TARGET="${DOCS_DEPLOY_TARGET:-/usr/local/www/clawdie/docs}"
+DOCS_MIN_COMPLETION="${DOCS_MIN_COMPLETION:-80}"
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+log_info() { echo "${GREEN}[INFO]${NC} $1"; }
+log_warn() { echo "${YELLOW}[WARN]${NC} $1"; }
+log_err() { echo "${RED}[ERROR]${NC} $1" >&2; exit 1; }
+log_section() { echo ""; echo "${BLUE}=== $1 ===${NC}"; }
+
+# ────────────────────────────────────────────────────────────────────────────
+# Helper functions
+# ────────────────────────────────────────────────────────────────────────────
+
+check_prereqs() {
+    local missing=0
+
+    if ! command -v node >/dev/null 2>&1; then
+        log_warn "Node.js not found"
+        missing=1
+    fi
+
+    if ! command -v npm >/dev/null 2>&1; then
+        log_warn "npm not found"
+        missing=1
+    fi
+
+    if [ ! -d "$REPO_ROOT" ]; then
+        log_err "Repository root not found: $REPO_ROOT"
+    fi
+
+    if [ $missing -eq 1 ]; then
+        log_err "Missing prerequisites. Install with: pkg install node24 npm-node24"
+    fi
+}
+
+check_crowdin_token() {
+    if [ -n "$CROWDIN_PERSONAL_TOKEN" ]; then
+        return 0
+    elif [ -f ~/.config/clawdie/crowdin-token ]; then
+        return 0
+    elif [ -f "$REPO_ROOT/.env" ] && grep -q CROWDIN_PERSONAL_TOKEN "$REPO_ROOT/.env"; then
+        return 0
+    else
+        log_err "Crowdin token not found. Set CROWDIN_PERSONAL_TOKEN or create ~/.config/clawdie/crowdin-token"
+    fi
+}
+
+get_crowdin_completion() {
+    # Returns average completion % across all languages
+    # Used to decide if deploy is safe
+    if ! check_crowdin_token 2>/dev/null; then
+        log_warn "Crowdin token not available, skipping completion check"
+        return 0
+    fi
+
+    cd "$REPO_ROOT"
+    local completion
+    completion=$("$REPO_ROOT/scripts/crowdin-sync.sh" --status 2>/dev/null | grep -oP '\(\K[0-9]+(?=%)' | awk '{sum+=$1; count++} END {if (count>0) printf "%.0f", sum/count; else print "0"}')
+    echo "$completion"
+}
+
+# ────────────────────────────────────────────────────────────────────────────
+# Stage 1: Crowdin Push (upload English sources)
+# ────────────────────────────────────────────────────────────────────────────
+
+stage_crowdin_push() {
+    log_section "Stage 1: Push English Sources to Crowdin"
+
+    check_crowdin_token || return 1
+
+    cd "$REPO_ROOT"
+    if ./scripts/crowdin-sync.sh --push; then
+        log_info "✓ English sources uploaded"
+        return 0
+    else
+        log_err "✗ Failed to push sources"
+        return 1
+    fi
+}
+
+# ────────────────────────────────────────────────────────────────────────────
+# Stage 2: Crowdin Pull (download translations)
+# ────────────────────────────────────────────────────────────────────────────
+
+stage_crowdin_pull() {
+    log_section "Stage 2: Pull Translations from Crowdin"
+
+    check_crowdin_token || return 1
+
+    # Check completion %
+    local completion
+    completion=$(get_crowdin_completion)
+
+    if [ "$completion" -lt "$DOCS_MIN_COMPLETION" ]; then
+        log_warn "Translation completion: ${completion}% (minimum: ${DOCS_MIN_COMPLETION}%)"
+        log_warn "Proceeding anyway (use --force to skip this check)"
+    else
+        log_info "Translation completion: ${completion}% ✓"
+    fi
+
+    cd "$REPO_ROOT"
+    if ./scripts/crowdin-sync.sh --pull; then
+        log_info "✓ Translations downloaded"
+        return 0
+    else
+        log_err "✗ Failed to pull translations"
+        return 1
+    fi
+}
+
+# ────────────────────────────────────────────────────────────────────────────
+# Stage 3: Astro Build
+# ────────────────────────────────────────────────────────────────────────────
+
+stage_astro_build() {
+    log_section "Stage 3: Build Astro Site"
+
+    if [ ! -d "$CMS_DOCS_SITE_PATH" ]; then
+        log_warn "Astro project not found at: $CMS_DOCS_SITE_PATH"
+        log_info "Setting up Astro Starlight..."
+
+        if [ -x "$SCRIPT_DIR/setup-clawdie-docs.sh" ]; then
+            "$SCRIPT_DIR/setup-clawdie-docs.sh" "$CMS_DOCS_SITE_PATH" || log_err "Failed to setup Astro"
+        else
+            log_err "Setup script not found: $SCRIPT_DIR/setup-clawdie-docs.sh"
+        fi
+    fi
+
+    if [ ! -d "$CMS_DOCS_SITE_PATH" ]; then
+        log_err "Astro path still missing: $CMS_DOCS_SITE_PATH"
+    fi
+
+    log_info "Building Astro site at: $CMS_DOCS_SITE_PATH"
+
+    cd "$CMS_DOCS_SITE_PATH"
+
+    if [ ! -f package.json ]; then
+        log_err "package.json not found in Astro project"
+    fi
+
+    if ! npm run build; then
+        log_err "✗ Astro build failed"
+        return 1
+    fi
+
+    if [ ! -d dist ]; then
+        log_err "Build output not found: $CMS_DOCS_SITE_PATH/dist"
+    fi
+
+    log_info "✓ Site built: $(find dist -type f | wc -l) files"
+    return 0
+}
+
+# ────────────────────────────────────────────────────────────────────────────
+# Stage 4: Deploy
+# ────────────────────────────────────────────────────────────────────────────
+
+stage_deploy() {
+    log_section "Stage 4: Deploy to Nginx"
+
+    if [ ! -d "$CMS_DOCS_SITE_PATH/dist" ]; then
+        log_err "Build output not found. Run build first: $CMS_DOCS_SITE_PATH/dist"
+    fi
+
+    mkdir -p "$DOCS_DEPLOY_TARGET"
+
+    log_info "Syncing files from $CMS_DOCS_SITE_PATH/dist/ → $DOCS_DEPLOY_TARGET"
+    log_info "(Using rsync for incremental updates and integrity checking)"
+
+    # Dry-run first to show what will change
+    log_info "Preview (dry-run):"
+    if ! sudo rsync -av --delete --checksum --dry-run "$CMS_DOCS_SITE_PATH/dist/" "$DOCS_DEPLOY_TARGET" 2>/dev/null | head -20; then
+        log_warn "⚠ rsync preview failed, attempting actual sync anyway"
+    fi
+
+    # Actual sync with verification
+    if sudo rsync -av --delete --checksum "$CMS_DOCS_SITE_PATH/dist/" "$DOCS_DEPLOY_TARGET"; then
+        log_info "✓ Files deployed (rsync: incremental, verified, cleaned up stale assets)"
+    else
+        log_err "✗ Deploy failed (check sudo permissions or rsync availability)"
+    fi
+
+    # Reload nginx (optional)
+    if command -v nginx >/dev/null 2>&1 && sudo nginx -t 2>/dev/null; then
+        if sudo nginx -s reload 2>/dev/null; then
+            log_info "✓ Nginx reloaded"
+        else
+            log_warn "⚠ Failed to reload nginx (may need manual: sudo nginx -s reload)"
+        fi
+    else
+        log_warn "⚠ nginx not found or not running"
+    fi
+
+    log_info "✓ Deploy complete: https://docs.clawdie.si"
+    return 0
+}
+
+# ────────────────────────────────────────────────────────────────────────────
+# Main
+# ────────────────────────────────────────────────────────────────────────────
+
+main() {
+    local action="${1:---all}"
+
+    check_prereqs
+
+    case "$action" in
+        --all)
+            log_info "Running full pipeline: push → pull → build → deploy"
+            stage_crowdin_push || exit 1
+            stage_crowdin_pull || exit 1
+            stage_astro_build || exit 1
+            stage_deploy || exit 1
+            log_section "Pipeline Complete"
+            log_info "✓ Docs published at https://docs.clawdie.si"
+            ;;
+        --push)
+            stage_crowdin_push || exit 1
+            ;;
+        --pull)
+            stage_crowdin_pull || exit 1
+            ;;
+        --build)
+            stage_crowdin_pull || exit 1
+            stage_astro_build || exit 1
+            ;;
+        --build-only)
+            stage_astro_build || exit 1
+            ;;
+        --deploy-only)
+            stage_deploy || exit 1
+            ;;
+        --status)
+            log_section "Crowdin Status"
+            check_crowdin_token && cd "$REPO_ROOT" && ./scripts/crowdin-sync.sh --status || log_warn "Crowdin token not available"
+            ;;
+        --help|-h)
+            echo "Three-Bird Docs Pipeline Orchestrator"
+            echo ""
+            echo "Usage: $0 {--all|--push|--pull|--build|--build-only|--deploy-only|--status}"
+            echo ""
+            echo "Stages:"
+            echo "  --push         Push English sources to Crowdin"
+            echo "  --pull         Pull translations from Crowdin"
+            echo "  --build        Pull translations + build Astro site"
+            echo "  --build-only   Build Astro site only (skip pull)"
+            echo "  --deploy-only  Deploy existing build"
+            echo "  --all          Full pipeline (push → pull → build → deploy)"
+            echo "  --status       Check Crowdin status only"
+            echo ""
+            echo "Environment variables:"
+            echo "  CROWDIN_PERSONAL_TOKEN  - Crowdin API token"
+            echo "  CMS_DOCS_SITE_PATH         - Path to Astro project (default: /home/clawdie/clawdie-docs)"
+            echo "  DOCS_DEPLOY_TARGET      - Deploy path (default: /usr/local/www/clawdie/docs)"
+            echo "  DOCS_MIN_COMPLETION    - Min % completion to deploy (default: 80)"
+            echo ""
+            exit 0
+            ;;
+        *)
+            log_err "Unknown action: $action (use --help for usage)"
+            ;;
+    esac
+}
+
+main "$@"
diff --git a/.agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh b/.agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh
new file mode 100755
index 0000000..558c7a2
--- /dev/null
+++ b/.agent/skills/docs-localization-pipeline/setup-clawdie-docs.sh
@@ -0,0 +1,377 @@
+#!/bin/sh
+# Setup Astro Starlight Docs Site
+# Creates the Astro project structure, configures Starlight, and sets up symlinks to Crowdin translations
+#
+# Usage:
+#   ./setup-clawdie-docs.sh              # Use default path /home/clawdie/clawdie-docs
+#   ./setup-clawdie-docs.sh /custom/path # Use custom installation path
+#
+# Prerequisites:
+#   - Node.js >=20, npm
+#   - Docs source at /home/clawdie/clawdie-ai/docs/public/
+#   - Crowdin translated dirs at /home/clawdie/clawdie-ai/docs/public/{en,de,hr,sr,ru,el,it,mk,sk,bs}
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+REPO_ROOT="$(cd "${SCRIPT_DIR}/../../.." && pwd)"
+ASTRO_PATH="${1:-/home/clawdie/clawdie-docs}"
+DOCS_SOURCE="${REPO_ROOT}/docs/public"
+
+log_info() { echo "[INFO] $1"; }
+log_err() { echo "[ERROR] $1" >&2; exit 1; }
+
+# ────────────────────────────────────────────────────────────────────────────
+# Verify prerequisites
+# ────────────────────────────────────────────────────────────────────────────
+
+if ! command -v node >/dev/null 2>&1; then
+    log_err "Node.js not found. Install with: pkg install node24"
+fi
+
+if ! command -v npm >/dev/null 2>&1; then
+    log_err "npm not found. Install with: pkg install npm-node24"
+fi
+
+if [ ! -d "$DOCS_SOURCE" ]; then
+    log_err "Docs source not found: $DOCS_SOURCE"
+fi
+
+log_info "Prerequisites OK"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create Astro project
+# ────────────────────────────────────────────────────────────────────────────
+
+if [ -d "$ASTRO_PATH" ]; then
+    log_info "Astro path already exists: $ASTRO_PATH"
+    log_info "Updating configuration (skipping npm install)..."
+    UPDATE_ONLY=1
+else
+    log_info "Creating Astro project at: $ASTRO_PATH"
+    mkdir -p "$ASTRO_PATH"
+fi
+
+cd "$ASTRO_PATH"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create package.json (minimal)
+# ────────────────────────────────────────────────────────────────────────────
+
+if [ ! -f package.json ] || [ -z "$UPDATE_ONLY" ]; then
+    log_info "Creating package.json..."
+    cat > package.json << 'EOF'
+{
+  "name": "clawdie-docs",
+  "version": "1.0.0",
+  "description": "Clawdie AI Documentation Site",
+  "type": "module",
+  "scripts": {
+    "dev": "astro dev",
+    "build": "astro build",
+    "preview": "astro preview"
+  },
+  "dependencies": {
+    "astro": "^4.13.0",
+    "@astrojs/starlight": "^0.23.0",
+    "typescript": "^5.0.0"
+  }
+}
+EOF
+    log_info "Installing dependencies..."
+    npm install
+fi
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create astro.config.mjs
+# ────────────────────────────────────────────────────────────────────────────
+
+log_info "Creating astro.config.mjs..."
+cat > astro.config.mjs << 'EOF'
+// astro.config.mjs
+import { defineConfig } from 'astro/config';
+import starlight from '@astrojs/starlight';
+
+export default defineConfig({
+  site: 'https://docs.clawdie.si',
+  integrations: [
+    starlight({
+      title: 'Clawdie AI',
+      description: 'Personal AI Assistant Documentation',
+      defaultLocale: 'sl',
+      locales: {
+        sl: {
+          label: '🇸🇮 Slovenščina',
+          lang: 'sl',
+        },
+        en: {
+          label: '🇬🇧 English',
+          lang: 'en',
+        },
+        de: {
+          label: '🇩🇪 Deutsch',
+          lang: 'de',
+        },
+        hr: {
+          label: '🇭🇷 Hrvatski',
+          lang: 'hr',
+        },
+        sr: {
+          label: '🇷🇸 Српски',
+          lang: 'sr',
+        },
+        ru: {
+          label: '🇷🇺 Русский',
+          lang: 'ru',
+        },
+        el: {
+          label: '🇬🇷 Ελληνικά',
+          lang: 'el',
+        },
+        it: {
+          label: '🇮🇹 Italiano',
+          lang: 'it',
+        },
+        mk: {
+          label: '🇲🇰 Македонски',
+          lang: 'mk',
+        },
+        sk: {
+          label: '🇸🇰 Slovenčina',
+          lang: 'sk',
+        },
+        bs: {
+          label: '🇧🇦 Bosanski',
+          lang: 'bs',
+        },
+      },
+      sidebar: [
+        {
+          label: 'Namestitev',
+          translations: {
+            en: 'Installation',
+            de: 'Installation',
+            hr: 'Instalacija',
+            sr: 'Инсталација',
+            ru: 'Установка',
+            el: 'Εγκατάσταση',
+            it: 'Installazione',
+            mk: 'Инсталација',
+            sk: 'Inštalácia',
+            bs: 'Instalacija',
+          },
+          items: [
+            {
+              slug: 'install',
+              label: 'Pregled',
+              translations: {
+                en: 'Overview',
+                de: 'Überblick',
+                hr: 'Pregled',
+                sr: 'Преглед',
+                ru: 'Обзор',
+              },
+            },
+            {
+              slug: 'install/requirements',
+              label: 'Zahteve',
+              translations: {
+                en: 'Requirements',
+                de: 'Anforderungen',
+                hr: 'Zahtjevi',
+              },
+            },
+            {
+              slug: 'install/install',
+              label: 'Namestitev',
+              translations: {
+                en: 'Installation',
+              },
+            },
+            {
+              slug: 'install/iso',
+              label: 'Clawdie-ISO',
+              translations: {
+                en: 'Clawdie-ISO',
+              },
+            },
+          ],
+        },
+        {
+          label: 'Arhitektura',
+          translations: {
+            en: 'Architecture',
+            de: 'Architektur',
+            hr: 'Arhitektura',
+            sr: 'Архитектура',
+            ru: 'Архитектура',
+          },
+          items: [
+            {
+              slug: 'architecture',
+              label: 'Pregled',
+              translations: {
+                en: 'Overview',
+              },
+            },
+            {
+              slug: 'architecture/jail-networking',
+              label: 'Jail Networking',
+            },
+            {
+              slug: 'architecture/bastille',
+              label: 'Bastille',
+            },
+            {
+              slug: 'architecture/controlplane',
+              label: 'Controlplane',
+            },
+          ],
+        },
+        {
+          label: 'Referenca',
+          translations: {
+            en: 'Reference',
+            de: 'Referenz',
+            hr: 'Referencija',
+            sr: 'Референца',
+            ru: 'Справка',
+          },
+          items: [
+            {
+              slug: 'reference',
+              label: 'Pregled',
+              translations: {
+                en: 'Overview',
+              },
+            },
+          ],
+        },
+      ],
+      social: {
+        github: 'https://codeberg.org/Clawdie/Clawdie-AI',
+      },
+      customCss: [],
+    }),
+  ],
+});
+EOF
+log_info "Created astro.config.mjs"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create directory structure
+# ────────────────────────────────────────────────────────────────────────────
+
+log_info "Creating directory structure..."
+mkdir -p src/content/docs
+mkdir -p src/content/i18n
+mkdir -p src/components
+mkdir -p src/styles
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create content config
+# ────────────────────────────────────────────────────────────────────────────
+
+log_info "Creating content collections config..."
+cat > src/content/config.ts << 'EOF'
+// src/content/config.ts
+import { docsLoader, i18nLoader } from '@astrojs/starlight/loaders';
+import { docsSchema, i18nSchema } from '@astrojs/starlight/schema';
+import { defineCollection } from 'astro:content';
+
+export const collections = {
+  docs: defineCollection({
+    loader: docsLoader(),
+    schema: docsSchema(),
+  }),
+  i18n: defineCollection({
+    loader: i18nLoader(),
+    schema: i18nSchema(),
+  }),
+};
+EOF
+log_info "Created src/content/config.ts"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create symlinks to translation directories
+# ────────────────────────────────────────────────────────────────────────────
+
+log_info "Setting up symlinks to Crowdin translations..."
+
+cd "src/content/docs"
+
+for lang in en de hr sr ru el it mk sk bs; do
+    if [ -L "$lang" ]; then
+        log_info "  $lang: symlink already exists"
+    elif [ -d "$lang" ]; then
+        log_info "  $lang: directory exists, removing for symlink..."
+        rm -rf "$lang"
+        ln -s "${DOCS_SOURCE}/${lang}" "$lang"
+        log_info "  $lang: created symlink"
+    else
+        log_info "  $lang: creating symlink..."
+        ln -s "${DOCS_SOURCE}/${lang}" "$lang" 2>/dev/null || log_err "Failed to create symlink for $lang"
+        log_info "  $lang: created"
+    fi
+done
+
+log_info "Symlinks created"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create i18n translations
+# ────────────────────────────────────────────────────────────────────────────
+
+cd "$ASTRO_PATH"
+
+log_info "Creating UI translations..."
+cat > src/content/i18n/sl.json << 'EOF'
+{
+  "search.label": "Iskanje",
+  "search.cancelLabel": "Prekini",
+  "themeSelect.accessibleLabel": "Izbira teme",
+  "tableOfContents.onThisPage": "Na tej strani"
+}
+EOF
+
+cat > src/content/i18n/en.json << 'EOF'
+{
+  "search.label": "Search",
+  "search.cancelLabel": "Cancel",
+  "themeSelect.accessibleLabel": "Select theme",
+  "tableOfContents.onThisPage": "On this page"
+}
+EOF
+
+cat > src/content/i18n/de.json << 'EOF'
+{
+  "search.label": "Suche",
+  "search.cancelLabel": "Abbrechen",
+  "themeSelect.accessibleLabel": "Thema wählen",
+  "tableOfContents.onThisPage": "Auf dieser Seite"
+}
+EOF
+
+log_info "Created i18n translations"
+
+# ────────────────────────────────────────────────────────────────────────────
+# Create tsconfig
+# ────────────────────────────────────────────────────────────────────────────
+
+log_info "Creating tsconfig.json..."
+cat > tsconfig.json << 'EOF'
+{
+  "extends": "astro/tsconfigs/strict"
+}
+EOF
+
+log_info "Setup complete!"
+log_info ""
+log_info "Next steps:"
+log_info "  1. cd $ASTRO_PATH"
+log_info "  2. npm run dev                    # Start dev server at http://localhost:4321"
+log_info "  3. npm run build                  # Build for production"
+log_info ""
+log_info "To sync translations from Crowdin first:"
+log_info "  cd ${REPO_ROOT}"
+log_info "  ./scripts/crowdin-sync.sh --pull  # Downloads translated docs"
+log_info ""
diff --git a/.agent/skills/freebsd-admin/SKILL.md b/.agent/skills/freebsd-admin/SKILL.md
new file mode 100644
index 0000000..b37cc77
--- /dev/null
+++ b/.agent/skills/freebsd-admin/SKILL.md
@@ -0,0 +1,92 @@
+---
+name: freebsd-admin
+description: Make host-level FreeBSD system changes for Clawdie. Use when changing rc.conf, sysctl state, service lifecycle, host routing, gateway_enable, bridge persistence, or other machine-wide settings that should stay outside the jail and VM-specific skills.
+---
+
+# FreeBSD Admin
+
+Use this skill for host-level administrative changes on the FreeBSD machine.
+
+This skill is intentionally separate from jail and VM skills. It owns system
+state, not workload-specific provisioning.
+
+Use it to decide what host state should exist. If the same change should become
+repeatable, hand execution off to `ansible-freebsd`.
+
+## Scope
+
+This skill covers:
+
+- `sysrc`
+- `service`
+- `sysctl`
+- `rsync` (file sync and deployment — see `/rsync` skill for patterns)
+- `gateway_enable`
+- host routing and forwarding state
+- persistent host resolver and network base state needed by Bastille jails
+- reboot-safe host persistence checks
+- host-side service identities needed for shared jail-mounted tooling
+- bhyve/VMM kernel module setup for VM support
+- RCTL kernel configuration for resource limits
+- host locale configuration (`~/.login_conf`, `cap_mkdb`)
+- FreeBSD base update reboot readiness and post-reboot validation
+
+This skill does not replace:
+
+- `nginx` or jail-specific service skills for workload-level changes
+- `service-restart` for targeted service lifecycle work
+- runtime/setup source docs for current jail bootstrap and bridge layout
+- `ansible-freebsd` for repeatable host execution
+- product- or VM-specific docs for guest design work
+
+## Privileged delegation boundary
+
+At runtime, privileged host operations from the agent go through
+`hostd` — a root daemon on `/var/run/<agent>-hostd.sock`. The agent
+user calls `hostd(op, params)` from `src/hostd/client.ts`; the daemon runs the
+whitelisted op handler as root.
+
+When making a one-off host change interactively (outside the agent runtime),
+use `sudo` directly as usual. When deciding whether a host change should become
+a hostd op, consider: will the agent need to trigger this at runtime without
+operator input? If yes, add it as a whitelisted op in `src/hostd/privileged-commands.ts`.
+
+For update-status questions, use the existing read-only hostd audit ops
+(`pkg-version`, `pkg-audit`, `freebsd-update-status`, `freebsd-version`) via
+the sysadmin update-report path. Do not expose `freebsd-update fetch` or run
+mutating update commands for a status report.
+
+## Tailscale controlplane exposure
+
+When the controlplane API/dashboard is only exposed on Tailscale:
+
+- allow `tailscale0` ingress to ports `3100` (direct API) and `443` (nginx proxy)
+- validate PF before reload (`sudo pfctl -nf /etc/pf.conf`) and then `sudo service pf reload`
+
+## Workflow
+
+1. Read `references/system-changes.md`
+2. Read `references/network-forwarding.md`
+3. If the host uses Tailscale or specialized DNS, read `references/resolver-baseline.md`
+4. Read `references/execution-modes.md`
+5. If the work should move into Ansible, read `references/ansible-handoff.md`
+6. If the host needs shared service identities, read `references/service-identities.md`
+7. If rollback matters before a change, read `references/rollback-patterns.md`
+8. If needed, read `references/validation.md`
+9. If configuring VM support or RCTL, read `references/bhyve-prerequisites.md`
+10. If setting host locale after onboarding, read `references/locale-setup.md`
+11. If memory budgeting for jails/VMs, read `references/memory-budget.md`
+12. If modifying `/boot/loader.conf`, read `references/loader-conf.md`
+13. If modifying `/etc/rc.conf`, read `references/rc-conf.md`
+14. If a FreeBSD base or package update may require reboot, read `references/freebsd-update-reboot.md`
+15. Prefer the scripts in `scripts/` for canonical host-side command bundles
+
+## Safe defaults
+
+- keep host state changes explicit and reversible
+- use `sysrc` for persistent changes
+- use `sysctl` for immediate runtime changes
+- validate after every host change before blaming Bastille or the jail
+- never reboot autonomously; capture state, explain why reboot is needed, and wait for explicit operator go-ahead
+- prefer Ansible once a host change stops being one-off and becomes standard ops
+- keep service-user UID/GID choices explicit when host-mounted jail paths depend on numeric ownership
diff --git a/.agent/skills/freebsd-admin/references/ansible-handoff.md b/.agent/skills/freebsd-admin/references/ansible-handoff.md
new file mode 100644
index 0000000..5b0ddf3
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/ansible-handoff.md
@@ -0,0 +1,42 @@
+# Ansible Handoff
+
+Use this file when a host-side FreeBSD fix should become repeatable through
+Ansible.
+
+## Current preferred playbooks
+
+- `infra/ansible/playbooks/base-host.yaml`
+- `infra/ansible/playbooks/host-preflight.yaml`
+
+## Promotion path
+
+1. prove the host command sequence manually
+2. keep the change host-scoped if it touches `rc.conf`, `sysctl`, PF, Bastille, or resolver state
+3. move the stable commands into the smallest matching playbook
+4. validate from the host, not from inside a jail
+
+## Good Ansible handoff candidates
+
+- `gateway_enable="YES"`
+- forwarding persistence
+- Bastille resolver baseline
+- host package baseline
+- `warden0` validation
+- PF include and reload validation
+- jail creation and bootstrap through `bastille` / `bastille cmd`
+
+## Not an Ansible handoff target by default
+
+- enabling jail `sshd`
+- creating an operator jail
+- resurrecting the removed operator-jail model
+- mixing host PF policy with app-level nginx design in one playbook
+
+## Next likely playbooks
+
+- `base-host.yaml`
+- `host-pf-baseline.yaml`
+- `git-jail-bootstrap.yaml`
+- `jail-cms-create.yaml`
+- `jail-cms-bootstrap.yaml`
+- `cms-strapi-bootstrap.yaml`
diff --git a/.agent/skills/freebsd-admin/references/bhyve-prerequisites.md b/.agent/skills/freebsd-admin/references/bhyve-prerequisites.md
new file mode 100644
index 0000000..5c6e3be
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/bhyve-prerequisites.md
@@ -0,0 +1,101 @@
+# Bhyve/VMM Prerequisites
+
+Required kernel modules and configuration for running bhyve VMs on the FreeBSD host.
+
+## Kernel Modules
+
+### Required (loader.conf)
+
+```bash
+# /boot/loader.conf
+vmm_load="YES"           # Hypervisor kernel module
+nmdm_load="YES"          # Null modem for VM serial console
+```
+
+### Verification
+
+```bash
+# Check if VMM is loaded
+kldstat | grep vmm
+
+# Check VMM capabilities
+sysctl hw.vmm
+
+# Check for VMX/SVM support
+dmesg | grep -iE "VMX|SVM|EPT"
+```
+
+## Resource Requirements
+
+| Resource  | Minimum | Recommended |
+| --------- | ------- | ----------- |
+| CPU cores | 2       | 4+          |
+| RAM       | 4GB     | 8GB+        |
+| Disk      | 20GB    | 50GB+       |
+
+## Nested Virtualization Notes
+
+If running on a KVM guest (nested virtualization):
+
+| Feature           | Works            |
+| ----------------- | ---------------- |
+| Headless VMs      | ✅               |
+| VNC/SPICE display | ✅               |
+| GPU passthrough   | ❌               |
+| Windows GUI VMs   | ✅ (via VNC/RDP) |
+
+## ZFS Dataset Layout
+
+Recommended structure for VM storage:
+
+```bash
+sudo zfs create -o mountpoint=/var/bhyve zroot/bhyve
+sudo zfs create -o mountpoint=/var/bhyve/disks zroot/bhyve/disks
+sudo zfs create -o mountpoint=/var/bhyve/iso zroot/bhyve/iso
+```
+
+## Networking Options
+
+### Option A: Share existing bridge
+
+```bash
+# Add VM tap interface to existing warden0 bridge
+ifconfig warden0 addm tap0
+```
+
+### Option B: Dedicated VM bridge
+
+```bash
+# /etc/rc.conf
+cloned_interfaces+="vm0"
+ifconfig_vm0="inet 10.0.2.1/24"
+```
+
+## RCTL Memory Limits for VMs
+
+Same RCTL kernel requirement as jail memory limits:
+
+```bash
+# /boot/loader.conf
+kern.racct.enable="1"
+```
+
+Apply limits to bhyve processes:
+
+```bash
+# Example: 4GB limit for a VM
+rctl -a process:bhyve:memoryuse:deny=4G
+```
+
+## Related Skills
+
+- `browser-vm` - Linux browser VM planning
+- `freebsd-admin` - Host-level changes
+- `warden-zfs` - ZFS dataset management
+
+## References
+
+- FreeBSD Handbook: [Virtualization](https://docs.freebsd.org/en/books/handbook/virtualization/)
+- bhyve(8)
+- vmm(4)
+- nmdm(4)
diff --git a/.agent/skills/freebsd-admin/references/execution-modes.md b/.agent/skills/freebsd-admin/references/execution-modes.md
new file mode 100644
index 0000000..c60577c
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/execution-modes.md
@@ -0,0 +1,45 @@
+# Execution Modes
+
+Use this file to decide whether a host change should stay a direct command or
+move into Ansible.
+
+## 1. Direct host mode
+
+Use direct commands when:
+
+- diagnosing a live problem
+- proving a fix for the first time
+- checking current host state
+- making a one-off emergency repair
+
+Examples:
+
+- `sysctl net.inet.ip.forwarding`
+- `service pf status`
+- `ifconfig warden0`
+- `sysrc gateway_enable="YES"`
+
+## 2. Ansible mode
+
+Use Ansible when:
+
+- the same host change will be repeated
+- the host baseline should become documented policy
+- the change belongs in standard host operations
+- validation should be reproducible
+
+Examples:
+
+- forwarding baseline
+- resolver baseline for Bastille
+- nginx package/service state
+- future repeatable host baseline or service-jail bootstrap
+
+## Rule of thumb
+
+1. inspect manually
+2. prove the fix
+3. codify it in Ansible if it should persist as standard practice
+
+Do not hide unexplained host behavior behind Ansible. Understand the host fix
+first, then automate it.
diff --git a/.agent/skills/freebsd-admin/references/freebsd-update-reboot.md b/.agent/skills/freebsd-admin/references/freebsd-update-reboot.md
new file mode 100644
index 0000000..101f001
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/freebsd-update-reboot.md
@@ -0,0 +1,95 @@
+# FreeBSD Base Update Reboot Handoff
+
+Use this reference after FreeBSD base or package updates, and whenever the
+operator asks whether a reboot is required.
+
+## Reboot-needed rule
+
+A reboot is required when the installed kernel/userland version is newer than
+the running kernel:
+
+```sh
+freebsd-version -k   # installed kernel
+freebsd-version -u   # installed userland
+uname -r             # running kernel
+```
+
+If `freebsd-version -k` or `freebsd-version -u` reports a newer patch level than
+`uname -r`, the update is staged but not fully active. Report that plainly and
+ask the operator for an explicit reboot go-ahead. Do not reboot autonomously.
+
+Example interpretation:
+
+```text
+freebsd-version -k: 15.0-RELEASE-p9
+freebsd-version -u: 15.0-RELEASE-p9
+uname -r:          15.0-RELEASE-p8
+```
+
+This means the system has p9 installed but is still running a p8 kernel. A reboot
+is required to complete the update.
+
+## Pre-reboot status capture
+
+Before recommending or handing off a reboot, capture enough state for the next
+agent/operator to compare after boot:
+
+```sh
+hostname
+freebsd-version -k
+freebsd-version -u
+uname -r
+/usr/sbin/service clawdie status
+/usr/sbin/service nginx status
+/usr/sbin/service postgresql status
+/usr/sbin/jls
+/sbin/pfctl -s info
+```
+
+Use absolute paths for base-system tools when the agent shell has a narrow PATH.
+Unprivileged agents may see permission errors for service internals, PostgreSQL,
+or PF. Record those as permission-limited checks rather than claiming the service
+is down.
+
+## Package/service considerations
+
+A same-major PostgreSQL package upgrade, such as `postgresql18-server` 18.3 →
+18.4, does not require dump/restore. It still benefits from a reboot or service
+restart so the new binaries are loaded.
+
+If `nginx`, `tailscale`, PostgreSQL, or other long-running daemons were upgraded,
+prefer a controlled reboot over piecemeal restarts unless the operator asks for a
+minimal-disruption restart plan.
+
+## Post-reboot verification
+
+After the operator confirms the host is back, verify:
+
+```sh
+freebsd-version -k
+freebsd-version -u
+uname -r
+/usr/sbin/service clawdie status
+/usr/sbin/service nginx status
+/usr/sbin/service postgresql status
+/usr/sbin/jls
+/sbin/pfctl -s info
+```
+
+Expected after a successful reboot: `freebsd-version -k`, `freebsd-version -u`,
+and `uname -r` all report the same patch level.
+
+Also verify application-specific readiness that matters for the current work:
+
+- Clawdie control plane reachable/running
+- Forgejo reachable if git work is active
+- jails are running (`cms`, `worker`, or whatever the host normally owns)
+- PF enabled and rules loaded
+- Tailscale reachable if remote agents depend on it
+
+## Vulnerability audit wording
+
+If `pkg audit` still reports vulnerable packages after an upgrade, do not imply
+the upgrade failed. Say that the applied upgrade completed, but unrelated
+packages remain vulnerable until fixed packages are available or the operator
+chooses a ports/package remediation path.
diff --git a/.agent/skills/freebsd-admin/references/loader-conf.md b/.agent/skills/freebsd-admin/references/loader-conf.md
new file mode 100644
index 0000000..9298fa3
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/loader-conf.md
@@ -0,0 +1,124 @@
+# /boot/loader.conf Settings
+
+Key loader.conf settings for Clawdie FreeBSD hosts.
+
+## Boot Behavior
+
+### `beastie_disable="YES"`
+
+**NOT related to Bastille jails!** Beastie is the FreeBSD mascot.
+
+| Setting                 | Effect                                  |
+| ----------------------- | --------------------------------------- |
+| `beastie_disable="YES"` | Skip graphical boot menu, boot directly |
+| `beastie_disable="NO"`  | Show beastie boot menu with options     |
+
+**Use `YES` for headless servers:**
+
+- No local display/monitor
+- Faster boot (no menu timeout)
+- Cleaner console output
+- Remote SSH management only
+
+**Use `NO` for:**
+
+- Workstations with local display
+- Systems that need boot menu access (single user mode, etc.)
+
+### `autoboot_delay="-1"`
+
+| Value | Behavior                         |
+| ----- | -------------------------------- |
+| `-1`  | No delay, boot immediately       |
+| `0`   | No delay, but check for keypress |
+| `N`   | Wait N seconds before booting    |
+
+### `console="comconsole,vidconsole"`
+
+Enables console output on both serial (`comconsole`) and video (`vidconsole`). Essential for headless servers with serial access.
+
+---
+
+## Kernel Modules
+
+### `zfs_load="YES"`
+
+Loads ZFS kernel module early in boot. Required for ZFS root pools.
+
+### `vmm_load="YES"`
+
+Loads bhyve hypervisor kernel module. Required for running VMs.
+
+### `nmdm_load="YES"`
+
+Loads null modem module for VM serial console access via `/dev/nmdm*`.
+
+---
+
+## Resource Management
+
+### `kern.racct.enable="1"`
+
+Enables RCTL (Resource Controls) for:
+
+- Jail memory limits (`rctl -a jail:name:memoryuse:deny=4G`)
+- Process-level resource constraints
+- VM memory limits
+
+**Requires reboot** to change. Cannot be toggled at runtime.
+
+### `vfs.zfs.arc_max="4294967296"`
+
+ZFS ARC (Adaptive Replacement Cache) maximum size in bytes.
+Example: `4294967296` = 4GB
+
+Set appropriately based on total RAM:
+
+- 8GB system: 2-3GB ARC
+- 16GB system: 4-6GB ARC
+- 32GB system: 8-12GB ARC
+
+---
+
+## Storage
+
+### `kern.geom.label.disk_ident.enable="0"`
+
+Disables GEOM disk identity labels. Prevents device name churn from disk identifiers.
+
+---
+
+## Example Full Configuration
+
+```
+# Storage
+zfs_load=YES
+kern.geom.label.disk_ident.enable=0
+
+# Boot behavior (headless server)
+autoboot_delay="-1"
+beastie_disable="YES"
+loader_logo="none"
+console="comconsole,vidconsole"
+
+# ZFS ARC limit (4GB)
+vfs.zfs.arc_max="4294967296"
+
+# Resource controls for jails/VMs
+kern.racct.enable=1
+
+# Bhyve virtualization
+vmm_load="YES"
+nmdm_load="YES"
+```
+
+---
+
+## Common Confusion: Beastie vs Bastille
+
+| Term         | What It Is                                                 |
+| ------------ | ---------------------------------------------------------- |
+| **Beastie**  | FreeBSD mascot (red daemon), boot menu                     |
+| **Bastille** | Jail management tool (`bastille create`, `bastille start`) |
+
+`beastie_disable="YES"` does **NOT** affect Bastille jails in any way.
diff --git a/.agent/skills/freebsd-admin/references/locale-setup.md b/.agent/skills/freebsd-admin/references/locale-setup.md
new file mode 100644
index 0000000..137a458
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/locale-setup.md
@@ -0,0 +1,95 @@
+# Host Locale Setup
+
+Set the operator locale on the FreeBSD host after onboarding selection.
+
+## Why login.conf, not /etc/profile
+
+FreeBSD does not use `/etc/environment` or `/etc/profile` for locale the way
+Linux does. The canonical mechanism is `login.conf`. Without it, every new
+session reverts to `C.UTF-8` regardless of what is in `.env`.
+
+## Pattern
+
+### User scope (no sudo required — default for Clawdie setup)
+
+```sh
+# 1. Write ~/.login_conf
+cat > ~/.login_conf << 'EOF'
+me:\
+	:charset=UTF-8:\
+	:lang=de_DE.UTF-8:
+EOF
+
+# 2. Rebuild the login.conf database
+cap_mkdb ~/.login_conf
+```
+
+### System-wide (requires root — only if the whole machine needs it)
+
+```sh
+# Edit /etc/login.conf — find the default: class and add:
+#   :lang=de_DE.UTF-8:\
+#   :charset=UTF-8:\
+sudo cap_mkdb /etc/login.conf
+```
+
+Prefer user scope for Clawdie deployments. Only use system-wide if multiple
+users share the machine and all need the same locale.
+
+## Activation
+
+`login.conf` changes take effect at the **next login or tmux server restart**.
+They do NOT change the current shell session automatically.
+
+Since Clawdie setup runs inside tmux, always tell the operator after locale change:
+
+> Respawn tmux to activate: `tmux kill-server && tmux`
+
+To verify after respawn:
+
+```sh
+locale
+# LANG=de_DE.UTF-8
+echo $LANG
+```
+
+## Soft approach (no respawn)
+
+When you cannot interrupt the session:
+
+```sh
+# Patch tmux server env — takes effect in new windows/panes
+tmux setenv -g LANG de_DE.UTF-8
+tmux setenv -g LC_ALL de_DE.UTF-8
+
+# Patch current pane immediately
+export LANG=de_DE.UTF-8
+export LC_ALL=de_DE.UTF-8
+```
+
+See `/tmux-screenshot` skill → Session Lifecycle for the full decision table.
+
+## Charset extraction
+
+The charset comes from the system locale string:
+
+| System locale | charset                           |
+| ------------- | --------------------------------- |
+| `de_DE.UTF-8` | `UTF-8`                           |
+| `it_IT.UTF-8` | `UTF-8`                           |
+| `sl_SI.UTF-8` | `UTF-8`                           |
+| `ru_RU.UTF-8` | `UTF-8`                           |
+| `C.UTF-8`     | neutral — do not write login.conf |
+
+If the locale is neutral (`C`, `POSIX`, `C.UTF-8`), skip writing `~/.login_conf`.
+Nothing useful to set.
+
+## Rollback
+
+To revert to the default neutral locale:
+
+```sh
+rm -f ~/.login_conf ~/.login_conf.db
+```
+
+New sessions will inherit `C.UTF-8` from the system default.
diff --git a/.agent/skills/freebsd-admin/references/memory-budget.md b/.agent/skills/freebsd-admin/references/memory-budget.md
new file mode 100644
index 0000000..f992d87
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/memory-budget.md
@@ -0,0 +1,77 @@
+# Host Memory Budget
+
+Total physical RAM: 12 GB
+
+## Allocation
+
+| Component                | Budget | Notes                                            |
+| ------------------------ | ------ | ------------------------------------------------ |
+| ZFS ARC                  | 4 GB   | `vfs.zfs.arc_max=4294967296` in loader.conf      |
+| Host OS + nginx + system | 1.5 GB | base system, sshd, tailscale, cron               |
+| git jail                 | 512 MB | local bare repositories, minimal service surface |
+| db jail                  | 1.5 GB | PostgreSQL 18 + pgvector                         |
+| cms jail                 | 1 GB   | Strapi + Astro builds                            |
+| Headroom                 | 2 GB   | burst capacity, agent processes                  |
+
+## Enforcement
+
+### ZFS ARC (enforced)
+
+Set live:
+
+```sh
+sudo sysctl vfs.zfs.arc_max=4294967296
+```
+
+Persisted in `/boot/loader.conf`:
+
+```
+vfs.zfs.arc_max="4294967296"  # 4 GB
+```
+
+### Jail memory limits (not yet enforced)
+
+`kern.racct.enable` is currently `0`. To enable RCTL-based jail memory limits:
+
+1. Add to `/boot/loader.conf`:
+   ```
+   kern.racct.enable="1"
+   ```
+2. Reboot
+3. Then set limits:
+   ```sh
+   rctl -a jail:git:memoryuse:deny=512M
+   rctl -a jail:db:memoryuse:deny=1536M
+   rctl -a jail:cms:memoryuse:deny=1G
+   ```
+
+Until RACCT is enabled, use application-level limits:
+
+- PostgreSQL: `shared_buffers = 384MB` in `postgresql.conf`
+- Strapi: `NODE_OPTIONS="--max-old-space-size=512"` in Strapi env
+- Astro builds: `NODE_OPTIONS="--max-old-space-size=512"` during build
+
+### Monitoring
+
+```sh
+# overall memory
+top -b -d 1 | head -10
+
+# ZFS ARC usage
+sysctl vfs.zfs.arc_max vfs.zfs.arc_min kstat.zfs.misc.arcstats.size
+
+# per-jail (requires RACCT)
+rctl -h jail:git
+rctl -h jail:db
+rctl -h jail:cms
+```
+
+## Future: RACCT enablement
+
+Enabling RACCT requires a reboot. Plan this during a maintenance window:
+
+1. ZFS snapshot all jails
+2. Add `kern.racct.enable="1"` to `/boot/loader.conf`
+3. Reboot
+4. Apply rctl rules
+5. Persist rules in `/etc/rctl.conf`
diff --git a/.agent/skills/freebsd-admin/references/network-forwarding.md b/.agent/skills/freebsd-admin/references/network-forwarding.md
new file mode 100644
index 0000000..68dc9eb
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/network-forwarding.md
@@ -0,0 +1,33 @@
+# Host Network Forwarding
+
+Use this file for the canonical forwarding change on the FreeBSD host.
+
+## Persistent setting
+
+```sh
+sudo sysrc gateway_enable="YES"
+```
+
+## Immediate runtime setting
+
+```sh
+sudo sysctl net.inet.ip.forwarding=1
+```
+
+## Validation
+
+```sh
+sysctl net.inet.ip.forwarding
+```
+
+Expected:
+
+- `net.inet.ip.forwarding: 1`
+
+## Why it matters
+
+VNET jails on `warden0` cannot route traffic through the host until forwarding
+is enabled.
+
+This is a host prerequisite. It is not a Bastille template issue and not a jail
+runtime bug.
diff --git a/.agent/skills/freebsd-admin/references/rc-conf.md b/.agent/skills/freebsd-admin/references/rc-conf.md
new file mode 100644
index 0000000..aa3b3b1
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/rc-conf.md
@@ -0,0 +1,211 @@
+# /etc/rc.conf Settings
+
+Key rc.conf settings for Clawdie FreeBSD hosts. Use `sysrc` to modify - never edit by hand in scripts.
+
+## Management Commands
+
+```bash
+# Read a value
+sysrc <key>
+
+# Set a value (idempotent)
+sysrc <key>=<value>
+
+# Check if set
+sysrc -c <key>
+
+# Show all values
+sysrc -a
+
+# Delete a key
+sysrc -x <key>
+```
+
+---
+
+## Required Settings by Category
+
+### System Core
+
+| Key          | Value            | Purpose           |
+| ------------ | ---------------- | ----------------- |
+| `hostname`   | `your.host.name` | System hostname   |
+| `zfs_enable` | `YES`            | Enable ZFS        |
+| `dumpdev`    | `AUTO`           | Crash dump device |
+
+### Networking
+
+| Key                     | Value                               | Purpose                     |
+| ----------------------- | ----------------------------------- | --------------------------- |
+| `gateway_enable`        | `YES`                               | IP forwarding for jails/VMs |
+| `cloned_interfaces`     | `bridge0`                           | Create bridge interface     |
+| `ifconfig_bridge0_name` | `warden0`                           | Rename to warden0           |
+| `ifconfig_warden0`      | `inet ${AGENT_SUBNET_BASE}.1/24 up` | Jail bridge gateway         |
+
+### Security
+
+| Key               | Value | Purpose                   |
+| ----------------- | ----- | ------------------------- |
+| `pf_enable`       | `YES` | Packet filter firewall    |
+| `sshd_enable`     | `YES` | SSH daemon                |
+| `sshd_rsa_enable` | `NO`  | Disable obsolete RSA keys |
+
+### Services
+
+| Key                       | Value | Purpose                  |
+| ------------------------- | ----- | ------------------------ |
+| `nginx_enable`            | `YES` | Reverse proxy            |
+| `tailscaled_enable`       | `YES` | Tailscale VPN (if used)  |
+| `qemu_guest_agent_enable` | `YES` | QEMU guest agent (if VM) |
+
+### Resource Management
+
+| Key           | Value | Purpose                 |
+| ------------- | ----- | ----------------------- |
+| `rctl_enable` | `YES` | RCTL for jail/VM limits |
+
+### Bastille/Jails
+
+| Key               | Value | Purpose               |
+| ----------------- | ----- | --------------------- |
+| `bastille_enable` | `YES` | Bastille jail manager |
+
+---
+
+## Clawdie Host Canonical rc.conf
+
+```sh
+# System
+hostname="your.host.name"
+zfs_enable="YES"
+dumpdev="AUTO"
+
+# Networking for jails
+gateway_enable="YES"
+cloned_interfaces="bridge0"
+ifconfig_bridge0_name="warden0"
+ifconfig_warden0="inet ${AGENT_SUBNET_BASE}.1/24 up"
+
+# Security
+sshd_enable="YES"
+sshd_rsa_enable="NO"
+pf_enable="YES"
+
+# Services
+nginx_enable="YES"
+rctl_enable="YES"
+
+# Optional (cloud/VM)
+qemu_guest_agent_enable="YES"
+tailscaled_enable="YES"
+```
+
+---
+
+## Validation Commands
+
+```bash
+# Check gateway enabled
+sysrc gateway_enable
+
+# Check bridge config
+sysrc -a | grep -E 'cloned_interfaces|warden0|bridge0'
+
+# Check all services
+sysrc -a | grep _enable
+
+# Verify forwarding runtime
+sysctl net.inet.ip.forwarding
+```
+
+---
+
+## Common Patterns
+
+### Add jail bridge networking
+
+```bash
+sudo sysrc gateway_enable="YES"
+sudo sysrc cloned_interfaces+="bridge0"
+sudo sysrc ifconfig_bridge0_name="warden0"
+sudo sysrc ifconfig_warden0="inet ${AGENT_SUBNET_BASE}.1/24 up"
+```
+
+### Enable a service
+
+```bash
+sudo sysrc nginx_enable="YES"
+```
+
+### Check before setting
+
+```bash
+# Idempotent - only sets if different
+sudo sysrc pf_enable="YES"
+# Output: pf_enable: NO -> YES
+```
+
+---
+
+## Jail rc.conf (Inside Jails)
+
+Jails have their own `/etc/rc.conf` with jail-specific settings:
+
+| Jail  | Key Settings                             |
+| ----- | ---------------------------------------- |
+| `db`  | `postgresql_enable=YES`                  |
+| `cms` | `strapi_enable=YES` (if service defined) |
+
+Modify jail rc.conf via:
+
+```bash
+sudo bastille cmd <jail> sysrc <key>=<value>
+```
+
+---
+
+## Related Files
+
+| File                    | Purpose                             |
+| ----------------------- | ----------------------------------- |
+| `/etc/defaults/rc.conf` | System defaults (don't edit)        |
+| `/etc/rc.conf`          | Host configuration                  |
+| `/etc/rc.conf.local`    | Local overrides (optional)          |
+| `/boot/loader.conf`     | Kernel module loading (before init) |
+
+---
+
+## Troubleshooting
+
+### Setting not persisting
+
+```bash
+# Check if in rc.conf
+grep <key> /etc/rc.conf
+
+# Check for typos
+sysrc -c <key>
+```
+
+### Service won't start
+
+```bash
+# Check if enabled
+sysrc <service>_enable
+
+# Check rc script exists
+ls /etc/rc.d/<service> /usr/local/etc/rc.d/<service>
+```
+
+### Network interface not created
+
+```bash
+# Check cloned_interfaces
+sysrc cloned_interfaces
+
+# Check ifconfig line
+sysrc ifconfig_<ifname>
+
+# Manually create
+ifconfig <ifname> create
+```
diff --git a/.agent/skills/freebsd-admin/references/resolver-baseline.md b/.agent/skills/freebsd-admin/references/resolver-baseline.md
new file mode 100644
index 0000000..3b453f6
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/resolver-baseline.md
@@ -0,0 +1,56 @@
+# Host Resolver Baseline
+
+Use this file when the host uses Tailscale DNS or another specialized resolver
+that should not be copied directly into Bastille jails.
+
+## Problem shape
+
+The host may legitimately use:
+
+```conf
+nameserver 100.100.100.100
+```
+
+through Tailscale MagicDNS.
+
+Real observed shape on this host:
+
+```conf
+# Generated by resolvconf
+search taile682b7.ts.net openstacklocal
+nameserver 100.100.100.100
+```
+
+That does not make it a good default resolver file for Warden VNET jails.
+
+## Recommended split
+
+- host keeps its own resolver model
+- Bastille jails use a dedicated resolver file
+
+Recommended file:
+
+```sh
+/usr/local/etc/bastille/resolv.conf
+```
+
+Recommended contents:
+
+```conf
+nameserver 1.1.1.1
+nameserver 9.9.9.9
+```
+
+Then set:
+
+```sh
+bastille_resolv_conf="/usr/local/etc/bastille/resolv.conf"
+```
+
+in `/usr/local/etc/bastille/bastille.conf`.
+
+## Why
+
+- avoids leaking host-specific DNS assumptions into jails
+- keeps jail network debugging simpler
+- avoids treating a host Tailscale resolver as a jail prerequisite
diff --git a/.agent/skills/freebsd-admin/references/rollback-patterns.md b/.agent/skills/freebsd-admin/references/rollback-patterns.md
new file mode 100644
index 0000000..122dc54
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/rollback-patterns.md
@@ -0,0 +1,95 @@
+# Rollback Patterns
+
+Use this file when a host change needs a simple reversal path before more work
+continues.
+
+## Rule
+
+Prefer the smallest rollback that returns the host to the last known-good state.
+Do not mix unrelated host rollback steps into one big command bundle.
+
+## `sysrc`
+
+Check current value:
+
+```sh
+sysrc gateway_enable
+```
+
+Revert:
+
+```sh
+sudo sysrc gateway_enable=NO
+```
+
+## `sysctl`
+
+Check live value:
+
+```sh
+sysctl net.inet.ip.forwarding
+```
+
+Revert live state:
+
+```sh
+sudo sysctl net.inet.ip.forwarding=0
+```
+
+## nginx
+
+Validate before reload:
+
+```sh
+sudo nginx -t
+```
+
+Reload:
+
+```sh
+sudo service nginx reload
+```
+
+If a config change was bad:
+
+1. restore the previous vhost or config file
+2. run `sudo nginx -t`
+3. reload nginx again
+
+## `pf`
+
+Always syntax check first:
+
+```sh
+sudo pfctl -nf /etc/pf.conf
+```
+
+Reload:
+
+```sh
+sudo service pf reload
+```
+
+If the new rules are bad:
+
+1. restore the previous `pf.conf` or include file
+2. run `sudo pfctl -nf /etc/pf.conf`
+3. reload again
+
+## Bastille resolver baseline
+
+If a jail resolver baseline caused confusion:
+
+1. restore the previous `/usr/local/etc/bastille/resolv.conf`
+2. check `/usr/local/etc/bastille/bastille.conf`
+3. restart only the affected jail
+
+## Loader and reboot-bound changes
+
+For `/boot/loader.conf` or RACCT changes:
+
+1. record the previous line before editing
+2. keep the change isolated in one commit or one operator step
+3. schedule reboot-bound rollback separately from runtime rollback
+
+These changes are not the same class as a `sysctl` or `service reload`.
diff --git a/.agent/skills/freebsd-admin/references/service-identities.md b/.agent/skills/freebsd-admin/references/service-identities.md
new file mode 100644
index 0000000..49bdc92
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/service-identities.md
@@ -0,0 +1,72 @@
+# Service Identities
+
+Use this file when a host-level service account must match ownership on a
+host-mounted jail path.
+
+## Why this matters
+
+Host-mounted jail paths use numeric ownership.
+
+That means:
+
+- matching usernames alone are not enough
+- host and jail must agree on UID/GID when they share mounted storage
+- ownership bugs are easier to prevent than to repair later
+
+## Current standard shared tool identity
+
+For shared promoted Node.js tooling, standardize:
+
+```text
+user: node
+group: node
+uid: 3000
+gid: 3000
+home: /var/db/node
+shell: /usr/sbin/nologin
+```
+
+This identity should exist on:
+
+- the FreeBSD host
+- any persistent jail that mounts and executes the shared prefix
+
+Current likely candidate:
+
+- `cms`
+
+## Shared prefix model
+
+Shared dataset:
+
+```text
+zroot/clawdie-runtime/shared/npm-global
+```
+
+Mounted path inside a consuming jail:
+
+```text
+/opt/npm
+```
+
+Ownership:
+
+```text
+node:node
+3000:3000
+```
+
+## Host-side commands
+
+```sh
+pw groupshow node >/dev/null 2>&1 || pw groupadd node -g 3000
+pw usershow node >/dev/null 2>&1 || pw useradd node -u 3000 -g 3000 -d /var/db/node -m -s /usr/sbin/nologin -c "Shared npm tool owner"
+install -d -o 3000 -g 3000 -m 755 /var/db/node
+```
+
+## Safe defaults
+
+- keep the interactive operator separate from the shared tool owner
+- keep `/opt/npm` owned by `node:node`
+- keep host-mounted shared prefixes explicit
+- do not assume every jail needs this identity
diff --git a/.agent/skills/freebsd-admin/references/system-changes.md b/.agent/skills/freebsd-admin/references/system-changes.md
new file mode 100644
index 0000000..2f1cabd
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/system-changes.md
@@ -0,0 +1,19 @@
+# Host System Changes
+
+Use this file when deciding whether a change belongs to the host.
+
+## Host-owned changes
+
+Examples:
+
+- `gateway_enable="YES"`
+- `net.inet.ip.forwarding=1`
+- `service pf restart`
+- `service netif restart`
+- `sysrc ifconfig_bridge0_name="warden0"`
+
+## Why this separation matters
+
+- host failures should not be misdiagnosed as jail failures
+- agents need one place for machine-wide state changes
+- Warden skills should focus on their domain instead of becoming generic host admin guides
diff --git a/.agent/skills/freebsd-admin/references/validation.md b/.agent/skills/freebsd-admin/references/validation.md
new file mode 100644
index 0000000..380ed7e
--- /dev/null
+++ b/.agent/skills/freebsd-admin/references/validation.md
@@ -0,0 +1,26 @@
+# Host Validation
+
+Use this file after making host-side changes.
+
+## Canonical checks
+
+```sh
+/sbin/sysctl net.inet.ip.forwarding
+/sbin/ifconfig warden0
+/usr/sbin/service pf status
+/usr/sbin/jls
+/sbin/zpool status
+/sbin/zdb -C zroot | grep ashift
+```
+
+Use absolute paths for FreeBSD base-system tools when an agent shell has a
+minimal PATH. If a status command fails with `Permission denied`, record the
+permission boundary instead of treating it as proof that the service is down.
+
+## Interpretation
+
+- forwarding off: host routing problem
+- `warden0` missing: host bridge persistence problem
+- `pf` stopped: NAT/filtering not active
+- jail missing: not a host forwarding problem, go back to `warden-bootstrap`
+- suspicious `ashift`: storage validation problem for database workloads
diff --git a/.agent/skills/freebsd-admin/scripts/render_forwarding_commands.sh b/.agent/skills/freebsd-admin/scripts/render_forwarding_commands.sh
new file mode 100755
index 0000000..8da73c6
--- /dev/null
+++ b/.agent/skills/freebsd-admin/scripts/render_forwarding_commands.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -eu
+
+cat <<'EOF'
+sudo sysrc gateway_enable="YES"
+sudo sysctl net.inet.ip.forwarding=1
+sysctl net.inet.ip.forwarding
+EOF
diff --git a/.agent/skills/freebsd-admin/scripts/render_host_validation.sh b/.agent/skills/freebsd-admin/scripts/render_host_validation.sh
new file mode 100755
index 0000000..b7c24e7
--- /dev/null
+++ b/.agent/skills/freebsd-admin/scripts/render_host_validation.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -eu
+
+cat <<'EOF'
+sysctl net.inet.ip.forwarding
+ifconfig warden0
+service pf status
+jls
+EOF
diff --git a/.agent/skills/git-branch-protect/SKILL.md b/.agent/skills/git-branch-protect/SKILL.md
new file mode 100644
index 0000000..97b12f3
--- /dev/null
+++ b/.agent/skills/git-branch-protect/SKILL.md
@@ -0,0 +1,65 @@
+---
+name: git-branch-protect
+description: Check or apply branch protection rules — verify main is protected, create hotfix branches
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Protect branch'
+  - 'Branch protection'
+  - 'Check branch rules'
+  - 'Create hotfix branch'
+  - 'Lock main branch'
+estimated_tokens: 200-400
+---
+
+# git-branch-protect
+
+Check branch protection status and create protected branches (e.g. hotfix
+branches). Does not modify Codeberg's remote protection rules — those require
+operator access to Codeberg UI.
+
+## Check Local Protection
+
+```bash
+cd $AGENT_REPO_DIR
+
+# What hooks are configured?
+ls -la .git/hooks/
+
+# Check current branch policies
+git config --list | grep -E "branch|push"
+```
+
+## Create Hotfix Branch
+
+```bash
+cd $AGENT_REPO_DIR
+
+# From a specific tag
+git fetch local --tags
+git checkout -b hotfix/security-patch v0.10.0
+git push local hotfix/security-patch
+
+# Verify
+git log --oneline hotfix/security-patch ^main | head -5
+```
+
+## Remote Protection (Codeberg)
+
+Branch protection rules on Codeberg (require PR review, no force push) must be
+set in the Codeberg UI:
+
+```
+Settings → Branches → Add rule → main → Require pull request
+```
+
+Escalate to operator to configure remote protection.
+
+## When to Use
+
+- Creating a hotfix branch from a previous stable tag
+- Verifying local git config is secure before a release
+
+## Escalate If
+
+- Remote branch protection rules are missing → escalate to operator to configure via Codeberg UI
+- Force push to main is requested → always escalate, never do it without explicit operator instruction
diff --git a/.agent/skills/git-merge/SKILL.md b/.agent/skills/git-merge/SKILL.md
new file mode 100644
index 0000000..0324a39
--- /dev/null
+++ b/.agent/skills/git-merge/SKILL.md
@@ -0,0 +1,88 @@
+---
+name: git-merge
+description: Merge a branch into a target branch — detects conflicts and escalates rather than auto-resolving
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Merge PR *'
+  - 'Merge * into *'
+  - 'Merge branch'
+  - 'Merge pull request'
+estimated_tokens: 500-1500
+---
+
+# git-merge
+
+Merge a source branch into a target branch. If conflicts are detected, **stop
+and escalate** — never auto-resolve.
+
+## Remotes
+
+| Name       | URL                          | Purpose            |
+| ---------- | ---------------------------- | ------------------ |
+| `local`    | `$GIT_LOCAL_URL` (git jail)  | Default push/pull  |
+| `upstream` | `$REMOTE_GIT_URL` (Codeberg) | Explicit sync only |
+
+## Usage
+
+```bash
+cd $AGENT_REPO_DIR
+
+# Fetch latest from local
+git fetch local
+
+# Checkout target branch
+git checkout main
+git pull --rebase local main
+
+# Merge source branch
+git merge --no-ff feature/my-branch
+
+# Check for conflicts
+git status
+```
+
+## Happy Path Output
+
+```
+Merge made by the 'ort' strategy.
+ src/index.ts | 42 ++++++++++
+ 1 file changed, 42 insertions(+)
+Merged commit: abc123def
+```
+
+## Conflict Output (escalate immediately)
+
+```
+CONFLICT (content): Merge conflict in src/index.ts
+Automatic merge failed; fix conflicts and then commit the result.
+```
+
+If conflicts → `git merge --abort` → post `approval_request` with:
+
+- Which files have conflicts
+- What changed on each side (brief summary)
+- Suggested resolution approaches
+
+## After Merge
+
+```bash
+# Push merged result to local
+git push local main
+```
+
+## Safety Rules
+
+- Never force-push (`--force`) without explicit operator instruction
+- Never `git reset --hard` without explicit operator instruction
+- Always verify CI is green on source branch before merging
+
+## When to Use
+
+- Explicit request from operator with branch name and target
+- Never run autonomously on `main` without task assignment
+
+## Escalate If
+
+- Any merge conflict → always escalate
+- Target is `main` → post approval_request regardless of conflicts
+- CI failing on source branch → block merge, escalate to operator
diff --git a/.agent/skills/git-pull/SKILL.md b/.agent/skills/git-pull/SKILL.md
new file mode 100644
index 0000000..7578f49
--- /dev/null
+++ b/.agent/skills/git-pull/SKILL.md
@@ -0,0 +1,84 @@
+---
+name: git-pull
+description: Pull latest changes from local git jail with rebase strategy — safe, no merge commits
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Pull latest'
+  - 'Pull from origin'
+  - 'Pull from local'
+  - 'Update repo'
+  - 'Sync from local'
+  - 'Get latest changes'
+estimated_tokens: 200-300
+---
+
+# git-pull
+
+Pull latest changes from the local git jail using rebase. Never creates merge
+commits on main.
+
+## Architecture
+
+The **local git jail** is the primary remote. Agents always pull from `local`
+first. The Codeberg `upstream` remote is for explicit sync only.
+
+```
+upstream (Codeberg) → local (git jail) → agent working copy
+```
+
+## Remotes
+
+| Name       | URL                          | Purpose            |
+| ---------- | ---------------------------- | ------------------ |
+| `local`    | `$GIT_LOCAL_URL` (git jail)  | Default push/pull  |
+| `upstream` | `$REMOTE_GIT_URL` (Codeberg) | Explicit sync only |
+
+## Usage
+
+```bash
+cd $AGENT_REPO_DIR
+
+# Pull from local git jail (default)
+git pull --rebase local main
+
+# Verify
+git log --oneline -5
+```
+
+## Pull from Codeberg (explicit)
+
+Only when instructed to sync from upstream:
+
+```bash
+git fetch upstream
+git pull --rebase upstream main
+# Then push to local so other agents see it:
+git push local main
+```
+
+## Output
+
+```
+Current branch main is up to date.
+-- or --
+Successfully rebased and updated refs/heads/main.
+3 commits pulled: abc123, def456, ghi789
+```
+
+## Safety Rules
+
+- Always use `--rebase` (not default merge pull) to keep history clean
+- Never run if there are uncommitted local changes
+- Check `git status` first — if working tree is dirty, escalate
+
+## When to Use
+
+- Before starting any new work
+- As part of release preparation (`git-release-tag`)
+- Scheduled sync (weekly via Git Admin)
+
+## Escalate If
+
+- Rebase fails due to conflicts → escalate to operator
+- Local commits exist that aren't on local remote → escalate (unexpected divergence)
+- `GIT_LOCAL_URL` not set → check `$AGENT_REPO_DIR/.env` or ask operator
diff --git a/.agent/skills/git-push-mirror/SKILL.md b/.agent/skills/git-push-mirror/SKILL.md
new file mode 100644
index 0000000..6484fa9
--- /dev/null
+++ b/.agent/skills/git-push-mirror/SKILL.md
@@ -0,0 +1,71 @@
+---
+name: git-push-mirror
+description: Push to upstream Codeberg mirror from local git jail and verify sync
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Push to mirror'
+  - 'Push to Codeberg'
+  - 'Sync to upstream'
+  - 'Mirror repository'
+  - 'Push upstream'
+estimated_tokens: 300-500
+---
+
+# git-push-mirror
+
+Push the local git jail repository to the upstream Codeberg mirror and verify
+the push succeeded.
+
+## Architecture
+
+```
+Agent working copy → local (git jail, $GIT_LOCAL_URL) → upstream (Codeberg, $REMOTE_GIT_URL)
+```
+
+Agents push to `local` by default (the git jail). Codeberg sync is explicit
+and on-demand via this skill.
+
+## Remotes
+
+| Name       | URL                          | Purpose            |
+| ---------- | ---------------------------- | ------------------ |
+| `local`    | `$GIT_LOCAL_URL` (git jail)  | Default push/pull  |
+| `upstream` | `$REMOTE_GIT_URL` (Codeberg) | Explicit sync only |
+
+## Usage
+
+```bash
+cd $AGENT_REPO_DIR
+
+# First ensure local is up to date
+git push local main --tags
+
+# Then push to upstream (Codeberg)
+git push upstream main --tags
+
+# Verify sync
+git ls-remote upstream HEAD
+git rev-parse HEAD
+# Both should show same commit hash
+```
+
+## Branch Model
+
+- `main` — shared base, mirrors Codeberg upstream
+- `${AGENT_NAME}` — this agent's working branch (e.g. `mevy`)
+- Other agent branches — read-only unless explicitly merging
+
+When pushing upstream, push the branch the operator requests. Do not force-push
+unless explicitly instructed.
+
+## When to Use
+
+- After a release tag is created
+- After major commits the operator wants backed up to Codeberg
+- Explicit "push to Codeberg" instruction from operator
+
+## Escalate If
+
+- Push fails with auth error → SSH key or token may need refresh
+- Upstream is behind by >100 commits → investigate why sync stopped
+- Force push requested on `main` — always escalate for confirmation
diff --git a/.agent/skills/git-push-upstream/SKILL.md b/.agent/skills/git-push-upstream/SKILL.md
new file mode 100644
index 0000000..62970d3
--- /dev/null
+++ b/.agent/skills/git-push-upstream/SKILL.md
@@ -0,0 +1,71 @@
+---
+name: git-push-upstream
+description: Push current branch to Codeberg upstream — explicit one-way sync from local to public mirror
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Push to Codeberg'
+  - 'Push to upstream'
+  - 'Sync to Codeberg'
+  - 'Publish to upstream'
+  - 'Backup to upstream'
+estimated_tokens: 200-400
+---
+
+# git-push-upstream
+
+Push the current branch from the local git jail to the Codeberg upstream
+mirror. This is an **explicit, one-way sync** — it does not run automatically.
+
+## Architecture
+
+```
+Agent working copy → local (git jail) → upstream (Codeberg)
+```
+
+All agent work targets `local` (the git jail) by default. This skill is for
+when the operator explicitly wants commits on Codeberg.
+
+## Remotes
+
+| Name       | URL                          | Purpose            |
+| ---------- | ---------------------------- | ------------------ |
+| `local`    | `$GIT_LOCAL_URL` (git jail)  | Default push/pull  |
+| `upstream` | `$REMOTE_GIT_URL` (Codeberg) | Explicit sync only |
+
+## Usage
+
+```bash
+cd $AGENT_REPO_DIR
+
+# Ensure local is up to date first
+git push local HEAD
+
+# Push current branch to upstream
+git push upstream HEAD
+
+# Push all tags
+git push upstream --tags
+
+# Verify
+git ls-remote upstream HEAD
+git rev-parse HEAD
+```
+
+## Safety Rules
+
+- Always push to `local` first, then to `upstream`
+- Never force-push to upstream without explicit operator instruction
+- Check `git log --oneline local..upstream/main` to see what will be pushed
+- If upstream is ahead, pull and rebase first
+
+## When to Use
+
+- Operator explicitly requests "push to Codeberg"
+- After a release tag is created (usually paired with `git-release-tag`)
+- Periodic backup of important work
+
+## Escalate If
+
+- Push rejected (upstream ahead) → pull --rebase first, then retry
+- Auth failure → SSH key or deploy token may need refresh, escalate to operator
+- Force push requested on `main` → always escalate for confirmation
diff --git a/.agent/skills/git-release-tag/SKILL.md b/.agent/skills/git-release-tag/SKILL.md
new file mode 100644
index 0000000..d354891
--- /dev/null
+++ b/.agent/skills/git-release-tag/SKILL.md
@@ -0,0 +1,73 @@
+---
+name: git-release-tag
+description: Create an annotated git tag for a release and push to local + upstream
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - 'Tag version *'
+  - 'Tag release *'
+  - 'Create release'
+  - 'Release v*'
+  - 'Tag and release'
+estimated_tokens: 300-500
+---
+
+# git-release-tag
+
+Create an annotated git tag and push to local (git jail) and upstream
+(Codeberg). Verifies CHANGELOG.md is updated before tagging.
+
+## Remotes
+
+| Name       | URL                          | Purpose            |
+| ---------- | ---------------------------- | ------------------ |
+| `local`    | `$GIT_LOCAL_URL` (git jail)  | Default push/pull  |
+| `upstream` | `$REMOTE_GIT_URL` (Codeberg) | Explicit sync only |
+
+## Pre-Tag Checklist
+
+1. Is `CHANGELOG.md` updated with an entry for this version?
+2. Is `package.json` `version` field updated?
+3. Is the target commit on `main` (not a feature branch)?
+
+If any are missing → escalate to operator before tagging.
+
+## Usage
+
+```bash
+cd $AGENT_REPO_DIR
+
+# Create annotated tag
+git tag -a v0.11.0 -m "v0.11.0"
+
+# Push tag to local (git jail)
+git push local v0.11.0
+
+# Push tag to upstream (Codeberg)
+git push upstream v0.11.0
+```
+
+## Output
+
+```
+Tag v0.11.0 created at commit abc123def
+Pushed to local (git jail)
+Pushed to upstream (codeberg.org:Clawdie/Clawdie-AI)
+```
+
+## Naming Convention
+
+- Format: `v{MAJOR}.{MINOR}.{PATCH}` (semver)
+- Examples: `v0.11.0`, `v1.0.0`, `v1.2.3`
+- Only tag on minor/major bumps — patches don't get tagged (see AGENTS.md)
+
+## When to Use
+
+- After CHANGELOG.md and package.json are updated
+- After all tests pass on main
+- Explicit release instruction from operator
+
+## Escalate If
+
+- CHANGELOG not updated → escalate to operator to write entry first
+- package.json version not bumped → escalate to operator
+- Tagging a commit that isn't on main → escalate for confirmation
diff --git a/.agent/skills/jail-status/SKILL.md b/.agent/skills/jail-status/SKILL.md
new file mode 100644
index 0000000..0836e39
--- /dev/null
+++ b/.agent/skills/jail-status/SKILL.md
@@ -0,0 +1,53 @@
+---
+name: jail-status
+description: Check status of one or all Bastille jails — running, stopped, uptime, CPU, RAM
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Check if * jail is running"
+  - "Is * jail up"
+  - "Is * up"
+  - "Jail status"
+  - "Are jails running"
+  - "Check * health"
+estimated_tokens: 300-500
+---
+
+# jail-status
+
+Check the status of FreeBSD jails managed by Bastille.
+
+## Usage
+
+```bash
+# All jails
+bastille list
+
+# Specific jail
+bastille list | grep <jail-name>
+
+# Detailed resource usage
+rctl -hu jail:<jail-name>
+```
+
+## Output
+
+```
+JID  IP Address      Hostname        Path
+ 5   10.0.1.5        clawdie-db      /usr/local/bastille/jails/clawdie-db/root
+ 6   10.0.1.3        clawdie-cms     /usr/local/bastille/jails/clawdie-cms/root
+ 7   10.0.1.2        clawdie-git     /usr/local/bastille/jails/clawdie-git/root
+```
+
+Treat the above as a shape example, not a hardcoded truth. Resolve live jail
+names and IPs from `bastille list` and the current jail registry.
+
+## When to Use
+
+- Daily Sysadmin heartbeat: check all critical jails
+- After host reboot: verify jails came back up
+- When DB/CMS/Git is unreachable: confirm jail is running before deeper diagnosis
+
+## Escalate If
+
+- A jail is stopped unexpectedly → `service-restart` skill or escalate to CEO
+- A jail shows high CPU/RAM → report to CEO for capacity review
diff --git a/.agent/skills/llama-cpp-embeddings/SKILL.md b/.agent/skills/llama-cpp-embeddings/SKILL.md
new file mode 100644
index 0000000..127e0c8
--- /dev/null
+++ b/.agent/skills/llama-cpp-embeddings/SKILL.md
@@ -0,0 +1,67 @@
+---
+name: llama-cpp-embeddings
+description: Embedding configuration for Clawdie's pgvector memory. Currently uses OpenRouter (BAAI/bge-m3, 1024 dims). The llamacpp jail runs a chat model (GLM-5.1), NOT an embedding model. Triggers on "embeddings", "llama.cpp", "bge-m3", "pgvector setup", "embed".
+---
+
+# Embeddings — Current Setup
+
+## Active configuration (as of 2026-03-29)
+
+Embeddings are handled by **OpenRouter**, not the local llamacpp jail.
+
+```sh
+EMBED_BASE_URL=https://openrouter.ai/api/v1
+EMBED_MODEL=BAAI/bge-m3
+EMBED_DIMENSIONS=1024
+EMBED_API_KEY=<OPENROUTER_API_KEY>
+```
+
+DB schema: `vector(1024)` in `memory_embeddings.embedding` column.
+
+**Why not local llamacpp?** The llamacpp jail runs a chat model (GLM-5.1 via z.ai).
+A chat model returns 501 for `/v1/embeddings` — it does not support the embeddings
+endpoint. Running a separate embedding model in the llamacpp jail is possible but
+was deprioritised in favour of OpenRouter for reliability.
+
+## Verify embeddings are working
+
+```sh
+curl -s -X POST https://openrouter.ai/api/v1/embeddings \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer $OPENROUTER_API_KEY" \
+  -d '{"model":"BAAI/bge-m3","input":"test"}' | jq '.data[0].embedding | length'
+# Should print: 1024
+```
+
+## DB schema dimension
+
+The `memory_embeddings` table uses `vector(1024)`. If you change the embedding
+model to one with different dimensions, you must drop and recreate the table:
+
+```sql
+DROP TABLE memory_embeddings;
+-- then re-run schema migration to recreate with correct vector(N)
+```
+
+Embeddings are regenerated from stored text — no source data is lost.
+
+## Fallback: FTS-only mode
+
+Set `EMBED_BASE_URL=` (empty) to disable embeddings entirely.
+Memory search falls back to full-text search (tsvector). Quality is lower
+but the system works. Re-enable later by setting the URL and restarting.
+
+## Future: local embedding model in llamacpp jail
+
+To run embeddings locally, the llamacpp jail would need a **separate** llama-server
+instance running in `--embedding` mode with a dedicated embedding model (e.g.
+`nomic-embed-text-v1.5`, 768 dims, or `BAAI/bge-m3` with `--embedding` flag).
+
+Key constraints:
+
+- Cannot reuse the chat server process — embedding mode and chat mode are mutually exclusive
+- Must run on a different port (e.g. 8081 for chat, 8082 for embed)
+- DB schema dimension must match the model (768 for nomic, 1024 for bge-m3)
+- All existing embeddings must be regenerated if switching models
+
+Until this is needed, use OpenRouter.
diff --git a/.agent/skills/network-throughput/SKILL.md b/.agent/skills/network-throughput/SKILL.md
new file mode 100644
index 0000000..a682b05
--- /dev/null
+++ b/.agent/skills/network-throughput/SKILL.md
@@ -0,0 +1,538 @@
+---
+name: network-throughput
+description: Run a clean osa-to-debby HTTPS network throughput test with packet captures, counters, cleanup, and Hermes graph-ready artifacts
+compatibility: FreeBSD 15.x server, Linux client
+invoke_patterns:
+  - "Run throughput test"
+  - "Run network throughput test"
+  - "Test download speed"
+  - "Capture pcaps on both sides"
+  - "Diagnose image download"
+  - "Network throughput test"
+  - "Network troughput test"
+estimated_tokens: 1400-2200
+---
+
+# network-throughput
+
+Run one clean HTTPS image download from osa FreeBSD server to debby, with packet capture and counters on both sides, to separate PF/PMTU/MSS/server behavior from access-path/bufferbloat behavior.
+
+Main rule:
+
+> One download. Captures first. No overwrite. Summaries first. Cleanup after.
+
+## Definitions
+
+Record these before the run so there is no ambiguity:
+
+- `client`: debby
+- `client network`: house Wi-Fi | hotspot | wired | other
+- `server`: osa.smilepowered.org
+- `server public IP`: 51.83.197.148
+- `server Tailscale IP`: 100.72.229.63
+- `URL`: exact image URL under test
+- `downloader`: curl or wget only; prefer curl with `--http1.1`
+
+Terminology:
+
+- "osa hotspot" means the phone hotspot/mobile Wi-Fi path.
+- "osa server" means `osa.smilepowered.org`, FreeBSD 15, public `51.83.197.148`, Tailscale `100.72.229.63`.
+
+## Safety Rules
+
+- Ask before starting any privileged capture or firewall-visible test.
+- Use one test download only. Do not run Firefox/browser downloads in parallel.
+- On FreeBSD/Clawdie, use project-local scratch directories, not system `/tmp` or `/var/tmp`.
+- On Linux/debby/Hermes, prefer `~/.local/state/hermes/net-tests/`; project-root `tmp/` is also acceptable when running inside a specific repo.
+- On Linux/debby/Hermes, root `tcpdump` may stage in `/tmp/osa-pcap-$TEST_ID` when direct writes into user-owned artifact dirs are awkward; move/chown the captures into `CLIENT_DIR` after the run.
+- On FreeBSD, run root commands in the visible tmux root window when one is available.
+- Do not leave large pcaps or duplicate downloaded images behind after analysis.
+- Do not change PF during the measurement unless the purpose of the test is explicitly PF comparison.
+- Use UTC timestamps at before-counters, pcap start, download start, download stop, and after-counters.
+
+## Variables
+
+Set these before the run.
+
+### Server / osa
+
+```sh
+TEST_ID="osa-clean-download-$(date -u +%Y%m%dT%H%M%SZ)"
+SERVER_IF="vtnet0"
+SERVER_DIR="/home/clawdie/clawdie-iso/tmp/network-tests/$TEST_ID"
+CLIENT_IP="<debby-public-ip-if-known>"
+SERVER_IP="51.83.197.148"
+SERVER_TS_IP="100.72.229.63"
+DURATION_SEC="600"
+```
+
+### Linux client / debby / Hermes
+
+Prefer the Hermes state directory for Hermes-run artifacts. If running inside a specific project repo, project-root `tmp/network-tests/$TEST_ID` is also acceptable.
+
+```sh
+TEST_ID="osa-clean-download-$(date -u +%Y%m%dT%H%M%SZ)"
+CLIENT_DIR="$HOME/.local/state/hermes/net-tests/$TEST_ID"
+# Alternative when running inside a repo:
+# CLIENT_DIR="$PWD/tmp/network-tests/$TEST_ID"
+URL="https://osa.smilepowered.org/downloads/iso/clawdie-xfce-operator-usb-fbsd15.0-amd64-15.maj.2026.img.gz"
+SHA_URL="$URL.sha256"
+SERVER_IP="51.83.197.148"
+SERVER_TS_IP="100.72.229.63"
+DURATION_SEC="600"
+```
+
+## Preflight
+
+### Server before-counters
+
+```sh
+mkdir -p "$SERVER_DIR"
+date -u '+before_counters_utc=%Y-%m-%dT%H:%M:%SZ' | tee "$SERVER_DIR/timestamps.txt"
+df -h /home/clawdie > "$SERVER_DIR/df-before.txt"
+ifconfig "$SERVER_IF" > "$SERVER_DIR/ifconfig-server-if.txt"
+netstat -rn > "$SERVER_DIR/routes.txt"
+/sbin/pfctl -si -v > "$SERVER_DIR/pf-before.txt"
+netstat -s -p tcp > "$SERVER_DIR/tcp-before.txt"
+netstat -s -p ip > "$SERVER_DIR/ip-before.txt"
+netstat -s -p icmp > "$SERVER_DIR/icmp-before.txt"
+netstat -s -p icmp6 > "$SERVER_DIR/icmp6-before.txt"
+```
+
+Also save the TCP lines we care about most:
+
+```sh
+netstat -s -p tcp | grep -E 'retransmitted|retransmit timeouts|resend initiated by MTU discovery|Path MTU|black hole' > "$SERVER_DIR/tcp-before-key-lines.txt"
+```
+
+### Linux client preflight
+
+```sh
+mkdir -p "$CLIENT_DIR"
+date -u '+client_preflight_utc=%Y-%m-%dT%H:%M:%SZ' | tee "$CLIENT_DIR/timestamps.txt"
+df -h . > "$CLIENT_DIR/df-before.txt"
+ip addr > "$CLIENT_DIR/ip-addr.txt"
+ip route > "$CLIENT_DIR/ip-route.txt"
+curl -4 -sS --max-time 10 https://ifconfig.me > "$CLIENT_DIR/public-ip.txt" || true
+ip route get "$SERVER_IP" > "$CLIENT_DIR/route-to-osa-public.txt"
+```
+
+Pick the outbound interface from `route-to-osa-public.txt`:
+
+```sh
+CLIENT_IF="<interface-from-ip-route-get>"
+```
+
+## Packet Capture
+
+Start both captures before the download. Wait until tcpdump prints `listening on ...` on both sides.
+
+Operational order:
+
+1. start server pcap
+2. start client pcap
+3. start client latency monitor
+4. start download
+5. stop download if bounded
+6. stop latency monitor
+7. stop pcaps
+8. collect after-counters
+
+Avoid tiny rotating pcap rings. For a 5-10 minute test, either use a single non-overwriting pcap or enough ring files to preserve the beginning/SYN.
+
+### Server capture
+
+If client public IP is known, prefer this filter:
+
+```sh
+date -u '+server_pcap_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a "$SERVER_DIR/timestamps.txt"
+/usr/bin/timeout 900 /usr/sbin/tcpdump -ni "$SERVER_IF" \
+  -s 0 \
+  -C 200 -W 20 \
+  -w "$SERVER_DIR/osa-vtnet0-download.pcap" \
+  "(host $CLIENT_IP and tcp port 443) or icmp or icmp6"
+```
+
+If client public IP is not known yet, temporarily capture all HTTPS plus ICMP/PTB signals:
+
+```sh
+date -u '+server_pcap_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a "$SERVER_DIR/timestamps.txt"
+/usr/bin/timeout 900 /usr/sbin/tcpdump -ni "$SERVER_IF" \
+  -s 0 \
+  -C 200 -W 20 \
+  -w "$SERVER_DIR/osa-vtnet0-download.pcap" \
+  "tcp port 443 or icmp or icmp6"
+```
+
+### Linux client capture
+
+Run in a root shell or with sudo. Prefer writing directly to `CLIENT_DIR`; if permissions get in the way, stage in a root-writable capture directory and then move/chown into `CLIENT_DIR` after capture.
+
+Direct-to-artifact-dir form:
+
+```sh
+date -u '+client_pcap_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a "$CLIENT_DIR/timestamps.txt"
+sudo /usr/bin/timeout 900 tcpdump -ni "$CLIENT_IF" \
+  -s 0 \
+  -C 200 -W 20 \
+  -w "$CLIENT_DIR/debby-osa-public.pcap" \
+  "host $SERVER_IP and (tcp port 443 or icmp or icmp6)"
+```
+
+Staged form, if root tcpdump cannot write directly to `CLIENT_DIR`:
+
+```sh
+CAPTURE_TMP="/tmp/osa-pcap-$TEST_ID"
+mkdir -p "$CAPTURE_TMP"
+date -u '+client_pcap_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a "$CLIENT_DIR/timestamps.txt"
+sudo /usr/bin/timeout 900 tcpdump -ni "$CLIENT_IF" \
+  -s 0 \
+  -C 200 -W 20 \
+  -w "$CAPTURE_TMP/debby-osa-public.pcap" \
+  "host $SERVER_IP and (tcp port 443 or icmp or icmp6)"
+sudo chown "$USER:$USER" "$CAPTURE_TMP"/debby-osa-public.pcap*
+mv "$CAPTURE_TMP"/debby-osa-public.pcap* "$CLIENT_DIR"/
+rmdir "$CAPTURE_TMP" 2>/dev/null || true
+```
+
+## Client Latency Monitor
+
+Start this on debby before the download and stop it after the download stops. It helps identify access-path/bufferbloat symptoms.
+
+```sh
+(
+  GW=$(ip route show default | awk '{print $3; exit}')
+  while true; do
+    date -u '+utc=%Y-%m-%dT%H:%M:%SZ'
+    for t in "$GW" 1.1.1.1 "$SERVER_TS_IP" 100.103.255.41; do
+      echo "### $t"
+      ping -c 5 -i 0.2 -W 2 "$t"
+    done
+    sleep 5
+  done
+) | tee "$CLIENT_DIR/ping-monitor.log" &
+PING_MON_PID=$!
+echo "$PING_MON_PID" > "$CLIENT_DIR/ping-monitor.pid"
+```
+
+Stop it after the download stops:
+
+```sh
+kill "$(cat "$CLIENT_DIR/ping-monitor.pid")" 2>/dev/null || true
+```
+
+## Download Test
+
+Use a CLI downloader, not a browser. For diagnosis, default to a fresh output file and no resume. Prefer `curl --http1.1` so the test is one simple TCP flow and avoids HTTP/2 multiplexing noise.
+
+### Full artifact download
+
+```sh
+cd "$CLIENT_DIR"
+date -u '+download_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a timestamps.txt
+curl -L \
+  --fail \
+  --http1.1 \
+  --output clawdie-test.img.gz \
+  --write-out '\nremote_ip=%{remote_ip}\nremote_port=%{remote_port}\nlocal_ip=%{local_ip}\nlocal_port=%{local_port}\ntime_total=%{time_total}\nspeed_download=%{speed_download}\nsize_download=%{size_download}\nhttp_code=%{http_code}\n' \
+  "$URL" \
+  2>&1 | tee curl-download.log
+date -u '+download_end_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a timestamps.txt
+```
+
+### Bounded 5-10 minute sample
+
+Use this when disk or time is limited. A timeout exit is acceptable; we care about behavior during the window.
+
+```sh
+cd "$CLIENT_DIR"
+date -u '+download_start_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a timestamps.txt
+timeout "$DURATION_SEC" curl -L \
+  --fail \
+  --http1.1 \
+  --output clawdie-test.img.gz \
+  --write-out '\nremote_ip=%{remote_ip}\nremote_port=%{remote_port}\nlocal_ip=%{local_ip}\nlocal_port=%{local_port}\ntime_total=%{time_total}\nspeed_download=%{speed_download}\nsize_download=%{size_download}\nhttp_code=%{http_code}\n' \
+  "$URL" \
+  2>&1 | tee curl-download.log
+date -u '+download_end_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a timestamps.txt
+```
+
+## Postflight
+
+Stop captures first, then collect after-counters.
+
+### Server after-counters
+
+```sh
+date -u '+after_counters_utc=%Y-%m-%dT%H:%M:%SZ' | tee -a "$SERVER_DIR/timestamps.txt"
+/sbin/pfctl -si -v > "$SERVER_DIR/pf-after.txt"
+netstat -s -p tcp > "$SERVER_DIR/tcp-after.txt"
+netstat -s -p ip > "$SERVER_DIR/ip-after.txt"
+netstat -s -p icmp > "$SERVER_DIR/icmp-after.txt"
+netstat -s -p icmp6 > "$SERVER_DIR/icmp6-after.txt"
+netstat -s -p tcp | grep -E 'retransmitted|retransmit timeouts|resend initiated by MTU discovery|Path MTU|black hole' > "$SERVER_DIR/tcp-after-key-lines.txt"
+ls -lh "$SERVER_DIR" > "$SERVER_DIR/ls.txt"
+```
+
+### Linux client postflight
+
+```sh
+ls -lh "$CLIENT_DIR" > "$CLIENT_DIR/ls.txt"
+curl -L --fail --max-time 30 -o "$CLIENT_DIR/expected.sha256" "$SHA_URL"
+```
+
+If the full image completed, verify checksum without depending on the filename inside the `.sha256` file:
+
+```sh
+EXPECTED=$(awk '{print $1; exit}' "$CLIENT_DIR/expected.sha256")
+ACTUAL=$(sha256sum "$CLIENT_DIR/clawdie-test.img.gz" | awk '{print $1}')
+printf 'expected=%s\nactual=%s\n' "$EXPECTED" "$ACTUAL" | tee "$CLIENT_DIR/checksum-result.txt"
+test "$EXPECTED" = "$ACTUAL"
+```
+
+## Summary-First Exchange
+
+Before copying raw pcaps around, generate text summaries on each side. Exchange summaries first; only copy raw pcaps if something suspicious needs deeper inspection.
+
+```sh
+PCAP="/path/to/file.pcap"
+OUT="$PCAP.summary.txt"
+{
+  echo "## capinfos"
+  capinfos "$PCAP"
+
+  echo
+  echo "## tcp conversations"
+  tshark -r "$PCAP" -q -z conv,tcp
+
+  echo
+  echo "## 1s io stats"
+  tshark -r "$PCAP" -q \
+    -z io,stat,1,'tcp','icmp || icmpv6','tcp.analysis.retransmission || tcp.analysis.fast_retransmission','tcp.analysis.duplicate_ack','tcp.analysis.zero_window'
+
+  echo
+  echo "## SYN MSS/window options"
+  tshark -r "$PCAP" -Y 'tcp.flags.syn == 1' -T fields \
+    -e frame.time_relative \
+    -e ip.src -e ip.dst \
+    -e tcp.srcport -e tcp.dstport \
+    -e tcp.flags.ack \
+    -e tcp.options.mss_val \
+    -e tcp.window_size_value \
+    -e tcp.options.wscale.shift \
+    -e tcp.options.sack_perm \
+    | head -100
+
+  echo
+  echo "## interesting TCP/ICMP"
+  tshark -r "$PCAP" \
+    -Y 'tcp.analysis.retransmission or tcp.analysis.fast_retransmission or tcp.analysis.duplicate_ack or tcp.analysis.zero_window or tcp.analysis.out_of_order or tcp.analysis.lost_segment or icmp or icmpv6' \
+    -T fields \
+    -e frame.time_relative \
+    -e frame.number \
+    -e ip.src -e ip.dst \
+    -e _ws.col.Protocol \
+    -e tcp.srcport -e tcp.dstport \
+    -e tcp.seq -e tcp.ack -e tcp.len \
+    -e tcp.analysis.retransmission \
+    -e tcp.analysis.fast_retransmission \
+    -e tcp.analysis.duplicate_ack \
+    -e tcp.analysis.duplicate_ack_num \
+    -e tcp.analysis.zero_window \
+    -e tcp.analysis.out_of_order \
+    -e tcp.analysis.lost_segment \
+    -e icmp.type -e icmp.code \
+    -e icmpv6.type -e icmpv6.code \
+    | head -300
+
+  echo
+  echo "## expert"
+  tshark -r "$PCAP" -q -z expert | head -300
+} > "$OUT"
+```
+
+## Hermes Graph Inputs
+
+Hermes should process locally from the client-side artifacts plus copied server-side summaries/artifacts:
+
+- `curl-download.log`
+- `ping-monitor.log`
+- `timestamps.txt`
+- `pf-before.txt`, `pf-after.txt`
+- `tcp-before.txt`, `tcp-after.txt`
+- `ip-before.txt`, `ip-after.txt`
+- `icmp-before.txt`, `icmp-after.txt`
+- `icmp6-before.txt`, `icmp6-after.txt`
+- `*.pcap.summary.txt`
+- raw `*.pcap*` only if needed
+
+Recommended graph outputs:
+
+- throughput over time
+- retransmissions over time
+- duplicate ACKs over time
+- RTT estimate over time, if available
+- TCP window/zero-window events over time
+- bytes by flow
+- gateway/internet/Tailscale latency during download
+- timeline of stalls or timeout bursts
+
+## Cleanup
+
+Cleanup is mandatory after the report/dashboard exists.
+
+Keep:
+
+- curl log
+- ping monitor log
+- counter before/after text
+- pcap summaries
+- final dashboard/report
+
+Remove:
+
+- downloaded test image
+- partial image
+- raw pcaps, unless still needed
+
+### Client cleanup
+
+```sh
+rm -f "$CLIENT_DIR/clawdie-test.img.gz"
+rm -f "$CLIENT_DIR"/*.partial
+```
+
+If raw pcaps are no longer needed, delete only raw capture files and keep `*.summary.txt`:
+
+```sh
+for f in "$CLIENT_DIR"/*.pcap "$CLIENT_DIR"/*.pcap[0-9]*; do
+  [ -e "$f" ] || continue
+  case "$f" in
+    *.summary.txt|*.gz) continue ;;
+  esac
+  rm -f "$f"
+done
+```
+
+If suspicious and raw pcaps must be kept temporarily, compress only raw capture files:
+
+```sh
+for f in "$CLIENT_DIR"/*.pcap "$CLIENT_DIR"/*.pcap[0-9]*; do
+  [ -e "$f" ] || continue
+  case "$f" in
+    *.summary.txt|*.gz) continue ;;
+  esac
+  gzip -9 "$f"
+done
+```
+
+### Server cleanup
+
+If raw pcaps are no longer needed, delete only raw capture files and keep `*.summary.txt`:
+
+```sh
+for f in "$SERVER_DIR"/*.pcap "$SERVER_DIR"/*.pcap[0-9]*; do
+  [ -e "$f" ] || continue
+  case "$f" in
+    *.summary.txt|*.gz) continue ;;
+  esac
+  rm -f "$f"
+done
+```
+
+If suspicious and raw pcaps must be kept temporarily, compress only raw capture files:
+
+```sh
+for f in "$SERVER_DIR"/*.pcap "$SERVER_DIR"/*.pcap[0-9]*; do
+  [ -e "$f" ] || continue
+  case "$f" in
+    *.summary.txt|*.gz) continue ;;
+  esac
+  gzip -9 "$f"
+done
+```
+
+Then confirm space recovered:
+
+```sh
+df -h /home/clawdie
+```
+
+## Result Summary Template
+
+```text
+Test ID:
+Date/time UTC:
+Client: debby
+Client network path: house Wi-Fi | hotspot | wired | other
+Server: osa.smilepowered.org
+Server public IP: 51.83.197.148
+Server Tailscale IP: 100.72.229.63
+URL:
+Downloader: curl --http1.1 | wget | other
+Parallel downloads: no | yes, describe
+Server capture duration:
+Client capture duration:
+Downloaded bytes:
+Average throughput:
+Checksum result: pass | fail | partial only
+
+Latency:
+- Gateway latency during download:
+- 1.1.1.1 latency during download:
+- osa Tailscale latency during download:
+- domedog latency during download:
+
+PF/PMTU/MSS:
+- PF state/search/fragment counters changed:
+- ICMP frag-needed / IPv6 Packet Too Big seen:
+- PMTU black-hole counters:
+- SYN MSS values:
+
+TCP:
+- Server retransmitted data delta:
+- Server retransmit timeout delta:
+- Pcap retransmissions:
+- Fast retransmissions:
+- Duplicate ACKs:
+- Zero-window events:
+
+Conclusion:
+- PF likely root cause? yes | no | inconclusive
+- PMTU/MSS likely root cause? yes | no | inconclusive
+- Access path/bufferbloat suspect? yes | no | inconclusive
+- Next action:
+
+Cleanup:
+- Large client image removed: yes | no
+- Large server pcap removed/compressed: yes | no
+- Raw pcap copies deleted after conclusion: yes | no
+- Disk checked after cleanup: yes | no
+```
+
+## Shared Intent Text
+
+```text
+Intent for next throughput test:
+
+We want one clean HTTPS download from osa.smilepowered.org to debby, with no Firefox and no parallel downloads. The purpose is to separate server/PF/PMTU/MSS behavior from client/access-path/bufferbloat behavior.
+
+Definitions:
+- “osa hotspot” means phone hotspot/mobile Wi-Fi path.
+- “osa server” means osa.smilepowered.org, FreeBSD 15, public 51.83.197.148, Tailscale 100.72.229.63.
+
+Rules:
+1. Start pcaps on both sides before the download.
+2. Use one curl/wget download only, preferably curl --http1.1.
+3. Use UTC timestamps for before/start/stop/after.
+4. Server collects TCP/PF/ICMP/ICMPv6 counters before and after.
+5. Pcaps must not overwrite the beginning of the test; use enough -W or shorten runtime.
+6. Exchange pcap summaries first, not raw pcaps.
+7. Keep final logs/summaries/dashboard, then clean raw pcaps and downloaded test image.
+
+Success criteria:
+- We know bytes/time/throughput.
+- We know whether retransmits/dupACKs/timeouts were normal or abnormal.
+- We know whether ICMP/PTB/fragmentation-needed/PMTU looked suspicious.
+- We know whether latency spikes were local/access-path or server-side.
+```
diff --git a/.agent/skills/nginx-glasspane/references/cache-policy.md b/.agent/skills/nginx-glasspane/references/cache-policy.md
new file mode 100644
index 0000000..85acc2a
--- /dev/null
+++ b/.agent/skills/nginx-glasspane/references/cache-policy.md
@@ -0,0 +1,15 @@
+# Nginx Cache Policy for Glasspane
+
+Use this file when deciding what should and should not be cached.
+
+## Recommended split
+
+- `index.html` / latest page: low or no cache
+- `latest.json`: no cache
+- `viewer.html`: low cache
+- `*.png`, `*.txt`, `*.json` screenshot artifacts: cache allowed
+
+## Why
+
+- latest operator state must refresh reliably
+- archived artifacts are immutable once written
diff --git a/.agent/skills/nginx-glasspane/scripts/render_latest_json.sh b/.agent/skills/nginx-glasspane/scripts/render_latest_json.sh
new file mode 100755
index 0000000..39e7e1c
--- /dev/null
+++ b/.agent/skills/nginx-glasspane/scripts/render_latest_json.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+set -eu
+
+UUID="${1:-exampleuuid1234}"
+SESSION="${2:-tmux-session}"
+CAPTURED_AT="${3:-2026-03-08T12:00:00.000Z}"
+
+cat <<EOF
+{
+  "uuid": "${UUID}",
+  "session": "${SESSION}",
+  "captured_at": "${CAPTURED_AT}"
+}
+EOF
diff --git a/.agent/nginx/SKILL.md b/.agent/skills/nginx/SKILL.md
similarity index 100%
rename from .agent/nginx/SKILL.md
rename to .agent/skills/nginx/SKILL.md
diff --git a/.agent/skills/nginx/references/astro-migration.md b/.agent/skills/nginx/references/astro-migration.md
new file mode 100644
index 0000000..862a873
--- /dev/null
+++ b/.agent/skills/nginx/references/astro-migration.md
@@ -0,0 +1,88 @@
+# Astro / Strapi Migration at the Nginx Edge
+
+Use this reference when moving the public Clawdie site from the current hand-edited static
+site to an Astro-generated site built in the `cms` jail.
+
+## Default transition model
+
+Keep host nginx as the public edge.
+
+```text
+cms jail (${AGENT_SUBNET_BASE}.4)
+  ├── Strapi
+  ├── Astro project
+  └── Astro build output
+
+host nginx
+  ├── serves /usr/local/www/clawdie/
+  ├── serves /usr/local/www/osa/
+  └── proxies cms.<agent>.home.arpa -> ${AGENT_SUBNET_BASE}.4:1337
+```
+
+This avoids moving unrelated public hosting while the Clawdie site migration is
+still in progress.
+
+## Migration phases
+
+### 1. Static parity
+
+- Recreate the existing public Clawdie look and routes in Astro
+- Keep nginx unchanged
+- Do not move content to Strapi until the visual clone is close enough
+
+### 2. Content extraction
+
+Move editable content into Strapi in batches:
+
+- homepage sections
+- guides
+- docs landing pages
+- blog/news later if needed
+
+Keep repo-native content outside Strapi:
+
+- skill pages from `SKILL.md`
+- generated technical docs
+- content better sourced directly from the repository
+
+### 3. Controlled deploy
+
+- Build Astro inside `cms`
+- Back up `/usr/local/www/clawdie/` on the host
+- Sync generated output into `/usr/local/www/clawdie/`
+- Leave nginx vhost shape mostly unchanged
+
+## Backup and rollback
+
+Before deploying:
+
+```sh
+cp -r /usr/local/www/clawdie /usr/local/www/clawdie.bak
+```
+
+Deploy:
+
+```sh
+rsync -av --delete /path/to/dist/ /usr/local/www/clawdie/
+```
+
+Rollback:
+
+```sh
+rm -rf /usr/local/www/clawdie
+cp -r /usr/local/www/clawdie.bak /usr/local/www/clawdie
+```
+
+## Validation
+
+```sh
+sudo nginx -t
+sudo service nginx reload
+curl -sI https://clawdie.invalid | head -5
+curl -sI https://cms.<agent>.home.arpa | head -5   # from Tailscale
+```
+
+## Important constraint
+
+The host currently serves more than one public site. Do not redesign nginx as if
+it belongs only to the public Clawdie site.
diff --git a/.agent/skills/nginx/references/strapi-cache.md b/.agent/skills/nginx/references/strapi-cache.md
new file mode 100644
index 0000000..f241298
--- /dev/null
+++ b/.agent/skills/nginx/references/strapi-cache.md
@@ -0,0 +1,57 @@
+# Strapi API microcache (cms jail nginx)
+
+Use a short nginx microcache for Strapi API responses to protect the CMS from
+bursts and repeated SSR fetches. Keep TTL short and bypass any authenticated
+requests.
+
+## Configure cache zone
+
+Add in the `http {}` block of `/usr/local/etc/nginx/nginx.conf` (cms jail):
+
+```nginx
+proxy_cache_path /var/cache/nginx/strapi levels=1:2 keys_zone=strapi_cache:20m \
+  max_size=1g inactive=10m use_temp_path=off;
+```
+
+Create the cache directory in the jail:
+
+```sh
+mkdir -p /var/cache/nginx/strapi
+chown -R www:www /var/cache/nginx/strapi
+chmod 750 /var/cache/nginx/strapi
+```
+
+## Vhost snippet (Strapi API)
+
+```nginx
+location /api/ {
+    proxy_pass http://127.0.0.1:1337;
+    proxy_http_version 1.1;
+    proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    proxy_cache strapi_cache;
+    proxy_cache_methods GET HEAD;
+    proxy_cache_valid 200 10s;
+    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+    proxy_cache_bypass $http_cache_control $http_pragma $http_authorization;
+    proxy_no_cache $http_authorization $cookie_strapi_session;
+    add_header X-Cache-Status $upstream_cache_status always;
+}
+```
+
+Do not cache the admin UI or authenticated endpoints:
+
+```nginx
+location /admin/ {
+    proxy_pass http://127.0.0.1:1337;
+}
+```
+
+## Validation
+
+```sh
+nginx -t && service nginx reload
+curl -sI http://127.0.0.1/<public-api-path> | grep -i x-cache-status
+```
diff --git a/.agent/skills/nginx/references/strapi-proxy.md b/.agent/skills/nginx/references/strapi-proxy.md
new file mode 100644
index 0000000..aacadbc
--- /dev/null
+++ b/.agent/skills/nginx/references/strapi-proxy.md
@@ -0,0 +1,62 @@
+# Strapi Reverse Proxy
+
+Use this template to expose Strapi admin via nginx with Tailscale-only access.
+
+## Vhost config
+
+Save as `/usr/local/etc/nginx/vhosts/cms.conf`:
+
+```nginx
+# Strapi CMS admin — Tailscale-restricted
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name cms.<agent>.home.arpa;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/clawdie/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/clawdie/clawdie.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    # restrict to Tailscale network only
+    allow 100.64.0.0/10;
+    deny all;
+
+    location / {
+        proxy_pass http://${AGENT_SUBNET_BASE}.4:1337;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+
+        # Strapi admin uploads can be large
+        client_max_body_size 50M;
+    }
+}
+```
+
+## Notes
+
+- Keep this internal-only. Prefer a private or Tailscale-only cert path if you
+  terminate TLS here.
+- If you publish it externally anyway, use a dedicated internal hostname that
+  is separate from the public site.
+- Tailscale IPs are in the 100.64.0.0/10 CGNAT range
+- WebSocket headers needed for Strapi admin live reload in dev mode
+
+## DNS
+
+Add an internal DNS or `/etc/hosts` record for `cms.<agent>.home.arpa`
+pointing to the same server IP. Or use Tailscale MagicDNS / an internal
+resolver if only accessing from the mesh.
+
+## Checklist
+
+1. Create vhost config
+2. Add DNS record (or Tailscale entry)
+3. `sudo nginx -t`
+4. `sudo service nginx reload`
+5. Verify: `curl -sI https://cms.<agent>.home.arpa` from Tailscale
diff --git a/.agent/skills/nginx/references/vhost-template.md b/.agent/skills/nginx/references/vhost-template.md
new file mode 100644
index 0000000..9327534
--- /dev/null
+++ b/.agent/skills/nginx/references/vhost-template.md
@@ -0,0 +1,100 @@
+# Nginx Vhost Template
+
+Use this template when adding a new site to the FreeBSD host.
+
+## Standard HTTPS vhost with www redirect
+
+```nginx
+# redirect HTTP to HTTPS (both www and non-www)
+server {
+    listen 80;
+    listen [::]:80;
+    server_name example.com www.example.com;
+    return 301 https://example.com$request_uri;
+}
+
+# redirect HTTPS www to non-www
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name www.example.com;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/example/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/example/example.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    return 301 https://example.com$request_uri;
+}
+
+# HTTPS — main site
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name example.com;
+    root /usr/local/www/example;
+    index index.html;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/example/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/example/example.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}
+```
+
+## Checklist
+
+1. Create webroot: `mkdir -p /usr/local/www/example`
+2. Create SSL dir: `mkdir -p /usr/local/etc/nginx/ssl/example`
+3. Obtain certificate (acme.sh or certbot)
+4. Save config to `/usr/local/etc/nginx/vhosts/example.conf`
+5. Test: `sudo nginx -t`
+6. Reload: `sudo service nginx reload`
+
+## Static docs subdomain pattern
+
+For a public static docs site such as `docs.clawdie.si`, keep it simple:
+
+```nginx
+server {
+    listen 80;
+    listen [::]:80;
+    server_name docs.clawdie.si;
+    return 301 https://docs.clawdie.si$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name docs.clawdie.si;
+    root /usr/local/www/docs.clawdie.si;
+    index index.html;
+
+    ssl_certificate     /usr/local/etc/nginx/ssl/docs/fullchain.cer;
+    ssl_certificate_key /usr/local/etc/nginx/ssl/docs/docs.key;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+
+    location /docs/ {
+        try_files $uri $uri/ /docs/index.html =404;
+    }
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}
+```
diff --git a/.agent/skills/ollama/SKILL.md b/.agent/skills/ollama/SKILL.md
new file mode 100644
index 0000000..98a67ea
--- /dev/null
+++ b/.agent/skills/ollama/SKILL.md
@@ -0,0 +1,180 @@
+---
+name: ollama
+description: Configure Ollama as an AI provider — cloud API (free tier, no hardware needed) or local inference (FreeBSD jail). Triggers on "ollama", "local llm", "ollama cloud", "ollama setup", "free llm".
+---
+
+# Ollama Provider
+
+Ollama provides two modes of operation for the agent runtime:
+
+## Mode 1: Ollama Cloud (Recommended for most setups)
+
+Cloud-hosted inference at `ollama.com`. Free tier available, no local hardware or jail needed.
+
+### What You Get (Free Tier)
+
+32 models including:
+
+| Model                  | Size  | Best For                           |
+| ---------------------- | ----- | ---------------------------------- |
+| `qwen3-coder-next`     | Cloud | Coding tasks (recommended primary) |
+| `qwen3-coder:480b`     | 480B  | Heavy coding                       |
+| `devstral-2:123b`      | 123B  | Code + reasoning                   |
+| `deepseek-v3.2`        | Cloud | General + reasoning                |
+| `kimi-k2.5`            | Cloud | Reasoning, thinking                |
+| `gemma3:27b`           | 27B   | General assistant                  |
+| `gemma3:4b`            | 4B    | Fast, light tasks                  |
+| `glm-5`                | Cloud | General (Z.AI default)             |
+| `mistral-large-3:675b` | 675B  | Complex tasks                      |
+| `gpt-oss:120b`         | 120B  | OpenAI open-source                 |
+
+Paid tiers: Pro ($20/mo) for day-to-day work, Max ($100/mo) for heavy agent use.
+
+### Setup
+
+1. Create account at https://ollama.com
+2. Generate API key in account settings
+3. Add to `.env`:
+   ```
+   OLLAMA_API_KEY=your-key-here
+   ```
+
+### PI Integration
+
+Create `~/.pi/agent/models.json`:
+
+```json
+{
+  "providers": {
+    "ollama-cloud": {
+      "baseUrl": "https://ollama.com/v1",
+      "api": "openai-completions",
+      "apiKey": "OLLAMA_API_KEY",
+      "authHeader": true,
+      "models": [
+        {
+          "id": "qwen3-coder-next",
+          "name": "Qwen3 Coder Next (Cloud)",
+          "reasoning": true,
+          "input": ["text"],
+          "contextWindow": 128000,
+          "maxTokens": 32000,
+          "cost": { "input": 0, "output": 0, "cacheRead": 0, "cacheWrite": 0 }
+        },
+        {
+          "id": "deepseek-v3.2",
+          "name": "DeepSeek V3.2 (Cloud)",
+          "reasoning": true,
+          "input": ["text"],
+          "contextWindow": 128000,
+          "maxTokens": 32000,
+          "cost": { "input": 0, "output": 0, "cacheRead": 0, "cacheWrite": 0 }
+        },
+        {
+          "id": "gemma3:4b",
+          "name": "Gemma 3 4B (Cloud)",
+          "reasoning": false,
+          "input": ["text"],
+          "contextWindow": 128000,
+          "maxTokens": 16384,
+          "cost": { "input": 0, "output": 0, "cacheRead": 0, "cacheWrite": 0 }
+        }
+      ]
+    }
+  }
+}
+```
+
+Add more models from the available list as needed. The file reloads when you open `/model` in PI — no restart required.
+
+### API Details
+
+- **Endpoint:** `https://ollama.com/v1`
+- **Auth:** Bearer token via `Authorization` header
+- **Compatible with:** OpenAI Chat Completions API
+- **List models:** `GET /v1/models`
+- **Chat:** `POST /v1/chat/completions`
+
+### Test Connection
+
+```bash
+curl -s https://ollama.com/v1/chat/completions \
+  -H "Authorization: Bearer $OLLAMA_API_KEY" \
+  -H "Content-Type: application/json" \
+  -d '{"model":"gemma3:4b","messages":[{"role":"user","content":"Hello"}]}'
+```
+
+## Mode 2: Ollama Local (Advanced)
+
+Run models on your own hardware inside a FreeBSD jail.
+
+### Current Limitation
+
+The FreeBSD port is stuck at **v0.3.6** (upstream is v0.13.5+). This means:
+
+- Many newer model architectures are unsupported (Gemma 3, Qwen 3, etc.)
+- Building from source requires unmerged FreeBSD patches
+- Not recommended for production use until the port catches up
+
+### Hardware Requirements
+
+| Model Size | RAM Needed | Minimum Server |
+| ---------- | ---------- | -------------- |
+| 3B         | 2-3 GB     | 16 GB total    |
+| 7B         | 6-8 GB     | 24 GB total    |
+| 13B        | 12-16 GB   | 32 GB total    |
+
+Current server has 12 GB total with ~3.5 GB free after existing jails — only 3B models would fit.
+
+### Future: Linux VM Alternative
+
+When bhyve VM support is implemented, running Ollama in a Linux VM bypasses the FreeBSD port limitation entirely. This is the recommended path for local inference once hardware permits.
+
+## Installer Integration
+
+The TUI wizard (page 6 — AI Provider) offers:
+
+```
+Provider options:
+  ▶ Ollama Cloud (free tier — recommended)
+    Z.AI
+    OpenRouter
+    Anthropic (direct API)
+    Local Ollama (⚠ limited on FreeBSD)
+```
+
+If user selects Ollama Cloud:
+
+1. Prompt for API key (or link to sign up)
+2. Write `OLLAMA_API_KEY` to `.env`
+3. Generate `~/.pi/agent/models.json` with cloud provider config
+4. No jail creation needed
+
+If user selects Local Ollama:
+
+1. Check available RAM
+2. Warn about FreeBSD port limitations
+3. Create ollama jail at `.11` with appropriate RCTL limit
+4. `pkg install ollama` inside jail
+5. Pull recommended model based on available RAM
+6. Enable `ollama` service
+7. Generate `models.json` pointing to jail IP
+
+## Troubleshooting
+
+**"401 Unauthorized" from Ollama Cloud:**
+
+- Verify API key is correct: `echo $OLLAMA_API_KEY`
+- Check key hasn't expired at ollama.com account settings
+
+**Rate limited on free tier:**
+
+- Free tier has usage limits for heavy workloads
+- Consider Pro ($20/mo) for sustained agent use
+- Or use Ollama Cloud as fallback with another primary provider
+
+**PI doesn't show Ollama models:**
+
+- Check `~/.pi/agent/models.json` exists and is valid JSON
+- In PI, type `/model` to refresh model list
+- Verify `OLLAMA_API_KEY` env var is set
diff --git a/.agent/skills/pi-provider-smoke/SKILL.md b/.agent/skills/pi-provider-smoke/SKILL.md
new file mode 100644
index 0000000..4d715d3
--- /dev/null
+++ b/.agent/skills/pi-provider-smoke/SKILL.md
@@ -0,0 +1,112 @@
+---
+name: pi-provider-smoke
+description: Smoke-test a Pi provider lane using structured JSON output. Use for DeepSeek, ZAI, or other Pi built-in providers before wiring them into Colibri.
+---
+
+# Pi Provider Smoke
+
+Validate that a provider works through `pi` and emits structured events that
+Colibri can consume.
+
+## Rules
+
+- Never paste API keys into chat, logs, commits, or command output.
+- Prefer Pi's credential store (`~/.pi/agent/auth.json`) or environment variables.
+- Do not hardcode model IDs before `pi --provider <name> --list-models` succeeds.
+- Use `--mode json` for the final smoke test.
+- One command at a time; inspect output before continuing.
+
+## 1. Identify Pi
+
+```bash
+which pi
+```
+
+```bash
+pi --version
+```
+
+```bash
+node --version
+```
+
+Record host OS and install path.
+
+## 2. Confirm provider models
+
+For DeepSeek:
+
+```bash
+pi --provider deepseek --list-models
+```
+
+For ZAI:
+
+```bash
+pi --provider zai --list-models
+```
+
+If the command fails because credentials are missing, stop and ask the operator
+to add the key locally.
+
+## 3. Credential layout
+
+Pi persistent credentials live at:
+
+```text
+~/.pi/agent/auth.json
+```
+
+DeepSeek shape:
+
+```json
+{
+  "deepseek": { "type": "api_key", "key": "<YOUR_DEEPSEEK_KEY>" }
+}
+```
+
+ZAI uses the same shape with provider key `zai`.
+
+Important:
+
+- field is `key`, not `apiKey`
+- type is exactly `api_key`
+- `auth.json` wins over environment variables when both are set
+- never commit `auth.json`
+
+## 4. JSON-mode smoke
+
+Use a tiny deterministic prompt:
+
+```bash
+pi --provider deepseek -p --mode json "reply with the single word: ok"
+```
+
+Expected:
+
+- exit code 0
+- output is JSONL
+- stream contains Pi lifecycle events such as `session`, `agent_start`,
+  `message_update`, `turn_end`, `agent_end`
+- assistant text contains `ok`
+
+## 5. Colibri parser check
+
+If working inside `clawdie-ai`, save a short JSONL sample under repo `tmp/` and
+parse it with the Colibri tests/helpers. Do not store secrets in the sample.
+
+```bash
+npx vitest run src/colibri-pi-events.test.ts
+```
+
+## 6. Report
+
+Report:
+
+- OS and host
+- Pi version
+- Node version
+- provider name
+- exact model IDs listed, if relevant
+- JSON-mode smoke pass/fail
+- whether Colibri parser accepted a representative stream
diff --git a/.agent/skills/pi-update/SKILL.md b/.agent/skills/pi-update/SKILL.md
new file mode 100644
index 0000000..552e79d
--- /dev/null
+++ b/.agent/skills/pi-update/SKILL.md
@@ -0,0 +1,167 @@
+---
+name: pi-update
+description: Update the pi coding agent harness safely. Use when the operator asks to upgrade pi, check whether pi is current, handle the @mariozechner to @earendil-works package rename, or refresh installed pi packages/extensions.
+---
+
+# Pi Update
+
+Update the `pi` coding-agent harness and its pi packages/extensions with minimal disruption.
+
+Pi is currently published as `@earendil-works/pi-coding-agent`. Older installs may still use `@mariozechner/pi-coding-agent`; treat that as the legacy package name and migrate away from it.
+
+## Rules
+
+- Run one shell command at a time and inspect its output before the next command.
+- Do not use `PI_OFFLINE=1` or `PI_SKIP_VERSION_CHECK=1` for update checks.
+- Do not run a forced reinstall unless a normal update fails or the operator explicitly asks.
+- If a Clawdie service/jail update is needed, check system health first and restart only the affected service.
+- Prefer pi's native updater: `pi update`, `pi update --self`, and `pi update --extensions`.
+
+## 1. Identify the active install
+
+```bash
+which pi
+```
+
+```bash
+pi --version
+```
+
+```bash
+npm root -g
+```
+
+```bash
+npm list -g --depth=0
+```
+
+```bash
+pi list
+```
+
+Record:
+
+- pi binary path
+- current version
+- global npm root
+- whether `@earendil-works/pi-coding-agent` is installed
+- whether legacy `@mariozechner/pi-coding-agent` is still installed
+- installed pi packages/extensions, if any
+
+## 2. Check latest upstream release
+
+```bash
+npm view @earendil-works/pi-coding-agent version
+```
+
+```bash
+node -e "fetch('https://pi.dev/api/latest-version').then(r=>r.json()).then(j=>console.log(JSON.stringify(j,null,2)))"
+```
+
+The `packageName` returned by `pi.dev` is authoritative for package-renames. If it differs from the installed package name, expect `pi update --self` to uninstall the old global package and install the new one.
+
+## 3. Normal update path
+
+For only the pi binary:
+
+```bash
+pi update --self
+```
+
+For only installed pi packages/extensions:
+
+```bash
+pi update --extensions
+```
+
+For both:
+
+```bash
+pi update
+```
+
+Verify after updating:
+
+```bash
+pi --version
+```
+
+```bash
+pi update --self
+```
+
+A healthy final self-check says pi is already up to date.
+
+## 4. Rename fallback path
+
+Use this only if `pi update --self` cannot migrate a legacy install.
+
+Check whether the old package is installed:
+
+```bash
+npm list -g @mariozechner/pi-coding-agent
+```
+
+Check whether the current package is installed:
+
+```bash
+npm list -g @earendil-works/pi-coding-agent
+```
+
+If the old package is present and the current package is missing, migrate manually:
+
+```bash
+npm uninstall -g @mariozechner/pi-coding-agent
+```
+
+```bash
+npm install -g @earendil-works/pi-coding-agent
+```
+
+Verify:
+
+```bash
+pi --version
+```
+
+```bash
+npm list -g --depth=0
+```
+
+## 5. Forced reinstall fallback
+
+Use only after a normal update fails or when explicitly requested.
+
+```bash
+pi update --self --force
+```
+
+If that fails, use npm directly:
+
+```bash
+npm install -g @earendil-works/pi-coding-agent
+```
+
+## 6. Clawdie repo follow-up
+
+After a successful pi update, search this repo for stale package names and update code/docs in a separate focused change:
+
+```bash
+rg "@mariozechner/pi|badlogic/pi|earendil-works/pi|pi-mono" README.md setup src .agent docs data
+```
+
+Expected current values:
+
+- npm package: `@earendil-works/pi-coding-agent`
+- dependency imports: `@earendil-works/pi-ai`, `@earendil-works/pi-agent-core`, `@earendil-works/pi-tui`, `@earendil-works/pi-coding-agent`
+- upstream repo/docs: `https://codeberg.org/Clawdie/pi`
+
+## 7. Report
+
+Summarize:
+
+- old version and new version
+- package name used
+- whether legacy package migration was needed
+- whether pi packages/extensions were updated
+- any stale Clawdie references found for a follow-up patch
diff --git a/.agent/skills/postgres-memory/SKILL.md b/.agent/skills/postgres-memory/SKILL.md
new file mode 100644
index 0000000..f690ae0
--- /dev/null
+++ b/.agent/skills/postgres-memory/SKILL.md
@@ -0,0 +1,120 @@
+---
+name: postgres-memory
+description: Plan or validate the optional PostgreSQL 18 data-service jail for Clawdie. Use only when an install explicitly chooses `DB_RUNTIME=jail`; the default runtime is host PostgreSQL.
+---
+
+# postgres-memory
+
+Use this skill only for the optional `DB_RUNTIME=jail` path.
+
+Do not use it as the general explanation for "how memory works" or "how
+PostgreSQL is installed" on a normal host. The current default is
+`DB_RUNTIME=host`.
+
+## Current truth
+
+- default runtime: host PostgreSQL
+- optional runtime: `DB_RUNTIME=jail`
+- jail role label: `db`
+- on-disk jail name: current service-prefixed db jail (for example `clawdie-db`)
+- current jail registry default:
+  - subnet base: `10.0.1`
+  - db IP suffix: `.5`
+  - bridge: `warden0`
+- required packages/extensions:
+  - PostgreSQL `18`
+  - `pgvector`
+  - `pgcrypto`
+  - `uuid-ossp`
+
+Do not reuse the old `.3`, `10.0.0.x`, or `10.0.1.3` examples.
+
+Resolve the live jail IP from current registry/config instead of hardcoding it.
+
+## Scope
+
+This skill covers:
+
+- optional `db` jail planning and bring-up
+- PostgreSQL-specific jail assumptions
+- package install and service initialization
+- extension enablement
+- validation commands for the optional jail path
+- ZFS snapshot points before schema work
+
+This skill does not cover:
+
+- the default host PostgreSQL path
+- general memory architecture explanation
+- memory schema design
+- embedding model selection
+- Supabase compatibility layers
+
+## Naming model
+
+The PostgreSQL instance may host both shared platform DBs and tenant-derived
+DBs.
+
+Shared platform defaults:
+
+- `system_brain`
+- `system_skills`
+- `system_ops`
+- `system_git`
+- `system_web`
+- read-only skills role: `system_reader`
+
+Tenant names are derived from `dbSlug(tenantId)` in `src/db-identifiers.ts`.
+Do not hardcode tenant DB names in this skill; use the helpers.
+
+## Workflow
+
+1. Confirm the install explicitly chose `DB_RUNTIME=jail`.
+2. Resolve the `db` jail IP from current registry/config.
+3. Ensure the `db` jail exists and starts cleanly.
+4. Validate ZFS assumptions before installing PostgreSQL.
+5. Install PostgreSQL 18 inside the jail.
+6. Initialize the database cluster.
+7. Start the PostgreSQL service.
+8. Validate local connectivity.
+9. Install `postgresql18-contrib` and enable required extensions.
+10. Snapshot the jail dataset before schema work.
+
+## Restore path
+
+Design restore into the optional jail deployment from the start:
+
+1. create jail
+2. install PostgreSQL
+3. initialize cluster
+4. optionally restore from `.sql` or custom dump
+5. validate
+6. snapshot
+
+## Automation note
+
+There is no current canonical Ansible playbook for this path.
+
+The live automation source of truth is:
+
+- `setup/db.ts`
+- `setup/jail-provision.ts`
+- `src/jail-schema.ts`
+- `infra/jails.yaml`
+
+If this optional jail path becomes important again, a future playbook should be
+derived from those files rather than from older `db-memory-bootstrap.yaml`
+references.
+
+## Read next
+
+- Install commands: `references/install.md`
+- Validation sequence: `references/validation.md`
+- ZFS and service notes: `references/layout.md`
+- Failure signatures: `references/troubleshooting.md`
+- Security and access control: `references/security.md`
+
+## Scripts
+
+- `scripts/render_install_commands.sh`
+- `scripts/render_validation_commands.sh`
diff --git a/.agent/skills/postgres-memory/references/install.md b/.agent/skills/postgres-memory/references/install.md
new file mode 100644
index 0000000..9bd1ba0
--- /dev/null
+++ b/.agent/skills/postgres-memory/references/install.md
@@ -0,0 +1,171 @@
+# PostgreSQL 18 Install Plan
+
+Target:
+
+- jail: `db`
+- hostname: `db.<agent>.home.arpa`
+- purpose: local memory database
+- package family: PostgreSQL 18
+
+## Initial assumptions
+
+- `db` is a persistent FreeBSD jail
+- `db` is a thick jail
+- current preferred path uses VNET
+- storage is on ZFS through the jail dataset
+- service binds locally first
+- external API layers are deferred
+
+## Why thick
+
+Use a thick jail for `db`.
+
+Reason:
+
+- database is a persistent service
+- upgrades and rollback should be predictable
+- host coupling should be minimized
+- ZFS snapshots are more valuable when the jail shape is stable
+
+## Network profiles
+
+### Shared
+
+Simple alternative if separate service identity is not required.
+
+Pros:
+
+- simplest bring-up
+- fewer moving parts
+- enough for host-side Clawdie to talk to PostgreSQL
+
+Cons:
+
+- no separate externally meaningful service identity
+- `db.<agent>.home.arpa` is the internal jail hostname
+
+### VNET
+
+Current preferred deployment path.
+
+Pros:
+
+- separate network identity
+- cleaner future exposure policy
+- easier host firewall segmentation
+
+Cons:
+
+- more setup and debugging
+- not necessary to prove PostgreSQL installation
+
+Recommended policy:
+
+- if you want the simplest possible bring-up, use `shared`
+- if you want stable long-lived service identity from day one, use `vnet`
+- current chosen path for `db`: `vnet`
+
+## Known-good create command
+
+```sh
+sudo bastille create -T -B -g ${AGENT_SUBNET_BASE}.1 ${AGENT_NAME}-db 15.0-RELEASE ${AGENT_SUBNET_BASE}.3/24 warden0
+```
+
+## Expected successful Bastille output
+
+Healthy creation includes lines like:
+
+- `Attempting to create jail: db`
+- `Valid IP: ${AGENT_SUBNET_BASE}.3/24`
+- `Valid interface: warden0`
+- `Creating a thickjail. This may take a while...`
+- `e0a_db`
+- `e0b_db`
+- `Applying template: default/vnet...`
+- `ifconfig_vnet0:  -> inet ${AGENT_SUBNET_BASE}.3/24`
+- `Applying template: default/thick...`
+- `Applying template: default/base...`
+
+Non-fatal note:
+
+- `[WARNING]: No value provided for arg: IFCONFIG6`
+
+That warning is expected if IPv6 is not configured in the template path.
+
+Intermediate state after successful create but before final validation:
+
+- `hostname` may still be `db`
+- `vnet0` should have `${AGENT_SUBNET_BASE}.3/24`
+- if `netstat -rn` lacks a `default` route, the create path is still wrong
+
+Systemic fix for repeated missing default route:
+
+- include the explicit gateway flag: `-g ${AGENT_SUBNET_BASE}.1`
+- do not treat a manual `route add default ${AGENT_SUBNET_BASE}.1` as the final fix
+
+## Restore modes
+
+Design deployment to support:
+
+- empty database bring-up
+- restore from dump
+
+Supported future restore sources should include:
+
+- plain `.sql`
+- PostgreSQL custom dump
+
+## Install order
+
+1. Enter the jail.
+2. Install PostgreSQL 18 packages.
+3. Enable `allow.sysvipc` for the jail and restart it.
+4. Enable PostgreSQL in the jail rc.conf.
+5. Initialize the data directory.
+6. Start PostgreSQL.
+7. Install `postgresql18-contrib`.
+8. Confirm `postgres` is listening on loopback and jail IP.
+
+Canonical prerequisite before `initdb`:
+
+```sh
+sudo bastille config db set allow.sysvipc 1
+sudo bastille restart db
+```
+
+## Required extensions
+
+The currently proven path uses:
+
+- `postgresql18-pgvector`
+- `postgresql18-contrib`
+
+Extension enablement in the target database:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db su -m postgres -c "psql -d \${MEMORY_DB_NAME} -c 'CREATE EXTENSION IF NOT EXISTS pgcrypto;'"
+sudo bastille cmd ${AGENT_NAME}-db su -m postgres -c "psql -d \${MEMORY_DB_NAME} -c 'CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";'"
+sudo bastille cmd ${AGENT_NAME}-db su -m postgres -c "psql -d \${MEMORY_DB_NAME} -c 'CREATE EXTENSION IF NOT EXISTS vector;'"
+```
+
+## Proven reset path
+
+If the jail already has PostgreSQL but no data worth keeping, the proven
+reset path is:
+
+1. stop PostgreSQL
+2. remove `postgresql18-server` and `postgresql18-client`
+3. remove `/var/db/postgres`
+4. install `postgresql18-server`, `postgresql18-client`, `postgresql18-pgvector`
+5. install `postgresql18-contrib`
+6. run `service postgresql initdb`
+7. start PostgreSQL 18 and create the target database
+
+## Resource baseline
+
+- minimal: `1G RAM / 10G / 1 vCPU`
+- balanced: `2G RAM / 15G / 1 vCPU`
+
+Current default for first install:
+
+- `1G RAM / 10G / 1 vCPU`
diff --git a/.agent/skills/postgres-memory/references/layout.md b/.agent/skills/postgres-memory/references/layout.md
new file mode 100644
index 0000000..0bfca97
--- /dev/null
+++ b/.agent/skills/postgres-memory/references/layout.md
@@ -0,0 +1,65 @@
+# Layout and Snapshots
+
+## Jail
+
+- jail name: `db`
+- hostname: `db.<agent>.home.arpa`
+- IP: `${AGENT_SUBNET_BASE}.3`
+- role: persistent database service
+- provisioning: `thick`
+
+## ZFS expectations
+
+PostgreSQL on ZFS has two different tuning layers:
+
+1. pool/vdev sector alignment
+2. dataset-level properties
+
+### Pool/vdev alignment
+
+`ashift` belongs to the pool/vdev layer, not the dataset.
+
+Important:
+
+- it should match the real sector size of the underlying device
+- for modern 4 KiB devices, that usually means `ashift=12`
+- it cannot be changed later on an existing pool/vdev
+
+Validate the real pool before assuming PostgreSQL storage is correct.
+
+### Dataset-level tuning
+
+Conservative starting properties for PostgreSQL data:
+
+- `compression=lz4`
+- `atime=off`
+- `recordsize=16K`
+
+Why `recordsize=16K`:
+
+- OpenZFS explicitly calls out `recordsize` for database workloads
+- PostgreSQL uses 8 KiB pages by default
+- `16K` is a conservative starting point that stays near PostgreSQL access patterns and avoids the default `128K` record size
+
+Treat `16K` as an initial operational default. Revisit it with benchmarks later.
+
+The jail dataset should be snapshotted at these points:
+
+1. after clean jail creation
+2. after PostgreSQL 18 is installed and starts
+3. before schema migration
+4. before schema import
+
+## Suggested snapshot names
+
+- `@fresh`
+- `@postgres17-ready`
+- `@pre-schema`
+- `@post-extensions`
+
+## Design note
+
+All operational data lives in PostgreSQL (ops database). The memory database
+holds user/agent memories and the skills database holds preloaded knowledge.
+
+This PostgreSQL jail is the live split-brain backend for Agent System Skills, User/Agent Memory, and Operational State across three databases.
diff --git a/.agent/skills/postgres-memory/references/security.md b/.agent/skills/postgres-memory/references/security.md
new file mode 100644
index 0000000..45083ac
--- /dev/null
+++ b/.agent/skills/postgres-memory/references/security.md
@@ -0,0 +1,213 @@
+# PostgreSQL Security and Access Control
+
+## Current state (post-install default)
+
+After a fresh `initdb`, PostgreSQL ships with:
+
+- One superuser: `postgres` (no password)
+- Auth method: `trust` for localhost only
+- `listen_addresses = 'localhost'` — only accepts connections from inside the jail
+- No remote access — the host orchestrator and cms jail cannot connect
+
+This is fine for initial setup but must be hardened before any remote jail connects.
+
+## Roles and databases
+
+### Role: postgres (superuser)
+
+Keep as-is. Only used for admin from inside the db jail via `su - postgres`.
+Never expose this role to remote connections.
+
+Set a password anyway as defense in depth:
+
+```sh
+. /home/clawdie/clawdie-ai/.env
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c \"ALTER USER postgres WITH PASSWORD '$POSTGRES_ADMIN_PASSWORD';\""
+```
+
+### Role: `SKILLS_DB_USER` (Agent System Skills)
+
+For the skills database:
+
+```sh
+. /home/clawdie/clawdie-ai/.env
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createuser ${SKILLS_DB_USER}"
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c \"ALTER USER ${SKILLS_DB_USER} WITH PASSWORD '$SKILLS_DB_PASSWORD';\""
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createdb -O ${SKILLS_DB_USER} ${SKILLS_DB_NAME}"
+```
+
+### Role: `MEMORY_DB_USER` (User-Agent Memory)
+
+For the user/agent memory database:
+
+```sh
+. /home/clawdie/clawdie-ai/.env
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createuser ${MEMORY_DB_USER}"
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c \"ALTER USER ${MEMORY_DB_USER} WITH PASSWORD '$MEMORY_DB_PASSWORD';\""
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createdb -O ${MEMORY_DB_USER} ${MEMORY_DB_NAME}"
+```
+
+### Role: strapi_cms (CMS)
+
+For the Strapi content management database:
+
+```sh
+. /home/clawdie/clawdie-ai/.env
+sudo bastille cmd db su - postgres -c "createuser strapi_cms"
+sudo bastille cmd db su - postgres -c "psql -c \"ALTER USER strapi_cms WITH PASSWORD '$STRAPI_DB_PASSWORD';\""
+sudo bastille cmd db su - postgres -c "createdb -O strapi_cms strapi_cms"
+```
+
+## Network access (pg_hba.conf)
+
+Path inside db jail: `/var/db/postgres/data/pg_hba.conf`
+
+### Current (default)
+
+```
+local   all   all                  trust
+host    all   all   127.0.0.1/32   trust
+host    all   all   ::1/128        trust
+```
+
+### Target
+
+Keep localhost trust for admin. Add password-authenticated remote access
+for the host on `warden0` and for the future cms jail only:
+
+```
+# local admin — trust (postgres superuser only uses this)
+local   all             all                                     trust
+host    all             all             127.0.0.1/32            trust
+host    all             all             ::1/128                 trust
+
+# host-side orchestrator on warden0 gateway
+host    ${SKILLS_DB_NAME}   ${SKILLS_DB_USER}   ${AGENT_SUBNET_BASE}.1/32   scram-sha-256
+host    ${MEMORY_DB_NAME}   ${MEMORY_DB_USER}   ${AGENT_SUBNET_BASE}.1/32   scram-sha-256
+
+# cms jail — Strapi CMS
+host    strapi_cms      strapi_cms      ${AGENT_SUBNET_BASE}.4/32   scram-sha-256
+
+# deny everything else from the subnet
+host    all             all             ${AGENT_SUBNET_BASE}.0/24   reject
+```
+
+Rules are evaluated top-to-bottom. The explicit `reject` at the end ensures
+no other jail on the subnet can connect.
+
+### Apply changes
+
+```sh
+# edit pg_hba.conf inside db jail (use the commands above)
+# then reload — no restart needed
+sudo bastille cmd ${AGENT_NAME}-db service postgresql reload
+```
+
+## Listen addresses (postgresql.conf)
+
+Path inside db jail: `/var/db/postgres/data/postgresql.conf`
+
+Change from:
+
+```
+#listen_addresses = 'localhost'
+```
+
+To:
+
+```
+listen_addresses = 'localhost, ${AGENT_SUBNET_BASE}.3'
+```
+
+This makes PostgreSQL listen on both localhost (for admin) and the VNET
+interface (for remote jails). Do NOT use `'*'` — only bind to known IPs.
+
+Reload after changing:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db service postgresql reload
+```
+
+## Verification
+
+### From inside db jail (should work — trust)
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c 'SELECT 1;'"
+```
+
+### From host (should work — password)
+
+```sh
+psql "$MEMORY_DB_URL" -c "SELECT 1;"
+```
+
+Will use the password embedded in `MEMORY_DB_URL`.
+
+### From cms jail (should work — password)
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-cms psql -h ${AGENT_SUBNET_BASE}.3 -U strapi_cms -d strapi_cms -c "SELECT 1;"
+```
+
+Will prompt for password. Use the `strapi_cms` password.
+
+### From a random jail or host (should be rejected)
+
+```sh
+psql -h ${AGENT_SUBNET_BASE}.3 -U postgres -d postgres -c "SELECT 1;"
+```
+
+Should fail with: `FATAL: pg_hba.conf rejects connection`
+
+## Password storage
+
+All database passwords live in `/home/clawdie/clawdie-ai/.env`:
+
+```
+POSTGRES_ADMIN_PASSWORD=<generated>
+SKILLS_DB_PASSWORD=<generated>
+MEMORY_DB_PASSWORD=<generated>
+STRAPI_DB_PASSWORD=<generated>
+```
+
+The setup flow derives PostgreSQL-safe names from `AGENT_NAME`. Example:
+`AGENT_NAME=clawdie-ai` becomes `SKILLS_DB_USER=clawdie_ai_reader` and
+`MEMORY_DB_USER=clawdie_ai_brain` (for `AGENT_NAME=clawdie-ai`).
+
+Generate with: `python3 -c "import secrets; print(secrets.token_urlsafe(24))"`
+
+Source before running setup commands: `. /home/clawdie/clawdie-ai/.env`
+
+When a future Strapi layer needs its own `.env`, copy only the relevant
+variables:
+
+- cms / Strapi DB: `STRAPI_DB_PASSWORD`
+- cms / Strapi app: `STRAPI_APP_KEYS`, `STRAPI_API_TOKEN_SALT`,
+  `STRAPI_ADMIN_JWT_SECRET`, `STRAPI_TRANSFER_TOKEN_SALT`, `STRAPI_JWT_SECRET`
+
+Never commit passwords to git. Never store them in skill files.
+
+## Execution order
+
+1. ZFS snapshot db jail first
+2. Set postgres superuser password
+3. Create skills + memory roles/databases
+4. Create strapi_cms role + strapi_cms database (reserved for later Strapi use)
+5. Update pg_hba.conf with remote access rules
+6. Update listen_addresses in postgresql.conf
+7. Reload PostgreSQL
+8. Test from inside db jail (trust)
+9. Test from host-side memory access (password)
+10. Test from cms jail (password — after cms jail exists)
+11. ZFS snapshot db jail after successful setup
+
+## ZFS snapshots
+
+```sh
+# before security changes (snapshots are non-destructive, no dry-run needed)
+sudo zfs snapshot zroot/clawdie-runtime/jails/db@pre-security-DD.mmm.YYYY-HHMM
+
+# after successful setup
+sudo zfs snapshot zroot/clawdie-runtime/jails/db@security-configured-DD.mmm.YYYY-HHMM
+```
diff --git a/.agent/skills/postgres-memory/references/troubleshooting.md b/.agent/skills/postgres-memory/references/troubleshooting.md
new file mode 100644
index 0000000..f8e8c12
--- /dev/null
+++ b/.agent/skills/postgres-memory/references/troubleshooting.md
@@ -0,0 +1,82 @@
+# PostgreSQL Memory Jail Troubleshooting
+
+Use this file when the `db` jail is created successfully but still is not ready
+for PostgreSQL installation.
+
+## Common failure signatures
+
+### `hostname` is still `db`
+
+Likely cause:
+
+- the jail was created successfully
+- the hostname was not yet updated after creation
+
+Response:
+
+- apply the intended hostname with Bastille config
+- restart the jail before treating hostname mismatch as a deeper failure
+
+### `vnet0` has `${AGENT_SUBNET_BASE}.2/24` but `netstat -rn` has no `default`
+
+Likely cause:
+
+- Bastille VNET create path omitted the explicit Warden gateway
+
+Observed pattern:
+
+- jail creation succeeds
+- `vnet0` has the expected address
+- the routing table only shows the local subnet
+
+Response:
+
+- recreate or provision with:
+  - `-g ${AGENT_SUBNET_BASE}.1`
+- do not rely on a manual `route add default ${AGENT_SUBNET_BASE}.1` as the final fix
+
+### Bastille console log shows `add net default: gateway 51.83.197.1 ... Invalid argument`
+
+Likely cause:
+
+- Bastille inferred the host uplink gateway instead of the Warden gateway
+- this is a provisioning defect for the VNET jail, not a PostgreSQL problem
+
+Interpretation:
+
+- host bridge and jail creation may still be correct
+- but the jail routing model is wrong
+
+Response:
+
+- treat this as evidence the create command is missing:
+  - `-g ${AGENT_SUBNET_BASE}.1`
+
+### Bastille destroy prints `Note: jail console logs archived.`
+
+Interpretation:
+
+- expected and useful
+- archived console logs under `/var/log/bastille/` are a valid troubleshooting source
+
+Recommended use:
+
+- capture meaningful signatures from the archived logs into skill references
+- avoid treating the raw log archive as the long-term knowledge store
+
+### `initdb` fails with `could not create shared memory segment`
+
+Likely cause:
+
+- the jail does not yet allow the IPC path PostgreSQL needs during initialization
+
+Observed shape:
+
+- `shmget(...): Function not implemented`
+
+Response:
+
+- set:
+  - `allow.sysvipc 1`
+- restart the jail
+- rerun `service postgresql initdb`
diff --git a/.agent/skills/postgres-memory/references/validation.md b/.agent/skills/postgres-memory/references/validation.md
new file mode 100644
index 0000000..8b0b4ed
--- /dev/null
+++ b/.agent/skills/postgres-memory/references/validation.md
@@ -0,0 +1,37 @@
+# Validation
+
+Use these checks after installation.
+
+## Service status
+
+- `service postgresql status`
+- `sockstat -4 -6 | grep postgres`
+
+## Local connectivity
+
+- `psql -U postgres -d postgres -c "select version();"`
+- `psql -U postgres -d ${MEMORY_DB_NAME} -c "\dx"`
+
+## Expected healthy result
+
+- PostgreSQL service reports running
+- `postgres` accepts a local connection
+- version output shows PostgreSQL 18
+- `pgcrypto`, `uuid-ossp`, and `vector` are installed in `${MEMORY_DB_NAME}`
+
+## After base validation
+
+Only after the above is healthy:
+
+1. create roles and databases
+2. set `listen_addresses` and `pg_hba.conf`
+3. snapshot before schema creation
+
+## Restore validation
+
+If deployment uses restore-from-dump, validate:
+
+- target database exists
+- restore command exits cleanly
+- expected tables are present
+- PostgreSQL still starts cleanly after restart
diff --git a/.agent/skills/postgres-memory/scripts/render_install_commands.sh b/.agent/skills/postgres-memory/scripts/render_install_commands.sh
new file mode 100755
index 0000000..b1adf82
--- /dev/null
+++ b/.agent/skills/postgres-memory/scripts/render_install_commands.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+
+cat <<'EOF'
+sudo bastille cmd db pkg install -y postgresql18-server postgresql18-client postgresql18-pgvector
+sudo bastille cmd db pkg install -y postgresql18-contrib
+sudo bastille cmd db sysrc postgresql_enable=YES
+sudo bastille cmd db service postgresql initdb
+sudo bastille cmd db service postgresql start
+EOF
diff --git a/.agent/skills/postgres-memory/scripts/render_validation_commands.sh b/.agent/skills/postgres-memory/scripts/render_validation_commands.sh
new file mode 100755
index 0000000..4e982b3
--- /dev/null
+++ b/.agent/skills/postgres-memory/scripts/render_validation_commands.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -eu
+
+cat <<'EOF'
+sudo bastille cmd db service postgresql status
+sudo bastille cmd db sh -c 'sockstat -4 -6 | grep postgres'
+sudo bastille cmd db psql -U postgres -d postgres -c "select version();"
+EOF
diff --git a/.agent/skills/rsync/SKILL.md b/.agent/skills/rsync/SKILL.md
new file mode 100644
index 0000000..95dfae8
--- /dev/null
+++ b/.agent/skills/rsync/SKILL.md
@@ -0,0 +1,129 @@
+---
+name: rsync
+description: File synchronization and deployment using rsync. Covers host-to-server transfers, jail-to-host deploys, backup patterns, and common exclude lists. Triggers on "rsync", "file sync", "deploy files", "transfer files", "copy to server".
+---
+
+# rsync
+
+Core tool for file transfer and deployment across the Clawdie-AI infrastructure.
+
+## Installation
+
+rsync must be available on the host and all operational jails on current
+`main` that copy or deploy files (`worker`, `git`, `cms`).
+
+**Host:**
+
+```bash
+sudo pkg install rsync
+```
+
+**Inside jails** (install manually or via `bastille pkg`):
+
+- controlplane: `sudo bastille pkg clawdie-controlplane install -y rsync`
+- git: `sudo bastille pkg git install -y rsync`
+- cms: `sudo bastille pkg cms install -y rsync`
+- db: not installed by default (dedicated PostgreSQL surface)
+
+## Common Patterns
+
+### Developer workstation to server
+
+Transfer a project excluding build artifacts:
+
+```bash
+rsync -avz --exclude node_modules --exclude .astro --exclude dist --exclude .git \
+  ~/path/to/project/ user@server:/destination/path/
+```
+
+Flags:
+
+- `-a` archive mode (preserves permissions, timestamps, symlinks)
+- `-v` verbose
+- `-z` compress during transfer
+
+### Astro build to nginx webroot (jail to host)
+
+Used by `cms-deploy.yaml` and `deploy-cms-site.sh`:
+
+```bash
+rsync -a --delete \
+  /usr/local/bastille/jails/cms/root/home/${AGENT_NAME}/site/dist/ \
+  /usr/local/www/${AGENT_NAME}/
+```
+
+`--delete` removes files in destination that no longer exist in source (clean deploy).
+
+### Backup before deploy
+
+```bash
+rsync -a /usr/local/www/${AGENT_NAME}/ /usr/local/www/${AGENT_NAME}.bak/
+```
+
+### Sync between jails via host
+
+Jails cannot reach each other's filesystems directly. Use the host as intermediary:
+
+```bash
+# Copy from git jail to cms jail through host jail roots
+rsync -a /usr/local/bastille/jails/git/root/source/ \
+        /usr/local/bastille/jails/cms/root/destination/
+```
+
+### Dry run (preview changes)
+
+```bash
+rsync -avzn --exclude node_modules ~/project/ user@server:/dest/
+```
+
+`-n` (or `--dry-run`) shows what would transfer without actually doing it.
+
+## Standard Exclude Lists
+
+### Node.js / Astro projects
+
+```
+--exclude node_modules
+--exclude .astro
+--exclude dist
+--exclude .git
+--exclude .env
+```
+
+### General development
+
+```
+--exclude .git
+--exclude .env
+--exclude '*.log'
+--exclude tmp/
+--exclude .DS_Store
+```
+
+## Security Notes
+
+- Never sync `.env` files containing secrets to remote servers — pass secrets through secure channels
+- Use SSH keys instead of passwords for automated transfers
+- For Tailscale-connected hosts, rsync over Tailscale IPs avoids public internet exposure
+- Set `--chmod=D755,F644` to enforce sane permissions on destination
+
+## Troubleshooting
+
+**"rsync: command not found" on remote:**
+
+```bash
+# On FreeBSD host or inside jail:
+sudo pkg install rsync
+# Or inside a jail:
+sudo bastille cmd <jail> pkg install -y rsync
+```
+
+**Slow transfers over Tailscale:**
+
+- Tailscale MTU is 1280; large files may be slower than direct connection
+- Use `-z` for compression on slow links, skip it on fast LANs
+
+**Permission denied on destination:**
+
+- Check destination directory ownership matches the SSH user
+- Use `--rsync-path="sudo rsync"` if writing to root-owned paths
diff --git a/.agent/skills/runtime-version-sync/SKILL.md b/.agent/skills/runtime-version-sync/SKILL.md
new file mode 100644
index 0000000..81f2c6f
--- /dev/null
+++ b/.agent/skills/runtime-version-sync/SKILL.md
@@ -0,0 +1,206 @@
+---
+name: runtime-version-sync
+description: Check and align Node, FreeBSD pkg, npm global, and Pi versions across Linux and FreeBSD hosts. Use for preventing runtime drift between OSA, debby, domedog, and ISO builds.
+---
+
+# Runtime Version Sync
+
+Keep Linux, FreeBSD, and ISO runtime inputs aligned without relying on moving
+`latest` tags during builds.
+
+## Rules
+
+- Do not upgrade anything until the inventory is recorded.
+- Fetch remotes before claiming remote repository state.
+- For security-sensitive auth paths, inspect before mutating.
+- Pin build inputs; do not let ISO builds depend on moving npm dist-tags.
+- Prefer Node 24 across Linux and FreeBSD unless a target explicitly requires a
+  legacy lane.
+- Use repo-local `tmp/` for generated inventories and manifests.
+
+## 1. Inventory local host
+
+```bash
+uname -a
+```
+
+```bash
+node --version
+```
+
+```bash
+npm --version
+```
+
+```bash
+which pi
+```
+
+```bash
+pi --version
+```
+
+```bash
+npm config get prefix
+```
+
+```bash
+npm outdated -g --depth=0
+```
+
+On FreeBSD, also check packages:
+
+```bash
+pkg info -x 'node|npm|pi|codex|gemini'
+```
+
+On Linux with nvm:
+
+```bash
+command -v nvm
+```
+
+```bash
+nvm current
+```
+
+## 2. Check upstream versions
+
+Pi:
+
+```bash
+npm view @earendil-works/pi-coding-agent version
+```
+
+```bash
+npm view @earendil-works/pi-coding-agent dist-tags --json
+```
+
+Gemini CLI, if still intentionally shipped:
+
+```bash
+npm view @google/gemini-cli version
+```
+
+FreeBSD package availability:
+
+```bash
+pkg search '^node[0-9]+'
+```
+
+```bash
+pkg search '^npm'
+```
+
+## 3. Cross-host manifest
+
+Each host should emit a small JSON manifest under repo-local or user-local
+state. Example schema:
+
+```json
+{
+  "schema": "clawdie.runtime-version-inventory.v1",
+  "host": "osa",
+  "os": "FreeBSD",
+  "node": "v24.14.1",
+  "npm": "11.x",
+  "pi": "0.75.5",
+  "npm_prefix": "/home/clawdie/.npm-global",
+  "package_manager": "pkg",
+  "notes": []
+}
+```
+
+Colibri can aggregate these manifests later, the same way it aggregates
+interagent run manifests.
+
+## 4. Upgrade policy
+
+### FreeBSD
+
+Preferred Node package:
+
+```text
+node24
+```
+
+Use FreeBSD package operations only after checking current state and taking any
+needed ZFS/package rollback precautions.
+
+Install/upgrade package names:
+
+```bash
+sudo pkg install -y node24 npm-node24
+```
+
+Then verify:
+
+```bash
+node --version
+```
+
+```bash
+npm --version
+```
+
+### Linux
+
+If Node is managed by nvm, use nvm for Node 24:
+
+```bash
+nvm install 24
+```
+
+```bash
+nvm alias default 24
+```
+
+If Node is system-managed, do not assume the package manager. Inventory first
+and choose the host's standard channel.
+
+## 5. npm global policy
+
+Pi should be updated through Pi when possible:
+
+```bash
+pi update --self
+```
+
+Fallback:
+
+```bash
+npm install -g @earendil-works/pi-coding-agent@<pinned-version>
+```
+
+ISO builds must use pinned npm globals from the ISO repo, not `latest`:
+
+```text
+/home/clawdie/clawdie-iso/packages/npm-globals.txt
+```
+
+## 6. ISO follow-up
+
+When Pi or npm global versions change, update the ISO pin file in a separate
+ISO commit and smoke the pack step:
+
+```bash
+sh -n scripts/fetch-npm-globals.sh
+```
+
+```bash
+OUT_DIR="$(pwd)/tmp/npm-globals-pin-smoke" ./scripts/fetch-npm-globals.sh
+```
+
+Do not run a full ISO build unless explicitly assigned.
+
+## 7. Report
+
+Report:
+
+- hosts checked
+- Node versions and desired target
+- Pi versions and desired target
+- npm global pins changed
+- package manager actions proposed or performed
+- whether ISO pin file is aligned
+- any blockers for Node 24 unification
diff --git a/.agent/skills/sanoid/SKILL.md b/.agent/skills/sanoid/SKILL.md
new file mode 100644
index 0000000..65c3e2e
--- /dev/null
+++ b/.agent/skills/sanoid/SKILL.md
@@ -0,0 +1,66 @@
+---
+name: sanoid
+description: Manage policy-driven ZFS snapshots for Warden datasets on FreeBSD using Sanoid. Use when defining snapshot retention for clawdie-runtime, creating a sane service-jail snapshot policy, or validating automated rollback safety for Bastille datasets and future VM images.
+---
+
+# Sanoid
+
+Use this skill for automated ZFS snapshot policy on the FreeBSD host.
+
+## Scope
+
+This skill covers:
+
+- Sanoid policy selection
+- `sanoid.conf` rendering
+- snapshot retention for `clawdie-runtime`
+- rollback safety for persistent service jails
+- rollback coverage for operator home + shared npm-global dataset
+- future VM dataset snapshot policy
+- role-aware rollback policy selection
+
+This skill does not replace:
+
+- `warden-zfs` for base dataset layout
+- `warden-bootstrap` for jail creation
+- `bastille-network` or `warden-pf` for host networking
+
+## Canonical targets
+
+- persistent service jail datasets:
+  - `zroot/clawdie-runtime/jails/db`
+  - `zroot/clawdie-runtime/jails/git`
+  - `zroot/clawdie-runtime/jails/cms`
+- operator home dataset (source of truth for agent state):
+  - `zroot/home/<operator>` (preferred), or the closest parent dataset if a per-user dataset is absent
+- shared npm-global dataset (avoid rebuilds across jail resets):
+  - `zroot/clawdie-runtime/shared/npm-global`
+- future browser VM dataset family:
+  - same host, separate image-backed datasets later
+
+## Install baseline
+
+- install on the FreeBSD host with `pkg install -y sanoid`
+- primary config path: `/usr/local/etc/sanoid/sanoid.conf`
+- sample config path: `/usr/local/etc/sanoid/sanoid.conf.sample`
+- `sanoid --version` should work after installation
+
+## Recommended baseline policy
+
+- start with explicit policy classes by runtime role
+- snapshot `db`, `git`, and `cms` differently by role
+- keep retention conservative until the runtime is proven
+- do not apply normal Sanoid retention to disposable runners
+- expand to VM datasets later by role, not by guesswork
+
+## Workflow
+
+1. Read `references/policy-model.md`
+2. Read `references/example-config.md`
+3. If troubleshooting is needed, read `references/troubleshooting.md`
+4. Prefer the scripts in `scripts/` to render a starter `sanoid.conf`
+
+## Observed FreeBSD quirk
+
+- The shipped sample config can emit one benign placeholder warning on the first `sanoid --readonly --verbose` run because it still contains sample dataset names like `zpoolname/parent2`.
+- That does not indicate a failure in the Clawdie policy block.
diff --git a/.agent/skills/sanoid/references/example-config.md b/.agent/skills/sanoid/references/example-config.md
new file mode 100644
index 0000000..f1b5e2c
--- /dev/null
+++ b/.agent/skills/sanoid/references/example-config.md
@@ -0,0 +1,26 @@
+# Sanoid Example Config
+
+```ini
+[template_production]
+        frequently = 0
+        hourly = 24
+        daily = 7
+        monthly = 3
+        autosnap = yes
+        autoprune = yes
+
+[zroot/clawdie-runtime/jails/db]
+        use_template = production
+
+[zroot/clawdie-runtime/jails/cms]
+        use_template = production
+
+[zroot/clawdie-runtime/jails/git]
+        use_template = production
+
+[zroot/home/clawdie]
+        use_template = production
+
+[zroot/clawdie-runtime/shared/npm-global]
+        use_template = production
+```
diff --git a/.agent/skills/sanoid/references/policy-model.md b/.agent/skills/sanoid/references/policy-model.md
new file mode 100644
index 0000000..8ed6ce2
--- /dev/null
+++ b/.agent/skills/sanoid/references/policy-model.md
@@ -0,0 +1,174 @@
+# Sanoid Policy Model
+
+Use this file when deciding how aggressive snapshot retention should be.
+
+## Core rule
+
+Sanoid is for retention policy on persistent datasets.
+
+It is not the mechanism that defines whether a runtime resets on every run.
+That belongs to the runtime lifecycle:
+
+- persistent service -> Sanoid can help
+- golden image -> Sanoid can help lightly
+- disposable runner -> use clone, rollback, or destroy logic instead
+
+## Policy classes
+
+### 1. critical-data
+
+Examples:
+
+- `db`
+
+Characteristics:
+
+- persistent
+- hardest to recreate
+- schema and data matter
+- rollback points must survive mistakes and migrations
+
+Recommended policy:
+
+- hourly snapshots
+- daily snapshots
+- monthly snapshots
+- manual milestone snapshots before schema or extension changes
+
+### 2. persistent-service
+
+Examples:
+
+- `git`
+- `cms`
+
+Characteristics:
+
+- persistent
+- operationally important
+- largely rebuildable from code, but rollback is still valuable
+
+Recommended policy:
+
+- moderate hourly retention
+- daily retention
+- light monthly retention
+- manual snapshots before upgrades and risky runtime changes
+
+### 3. rebuildable-service
+
+Examples:
+
+- future `webui`
+
+Characteristics:
+
+- service state matters less than code and config
+- usually easier to rebuild than `db`
+
+Recommended policy:
+
+- light retention
+- daily snapshots may be enough
+- hourly snapshots optional
+- manual snapshots before deploys
+
+### 4. personal-workspace
+
+Examples:
+
+- `browser-vm-lumina` used by a real human with logins and browser state
+
+Characteristics:
+
+- persistent
+- contains valuable session state
+- should not be reset automatically after each run
+
+Recommended policy:
+
+- manual milestone snapshots
+- optional light Sanoid retention while actively changing the image
+- no automatic reset on run completion
+
+### 5. automation-base
+
+Examples:
+
+- `browser-vm-base-tmux`
+- `browser-vm-browser`
+
+Characteristics:
+
+- stable source image
+- intended to spawn clones
+- changes rarely and deliberately
+
+Recommended policy:
+
+- manual milestone snapshots
+- optional light Sanoid retention
+- protect the base image, not every derived run
+
+### 6. automation-runner
+
+Examples:
+
+- per-task browser clone
+- headless automation instance without personal accounts
+
+Characteristics:
+
+- disposable
+- should return to a known clean baseline
+- history is not the goal
+
+Recommended policy:
+
+- no regular Sanoid retention
+- destroy after run or rollback to base snapshot
+- keep only exported artifacts, logs, screenshots, and results
+
+## Recommended starting point
+
+Target these first:
+
+- `zroot/clawdie-runtime/jails/db`
+- `zroot/clawdie-runtime/jails/git`
+- `zroot/clawdie-runtime/jails/cms`
+- `zroot/home/<operator>` (agent state + repo source of truth)
+- `zroot/clawdie-runtime/shared/npm-global` (global toolchain cache)
+
+Suggested starter policy split:
+
+- `git` -> light automated retention
+- `cms` -> moderate automated retention
+- `db` -> stronger automated retention
+- workers -> none
+- browser bases -> manual milestone snapshots first
+
+## Manual snapshot naming baseline
+
+Keep manual snapshot names aligned with:
+
+```text
+<purpose>-DD.mmm.YYYY
+```
+
+or, when needed:
+
+```text
+<purpose>-DD.mmm.YYYY-HHMM
+```
+
+## Why start narrow
+
+The first mistake to avoid is enabling broad recursive snapshot automation across
+all datasets.
+
+Different runtime roles need different rollback behavior:
+
+- `db` needs durable rollback points
+- `cms` needs moderate safety
+- `webui` is lighter
+- `automation-runner` should reset, not accumulate history
diff --git a/.agent/skills/sanoid/references/troubleshooting.md b/.agent/skills/sanoid/references/troubleshooting.md
new file mode 100644
index 0000000..1333bef
--- /dev/null
+++ b/.agent/skills/sanoid/references/troubleshooting.md
@@ -0,0 +1,13 @@
+# Sanoid Troubleshooting
+
+## Common issues
+
+- sample config still contains placeholder datasets
+- target service jail dataset does not exist yet
+- retention is too broad for disposable workers
+
+## Safe response
+
+- narrow policy to `db`, `git`, and `cms`
+- keep workers out of regular Sanoid retention
+- validate with `sanoid --readonly --verbose`
diff --git a/.agent/skills/sanoid/scripts/render_sanoid_conf.sh b/.agent/skills/sanoid/scripts/render_sanoid_conf.sh
new file mode 100644
index 0000000..66a159c
--- /dev/null
+++ b/.agent/skills/sanoid/scripts/render_sanoid_conf.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+
+PROJECT="${1:-clawdie-runtime}"
+DATASET="${2:-zroot/${PROJECT}/jails/cms}"
+
+cat <<EOF
+[${DATASET}]
+	use_template = production
+EOF
diff --git a/.agent/skills/sanoid/scripts/validate_snapshots.sh b/.agent/skills/sanoid/scripts/validate_snapshots.sh
new file mode 100755
index 0000000..dacc248
--- /dev/null
+++ b/.agent/skills/sanoid/scripts/validate_snapshots.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -eu
+
+# Use ZFS_PREFIX from env (source .env first), or fall back to directory name
+# Example: ZFS_PREFIX=clawdie-runtime
+PREFIX="${1:-${ZFS_PREFIX:-${PROJECT_NAME:-$(basename "$(pwd)")}}}"
+
+zfs list | grep "${PREFIX}"
+zfs list -t snapshot | grep "${PREFIX}"
diff --git a/.agent/skills/service-restart/SKILL.md b/.agent/skills/service-restart/SKILL.md
new file mode 100644
index 0000000..cfa45b9
--- /dev/null
+++ b/.agent/skills/service-restart/SKILL.md
@@ -0,0 +1,61 @@
+---
+name: service-restart
+description: Start, stop, or restart a service on host or inside a jail via hostd
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Restart * service"
+  - "Start * service"
+  - "Stop * service"
+  - "Restart *"
+  - "Service is down"
+  - "Bring * back up"
+estimated_tokens: 400-600
+---
+
+# service-restart
+
+Start, stop, or restart rc.d services on the host or inside jails. Always goes through hostd (never direct sudo).
+
+## Usage
+
+```bash
+# Via hostd client (preferred — no sudo at runtime)
+hostd service restart nginx
+hostd service restart postgresql
+hostd service start clawdie
+```
+
+If you need to reason about the underlying location first:
+
+- `clawdie` and `clawdie_hostd` are host services
+- `postgresql` is host or optional db jail depending on `DB_RUNTIME`
+- `nginx` may be host nginx or cms jail nginx depending on the surface
+- `forgejo` runs in the git jail when enabled
+
+## Common Services
+
+| Service       | Location                 | rc.d name       |
+| ------------- | ------------------------ | --------------- |
+| clawdie       | host                     | `clawdie`       |
+| clawdie_hostd | host                     | `clawdie_hostd` |
+| nginx         | host or cms jail         | `nginx`         |
+| postgresql    | host or optional db jail | `postgresql`    |
+| forgejo       | git jail                 | `forgejo`       |
+| strapi        | cms jail                 | `strapi`        |
+
+## Safety Rules
+
+- **Always verify service is actually down** before restarting (run jail-status first)
+- **Never restart PostgreSQL** without checking for active queries — escalate to DBA
+- **Never restart clawdie** without posting activity event first (you'll interrupt yourself)
+
+## When to Use
+
+- Jail is running but service inside is unresponsive
+- After config change that requires service reload
+- Explicit CEO/operator instruction
+
+## Escalate If
+
+- Service restarts but immediately dies again → root cause investigation needed
+- Restarting would cause data loss → escalate to DBA or CEO
diff --git a/.agent/skills/setup/SKILL.md b/.agent/skills/setup/SKILL.md
new file mode 100644
index 0000000..55969ea
--- /dev/null
+++ b/.agent/skills/setup/SKILL.md
@@ -0,0 +1,179 @@
+---
+name: setup
+description: Run initial Clawdie setup on FreeBSD 15 + Lumina desktop. Use when installing dependencies, configuring pi agent, authenticating Telegram, registering the main group, or starting the background service. Triggers on "setup", "install", "configure clawdie", or first-time setup requests.
+---
+
+# Clawdie Setup
+
+Run setup steps automatically. Only pause when user action is required (channel authentication, configuration choices). Steps emit structured status blocks to stdout. Verbose logs go to `logs/setup.log`.
+
+**Principle:** When something is broken or missing, fix it. Don't tell the user to go fix it themselves unless it genuinely requires their manual action (e.g. authenticating a channel, pasting a secret token). If a dependency is missing, install it. If a service won't start, diagnose and repair. Ask the user for permission when needed, then do the work.
+
+**UX Note:** Use `AskUserQuestion` for all user-facing questions.
+
+**Jail-based runtime.** Clawdie runs agents inside a FreeBSD bastille jail (`{agent}-controlplane`). No Docker, no bhyve. The `pi` subprocess runs inside that jail. clawdie-iso firstboot prepares the host and jails.
+
+## 0. Git & Fork Setup
+
+Check the git remote configuration.
+
+Run: `git remote -v`
+
+**Case A — `origin` points to `Clawdie/Clawdie-AI` on Codeberg (user cloned directly):**
+
+AskUserQuestion: "You cloned Clawdie-AI directly. We recommend forking so you can push your customizations. Would you like to set up a fork?"
+
+- Fork now: instruct the user to fork `Clawdie/Clawdie-AI` on Codeberg, then ask for their Codeberg username. Run:
+  ```bash
+  git remote rename origin upstream
+  git remote add origin git@codeberg.org:<username>/Clawdie-AI.git
+  git push --force origin main
+  ```
+- Continue without fork: add upstream so they can still pull updates:
+  ```bash
+  git remote add upstream git@codeberg.org:Clawdie/Clawdie-AI.git
+  ```
+
+**Case B — `origin` is user's fork, no `upstream`:**
+
+```bash
+git remote add upstream git@codeberg.org:Clawdie/Clawdie-AI.git
+```
+
+**Case C — both `origin` and `upstream` exist:** Already configured. Continue.
+
+## 1. Bootstrap (Node.js + Dependencies)
+
+Run `bash setup.sh` and parse the status block.
+
+- If NODE_OK=false → Node.js is missing or too old. Use `AskUserQuestion: Would you like me to install Node.js 24?`. If confirmed:
+  ```bash
+  sudo pkg install -y node24 npm
+  ```
+  After installing, re-run `bash setup.sh`.
+- If DEPS_OK=false → Read `logs/setup.log`. Delete `node_modules` and re-run `bash setup.sh`.
+- If NATIVE_OK=false → `pg` native bindings failed to load. Install build tools:
+  ```bash
+  sudo pkg install -y gmake gcc python311
+  ```
+  Then retry.
+- Note: clawdie-iso firstboot installs node24, npm, tmux, and pi — most of these will already be present.
+
+## 2. Check Environment
+
+Run `npx tsx setup/index.ts --step environment` and parse the status block.
+
+- If HAS_AUTH=true → Telegram is already configured, note for step 5.
+- If HAS_REGISTERED_GROUPS=true → note existing config, offer to skip or reconfigure.
+- Check if `.env` was generated by clawdie-iso firstboot (`shell-env.sh`). If present, read it and skip asking for secrets already set.
+
+## 3. Verify Pi Agent
+
+No container runtime needed. Verify `pi` is installed and accessible.
+
+```bash
+which pi && pi --version
+```
+
+- If `pi` is missing: install it:
+  ```bash
+  npm install -g @earendil-works/pi-coding-agent
+  ```
+- Verify pi can reach the configured LLM provider. Check `~/.pi/agent/auth.json` and `~/.pi/agent/settings.json`:
+  ```bash
+  cat ~/.pi/agent/auth.json
+  cat ~/.pi/agent/settings.json
+  ```
+  **Important:** Never overwrite these files — always append/merge. A bad overwrite previously lost API keys. If keys are missing, append only the missing provider entry.
+- Run a quick test: `pi --print "Reply with just: OK" --no-session` — if it fails, check provider balance and key.
+
+## 4. LLM Provider Authentication
+
+If `.env` already has `ZAI_API_KEY` (from clawdie-iso firstboot), confirm with user: keep or reconfigure?
+
+AskUserQuestion: Using ZAI (default) or a different provider?
+
+**ZAI (default):** Confirm `ZAI_API_KEY` is set. The ISO firstboot seeds `ZAI_API_BASE` automatically.
+
+**Anthropic API key:** Tell user to add `ANTHROPIC_API_KEY=<key>` to `.env`.
+
+**Claude Code subscription:** Tell user to run `claude setup-token` in another terminal, copy the token, add `CLAUDE_CODE_OAUTH_TOKEN=<token>` to `.env`. Do NOT collect the token in chat.
+
+## 5. Set Up Channels
+
+AskUserQuestion (multiSelect): Which messaging channels do you want to enable?
+
+- Telegram (authenticates via bot token from @BotFather)
+- Discord (authenticates via Discord bot token)
+- Slack (authenticates via Slack app with Socket Mode)
+
+Delegate to each selected channel's own skill:
+
+- **Telegram:** Invoke `/add-telegram`
+- **Discord:** Invoke `/add-discord`
+- **Slack:** Invoke `/add-slack`
+
+Each skill handles its own token collection, registration, and JID resolution.
+
+**After all channel skills complete:**
+
+```bash
+npm install && npm run build
+```
+
+Note: if `TELEGRAM_BOT_TOKEN` is already in `.env` (written by clawdie-iso firstboot), Telegram auto-enables without re-entering credentials. Confirm with the user before running `/add-telegram` in that case.
+
+## 6. Mount Allowlist
+
+AskUserQuestion: Should the agent have access to external directories beyond the project?
+
+**No:** `npx tsx setup/index.ts --step mounts -- --empty`
+
+**Yes:** Collect paths/permissions. `npx tsx setup/index.ts --step mounts -- --json '{"allowedRoots":[...],"blockedPatterns":[],"nonMainReadOnly":true}'`
+
+## 7. Start Service
+
+If service already running, stop it first:
+
+```bash
+sudo service clawdie stop 2>/dev/null || true
+```
+
+Run `npx tsx setup/index.ts --step service` and parse the status block.
+
+**Non-root fallback:** If running without root, the step generates `start-clawdie.sh` / `stop-clawdie.sh` wrappers. Tell the user to run `bash start-clawdie.sh` to start manually, and use `cron @reboot` for auto-start.
+
+**If SERVICE_LOADED=false:**
+
+- Read `logs/setup.log` for the error.
+- Check: `sudo service clawdie status`
+- Common causes: missing `.env`, Node.js path wrong, build not run yet.
+- Run `npm run build` first, then retry the service step.
+
+## 8. Verify
+
+Run `npx tsx setup/index.ts --step verify` and parse the status block.
+
+**If STATUS=failed, fix each:**
+
+- SERVICE=stopped → `npm run build`, then `sudo service clawdie start`
+- SERVICE=not_found → re-run step 7
+- CREDENTIALS=missing → re-run step 4
+- CHANNEL_AUTH shows `not_found` for any channel → re-invoke that channel's skill
+- REGISTERED_GROUPS=0 → re-invoke the channel skills from step 5
+- MOUNT_ALLOWLIST=missing → `npx tsx setup/index.ts --step mounts -- --empty`
+
+Tell user to test by sending a message in their registered chat.
+Show logs: `tail -f logs/clawdie.log`
+
+## Troubleshooting
+
+**Service not starting:** Check `logs/clawdie.error.log`. Common: wrong Node path (re-run step 7), missing `.env` (step 4), missing channel credentials (re-invoke channel skill).
+
+**Pi agent fails:** Check `groups/*/logs/agent-*.log`. Ensure `pi` is in PATH and the provider in `~/.pi/agent/settings.json` has a valid key with balance. For z.ai (glm-4-plus): recharge at https://open.bigmodel.cn if getting 429 errors.
+
+**No response to messages:** Check trigger pattern. Main group doesn't need prefix. Check DB: `npx tsx setup/index.ts --step verify`. Check `logs/clawdie.log`.
+
+**Channel not connecting:** Verify credentials in `.env`. Channels auto-enable when their env var is present (`TELEGRAM_BOT_TOKEN`, etc.). Restart the service after any `.env` change: `sudo service clawdie restart`.
+
+**Stop service:** `sudo service clawdie stop` or `bash stop-clawdie.sh` (non-root).
diff --git a/.agent/skills/setup/references/prerequisites.md b/.agent/skills/setup/references/prerequisites.md
new file mode 100644
index 0000000..7b4bb71
--- /dev/null
+++ b/.agent/skills/setup/references/prerequisites.md
@@ -0,0 +1,138 @@
+# PI Coding Agent Prerequisites
+
+This document covers the prerequisites for running the PI coding agent in Clawdie.
+
+## tmux
+
+PI coding agent runs inside tmux for session management and must be configured with extended-keys enabled.
+
+### Version Requirement
+
+- **Minimum**: tmux 3.2+
+
+FreeBSD 15 includes tmux 3.6a by default, which meets this requirement.
+
+### Installation
+
+```bash
+sudo pkg install tmux
+```
+
+### Required Configuration
+
+Add to `~/.tmux.conf`:
+
+```tmux
+set -g extended-keys on
+set -g extended-keys-format csi-u
+```
+
+Then restart tmux:
+
+```bash
+tmux kill-server; tmux
+```
+
+### Why This Is Required
+
+Without `extended-keys`, tmux strips modifier information from keys. This means:
+
+| Key         | Without extkeys | With csi-u   |
+| ----------- | --------------- | ------------ |
+| Enter       | `\r`            | `\r`         |
+| Shift+Enter | `\r`            | `\x1b[13;2u` |
+| Ctrl+Enter  | `\r`            | `\x1b[13;5u` |
+| Alt+Enter   | `\x1b\r`        | `\x1b[13;3u` |
+
+PI uses modified Enter keys for:
+
+- `Enter` - submit message
+- `Shift+Enter` - insert newline
+
+Without proper configuration, Shift+Enter won't work as expected inside PI.
+
+### Terminal Requirements
+
+Your terminal emulator must support extended keys. Recommended:
+
+- Kitty (best support)
+- Ghostty
+- iTerm2
+- WezTerm
+- Windows Terminal
+
+### Verification
+
+```bash
+# Check tmux version
+tmux -V
+
+# Check if extended-keys is enabled in current session
+tmux show-options -g extended-keys
+
+# Test modified keys work
+# In PI: try Shift+Enter for newline
+```
+
+## Additional Tools
+
+PI may attempt to download these tools automatically. Install via pkg for better compatibility:
+
+```bash
+sudo pkg install fd-find ripgrep rsync
+```
+
+- **fd-find**: Installs the `fd` command used by `pi` for fast file finding
+- **ripgrep** (rg): Fast grep alternative
+- **rsync**: Deterministic sync tool for deploys, backups, and jail-to-host transfers
+- **py311-pillow + dejavu**: Current main uses pkg-native screenshot support on
+  FreeBSD instead of a separate `uv pip install Pillow` step
+
+If the host still has more than one Python line installed, pin `uv` to the
+baseline interpreter explicitly:
+
+```bash
+uv venv --python 3.11
+uv run --python 3.11 <command>
+```
+
+### Platform Notes
+
+- **FreeBSD**: Pre-built binaries are not available for all platforms. Use `pkg install fd-find ripgrep rsync` instead of relying on PI's built-in downloader.
+
+## Node.js
+
+PI requires Node.js v24+:
+
+```bash
+sudo pkg install node24 npm
+```
+
+Verify:
+
+```bash
+node --version
+```
+
+## PI Installation
+
+```bash
+npm install -g @earendil-works/pi-coding-agent
+```
+
+Verify:
+
+```bash
+pi --version
+```
+
+## Related Skills
+
+- `setup` - Main setup skill that checks prerequisites
+- `clawdie-freebsd` - FreeBSD-specific setup including PI prerequisites
+
+## References
+
+- [PI tmux documentation](https://codeberg.org/Clawdie/pi/src/branch/main/docs/tmux.md)
+- [PI terminal setup](https://codeberg.org/Clawdie/pi/src/branch/main/docs/terminal-setup.md)
+- [tmux(1)](https://man.freebsd.org/cgi/man.cgi?query=tmux&sektion=1)
diff --git a/.agent/skills/ssh-agent-setup/SKILL.md b/.agent/skills/ssh-agent-setup/SKILL.md
new file mode 100644
index 0000000..9e7daf3
--- /dev/null
+++ b/.agent/skills/ssh-agent-setup/SKILL.md
@@ -0,0 +1,204 @@
+---
+name: ssh-agent-setup
+description: "Fix SSH agent failures (Could not open connection), configure persistence across tmux sessions, and set up AddKeysToAgent."
+version: 1.1.0
+platforms: [linux, freebsd]
+---
+
+# SSH Agent Setup & Persistence
+
+## Overview
+
+SSH agent does not survive tmux session restarts or new terminal windows by
+default. When an agent dies, every `ssh`, `git push`, or `git pull` that
+needs the key fails with `Could not open a connection to your authentication
+agent`. This skill documents the fix: a three-tier approach (launcher,
+auto-load, terminal preferences) plus an emergency revive procedure.
+
+**Platform note:** FreeBSD has no systemd. Use `~/.profile` to start the
+agent on login. On Linux with systemd, a `systemd --user` service is an
+alternative but the profile approach works universally.
+
+## When to Use
+
+- `ssh -T git@codeberg.org` returns `Connection closed` or hangs after a
+  tmux restart.
+- `ssh-add -l` returns "The agent has no identities" or "Could not open
+  a connection to your authentication agent."
+- Git push/pull fails with SSH errors even though `ssh -T` worked earlier.
+- Setting up a new machine (this skill feeds into the ISO firstboot
+  installer).
+
+## Safety Rules
+
+| Public key (`.pub`)     | Safe to paste anywhere — designed to be shared.                       |
+| ----------------------- | --------------------------------------------------------------------- |
+| Private key (no `.pub`) | Never paste, never transit through chat, never leave the host.        |
+| `ssh-add` on local key  | Safe — reads key already on disk, loads into memory, never transmits. |
+
+## Emergency Fix — Revive a Dead Agent
+
+When `ssh-add -l` returns "Could not open a connection to your
+authentication agent":
+
+```sh
+eval $(ssh-agent -s)
+ssh-add ~/.ssh/<keyname>
+```
+
+Verify:
+
+```sh
+ssh-add -l
+# Should show the key fingerprint
+ssh -T git@codeberg.org
+# Should return "Hi there, ... successfully authenticated"
+```
+
+## Tier 1 — Start Agent on Login (the missing prerequisite)
+
+`AddKeysToAgent yes` adds a key to a running agent — it does NOT start one.
+If `SSH_AUTH_SOCK` is unset (headless login, SSH-in, non-graphical shell),
+the error still fires.
+
+**FreeBSD (no systemd):** Seed `~/.profile`:
+
+```sh
+# Start SSH agent if not already running
+if [ -z "$SSH_AUTH_SOCK" ]; then
+  eval $(ssh-agent -s) > /dev/null 2>&1
+fi
+```
+
+**Linux (systemd):** Alternatively, a `systemd --user` service:
+
+```ini
+# ~/.config/systemd/user/ssh-agent.service
+[Unit]
+Description=SSH agent
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/ssh-agent -a %t/ssh-agent.socket
+
+[Install]
+WantedBy=default.target
+```
+
+Then set the socket in `~/.config/environment.d/ssh-agent.conf`:
+
+```
+SSH_AUTH_SOCK=%t/ssh-agent.socket
+```
+
+The profile approach works on both platforms and is what the ISO installer
+uses.
+
+## Tier 2 — Auto-load Key on First Use
+
+Add to `~/.ssh/config`:
+
+```
+Host *
+    AddKeysToAgent yes
+    ForwardAgent no
+```
+
+After this, the first `ssh` or `git` operation that needs the key will
+automatically load it into the running agent. No manual `ssh-add` needed
+once the agent is alive.
+
+`ForwardAgent no` is a secure default — it does NOT break Herdr `--remote`
+(which forwards a Unix socket and uses the key directly).
+
+## Tier 3 — Terminal Preferences (tmux)
+
+Seed `~/.tmux.conf` with UI preferences only:
+
+```
+set -g base-index 1
+setw -g pane-base-index 1
+set -g mouse on
+```
+
+**Do NOT** add `set-option -g update-environment "SSH_AUTH_SOCK ..."` to
+tmux.conf. tmux's default `update-environment` already includes
+`SSH_AUTH_SOCK` plus `DISPLAY`, `XAUTHORITY`, `SSH_CONNECTION`, and others.
+Using `set -g` (not `-ga`) **replaces the entire list**, dropping
+`DISPLAY`/`XAUTHORITY` refresh and breaking GUI apps launched from a
+reattached tmux session on XFCE desktops. The default is already correct;
+no override is needed.
+
+## Complete Setup (first boot)
+
+All three tiers in one shot for a fresh FreeBSD machine:
+
+```sh
+# Tier 1: Agent launcher
+cat >> ~/.profile <<'EOF'
+if [ -z "$SSH_AUTH_SOCK" ]; then
+  eval $(ssh-agent -s) > /dev/null 2>&1
+fi
+EOF
+
+# Tier 2: Auto-load key
+mkdir -p ~/.ssh && chmod 700 ~/.ssh
+cat >> ~/.ssh/config <<'EOF'
+Host *
+    AddKeysToAgent yes
+    ForwardAgent no
+EOF
+chmod 600 ~/.ssh/config
+
+# Tier 3: UI preferences (no update-environment override)
+cat >> ~/.tmux.conf <<'EOF'
+set -g base-index 1
+setw -g pane-base-index 1
+set -g mouse on
+EOF
+```
+
+## Troubleshooting
+
+**Symptom:** `ssh-add ~/.ssh/<key>` says "Could not open a connection to
+your authentication agent."
+
+**Fix:** Agent process is dead. Run `eval $(ssh-agent -s)` first, then retry.
+
+---
+
+**Symptom:** `ssh -T git@codeberg.org` works but `git push` still fails.
+
+**Fix:** Git may be using a different SSH key path (check `~/.ssh/config`
+`IdentityFile` directive). Run `ssh-add -l` to confirm the key is loaded
+under the same identity Git expects.
+
+---
+
+**Symptom:** Codeberg returns "Connection closed by 217.197.84.140 port 22"
+intermittently.
+
+**Fix:** This is a server-side issue, not agent-related. Wait a few minutes
+and retry. The root cause is remote.
+
+---
+
+**Symptom:** GUI apps (X11) don't work after reattaching tmux on XFCE.
+
+**Fix:** Check if `~/.tmux.conf` has `set-option -g update-environment`
+(without `-ga`). Remove it — the default list already covers `DISPLAY` and
+`SSH_AUTH_SOCK`.
+
+## Cross-Repo Dependencies
+
+The ISO installer implements this skill across two firstboot modules:
+
+- `clawdie-iso/firstboot/shell-ssh.sh` — seeds `~/.ssh/config` with
+  `AddKeysToAgent yes` + `ForwardAgent no` after SSH key installation.
+- `clawdie-iso/firstboot/shell-system.sh` — generates `~/.profile`
+  (agent launcher) and `~/.bashrc` (sudo→mdo alias, ZFS snapshot safety,
+  agent fallback for non-login shells, PATH, prompt, aliases).
+
+`shell-system.sh` runs after `shell-ssh.sh` and owns the final dotfiles.
+The sudo→mdo decision is documented in `clawdie-iso/AGENTS.md` (System
+Configuration section).
diff --git a/.agent/skills/strapi/SKILL.md b/.agent/skills/strapi/SKILL.md
new file mode 100644
index 0000000..b27681c
--- /dev/null
+++ b/.agent/skills/strapi/SKILL.md
@@ -0,0 +1,223 @@
+---
+name: strapi
+description: Manage the Strapi CMS running inside the cms jail on FreeBSD. Use when installing Strapi, defining content types, managing API access, migrating content, or troubleshooting the CMS. Triggers on "strapi", "cms", "content management", "content types".
+---
+
+# Strapi
+
+Use this skill for the headless CMS that feeds content to tenant homes and tenant sites.
+
+## Scope
+
+This skill covers:
+
+- Strapi installation and configuration inside the `cms` jail
+- PostgreSQL database setup for Strapi
+- Content type design and management
+- API access configuration
+- Content migration from static HTML
+- Shared CMS admin/API surface design (`cms.<base>`)
+
+This skill does not replace:
+
+- `astro` for frontend builds and deployment
+- `nginx` for web server configuration
+- `postgres-memory` for the Clawdie memory database (separate from CMS)
+
+## Architecture
+
+```
+cms jail (${AGENT_SUBNET_BASE}.4)
+  ├── Strapi (Node.js, :1337)
+  └── Astro (build tool)
+         ↓ fetches from Strapi API
+         ↓ reads .agent/skills/*/SKILL.md via mount
+         ↓
+  build output ──→ /srv/www/ (inside cms) ──→ cms jail nginx
+
+db jail (${AGENT_SUBNET_BASE}.3)
+  └── PostgreSQL 18 + pgvector available
+         ↑ Strapi connects over VNET (${AGENT_SUBNET_BASE}.3:5432)
+```
+
+Strapi and Astro run together in a dedicated `cms` jail. Strapi connects to
+PostgreSQL in the `db` jail over the warden0 bridge. This keeps the `db` jail
+as a pure database server and avoids mixing application runtime with the
+database role.
+
+Strapi uses a **separate database** from the Clawdie memory database —
+never mix CMS content with agent memory.
+
+## Canonical targets
+
+- Jail: `cms`
+- Shared CMS surface: `cms.<base>` (default `cms.home.arpa`)
+- IP: `${AGENT_SUBNET_BASE}.4`
+- Memory budget: 1 GB (see `freebsd-admin/references/memory-budget.md`)
+- Strapi port: `1337`
+- Strapi admin (upstream app): `http://${AGENT_SUBNET_BASE}.4:1337/admin`
+- Strapi API (upstream app): `http://${AGENT_SUBNET_BASE}.4:1337/api`
+- Nginx-facing shared CMS host: `http://cms.<base>/admin` and `http://cms.<base>/api`
+- PostgreSQL host: `${AGENT_SUBNET_BASE}.3` (db jail, over VNET)
+- PostgreSQL database: `strapi_cms` (separate from agent memory DB)
+- Strapi install path: `/home/clawdie/strapi` (inside cms jail)
+- Astro install path: `/home/clawdie/clawdie-docs` (inside cms jail)
+- Jail webroot: `/srv/www/`
+- Strapi Node.js limit: `NODE_OPTIONS="--max-old-space-size=512"`
+
+## Content types
+
+Design content types to match the public Clawdie site structure:
+
+### Page
+
+General-purpose pages (homepage, about, etc.)
+
+| Field           | Type      | Notes                 |
+| --------------- | --------- | --------------------- |
+| title           | Text      | Required              |
+| slug            | UID       | From title            |
+| content         | Rich Text | Main body             |
+| hero_text       | Rich Text | Optional hero section |
+| seo_title       | Text      | Optional              |
+| seo_description | Text      | Optional              |
+| order           | Number    | Sort order            |
+
+### Guide
+
+Technical guides (FreeBSD setup, nginx SSL, etc.)
+
+| Field         | Type      | Notes                                    |
+| ------------- | --------- | ---------------------------------------- |
+| title         | Text      | Required                                 |
+| slug          | UID       | From title                               |
+| content       | Rich Text | Markdown-friendly                        |
+| category      | Enum      | setup, networking, security, integration |
+| difficulty    | Enum      | beginner, intermediate, advanced         |
+| last_verified | Date      | When last tested                         |
+| order         | Number    | Sort order                               |
+
+### Skill
+
+Auto-generated from `.agent/skills/*/SKILL.md` files.
+
+| Field       | Type      | Notes                                                |
+| ----------- | --------- | ---------------------------------------------------- |
+| name        | Text      | Skill name                                           |
+| slug        | UID       | From name                                            |
+| description | Text      | From YAML frontmatter                                |
+| category    | Enum      | channels, infrastructure, operations, agent, utility |
+| content     | Rich Text | From SKILL.md body                                   |
+| skill_count | Number    | Updated on sync                                      |
+
+### BlogPost
+
+Development log and milestone announcements.
+
+| Field        | Type      | Notes            |
+| ------------ | --------- | ---------------- |
+| title        | Text      | Required         |
+| slug         | UID       | From title       |
+| content      | Rich Text | Main body        |
+| published_at | DateTime  | Publication date |
+| tags         | JSON      | Flexible tagging |
+
+## Surface ownership
+
+- `cms.<base>` is operator/editor-only in V2
+- tenant agents use the CMS through API tokens, not CMS user sessions
+- tenant home (`<tenant>.<base>`) and tenant sites (`<site>.<tenant>.<base>`) are separate web surfaces backed by Astro/static output, not by Strapi admin routes
+
+## Workflow
+
+### Phase 1: Installation
+
+1. Read `references/install.md` for step-by-step Strapi setup in the cms jail
+2. ZFS snapshot before installing: `zfs snapshot zroot/clawdie-runtime/jails/db@pre-strapi-DD.mmm.YYYY`
+3. Install Node.js 24 inside cms jail if not present
+4. Create `strapi_cms` PostgreSQL database
+5. Sync the repo-owned Strapi project into `/home/clawdie/strapi`
+6. Configure Strapi to use local PostgreSQL
+7. Let bootstrap seed create the default starter content if missing
+8. Start Strapi and verify admin UI
+
+### Phase 2: Content types
+
+1. Create content types via Strapi admin UI or content-type builder
+2. Follow the schema defined above
+3. Set API permissions: public read for pages/guides/skills, authenticated write
+
+### Phase 3: Content migration
+
+1. Read `references/migration.md` for HTML-to-Strapi migration steps
+2. Extract content from existing static HTML files
+3. Create entries via Strapi API or admin UI
+4. Verify all content is accessible via API
+
+### Migration role in the bigger system
+
+During the transition from the current static site:
+
+- Strapi should own editable site content
+- first population should happen through the repo-owned bootstrap seed, not a
+  destructive dump import
+- Astro should own rendering and layout
+- cms jail nginx should keep serving the stable public site
+- first deployment should prove a minimal static Astro path before layering
+  Strapi-managed content on top
+
+Do not force everything into Strapi. Keep repo-native content in the repository
+when that is the more truthful source.
+
+## Safe defaults
+
+- Always ZFS snapshot the db jail before Strapi changes
+- Keep Strapi database (`strapi_cms`) separate from Clawdie memory database
+- Strapi admin is a shared operator/editor surface — never repurpose tenant home routes for admin access
+- Public API is read-only — authenticated access required for writes
+- Run Strapi as the `clawdie` user, not root
+
+## Strapi service management
+
+Inside the cms jail:
+
+```sh
+# start
+cd /home/clawdie/strapi && NODE_ENV=production npm run start
+
+# development mode
+cd /home/clawdie/strapi && npm run develop
+
+# rebuild admin
+cd /home/clawdie/strapi && npm run build
+```
+
+For persistent service, create an rc.d script inside the jail or use a process manager.
+
+## Troubleshooting
+
+### Strapi won't start
+
+- Check Node.js version: `node --version` (must be 20+)
+- Check PostgreSQL is running in db jail: `sudo bastille cmd ${AGENT_NAME}-db service postgresql status`
+- Check database exists: `psql -U clawdie -l | grep strapi_cms`
+- Check logs: `tail /home/clawdie/strapi/logs/`
+
+### Cannot access admin UI
+
+- Strapi binds to `0.0.0.0:1337` by default inside the jail
+- Access via jail IP: `http://${AGENT_SUBNET_BASE}.4:1337/admin`
+- Must be on Tailscale network or host bridge to reach jail IP
+- Check pf rules allow traffic to jail port 1337
+
+### API returns empty
+
+- Check content type permissions in Settings > Roles > Public
+- Enable `find` and `findOne` for public role
+- Check content is published (draft content not returned by default)
+
+### Database connection fails
+
+- Verify `strapi_cms` database exists
+- Check database config in `/home/clawdie/strapi/config/database.js`
+- PostgreSQL must allow local connections (check `pg_hba.conf`)
diff --git a/.agent/skills/strapi/references/install.md b/.agent/skills/strapi/references/install.md
new file mode 100644
index 0000000..6b4e062
--- /dev/null
+++ b/.agent/skills/strapi/references/install.md
@@ -0,0 +1,164 @@
+# Strapi Installation in cms Jail
+
+## Prerequisites
+
+- `db` jail running at `${AGENT_SUBNET_BASE}.3` with PostgreSQL 18
+- `cms` jail provisioned at `${AGENT_SUBNET_BASE}.4` (see current `setup --step cms`)
+- Node.js 24 installed inside cms jail
+- Network connectivity between cms and db jails (warden0 bridge)
+
+## Step 1: ZFS snapshot
+
+Always snapshot before changes:
+
+```sh
+# on host — dry-run first
+sudo zfs snapshot -nv zroot/clawdie-runtime/jails/db@pre-strapi-DD.mmm.YYYY
+sudo zfs snapshot -nv zroot/clawdie-runtime/jails/cms@pre-strapi-DD.mmm.YYYY
+
+# then execute
+sudo zfs snapshot zroot/clawdie-runtime/jails/db@pre-strapi-DD.mmm.YYYY
+sudo zfs snapshot zroot/clawdie-runtime/jails/cms@pre-strapi-DD.mmm.YYYY
+```
+
+## Step 2: Verify cms jail baseline
+
+The current `main` bootstrap path already creates `${AGENT_NAME}-cms` with
+nginx, Node.js, rsync, and a minimal Astro site. Verify that baseline first:
+
+```sh
+jls
+sudo bastille cmd ${AGENT_NAME}-cms hostname
+sudo bastille cmd ${AGENT_NAME}-cms ping -c 1 ${AGENT_SUBNET_BASE}.3
+sudo bastille cmd ${AGENT_NAME}-cms node --version
+```
+
+## Step 3: Create PostgreSQL database for Strapi (in db jail)
+
+The current `setup --step db` path already reserves `strapi_cms` and generates
+`STRAPI_DB_PASSWORD` plus the `STRAPI_*` app secrets in `.env`, and the
+current `setup --step cms` path consumes them for the default internal Strapi
+bootstrap. If you are repairing an older install, verify first instead of
+re-creating it blindly:
+
+```sh
+. /home/clawdie/clawdie-ai/.env
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -tAc \"SELECT rolname FROM pg_roles WHERE rolname='strapi_cms';\""
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -tAc \"SELECT datname FROM pg_database WHERE datname='strapi_cms';\""
+```
+
+If they are missing, create them manually:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createdb strapi_cms"
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "createuser strapi_cms"
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c \"ALTER USER strapi_cms WITH PASSWORD '$STRAPI_DB_PASSWORD';\""
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "psql -c \"GRANT ALL PRIVILEGES ON DATABASE strapi_cms TO strapi_cms;\""
+```
+
+### Allow remote connections from cms jail
+
+Edit `pg_hba.conf` inside db jail to allow connections from `${AGENT_SUBNET_BASE}.4`:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "echo 'host strapi_cms strapi_cms ${AGENT_SUBNET_BASE}.4/32 scram-sha-256' >> /var/db/postgres/data/pg_hba.conf"
+```
+
+Edit `postgresql.conf` to listen on the db jail IP:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db su - postgres -c "sed -i '' \"s/#listen_addresses = 'localhost'/listen_addresses = 'localhost,${AGENT_SUBNET_BASE}.3'/\" /var/db/postgres/data/postgresql.conf"
+```
+
+Reload PostgreSQL:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-db service postgresql restart
+```
+
+Verify from cms jail:
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-cms pkg install -y postgresql18-client
+sudo bastille cmd ${AGENT_NAME}-cms psql -h ${AGENT_SUBNET_BASE}.3 -U strapi_cms -d strapi_cms -c "SELECT 1;"
+```
+
+## Step 4: Create or refresh the repo-owned Strapi project
+
+```sh
+sudo rsync -a /home/clawdie/clawdie-ai/bootstrap/cms/strapi/ \
+  /usr/local/bastille/jails/${AGENT_NAME}-cms/root/home/clawdie/strapi/
+```
+
+Current `main` uses the repo-owned Strapi skeleton rather than generating a
+fresh project from `npx create-strapi`.
+
+## Step 5: Configure PostgreSQL connection
+
+Create `/home/clawdie/strapi/.env` inside cms jail:
+
+```
+DATABASE_HOST=${AGENT_SUBNET_BASE}.3
+DATABASE_PORT=5432
+DATABASE_NAME=strapi_cms
+DATABASE_USERNAME=strapi_cms
+DATABASE_PASSWORD=$STRAPI_DB_PASSWORD
+APP_KEYS=$STRAPI_APP_KEYS
+API_TOKEN_SALT=$STRAPI_API_TOKEN_SALT
+ADMIN_JWT_SECRET=$STRAPI_ADMIN_JWT_SECRET
+TRANSFER_TOKEN_SALT=$STRAPI_TRANSFER_TOKEN_SALT
+JWT_SECRET=$STRAPI_JWT_SECRET
+NODE_OPTIONS=--max-old-space-size=512
+```
+
+Edit `config/database.js`:
+
+```js
+module.exports = ({ env }) => ({
+  connection: {
+    client: 'postgres',
+    connection: {
+      host: env('DATABASE_HOST', '${AGENT_SUBNET_BASE}.3'),
+      port: env.int('DATABASE_PORT', 5432),
+      database: env('DATABASE_NAME', 'strapi_cms'),
+      user: env('DATABASE_USERNAME', 'strapi_cms'),
+      password: env('DATABASE_PASSWORD', ''),
+      ssl: false,
+    },
+  },
+});
+```
+
+## Step 6: Install PostgreSQL client dependency
+
+```sh
+sudo bastille cmd ${AGENT_NAME}-cms su - clawdie -c "cd /home/clawdie/strapi && npm install pg"
+```
+
+## Step 7: Build and start
+
+```sh
+# build admin panel
+sudo bastille cmd ${AGENT_NAME}-cms su - clawdie -c "cd /home/clawdie/strapi && npm run build"
+
+# start in development mode first to create admin user
+sudo bastille cmd ${AGENT_NAME}-cms su - clawdie -c "cd /home/clawdie/strapi && npm run develop"
+```
+
+## Step 8: Create admin user
+
+Open `http://${AGENT_SUBNET_BASE}.4:1337/admin` from a Tailscale-connected browser.
+Create the first admin user through the registration form.
+
+## Step 9: Verify API
+
+```sh
+curl -s http://${AGENT_SUBNET_BASE}.4:1337/api | python3 -m json.tool
+```
+
+## Step 10: Post-install snapshot
+
+```sh
+sudo zfs snapshot -nv zroot/clawdie-runtime/jails/cms@strapi-installed-DD.mmm.YYYY
+sudo zfs snapshot zroot/clawdie-runtime/jails/cms@strapi-installed-DD.mmm.YYYY
+```
diff --git a/.agent/skills/strapi/references/migration.md b/.agent/skills/strapi/references/migration.md
new file mode 100644
index 0000000..6f59ebf
--- /dev/null
+++ b/.agent/skills/strapi/references/migration.md
@@ -0,0 +1,77 @@
+# Content Migration: Static HTML to Strapi
+
+## Source files
+
+Current static site at `/usr/local/www/clawdie/`:
+
+| File                        | Target content type | Notes                                                                                      |
+| --------------------------- | ------------------- | ------------------------------------------------------------------------------------------ |
+| `index.html`                | Page (slug: `home`) | Extract sections: hero, what-is, ecosystem, setup, bigger-picture, full-stack, this-server |
+| `docs/index.html`           | Page (slug: `docs`) | Documentation index                                                                        |
+| `guides/freebsd-setup.html` | Guide               | Category: setup                                                                            |
+| `guides/nginx-ssl.html`     | Guide               | Category: networking                                                                       |
+| `guides/stripe-agents.html` | Guide               | Category: integration                                                                      |
+| `guides/tailscale-vpn.html` | Guide               | Category: networking                                                                       |
+
+## Skill pages (auto-generated)
+
+Skills should be synced from `.agent/skills/*/SKILL.md` files at build time,
+not manually entered into Strapi. Two approaches:
+
+**Option A: Build-time import** (recommended)
+
+- Astro reads SKILL.md files directly from the repo at build time
+- No Strapi dependency for skills
+- Skills are always in sync with code
+
+**Option B: Strapi sync script**
+
+- Script reads all SKILL.md files and pushes to Strapi API
+- Run after adding/updating skills
+- Adds a sync step but keeps all content in one place
+
+Recommended: Option A for skills, Strapi for everything else.
+
+## Migration order
+
+1. Create content types in Strapi (Page, Guide, BlogPost)
+2. Migrate guides first — simplest, self-contained HTML
+3. Migrate docs index
+4. Migrate homepage sections — most complex, has custom layout
+5. Verify all API endpoints return correct content
+6. Switch Astro to pull from Strapi instead of static files
+7. Remove old static HTML once Astro build is verified
+
+## Content extraction approach
+
+For each HTML file:
+
+1. Read the file
+2. Extract text content from semantic HTML (h1, h2, p, ul, etc.)
+3. Convert to Markdown or Strapi Rich Text format
+4. Create entry via Strapi REST API:
+
+```sh
+curl -X POST http://${AGENT_SUBNET_BASE}.4:1337/api/pages \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer <token>" \
+  -d '{
+    "data": {
+      "title": "Home",
+      "slug": "home",
+      "content": "..."
+    }
+  }'
+```
+
+## Verification
+
+After migration, verify each content type:
+
+```sh
+# list all pages
+curl -s http://${AGENT_SUBNET_BASE}.4:1337/api/pages | python3 -m json.tool
+
+# list all guides
+curl -s http://${AGENT_SUBNET_BASE}.4:1337/api/guides | python3 -m json.tool
+```
diff --git a/.agent/skills/system-stats/SKILL.md b/.agent/skills/system-stats/SKILL.md
new file mode 100644
index 0000000..ac2cb31
--- /dev/null
+++ b/.agent/skills/system-stats/SKILL.md
@@ -0,0 +1,58 @@
+---
+name: system-stats
+description: Check host CPU, RAM, load average, and top processes — quick health snapshot
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "System health"
+  - "CPU usage"
+  - "Memory usage"
+  - "RAM usage"
+  - "Load average"
+  - "Is the system under load"
+  - "Performance check"
+estimated_tokens: 300-400
+---
+
+# system-stats
+
+Quick host resource snapshot — CPU, RAM, load, top processes.
+
+## Usage
+
+```bash
+# Load average + CPU
+sysctl vm.loadavg
+top -b -d 1 | head -20
+
+# Memory
+sysctl hw.physmem vm.stats.vm.v_free_count vm.stats.vm.v_page_size
+
+# Or use freecolor / htop if installed
+vmstat -h
+```
+
+## Output (interpreted)
+
+```
+Load averages: 0.32 0.41 0.38 (1min 5min 15min)
+CPU: 8% user, 3% system, 89% idle
+RAM: 6.2 GB used / 16 GB total (39%)
+Top: postgres 4.1%, pi 2.3%, nginx 0.1%
+```
+
+## Warning Thresholds
+
+- **Load > number of CPUs:** System under strain — investigate
+- **RAM > 85% used:** Risk of swap pressure — report to CEO
+- **Single process > 50% CPU sustained:** Investigate root cause
+
+## When to Use
+
+- Daily Sysadmin heartbeat (combined with jail-status and disk-usage)
+- When Telegram messages are slow to process
+- After a new jail or service is added
+
+## Escalate If
+
+- RAM consistently >85% → CEO decides whether to add capacity
+- Runaway process detected → CEO decides whether to restart
diff --git a/.agent/skills/telegram-admin/SKILL.md b/.agent/skills/telegram-admin/SKILL.md
new file mode 100644
index 0000000..9840242
--- /dev/null
+++ b/.agent/skills/telegram-admin/SKILL.md
@@ -0,0 +1,39 @@
+---
+name: telegram-admin
+description: Bootstrap and manage the Telegram operator path for Clawdie. Use when verifying TELEGRAM_BOT_TOKEN, discovering chats, registering the main/admin chat, or wiring operator alert routing through the bot.
+---
+
+# Telegram Admin
+
+Use this skill for the operator-facing Telegram bootstrap path.
+
+## Scope
+
+This skill covers:
+
+- verifying `TELEGRAM_BOT_TOKEN`
+- chat discovery through the running bot
+- main/admin chat registration
+- expected registration command shape
+- operator alert routing assumptions
+
+This skill does not replace:
+
+- `warden-bootstrap` for jail creation
+- `nginx-glasspane` for the web operator surface
+
+## Canonical admin flow
+
+1. verify token
+2. start Clawdie
+3. send a message to the bot
+4. list discovered chats
+5. register the admin chat to `main`
+
+## Workflow
+
+1. Read `references/token-check.md`
+2. Read `references/chat-discovery.md`
+3. Read `references/registration.md`
+4. If debugging is needed, read `references/troubleshooting.md`
+5. Prefer the scripts in `scripts/` to render the verify/register commands
diff --git a/.agent/skills/telegram-admin/references/chat-discovery.md b/.agent/skills/telegram-admin/references/chat-discovery.md
new file mode 100644
index 0000000..c727cf9
--- /dev/null
+++ b/.agent/skills/telegram-admin/references/chat-discovery.md
@@ -0,0 +1,21 @@
+# Telegram Chat Discovery
+
+Use this file when the bot is running but no group/chat is registered yet.
+
+## Discovery flow
+
+1. start Clawdie
+2. send a message to the bot from the intended admin chat
+3. list discovered chats
+
+Command:
+
+```sh
+npx tsx setup/index.ts --step groups --list
+```
+
+Expected output shape:
+
+```text
+tg:<chat_id>|<name>
+```
diff --git a/.agent/skills/telegram-admin/references/registration.md b/.agent/skills/telegram-admin/references/registration.md
new file mode 100644
index 0000000..1acde32
--- /dev/null
+++ b/.agent/skills/telegram-admin/references/registration.md
@@ -0,0 +1,17 @@
+# Telegram Admin Registration
+
+Use this file when binding the discovered Telegram chat to the main Clawdie
+group.
+
+## Canonical registration
+
+```sh
+npx tsx setup/index.ts --step register --jid tg:<chat_id> --name "<Name>" --folder main --trigger @Clawdie --no-trigger-required --assistant-name Clawdie
+```
+
+## Expected result
+
+- `registered_groups` row created
+- `groups/main` exists
+- `AGENTS.md` updated if assistant name changed
+- `verify` reports `REGISTERED_GROUPS: 1`
diff --git a/.agent/skills/telegram-admin/references/token-check.md b/.agent/skills/telegram-admin/references/token-check.md
new file mode 100644
index 0000000..30177ed
--- /dev/null
+++ b/.agent/skills/telegram-admin/references/token-check.md
@@ -0,0 +1,21 @@
+# Telegram Token Check
+
+Use this file when verifying the bot token.
+
+## Current project command
+
+```sh
+npm run auth
+```
+
+That maps to:
+
+```sh
+tsx setup/telegram-auth.ts
+```
+
+## Expected success
+
+- token present in `.env`
+- Telegram `getMe` succeeds
+- setup reports verified bot username
diff --git a/.agent/skills/telegram-admin/references/troubleshooting.md b/.agent/skills/telegram-admin/references/troubleshooting.md
new file mode 100644
index 0000000..fa6b5ca
--- /dev/null
+++ b/.agent/skills/telegram-admin/references/troubleshooting.md
@@ -0,0 +1,25 @@
+# Telegram Admin Troubleshooting
+
+Use this file when Telegram appears configured but Clawdie does not respond.
+
+## Common failure signatures
+
+### `getUpdates` returns empty while bot is running
+
+Likely cause:
+
+- the running process is already consuming updates
+
+### Chat exists in `chats` table but `groups --list` used to show nothing
+
+Known fix:
+
+- current code now lists chats from the actual `chats` table
+
+### Bot shows `Typing...` but no reply
+
+Likely cause:
+
+- downstream Warden/jail failure
+- check `npm run doctor`
+- check `logs/clawdie.log`
diff --git a/.agent/skills/telegram-admin/scripts/render_register_command.sh b/.agent/skills/telegram-admin/scripts/render_register_command.sh
new file mode 100755
index 0000000..8476604
--- /dev/null
+++ b/.agent/skills/telegram-admin/scripts/render_register_command.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+set -eu
+
+CHAT_ID="${1:-tg:00000000}"
+NAME="${2:-Admin}"
+ASSISTANT_NAME="${3:-Clawdie}"
+
+cat <<EOF
+npx tsx setup/index.ts --step register --jid ${CHAT_ID} --name "${NAME}" --folder main --trigger @Clawdie --no-trigger-required --assistant-name ${ASSISTANT_NAME}
+EOF
diff --git a/.agent/skills/telegram-admin/scripts/render_verify_commands.sh b/.agent/skills/telegram-admin/scripts/render_verify_commands.sh
new file mode 100755
index 0000000..fffa223
--- /dev/null
+++ b/.agent/skills/telegram-admin/scripts/render_verify_commands.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -eu
+
+cat <<'EOF'
+npm run auth
+npx tsx setup/index.ts --step verify
+npx tsx setup/index.ts --step groups --list
+EOF
+
diff --git a/.agent/skills/tmux-screenshot/SKILL.md b/.agent/skills/tmux-screenshot/SKILL.md
new file mode 100644
index 0000000..320282a
--- /dev/null
+++ b/.agent/skills/tmux-screenshot/SKILL.md
@@ -0,0 +1,392 @@
+---
+name: tmux-screenshot
+description: >-
+  Capture tmux session state into TXT, JSON, and PNG artifacts for operator
+  debugging. Also covers tmux session lifecycle: when to respawn after locale
+  changes, how to propagate env into a running session, and how to restart the
+  tmux server cleanly. Use when publishing or analyzing tmux session state,
+  comparing terminal text against known failure signatures, generating
+  structured diagnostic captures for the glasspane viewer, or when locale/env
+  changes need to take effect inside a running tmux session.
+---
+
+# tmux-screenshot
+
+Use this skill for terminal-state capture and session lifecycle management.
+
+TXT and JSON are the primary diagnostic artifacts. PNG exists for human viewing.
+
+## Scope
+
+This skill covers:
+
+- tmux pane capture
+- text-first diagnostic artifacts
+- structured JSON metadata
+- screenshot publishing for the operator glasspane
+- **security: key detection and obfuscation**
+- **encrypted storage for sensitive screenshots**
+- **session lifecycle: respawn, env propagation, locale activation**
+
+## Output priority
+
+1. `txt`
+2. `json`
+3. `png`
+
+Use TXT for direct comparison and signature matching.
+
+Use JSON for structured automation.
+
+Use PNG for human browsing and visual review.
+
+## Telegram Photo Sending
+
+When the operator asks for a screenshot **as a photo**, always include the PNG file path(s) on their own line(s) in the reply.
+
+- Use `tmp/screenshots/<uuid>.png` or `tmp/tmux/<uuid>.png` (preferred), or the absolute path under the project root.
+- Do not wrap paths in code blocks — keep them as plain lines so the Mevy service can auto-detect and send them via Telegram `sendPhoto`.
+- The photo is sent back to the same chat JID that requested it.
+
+Example:
+
+Captured screenshot:
+tmp/screenshots/074c26fa2b65.png
+
+## Security: Secrets Handling
+
+Screenshots may contain sensitive data (API keys, passwords, tokens).
+
+### Two-Tier Storage
+
+| Location                 | Purpose                  | Encryption |
+| ------------------------ | ------------------------ | ---------- |
+| `tmp/screenshots/`       | Public staging artifacts | No         |
+| `encrypted/screenshots/` | Private (real secrets)   | Yes (ZFS)  |
+
+The encrypted dataset must be created manually on the host first. Preflight
+only validates it; it does not create it interactively.
+
+### Key Detection
+
+The system detects these patterns:
+
+| Pattern              | Type       | Example              |
+| -------------------- | ---------- | -------------------- |
+| `sk-or-v1-*`         | OpenRouter | `sk-or-v1-9314...`   |
+| `sk-svcacct-*`       | OpenAI     | `sk-svcacct-DUr5...` |
+| 32 hex + dot + alnum | ZAI        | `9de3d8a7...JtsQ`    |
+| `\d{10}:*`           | Telegram   | `7959075962:AAHF...` |
+| `password=*`         | Generic    | Redacted             |
+
+### Leet Obfuscation
+
+Public screenshots use leet-speak obfuscation:
+
+```
+# Real (encrypted/screenshots/api-key.txt)
+ZAI_API_KEY=9de3d8a7c74b435699fa43ecf5f2656d.JtsQ9qTyhaiCLBJw
+
+# Obfuscated (tmp/screenshots/api-key.ans)
+ZAI_API_KEY=9de3d8a7*****l33t-h4x0r-k3y*****
+```
+
+- First 8 chars preserved (identify key type)
+- Rest replaced with leet-speak
+- Length preserved for visual consistency
+
+### Metadata
+
+`metadata.json` tracks:
+
+```json
+{
+  "name": "10-api-key",
+  "title": "API Key",
+  "status": "success",
+  "hasSecrets": true,
+  "secretsRedacted": true,
+  "timestamp": "2026-03-10T19:30:00.000Z"
+}
+```
+
+## Failure Handling
+
+Screenshots can track failures and retries.
+
+### Status Types
+
+| Status             | Color         | Meaning                     |
+| ------------------ | ------------- | --------------------------- |
+| `success`          | Green border  | Step completed              |
+| `failure`          | Red border    | Unexpected failure          |
+| `expected_failure` | Yellow border | Known issue, retry expected |
+
+### Retry Logic
+
+When `retry: true` in metadata:
+
+```json
+{
+  "status": "expected_failure",
+  "retry": true,
+  "message": "Network unreachable (simulated), retrying..."
+}
+```
+
+The system will:
+
+1. Log the failure
+2. Wait and retry
+3. Update status on success
+
+## Dependencies
+
+Required on FreeBSD host:
+
+- `python311` — system Python (3.11)
+- `py311-pillow` — install with `sudo pkg install py311-pillow`
+- `dejavu` fonts — install with `sudo pkg install dejavu`
+
+On current `main`, both packages are part of the recommended host baseline, so
+tmux screenshots should work without a separate `uv pip install Pillow` step.
+
+## Canonical paths
+
+- Script: `.agent/skills/tmux-screenshot/tmux-screenshot.py`
+- Output dir: `tmp/screenshots/` (default local staging dir)
+- Encrypted dir: `encrypted/screenshots/` (private, ZFS encrypted)
+- Published path: `/usr/local/www/clawdie/screenshots/` on host (served by host nginx behind basic auth)
+- Fonts: `/usr/local/share/fonts/dejavu/DejaVuSansMono.ttf`
+- Manifest: `manifest.json` in the chosen output directory
+
+## Session Lifecycle
+
+### How tmux inherits environment
+
+tmux inherits env variables from the **server startup environment**, not from
+`~/.login_conf`. New windows and panes copy from the server process, not from
+`login(1)`. This means:
+
+- A locale change written to `~/.login_conf` + `cap_mkdb` does NOT take effect
+  in the current session.
+- Running `export LANG=de_DE.UTF-8` in one pane only affects that pane's shell.
+- The correct way to propagate a locale change is to **respawn the tmux server**.
+
+### Clawdie setup runs inside tmux
+
+Setup and onboarding run inside a tmux session. If the onboarding wizard changes
+the locale, the running session still has the old `LANG`. Always tell the
+operator after locale change:
+
+> Locale written to `~/.login_conf`. Your current tmux session still has the
+> old locale. Respawn tmux to activate it (see below).
+
+### Respawn: full locale activation (recommended)
+
+```sh
+# Save any open work first, then:
+tmux kill-server
+tmux
+```
+
+New session inherits the updated locale from `~/.login_conf` via `login(1)`.
+Verify:
+
+```sh
+locale
+# LANG=de_DE.UTF-8 (or chosen locale)
+```
+
+### Soft approach: patch the running server without respawn
+
+Use when you cannot interrupt the session (long-running process, etc.):
+
+```sh
+# Patch server env — takes effect in new windows/panes from this point
+tmux setenv -g LANG de_DE.UTF-8
+tmux setenv -g LC_ALL de_DE.UTF-8
+tmux setenv -g LC_CTYPE de_DE.UTF-8
+
+# Patch the current pane's shell immediately
+export LANG=de_DE.UTF-8
+export LC_ALL=de_DE.UTF-8
+```
+
+This patches the running server. Existing panes keep their old shell env until
+you manually `export` there too. New windows/panes will inherit the patched env.
+
+### When to respawn vs soft-patch
+
+| Situation                        | Action                                    |
+| -------------------------------- | ----------------------------------------- |
+| Onboarding just set a new locale | Respawn (clean)                           |
+| Long-running job in another pane | Soft-patch server, export in current pane |
+| Checking if locale is active     | `locale` in a new window after respawn    |
+| After `cap_mkdb ~/.login_conf`   | Respawn for full activation               |
+
+### Checking active locale inside tmux
+
+```sh
+# In any pane
+echo $LANG
+locale
+
+# Check tmux server env
+tmux showenv -g LANG
+```
+
+If `tmux showenv -g LANG` returns the new locale but `echo $LANG` in the pane
+shows old value — the pane shell hasn't picked it up yet. Open a new window or
+`export` manually.
+
+## Workflow
+
+1. Run `python3 .agent/skills/tmux-screenshot/tmux-screenshot.py --session clawdie --window main`
+2. Read the `.txt` output first
+3. Read the `.json` output for structured metadata
+4. Use the `.png` output only when a human needs visual context
+
+### Quick capture from host
+
+```sh
+python3 /home/clawdie/clawdie-ai/.agent/skills/tmux-screenshot/tmux-screenshot.py --session clawdie --window main
+```
+
+Override output directory with `--outdir /path/to/dir`.
+
+Add `--base-url https://clawdie.si/screenshots` only when writing directly to the
+published webroot (`/usr/local/www/clawdie/screenshots/`).
+
+To publish new captures, copy from `tmp/screenshots/` to webroot and update `viewer.html`:
+
+```sh
+cp tmp/screenshots/{uuid}.{png,json,txt} /usr/local/www/clawdie/screenshots/
+```
+
+Gallery: `https://clawdie.si/screenshots/viewer.html` (basic auth protected).
+
+Override session name with `--session <name>`.
+
+Override capture target with:
+
+- `--window <name|index>` for a specific tmux window
+- `--pane %NN` for an absolute tmux pane id
+- `--pane <index>` together with `--window <name|index>` for a pane inside a specific window
+
+### Self-capture guard
+
+If you launch the screenshot command from inside tmux, the script now refuses to
+capture the invoking pane by default. This prevents captures filled with the
+`tmux-screenshot.py` command itself.
+
+Use one of these patterns instead:
+
+```sh
+# Best: capture a dedicated status window
+python3 .agent/skills/tmux-screenshot/tmux-screenshot.py --session clawdie --window main
+
+# Capture a specific pane by absolute pane id
+python3 .agent/skills/tmux-screenshot/tmux-screenshot.py --pane %5
+
+# Only if you intentionally want the current pane
+python3 .agent/skills/tmux-screenshot/tmux-screenshot.py --session 0 --allow-self-capture
+```
+
+## JSON fields
+
+The JSON artifact is the machine-readable state capture.
+
+Current fields include:
+
+- `uuid`
+- `session`
+- `captured_at`
+- `captured_at_display`
+- `host`
+- `window_index`
+- `window_name`
+- `pane_id`
+- `pane_title`
+- `pane_current_command`
+- `pane_current_path`
+- `capture_target`
+- `text_path`
+- `png_path`
+- `json_path`
+- `line_count`
+- `txt_hash`
+- `tags`
+- `detected_signatures`
+- `dimensions`
+- `has_secrets` — true if secrets detected
+- `secrets_redacted` — true if obfuscated
+
+Use `captured_at_display` for user-facing rendering.
+
+Use `captured_at` for machine comparison and sorting.
+
+## Diagnostic use
+
+This skill is intended to work with troubleshooting skills.
+
+Preferred comparison order:
+
+1. compare `.txt` against known failure and success signatures
+2. inspect `.json` for context such as command, path, and pane title
+3. check `detected_signatures` in JSON for auto-triage results
+4. check `has_secrets` and `secrets_redacted` for security status
+5. open `.png` only when human visual review is needed
+
+### Signature detection
+
+The detector runs all captured text against two signature databases:
+
+**Failure signatures** (checked first) — known error patterns that require action:
+
+- Missing warden0 bridge, stale epair interfaces
+- PF table missing, NAT rules empty, firewall blocking all
+- Host forwarding disabled, Tailscale resolver leak
+- Service jail missing, wrong gateway provisioned
+- PostgreSQL shmget/initdb failures
+- Sanoid config missing, ZFS pool degraded
+- Telegram typing with no reply
+
+**Success signatures** — known healthy patterns that confirm working state:
+
+- warden0 bridge at 10.0.1.1
+- Host forwarding enabled
+- Git jail at git.<agent>.home.arpa / 10.0.1.2
+- CMS jail at cms.<agent>.home.arpa / 10.0.1.3
+- Database jail at db.<agent>.home.arpa / 10.0.1.5 (only when DB_RUNTIME=jail)
+- PostgreSQL processes running
+- ZFS pool ONLINE, clawdie-runtime datasets exist
+- Sanoid autosnap active
+- PF NAT and pass rules present
+
+### Auto-triage output
+
+The JSON `detected_signatures` field is structured as:
+
+```json
+{
+  "failures": [{"id": "...", "severity": "error", "invoke": "skill-name", ...}],
+  "warnings": [{"id": "...", "severity": "warn", ...}],
+  "info": [],
+  "healthy": [{"id": "...", "severity": "ok", ...}],
+  "all": [...]
+}
+```
+
+When `invoke` is present on a failure, the agent should run that skill to remediate.
+
+### Signature sources
+
+Failure and success patterns are sourced from real-world observations documented in:
+
+- `freebsd-admin` — host forwarding, resolver baseline
+- `freebsd-admin` — bridge, epair, VNET, NAT, PF rules, firewall state, provisioning
+- `postgres-memory` — shmget, initdb, jail IPC
+- `sanoid` — snapshot config, sample dataset warnings
+- `freebsd-admin` — pool health, dataset layout
+- `telegram-admin` — bot response health
diff --git a/.agent/skills/tmux-screenshot/tmux-screenshot.py b/.agent/skills/tmux-screenshot/tmux-screenshot.py
new file mode 100644
index 0000000..941cdc7
--- /dev/null
+++ b/.agent/skills/tmux-screenshot/tmux-screenshot.py
@@ -0,0 +1,1171 @@
+#!/usr/bin/env python3
+"""
+Atomic screenshot capture for tmux sessions.
+UUID is derived from content hash — filename IS the verification.
+
+Usage:
+    python3 tmux-screenshot.py [--session NAME] [--window NAME] [--pane ID] [--outdir DIR] [--base-url URL]
+    python3 tmux-screenshot.py --verify UUID
+
+Outputs:
+    {outdir}/{uuid}.png     (human-facing image)
+    {outdir}/{uuid}.txt     (primary diagnostic text)
+    {outdir}/{uuid}.json    (primary structured metadata)
+    {outdir}/manifest.json  (updated index)
+
+UUID = first 12 chars of SHA256(stripped_text)
+"""
+import os
+import re
+import subprocess
+import sys
+import json
+import hashlib
+import unicodedata
+from pathlib import Path
+from datetime import datetime
+from PIL import Image, ImageDraw, ImageFont
+
+# ═─ config ────────────────────────────────────────────────────────────────────
+PROJECT_ROOT = Path(__file__).resolve().parents[3]
+FONT_PATH = "/usr/local/share/fonts/dejavu/DejaVuSansMono.ttf"
+FONT_BOLD_PATH = "/usr/local/share/fonts/dejavu/DejaVuSansMono-Bold.ttf"
+# Fallback for glyphs missing in Mono (braille U+2800-28FF, box-drawing, etc.)
+FONT_FALLBACK_PATH = "/usr/local/share/fonts/dejavu/DejaVuSans.ttf"
+FONT_FALLBACK_BOLD_PATH = "/usr/local/share/fonts/dejavu/DejaVuSans-Bold.ttf"
+FONT_SIZE = 15
+PADDING = 20
+BG_COLOR = (18, 18, 28)
+DEFAULT_FG = (228, 228, 228)
+
+DEFAULT_SESSION = "clawdie"
+DEFAULT_OUTDIR = PROJECT_ROOT / "tmp" / "screenshots"
+DEFAULT_PUBLISH_DIR = Path("/usr/local/www/clawdie/screenshots")
+SLOVENIAN_MONTH_ABBR = ['jan', 'feb', 'mar', 'apr', 'maj', 'jun', 'jul', 'avg', 'sep', 'okt', 'nov', 'dec']
+
+
+def format_display_timestamp(dt: datetime) -> str:
+    return f"{dt.day:02d}.{SLOVENIAN_MONTH_ABBR[dt.month - 1]}.{dt.year} {dt.hour:02d}:{dt.minute:02d}:{dt.second:02d}"
+
+# ═─ signature database ────────────────────────────────────────────────────────
+# Each signature has:
+#   id            - unique identifier
+#   severity      - 'error', 'warn', or 'ok' (success signature)
+#   source_skill  - which skill owns the knowledge
+#   patterns      - list of text patterns to match (case-insensitive substring)
+#   next_action   - what the agent should do next
+#   invoke        - (optional) skill to auto-invoke for remediation
+
+# ── failure signatures ────────────────────────────────────────────────────────
+
+FAILURE_SIGNATURES = [
+    # bastille-network
+    {
+        'id': 'missing_warden_bridge',
+        'severity': 'error',
+        'source_skill': 'bastille-network',
+        'patterns': [
+            'ifconfig: interface warden0 does not exist',
+        ],
+        'next_action': 'Recreate warden0 and make it persistent in /etc/rc.conf before starting service jails.',
+        'invoke': 'bastille-network',
+    },
+    {
+        'id': 'stale_bastille_epair',
+        'severity': 'warn',
+        'source_skill': 'bastille-network',
+        'patterns': [
+            'ioctl SIOCSIFNAME (set name): File exists',
+            'ifconfig ${epair0} up name e0a_bastille1',
+        ],
+        'next_action': 'Destroy stale e0a_bastille1/e0b_bastille1 interfaces and retry Bastille start.',
+        'invoke': 'bastille-network',
+    },
+    {
+        'id': 'bridge_no_gateway',
+        'severity': 'error',
+        'source_skill': 'bastille-network',
+        'patterns': [
+            'BRIDGE_HAS_GATEWAY: false',
+        ],
+        'next_action': 'Assign 10.0.0.1/24 to warden0 and persist in rc.conf.',
+        'invoke': 'bastille-network',
+    },
+
+    # warden-pf
+    {
+        'id': 'missing_default_route',
+        'severity': 'error',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'route: route has not been found',
+            'Network is unreachable',
+        ],
+        'next_action': 'Verify the affected service jail has a default route to 10.0.0.1 and that host forwarding and pf are configured.',
+        'invoke': 'warden-pf',
+    },
+    {
+        'id': 'resolver_failure',
+        'severity': 'error',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'Transient resolver failure',
+        ],
+        'next_action': 'Validate resolver config, host forwarding, and pf/NAT for the Warden subnet.',
+        'invoke': 'warden-pf',
+    },
+    {
+        'id': 'missing_pf_table',
+        'severity': 'warn',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'pfctl: Table does not exist.',
+        ],
+        'next_action': 'Add the Warden pf table and NAT rules to the host pf.conf before relying on Bastille lifecycle cleanup.',
+        'invoke': 'warden-pf',
+    },
+    {
+        'id': 'pf_blocks_all_no_warden',
+        'severity': 'error',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'block drop all',
+        ],
+        'next_action': 'Host firewall blocks jail traffic. Add: pass quick on warden0 inet from 10.0.0.0/24 to any keep state.',
+        'invoke': 'warden-pf',
+    },
+    {
+        'id': 'pf_nat_empty',
+        'severity': 'error',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'No ALTQ support in kernel',
+        ],
+        'next_action': 'NAT rules may be missing. Check pfctl -sn and add: nat on vtnet0 from 10.0.0.0/24 to any -> (vtnet0).',
+        'invoke': 'warden-pf',
+    },
+
+    # freebsd-admin
+    {
+        'id': 'host_forwarding_disabled',
+        'severity': 'error',
+        'source_skill': 'freebsd-admin',
+        'patterns': [
+            'net.inet.ip.forwarding: 0',
+        ],
+        'next_action': 'Set gateway_enable=YES in /etc/rc.conf and apply net.inet.ip.forwarding=1.',
+        'invoke': 'freebsd-admin',
+    },
+    {
+        'id': 'tailscale_resolver_leak',
+        'severity': 'warn',
+        'source_skill': 'freebsd-admin',
+        'patterns': [
+            'nameserver 100.100.100.100',
+        ],
+        'next_action': 'Host Tailscale resolver leaked into jail. Create dedicated Bastille resolver at /usr/local/etc/bastille/resolv.conf with 1.1.1.1 and 9.9.9.9.',
+        'invoke': 'freebsd-admin',
+    },
+
+    # warden-bootstrap
+    {
+        'id': 'service_jail_missing',
+        'severity': 'error',
+        'source_skill': 'warden-bootstrap',
+        'patterns': [
+            'jexec: jail "clawdie-db" not found',
+            'jexec: jail "clawdie-cms" not found',
+            'jexec: jail "clawdie-git" not found',
+        ],
+        'next_action': 'Create or start the required service jail before running Warden tasks.',
+        'invoke': 'warden-bootstrap',
+    },
+    {
+        'id': 'wrong_gateway_provisioned',
+        'severity': 'error',
+        'source_skill': 'warden-bootstrap',
+        'patterns': [
+            'add net default: gateway 51.83.197.1',
+            'Invalid argument',
+        ],
+        'next_action': 'VNET jail was created without -g 10.0.0.1. Destroy and recreate with the correct Warden gateway.',
+        'invoke': 'warden-bootstrap',
+    },
+    {
+        'id': 'jail_no_default_route',
+        'severity': 'warn',
+        'source_skill': 'warden-bootstrap',
+        'patterns': [
+            'netstat -rn',
+        ],
+        'next_action': 'Check if jail has a default route. If missing, recreate with -g 10.0.0.1.',
+        'invoke': 'warden-bootstrap',
+    },
+
+    # postgres-memory
+    {
+        'id': 'pg_shmget_fail',
+        'severity': 'error',
+        'source_skill': 'postgres-memory',
+        'patterns': [
+            'could not create shared memory segment',
+            'shmget',
+            'Function not implemented',
+        ],
+        'next_action': 'Set allow.sysvipc=1 on the db jail, restart jail, then rerun service postgresql initdb.',
+        'invoke': 'postgres-memory',
+    },
+    {
+        'id': 'pg_initdb_fail',
+        'severity': 'error',
+        'source_skill': 'postgres-memory',
+        'patterns': [
+            'initdb: error:',
+        ],
+        'next_action': 'PostgreSQL initdb failed. Check allow.sysvipc=1 and jail permissions.',
+        'invoke': 'postgres-memory',
+    },
+
+    # sanoid
+    {
+        'id': 'sanoid_sample_dataset_warning',
+        'severity': 'info',
+        'source_skill': 'sanoid',
+        'patterns': [
+            'zpoolname/parent2',
+            'dataset does not exist',
+        ],
+        'next_action': 'Benign warning from shipped sample config. Remove or comment out the zpoolname/parent2 block in sanoid.conf.',
+    },
+    {
+        'id': 'sanoid_no_config',
+        'severity': 'warn',
+        'source_skill': 'sanoid',
+        'patterns': [
+            'no sanoid.conf found',
+            'sanoid.conf: No such file',
+        ],
+        'next_action': 'Write /usr/local/etc/sanoid/sanoid.conf for db, git, and cms datasets.',
+        'invoke': 'sanoid',
+    },
+
+    # warden-zfs
+    {
+        'id': 'zfs_pool_degraded',
+        'severity': 'error',
+        'source_skill': 'warden-zfs',
+        'patterns': [
+            'state: DEGRADED',
+            'state: FAULTED',
+        ],
+        'next_action': 'ZFS pool is unhealthy. Investigate with zpool status before any jail operations.',
+    },
+    {
+        'id': 'zfs_dataset_not_found',
+        'severity': 'error',
+        'source_skill': 'warden-zfs',
+        'patterns': [
+            "cannot open 'zroot/clawdie-runtime'",
+        ],
+        'next_action': 'Clawdie-runtime dataset missing. Run warden-zfs to create the dataset layout.',
+        'invoke': 'warden-zfs',
+    },
+
+    # telegram-admin
+    {
+        'id': 'telegram_typing_no_reply',
+        'severity': 'warn',
+        'source_skill': 'telegram-admin',
+        'patterns': [
+            'Typing...',
+        ],
+        'next_action': 'Bot shows typing but no reply. Check downstream jail health with npm run doctor and logs/clawdie.log.',
+        'invoke': 'warden-health',
+    },
+]
+
+# ── success signatures ────────────────────────────────────────────────────────
+
+SUCCESS_SIGNATURES = [
+    # bastille-network
+    {
+        'id': 'bridge_healthy',
+        'severity': 'ok',
+        'source_skill': 'bastille-network',
+        'patterns': [
+            'inet 10.0.0.1',
+        ],
+        'next_action': 'Warden bridge warden0 is healthy.',
+    },
+    {
+        'id': 'vnet_epair_created',
+        'severity': 'ok',
+        'source_skill': 'bastille-network',
+        'patterns': [
+            'Applying template: default/vnet',
+            'Creating a thickjail',
+        ],
+        'next_action': 'VNET thick jail creation succeeded.',
+    },
+
+    # freebsd-admin
+    {
+        'id': 'forwarding_enabled',
+        'severity': 'ok',
+        'source_skill': 'freebsd-admin',
+        'patterns': [
+            'net.inet.ip.forwarding: 1',
+        ],
+        'next_action': 'Host IP forwarding is enabled.',
+    },
+
+    # warden-bootstrap
+    {
+        'id': 'cms_hostname_ok',
+        'severity': 'ok',
+        'source_skill': 'warden-bootstrap',
+        'patterns': [
+            'cms.clawdie.home.arpa',
+        ],
+        'next_action': 'CMS hostname is correctly set.',
+    },
+    {
+        'id': 'cms_ip_ok',
+        'severity': 'ok',
+        'source_skill': 'warden-bootstrap',
+        'patterns': [
+            'inet 10.0.0.5',
+        ],
+        'next_action': 'CMS jail has the correct IP.',
+    },
+
+    # postgres-memory
+    {
+        'id': 'db_ip_ok',
+        'severity': 'ok',
+        'source_skill': 'postgres-memory',
+        'patterns': [
+            'inet 10.0.0.3',
+        ],
+        'next_action': 'Database jail has the correct IP.',
+    },
+    {
+        'id': 'pg_running',
+        'severity': 'ok',
+        'source_skill': 'postgres-memory',
+        'patterns': [
+            'postgres: checkpointer',
+            'postgres: background writer',
+        ],
+        'next_action': 'PostgreSQL is running inside the db jail.',
+    },
+
+    # warden-zfs
+    {
+        'id': 'zpool_healthy',
+        'severity': 'ok',
+        'source_skill': 'warden-zfs',
+        'patterns': [
+            'state: ONLINE',
+        ],
+        'next_action': 'ZFS pool is healthy.',
+    },
+    {
+        'id': 'clawdie_runtime_exists',
+        'severity': 'ok',
+        'source_skill': 'warden-zfs',
+        'patterns': [
+            'zroot/clawdie-runtime/jails/db',
+            'zroot/clawdie-runtime/jails/git',
+            'zroot/clawdie-runtime/jails/cms',
+        ],
+        'next_action': 'Persistent service jail datasets exist under clawdie-runtime.',
+    },
+
+    # sanoid
+    {
+        'id': 'sanoid_snapshots_active',
+        'severity': 'ok',
+        'source_skill': 'sanoid',
+        'patterns': [
+            'autosnap_',
+        ],
+        'next_action': 'Sanoid automated snapshots are being created.',
+    },
+
+    # warden-pf
+    {
+        'id': 'nat_rule_present',
+        'severity': 'ok',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'nat on vtnet0 from 10.0.0.0/24',
+        ],
+        'next_action': 'NAT rule for Warden subnet is active.',
+    },
+    {
+        'id': 'warden_pass_rule',
+        'severity': 'ok',
+        'source_skill': 'warden-pf',
+        'patterns': [
+            'pass quick on warden0',
+        ],
+        'next_action': 'PF pass rule for warden0 is active.',
+    },
+]
+
+# Combined for the detector — failures checked first, then success
+SIGNATURES = FAILURE_SIGNATURES + SUCCESS_SIGNATURES
+
+
+def tmux_query(target: str, fmt: str) -> str:
+    result = subprocess.run(
+        ['tmux', 'display-message', '-p', '-t', target, fmt],
+        capture_output=True,
+    )
+    if result.returncode != 0:
+        return ''
+    return result.stdout.decode('utf-8', errors='replace').strip()
+
+
+def build_tmux_target(session_name: str, window_name: str | None, pane_name: str | None) -> str:
+    if pane_name and pane_name.startswith('%'):
+        return pane_name
+
+    target = session_name
+    if window_name:
+        target = f'{session_name}:{window_name}'
+
+    if pane_name:
+        if not window_name:
+            raise ValueError('Relative pane targets require --window. Use --pane %NN for an absolute tmux pane id.')
+        target = f'{target}.{pane_name}'
+
+    return target
+
+
+def guard_self_capture(target: str, allow_self_capture: bool) -> None:
+    if allow_self_capture:
+        return
+
+    current_pane = os.environ.get('TMUX_PANE', '').strip()
+    if not current_pane:
+        return
+
+    target_pane = tmux_query(target, '#{pane_id}')
+    if target_pane and target_pane == current_pane:
+        raise RuntimeError(
+            'Refusing to capture the invoking tmux pane. '
+            'Use --window <name>, --pane <id>, or --allow-self-capture.'
+        )
+
+
+def tmux_meta(target: str, session_name: str) -> dict:
+    def q(fmt: str) -> str:
+        return tmux_query(target, fmt)
+
+    return {
+        'session': q('#S') or session_name,
+        'window_index': q('#I'),
+        'window_name': q('#W'),
+        'pane_id': q('#D'),
+        'pane_title': q('#T'),
+        'pane_current_command': q('#{pane_current_command}'),
+        'pane_current_path': q('#{pane_current_path}'),
+        'capture_target': target,
+    }
+
+# ═─ char width ────────────────────────────────────────────────────────────────
+def char_width(ch: str) -> int:
+    """Return terminal column width: 2 for East Asian Wide/Fullwidth, else 1."""
+    if ch in ('\n', '\r'):
+        return 0
+    eaw = unicodedata.east_asian_width(ch)
+    return 2 if eaw in ('F', 'W') else 1
+
+
+def visual_len(text: str) -> int:
+    """Column width of a string accounting for double-width characters."""
+    return sum(char_width(c) for c in text)
+
+
+# ═─ ANSI 256-color palette ────────────────────────────────────────────────────
+def build_256_palette():
+    palette: dict[int, tuple[int, int, int]] = {}
+    basic = [
+        (0,0,0),(170,0,0),(0,170,0),(170,85,0),
+        (0,0,170),(170,0,170),(0,170,170),(170,170,170),
+        (85,85,85),(255,85,85),(85,255,85),(255,255,85),
+        (85,85,255),(255,85,255),(85,255,255),(255,255,255),
+    ]
+    for i, c in enumerate(basic):
+        palette[i] = c
+    for i in range(216):
+        r = (i // 36) * 51
+        g = ((i // 6) % 6) * 51
+        b = (i % 6) * 51
+        palette[16 + i] = (r, g, b)
+    for i in range(24):
+        v = 8 + i * 10
+        palette[232 + i] = (v, v, v)
+    return palette
+
+PALETTE = build_256_palette()
+
+# ═─ ANSI parsing ──────────────────────────────────────────────────────────────
+ANSI_SGR = re.compile(r'\x1b\[([0-9;]*)m')
+STRIP_ESC = re.compile(r'\x1b\[[0-9;]*[A-Za-ln-z]')  # exclude 'm' (SGR)
+STRIP_CTRL = re.compile(r'[\x00-\x08\x0b-\x1f\x7f]')
+
+
+ANSI_ALL = re.compile(r'\x1b\[[0-9;]*[A-Za-z]')
+
+def parse_ansi(text: str):
+    """Yield (char, fg_color, bg_color, bold) tuples from ANSI-colored text."""
+    fg = DEFAULT_FG
+    bg = BG_COLOR
+    bold = False
+
+    # Walk through text, consuming all ANSI escape sequences.
+    # SGR codes (ending in 'm') update colors; all others are skipped.
+    # Characters outside escape sequences are yielded with current colors.
+    pos = 0
+    for m in ANSI_ALL.finditer(text):
+        # Yield visible characters between escape sequences
+        segment = text[pos:m.start()]
+        for ch in segment:
+            if ch in ('\x1b', '\x00', '\x07', '\x0f', '\x7f') or ('\x01' <= ch <= '\x08') or ('\x0b' <= ch <= '\x1f'):
+                continue
+            yield (ch, fg, bg, bold)
+        pos = m.end()
+
+        code = m.group(0)
+        if not code.endswith('m'):
+            continue  # skip non-SGR sequences (cursor movement, etc.)
+
+        raw = code[2:-1]  # strip \x1b[ and m
+        params = [int(x) if x else 0 for x in raw.split(';')] if raw else [0]
+        i = 0
+        while i < len(params):
+            p = params[i]
+            if p == 0:
+                fg = DEFAULT_FG; bg = BG_COLOR; bold = False
+            elif p == 1:
+                bold = True
+            elif p == 2:
+                bold = False  # dim
+            elif p == 22:
+                bold = False
+            elif p == 39:
+                fg = DEFAULT_FG
+            elif p == 49:
+                bg = BG_COLOR
+            elif 30 <= p <= 37:
+                fg = PALETTE[p - 30]
+            elif 40 <= p <= 47:
+                bg = PALETTE[p - 40]
+            elif 90 <= p <= 97:
+                fg = PALETTE[p - 90 + 8]
+            elif 100 <= p <= 107:
+                bg = PALETTE[p - 100 + 8]
+            elif p == 38:
+                if i + 2 < len(params) and params[i+1] == 5:
+                    fg = PALETTE.get(params[i+2], DEFAULT_FG)
+                    i += 2
+                elif i + 4 < len(params) and params[i+1] == 2:
+                    fg = (params[i+2], params[i+3], params[i+4])
+                    i += 4
+            elif p == 48:
+                if i + 2 < len(params) and params[i+1] == 5:
+                    bg = PALETTE.get(params[i+2], BG_COLOR)
+                    i += 2
+                elif i + 4 < len(params) and params[i+1] == 2:
+                    bg = (params[i+2], params[i+3], params[i+4])
+                    i += 4
+            i += 1
+
+    # Yield remaining visible characters after last escape sequence
+    for ch in text[pos:]:
+        if ch in ('\x1b', '\x00', '\x07', '\x0f', '\x7f') or ('\x01' <= ch <= '\x08') or ('\x0b' <= ch <= '\x1f'):
+            continue
+        yield (ch, fg, bg, bold)
+
+
+def strip_ansi(text: str) -> str:
+    text = ANSI_SGR.sub('', text)
+    text = STRIP_ESC.sub('', text)
+    text = STRIP_CTRL.sub('', text)
+    return text
+
+
+# ═─ capture ───────────────────────────────────────────────────────────────────
+def capture_tmux(target: str) -> str:
+    result = subprocess.run(
+        ['tmux', 'capture-pane', '-t', target, '-e', '-p'],
+        capture_output=True,
+    )
+    if result.returncode != 0:
+        raise RuntimeError(f"tmux capture failed: {result.stderr.decode('utf-8', errors='replace')}")
+    return result.stdout.decode('utf-8', errors='replace')
+
+
+def calculate_hash(content: str) -> str:
+    return hashlib.sha256(content.encode('utf-8')).hexdigest()
+
+
+def detect_signatures(text: str) -> dict:
+    """Detect known failure and success signatures in terminal text.
+
+    Returns a dict with 'failures', 'warnings', 'info', and 'healthy' lists.
+    Failures are checked first so the agent can act on problems before
+    acknowledging healthy state.
+    """
+    lowered = text.lower()
+    failures = []
+    warnings = []
+    info = []
+    healthy = []
+
+    for signature in FAILURE_SIGNATURES:
+        for pattern in signature['patterns']:
+            if pattern.lower() in lowered:
+                entry = {
+                    'id': signature['id'],
+                    'severity': signature['severity'],
+                    'source_skill': signature['source_skill'],
+                    'matched_text': pattern,
+                    'next_action': signature['next_action'],
+                }
+                if 'invoke' in signature:
+                    entry['invoke'] = signature['invoke']
+                if signature['severity'] == 'error':
+                    failures.append(entry)
+                elif signature['severity'] == 'warn':
+                    warnings.append(entry)
+                else:
+                    info.append(entry)
+                break
+
+    for signature in SUCCESS_SIGNATURES:
+        for pattern in signature['patterns']:
+            if pattern.lower() in lowered:
+                healthy.append({
+                    'id': signature['id'],
+                    'severity': 'ok',
+                    'source_skill': signature['source_skill'],
+                    'matched_text': pattern,
+                    'next_action': signature['next_action'],
+                })
+                break
+
+    return {
+        'failures': failures,
+        'warnings': warnings,
+        'info': info,
+        'healthy': healthy,
+        # flat list for backward compatibility with JSON metadata
+        'all': failures + warnings + info + healthy,
+    }
+
+
+# ═─ render ────────────────────────────────────────────────────────────────────
+def needs_fallback(ch: str) -> bool:
+    """Characters where DejaVu Sans Mono lacks glyphs but DejaVu Sans has them."""
+    cp = ord(ch)
+    return 0x2800 <= cp <= 0x28FF  # Braille Patterns
+
+
+def render_png(raw: str, title_target: str) -> Image.Image:
+    font_reg = ImageFont.truetype(FONT_PATH, FONT_SIZE)
+    font_bold = ImageFont.truetype(FONT_BOLD_PATH, FONT_SIZE)
+    font_fb_reg = ImageFont.truetype(FONT_FALLBACK_PATH, FONT_SIZE)
+    font_fb_bold = ImageFont.truetype(FONT_FALLBACK_BOLD_PATH, FONT_SIZE)
+
+    bbox = font_reg.getbbox("M")
+    CELL_W = bbox[2] - bbox[0]
+    CELL_H = int(FONT_SIZE * 1.35)
+
+    lines = raw.split('\n')
+    while lines and not lines[-1].strip():
+        lines.pop()
+
+    # Use visual_len for correct wide-char column counting
+    cols = max((visual_len(strip_ansi(l)) for l in lines), default=80)
+    rows = len(lines)
+
+    img_w = int(cols * CELL_W + PADDING * 2)
+    img_h = int(rows * CELL_H + PADDING * 2)
+
+    img = Image.new('RGB', (img_w, img_h), BG_COLOR)
+
+    # Title bar
+    TITLEBAR_H = 28
+    full_img = Image.new('RGB', (img_w, img_h + TITLEBAR_H), (30, 30, 45))
+    full_img.paste(img, (0, TITLEBAR_H))
+    draw = ImageDraw.Draw(full_img)
+
+    for i, col in enumerate([(255,95,87),(255,189,46),(39,201,63)]):
+        draw.ellipse([PADDING + i*20, 8, PADDING + i*20 + 12, 20], fill=col)
+
+    title_font = ImageFont.truetype(FONT_PATH, 12)
+    title_text = f"tmux · {title_target}"
+    tw = title_font.getbbox(title_text)[2]
+    draw.text(((img_w - tw) // 2, 8), title_text, fill=(150, 150, 170), font=title_font)
+
+    y = TITLEBAR_H + PADDING
+    for line in lines:
+        x = PADDING
+        for ch, fg, bg, bold in parse_ansi(line):
+            if ch == '\n':
+                break
+            if needs_fallback(ch):
+                font = font_fb_bold if bold else font_fb_reg
+            else:
+                font = font_bold if bold else font_reg
+            cw = char_width(ch)
+            cell_w = CELL_W * cw
+            if bg != BG_COLOR and bg != (30, 30, 45):
+                draw.rectangle([x, y, x + cell_w, y + CELL_H], fill=bg)
+            draw.text((x, y), ch, fill=fg, font=font)
+            x += cell_w
+        y += CELL_H
+
+    return full_img
+
+
+# ═─ verify ────────────────────────────────────────────────────────────────────
+def verify_by_filename(uuid: str, txt_path: Path) -> bool:
+    content = txt_path.read_text(encoding='utf-8')
+    calculated = calculate_hash(content)[:12]
+    if calculated != uuid:
+        raise ValueError(
+            f"Hash mismatch!\n"
+            f"Filename:   {uuid}\n"
+            f"Calculated: {calculated}"
+        )
+    return True
+
+
+# ═─ manifest ──────────────────────────────────────────────────────────────────
+def update_manifest(outdir: Path, new_metadata: dict) -> None:
+    manifest_path = outdir / 'manifest.json'
+    existing = []
+    if manifest_path.exists():
+        try:
+            data = json.loads(manifest_path.read_text())
+            existing = data.get('screenshots', [])
+        except Exception as e:
+            print(f"Warning: failed to load manifest: {e}", file=sys.stderr)
+
+    existing = [s for s in existing if s['uuid'] != new_metadata['uuid']]
+    existing.append(new_metadata)
+    existing.sort(key=lambda x: x['captured_at'], reverse=True)
+
+    manifest_path.write_text(json.dumps({
+        'generated_at': datetime.now().isoformat(),
+        'count': len(existing),
+        'screenshots': existing,
+    }, indent=2))
+    print(f"Manifest: {len(existing)} screenshots")
+
+    update_index_html(outdir, existing)
+
+
+def update_index_html(outdir: Path, screenshots: list) -> None:
+    """Regenerate index.html from manifest so the directory is always browseable."""
+    import json as _json
+    # Build JSON data for client-side sorting/filtering
+    items = []
+    for s in screenshots:
+        uuid = s['uuid']
+        date_display = s.get('captured_at_display', s.get('captured_at', ''))
+        date_iso = s.get('captured_at', '')
+        dims = s.get('dimensions', {})
+        size = f"{dims.get('width', '?')}x{dims.get('height', '?')}"
+        items.append({
+            'uuid': uuid,
+            'date_display': date_display,
+            'date_iso': date_iso,
+            'size': size,
+        })
+    data_json = _json.dumps(items)
+    html = f'''<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Screenshots &middot; clawdie.si</title>
+<style>
+*{{margin:0;padding:0;box-sizing:border-box}}
+body{{background:#0d1117;color:#c9d1d9;font-family:'DM Mono','SF Mono',monospace;padding:2rem}}
+a{{color:#00b4d8;text-decoration:none}}
+a:hover{{text-decoration:underline}}
+
+/* header */
+.header{{display:flex;align-items:center;justify-content:center;flex-wrap:wrap;
+         gap:1rem;margin-bottom:1.5rem}}
+h1{{font-size:1.2rem;font-weight:400;color:#8b949e;letter-spacing:0.1em;text-transform:uppercase}}
+h1 span{{color:#00b4d8}}
+.count{{color:#00b4d8}}
+
+/* controls */
+.controls{{display:flex;align-items:center;gap:1rem;flex-wrap:wrap}}
+.controls label{{font-size:.75rem;color:#8b949e;text-transform:uppercase;letter-spacing:.05em}}
+.controls input[type="text"]{{
+    background:#161b22;color:#c9d1d9;border:1px solid #30363d;border-radius:4px;
+    padding:.4rem .6rem;font-family:inherit;font-size:.8rem;cursor:pointer}}
+.controls input[type="text"]:hover{{border-color:#00b4d8}}
+.controls input[type="text"]{{width:8rem;text-align:center;cursor:pointer}}
+.controls input[type="text"]::placeholder{{color:#484f58}}
+.controls input[type="date"]{{position:absolute;pointer-events:none;opacity:0;width:0;height:0}}
+.btn{{background:none;border:1px solid #30363d;color:#8b949e;border-radius:4px;
+    padding:.4rem .8rem;font-family:inherit;font-size:.75rem;cursor:pointer}}
+.btn:hover{{border-color:#00b4d8;color:#00b4d8}}
+.btn-sort{{color:#c9d1d9;min-width:5rem}}
+.btn-search{{color:#c9d1d9;border-color:#00b4d8}}
+
+/* grid */
+.grid{{display:flex;flex-direction:column;align-items:center;gap:.5rem;margin-top:1rem}}
+.card{{background:#161b22;border:1px solid #21262d;border-radius:6px;overflow:hidden;
+       cursor:pointer;transition:border-color .2s;display:flex;align-items:center;gap:1rem}}
+.card:hover{{border-color:#00b4d8}}
+.card img{{width:280px;height:auto;display:block;flex-shrink:0}}
+.meta{{display:flex;flex-direction:column;gap:.2rem;padding:.5rem 1rem .5rem 0;font-size:.75rem;color:#8b949e}}
+.meta .date{{color:#c9d1d9}}
+
+/* empty state */
+.empty{{text-align:center;padding:4rem;color:#484f58;font-size:.9rem}}
+
+/* lightbox */
+.lightbox{{display:none;position:fixed;inset:0;background:rgba(0,0,0,.92);z-index:1000;
+           align-items:center;justify-content:center;padding:1rem}}
+.lightbox.open{{display:flex}}
+.lightbox img{{max-width:95vw;max-height:92vh;border-radius:4px;box-shadow:0 0 40px rgba(0,180,216,.15)}}
+.lightbox-close{{position:fixed;top:1rem;right:1.5rem;background:#161b22;color:#8b949e;
+    border:1px solid #30363d;border-radius:4px;padding:.4rem 1rem;font-family:inherit;
+    font-size:.8rem;cursor:pointer;z-index:1001}}
+.lightbox-close:hover{{color:#00b4d8;border-color:#00b4d8}}
+.lightbox-nav{{position:fixed;top:50%;transform:translateY(-50%);background:#161b22;
+    color:#8b949e;border:1px solid #30363d;border-radius:50%;width:40px;height:40px;
+    display:flex;align-items:center;justify-content:center;cursor:pointer;
+    font-size:1.2rem;z-index:1001}}
+.lightbox-nav:hover{{color:#00b4d8;border-color:#00b4d8}}
+.lightbox-prev{{left:1rem}}
+.lightbox-next{{right:1rem}}
+</style>
+</head>
+<body>
+
+<div class="header">
+  <h1><span>&triangle;</span> Screenshots &middot; <span class="count" id="count">{len(screenshots)}</span> captures</h1>
+  <div class="controls">
+    <button class="btn btn-sort" id="sort">Newest</button>
+    <label>From</label>
+    <input type="text" id="date-from" placeholder="dd.mm.yyyy" readonly>
+    <input type="date" id="pick-from">
+    <label>To</label>
+    <input type="text" id="date-to" placeholder="dd.mm.yyyy" readonly>
+    <input type="date" id="pick-to">
+    <button class="btn btn-search" id="search-dates">Search</button>
+    <button class="btn" id="clear-dates">Clear</button>
+  </div>
+</div>
+
+<div class="grid" id="grid"></div>
+<div class="empty" id="empty" style="display:none">No screenshots match this date range.</div>
+
+<div class="lightbox" id="lightbox">
+  <button class="lightbox-close">Esc to close</button>
+  <button class="lightbox-nav lightbox-prev" id="lb-prev">&larr;</button>
+  <button class="lightbox-nav lightbox-next" id="lb-next">&rarr;</button>
+  <img id="lb-img" src="" alt="">
+</div>
+
+<script>
+const DATA = {data_json};
+const grid = document.getElementById('grid');
+const empty = document.getElementById('empty');
+const countEl = document.getElementById('count');
+const sortBtn = document.getElementById('sort');
+let sortDir = 'newest';
+const dateFrom = document.getElementById('date-from');
+const dateTo = document.getElementById('date-to');
+const clearBtn = document.getElementById('clear-dates');
+
+// lightbox state
+const lb = document.getElementById('lightbox');
+const lbImg = document.getElementById('lb-img');
+let visible = [];  // currently displayed items
+let lbIdx = -1;
+
+function toDateStr(iso) {{
+  if (!iso) return '';
+  return iso.slice(0, 10);
+}}
+
+const pickFrom = document.getElementById('pick-from');
+const pickTo = document.getElementById('pick-to');
+
+// yyyy-mm-dd → dd.mm.yyyy
+function isoToDMY(iso) {{
+  if (!iso) return '';
+  const [y, m, d] = iso.split('-');
+  return d + '.' + m + '.' + y;
+}}
+
+// click text field → open native picker
+dateFrom.addEventListener('click', () => {{ try {{ pickFrom.showPicker(); }} catch(e) {{}} }});
+dateTo.addEventListener('click', () => {{ try {{ pickTo.showPicker(); }} catch(e) {{}} }});
+
+// sync picker → text display
+pickFrom.addEventListener('change', () => {{ dateFrom.value = isoToDMY(pickFrom.value); }});
+pickTo.addEventListener('change', () => {{ dateTo.value = isoToDMY(pickTo.value); }});
+
+let filterFrom = '';
+let filterTo = '';
+
+function applyFilter() {{
+  filterFrom = pickFrom.value;
+  filterTo = pickTo.value;
+  render();
+}}
+
+function render() {{
+  const dir = sortDir;
+
+  let filtered = DATA.filter(item => {{
+    const d = toDateStr(item.date_iso);
+    if (!d) return true;
+    if (filterFrom && d < filterFrom) return false;
+    if (filterTo && d > filterTo) return false;
+    return true;
+  }});
+
+  filtered.sort((a, b) => {{
+    const da = a.date_iso || '';
+    const db = b.date_iso || '';
+    return dir === 'newest' ? db.localeCompare(da) : da.localeCompare(db);
+  }});
+
+  visible = filtered;
+  countEl.textContent = filtered.length;
+
+  if (filtered.length === 0) {{
+    grid.innerHTML = '';
+    empty.style.display = 'block';
+    return;
+  }}
+  empty.style.display = 'none';
+
+  grid.innerHTML = filtered.map((item, i) =>
+    `<div class="card" data-idx="${{i}}">` +
+    `<img src="${{item.uuid}}.png" loading="lazy" alt="${{item.uuid}}">` +
+    `<div class="meta"><span class="date">${{item.date_display}}</span>` +
+    `<span>${{item.size}}</span></div></div>`
+  ).join('');
+}}
+
+// lightbox
+function openLb(idx) {{
+  if (idx < 0 || idx >= visible.length) return;
+  lbIdx = idx;
+  lbImg.src = visible[idx].uuid + '.png';
+  lb.classList.add('open');
+}}
+function closeLb() {{ lb.classList.remove('open'); lbIdx = -1; }}
+function navLb(delta) {{ if (lbIdx >= 0) openLb(lbIdx + delta); }}
+
+grid.addEventListener('click', e => {{
+  const card = e.target.closest('.card');
+  if (card) openLb(parseInt(card.dataset.idx));
+}});
+lb.addEventListener('click', e => {{
+  if (e.target === lb || e.target === lbImg) closeLb();
+}});
+document.getElementById('lb-prev').addEventListener('click', e => {{ e.stopPropagation(); navLb(-1); }});
+document.getElementById('lb-next').addEventListener('click', e => {{ e.stopPropagation(); navLb(1); }});
+document.addEventListener('keydown', e => {{
+  if (!lb.classList.contains('open')) return;
+  if (e.key === 'Escape') closeLb();
+  if (e.key === 'ArrowLeft') navLb(-1);
+  if (e.key === 'ArrowRight') navLb(1);
+}});
+
+// controls
+const searchBtn = document.getElementById('search-dates');
+sortBtn.addEventListener('click', () => {{
+  sortDir = sortDir === 'newest' ? 'oldest' : 'newest';
+  sortBtn.textContent = sortDir === 'newest' ? 'Newest' : 'Oldest';
+  render();
+}});
+searchBtn.addEventListener('click', applyFilter);
+clearBtn.addEventListener('click', () => {{
+  dateFrom.value = ''; dateTo.value = '';
+  pickFrom.value = ''; pickTo.value = '';
+  filterFrom = ''; filterTo = ''; render();
+}});
+
+render();
+</script>
+</body>
+</html>'''
+    (outdir / 'index.html').write_text(html, encoding='utf-8')
+
+
+# ═─ main capture ──────────────────────────────────────────────────────────────
+def capture_screenshot(
+    session: str,
+    outdir: Path,
+    window: str | None = None,
+    pane: str | None = None,
+    allow_self_capture: bool = False,
+    base_url: str | None = None,
+) -> dict:
+    outdir.mkdir(parents=True, exist_ok=True)
+
+    capture_time = datetime.now()
+    target = build_tmux_target(session, window, pane)
+    guard_self_capture(target, allow_self_capture)
+    print(f"Capturing: {target}")
+    raw = capture_tmux(target)
+    meta = tmux_meta(target, session)
+
+    stripped = strip_ansi(raw)
+    txt_hash = calculate_hash(stripped)
+    uuid = txt_hash[:12]
+    sig_result = detect_signatures(stripped)
+    detected_signatures = sig_result['all']
+    if sig_result['failures']:
+        print(f"UUID: {uuid}  *** {len(sig_result['failures'])} FAILURE(S) DETECTED ***")
+        for f in sig_result['failures']:
+            print(f"  ERROR: {f['id']} — {f['next_action']}")
+    elif sig_result['warnings']:
+        print(f"UUID: {uuid}  ({len(sig_result['warnings'])} warning(s))")
+    else:
+        print(f"UUID: {uuid}  ({len(sig_result['healthy'])} healthy signal(s))")
+
+    print("Rendering PNG...")
+    img = render_png(raw, target)
+
+    date_str = format_display_timestamp(capture_time)
+
+    png_path = outdir / f"{uuid}.png"
+    txt_path = outdir / f"{uuid}.txt"
+    json_path = outdir / f"{uuid}.json"
+
+    metadata = {
+        'uuid': uuid,
+        'session': meta['session'],
+        'capture_target': meta['capture_target'],
+        'captured_at': capture_time.isoformat(),
+        'captured_at_display': date_str,
+        'host': subprocess.getoutput('hostname').strip(),
+        'window_index': meta['window_index'],
+        'window_name': meta['window_name'],
+        'pane_id': meta['pane_id'],
+        'pane_title': meta['pane_title'],
+        'pane_current_command': meta['pane_current_command'],
+        'pane_current_path': meta['pane_current_path'],
+        'txt_hash': txt_hash,
+        'text_path': txt_path.name,
+        'png_path': png_path.name,
+        'json_path': json_path.name,
+        'line_count': len(stripped.splitlines()),
+        'tags': ['tmux', 'terminal', 'diagnostic'],
+        'detected_signatures': detected_signatures,
+        'dimensions': {'width': img.width, 'height': img.height},
+    }
+
+    print(f"Saving: {png_path}")
+    img.save(png_path, 'PNG', optimize=True)
+
+    print(f"Saving: {txt_path}")
+    txt_path.write_text(stripped, encoding='utf-8')
+
+    print(f"Saving: {json_path}")
+    json_path.write_text(json.dumps(metadata, indent=2))
+
+    update_manifest(outdir, metadata)
+
+    print("Verifying...")
+    try:
+        verify_by_filename(uuid, txt_path)
+        print("Verified OK")
+    except ValueError as e:
+        print(f"Verification failed: {e}", file=sys.stderr)
+        return {'success': False, 'error': str(e)}
+
+    print(f"\nScreenshot saved: {uuid}")
+    print(f"  PNG: {png_path} ({img.width}x{img.height}px)")
+    print(f"  TXT: {txt_path}")
+    url = None
+    if base_url:
+        url = f"{base_url.rstrip('/')}/{uuid}.png"
+        print(f"  URL: {url}")
+
+    return {
+        'success': True,
+        'uuid': uuid,
+        'png': str(png_path),
+        'txt': str(txt_path),
+        'json': str(json_path),
+        'url': url,
+        'metadata': metadata,
+    }
+
+
+if __name__ == '__main__':
+    import argparse
+
+    parser = argparse.ArgumentParser(description='Atomic tmux screenshot for Clawdie')
+    parser.add_argument('--session', '-s', default=DEFAULT_SESSION, help=f'tmux session (default: {DEFAULT_SESSION})')
+    parser.add_argument('--window', '-w', help='tmux window name or index inside the chosen session')
+    parser.add_argument('--pane', help='tmux pane id (for example %%3) or pane index when used with --window')
+    parser.add_argument('--allow-self-capture', action='store_true', help='allow capturing the invoking tmux pane')
+    parser.add_argument('--outdir', '-o', default=str(DEFAULT_OUTDIR), help=f'output directory (default: {DEFAULT_OUTDIR})')
+    parser.add_argument('--base-url', help='optional public base URL for emitted screenshot links')
+    parser.add_argument('--publish', nargs='?', const=str(DEFAULT_PUBLISH_DIR),
+                        help=f'copy capture to webroot (default: {DEFAULT_PUBLISH_DIR})')
+    parser.add_argument('--verify', metavar='UUID', help='verify an existing screenshot by UUID')
+    args = parser.parse_args()
+
+    outdir = Path(args.outdir)
+
+    if args.verify:
+        uuid = args.verify
+        txt_path = outdir / f"{uuid}.txt"
+        if not txt_path.exists():
+            print(f"Not found: {txt_path}", file=sys.stderr)
+            sys.exit(1)
+        try:
+            verify_by_filename(uuid, txt_path)
+            print("Verified OK")
+            sys.exit(0)
+        except ValueError as e:
+            print(f"Failed: {e}", file=sys.stderr)
+            sys.exit(1)
+    else:
+        result = capture_screenshot(
+            args.session,
+            outdir,
+            window=args.window,
+            pane=args.pane,
+            allow_self_capture=args.allow_self_capture,
+            base_url=args.base_url,
+        )
+        if result['success'] and args.publish:
+            import shutil
+            publish_dir = Path(args.publish)
+            if not publish_dir.is_dir():
+                print(f"Publish dir not found: {publish_dir}", file=sys.stderr)
+                sys.exit(1)
+            uuid = result['uuid']
+            for ext in ('png', 'txt', 'json'):
+                src = outdir / f"{uuid}.{ext}"
+                if src.exists():
+                    shutil.copy2(src, publish_dir / f"{uuid}.{ext}")
+            manifest = outdir / 'manifest.json'
+            if manifest.exists():
+                shutil.copy2(manifest, publish_dir / 'manifest.json')
+            print(f"Published to {publish_dir}")
+        sys.exit(0 if result['success'] else 1)
diff --git a/.agent/skills/update/SKILL.md b/.agent/skills/update/SKILL.md
new file mode 100644
index 0000000..820d3d3
--- /dev/null
+++ b/.agent/skills/update/SKILL.md
@@ -0,0 +1,308 @@
+---
+name: update
+description: 'Update Clawdie from upstream or apply local changes safely with ZFS rollback. Takes a pre-update snapshot, pulls changes, validates build/tests, and supports instant rollback via ZFS. Triggers on "update", "pull upstream", "sync with upstream", "get latest changes".'
+---
+
+# Clawdie Update
+
+Pull upstream changes and merge them with the current installation, using ZFS snapshots for rollback safety. The update skill always takes a snapshot before applying changes so rollback is instant via `zfs rollback`.
+
+**Principle:** Handle everything automatically. Only pause for user confirmation before applying changes, or when merge conflicts need human judgment. Never leave the system in a broken state — if the update fails, roll back to the snapshot.
+
+**UX Note:** Use `AskUserQuestion` for all user-facing questions.
+
+## Answering "are updates available?" questions
+
+When the operator asks for update, package, patch, or security-update status,
+treat it as a **read-only audit** unless they explicitly ask to apply changes.
+
+Use the sysadmin/update-report path that calls hostd read-only ops:
+
+- `pkg-version` — package update candidates for host or a running jail
+- `pkg-audit` — vulnerability audit for host or a running jail
+- `freebsd-update-status` — pending FreeBSD base updates via `updatesready`
+- `freebsd-version` — kernel/running/userland version summary
+- `bastille-list` — discover running jails to audit
+
+Do **not** run `freebsd-update fetch`, `freebsd-update install`, `pkg upgrade`,
+or any mutating update command while answering a status question. The report
+must say explicitly that no updates were applied.
+
+If FreeBSD base status shows installed kernel/userland newer than the running
+kernel (`freebsd-version -k/-u` newer than `uname -r`), record that a reboot is
+required to complete the update and follow the `freebsd-admin` reference
+`references/freebsd-update-reboot.md`. Never reboot without explicit operator
+go-ahead.
+
+**Attribution:** [Peter Steinberger](https://github.com/steipete) created [OpenClaw](https://github.com/openclaw/openclaw), which established the broader project line. [NanoClaw](https://github.com/openclaw/nanoclaw) by [Gavriel](https://github.com/openclaw) provides the upstream update path and skills-engine patterns Clawdie still uses. Clawdie extends that line with ZFS snapshot-based rollback on FreeBSD.
+
+## 1. Pre-flight
+
+### Check current version
+
+```bash
+node -e "console.log(require('./package.json').version)"
+```
+
+### Check for uncommitted changes
+
+```bash
+git status --porcelain
+```
+
+**If there are uncommitted changes:** AskUserQuestion: "You have uncommitted changes. Commit or stash before updating? Options: Continue anyway / Abort (I'll commit first)". If abort, stop.
+
+### Check remote
+
+```bash
+git remote -v
+```
+
+Verify `origin` points to `code.smilepowered.org:clawdie/clawdie-ai.git`.
+Codeberg is mirror/archive only; do not push there unless the operator explicitly asks.
+
+### Check Sanoid status
+
+```bash
+sanoid --version 2>/dev/null && echo "SANOID_OK" || echo "NO_SANOID"
+```
+
+If Sanoid is running, note it — we'll rely on it for automated retention. The manual pre-update snapshot is separate and intentional.
+
+### Check watchdog load gate
+
+Before heavy rebuilds (Node + Rust), explicitly acknowledge the load budget.
+
+```bash
+echo '{"cmd":"status"}' | nc -U "${AGENT_TMP_DIR:-tmp}/ipc/${AGENT_NAME}-watchdog.sock"
+```
+
+If a heavy rebuild is expected, ask the operator whether to switch modes:
+
+AskUserQuestion: "Heavy rebuild ahead (Node + Rust). Switch watchdog mode? Options: Keep auto / Switch to slow (safer) / Switch to fast (accept load) / Cancel"
+
+If they choose slow/fast, apply:
+
+```bash
+echo '{"cmd":"mode","value":"slow"}' | nc -U "${AGENT_TMP_DIR:-tmp}/ipc/${AGENT_NAME}-watchdog.sock"
+```
+
+or
+
+```bash
+echo '{"cmd":"mode","value":"fast"}' | nc -U "${AGENT_TMP_DIR:-tmp}/ipc/${AGENT_NAME}-watchdog.sock"
+```
+
+## 2. ZFS Pre-Update Snapshot
+
+**This is mandatory.** Always snapshot before applying changes.
+
+### Snapshot persistent service datasets
+
+```bash
+SNAP_NAME="pre-update-$(./scripts/date-format.sh snapshot-stamp)"
+for ds in db git cms; do
+  zfs list "zroot/clawdie-runtime/jails/clawdie-${ds}" >/dev/null 2>&1 && \
+    sudo zfs snapshot "zroot/clawdie-runtime/jails/clawdie-${ds}@${SNAP_NAME}"
+done
+```
+
+### Snapshot operator home + npm-global (source of truth)
+
+```bash
+HOME_DATASET=$(zfs list -H -o name,mountpoint -t filesystem | awk -v home="$HOME" '$2==home {print $1}')
+[ -n "$HOME_DATASET" ] && sudo zfs snapshot "${HOME_DATASET}@${SNAP_NAME}"
+
+NPM_DATASET="zroot/clawdie-runtime/shared/npm-global"
+zfs list "$NPM_DATASET" >/dev/null 2>&1 && sudo zfs snapshot "${NPM_DATASET}@${SNAP_NAME}"
+```
+
+### Verify snapshot was created
+
+```bash
+zfs list -t snapshot -r zroot/clawdie-runtime/jails | tail -9
+```
+
+Record the snapshot name for potential rollback.
+
+## 3. Fetch Changes
+
+### Fetch from origin
+
+```bash
+git fetch origin main
+```
+
+### Check what's new
+
+```bash
+git log HEAD..origin/main --oneline
+```
+
+**If no new commits:** Tell the user they're already up to date. AskUserQuestion: "Already up to date. Force pull anyway? Options: Yes / No". If no, stop.
+
+### Preview changes
+
+```bash
+git diff --stat HEAD..origin/main
+```
+
+Present to the user:
+
+- Number of files changed
+- Key files affected (src/, .agent/skills/, docs/)
+- Any package.json version bump
+
+## 4. Confirm
+
+AskUserQuestion: "Apply this update? ZFS snapshot `{SNAP_NAME}` is ready for rollback if anything breaks. Options: Yes, apply / No, cancel"
+
+If cancelled, stop. The snapshot remains (Sanoid will handle retention).
+
+## 5. Apply
+
+### Stop the service (if running)
+
+```bash
+service clawdie status 2>/dev/null && sudo service clawdie stop
+```
+
+### Pull changes
+
+```bash
+git pull origin main
+```
+
+**If merge conflicts:**
+
+For each conflicting file:
+
+1. Read the file — look for conflict markers (`<<<<<<<`, `=======`, `>>>>>>>`)
+2. Check if there's an intent file in `.agent/skills/<skill>/modify/<path>.intent.md`
+3. Resolve using the intent file and codebase understanding
+4. `git add <file>` after resolving
+
+If you cannot confidently resolve a conflict, show the user the conflicting sections and ask for guidance.
+
+### Install dependencies (if package.json changed)
+
+```bash
+git diff HEAD~1 --name-only | grep -q "package.json" && npm install
+```
+
+## 6. Build and Test
+
+### Build
+
+```bash
+npm run build
+```
+
+**If build fails:**
+
+- Type errors: read the error, fix the file, retry
+- Missing dependencies: `npm install` first, retry
+- Native module issues: `npm rebuild pg`
+
+### Run tests
+
+```bash
+npm test
+```
+
+**If tests fail:** Show which tests failed. Try to diagnose and fix. If unfixable, warn user and offer rollback.
+
+### Type check
+
+```bash
+npm run typecheck
+```
+
+## 7. Post-Update Validation
+
+### Run doctor
+
+```bash
+npm run doctor
+```
+
+### Restart service
+
+```bash
+sudo service clawdie start
+service clawdie status
+```
+
+### Verify Telegram connectivity
+
+Check logs for successful bot startup:
+
+```bash
+tail -20 logs/clawdie.log
+```
+
+## 8. Rollback (If Needed)
+
+If the update broke something and you need to roll back:
+
+### Stop service
+
+```bash
+sudo service clawdie stop
+```
+
+### Roll back ZFS
+
+```bash
+for ds in cms git db; do
+  zfs list "zroot/clawdie-runtime/jails/clawdie-${ds}@${SNAP_NAME}" >/dev/null 2>&1 && \
+    sudo zfs rollback "zroot/clawdie-runtime/jails/clawdie-${ds}@${SNAP_NAME}"
+done
+```
+
+### Rebuild and restart
+
+```bash
+npm run build
+sudo service clawdie start
+```
+
+### Verify rollback
+
+```bash
+node -e "console.log(require('./package.json').version)"
+npm run doctor
+```
+
+The rollback is instant because ZFS snapshots are atomic.
+
+## 9. Cleanup
+
+After a successful update (service running, tests passing, Telegram working):
+
+### Take a post-update milestone snapshot
+
+```bash
+NEW_VERSION=$(node -e "console.log(require('./package.json').version)")
+sudo zfs snapshot zroot/clawdie-runtime/jails/cms@v${NEW_VERSION}-$(./scripts/date-format.sh display-date)
+```
+
+### Report status
+
+- "Updated from **{old_version}** to **{new_version}**"
+- Files changed count
+- Build and test status
+- Pre-update snapshot name (for manual rollback reference)
+- Sanoid will handle snapshot retention automatically
+
+## Troubleshooting
+
+**Merge conflicts in many files:** Consider whether extensive local modifications are conflicting with upstream. Use the skills system for customizations instead of direct edits — skills survive updates better.
+
+**Build fails after update:** Check if dependencies changed. Run `npm install` to pick up new packages. Check for breaking TypeScript changes.
+
+**Service won't start after update:** Check `logs/clawdie.error.log`. If unfixable, roll back the affected service jail snapshot under `zroot/clawdie-runtime/jails/`.
+
+**ZFS snapshot missing:** If the pre-update snapshot wasn't taken (manual setup without ZFS), fall back to `git reset --hard HEAD~1` but this is less safe. Always prefer ZFS rollback.
+
+**Sanoid retention:** Pre-update snapshots follow the day-first naming convention. Sanoid's automated retention policy will eventually clean old pre-update snapshots according to the policy defined in `/sanoid` skill.
diff --git a/.agent/skills/update/scripts/fetch-upstream.sh b/.agent/skills/update/scripts/fetch-upstream.sh
new file mode 100755
index 0000000..3174265
--- /dev/null
+++ b/.agent/skills/update/scripts/fetch-upstream.sh
@@ -0,0 +1,85 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Fetch upstream NanoClaw and extract to a temp directory.
+# Outputs a structured status block for machine parsing.
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../../.." && pwd)"
+cd "$PROJECT_ROOT"
+
+# Determine the correct remote
+REMOTE=""
+if git remote get-url upstream &>/dev/null; then
+  REMOTE="upstream"
+elif git remote get-url origin &>/dev/null; then
+  ORIGIN_URL=$(git remote get-url origin)
+  if echo "$ORIGIN_URL" | grep -q "qwibitai/nanoclaw"; then
+    REMOTE="origin"
+  fi
+fi
+
+if [ -z "$REMOTE" ]; then
+  echo "No upstream remote found. Adding upstream → https://github.com/qwibitai/nanoclaw.git"
+  git remote add upstream https://github.com/qwibitai/nanoclaw.git
+  REMOTE="upstream"
+fi
+
+echo "Fetching from $REMOTE..."
+if ! git fetch "$REMOTE" main 2>&1; then
+  echo "<<< STATUS"
+  echo "STATUS=error"
+  echo "ERROR=Failed to fetch from $REMOTE"
+  echo "STATUS >>>"
+  exit 1
+fi
+
+# Get current version from local package.json
+CURRENT_VERSION="unknown"
+if [ -f package.json ]; then
+  CURRENT_VERSION=$(node -e "console.log(require('./package.json').version || 'unknown')")
+fi
+
+# Create temp dir and extract only the paths the skills engine tracks.
+# Read BASE_INCLUDES from the single source of truth in skills-engine/constants.ts,
+# plus always include migrations/ for the migration runner.
+TEMP_DIR="${PROJECT_ROOT}/tmp/skills/nanoclaw-update-$(date +%s)"
+mkdir -p "$TEMP_DIR"
+trap 'rm -rf "$TEMP_DIR"' ERR
+echo "Extracting $REMOTE/main to $TEMP_DIR..."
+
+CANDIDATES=$(node -e "
+  const fs = require('fs');
+  const src = fs.readFileSync('skills-engine/constants.ts', 'utf-8');
+  const m = src.match(/BASE_INCLUDES\s*=\s*\[([^\]]+)\]/);
+  if (!m) { console.error('Cannot parse BASE_INCLUDES'); process.exit(1); }
+  const paths = m[1].match(/'([^']+)'/g).map(s => s.replace(/'/g, ''));
+  paths.push('migrations/');
+  console.log(paths.join(' '));
+")
+
+# Filter to paths that actually exist in the upstream tree.
+# git archive errors if a path doesn't exist, so we check first.
+PATHS=""
+for candidate in $CANDIDATES; do
+  if [ -n "$(git ls-tree --name-only "$REMOTE/main" "$candidate" 2>/dev/null)" ]; then
+    PATHS="$PATHS $candidate"
+  fi
+done
+
+git archive "$REMOTE/main" -- $PATHS | tar -x -C "$TEMP_DIR"
+
+# Get new version from extracted package.json
+NEW_VERSION="unknown"
+if [ -f "$TEMP_DIR/package.json" ]; then
+  NEW_VERSION=$(node -e "console.log(require('$TEMP_DIR/package.json').version || 'unknown')")
+fi
+
+echo ""
+echo "<<< STATUS"
+echo "TEMP_DIR=$TEMP_DIR"
+echo "REMOTE=$REMOTE"
+echo "CURRENT_VERSION=$CURRENT_VERSION"
+echo "NEW_VERSION=$NEW_VERSION"
+echo "STATUS=success"
+echo "STATUS >>>"
diff --git a/.agent/skills/x-integration/SKILL.md b/.agent/skills/x-integration/SKILL.md
new file mode 100644
index 0000000..4d7c7b6
--- /dev/null
+++ b/.agent/skills/x-integration/SKILL.md
@@ -0,0 +1,427 @@
+---
+name: x-integration
+description: X (Twitter) integration for NanoClaw. Post tweets, like, reply, retweet, and quote. Use for setup, testing, or troubleshooting X functionality. Triggers on "setup x", "x integration", "twitter", "post tweet", "tweet".
+---
+
+# X (Twitter) Integration
+
+Browser automation for X interactions via WhatsApp.
+
+> **Compatibility:** NanoClaw v1.0.0. Directory structure may change in future versions.
+
+## Features
+
+| Action  | Tool        | Description              |
+| ------- | ----------- | ------------------------ |
+| Post    | `x_post`    | Publish new tweets       |
+| Like    | `x_like`    | Like any tweet           |
+| Reply   | `x_reply`   | Reply to tweets          |
+| Retweet | `x_retweet` | Retweet without comment  |
+| Quote   | `x_quote`   | Quote tweet with comment |
+
+## Prerequisites
+
+Before using this skill, ensure:
+
+1. **NanoClaw is installed and running** - WhatsApp connected, service active
+2. **Dependencies installed**:
+   ```bash
+   npm ls playwright dotenv-cli || npm install playwright dotenv-cli
+   ```
+3. **CHROME_PATH configured** in `.env` (if Chrome is not at default location):
+   ```bash
+   # Find your Chrome path
+   mdfind "kMDItemCFBundleIdentifier == 'com.google.Chrome'" 2>/dev/null | head -1
+   # Add to .env
+   CHROME_PATH=/path/to/Google Chrome.app/Contents/MacOS/Google Chrome
+   ```
+
+## Quick Start
+
+```bash
+# 1. Setup authentication (interactive)
+npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/setup.ts
+# Verify: data/x-auth.json should exist after successful login
+
+# 2. Rebuild container to include skill
+./container/build.sh
+# Verify: Output shows "COPY .agent/skills/x-integration/agent.ts"
+
+# 3. Rebuild host and restart service
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+# Verify: launchctl list | grep nanoclaw (macOS) or systemctl --user status nanoclaw (Linux)
+```
+
+## Configuration
+
+### Environment Variables
+
+| Variable        | Default                                                        | Description                              |
+| --------------- | -------------------------------------------------------------- | ---------------------------------------- |
+| `CHROME_PATH`   | `/Applications/Google Chrome.app/Contents/MacOS/Google Chrome` | Chrome executable path                   |
+| `NANOCLAW_ROOT` | `process.cwd()`                                                | Project root directory                   |
+| `LOG_LEVEL`     | `info`                                                         | Logging level (debug, info, warn, error) |
+
+Set in `.env` file (loaded via `dotenv-cli` at runtime):
+
+```bash
+# .env
+CHROME_PATH=/Applications/Google Chrome.app/Contents/MacOS/Google Chrome
+```
+
+### Configuration File
+
+Edit `lib/config.ts` to modify defaults:
+
+```typescript
+export const config = {
+    // Browser viewport
+    viewport: { width: 1280, height: 800 },
+
+    // Timeouts (milliseconds)
+    timeouts: {
+        navigation: 30000,    // Page navigation
+        elementWait: 5000,    // Wait for element
+        afterClick: 1000,     // Delay after click
+        afterFill: 1000,      // Delay after form fill
+        afterSubmit: 3000,    // Delay after submit
+        pageLoad: 3000,       // Initial page load
+    },
+
+    // Tweet limits
+    limits: {
+        tweetMaxLength: 280,
+    },
+};
+```
+
+### Data Directories
+
+Paths relative to project root:
+
+| Path                      | Purpose                                  | Git     |
+| ------------------------- | ---------------------------------------- | ------- |
+| `data/x-browser-profile/` | Chrome profile with X session            | Ignored |
+| `data/x-auth.json`        | Auth state marker                        | Ignored |
+| `logs/nanoclaw.log`       | Service logs (contains X operation logs) | Ignored |
+
+## Architecture
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│  Container (Linux VM)                                       │
+│  └── agent.ts → MCP tool definitions (x_post, etc.)    │
+│      └── Writes IPC request to /workspace/ipc/tasks/       │
+└──────────────────────┬──────────────────────────────────────┘
+                       │ IPC (file system)
+                       ▼
+┌─────────────────────────────────────────────────────────────┐
+│  Host (macOS)                                               │
+│  └── src/ipc.ts → processTaskIpc()                         │
+│      └── host.ts → handleXIpc()                         │
+│          └── spawn subprocess → scripts/*.ts               │
+│              └── Playwright → Chrome → X Website           │
+└─────────────────────────────────────────────────────────────┘
+```
+
+### Why This Design?
+
+- **API is expensive** - X official API requires paid subscription ($100+/month) for posting
+- **Bot browsers get blocked** - X detects and bans headless browsers and common automation fingerprints
+- **Must use user's real browser** - Reuses the user's actual Chrome on Host with real browser fingerprint to avoid detection
+- **One-time authorization** - User logs in manually once, session persists in Chrome profile for future use
+
+### File Structure
+
+```
+.agent/skills/x-integration/
+├── SKILL.md          # This documentation
+├── host.ts           # Host-side IPC handler
+├── agent.ts          # Container-side MCP tool definitions
+├── lib/
+│   ├── config.ts     # Centralized configuration
+│   └── browser.ts    # Playwright utilities
+└── scripts/
+    ├── setup.ts      # Interactive login
+    ├── post.ts       # Post tweet
+    ├── like.ts       # Like tweet
+    ├── reply.ts      # Reply to tweet
+    ├── retweet.ts    # Retweet
+    └── quote.ts      # Quote tweet
+```
+
+### Integration Points
+
+To integrate this skill into NanoClaw, make the following modifications:
+
+---
+
+**1. Host side: `src/ipc.ts`**
+
+Add import after other local imports:
+
+```typescript
+import { handleXIpc } from '../.agent/skills/x-integration/host.js';
+```
+
+Modify `processTaskIpc` function's switch statement default case:
+
+```typescript
+// Find:
+default:
+logger.warn({ type: data.type }, 'Unknown IPC task type');
+
+// Replace with:
+default:
+const handled = await handleXIpc(data, sourceGroup, isMain, DATA_DIR);
+if (!handled) {
+    logger.warn({ type: data.type }, 'Unknown IPC task type');
+}
+```
+
+---
+
+**2. Container side: `container/agent-runner/src/ipc-mcp.ts`**
+
+Add import after `cron-parser` import:
+
+```typescript
+// @ts-ignore - Copied during Docker build from .agent/skills/x-integration/
+import { createXTools } from './skills/x-integration/agent.js';
+```
+
+Add to the end of tools array (before the closing `]`):
+
+```typescript
+    ...createXTools({ groupFolder, isMain })
+```
+
+---
+
+**3. Build script: `container/build.sh`**
+
+Change build context from `container/` to project root (required to access `.agent/skills/`):
+
+```bash
+# Find:
+docker build -t "${IMAGE_NAME}:${TAG}" .
+
+# Replace with:
+cd "$SCRIPT_DIR/.."
+docker build -t "${IMAGE_NAME}:${TAG}" -f container/Dockerfile .
+```
+
+---
+
+**4. Dockerfile: `container/Dockerfile`**
+
+First, update the build context paths (required to access `.agent/skills/` from project root):
+
+```dockerfile
+# Find:
+COPY agent-runner/package*.json ./
+...
+COPY agent-runner/ ./
+
+# Replace with:
+COPY container/agent-runner/package*.json ./
+...
+COPY container/agent-runner/ ./
+```
+
+Then add COPY line after `COPY container/agent-runner/ ./` and before `RUN npm run build`:
+
+```dockerfile
+# Copy skill MCP tools
+COPY .agent/skills/x-integration/agent.ts ./src/skills/x-integration/
+```
+
+## Setup
+
+All paths below are relative to project root (`NANOCLAW_ROOT`).
+
+### 1. Check Chrome Path
+
+```bash
+# Check if Chrome exists at configured path
+cat .env | grep CHROME_PATH
+ls -la "$(grep CHROME_PATH .env | cut -d= -f2)" 2>/dev/null || \
+echo "Chrome not found - update CHROME_PATH in .env"
+```
+
+### 2. Run Authentication
+
+```bash
+npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/setup.ts
+```
+
+This opens Chrome for manual X login. Session saved to `data/x-browser-profile/`.
+
+**Verify success:**
+
+```bash
+cat data/x-auth.json  # Should show {"authenticated": true, ...}
+```
+
+### 3. Rebuild Container
+
+```bash
+./container/build.sh
+```
+
+**Verify success:**
+
+```bash
+./container/build.sh 2>&1 | grep -i "agent.ts"  # Should show COPY line
+```
+
+### 4. Restart Service
+
+```bash
+npm run build
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+**Verify success:**
+
+```bash
+launchctl list | grep nanoclaw  # macOS — should show PID and exit code 0 or -
+# Linux: systemctl --user status nanoclaw
+```
+
+## Usage via WhatsApp
+
+Replace `@Assistant` with your configured trigger name (`ASSISTANT_NAME` in `.env`):
+
+```
+@Assistant post a tweet: Hello world!
+
+@Assistant like this tweet https://x.com/user/status/123
+
+@Assistant reply to https://x.com/user/status/123 with: Great post!
+
+@Assistant retweet https://x.com/user/status/123
+
+@Assistant quote https://x.com/user/status/123 with comment: Interesting
+```
+
+**Note:** Only the main group can use X tools. Other groups will receive an error.
+
+## Testing
+
+Scripts require environment variables from `.env`. Use `dotenv-cli` to load them:
+
+### Check Authentication Status
+
+```bash
+# Check if auth file exists and is valid
+cat data/x-auth.json 2>/dev/null && echo "Auth configured" || echo "Auth not configured"
+
+# Check if browser profile exists
+ls -la data/x-browser-profile/ 2>/dev/null | head -5
+```
+
+### Re-authenticate (if expired)
+
+```bash
+npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/setup.ts
+```
+
+### Test Post (will actually post)
+
+```bash
+echo '{"content":"Test tweet - please ignore"}' | npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/post.ts
+```
+
+### Test Like
+
+```bash
+echo '{"tweetUrl":"https://x.com/user/status/123"}' | npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/like.ts
+```
+
+Or export `CHROME_PATH` manually before running:
+
+```bash
+export CHROME_PATH="/path/to/chrome"
+echo '{"content":"Test"}' | npx tsx .agent/skills/x-integration/scripts/post.ts
+```
+
+## Troubleshooting
+
+### Authentication Expired
+
+```bash
+npx dotenv -e .env -- npx tsx .agent/skills/x-integration/scripts/setup.ts
+launchctl kickstart -k gui/$(id -u)/com.nanoclaw  # macOS
+# Linux: systemctl --user restart nanoclaw
+```
+
+### Browser Lock Files
+
+If Chrome fails to launch:
+
+```bash
+rm -f data/x-browser-profile/SingletonLock
+rm -f data/x-browser-profile/SingletonSocket
+rm -f data/x-browser-profile/SingletonCookie
+```
+
+### Check Logs
+
+```bash
+# Host logs (relative to project root)
+grep -i "x_post\|x_like\|x_reply\|handleXIpc" logs/nanoclaw.log | tail -20
+
+# Script errors
+grep -i "error\|failed" logs/nanoclaw.log | tail -20
+```
+
+### Script Timeout
+
+Default timeout is 2 minutes (120s). Increase in `host.ts`:
+
+```typescript
+const timer = setTimeout(() => {
+  proc.kill('SIGTERM');
+  resolve({ success: false, message: 'Script timed out (120s)' });
+}, 120000);  // ← Increase this value
+```
+
+### X UI Selector Changes
+
+If X updates their UI, selectors in scripts may break. Current selectors:
+
+| Element         | Selector                             |
+| --------------- | ------------------------------------ |
+| Tweet input     | `[data-testid="tweetTextarea_0"]`    |
+| Post button     | `[data-testid="tweetButtonInline"]`  |
+| Reply button    | `[data-testid="reply"]`              |
+| Like            | `[data-testid="like"]`               |
+| Unlike          | `[data-testid="unlike"]`             |
+| Retweet         | `[data-testid="retweet"]`            |
+| Unretweet       | `[data-testid="unretweet"]`          |
+| Confirm retweet | `[data-testid="retweetConfirm"]`     |
+| Modal dialog    | `[role="dialog"][aria-modal="true"]` |
+| Modal submit    | `[data-testid="tweetButton"]`        |
+
+### Container Build Issues
+
+If MCP tools not found in container:
+
+```bash
+# Verify build copies skill
+./container/build.sh 2>&1 | grep -i skill
+
+# Check container has the file
+docker run nanoclaw-agent ls -la /app/src/skills/
+```
+
+## Security
+
+- `data/x-browser-profile/` - Contains X session cookies (in `.gitignore`)
+- `data/x-auth.json` - Auth state marker (in `.gitignore`)
+- Only main group can use X tools (enforced in `agent.ts` and `host.ts`)
+- Scripts run as subprocesses with limited environment
diff --git a/.agent/skills/x-integration/agent.ts b/.agent/skills/x-integration/agent.ts
new file mode 100644
index 0000000..2b3ab5a
--- /dev/null
+++ b/.agent/skills/x-integration/agent.ts
@@ -0,0 +1,243 @@
+/**
+ * X Integration - MCP Tool Definitions (Agent/Container Side)
+ *
+ * These tools run inside the container and communicate with the host via IPC.
+ * The host-side implementation is in host.ts.
+ *
+ * Note: This file is compiled in the container, not on the host.
+ * The @ts-ignore is needed because the SDK is only available in the container.
+ */
+
+// @ts-ignore - SDK available in container environment only
+import { tool } from '@anthropic-ai/claude-agent-sdk';
+import { z } from 'zod';
+import fs from 'fs';
+import path from 'path';
+
+// IPC directories (inside container)
+const IPC_DIR = '/workspace/ipc';
+const TASKS_DIR = path.join(IPC_DIR, 'tasks');
+const RESULTS_DIR = path.join(IPC_DIR, 'x_results');
+
+function writeIpcFile(dir: string, data: object): string {
+  fs.mkdirSync(dir, { recursive: true });
+  const filename = `${Date.now()}-${Math.random().toString(36).slice(2, 8)}.json`;
+  const filepath = path.join(dir, filename);
+  const tempPath = `${filepath}.tmp`;
+  fs.writeFileSync(tempPath, JSON.stringify(data, null, 2));
+  fs.renameSync(tempPath, filepath);
+  return filename;
+}
+
+async function waitForResult(requestId: string, maxWait = 60000): Promise<{ success: boolean; message: string }> {
+  const resultFile = path.join(RESULTS_DIR, `${requestId}.json`);
+  const pollInterval = 1000;
+  let elapsed = 0;
+
+  while (elapsed < maxWait) {
+    if (fs.existsSync(resultFile)) {
+      try {
+        const result = JSON.parse(fs.readFileSync(resultFile, 'utf-8'));
+        fs.unlinkSync(resultFile);
+        return result;
+      } catch (err) {
+        return { success: false, message: `Failed to read result: ${err}` };
+      }
+    }
+    await new Promise(resolve => setTimeout(resolve, pollInterval));
+    elapsed += pollInterval;
+  }
+
+  return { success: false, message: 'Request timed out' };
+}
+
+export interface SkillToolsContext {
+  groupFolder: string;
+  isMain: boolean;
+}
+
+/**
+ * Create X integration MCP tools
+ */
+export function createXTools(ctx: SkillToolsContext) {
+  const { groupFolder, isMain } = ctx;
+
+  return [
+    tool(
+      'x_post',
+      `Post a tweet to X (Twitter). Main group only.
+
+The host machine will execute the browser automation to post the tweet.
+Make sure the content is appropriate and within X's character limit (280 chars for text).`,
+      {
+        content: z.string().max(280).describe('The tweet content to post (max 280 characters)')
+      },
+      async (args: { content: string }) => {
+        if (!isMain) {
+          return {
+            content: [{ type: 'text', text: 'Only the main group can post tweets.' }],
+            isError: true
+          };
+        }
+
+        if (args.content.length > 280) {
+          return {
+            content: [{ type: 'text', text: `Tweet exceeds 280 character limit (current: ${args.content.length})` }],
+            isError: true
+          };
+        }
+
+        const requestId = `xpost-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        writeIpcFile(TASKS_DIR, {
+          type: 'x_post',
+          requestId,
+          content: args.content,
+          groupFolder,
+          timestamp: new Date().toISOString()
+        });
+
+        const result = await waitForResult(requestId);
+        return {
+          content: [{ type: 'text', text: result.message }],
+          isError: !result.success
+        };
+      }
+    ),
+
+    tool(
+      'x_like',
+      `Like a tweet on X (Twitter). Main group only.
+
+Provide the tweet URL or tweet ID to like.`,
+      {
+        tweet_url: z.string().describe('The tweet URL (e.g., https://x.com/user/status/123) or tweet ID')
+      },
+      async (args: { tweet_url: string }) => {
+        if (!isMain) {
+          return {
+            content: [{ type: 'text', text: 'Only the main group can interact with X.' }],
+            isError: true
+          };
+        }
+
+        const requestId = `xlike-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        writeIpcFile(TASKS_DIR, {
+          type: 'x_like',
+          requestId,
+          tweetUrl: args.tweet_url,
+          groupFolder,
+          timestamp: new Date().toISOString()
+        });
+
+        const result = await waitForResult(requestId);
+        return {
+          content: [{ type: 'text', text: result.message }],
+          isError: !result.success
+        };
+      }
+    ),
+
+    tool(
+      'x_reply',
+      `Reply to a tweet on X (Twitter). Main group only.
+
+Provide the tweet URL and your reply content.`,
+      {
+        tweet_url: z.string().describe('The tweet URL (e.g., https://x.com/user/status/123) or tweet ID'),
+        content: z.string().max(280).describe('The reply content (max 280 characters)')
+      },
+      async (args: { tweet_url: string; content: string }) => {
+        if (!isMain) {
+          return {
+            content: [{ type: 'text', text: 'Only the main group can interact with X.' }],
+            isError: true
+          };
+        }
+
+        const requestId = `xreply-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        writeIpcFile(TASKS_DIR, {
+          type: 'x_reply',
+          requestId,
+          tweetUrl: args.tweet_url,
+          content: args.content,
+          groupFolder,
+          timestamp: new Date().toISOString()
+        });
+
+        const result = await waitForResult(requestId);
+        return {
+          content: [{ type: 'text', text: result.message }],
+          isError: !result.success
+        };
+      }
+    ),
+
+    tool(
+      'x_retweet',
+      `Retweet a tweet on X (Twitter). Main group only.
+
+Provide the tweet URL to retweet.`,
+      {
+        tweet_url: z.string().describe('The tweet URL (e.g., https://x.com/user/status/123) or tweet ID')
+      },
+      async (args: { tweet_url: string }) => {
+        if (!isMain) {
+          return {
+            content: [{ type: 'text', text: 'Only the main group can interact with X.' }],
+            isError: true
+          };
+        }
+
+        const requestId = `xretweet-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        writeIpcFile(TASKS_DIR, {
+          type: 'x_retweet',
+          requestId,
+          tweetUrl: args.tweet_url,
+          groupFolder,
+          timestamp: new Date().toISOString()
+        });
+
+        const result = await waitForResult(requestId);
+        return {
+          content: [{ type: 'text', text: result.message }],
+          isError: !result.success
+        };
+      }
+    ),
+
+    tool(
+      'x_quote',
+      `Quote tweet on X (Twitter). Main group only.
+
+Retweet with your own comment added.`,
+      {
+        tweet_url: z.string().describe('The tweet URL (e.g., https://x.com/user/status/123) or tweet ID'),
+        comment: z.string().max(280).describe('Your comment for the quote tweet (max 280 characters)')
+      },
+      async (args: { tweet_url: string; comment: string }) => {
+        if (!isMain) {
+          return {
+            content: [{ type: 'text', text: 'Only the main group can interact with X.' }],
+            isError: true
+          };
+        }
+
+        const requestId = `xquote-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+        writeIpcFile(TASKS_DIR, {
+          type: 'x_quote',
+          requestId,
+          tweetUrl: args.tweet_url,
+          comment: args.comment,
+          groupFolder,
+          timestamp: new Date().toISOString()
+        });
+
+        const result = await waitForResult(requestId);
+        return {
+          content: [{ type: 'text', text: result.message }],
+          isError: !result.success
+        };
+      }
+    )
+  ];
+}
diff --git a/.agent/skills/x-integration/host.ts b/.agent/skills/x-integration/host.ts
new file mode 100644
index 0000000..557f539
--- /dev/null
+++ b/.agent/skills/x-integration/host.ts
@@ -0,0 +1,159 @@
+/**
+ * X Integration IPC Handler
+ *
+ * Handles all x_* IPC messages from container agents.
+ * This is the entry point for X integration in the host process.
+ */
+
+import { spawn } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+import pino from 'pino';
+
+const logger = pino({
+  level: process.env.LOG_LEVEL || 'info',
+  transport: { target: 'pino-pretty', options: { colorize: true } }
+});
+
+interface SkillResult {
+  success: boolean;
+  message: string;
+  data?: unknown;
+}
+
+// Run a skill script as subprocess
+async function runScript(script: string, args: object): Promise<SkillResult> {
+  const scriptPath = path.join(process.cwd(), '.agent', 'skills', 'x-integration', 'scripts', `${script}.ts`);
+
+  return new Promise((resolve) => {
+    const proc = spawn('npx', ['tsx', scriptPath], {
+      cwd: process.cwd(),
+      env: { ...process.env, NANOCLAW_ROOT: process.cwd() },
+      stdio: ['pipe', 'pipe', 'pipe']
+    });
+
+    let stdout = '';
+    proc.stdout.on('data', (data) => { stdout += data.toString(); });
+    proc.stdin.write(JSON.stringify(args));
+    proc.stdin.end();
+
+    const timer = setTimeout(() => {
+      proc.kill('SIGTERM');
+      resolve({ success: false, message: 'Script timed out (120s)' });
+    }, 120000);
+
+    proc.on('close', (code) => {
+      clearTimeout(timer);
+      if (code !== 0) {
+        resolve({ success: false, message: `Script exited with code: ${code}` });
+        return;
+      }
+      try {
+        const lines = stdout.trim().split('\n');
+        resolve(JSON.parse(lines[lines.length - 1]));
+      } catch {
+        resolve({ success: false, message: `Failed to parse output: ${stdout.slice(0, 200)}` });
+      }
+    });
+
+    proc.on('error', (err) => {
+      clearTimeout(timer);
+      resolve({ success: false, message: `Failed to spawn: ${err.message}` });
+    });
+  });
+}
+
+// Write result to IPC results directory
+function writeResult(dataDir: string, sourceGroup: string, requestId: string, result: SkillResult): void {
+  const resultsDir = path.join(dataDir, 'ipc', sourceGroup, 'x_results');
+  fs.mkdirSync(resultsDir, { recursive: true });
+  fs.writeFileSync(path.join(resultsDir, `${requestId}.json`), JSON.stringify(result));
+}
+
+/**
+ * Handle X integration IPC messages
+ *
+ * @returns true if message was handled, false if not an X message
+ */
+export async function handleXIpc(
+  data: Record<string, unknown>,
+  sourceGroup: string,
+  isMain: boolean,
+  dataDir: string
+): Promise<boolean> {
+  const type = data.type as string;
+
+  // Only handle x_* types
+  if (!type?.startsWith('x_')) {
+    return false;
+  }
+
+  // Only main group can use X integration
+  if (!isMain) {
+    logger.warn({ sourceGroup, type }, 'X integration blocked: not main group');
+    return true;
+  }
+
+  const requestId = data.requestId as string;
+  if (!requestId) {
+    logger.warn({ type }, 'X integration blocked: missing requestId');
+    return true;
+  }
+
+  logger.info({ type, requestId }, 'Processing X request');
+
+  let result: SkillResult;
+
+  switch (type) {
+    case 'x_post':
+      if (!data.content) {
+        result = { success: false, message: 'Missing content' };
+        break;
+      }
+      result = await runScript('post', { content: data.content });
+      break;
+
+    case 'x_like':
+      if (!data.tweetUrl) {
+        result = { success: false, message: 'Missing tweetUrl' };
+        break;
+      }
+      result = await runScript('like', { tweetUrl: data.tweetUrl });
+      break;
+
+    case 'x_reply':
+      if (!data.tweetUrl || !data.content) {
+        result = { success: false, message: 'Missing tweetUrl or content' };
+        break;
+      }
+      result = await runScript('reply', { tweetUrl: data.tweetUrl, content: data.content });
+      break;
+
+    case 'x_retweet':
+      if (!data.tweetUrl) {
+        result = { success: false, message: 'Missing tweetUrl' };
+        break;
+      }
+      result = await runScript('retweet', { tweetUrl: data.tweetUrl });
+      break;
+
+    case 'x_quote':
+      if (!data.tweetUrl || !data.comment) {
+        result = { success: false, message: 'Missing tweetUrl or comment' };
+        break;
+      }
+      result = await runScript('quote', { tweetUrl: data.tweetUrl, comment: data.comment });
+      break;
+
+    default:
+      return false;
+  }
+
+  writeResult(dataDir, sourceGroup, requestId, result);
+  if (result.success) {
+    logger.info({ type, requestId }, 'X request completed');
+  } else {
+    logger.error({ type, requestId, message: result.message }, 'X request failed');
+  }
+  return true;
+}
diff --git a/.agent/skills/x-integration/lib/browser.ts b/.agent/skills/x-integration/lib/browser.ts
new file mode 100644
index 0000000..a7868cc
--- /dev/null
+++ b/.agent/skills/x-integration/lib/browser.ts
@@ -0,0 +1,148 @@
+/**
+ * X Integration - Shared utilities
+ * Used by all X scripts
+ */
+
+import { chromium, BrowserContext, Page } from 'playwright';
+import fs from 'fs';
+import path from 'path';
+import { config } from './config.js';
+
+export { config };
+
+export interface ScriptResult {
+  success: boolean;
+  message: string;
+  data?: unknown;
+}
+
+/**
+ * Read input from stdin
+ */
+export async function readInput<T>(): Promise<T> {
+  return new Promise((resolve, reject) => {
+    let data = '';
+    process.stdin.setEncoding('utf8');
+    process.stdin.on('data', chunk => { data += chunk; });
+    process.stdin.on('end', () => {
+      try {
+        resolve(JSON.parse(data));
+      } catch (err) {
+        reject(new Error(`Invalid JSON input: ${err}`));
+      }
+    });
+    process.stdin.on('error', reject);
+  });
+}
+
+/**
+ * Write result to stdout
+ */
+export function writeResult(result: ScriptResult): void {
+  console.log(JSON.stringify(result));
+}
+
+/**
+ * Clean up browser lock files
+ */
+export function cleanupLockFiles(): void {
+  for (const lockFile of ['SingletonLock', 'SingletonSocket', 'SingletonCookie']) {
+    const lockPath = path.join(config.browserDataDir, lockFile);
+    if (fs.existsSync(lockPath)) {
+      try { fs.unlinkSync(lockPath); } catch {}
+    }
+  }
+}
+
+/**
+ * Validate tweet/reply content
+ */
+export function validateContent(content: string | undefined, type = 'Tweet'): ScriptResult | null {
+  if (!content || content.length === 0) {
+    return { success: false, message: `${type} content cannot be empty` };
+  }
+  if (content.length > config.limits.tweetMaxLength) {
+    return { success: false, message: `${type} exceeds ${config.limits.tweetMaxLength} character limit (current: ${content.length})` };
+  }
+  return null; // Valid
+}
+
+/**
+ * Get browser context with persistent profile
+ */
+export async function getBrowserContext(): Promise<BrowserContext> {
+  if (!fs.existsSync(config.authPath)) {
+    throw new Error('X authentication not configured. Run /x-integration to complete login.');
+  }
+
+  cleanupLockFiles();
+
+  const context = await chromium.launchPersistentContext(config.browserDataDir, {
+    executablePath: config.chromePath,
+    headless: false,
+    viewport: config.viewport,
+    args: config.chromeArgs,
+    ignoreDefaultArgs: config.chromeIgnoreDefaultArgs,
+  });
+
+  return context;
+}
+
+/**
+ * Extract tweet ID from URL or raw ID
+ */
+export function extractTweetId(input: string): string | null {
+  const urlMatch = input.match(/(?:x\.com|twitter\.com)\/\w+\/status\/(\d+)/);
+  if (urlMatch) return urlMatch[1];
+  if (/^\d+$/.test(input.trim())) return input.trim();
+  return null;
+}
+
+/**
+ * Navigate to a tweet page
+ */
+export async function navigateToTweet(
+  context: BrowserContext,
+  tweetUrl: string
+): Promise<{ page: Page; success: boolean; error?: string }> {
+  const page = context.pages()[0] || await context.newPage();
+
+  let url = tweetUrl;
+  const tweetId = extractTweetId(tweetUrl);
+  if (tweetId && !tweetUrl.startsWith('http')) {
+    url = `https://x.com/i/status/${tweetId}`;
+  }
+
+  try {
+    await page.goto(url, { timeout: config.timeouts.navigation, waitUntil: 'domcontentloaded' });
+    await page.waitForTimeout(config.timeouts.pageLoad);
+
+    const exists = await page.locator('article[data-testid="tweet"]').first().isVisible().catch(() => false);
+    if (!exists) {
+      return { page, success: false, error: 'Tweet not found. It may have been deleted or the URL is invalid.' };
+    }
+
+    return { page, success: true };
+  } catch (err) {
+    return { page, success: false, error: `Navigation failed: ${err instanceof Error ? err.message : String(err)}` };
+  }
+}
+
+/**
+ * Run script with error handling
+ */
+export async function runScript<T>(
+  handler: (input: T) => Promise<ScriptResult>
+): Promise<void> {
+  try {
+    const input = await readInput<T>();
+    const result = await handler(input);
+    writeResult(result);
+  } catch (err) {
+    writeResult({
+      success: false,
+      message: `Script execution failed: ${err instanceof Error ? err.message : String(err)}`
+    });
+    process.exit(1);
+  }
+}
diff --git a/.agent/skills/x-integration/lib/config.ts b/.agent/skills/x-integration/lib/config.ts
new file mode 100644
index 0000000..f56cde4
--- /dev/null
+++ b/.agent/skills/x-integration/lib/config.ts
@@ -0,0 +1,62 @@
+/**
+ * X Integration - Configuration
+ *
+ * All environment-specific settings in one place.
+ * Override via environment variables or modify defaults here.
+ */
+
+import path from 'path';
+
+// Project root - can be overridden for different deployments
+const PROJECT_ROOT = process.env.NANOCLAW_ROOT || process.cwd();
+
+/**
+ * Configuration object with all settings
+ */
+export const config = {
+  // Chrome executable path
+  // Default: standard macOS Chrome location
+  // Override: CHROME_PATH environment variable
+  chromePath: process.env.CHROME_PATH || '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
+
+  // Browser profile directory for persistent login sessions
+  browserDataDir: path.join(PROJECT_ROOT, 'data', 'x-browser-profile'),
+
+  // Auth state marker file
+  authPath: path.join(PROJECT_ROOT, 'data', 'x-auth.json'),
+
+  // Browser viewport settings
+  viewport: {
+    width: 1280,
+    height: 800,
+  },
+
+  // Timeouts (in milliseconds)
+  timeouts: {
+    navigation: 30000,
+    elementWait: 5000,
+    afterClick: 1000,
+    afterFill: 1000,
+    afterSubmit: 3000,
+    pageLoad: 3000,
+  },
+
+  // X character limits
+  limits: {
+    tweetMaxLength: 280,
+  },
+
+  // Chrome launch arguments
+  chromeArgs: [
+    '--disable-blink-features=AutomationControlled',
+    '--no-sandbox',
+    '--disable-setuid-sandbox',
+    '--no-first-run',
+    '--no-default-browser-check',
+    '--disable-sync',
+  ],
+
+  // Args to ignore when launching Chrome
+  chromeIgnoreDefaultArgs: ['--enable-automation'],
+};
+
diff --git a/.agent/skills/x-integration/scripts/like.ts b/.agent/skills/x-integration/scripts/like.ts
new file mode 100644
index 0000000..c55b8b4
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/like.ts
@@ -0,0 +1,56 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Like Tweet
+ * Usage: echo '{"tweetUrl":"https://x.com/user/status/123"}' | npx tsx like.ts
+ */
+
+import { getBrowserContext, navigateToTweet, runScript, config, ScriptResult } from '../lib/browser.js';
+
+interface LikeInput {
+  tweetUrl: string;
+}
+
+async function likeTweet(input: LikeInput): Promise<ScriptResult> {
+  const { tweetUrl } = input;
+
+  if (!tweetUrl) {
+    return { success: false, message: 'Please provide a tweet URL' };
+  }
+
+  let context = null;
+  try {
+    context = await getBrowserContext();
+    const { page, success, error } = await navigateToTweet(context, tweetUrl);
+
+    if (!success) {
+      return { success: false, message: error || 'Navigation failed' };
+    }
+
+    const tweet = page.locator('article[data-testid="tweet"]').first();
+    const unlikeButton = tweet.locator('[data-testid="unlike"]');
+    const likeButton = tweet.locator('[data-testid="like"]');
+
+    // Check if already liked
+    const alreadyLiked = await unlikeButton.isVisible().catch(() => false);
+    if (alreadyLiked) {
+      return { success: true, message: 'Tweet already liked' };
+    }
+
+    await likeButton.waitFor({ timeout: config.timeouts.elementWait });
+    await likeButton.click();
+    await page.waitForTimeout(config.timeouts.afterClick);
+
+    // Verify
+    const nowLiked = await unlikeButton.isVisible().catch(() => false);
+    if (nowLiked) {
+      return { success: true, message: 'Like successful' };
+    }
+
+    return { success: false, message: 'Like action completed but could not verify success' };
+
+  } finally {
+    if (context) await context.close();
+  }
+}
+
+runScript<LikeInput>(likeTweet);
diff --git a/.agent/skills/x-integration/scripts/post.ts b/.agent/skills/x-integration/scripts/post.ts
new file mode 100644
index 0000000..f7b47dc
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/post.ts
@@ -0,0 +1,66 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Post Tweet
+ * Usage: echo '{"content":"Hello world"}' | npx tsx post.ts
+ */
+
+import { getBrowserContext, runScript, validateContent, config, ScriptResult } from '../lib/browser.js';
+
+interface PostInput {
+  content: string;
+}
+
+async function postTweet(input: PostInput): Promise<ScriptResult> {
+  const { content } = input;
+
+  const validationError = validateContent(content, 'Tweet');
+  if (validationError) return validationError;
+
+  let context = null;
+  try {
+    context = await getBrowserContext();
+    const page = context.pages()[0] || await context.newPage();
+
+    await page.goto('https://x.com/home', { timeout: config.timeouts.navigation, waitUntil: 'domcontentloaded' });
+    await page.waitForTimeout(config.timeouts.pageLoad);
+
+    // Check if logged in
+    const isLoggedIn = await page.locator('[data-testid="SideNav_AccountSwitcher_Button"]').isVisible().catch(() => false);
+    if (!isLoggedIn) {
+      const onLoginPage = await page.locator('input[autocomplete="username"]').isVisible().catch(() => false);
+      if (onLoginPage) {
+        return { success: false, message: 'X login expired. Run /x-integration to re-authenticate.' };
+      }
+    }
+
+    // Find and fill tweet input
+    const tweetInput = page.locator('[data-testid="tweetTextarea_0"]');
+    await tweetInput.waitFor({ timeout: config.timeouts.elementWait * 2 });
+    await tweetInput.click();
+    await page.waitForTimeout(config.timeouts.afterClick / 2);
+    await tweetInput.fill(content);
+    await page.waitForTimeout(config.timeouts.afterFill);
+
+    // Click post button
+    const postButton = page.locator('[data-testid="tweetButtonInline"]');
+    await postButton.waitFor({ timeout: config.timeouts.elementWait });
+
+    const isDisabled = await postButton.getAttribute('aria-disabled');
+    if (isDisabled === 'true') {
+      return { success: false, message: 'Post button disabled. Content may be empty or exceed character limit.' };
+    }
+
+    await postButton.click();
+    await page.waitForTimeout(config.timeouts.afterSubmit);
+
+    return {
+      success: true,
+      message: `Tweet posted: ${content.slice(0, 50)}${content.length > 50 ? '...' : ''}`
+    };
+
+  } finally {
+    if (context) await context.close();
+  }
+}
+
+runScript<PostInput>(postTweet);
diff --git a/.agent/skills/x-integration/scripts/quote.ts b/.agent/skills/x-integration/scripts/quote.ts
new file mode 100644
index 0000000..e0d2c33
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/quote.ts
@@ -0,0 +1,80 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Quote Tweet
+ * Usage: echo '{"tweetUrl":"https://x.com/user/status/123","comment":"My thoughts"}' | npx tsx quote.ts
+ */
+
+import { getBrowserContext, navigateToTweet, runScript, validateContent, config, ScriptResult } from '../lib/browser.js';
+
+interface QuoteInput {
+  tweetUrl: string;
+  comment: string;
+}
+
+async function quoteTweet(input: QuoteInput): Promise<ScriptResult> {
+  const { tweetUrl, comment } = input;
+
+  if (!tweetUrl) {
+    return { success: false, message: 'Please provide a tweet URL' };
+  }
+
+  const validationError = validateContent(comment, 'Comment');
+  if (validationError) return validationError;
+
+  let context = null;
+  try {
+    context = await getBrowserContext();
+    const { page, success, error } = await navigateToTweet(context, tweetUrl);
+
+    if (!success) {
+      return { success: false, message: error || 'Navigation failed' };
+    }
+
+    // Click retweet button to open menu
+    const tweet = page.locator('article[data-testid="tweet"]').first();
+    const retweetButton = tweet.locator('[data-testid="retweet"]');
+    await retweetButton.waitFor({ timeout: config.timeouts.elementWait });
+    await retweetButton.click();
+    await page.waitForTimeout(config.timeouts.afterClick);
+
+    // Click quote option
+    const quoteOption = page.getByRole('menuitem').filter({ hasText: /Quote/i });
+    await quoteOption.waitFor({ timeout: config.timeouts.elementWait });
+    await quoteOption.click();
+    await page.waitForTimeout(config.timeouts.afterClick * 1.5);
+
+    // Find dialog with aria-modal="true"
+    const dialog = page.locator('[role="dialog"][aria-modal="true"]');
+    await dialog.waitFor({ timeout: config.timeouts.elementWait });
+
+    // Fill comment
+    const quoteInput = dialog.locator('[data-testid="tweetTextarea_0"]');
+    await quoteInput.waitFor({ timeout: config.timeouts.elementWait });
+    await quoteInput.click();
+    await page.waitForTimeout(config.timeouts.afterClick / 2);
+    await quoteInput.fill(comment);
+    await page.waitForTimeout(config.timeouts.afterFill);
+
+    // Click submit button
+    const submitButton = dialog.locator('[data-testid="tweetButton"]');
+    await submitButton.waitFor({ timeout: config.timeouts.elementWait });
+
+    const isDisabled = await submitButton.getAttribute('aria-disabled');
+    if (isDisabled === 'true') {
+      return { success: false, message: 'Submit button disabled. Content may be empty or exceed character limit.' };
+    }
+
+    await submitButton.click();
+    await page.waitForTimeout(config.timeouts.afterSubmit);
+
+    return {
+      success: true,
+      message: `Quote tweet posted: ${comment.slice(0, 50)}${comment.length > 50 ? '...' : ''}`
+    };
+
+  } finally {
+    if (context) await context.close();
+  }
+}
+
+runScript<QuoteInput>(quoteTweet);
diff --git a/.agent/skills/x-integration/scripts/reply.ts b/.agent/skills/x-integration/scripts/reply.ts
new file mode 100644
index 0000000..e981cab
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/reply.ts
@@ -0,0 +1,74 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Reply to Tweet
+ * Usage: echo '{"tweetUrl":"https://x.com/user/status/123","content":"Great post!"}' | npx tsx reply.ts
+ */
+
+import { getBrowserContext, navigateToTweet, runScript, validateContent, config, ScriptResult } from '../lib/browser.js';
+
+interface ReplyInput {
+  tweetUrl: string;
+  content: string;
+}
+
+async function replyToTweet(input: ReplyInput): Promise<ScriptResult> {
+  const { tweetUrl, content } = input;
+
+  if (!tweetUrl) {
+    return { success: false, message: 'Please provide a tweet URL' };
+  }
+
+  const validationError = validateContent(content, 'Reply');
+  if (validationError) return validationError;
+
+  let context = null;
+  try {
+    context = await getBrowserContext();
+    const { page, success, error } = await navigateToTweet(context, tweetUrl);
+
+    if (!success) {
+      return { success: false, message: error || 'Navigation failed' };
+    }
+
+    // Click reply button
+    const tweet = page.locator('article[data-testid="tweet"]').first();
+    const replyButton = tweet.locator('[data-testid="reply"]');
+    await replyButton.waitFor({ timeout: config.timeouts.elementWait });
+    await replyButton.click();
+    await page.waitForTimeout(config.timeouts.afterClick * 1.5);
+
+    // Find dialog with aria-modal="true" to avoid matching other dialogs
+    const dialog = page.locator('[role="dialog"][aria-modal="true"]');
+    await dialog.waitFor({ timeout: config.timeouts.elementWait });
+
+    // Fill reply content
+    const replyInput = dialog.locator('[data-testid="tweetTextarea_0"]');
+    await replyInput.waitFor({ timeout: config.timeouts.elementWait });
+    await replyInput.click();
+    await page.waitForTimeout(config.timeouts.afterClick / 2);
+    await replyInput.fill(content);
+    await page.waitForTimeout(config.timeouts.afterFill);
+
+    // Click submit button
+    const submitButton = dialog.locator('[data-testid="tweetButton"]');
+    await submitButton.waitFor({ timeout: config.timeouts.elementWait });
+
+    const isDisabled = await submitButton.getAttribute('aria-disabled');
+    if (isDisabled === 'true') {
+      return { success: false, message: 'Submit button disabled. Content may be empty or exceed character limit.' };
+    }
+
+    await submitButton.click();
+    await page.waitForTimeout(config.timeouts.afterSubmit);
+
+    return {
+      success: true,
+      message: `Reply posted: ${content.slice(0, 50)}${content.length > 50 ? '...' : ''}`
+    };
+
+  } finally {
+    if (context) await context.close();
+  }
+}
+
+runScript<ReplyInput>(replyToTweet);
diff --git a/.agent/skills/x-integration/scripts/retweet.ts b/.agent/skills/x-integration/scripts/retweet.ts
new file mode 100644
index 0000000..05b7437
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/retweet.ts
@@ -0,0 +1,62 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Retweet
+ * Usage: echo '{"tweetUrl":"https://x.com/user/status/123"}' | npx tsx retweet.ts
+ */
+
+import { getBrowserContext, navigateToTweet, runScript, config, ScriptResult } from '../lib/browser.js';
+
+interface RetweetInput {
+  tweetUrl: string;
+}
+
+async function retweet(input: RetweetInput): Promise<ScriptResult> {
+  const { tweetUrl } = input;
+
+  if (!tweetUrl) {
+    return { success: false, message: 'Please provide a tweet URL' };
+  }
+
+  let context = null;
+  try {
+    context = await getBrowserContext();
+    const { page, success, error } = await navigateToTweet(context, tweetUrl);
+
+    if (!success) {
+      return { success: false, message: error || 'Navigation failed' };
+    }
+
+    const tweet = page.locator('article[data-testid="tweet"]').first();
+    const unretweetButton = tweet.locator('[data-testid="unretweet"]');
+    const retweetButton = tweet.locator('[data-testid="retweet"]');
+
+    // Check if already retweeted
+    const alreadyRetweeted = await unretweetButton.isVisible().catch(() => false);
+    if (alreadyRetweeted) {
+      return { success: true, message: 'Tweet already retweeted' };
+    }
+
+    await retweetButton.waitFor({ timeout: config.timeouts.elementWait });
+    await retweetButton.click();
+    await page.waitForTimeout(config.timeouts.afterClick);
+
+    // Click retweet confirm option
+    const retweetConfirm = page.locator('[data-testid="retweetConfirm"]');
+    await retweetConfirm.waitFor({ timeout: config.timeouts.elementWait });
+    await retweetConfirm.click();
+    await page.waitForTimeout(config.timeouts.afterClick * 2);
+
+    // Verify
+    const nowRetweeted = await unretweetButton.isVisible().catch(() => false);
+    if (nowRetweeted) {
+      return { success: true, message: 'Retweet successful' };
+    }
+
+    return { success: false, message: 'Retweet action completed but could not verify success' };
+
+  } finally {
+    if (context) await context.close();
+  }
+}
+
+runScript<RetweetInput>(retweet);
diff --git a/.agent/skills/x-integration/scripts/setup.ts b/.agent/skills/x-integration/scripts/setup.ts
new file mode 100644
index 0000000..94e5c03
--- /dev/null
+++ b/.agent/skills/x-integration/scripts/setup.ts
@@ -0,0 +1,87 @@
+#!/usr/bin/env npx tsx
+/**
+ * X Integration - Authentication Setup
+ * Usage: npx tsx setup.ts
+ *
+ * Interactive script - opens browser for manual login
+ */
+
+import { chromium } from 'playwright';
+import * as readline from 'readline';
+import fs from 'fs';
+import path from 'path';
+import { config, cleanupLockFiles } from '../lib/browser.js';
+
+async function setup(): Promise<void> {
+  console.log('=== X (Twitter) Authentication Setup ===\n');
+  console.log('This will open Chrome for you to log in to X.');
+  console.log('Your login session will be saved for automated interactions.\n');
+  console.log(`Chrome path: ${config.chromePath}`);
+  console.log(`Profile dir: ${config.browserDataDir}\n`);
+
+  // Ensure directories exist
+  fs.mkdirSync(path.dirname(config.authPath), { recursive: true });
+  fs.mkdirSync(config.browserDataDir, { recursive: true });
+
+  cleanupLockFiles();
+
+  console.log('Launching browser...\n');
+
+  const context = await chromium.launchPersistentContext(config.browserDataDir, {
+    executablePath: config.chromePath,
+    headless: false,
+    viewport: config.viewport,
+    args: config.chromeArgs.slice(0, 3), // Use first 3 args for setup (less restrictive)
+    ignoreDefaultArgs: config.chromeIgnoreDefaultArgs,
+  });
+
+  const page = context.pages()[0] || await context.newPage();
+
+  // Navigate to login page
+  await page.goto('https://x.com/login');
+
+  console.log('Please log in to X in the browser window.');
+  console.log('After you see your home feed, come back here and press Enter.\n');
+
+  // Wait for user to complete login
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+
+  await new Promise<void>(resolve => {
+    rl.question('Press Enter when logged in... ', () => {
+      rl.close();
+      resolve();
+    });
+  });
+
+  // Verify login by navigating to home and checking for account button
+  console.log('\nVerifying login status...');
+  await page.goto('https://x.com/home');
+  await page.waitForTimeout(config.timeouts.pageLoad);
+
+  const isLoggedIn = await page.locator('[data-testid="SideNav_AccountSwitcher_Button"]').isVisible().catch(() => false);
+
+  if (isLoggedIn) {
+    // Save auth marker
+    fs.writeFileSync(config.authPath, JSON.stringify({
+      authenticated: true,
+      timestamp: new Date().toISOString()
+    }, null, 2));
+
+    console.log('\n✅ Authentication successful!');
+    console.log(`Session saved to: ${config.browserDataDir}`);
+    console.log('\nYou can now use X integration features.');
+  } else {
+    console.log('\n❌ Could not verify login status.');
+    console.log('Please try again and make sure you are logged in to X.');
+  }
+
+  await context.close();
+}
+
+setup().catch(err => {
+  console.error('Setup failed:', err.message);
+  process.exit(1);
+});
diff --git a/.agent/skills/zfs-scrub/SKILL.md b/.agent/skills/zfs-scrub/SKILL.md
new file mode 100644
index 0000000..de8d835
--- /dev/null
+++ b/.agent/skills/zfs-scrub/SKILL.md
@@ -0,0 +1,130 @@
+---
+name: zfs-scrub
+description: Check and run ZFS pool scrubs to verify data integrity. Detect silent corruption, bit rot, and checksum errors on FreeBSD.
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Scrub"
+  - "ZFS scrub"
+  - "Check disk integrity"
+  - "Bit rot"
+  - "Data corruption check"
+  - "Last scrub"
+  - "Pool health check"
+  - "Verify pool data"
+estimated_tokens: 400-600
+---
+
+# zfs-scrub
+
+Verify ZFS pool data integrity by running or checking the status of a scrub. A scrub reads every allocated block and verifies it against its checksum.
+
+## Check Last Scrub
+
+```bash
+# Check if a scrub has ever run and its result
+zpool status <pool>
+
+# Programmatic check — returns 0 if never scrubbed
+zpool get last_scrubbed_txg <pool>
+
+# Pool history for scrub events
+zpool history <pool> | grep -i scrub
+```
+
+A `last_scrubbed_txg` of `0` means **no scrub has ever completed** — escalate as a recommendation.
+
+## Start a Scrub
+
+```bash
+# Start scrub (runs in background)
+sudo zpool scrub <pool>
+```
+
+Scrubbing is non-blocking — the pool remains fully usable during scrub.
+
+## Cancel a Scrub
+
+```bash
+# Only if needed (e.g. performance impact)
+sudo zpool scrub -s <pool>
+```
+
+## Monitor Progress
+
+```bash
+zpool status <pool>
+```
+
+Output while running:
+
+```
+scan: scrub in progress since Tue Apr 21 13:01:51 2026
+    59.1G / 58.4G scanned, 4.02G / 58.4G issued at 2.01G/s
+    0B repaired, 6.87% done, 00:00:27 to go
+```
+
+Output after completion:
+
+```
+scan: scrub repaired 0B in 00:00:43 with 0 errors on Tue Apr 21 13:02:34 2026
+```
+
+## Result Interpretation
+
+| Field      | Healthy  | Problem                                           |
+| ---------- | -------- | ------------------------------------------------- |
+| `repaired` | `0B`     | >0 → blocks were silently corrupted and rewritten |
+| `errors`   | `0`      | >0 → unrecoverable corruption detected            |
+| Pool state | `ONLINE` | `DEGRADED` → hardware issue                       |
+
+**Errors > 0 or repaired > 0 → report to operator immediately.**
+
+## Recommended Cadence
+
+| Pool type               | Frequency                                                          |
+| ----------------------- | ------------------------------------------------------------------ |
+| Single-disk (any media) | **Monthly** — no redundancy, scrub is the only corruption detector |
+| Mirrored SSD            | Monthly                                                            |
+| Mirrored HDD            | Monthly to quarterly                                               |
+| RAID-Z                  | Quarterly                                                          |
+
+## Sanoid Integration
+
+Sanoid can schedule scrubs automatically. Add to `sanoid.conf`:
+
+```ini
+[zroot]
+  use_template = production
+  scrub_after_snap = true   # trigger scrub after snapshot cycle
+```
+
+Or use the `periodic` approach via `/etc/periodic.conf`:
+
+```ini
+daily_scrub_zfs_enable="YES"
+daily_scrub_zfs_pools="zroot"
+
+# Optional: default threshold (days) between scrubs
+daily_scrub_zfs_default_threshold="35"
+
+# Optional: per-pool threshold (replace dots/colons/dashes with underscores)
+# daily_scrub_zfs_zroot_threshold="30"
+```
+
+## Escalation
+
+| Condition                        | Action                                                 |
+| -------------------------------- | ------------------------------------------------------ |
+| Never scrubbed                   | Recommend immediate scrub, note risk                   |
+| Errors found during scrub        | Report immediately — data loss possible                |
+| Repaired > 0                     | Report — silent corruption was present and self-healed |
+| Pool DEGRADED during scrub       | Report immediately — hardware failure likely           |
+| Scrub running > 24h (small pool) | Report — possible disk I/O issues                      |
+
+## When to Use
+
+- Monthly sysadmin heartbeat — check last scrub date
+- After replacing a disk
+- After any hardware event (power loss, kernel panic, unexpected reboot)
+- When operator asks about disk health or data integrity
+- Before major upgrades or migrations (scrub first, snapshot second)
diff --git a/.agent/skills/zfs-snapshot/SKILL.md b/.agent/skills/zfs-snapshot/SKILL.md
new file mode 100644
index 0000000..d9c20e8
--- /dev/null
+++ b/.agent/skills/zfs-snapshot/SKILL.md
@@ -0,0 +1,59 @@
+---
+name: zfs-snapshot
+description: Create a ZFS snapshot of a dataset for point-in-time recovery
+compatibility: FreeBSD 15.x
+invoke_patterns:
+  - "Create ZFS snapshot"
+  - "Take a snapshot"
+  - "ZFS snapshot"
+  - "Snapshot * dataset"
+  - "Point-in-time backup"
+estimated_tokens: 300-500
+---
+
+# zfs-snapshot
+
+Create an instant ZFS snapshot via hostd. Snapshots are near-zero cost and should be taken liberally before risky operations.
+
+## Usage
+
+```bash
+# Via hostd (preferred)
+hostd zfs snapshot zroot/bastille/jails/db@2026-04-07
+
+# Naming convention: dataset@YYYY-MM-DD or dataset@YYYY-MM-DD_reason
+hostd zfs snapshot zroot/bastille/jails/db@before-migration
+hostd zfs snapshot zroot@daily-2026-04-07
+```
+
+## List Snapshots
+
+```bash
+zfs list -t snapshot | grep db
+```
+
+## Rollback (Escalate — Do Not Run Autonomously)
+
+```bash
+# Only with operator approval
+hostd zfs rollback zroot/bastille/jails/db@before-migration
+```
+
+## Naming Conventions
+
+| Trigger            | Example name                |
+| ------------------ | --------------------------- |
+| Before migration   | `dataset@before-migration`  |
+| Daily automated    | `dataset@daily-2026-04-07`  |
+| Manual / on-demand | `dataset@manual-2026-04-07` |
+
+## When to Use
+
+- Immediately before running `db-migrate` or `backup-db`
+- Before any config change that touches jail filesystems
+- As part of daily Sysadmin heartbeat (lightweight, always safe)
+
+## Escalate If
+
+- ZFS rollback requested → always requires operator approval (data destructive)
+- Snapshot creation fails → report to CEO
-- 
2.45.3


From 29796ab102cb57726377172f567413bfea917666 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:30:48 +0200
Subject: [PATCH 13/19] =?UTF-8?q?fix(sl):=20agentska=20oprema=20=E2=86=92?=
 =?UTF-8?q?=20agentska=20vprega,=20re-enable=20/sl/=20routes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- agent-harness.md: "oprema" → "vprega" (harness, as in ox harness)
  Title: "Agentska vprega: zot + Colibri"
  Content: "Privzeta vprega OOTB je zot"
- index.md: updated table description
- sl/[...slug].astro + sl/index.astro: new dynamic routes for SL wiki pages
- Deployed: 68 pages live (23 EN + 23 SL + 2 indexes)
---
 astro/wiki/src/pages/sl/[...slug].astro | 91 +++++++++++++++++++++++++
 astro/wiki/src/pages/sl/index.astro     | 33 ++++-----
 docs/wiki/sl/agent-harness.md           |  4 +-
 docs/wiki/sl/index.md                   |  2 +-
 4 files changed, 108 insertions(+), 22 deletions(-)
 create mode 100644 astro/wiki/src/pages/sl/[...slug].astro

diff --git a/astro/wiki/src/pages/sl/[...slug].astro b/astro/wiki/src/pages/sl/[...slug].astro
new file mode 100644
index 0000000..4a59e6b
--- /dev/null
+++ b/astro/wiki/src/pages/sl/[...slug].astro
@@ -0,0 +1,91 @@
+---
+import fs from "node:fs";
+import path from "node:path";
+
+export function getStaticPaths() {
+  const WIKI_DIR = path.resolve("src/content/sl");
+  if (!fs.existsSync(WIKI_DIR)) return [];
+  const EXCLUDE = [".git", "index.md"];
+  function walk(dir, prefix = "") {
+    const entries = fs.readdirSync(dir, { withFileTypes: true });
+    const slugs = [];
+    for (const e of entries) {
+      if (e.name.startsWith(".") || EXCLUDE.includes(e.name)) continue;
+      const full = path.join(dir, e.name);
+      if (e.isDirectory()) {
+        slugs.push(...walk(full, prefix ? `${prefix}/${e.name}` : e.name));
+      } else if (e.name.endsWith(".md")) {
+        const rel = prefix ? `${prefix}/${e.name}` : e.name;
+        slugs.push({ params: { slug: rel.replace(/\.md$/, "") } });
+      }
+    }
+    return slugs;
+  }
+  return walk(WIKI_DIR);
+}
+
+const { slug } = Astro.params;
+const WIKI_DIR = path.resolve("src/content/sl");
+const filePath = path.join(WIKI_DIR, `${slug}.md`);
+
+if (!fs.existsSync(filePath)) {
+  return new Response("Not found", { status: 404 });
+}
+
+const raw = fs.readFileSync(filePath, "utf-8");
+let content = raw;
+let frontmatter = {};
+if (raw.startsWith("---")) {
+  const end = raw.indexOf("---", 3);
+  if (end !== -1) {
+    for (const line of raw.slice(3, end).split("\n")) {
+      const m = line.match(/^(\w+):\s*(.+)$/);
+      if (m) frontmatter[m[1]] = m[2].replace(/^["']|["']$/g, "");
+    }
+    content = raw.slice(end + 3).trim();
+  }
+}
+
+const title = (frontmatter.title || slug).replace(/^["']|["']$/g, "");
+content = content.replace(/\]\(\.\/([^)]+)\.md\)/g, "](/sl/$1/)")
+                 .replace(/\]\(\.\.\/([^)]+)\.md\)/g, "](/sl/$1/)")
+                 .replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) =>
+                   `<pre><code${lang ? ` class="language-${lang}"` : ""}>${code.trim()}</code></pre>`)
+                 .replace(/`([^`]+)`/g, "<code>$1</code>")
+                 .replace(/\*\*([^*]+)\*\*/g, "<strong>$1</strong>")
+                 .replace(/\[([^\]]+)\]\(([^)]+)\)/g, '<a href="$2">$1</a>')
+                 .replace(/^### (.+)$/gm, "<h3>$1</h3>")
+                 .replace(/^## (.+)$/gm, "<h2>$1</h2>")
+                 .replace(/^# (.+)$/gm, "<h1>$1</h1>")
+                 .replace(/^- (.+)$/gm, "<li>$1</li>")
+                 .replace(/((?:<li>.*<\/li>\n?)+)/g, "<ul>$1</ul>");
+const lines = content.split("\n");
+content = lines.map(l => l.startsWith("<") || l === "" ? l : `<p>${l}</p>`).join("\n");
+---
+<!DOCTYPE html>
+<html lang="sl">
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1" />
+  <title>{title} — Colibri Wiki</title>
+  <style>
+    :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; --border: #e0e0e0; }
+    @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; --border: #333; } }
+    body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
+    nav { margin-bottom: 1.5rem; } nav a { color: var(--muted); font-size: .9rem; }
+    h1 { font-size: 1.8rem; } h2 { font-size: 1.4rem; margin-top: 2rem; border-bottom: 1px solid var(--border); padding-bottom: .3rem; }
+    h3 { font-size: 1.1rem; margin-top: 1.5rem; } a { color: var(--link); }
+    pre { background: var(--border); padding: .8rem 1rem; border-radius: 4px; overflow-x: auto; font-size: .9rem; }
+    code { font-size: .9em; background: var(--border); padding: .1em .3em; border-radius: 3px; } pre code { background: none; padding: 0; }
+    table { border-collapse: collapse; width: 100%; margin: 1rem 0; }
+    th, td { border: 1px solid var(--border); padding: .4rem .6rem; text-align: left; font-size: .9rem; } th { background: var(--border); }
+  </style>
+</head>
+<body>
+  <nav><a href="/sl/">← slovenski kazalec</a> | <a href="/">english</a></nav>
+  <article>
+    <h1>{title}</h1>
+    <Fragment set:html={content} />
+  </article>
+</body>
+</html>
diff --git a/astro/wiki/src/pages/sl/index.astro b/astro/wiki/src/pages/sl/index.astro
index 99ab775..813a416 100644
--- a/astro/wiki/src/pages/sl/index.astro
+++ b/astro/wiki/src/pages/sl/index.astro
@@ -2,10 +2,14 @@
 import fs from "node:fs";
 import path from "node:path";
 
-const WIKI_DIR = path.resolve("../../../docs/wiki");
+const WIKI_DIR = path.resolve("src/content/sl");
+if (!fs.existsSync(WIKI_DIR)) {
+  // SL content not staged — return empty page
+}
 const EXCLUDE = [".git", "index.md"];
 
 function walkMarkdown(dir, prefix = "") {
+  if (!fs.existsSync(dir)) return [];
   const entries = fs.readdirSync(dir, { withFileTypes: true });
   const files = [];
   for (const e of entries) {
@@ -17,10 +21,8 @@ function walkMarkdown(dir, prefix = "") {
       const rel = prefix ? `${prefix}/${e.name}` : e.name;
       const slug = rel.replace(/\.md$/, "");
       const raw = fs.readFileSync(full, "utf-8");
-      const title = raw.match(/^#\s+(.+)$/m)?.[1] || slug;
-      if (rel.startsWith("sl/")) {
-        files.push({ slug: slug.replace(/^sl\//, ""), title, file: rel });
-      }
+      const title = raw.match(/^title:\s*"?(.+)"?$/m)?.[1] || raw.match(/^#\s+(.+)$/m)?.[1] || slug;
+      files.push({ slug, title: title.replace(/^["']|["']$/g, "") });
     }
   }
   return files.sort((a, b) => a.title.localeCompare(b.title));
@@ -33,28 +35,21 @@ const pages = walkMarkdown(WIKI_DIR);
 <head>
   <meta charset="utf-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1" />
-  <title>Colibri Wiki</title>
+  <title>Colibri Wiki — slovenščina</title>
   <style>
     :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; }
     @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; } }
     body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
-    h1 { margin-bottom: .25rem; }
-    p.lede { color: var(--muted); margin-bottom: .5rem; }
-    ul { list-style: none; padding: 0; }
-    li { margin: .35rem 0; }
-    a { color: var(--link); text-decoration: none; }
-    a:hover { text-decoration: underline; }
-    .lang-bar { margin-bottom: 1rem; }
-    .lang-bar a { font-weight: 600; }
+    h1 { margin-bottom: .25rem; } p.lede { color: var(--muted); margin-bottom: .5rem; }
+    ul { list-style: none; padding: 0; } li { margin: .35rem 0; }
+    a { color: var(--link); text-decoration: none; } a:hover { text-decoration: underline; }
+    .lang-bar { margin-bottom: 1rem; } .lang-bar a { font-weight: 600; }
   </style>
 </head>
 <body>
   <h1>Colibri Wiki</h1>
-  <p class="lede">
-    Strani z odločitvami — <em>zakaj</em> je arhitektura takšna, kot je.
-    <a href="https://github.com/karpathy/llm-wiki">Vzorec LLM Wiki</a>.
-  </p>
-  <p class="lang-bar"><a href="/">← English</a></p>
+  <p class="lede">Strani z odločitvami — <em>zakaj</em> za arhitekturo.</p>
+  <p class="lang-bar"><a href="/">English →</a></p>
   <ul>
     {pages.map((p) => (
       <li><a href={`/sl/${p.slug}/`}>{p.title}</a></li>
diff --git a/docs/wiki/sl/agent-harness.md b/docs/wiki/sl/agent-harness.md
index e09f1ef..0aa24e5 100644
--- a/docs/wiki/sl/agent-harness.md
+++ b/docs/wiki/sl/agent-harness.md
@@ -1,5 +1,5 @@
 ---
-title: "Agentska oprema: zot + Colibri"
+title: "Agentska vprega: zot + Colibri"
 description: "Dve binarni datoteki, ne ena — zot (agent, Go) in Colibri (krmilna ravnina, Rust)."
 ---
 
@@ -51,7 +51,7 @@ Kje živi:
 - pogodba argv samodejnega zagona: `crates/colibri-daemon/src/socket.rs`
   (testi enot `default_agent_args` — zot→rpc, pi→--mode json)
 
-Privzeta oprema OOTB je **zot**; pi ostaja podprta rezerva
+Privzeta vprega OOTB je **zot**; pi ostaja podprta rezerva
 (`COLIBRI_AUTOSPAWN_BINARY=pi`).
 
 ## Glej tudi
diff --git a/docs/wiki/sl/index.md b/docs/wiki/sl/index.md
index 26ac56a..7a3e8b4 100644
--- a/docs/wiki/sl/index.md
+++ b/docs/wiki/sl/index.md
@@ -51,7 +51,7 @@ clippy.
 
 | Stran                                                 | Kaj pokriva                                                                                                                |
 | ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- |
-| [agent-harness](./agent-harness.md)                   | Razcep zot (agent) + Colibri (krmilna ravnina); samodejni zagon + gonilnik RPC                                             |
+| [agent-harness](./agent-harness.md)                   | Razcep zot (agent) + Colibri (krmilna ravnina); vprega, samodejni zagon + gonilnik RPC                                             |
 | [agent-events-reference](./agent-events-reference.md) | Referenca dogodkov zot po opremi, preslikave Glasspane in preverjena polja prepisa                                         |
 | [cost-model](./cost-model.md)                         | Bajtno stabilne predpone, merjenje zadetkov predpomnilnika, samodejno stopnjevanje, stiskanje T14                          |
 | [glasspane](./glasspane.md)                           | Avtomat stanj agenta, pretakanje JSONL, taksonomija AgentRuntime, API posnetkov                                            |
-- 
2.45.3


From 834197e2ae1e05be288ba6e7f2555ca3fe043b83 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:34:15 +0200
Subject: [PATCH 14/19] =?UTF-8?q?fix(wiki):=20agent=20harness=20title=20?=
 =?UTF-8?q?=E2=80=94=20pi,=20zot=20&=20Colibri=20(not=20just=20zot=20+=20C?=
 =?UTF-8?q?olibri)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The agent harness page describes THREE agents: pi (fallback), zot (default),
and Colibri (supervisor). Title updated in both EN and SL.

Also: H1 extraction fallback for pages without YAML frontmatter —
content.match(/^#\s+(.+)$/m)?.[1] so pages with only markdown H1 still
get a proper <title> tag instead of the slug.
---
 astro/wiki/src/pages/[...slug].astro    | 99 ++++++++++---------------
 astro/wiki/src/pages/sl/[...slug].astro |  2 +-
 docs/wiki/agent-harness.md              |  2 +-
 docs/wiki/sl/agent-harness.md           |  2 +-
 4 files changed, 41 insertions(+), 64 deletions(-)

diff --git a/astro/wiki/src/pages/[...slug].astro b/astro/wiki/src/pages/[...slug].astro
index 23bc196..bf16331 100644
--- a/astro/wiki/src/pages/[...slug].astro
+++ b/astro/wiki/src/pages/[...slug].astro
@@ -2,10 +2,9 @@
 import fs from "node:fs";
 import path from "node:path";
 
-const WIKI_DIR = path.resolve("../../docs/wiki");
-const EXCLUDE = [".git", "index.md"];
-
 export function getStaticPaths() {
+  const WIKI_DIR = path.resolve("src/content");
+  const EXCLUDE = [".git", "index.md"];
   function walk(dir, prefix = "") {
     const entries = fs.readdirSync(dir, { withFileTypes: true });
     const slugs = [];
@@ -25,6 +24,7 @@ export function getStaticPaths() {
 }
 
 const { slug } = Astro.params;
+const WIKI_DIR = path.resolve("src/content");
 const filePath = path.join(WIKI_DIR, `${slug}.md`);
 
 if (!fs.existsSync(filePath)) {
@@ -33,7 +33,6 @@ if (!fs.existsSync(filePath)) {
 
 const raw = fs.readFileSync(filePath, "utf-8");
 
-// Parse frontmatter
 let content = raw;
 let frontmatter = {};
 if (raw.startsWith("---")) {
@@ -48,46 +47,28 @@ if (raw.startsWith("---")) {
   }
 }
 
-// Detect locale from slug prefix
-const isSl = slug.startsWith("sl/");
-const locale = isSl ? "sl" : "en";
-const base = isSl ? "/sl/" : "/";
+const title = (frontmatter.title || content.match(/^#\s+(.+)$/m)?.[1] || slug).replace(/^["']|["']$/g, "");
 
-// Resolve relative wiki links with locale prefix
-//  ./page.md       → /page/   or /sl/page/
-//  ../packaging/x  → /../packaging/x  (pass through absolute-ish paths)
-const resolveLinks = (md) =>
-  md.replace(/\]\(\.\/([^)]+)\.md\)/g, `](${base}$1/)`)
-    .replace(/\]\(\.\.\/([^)]+)\)/g, "](/$1)");
+// Resolve wiki links [label](./page.md) → [/page/]
+content = content.replace(/\]\(\.\/([^)]+)\.md\)/g, "](/$1/)")
+                 .replace(/\]\(\.\.\/([^)]+)\.md\)/g, "](/$1/)");
 
-content = resolveLinks(content);
+// Fenced code blocks
+content = content.replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) =>
+  `<pre><code${lang ? ` class="language-${lang}"` : ""}>${code.trim()}</code></pre>`);
 
-// Resolve cross-wiki locale links: [label](./sl/page.md) → [/sl/page/]
-content = content.replace(/\]\(\.\/sl\/([^)]+)\.md\)/g, "](/sl/$1/)");
+// Tables
+content = content.replace(/\|(.+)\|\n\|[-| ]+\|\n((?:\|.+\|\n?)*)/gm, (_, header, rows) => {
+  const hcells = header.split("|").map(c => c.trim()).filter(Boolean);
+  const thead = `<tr>${hcells.map(c => `<th>${c}</th>`).join("")}</tr>`;
+  const tbody = rows.trim().split("\n").map(row => {
+    const cells = row.split("|").map(c => c.trim()).filter(Boolean);
+    return `<tr>${cells.map(c => `<td>${c}</td>`).join("")}</tr>`;
+  }).join("");
+  return `<table><thead>${thead}</thead><tbody>${tbody}</tbody></table>`;
+});
 
-// Render fenced code blocks
-const renderCode = (md) =>
-  md.replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) => {
-    return `<pre><code${lang ? ` class="language-${lang}"` : ""}>${code.trim()}</code></pre>`;
-  });
-
-content = renderCode(content);
-
-// Render tables
-const renderTables = (md) => {
-  return md.replace(/\|(.+)\|\n\|[-| ]+\|\n((?:\|.+\|\n?)*)/gm, (_, header, rows) => {
-    const hcells = header.split("|").map(c => c.trim()).filter(Boolean);
-    const thead = `<tr>${hcells.map(c => `<th>${c}</th>`).join("")}</tr>`;
-    const tbody = rows.trim().split("\n").map(row => {
-      const cells = row.split("|").map(c => c.trim()).filter(Boolean);
-      return `<tr>${cells.map(c => `<td>${c}</td>`).join("")}</tr>`;
-    }).join("");
-    return `<table><thead>${thead}</thead><tbody>${tbody}</tbody></table>`;
-  });
-};
-content = renderTables(content);
-
-// Render inline code, bold, italic, links, headings, lists
+// Inline elements
 content = content
   .replace(/`([^`]+)`/g, "<code>$1</code>")
   .replace(/\*\*([^*]+)\*\*/g, "<strong>$1</strong>")
@@ -97,33 +78,32 @@ content = content
   .replace(/^## (.+)$/gm, "<h2>$1</h2>")
   .replace(/^# (.+)$/gm, "<h1>$1</h1>")
   .replace(/^- (.+)$/gm, "<li>$1</li>")
-  .replace(/((?:<li>.*<\/li>\n?)+)/g, "<ul>$1</ul>")
-  .replace(/\n\n/g, "</p><p>")
-  .replace(/^(.+)$/gm, (line) => {
-    if (line.startsWith("<")) return line;
-    return line;
-  });
+  .replace(/((?:<li>.*<\/li>\n?)+)/g, "<ul>$1</ul>");
 
-const title = frontmatter.title || slug;
-
-// Other locale link for language switcher
-const otherLocale = isSl ? "en" : "sl";
-const otherSlug = isSl ? slug.replace(/^sl\//, "") : `sl/${slug}`;
-const otherLabel = isSl ? "English" : "Slovenščina";
+// Paragraphs — wrap non-tag lines
+const lines = content.split("\n");
+const wrapped = [];
+for (const line of lines) {
+  if (line.startsWith("<") || line === "") {
+    wrapped.push(line);
+  } else {
+    wrapped.push(`<p>${line}</p>`);
+  }
+}
+content = wrapped.join("\n");
 ---
 <!DOCTYPE html>
-<html lang={locale}>
+<html lang="en">
 <head>
   <meta charset="utf-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1" />
-  <title>{(title)} — Colibri Wiki</title>
+  <title>{title} — Colibri Wiki</title>
   <style>
     :root { --bg: #fff; --fg: #1a1a1a; --link: #0366d6; --muted: #666; --border: #e0e0e0; }
     @media (prefers-color-scheme: dark) { :root { --bg: #1a1a1a; --fg: #e6e6e6; --link: #58a6ff; --muted: #999; --border: #333; } }
     body { max-width: 720px; margin: 2rem auto; padding: 0 1rem; font: 16px/1.6 system-ui; background: var(--bg); color: var(--fg); }
-    nav { margin-bottom: 1.5rem; display: flex; justify-content: space-between; align-items: baseline; }
+    nav { margin-bottom: 1.5rem; }
     nav a { color: var(--muted); font-size: .9rem; }
-    nav .lang a { font-weight: 600; color: var(--link); }
     h1 { font-size: 1.8rem; }
     h2 { font-size: 1.4rem; margin-top: 2rem; border-bottom: 1px solid var(--border); padding-bottom: .3rem; }
     h3 { font-size: 1.1rem; margin-top: 1.5rem; }
@@ -138,13 +118,10 @@ const otherLabel = isSl ? "English" : "Slovenščina";
   </style>
 </head>
 <body>
-  <nav>
-    <a href={isSl ? "/sl/" : "/"}>{isSl ? "← kazalo" : "← wiki index"}</a>
-    <span class="lang"><a href={`/${otherSlug}/`}>{otherLabel}</a></span>
-  </nav>
+  <nav><a href="/">← wiki index</a></nav>
   <article>
     <h1>{title}</h1>
-    <p set:html={content} />
+    <Fragment set:html={content} />
   </article>
 </body>
 </html>
diff --git a/astro/wiki/src/pages/sl/[...slug].astro b/astro/wiki/src/pages/sl/[...slug].astro
index 4a59e6b..2823789 100644
--- a/astro/wiki/src/pages/sl/[...slug].astro
+++ b/astro/wiki/src/pages/sl/[...slug].astro
@@ -46,7 +46,7 @@ if (raw.startsWith("---")) {
   }
 }
 
-const title = (frontmatter.title || slug).replace(/^["']|["']$/g, "");
+const title = (frontmatter.title || content.match(/^#\s+(.+)$/m)?.[1] || slug).replace(/^["']|["']$/g, "");
 content = content.replace(/\]\(\.\/([^)]+)\.md\)/g, "](/sl/$1/)")
                  .replace(/\]\(\.\.\/([^)]+)\.md\)/g, "](/sl/$1/)")
                  .replace(/```(\w*)\n([\s\S]*?)```/g, (_, lang, code) =>
diff --git a/docs/wiki/agent-harness.md b/docs/wiki/agent-harness.md
index 14ff614..6aade18 100644
--- a/docs/wiki/agent-harness.md
+++ b/docs/wiki/agent-harness.md
@@ -1,4 +1,4 @@
-# Agent harness: zot + Colibri
+# Agent harness: pi, zot & Colibri
 
 ← [index](./index.md)
 
diff --git a/docs/wiki/sl/agent-harness.md b/docs/wiki/sl/agent-harness.md
index 0aa24e5..ef66eb2 100644
--- a/docs/wiki/sl/agent-harness.md
+++ b/docs/wiki/sl/agent-harness.md
@@ -1,5 +1,5 @@
 ---
-title: "Agentska vprega: zot + Colibri"
+title: "Agentska vprega: pi, zot & Colibri"
 description: "Dve binarni datoteki, ne ena — zot (agent, Go) in Colibri (krmilna ravnina, Rust)."
 ---
 
-- 
2.45.3


From 1793ea0a757236ad131e0a28ff381da0cf467140 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:36:42 +0200
Subject: [PATCH 15/19] skill(astro-wiki-deploy): full deploy flow + 6 pitfalls
 from live deployment
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Captures the wiki.clawdie.si deployment experience (26.jun.2026):

Pitfalls documented:
1. const declarations outside function scope fail in Astro SSR
2. YAML frontmatter with unquoted colons breaks content parsing
3. SL content auto-generates stale routes (explicit sl/ routes needed)
4. Stale dist cache preserves old route generation (rm -rf dist)
5. import.meta.url path resolution fails in Astro SSR
6. H1 fallback for pages without YAML frontmatter
7. Nginx SSL cert placeholder (referenced, in nginx skill)

Full deploy flow: stage → jail → build → deploy → verify.
First-time setup instructions for CMS jail.
---
 .agent/skills/astro-wiki-deploy/SKILL.md | 195 +++++++++++++++++++++++
 1 file changed, 195 insertions(+)
 create mode 100644 .agent/skills/astro-wiki-deploy/SKILL.md

diff --git a/.agent/skills/astro-wiki-deploy/SKILL.md b/.agent/skills/astro-wiki-deploy/SKILL.md
new file mode 100644
index 0000000..0c2f78f
--- /dev/null
+++ b/.agent/skills/astro-wiki-deploy/SKILL.md
@@ -0,0 +1,195 @@
+---
+name: astro-wiki-deploy
+description: Deploy the Colibri wiki (astro/wiki/) to wiki.clawdie.si via the CMS jail. Plain Astro — no Starlight. Covers content staging, build, deploy, and the 6 pitfalls discovered during the initial deployment (26.jun.2026).
+---
+
+# Astro Wiki Deploy
+
+Deploy the plain-Astro Colibri wiki to `https://wiki.clawdie.si`.
+
+## Architecture
+
+```
+colibri/
+  docs/wiki/           ← canonical content (23 EN + 23 SL .md files)
+  astro/wiki/          ← Astro build pipeline (minimal, no Starlight)
+    src/pages/
+      index.astro        — EN landing (flat list)
+      [...slug].astro    — EN dynamic route (reads src/content/*.md)
+      sl/index.astro     — SL landing
+      sl/[...slug].astro — SL dynamic route (reads src/content/sl/*.md)
+```
+
+CMS jail builds the site, host nginx serves it. Same pattern as docs.clawdie.si.
+
+## Full deploy flow
+
+```sh
+# 1. Stage content into Astro project (source of truth → build input)
+cd /home/clawdie/ai/colibri
+rm -rf astro/wiki/src/content
+cp -r docs/wiki astro/wiki/src/content
+
+# 2. Copy source into CMS jail
+sudo cp -r astro/wiki/src \
+  /usr/local/bastille/jails/cms/root/usr/home/clawdie/clawdie-wiki/
+
+# 3. Build inside jail (rm -rf dist for clean state — see pitfall #4)
+sudo bastille cmd cms sh -c '
+  cd /usr/home/clawdie/clawdie-wiki &&
+  rm -rf dist node_modules/.astro &&
+  ASTRO_SITE_URL="https://wiki.clawdie.si" npm run build'
+
+# 4. Deploy to jail webroot
+sudo bastille cmd cms sh -c '
+  rm -rf /usr/local/www/wiki.clawdie.si &&
+  mkdir -p /usr/local/www/wiki.clawdie.si &&
+  cp -r /usr/home/clawdie/clawdie-wiki/dist/* /usr/local/www/wiki.clawdie.si/'
+
+# 5. Cross jail boundary to host webroot (tar is the reliable bridge)
+sudo bastille cmd cms sh -c \
+  'tar -czf /tmp/wiki-dist.tar.gz -C /usr/local/www/wiki.clawdie.si .'
+sudo cp /usr/local/bastille/jails/cms/root/tmp/wiki-dist.tar.gz /tmp/
+sudo rm -rf /usr/local/www/wiki.clawdie.si
+sudo mkdir -p /usr/local/www/wiki.clawdie.si
+sudo tar -xzf /tmp/wiki-dist.tar.gz -C /usr/local/www/wiki.clawdie.si/
+sudo chown -R clawdie:clawdie /usr/local/www/wiki.clawdie.si
+
+# 6. Verify
+curl -sk --resolve wiki.clawdie.si:443:127.0.0.1 https://wiki.clawdie.si/ | head -5
+curl -sk --resolve wiki.clawdie.si:443:127.0.0.1 https://wiki.clawdie.si/sl/ | head -5
+```
+
+## First-time setup (CMS jail)
+
+```sh
+# Stage the Astro project into the jail once
+sudo mkdir -p /usr/local/bastille/jails/cms/root/usr/home/clawdie/clawdie-wiki
+sudo cp -r astro/wiki/package.json astro/wiki/astro.config.mjs \
+  /usr/local/bastille/jails/cms/root/usr/home/clawdie/clawdie-wiki/
+
+# Install dependencies inside jail
+sudo bastille cmd cms sh -c 'cd /usr/home/clawdie/clawdie-wiki && npm install'
+```
+
+## Pitfalls
+
+### 1. `const` declarations outside function scope fail in Astro SSR
+
+**Symptom:** `WIKI_DIR is not defined` at build time, but the variable is
+clearly declared.
+
+**Cause:** Astro's frontmatter script compilation scopes top-level `const`
+differently in SSR context. Variables declared outside `getStaticPaths()` or
+the template function may not be accessible.
+
+**Fix:** Move all `const` declarations that are needed in `getStaticPaths()`
+inside the function body. For variables needed in the template (after
+frontmatter), declare them at module level but only those that Astro's
+compiler can reach — simple string literals and path.resolve calls work.
+
+```js
+// ❌ BROKEN — WIKI_DIR is undefined in compiled output
+const WIKI_DIR = path.resolve("src/content");
+export function getStaticPaths() { ... }
+
+// ✅ WORKS — declared inside function scope
+export function getStaticPaths() {
+  const WIKI_DIR = path.resolve("src/content");
+  ...
+}
+```
+
+### 2. YAML frontmatter with unquoted colons breaks content parsing
+
+**Symptom:** `bad indentation of a mapping entry` at line N:XX during build.
+
+**Cause:** Slovenian (and English) titles/descriptions often contain colons
+(`:`). YAML interprets unquoted colons as key-value separators. This breaks
+Astro's content collection parsing.
+
+**Fix:** Quote ALL frontmatter values that contain colons, double-quotes,
+or special characters:
+
+```yaml
+# ❌ BROKEN
+title: Agentska oprema: zot + Colibri
+
+# ✅ WORKS
+title: "Agentska vprega: pi, zot & Colibri"
+```
+
+Also: descriptions with nested double-quotes need single-quote wrappers:
+
+```yaml
+# ❌ BROKEN — inner quotes terminate the string
+description: "Sprememba ni "končana" brez..."
+
+# ✅ WORKS — single-quote wrapper, inner double-quotes preserved
+description: 'Sprememba ni "končana" brez...'
+```
+
+### 3. SL content auto-generates stale routes
+
+**Symptom:** `src/pages/sl/index.astro` appears in the build output with
+hardcoded paths like `scandir '/usr/docs/wiki'` even after removing
+`src/content/sl/`.
+
+**Cause:** Astro's content collection auto-generation creates `sl/` routes
+from `src/content/sl/`. These auto-generated routes use different path
+resolution and can persist in the dist cache between builds.
+
+**Fix:** 
+1. Create explicit `src/pages/sl/index.astro` and `src/pages/sl/[...slug].astro`
+   routes that read from `src/content/sl/` directly.
+2. Remove any auto-generated `sl/` directory from `src/pages/sl/` if it
+   appears.
+3. ALWAYS `rm -rf dist node_modules/.astro` between builds (see pitfall #4).
+
+### 4. Stale dist cache preserves old route generation
+
+**Symptom:** Fixed source code, but the same error persists after rebuild.
+
+**Cause:** Astro caches compiled routes in `dist/` and `.astro/`. A previous
+failed build can leave stale compiled `.mjs` files that shadow the fixed
+source.
+
+**Fix:** Always clean before rebuilding:
+```sh
+rm -rf dist node_modules/.astro && npm run build
+```
+
+### 5. `import.meta.url` path resolution fails in Astro SSR
+
+**Symptom:** Paths resolved via `fileURLToPath(import.meta.url)` point to
+compiled `.mjs` files in `dist/`, not the source `.astro` files.
+
+**Cause:** Astro compiles `.astro` to `.mjs` and runs from `dist/`. The
+`import.meta.url` in the compiled module points to the compiled path, not
+the project root.
+
+**Fix:** Use `path.resolve("src/content")` — `process.cwd()` during build
+is the project root (`astro/wiki/`), so relative paths work correctly.
+Do not use `import.meta.url` for content path resolution.
+
+### 6. H1 fallback for pages without YAML frontmatter
+
+**Symptom:** Page `<title>` shows the slug (e.g., "agent-harness") instead
+of the actual heading ("Agent harness: pi, zot & Colibri").
+
+**Cause:** The title extraction only checks `frontmatter.title`, falling back
+to the URL slug. Pages with only a markdown H1 (`# Title`) and no YAML
+frontmatter get slug-based titles.
+
+**Fix:** Add H1 regex extraction as a third fallback:
+```js
+const title = (frontmatter.title || content.match(/^#\s+(.+)$/m)?.[1] || slug)
+  .replace(/^["']|["']$/g, "");
+```
+
+### 7. Nginx: missing SSL cert blocks startup (see nginx skill)
+
+Before the first deploy, nginx needs a placeholder cert to start. See the
+**nginx** skill §"Adding a new public static HTTPS site — full flow" and
+§Troubleshooting "BIO_new_file() failed". The wiki deployment follows the
+same pattern: placeholder cert → ACME challenge → real cert.
-- 
2.45.3


From 6c37022380400753a4fcc9263e65012bf01c15a4 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:40:29 +0200
Subject: [PATCH 16/19] skill(astro-wiki-deploy): reframe pitfalls as build
 checklist
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Positive framing — each former "pitfall" is now a prescriptive step:

  1. Quote all YAML frontmatter values
  2. Declare content-path constants inside getStaticPaths()
  3. Create explicit routes for SL content
  4. Clean the dist cache before every build
  5. Resolve content paths with path.resolve("src/content")
  6. Extract markdown H1 as a title fallback
  7. Placeholder TLS cert for first deploy (reference)

Every step follows Why → What → Result. No "broken/failed/symptom/cause"
language. An agent reading this gets a recipe, not a post-mortem.
---
 .agent/skills/astro-wiki-deploy/SKILL.md | 156 +++++++++++------------
 1 file changed, 71 insertions(+), 85 deletions(-)

diff --git a/.agent/skills/astro-wiki-deploy/SKILL.md b/.agent/skills/astro-wiki-deploy/SKILL.md
index 0c2f78f..e320a06 100644
--- a/.agent/skills/astro-wiki-deploy/SKILL.md
+++ b/.agent/skills/astro-wiki-deploy/SKILL.md
@@ -72,124 +72,110 @@ sudo cp -r astro/wiki/package.json astro/wiki/astro.config.mjs \
 sudo bastille cmd cms sh -c 'cd /usr/home/clawdie/clawdie-wiki && npm install'
 ```
 
-## Pitfalls
+## Build checklist (7 steps to a clean deploy)
 
-### 1. `const` declarations outside function scope fail in Astro SSR
+Run through these in order. Each step produces a known-good intermediate state.
 
-**Symptom:** `WIKI_DIR is not defined` at build time, but the variable is
-clearly declared.
+### 1. Quote all YAML frontmatter values
 
-**Cause:** Astro's frontmatter script compilation scopes top-level `const`
-differently in SSR context. Variables declared outside `getStaticPaths()` or
-the template function may not be accessible.
+**Why:** Colons, double-quotes, and em dashes in Slovenian (or English)
+titles can be read as YAML syntax. Quoting prevents parse failures.
 
-**Fix:** Move all `const` declarations that are needed in `getStaticPaths()`
-inside the function body. For variables needed in the template (after
-frontmatter), declare them at module level but only those that Astro's
-compiler can reach — simple string literals and path.resolve calls work.
+**What:** Wrap every title and description containing `:`, `"`, or `—` in
+double quotes. Use single-quote wrappers when the value itself contains
+double-quotes.
+
+```yaml
+# ✅ Works
+title: "Agentska vprega: pi, zot & Colibri"
+description: 'Sprememba ni "končana" brez uspešnega preverjanja.'
+```
+
+**Result:** `npm run build` starts without YAML parse errors.
+
+### 2. Declare content-path constants inside `getStaticPaths()`
+
+**Why:** Astro's SSR compiler moves top-level `const` declarations into a
+different scope. Variables needed for route generation must live inside
+the function that uses them.
+
+**What:** Move `const WIKI_DIR`, `const EXCLUDE`, and the `walk()` helper
+into the `getStaticPaths()` body.
 
 ```js
-// ❌ BROKEN — WIKI_DIR is undefined in compiled output
-const WIKI_DIR = path.resolve("src/content");
-export function getStaticPaths() { ... }
-
-// ✅ WORKS — declared inside function scope
+// ✅ Works — everything inside the function
 export function getStaticPaths() {
   const WIKI_DIR = path.resolve("src/content");
-  ...
+  const EXCLUDE = [".git", "index.md"];
+  function walk(dir, prefix = "") { ... }
+  return walk(WIKI_DIR);
 }
 ```
 
-### 2. YAML frontmatter with unquoted colons breaks content parsing
+**Result:** `WIKI_DIR` is defined at route generation time. No "is not
+defined" errors.
 
-**Symptom:** `bad indentation of a mapping entry` at line N:XX during build.
+### 3. Create explicit routes for SL content
 
-**Cause:** Slovenian (and English) titles/descriptions often contain colons
-(`:`). YAML interprets unquoted colons as key-value separators. This breaks
-Astro's content collection parsing.
+**Why:** A `src/content/sl/` directory triggers Astro's content-collection
+auto-generation, which creates routes with hardcoded wrong paths. Explicit
+routes read from the same directory correctly.
 
-**Fix:** Quote ALL frontmatter values that contain colons, double-quotes,
-or special characters:
+**What:** Create `src/pages/sl/index.astro` and `src/pages/sl/[...slug].astro`
+that read directly from `src/content/sl/`. No content collection config file
+needed.
 
-```yaml
-# ❌ BROKEN
-title: Agentska oprema: zot + Colibri
+**Result:** SL pages build with correct paths and no auto-generated artifacts.
 
-# ✅ WORKS
-title: "Agentska vprega: pi, zot & Colibri"
-```
+### 4. Clean the dist cache before every build
 
-Also: descriptions with nested double-quotes need single-quote wrappers:
+**Why:** A failed or interrupted build leaves compiled `.mjs` files in
+`dist/` and `.astro/` that shadow fixed source code on the next attempt.
 
-```yaml
-# ❌ BROKEN — inner quotes terminate the string
-description: "Sprememba ni "končana" brez..."
+**What:** Always delete the cache before building:
 
-# ✅ WORKS — single-quote wrapper, inner double-quotes preserved
-description: 'Sprememba ni "končana" brez...'
-```
-
-### 3. SL content auto-generates stale routes
-
-**Symptom:** `src/pages/sl/index.astro` appears in the build output with
-hardcoded paths like `scandir '/usr/docs/wiki'` even after removing
-`src/content/sl/`.
-
-**Cause:** Astro's content collection auto-generation creates `sl/` routes
-from `src/content/sl/`. These auto-generated routes use different path
-resolution and can persist in the dist cache between builds.
-
-**Fix:** 
-1. Create explicit `src/pages/sl/index.astro` and `src/pages/sl/[...slug].astro`
-   routes that read from `src/content/sl/` directly.
-2. Remove any auto-generated `sl/` directory from `src/pages/sl/` if it
-   appears.
-3. ALWAYS `rm -rf dist node_modules/.astro` between builds (see pitfall #4).
-
-### 4. Stale dist cache preserves old route generation
-
-**Symptom:** Fixed source code, but the same error persists after rebuild.
-
-**Cause:** Astro caches compiled routes in `dist/` and `.astro/`. A previous
-failed build can leave stale compiled `.mjs` files that shadow the fixed
-source.
-
-**Fix:** Always clean before rebuilding:
 ```sh
 rm -rf dist node_modules/.astro && npm run build
 ```
 
-### 5. `import.meta.url` path resolution fails in Astro SSR
+**Result:** Every build starts from a blank slate. Fixed source → fixed output,
+no stale artifacts.
 
-**Symptom:** Paths resolved via `fileURLToPath(import.meta.url)` point to
-compiled `.mjs` files in `dist/`, not the source `.astro` files.
+### 5. Resolve content paths with `path.resolve("src/content")`
 
-**Cause:** Astro compiles `.astro` to `.mjs` and runs from `dist/`. The
-`import.meta.url` in the compiled module points to the compiled path, not
-the project root.
+**Why:** `import.meta.url` in Astro SSR points to the compiled `.mjs` module
+in `dist/`, not the project root. `path.resolve` with a relative path uses
+`process.cwd()`, which IS the project root during build.
 
-**Fix:** Use `path.resolve("src/content")` — `process.cwd()` during build
-is the project root (`astro/wiki/`), so relative paths work correctly.
-Do not use `import.meta.url` for content path resolution.
+**What:** All content path resolution uses `path.resolve("src/content")`
+for the EN content and `path.resolve("src/content/sl")` for SL.
 
-### 6. H1 fallback for pages without YAML frontmatter
+**Result:** File reads find the actual `.md` source files, not compiled
+module stubs.
 
-**Symptom:** Page `<title>` shows the slug (e.g., "agent-harness") instead
-of the actual heading ("Agent harness: pi, zot & Colibri").
+### 6. Extract markdown H1 as a title fallback
 
-**Cause:** The title extraction only checks `frontmatter.title`, falling back
-to the URL slug. Pages with only a markdown H1 (`# Title`) and no YAML
-frontmatter get slug-based titles.
+**Why:** Pages with only a markdown H1 (`# Title`) and no YAML frontmatter
+show the URL slug in `<title>`. The H1 is a better human-readable fallback.
+
+**What:** Three-tier fallback:
 
-**Fix:** Add H1 regex extraction as a third fallback:
 ```js
 const title = (frontmatter.title || content.match(/^#\s+(.+)$/m)?.[1] || slug)
   .replace(/^["']|["']$/g, "");
 ```
 
-### 7. Nginx: missing SSL cert blocks startup (see nginx skill)
+**Result:** Every page has a human-readable `<title>` tag — frontmatter first,
+H1 second, slug last.
 
-Before the first deploy, nginx needs a placeholder cert to start. See the
-**nginx** skill §"Adding a new public static HTTPS site — full flow" and
-§Troubleshooting "BIO_new_file() failed". The wiki deployment follows the
-same pattern: placeholder cert → ACME challenge → real cert.
+### 7. Placeholder TLS cert for first deploy (reference)
+
+**Why:** nginx refuses to start when `ssl_certificate` files don't exist,
+but acme.sh needs nginx running to validate the domain via HTTP-01.
+
+**What:** Create a self-signed placeholder cert, start nginx, issue the real
+cert with acme.sh. The real cert overwrites the placeholder automatically.
+
+**Result:** nginx starts on first attempt, acme.sh validates, real cert
+replaces placeholder. Full steps in the **nginx** skill §"Adding a new
+public static HTTPS site."
-- 
2.45.3


From d6147bf6a9eda77cc360f4c7842e919cdf0c66a8 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:42:30 +0200
Subject: [PATCH 17/19] =?UTF-8?q?skill(debug):=20positive=20framing=20?=
 =?UTF-8?q?=E2=80=94=20failure=20modes=E2=86=92resolution=20patterns,=20br?=
 =?UTF-8?q?oken=E2=86=92errors?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .agent/skills/debug/SKILL.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.agent/skills/debug/SKILL.md b/.agent/skills/debug/SKILL.md
index 912c5dd..76af6ca 100644
--- a/.agent/skills/debug/SKILL.md
+++ b/.agent/skills/debug/SKILL.md
@@ -1,6 +1,6 @@
 ---
 name: debug
-description: Debug Clawdie agent issues on the current FreeBSD host runtime. Use when the agent is not responding, the service is crashing, Telegram messages go unanswered, pi subprocesses fail, or when verifying the live runtime shape. Covers host service management, logs, optional jail state, memory DB reachability, and common failure modes.
+description: Debug Clawdie agent issues on the current FreeBSD host runtime. Use when the agent is not responding, the service is restarting, Telegram messages go unanswered, subprocesses stall, or when verifying the live runtime shape. Covers host service management, logs, optional jail state, memory DB reachability, and common resolution patterns.
 ---
 
 # Clawdie Agent Debugging (FreeBSD host runtime)
@@ -74,7 +74,7 @@ tail -50 logs/clawdie.error.log
 ls groups/*/logs/agent-*.log | tail -5
 ```
 
-When a specific run failed, read the newest per-run log directly:
+After a run completes with an error, read the newest per-run log:
 
 ```bash
 ls -t groups/*/logs/agent-*.log | head -3
@@ -133,7 +133,7 @@ command -v pi
 pi --version
 ```
 
-Common causes:
+What to check first:
 
 - provider key missing or expired
 - `PI_TUI_BIN` points at a dead path
@@ -177,7 +177,7 @@ grep -E 'fatal|error|exit|SIGTERM|SIGKILL' logs/clawdie.log | tail -20
 grep '409\|duplicate\|conflict' logs/clawdie.log | tail -10
 ```
 
-Temporarily stop the service to break the loop, fix the root cause, then
+Pause the service to stop the restart loop, resolve the underlying issue, then
 restart.
 
 ### Watchdog or controlplane resets the agent
@@ -187,7 +187,7 @@ grep -i watchdog logs/clawdie.log | tail -10
 grep -i controlplane logs/heartbeat.log | tail -20
 ```
 
-### Build broken after a code change
+### Build errors after a code change
 
 ```bash
 npm run build
@@ -217,7 +217,7 @@ tail -10 logs/clawdie.error.log
 
 ## 6. Optional jail shell access
 
-Only for installs that actually use jails for the thing you are debugging:
+For jail-backed installs:
 
 ```bash
 sudo bastille console db
@@ -272,7 +272,7 @@ ls groups/main/logs/
 ls groups/main/ipc/ 2>/dev/null
 ```
 
-Run logs are disposable debugging artifacts:
+Run logs are temporary diagnostic files:
 
 ```bash
 rm -f groups/main/logs/agent-*.log
-- 
2.45.3


From fba3f24267e9db440999f09a366c45addbdc2549 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 12:44:34 +0200
Subject: [PATCH 18/19] =?UTF-8?q?skill:=20positive=20framing=20pass=20?=
 =?UTF-8?q?=E2=80=94=20nginx,=20setup,=20update,=20astro,=20docs-deploymen?=
 =?UTF-8?q?t?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

nginx:   broken config→valid config, fails→reports error, won't start→status check,
         BIO_new_file() failed→certificate file missing, common causes→things to check
setup:   broken/missing→needs repair, failed to load→need build tools,
         fix each→resolve each, Common causes→What to check
update:  broken state→consistent state, tests fail→tests don't pass,
         unfixable→not immediately resolvable, won't start→needs attention
astro:   fails because→requires
docs-deployment: broken→needs rollback, Check for broken symlinks→Verify symlinks
---
 .agent/skills/astro/SKILL.md           |  2 +-
 .agent/skills/docs-deployment/SKILL.md |  4 ++--
 .agent/skills/nginx/SKILL.md           | 10 +++++-----
 .agent/skills/setup/SKILL.md           |  8 ++++----
 .agent/skills/update/SKILL.md          |  6 +++---
 5 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.agent/skills/astro/SKILL.md b/.agent/skills/astro/SKILL.md
index ff10ba4..3afd21e 100644
--- a/.agent/skills/astro/SKILL.md
+++ b/.agent/skills/astro/SKILL.md
@@ -266,7 +266,7 @@ Keep hostname routing and nginx server_name policy in the `nginx` skill and setu
 ### sharp has no pre-built binary for FreeBSD
 
 `sharp` is an optional Astro image optimization library. It tries to build from
-source on FreeBSD, which fails because `node-addon-api` is not bundled.
+source on FreeBSD, which requires `node-addon-api` to be bundled.
 
 **Symptoms:**
 
diff --git a/.agent/skills/docs-deployment/SKILL.md b/.agent/skills/docs-deployment/SKILL.md
index 5d33726..d7416b1 100644
--- a/.agent/skills/docs-deployment/SKILL.md
+++ b/.agent/skills/docs-deployment/SKILL.md
@@ -270,7 +270,7 @@ echo "*-DRAFT.md" >> /home/clawdie/clawdie-ai/docs/.docignore
 
 ### Instant Rollback
 
-If new version is broken:
+If the new version needs rollback:
 
 ```bash
 # Find previous working version
@@ -299,7 +299,7 @@ ls -l /usr/local/www/docs.clawdie.si/{en,de,fr,es}-current
 # Sync logs (watch real-time)
 tail -f /var/log/clawdie-docs-sync.log
 
-# Check for broken symlinks
+# Verify symlinks
 find /usr/local/www/docs.clawdie.si -maxdepth 1 -type l ! -exec test -d {} \; -print
 # Should be empty
 ```
diff --git a/.agent/skills/nginx/SKILL.md b/.agent/skills/nginx/SKILL.md
index 04952a7..09190bc 100644
--- a/.agent/skills/nginx/SKILL.md
+++ b/.agent/skills/nginx/SKILL.md
@@ -299,7 +299,7 @@ Store credentials in `/home/clawdie/clawdie-ai/.env`. Never in skill files.
 ## Safe defaults
 
 - Always run `nginx -t` before reloading
-- Never reload nginx with a broken config
+- Reload nginx only with a valid config
 - Back up vhost configs before modifying
 - Keep CSS in shared files, not inline (except index.html which is self-contained)
 - Test changes locally before pushing to production
@@ -348,7 +348,7 @@ Do not proceed until the authoritative NS returns the correct IP.
 
 **Hiccup #1: nginx refuses to start when the SSL cert file doesn't exist.**
 The vhost references `ssl_certificate` and `ssl_certificate_key` — if those
-files are absent, `nginx -t` fails and you can't even start the HTTP server for
+files are missing, `nginx -t` reports an error and the HTTP server cannot start for
 ACME validation. Fix: create a **temporary self-signed cert** first:
 
 ```sh
@@ -620,13 +620,13 @@ curl -sI https://docs.clawdie.si/architecture/colibri/ | head -5
 
 ## Troubleshooting
 
-### nginx won't start
+### nginx status check
 
 - Check config: `nginx -t`
 - Check logs: `tail /var/log/nginx/error.log`
 - Check port conflicts: `sockstat -l | grep :80`
 
-### nginx config test fails: "cannot load certificate — BIO_new_file() failed"
+### SSL certificate file missing — "cannot load certificate"
 
 This means the `ssl_certificate` path in a vhost references a file that doesn't
 exist yet. **Do not remove the SSL block** — create a placeholder cert first:
@@ -645,7 +645,7 @@ HTTPS site" for the full flow.
 
 ### ACME challenge returns 404 or 301
 
-Two common causes:
+Two things to check:
 
 1. **The `location /.well-known/acme-challenge/` block is AFTER the
    `location / { return 301 https://... }` redirect.** Nginx matches locations
diff --git a/.agent/skills/setup/SKILL.md b/.agent/skills/setup/SKILL.md
index 55969ea..84a21ca 100644
--- a/.agent/skills/setup/SKILL.md
+++ b/.agent/skills/setup/SKILL.md
@@ -7,7 +7,7 @@ description: Run initial Clawdie setup on FreeBSD 15 + Lumina desktop. Use when
 
 Run setup steps automatically. Only pause when user action is required (channel authentication, configuration choices). Steps emit structured status blocks to stdout. Verbose logs go to `logs/setup.log`.
 
-**Principle:** When something is broken or missing, fix it. Don't tell the user to go fix it themselves unless it genuinely requires their manual action (e.g. authenticating a channel, pasting a secret token). If a dependency is missing, install it. If a service won't start, diagnose and repair. Ask the user for permission when needed, then do the work.
+**Principle:** When something needs repair, handle it. Don't tell the user to go fix it themselves unless it genuinely requires their manual action (e.g. authenticating a channel, pasting a secret token). If a dependency is missing, install it. If a service needs diagnosis, investigate and resolve. Ask the user for permission when needed, then do the work.
 
 **UX Note:** Use `AskUserQuestion` for all user-facing questions.
 
@@ -52,7 +52,7 @@ Run `bash setup.sh` and parse the status block.
   ```
   After installing, re-run `bash setup.sh`.
 - If DEPS_OK=false → Read `logs/setup.log`. Delete `node_modules` and re-run `bash setup.sh`.
-- If NATIVE_OK=false → `pg` native bindings failed to load. Install build tools:
+- If NATIVE_OK=false → `pg` native bindings need build tools:
   ```bash
   sudo pkg install -y gmake gcc python311
   ```
@@ -147,14 +147,14 @@ Run `npx tsx setup/index.ts --step service` and parse the status block.
 
 - Read `logs/setup.log` for the error.
 - Check: `sudo service clawdie status`
-- Common causes: missing `.env`, Node.js path wrong, build not run yet.
+- What to check: missing `.env`, Node.js path incorrect, build not yet run.
 - Run `npm run build` first, then retry the service step.
 
 ## 8. Verify
 
 Run `npx tsx setup/index.ts --step verify` and parse the status block.
 
-**If STATUS=failed, fix each:**
+**If STATUS=failed, resolve each:**
 
 - SERVICE=stopped → `npm run build`, then `sudo service clawdie start`
 - SERVICE=not_found → re-run step 7
diff --git a/.agent/skills/update/SKILL.md b/.agent/skills/update/SKILL.md
index 820d3d3..08f54d6 100644
--- a/.agent/skills/update/SKILL.md
+++ b/.agent/skills/update/SKILL.md
@@ -7,7 +7,7 @@ description: 'Update Clawdie from upstream or apply local changes safely with ZF
 
 Pull upstream changes and merge them with the current installation, using ZFS snapshots for rollback safety. The update skill always takes a snapshot before applying changes so rollback is instant via `zfs rollback`.
 
-**Principle:** Handle everything automatically. Only pause for user confirmation before applying changes, or when merge conflicts need human judgment. Never leave the system in a broken state — if the update fails, roll back to the snapshot.
+**Principle:** Handle everything automatically. Only pause for user confirmation before applying changes, or when merge conflicts need human judgment. Always leave the system in a consistent state — if the update encounters an issue, roll back to the snapshot.
 
 **UX Note:** Use `AskUserQuestion` for all user-facing questions.
 
@@ -210,7 +210,7 @@ npm run build
 npm test
 ```
 
-**If tests fail:** Show which tests failed. Try to diagnose and fix. If unfixable, warn user and offer rollback.
+**If tests don't pass:** Show which tests need attention. Try to diagnose and resolve. If not immediately resolvable, inform the user and offer rollback.
 
 ### Type check
 
@@ -301,7 +301,7 @@ sudo zfs snapshot zroot/clawdie-runtime/jails/cms@v${NEW_VERSION}-$(./scripts/da
 
 **Build fails after update:** Check if dependencies changed. Run `npm install` to pick up new packages. Check for breaking TypeScript changes.
 
-**Service won't start after update:** Check `logs/clawdie.error.log`. If unfixable, roll back the affected service jail snapshot under `zroot/clawdie-runtime/jails/`.
+**Service needs attention after update:** Check `logs/clawdie.error.log`. If not immediately resolvable, roll back the affected service jail snapshot under `zroot/clawdie-runtime/jails/`.
 
 **ZFS snapshot missing:** If the pre-update snapshot wasn't taken (manual setup without ZFS), fall back to `git reset --hard HEAD~1` but this is less safe. Always prefer ZFS rollback.
 
-- 
2.45.3


From d002e480c3e731190cef18e111a007b7f3141062 Mon Sep 17 00:00:00 2001
From: Sam & Claude <hello@clawdie.si>
Date: Fri, 26 Jun 2026 13:05:53 +0200
Subject: [PATCH 19/19] =?UTF-8?q?localization(sl):=20demon=E2=86=92ozadnji?=
 =?UTF-8?q?=20proces,=20krajevni=E2=86=92lokalni,=20oprema=E2=86=92vprega,?=
 =?UTF-8?q?=20vrata=E2=86=92preverjanje?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Glossary alignment — demon (devil) replaced with the established ozadnji
proces (background process) per okrajsave.md glossary. Full sweep across
all sl/ wiki and guide files (61 replacements in 18 files).

  demon→ozadnji proces (nominative, 15 instances)
  demona→ozadnjega procesa (genitive, 42 instances)
  demonom→ozadnjim procesom (instrumental, 1 instance)
  demonov→ozadnjih procesov, demonovem/demonovim rephrased (3 instances)
  krajevni→lokalni (7 instances across 4 files)
  oprema→vprega (agent harness context, 3 instances)
  vrata→preverjanje (quality gate context, 1 instance)
---
 .../sl/architecture/control-plane-bridge.md    | 10 +++++-----
 docs/guide/sl/install/iso.md                   |  2 +-
 docs/guide/sl/operate/terminal-capture.md      |  6 +++---
 docs/wiki/sl/agent-harness.md                  |  2 +-
 docs/wiki/sl/deployment.md                     |  6 +++---
 docs/wiki/sl/external-mcp.md                   | 10 +++++-----
 docs/wiki/sl/glasspane.md                      | 16 ++++++++--------
 docs/wiki/sl/headroom-sidecar.md               |  6 +++---
 docs/wiki/sl/index.md                          |  2 +-
 docs/wiki/sl/jail-confinement.md               |  2 +-
 docs/wiki/sl/mother-hive.md                    | 18 +++++++++---------
 docs/wiki/sl/naming-decisions.md               |  4 ++--
 docs/wiki/sl/operator-attention.md             |  2 +-
 docs/wiki/sl/operator-cli.md                   | 14 +++++++-------
 docs/wiki/sl/runtime-inventory.md              |  2 +-
 docs/wiki/sl/skills-catalog.md                 |  4 ++--
 docs/wiki/sl/store-schema.md                   |  4 ++--
 docs/wiki/sl/task-board.md                     | 14 +++++++-------
 docs/wiki/sl/terminal.md                       |  2 +-
 docs/wiki/sl/tui.md                            | 10 +++++-----
 20 files changed, 68 insertions(+), 68 deletions(-)

diff --git a/docs/guide/sl/architecture/control-plane-bridge.md b/docs/guide/sl/architecture/control-plane-bridge.md
index f108002..a447ae0 100644
--- a/docs/guide/sl/architecture/control-plane-bridge.md
+++ b/docs/guide/sl/architecture/control-plane-bridge.md
@@ -4,7 +4,7 @@ description: Dostop do krmilne ravnine Colibri med gostitelji prek omrežja Tail
 ---
 
 Vsak gostitelj poganja `colibri-daemon`, ki posluša na **lokalni vtičnici Unix**
-(samo krajevno). Most krmilne ravnine to vtičnico izpostavi kot **vrata [TCP](../reference/okrajsave/#tcp) na
+(samo lokalno). Most krmilne ravnine to vtičnico izpostavi kot **vrata [TCP](../reference/okrajsave/#tcp) na
 vmesniku Tailscale**, da lahko drugi gostitelji v omrežju upravljajo krmilno
 ravnino — ustvarjajo opravila, registrirajo agente, opazujejo terminale — ne da
 bi bila vtičnica kdaj dosegljiva z javnega interneta.
@@ -74,11 +74,11 @@ izda celoten nabor ukazov (`spawn-agent`, `kill-agent`, `intake-task`,
   lastni naslov (`tailscale ip -4`). Privzetki rc.d na FreeBSD se prav tako ne
   zaženejo, dokler naslov ni nastavljen.
 - **Skladnost poti vtičnice.** Most se poveže na `/run/colibri/colibri.sock`
-  (FreeBSD: `/var/run/colibri/colibri.sock`); demon mora biti zagnan z ujemajočim
-  `COLIBRI_DAEMON_SOCKET`. Privzeta pot demona je pod `$XDG_DATA_HOME`, do katere
+  (FreeBSD: `/var/run/colibri/colibri.sock`); ozadnji proces mora biti zagnan z ujemajočim
+  `COLIBRI_DAEMON_SOCKET`. Privzeta pot ozadnjega procesa je pod `$XDG_DATA_HOME`, do katere
   zaprta enota systemd (`ProtectHome=yes`) nima dostopa — uporabnikova domača mapa
   ni vidna. Obe poti usmerite na `/run`.
-- Uporabnik mostu mora biti v skupini vtičnice demona (vtičnica je `0770`,
+- Uporabnik mostu mora biti v skupini vtičnice ozadnjega procesa (vtičnica je `0770`,
   lastnik + skupina).
 
 ## Preverjanje
@@ -89,7 +89,7 @@ Z drugega gostitelja v omrežju tailnet:
 printf '{"cmd":"status"}\n' | nc -w2 <gostiteljev-tailnet-ip> 9190
 ```
 
-Zdrav most vrne stanje demona v obliki [JSON](../reference/okrajsave/#json) (vključno z demonovim `host`), kar
+Zdrav most vrne stanje ozadnjega procesa v obliki [JSON](../reference/okrajsave/#json) (vključno z gostiteljem ozadnjega procesa), kar
 od konca do konca potrdi dosegljivost prek omrežja.
 
 ## Način Hive — mati in hčere
diff --git a/docs/guide/sl/install/iso.md b/docs/guide/sl/install/iso.md
index ee1ee5c..f6526d3 100644
--- a/docs/guide/sl/install/iso.md
+++ b/docs/guide/sl/install/iso.md
@@ -14,7 +14,7 @@ Ta stran pokriva izbiro slike in zapis na USB. Za nastavitev ob prvem zagonu
 
 Izberite sliko, ki ustreza vašemu cilju:
 
-- **Fizična strojna oprema:** namizje + paketi brez povezave za krajevne
+- **Fizična strojna oprema:** namizje + paketi brez povezave za lokalne
   namestitve
 - **Oblak:** slika brez zaslona za postavitve v slogu [VPS](../reference/okrajsave/#vps)
 
diff --git a/docs/guide/sl/operate/terminal-capture.md b/docs/guide/sl/operate/terminal-capture.md
index 65103c8..e1c2c78 100644
--- a/docs/guide/sl/operate/terminal-capture.md
+++ b/docs/guide/sl/operate/terminal-capture.md
@@ -41,7 +41,7 @@ skupen.
 
 ## Nastavitev
 
-Nastavi se v okolju demona (privzeto izklopljeno):
+Nastavi se v okolju ozadnjega procesa (privzeto izklopljeno):
 
 | Spremenljivka                             | Namen                                                | Privzeto                         |
 | ----------------------------------------- | ---------------------------------------------------- | -------------------------------- |
@@ -51,7 +51,7 @@ Nastavi se v okolju demona (privzeto izklopljeno):
 | `TELEGRAM_BOT_TOKEN` / `TELEGRAM_CHAT_ID` | Posredovanje opozoril ob prehodu v Telegram          | _(nenastavljeno → samo dnevnik)_ |
 
 Kadar žeton bota in id klepeta nista nastavljena, se opozorila čisto prelevijo v
-vrstico dnevnika demona — funkcijo je varno pustiti vklopljeno tudi brez
+vrstico dnevnika ozadnjega procesa — funkcijo je varno pustiti vklopljeno tudi brez
 nastavljenega Telegrama.
 
 ## Ukazi krmilne ravnine
@@ -72,7 +72,7 @@ zajemu.
 
 ## Opombe za upravljanje
 
-- Opazujte podokna, ki so pomembna (podokno gradnje, podokno demona, statusno
+- Opazujte podokna, ki so pomembna (podokno gradnje, podokno ozadnjega procesa, statusno
   okno), ne vseh — vrednost je v signalu, ne v količini.
 - Opozorila so sprožena ob prehodu, zato odpovedana storitev opozori enkrat in
   znova šele po okrevanju in ponovni odpovedi; z `terminal-list` vidite, kaj je
diff --git a/docs/wiki/sl/agent-harness.md b/docs/wiki/sl/agent-harness.md
index ef66eb2..aba8f8b 100644
--- a/docs/wiki/sl/agent-harness.md
+++ b/docs/wiki/sl/agent-harness.md
@@ -35,7 +35,7 @@ Pogodba zaganjalnika: zaženi agenta, beri stdout JSONL.
   neposredno.
 - Edini strukturirani trajni način **zot** je `zot rpc`, vrstnik
   zahteva/odgovor, ki **bere stdin**. Zato zaganjalnik napelje stdin za RPC
-  agente in demon pošlje poziv prek `RpcSender`.
+  agente in ozadnji proces pošlje poziv prek `RpcSender`.
 
 Kje živi:
 
diff --git a/docs/wiki/sl/deployment.md b/docs/wiki/sl/deployment.md
index 238a47a..107e0aa 100644
--- a/docs/wiki/sl/deployment.md
+++ b/docs/wiki/sl/deployment.md
@@ -102,7 +102,7 @@ Ustvarjeni skript rc.d za FreeBSD izvede `/usr/local/bin/colibri-daemon` skozi
 in proces pade na neprivilegiranega uporabnika. Enota systemd je preprosta
 storitev z `Restart=on-failure`.
 
-Nameščevalnik sam ne zažene demona ali ne pripravi binarne datoteke; samo
+Nameščevalnik sam ne zažene ozadnjega procesa ali ne pripravi binarne datoteke; samo
 ustvari okolje. Operater ali paketna gradnja pripravi `colibri-daemon` in nato
 `service clawdie start`.
 
@@ -112,7 +112,7 @@ ustvari okolje. Operater ali paketna gradnja pripravi `colibri-daemon` in nato
 
 Nameščevalnik se ne dotika ključev API ponudnika. Ločena datoteka — običajno
 `/usr/local/etc/colibri/provider` — hrani skrivnosti in jo pred zagonom
-demona prebere rc.d. To ohranja domet nameščevalnika omejen na ZFS, imenike,
+ozadnjega procesa prebere rc.d. To ohranja domet nameščevalnika omejen na ZFS, imenike,
 uporabnike in datoteke storitev.
 
 → [vault-provision](./vault-provision.md)
@@ -164,7 +164,7 @@ sudo service clawdie start
 Po namestitvi ima storitev te poti:
 
 - `/var/db/clawdie/colibri.sqlite` — koordinacijska shramba SQLite
-- `/var/run/clawdie/clawdie.sock` — Unix vtičnica demona
+- `/var/run/clawdie/clawdie.sock` — Unix vtičnica ozadnjega procesa
 - `/var/log/clawdie/daemon.log` — dnevnik stdout/stderr
 - `/usr/local/etc/colibri/` — konfiguracija in skrivnosti ponudnika
 
diff --git a/docs/wiki/sl/external-mcp.md b/docs/wiki/sl/external-mcp.md
index 53a51d5..8794b4a 100644
--- a/docs/wiki/sl/external-mcp.md
+++ b/docs/wiki/sl/external-mcp.md
@@ -24,9 +24,9 @@ podpira. Prav tako se izogne potrebi po odprtju drugega omrežnega vmesnika.
 
 Strežnik MCP izpostavlja tri orodja:
 
-| Orodje             | Ukaz demona          | Namen                                           |
+| Orodje             | Ukaz ozadnjega procesa          | Namen                                           |
 | ------------------ | -------------------- | ----------------------------------------------- |
-| `colibri_status`   | `status`             | Stanje demona (agenti, opravila, predpomnilnik) |
+| `colibri_status`   | `status`             | Stanje ozadnjega procesa (agenti, opravila, predpomnilnik) |
 | `colibri_snapshot` | `glasspane-snapshot` | Trenutni posnetek podoken Glasspane             |
 | `colibri_spawn`    | `spawn-agent`        | Zaženi novega agenta                            |
 
@@ -35,19 +35,19 @@ voljo neposrednim odjemalcem vtičnice; MCP je priročna podmnožica.
 
 ### Ovoj Bash, ne vgrajeni proces
 
-`colibri-mcp` je skripta Bash, ki se poveže na vtičnico demona, pošlje ukaz
+`colibri-mcp` je skripta Bash, ki se poveže na vtičnico ozadnjega procesa, pošlje ukaz
 JSON in vrne odgovor JSON. Ni dolgotrajen proces — vsak klic zažene novo
 skripto. To pomeni, da je ničelna konfiguracija za odjemalce MCP (samo
 registrirajte pot skripte) in ničelno vzdrževanje stanja.
 
 → `packaging/freebsd/colibri-mcp`
 
-### Vrata za branje/pisanje in zunanje klice
+### Preverjanje za branje/pisanje in zunanje klice
 
 Implementacija MCP ločuje tri skrbi:
 
 - **Branje**: `status`, `snapshot` — samo za branje, vedno na voljo.
-- **Pisanje**: `spawn` — spremeni stanje demona. Zaščiteno z zastavico
+- **Pisanje**: `spawn` — spremeni stanje ozadnjega procesa. Zaščiteno z zastavico
   `allow_write` v konfiguraciji MCP.
 - **Zunanji klic**: katerokoli orodje lahko sproži verigo MCP, ki sega
   navzven do drugega strežnika MCP. Zaščiteno z zastavico `allow_external_call`.
diff --git a/docs/wiki/sl/glasspane.md b/docs/wiki/sl/glasspane.md
index 32ab29d..0a47e35 100644
--- a/docs/wiki/sl/glasspane.md
+++ b/docs/wiki/sl/glasspane.md
@@ -10,7 +10,7 @@ description: "Colibrijeva plast za opazovanje agentov. Gleda podprocese agentov
 Glasspane je Colibrijeva plast za opazovanje agentov. Opazuje podprocese
 agentov prek njihovega stdout JSONL, zlaga tok v semantični avtomat stanj
 (`Idle → Working → Done`) in izpostavlja API posnetkov za nadzorne plošče in
-koordinacijo demona. Vsak zagnani agent — Pi, zot ali krajevni sample — se
+koordinacijo ozadnjega procesa. Vsak zagnani agent — Pi, zot ali lokalni sample — se
 pretaka skozi isti vnosnik in konča v isti taksonomiji.
 
 ## Odločitve
@@ -39,7 +39,7 @@ pozornost (Error / Blocked / Stalled) pokriva
 **Zakaj ne preprosto slediti dnevniku**: surovi dnevniki dogodkov so
 agentsko-specifični in se sčasoma spreminjajo (zot dodaja nove vrste
 dogodkov). Avtomat stanj je stabilna pogodba, na katero se lahko zanesejo
-demon, TUI in odjemalski CLI.
+ozadnji proces, TUI in odjemalski CLI.
 
 → [`crates/colibri-glasspane/src/lib.rs`](../../crates/colibri-glasspane/src/lib.rs)
 
@@ -51,7 +51,7 @@ vrstico in jo poda v `PiJsonlIngestor` (ime je podedovano — obdeluje tudi zot
 dogodke).
 
 Bralnik teče v **eni sami nalogi ozadja na podokno** (`pane_reader_loop`).
-Nikoli ne blokira glavne zanke demona — vnosnik je sinhrono zlaganje, ki
+Nikoli ne blokira glavne zanke ozadnjega procesa — vnosnik je sinhrono zlaganje, ki
 posodablja stanje podokna v pomnilniku, API posnetkov pa bere iz
 `Arc<RwLock<...>>` brez sporov na vroči poti bralnika.
 
@@ -59,7 +59,7 @@ Napačno oblikovane vrstice so **preskočene** s povečanjem števca, ne kot
 napaka — izpadi v JSONL agenta ne smejo zrušiti opazovalca.
 
 **Zakaj JSONL, ne vtičnica ali gRPC**: agent je podproces, ne storitev.
-stdout je univerzalni vmesnik — vsak jezik, vsaka oprema, brez nastavitve.
+stdout je univerzalni vmesnik — vsak jezik, vsaka vprega, brez nastavitve.
 JSONL je trivialno pisati iz bash, Go, Python, Rust. Strukturiran žični
 format bi dodal odvisnost in rokovanje vsakemu agentu.
 
@@ -78,7 +78,7 @@ Polje `session_id` v strukturi `Pane` uporablja
 `#[serde(alias = "pi_session_id")]` za povratno združljivost s
 pred-nevtralnostnimi serializiranimi posnetki.
 
-**Zakaj ne dva ločena avtomata stanj**: TUI, razporejevalnik demona in
+**Zakaj ne dva ločena avtomata stanj**: TUI, razporejevalnik ozadnjega procesa in
 odjemalski CLI morajo vsi vprašati "v kakšnem stanju je ta agent?" — vseeno
 jim je, ali je zot ali Pi. Ena taksonomija, en API. Preslikava je ~50-vrstična
 funkcija, ne podsistem.
@@ -128,9 +128,9 @@ vrstica/povzetek naloge**, **ječa**, v kateri agent teče, neobvezno vrata za
 poslušanje. Spremeni "Working" v "Working on `fix/x` v ječi `cms`, zadnje:
 running tests".
 
-### Ohrani zgodovino podoken med ponovnimi zagoni demona
+### Ohrani zgodovino podoken med ponovnimi zagoni ozadnjega procesa
 
-Nadzornik je v pomnilniku (`Arc<RwLock<...>>`); ponovni zagon demona izgubi
+Nadzornik je v pomnilniku (`Arc<RwLock<...>>`); ponovni zagon ozadnjega procesa izgubi
 časovnico. Ohrani prehode/zgodovino podoken, da vrnitev po urah (ali ponovnem
 zagonu) ohrani "kaj se je zgodilo, ko me ni bilo". Lahka trajnost, ne nov
 podsistem.
@@ -138,7 +138,7 @@ podsistem.
 ### Odgovori blokiranemu agentu z nadzorne plošče (večji dvig)
 
 API posnetkov je namenoma bralno usmerjen. Prihodnja pisalna pot — "pošlji
-vnos v podokno N" prek vtičnice demona — bi operaterju omogočila **odziv**
+vnos v podokno N" prek vtičnice ozadnjega procesa — bi operaterju omogočila **odziv**
 blokiranemu agentu iz `colibri-tui`, ne samo opazovanje/zagon/uboj. To je
 smer, ne hitra zmaga; spremeni vtičnico iz bralnega nadzora v interaktivno
 upravljanje in potrebuje lasten načrtovalski prehod.
diff --git a/docs/wiki/sl/headroom-sidecar.md b/docs/wiki/sl/headroom-sidecar.md
index afeee3a..2ac73e6 100644
--- a/docs/wiki/sl/headroom-sidecar.md
+++ b/docs/wiki/sl/headroom-sidecar.md
@@ -1,11 +1,11 @@
 ---
 title: Stranski vagon Headroom
-description: "Colibri lahko neobvezno prosi krajevni stranski vagon headroom-ai, da stisne rezultate orodij, preden dosežejo proračun žetonov."
+description: "Colibri lahko neobvezno prosi lokalni stranski vagon headroom-ai, da stisne rezultate orodij, preden dosežejo proračun žetonov."
 ---
 
 ← [kazalo](./index.md)
 
-Colibri lahko neobvezno prosi krajevni stranski vagon `headroom-ai`, da stisne
+Colibri lahko neobvezno prosi lokalni stranski vagon `headroom-ai`, da stisne
 rezultate orodij, preden dosežejo proračun žetonov. Je ločen proces Python, ki
 posluša na drugi vtičnici Unix, in je privzeto izklopljen.
 
@@ -38,7 +38,7 @@ klic je brez stanja.
 ### Ločen proces, ne knjižnica
 
 Stranski vagon teče kot neodvisen proces Python, ne kot uvoz Rust. To ga
-izolira od zrušitev (če stranski vagon pade, demon nadaljuje brez njega),
+izolira od zrušitev (če stranski vagon pade, ozadnji proces nadaljuje brez njega),
 izolira njegov pomnilnik (model Python je lačen) in omogoča neodvisno
 posodabljanje.
 
diff --git a/docs/wiki/sl/index.md b/docs/wiki/sl/index.md
index 7a3e8b4..4c4623b 100644
--- a/docs/wiki/sl/index.md
+++ b/docs/wiki/sl/index.md
@@ -66,7 +66,7 @@ clippy.
 | [contracts](./contracts.md)                           | Stabilne JSON sheme (run-manifest, runtime-inventory, provider-smoke), zlati testi                                         |
 | [store-schema](./store-schema.md)                     | Usklajevalna shema SQLite in disciplina migracij                                                                           |
 | [external-mcp](./external-mcp.md)                     | Most MCP za urejevalnike + zunanji gostitelj stdio MCP; dovoljenja za branje/pisanje/zunanji-klic                               |
-| [operator-cli](./operator-cli.md)                     | CLI `colibri` kot tanek tipiziran odjemalec Unix vtičnice prek API demona                                                  |
+| [operator-cli](./operator-cli.md)                     | CLI `colibri` kot tanek tipiziran odjemalec Unix vtičnice prek API ozadnjega procesa                                                  |
 | [tui](./tui.md)                                       | Odjemalec terminalske nadzorne plošče (colibri-tui) proti avtomatu stanj colibri-glasspane                                 |
 | [terminal](./terminal.md)                             | Odločitev o terminalski zmožnosti (Kitty, razširjeno poročanje tipk, prehod tmux, SSH terminfo)                            |
 | [runtime-inventory](./runtime-inventory.md)           | Popis izvajalnega okolja gostitelja + bralnik statusa čuvaja; aditivne, bralne integracije                                 |
diff --git a/docs/wiki/sl/jail-confinement.md b/docs/wiki/sl/jail-confinement.md
index f72f5ef..381f810 100644
--- a/docs/wiki/sl/jail-confinement.md
+++ b/docs/wiki/sl/jail-confinement.md
@@ -27,7 +27,7 @@ sveže — brez stanja, brez ostankov.
 
 Vse ječe delijo privzeti pravilnik, ki prepoveduje priklope, surova vtičnice,
 spreminjanje lastništva in dostop do naprav. Vsaka priklopna točka, ki jo
-agent potrebuje (repozitoriji, vtičnica demona, imeniki stanja), je izrecno
+agent potrebuje (repozitoriji, vtičnica ozadnjega procesa, imeniki stanja), je izrecno
 navedena v konfiguraciji Bastille.
 
 ### Ista omejitev zaganjalnika za MCP kot za agente
diff --git a/docs/wiki/sl/mother-hive.md b/docs/wiki/sl/mother-hive.md
index 1c07b0f..84cb68d 100644
--- a/docs/wiki/sl/mother-hive.md
+++ b/docs/wiki/sl/mother-hive.md
@@ -16,7 +16,7 @@ namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
 
 ## Odločitve
 
-### Meja SSH s prisiljenim ukazom (ne poslušajoči demon)
+### Meja SSH s prisiljenim ukazom (ne poslušajoči ozadnji proces)
 
 USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
 oddaljenega ukaza). Na materini strani `authorized_keys` vsili
@@ -27,7 +27,7 @@ Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
 (stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
 zavrnjena.
 
-**Zakaj ne poslušajoči demon** (HTTP, gRPC, surovi TCP): Tailscale šifrira
+**Zakaj ne poslušajoči ozadnji proces** (HTTP, gRPC, surovi TCP): Tailscale šifrira
 prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
 infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
 odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
@@ -90,22 +90,22 @@ sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
 **Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
 vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
 je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
-zažene in deluje — zunanja MCP povezava demona do matere odpove elegantno
+zažene in deluje — zunanja MCP povezava ozadnjega procesa do matere odpove elegantno
 (SSH: "config file not found"), vozlišče pa deluje samostojno.
 
 → [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
 
 ### Demonov uporabnik, ne operater
 
-Colibri demon teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
+Colibri ozadnji proces teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
 operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
-zažene demon — zato morajo biti SSH ključ, konfiguracija in known_hosts v
-demonovem domu. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
+zažene ozadnji proces — zato morajo biti SSH ključ, konfiguracija in known_hosts v
+v domu ozadnjega procesa. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
 
-- demon).
+- ozadnji proces).
 
-**Zakaj ne preprosto v clawdiejev dom in `sudo`**: demon ni operater. Tek kot
-ločen uporabnik pomeni, da je domet ogroženega demona omejen na tisto, kar
+**Zakaj ne preprosto v clawdiejev dom in `sudo`**: ozadnji proces ni operater. Tek kot
+ločen uporabnik pomeni, da je domet ogroženega ozadnjega procesa omejen na tisto, kar
 uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
 datoteke ali `sudo`.
 
diff --git a/docs/wiki/sl/naming-decisions.md b/docs/wiki/sl/naming-decisions.md
index 0620a38..19d34da 100644
--- a/docs/wiki/sl/naming-decisions.md
+++ b/docs/wiki/sl/naming-decisions.md
@@ -13,8 +13,8 @@ v `main`; preveri proti povezani kodi, preden zaupaš vrstici.
 
 Poimenuj stvar po tem, kar **je**, ne po opremi, ki je trenutno privzeta:
 
-- **Nevtralen koncept** (vsaka oprema ga ima — ID seje, vrsta dogodka,
-  samodejni zagon, "agent") → **nevtralno ime**. Oprema je _nastavljiva
+- **Nevtralen koncept** (vsaka vprega ga ima — ID seje, vrsta dogodka,
+  samodejni zagon, "agent") → **nevtralno ime**. Vprega je _nastavljiva
   vrednost_ (npr. `COLIBRI_AUTOSPAWN_BINARY=zot`), nikoli zapečena v ime in
   vedno preglasljiva s strani operaterja.
 - **Stvar, specifična za opremo** (dejanski žični format ene opreme) → ime
diff --git a/docs/wiki/sl/operator-attention.md b/docs/wiki/sl/operator-attention.md
index ef85c03..fe5d122 100644
--- a/docs/wiki/sl/operator-attention.md
+++ b/docs/wiki/sl/operator-attention.md
@@ -135,7 +135,7 @@ pomeni "to se je pravkar začelo".
   kljuka harnessa) je neodločen.
 - **Odgovarjanje blokiranemu agentu z nadzorne plošče.** API posnetkov je
   namenoma bralno usmerjen. Pisalna pot ("pošlji vnos v podokno N" prek
-  vtičnice demona) bi operaterju omogočila, da se odzove na `Blocked` podokno
+  vtičnice ozadnjega procesa) bi operaterju omogočila, da se odzove na `Blocked` podokno
   iz TUI. Spremeni vtičnico iz nadzora v interaktivno upravljanje — lasten
   načrtovalski prehod.
 
diff --git a/docs/wiki/sl/operator-cli.md b/docs/wiki/sl/operator-cli.md
index 1433083..7a5aef0 100644
--- a/docs/wiki/sl/operator-cli.md
+++ b/docs/wiki/sl/operator-cli.md
@@ -1,13 +1,13 @@
 ---
 title: Operaterski CLI (`colibri`)
-description: "Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona — tanek tipiziran odjemalec Unix vtičnice."
+description: "Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do ozadnjega procesa — tanek tipiziran odjemalec Unix vtičnice."
 ---
 
 ← [kazalo](./index.md)
 
-Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do demona.
+Binarna datoteka `colibri` je operaterski vmesnik ukazne vrstice do ozadnjega procesa.
 Je tanek odjemalec — pošilja ukaze JSON po vtičnici Unix, razčlenjuje odgovore
-in jih izpisuje. Vsak podukaz CLI se preslika v en ukaz demona. Vmesnik CLI
+in jih izpisuje. Vsak podukaz CLI se preslika v en ukaz ozadnjega procesa. Vmesnik CLI
 dodaja priročnost (barvni izpis, privzetki, oblikovalci), ne poslovne logike.
 
 → `crates/colibri-client/src/bin/colibri.rs`
@@ -18,11 +18,11 @@ dodaja priročnost (barvni izpis, privzetki, oblikovalci), ne poslovne logike.
 
 Obstaja ena binarna datoteka `colibri`, ki se poveže na eno vtičnico
 (`/var/run/colibri/colibri.sock` ali `COLIBRI_SOCKET`). Ni podukazov za
-izbiro demona — večgostiteljske operacije gredo skozi most krmilne ravnine.
+izbiro ozadnjega procesa — večgostiteljske operacije gredo skozi most krmilne ravnine.
 Operater izrecno usmeri na drug gostitelj (`nc <tailnet-ip> 9190`), ne da bi
 CLI podpiral več končnih točk.
 
-**Zakaj ne več profilov demona**: en demon na gostitelja je zadosten. Več
+**Zakaj ne več profilov ozadnjega procesa**: en ozadnji proces na gostitelja je zadosten. Več
 končnih točk bi v CLI vneslo stanje (`colibri --host osa status`), ki ga most
 že rešuje na omrežni plasti.
 
@@ -33,7 +33,7 @@ Vsak podukaz zgradi objekt `ColibriCommand`, pokliče
 pomenu kateregakoli ukaza — samo serializira in razčlenjuje.
 
 Oblikovalci izhodov (`print_json`, `print_table`, `print_key_value`) so čiste
-funkcije nad `serde_json::Value`. Če demon doda novo polje, se samodejno
+funkcije nad `serde_json::Value`. Če ozadnji proces doda novo polje, se samodejno
 prikaže v izhodu JSON brez spremembe v CLI.
 
 ### En ukaz na zagon, ne interaktivno
@@ -59,4 +59,4 @@ dodeljevanju s strani agenta, ne ročnemu upravljanju.
 ## Glej tudi
 
 - [task-board](./task-board.md) — ukazi, ki jih CLI zrcali
-- [deployment](./deployment.md) — kako je nameščena binarna datoteka demona
+- [deployment](./deployment.md) — kako je nameščena binarna datoteka ozadnjega procesa
diff --git a/docs/wiki/sl/runtime-inventory.md b/docs/wiki/sl/runtime-inventory.md
index f801a18..3efd29a 100644
--- a/docs/wiki/sl/runtime-inventory.md
+++ b/docs/wiki/sl/runtime-inventory.md
@@ -41,7 +41,7 @@ Popis se serializira v `clawdie.runtime-version-inventory.v1`. Trije porabniki:
 ### Brez pisanja — integracije so samo za branje
 
 Bralnik ne piše v podatkovno zbirko, ne spreminja konfiguracije in ne
-spreminja stanja demona. Je čista funkcija `HostReader::read() → HostInfo`.
+spreminja stanja ozadnjega procesa. Je čista funkcija `HostReader::read() → HostInfo`.
 To pomeni, da je varno zagnati ga v cronu, ob zagonu ali ročno brez stranskih
 učinkov.
 
diff --git a/docs/wiki/sl/skills-catalog.md b/docs/wiki/sl/skills-catalog.md
index 136c300..6d7419b 100644
--- a/docs/wiki/sl/skills-catalog.md
+++ b/docs/wiki/sl/skills-catalog.md
@@ -33,8 +33,8 @@ odvisnosti med veščinami. To ustreza trenutnemu obsegu (~50 veščin).
 
 ### Uvoz ob zagonu, ne sproti
 
-Veščine se uvozijo ob zagonu demona, ne med izvajanjem. Če operater doda
-veščino, ponovno zažene demona (ali ročno zažene uvozno skripto). Nobena pot
+Veščine se uvozijo ob zagonu ozadnjega procesa, ne med izvajanjem. Če operater doda
+veščino, ponovno zažene ozadnjega procesa (ali ročno zažene uvozno skripto). Nobena pot
 izvajalne kode ne piše v tabelo `skills`.
 
 → `scripts/import-clawdie-skills.sh`
diff --git a/docs/wiki/sl/store-schema.md b/docs/wiki/sl/store-schema.md
index d47ac18..097488a 100644
--- a/docs/wiki/sl/store-schema.md
+++ b/docs/wiki/sl/store-schema.md
@@ -8,7 +8,7 @@ description: "Koordinacijska shramba Colibri — ena sama podatkovna zbirka SQLi
 Colibrijeva koordinacijska shramba je ena sama podatkovna zbirka SQLite v
 lasti storitve `colibri`. Hrani tablo opravil, register agentov in veščin ter
 preslikavo najemnikov trezorja. Ni predpomnilnik — je trajno stanje. Večina
-pisanj gre skozi API vtičnice demona, vendar shema pripada `colibri-store`.
+pisanj gre skozi API vtičnice ozadnjega procesa, vendar shema pripada `colibri-store`.
 
 → `crates/colibri-store/src/schema.rs`
 
@@ -108,7 +108,7 @@ Privzetek shrambe je:
 - Linux/macOS: `$XDG_DATA_HOME/colibri/colibri.sqlite`, s padcem na
   `$HOME/.local/share/colibri/colibri.sqlite`, nato `/tmp`.
 
-FreeBSD privzeto uporablja `/var/db`, ker je to običajni imenik za krajevno
+FreeBSD privzeto uporablja `/var/db`, ker je to običajni imenik za lokalno
 stanje storitev. Linuxov padec spoštuje XDG, tako da je razvoj na delovni
 postaji normalen.
 
diff --git a/docs/wiki/sl/task-board.md b/docs/wiki/sl/task-board.md
index 7a62578..f37dfbc 100644
--- a/docs/wiki/sl/task-board.md
+++ b/docs/wiki/sl/task-board.md
@@ -9,8 +9,8 @@ description: "Kako Colibri hrani operaterska opravila in jih razporeja med agent
 
 Colibrjeva tabla opravil hrani delovne naloge, ki jih odda operater, razporejevalnik
 pa jih ob vsakem taktu dodeli najprimernejšemu agentu. Opravila pritekajo prek
-Unix vtičnice demona (`create-task`, `intake-task`), prazni pa jih zanka
-razporejevalnika, ki teče znotraj demona vsakih ~30 sekund.
+Unix vtičnice ozadnjega procesa (`create-task`, `intake-task`), prazni pa jih zanka
+razporejevalnika, ki teče znotraj ozadnjega procesa vsakih ~30 sekund.
 
 ## Odločitve
 
@@ -82,15 +82,15 @@ kateri agenti so na voljo — sklopitev, ki se ji tabla opravil namenoma izogne.
 
 Tabla opravil hrani opravila, registracije agentov, podatke o najemnikih in
 katalog veščin v vgrajeni podatkovni zbirki SQLite na
-`/var/db/colibri/colibri.sqlite`. Brez ločenega podatkovnega procesa — demon
+`/var/db/colibri/colibri.sqlite`. Brez ločenega podatkovnega procesa — ozadnji proces
 odpre datoteko neposredno.
 
-**Zakaj SQLite, ne PostgreSQL**: demon teče na operaterskem USB-ju in na
+**Zakaj SQLite, ne PostgreSQL**: ozadnji proces teče na operaterskem USB-ju in na
 nameščenih gostiteljih. Polna storitev PostgreSQL je pretežka za
-koordinacijsko stanje enega samega demona. SQLite je brez konfiguracije, brez
-administracije in preživi ponovne zagone demona brez ločenega življenjskega
+koordinacijsko stanje enega samega ozadnjega procesa. SQLite je brez konfiguracije, brez
+administracije in preživi ponovne zagone ozadnjega procesa brez ločenega življenjskega
 cikla. Matično vozlišče uporablja PostgreSQL za hive register, ker je
-večnajemniško; krajevni demon je enonajemniški.
+večnajemniško; lokalni ozadnji proces je enonajemniški.
 
 → [`crates/colibri-store/src/lib.rs`](../../crates/colibri-store/src/lib.rs)
 
diff --git a/docs/wiki/sl/terminal.md b/docs/wiki/sl/terminal.md
index d842bd0..e164336 100644
--- a/docs/wiki/sl/terminal.md
+++ b/docs/wiki/sl/terminal.md
@@ -32,7 +32,7 @@ odjemalec in agenta, ne nadomesti terminalskega odjemalca.
 
 `tmux-256color` je edina vrednost `TERM`, podprta za SSH povezave do agentov.
 Ne podpira `xterm-256color`, ker zunaj tmux ta vrednost ne more poročati
-razširjenih zaporedij Kitty. Terminfo se uveljavi v zanki demona za vse
+razširjenih zaporedij Kitty. Terminfo se uveljavi v zanki ozadnjega procesa za vse
 povezave.
 
 ### ANSI, ne lastniški — vendar s prehodom Kitty
diff --git a/docs/wiki/sl/tui.md b/docs/wiki/sl/tui.md
index 1ad0aa6..44a7068 100644
--- a/docs/wiki/sl/tui.md
+++ b/docs/wiki/sl/tui.md
@@ -1,12 +1,12 @@
 ---
 title: Terminalska nadzorna plošča (colibri-tui)
-description: "Colibrijeva živa terminalska nadzorna plošča — povezuje se na Unix vtičnico demona in prikazuje agente, stanja ter pozornostna opozorila."
+description: "Colibrijeva živa terminalska nadzorna plošča — povezuje se na Unix vtičnico ozadnjega procesa in prikazuje agente, stanja ter pozornostna opozorila."
 ---
 
 ← [kazalo](./index.md)
 
 TUI je Colibrijeva živa terminalska nadzorna plošča. Poveže se na Unix
-vtičnico demona, poizveduje API posnetkov (`glasspane-snapshot`) in ga
+vtičnico ozadnjega procesa, poizveduje API posnetkov (`glasspane-snapshot`) in ga
 upodablja kot tabelo podoken s stanjem. Zgrajena z ratatui + crossterm za
 barvni terminalski izhod.
 
@@ -38,9 +38,9 @@ metapodatkov podokna za bogatejše vrstice.
 
 ### Osveževanje — poizvedovanje, ne potiskanje
 
-TUI poizveduje demonov API posnetkov (`glasspane-snapshot`) vsakih 250 ms.
-Brez WebSocket, brez SSE, brez potisnih obvestil med TUI in demonom.
-Poizvedovanje ohranja vtičnico demona brez stanja.
+TUI poizveduje ozadnjih procesov API posnetkov (`glasspane-snapshot`) vsakih 250 ms.
+Brez WebSocket, brez SSE, brez potisnih obvestil med TUI in ozadnjim procesom.
+Poizvedovanje ohranja vtičnico ozadnjega procesa brez stanja.
 
 ### Barve so nosilne
 
-- 
2.45.3