@aion0/forge 0.6.1 → 0.8.0

package/lib/plugins/registry.ts

@@ -14,7 +14,8 @@ import { join, dirname } from 'node:path';
 import { homedir } from 'node:os';
 import { fileURLToPath } from 'node:url';
 import YAML from 'yaml';
-import type { PluginDefinition, InstalledPlugin, PluginSource } from './types';
+import type { PluginDefinition, InstalledPlugin, PluginSource, Connector } from './types';
+import { encryptSecret, decryptSecret, isEncrypted } from '../crypto';
 
 const _filename = typeof __filename !== 'undefined' ? __filename : fileURLToPath(import.meta.url);
 const _dirname = typeof __dirname !== 'undefined' ? __dirname : dirname(_filename);
@@ -31,33 +32,153 @@ function loadPluginYaml(filePath: string): PluginDefinition | null {
   try {
     const raw = readFileSync(filePath, 'utf-8');
     const def = YAML.parse(raw) as PluginDefinition;
-    if (!def.id || !def.name || !def.actions) return null;
+    if (!def.id || !def.name) return null;
+    // Connector plugins don't need `actions` (tools execute in the extension).
+    // Everything else must declare at least one action.
+    const isConnector = def.category === 'connector';
+    if (!isConnector && !def.actions) return null;
+    if (isConnector && !def.tools && !def.connectors?.length) return null;
     // Defaults
     if (!def.config) def.config = {};
     if (!def.params) def.params = {};
+    if (!def.actions) def.actions = {};
     if (!def.icon) def.icon = '🔌';
     if (!def.version) def.version = '0.0.1';
+    if (!def.category) def.category = isConnectorByShape(def) ? 'connector' : 'pipeline-node';
+    if (!def.mode) def.mode = def.category === 'connector' ? 'browser-side' : 'server-side';
     return def;
   } catch {
     return null;
   }
 }
 
+/** Heuristic: shape-detect a connector even if `category` is omitted. */
+function isConnectorByShape(def: PluginDefinition): boolean {
+  return Boolean(def.tools || def.connectors?.length);
+}
+
+/**
+ * Normalize a plugin to its connector list.
+ * - 1:1 shape (top-level `tools`) → synthesizes a single Connector with id === plugin id.
+ * - 1:N shape (`connectors[]`) → returned as-is.
+ * - Non-connector plugins → returns [].
+ */
+export function getConnectorsForPlugin(def: PluginDefinition): Connector[] {
+  if (def.connectors?.length) return def.connectors;
+  if (def.tools) {
+    return [{
+      id: def.id,
+      host_permissions: def.host_permissions,
+      tools: def.tools,
+      settings: def.settings,
+      host_match: def.host_match,
+      login_redirect: def.login_redirect,
+      runner: def.runner,
+    }];
+  }
+  return [];
+}
+
 // ─── Config Storage ──────────────────────────────────────
 
-function loadConfigs(): Record<string, { config: Record<string, any>; installedAt: string; enabled: boolean }> {
+/**
+ * Return field names declared as `type: secret` (or legacy `password`)
+ * for the given plugin definition's top-level settings. Used to decide
+ * which config fields are encrypted on disk.
+ */
+export function getSecretFieldNames(def: PluginDefinition | null): string[] {
+  if (!def?.settings) return [];
+  return Object.entries(def.settings)
+    .filter(([, schema]) => {
+      const t = String((schema as any)?.type || '');
+      return t === 'secret' || t === 'password';
+    })
+    .map(([name]) => name);
+}
+
+/** Resolve a config row's plugin def, accounting for instance `source`. */
+function defForConfigRow(id: string, row: any): PluginDefinition | null {
+  const sourceId = (row?.source as string) || id;
+  // getPlugin scans YAML files directly — no loadConfigs call, so no
+  // cycle even though we're called from loadConfigs.
+  try { return getPlugin(sourceId); } catch { return null; }
+}
+
+function loadConfigs(): Record<string, { config: Record<string, any>; installedAt: string; enabled: boolean; source?: string; name?: string }> {
   try {
-    if (existsSync(CONFIGS_FILE)) {
-      return JSON.parse(readFileSync(CONFIGS_FILE, 'utf-8'));
+    if (!existsSync(CONFIGS_FILE)) return {};
+    const raw = JSON.parse(readFileSync(CONFIGS_FILE, 'utf-8')) as Record<string, any>;
+    // Decrypt any encrypted secret fields on read. Plaintext values pass
+    // through unchanged so a user-edited file still works (will be
+    // encrypted next save by migratePluginSecrets / installPlugin).
+    for (const [id, row] of Object.entries(raw)) {
+      const def = defForConfigRow(id, row);
+      const secrets = getSecretFieldNames(def);
+      const cfg = (row as any)?.config;
+      if (!cfg || !secrets.length) continue;
+      for (const k of secrets) {
+        if (typeof cfg[k] === 'string' && isEncrypted(cfg[k])) {
+          try { cfg[k] = decryptSecret(cfg[k]); }
+          catch (e) { console.warn(`[plugins] decrypt failed for ${id}.${k}:`, (e as Error).message); }
+        }
+      }
     }
-  } catch {}
-  return {};
+    return raw;
+  } catch (e) {
+    console.warn('[plugins] loadConfigs failed:', (e as Error).message);
+    return {};
+  }
 }
 
 function saveConfigs(configs: Record<string, any>): void {
   const dir = dirname(CONFIGS_FILE);
   mkdirSync(dir, { recursive: true });
-  writeFileSync(CONFIGS_FILE, JSON.stringify(configs, null, 2));
+  // Encrypt any secret fields before persisting. Operate on a deep-ish
+  // copy so the in-memory object the caller still holds remains decrypted.
+  const out: Record<string, any> = {};
+  for (const [id, row] of Object.entries(configs)) {
+    const def = defForConfigRow(id, row);
+    const secrets = getSecretFieldNames(def);
+    const copy = { ...(row as any), config: { ...((row as any).config || {}) } };
+    for (const k of secrets) {
+      const v = copy.config[k];
+      if (typeof v === 'string' && v && !isEncrypted(v)) {
+        try { copy.config[k] = encryptSecret(v); }
+        catch (e) { console.warn(`[plugins] encrypt failed for ${id}.${k}:`, (e as Error).message); }
+      }
+    }
+    out[id] = copy;
+  }
+  writeFileSync(CONFIGS_FILE, JSON.stringify(out, null, 2), { mode: 0o600 });
+}
+
+/**
+ * One-shot migration: re-write plugin-configs.json so any plaintext
+ * secret fields get encrypted in place. Idempotent — calling it
+ * repeatedly is cheap once everything is already encrypted.
+ */
+export function migratePluginSecrets(): void {
+  if (!existsSync(CONFIGS_FILE)) return;
+  let raw: Record<string, any>;
+  try { raw = JSON.parse(readFileSync(CONFIGS_FILE, 'utf-8')); }
+  catch { return; }
+  let dirty = 0;
+  for (const [id, row] of Object.entries(raw)) {
+    const def = defForConfigRow(id, row);
+    const secrets = getSecretFieldNames(def);
+    const cfg = row?.config;
+    if (!cfg || !secrets.length) continue;
+    for (const k of secrets) {
+      if (typeof cfg[k] === 'string' && cfg[k] && !isEncrypted(cfg[k])) {
+        cfg[k] = encryptSecret(cfg[k]);
+        dirty++;
+      }
+    }
+  }
+  if (dirty > 0) {
+    writeFileSync(CONFIGS_FILE, JSON.stringify(raw, null, 2), { mode: 0o600 });
+    console.log(`[plugins] Migrated ${dirty} plaintext secret(s) to encrypted storage`);
+  }
 }
 
 // ─── Public API ──────────────────────────────────────────
@@ -86,6 +207,8 @@ export function listPlugins(): PluginSource[] {
           source: 'builtin',
           installed: isInstalledOrHasInstance(def.id),
           configCount: Object.keys(def.config).length,
+          category: def.category,
+          mode: def.mode,
         });
       }
     }
@@ -113,6 +236,8 @@ export function listPlugins(): PluginSource[] {
         source: 'local',
         installed: isInstalledOrHasInstance(def.id),
         configCount: Object.keys(def.config).length,
+        category: def.category,
+        mode: def.mode,
       });
     }
   }

package/lib/plugins/templates.ts

@@ -0,0 +1,83 @@
+/**
+ * Template substitution for connector manifest fields.
+ *
+ * Expands tokens that depend on user settings ({base_url}, {settings.*}) when
+ * Forge serves the manifest to the extension. Tokens that depend on the LLM's
+ * tool arguments ({args.*}) are left literal — the extension's runner expands
+ * those at execution time.
+ *
+ * See docs/Connector-DeclarativeExtract-Spec.md §4.
+ */
+
+type SettingsMap = Record<string, any>;
+
+/**
+ * Expand {base_url} and {settings.<key>} tokens in a string. Other tokens
+ * (including {args.*}) are passed through unchanged so the extension can
+ * finish substitution at run time.
+ */
+export function expandSettingsTokens(template: string, settings: SettingsMap | undefined): string {
+  if (!template || !settings) return template;
+  return template.replace(/\{([^{}]+)\}/g, (full, raw) => {
+    const key = String(raw).trim();
+    if (key === 'base_url') {
+      const v = settings.base_url;
+      return typeof v === 'string' ? stripTrailingSlashes(v) : full;
+    }
+    if (key.startsWith('settings.')) {
+      const path = key.slice('settings.'.length);
+      const v = settings[path];
+      return typeof v === 'string' ? stripTrailingSlashes(v) : full;
+    }
+    return full;
+  });
+}
+
+function stripTrailingSlashes(s: string): string {
+  return s.replace(/\/+$/, '');
+}
+
+/**
+ * Expand all tokens — `{base_url}`, `{settings.*}`, `{args.*}` — in one
+ * pass. Used by server-side protocols (http, shell) where Forge has both
+ * the settings and the LLM's parsed arguments in hand.
+ *
+ * Unknown tokens are left literal.
+ *
+ * `{args.*}` supports dotted paths (e.g. `{args.repo.full_name}`).
+ * Non-string values are JSON-encoded for object/array, coerced for
+ * number/boolean. base_url and settings get trailing slashes stripped;
+ * args do not (an args value is whatever the LLM passed).
+ */
+export function expandAllTokens(
+  template: string,
+  settings: SettingsMap | undefined,
+  args: SettingsMap | undefined,
+): string {
+  if (!template) return template;
+  return template.replace(/\{([^{}]+)\}/g, (full, raw) => {
+    const key = String(raw).trim();
+    if (key === 'base_url') {
+      const v = settings?.base_url;
+      return typeof v === 'string' ? stripTrailingSlashes(v) : full;
+    }
+    if (key.startsWith('settings.')) {
+      const v = settings?.[key.slice('settings.'.length)];
+      if (v == null) return full;
+      return typeof v === 'string' ? v : String(v);
+    }
+    if (key.startsWith('args.')) {
+      const path = key.slice('args.'.length).split('.');
+      let v: any = args;
+      for (const p of path) {
+        if (v == null || typeof v !== 'object') { v = undefined; break; }
+        v = v[p];
+      }
+      if (v == null) return full;
+      if (typeof v === 'string') return v;
+      if (typeof v === 'number' || typeof v === 'boolean') return String(v);
+      try { return JSON.stringify(v); } catch { return full; }
+    }
+    return full;
+  });
+}

package/lib/plugins/types.ts

@@ -9,6 +9,18 @@
 /** Plugin action execution type */
 export type PluginActionType = 'http' | 'poll' | 'shell' | 'script';
 
+/** What kind of plugin this is — drives marketplace filtering + extension surfacing */
+export type PluginCategory = 'connector' | 'pipeline-node' | 'mcp-server' | 'tool' | 'other';
+
+/** Where a plugin's tools execute. Default is server-side (Forge node process). */
+export type PluginMode = 'server-side' | 'browser-side' | 'hybrid';
+
+/**
+ * Which execution context the Forge browser extension uses to run a
+ * connector's scripts. See PluginDefinition.runner for the full rationale.
+ */
+export type PluginRunner = 'main' | 'isolated';
+
 /** Schema field definition for config/params */
 export interface PluginFieldSchema {
   type: 'string' | 'number' | 'boolean' | 'secret' | 'json' | 'select';
@@ -47,6 +59,106 @@ export interface PluginAction {
   output?: Record<string, string>;  // { fieldName: "$.json.path" or "$body" or "$stdout" }
 }
 
+/**
+ * Where the extension's generic runner should land the active tab before
+ * executing a tool's script.
+ */
+export interface ConnectorPage {
+  /** Template URL; supports {base_url}, {settings.*}, {args.*}. */
+  url: string;
+  /**
+   * Substring; if the current tab URL already contains it, skip navigation.
+   * Templated values are expanded the same way as `url` (settings server-side,
+   * args at runtime). Omit to always navigate.
+   */
+  on_target?: string;
+}
+
+/**
+ * A tool a browser-side connector exposes to the extension's LLM.
+ *
+ * The script body runs in the user's tab via chrome.scripting.executeScript
+ * (page context, has document/fetch/etc, no chrome.* APIs). The extension is
+ * a generic runner — it doesn't know about Mantis or GitLab specifically.
+ * Adding a new connector means dropping a manifest with `page` + `script`
+ * per tool; no extension rebuild required.
+ *
+ * See docs/Connector-DeclarativeExtract-Spec.md.
+ */
+export interface ConnectorTool {
+  description: string;
+  parameters?: Record<string, PluginFieldSchema>;
+  /** Requires user confirmation before invoking (e.g. add_comment, close_issue). */
+  destructive?: boolean;
+  /** Free-form description of the return shape — surfaced to the LLM. */
+  returns?: string;
+  /** Where to navigate before running the script. */
+  page?: ConnectorPage;
+  /**
+   * JavaScript function body. Receives `args` (the LLM's parsed parameters).
+   * Returns a JSON-serializable value. Runs in the user's tab — must be
+   * self-contained (no closures over Forge/extension code).
+   */
+  script?: string;
+
+  // ─── Phase 3: multi-protocol tools (server-side execution) ──
+  /**
+   * Where the tool runs. Default 'browser' (extension runner via bridge).
+   *   'browser' — page DOM script via chrome.scripting (legacy default)
+   *   'http'    — Forge issues an HTTP request server-side
+   *   'shell'   — Forge spawns a process (arg array, no shell:true)
+   */
+  protocol?: 'browser' | 'http' | 'shell';
+  /** http protocol: request shape. Templates {base_url}, {settings.*}, {args.*}. */
+  request?: HttpRequestSpec;
+  /** shell protocol: command + args (each templated independently — no shell injection). */
+  command?: string[];
+  /** shell protocol: working directory (templated). */
+  cwd?: string;
+  /** shell protocol: extra env vars (values templated). */
+  env?: Record<string, string>;
+  /** shell/http: timeout in milliseconds. Default 30000, max 300000. */
+  timeout_ms?: number;
+}
+
+export interface HttpRequestSpec {
+  method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' | 'HEAD';
+  /** Full URL. Templated. */
+  url: string;
+  /** Header values are templated. */
+  headers?: Record<string, string>;
+  /** Query params. Values templated. Appended after any existing ? on url. */
+  query?: Record<string, string>;
+  /** Body. If string: sent as-is (after templating). If object: JSON.stringify'd; values templated where strings. */
+  body?: string | Record<string, unknown>;
+}
+
+/**
+ * One connector inside a plugin. Most plugins are 1:1 with a single connector
+ * declared via top-level `tools`/`host_permissions`/`settings` fields on
+ * PluginDefinition. Use `connectors[]` only when one auth covers multiple
+ * sibling adapters (Atlassian, Google Workspace, M365).
+ */
+export interface Connector {
+  id: string;
+  host_permissions?: string[];
+  tools: Record<string, ConnectorTool>;
+  /** Per-user settings (host URL, default project, etc.) — rendered as a form by the extension. */
+  settings?: Record<string, PluginFieldSchema>;
+  /**
+   * Chrome match pattern. Runner uses this to find/open authenticated tabs
+   * for this connector. Supports {base_url}, {settings.*}.
+   */
+  host_match?: string;
+  /**
+   * Substring. If the tab URL contains this after a navigation, treat as
+   * "user not logged in" and abort with loginRequired: true.
+   */
+  login_redirect?: string;
+  /** See PluginDefinition.runner. */
+  runner?: PluginRunner;
+}
+
 /** Plugin definition (loaded from plugin.yaml) */
 export interface PluginDefinition {
   id: string;
@@ -56,17 +168,42 @@ export interface PluginDefinition {
   author?: string;
   description?: string;
 
+  /** Classifies the plugin for marketplace + extension filtering. */
+  category?: PluginCategory;
+
+  /** Where this plugin's tools execute. Connector plugins are usually `browser-side`. */
+  mode?: PluginMode;
+
+  /**
+   * Which extension execution context runs this connector's scripts.
+   * Default `main` for back-compat (Mantis, GitLab — permissive-CSP sites).
+   * Use `isolated` for sites with strict CSP that blocks `unsafe-eval`
+   * (Teams, github.com, banks). Per-plugin, not per-tool — a host has
+   * one CSP profile.
+   */
+  runner?: PluginRunner;
+
   /** Global config — set once when installing the plugin */
   config: Record<string, PluginFieldSchema>;
 
   /** Per-use params — set each time the plugin is used in a pipeline node */
   params: Record<string, PluginFieldSchema>;
 
-  /** Named actions this plugin can perform */
+  /** Named actions this plugin can perform (server-side execution path) */
   actions: Record<string, PluginAction>;
 
   /** Default action to run if none specified */
   defaultAction?: string;
+
+  // ─── Connector fields (category === 'connector') ─────────────────────────
+  /** 1:1 sugar — when present, treated as a single connector with id === plugin id. */
+  host_permissions?: string[];
+  tools?: Record<string, ConnectorTool>;
+  settings?: Record<string, PluginFieldSchema>;
+  host_match?: string;
+  login_redirect?: string;
+  /** 1:N escape hatch — only for same-vendor suites with shared auth. */
+  connectors?: Connector[];
 }
 
 /** Installed plugin instance (definition + user config values) */
@@ -100,4 +237,6 @@ export interface PluginSource {
   source: 'builtin' | 'local' | 'registry';
   installed: boolean;
   configCount: number;  // number of config fields — 0 means no config needed
+  category?: PluginCategory;
+  mode?: PluginMode;
 }

package/lib/session-watcher.ts

@@ -40,7 +40,18 @@ export interface SessionWatcher {
 
 // ─── Session cache sync ──────────────────────────────────────
 
-export function syncSessionsToDb(projectName?: string) {
+/**
+ * Sync session metadata to the cached_sessions table.
+ *
+ * @param projectName  Optional — limit to one project.
+ * @param opts.fast    Skip the expensive per-session entry_count update
+ *                     (reads the whole JSONL just to count lines). Used
+ *                     on initial startup sync where we have nothing to
+ *                     diff against yet; the next 30s watcher cycle fills
+ *                     entry_count in. Cuts startup by 3-5s on hosts with
+ *                     many sessions.
+ */
+export function syncSessionsToDb(projectName?: string, opts: { fast?: boolean } = {}) {
   const db = getDb(DB_PATH);
   const projects = projectName
     ? [{ name: projectName }]
@@ -75,13 +86,17 @@ export function syncSessionsToDb(projectName?: string) {
         s.gitBranch || null, s.fileSize,
       );
 
-      // Count entries for watcher comparison
-      const fp = getSessionFilePath(proj.name, s.sessionId);
-      if (fp) {
-        try {
-          const entries = readSessionEntries(fp);
-          updateEntryCount.run(entries.length, proj.name, s.sessionId);
-        } catch {}
+      // Skip entry_count on fast path — it parses the whole JSONL file
+      // and is the dominant cost when initial-syncing hundreds of sessions.
+      // The 30s watcher cycle will catch up.
+      if (!opts.fast) {
+        const fp = getSessionFilePath(proj.name, s.sessionId);
+        if (fp) {
+          try {
+            const entries = readSessionEntries(fp);
+            updateEntryCount.run(entries.length, proj.name, s.sessionId);
+          } catch {}
+        }
       }
 
       totalSynced++;
@@ -201,8 +216,19 @@ let watcherInterval: ReturnType<typeof setInterval> | null = null;
 export function startWatcherLoop() {
   if (watcherInterval) return;
 
-  // Initial sync
-  try { syncSessionsToDb(); } catch (e) { console.error('[watcher] Initial sync error:', e); }
+  // Defer the initial sync — it was blocking ensureInitialized() by 3-5s
+  // on hosts with many sessions (~/.claude/projects/<proj>/*.jsonl per-file
+  // parse for entry_count). setImmediate yields the event loop first so
+  // the API server starts answering requests; the sync runs in the
+  // background. Also pass fast=true to skip the heavy entry_count fill —
+  // the 30s watcher cycle picks that up later.
+  setImmediate(() => {
+    const t0 = Date.now();
+    try { syncSessionsToDb(undefined, { fast: true }); }
+    catch (e) { console.error('[watcher] Initial sync error:', e); }
+    const ms = Date.now() - t0;
+    if (ms >= 500) console.log(`[watcher] Initial sync (fast) took ${ms}ms`);
+  });
 
   // Check every 30 seconds
   watcherInterval = setInterval(runWatcherCheck, 30_000);

package/lib/settings.ts

@@ -18,18 +18,33 @@ export interface AgentEntry {
   base?: string;                 // base agent ID (e.g., 'claude') — makes this a profile
   // API profile fields
   type?: 'cli' | 'api';         // 'api' = API mode, default = 'cli'
-  provider?: string;             // API provider (e.g., 'anthropic', 'google')
+  provider?: string;             // API provider label (e.g., 'anthropic', 'openai', 'litellm', 'grok', 'google')
   model?: string;                // model override (for both CLI and API profiles)
   apiKey?: string;               // per-profile API key (encrypted)
+  /**
+   * Base URL override for API profiles. Use this for LiteLLM / Azure /
+   * self-hosted proxies. Empty = default for the provider's protocol.
+   * For CLI profiles, set base URL via `env` (ANTHROPIC_BASE_URL etc.).
+   */
+  baseUrl?: string;
   env?: Record<string, string>;  // environment variables injected when spawning CLI
   cliType?: 'claude-code' | 'codex' | 'aider' | 'generic'; // CLI tool type — determines session support, resume flags, etc.
   profile?: string;              // linked profile ID — overrides model, env, etc. when launching
 }
 
-export interface ProviderEntry {
-  apiKey?: string;               // encrypted, fallback to env var
-  defaultModel?: string;
-  enabled?: boolean;
+/**
+ * External MCP server configuration — merged into per-project .mcp.json
+ * alongside the built-in `forge` entry. Format mirrors the MCP standard.
+ */
+export interface McpServerConfig {
+  type: 'stdio' | 'sse' | 'streamable-http';
+  // stdio
+  command?: string;
+  args?: string[];
+  env?: Record<string, string>;
+  // sse / streamable-http
+  url?: string;
+  headers?: Record<string, string>;
 }
 
 export interface Settings {
@@ -56,8 +71,34 @@ export interface Settings {
   defaultAgent: string;
   telegramAgent: string;
   docsAgent: string;
+  /** Default API agent profile used by Forge's chat backend (extension / web / CLI / Telegram /chat). */
+  chatAgent: string;
+  /**
+   * Temper memory service — long-term memory backend for the chat agent.
+   * When url + key are both set, chat fetches pinned blocks / search hits
+   * on every turn and exposes memory_* tools to the LLM.
+   */
+  temperUrl: string;
+  temperKey: string;
+  /** Optional namespace override (empty = use the key's default namespace). */
+  temperNamespace: string;
+  /**
+   * Which memory backend the chat agent uses.
+   *   'auto'   — Temper if URL+key are set, otherwise local SQLite (default).
+   *   'local'  — always local SQLite, even if Temper credentials are filled.
+   *   'temper' — always Temper; if credentials are missing, memory is disabled.
+   */
+  memoryBackend: 'auto' | 'local' | 'temper';
   agents: Record<string, AgentEntry>;
-  providers: Record<string, ProviderEntry>;  // API provider configs
+  /** Extra MCP servers merged into each project's .mcp.json (chrome-devtools-mcp etc.) */
+  mcpServers: Record<string, McpServerConfig>;
+  /**
+   * Preferred timezone for rendering timestamps in the UI. Format: IANA
+   * (e.g. "America/Los_Angeles", "Asia/Shanghai", "Europe/Berlin").
+   * Empty = use the OS / browser default (Intl.DateTimeFormat().resolvedOptions().timeZone).
+   * Used by the extension's date formatter for chat / jobs / pipeline run timestamps.
+   */
+  timezone: string;
 }
 
 const defaults: Settings = {
@@ -84,39 +125,36 @@ const defaults: Settings = {
   defaultAgent: 'claude',
   telegramAgent: '',
   docsAgent: '',
+  chatAgent: '',
+  temperUrl: '',
+  temperKey: '',
+  temperNamespace: '',
+  memoryBackend: 'auto',
   agents: {},
-  providers: {},
+  mcpServers: {},
+  timezone: '',
 };
 
-/** Decrypt nested apiKey fields in agents and providers */
+/** Decrypt nested apiKey fields in agent profiles */
 function decryptNestedSecrets(settings: Settings): void {
-  // Decrypt provider apiKeys
-  if (settings.providers) {
-    for (const p of Object.values(settings.providers)) {
-      if (p.apiKey && isEncrypted(p.apiKey)) {
-        p.apiKey = decryptSecret(p.apiKey);
-      }
-    }
-  }
-  // Decrypt agent profile apiKeys
   if (settings.agents) {
-    for (const a of Object.values(settings.agents)) {
+    for (const [id, a] of Object.entries(settings.agents)) {
       if (a.apiKey && isEncrypted(a.apiKey)) {
         a.apiKey = decryptSecret(a.apiKey);
       }
+      // Defensive: a past bug let the masked placeholder get encrypted
+      // and written back. Clear it so callers see "no key" instead of
+      // trying to send '••••••••' as a Bearer header.
+      if (a.apiKey && /^•+$/.test(a.apiKey)) {
+        console.warn(`[settings] agent '${id}' has a placeholder apiKey — clearing. Re-enter it via Settings.`);
+        a.apiKey = '';
+      }
     }
   }
 }
 
-/** Encrypt nested apiKey fields in agents and providers */
+/** Encrypt nested apiKey fields in agent profiles */
 function encryptNestedSecrets(settings: Settings): void {
-  if (settings.providers) {
-    for (const p of Object.values(settings.providers)) {
-      if (p.apiKey && !isEncrypted(p.apiKey)) {
-        p.apiKey = encryptSecret(p.apiKey);
-      }
-    }
-  }
   if (settings.agents) {
     for (const a of Object.values(settings.agents)) {
       if (a.apiKey && !isEncrypted(a.apiKey)) {
@@ -154,13 +192,7 @@ export function loadSettingsMasked(): Settings & { _secretStatus: Record<string,
     status[field] = !!settings[field];
     settings[field] = settings[field] ? '••••••••' : '';
   }
-  // Mask nested apiKeys
-  if (settings.providers) {
-    for (const [name, p] of Object.entries(settings.providers)) {
-      status[`providers.${name}.apiKey`] = !!p.apiKey;
-      p.apiKey = p.apiKey ? '••••••••' : '';
-    }
-  }
+  // Mask nested apiKeys (agent profiles only)
   if (settings.agents) {
     for (const [name, a] of Object.entries(settings.agents)) {
       if (a.apiKey) {

package/lib/skills.ts

@@ -187,7 +187,9 @@ export async function syncSkills(): Promise<{ synced: number; enriched: number;
     return { synced: rawItems.length, enriched, total: totalCount, remaining: Math.max(0, remaining) };
   } catch (e) {
     const msg = e instanceof Error ? e.message : String(e);
-    console.error(`[skills] Sync failed:`, msg);
+    // Corp networks routinely can't reach GitHub raw — this is expected
+    // and shouldn't look scary in the startup log. Demote to warn.
+    console.warn(`[skills] Sync failed (continuing offline):`, msg);
     return { synced: 0, enriched: 0, error: msg };
   }
 }