@hybridaione/hybridclaw 0.1.5

package/.env.example

@@ -0,0 +1,14 @@
+# Required secret
+HYBRIDAI_API_KEY=
+
+# Optional secrets
+DISCORD_TOKEN=                    # Enable Discord integration when set
+WEB_API_TOKEN=                    # Protect /api/* endpoints (Bearer token)
+GATEWAY_API_TOKEN=                # Client token override (defaults to WEB_API_TOKEN)
+
+# Optional legacy compatibility (prefer config.json instead)
+# HYBRIDAI_BASE_URL=https://hybridai.one
+# HYBRIDAI_MODEL=gpt-5-nano
+# HYBRIDAI_CHATBOT_ID=
+# HYBRIDAI_ENABLE_RAG=true
+# DISCORD_PREFIX=!claw

package/.github/workflows/pages.yml

@@ -0,0 +1,41 @@
+name: Deploy GitHub Pages
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "docs/**"
+      - ".github/workflows/pages.yml"
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: "pages"
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Pages
+        uses: actions/configure-pages@v5
+
+      - name: Upload docs artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: docs
+
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

package/AGENTS.md

@@ -0,0 +1,24 @@
+# AGENTS.md
+
+## Bump Release
+
+When the user says "bump release":
+
+1. Bump the requested semantic version (if unspecified, default to patch).
+2. Update version strings in:
+   - `package.json`
+   - `package-lock.json` (root `version` and `packages[""]`)
+   - `container/package.json`
+   - `container/package-lock.json` (root `version` and `packages[""]`)
+   - any user-facing version text (for example `src/tui.ts` banner).
+3. Move `CHANGELOG.md` release notes from `Unreleased` to the new version heading (or create one).
+4. Update `README.md` "latest tag" link/text if present.
+5. Commit with a release chore message (for example `chore: release vX.Y.Z`).
+6. Create annotated git tag `vX.Y.Z`.
+7. Push commit and tag.
+8. Always create/publish a GitHub Release entry for the tag (tags alone do not update the Releases list).
+
+## Related Repositories
+
+- **Reference approach**: Learn patterns from strong external and internal implementations, then adapt them to HybridClaw’s architecture and standards. Avoid copy-paste integration.
+- **Platform repo**: The main platform codebase is expected at `../src/chat`; in this local workspace it is available at `../chat`.

package/CHANGELOG.md

@@ -0,0 +1,113 @@
+# Changelog
+
+## [Unreleased]
+
+### Added
+
+- _None yet._
+
+## [0.1.5](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.5)
+
+### Added
+
+- **Explicit trust-model acceptance in onboarding**: Added a required security acceptance gate in onboarding before credentials are used, with operator confirmation token flow and policy metadata persistence.
+- **Typed runtime config system**: Added `config.json` runtime configuration with schema-style normalization, safe defaults, validation, and first-run auto-generation (`config.example.json` as reference).
+- **Runtime config hot reload**: Added file-watch based hot reload for runtime settings (including heartbeat/model/prompt-hook toggles) without full process restart for most knobs.
+- **Security policy document**: Added `SECURITY.md` defining trust model boundaries, operator responsibilities, data handling expectations, and incident guidance.
+- **Prompt hook pipeline**: Added formal prompt orchestration hooks (`bootstrap`, `memory`, `safety`) via `src/prompt-hooks.ts`.
+- **MIT license**: Added a root `LICENSE` file with MIT license text.
+- **HybridAI branding assets**: Added local HybridAI logo assets for landing page branding and navigation.
+
+### Changed
+
+- **Configuration model**: Shifted behavior/configuration defaults from env-only to typed `config.json`; `.env` now primarily carries secrets.
+- **Prompt assembly architecture**: Replaced inline system-prompt composition in conversation/session-maintenance paths with the reusable hook pipeline.
+- **Gateway heartbeat lifecycle**: Gateway now reacts to hot-reloaded config changes for heartbeat-relevant settings and restarts heartbeat accordingly.
+- **Landing page positioning**: Refined site messaging toward enterprise value, security posture, digital coworker framing, and clearer USP comparison.
+- **npm package scope**: Renamed the publish target from `hybridclaw` to `@hybridaione/hybridclaw` and set scoped publish access to public for npm organization publishing.
+
+## [0.1.4](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.4)
+
+### Added
+
+- **Shared gateway protocol types**: Added `src/gateway-types.ts` to centralize gateway request/response types and command rendering helpers used by service/client layers.
+- **Lint scripts**: Added `lint` scripts in both root and `container/` packages using strict TypeScript checks (`--noUnusedLocals --noUnusedParameters`).
+- **HybridAI onboarding flow**: Added interactive `hybridclaw onboarding` and automatic startup onboarding when `HYBRIDAI_API_KEY` is missing, with browser-driven account creation/login guidance, API key validation, and `.env` persistence.
+- **First-run env bootstrap**: Onboarding now auto-creates `.env` from `.env.example` when `.env` is missing.
+
+### Changed
+
+- **Gateway-only Discord runtime**: `gateway` now starts Discord integration automatically when `DISCORD_TOKEN` is set.
+- **CLI simplification**: Removed standalone `serve` command; Discord is managed by `gateway`.
+- **Gateway API contract simplification**: Removed compatibility aliases/fallbacks for command and chat payloads; APIs now use the current request schema only.
+- **Onboarding endpoint configuration**: Onboarding now always uses fixed HybridAI paths under `HYBRIDAI_BASE_URL` (`/register`, `/verify_code`, `/admin_api_keys`) without separate endpoint env overrides.
+- **Onboarding prompt UX polish**: Registration/login prompts are now single-line and non-indented, with clearer icon mapping by step (`⚙️` setup/meta, `👤` registration/account choice, `🔒` authentication, `🔑` API key input, `⌨️` bot selection, `🪼` bot list title).
+- **Onboarding login flow cleanup**: Removed the redundant standalone API key page info line and kept the browser-driven auth/key retrieval flow focused on one prompt per action.
+
+### Removed
+
+- **Legacy workspace migration shim**: Removed old session-workspace migration path handling from IPC bootstrap code.
+- **Unused health helper**: Removed unused `getUptime()` export from `src/health.ts`.
+
+## [0.1.3](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.3)
+
+### Added
+
+- **Gateway-first runtime**: Added dedicated gateway entrypoint (`src/gateway.ts`) and shared gateway service layer (`src/gateway-service.ts`) to centralize chat handling, commands, persistence, scheduler, and heartbeat.
+- **Gateway client module**: Added reusable HTTP client (`src/gateway-client.ts`) for thin adapters to call gateway APIs.
+- **Web chat interface**: Added `/chat` UI (`site/chat.html`) with session history, new conversation flow, empty-state CTA, and in-chat thinking indicator.
+- **Gateway HTTP API surface**: Added `/api/status`, `/api/history`, `/api/chat`, and `/api/command` endpoints with optional bearer auth and localhost-only fallback.
+
+### Changed
+
+- **Adapters simplified**: Discord (`serve`) and TUI now operate as thin gateway clients instead of hosting core runtime logic locally.
+- **CLI and scripts**: Updated command descriptions and npm scripts so `gateway` is the primary runtime (`dev`/`start` now launch gateway).
+- **Gateway HTTP server role**: `src/health.ts` now serves health, API routes, and static web assets.
+- **Configuration and docs**: Added gateway-related env vars (`HEALTH_HOST`, `WEB_API_TOKEN`, `GATEWAY_BASE_URL`, `GATEWAY_API_TOKEN`) and updated `.env.example`/`README.md`.
+
+### Fixed
+
+- **TUI startup branding**: Restored the ASCII art startup logo in the TUI banner.
+
+## [0.1.2](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.2)
+
+### Added
+
+- **Memory tool**: Added a new `memory` container tool with actions (`read`, `append`, `write`, `replace`, `remove`, `list`, `search`) for durable workspace memory files: `MEMORY.md`, `USER.md`, and `memory/YYYY-MM-DD.md`
+- **Session search summaries**: Added a `session_search` tool that searches historical transcript archives and returns ranked per-session summaries with key matching snippets
+- **Automatic transcript archiving**: Host now mirrors conversation turns into `<agent workspace>/.session-transcripts/*.jsonl` for long-term search and summarization
+- **Session compaction module**: Added automatic conversation compaction with persisted session summaries and DB metadata (`session_summary`, `summary_updated_at`, `compaction_count`, `memory_flush_at`)
+- **Pre-compaction memory flush**: Added a pre-compaction flush turn that runs with `memory`-only tool access to persist durable notes before old turns are summarized/pruned
+
+### Changed
+
+- **Prompt context assembly**: Discord, TUI, and heartbeat sessions now inject persisted `session_summary` context into the system prompt alongside bootstrap files and skills
+- **Compaction execution model**: Discord and TUI now run compaction in the background after sending the assistant reply, preserving responsive UX
+- **Configuration surface**: Added new `.env` knobs for compaction and pre-compaction flush thresholds/limits (`SESSION_COMPACTION_*`, `PRE_COMPACTION_MEMORY_FLUSH_*`)
+- **Container runtime toolchain**: Agent container image now includes `python3`, `pip`, and `uv` in addition to existing `git`, `node`, and `npm` tooling
+
+## [0.1.1](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.1)
+
+### Added
+
+- **Skills system**: `SKILL.md`-compatible discovery with multi-source loading (managed `~/.codex/skills`, `~/.claude/skills`, project `skills/`, agent workspace `skills/`) and precedence-based resolution
+- **Skill invocation**: Explicit `/skill <name>`, `/skill:<name>`, and `/<name>` slash-command support with automatic SKILL.md body expansion
+- **Skill syncing**: Non-workspace skills are mirrored into the agent workspace so the container can read them via `/workspace/...` paths
+- **Read tool pagination**: `offset` and `limit` parameters for reading large files, with line/byte truncation limits (2000 lines / 50KB) and continuation hints
+- **TUI `/skill` command**: Help text and pass-through for skill invocations in the terminal UI
+- **Example skills**: `repo-orientation` and `current-time` skills in `skills/`
+- **Tool progress events**: Live tool execution updates streamed to Discord and TUI via stderr parsing, with a typed `ToolProgressEvent` pipeline from container runner to UI layers
+
+### Changed
+
+- **Container iteration limit**: Increased `MAX_ITERATIONS` from 12 to 20
+- **Skills prompt format**: Switched from inline skill content to compact XML metadata; model now reads SKILL.md on demand via `read` tool
+- **TUI unknown slash commands**: Unrecognized `/` commands now fall through to the message processor instead of printing an error, enabling direct `/<skill-name>` invocation
+- **Read tool**: Replaced simple `abbreviate()` output with structured truncation including byte-size awareness and user-friendly continuation messages
+- **Path safety**: `safeJoin` now throws on workspace-escape attempts instead of silently resolving
+- **Tool progress UX**: Progress behavior is now built-in (no env toggles), Discord uses `🦞 running ...`, and TUI shows one transient line per tool invocation that is cleared after completion so only the final `🦞 tools: ...` summary remains
+- **TUI interrupt UX**: `ESC`, `/stop`, and `/abort` now interrupt the active run and return control to the prompt; abort propagates through the host/container pipeline and stops the active container request promptly
+
+### Fixed
+
+- **Skill invocation in history**: Last user message in conversation history is now expanded for skill invocations, ensuring replayed context includes skill instructions

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 HybridAIOne
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,226 @@
+# HybridClaw
+
+<img width="656" height="621" alt="image" src="https://github.com/user-attachments/assets/59507ace-bd27-40ff-a8e8-0fd6b9af2aa1" />
+
+Personal AI assistant bot for Discord, powered by [HybridAI](https://hybridai.one).
+
+Release notes: [CHANGELOG.md](./CHANGELOG.md) (latest tag: [`v0.1.5`](https://github.com/HybridAIOne/hybridclaw/tree/v0.1.5))
+
+## Install from npm
+
+```bash
+npm install -g @hybridaione/hybridclaw
+hybridclaw onboarding
+```
+
+## HybridAI Advantage
+
+- Security-focused foundation
+- Enterprise-ready stack
+- EU-stack compatibility
+- GDPR-aligned posture
+- RAG-powered retrieval
+- Document-grounded responses
+
+## Architecture
+
+- **Gateway service** (Node.js) — shared message/command handlers, SQLite persistence, scheduler, heartbeat, web/API, and optional Discord integration
+- **TUI client** — thin client over HTTP (`/api/chat`, `/api/command`)
+- **Container** (Docker, ephemeral) — HybridAI API client, sandboxed tool executor
+- Communication via file-based IPC (input.json / output.json)
+
+## Quick start
+
+```bash
+# Install dependencies
+npm install
+cd container && npm install && cd ..
+
+# Link the CLI globally
+npm link
+
+# Run onboarding (also auto-runs on first `gateway`/`tui` start if API key is missing)
+# On first run, it creates `.env` from `.env.example` automatically if needed.
+hybridclaw onboarding
+
+# Onboarding flow:
+# 1) explicitly accept SECURITY.md trust model (required)
+# 2) choose whether to create a new account
+# 3) open /register in browser (optional) and confirm in terminal
+# 4) open /login?next=/admin_api_keys in browser and get an API key
+# 5) paste API key (or URL containing it) back into the CLI
+# 6) choose the default bot and save credentials to `.env`
+
+# Start the gateway core runtime first
+hybridclaw gateway
+
+# If DISCORD_TOKEN is set, gateway auto-connects to Discord.
+
+# Start terminal adapter (optional, in a second terminal)
+hybridclaw tui
+
+# Web chat UI (built into gateway)
+# open http://127.0.0.1:9090/chat
+```
+
+Runtime model:
+
+- `hybridclaw gateway` is the core process and should run first.
+- If `DISCORD_TOKEN` is set, Discord runs inside gateway automatically.
+- `hybridclaw tui` is a thin client that connects to the gateway.
+- If you only use web chat, gateway alone is enough.
+
+Maintainers can publish the package to npm using:
+
+```bash
+npm publish --access public
+```
+
+Best-in-class harness upgrades now in runtime:
+
+- explicit trust-model acceptance during onboarding (recorded in `config.json`)
+- typed `config.json` runtime settings with defaults, validation, and hot reload
+- formal prompt hook orchestration (`bootstrap`, `memory`, `safety`)
+
+## Configuration
+
+HybridClaw now uses typed runtime config in `config.json` (auto-created on first run).
+
+- Start from `config.example.json` (reference)
+- Runtime watches `config.json` and hot-reloads most settings (model defaults, heartbeat, prompt hooks, limits, etc.)
+- Some settings still require restart to fully apply (for example HTTP bind host/port)
+
+Secrets remain in `.env`:
+
+- `HYBRIDAI_API_KEY` (required)
+- `DISCORD_TOKEN` (optional)
+- `WEB_API_TOKEN` and `GATEWAY_API_TOKEN` (optional API auth hardening)
+
+Trust-model acceptance is stored in `config.json` under `security.*` and is required before runtime starts.
+
+See [SECURITY.md](./SECURITY.md) for policy and acceptance details.
+
+## Agent workspace
+
+Each agent gets a persistent workspace with markdown files that shape its personality and memory:
+
+| File | Purpose |
+|------|---------|
+| `SOUL.md` | Personality, tone, identity |
+| `IDENTITY.md` | Name, avatar, emoji |
+| `USER.md` | Info about the human |
+| `MEMORY.md` | Persistent memory across sessions |
+| `AGENTS.md` | Workspace conventions and rules |
+| `TOOLS.md` | Environment-specific notes |
+| `HEARTBEAT.md` | Periodic tasks |
+| `BOOT.md` | Startup instructions |
+
+Templates in `templates/` are copied to new agent workspaces on first run.
+Historical turn logs are mirrored into `<workspace>/.session-transcripts/*.jsonl` for `session_search`.
+
+## Skills
+
+HybridClaw supports `SKILL.md`-based skills (`<skill-name>/SKILL.md`).
+
+### Where to put skills
+
+You can place skills in:
+
+- `./skills/<skill-name>/SKILL.md` (project-level)
+- `<agent workspace>/skills/<skill-name>/SKILL.md` (agent-specific)
+- `$CODEX_HOME/skills/<skill-name>/SKILL.md`, `~/.codex/skills/<skill-name>/SKILL.md`, or `~/.claude/skills/<skill-name>/SKILL.md` (managed/shared)
+
+Load precedence is:
+
+- managed/shared < project < agent workspace
+
+### Required format
+
+Each skill must be a folder with a `SKILL.md` file and frontmatter:
+
+```markdown
+---
+name: repo-orientation
+description: Quickly map an unfamiliar repository and identify where a requested feature should be implemented.
+user-invocable: true
+disable-model-invocation: false
+---
+
+# Repo Orientation
+...instructions...
+```
+
+Supported frontmatter keys:
+
+- `name` (required)
+- `description` (required)
+- `user-invocable` (optional, default `true`)
+- `disable-model-invocation` (optional, default `false`)
+
+### Using skills
+
+Skills are listed to the model as metadata (`name`, `description`, `location`), and the model reads `SKILL.md` on demand with the `read` tool.
+
+Explicit invocation is supported via:
+
+- `/skill <name> [input]`
+- `/skill:<name> [input]`
+- `/<name> [input]` (when `user-invocable: true`)
+
+Example skill in this repo:
+
+- `skills/repo-orientation/SKILL.md`
+
+## Agent tools
+
+The agent has access to these sandboxed tools inside the container:
+
+- `read` / `write` / `edit` / `delete` — file operations
+- `glob` / `grep` — file search
+- `bash` — shell command execution
+- `memory` — durable memory files (`MEMORY.md`, `USER.md`, `memory/YYYY-MM-DD.md`)
+- `session_search` — search/summarize historical sessions from transcript archives
+- `web_fetch` — fetch a URL and extract readable content (HTML → markdown/text)
+
+HybridClaw also supports automatic session compaction with pre-compaction memory flush:
+
+- when a session gets long, old turns are summarized into `session_summary`
+- before compaction, the agent gets a `memory`-only flush turn to persist durable notes
+
+System prompt assembly is handled by a formal hook pipeline:
+
+- `bootstrap` hook (workspace bootstrap + skills metadata)
+- `memory` hook (session summary)
+- `safety` hook (runtime guardrails / trust-model constraints)
+
+Hook toggles live in `config.json` under `promptHooks`.
+
+## Commands
+
+CLI runtime commands:
+
+- `hybridclaw gateway` — Start core runtime (web/API/scheduler/heartbeat and optional Discord)
+- `hybridclaw tui` — Start terminal client connected to gateway
+- `hybridclaw onboarding` — Run HybridAI account/API key onboarding
+
+In Discord, use `!claw help` to see all commands. Key ones:
+
+- `!claw <message>` — Talk to the agent
+- `!claw bot set <id>` — Set chatbot for this channel
+- `!claw model set <name>` — Set model for this channel
+- `!claw rag on/off` — Toggle RAG
+- `!claw clear` — Clear conversation history
+- `!claw schedule add "<cron>" <prompt>` — Add scheduled task
+
+## Project structure
+
+```
+src/gateway.ts          Core runtime entrypoint (DB, scheduler, heartbeat, HTTP API)
+src/tui.ts              Terminal adapter (thin client to gateway)
+src/discord.ts          Discord integration and message transport
+src/gateway-service.ts  Core shared agent/session logic used by gateway API
+src/gateway-client.ts   HTTP client used by thin clients (e.g. TUI)
+container/src/          Agent code (tools, HybridAI client, IPC)
+templates/              Workspace bootstrap files
+data/                   Runtime data (gitignored): SQLite DB, sessions, agent workspaces
+```

package/SECURITY.md

@@ -0,0 +1,67 @@
+# SECURITY
+
+## Policy Version
+
+- Version: `2026-02-28`
+- Applies to: all `hybridclaw` runtime modes (`gateway`, `tui`, onboarding, scheduled tasks, heartbeat)
+
+## Trust Model
+
+HybridClaw runs an LLM-driven agent that can execute tools in a container and read/write files in mounted workspaces.
+
+Core assumptions:
+
+- LLM output is **untrusted by default** and can be incorrect, over-confident, or unsafe.
+- Tool output and file contents are **untrusted input** and must be validated before high-impact actions.
+- Secrets and credentials (`.env`, API keys, cloud credentials, SSH keys, auth tokens) are **sensitive** and must never be exposed unless explicitly required and approved by policy.
+
+## Security Boundaries
+
+- Runtime code executes on the host; agent tool execution is isolated in Docker containers.
+- Mount access is restricted by allowlist policy (`~/.config/hybridclaw/mount-allowlist.json`).
+- Additional mounts are denied when allowlist validation fails.
+- Network/API access is governed by configured endpoints and bearer tokens.
+
+## Operator Responsibilities
+
+By accepting this policy, operators agree to:
+
+- Use least privilege for API keys, tokens, and mounts.
+- Review prompts, outputs, and tool plans before high-impact operations.
+- Keep production secrets out of general workspaces whenever possible.
+- Require explicit human approval for destructive operations.
+- Monitor and rotate compromised credentials immediately.
+
+## Data Handling
+
+HybridClaw may persist:
+
+- Conversation history in SQLite (`data/hybridclaw.db`)
+- Session transcripts in workspace logs (`.session-transcripts`)
+- Agent memory files (`MEMORY.md`, `memory/*.md`)
+
+Operators are responsible for data retention, backup, and deletion requirements.
+
+## Explicit Acceptance Requirement
+
+On first run (or when policy version changes), onboarding requires explicit acceptance:
+
+- User must confirm review of this document.
+- User must type the acceptance token (`ACCEPT`).
+- Acceptance metadata is saved in `config.json`:
+  - `security.trustModelAccepted`
+  - `security.trustModelAcceptedAt`
+  - `security.trustModelVersion`
+  - `security.trustModelAcceptedBy`
+
+Runtime startup is blocked until acceptance is present.
+
+## Incident Guidance
+
+If compromise is suspected:
+
+1. Stop gateway and active containers.
+2. Rotate API keys/tokens.
+3. Review mount allowlist and workspace files.
+4. Audit recent session transcripts and task runs.
+5. Re-onboard and re-accept policy after remediation.

package/config.example.json

@@ -0,0 +1,62 @@
+{
+  "version": 1,
+  "security": {
+    "trustModelAccepted": false,
+    "trustModelAcceptedAt": "",
+    "trustModelVersion": "",
+    "trustModelAcceptedBy": ""
+  },
+  "discord": {
+    "prefix": "!claw"
+  },
+  "hybridai": {
+    "baseUrl": "https://hybridai.one",
+    "defaultModel": "gpt-5-nano",
+    "defaultChatbotId": "",
+    "enableRag": true,
+    "models": [
+      "gpt-5-nano",
+      "gpt-5-mini",
+      "gpt-5"
+    ]
+  },
+  "container": {
+    "image": "hybridclaw-agent",
+    "memory": "512m",
+    "cpus": "1",
+    "timeoutMs": 60000,
+    "additionalMounts": "",
+    "maxOutputBytes": 10485760,
+    "maxConcurrent": 5
+  },
+  "heartbeat": {
+    "enabled": true,
+    "intervalMs": 1800000,
+    "channel": ""
+  },
+  "ops": {
+    "healthHost": "127.0.0.1",
+    "healthPort": 9090,
+    "webApiToken": "",
+    "gatewayBaseUrl": "http://127.0.0.1:9090",
+    "gatewayApiToken": "",
+    "dbPath": "data/hybridclaw.db",
+    "logLevel": "info"
+  },
+  "sessionCompaction": {
+    "enabled": true,
+    "threshold": 120,
+    "keepRecent": 40,
+    "summaryMaxChars": 8000,
+    "preCompactionMemoryFlush": {
+      "enabled": true,
+      "maxMessages": 80,
+      "maxChars": 24000
+    }
+  },
+  "promptHooks": {
+    "bootstrapEnabled": true,
+    "memoryEnabled": true,
+    "safetyEnabled": true
+  }
+}

package/container/Dockerfile

@@ -0,0 +1,23 @@
+FROM node:20-slim
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    ripgrep git curl python3 python3-pip \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN python3 -m pip install --no-cache-dir --break-system-packages uv
+
+WORKDIR /app
+
+COPY package.json tsconfig.json ./
+RUN npm install
+
+COPY src/ src/
+RUN npx tsc
+
+RUN chown -R node:node /app
+
+USER node
+
+WORKDIR /workspace
+
+ENTRYPOINT ["node", "/app/dist/index.js"]