@inetafrica/open-claudia 1.20.0 → 2.0.0

package/bot.js

@@ -1,79 +1,57 @@
-const TelegramBot = require("node-telegram-bot-api");
-const { spawn, execSync } = require("child_process");
-const { AsyncLocalStorage } = require("node:async_hooks");
-const fs = require("fs");
+// Open Claudia entrypoint. Responsibilities:
+//   - Boot config, vault, transcripts, crons.
+//   - Bring up every adapter listed in CHANNELS (telegram, kazee, …).
+//   - Wire each adapter's "message"/"action" events to the router.
+//   - Register slash commands with each adapter.
+//   - Handle process signals + crash notifications.
+// Heavy lifting lives in core/* and channels/*; this file is just the wire.
+
 const path = require("path");
-const https = require("https");
-const cron = require("node-cron");
-const Vault = require("./vault");
-const CONFIG_DIR = require("./config-dir");
-const { ProjectTranscripts, truthy: configTruthy } = require("./project-transcripts");
+const fs = require("fs");
+const { execSync } = require("child_process");
 
-// ── Process tree helpers ───────────────────────────────────────────
-// Background tools (e.g. Bash run_in_background, /stop on a dev server)
-// often spawn into their own session/group, so a single PGID kill on the
-// Claude CLI doesn't reach them. We walk the descendant tree explicitly
-// and signal each PID. Without this, runaway poll-loops survive
-// indefinitely after the parent CLI is SIGTERMed.
-function descendantPids(rootPid) {
-  const seen = new Set();
-  const queue = [Number(rootPid)];
-  while (queue.length) {
-    const pid = queue.shift();
-    if (!pid || seen.has(pid)) continue;
-    seen.add(pid);
-    try {
-      const out = execSync(`pgrep -P ${pid}`, { encoding: "utf-8", stdio: ["ignore", "pipe", "ignore"] });
-      for (const line of out.split("\n")) {
-        const child = Number(line.trim());
-        if (child) queue.push(child);
-      }
-    } catch (e) {
-      // pgrep exits 1 when no children — ignore.
-    }
-  }
-  seen.delete(Number(rootPid));
-  return [...seen];
-}
+const { config, BOT_DIR, CONFIG_DIR, SOUL_FILE, VAULT_FILE, CHAT_ID } = require("./core/config");
+const { vault } = require("./core/vault-store");
+const { isOnboarded } = require("./core/onboarding");
+const { initCrons } = require("./core/cron");
+const { onMessage, onAction } = require("./core/router");
+const { publicCommands } = require("./core/commands");
+const registry = require("./core/adapter-registry");
+require("./core/handlers"); // side-effect: register slash commands
 
-function killProcessTree(rootPid, signal = "SIGTERM") {
-  if (!rootPid) return;
-  const descendants = descendantPids(rootPid);
-  // Kill the process group first (covers the common case quickly).
-  try { process.kill(-rootPid, signal); } catch (e) {}
-  try { process.kill(rootPid, signal); } catch (e) {}
-  // Then mop up any descendants that escaped the group (detached
-  // children with their own session — e.g. bash run_in_background).
-  for (const pid of descendants) {
-    try { process.kill(pid, signal); } catch (e) {}
-  }
+const CURRENT_VERSION = require(path.join(__dirname, "package.json")).version;
+
+registry.setHandlers({ onMessage, onAction });
+const adapters = registry.bootstrap();
+
+if (adapters.length === 0) {
+  console.error("No channels configured. Set CHANNELS=telegram and TELEGRAM_BOT_TOKEN/TELEGRAM_CHAT_ID, or CHANNELS=kazee with KAZEE_URL/KAZEE_BOT_TOKEN.");
+  process.exit(1);
 }
 
 // ── Graceful shutdown & error handling ─────────────────────────────
+
+const { userStates } = require("./core/state");
+const { killProcessTree } = require("./core/process-tree");
+
 async function gracefulShutdown(signal) {
   console.log(`Received ${signal}, shutting down gracefully...`);
-  // Kill every running Claude subprocess across all user threads
-  if (typeof userStates !== "undefined") {
-    for (const state of userStates.values()) {
-      if (state.runningProcess) {
-        try { killProcessTree(state.runningProcess.pid, "SIGTERM"); } catch (e) {}
-      }
+  for (const state of userStates.values()) {
+    if (state.runningProcess) {
+      try { killProcessTree(state.runningProcess.pid, "SIGTERM"); } catch (e) {}
     }
   }
-  // Clean up temp media files older than 1 hour
+  for (const a of adapters) { try { await a.stop(); } catch (e) {} }
   try {
-    const CONFIG_DIR_TEMP = require("./config-dir");
-    const mediaDir = require("path").join(CONFIG_DIR_TEMP, "media");
-    if (require("fs").existsSync(mediaDir)) {
-      const files = require("fs").readdirSync(mediaDir);
+    const mediaDir = path.join(CONFIG_DIR, "media");
+    if (fs.existsSync(mediaDir)) {
+      const files = fs.readdirSync(mediaDir);
       const oneHourAgo = Date.now() - 60 * 60 * 1000;
       for (const file of files) {
-        const filePath = require("path").join(mediaDir, file);
+        const filePath = path.join(mediaDir, file);
         try {
-          const stat = require("fs").statSync(filePath);
-          if (stat.mtimeMs < oneHourAgo) {
-            require("fs").unlinkSync(filePath);
-          }
+          const stat = fs.statSync(filePath);
+          if (stat.mtimeMs < oneHourAgo) fs.unlinkSync(filePath);
         } catch (e) {}
       }
     }
@@ -84,12 +62,12 @@ async function gracefulShutdown(signal) {
 process.on("SIGINT", () => gracefulShutdown("SIGINT"));
 process.on("SIGTERM", () => gracefulShutdown("SIGTERM"));
 
-// Notify user of crashes via Telegram before exiting
+// Last-ditch crash notification. Prefers Telegram (cheapest, no setup);
+// falls back silent. Anything richer needs an adapter that's still alive.
 function notifyError(label, err) {
   const msg = `${label}: ${err?.message || err}`.slice(0, 1000);
   console.error(msg, err?.stack || "");
   try {
-    // Synchronous-style notification using the Telegram API directly
     const token = process.env.TELEGRAM_BOT_TOKEN;
     const chatId = process.env.TELEGRAM_CHAT_ID?.split(",")[0];
     if (token && chatId) {
@@ -101,172 +79,20 @@ function notifyError(label, err) {
       req.write(data);
       req.end();
     }
-  } catch (e) { /* last resort — ignore */ }
+  } catch (e) {}
 }
 
 process.on("uncaughtException", (err) => {
   notifyError("Uncaught exception", err);
-  // Give the notification a moment to send before exiting
   setTimeout(() => process.exit(1), 2000);
 });
+process.on("unhandledRejection", (reason) => notifyError("Unhandled rejection", reason));
 
-process.on("unhandledRejection", (reason) => {
-  notifyError("Unhandled rejection", reason);
-});
-
-// ── Load Config from .env ───────────────────────────────────────────
-function loadEnv() {
-  const envPath = path.join(CONFIG_DIR, ".env");
-  if (!fs.existsSync(envPath)) {
-    console.error("No .env file found. Run: node setup.js");
-    process.exit(1);
-  }
-  const lines = fs.readFileSync(envPath, "utf-8").split("\n");
-  const env = {};
-  for (const line of lines) {
-    const idx = line.indexOf("=");
-    if (idx > 0) env[line.slice(0, idx).trim()] = line.slice(idx + 1).trim();
-  }
-  return env;
-}
-
-function saveEnvKey(key, value) {
-  const envPath = path.join(CONFIG_DIR, ".env");
-  const content = fs.readFileSync(envPath, "utf-8");
-  const lines = content.split("\n");
-  let found = false;
-  const updated = lines.map((line) => {
-    if (line.startsWith(key + "=")) { found = true; return `${key}=${value}`; }
-    return line;
-  });
-  if (!found) updated.push(`${key}=${value}`);
-  fs.writeFileSync(envPath, updated.join("\n"));
-}
-
-const config = loadEnv();
-const TOKEN = config.TELEGRAM_BOT_TOKEN;
-const CHAT_IDS = (config.TELEGRAM_CHAT_ID || "").split(",").map((s) => s.trim()).filter(Boolean);
-const CHAT_ID = CHAT_IDS[0]; // Primary owner chat for crons/notifications
-const WORKSPACE = config.WORKSPACE;
-const CLAUDE_PATH = config.CLAUDE_PATH;
-const CURSOR_PATH = config.CURSOR_PATH || null;
-const CODEX_PATH = config.CODEX_PATH || null;
-const AUTO_COMPACT_TOKENS = parseInt(config.AUTO_COMPACT_TOKENS || process.env.AUTO_COMPACT_TOKENS || "140000", 10);
-const PROJECT_TRANSCRIPTS = configTruthy(config.PROJECT_TRANSCRIPTS || process.env.PROJECT_TRANSCRIPTS, true);
-const TRANSCRIPT_MAX_ENTRY_CHARS = parseInt(config.TRANSCRIPT_MAX_ENTRY_CHARS || process.env.TRANSCRIPT_MAX_ENTRY_CHARS || "12000", 10);
-const TRANSCRIPTS_DIR = config.TRANSCRIPTS_DIR || process.env.TRANSCRIPTS_DIR || path.join(CONFIG_DIR, "transcripts");
-
-// Validate critical config at startup
-if (!TOKEN) { console.error("TELEGRAM_BOT_TOKEN not set"); process.exit(1); }
-if (!CHAT_ID) { console.error("TELEGRAM_CHAT_ID not set"); process.exit(1); }
-if (!WORKSPACE) { console.error("WORKSPACE not set"); process.exit(1); }
-if (!CLAUDE_PATH) { console.error("CLAUDE_PATH not set"); process.exit(1); }
-
-// Ensure workspace exists
-if (!fs.existsSync(WORKSPACE)) {
-  try {
-    fs.mkdirSync(WORKSPACE, { recursive: true });
-    console.log(`Created workspace: ${WORKSPACE}`);
-  } catch (e) {
-    console.error(`Failed to create workspace: ${e.message}`);
-    process.exit(1);
-  }
-}
-
-// Verify Claude CLI exists
-if (!fs.existsSync(CLAUDE_PATH)) {
-  const { execSync } = require("child_process");
-  try {
-    execSync(`which "${CLAUDE_PATH}" 2>/dev/null || where "${CLAUDE_PATH}" 2>nul`, { encoding: "utf-8" });
-  } catch (e) {
-    console.error(`Claude CLI not found at: ${CLAUDE_PATH}`);
-    process.exit(1);
-  }
-}
-
-// Resolve Cursor Agent CLI (optional — discovered at startup)
-let resolvedCursorPath = CURSOR_PATH;
-if (!resolvedCursorPath) {
-  try {
-    resolvedCursorPath = execSync("which agent 2>/dev/null", { encoding: "utf-8" }).trim() || null;
-  } catch (e) { resolvedCursorPath = null; }
-}
-if (resolvedCursorPath) console.log(`Cursor Agent CLI: ${resolvedCursorPath}`);
-
-// Resolve Codex CLI (optional — discovered at startup)
-let resolvedCodexPath = CODEX_PATH;
-if (!resolvedCodexPath) {
-  try {
-    resolvedCodexPath = execSync("which codex 2>/dev/null", { encoding: "utf-8" }).trim() || null;
-  } catch (e) { resolvedCodexPath = null; }
-}
-if (resolvedCodexPath) console.log(`Codex CLI: ${resolvedCodexPath}`);
-const WHISPER_CLI = config.WHISPER_CLI || "";
-const WHISPER_MODEL = config.WHISPER_MODEL || "";
-const FFMPEG = config.FFMPEG || "";
-const SOUL_FILE = config.SOUL_FILE || path.join(CONFIG_DIR, "soul.md");
-const CRONS_FILE = config.CRONS_FILE || path.join(CONFIG_DIR, "crons.json");
-const VAULT_FILE = config.VAULT_FILE || path.join(CONFIG_DIR, "vault.enc");
-const AUTH_FILE = config.AUTH_FILE || path.join(CONFIG_DIR, "auth.json");
-const IDENTITIES_FILE = config.IDENTITIES_FILE || path.join(CONFIG_DIR, "identities.json");
-const BOT_DIR = __dirname;
-
-// Detect PATH for subprocess
-const FULL_PATH = [
-  path.dirname(CLAUDE_PATH),
-  resolvedCursorPath ? path.dirname(resolvedCursorPath) : null,
-  resolvedCodexPath ? path.dirname(resolvedCodexPath) : null,
-  path.dirname(process.execPath),
-  FFMPEG ? path.dirname(FFMPEG) : null,
-  WHISPER_CLI ? path.dirname(WHISPER_CLI) : null,
-  ...(process.platform === "win32"
-    ? [process.env.APPDATA, process.env.LOCALAPPDATA].filter(Boolean).map((p) => path.join(p, "npm"))
-    : ["/opt/homebrew/bin", "/usr/local/bin", "/usr/bin", "/bin", "/usr/sbin", "/sbin"]
-  ),
-].filter(Boolean).join(path.delimiter);
-
-const bot = new TelegramBot(TOKEN, {
-  polling: {
-    autoStart: true,
-    params: { timeout: 30 },
-  },
-});
-const vault = new Vault(VAULT_FILE);
-
-// ── Auto-reconnect on polling errors ───────────────────────────────
-let reconnectTimer = null;
-bot.on("polling_error", (err) => {
-  const msg = err.message || "";
-  console.error("Polling error:", msg);
-  // Another instance is already running — exit immediately
-  if (msg.includes("409 Conflict")) {
-    console.error("Another instance is polling. Exiting.");
-    process.exit(1);
-  }
-  if (msg.includes("ETIMEDOUT") || msg.includes("ECONNRESET") || msg.includes("ENOTFOUND") || msg.includes("EFATAL")) {
-    if (reconnectTimer) return; // Already scheduled
-    console.log("Network lost. Reconnecting in 10s...");
-    reconnectTimer = setTimeout(async () => {
-      reconnectTimer = null;
-      try {
-        await bot.stopPolling();
-        await new Promise((r) => setTimeout(r, 2000));
-        await bot.startPolling();
-        console.log("Reconnected.");
-      } catch (e) {
-        console.error("Reconnect failed:", e.message);
-        // launchd will restart us if we exit
-        process.exit(1);
-      }
-    }, 10000);
-  }
-});
+// ── Update checker ─────────────────────────────────────────────────
 
-// ── Update checker (every 5 mins) ──────────────────────────────────
-const CURRENT_VERSION = require(path.join(__dirname, "package.json")).version;
 let lastNotifiedVersion = null;
-
 function checkForUpdates() {
+  const https = require("https");
   https.get("https://registry.npmjs.org/@inetafrica/open-claudia/latest", (res) => {
     let data = "";
     res.on("data", (d) => { data += d; });
@@ -275,3249 +101,92 @@ function checkForUpdates() {
         const latest = JSON.parse(data).version;
         if (latest && latest !== CURRENT_VERSION && latest !== lastNotifiedVersion) {
           lastNotifiedVersion = latest;
-          bot.sendMessage(CHAT_ID, `Hey! A new version is available (v${latest}). You're on v${CURRENT_VERSION}.\n\nSend /upgrade to update — I'll be back in a few seconds.`);
+          // Notify owner via the first telegram adapter (the historical home).
+          const tg = adapters.find((a) => a.type === "telegram");
+          if (tg && CHAT_ID) {
+            tg.send(CHAT_ID, `Hey! A new version is available (v${latest}). You're on v${CURRENT_VERSION}.\n\nSend /upgrade to update — I'll be back in a few seconds.`).catch(() => {});
+          }
         }
       } catch (e) {}
     });
   }).on("error", () => {});
 }
 
-// Check on startup (after 30s) and every 5 minutes
 setTimeout(checkForUpdates, 30000);
 setInterval(checkForUpdates, 5 * 60 * 1000);
 
-// ── Commands Menu ───────────────────────────────────────────────────
-bot.setMyCommands([
-  { command: "session", description: "Pick a project to work on" },
-  { command: "projects", description: "Browse all workspace projects" },
-  { command: "model", description: "Switch model (opus/sonnet/haiku)" },
-  { command: "effort", description: "Set effort level" },
-  { command: "budget", description: "Set max spend for next task" },
-  { command: "plan", description: "Toggle plan mode" },
-  { command: "ask", description: "Toggle ask mode (Cursor only)" },
-  { command: "sessions", description: "List conversations for this project" },
-  { command: "compact", description: "Summarize conversation context" },
-  { command: "usage", description: "Show token usage & cost for this session" },
-  { command: "continue", description: "Resume last conversation" },
-  { command: "worktree", description: "Toggle isolated git branch" },
-  { command: "cron", description: "Manage scheduled tasks" },
-  { command: "vault", description: "Manage credentials (password required)" },
-  { command: "soul", description: "View/edit assistant identity" },
-  { command: "status", description: "Session & settings info" },
-  { command: "cursor", description: "Switch to Cursor Agent backend" },
-  { command: "claude", description: "Switch to Claude Code backend" },
-  { command: "codex", description: "Switch to OpenAI Codex backend" },
-  { command: "backend", description: "Show/switch active backend" },
-  { command: "doctor", description: "Check CLI requirements" },
-  { command: "requirements", description: "Check CLI requirements" },
-  { command: "auth", description: "Request access to this bot" },
-  { command: "link", description: "Link this chat to a canonical user id" },
-  { command: "whoami", description: "Show your canonical user id" },
-  { command: "auth_status", description: "Check Claude Code auth" },
-  { command: "codex_auth_status", description: "Check Codex auth" },
-  { command: "codex_login", description: "Start Codex device login" },
-  { command: "login", description: "Start Claude Code login" },
-  { command: "setup_token", description: "Create Claude OAuth token" },
-  { command: "stop", description: "Cancel running task" },
-  { command: "end", description: "End current session" },
-  { command: "version", description: "Show current version" },
-  { command: "restart", description: "Restart the bot" },
-  { command: "upgrade", description: "Upgrade and restart" },
-  { command: "help", description: "Show all commands" },
-]);
-
-// Temp dir for media
-const TEMP_DIR = path.join(CONFIG_DIR, "media");
-const FILES_DIR = path.join(CONFIG_DIR, "files");
-if (!fs.existsSync(TEMP_DIR)) fs.mkdirSync(TEMP_DIR, { recursive: true });
-if (!fs.existsSync(FILES_DIR)) fs.mkdirSync(FILES_DIR, { recursive: true });
-
-// File size limits (in bytes)
-const MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB max for documents
-const MAX_VOICE_SIZE = 10 * 1024 * 1024; // 10MB max for voice/audio
-
-// Process timeout (6 hours max)
-const MAX_PROCESS_TIMEOUT = 360 * 60 * 1000;
-
-// ── Persistent state ───────────────────────────────────────────────
-const STATE_FILE = path.join(CONFIG_DIR, "state.json");
-const SESSIONS_FILE = path.join(CONFIG_DIR, "sessions.json");
-
-function normalizeCanonicalUserId(value) {
-  return String(value || "").trim().toLowerCase();
-}
-
-function channelKey(transport, channelId) {
-  return `${String(transport || "").trim().toLowerCase()}:${String(channelId || "").trim()}`;
-}
-
-function defaultCanonicalForChannel(transport, channelId) {
-  return channelKey(transport, channelId);
-}
+// ── Boot ────────────────────────────────────────────────────────────
 
-function loadIdentities() {
+(async () => {
+  // Idempotent setup: ensure tools & config are in place (safe on every boot)
   try {
-    const raw = JSON.parse(fs.readFileSync(IDENTITIES_FILE, "utf-8"));
-    return {
-      channels: raw && typeof raw.channels === "object" ? raw.channels : {},
-      preferred: raw && typeof raw.preferred === "object" ? raw.preferred : {},
-    };
+    const { ensureSetup, formatSetupResults } = require("./health");
+    const setupResult = ensureSetup();
+    console.log("Setup check:");
+    console.log(formatSetupResults(setupResult));
+    if (!setupResult.ok) console.warn("Some setup steps failed — browser tools may be unavailable.");
   } catch (e) {
-    return { channels: {}, preferred: {} };
-  }
-}
-
-const identities = loadIdentities();
-
-function saveIdentities() {
-  try { fs.writeFileSync(IDENTITIES_FILE, JSON.stringify(identities, null, 2)); } catch (e) {}
-}
-
-function canonicalForChannel(transport, channelId) {
-  const key = channelKey(transport, channelId);
-  return normalizeCanonicalUserId(identities.channels[key]) || defaultCanonicalForChannel(transport, channelId);
-}
-
-function canonicalForTelegram(chatId) {
-  return canonicalForChannel("telegram", chatId);
-}
-
-function canonicalForStoredUserKey(key) {
-  const id = String(key);
-  if (id.includes(":") || id.includes("@")) return normalizeCanonicalUserId(id);
-  return canonicalForTelegram(id);
-}
-
-function currentCanonicalUserId() {
-  return canonicalForTelegram(currentChatId());
-}
-
-function loadStateFile() {
-  try { return JSON.parse(fs.readFileSync(STATE_FILE, "utf-8")); } catch (e) { return {}; }
-}
-
-function mergeSavedState(existing, next) {
-  return {
-    ...existing,
-    ...next,
-    settings: { ...(existing.settings || {}), ...(next.settings || {}) },
-    sessionUsage: { ...(existing.sessionUsage || {}), ...(next.sessionUsage || {}) },
-  };
-}
-
-// Multi-user state. v1.16 and earlier stored a single user's state at the
-// top level of state.json; v1.17/v1.18 stored `{ users: { "<chatId>": {...} } }`.
-// v1.19+ keys state by canonical user id (`telegram:<chatId>` by default,
-// or an explicit mapping like `sumeet@inet.africa`) so future transports can
-// share the same session state.
-const savedState = (() => {
-  const raw = loadStateFile();
-  const users = {};
-  if (raw && raw.users && typeof raw.users === "object") {
-    for (const [key, value] of Object.entries(raw.users)) {
-      const userId = canonicalForStoredUserKey(key);
-      users[userId] = mergeSavedState(users[userId] || {}, value || {});
-    }
-    return { users };
-  }
-  // Legacy single-user shape: hoist it under the owner's canonical id.
-  return { users: { [canonicalForTelegram(CHAT_ID)]: raw || {} } };
-})();
-
-let activeCrons = new Map();
-
-// Per-user state buckets. Each authorized chat gets its own thread,
-// running process, settings, session etc. Owner-only shared resources
-// (vault, soul, crons, OAuth token) stay global above.
-const userStates = new Map();
-
-function freshSettings() {
-  return { model: null, effort: null, budget: null, permissionMode: null, worktree: false, backend: "claude" };
-}
-
-function freshUsage() {
-  return { turns: 0, inputTokens: 0, outputTokens: 0, cacheReadTokens: 0, cacheCreationTokens: 0, costUsd: 0, lastInputTokens: 0 };
-}
-
-function createUserState(userId) {
-  const saved = (savedState.users && savedState.users[userId]) || {};
-  const settings = saved.settings || freshSettings();
-  if (!settings.backend) settings.backend = "claude";
-  return {
-    userId: String(userId),
-    chatId: currentChatId(),
-    currentSession: saved.currentSession || null,
-    runningProcess: null,
-    statusMessageId: null,
-    streamBuffer: "",
-    streamInterval: null,
-    lastSessionId: saved.lastSessionId || null,
-    cursorSessionId: saved.cursorSessionId || null,
-    codexSessionId: saved.codexSessionId || null,
-    messageQueue: [],
-    isFirstMessage: !saved.lastSessionId,
-    lastInputWasVoice: false,
-    sessionUsage: saved.sessionUsage || freshUsage(),
-    settings,
-    onboardingStep: null,
-    onboardingData: {},
-    pendingVaultUnlock: false,
-    pendingVaultAction: null,
-    pendingClaudeAuthProcess: null,
-    pendingClaudeAuthLabel: null,
-    pendingCodexAuthProcess: null,
-    pendingCodexAuthLabel: null,
-    isCompacting: false,
-    lastCompactedAt: saved.lastCompactedAt || 0,
-  };
-}
-
-function getUserState(userId) {
-  const id = normalizeCanonicalUserId(userId);
-  if (!userStates.has(id)) userStates.set(id, createUserState(id));
-  const state = userStates.get(id);
-  state.chatId = currentChatId();
-  return state;
-}
-
-// AsyncLocalStorage carries the active chat id through the async call
-// chain, so send()/editMessage()/etc. route replies back to whoever
-// triggered the work without having to thread chatId through every
-// function signature.
-const chatContext = new AsyncLocalStorage();
-
-function currentChatId() {
-  return chatContext.getStore() || CHAT_ID;
-}
-
-function currentState() {
-  return getUserState(currentCanonicalUserId());
-}
-
-function resetSessionUsage(state = currentState()) {
-  state.sessionUsage = freshUsage();
-}
-
-function resetSettings(state = currentState()) {
-  state.settings = freshSettings();
-}
-
-function saveState() {
-  const data = { users: { ...(savedState.users || {}) } };
-  for (const [id, s] of userStates) {
-    data.users[id] = {
-      currentSession: s.currentSession,
-      lastSessionId: s.lastSessionId,
-      cursorSessionId: s.cursorSessionId,
-      codexSessionId: s.codexSessionId,
-      settings: s.settings,
-      sessionUsage: s.sessionUsage,
-      lastCompactedAt: s.lastCompactedAt || 0,
-    };
-  }
-  savedState.users = data.users;
-  try { fs.writeFileSync(STATE_FILE, JSON.stringify(data)); } catch (e) {}
-}
-
-function migrateUserData(fromUserId, toUserId) {
-  const from = normalizeCanonicalUserId(fromUserId);
-  const to = normalizeCanonicalUserId(toUserId);
-  if (!from || !to || from === to) return;
-
-  if (savedState.users && savedState.users[from]) {
-    savedState.users[to] = mergeSavedState(savedState.users[to] || {}, savedState.users[from]);
-    delete savedState.users[from];
-  }
-
-  if (userStates.has(from)) {
-    const fromState = userStates.get(from);
-    if (userStates.has(to)) {
-      const toState = userStates.get(to);
-      Object.assign(toState, mergeSavedState(toState, fromState));
-      toState.userId = to;
-    } else {
-      fromState.userId = to;
-      userStates.set(to, fromState);
-    }
-    userStates.delete(from);
-  }
-
-  const sessions = loadSessions();
-  if (sessions[from]) {
-    sessions[to] = { ...(sessions[to] || {}) };
-    for (const [project, list] of Object.entries(sessions[from])) {
-      sessions[to][project] = [
-        ...(sessions[to][project] || []),
-        ...(Array.isArray(list) ? list : []),
-      ].slice(-20);
-    }
-    delete sessions[from];
-    saveSessions(sessions);
-  }
-
-  saveState();
-}
-
-function setIdentityMapping(transport, channelId, canonicalUserId) {
-  const key = channelKey(transport, channelId);
-  const userId = normalizeCanonicalUserId(canonicalUserId);
-  if (!userId) throw new Error("Canonical user id is required.");
-  const hadExplicitMapping = Object.prototype.hasOwnProperty.call(identities.channels, key);
-  const previousUserId = canonicalForChannel(transport, channelId);
-  const defaultUserId = defaultCanonicalForChannel(transport, channelId);
-  identities.channels[key] = userId;
-  identities.preferred[userId] = { transport: String(transport).toLowerCase(), channelId: String(channelId) };
-  saveIdentities();
-  const shouldMigrate = !hadExplicitMapping || previousUserId === defaultUserId;
-  if (shouldMigrate) migrateUserData(previousUserId, userId);
-  return { key, previousUserId, userId, migrated: shouldMigrate && previousUserId !== userId };
-}
-
-// ── Message deduplication ──────────────────────────────────────────
-// Telegram message_ids are unique per chat, not globally — namespace by
-// chat id so two users' messages can't collide.
-const processedMessages = new Set();
-function isDuplicate(msg) {
-  const key = `${msg.chat.id}:${msg.message_id}`;
-  if (processedMessages.has(key)) return true;
-  processedMessages.add(key);
-  if (processedMessages.size > 400) {
-    const arr = [...processedMessages];
-    processedMessages.clear();
-    arr.slice(-200).forEach((k) => processedMessages.add(k));
-  }
-  return false;
-}
-
-// ── Per-project session history ────────────────────────────────────
-// Sessions are stored per canonical user so linked channels share the same
-// conversation history per project. Legacy files keyed by chat id are migrated
-// through the same identity resolver on first read.
-
-function loadSessions() {
-  let raw;
-  try { raw = JSON.parse(fs.readFileSync(SESSIONS_FILE, "utf-8")); } catch (e) { return {}; }
-  if (!raw || typeof raw !== "object") return {};
-  // Legacy detection: top-level keys map directly to arrays of session objects.
-  const looksLegacy = Object.values(raw).some((v) => Array.isArray(v));
-  if (looksLegacy) return { [canonicalForTelegram(CHAT_ID)]: raw };
-  const migrated = {};
-  for (const [key, value] of Object.entries(raw)) {
-    const userId = canonicalForStoredUserKey(key);
-    migrated[userId] = { ...(migrated[userId] || {}) };
-    for (const [project, list] of Object.entries(value || {})) {
-      migrated[userId][project] = [
-        ...(migrated[userId][project] || []),
-        ...(Array.isArray(list) ? list : []),
-      ].slice(-20);
-    }
-  }
-  return migrated;
-}
-
-function saveSessions(sessions) {
-  try { fs.writeFileSync(SESSIONS_FILE, JSON.stringify(sessions, null, 2)); } catch (e) {}
-}
-
-function recordSession(userId, projectName, sessionId, title) {
-  const all = loadSessions();
-  const id = normalizeCanonicalUserId(userId);
-  if (!all[id]) all[id] = {};
-  if (!all[id][projectName]) all[id][projectName] = [];
-  const arr = all[id][projectName];
-  const existing = arr.find((s) => s.id === sessionId);
-  if (existing) {
-    if (title) existing.title = title;
-    existing.lastUsed = new Date().toISOString();
-  } else {
-    arr.push({
-      id: sessionId,
-      title: title || "Untitled",
-      created: new Date().toISOString(),
-      lastUsed: new Date().toISOString(),
-    });
+    console.warn("Setup check skipped:", e.message);
   }
-  all[id][projectName] = arr.slice(-20);
-  saveSessions(all);
-}
-
-function getProjectSessions(userId, projectName) {
-  const all = loadSessions();
-  return ((all[normalizeCanonicalUserId(userId)] || {})[projectName] || []).slice().reverse();
-}
-
-function getLastProjectSession(userId, projectName) {
-  const sessions = getProjectSessions(userId, projectName);
-  return sessions.length > 0 ? sessions[0] : null;
-}
-
-function isAuthorized(msg) {
-  const chatId = String(msg.chat.id);
-  if (CHAT_IDS.includes(chatId)) return true;
-  // Also check auth.json for dynamically added chats
-  try {
-    const auth = JSON.parse(fs.readFileSync(AUTH_FILE, "utf-8"));
-    return Array.isArray(auth.authorized) && auth.authorized.some((a) => String(a.chatId) === chatId);
-  } catch (e) {}
-  return false;
-}
 
-function isOwner(msg) {
-  const chatId = String(msg.chat.id);
-  if (chatId === CHAT_ID) return true;
+  // Sweep stale `claude login` / `claude setup-token` processes that
+  // survived a previous bot crash. They're blocked on stdin forever and
+  // can hold keychain locks / resources. Anything older than 30 minutes
+  // is assumed to be abandoned.
   try {
-    const auth = JSON.parse(fs.readFileSync(AUTH_FILE, "utf-8"));
-    const authorized = Array.isArray(auth.authorized) ? auth.authorized : [];
-    if (authorized.some((a) => String(a.chatId) === chatId && a.isOwner === true)) return true;
-    if (!authorized.some((a) => a.isOwner === true) && CHAT_IDS.includes(chatId)) return true;
+    const out = execSync(
+      `ps -axo pid,etime,command | awk '/claude (login|setup-token)/ && !/awk/'`,
+      { encoding: "utf-8", stdio: ["ignore", "pipe", "ignore"] },
+    );
+    for (const line of out.split("\n")) {
+      const m = line.trim().match(/^(\d+)\s+(\S+)\s/);
+      if (!m) continue;
+      const pid = Number(m[1]);
+      const elapsed = m[2];
+      const minutes = elapsed.includes("-")
+        ? Number(elapsed.split("-")[0]) * 24 * 60 + 60
+        : elapsed.split(":").length === 3
+          ? Number(elapsed.split(":")[0]) * 60 + Number(elapsed.split(":")[1])
+          : Number(elapsed.split(":")[0]);
+      if (minutes >= 30) {
+        try {
+          process.kill(pid, "SIGTERM");
+          console.log(`Swept stale auth process pid=${pid} elapsed=${elapsed}`);
+        } catch (e) {}
+      }
+    }
   } catch (e) {}
-  return false;
-}
-
-function loadAuth() {
-  try {
-    const auth = JSON.parse(fs.readFileSync(AUTH_FILE, "utf-8"));
-    return {
-      authorized: Array.isArray(auth.authorized) ? auth.authorized : [],
-      pending: Array.isArray(auth.pending) ? auth.pending : [],
-    };
-  } catch (e) {
-    return { authorized: [], pending: [] };
-  }
-}
-
-function saveAuth(auth) {
-  fs.writeFileSync(AUTH_FILE, JSON.stringify(auth, null, 2));
-}
-
-function authRequestLabel(request) {
-  return request.username ? `@${request.username}` : request.name || request.chatId;
-}
-
-function updateAuthorizedChatEnv(auth) {
-  const ids = new Set(CHAT_IDS);
-  for (const user of auth.authorized) {
-    if (user.chatId) ids.add(String(user.chatId));
-  }
-  saveEnvKey("TELEGRAM_CHAT_ID", [...ids].join(","));
-}
-
-async function approveAuthRequest(chatId) {
-  const auth = loadAuth();
-  if (auth.authorized.some((a) => String(a.chatId) === chatId)) {
-    auth.pending = auth.pending.filter((p) => String(p.chatId) !== chatId);
-    saveAuth(auth);
-    updateAuthorizedChatEnv(auth);
-    return { status: "already_authorized" };
-  }
-
-  const idx = auth.pending.findIndex((p) => String(p.chatId) === chatId);
-  if (idx < 0) return { status: "not_found" };
-
-  const approved = auth.pending.splice(idx, 1)[0];
-  auth.authorized.push({
-    chatId: approved.chatId,
-    name: approved.name,
-    username: approved.username,
-    isOwner: false,
-    authorizedAt: new Date().toISOString(),
-  });
-  saveAuth(auth);
-  updateAuthorizedChatEnv(auth);
-  return { status: "approved", request: approved };
-}
-
-async function denyAuthRequest(chatId) {
-  const auth = loadAuth();
-  const idx = auth.pending.findIndex((p) => String(p.chatId) === chatId);
-  if (idx < 0) return { status: "not_found" };
-
-  const denied = auth.pending.splice(idx, 1)[0];
-  saveAuth(auth);
-  return { status: "denied", request: denied };
-}
-
-// ── Auth request handler (for unauthorized users) ──────────────────
-bot.onText(/\/auth$/, async (msg) => {
-  if (isAuthorized(msg)) {
-    bot.sendMessage(msg.chat.id, "You're already authorized.");
-    return;
-  }
-  const chatId = String(msg.chat.id);
-  const name = [msg.from?.first_name, msg.from?.last_name].filter(Boolean).join(" ");
-  const username = msg.from?.username || "";
-
-  // Add to pending in auth.json
-  const auth = loadAuth();
-
-  // Check if already pending
-  if (auth.pending.some((p) => String(p.chatId) === chatId)) {
-    bot.sendMessage(msg.chat.id, "Your request is already pending. The bot owner will review it.");
-    return;
-  }
-
-  auth.pending.push({
-    chatId,
-    name,
-    username,
-    requestedAt: new Date().toISOString(),
-  });
-  saveAuth(auth);
-
-  bot.sendMessage(msg.chat.id, "Access requested! The bot owner will review your request.");
-
-  // Notify owner
-  const label = authRequestLabel({ chatId, name, username });
-  bot.sendMessage(CHAT_ID, `New auth request from ${label} (${chatId}).`, {
-    reply_markup: {
-      inline_keyboard: [[
-        { text: "Approve", callback_data: `auth:approve:${chatId}` },
-        { text: "Deny", callback_data: `auth:deny:${chatId}` },
-      ]],
-    },
-  });
-});
-
-// ── Onboarding ──────────────────────────────────────────────────────
-// Onboarding state lives per-user, but `isOnboarded()` is a global gate
-// off .env — so in practice only the first install user (the owner) ever
-// runs the flow. Authorized teammates skip onboarding entirely.
-
-function isOnboarded() {
-  return config.ONBOARDED === "true";
-}
-
-async function startOnboarding() {
-  const state = currentState();
-  state.onboardingStep = "name";
-  state.onboardingData = {};
-  await send(
-    "Welcome! Let's set me up.\n\nWhat should I call you?"
-  );
-}
-
-async function handleOnboarding(msg) {
-  const state = currentState();
-  const text = msg.text;
-
-  if (state.onboardingStep === "name") {
-    state.onboardingData.name = text;
-    state.onboardingStep = "role";
-    await send(`Nice to meet you, ${text}!\n\nWhat's your role? (e.g., "full-stack developer", "startup founder", "student")`);
-    return true;
-  }
-
-  if (state.onboardingStep === "role") {
-    state.onboardingData.role = text;
-    state.onboardingStep = "style";
-    await send("How should I communicate?\n\nPick a style:", {
-      keyboard: {
-        inline_keyboard: [
-          [
-            { text: "Concise & technical", callback_data: "ob:concise" },
-            { text: "Detailed & educational", callback_data: "ob:detailed" },
-          ],
-          [
-            { text: "Casual & friendly", callback_data: "ob:casual" },
-            { text: "Minimal (just code)", callback_data: "ob:minimal" },
-          ],
-        ],
-      },
-    });
-    return true;
-  }
-
-  return false;
-}
-
-function finishOnboarding(style) {
-  const state = currentState();
-  state.onboardingData.style = style;
-  state.onboardingStep = null;
-  const onboardingData = state.onboardingData;
-
-  // Generate soul.md
-  const styleDescriptions = {
-    concise: "Direct, concise, technical. No fluff. Lead with the answer.",
-    detailed: "Thorough and educational. Explain the why, not just the what.",
-    casual: "Casual and friendly. Like chatting with a smart friend who codes.",
-    minimal: "Minimal output. Just code and brief explanations. No chatter.",
-  };
-
-  const soul = `# Soul
 
-You are ${onboardingData.name}'s personal AI coding assistant, running 24/7 via Telegram.
+  initCrons();
 
-## Identity
-- Tone: ${styleDescriptions[style]}
-- Platform: Telegram (mobile-first, keep messages short)
-
-## About ${onboardingData.name}
-- Role: ${onboardingData.role}
-
-## Working Style
-- Prefer action over discussion. Do the thing, then explain.
-- Send files for long output instead of text walls.
-- Proactively flag issues and suggest improvements.
-
-## Capabilities
-- Write, edit, and refactor code across all projects
-- Run commands, tests, builds
-- Send files, images, code snippets directly via Telegram
-- Run scheduled checks (cron jobs) and report results
-- Store and use credentials from the encrypted vault
-`;
-
-  fs.writeFileSync(SOUL_FILE, soul);
-  saveEnvKey("ONBOARDED", "true");
-  config.ONBOARDED = "true";
-
-  send(`All set, ${onboardingData.name}! I'm configured and ready.\n\nTap /session to pick a project and start working.`, {
-    keyboard: { inline_keyboard: [[{ text: "Pick a project", callback_data: "show:projects" }]] },
-  });
-}
-
-// ── Soul / System Prompt ────────────────────────────────────────────
-
-function loadSoul() {
-  try { return fs.readFileSync(SOUL_FILE, "utf-8"); } catch (e) { return "You are a helpful AI coding assistant."; }
-}
-
-function loadCrons() {
-  try { return JSON.parse(fs.readFileSync(CRONS_FILE, "utf-8")); } catch (e) { return []; }
-}
-
-function saveCrons(list) {
-  fs.writeFileSync(CRONS_FILE, JSON.stringify(list, null, 2));
-}
-
-function buildSystemPrompt() {
-  const state = currentState();
-  const soul = loadSoul();
-  const hasVoice = WHISPER_CLI && FFMPEG;
-
-  return `
-${soul}
-
-## Runtime Context
-- Interface: Telegram mobile chat through Open Claudia.
-- Active project path: ${state.currentSession ? state.currentSession.dir : "none"}
-- Voice notes: ${hasVoice ? "enabled" : "disabled"}
-- Vault: ${vault.isUnlocked() ? "unlocked" : "locked"}
-- Session: ${state.lastSessionId ? "resuming existing conversation" : "new conversation"}
-
-## Stable Local Paths
-- Bot code: ${path.join(BOT_DIR, "bot.js")}
-- Personality file: ${SOUL_FILE}
-- Cron config: ${CRONS_FILE}
-- Vault file: ${VAULT_FILE}
-- Bot environment: ${path.join(BOT_DIR, ".env")} (sensitive; never expose values)
-- Received user files directory: ${FILES_DIR}
-
-${transcriptPointerNote(state)}
-
-## Telegram Delivery
-Reply normally in your final answer. If you must send a large file, image, or artifact directly, use the Telegram API with the configured bot token from the environment/config; never print or embed the token in prompts, commands, logs, or messages.
-
-## Guidelines
-- Keep responses concise — this is a mobile screen.
-- Use Telegram-compatible markdown: *bold*, _italic_, \`code\`, \`\`\`code blocks\`\`\`. No headers (#), no links [text](url).
-- For long output (logs, diffs, large code), save to a file and send it as an artifact instead of pasting walls of text.
-- Act on screenshots (fix bugs, implement designs) — don't just describe what you see.
-- When the user sends a file, it is saved in the received files directory above. Read it with the Read tool.
-- When the user sends a credential, token, or API key, store it in the vault immediately using the vault CLI or bot commands. Tell them it's stored and that you've deleted their message for security.
-- When asked to change your personality, edit the personality file above.
-- When asked about yourself, you are Open Claudia — an AI coding assistant running Claude Code via Telegram.
-- If a task will take a while, let the user know upfront.
-- Don't ask for confirmation on simple tasks — just do them.
-- NEVER start long-running processes (dev servers, watchers, tails) in the foreground. They block all further messages. Instead, run them in the background: \`nohup command &\` or \`command &disown\`. Then report the PID so the user can stop it later.
-- If asked to "start" or "run" a dev server, ALWAYS background it.
-`.trim();
-}
-
-// ── Helpers ─────────────────────────────────────────────────────────
-
-function listProjects() {
-  try {
-    return fs.readdirSync(WORKSPACE, { withFileTypes: true })
-      .filter((d) => d.isDirectory())
-      .map((d) => d.name)
-      .filter((n) => !n.startsWith("."));
-  } catch (e) { return []; }
-}
-
-function findProject(query) {
-  const projects = listProjects();
-  const q = query.toLowerCase();
-  const exact = projects.find((p) => p.toLowerCase() === q);
-  if (exact) return exact;
-  const startsWith = projects.filter((p) => p.toLowerCase().startsWith(q));
-  if (startsWith.length === 1) return startsWith[0];
-  const contains = projects.filter((p) => p.toLowerCase().includes(q));
-  if (contains.length === 1) return contains[0];
-  return contains.length > 0 ? contains : null;
-}
-
-function projectKeyboard() {
-  const projects = listProjects();
-  const rows = [[{ text: "\u{1F4C1} Workspace (root)", callback_data: "s:__workspace__" }]];
-  for (let i = 0; i < projects.length; i += 2) {
-    const row = [{ text: projects[i], callback_data: `s:${projects[i]}` }];
-    if (projects[i + 1]) row.push({ text: projects[i + 1], callback_data: `s:${projects[i + 1]}` });
-    rows.push(row);
-  }
-  return { inline_keyboard: rows };
-}
-
-async function send(text, opts = {}) {
-  const chatId = opts.chatId || currentChatId();
-  const o = {};
-  if (opts.parseMode) o.parse_mode = opts.parseMode;
-  if (opts.keyboard) o.reply_markup = opts.keyboard;
-  if (opts.replyTo) o.reply_to_message_id = opts.replyTo;
-
-  for (let attempt = 0; attempt < 3; attempt++) {
+  for (const adapter of adapters) {
     try {
-      const msg = await bot.sendMessage(chatId, text, o);
-      return msg.message_id;
+      await adapter.start();
+      await adapter.registerCommands(publicCommands());
+      console.log(`Adapter ready: ${adapter.id} (${adapter.type})`);
     } catch (e) {
-      const errMsg = e.message || "";
-
-      // replyTo message was deleted or not found — retry without it
-      if (o.reply_to_message_id && errMsg.includes("message to be replied not found")) {
-        delete o.reply_to_message_id;
-        continue;
-      }
-
-      // Rate limited — wait and retry
-      const retryMatch = errMsg.match(/retry after (\d+)/i);
-      if (retryMatch) {
-        const waitSec = Math.min(parseInt(retryMatch[1], 10), 30);
-        console.error(`Send: rate limited, waiting ${waitSec}s`);
-        await new Promise((r) => setTimeout(r, waitSec * 1000));
-        continue;
-      }
-
-      // Parse mode failed — retry without it
-      if (opts.parseMode && o.parse_mode) {
-        delete o.parse_mode;
-        continue;
-      }
-
-      console.error("Send error:", errMsg);
-      return null;
-    }
-  }
-  console.error("Send: exhausted retries");
-  return null;
-}
-
-async function editMessage(messageId, text, opts = {}) {
-  try {
-    const o = { chat_id: opts.chatId || currentChatId(), message_id: messageId };
-    if (opts.keyboard) o.reply_markup = opts.keyboard;
-    await bot.editMessageText(text, o);
-  } catch (e) {
-    const errMsg = e.message || "";
-    // Rate limited — skip this update (next interval will catch up)
-    if (errMsg.includes("retry after")) return;
-    // Message unchanged — ignore
-    if (errMsg.includes("message is not modified")) return;
-    // Log anything unexpected
-    if (!errMsg.includes("message to edit not found")) {
-      console.error("Edit error:", errMsg);
+      console.error(`Adapter ${adapter.id} failed to start:`, e.message);
     }
   }
-}
-
-function splitMessage(text, maxLen = 4000) {
-  if (text.length <= maxLen) return [text];
-  const chunks = [];
-  while (text.length > 0) { chunks.push(text.slice(0, maxLen)); text = text.slice(maxLen); }
-  return chunks;
-}
 
-async function downloadFile(fileId, ext) {
-  const file = await bot.getFile(fileId);
-  const fileUrl = `https://api.telegram.org/file/bot${TOKEN}/${file.file_path}`;
-  const localPath = path.join(TEMP_DIR, `tg-${Date.now()}${ext}`);
-  await new Promise((resolve, reject) => {
-    const out = fs.createWriteStream(localPath);
-    https.get(fileUrl, (res) => { res.pipe(out); out.on("finish", () => { out.close(); resolve(); }); }).on("error", reject);
-  });
-  return localPath;
-}
-
-function transcribeAudio(oggPath) {
-  if (!WHISPER_CLI || !FFMPEG) return null;
-  const wavPath = oggPath.replace(/\.[^.]+$/, ".wav");
-  execSync(`"${FFMPEG}" -i "${oggPath}" -ar 16000 -ac 1 -y "${wavPath}" 2>/dev/null`);
-  const output = execSync(`"${WHISPER_CLI}" -m "${WHISPER_MODEL}" --no-timestamps -f "${wavPath}" 2>/dev/null`, { encoding: "utf-8" });
-  try { fs.unlinkSync(wavPath); } catch (e) { /* ignore */ }
-  return output.split("\n")
-    .filter((l) => l.trim() && !l.startsWith("whisper_") && !l.startsWith("ggml_") && !l.startsWith("load_"))
-    .join(" ").trim();
-}
-
-// ── Text-to-Speech ────────────────────────────────────────────────
-
-const TTS_CMD = process.platform === "darwin" ? "say" : null;
-
-function textToVoice(text) {
-  if (!TTS_CMD || !FFMPEG) return null;
-  try {
-    // Strip markdown formatting for cleaner speech
-    const clean = text.replace(/[*_`#>\[\]()]/g, "").replace(/\n{2,}/g, ". ").replace(/\n/g, " ").trim();
-    if (!clean) return null;
-    const aiffPath = path.join(TEMP_DIR, `tts-${Date.now()}.aiff`);
-    const oggPath = aiffPath.replace(".aiff", ".ogg");
-    execSync(`${TTS_CMD} ${JSON.stringify(clean)} -o "${aiffPath}"`, { timeout: 30000 });
-    execSync(`"${FFMPEG}" -i "${aiffPath}" -c:a libopus -y "${oggPath}" 2>/dev/null`, { timeout: 30000 });
-    try { fs.unlinkSync(aiffPath); } catch (e) {}
-    return oggPath;
-  } catch (e) {
-    console.error("TTS error:", e.message);
-    return null;
-  }
-}
+  console.log(`Open Claudia v${CURRENT_VERSION} running on: ${adapters.map((a) => a.id).join(", ")}`);
+  console.log(`Workspace: ${require("./core/config").WORKSPACE}`);
+  console.log(`Soul: ${SOUL_FILE}`);
+  console.log(`Vault: ${VAULT_FILE} (${vault.exists() ? "exists" : "not created"})`);
+  console.log(`Onboarded: ${isOnboarded()}`);
 
-async function sendVoice(oggPath) {
-  try {
-    await bot.sendVoice(currentChatId(), oggPath);
-    try { fs.unlinkSync(oggPath); } catch (e) {}
-    return true;
-  } catch (e) {
-    console.error("Send voice error:", e.message);
-    try { fs.unlinkSync(oggPath); } catch (e2) {}
-    return false;
+  // Notify owner that bot is back online via every adapter that knows
+  // an owner channel. Kazee skipped: ownerUserId is a user id, not a
+  // chat_id, and chat-central has no DM-by-userId send. Owner DM still
+  // wakes the bot fine — this is just the proactive "I'm back" ping.
+  for (const a of adapters) {
+    try {
+      if (a.type === "telegram" && CHAT_ID) {
+        await a.send(CHAT_ID, `Back online and ready! Running v${CURRENT_VERSION}.`);
+      }
+    } catch (e) {}
   }
-}
-
-// Delete a message (used for vault password cleanup)
-async function deleteMessage(msgId) {
-  try { await bot.deleteMessage(currentChatId(), msgId); } catch (e) { /* ignore */ }
-}
-
-
-// ── Requirements / Doctor Helpers ──────────────────────────────────
-
-function shellQuote(value) {
-  return `"${String(value).replace(/"/g, '\\"')}"`;
-}
-
-function runCommandForDoctor(command, args = [], opts = {}) {
-  try {
-    const out = execSync([command, ...args].map(shellQuote).join(" "), {
-      cwd: opts.cwd || process.env.HOME || require("os").homedir(),
-      env: opts.env || botSubprocessEnv(),
-      encoding: "utf-8",
-      timeout: opts.timeout || 10000,
-      stdio: ["ignore", "pipe", "pipe"],
-    });
-    return { ok: true, output: out.trim(), code: 0 };
-  } catch (e) {
-    return { ok: false, output: `${e.stdout || ""}\n${e.stderr || ""}\n${e.message || ""}`.trim(), code: e.status ?? 1 };
-  }
-}
-
-function binaryCheck(binPath, name) {
-  if (!binPath) return { ok: false, label: name, detail: "not configured/found" };
-  try {
-    if (fs.existsSync(binPath)) fs.accessSync(binPath, fs.constants.X_OK);
-    else execSync(process.platform === "win32" ? `where ${shellQuote(binPath)}` : `which ${shellQuote(binPath)}`, { stdio: "ignore", env: botSubprocessEnv() });
-    return { ok: true, label: name, detail: binPath };
-  } catch (e) {
-    return { ok: false, label: name, detail: `not executable: ${binPath}` };
-  }
-}
-
-function checkWritableDir(dirPath, label) {
-  if (!dirPath) return { ok: false, label, detail: "not configured" };
-  try {
-    if (!fs.existsSync(dirPath)) fs.mkdirSync(dirPath, { recursive: true });
-    const test = path.join(dirPath, `.open-claudia-write-test-${Date.now()}`);
-    fs.writeFileSync(test, "ok");
-    fs.unlinkSync(test);
-    return { ok: true, label, detail: dirPath };
-  } catch (e) {
-    return { ok: false, label, detail: redactSensitive(e.message) };
-  }
-}
-
-function summarizeAuthOutput(output, ok) {
-  const clean = redactSensitive(stripTerminalControls(output || "")).replace(/\s+/g, " ").trim();
-  if (!clean) return ok ? "ok" : "no output";
-  return clean.length > 160 ? clean.slice(0, 157) + "..." : clean;
-}
-
-function isCodexAuthErrorText(text) {
-  return /not (?:logged in|authenticated)|unauthenticated|login required|please (?:log|sign) in|401 unauthorized|invalid api key|no credentials/i.test(String(text || ""));
-}
-
-function runDoctorChecks() {
-  const checks = [];
-  const nodeMajor = parseInt(process.version.slice(1).split(".")[0], 10);
-  checks.push({ ok: nodeMajor >= 18, label: "Node.js", detail: process.version, action: nodeMajor >= 18 ? "" : "Install Node.js 18+." });
-
-  const claudeBin = binaryCheck(CLAUDE_PATH, "Claude CLI");
-  if (claudeBin.ok) {
-    const ver = runCommandForDoctor(CLAUDE_PATH, ["--version"]);
-    const auth = runCommandForDoctor(CLAUDE_PATH, ["auth", "status"], { env: claudeSubprocessEnv(), timeout: 12000 });
-    checks.push({ ok: ver.ok, label: "Claude version", detail: summarizeAuthOutput(ver.output, ver.ok), action: ver.ok ? "" : "Check CLAUDE_PATH." });
-    checks.push({ ok: auth.ok && !isClaudeAuthErrorText(auth.output), label: "Claude auth", detail: summarizeAuthOutput(auth.output, auth.ok), action: auth.ok && !isClaudeAuthErrorText(auth.output) ? "" : "Run /auth_status then /setup_token or /login." });
-  } else checks.push({ ...claudeBin, action: "Install @anthropic-ai/claude-code or fix CLAUDE_PATH." });
-
-  if (CURSOR_PATH || resolvedCursorPath) {
-    const cursorPath = resolvedCursorPath || CURSOR_PATH;
-    const cursorBin = binaryCheck(cursorPath, "Cursor Agent");
-    if (cursorBin.ok) {
-      const ver = runCommandForDoctor(cursorPath, ["--version"]);
-      const status = runCommandForDoctor(cursorPath, ["status"], { timeout: 12000 });
-      checks.push({ ok: ver.ok, label: "Cursor version", detail: summarizeAuthOutput(ver.output, ver.ok), action: ver.ok ? "" : "Check CURSOR_PATH." });
-      checks.push({ ok: status.ok, label: "Cursor auth/status", detail: summarizeAuthOutput(status.output, status.ok), action: status.ok ? "" : "Run `agent login` on this host." });
-    } else checks.push({ ...cursorBin, action: "Install Cursor Agent or fix CURSOR_PATH." });
-  } else checks.push({ ok: true, warn: true, label: "Cursor Agent", detail: "not configured/found (optional)", action: "Install only if you want /cursor." });
-
-  if (CODEX_PATH || resolvedCodexPath) {
-    const codexPath = resolvedCodexPath || CODEX_PATH;
-    const codexBin = binaryCheck(codexPath, "Codex CLI");
-    if (codexBin.ok) {
-      const ver = runCommandForDoctor(codexPath, ["--version"]);
-      const status = runCommandForDoctor(codexPath, ["login", "status"], { timeout: 12000 });
-      checks.push({ ok: ver.ok, label: "Codex version", detail: summarizeAuthOutput(ver.output, ver.ok), action: ver.ok ? "" : "Check CODEX_PATH." });
-      checks.push({ ok: status.ok && !isCodexAuthErrorText(status.output), label: "Codex auth", detail: summarizeAuthOutput(status.output, status.ok), action: status.ok && !isCodexAuthErrorText(status.output) ? "" : "Run /codex_login or /codex_setup_token." });
-    } else checks.push({ ...codexBin, action: "Install @openai/codex or fix CODEX_PATH." });
-  } else checks.push({ ok: true, warn: true, label: "Codex CLI", detail: "not configured/found (optional)", action: "Install only if you want /codex." });
-
-  if (FFMPEG || WHISPER_CLI || WHISPER_MODEL) {
-    const ff = binaryCheck(FFMPEG || "ffmpeg", "ffmpeg");
-    const wh = binaryCheck(WHISPER_CLI, "Whisper CLI");
-    checks.push({ ...ff, action: ff.ok ? "" : "Install ffmpeg or set FFMPEG." });
-    checks.push({ ...wh, action: wh.ok ? "" : "Install whisper.cpp or set WHISPER_CLI." });
-    checks.push({ ok: !!WHISPER_MODEL && fs.existsSync(WHISPER_MODEL), label: "Whisper model", detail: WHISPER_MODEL || "not configured", action: WHISPER_MODEL ? "Check model path." : "Set WHISPER_MODEL for voice notes." });
-  } else checks.push({ ok: true, warn: true, label: "Voice stack", detail: "not configured (optional)", action: "Set FFMPEG/WHISPER_CLI/WHISPER_MODEL for voice notes." });
-
-  checks.push(checkWritableDir(WORKSPACE, "Workspace writable"));
-  checks.push(checkWritableDir(CONFIG_DIR, "Config dir writable"));
-  return checks;
-}
-
-function formatDoctorReport(checks) {
-  const hardProblems = checks.filter((c) => !c.ok && !c.warn);
-  const warnings = checks.filter((c) => c.warn || (!c.ok && c.warn));
-  const lines = [hardProblems.length ? "⚠️ Open Claudia doctor found issues" : "✅ Open Claudia doctor looks good", ""];
-  for (const c of checks) {
-    const icon = c.ok ? (c.warn ? "⚠️" : "✅") : "⚠️";
-    lines.push(`${icon} ${c.label}: ${c.detail || (c.ok ? "ok" : "issue")}`);
-  }
-  const actions = checks.filter((c) => (!c.ok || c.warn) && c.action).map((c) => `• ${c.label}: ${c.action}`);
-  if (actions.length) lines.push("", "Next actions:", ...actions.slice(0, 8));
-  if (warnings.length && !hardProblems.length) lines[0] = "✅ Core requirements pass (optional items noted)";
-  return lines.join("\n");
-}
-
-function looksLikeOpenAIKey(value) {
-  return /^sk-(?:proj-)?[A-Za-z0-9._-]{20,}$/.test(String(value || "").trim());
-}
-
-function clearPendingCodexAuth(state = currentState()) {
-  if (state.pendingCodexAuthProcess && state.pendingCodexAuthProcess.kill) {
-    try { state.pendingCodexAuthProcess.kill("SIGTERM"); } catch (e) {}
-  }
-  state.pendingCodexAuthProcess = null;
-  state.pendingCodexAuthLabel = null;
-}
-
-function runCodexLoginStatus() {
-  if (!resolvedCodexPath) return { ok: false, code: 1, output: "Codex CLI not found" };
-  const result = runCommandForDoctor(resolvedCodexPath, ["login", "status"], { timeout: 12000 });
-  return { ...result, ok: result.ok && !isCodexAuthErrorText(result.output) };
-}
-
-async function sendCodexAuthStatusSummary(prefix = "Codex auth status") {
-  const status = runCodexLoginStatus();
-  const version = resolvedCodexPath ? runCommandForDoctor(resolvedCodexPath, ["--version"]) : { ok: false, output: "not found" };
-  await send([
-    prefix,
-    "",
-    `CLI: ${resolvedCodexPath ? "found" : "not found"}`,
-    `Version: ${summarizeAuthOutput(version.output, version.ok)}`,
-    `Logged in: ${status.ok ? "yes" : "no/unknown"}`,
-    `Status: ${summarizeAuthOutput(status.output, status.ok)}`,
-    status.ok ? "" : "Next: /codex_login for device auth, or /codex_setup_token to paste an OpenAI API key securely.",
-  ].filter(Boolean).join("\n"));
-}
-
-async function saveCodexApiKeyWithCli(apiKey) {
-  return new Promise((resolve) => {
-    const proc = spawn(resolvedCodexPath, ["login", "--with-api-key"], {
-      cwd: process.env.HOME || require("os").homedir(),
-      env: botSubprocessEnv(),
-      stdio: ["pipe", "pipe", "pipe"],
-    });
-    let output = "";
-    proc.stdout.on("data", (d) => { output += d.toString(); });
-    proc.stderr.on("data", (d) => { output += d.toString(); });
-    proc.on("close", (code) => resolve({ ok: code === 0, code, output }));
-    proc.on("error", (err) => resolve({ ok: false, code: 1, output: err.message }));
-    proc.stdin.write(apiKey.trim() + "\n");
-    proc.stdin.end();
-  });
-}
-
-async function runCodexDeviceLogin() {
-  const state = currentState();
-  if (!resolvedCodexPath) return send("Codex CLI not found. Install: npm install -g @openai/codex");
-  if (state.pendingCodexAuthProcess) return send(`Another Codex auth flow is already running (${state.pendingCodexAuthLabel}). Send /cancel_codex_auth to cancel.`);
-  await send("Codex device login started. I’ll send the URL/code if the CLI prints one.");
-  const proc = spawn(resolvedCodexPath, ["login", "--device-auth"], {
-    cwd: process.env.HOME || require("os").homedir(),
-    env: botSubprocessEnv(),
-    stdio: ["pipe", "pipe", "pipe"],
-  });
-  state.pendingCodexAuthProcess = proc;
-  state.pendingCodexAuthLabel = "Codex device login";
-  let output = "";
-  let sent = new Set();
-  let lastSnippetAt = 0;
-  const handleChunk = async (chunk) => {
-    output += chunk;
-    const cleanChunk = redactSensitive(stripTerminalControls(chunk));
-    for (const url of extractUrls(cleanChunk)) {
-      if (!sent.has(url)) {
-        sent.add(url);
-        await send(`Codex login URL:\n${redactSensitive(url)}\n\nOpen it and enter the device code if shown.`);
-      }
-    }
-    const codeMatch = cleanChunk.match(/(?:code|device code)[:\s]+([A-Z0-9-]{6,})/i);
-    if (codeMatch && !sent.has(codeMatch[1])) {
-      sent.add(codeMatch[1]);
-      await send(`Codex device code: ${codeMatch[1]}`);
-    }
-    const now = Date.now();
-    if (cleanChunk.trim() && /device|code|login|browser|open|auth|token|error|failed|api key/i.test(cleanChunk) && now - lastSnippetAt > 3000) {
-      lastSnippetAt = now;
-      await send(cleanChunk.trim().slice(-1200));
-    }
-  };
-  proc.stdout.on("data", (d) => handleChunk(d.toString()).catch((e) => console.error("Codex auth output error:", e.message)));
-  proc.stderr.on("data", (d) => handleChunk(d.toString()).catch((e) => console.error("Codex auth stderr error:", e.message)));
-  proc.on("close", async (code) => {
-    state.pendingCodexAuthProcess = null;
-    state.pendingCodexAuthLabel = null;
-    const clean = redactSensitive(stripTerminalControls(output)).trim();
-    if (/raw mode is not supported|not a tty|inappropriate ioctl/i.test(clean)) {
-      await send("Codex device login could not complete inside Telegram on this host. Use /codex_setup_token to paste an OpenAI API key securely, or run `codex login --device-auth` in an SSH/terminal session.");
-    } else if (clean) await send(`Codex login finished (exit ${code}).\n\n${clean.slice(-2000)}`);
-    else await send(`Codex login finished (exit ${code}).`);
-    await sendCodexAuthStatusSummary("Post-Codex-auth check:");
-  });
-  proc.on("error", async (err) => {
-    state.pendingCodexAuthProcess = null;
-    state.pendingCodexAuthLabel = null;
-    await send(`Codex login failed: ${redactSensitive(err.message)}`);
-  });
-}
-
-// ── Claude Auth Helpers ─────────────────────────────────────────────
-
-const CLAUDE_OAUTH_TOKEN_KEY = "CLAUDE_CODE_OAUTH_TOKEN";
-const CLAUDE_OAUTH_VAULT_KEY = "claude_oauth_token";
-
-function redactSensitive(value) {
-  return String(value || "")
-    .replace(/sk-ant-[A-Za-z0-9._-]+/g, "[REDACTED_TOKEN]")
-    .replace(/sk-proj-[A-Za-z0-9._-]+/g, "[REDACTED_OPENAI_KEY]")
-    .replace(/sk-[A-Za-z0-9._-]{20,}/g, "[REDACTED_OPENAI_KEY]")
-    .replace(/(Bearer\s+)[A-Za-z0-9._=-]+/gi, "$1[REDACTED_TOKEN]")
-    .replace(/(CLAUDE_CODE_OAUTH_TOKEN\s*=\s*)\S+/gi, "$1[REDACTED_TOKEN]")
-    .replace(/(OPENAI_API_KEY\s*=\s*)\S+/gi, "$1[REDACTED_OPENAI_KEY]")
-    .replace(/([?&](?:token|access_token|refresh_token|api_key)=)[^\s&]+/gi, "$1[REDACTED]");
-}
-
-const projectTranscripts = new ProjectTranscripts({
-  configDir: CONFIG_DIR,
-  enabled: PROJECT_TRANSCRIPTS,
-  transcriptsDir: TRANSCRIPTS_DIR,
-  maxEntryChars: TRANSCRIPT_MAX_ENTRY_CHARS,
-  redact: redactSensitive,
+})().catch((e) => {
+  console.error("Boot failure:", e);
+  process.exit(1);
 });
-if (PROJECT_TRANSCRIPTS) {
-  try { fs.mkdirSync(projectTranscripts.transcriptsDir, { recursive: true, mode: 0o700 }); } catch (e) {}
-}
-
-function transcriptProjectInfo(state = currentState()) {
-  if (!state.currentSession) return null;
-  return projectTranscripts.pointer(state.currentSession.dir, state.currentSession.name);
-}
-
-function transcriptPointerNote(state = currentState()) {
-  if (!state.currentSession) return "";
-  return projectTranscripts.buildPointerNote(state.currentSession.dir, state.currentSession.name);
-}
-
-function appendProjectTranscript(role, text, metadata = {}, state = currentState()) {
-  if (!state.currentSession) return null;
-  try {
-    return projectTranscripts.append({
-      role,
-      text,
-      userId: state.userId,
-      chat: { transport: "telegram", id: String(currentChatId()) },
-      projectName: state.currentSession.name,
-      projectPath: state.currentSession.dir,
-      backend: state.settings.backend,
-      sessionId: getActiveSessionId(),
-      metadata,
-    });
-  } catch (e) {
-    console.error("Transcript write failed:", redactSensitive(e.message));
-    return null;
-  }
-}
-
-function promptWithTranscriptPointer(prompt, state = currentState()) {
-  if (!state.currentSession) return prompt;
-  return projectTranscripts.withPointer(prompt, state.currentSession.dir, state.currentSession.name);
-}
-
-function stripTranscriptPointerForStorage(prompt) {
-  return String(prompt || "").replace(/^## Project Transcript Memory\n[\s\S]*?\n\nCurrent user request:\n/, "");
-}
-
-
-function stripTerminalControls(value) {
-  return String(value || "")
-    // OSC 8 hyperlinks and other OSC sequences
-    .replace(/\x1b\][\s\S]*?(?:\x07|\x1b\\)/g, "")
-    // CSI ANSI sequences
-    .replace(/\x1b\[[0-?]*[ -/]*[@-~]/g, "")
-    // remaining non-printing controls except newline/tab
-    .replace(/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/g, "");
-}
-
-function isClaudeAuthUrl(url) {
-  try {
-    const u = new URL(url);
-    const host = u.hostname.toLowerCase();
-    return host === "claude.com" || host.endsWith(".claude.com") ||
-      host === "anthropic.com" || host.endsWith(".anthropic.com") ||
-      host === "localhost" || host === "127.0.0.1";
-  } catch (e) {
-    return false;
-  }
-}
-
-function looksLikeClaudeToken(value) {
-  const text = String(value || "").trim();
-  return /^sk-ant-[A-Za-z0-9._-]+$/.test(text) || text.length >= 80 && /^[A-Za-z0-9._=-]+$/.test(text);
-}
-
-
-function looksLikeClaudeAuthReply(value) {
-  const text = String(value || "").trim();
-  if (!text) return false;
-  if (looksLikeClaudeToken(text)) return true;
-  if (/^https?:\/\//i.test(text) && /claude|anthropic/i.test(text)) return true;
-  // OAuth callback/login codes are usually long, dense strings. Do not consume normal chat.
-  if (text.length >= 24 && !/\s/.test(text) && /^[A-Za-z0-9._~:/?#[\]@!$&'()*+,;=%-]+$/.test(text)) return true;
-  return false;
-}
-
-function clearPendingClaudeAuth(state = currentState()) {
-  if (state.pendingClaudeAuthProcess && state.pendingClaudeAuthProcess.kill) {
-    try { state.pendingClaudeAuthProcess.kill("SIGTERM"); } catch (e) {}
-  }
-  state.pendingClaudeAuthProcess = null;
-  state.pendingClaudeAuthLabel = null;
-}
-
-function getClaudeOAuthToken() {
-  if (config[CLAUDE_OAUTH_TOKEN_KEY]) return { value: config[CLAUDE_OAUTH_TOKEN_KEY], source: ".env" };
-  if (process.env.CLAUDE_CODE_OAUTH_TOKEN) return { value: process.env.CLAUDE_CODE_OAUTH_TOKEN, source: "process env" };
-  if (vault.isUnlocked()) {
-    const value = vault.get(CLAUDE_OAUTH_VAULT_KEY) || vault.get(CLAUDE_OAUTH_TOKEN_KEY);
-    if (value) return { value, source: "vault" };
-  }
-  return { value: null, source: null };
-}
-
-function botSubprocessEnv() {
-  return { ...process.env, PATH: FULL_PATH, HOME: process.env.HOME || require("os").homedir() };
-}
-
-function claudeSubprocessEnv() {
-  const env = botSubprocessEnv();
-  const token = getClaudeOAuthToken().value;
-  if (token) env.CLAUDE_CODE_OAUTH_TOKEN = token;
-  return env;
-}
-
-function saveClaudeOAuthToken(token) {
-  const clean = String(token || "").trim();
-  if (!clean) return false;
-  saveEnvKey(CLAUDE_OAUTH_TOKEN_KEY, clean);
-  config[CLAUDE_OAUTH_TOKEN_KEY] = clean;
-  process.env.CLAUDE_CODE_OAUTH_TOKEN = clean;
-  if (vault.isUnlocked()) vault.set(CLAUDE_OAUTH_VAULT_KEY, clean);
-  return true;
-}
-
-function clearClaudeOAuthToken() {
-  saveEnvKey(CLAUDE_OAUTH_TOKEN_KEY, "");
-  config[CLAUDE_OAUTH_TOKEN_KEY] = "";
-  delete process.env.CLAUDE_CODE_OAUTH_TOKEN;
-  if (vault.isUnlocked()) {
-    vault.remove(CLAUDE_OAUTH_VAULT_KEY);
-    vault.remove(CLAUDE_OAUTH_TOKEN_KEY);
-  }
-}
-
-function extractClaudeToken(text) {
-  const match = String(text || "").match(/sk-ant-[A-Za-z0-9._-]+/);
-  return match ? match[0] : null;
-}
-
-function extractUrls(text) {
-  return [...stripTerminalControls(text).matchAll(/https?:\/\/[^\s)]+/g)].map((m) => m[0]);
-}
-
-
-function isClaudeAuthErrorText(text) {
-  const lower = String(text || "").toLowerCase();
-  return lower.includes("unauthorized") ||
-    lower.includes("not logged in") ||
-    lower.includes("login required") ||
-    lower.includes("reauthenticate") ||
-    lower.includes("re-authenticate") ||
-    lower.includes("authentication failed") ||
-    lower.includes("auth failed") ||
-    lower.includes("invalid api key") ||
-    lower.includes("api key") && lower.includes("invalid") ||
-    lower.includes("keychain") && (lower.includes("unlock") || lower.includes("could not") || lower.includes("failed")) ||
-    lower.includes("security unlock-keychain");
-}
-
-function claudeAuthRecoveryMessage(reason = "Claude Code authentication failed") {
-  const tokenInfo = getClaudeOAuthToken();
-  const tokenLine = tokenInfo.value
-    ? `Stored OAuth token: yes (${tokenInfo.source})`
-    : "Stored OAuth token: no";
-  return [
-    `Claude auth needs attention: ${redactSensitive(reason)}`,
-    "",
-    tokenLine,
-    "",
-    "Try one of these from Telegram:",
-    "1. /auth_status — check what Claude sees",
-    "2. /setup_token — create a long-lived Claude Code token, then store it",
-    "3. /use_oauth_token — paste the token securely if you already generated one",
-    "4. /login — interactive Claude.ai browser login fallback",
-    "",
-    "If this is a macOS Keychain problem after SSH/reboot, run on the Mac:",
-    "security unlock-keychain",
-    "",
-    "Recommended for this bot: /setup_token + /use_oauth_token so launchd does not depend on Keychain."
-  ].join("\n");
-}
-
-function preflightClaudeAuthMessage() {
-  const state = currentState();
-  if (state.settings.backend !== "claude") return null;
-  if (getClaudeOAuthToken().value) return null;
-  try {
-    const output = execSync(`"${CLAUDE_PATH}" auth status`, {
-      cwd: process.env.HOME || require("os").homedir(),
-      env: claudeSubprocessEnv(),
-      encoding: "utf8",
-      timeout: 10000,
-      stdio: ["ignore", "pipe", "pipe"],
-    });
-    if (isClaudeAuthErrorText(output)) return claudeAuthRecoveryMessage(output.trim().slice(-500));
-    return null;
-  } catch (e) {
-    const output = `${e.stdout || ""}\n${e.stderr || ""}\n${e.message || ""}`;
-    if (isClaudeAuthErrorText(output)) return claudeAuthRecoveryMessage(output.trim().slice(-500));
-    return null;
-  }
-}
-
-
-function isClaudeUsageLimitText(text) {
-  const lower = String(text || "").toLowerCase();
-  return lower.includes("usage limit") ||
-    lower.includes("you've hit your usage limit") ||
-    lower.includes("you have hit your usage limit") ||
-    lower.includes("spend limit") ||
-    lower.includes("monthly cycle") ||
-    lower.includes("rate limit") && lower.includes("model");
-}
-
-function claudeUsageLimitMessage(details = "") {
-  return [
-    "Claude ran, but the selected model is unavailable/limited right now.",
-    details ? `\nDetails:\n${redactSensitive(details)}` : "",
-    "",
-    "Try from Telegram:",
-    "1. /model sonnet",
-    "2. Then send your message again",
-    "",
-    "If you specifically need Opus, wait for the usage window to reset or increase the spend/usage limit."
-  ].filter(Boolean).join("\n");
-}
-
-function runClaudeAuthStatusDiagnostic() {
-  try {
-    const output = execSync(`"${CLAUDE_PATH}" auth status`, {
-      cwd: process.env.HOME || require("os").homedir(),
-      env: claudeSubprocessEnv(),
-      encoding: "utf8",
-      timeout: 10000,
-      stdio: ["ignore", "pipe", "pipe"],
-    });
-    return output.trim();
-  } catch (e) {
-    return `${e.stdout || ""}\n${e.stderr || ""}\n${e.message || ""}`.trim();
-  }
-}
-
-
-async function sendClaudeAuthStatusSummary(prefix = "Claude auth status") {
-  const output = runClaudeAuthStatusDiagnostic();
-  const tokenInfo = getClaudeOAuthToken();
-  const lines = summarizeClaudeAuthStatus(output, isClaudeAuthErrorText(output) ? 1 : 0, tokenInfo);
-  await send([
-    prefix,
-    "",
-    ...lines,
-    `Bot OAuth token: ${tokenInfo.value ? "configured via " + tokenInfo.source : "not configured"}`,
-  ].join("\n"));
-}
-
-function claudeEmptyFailureMessage(code, stderrText = "") {
-  const stderr = redactSensitive(String(stderrText || "").trim());
-  if (isClaudeUsageLimitText(stderr)) return claudeUsageLimitMessage(stderr.slice(-1200));
-  if (isClaudeAuthErrorText(stderr)) return claudeAuthRecoveryMessage(stderr.slice(-1200));
-
-  const authStatus = runClaudeAuthStatusDiagnostic();
-  if (isClaudeAuthErrorText(authStatus)) return claudeAuthRecoveryMessage(authStatus.slice(-1200));
-  if (isClaudeUsageLimitText(authStatus)) return claudeUsageLimitMessage(authStatus.slice(-1200));
-
-  return [
-    `Claude exited with code ${code} but produced no assistant output.`,
-    stderr ? `\nStderr:\n${stderr.slice(-1200)}` : "\nStderr: (empty)",
-    authStatus ? `\nAuth status:\n${redactSensitive(authStatus).slice(-1200)}` : "",
-    "",
-    "Useful next steps:",
-    "• /auth_status — verify Claude auth",
-    "• /model sonnet — switch away from Opus if usage-limited",
-    "• /setup_token — create a launchd-safe OAuth token if Keychain is the issue"
-  ].filter(Boolean).join("\n");
-}
-
-
-function summarizeClaudeAuthStatus(output, exitCode, tokenInfo) {
-  const text = String(output || "");
-  const lower = text.toLowerCase();
-  const loggedOut = /not (logged in|authenticated)|unauthenticated|no auth|login required/.test(lower);
-  const loggedIn = !loggedOut && (exitCode === 0 || /logged in|authenticated|claude\.ai|anthropic/.test(lower));
-  const email = (text.match(/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/i) || [null])[0];
-  const provider = /claude\.ai|claudeai/.test(lower) ? "Claude.ai" : (/anthropic/.test(lower) ? "Anthropic" : "unknown");
-  let method = tokenInfo.value ? `OAuth token (${tokenInfo.source})` : "unknown";
-  if (/api key|apikey/.test(lower)) method = "API key";
-  else if (/oauth|claude\.ai|claudeai/.test(lower)) method = tokenInfo.value ? `OAuth token (${tokenInfo.source})` : "OAuth/Claude.ai";
-  return [
-    `Logged in: ${loggedIn ? "yes" : (loggedOut ? "no" : "unknown")}`,
-    `Auth method: ${method}`,
-    `Email: ${email || "unknown"}`,
-    `Provider: ${provider}`,
-  ];
-}
-
-async function runClaudeAuthCommand(args, label, opts = {}) {
-  const state = currentState();
-  if (state.pendingClaudeAuthProcess) {
-    await send(`Another Claude auth flow is already running (${state.pendingClaudeAuthLabel}). Send the requested code/token or wait for it to finish.`);
-    return;
-  }
-  await send(`${label} started...`);
-  const proc = spawn(CLAUDE_PATH, args, {
-    cwd: process.env.HOME || require("os").homedir(),
-    env: claudeSubprocessEnv(),
-    stdio: ["pipe", "pipe", "pipe"],
-  });
-  state.pendingClaudeAuthProcess = proc;
-  state.pendingClaudeAuthLabel = label;
-  let output = "";
-  let sentUrls = new Set();
-  let tokenStored = false;
-  let lastSnippetAt = 0;
-
-  const handleChunk = async (chunk) => {
-    output += chunk;
-    const token = opts.captureToken ? extractClaudeToken(chunk) || extractClaudeToken(output) : null;
-    if (token && !tokenStored) {
-      tokenStored = saveClaudeOAuthToken(token);
-      await send(tokenStored ? "Claude OAuth token captured and stored. I did not print it." : "Claude OAuth token appeared, but I could not store it.");
-    }
-    for (const url of extractUrls(chunk)) {
-      if (!isClaudeAuthUrl(url)) continue;
-      if (!sentUrls.has(url)) {
-        sentUrls.add(url);
-        await send(`${label} URL:\n${redactSensitive(url)}\n\nOpen it, complete the flow, then paste any code Claude asks for here.`);
-      }
-    }
-    const redacted = redactSensitive(stripTerminalControls(chunk)).trim();
-    const now = Date.now();
-    const usefulAuthLine = /opening browser|paste code|enter code|login|auth|token|error|failed/i.test(redacted);
-    if (redacted && usefulAuthLine && now - lastSnippetAt > 3000 && !looksLikeClaudeToken(redacted) && !/github\.com\/vadimdemedes\/ink/i.test(redacted)) {
-      lastSnippetAt = now;
-      await send(redacted.length > 1200 ? redacted.slice(-1200) : redacted);
-    }
-  };
-
-  proc.stdout.on("data", (d) => handleChunk(d.toString()).catch((e) => console.error("Auth output error:", e.message)));
-  proc.stderr.on("data", (d) => handleChunk(d.toString()).catch((e) => console.error("Auth stderr error:", e.message)));
-  proc.on("close", async (code) => {
-    state.pendingClaudeAuthProcess = null;
-    state.pendingClaudeAuthLabel = null;
-    const token = opts.captureToken ? extractClaudeToken(output) : null;
-    if (token && !tokenStored) tokenStored = saveClaudeOAuthToken(token);
-    const cleaned = redactSensitive(stripTerminalControls(output))
-      .replace(/https?:\/\/github\.com\/vadimdemedes\/ink\S*/gi, "")
-      .trim();
-    const isTtyError = /raw mode is not supported|process\.stdin/i.test(output);
-    if (tokenStored) {
-      await send(`${label} finished. OAuth token stored for launchd/non-interactive Claude runs.`);
-      await sendClaudeAuthStatusSummary("Post-auth check:");
-    } else if (isTtyError && opts.captureToken) {
-      await send(`${label} cannot complete from this bot — the Claude CLI needs an interactive terminal for setup-token.\n\nRun this in your Mac terminal:\n  claude setup-token\n\nThen paste the token here with:\n  /use_oauth_token <token>`);
-    } else if (cleaned) {
-      await send(`${label} finished (exit ${code}).\n\n${cleaned.slice(-2500)}`);
-      await sendClaudeAuthStatusSummary("Post-auth check:");
-    } else {
-      await send(`${label} finished (exit ${code}).`);
-      await sendClaudeAuthStatusSummary("Post-auth check:");
-    }
-  });
-  proc.on("error", async (err) => {
-    state.pendingClaudeAuthProcess = null;
-    state.pendingClaudeAuthLabel = null;
-    await send(`${label} failed: ${redactSensitive(err.message)}`);
-  });
-}
-
-// ── Claude Runner ───────────────────────────────────────────────────
-
-function parseStreamEvents(data) {
-  const events = [];
-  for (const line of data.split("\n").filter((l) => l.trim())) {
-    try { events.push(JSON.parse(line)); } catch (e) { /* partial */ }
-  }
-  return events;
-}
-
-function buildClaudeArgs(prompt, opts = {}) {
-  const state = currentState();
-  const { settings } = state;
-  if (settings.backend === "cursor") return buildCursorArgs(prompt, opts);
-  if (settings.backend === "codex") return buildCodexArgs(prompt, opts);
-  const args = ["-p", "--verbose", "--output-format", "stream-json",
-    "--append-system-prompt", buildSystemPrompt()];
-  const transcriptInfo = transcriptProjectInfo(state);
-  if (transcriptInfo) args.push("--add-dir", transcriptInfo.transcriptsDir);
-  if (opts.resumeSessionId) args.push("--resume", opts.resumeSessionId);
-  else if (opts.continueSession) args.push("--continue");
-  else if (state.lastSessionId && !opts.fresh) args.push("--resume", state.lastSessionId);
-  if (settings.model) args.push("--model", settings.model);
-  if (settings.effort) args.push("--effort", settings.effort);
-  if (settings.budget) args.push("--max-budget-usd", String(settings.budget));
-  if (settings.permissionMode) args.push("--permission-mode", settings.permissionMode);
-  else args.push("--dangerously-skip-permissions");
-  if (settings.worktree) args.push("--worktree");
-  args.push(prompt);
-  return args;
-}
-
-function buildCursorArgs(prompt, opts = {}) {
-  const state = currentState();
-  const { settings } = state;
-  const args = ["--print", "--trust", "--output-format", "stream-json"];
-  if (opts.resumeSessionId) args.push("--resume", opts.resumeSessionId);
-  else if (opts.continueSession) args.push("--continue");
-  else if (state.cursorSessionId && !opts.fresh) args.push("--resume", state.cursorSessionId);
-  if (settings.model) args.push("--model", settings.model);
-  if (settings.permissionMode === "plan") args.push("--mode", "plan");
-  else if (settings.permissionMode === "ask") args.push("--mode", "ask");
-  if (settings.worktree) args.push("--worktree");
-  args.push(prompt);
-  return args;
-}
-
-function buildCodexArgs(prompt, opts = {}) {
-  // Codex uses `exec [SESSION] [PROMPT]` or `exec resume <SESSION> [PROMPT]`.
-  // Sandbox: bot runs headless, so bypass approvals (mirrors --dangerously-skip-permissions).
-  // Plan mode: drop to read-only sandbox so the model can't write.
-  const state = currentState();
-  const { settings, codexSessionId } = state;
-  const args = [];
-  const resumeId = opts.resumeSessionId || ((!opts.fresh && !opts.continueSession) ? codexSessionId : null);
-  if (opts.continueSession && codexSessionId) {
-    args.push("exec", "resume", codexSessionId);
-  } else if (resumeId) {
-    args.push("exec", "resume", resumeId);
-  } else {
-    args.push("exec");
-  }
-  args.push("--json", "--skip-git-repo-check");
-  const transcriptInfo = transcriptProjectInfo(state);
-  if (transcriptInfo) args.push("--add-dir", transcriptInfo.transcriptsDir);
-  if (settings.permissionMode === "plan") {
-    args.push("--sandbox", "read-only");
-  } else {
-    args.push("--dangerously-bypass-approvals-and-sandbox");
-  }
-  if (settings.model) args.push("--model", settings.model);
-  args.push(promptWithTranscriptPointer(prompt, state));
-  return args;
-}
-
-function getActiveBinary() {
-  const { settings } = currentState();
-  if (settings.backend === "cursor") return resolvedCursorPath;
-  if (settings.backend === "codex") return resolvedCodexPath;
-  return CLAUDE_PATH;
-}
-
-function getActiveSessionId() {
-  const state = currentState();
-  if (state.settings.backend === "cursor") return state.cursorSessionId;
-  if (state.settings.backend === "codex") return state.codexSessionId;
-  return state.lastSessionId;
-}
-
-function getActiveSessionKey(state = currentState()) {
-  if (state.settings.backend === "cursor") return "cursorSessionId";
-  if (state.settings.backend === "codex") return "codexSessionId";
-  return "lastSessionId";
-}
-
-function shouldAutoCompact(state = currentState(), opts = {}) {
-  if (opts.skipAutoCompact || opts.fresh || opts.continueSession || state.isCompacting) return false;
-  if (!state[getActiveSessionKey(state)]) return false;
-  const threshold = Number.isFinite(AUTO_COMPACT_TOKENS) ? AUTO_COMPACT_TOKENS : 140000;
-  return (state.sessionUsage?.lastInputTokens || 0) >= threshold;
-}
-
-function compactSummaryPrompt() {
-  return [
-    "Summarize this conversation for a fresh compacted continuation.",
-    "Include only durable context needed to continue effectively:",
-    "- current user goal and constraints",
-    "- important decisions and preferences",
-    "- files/repos touched and current code state",
-    "- commands/tests already run and results",
-    "- open TODOs, blockers, and exact next step",
-    "Do not include secrets, raw tokens, or irrelevant chat transcript."
-  ].join("\n");
-}
-
-function compactSeedPrompt(summary) {
-  return [
-    "This is a compacted continuation of a previous Open Claudia session.",
-    "Treat the following summary as the prior conversation context. Do not repeat it back unless asked.",
-    "Continue from this state in future turns.",
-    "",
-    "Compacted summary:",
-    summary
-  ].join("\n");
-}
-
-async function runClaudeCapture(prompt, cwd, opts = {}) {
-  const state = currentState();
-  const chatId = currentChatId();
-  if (state.runningProcess) throw new Error("Another task is already running.");
-  const authPreflight = preflightClaudeAuthMessage();
-  if (authPreflight) throw new Error(authPreflight);
-
-  return new Promise((resolve, reject) => {
-    let assistantText = "";
-    let stderrBuffer = "";
-    let streamBuffer = "";
-    let sessionId = null;
-    appendProjectTranscript(opts.transcriptRole || "system-note", stripTranscriptPointerForStorage(prompt), {
-      capture: true,
-      label: opts.label || null,
-      fresh: !!opts.fresh,
-      continueSession: !!opts.continueSession,
-      resumeSessionId: opts.resumeSessionId || null,
-    }, state);
-    const args = buildClaudeArgs(prompt, { ...opts, skipAutoCompact: true });
-    const proc = spawn(getActiveBinary(), args, {
-      cwd,
-      env: claudeSubprocessEnv(),
-      stdio: ["ignore", "pipe", "pipe"],
-      detached: process.platform !== "win32",
-    });
-    state.runningProcess = proc;
-    const timeout = setTimeout(() => {
-      if (state.runningProcess === proc) {
-        killProcessTree(proc.pid, "SIGTERM");
-        setTimeout(() => killProcessTree(proc.pid, "SIGKILL"), 5000);
-      }
-    }, MAX_PROCESS_TIMEOUT);
-
-    proc.stdout.on("data", (data) => {
-      streamBuffer += data.toString();
-      const events = parseStreamEvents(streamBuffer);
-      const lastNewline = streamBuffer.lastIndexOf("\n");
-      streamBuffer = lastNewline >= 0 ? streamBuffer.slice(lastNewline + 1) : streamBuffer;
-      for (const evt of events) {
-        if (evt.type === "assistant" && evt.message?.content) {
-          for (const block of evt.message.content) {
-            if (block.type === "text") assistantText += block.text;
-          }
-        }
-        if (evt.type === "item.completed" && evt.item?.type === "agent_message" && typeof evt.item.text === "string") {
-          assistantText += (assistantText ? "\n" : "") + evt.item.text;
-        }
-        if (evt.type === "thread.started" && evt.thread_id) {
-          state.codexSessionId = evt.thread_id;
-          sessionId = evt.thread_id;
-          saveState();
-        }
-        if (evt.type === "result" && evt.session_id) {
-          if (state.settings.backend === "cursor") state.cursorSessionId = evt.session_id;
-          else state.lastSessionId = evt.session_id;
-          sessionId = evt.session_id;
-          if (evt.usage) {
-            const u = state.sessionUsage;
-            u.turns += 1;
-            u.inputTokens += evt.usage.input_tokens || 0;
-            u.outputTokens += evt.usage.output_tokens || 0;
-            u.cacheReadTokens += evt.usage.cache_read_input_tokens || 0;
-            u.cacheCreationTokens += evt.usage.cache_creation_input_tokens || 0;
-            u.lastInputTokens = (evt.usage.input_tokens || 0) +
-              (evt.usage.cache_read_input_tokens || 0) +
-              (evt.usage.cache_creation_input_tokens || 0);
-          }
-          if (typeof evt.total_cost_usd === "number") state.sessionUsage.costUsd += evt.total_cost_usd;
-          saveState();
-        }
-        if (evt.type === "result" && evt.result) assistantText = evt.result;
-      }
-    });
-    proc.stderr.on("data", (d) => { stderrBuffer += d.toString(); });
-    proc.on("close", (code) => chatContext.run(chatId, () => {
-      if (state.runningProcess === proc) state.runningProcess = null;
-      clearTimeout(timeout);
-      if (code !== 0 && code !== null) {
-        const failureText = claudeEmptyFailureMessage(code, stderrBuffer);
-        appendProjectTranscript("system-note", failureText, { capture: true, label: opts.label || null, exitCode: code, kind: "backend-error" }, state);
-        reject(new Error(failureText));
-        return;
-      }
-      const cleanText = redactSensitive(assistantText.trim());
-      appendProjectTranscript("assistant", cleanText, { capture: true, label: opts.label || null, exitCode: code }, state);
-      resolve({ text: cleanText, sessionId });
-    }));
-    proc.on("error", (err) => chatContext.run(chatId, () => {
-      if (state.runningProcess === proc) state.runningProcess = null;
-      clearTimeout(timeout);
-      reject(err);
-    }));
-  });
-}
-
-async function compactActiveSession(cwd, opts = {}) {
-  const state = currentState();
-  const sessionKey = getActiveSessionKey(state);
-  const oldSessionId = state[sessionKey];
-  if (!oldSessionId) return { compacted: false, reason: "No conversation." };
-  if (state.isCompacting) return { compacted: false, reason: "Compaction already in progress." };
-
-  state.isCompacting = true;
-  try {
-    if (opts.notify) await send(opts.message || "Context is getting large, compacting first so this stays fast…");
-    const summaryRun = await runClaudeCapture(compactSummaryPrompt(), cwd, { resumeSessionId: oldSessionId, skipAutoCompact: true, label: "compact-summary" });
-    const summary = summaryRun.text || "No prior context was returned by the summarizer.";
-
-    state[sessionKey] = null;
-    resetSessionUsage(state);
-    state.isFirstMessage = true;
-    saveState();
-
-    const seedRun = await runClaudeCapture(compactSeedPrompt(summary), cwd, { fresh: true, skipAutoCompact: true, label: "compact-seed" });
-    const newSessionId = seedRun.sessionId || state[sessionKey];
-    if (newSessionId) state[sessionKey] = newSessionId;
-    state.isFirstMessage = false;
-    state.lastCompactedAt = Date.now();
-    resetSessionUsage(state);
-    saveState();
-
-    if (newSessionId && state.currentSession) {
-      const title = `Compacted ${new Date().toLocaleDateString()}`;
-      recordSession(state.userId, state.currentSession.name, newSessionId, title);
-    }
-    return { compacted: true, oldSessionId, newSessionId, summary };
-  } finally {
-    state.isCompacting = false;
-    saveState();
-  }
-}
-
-async function runClaude(prompt, cwd, replyToMsgId, opts = {}) {
-  // Capture per-user state at entry so event callbacks (stdout/stderr/close)
-  // operate on the right user's thread even though AsyncLocalStorage
-  // propagation through child_process events isn't guaranteed across all
-  // Node versions.
-  const state = currentState();
-  const chatId = currentChatId();
-  const { settings } = state;
-
-  if (state.runningProcess) {
-    state.messageQueue.push({ prompt, replyToMsgId, opts });
-    await send("Queued.", { replyTo: replyToMsgId });
-    return;
-  }
-
-  const authPreflight = preflightClaudeAuthMessage();
-  if (authPreflight) {
-    await send(authPreflight, { replyTo: replyToMsgId });
-    return;
-  }
-
-  if (shouldAutoCompact(state, opts)) {
-    try {
-      await compactActiveSession(cwd, {
-        notify: true,
-        message: "Context is getting large, compacting first so this stays fast…",
-      });
-    } catch (e) {
-      await send(`Compaction failed: ${redactSensitive(e.message)}\nContinuing in the existing session.`, { replyTo: replyToMsgId });
-    }
-  }
-
-  appendProjectTranscript("user", prompt, {
-    telegramMessageId: replyToMsgId || null,
-    fresh: !!opts.fresh,
-    continueSession: !!opts.continueSession,
-    resumeSessionId: opts.resumeSessionId || null,
-  }, state);
-
-  bot.sendChatAction(chatId, "typing");
-  state.statusMessageId = null;
-  state.streamBuffer = "";
-  let assistantText = "";
-  let toolUses = [];
-  let currentTool = null;
-  let currentToolDetail = "";
-
-  const args = buildClaudeArgs(prompt, opts);
-  const binaryPath = getActiveBinary();
-  const proc = spawn(binaryPath, args, {
-    cwd,
-    env: claudeSubprocessEnv(),
-    stdio: ["ignore", "pipe", "pipe"],
-    detached: process.platform !== "win32",
-  });
-
-  state.runningProcess = proc;
-  const startTime = Date.now();
-  let longRunningNotified = false;
-
-  // Hard timeout to prevent runaway processes. We walk the descendant
-  // tree (not just the PGID) so that detached background bashes — like
-  // `run_in_background: true` poll loops — get cleaned up too.
-  const processTimeout = setTimeout(() => {
-    if (state.runningProcess === proc) {
-      killProcessTree(proc.pid, "SIGTERM");
-      setTimeout(() => killProcessTree(proc.pid, "SIGKILL"), 5000);
-      chatContext.run(chatId, () => send(`Task timed out after ${MAX_PROCESS_TIMEOUT / 60000} minutes. Stopped.`));
-    }
-  }, MAX_PROCESS_TIMEOUT);
-
-  let lastUpdate = "";
-  // Adaptive update interval: 2s for first 2min, then 5s to avoid rate limits
-  const scheduleUpdate = () => {
-    const elapsed = Math.floor((Date.now() - startTime) / 1000);
-    const interval = elapsed > 120 ? 5000 : 2000;
-    state.streamInterval = setTimeout(() => chatContext.run(chatId, updateProgress), interval);
-  };
-  const updateProgress = async () => {
-    const elapsed = Math.floor((Date.now() - startTime) / 1000);
-    try {
-      bot.sendChatAction(chatId, "typing").catch(() => {});
-      const display = formatProgress(assistantText, toolUses, currentTool, elapsed, currentToolDetail);
-      if (display && display !== lastUpdate) {
-        if (!state.statusMessageId && assistantText) {
-          state.statusMessageId = await send(display.length > 4000 ? display.slice(-4000) : display, { replyTo: replyToMsgId });
-        } else if (state.statusMessageId) {
-          await editMessage(state.statusMessageId, display.length > 4000 ? display.slice(-4000) : display);
-        }
-        lastUpdate = display;
-      }
-      // Notify after 5 minutes that it's still running
-      if (elapsed > 300 && !longRunningNotified) {
-        longRunningNotified = true;
-        await send(`Still working (${Math.floor(elapsed / 60)}min)... Send /stop to cancel.`);
-      }
-    } catch (e) {
-      console.error("Progress update error:", e.message);
-    }
-    if (state.runningProcess) scheduleUpdate();
-  };
-  scheduleUpdate();
-
-  proc.stdout.on("data", (data) => {
-    state.streamBuffer += data.toString();
-    const events = parseStreamEvents(state.streamBuffer);
-    const lastNewline = state.streamBuffer.lastIndexOf("\n");
-    state.streamBuffer = lastNewline >= 0 ? state.streamBuffer.slice(lastNewline + 1) : state.streamBuffer;
-    for (const evt of events) {
-      if (evt.type === "assistant" && evt.message?.content) {
-        for (const block of evt.message.content) {
-          if (block.type === "text") assistantText += block.text;
-          else if (block.type === "tool_use") {
-            currentTool = block.name;
-            toolUses.push(block.name);
-            const input = block.input || {};
-            if (block.name === "Bash" && input.command) currentToolDetail = input.command.slice(0, 80);
-            else if (block.name === "Read" && input.file_path) currentToolDetail = input.file_path.split("/").slice(-2).join("/");
-            else if (block.name === "Edit" && input.file_path) currentToolDetail = input.file_path.split("/").slice(-2).join("/");
-            else if (block.name === "Write" && input.file_path) currentToolDetail = input.file_path.split("/").slice(-2).join("/");
-            else if (block.name === "Grep" && input.pattern) currentToolDetail = input.pattern.slice(0, 40);
-            else if (block.name === "Glob" && input.pattern) currentToolDetail = input.pattern;
-            else currentToolDetail = "";
-          }
-        }
-      }
-      // Cursor Agent tool_call events (different format from Claude's tool_use blocks)
-      if (evt.type === "tool_call" && evt.subtype === "started" && evt.tool_call) {
-        const tc = evt.tool_call;
-        if (tc.shellToolCall) {
-          const a = tc.shellToolCall.args || {};
-          currentTool = "Shell"; toolUses.push("Shell");
-          currentToolDetail = (a.description || a.command || "").slice(0, 80);
-        } else if (tc.readToolCall) {
-          currentTool = "Read"; toolUses.push("Read");
-          currentToolDetail = (tc.readToolCall.args?.path || "").split("/").slice(-2).join("/");
-        } else if (tc.editToolCall) {
-          currentTool = "Edit"; toolUses.push("Edit");
-          currentToolDetail = (tc.editToolCall.args?.filePath || "").split("/").slice(-2).join("/");
-        } else if (tc.writeToolCall) {
-          currentTool = "Write"; toolUses.push("Write");
-          currentToolDetail = (tc.writeToolCall.args?.filePath || "").split("/").slice(-2).join("/");
-        } else if (tc.grepToolCall) {
-          currentTool = "Grep"; toolUses.push("Grep");
-          currentToolDetail = (tc.grepToolCall.args?.pattern || "").slice(0, 40);
-        } else if (tc.globToolCall) {
-          currentTool = "Glob"; toolUses.push("Glob");
-          currentToolDetail = (tc.globToolCall.args?.globPattern || "").slice(0, 40);
-        } else if (tc.createPlanToolCall) {
-          currentTool = "Plan"; toolUses.push("Plan");
-          const plan = tc.createPlanToolCall.args || {};
-          let planText = "";
-          if (plan.name) planText += `**${plan.name}**\n\n`;
-          if (plan.plan) planText += plan.plan + "\n";
-          if (plan.todos && plan.todos.length) {
-            planText += "\n**Tasks:**\n";
-            for (const todo of plan.todos) {
-              planText += `• ${todo.content || todo.id}\n`;
-            }
-          }
-          if (planText) assistantText = planText;
-          currentToolDetail = plan.name || "creating plan";
-        } else {
-          const toolKey = Object.keys(tc)[0] || "unknown";
-          currentTool = toolKey.replace("ToolCall", ""); toolUses.push(currentTool);
-          currentToolDetail = "";
-        }
-      }
-      // Codex stream events
-      if (evt.type === "thread.started" && evt.thread_id) {
-        state.codexSessionId = evt.thread_id;
-        saveState();
-      }
-      if (evt.type === "item.started" && evt.item) {
-        const it = evt.item;
-        if (it.type === "command_execution" && it.command) {
-          currentTool = "Shell"; toolUses.push("Shell");
-          currentToolDetail = String(it.command).slice(0, 80);
-        } else if (it.type === "file_change" && (it.path || it.file_path)) {
-          currentTool = "Edit"; toolUses.push("Edit");
-          const p = it.path || it.file_path;
-          currentToolDetail = String(p).split("/").slice(-2).join("/");
-        } else if (it.type === "web_search" && it.query) {
-          currentTool = "Web"; toolUses.push("Web");
-          currentToolDetail = String(it.query).slice(0, 60);
-        } else if (it.type) {
-          currentTool = it.type; toolUses.push(it.type);
-          currentToolDetail = "";
-        }
-      }
-      if (evt.type === "item.completed" && evt.item) {
-        const it = evt.item;
-        if (it.type === "agent_message" && typeof it.text === "string") {
-          assistantText += (assistantText ? "\n" : "") + it.text;
-        }
-      }
-      if (evt.type === "turn.completed" && evt.usage && settings.backend === "codex") {
-        const u = state.sessionUsage;
-        u.turns += 1;
-        const input = evt.usage.input_tokens || 0;
-        const cached = evt.usage.cached_input_tokens || 0;
-        const output = evt.usage.output_tokens || 0;
-        u.inputTokens += input;
-        u.outputTokens += output;
-        u.cacheReadTokens += cached;
-        u.lastInputTokens = input + cached;
-        saveState();
-      }
-      if (evt.type === "result" && evt.session_id) {
-        if (settings.backend === "cursor") { state.cursorSessionId = evt.session_id; }
-        else { state.lastSessionId = evt.session_id; }
-        if (evt.usage) {
-          const u = state.sessionUsage;
-          u.turns += 1;
-          u.inputTokens += evt.usage.input_tokens || 0;
-          u.outputTokens += evt.usage.output_tokens || 0;
-          u.cacheReadTokens += evt.usage.cache_read_input_tokens || 0;
-          u.cacheCreationTokens += evt.usage.cache_creation_input_tokens || 0;
-          u.lastInputTokens = (evt.usage.input_tokens || 0) +
-            (evt.usage.cache_read_input_tokens || 0) +
-            (evt.usage.cache_creation_input_tokens || 0);
-        }
-        if (typeof evt.total_cost_usd === "number") state.sessionUsage.costUsd += evt.total_cost_usd;
-        saveState();
-      }
-      if (evt.type === "result" && evt.result) assistantText = evt.result;
-    }
-  });
-
-  let stderrBuffer = "";
-  proc.stderr.on("data", (d) => {
-    const chunk = d.toString();
-    stderrBuffer += chunk;
-    console.error("STDERR:", redactSensitive(chunk));
-  });
-
-  proc.on("close", (code) => chatContext.run(chatId, async () => {
-    state.runningProcess = null;
-    clearTimeout(state.streamInterval); state.streamInterval = null;
-    clearTimeout(processTimeout);
-
-    // Check for auth errors in stderr and give actionable Telegram recovery steps.
-    if (settings.backend === "claude" && isClaudeAuthErrorText(stderrBuffer)) {
-      const authText = claudeAuthRecoveryMessage(stderrBuffer.trim().slice(-800));
-      appendProjectTranscript("system-note", authText, { kind: "auth-error" }, state);
-      await send(authText, { replyTo: replyToMsgId });
-      return;
-    }
-    if (settings.backend === "cursor" && isClaudeAuthErrorText(stderrBuffer)) {
-      const authText = "Cursor authentication error. Run `agent login` on this machine, then retry.";
-      appendProjectTranscript("system-note", authText, { kind: "auth-error" }, state);
-      await send(authText, { replyTo: replyToMsgId });
-      return;
-    }
-    if (settings.backend === "codex" && /not (?:logged in|authenticated)|please (?:log|sign) in|401 unauthorized|invalid api key/i.test(stderrBuffer)) {
-      const authText = "Codex authentication error. Try /codex_auth_status, then /codex_login or /codex_setup_token.";
-      appendProjectTranscript("system-note", authText, { kind: "auth-error" }, state);
-      await send(authText, { replyTo: replyToMsgId });
-      return;
-    }
-
-    try {
-      if (code !== 0 && code !== null && !assistantText.trim()) {
-        const failureText = claudeEmptyFailureMessage(code, stderrBuffer);
-        appendProjectTranscript("system-note", failureText, { exitCode: code, kind: "backend-error" }, state);
-        await send(failureText, { replyTo: replyToMsgId });
-        return;
-      }
-
-      const finalText = redactSensitive(assistantText || "(no output)");
-      appendProjectTranscript("assistant", finalText, {
-        exitCode: code,
-        telegramMessageId: state.statusMessageId || null,
-      }, state);
-      const chunks = splitMessage(finalText);
-      const firstChunk = chunks[0];
-
-      // If there's already a progress message showing, edit it to the final text
-      // instead of sending a duplicate. Only send a NEW message if there was no
-      // progress message or the response is multi-chunk (too long for one edit).
-      if (state.statusMessageId && chunks.length === 1) {
-        // Edit progress message to clean final text
-        await editMessage(state.statusMessageId, firstChunk);
-      } else {
-        // Send final result as a new message (triggers notification)
-        const sent = await send(firstChunk, { replyTo: replyToMsgId });
-        if (!sent) await send(firstChunk);
-        for (let i = 1; i < chunks.length; i++) {
-          await send(chunks[i]);
-        }
-      }
-      if (code !== 0 && code !== null) await send(`Exit code: ${code}`);
-
-      // Send voice reply if input was a voice note
-      if (state.lastInputWasVoice && TTS_CMD) {
-        state.lastInputWasVoice = false;
-        const voicePath = textToVoice(finalText);
-        if (voicePath) await sendVoice(voicePath);
-      }
-
-      // High-context sessions are compacted automatically before the next turn.
-    } catch (e) {
-      console.error("Final message delivery failed:", e.message);
-      await send("Task completed but failed to deliver the response. Send /continue to see the result.");
-    }
-    if (settings.budget) settings.budget = null;
-    state.statusMessageId = null;
-
-    // Record session with auto-title from first message
-    if (state.lastSessionId && state.currentSession) {
-      const title = state.isFirstMessage ? (prompt.length > 60 ? prompt.slice(0, 57) + "..." : prompt) : null;
-      recordSession(state.userId, state.currentSession.name, state.lastSessionId, title);
-      state.isFirstMessage = false;
-    }
-    if (state.messageQueue.length > 0 && state.currentSession) {
-      const next = state.messageQueue.shift();
-      await runClaude(next.prompt, state.currentSession.dir, next.replyToMsgId, next.opts);
-    }
-  }));
-
-  proc.on("error", (err) => chatContext.run(chatId, async () => {
-    state.runningProcess = null;
-    clearTimeout(state.streamInterval);
-    clearTimeout(processTimeout);
-    await send(`Error: ${err.message}`);
-    state.statusMessageId = null;
-  }));
-}
-
-async function runClaudeSilent(prompt, cwd, label) {
-  return new Promise((resolve) => {
-    const args = ["-p", "--output-format", "text", "--verbose",
-      "--append-system-prompt", buildSystemPrompt(),
-      "--dangerously-skip-permissions", prompt];
-    const proc = spawn(CLAUDE_PATH, args, {
-      cwd, env: claudeSubprocessEnv(),
-      stdio: ["ignore", "pipe", "pipe"],
-    });
-    let output = "";
-    proc.stdout.on("data", (d) => { output += d.toString(); });
-    proc.on("close", async () => {
-      const chunks = splitMessage(`Cron: ${label}\n\n${redactSensitive(output.trim() || "(no output)")}`);
-      for (const c of chunks) await send(c);
-      resolve();
-    });
-    proc.on("error", async (err) => { await send(`Cron "${label}" failed: ${err.message}`); resolve(); });
-  });
-}
-
-function formatProgress(text, tools, currentTool, elapsed, toolDetail) {
-  const mins = Math.floor(elapsed / 60);
-  const secs = elapsed % 60;
-  const time = mins > 0 ? `${mins}m ${secs}s` : `${secs}s`;
-
-  const parts = [];
-  let status = currentTool ? `Working: ${currentTool}` : (tools.length > 0 ? "Processing..." : "Thinking...");
-  if (currentTool && toolDetail) status += ` — ${toolDetail}`;
-  parts.push(`${status} (${time})`);
-  if (tools.length > 1) parts.push(`Steps: ${[...new Set(tools)].join(" > ")}`);
-  if (text) parts.push(text.length > 800 ? "..." + text.slice(-800) : text);
-  return parts.join("\n\n");
-}
-
-// ── Cron System ─────────────────────────────────────────────────────
-
-function scheduleCron(c) {
-  const cwd = path.join(WORKSPACE, c.project);
-  if (activeCrons.has(c.id)) activeCrons.get(c.id).task.stop();
-  // Crons fire from a timer, not a Telegram message — bind explicitly to
-  // the owner's chat so any send() goes to them.
-  const task = cron.schedule(c.schedule, () => chatContext.run(CHAT_ID, () => runClaudeSilent(c.prompt, cwd, c.label)));
-  activeCrons.set(c.id, { task, config: c });
-}
-
-function initCrons() {
-  for (const c of loadCrons()) { try { scheduleCron(c); } catch (e) { console.error("Cron error:", e.message); } }
-  console.log(`Loaded ${loadCrons().length} cron(s)`);
-}
-
-// ── Session ─────────────────────────────────────────────────────────
-
-function startSession(name, resumeSessionId) {
-  const state = currentState();
-  let projectName, projectDir;
-  if (name === "__workspace__") {
-    projectName = "Workspace";
-    projectDir = WORKSPACE;
-  } else {
-    const result = findProject(name);
-    if (!result) return send(`No match for "${name}".`, { keyboard: projectKeyboard() });
-    if (Array.isArray(result)) return send("Multiple matches:", { keyboard: { inline_keyboard: result.map((p) => [{ text: p, callback_data: `s:${p}` }]) } });
-    projectName = result;
-    projectDir = path.join(WORKSPACE, result);
-  }
-
-  state.currentSession = { name: projectName, dir: projectDir };
-  state.messageQueue = []; resetSettings(state);
-
-  // Resume a specific session or the last one for this project
-  if (resumeSessionId) {
-    state.lastSessionId = resumeSessionId;
-    const sessions = getProjectSessions(state.userId, projectName);
-    const s = sessions.find((x) => x.id === resumeSessionId);
-    const title = s ? s.title : "";
-    state.isFirstMessage = false;
-    saveState();
-    send(`Session: ${projectName}\nResumed: ${title || resumeSessionId.slice(0, 8)}\n\nSend text, voice, or images.\n\n/sessions — switch conversation\n/session — switch project`);
-  } else {
-    const last = getLastProjectSession(state.userId, projectName);
-    if (last) {
-      state.lastSessionId = last.id;
-      state.isFirstMessage = false;
-      saveState();
-      send(`Session: ${projectName}\nResumed: ${last.title}\n\nSend text, voice, or images.\n\n/sessions — switch conversation\n/session — switch project`, {
-        keyboard: { inline_keyboard: [[{ text: "New conversation", callback_data: `new:${projectName}` }]] },
-      });
-    } else {
-      state.lastSessionId = null;
-      state.isFirstMessage = true;
-      saveState();
-      send(`Session: ${projectName}\n\nSend text, voice, or images.\n\n/sessions — switch conversation\n/session — switch project`);
-    }
-  }
-}
-
-function requireSession(msg) {
-  if (!currentState().currentSession) { send("Pick a project first:", { keyboard: projectKeyboard() }); return false; }
-  return true;
-}
-
-// Wrap every bot handler so it enters the ALS chat context bound to
-// whoever sent the message. Inside the wrapped fn, `currentChatId()`
-// and `currentState()` resolve to that user's per-thread state. Used
-// for bot.onText, bot.on("message"|"voice"|"audio"|"photo"|"document"),
-// and bot.on("callback_query") — callback_query carries the chat id
-// under q.message.chat.id rather than q.chat.id.
-function wrapHandler(fn) {
-  return function (...args) {
-    const event = args[0];
-    const chatId = String(
-      event?.chat?.id ||
-      event?.message?.chat?.id ||
-      event?.from?.id ||
-      CHAT_ID
-    );
-    return chatContext.run(chatId, () => fn(...args));
-  };
-}
-
-// ── Commands ────────────────────────────────────────────────────────
-
-bot.onText(/\/start/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!isOnboarded()) return startOnboarding();
-  send("Pick a project to start:", { keyboard: { inline_keyboard: [[{ text: "Pick a project", callback_data: "show:projects" }]] } });
-}));
-
-bot.onText(/\/help/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  send([
-    "Session: /session /sessions /projects /continue /status /stop /end",
-    "Settings: /model /effort /budget /plan /compact /worktree /mode",
-    "Identity: /whoami /link",
-    "Automation: /cron /vault /soul",
-    "Claude auth: /auth_status /login /setup_token /use_oauth_token /clear_oauth_token",
-    "Codex auth: /codex_auth_status /codex_login /codex_setup_token",
-    "System: /doctor /requirements /restart /upgrade",
-    "",
-    "Send text, voice, photos, or files.",
-    "Reply to any message for context.",
-  ].join("\n"));
-}));
-
-bot.onText(/\/whoami$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const chatId = String(msg.chat.id);
-  const key = channelKey("telegram", chatId);
-  const userId = canonicalForTelegram(chatId);
-  const preferred = identities.preferred[userId];
-  send([
-    `Channel: ${key}`,
-    `User: ${userId}`,
-    preferred ? `Preferred: ${preferred.transport}:${preferred.channelId}` : "Preferred: this channel",
-  ].join("\n"));
-}));
-
-bot.onText(/\/links$/, wrapHandler((msg) => {
-  if (!isOwner(msg)) return;
-  const rows = Object.entries(identities.channels)
-    .sort(([a], [b]) => a.localeCompare(b))
-    .map(([channel, userId]) => `${channel} -> ${userId}`);
-  send(rows.length ? rows.join("\n") : "No explicit identity links. Unlinked Telegram chats use telegram:<chatId>.");
-}));
-
-bot.onText(/\/link$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  send(isOwner(msg)
-    ? "Usage:\n/link <email-or-user-id>\n/link <telegram-chat-id> <email-or-user-id>\n/link telegram:<chat-id> <email-or-user-id>\n\nOwner can link any Telegram chat; other users can link only their current chat."
-    : "Usage:\n/link <email-or-user-id>\n\nThis links your Telegram chat to a canonical user id.");
-}));
-
-bot.onText(/\/link\s+(.+)$/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const parts = String(match[1] || "").trim().split(/\s+/).filter(Boolean);
-  if (parts.length === 0 || parts.length > 2) return send("Usage: /link <email-or-user-id>");
-
-  let targetChatId = String(msg.chat.id);
-  let userId = parts[0];
-  if (parts.length === 2) {
-    if (!isOwner(msg)) return send("Only the owner can link another chat.");
-    const channel = parts[0];
-    if (channel.startsWith("telegram:")) targetChatId = channel.slice("telegram:".length);
-    else targetChatId = channel;
-    userId = parts[1];
-  }
-
-  if (!/^-?\d+$/.test(targetChatId)) return send("Telegram chat id must be numeric.");
-  const normalizedUserId = normalizeCanonicalUserId(userId);
-  if (!normalizedUserId || /\s/.test(normalizedUserId)) return send("Canonical user id cannot be empty or contain spaces.");
-
-  const result = setIdentityMapping("telegram", targetChatId, normalizedUserId);
-  send([
-    `Linked ${result.key} -> ${result.userId}`,
-    result.migrated ? `Migrated state from ${result.previousUserId}.` : "Existing canonical state was left in place.",
-  ].join("\n"));
-}));
-
-bot.onText(/\/version$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  send(`Open Claudia v${CURRENT_VERSION}`);
-}));
-
-bot.onText(/\/restart$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return;
-  await send("Going offline for a quick restart — back in a moment.");
-  setTimeout(() => process.exit(0), 1000);
-}));
-
-bot.onText(/\/upgrade$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return;
-  // Change to HOME first — npm install -g replaces the package directory
-  // which can delete the cwd out from under the running process
-  try { process.chdir(process.env.HOME || require("os").homedir()); } catch (e) { /* already gone */ }
-  // Check if there's actually a newer version. `latest` is hoisted so
-  // the install step below can reference it; if `npm view` fails we
-  // fall back to npm's `latest` dist-tag.
-  let latest = null;
-  try {
-    latest = execSync("npm view @inetafrica/open-claudia version", {
-      encoding: "utf-8", timeout: 15000,
-      env: { ...process.env, PATH: FULL_PATH, HOME: process.env.HOME || require("os").homedir() },
-    }).trim();
-    if (latest === CURRENT_VERSION) {
-      await send(`Already on the latest version (v${CURRENT_VERSION}).`);
-      return;
-    }
-    await send(`Upgrading v${CURRENT_VERSION} → v${latest}...`);
-  } catch (e) {
-    await send("Upgrading...");
-  }
-  const installTarget = latest || "latest";
-  try {
-    execSync(`npm install -g @inetafrica/open-claudia@${installTarget} 2>&1`, {
-      encoding: "utf-8", timeout: 120000,
-      cwd: process.env.HOME || require("os").homedir(),
-      env: { ...process.env, PATH: FULL_PATH, HOME: process.env.HOME || require("os").homedir() },
-    });
-    // Run idempotent setup (install/configure tools like Playwright MCP)
-    try {
-      const { ensureSetup: postUpgradeSetup } = require("./health");
-      postUpgradeSetup();
-    } catch (e) { /* setup will run on next boot anyway */ }
-    // Read version and changelog from newly installed package
-    const root = execSync("npm root -g", { encoding: "utf-8", cwd: process.env.HOME || require("os").homedir(), env: { ...process.env, PATH: FULL_PATH } }).trim();
-    const newPkg = JSON.parse(fs.readFileSync(path.join(root, "@inetafrica", "open-claudia", "package.json"), "utf-8"));
-    // Extract current version's changelog entry
-    let whatsNew = "";
-    try {
-      const changelog = fs.readFileSync(path.join(root, "@inetafrica", "open-claudia", "CHANGELOG.md"), "utf-8");
-      let versionHeader = `## v${newPkg.version}`;
-      let start = changelog.indexOf(versionHeader);
-      if (start < 0) { versionHeader = `## ${newPkg.version}`; start = changelog.indexOf(versionHeader); }
-      if (start >= 0) {
-        const afterHeader = changelog.slice(start + versionHeader.length);
-        const nextVersion = afterHeader.indexOf("\n## ");
-        const section = nextVersion >= 0 ? afterHeader.slice(0, nextVersion) : afterHeader;
-        whatsNew = section.trim();
-      }
-    } catch (e) { /* no changelog */ }
-    const doctorReport = formatDoctorReport(runDoctorChecks());
-    const msg = `Installed v${newPkg.version}.${whatsNew ? `\n\nWhat's new:\n${whatsNew}` : ""}\n\nPost-upgrade requirements check:\n${doctorReport}\n\nGoing offline to restart...`;
-    await send(msg.length > 3900 ? msg.slice(0, 3900) : msg);
-  } catch (e) {
-    const errOutput = (e.stdout || e.stderr || e.message || "").slice(-500);
-    await send(`Upgrade failed:\n${errOutput}`);
-    return;
-  }
-  // Give Telegram time to deliver the message, then exit for launchd to restart
-  setTimeout(() => process.exit(0), 2000);
-}));
-
-bot.onText(/\/projects$/, wrapHandler((msg) => { if (isAuthorized(msg)) send("Pick:", { keyboard: projectKeyboard() }); }));
-bot.onText(/\/session$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const cs = currentState().currentSession;
-  if (cs) send(`Active: ${cs.name}\n\nSwitch?`, { keyboard: projectKeyboard() });
-  else send("Pick:", { keyboard: projectKeyboard() });
-}));
-bot.onText(/\/session (.+)/, wrapHandler((msg, match) => { if (isAuthorized(msg)) startSession(match[1].trim()); }));
-
-bot.onText(/\/sessions$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  const state = currentState();
-  const sessions = getProjectSessions(state.userId, state.currentSession.name);
-  if (sessions.length === 0) return send("No past conversations for this project.");
-  const rows = sessions.slice(0, 10).map((s) => {
-    const date = new Date(s.lastUsed).toLocaleDateString();
-    const active = state.lastSessionId === s.id ? " (active)" : "";
-    return [{ text: `${s.title}${active} — ${date}`, callback_data: `ss:${s.id}` }];
-  });
-  rows.push([{ text: "New conversation", callback_data: `new:${state.currentSession.name}` }]);
-  send(`Conversations in ${state.currentSession.name}:`, { keyboard: { inline_keyboard: rows } });
-}));
-
-bot.onText(/\/model$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  // Unified picker: every model from every available backend in one keyboard.
-  // Tapping a button switches backend (if needed) and sets the model.
-  // Callback format: `mb:<backend>:<model>` (model may itself contain `-`).
-  const { settings } = currentState();
-  const rows = [];
-  rows.push([{ text: "── Claude ──", callback_data: "noop" }]);
-  rows.push([
-    { text: "Opus 4.7", callback_data: "mb:claude:claude-opus-4-7" },
-    { text: "Opus 4.6", callback_data: "mb:claude:claude-opus-4-6" },
-    { text: "Sonnet 4.6", callback_data: "mb:claude:claude-sonnet-4-6" },
-    { text: "Haiku", callback_data: "mb:claude:claude-haiku-4-5-20251001" },
-  ]);
-  if (resolvedCursorPath) {
-    rows.push([{ text: "── Cursor ──", callback_data: "noop" }]);
-    rows.push([
-      { text: "Composer 2", callback_data: "mb:cursor:composer-2" },
-      { text: "Composer 2 Fast", callback_data: "mb:cursor:composer-2-fast" },
-      { text: "Auto", callback_data: "mb:cursor:auto" },
-    ]);
-    rows.push([
-      { text: "Opus 4.6 Thinking", callback_data: "mb:cursor:claude-4.6-opus-high-thinking" },
-      { text: "GPT-5.4", callback_data: "mb:cursor:gpt-5.4-medium" },
-    ]);
-  }
-  if (resolvedCodexPath) {
-    rows.push([{ text: "── Codex ──", callback_data: "noop" }]);
-    rows.push([
-      { text: "gpt-5", callback_data: "mb:codex:gpt-5" },
-      { text: "gpt-5-codex", callback_data: "mb:codex:gpt-5-codex" },
-    ]);
-    rows.push([
-      { text: "o3", callback_data: "mb:codex:o3" },
-      { text: "o4-mini", callback_data: "mb:codex:o4-mini" },
-    ]);
-  }
-  rows.push([{ text: "Default (current backend)", callback_data: "m:default" }]);
-  const beLabel = settings.backend === "cursor" ? "Cursor" : settings.backend === "codex" ? "Codex" : "Claude";
-  send(`Current: ${beLabel} · ${settings.model || "default"}\n\nPick a model — backend switches automatically.\nOr type /model <name>.`, { keyboard: { inline_keyboard: rows } });
-}));
-bot.onText(/\/model (.+)/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  settings.model = match[1].trim().toLowerCase();
-  if (settings.model === "default") settings.model = null;
-  send(`Model: ${settings.model || "default"}`);
-}));
-
-bot.onText(/\/effort$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  if (settings.backend === "cursor") return send("Effort levels are not supported on Cursor Agent.\nSwitch to Claude with /claude to use this.");
-  if (settings.backend === "codex") return send("Effort levels are not exposed as a flag on Codex.\nSet `model_reasoning_effort` in ~/.codex/config.toml, or switch to /claude.");
-  send(`Effort: ${settings.effort || "default"}`, { keyboard: { inline_keyboard: [
-    [{ text: "Low", callback_data: "e:low" }, { text: "Med", callback_data: "e:medium" }, { text: "High", callback_data: "e:high" }, { text: "Max", callback_data: "e:max" }],
-    [{ text: "Default", callback_data: "e:default" }],
-  ] } });
-}));
-bot.onText(/\/effort (.+)/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  if (settings.backend === "cursor") return send("Effort levels are not supported on Cursor Agent.");
-  if (settings.backend === "codex") return send("Effort levels are not exposed as a flag on Codex.");
-  const e = match[1].trim().toLowerCase(); settings.effort = ["low","medium","high","max"].includes(e) ? e : null; send(`Effort: ${settings.effort || "default"}`);
-}));
-
-bot.onText(/\/budget$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  if (settings.backend === "cursor") return send("Budget limits are not supported on Cursor Agent.\nSwitch to Claude with /claude to use this.");
-  if (settings.backend === "codex") return send("Budget limits are not supported on Codex.\nSwitch to Claude with /claude to use this.");
-  send(`Budget: ${settings.budget ? "$" + settings.budget : "none"}`, { keyboard: { inline_keyboard: [
-    [{ text: "$1", callback_data: "b:1" }, { text: "$5", callback_data: "b:5" }, { text: "$10", callback_data: "b:10" }, { text: "$25", callback_data: "b:25" }],
-    [{ text: "No limit", callback_data: "b:none" }],
-  ] } });
-}));
-bot.onText(/\/budget (.+)/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  if (settings.backend === "cursor") return send("Budget limits are not supported on Cursor Agent.");
-  if (settings.backend === "codex") return send("Budget limits are not supported on Codex.");
-  const v = parseFloat(match[1].replace("$","")); settings.budget = v > 0 ? v : null; send(`Budget: ${settings.budget ? "$"+settings.budget : "none"}`);
-}));
-
-bot.onText(/\/plan$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  const { settings } = state;
-  const p = settings.permissionMode === "plan";
-  settings.permissionMode = p ? null : "plan";
-  const label = settings.backend === "cursor" ? "read-only planning, no edits"
-    : settings.backend === "codex" ? "read-only sandbox, no edits"
-    : "plan permission mode";
-  if (p) {
-    // Reset session so next message doesn't resume in plan-mode for the active backend.
-    if (settings.backend === "cursor") state.cursorSessionId = null;
-    else if (settings.backend === "codex") state.codexSessionId = null;
-  }
-  send(p ? "Plan mode off (session reset)." : `Plan mode on (${label}).`);
-}));
-bot.onText(/\/ask$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  if (settings.backend !== "cursor") return send("Ask mode is only available on Cursor Agent.\nUse /cursor to switch.");
-  const a = settings.permissionMode === "ask";
-  settings.permissionMode = a ? null : "ask";
-  send(a ? "Ask mode off." : "Ask mode on (read-only Q&A, no edits).");
-}));
-bot.onText(/\/compact/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  if (!getActiveSessionId()) return send("No conversation.");
-  try {
-    const result = await compactActiveSession(currentState().currentSession.dir, {
-      notify: true,
-      message: "Compacting this conversation into a fresh session…",
-    });
-    if (result.compacted) await send(`Compacted into a fresh session${result.newSessionId ? ` (${result.newSessionId.slice(0, 8)}…)` : ""}. Continue normally.`, { replyTo: msg.message_id });
-    else await send(result.reason || "Could not compact.", { replyTo: msg.message_id });
-  } catch (e) {
-    await send(`Compaction failed: ${redactSensitive(e.message)}`, { replyTo: msg.message_id });
-  }
-}));
-bot.onText(/\/continue$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  if (!getActiveSessionId()) return send("No conversation to continue.");
-  await runClaude("continue where we left off", currentState().currentSession.dir, msg.message_id);
-}));
-bot.onText(/\/worktree$/, wrapHandler((msg) => { if (!isAuthorized(msg)) return; const { settings } = currentState(); settings.worktree = !settings.worktree; send(settings.worktree ? "Worktree on." : "Worktree off."); }));
-
-bot.onText(/\/cursor$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!resolvedCursorPath) return send("Cursor Agent CLI not found.\nSet CURSOR_PATH in .env or install: https://docs.cursor.com/agent");
-  const state = currentState();
-  state.settings.backend = "cursor";
-  state.settings.model = null;
-  saveState();
-  const sid = state.cursorSessionId ? `\nSession: ${state.cursorSessionId.slice(0, 8)}...` : "\nNew session.";
-  send(`Switched to Cursor Agent.${sid}\n\n/claude — switch back · /codex — Codex`);
-}));
-
-bot.onText(/\/claude$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  state.settings.backend = "claude";
-  state.settings.model = null;
-  saveState();
-  const sid = state.lastSessionId ? `\nSession: ${state.lastSessionId.slice(0, 8)}...` : "\nNew session.";
-  send(`Switched to Claude Code.${sid}\n\n/cursor — Cursor · /codex — Codex`);
-}));
-
-bot.onText(/\/codex$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!resolvedCodexPath) return send("Codex CLI not found.\nInstall: npm install -g @openai/codex\nThen run `codex login` to authenticate.");
-  const state = currentState();
-  state.settings.backend = "codex";
-  state.settings.model = null;
-  saveState();
-  const sid = state.codexSessionId ? `\nSession: ${state.codexSessionId.slice(0, 8)}...` : "\nNew session.";
-  send(`Switched to Codex.${sid}\n\n/claude — Claude · /cursor — Cursor`);
-}));
-
-bot.onText(/\/backend$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const { settings } = currentState();
-  const label = settings.backend === "cursor" ? "Cursor Agent" : settings.backend === "codex" ? "Codex" : "Claude Code";
-  const cursorAvail = resolvedCursorPath ? "available" : "not found";
-  const codexAvail = resolvedCodexPath ? "available" : "not found";
-  send(`Backend: ${label}\n\nClaude Code: available\nCursor Agent: ${cursorAvail}\nCodex: ${codexAvail}`, { keyboard: { inline_keyboard: [
-    [{ text: "Claude Code", callback_data: "be:claude" }, { text: "Cursor Agent", callback_data: "be:cursor" }, { text: "Codex", callback_data: "be:codex" }],
-  ] } });
-}));
-
-bot.onText(/\/mode$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  await send("Bot mode: *direct* (default)\n\nSwitch to agent mode for non-blocking execution.\nIn agent mode, heavy tasks run in the background and you can keep chatting.", {
-    parseMode: "Markdown",
-    keyboard: { inline_keyboard: [
-      [{ text: "Switch to Agent Mode", callback_data: "mode:agent" }],
-    ] },
-  });
-}));
-
-bot.onText(/\/stop/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  if (state.runningProcess) {
-    const pid = state.runningProcess.pid;
-    // Walk the descendant tree so detached children (background bashes,
-    // dev servers) get cleaned up, not just the PGID. Only stops THIS
-    // user's running Claude — other users' threads keep going.
-    killProcessTree(pid, "SIGTERM");
-    setTimeout(() => killProcessTree(pid, "SIGKILL"), 3000);
-    state.runningProcess = null;
-    if (state.streamInterval) clearTimeout(state.streamInterval);
-    state.messageQueue = [];
-    await send("Cancelled.");
-  }
-  else await send("Nothing running.");
-}));
-
-bot.onText(/\/(?:doctor|requirements)$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  await send(formatDoctorReport(runDoctorChecks()));
-}));
-
-bot.onText(/\/status/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  if (!state.currentSession) return send("No session.", { keyboard: { inline_keyboard: [[{ text: "Pick", callback_data: "show:projects" }]] } });
-  const { settings } = state;
-  const backendLabel = settings.backend === "cursor" ? "Cursor Agent" : settings.backend === "codex" ? "Codex" : "Claude Code";
-  send([
-    `Project: ${state.currentSession.name}`,
-    `Backend: ${backendLabel}`,
-    `Model: ${settings.model || "default"} | Effort: ${settings.effort || "default"}`,
-    `Vault: ${vault.isUnlocked() ? "unlocked" : "locked"} | Crons: ${activeCrons.size}`,
-    state.runningProcess ? "Working..." : "Ready.",
-  ].join("\n"));
-}));
-
-bot.onText(/\/end/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  if (state.currentSession) {
-    const n = state.currentSession.name;
-    state.currentSession = null;
-    state.lastSessionId = null;
-    state.messageQueue = [];
-    resetSettings(state);
-    resetSessionUsage(state);
-    saveState();
-    send(`Ended: ${n}`, { keyboard: { inline_keyboard: [[{ text: "New session", callback_data: "show:projects" }]] } });
-  } else send("No session.");
-}));
-
-bot.onText(/\/usage$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const u = currentState().sessionUsage;
-  if (u.turns === 0) return send("No usage yet in this session.");
-  const fmt = (n) => n >= 1000 ? (n / 1000).toFixed(1) + "k" : String(n);
-  const lines = [
-    `*Session usage* (${u.turns} turn${u.turns === 1 ? "" : "s"})`,
-    `Input: ${fmt(u.inputTokens)} · Output: ${fmt(u.outputTokens)}`,
-    `Cache read: ${fmt(u.cacheReadTokens)} · Cache write: ${fmt(u.cacheCreationTokens)}`,
-    `Cost: $${u.costUsd.toFixed(4)}`,
-    `Last turn context: ${fmt(u.lastInputTokens)}`,
-  ];
-  if (u.lastInputTokens > 100000) lines.push(`\nTip: context is large. The bot auto-compacts before the next turn at ${fmt(AUTO_COMPACT_TOKENS)} tokens; /compact does it now.`);
-  send(lines.join("\n"), { parseMode: "Markdown" });
-}));
-
-bot.onText(/\/soul$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const soul = loadSoul();
-  const preview = soul.length > 3000 ? soul.slice(0, 3000) + "\n..." : soul;
-  await send(preview);
-  await send(`Edit: ${SOUL_FILE}\nOr tell me what to change and I'll update it.`);
-}));
-
-// ── Claude Auth Commands ────────────────────────────────────────────
-// These commands touch the SHARED Claude OAuth token (single Anthropic
-// account per pod), so they're owner-only. Non-owner authorized users
-// can still call /auth_status to see whether Claude is happy.
-
-bot.onText(/\/(?:auth_status|auth status)$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const chatId = String(msg.chat.id);
-  const tokenInfo = getClaudeOAuthToken();
-  const proc = spawn(CLAUDE_PATH, ["auth", "status"], {
-    cwd: process.env.HOME || require("os").homedir(),
-    env: claudeSubprocessEnv(),
-    stdio: ["ignore", "pipe", "pipe"],
-  });
-  let output = "";
-  proc.stdout.on("data", (d) => { output += d.toString(); });
-  proc.stderr.on("data", (d) => { output += d.toString(); });
-  proc.on("close", (code) => chatContext.run(chatId, async () => {
-    const clean = redactSensitive(output.trim()) || "(no output)";
-    await send([
-      `Claude auth status: exit ${code}`,
-      ...summarizeClaudeAuthStatus(output, code, tokenInfo),
-      `Bot OAuth token: ${tokenInfo.value ? "configured via " + tokenInfo.source : "not configured"}`,
-      `Vault: ${vault.isUnlocked() ? "unlocked" : "locked"}`,
-      "",
-      clean.slice(-2500),
-    ].join("\n"));
-  }));
-  proc.on("error", (err) => chatContext.run(chatId, () => send(`Claude auth status failed: ${redactSensitive(err.message)}`)));
-}));
-
-bot.onText(/\/cancel_auth$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  const state = currentState();
-  if (!state.pendingClaudeAuthProcess) return send("No Claude auth flow is pending.");
-  clearPendingClaudeAuth(state);
-  await send("Claude auth flow cancelled. Normal messages will go to the assistant again.");
-}));
-
-bot.onText(/\/auth_code(?:\s+(.+))?$/, wrapHandler(async (msg, match) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  const state = currentState();
-  const code = (match[1] || "").trim();
-  await deleteMessage(msg.message_id);
-  if (!state.pendingClaudeAuthProcess || state.pendingClaudeAuthLabel === "manual OAuth token save") {
-    return send("No Claude login flow is waiting for an auth code. Start with /login, or use /use_oauth_token for tokens.");
-  }
-  if (!code || !looksLikeClaudeAuthReply(code)) {
-    return send("That does not look like a Claude auth code/callback. Use /cancel_auth to cancel the login flow.");
-  }
-  try {
-    state.pendingClaudeAuthProcess.stdin.write(code + "\n");
-    await send("Auth code sent to Claude. I’ll confirm with auth status when Claude finishes.");
-  } catch (e) {
-    clearPendingClaudeAuth(state);
-    await send(`Could not send auth code to Claude: ${redactSensitive(e.message)}`);
-  }
-}));
-
-bot.onText(/\/login$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  await runClaudeAuthCommand(["auth", "login", "--claudeai", "--email", "sumeet@inet.africa"], "Claude login");
-}));
-
-bot.onText(/\/setup_token$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  await runClaudeAuthCommand(["setup-token"], "Claude setup-token", { captureToken: true });
-}));
-
-bot.onText(/\/use_oauth_token(?:\s+(.+))?$/, wrapHandler(async (msg, match) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  const state = currentState();
-  const token = (match[1] || "").trim();
-  await deleteMessage(msg.message_id);
-  if (!token) {
-    state.pendingClaudeAuthProcess = { stdin: { write: (value) => saveClaudeOAuthToken(value.trim()) } };
-    state.pendingClaudeAuthLabel = "manual OAuth token save";
-    await send("Send the Claude OAuth token in your next message. I'll delete it and store it without echoing it.");
-    return;
-  }
-  if (!looksLikeClaudeToken(token)) return send("That doesn't look like a Claude OAuth token. Not saved.");
-  saveClaudeOAuthToken(token);
-  await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
-  await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
-}));
-
-bot.onText(/\/clear_oauth_token$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Claude auth is shared across users.");
-  clearClaudeOAuthToken();
-  await send("Claude OAuth token cleared from .env/process" + (vault.isUnlocked() ? " and vault." : ". Unlock vault and run again if you also stored it there."));
-}));
-
-bot.onText(/\/(?:codex_auth_status|codex auth status)$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  await sendCodexAuthStatusSummary();
-}));
-
-bot.onText(/\/codex_login$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Codex auth is shared across users.");
-  await runCodexDeviceLogin();
-}));
-
-bot.onText(/\/cancel_codex_auth$/, wrapHandler(async (msg) => {
-  if (!isOwner(msg)) return send("Owner only — Codex auth is shared across users.");
-  const state = currentState();
-  if (!state.pendingCodexAuthProcess) return send("No Codex auth flow is pending.");
-  clearPendingCodexAuth(state);
-  await send("Codex auth flow cancelled. Normal messages will go to the assistant again.");
-}));
-
-bot.onText(/\/(?:codex_setup_token|codex_use_api_key)(?:\s+(.+))?$/, wrapHandler(async (msg, match) => {
-  if (!isOwner(msg)) return send("Owner only — Codex auth is shared across users.");
-  if (!resolvedCodexPath) return send("Codex CLI not found. Install: npm install -g @openai/codex");
-  const key = (match[1] || "").trim();
-  await deleteMessage(msg.message_id);
-  if (!key) {
-    const state = currentState();
-    state.pendingCodexAuthProcess = { kill: () => {} };
-    state.pendingCodexAuthLabel = "manual OpenAI API key save";
-    await send("Send the OpenAI API key in your next message. I’ll delete it and pass it to `codex login --with-api-key` without echoing it.");
-    return;
-  }
-  if (!looksLikeOpenAIKey(key)) return send("That does not look like an OpenAI API key. Not saved.");
-  const result = await saveCodexApiKeyWithCli(key);
-  await send(result.ok ? "Codex API key stored by the Codex CLI. I did not print it." : `Codex CLI could not store the API key: ${redactSensitive(result.output).slice(-800)}`);
-  await sendCodexAuthStatusSummary("Current Codex auth status:");
-}));
-
-// ── /vault with password protection ─────────────────────────────────
-// Vault is a single shared store. Lock state is global; the
-// password-unlock flow is per-user (pendingVaultUnlock lives on the
-// current user's state so two people can't crash into each other's
-// password prompt).
-
-bot.onText(/\/vault$/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  if (!vault.exists()) {
-    await send("No vault found. Run setup first: node setup.js");
-    return;
-  }
-  if (vault.isUnlocked()) {
-    const entries = vault.list();
-    const keys = Object.keys(entries);
-    if (keys.length === 0) await send("Vault is unlocked but empty.\n\nUse /vault set <name> <value>");
-    else await send("Vault (unlocked):\n\n" + keys.map(k => `${k}: ${entries[k]}`).join("\n") + "\n\nLocks automatically in 5 min.");
-  } else {
-    state.pendingVaultUnlock = true;
-    state.pendingVaultAction = { type: "list" };
-    await send("Vault is locked. Send your vault password.\n(Message will be deleted after reading)");
-  }
-}));
-
-bot.onText(/\/vault set (\S+) (.+)/, wrapHandler(async (msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  // Delete the message containing the value immediately
-  await deleteMessage(msg.message_id);
-  if (vault.isUnlocked()) {
-    vault.set(match[1], match[2].trim());
-    await send(`Saved: ${match[1]}`);
-  } else {
-    state.pendingVaultUnlock = true;
-    state.pendingVaultAction = { type: "set", key: match[1], value: match[2].trim() };
-    await send("Vault locked. Send password to unlock.");
-  }
-}));
-
-bot.onText(/\/vault remove (\S+)/, wrapHandler(async (msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const state = currentState();
-  if (vault.isUnlocked()) {
-    vault.remove(match[1]);
-    await send(`Removed: ${match[1]}`);
-  } else {
-    state.pendingVaultUnlock = true;
-    state.pendingVaultAction = { type: "remove", key: match[1] };
-    await send("Vault locked. Send password to unlock.");
-  }
-}));
-
-bot.onText(/\/vault lock/, wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  vault.lock();
-  await send("Vault locked.");
-}));
-
-// ── /cron ───────────────────────────────────────────────────────────
-
-bot.onText(/\/cron$/, wrapHandler((msg) => {
-  if (!isAuthorized(msg)) return;
-  const list = loadCrons();
-  if (list.length === 0) {
-    send("No crons.\n\nAdd: /cron add \"<schedule>\" <project> \"<prompt>\"\n\nOr pick a preset:", {
-      keyboard: { inline_keyboard: [
-        [{ text: "Standup 9am", callback_data: "cp:standup" }, { text: "Git digest 6pm", callback_data: "cp:git" }],
-        [{ text: "Dep check Mon", callback_data: "cp:deps" }, { text: "Health 30min", callback_data: "cp:health" }],
-      ] },
-    });
-  } else {
-    send("Crons:\n\n" + list.map((c, i) => `${i + 1}. ${c.label} (${c.schedule}) — ${c.project}`).join("\n") + "\n\nRemove: /cron remove <#>");
-  }
-}));
-
-bot.onText(/\/cron add "(.+)" (\S+) "(.+)"/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  if (!cron.validate(match[1])) return send("Invalid cron schedule.");
-  const proj = findProject(match[2]);
-  if (!proj || Array.isArray(proj)) return send("Project not found.");
-  const c = { id: `cron_${Date.now()}`, schedule: match[1], project: proj, prompt: match[3], label: match[3].slice(0, 50) };
-  const list = loadCrons(); list.push(c); saveCrons(list); scheduleCron(c);
-  send(`Added: ${c.label} (${c.schedule}) for ${proj}`);
-}));
-
-bot.onText(/\/cron remove (\d+)/, wrapHandler((msg, match) => {
-  if (!isAuthorized(msg)) return;
-  const list = loadCrons(); const idx = parseInt(match[1]) - 1;
-  if (idx < 0 || idx >= list.length) return send("Invalid number.");
-  const removed = list.splice(idx, 1)[0]; saveCrons(list);
-  if (activeCrons.has(removed.id)) { activeCrons.get(removed.id).task.stop(); activeCrons.delete(removed.id); }
-  send(`Removed: ${removed.label}`);
-}));
-
-// ── Callback Queries ────────────────────────────────────────────────
-
-bot.on("callback_query", wrapHandler(async (q) => {
-  const d = q.data;
-  await bot.answerCallbackQuery(q.id);
-  const state = currentState();
-
-  if (d.startsWith("auth:")) {
-    const callbackFromOwner = String(q.from?.id) === CHAT_ID || String(q.message?.chat?.id) === CHAT_ID;
-    if (!callbackFromOwner) {
-      await send("Owner only — auth approvals are restricted.");
-      return;
-    }
-
-    const [, action, chatId] = d.split(":");
-    if (!chatId || !["approve", "deny"].includes(action)) return;
-
-    const result = action === "approve"
-      ? await approveAuthRequest(chatId)
-      : await denyAuthRequest(chatId);
-
-    if (result.status === "not_found") {
-      await send(`No pending auth request found for ${chatId}.`);
-      return;
-    }
-
-    if (result.status === "already_authorized") {
-      await send(`Chat ${chatId} is already authorized.`);
-      return;
-    }
-
-    const label = authRequestLabel(result.request);
-    if (result.status === "approved") {
-      await bot.sendMessage(chatId, "Your access has been approved! You can now use the bot. Send /start to begin.").catch(() => {});
-      let edited = false;
-      if (q.message) {
-        edited = await bot.editMessageText(`Approved auth request from ${label} (${chatId}).`, {
-          chat_id: q.message.chat.id,
-          message_id: q.message.message_id,
-          reply_markup: { inline_keyboard: [] },
-        }).then(() => true).catch(() => false);
-      }
-      if (!edited) await send(`Approved ${label} (${chatId}).`);
-      return;
-    }
-
-    await bot.sendMessage(chatId, "Your access request was denied.").catch(() => {});
-    let edited = false;
-    if (q.message) {
-      edited = await bot.editMessageText(`Denied auth request from ${label} (${chatId}).`, {
-        chat_id: q.message.chat.id,
-        message_id: q.message.message_id,
-        reply_markup: { inline_keyboard: [] },
-      }).then(() => true).catch(() => false);
-    }
-    if (!edited) await send(`Denied ${label} (${chatId}).`);
-    return;
-  }
-
-  // Onboarding style selection
-  if (d.startsWith("ob:")) { finishOnboarding(d.slice(3)); return; }
-
-  if (d === "show:projects") { await send("Pick:", { keyboard: projectKeyboard() }); return; }
-  if (d.startsWith("s:")) { startSession(d.slice(2)); return; }
-  if (d.startsWith("ss:")) { if (state.currentSession) startSession(state.currentSession.name, d.slice(3)); return; }
-  if (d.startsWith("new:")) {
-    const proj = d.slice(4);
-    // Don't delete history, just start fresh
-    state.currentSession = { name: proj === "__workspace__" ? "Workspace" : proj, dir: proj === "__workspace__" ? WORKSPACE : path.join(WORKSPACE, proj) };
-    state.lastSessionId = null;
-    state.isFirstMessage = true;
-    state.messageQueue = [];
-    resetSettings(state);
-    resetSessionUsage(state);
-    saveState();
-    await send(`Session: ${state.currentSession.name}\nNew conversation\n\nSend text, voice, or images.\n\n/sessions — switch conversation\n/session — switch project`);
-    return;
-  }
-  if (d === "a:continue") { if (state.currentSession && getActiveSessionId()) await runClaude("continue", state.currentSession.dir); else send("No session to continue."); return; }
-  if (d === "a:end") {
-    if (state.currentSession) {
-      const n = state.currentSession.name;
-      state.currentSession = null;
-      state.lastSessionId = null;
-      state.messageQueue = [];
-      resetSettings(state);
-      resetSessionUsage(state);
-      saveState();
-      await send(`Ended: ${n}`, { keyboard: { inline_keyboard: [[{ text: "New", callback_data: "show:projects" }]] } });
-    }
-    return;
-  }
-  if (d === "noop") { return; }
-  if (d.startsWith("mb:")) {
-    // Unified picker: switch backend + set model in one tap.
-    // Format: mb:<backend>:<model>. Model may contain `:` itself (unlikely), so split on first two.
-    const rest = d.slice(3);
-    const colon = rest.indexOf(":");
-    if (colon < 0) return;
-    const be = rest.slice(0, colon);
-    const model = rest.slice(colon + 1);
-    if (be === "cursor" && !resolvedCursorPath) { await send("Cursor Agent CLI not found."); return; }
-    if (be === "codex" && !resolvedCodexPath) { await send("Codex CLI not found. Install: npm install -g @openai/codex"); return; }
-    const switched = state.settings.backend !== be;
-    state.settings.backend = be;
-    state.settings.model = model;
-    saveState();
-    const beLabel = be === "cursor" ? "Cursor Agent" : be === "codex" ? "Codex" : "Claude Code";
-    await send(switched ? `Switched to ${beLabel}.\nModel: ${model}` : `Model: ${model}`);
-    return;
-  }
-  if (d.startsWith("m:")) { state.settings.model = d.slice(2) === "default" ? null : d.slice(2); await send(`Model: ${state.settings.model || "default"}`); return; }
-  if (d.startsWith("e:")) { const e = d.slice(2); state.settings.effort = e === "default" ? null : e; await send(`Effort: ${state.settings.effort || "default"}`); return; }
-  if (d.startsWith("b:")) { const b = d.slice(2); state.settings.budget = b === "none" ? null : parseFloat(b); await send(`Budget: ${state.settings.budget ? "$"+state.settings.budget : "none"}`); return; }
-  if (d.startsWith("be:")) {
-    const be = d.slice(3);
-    if (be === "cursor" && !resolvedCursorPath) { await send("Cursor Agent CLI not found."); return; }
-    if (be === "codex" && !resolvedCodexPath) { await send("Codex CLI not found. Install: npm install -g @openai/codex"); return; }
-    state.settings.backend = be;
-    state.settings.model = null;
-    saveState();
-    const label = be === "cursor" ? "Cursor Agent" : be === "codex" ? "Codex" : "Claude Code";
-    await send(`Switched to ${label}.`);
-    return;
-  }
-
-  // Mode switching — writes mode file and restarts bot. Owner only —
-  // it affects the whole pod, not just this user.
-  if (d.startsWith("mode:")) {
-    if (String(q.from?.id) !== CHAT_ID) { await send("Owner only — mode switch restarts the bot."); return; }
-    const newMode = d.slice(5);
-    const modeFile = path.join(CONFIG_DIR, ".bot-mode");
-    fs.writeFileSync(modeFile, newMode);
-    await send(`Switching to ${newMode} mode... restarting.`);
-    setTimeout(() => process.exit(0), 500); // Let launchd/systemd restart with new mode
-    return;
-  }
-
-  // Cron presets
-  if (d.startsWith("cp:") && d !== "cp:clear") {
-    if (!state.currentSession) return send("Start a session first.");
-    const presets = {
-      standup: { schedule: "0 9 * * 1-5", prompt: "Morning standup: recent commits, failing tests, open TODOs, what to focus on today. Brief.", label: "Morning standup" },
-      git: { schedule: "0 18 * * 1-5", prompt: "Git digest: today's commits, changed files, uncommitted changes. Flag concerns.", label: "Git digest" },
-      deps: { schedule: "0 10 * * 1", prompt: "Check outdated/vulnerable dependencies. Brief — just what needs attention.", label: "Dep check" },
-      health: { schedule: "*/30 * * * *", prompt: "Quick health: can the project build? Run build/lint, report pass/fail.", label: "Health check" },
-    };
-    const p = presets[d.slice(3)];
-    if (!p) return;
-    const c = { id: `cron_${Date.now()}`, ...p, project: state.currentSession.name };
-    const list = loadCrons(); list.push(c); saveCrons(list); scheduleCron(c);
-    await send(`Added: ${c.label} for ${state.currentSession.name}`);
-    return;
-  }
-  if (d === "cp:clear") { for (const [,v] of activeCrons) v.task.stop(); activeCrons.clear(); saveCrons([]); await send("All crons cleared."); return; }
-}));
-
-// ── Media Handlers ──────────────────────────────────────────────────
-
-bot.on("voice", wrapHandler(async (msg) => {
-  if (isDuplicate(msg)) return;
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  const state = currentState();
-  try {
-    // Check file size
-    if (msg.voice.file_size && msg.voice.file_size > MAX_VOICE_SIZE) {
-      return send(`Voice note too large (${Math.round(msg.voice.file_size / 1024 / 1024)}MB). Max: ${MAX_VOICE_SIZE / 1024 / 1024}MB`);
-    }
-    bot.sendChatAction(currentChatId(), "typing");
-    const oggPath = await downloadFile(msg.voice.file_id, ".ogg");
-    const transcript = transcribeAudio(oggPath);
-    try { fs.unlinkSync(oggPath); } catch (e) {}
-    if (!transcript) return send("Couldn't transcribe. Try typing it.");
-    await send(`Heard: "${transcript}"`, { replyTo: msg.message_id });
-    state.lastInputWasVoice = true;
-    await runClaude(transcript, state.currentSession.dir, msg.message_id);
-  } catch (err) { await send(`Voice failed: ${err.message}`); }
-}));
-
-bot.on("audio", wrapHandler(async (msg) => {
-  if (isDuplicate(msg)) return;
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  const state = currentState();
-  try {
-    bot.sendChatAction(currentChatId(), "typing");
-    const p = await downloadFile(msg.audio.file_id, path.extname(msg.audio.file_name || ".ogg"));
-    const t = transcribeAudio(p);
-    try { fs.unlinkSync(p); } catch (e) {}
-    if (!t) return send("Couldn't transcribe.");
-    await send(`Heard: "${t}"`, { replyTo: msg.message_id });
-    await runClaude(t, state.currentSession.dir, msg.message_id);
-  } catch (err) { await send(`Audio failed: ${err.message}`); }
-}));
-
-bot.on("photo", wrapHandler(async (msg) => {
-  if (isDuplicate(msg)) return;
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  const state = currentState();
-  try {
-    const p = await downloadFile(msg.photo[msg.photo.length - 1].file_id, ".jpg");
-    const caption = msg.caption || "Describe this image. If code/UI/error — explain and fix.";
-    await runClaude(`Image at ${p}\n\nView it, then: ${caption}`, state.currentSession.dir, msg.message_id);
-  } catch (err) { await send(`Image failed: ${err.message}`); }
-}));
-
-bot.on("document", wrapHandler(async (msg) => {
-  if (isDuplicate(msg)) return;
-  if (!isAuthorized(msg)) return;
-  if (!requireSession(msg)) return;
-  const state = currentState();
-  try {
-    // Check file size
-    if (msg.document.file_size && msg.document.file_size > MAX_FILE_SIZE) {
-      return send(`File too large (${Math.round(msg.document.file_size / 1024 / 1024)}MB). Max: ${MAX_FILE_SIZE / 1024 / 1024}MB`);
-    }
-    const fileName = msg.document.file_name || `file-${Date.now()}`;
-    const mime = msg.document.mime_type || "";
-    // Save with original name to files dir
-    const savePath = path.join(FILES_DIR, fileName);
-    const file = await bot.getFile(msg.document.file_id);
-    const fileUrl = `https://api.telegram.org/file/bot${TOKEN}/${file.file_path}`;
-    await new Promise((resolve, reject) => {
-      const out = fs.createWriteStream(savePath);
-      https.get(fileUrl, (res) => { res.pipe(out); out.on("finish", () => { out.close(); resolve(); }); }).on("error", reject);
-    });
-    const caption = msg.caption || "";
-    const isImage = mime.startsWith("image/");
-    let prompt;
-    if (isImage) {
-      prompt = `Image file saved at ${savePath}\n\nView it, then: ${caption || "Describe this image. If code/UI/error — explain and fix."}`;
-    } else {
-      prompt = `File received: ${fileName} (${mime})\nSaved at: ${savePath}\n\nRead this file and ${caption || "summarize its contents. If it's code, explain what it does. If it's a document, give key points."}`;
-    }
-    await send(`File saved: ${fileName}`, { replyTo: msg.message_id });
-    await runClaude(prompt, state.currentSession.dir, msg.message_id);
-  } catch (err) { await send(`Failed: ${err.message}`); }
-}));
-
-// ── Text Message Handler (handles onboarding, vault password, normal messages) ──
-
-bot.on("message", wrapHandler(async (msg) => {
-  if (!isAuthorized(msg)) return;
-  if (!msg.text || msg.text.startsWith("/")) return;
-  if (msg.voice || msg.audio || msg.photo || msg.document || msg.video || msg.sticker) return;
-  if (isDuplicate(msg)) return;
-  const state = currentState();
-
-  // Handle pending manual Codex API key paste mode.
-  if (state.pendingCodexAuthProcess && state.pendingCodexAuthLabel === "manual OpenAI API key save") {
-    const text = msg.text.trim();
-    await deleteMessage(msg.message_id);
-    if (!looksLikeOpenAIKey(text)) {
-      clearPendingCodexAuth(state);
-      await send("That did not look like an OpenAI API key. Not saved.");
-      return;
-    }
-    clearPendingCodexAuth(state);
-    const result = await saveCodexApiKeyWithCli(text);
-    await send(result.ok ? "Codex API key stored by the Codex CLI. I did not print it." : `Codex CLI could not store the API key: ${redactSensitive(result.output).slice(-800)}`);
-    await sendCodexAuthStatusSummary("Current Codex auth status:");
-    return;
-  }
-
-  if (state.pendingCodexAuthProcess) {
-    await send("Codex login is still running. Complete the device flow in your browser, or send /cancel_codex_auth.");
-    return;
-  }
-
-  // Handle pending manual OAuth token paste mode. Login codes must be sent explicitly
-  // with /auth_code so normal chat can never be deleted/consumed accidentally.
-  if (state.pendingClaudeAuthProcess && state.pendingClaudeAuthLabel === "manual OAuth token save") {
-    const text = msg.text.trim();
-    if (looksLikeClaudeToken(text)) {
-      await deleteMessage(msg.message_id);
-      clearPendingClaudeAuth(state);
-      saveClaudeOAuthToken(text);
-      await send(`Claude OAuth token stored in .env${vault.isUnlocked() ? " and vault" : ""}. Restart the bot so launchd picks it up, or use /restart.`);
-      await sendClaudeAuthStatusSummary("Stored token. Current Claude auth status:");
-      return;
-    }
-    await send("Token paste mode is active, but that does not look like a Claude OAuth token. I left your message visible and will handle it normally. Send /cancel_auth to stop token paste mode.");
-  }
-
-  if (state.pendingClaudeAuthProcess && state.pendingClaudeAuthLabel !== "manual OAuth token save") {
-    const text = msg.text.trim();
-    if (looksLikeClaudeAuthReply(text)) {
-      await send("That looks like a Claude login code/callback. I did not delete it or send it to Claude as a prompt. Please resend it as `/auth_code YOUR_CODE`, or use /cancel_auth to stop the login flow.");
-      return;
-    }
-    await send("Claude login is still waiting. I will not delete normal messages. If Claude gave you a code, send it as `/auth_code YOUR_CODE`, or use /cancel_auth.");
-  }
-
-  // Handle onboarding (only the owner gets here in practice — ONBOARDED
-  // flips to true after the first run, gating everyone else out).
-  if (!isOnboarded() && state.onboardingStep) {
-    await handleOnboarding(msg);
-    return;
-  }
-
-  // Handle vault password — per-user flow so two people can't fight over
-  // the prompt. Vault itself is shared once unlocked.
-  if (state.pendingVaultUnlock) {
-    const password = msg.text;
-    // Delete the password message immediately
-    await deleteMessage(msg.message_id);
-
-    const ok = vault.unlock(password);
-    if (!ok) {
-      state.pendingVaultUnlock = false;
-      state.pendingVaultAction = null;
-      await send("Wrong password.");
-      return;
-    }
-
-    // Execute pending action
-    const action = state.pendingVaultAction;
-    state.pendingVaultUnlock = false;
-    state.pendingVaultAction = null;
-
-    if (action.type === "list") {
-      const entries = vault.list();
-      const keys = Object.keys(entries);
-      if (keys.length === 0) await send("Vault unlocked (empty).\n\nUse /vault set <name> <value>");
-      else await send("Vault unlocked:\n\n" + keys.map(k => `${k}: ${entries[k]}`).join("\n") + "\n\nAuto-locks in 5 min.");
-    } else if (action.type === "set") {
-      vault.set(action.key, action.value);
-      await send(`Saved: ${action.key}`);
-    } else if (action.type === "remove") {
-      vault.remove(action.key);
-      await send(`Removed: ${action.key}`);
-    }
-    return;
-  }
-
-  // Normal message
-  if (!requireSession(msg)) return;
-
-  // Detect credential-like messages and delete them from chat
-  const text = msg.text;
-  const credPatterns = [
-    /^(sk-ant-|sk-|glpat-|ghp_|gho_|github_pat_|xoxb-|xoxp-|AKIA|AIza)/,  // API keys
-    /^[A-Za-z0-9_-]{20,}$/,  // Long token-like strings with no spaces
-    /^(Bearer |token:|key:|secret:|password:)/i,  // Prefixed credentials
-  ];
-  const looksLikeCredential = credPatterns.some((p) => p.test(text.trim()));
-  if (looksLikeCredential) {
-    await deleteMessage(msg.message_id);
-  }
-
-  let prompt = msg.text;
-  const reply = msg.reply_to_message;
-  const skipReplyContext = reply?.from?.is_bot && !reply.document && !reply.photo;
-  if (reply && !skipReplyContext) {
-    let ctx = "";
-    if (reply.text) {
-      ctx = reply.text;
-    }
-    if (reply.caption) {
-      ctx += (ctx ? "\n" : "") + reply.caption;
-    }
-    if (reply.document) {
-      const fileName = reply.document.file_name || "unknown";
-      const filePath = path.join(FILES_DIR, fileName);
-      if (fs.existsSync(filePath)) {
-        ctx += (ctx ? "\n" : "") + `[Attached file: ${fileName} at ${filePath}]`;
-      } else {
-        // Download the file from the replied message
-        try {
-          const file = await bot.getFile(reply.document.file_id);
-          const fileUrl = `https://api.telegram.org/file/bot${TOKEN}/${file.file_path}`;
-          await new Promise((resolve, reject) => {
-            const out = fs.createWriteStream(filePath);
-            https.get(fileUrl, (res) => { res.pipe(out); out.on("finish", () => { out.close(); resolve(); }); }).on("error", reject);
-          });
-          ctx += (ctx ? "\n" : "") + `[Attached file: ${fileName} at ${filePath}]`;
-        } catch (e) {
-          ctx += (ctx ? "\n" : "") + `[Attached file: ${fileName} — could not download]`;
-        }
-      }
-    }
-    if (reply.photo) {
-      ctx += (ctx ? "\n" : "") + "[Attached photo]";
-    }
-    if (ctx) {
-      prompt = `Replying to message:\n---\n${ctx.length > 1000 ? ctx.slice(0, 1000) + "..." : ctx}\n---\n\n${msg.text}`;
-    }
-  }
-
-  await runClaude(prompt, state.currentSession.dir, msg.message_id);
-}));
-
-// ── Startup ─────────────────────────────────────────────────────────
-// Idempotent setup: ensure tools & config are in place (safe on every boot)
-try {
-  const { ensureSetup, formatSetupResults } = require("./health");
-  const setupResult = ensureSetup();
-  console.log("Setup check:");
-  console.log(formatSetupResults(setupResult));
-  if (!setupResult.ok) console.warn("Some setup steps failed — browser tools may be unavailable.");
-} catch (e) {
-  console.warn("Setup check skipped:", e.message);
-}
-
-// Sweep stale `claude login` / `claude setup-token` processes that
-// survived a previous bot crash. They're blocked on stdin forever and
-// can hold keychain locks / resources. Anything older than 30 minutes
-// is assumed to be abandoned.
-try {
-  const out = execSync(
-    `ps -axo pid,etime,command | awk '/claude (login|setup-token)/ && !/awk/'`,
-    { encoding: "utf-8", stdio: ["ignore", "pipe", "ignore"] },
-  );
-  for (const line of out.split("\n")) {
-    const m = line.trim().match(/^(\d+)\s+(\S+)\s/);
-    if (!m) continue;
-    const pid = Number(m[1]);
-    const elapsed = m[2]; // [DD-]HH:MM:SS or MM:SS
-    const minutes = elapsed.includes("-")
-      ? Number(elapsed.split("-")[0]) * 24 * 60 + 60 // any "DD-" form is ≥1 day
-      : elapsed.split(":").length === 3
-        ? Number(elapsed.split(":")[0]) * 60 + Number(elapsed.split(":")[1])
-        : Number(elapsed.split(":")[0]);
-    if (minutes >= 30) {
-      try {
-        process.kill(pid, "SIGTERM");
-        console.log(`Swept stale auth process pid=${pid} elapsed=${elapsed}`);
-      } catch (e) {}
-    }
-  }
-} catch (e) {
-  // ps/awk not available or no matches — fine.
-}
-
-initCrons();
-console.log("Claude Code Telegram bot running");
-console.log(`Workspace: ${WORKSPACE}`);
-console.log(`Soul: ${SOUL_FILE}`);
-console.log(`Vault: ${VAULT_FILE} (${vault.exists() ? "exists" : "not created"})`);
-console.log(`Onboarded: ${isOnboarded()}`);
-
-// Notify owner that bot is back online
-bot.sendMessage(CHAT_ID, `Back online and ready! Running v${CURRENT_VERSION}.`).catch(() => {});