@rubytech/taskmaster 1.0.4 → 1.0.6

package/dist/gateway/server-methods/cron.js

@@ -28,6 +28,10 @@ export const cronHandlers = {
                 return jobAgent !== undefined && normalized.includes(jobAgent);
             });
         }
+        if (typeof p.accountId === "string" && p.accountId.trim()) {
+            const target = p.accountId.trim();
+            jobs = jobs.filter((job) => job.accountId === target);
+        }
         respond(true, { jobs }, undefined);
     },
     "cron.status": async ({ params, respond, context }) => {

package/dist/gateway/server.impl.js

@@ -5,6 +5,7 @@ import { listChannelPlugins } from "../channels/plugins/index.js";
 import { createDefaultDeps } from "../cli/deps.js";
 import { formatCliCommand } from "../cli/command-format.js";
 import { CONFIG_PATH_TASKMASTER, isNixMode, loadConfig, migrateLegacyConfig, readConfigFileSnapshot, writeConfigFile, } from "../config/config.js";
+import { VERSION } from "../version.js";
 import { isDiagnosticsEnabled } from "../infra/diagnostic-events.js";
 import { logAcceptedEnvOption } from "../infra/env.js";
 import { applyPluginAutoEnable } from "../config/plugin-auto-enable.js";
@@ -116,6 +117,17 @@ export async function startGatewayServer(port = 18789, opts = {}) {
             log.warn(`gateway: failed to persist plugin auto-enable changes: ${String(err)}`);
         }
     }
+    // Stamp config with running version on startup so upgrades keep the stamp current.
+    const storedVersion = configSnapshot.config.meta?.lastTouchedVersion;
+    if (configSnapshot.exists && storedVersion !== VERSION) {
+        try {
+            await writeConfigFile(configSnapshot.config);
+            log.info(`gateway: updated config version stamp from ${storedVersion ?? "(none)"} to ${VERSION}`);
+        }
+        catch (err) {
+            log.warn(`gateway: failed to update config version stamp: ${String(err)}`);
+        }
+    }
     const cfgAtStart = loadConfig();
     // License check — gateway always starts (so setup UI is reachable),
     // but pages other than /setup will redirect until a license is activated.

package/dist/license/device-id.js

@@ -0,0 +1,61 @@
+import crypto from "node:crypto";
+import { execFileSync } from "node:child_process";
+import fs from "node:fs";
+import os from "node:os";
+const SALT = "taskmaster-device-v1";
+const PREFIX = "tm_dev_";
+let cachedDeviceId = null;
+function hashWithSalt(input) {
+    return crypto.createHash("sha256").update(`${SALT}:${input}`).digest("hex");
+}
+function getMacSerial() {
+    try {
+        const output = execFileSync("ioreg", ["-rd1", "-c", "IOPlatformExpertDevice"], {
+            encoding: "utf8",
+            timeout: 5000,
+        });
+        const match = output.match(/"IOPlatformSerialNumber"\s*=\s*"([^"]+)"/);
+        return match?.[1] ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+function getLinuxSerial() {
+    try {
+        const cpuinfo = fs.readFileSync("/proc/cpuinfo", "utf8");
+        const match = cpuinfo.match(/^Serial\s*:\s*(\S+)/m);
+        return match?.[1] ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+function getFallbackId() {
+    const cpuModel = os.cpus()[0]?.model ?? "unknown";
+    return `${os.hostname()}:${os.platform()}:${os.arch()}:${cpuModel}`;
+}
+/**
+ * Generate a stable hardware fingerprint for this device.
+ * - macOS: SHA-256 of IOPlatformSerialNumber
+ * - Linux (Pi): SHA-256 of /proc/cpuinfo Serial
+ * - Fallback: SHA-256 of hostname + platform + arch + cpu model
+ *
+ * Result is cached in memory (won't change during runtime).
+ */
+export function getDeviceId() {
+    if (cachedDeviceId)
+        return cachedDeviceId;
+    let raw = null;
+    if (os.platform() === "darwin") {
+        raw = getMacSerial();
+    }
+    else if (os.platform() === "linux") {
+        raw = getLinuxSerial();
+    }
+    if (!raw) {
+        raw = getFallbackId();
+    }
+    cachedDeviceId = `${PREFIX}${hashWithSalt(raw)}`;
+    return cachedDeviceId;
+}

package/dist/license/keys.js

@@ -0,0 +1,61 @@
+import crypto from "node:crypto";
+/**
+ * Ed25519 public key for verifying license tokens.
+ *
+ * The corresponding private key is kept secret and used to sign
+ * tokens when a license is issued (via our Taskmaster WhatsApp agent
+ * or manually).
+ *
+ * Token format: TM1-<base64url(payload)>.<base64url(signature)>
+ * Payload JSON: { did, tier, exp, cid, iat }
+ * Note: `tier` is always "standard" — no tier differentiation exists.
+ */
+const PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
+MCowBQYDK2VwAyEA/t/C4A4I0rDlj5rEqv6Hy6VdHJr7WiJHWUxgwGz9HcM=
+-----END PUBLIC KEY-----`;
+const publicKey = crypto.createPublicKey(PUBLIC_KEY_PEM);
+/** Token version prefix. */
+const TOKEN_PREFIX = "TM1-";
+/**
+ * Verify a license token's cryptographic signature and decode its payload.
+ * Does NOT check device binding or expiry — caller handles that.
+ */
+export function verifyLicenseToken(token) {
+    if (!token.startsWith(TOKEN_PREFIX)) {
+        return { valid: false, message: "Invalid token format" };
+    }
+    const body = token.slice(TOKEN_PREFIX.length);
+    const dotIndex = body.indexOf(".");
+    if (dotIndex === -1) {
+        return { valid: false, message: "Invalid token format" };
+    }
+    const payloadB64 = body.slice(0, dotIndex);
+    const signatureB64 = body.slice(dotIndex + 1);
+    if (!payloadB64 || !signatureB64) {
+        return { valid: false, message: "Invalid token format" };
+    }
+    // Verify signature
+    let signatureValid;
+    try {
+        const signature = Buffer.from(signatureB64, "base64url");
+        signatureValid = crypto.verify(null, Buffer.from(payloadB64), publicKey, signature);
+    }
+    catch {
+        return { valid: false, message: "Signature verification failed" };
+    }
+    if (!signatureValid) {
+        return { valid: false, message: "Invalid license key" };
+    }
+    // Decode payload
+    try {
+        const payloadJson = Buffer.from(payloadB64, "base64url").toString("utf8");
+        const payload = JSON.parse(payloadJson);
+        if (!payload.did || !payload.tier || !payload.exp || !payload.cid || !payload.iat) {
+            return { valid: false, message: "Incomplete license data" };
+        }
+        return { valid: true, payload };
+    }
+    catch {
+        return { valid: false, message: "Invalid license data" };
+    }
+}

package/dist/license/revalidation.js

@@ -0,0 +1,52 @@
+import { loadConfig, writeConfigFile } from "../config/config.js";
+import { getDeviceId } from "./device-id.js";
+import { validateLicenseKey } from "./validate.js";
+/** Check every 24 hours during gateway uptime. */
+const CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000;
+let revalidationTimer = null;
+function revalidate(log, onChange) {
+    const config = loadConfig();
+    const lic = config.license;
+    // Nothing to revalidate if there's no stored key
+    if (!lic?.key || !lic.validatedAt)
+        return;
+    // Re-verify the stored token locally (signature + device + expiry)
+    const deviceId = getDeviceId();
+    const result = validateLicenseKey(lic.key, deviceId);
+    if (result.valid) {
+        log.info("license still valid");
+        return;
+    }
+    // Token is no longer valid (expired, wrong device, bad signature)
+    log.warn(`license revoked: ${result.message}`);
+    try {
+        void writeConfigFile({
+            ...config,
+            license: {
+                key: lic.key,
+                deviceId: lic.deviceId,
+                // Clear validation fields to force re-activation
+            },
+        });
+    }
+    catch (err) {
+        log.warn(`failed to clear revoked license: ${String(err)}`);
+    }
+    onChange(false);
+}
+export function startLicenseRevalidation(log, onChange) {
+    stopLicenseRevalidation();
+    revalidationTimer = setInterval(() => {
+        revalidate(log, onChange);
+    }, CHECK_INTERVAL_MS);
+    // Don't prevent process exit
+    if (revalidationTimer && typeof revalidationTimer === "object" && "unref" in revalidationTimer) {
+        revalidationTimer.unref();
+    }
+}
+export function stopLicenseRevalidation() {
+    if (revalidationTimer) {
+        clearInterval(revalidationTimer);
+        revalidationTimer = null;
+    }
+}

package/dist/license/state.js

@@ -0,0 +1,12 @@
+/**
+ * In-memory license state flag.
+ * Updated at startup and when the license is activated or revoked.
+ * Defaults to true in test environments so tests don't need to mock licensing.
+ */
+let licensed = process.env.VITEST === "true";
+export function isLicensed() {
+    return licensed;
+}
+export function setLicensed(value) {
+    licensed = value;
+}

package/dist/license/validate.js

@@ -0,0 +1,59 @@
+import { verifyLicenseToken } from "./keys.js";
+/** Max age for a stored validation before we require re-checking (30 days). */
+const MAX_VALIDATION_AGE_MS = 30 * 24 * 60 * 60 * 1000;
+/**
+ * Validate a license token locally using Ed25519 signature verification.
+ * Checks: signature valid, device ID matches, not expired.
+ */
+export function validateLicenseKey(key, deviceId) {
+    const result = verifyLicenseToken(key);
+    if (!result.valid) {
+        return { valid: false, message: result.message };
+    }
+    const { payload } = result;
+    // Check device binding ("*" = any device, used for dev/master keys)
+    if (payload.did !== "*" && payload.did !== deviceId) {
+        return {
+            valid: false,
+            message: "This license key is bound to a different device",
+        };
+    }
+    // Check expiry
+    const expiresAt = new Date(payload.exp).getTime();
+    if (Number.isNaN(expiresAt) || Date.now() > expiresAt) {
+        return { valid: false, message: "License has expired" };
+    }
+    return {
+        valid: true,
+        message: "License activated",
+        expiresAt: payload.exp,
+        tier: payload.tier,
+        customerId: payload.cid,
+    };
+}
+/**
+ * Check whether the stored license in config is currently valid.
+ * Does NOT re-verify the signature — only checks local state.
+ */
+export function isLicenseValid(config) {
+    const lic = config.license;
+    if (!lic?.key)
+        return false;
+    if (!lic.validatedAt)
+        return false;
+    // Check validation age
+    const validatedAt = new Date(lic.validatedAt).getTime();
+    if (Number.isNaN(validatedAt))
+        return false;
+    if (Date.now() - validatedAt > MAX_VALIDATION_AGE_MS)
+        return false;
+    // Check expiry (absent expiresAt = perpetual)
+    if (lic.expiresAt) {
+        const expiresAt = new Date(lic.expiresAt).getTime();
+        if (Number.isNaN(expiresAt))
+            return false;
+        if (Date.now() > expiresAt)
+            return false;
+    }
+    return true;
+}

package/dist/logging/logger.js

@@ -26,20 +26,32 @@ function attachExternalTransport(logger, transport) {
         }
     });
 }
+let resolvingSettings = false;
 function resolveSettings() {
-    let cfg = loggingState.overrideSettings ?? readLoggingConfig();
-    if (!cfg) {
-        try {
-            const loaded = requireConfig("../config/config.js");
-            cfg = loaded.loadConfig?.().logging;
-        }
-        catch {
-            cfg = undefined;
+    // Guard against recursion: loadConfig() may trigger logging during
+    // validation, which calls getLogger() → resolveSettings() again.
+    if (resolvingSettings) {
+        return { level: "info", file: defaultRollingPathForToday() };
+    }
+    resolvingSettings = true;
+    try {
+        let cfg = loggingState.overrideSettings ?? readLoggingConfig();
+        if (!cfg) {
+            try {
+                const loaded = requireConfig("../config/config.js");
+                cfg = loaded.loadConfig?.().logging;
+            }
+            catch {
+                cfg = undefined;
+            }
         }
+        const level = normalizeLogLevel(cfg?.level, "info");
+        const file = cfg?.file ?? defaultRollingPathForToday();
+        return { level, file };
+    }
+    finally {
+        resolvingSettings = false;
     }
-    const level = normalizeLogLevel(cfg?.level, "info");
-    const file = cfg?.file ?? defaultRollingPathForToday();
-    return { level, file };
 }
 function settingsChanged(a, b) {
     if (!a)

package/dist/records/records-manager.js

@@ -0,0 +1,92 @@
+import fs from "node:fs";
+import path from "node:path";
+import os from "node:os";
+const RECORDS_DIR = path.join(os.homedir(), ".taskmaster");
+const RECORDS_PATH = path.join(RECORDS_DIR, "records.json");
+function readFile() {
+    try {
+        const raw = fs.readFileSync(RECORDS_PATH, "utf-8");
+        const parsed = JSON.parse(raw);
+        if (parsed.version === 1 && typeof parsed.records === "object" && parsed.records !== null) {
+            return parsed;
+        }
+    }
+    catch {
+        // File doesn't exist or is invalid — return empty
+    }
+    return { version: 1, records: {} };
+}
+function writeFile(data) {
+    fs.mkdirSync(RECORDS_DIR, { recursive: true });
+    const tmp = RECORDS_PATH + ".tmp";
+    fs.writeFileSync(tmp, JSON.stringify(data, null, 2), "utf-8");
+    fs.renameSync(tmp, RECORDS_PATH);
+}
+export function listRecords(workspace) {
+    const data = readFile();
+    let records = Object.values(data.records);
+    if (workspace) {
+        // Strict workspace filter — only show records tagged for this workspace.
+        // Untagged records belong to the default workspace.
+        records = records.filter((r) => (r.workspace ?? "taskmaster") === workspace);
+    }
+    return records.sort((a, b) => a.name.localeCompare(b.name));
+}
+export function getRecord(id) {
+    const data = readFile();
+    return data.records[id] ?? null;
+}
+export function searchRecords(query, workspace) {
+    const q = query.toLowerCase();
+    const data = readFile();
+    let records = Object.values(data.records);
+    if (workspace) {
+        // Strict workspace filter — same as listRecords
+        records = records.filter((r) => (r.workspace ?? "taskmaster") === workspace);
+    }
+    return records.filter((r) => r.id.includes(q) || r.name.toLowerCase().includes(q));
+}
+export function setRecord(id, input) {
+    const data = readFile();
+    const now = new Date().toISOString();
+    const existing = data.records[id];
+    const record = {
+        id,
+        name: input.name,
+        workspace: input.workspace ?? existing?.workspace,
+        createdAt: existing?.createdAt ?? now,
+        updatedAt: now,
+        fields: input.fields,
+    };
+    data.records[id] = record;
+    writeFile(data);
+    return record;
+}
+export function deleteRecord(id) {
+    const data = readFile();
+    if (!data.records[id])
+        return false;
+    delete data.records[id];
+    writeFile(data);
+    return true;
+}
+export function setRecordField(id, key, value) {
+    const data = readFile();
+    const record = data.records[id];
+    if (!record)
+        return null;
+    record.fields[key] = value;
+    record.updatedAt = new Date().toISOString();
+    writeFile(data);
+    return record;
+}
+export function deleteRecordField(id, key) {
+    const data = readFile();
+    const record = data.records[id];
+    if (!record)
+        return null;
+    delete record.fields[key];
+    record.updatedAt = new Date().toISOString();
+    writeFile(data);
+    return record;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.0.4",
+  "version": "1.0.6",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"
@@ -72,7 +72,10 @@
     "dist/markdown/**",
     "dist/node-host/**",
     "dist/pairing/**",
-    "dist/whatsapp/**"
+    "dist/whatsapp/**",
+    "dist/records/**",
+    "dist/filler/**",
+    "dist/license/**"
   ],
   "scripts": {
     "dev": "node scripts/run-node.mjs",

package/scripts/install.sh

@@ -4,10 +4,10 @@ set -euo pipefail
 # Taskmaster — one-command install for fresh devices (Pi or Mac).
 #
 # Usage:
-#   curl -fsSL https://taskmaster.bot/install.sh | bash
+#   curl -fsSL https://taskmaster.bot/install.sh | sudo bash
 #
 # With custom port:
-#   curl -fsSL https://taskmaster.bot/install.sh | bash -s -- --port 19000
+#   curl -fsSL https://taskmaster.bot/install.sh | sudo bash -s -- --port 19000
 
 PORT=""
 for arg in "$@"; do

package/scripts/postinstall.js

@@ -2,7 +2,13 @@ import fs from "node:fs";
 import path from "node:path";
 import { spawnSync } from "node:child_process";
 import { fileURLToPath } from "node:url";
-import { setupGitHooks } from "./setup-git-hooks.js";
+let setupGitHooks = () => {};
+try {
+  const mod = await import("./setup-git-hooks.js");
+  setupGitHooks = mod.setupGitHooks;
+} catch {
+  // setup-git-hooks.js is not shipped in the npm package — skip in production
+}
 
 function detectPackageManager(ua = process.env.npm_config_user_agent ?? "") {
   // Examples:

package/skills/business-assistant/SKILL.md

@@ -214,7 +214,7 @@ Always ask the business owner before reshuffling. Never move a job without appro
 **Real-time location (GPS):**
 If the business owner's phone is paired as a node, you can query their GPS location on demand using `location.get`. Use this for:
 - **Customer asks "where is he?"** → Check GPS, compare to next appointment location, give an ETA: "[name] left his last job about 15 minutes ago. He should be with you in about 20 minutes."
-- **Late detection** → If you have a cron check 10 minutes before each appointment, query GPS. If the business owner is still far away, proactively message the customer: "Hi! [name]'s running about 15 minutes late — he's on his way. Sorry for the wait!" This turns a complaint into a professional courtesy.
+- **Late detection** → If you have a scheduled event check 10 minutes before each appointment, query GPS. If the business owner is still far away, proactively message the customer: "Hi! [name]'s running about 15 minutes late — he's on his way. Sorry for the wait!" This turns a complaint into a professional courtesy.
 - **Business owner or their partner asks "where is [name]?"** → Report current location and next job ETA.
 - **End-of-day** → If the business owner is near their home postcode, stop offering same-day appointments.
 - Do NOT track location continuously. Only query when you have a specific reason.
@@ -339,7 +339,7 @@ Customers can always request to speak to the business owner directly. The agent
 
 ## Morning Briefing
 
-If a cron job is set up for morning briefings, send a daily summary. **Group jobs by area, not just time.** Include postcodes, estimated travel, and total driving time. See Schedule Optimisation section for full format.
+If a scheduled event is set up for morning briefings, send a daily summary. **Group jobs by area, not just time.** Include postcodes, estimated travel, and total driving time. See Schedule Optimisation section for full format.
 
 > **Morning [name]! Here's your Tuesday:**
 >

package/skills/event-management/SKILL.md

@@ -0,0 +1,15 @@
+# Event Management
+
+Applies when handling anything time-bound: appointments, meetings, reminders, follow-ups, callbacks, deadlines — any commitment or scheduled action between one or more parties.
+
+## When to activate
+
+- Customer requests or confirms an appointment
+- Business owner asks to schedule, reschedule, or cancel something
+- A reminder, follow-up, or callback needs to be recorded
+- Someone asks "what's on [day/week]?" or "show me the schedule"
+- A deadline or time-sensitive commitment is mentioned
+
+## References
+
+Load `references/events.md` for the standard event template, file naming, dual-write pattern, and calendar query instructions.

package/skills/event-management/references/events.md

@@ -0,0 +1,120 @@
+# Events
+
+Events are any time-bound information: appointments, meetings, reminders, follow-ups, callbacks, deadlines. Anything that represents a commitment, agreement, or scheduled action between one or more parties.
+
+---
+
+## Standard Event Format
+
+Every event file follows this structure. All fields above the `## Notes` section are required unless marked optional.
+
+```markdown
+# Event: [Short descriptive title]
+
+- **Date:** YYYY-MM-DD
+- **Time:** HH:MM (24h, local timezone)
+- **Duration:** [number] min
+- **Customer:** [Name] ([phone])
+- **Service:** [what is being done]
+- **Location:** [address or "Remote" / "Phone"]
+- **Status:** confirmed | tentative | cancelled | completed
+- **Created by:** [agent id — e.g. public, admin]
+- **Created:** YYYY-MM-DDTHH:MM:SSZ
+
+## Notes
+[Free text — special instructions, context, history of changes]
+```
+
+### Field guidance
+
+- **Date/Time** — always local timezone. If the business owner's timezone is known, use it consistently.
+- **Duration** — estimated in minutes. If unknown, use a reasonable default for the service type and note the assumption.
+- **Customer** — full name and phone in international format. For internal events (admin meetings, personal reminders) use the owner's name and number.
+- **Status** — `confirmed` when both parties have agreed. `tentative` when proposed but not confirmed. `cancelled` when called off. `completed` after the event has passed and the work is done.
+- **Service** — brief description of the work or purpose. Not a category — use plain language ("boiler service", "quote for kitchen extension", "team meeting").
+
+---
+
+## File Naming
+
+Files are named for sort order and human readability:
+
+```
+YYYY-MM-DD-slug.md
+```
+
+Examples:
+- `2026-02-20-boiler-service-john-smith.md`
+- `2026-02-21-quote-mrs-jenkins.md`
+- `2026-03-01-team-meeting.md`
+
+The slug should be lowercase, hyphenated, and include enough context to identify the event without opening the file.
+
+---
+
+## Where to Write
+
+Every event must be written to **two** locations:
+
+1. **Per-customer record:** `memory/users/{phone}/events/YYYY-MM-DD-slug.md`
+   - Scoped to the customer. Visible when reviewing that customer's history.
+2. **Shared calendar:** `memory/shared/events/YYYY-MM-DD-slug.md`
+   - Visible to all agents in the account. The admin agent uses this for calendar queries.
+
+Both files have identical content. Write to both in the same operation.
+
+For events that have no external customer (internal meetings, personal reminders), write only to `memory/shared/events/`.
+
+---
+
+## Updating Events
+
+When an event changes (rescheduled, cancelled, details updated):
+
+1. Update **both** copies — the per-customer file and the shared calendar file.
+2. Change the **Status** field appropriately.
+3. Add a note in the `## Notes` section explaining the change and when it happened.
+4. If the date changes, rename both files to reflect the new date. Delete the old files.
+
+---
+
+## Querying the Calendar
+
+To answer "what's on [day/week]?" or "show me the schedule":
+
+1. List files in `memory/shared/events/` — filenames are date-prefixed, so lexicographic order is chronological order.
+2. Filter by date prefix (e.g., `2026-02-20` for a specific day, `2026-02-` for a month).
+3. Read the matching files for details.
+
+This is a directory listing + read operation, not a search. It is fast and complete.
+
+---
+
+## Linking Events to Scheduled Reminders
+
+Events (calendar data) and scheduled reminders (the `cron` tool) serve different purposes:
+
+- **Event file** — the record of what is happening, when, and with whom. Source of truth for the calendar.
+- **Scheduled reminder** (`cron` tool) — an automated trigger that fires at a specific time to notify or act. Optional.
+
+When you create an event that also needs a reminder (e.g., "remind me 30 minutes before"), create both:
+1. The event file (in both locations, as above)
+2. A scheduled reminder via the `cron` tool, referencing the event
+
+The reminder's payload text should reference the event clearly so the recipient has full context when it fires.
+
+---
+
+## Event Types
+
+This format covers all time-bound data. Examples:
+
+| Type | Customer field | Location | Notes |
+|------|---------------|----------|-------|
+| Customer appointment | Customer name + phone | Job site address | Service details, access instructions |
+| Quote visit | Customer name + phone | Site address | What to quote, measurements needed |
+| Callback | Customer name + phone | "Phone" | Why they're expecting a call, promised window |
+| Follow-up | Customer name + phone | n/a | What to follow up on, last interaction context |
+| Internal meeting | Owner name + phone | Meeting link or office | Agenda, attendees |
+| Personal reminder | Owner name + phone | n/a | What to remember, deadline context |
+| Deadline | Owner or customer | n/a | What's due, consequences of missing it |

package/taskmaster-docs/USER-GUIDE.md

@@ -39,7 +39,7 @@ You'll need a monitor, keyboard, and mouse connected to the Pi.
 2. Run:
 
 ```
-curl -fsSL https://taskmaster.bot/install.sh | bash
+curl -fsSL https://taskmaster.bot/install.sh | sudo bash
 ```
 
 3. Wait for it to finish (a few minutes — it installs Node.js if needed)
@@ -54,7 +54,7 @@ You can also access the setup page from any other device on the same network at
 Open **Terminal** (search for "Terminal" in Spotlight) and run:
 
 ```
-curl -fsSL https://taskmaster.bot/install.sh | bash
+curl -fsSL https://taskmaster.bot/install.sh | sudo bash
 ```
 
 This installs Node.js (if needed), Taskmaster, and sets up the background service. Once finished, open your browser and go to: **http://localhost:18789/setup**
@@ -62,7 +62,7 @@ This installs Node.js (if needed), Taskmaster, and sets up the background servic
 **Custom port:** If you're running multiple Taskmaster instances (e.g., one on a Pi and one on a Mac), give each a different port:
 
 ```
-curl -fsSL https://taskmaster.bot/install.sh | bash -s -- --port 19000
+curl -fsSL https://taskmaster.bot/install.sh | sudo bash -s -- --port 19000
 ```
 
 ### Option D: Install from a package file