@rubytech/taskmaster 1.10.0 → 1.11.0

package/dist/control-ui/index.html

@@ -6,8 +6,8 @@
     <title>Taskmaster Control</title>
     <meta name="color-scheme" content="dark light" />
     <link rel="icon" type="image/png" href="./favicon.png" />
-    <script type="module" crossorigin src="./assets/index-CTFFQkyj.js"></script>
-    <link rel="stylesheet" crossorigin href="./assets/index-n_TWBBTg.css">
+    <script type="module" crossorigin src="./assets/index-YAjVyXqJ.js"></script>
+    <link rel="stylesheet" crossorigin href="./assets/index-CpaEIgQy.css">
   </head>
   <body>
     <taskmaster-app></taskmaster-app>

package/dist/cron/preloaded.js

@@ -0,0 +1,92 @@
+import fs from "node:fs";
+import path from "node:path";
+import { DEFAULT_CRON_DIR } from "./store.js";
+export const DEFAULT_SEED_TRACKER_PATH = path.join(DEFAULT_CRON_DIR, "seeded.json");
+export async function loadSeedTracker(trackerPath) {
+    try {
+        const raw = await fs.promises.readFile(trackerPath, "utf-8");
+        const parsed = JSON.parse(raw);
+        return {
+            version: 1,
+            seeded: Array.isArray(parsed?.seeded) ? parsed.seeded : [],
+        };
+    }
+    catch {
+        return { version: 1, seeded: [] };
+    }
+}
+export async function saveSeedTracker(trackerPath, tracker) {
+    await fs.promises.mkdir(path.dirname(trackerPath), { recursive: true });
+    const json = JSON.stringify(tracker, null, 2);
+    await fs.promises.writeFile(trackerPath, json, "utf-8");
+}
+export function isTemplateSeeded(tracker, templateId) {
+    return tracker.seeded.some((e) => e.templateId === templateId);
+}
+export function markTemplateSeeded(tracker, templateId, jobId) {
+    tracker.seeded.push({ templateId, jobId, seededAtMs: Date.now() });
+}
+// ---------------------------------------------------------------------------
+// Template loader — scan bundled skills for cron-template.json files
+// ---------------------------------------------------------------------------
+/**
+ * Scan the bundled skills directory for cron-template.json files.
+ * Returns validated templates. Skips files that can't be parsed or lack a templateId.
+ */
+export function loadCronTemplatesFromBundledSkills(bundledSkillsDir) {
+    const templates = [];
+    let entries;
+    try {
+        entries = fs.readdirSync(bundledSkillsDir, { withFileTypes: true });
+    }
+    catch {
+        return [];
+    }
+    for (const entry of entries) {
+        if (!entry.isDirectory())
+            continue;
+        const templatePath = path.join(bundledSkillsDir, entry.name, "cron-template.json");
+        try {
+            const raw = fs.readFileSync(templatePath, "utf-8");
+            const parsed = JSON.parse(raw);
+            if (typeof parsed.templateId === "string" && parsed.templateId.trim()) {
+                templates.push(parsed);
+            }
+        }
+        catch {
+            // No template or invalid JSON — skip silently.
+        }
+    }
+    return templates;
+}
+// ---------------------------------------------------------------------------
+// Seeding function — create cron jobs from un-seeded templates
+// ---------------------------------------------------------------------------
+export async function seedPreloadedCronJobs(params) {
+    const { bundledSkillsDir, trackerPath, cronService, defaultAccountId } = params;
+    const templates = loadCronTemplatesFromBundledSkills(bundledSkillsDir);
+    if (templates.length === 0)
+        return 0;
+    const tracker = await loadSeedTracker(trackerPath);
+    let seeded = 0;
+    for (const template of templates) {
+        if (isTemplateSeeded(tracker, template.templateId))
+            continue;
+        const job = await cronService.add({
+            name: template.name,
+            description: template.description,
+            enabled: template.enabled,
+            agentId: template.agentId,
+            accountId: defaultAccountId,
+            schedule: template.schedule,
+            sessionTarget: template.sessionTarget,
+            wakeMode: template.wakeMode,
+            payload: template.payload,
+            isolation: template.isolation,
+        });
+        markTemplateSeeded(tracker, template.templateId, job.id);
+        await saveSeedTracker(trackerPath, tracker);
+        seeded++;
+    }
+    return seeded;
+}

package/dist/gateway/public-chat/deliver-email.js

@@ -1,39 +1,91 @@
 /**
- * Lightweight Resend email sender — single HTTP POST, no SDK dependency.
+ * Lightweight Brevo email sender — single HTTP POST, no SDK dependency.
+ *
+ * The "from" address is auto-detected from Brevo's senders API when not
+ * explicitly set in config. Users only need to provide an API key.
  */
 import { loadConfig } from "../../config/config.js";
 /**
- * Read email credentials from `publicChat.email` in config.
- * Returns null if any required field is missing.
+ * Sync check: is a Brevo API key configured?
+ * Used by detectOtpChannels() for capability reporting — does not resolve the
+ * "from" address, just confirms the key exists.
  */
-export function resolveEmailCredentials() {
+export function hasEmailApiKey() {
+    const cfg = loadConfig();
+    return !!cfg.publicChat?.email?.apiKey;
+}
+/** Cached verified sender — avoids hitting the API on every email. */
+let cachedSender = null;
+/**
+ * Query Brevo for the first active sender address.
+ * Returns the sender email or null if none exist.
+ */
+async function fetchVerifiedSender(apiKey) {
+    try {
+        const res = await fetch("https://api.brevo.com/v3/senders", {
+            headers: {
+                "api-key": apiKey,
+                Accept: "application/json",
+            },
+        });
+        if (!res.ok)
+            return null;
+        const json = (await res.json());
+        const active = json.senders?.find((s) => s.active && s.email);
+        return active?.email ?? json.senders?.[0]?.email ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Resolve email credentials from config.
+ *
+ * Only `publicChat.email.apiKey` is required. The "from" address is resolved
+ * in order: explicit config value → cached sender → live Brevo API lookup.
+ * Returns null if no API key is configured.
+ */
+export async function resolveEmailCredentials() {
     const cfg = loadConfig();
     const email = cfg.publicChat?.email;
-    if (!email?.apiKey || !email.from)
+    if (!email?.apiKey)
+        return null;
+    // Explicit from address in config — use it directly
+    if (email.from)
+        return { apiKey: email.apiKey, from: email.from };
+    // Cached sender for this API key
+    if (cachedSender && cachedSender.apiKey === email.apiKey) {
+        return { apiKey: email.apiKey, from: cachedSender.from };
+    }
+    // Auto-detect from Brevo senders API
+    const sender = await fetchVerifiedSender(email.apiKey);
+    if (!sender)
         return null;
-    return { apiKey: email.apiKey, from: email.from };
+    cachedSender = { apiKey: email.apiKey, from: sender };
+    return { apiKey: email.apiKey, from: sender };
 }
 /**
- * Send an email via the Resend REST API.
+ * Send an email via the Brevo transactional email API.
  */
 export async function sendEmail(to, subject, body, creds) {
-    const res = await fetch("https://api.resend.com/emails", {
+    const res = await fetch("https://api.brevo.com/v3/smtp/email", {
         method: "POST",
         headers: {
-            Authorization: `Bearer ${creds.apiKey}`,
+            "api-key": creds.apiKey,
             "Content-Type": "application/json",
+            Accept: "application/json",
         },
         body: JSON.stringify({
-            from: creds.from,
-            to: [to],
+            sender: { email: creds.from },
+            to: [{ email: to }],
             subject,
-            text: body,
+            textContent: body,
         }),
     });
     if (!res.ok) {
         const text = await res.text().catch(() => "");
-        throw new Error(`Resend email failed (${res.status}): ${text}`);
+        throw new Error(`Brevo email failed (${res.status}): ${text}`);
     }
     const json = (await res.json());
-    return { id: json.id ?? "unknown" };
+    return { id: json.messageId ?? "unknown" };
 }

package/dist/gateway/public-chat/deliver-otp.js

@@ -1,10 +1,10 @@
 /**
- * Deliver OTP verification codes via WhatsApp (primary), SMS (fallback), or email (Resend).
+ * Deliver OTP verification codes via WhatsApp (primary), SMS (fallback), or email (Brevo).
  */
 import { getActiveWebListener } from "../../web/active-listener.js";
 import { sendMessageWhatsApp } from "../../web/outbound.js";
 import { resolveSmsCredentials, sendSms } from "./deliver-sms.js";
-import { resolveEmailCredentials, sendEmail } from "./deliver-email.js";
+import { hasEmailApiKey, resolveEmailCredentials, sendEmail } from "./deliver-email.js";
 /** Detect whether an identifier is an email address. */
 function isEmail(identifier) {
     return identifier.includes("@");
@@ -19,23 +19,23 @@ export function detectOtpChannels(whatsappAccountId) {
         channels.push("whatsapp");
     if (resolveSmsCredentials())
         channels.push("sms");
-    if (resolveEmailCredentials())
+    if (hasEmailApiKey())
         channels.push("email");
     return channels;
 }
 /**
  * Deliver a verification code to the given identifier.
  *
- * Email identifiers (containing @) are sent via Resend.
+ * Email identifiers (containing @) are sent via Brevo.
  * Phone identifiers use the existing WhatsApp -> SMS fallback chain.
  */
 export async function deliverOtp(identifier, code, accountId) {
     const message = `Your verification code is: ${code}`;
-    // Email identifiers — deliver via Resend only
+    // Email identifiers — deliver via Brevo only
     if (isEmail(identifier)) {
-        const emailCreds = resolveEmailCredentials();
+        const emailCreds = await resolveEmailCredentials();
         if (!emailCreds) {
-            throw new Error("Email verification is not configured. Set publicChat.email credentials.");
+            throw new Error("Email verification is not configured. Add a Brevo API key and verify a sender in the Brevo console.");
         }
         await sendEmail(identifier, "Your verification code", message, emailCreds);
         return { channel: "email" };

package/dist/gateway/public-chat-api.js

@@ -5,7 +5,7 @@
  *
  * Endpoints:
  *   POST /session        — create an anonymous session (returns sessionKey)
- *   POST /otp/request    — request an OTP code (phone via WhatsApp/SMS, or email via Resend)
+ *   POST /otp/request    — request an OTP code (phone via WhatsApp/SMS, or email via Brevo)
  *   POST /otp/verify     — verify OTP and get a verified session (returns sessionKey)
  *   POST /chat           — send a message, receive the agent reply (sync or SSE stream)
  *   GET  /chat/history   — retrieve past messages for a session
@@ -14,7 +14,7 @@
  *
  * Authentication mirrors the public chat widget: anonymous sessions use a
  * client-provided identity string; verified sessions use OTP sent via phone
- * (WhatsApp with SMS fallback) or email (Resend). The sessionKey returned
+ * (WhatsApp with SMS fallback) or email (Brevo). The sessionKey returned
  * from /session or /otp/verify is passed via the X-Session-Key header on
  * subsequent requests.
  *

package/dist/gateway/server-methods/apikeys.js

@@ -26,7 +26,7 @@ const PROVIDER_CATALOG = [
     { id: "hume", name: "Hume", category: "Voice" },
     { id: "brave", name: "Brave", category: "Web Search" },
     { id: "elevenlabs", name: "ElevenLabs", category: "Voice" },
-    { id: "resend", name: "Resend", category: "Email" },
+    { id: "brevo", name: "Brevo", category: "Email" },
 ];
 const VALID_PROVIDER_IDS = new Set(PROVIDER_CATALOG.map((p) => p.id));
 export const apikeysHandlers = {

package/dist/gateway/server-methods/public-chat.js

@@ -31,7 +31,7 @@ function validateAccountId(raw) {
 export const publicChatHandlers = {
     /**
      * Request an OTP code — sends a 6-digit code via WhatsApp/SMS (phone) or
-     * Resend (email).
+     * Brevo (email).
      * Params: { identifier: string } or { phone: string } (backward compat)
      */
     "public.otp.request": async ({ params, respond, context }) => {

package/dist/gateway/server-methods/qr.js

@@ -0,0 +1,19 @@
+import { ErrorCodes, errorShape } from "../protocol/index.js";
+import { renderQrPngBase64 } from "../../web/qr-image.js";
+export const qrHandlers = {
+    "qr.generate": async ({ params, respond, context }) => {
+        const url = typeof params.url === "string" ? params.url : "";
+        if (!url) {
+            respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "missing url param"));
+            return;
+        }
+        try {
+            const base64 = await renderQrPngBase64(url, { scale: 6, marginModules: 2 });
+            respond(true, { dataUrl: `data:image/png;base64,${base64}` });
+        }
+        catch (err) {
+            context.logGateway.warn(`qr.generate failed: ${err instanceof Error ? err.message : String(err)}`);
+            respond(false, undefined, errorShape(ErrorCodes.UNAVAILABLE, "failed to generate QR code"));
+        }
+    },
+};

package/dist/gateway/server-methods.js

@@ -33,6 +33,7 @@ import { voicewakeHandlers } from "./server-methods/voicewake.js";
 import { webHandlers } from "./server-methods/web.js";
 import { wizardHandlers } from "./server-methods/wizard.js";
 import { publicChatHandlers } from "./server-methods/public-chat.js";
+import { qrHandlers } from "./server-methods/qr.js";
 import { tailscaleHandlers } from "./server-methods/tailscale.js";
 import { networkHandlers } from "./server-methods/network.js";
 import { wifiHandlers } from "./server-methods/wifi.js";
@@ -105,6 +106,7 @@ const READ_METHODS = new Set([
     "workspaces.scan",
     "memory.status",
     "memory.audit",
+    "qr.generate",
 ]);
 const WRITE_METHODS = new Set([
     "send",
@@ -240,6 +242,7 @@ export const coreGatewayHandlers = {
     ...workspacesHandlers,
     ...brandHandlers,
     ...publicChatHandlers,
+    ...qrHandlers,
     ...networkHandlers,
     ...tailscaleHandlers,
     ...wifiHandlers,

package/dist/gateway/server.impl.js

@@ -34,6 +34,9 @@ import { createExecApprovalForwarder } from "../infra/exec-approval-forwarder.js
 import { createChannelManager } from "./server-channels.js";
 import { createAgentEventHandler } from "./server-chat.js";
 import { createGatewayCloseHandler } from "./server-close.js";
+import { resolveBundledSkillsDir } from "../agents/skills/bundled-dir.js";
+import { DEFAULT_SEED_TRACKER_PATH, seedPreloadedCronJobs } from "../cron/preloaded.js";
+import { DEFAULT_ACCOUNT_ID } from "../routing/session-key.js";
 import { buildGatewayCronService } from "./server-cron.js";
 import { applyGatewayLaneConcurrency } from "./server-lanes.js";
 import { startGatewayMaintenanceTimers } from "./server-maintenance.js";
@@ -395,7 +398,29 @@ export async function startGatewayServer(port = 18789, opts = {}) {
         broadcast("notification", evt);
     });
     let heartbeatRunner = startHeartbeatRunner({ cfg: cfgAtStart });
-    void cron.start().catch((err) => logCron.error(`failed to start: ${String(err)}`));
+    // Start cron, then seed preloaded cron jobs from bundled skills (one-time per template).
+    void cron
+        .start()
+        .then(async () => {
+        const bundledSkillsDir = resolveBundledSkillsDir();
+        if (!bundledSkillsDir)
+            return;
+        try {
+            const seeded = await seedPreloadedCronJobs({
+                bundledSkillsDir,
+                trackerPath: DEFAULT_SEED_TRACKER_PATH,
+                cronService: cron,
+                defaultAccountId: DEFAULT_ACCOUNT_ID,
+            });
+            if (seeded > 0) {
+                logCron.info(`cron: seeded ${seeded} preloaded job(s)`);
+            }
+        }
+        catch (err) {
+            logCron.error(`cron: failed to seed preloaded jobs: ${String(err)}`);
+        }
+    })
+        .catch((err) => logCron.error(`failed to start: ${String(err)}`));
     const execApprovalManager = new ExecApprovalManager();
     const execApprovalForwarder = createExecApprovalForwarder();
     const execApprovalHandlers = createExecApprovalHandlers(execApprovalManager, {

package/dist/wizard/onboarding.js

@@ -346,6 +346,13 @@ export async function runOnboardingWizard(opts, runtime = defaultRuntime, prompt
     }
     // Setup hooks (session memory on /new)
     nextConfig = await setupInternalHooks(nextConfig, runtime, prompter);
+    // Inform user about the preloaded Daily Strategic Review cron job.
+    await prompter.note([
+        "A Daily Strategic Review is pre-configured (paused).",
+        "It scans your conversations, audits your materials, and suggests improvements.",
+        "",
+        "To enable it: Control Panel → Advanced → Events → enable 🔭 Daily Strategic Review.",
+    ].join("\n"), "Daily Strategic Review");
     nextConfig = applyWizardMetadata(nextConfig, { command: "onboard", mode });
     await writeConfigFile(nextConfig);
     await finalizeOnboardingWizard({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.10.0",
+  "version": "1.11.0",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"
@@ -84,8 +84,6 @@
     "prepack": "pnpm build && pnpm ui:build",
     "docs:list": "node scripts/docs-list.js",
     "docs:bin": "node scripts/build-docs-list.mjs",
-    "docs:dev": "cd docs && mint dev",
-    "docs:build": "cd docs && pnpm dlx --reporter append-only mint broken-links",
     "build": "tsc -p tsconfig.json && node --import tsx scripts/canvas-a2ui-copy.ts && node --import tsx scripts/copy-hook-metadata.ts && node --import tsx scripts/write-build-info.ts",
     "plugins:sync": "node --import tsx scripts/sync-plugin-versions.ts",
     "release:check": "node --import tsx scripts/release-check.ts",

package/skills/brevo/SKILL.md

@@ -0,0 +1,29 @@
+---
+name: brevo
+description: Guide users through getting a free Brevo API key for email OTP verification.
+metadata: {"taskmaster":{"emoji":"🔑"}}
+---
+
+# Brevo Setup
+
+Walks users through creating a Brevo account, verifying a sender email address, and obtaining an API key. Brevo uses single sender verification — the user verifies one email address by entering a 6-digit code sent to it. No DNS records or domain ownership required.
+
+## When to activate
+
+- User enables Email OTP or Visitor Chooses mode for Public Chat and email is not configured
+- User asks about email verification setup or Brevo
+- BOOTSTRAP detects missing Brevo API key when email verification is enabled
+
+## What it unlocks
+
+- Email OTP verification for public chat visitors
+- Verification codes delivered via email to any address
+- Free tier: 300 emails per day, no credit card required
+
+## References
+
+| Task | When to use | Reference |
+|------|-------------|-----------|
+| Guided setup | User wants help getting the key | `references/browser-setup.md` |
+
+Load the reference and follow its instructions.

package/skills/brevo/references/browser-setup.md

@@ -0,0 +1,113 @@
+# Brevo Email — Guided Setup
+
+Walk the user through getting Brevo credentials. Brevo uses single sender verification — the user verifies an email address by entering a 6-digit code sent to it. No DNS records required. Guide with clear instructions.
+
+---
+
+## Prerequisites
+
+- User has an email address they want OTP emails to come from (e.g. their business email)
+- Chat channel for sending instructions
+
+---
+
+## Step 1: Explain
+
+Tell the user what Brevo is and why they need it:
+
+> "To send verification codes by email, we need a Brevo account. It's completely free — you get 300 emails a day, which is way more than enough for verification codes. No credit card required.
+>
+> I'll walk you through the setup step by step. The whole thing takes about 5 minutes."
+
+## Step 2: Create a Brevo account
+
+> "Go to **brevo.com** in your browser and click **Sign up free**.
+>
+> You'll need to enter:
+> - Your email address
+> - A password
+>
+> Brevo will send a confirmation email. Click the link in it to verify your account. Let me know when you're logged in."
+
+Wait for the user to confirm they've completed signup.
+
+If the user is asked onboarding questions (company name, team size, etc.), tell them:
+
+> "Just fill in your business name and pick whatever options feel right — those are for Brevo's records and don't affect anything."
+
+## Step 3: Verify a sender email address
+
+This determines what email address OTP codes come from. Brevo sends a 6-digit code to the email — no DNS records needed.
+
+> "Now we need to verify the email address that verification codes will be sent from. This is what your visitors will see in their inbox.
+>
+> 1. In the Brevo dashboard, click your **name/icon** in the top-right
+> 2. Click **Senders, Domains & Dedicated IPs** (or go to **Settings → Senders**)
+> 3. Click **Add a sender**
+> 4. Fill in:
+>    - **From Name** — your business name (e.g. "Acme Plumbing")
+>    - **From Email** — the email you want codes to come from (your business email works)
+> 5. Click **Save**
+>
+> Brevo will send a **6-digit code** to that email address. Check your inbox (and spam folder), enter the code, and click **Verify**. Let me know when it's done."
+
+Wait for the user to confirm.
+
+## Step 4: Get an API key
+
+> "Almost done. Now we need an API key:
+>
+> 1. Click your **name/icon** in the top-right again
+> 2. Click **SMTP & API**
+> 3. Click the **API Keys** tab
+> 4. Click **Generate a new API key**
+> 5. Give it a name like **Taskmaster**
+> 6. Click **Generate**
+>
+> You'll see the API key — it starts with **xkeysib-** and is quite long. **Copy it now**. Send it to me."
+
+Wait for the user to send the API key.
+
+Verify it looks right (starts with `xkeysib-`, usually 60+ characters). If not:
+
+> "That doesn't look like a Brevo API key — it should start with **xkeysib-** and be about 64 characters long. Can you check you copied the full key?"
+
+## Step 5: Save to Taskmaster
+
+Once you have the API key, store it using the `api_keys` tool:
+
+```
+api_keys({ action: "set", provider: "brevo", apiKey: "<the key>" })
+```
+
+The key is applied immediately — no restart needed. Confirm to the user:
+
+> "Done — I've saved your Brevo API key. Email verification is now enabled. When visitors use your public chat, they can verify their identity with an email code. The code will come from the address you verified in Brevo."
+
+That's it. No further configuration is needed in Taskmaster — the verified sender address is detected automatically from Brevo.
+
+---
+
+## If the user already has a Brevo account
+
+Check if they have a verified sender:
+
+> "Do you already have a verified sender in Brevo? If so, I just need your API key (starts with **xkeysib-**)."
+
+If yes, skip to Step 4. If they're unsure:
+
+> "Go to **Settings → Senders** in Brevo and check if there's a verified sender listed. If not, we'll set one up."
+
+---
+
+## Common questions
+
+| Question | Answer |
+|----------|--------|
+| "Is it free?" | Yes — 300 emails per day, forever. No credit card required. For verification codes, that's more than enough. |
+| "Can I use my Gmail/Outlook address?" | Yes, as long as you verify it by entering the 6-digit code Brevo sends to it. |
+| "Will emails go to spam?" | OTP emails are solicited (the user just clicked 'send me a code'), so they almost always reach the inbox. If a visitor doesn't see it, tell them to check spam. |
+| "I lost my API key" | Go to SMTP & API → API Keys in Brevo and generate a new one. |
+| "Do I need to set up DNS records?" | No. Single sender verification works without DNS. Brevo will recommend domain authentication for better deliverability, but it's not required. |
+| "Can I change the sender address later?" | Yes — add and verify a new sender in Brevo. Taskmaster auto-detects the verified sender, so no changes needed on this end. |
+| "Where does Taskmaster get the sender address?" | Automatically from the Brevo API. When you verify a sender in Brevo, Taskmaster detects it — you don't need to enter it anywhere else. |

package/skills/strategic-proactivity/SKILL.md

@@ -0,0 +1,45 @@
+---
+name: strategic-proactivity
+description: "Periodic strategic review — scans recent conversations, audits materials against reality, identifies gaps and opportunities, drafts improvements, and sends a prioritised summary to admins. Triggered by cron job or on-demand."
+metadata: {"taskmaster":{"emoji":"🔭"}}
+---
+
+# Strategic Proactivity
+
+## When to Activate
+
+- Triggered by a scheduled review (cron job)
+- Admin asks to review conversations, materials, opportunities, or gaps
+- Admin asks "what needs my attention?", "what should we be working on?", or similar strategic questions
+
+## Behaviour
+
+Load `references/daily-review.md` for the full review protocol and action framework.
+
+**Core principle:** Surface insights and draft improvements — don't just report. Always send findings to admin for approval before publishing anything.
+
+### Rules
+
+1. **Scan recent conversations** — all channels, all agent sessions (public, admin, group)
+2. **Compare against existing materials** — search memory for current documents, then check whether they still reflect reality
+3. **Identify gaps and opportunities** — questions that couldn't be answered, recurring themes, new verticals, unaddressed objections
+4. **Draft improvements** — don't just flag problems, write the fix
+5. **Track opportunities** — leads, partnership signals, market intel, feature requests
+6. **Send a concise summary to admins** — bullet points, prioritised by impact, with drafts attached where relevant
+
+### Output Format
+
+The summary should follow this structure:
+
+- **New Insights** — what emerged from conversations
+- **Drafts Ready** — what you've written or updated (saved to memory for review)
+- **Opportunities** — leads, partnerships, verticals worth pursuing
+- **Gaps Found** — materials that need updating or creating
+- **No Action Needed** — if genuinely nothing surfaced, say so briefly
+
+### Constraints
+
+- Keep total execution under 2 minutes
+- Don't publish anything to shared/ or public/ without admin approval
+- Save all drafts to memory for admin review before acting on them
+- Be honest — if nothing meaningful surfaced, say "quiet period" rather than padding the report

package/skills/strategic-proactivity/cron-template.json

@@ -0,0 +1,21 @@
+{
+  "templateId": "strategic-proactivity-daily-review",
+  "name": "🔭 Daily Strategic Review",
+  "description": "Scans recent conversations, audits materials, identifies opportunities and gaps",
+  "enabled": false,
+  "agentId": "admin",
+  "schedule": { "kind": "cron", "expr": "0 7 * * *" },
+  "sessionTarget": "isolated",
+  "wakeMode": "next-heartbeat",
+  "payload": {
+    "kind": "agentTurn",
+    "message": "Run the daily strategic proactivity review. Use the strategic-proactivity skill.",
+    "deliver": true,
+    "to": "admins",
+    "bestEffortDeliver": true
+  },
+  "isolation": {
+    "postToMainMode": "summary",
+    "postToMainPrefix": "🔭 Daily Review"
+  }
+}