alvin-bot 4.4.4 → 4.4.6

package/CHANGELOG.md

@@ -2,6 +2,63 @@
 
 All notable changes to Alvin Bot are documented here.
 
+## [4.4.6] — 2026-04-09
+
+### 🐛 Bug Fixes
+
+**`alvin-bot audit` now reads `.env` from `DATA_DIR`** — Before this release, `audit` was a subprocess that never loaded the bot's config: it only inspected `process.env`, which for an ad-hoc CLI invocation is the shell environment, not the bot's actual runtime state. Result: `ALLOWED_USERS` and `WEB_PASSWORD` were always reported as "not set" even when the bot was correctly configured and running. `audit` now calls `dotenv.config({ path: ENV_FILE })` at the start of `runAudit()` so its output matches `alvin-bot doctor` and the actual engine.
+
+**`alvin-bot doctor` no longer hangs indefinitely on missing `.env`** — The CLI's `readline` interface was created eagerly at module load, which made `stdin` readable for the entire process lifetime. Commands like `doctor`, `audit`, `version` that have no interactive prompts would therefore never terminate — even though the `doctor()` function correctly early-returned when `.env` was missing, `node` refused to exit because the event loop still saw stdin as a live resource. Readline is now lazy-created only when `ask()` is actually called. Measured improvement: **doctor with missing .env terminates in 82 ms** (previously: 20+ second hang, often requiring Ctrl+C).
+
+**`validateProviderKey("claude-sdk", …)` no longer false-negatives on Agent SDK auth** — The CLI's Claude check ran `claude auth status` and hard-failed on `loggedIn: false`. But the Claude Agent SDK has multiple auth paths that the CLI doesn't see: `ANTHROPIC_API_KEY` env var, Claude Code IDE sessions, and native-binary session cookies. Real-world example: a bot that was actively answering Telegram messages correctly was reported as "❌ Claude CLI not authenticated" by `doctor`. The validation is now:
+- `ANTHROPIC_API_KEY` set → `ok: true` (immediate pass, CLI irrelevant)
+- `claude` binary present + `auth status: loggedIn: true` → `ok: true`
+- `claude` binary present + `auth status: loggedIn: false` → `ok: true` with a **warning** (the Agent SDK may still work via session / env var; user is advised to run `claude auth login` only if the bot fails to respond)
+- `claude` binary missing → `ok: false` (hard error with install hint)
+
+`doctor` now renders the warning as ⚠️ instead of ❌, making the output match actual behavior.
+
+### ✨ New Feature
+
+**`alvin-bot setup --non-interactive` for CI, Docker, and scripted installs** — The interactive setup wizard was the only way to write `~/.alvin-bot/.env`, which blocked automated provisioning. Now supports flag-driven, non-interactive setup:
+
+```bash
+alvin-bot setup --non-interactive \
+  --bot-token=123456789:AAE... \
+  --allowed-users=12345,67890 \
+  --primary-provider=claude-sdk \
+  --fallback-providers=ollama \
+  --groq-key=gsk_... \
+  --google-key=AIza... \
+  --openai-key=sk-... \
+  --nvidia-key=nvapi-... \
+  --anthropic-key=sk-ant-... \
+  --openrouter-key=sk-or-... \
+  --web-password=... \
+  --platform=telegram \
+  --skip-validation   # optional, skips the live Telegram getMe call
+```
+
+- Refuses to overwrite an existing `.env` (exits 1 with a clear message).
+- Writes with mode `0600`.
+- Validates `--bot-token` format and `--allowed-users` numeric format before writing.
+- Optionally pings Telegram `getMe` unless `--skip-validation` is passed.
+
+`-y` and `--yes` work as aliases for `--non-interactive`.
+
+## [4.4.5] — 2026-04-09
+
+### 🔐 Security / Information Disclosure
+
+**`BACKLOG.md` removed from published tarball** — The project's internal roadmap was listed in `.gitignore` but not in `.npmignore`, so every `npm install -g alvin-bot` shipped an 8.7 KB file containing the full list of open P0/P1 issues, including known-but-unpatched security weaknesses (WebSocket auth gap, tool-executor sandbox gaps, Web UI HTTP-only, etc.). A published backlog of known vulnerabilities is effectively an attack roadmap for anyone inspecting the package.
+
+`BACKLOG.md` is now listed in `.npmignore` alongside `CLAUDE.md`, `SOUL.md`, and `TOOLS.md`. Verified with `npm pack --dry-run`: the file no longer appears in the tarball.
+
+Users on `4.4.4` or earlier should update:
+```bash
+npm update -g alvin-bot
+```
+
 ## [4.4.4] — 2026-04-09
 
 ### 🔐 Security / Data Layout

package/bin/cli.js

@@ -29,8 +29,20 @@ const DATA_DIR = process.env.ALVIN_DATA_DIR || join(homedir(), ".alvin-bot");
 // Init i18n early
 initI18n();
 
-const rl = createInterface({ input: process.stdin, output: process.stdout });
-const ask = (q) => new Promise((r) => rl.question(q, r));
+// Lazy-create the readline interface. If we create it eagerly, stdin becomes
+// "active" and Node refuses to exit even when a command like `doctor` has
+// finished synchronously. Before v4.4.6 this caused `alvin-bot doctor` to
+// hang indefinitely when .env was missing — early-return worked, but the
+// process couldn't terminate. Creating rl only when `ask()` is actually
+// called keeps non-interactive commands (audit/doctor/version/start/stop)
+// terminating cleanly.
+let rl = null;
+const ensureRL = () => {
+  if (!rl) rl = createInterface({ input: process.stdin, output: process.stdout });
+  return rl;
+};
+const closeRL = () => { if (rl) { rl.close(); rl = null; } };
+const ask = (q) => new Promise((r) => ensureRL().question(q, r));
 
 const LOGO = `
   ╔══════════════════════════════════════╗
@@ -164,6 +176,17 @@ async function validateProviderKey(providerKey, apiKey) {
       }
 
       case "claude-sdk": {
+        // The Claude Agent SDK can authenticate through multiple paths that
+        // `claude auth status` does not see:
+        //   1. ANTHROPIC_API_KEY env var (bypasses CLI entirely)
+        //   2. An active Claude Code session (IDE-initiated, not via `auth login`)
+        //   3. Native binary session cookies
+        // Prior to v4.4.6 this check hard-failed on `loggedIn: false` even when
+        // the engine ran fine — confusing users whose bot was actually working.
+        if (process.env.ANTHROPIC_API_KEY) {
+          return { ok: true, detail: "Claude SDK via ANTHROPIC_API_KEY env var" };
+        }
+
         // Find claude binary — check PATH and common locations
         let claudeBin = null;
         try {
@@ -180,10 +203,13 @@ async function validateProviderKey(providerKey, apiKey) {
           }
         }
         if (!claudeBin) {
-          return { ok: false, error: "Claude CLI not installed" };
+          return { ok: false, error: "Claude CLI not installed. Run: curl -fsSL https://claude.ai/install.sh | sh" };
         }
+
+        // Check `claude auth status`. On mismatch, we DON'T hard-fail:
+        // we return a warning so the Agent SDK still gets a chance to run
+        // (it has independent auth paths the CLI doesn't know about).
         try {
-          // Use `auth status` instead of `-p "ping"` — faster and doesn't require a full query
           const authJson = execSync(`${claudeBin} auth status`, {
             stdio: "pipe", timeout: 10000, encoding: "utf-8",
           });
@@ -191,7 +217,11 @@ async function validateProviderKey(providerKey, apiKey) {
           if (authData.loggedIn) {
             return { ok: true, detail: `Claude SDK authenticated (${authData.authMethod || "OK"})` };
           }
-          return { ok: false, error: "Claude CLI not authenticated. Run: claude auth login" };
+          return {
+            ok: true,
+            warning: "Claude CLI reports not logged in, but the Agent SDK may still work via session/env-var. If the bot fails to respond, run: claude auth login",
+            detail: "Claude CLI present (not logged in via `auth status` — Agent SDK may still work)",
+          };
         } catch (err) {
           const msg = err.stdout?.toString() || err.stderr?.toString() || err.message || "";
           // Try parsing JSON from stdout (auth status exits with code 1 when not logged in)
@@ -201,7 +231,11 @@ async function validateProviderKey(providerKey, apiKey) {
               return { ok: true, detail: `Claude SDK authenticated (${authData.authMethod || "OK"})` };
             }
           } catch {}
-          return { ok: false, error: "Claude CLI not authenticated. Run: claude auth login" };
+          return {
+            ok: true,
+            warning: "Claude CLI `auth status` failed. Agent SDK may still work via session/env-var. If the bot fails to respond, run: claude auth login",
+            detail: "Claude CLI present (auth status check failed — Agent SDK may still work)",
+          };
         }
       }
 
@@ -298,9 +332,148 @@ async function runPostSetupValidation(providerKey, apiKey, botToken, webPort) {
   return allGood;
 }
 
+// ── Setup: Argument Parsing ─────────────────────────────────────────────────
+
+/**
+ * Parse `alvin-bot setup --non-interactive` style CLI args.
+ * Returns a flat object with the values found (or null for unset fields).
+ *
+ * Supports both `--flag=value` and `--flag value` syntax.
+ */
+function parseSetupArgs(argv) {
+  const args = {};
+  const flags = new Set(["--non-interactive", "-y", "--yes", "--skip-validation"]);
+  const valueFlags = [
+    "--bot-token", "--allowed-users", "--primary-provider",
+    "--groq-key", "--google-key", "--openai-key", "--nvidia-key",
+    "--openrouter-key", "--anthropic-key",
+    "--fallback-providers", "--web-password", "--platform",
+  ];
+  for (let i = 3; i < argv.length; i++) {
+    const a = argv[i];
+    if (flags.has(a)) {
+      args[a.replace(/^-+/, "")] = true;
+      continue;
+    }
+    for (const vf of valueFlags) {
+      if (a === vf) {
+        args[vf.replace(/^-+/, "")] = argv[++i];
+        break;
+      }
+      if (a.startsWith(vf + "=")) {
+        args[vf.replace(/^-+/, "")] = a.slice(vf.length + 1);
+        break;
+      }
+    }
+  }
+  return args;
+}
+
+/**
+ * Non-interactive setup path for CI/Docker/automation.
+ *
+ * Writes ~/.alvin-bot/.env directly from CLI args, with no prompts.
+ * The bot's own `ensureDataDirs()` + `seedDefaults()` handle the rest
+ * on the next `alvin-bot start`.
+ *
+ * Usage:
+ *   alvin-bot setup --non-interactive \
+ *     --bot-token=123:AAE... \
+ *     --allowed-users=12345,67890 \
+ *     --primary-provider=claude-sdk \
+ *     --groq-key=gsk_... \
+ *     --fallback-providers=groq,ollama
+ */
+async function setupNonInteractive(args) {
+  console.log("🤖 Alvin Bot — Non-interactive setup\n");
+
+  // Ensure DATA_DIR exists (will also be recreated on bot start, but we
+  // need it now to write the .env).
+  if (!existsSync(DATA_DIR)) {
+    mkdirSync(DATA_DIR, { recursive: true });
+    console.log(`✓ Created ${DATA_DIR}`);
+  }
+
+  const envFile = resolve(DATA_DIR, ".env");
+  if (existsSync(envFile)) {
+    console.log(`⚠️  ${envFile} already exists — refusing to overwrite.`);
+    console.log(`   Delete it manually first, or edit it directly.`);
+    process.exit(1);
+  }
+
+  // Validate required fields
+  const token = args["bot-token"];
+  if (token && !/^\d+:[A-Za-z0-9_-]+$/.test(token)) {
+    console.log(`❌ --bot-token format invalid. Expected: 123456789:ABCdef...`);
+    process.exit(1);
+  }
+  const users = args["allowed-users"];
+  if (users) {
+    const ids = users.split(",").map(s => s.trim());
+    const bad = ids.filter(id => !/^\d+$/.test(id));
+    if (bad.length > 0) {
+      console.log(`❌ --allowed-users must be comma-separated numeric IDs. Got invalid: ${bad.join(", ")}`);
+      process.exit(1);
+    }
+  }
+
+  // Optional: validate token with Telegram API unless --skip-validation
+  if (token && !args["skip-validation"]) {
+    const tgResult = await validateTelegramToken(token);
+    if (tgResult.ok) {
+      console.log(`✓ Telegram: ${tgResult.botName}`);
+    } else {
+      console.log(`⚠️  Telegram token validation failed: ${tgResult.error}`);
+      console.log(`   Writing .env anyway. Pass --skip-validation to suppress this warning.`);
+    }
+  }
+
+  const primary = args["primary-provider"] || "groq";
+  const fallbacks = args["fallback-providers"] || "";
+  const platform = args["platform"] || "telegram";
+
+  const envLines = [
+    "# === Telegram ===",
+    `BOT_TOKEN=${token || ""}`,
+    `ALLOWED_USERS=${users || ""}`,
+    "",
+    "# === AI Provider ===",
+    `PRIMARY_PROVIDER=${primary}`,
+    `FALLBACK_PROVIDERS=${fallbacks}`,
+    "",
+    "# === API Keys ===",
+  ];
+  if (args["groq-key"])       envLines.push(`GROQ_API_KEY=${args["groq-key"]}`);
+  if (args["google-key"])     envLines.push(`GOOGLE_API_KEY=${args["google-key"]}`);
+  if (args["openai-key"])     envLines.push(`OPENAI_API_KEY=${args["openai-key"]}`);
+  if (args["nvidia-key"])     envLines.push(`NVIDIA_API_KEY=${args["nvidia-key"]}`);
+  if (args["openrouter-key"]) envLines.push(`OPENROUTER_API_KEY=${args["openrouter-key"]}`);
+  if (args["anthropic-key"])  envLines.push(`ANTHROPIC_API_KEY=${args["anthropic-key"]}`);
+  envLines.push("");
+  envLines.push("# === Agent ===");
+  envLines.push("WORKING_DIR=" + homedir());
+  envLines.push("MAX_BUDGET_USD=5.0");
+  envLines.push("WEB_PORT=3100");
+  if (args["web-password"]) envLines.push(`WEB_PASSWORD=${args["web-password"]}`);
+  envLines.push("");
+  envLines.push("# === Platforms ===");
+  envLines.push(`WHATSAPP_ENABLED=${platform === "whatsapp" ? "true" : "false"}`);
+
+  writeFileSync(envFile, envLines.join("\n") + "\n", { mode: 0o600 });
+  console.log(`✓ Wrote ${envFile} (mode 0600)`);
+  console.log(`\n✅ Setup complete. Start the bot with: alvin-bot start\n`);
+}
+
 // ── Setup Wizard ────────────────────────────────────────────────────────────
 
 async function setup() {
+  // Non-interactive path for CI/automation/scripted installs.
+  const args = parseSetupArgs(process.argv);
+  if (args["non-interactive"] || args["yes"] || args["y"]) {
+    await setupNonInteractive(args);
+    return;
+  }
+
   console.log(LOGO);
 
   // ── Prerequisites
@@ -318,7 +491,7 @@ async function setup() {
 
   if (!hasNode) {
     console.log(`\n❌ ${t("setup.nodeRequired")}`);
-    rl.close();
+    closeRL();
     return;
   }
 
@@ -337,7 +510,7 @@ async function setup() {
     console.log(`  Get one from @BotFather on Telegram.\n`);
     const proceed = (await ask(`  Continue anyway? (y/n): `)).trim().toLowerCase();
     if (proceed !== "y" && proceed !== "yes" && proceed !== "j" && proceed !== "ja") {
-      rl.close();
+      closeRL();
       return;
     }
   }
@@ -381,7 +554,7 @@ async function setup() {
         console.log(`  Send /start to @userinfobot on Telegram to get your numeric ID.\n`);
         const proceed = (await ask(`  Continue anyway? (y/n): `)).trim().toLowerCase();
         if (proceed !== "y" && proceed !== "yes" && proceed !== "j" && proceed !== "ja") {
-          rl.close();
+          closeRL();
           return;
         }
       }
@@ -759,7 +932,7 @@ async function setup() {
       console.log(`\n  ❌ ${t("setup.buildFailed")}`);
       console.log(`  The bot cannot start without a successful build.`);
       console.log(`  Try running 'npm run build' manually to see the error.\n`);
-      rl.close();
+      closeRL();
       return;
     }
   }
@@ -804,7 +977,7 @@ Bot commands:
 ${t("setup.haveFun")}
 `);
 
-  rl.close();
+  closeRL();
 }
 
 // ── Doctor ──────────────────────────────────────────────────────────────────
@@ -866,7 +1039,10 @@ async function doctor() {
 
     console.log(`  Validating ${primary}...`);
     const result = await validateProviderKey(primary, key);
-    if (result.ok) {
+    if (result.ok && result.warning) {
+      console.log(`  ⚠️  ${primary} — ${result.detail}`);
+      console.log(`     ${result.warning}`);
+    } else if (result.ok) {
       console.log(`  ✅ ${primary} — ${result.detail}`);
     } else {
       console.log(`  ❌ ${primary} — ${result.error}`);

package/dist/services/security-audit.js

@@ -1,11 +1,19 @@
 import fs from "fs";
 import { execSync } from "child_process";
-import { resolve } from "path";
-import { DATA_DIR } from "../paths.js";
+import dotenv from "dotenv";
+import { DATA_DIR, ENV_FILE } from "../paths.js";
 export function runAudit() {
     const checks = [];
+    // `alvin-bot audit` runs in its own process (outside the main bot) and
+    // does NOT go through src/config.ts, so process.env is empty by default.
+    // We must load the .env ourselves or ALLOWED_USERS/WEB_PASSWORD checks
+    // will always report as "not set" — which silently contradicts the bot's
+    // actual runtime state (a bug up to v4.4.5).
+    if (fs.existsSync(ENV_FILE)) {
+        dotenv.config({ path: ENV_FILE });
+    }
     // 1. .env file permissions
-    const envFile = resolve(DATA_DIR, ".env");
+    const envFile = ENV_FILE;
     if (fs.existsSync(envFile)) {
         const stat = fs.statSync(envFile);
         const mode = (stat.mode & 0o777).toString(8);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "alvin-bot",
-  "version": "4.4.4",
+  "version": "4.4.6",
   "description": "Alvin Bot — Your personal AI agent on Telegram, WhatsApp, Discord, Signal, and Web.",
   "type": "module",
   "main": "dist/index.js",

package/BACKLOG.md

@@ -1,223 +0,0 @@
-# BACKLOG.md — Alvin Bot Entwicklung
-
-> Interne Projektdatei. Wird NICHT ins Git gepusht (.gitignore).
-> Letzte Aktualisierung: 2026-03-03
-
----
-
-## Legende
-
-| Prio | Bedeutung |
-|------|-----------|
-| P0 | Sicherheitslücke / Kritisch |
-| P1 | Wichtig für Stabilität & Code-Qualität |
-| P2 | Feature / Developer Experience |
-| P3 | Nice-to-Have / Zukunft |
-
----
-
-## P0 — Security
-
-### [ ] WebSocket Auth fehlt
-- Aktuell kann jeder, der `localhost:3100` erreicht, über WebSocket chatten
-- Lösung: Auth-Token als Query-Param beim WS-Connect (`ws://localhost:3100?token=xxx`)
-- Token aus WEB_PASSWORD ableiten oder Session-Cookie validieren
-
-### [ ] Tool Executor: Unzureichendes Sandboxing
-- `run_shell` Blocklist ist minimal (nur `rm -rf /`, `mkfs`, `dd`)
-- `rm -rf ~/Projects/` würde durchgehen
-- `write_file` kann `.env` und Systemdateien überschreiben
-- `python_execute` führt beliebigen Code ohne Sandbox aus
-- Lösung: Working-Directory-Sandboxing, Blocklist für sensitive Pfade (.env, /etc/, ~/.ssh/)
-
-### [ ] Web UI: Kein HTTPS
-- HTTP-only → Passwörter und Chat im Klartext
-- Lösung: Optionaler HTTPS-Modus mit self-signed Cert, oder Warnung wenn WEB_PASSWORD gesetzt aber kein HTTPS
-
-### [ ] Sudo-Passwort in CLI-Argument (macOS)
-- `security add-generic-password` bekommt das Passwort als CLI-Arg → sichtbar in `ps aux`
-- Lösung: Passwort über stdin pipen statt als Argument
-
----
-
-## P1 — Code-Qualität & Stabilität
-
-### [ ] commands.ts aufteilen (74KB Monolith!)
-- Aktuell: ALLE Telegram-Commands in einer Datei (~1700 Zeilen)
-- Vorschlag: `src/handlers/commands/` Ordner mit je einer Datei pro Bereich:
-  - `chat.ts` (help, start, new, cancel)
-  - `model.ts` (model, effort, fallback, voice)
-  - `tools.ts` (web, imagine, browse, remind)
-  - `memory.ts` (recall, remember, reindex, export, memory)
-  - `admin.ts` (status, dir, groups, security, users, setup, sudo)
-  - `cron.ts` (cron)
-  - `extensions.ts` (plugins, mcp, tools, webui)
-  - `index.ts` (registriert alle)
-
-### [ ] web/server.ts aufteilen (57KB Monolith!)
-- Aktuell: REST-API, WebSocket, Static-Serving, Auth — alles in einer Datei
-- Vorschlag: Router-Module nach Bereich (api/models.ts, api/memory.ts, api/sessions.ts, etc.)
-
-### [ ] web/public/js/app.js refactoren (3079 Zeilen)
-- Vanilla JS ohne Struktur → schwer wartbar
-- Option A: Alpine.js oder Petite-Vue für reaktive Bindings (minimaler Overhead)
-- Option B: Web Components für Isolation der Sektionen
-- Option C: Zumindest in Module aufteilen (ES Module Imports)
-
-### [ ] Config-Validation mit Zod
-- Aktuell: Kein Validation → `ALLOWED_USERS=""` ergibt `[NaN]`
-- `BOT_TOKEN` fehlt → kryptischer Fehler statt klare Meldung
-- Lösung: `src/config.ts` mit Zod-Schema, Startup-Validation, klare Fehlermeldungen
-
-### [ ] MAX_BUDGET_USD wird nie enforced
-- Variable wird gelesen aber nirgendwo geprüft
-- Lösung: In `queryWithFallback()` vor jedem API-Call prüfen, bei Überschreitung blockieren
-
-### [ ] Tests einführen
-- Aktuell: Null Tests im gesamten Projekt
-- Priorität für Tests:
-  1. Provider-Registry (Fallback-Chain Logik)
-  2. Cron-Parser (Edge Cases bei Zeitberechnung)
-  3. Tool-Executor (Security-Blocklist)
-  4. Config-Validation
-  5. Markdown-Sanitizer
-- Framework: Vitest (schnell, ESM-nativ, kein Babel nötig)
-
-### [ ] Watch-Mode für Development
-- Aktuell: `npm run dev` = `tsx src/index.ts` (einmal starten, manuell restarten)
-- Lösung: `tsx watch src/index.ts` oder `nodemon` mit TS-Loader
-
----
-
-## P2 — Features & Verbesserungen
-
-### [ ] Session-Persistence (optional)
-- Sessions überleben keinen Restart — Chat-History weg nach `pm2 restart`
-- Option A: SQLite-File für Sessions (leichtgewichtig, kein DB-Server)
-- Option B: JSON-Files pro User in `data/sessions/`
-- Opt-in via `SESSION_PERSIST=true` in .env
-
-### [ ] Session-Timeout / Cleanup
-- Sessions akkumulieren sich unbegrenzt im Speicher
-- Lösung: Inaktive Sessions nach 24h aus dem RAM entfernen (History bleibt in Memory-Logs)
-
-### [ ] Memory-Rotation
-- Daily Logs (`~/.alvin-bot/memory/YYYY-MM-DD.md`) wachsen unbegrenzt
-- Lösung: Nach 30 Tagen alte Logs in `~/.alvin-bot/memory/archive/` verschieben oder komprimieren
-- Optional: Automatische Zusammenfassung alter Logs via AI
-
-### [ ] Embedding-Provider erweitern
-- Aktuell: Nur Google `text-embedding-004`
-- Alternativen: OpenAI Embeddings, lokale Ollama-Embeddings, Cohere
-- Fallback-Chain wie bei Chat-Providern
-
-### [ ] Plugin-Tools für alle Provider
-- Plugin-Tools funktionieren aktuell nur über Telegram-Commands
-- Sie sollten auch als Agent-Tools in `OpenAICompatibleProvider` injiziert werden
-- Damit können alle LLMs Plugin-Funktionen nutzen (nicht nur Claude SDK)
-
-### [ ] MCP HTTP/SSE Transport fertigstellen
-- Aktuell nur stdio-Transport implementiert
-- HTTP/SSE ist stub: `"HTTP/SSE transport not yet supported"`
-- Wichtig für Remote-MCP-Server (z.B. Cloudflare Workers)
-
-### [ ] Discord: Richtige Integration
-- `discord.js` fehlt in package.json (muss manuell installiert werden)
-- Kein Support für Discord Slash-Commands
-- Kein Rate-Limiting
-- Lösung: Als optional peer dependency, Slash-Command Registration
-
-### [ ] WhatsApp Media Cleanup
-- `data/wa-media/` sammelt empfangene Medien-Dateien und löscht sie nie
-- Lösung: Cron-Job oder TTL-basiertes Cleanup (z.B. nach 7 Tagen löschen)
-
-### [ ] Heartbeat-Kosten reduzieren
-- Heartbeat macht echte API-Calls ("Hi") an alle Provider → erzeugt Kosten
-- Lösung: Für Provider mit bekanntem Status-Endpoint nur diesen pingen
-- Für kostenlose Provider (Groq, NVIDIA): OK so lassen
-
-### [ ] Kosten-Tracking verbessern
-- `estimateCost()` schätzt nur Output-Tokens, keine Input-Tokens
-- Preise teilweise veraltet
-- Lösung: Aktuelle Preistabelle pflegen, Input+Output getrennt tracken
-
-### [ ] Cron-Parser erweitern
-- Kein Support für `@daily`, `@hourly`, `@reboot`, `@weekly`
-- Kein `L` (last day of month), kein `W` (nearest weekday)
-- Lösung: Aliases in `parseSchedule()` hinzufügen
-
----
-
-## P3 — Nice-to-Have / Zukunft
-
-### [ ] Multi-Language über DE/EN hinaus
-- i18n-System unterstützt nur `de | en`
-- Erweiterbar auf FR, ES, TR, RU etc.
-- Web UI hat bereits ~500 Keys → Übersetzung nötig
-
-### [ ] Skill-Matching mit Embeddings
-- Aktuell: Simples `text.includes(trigger)` — sehr unzuverlässig
-- Besser: Embedding-basiertes Similarity-Matching für Skill-Trigger
-- Oder: LLM-basierte Skill-Auswahl ("Welcher Skill passt zu dieser Nachricht?")
-
-### [ ] Plugin Hot-Reload über Web UI
-- Aktuell: Plugin-Änderungen erfordern Bot-Restart
-- Lösung: "Reload Plugin" Button in Web UI → `pluginManager.reload(name)`
-
-### [ ] Conversation-Export als PDF
-- `/export` gibt aktuell Markdown → könnte auch als formatiertes PDF exportieren
-- Tools vorhanden: `pandoc`, `wkhtmltopdf`
-
-### [ ] Streaming für OpenAI-Compatible + Tool-Use
-- Aktuell schließen sich Streaming und Tool-Use gegenseitig aus
-- Lösung: Tool-Calls aus Stream-Chunks akkumulieren (wie OpenAI es unterstützt)
-
-### [ ] Windows .exe Build
-- Braucht Windows-Umgebung oder Cross-Compilation
-- electron-builder unterstützt es, aber nicht von macOS aus testbar
-
-### [ ] Linux .AppImage Build
-- Braucht Linux-Umgebung oder CI (GitHub Actions)
-- Vorschlag: GitHub Actions Workflow für Multi-Platform Builds
-
-### [ ] CI/CD Pipeline (GitHub Actions)
-- Build-Verification auf Push
-- Lint (ESLint) + Type-Check + Tests
-- Auto-Publish zu npm bei Tag
-- Multi-Platform Electron Builds (macOS, Windows, Linux)
-
-### [ ] Rate-Limiting für API-Endpoints
-- Web UI API-Endpoints haben kein Rate-Limiting
-- Lösung: Simpler in-memory Counter pro IP (kein Redis nötig)
-
-### [ ] Electron: asar wieder aktivieren
-- `asar: false` wegen electron-builder 26.x Bug
-- Bei neuerer Version testen ob es gefixt ist → Source-Code wäre dann nicht mehr exposed
-
-### [ ] Provider-Config via Web UI erweitern
-- Neue Provider-Presets (z.B. Anthropic API direkt, DeepSeek, Mistral) über Web UI registrieren
-- Aktuell nur über .env oder Code möglich
-
----
-
-## Erledigte Items
-
-### [x] i18n English-First (v3.3.0)
-- Alle Telegram-Commands, TUI, Services, Plugins auf Englisch
-- Web UI bleibt bilingual (DE/EN Toggle)
-- TUI nur noch mit explizitem --lang de auf Deutsch
-
-### [x] /webui Telegram-Befehl (v3.3.0)
-- Sendet Web UI URL als Text (kein Inline-Button, da Telegram localhost-URLs blockiert)
-
-### [x] Smart Port Selection (v3.3.0)
-- Web UI findet automatisch freien Port wenn 3100 belegt
-
-### [x] Multi-Platform Support (Phase 7)
-- Telegram, WhatsApp, Discord, Signal
-
-### [x] Universal Tool Use (Phase 8)
-- Alle Provider können Shell, File I/O, Web Fetch, Python ausführen
-
-### [x] Skill System (Phase 9)
-- SKILL.md-basierte Domain-Expertise