alvin-bot 4.8.7 → 4.8.9

package/CHANGELOG.md

@@ -2,6 +2,67 @@
 
 All notable changes to Alvin Bot are documented here.
 
+## [4.8.9] — 2026-04-11
+
+### 🐛 Browser automation: dead `browse-server.cjs` path removed, 3-tier router now the source of truth
+
+The `browse` skill used to instruct the agent to start `node scripts/browse-server.cjs` on port 3800 for every browser task. That file was deleted in an earlier cleanup (see `20283c9` for the original 577-line version — now gone), but `skills/browse/SKILL.md` was never updated. Result: any browser-related user message on Telegram — or any cron job that hit the skill — got a system-prompt injection telling it to call a gateway that didn't exist, producing half-failed runs like the "Daily Job Alert" cron that couldn't load LinkedIn or StepStone.
+
+**What changed:**
+
+- **`skills/browse/SKILL.md` — full rewrite.** Now documents the hub 3-tier router at `~/.claude/hub/SCRIPTS/browser.sh`:
+  - **Tier 0** — WebFetch / `curl` for static pages and APIs
+  - **Tier 1** — `browser.sh stealth <url>` (Playwright + stealth plugin, headless, Cloudflare-masking)
+  - **Tier 2** — `browser.sh cdp {start|goto|shot|tabs|stop}` (real Chrome with persistent profile at `~/.claude/hub/BROWSER/profile/`, login cookies survive restarts)
+  - **Tier 3** — Claude-in-Chrome extension via MCP tools (interactive CLI only)
+  - Explicit escalation ladder (WebFetch → stealth → CDP → ask Ali to log in) and a `NIEMALS browse-server.cjs nutzen` anti-rule.
+  - Concrete working targets (StepStone ✅, Michael Page ✅, LinkedIn ✅ with login, Indeed ❌) so the agent knows what to try where.
+
+- **`src/services/browser-manager.ts` — hardened fallback chain.** The multi-strategy manager already had the right *shape* (`gateway → cdp → hub-stealth → cli`) but several ops silently broke or hung:
+  - **`gatewayRequest` now has a 15 s timeout** (`req.destroy` on elapse). Previously a hung gateway would wedge the caller forever.
+  - **CDP fallback for interactive ops.** `click`, `fill`, `type`, `press`, `scroll`, `evaluate`, `info`, and `getTree` used to hard-throw `"requires gateway"` when `browse-server.cjs` wasn't running. They now try the gateway first, then a short-lived `chromium.connectOverCDP()` via a new `withCdpPage()` helper that reuses Ali's live Chrome on port 9222. Refs are interpreted as CSS selectors when gateway is absent.
+  - **Explicit PNG extension** on auto-generated screenshot filenames (`shot_<ts>.png`) so Playwright's format inference is unambiguous.
+  - **Better error messages** — every "needs interactive" throw now includes the exact command to start CDP Chrome (`~/.claude/hub/SCRIPTS/browser.sh cdp start headless`).
+
+- **`src/paths.ts` — `HUB_BROWSER_SH` constant.** New absolute path to `~/.claude/hub/SCRIPTS/browser.sh` so the manager can shell out without hard-coding `os.homedir()` inline.
+
+**Why this matters:** `browser-manager.ts` is still not wired into any bot code path (it's future-proofing), so the production fix for user-interactive flows is `SKILL.md`. The manager hardening ensures that when it does eventually get wired into a sub-agent tool, it won't hang on missing gateways or lose all interactive capability when only CDP is available.
+
+**Testing:** Tier 1 stealth end-to-end against `stepstone.de/jobs/it-delivery-director` → 1.2 MB HTML, title parsed. Module-level integration test: `navigate('https://example.com')` via auto-selected hub-stealth → correct title/URL. `resolveStrategy('gateway')` → cascades to CDP with visible warning. `info()` via CDP fallback → returns live Chrome state without throwing. Skills reload picks up the new SKILL.md (5977 chars), `matchSkills("browse linkedin")` hits the browse skill, `buildSkillContext("open stepstone.de")` injects the 3-tier guidance block.
+
+## [4.8.8] — 2026-04-11
+
+### ✨ Unlimited sub-agent & cron timeouts (user-configurable)
+
+Sub-agents and `ai-query` cron jobs used to hard-cap at 5 minutes (`SUBAGENT_TIMEOUT=300000` default), and `shell` cron jobs at 60 s. Long-running research, deep-dive audits, or anything that crossed the threshold got killed mid-stream with `status: "timeout"`. 4.8.8 flips the default to **unlimited** and lets the user override both globally and per job.
+
+**What changed:**
+
+- **Default is now infinite.** `src/config.ts` seeds `subAgentTimeout` from `SUBAGENT_TIMEOUT` env or falls back to `-1` (unlimited). The runtime value lives in `~/.alvin-bot/sub-agents.json` as `defaultTimeoutMs` and is changeable at runtime without restart.
+- **New `/subagents timeout` command.** `/subagents timeout` shows the current value; `/subagents timeout 3600` sets 1 h; `/subagents timeout off` (or `-1`, `0`, `unlimited`, `infinite`) disables the cap entirely. The default-status output now includes a `⏱ Timeout` line.
+- **Per-job override on cron.** `/cron add 1h ai-query "deep audit" --timeout off` gives this one job no timeout. `/cron add 5m shell "pm2 ls" --timeout 30` caps this shell at 30 s. Omitting `--timeout` inherits the current global default. Same flag exists on `scripts/cron-manage.js add --timeout <sec|off>`.
+- **`CronJob.timeoutMs` field.** Optional number in `cron-jobs.json`. Undefined = inherit global default. Value ≤ 0 = unlimited.
+- **Semantics.** `spawnSubAgent` now only arms the `setTimeout(abort)` when `timeout > 0`. At ≤ 0, no abort timer is created, existing `if (timeoutId) clearTimeout(…)` call sites are null-safe, and the agent runs until it finishes, is cancelled via `/subagents cancel`, or the process dies.
+- **Shell cron unchanged behaviour preserved.** If the shell job has no `timeoutMs`, `execSync` is called without a `timeout` option, which Node treats as infinite — same effect as before was *meant* to provide, but the old hard-coded 60 s removed that freedom.
+
+**ENV var still works but is seed-only.** `SUBAGENT_TIMEOUT=600000` at startup still seeds the config on first load, but the persisted value in `sub-agents.json` wins after that.
+
+### 🐛 Silenced harmless `message is not modified` Telegram errors
+
+Occasionally Ali would see a red banner at the bottom of an Alvin message:
+
+> Error: Call to 'editMessageText' failed! (400: Bad Request: message is not modified: specified new message content and reply markup are exactly the same as a current content and reply markup of the message)
+
+It never broke anything, but it polluted logs and showed up as an "internal error" reply to the user. Root cause: Telegram's Bot API refuses `editMessageText` when the new content + reply markup are byte-identical to the existing message. This happens legitimately in callback handlers — e.g. tapping a cron-toggle button twice, re-rendering a sudo/keys/platforms menu, language-switch callbacks that render the same content, or stream flushes where the throttled partial hasn't changed since the last edit.
+
+**Fix**: `bot.catch()` in `src/index.ts` now filters out this specific error early. Two regex patterns (`/message is not modified/i` and `/specified new message content.*exactly the same/i`) cover both variants Telegram sends. Real errors (network, SDK, provider failures) still log and still surface the "internal error" reply to the user — only this one harmless class gets dropped.
+
+### 📝 CLAUDE.md: PM2 references updated to launchd
+
+The project `CLAUDE.md` still said *"PM2: `alvin-bot` Prozess, Config in `ecosystem.config.cjs`"* — outdated since the 4.8.6 switch to launchd. Updated to reflect the actual process manager (`~/Library/LaunchAgents/com.alvinbot.app.plist`, `KeepAlive=true`, `RunAtLoad=true`), the log paths, and a note that `watchdog.ts` only brakes process crash-loops — it does **not** kill long-running sessions or sub-agents. `ecosystem.config.cjs` is now labelled legacy.
+
+The global `~/.claude/CLAUDE.md` was also corrected: `alvin-bot` was removed from the VPS PM2-process list (it runs locally, not on the VPS) and the cron-hub note now correctly says "als **launchd LaunchAgent**".
+
 ## [4.8.7] — 2026-04-11
 
 ### 🐛 `/update` now detects stale-runtime (rebuild without restart)

package/dist/config.js

@@ -45,7 +45,13 @@ export const config = {
     compactionThreshold: Number(process.env.COMPACTION_THRESHOLD) || 80000,
     // Sub-Agents
     maxSubAgents: Number(process.env.MAX_SUBAGENTS) || 4,
-    subAgentTimeout: Number(process.env.SUBAGENT_TIMEOUT) || 300000, // 5 min
+    // Default sub-agent timeout. -1 / 0 = unlimited (no hard cut-off).
+    // The runtime value lives in sub-agents.json and can be changed at runtime
+    // via /subagents timeout; this constant only seeds the initial config on
+    // first launch when SUBAGENT_TIMEOUT is not set.
+    subAgentTimeout: process.env.SUBAGENT_TIMEOUT !== undefined && process.env.SUBAGENT_TIMEOUT !== ""
+        ? Number(process.env.SUBAGENT_TIMEOUT)
+        : -1,
     // TTS Provider
     ttsProvider: (process.env.TTS_PROVIDER || "edge"),
     elevenlabs: {

package/dist/handlers/commands.js

@@ -1277,9 +1277,29 @@ export function registerCommands(bot) {
                 `Commands: /cron add · delete · toggle · run · info`, { parse_mode: "HTML", reply_markup: keyboard });
             return;
         }
-        // /cron add <schedule> <type> <payload>
+        // /cron add <schedule> <type> <payload> [--timeout <sec|off>]
         if (arg.startsWith("add ")) {
-            const rest = arg.slice(4).trim();
+            let rest = arg.slice(4).trim();
+            // Extract optional --timeout flag from anywhere in the command.
+            // Accepts seconds, "off", "unlimited", "-1", or "0" — anything ≤ 0
+            // or non-numeric collapses to -1 (unlimited).
+            let timeoutMs;
+            const timeoutMatch = rest.match(/(^|\s)--timeout\s+(\S+)/);
+            if (timeoutMatch) {
+                const val = timeoutMatch[2].toLowerCase();
+                if (["off", "unlimited", "infinite", "-1", "0"].includes(val)) {
+                    timeoutMs = -1;
+                }
+                else {
+                    const secs = Number(timeoutMatch[2]);
+                    if (!Number.isFinite(secs) || secs < 0) {
+                        await ctx.reply(`❌ Invalid <code>--timeout</code> value: ${timeoutMatch[2]}`, { parse_mode: "HTML" });
+                        return;
+                    }
+                    timeoutMs = Math.floor(secs * 1000);
+                }
+                rest = rest.replace(/(^|\s)--timeout\s+\S+/, "").trim();
+            }
             // Natural language schedule shortcuts (German + English)
             const naturalSchedules = {
                 "täglich": "0 8 * * *", "daily": "0 8 * * *",
@@ -1342,7 +1362,7 @@ export function registerCommands(bot) {
             else {
                 const sp = rest.indexOf(" ");
                 if (sp < 0) {
-                    await ctx.reply("Format: <code>/cron add &lt;schedule&gt; &lt;type&gt; &lt;payload&gt;</code>\n\nSchedule options:\n• <b>Intervals:</b> 5m, 1h, 30s, 2d\n• <b>Natural:</b> daily, weekly, monthly, weekdays, hourly\n• <b>With time:</b> 8:30 daily, weekdays 9:00\n• <b>German:</b> täglich, wöchentlich, morgens, abends\n• <b>Cron:</b> \"0 9 * * 1-5\"", { parse_mode: "HTML" });
+                    await ctx.reply("Format: <code>/cron add &lt;schedule&gt; &lt;type&gt; &lt;payload&gt; [--timeout &lt;sec|off&gt;]</code>\n\nSchedule options:\n• <b>Intervals:</b> 5m, 1h, 30s, 2d\n• <b>Natural:</b> daily, weekly, monthly, weekdays, hourly\n• <b>With time:</b> 8:30 daily, weekdays 9:00\n• <b>German:</b> täglich, wöchentlich, morgens, abends\n• <b>Cron:</b> \"0 9 * * 1-5\"\n\nOptional <code>--timeout</code> in seconds, or <code>off</code>/<code>-1</code> for unlimited.", { parse_mode: "HTML" });
                     return;
                 }
                 schedule = rest.slice(0, sp);
@@ -1381,12 +1401,19 @@ export function registerCommands(bot) {
                 payload,
                 target: { platform: "telegram", chatId: String(chatId) },
                 createdBy: `telegram:${userId}`,
+                ...(timeoutMs !== undefined ? { timeoutMs } : {}),
             });
             const readableSched = humanReadableSchedule(job.schedule);
+            const timeoutLine = typeof job.timeoutMs === "number"
+                ? job.timeoutMs <= 0
+                    ? `<b>Timeout:</b> ∞ (unlimited)\n`
+                    : `<b>Timeout:</b> ${Math.round(job.timeoutMs / 1000)}s\n`
+                : "";
             await ctx.reply(`✅ <b>Cron Job created</b>\n\n` +
                 `<b>Name:</b> ${job.name}\n` +
                 `📅 <b>${readableSched}</b>\n` +
                 `<b>Type:</b> ${job.type}\n` +
+                timeoutLine +
                 `<b>Next run:</b> ${formatNextRun(job.nextRunAt)}\n` +
                 `<b>ID:</b> <code>${job.id}</code>`, { parse_mode: "HTML" });
             return;
@@ -1734,7 +1761,7 @@ export function registerCommands(bot) {
     // type both "/sub-agents" and "/subagents" — Telegram routes both to this.
     bot.command(["sub_agents", "subagents"], async (ctx) => {
         const lang = getSession(ctx.from.id).language;
-        const { listSubAgents, cancelSubAgent, getSubAgentResult, getMaxParallelAgents, getConfiguredMaxParallel, setMaxParallelAgents, findSubAgentByName, getVisibility, setVisibility, getQueueCap, setQueueCap, } = await import("../services/subagents.js");
+        const { listSubAgents, cancelSubAgent, getSubAgentResult, getMaxParallelAgents, getConfiguredMaxParallel, setMaxParallelAgents, findSubAgentByName, getVisibility, setVisibility, getQueueCap, setQueueCap, getDefaultTimeoutMs, setDefaultTimeoutMs, } = await import("../services/subagents.js");
         const arg = (ctx.match || "").trim();
         const tokens = arg.split(/\s+/).filter(Boolean);
         const sub = tokens[0]?.toLowerCase() || "";
@@ -1792,6 +1819,47 @@ export function registerCommands(bot) {
             await ctx.reply(lines.join("\n"), { parse_mode: "Markdown" });
             return;
         }
+        // /subagents timeout [sec|off|unlimited|-1] — set default sub-agent timeout
+        if (sub === "timeout") {
+            const val = tokens[1];
+            const formatTimeout = (ms) => {
+                if (ms <= 0)
+                    return "∞ (unlimited)";
+                if (ms < 1000)
+                    return `${ms}ms`;
+                const sec = ms / 1000;
+                if (sec < 60)
+                    return `${sec}s`;
+                const min = sec / 60;
+                if (min < 60)
+                    return `${min.toFixed(min < 10 ? 1 : 0)}min`;
+                return `${(min / 60).toFixed(1)}h`;
+            };
+            if (!val) {
+                const current = getDefaultTimeoutMs();
+                await ctx.reply(`⏱ Default sub-agent timeout: *${formatTimeout(current)}*\n\n` +
+                    `Usage: \`/subagents timeout <sec>\` · \`/subagents timeout off\`\n` +
+                    `\`off\`, \`unlimited\`, \`-1\` oder \`0\` = kein Timeout. ` +
+                    `Gilt für neue Subagents und ai-query Cron-Jobs ohne eigenen Wert.`, { parse_mode: "Markdown" });
+                return;
+            }
+            const lower = val.toLowerCase();
+            let ms;
+            if (["off", "unlimited", "infinite", "-1", "0"].includes(lower)) {
+                ms = -1;
+            }
+            else {
+                const secs = Number(val);
+                if (!Number.isFinite(secs) || secs < 0) {
+                    await ctx.reply(`❌ Ungültiger Wert \`${val}\`. Nutze Sekunden (z.B. \`300\`) oder \`off\`.`, { parse_mode: "Markdown" });
+                    return;
+                }
+                ms = Math.floor(secs * 1000);
+            }
+            const effective = setDefaultTimeoutMs(ms);
+            await ctx.reply(`✅ Default sub-agent timeout: *${formatTimeout(effective)}*`, { parse_mode: "Markdown" });
+            return;
+        }
         // /subagents queue <n> — set bounded-queue cap (0 disables queue)
         if (sub === "queue") {
             const n = parseInt(tokens[1] || "", 10);
@@ -1921,6 +1989,10 @@ export function registerCommands(bot) {
             ? `${t("bot.subagents.maxLabel", lang)} 0 ${t("bot.subagents.autoSuffix", lang, { n: effective })}`
             : `${t("bot.subagents.maxLabel", lang)} ${configured}`;
         const visibilityLabel = `${t("bot.subagents.visibilityLabel", lang)} *${getVisibility()}*`;
+        const currentTimeout = getDefaultTimeoutMs();
+        const timeoutLabel = currentTimeout <= 0
+            ? `⏱ Timeout: *∞ (unlimited)*`
+            : `⏱ Timeout: *${Math.round(currentTimeout / 1000)}s*`;
         const agents = listSubAgents();
         let body = "";
         if (agents.length === 0) {
@@ -1931,7 +2003,7 @@ export function registerCommands(bot) {
         }
         const header = t("bot.subagents.header", lang);
         const usage = `\n\n${t("bot.subagents.usage", lang)}`;
-        const full = `${header}\n${maxLabel}\n${visibilityLabel}${body}${usage}`;
+        const full = `${header}\n${maxLabel}\n${visibilityLabel}\n${timeoutLabel}${body}${usage}`;
         await ctx.reply(full, { parse_mode: "Markdown" }).catch(() => ctx.reply(full));
     });
 }

package/dist/i18n.js

@@ -519,10 +519,10 @@ const strings = {
         fr: "Durée : {sec}s · Tokens : {in}/{out}",
     },
     "bot.subagents.usage": {
-        en: "Commands:\n/subagents — show status\n/subagents max <n> — set parallel limit (0=auto)\n/subagents visibility <auto|banner|silent|live> — delivery mode\n/subagents queue <n> — bounded-queue cap (0 = disabled)\n/subagents stats — last 24h run stats\n/subagents list — list all\n/subagents cancel <name|id> — cancel one\n/subagents result <name|id> — show result",
-        de: "Befehle:\n/subagents — Status anzeigen\n/subagents max <n> — Parallel-Limit setzen (0=auto)\n/subagents visibility <auto|banner|silent|live> — Delivery-Modus\n/subagents list — alle anzeigen\n/subagents cancel <name|id> — abbrechen\n/subagents result <name|id> — Ergebnis anzeigen",
-        es: "Comandos:\n/subagents — ver estado\n/subagents max <n> — establecer límite (0=auto)\n/subagents visibility <auto|banner|silent|live> — modo de entrega\n/subagents list — listar todos\n/subagents cancel <nombre|id> — cancelar uno\n/subagents result <nombre|id> — ver resultado",
-        fr: "Commandes :\n/subagents — état\n/subagents max <n> — limite parallèle (0=auto)\n/subagents visibility <auto|banner|silent|live> — mode de livraison\n/subagents list — lister tous\n/subagents cancel <nom|id> — annuler un\n/subagents result <nom|id> — voir résultat",
+        en: "Commands:\n/subagents — show status\n/subagents max <n> — set parallel limit (0=auto)\n/subagents timeout <sec|off> — default timeout (off = unlimited)\n/subagents visibility <auto|banner|silent|live> — delivery mode\n/subagents queue <n> — bounded-queue cap (0 = disabled)\n/subagents stats — last 24h run stats\n/subagents list — list all\n/subagents cancel <name|id> — cancel one\n/subagents result <name|id> — show result",
+        de: "Befehle:\n/subagents — Status anzeigen\n/subagents max <n> — Parallel-Limit setzen (0=auto)\n/subagents timeout <sec|off> — Default-Timeout (off = unendlich)\n/subagents visibility <auto|banner|silent|live> — Delivery-Modus\n/subagents queue <n> — Queue-Cap (0 = deaktiviert)\n/subagents list — alle anzeigen\n/subagents cancel <name|id> — abbrechen\n/subagents result <name|id> — Ergebnis anzeigen",
+        es: "Comandos:\n/subagents — ver estado\n/subagents max <n> — establecer límite (0=auto)\n/subagents timeout <seg|off> — timeout por defecto (off = sin límite)\n/subagents visibility <auto|banner|silent|live> — modo de entrega\n/subagents list — listar todos\n/subagents cancel <nombre|id> — cancelar uno\n/subagents result <nombre|id> — ver resultado",
+        fr: "Commandes :\n/subagents — état\n/subagents max <n> — limite parallèle (0=auto)\n/subagents timeout <sec|off> — délai par défaut (off = illimité)\n/subagents visibility <auto|banner|silent|live> — mode de livraison\n/subagents list — lister tous\n/subagents cancel <nom|id> — annuler un\n/subagents result <nom|id> — voir résultat",
     },
     "bot.subagents.visibilityLabel": {
         en: "Visibility:",

package/dist/index.js

@@ -216,10 +216,20 @@ if (hasTelegram) {
     bot.on("message:photo", handlePhoto);
     bot.on("message:document", handleDocument);
     bot.on("message:text", handleMessage);
-    // Error handling — log but don't crash
+    // Error handling — log but don't crash.
     bot.catch((err) => {
         const ctx = err.ctx;
         const e = err.error;
+        // Telegram's "message is not modified" (400) is harmless — it fires
+        // when a callback handler re-renders an inline keyboard / edited
+        // message with content that happens to match the current message
+        // exactly (e.g. double-tapped toggle button, identical list after
+        // re-render). Swallow it silently so it neither pollutes the logs
+        // nor bubbles up to the user as "internal error".
+        const msg = e instanceof Error ? e.message : String(e);
+        if (/message is not modified/i.test(msg) || /specified new message content.*exactly the same/i.test(msg)) {
+            return;
+        }
         console.error(`Error handling update ${ctx?.update?.update_id}:`, e);
         // Try to notify the user
         if (ctx?.chat?.id) {

package/dist/paths.js

@@ -86,6 +86,8 @@ export const AGENTS_FILE = resolve(DATA_DIR, "AGENTS.md");
 export const HOOKS_DIR = resolve(DATA_DIR, "hooks");
 /** scripts/browse-server.cjs — HTTP gateway for persistent browser sessions */
 export const BROWSE_SERVER_SCRIPT = resolve(BOT_ROOT, "scripts", "browse-server.cjs");
+/** ~/.claude/hub/SCRIPTS/browser.sh — Hub 3-tier browser router (stealth, CDP, ext) */
+export const HUB_BROWSER_SH = resolve(os.homedir(), ".claude", "hub", "SCRIPTS", "browser.sh");
 /** data/exec-allowlist.json — User-defined exec allowlist */
 export const EXEC_ALLOWLIST_FILE = resolve(DATA_DIR, "exec-allowlist.json");
 /** assets/ — User asset files (CVs, cover letters, legal docs, photos) */

package/dist/services/browser-manager.js

@@ -1,34 +1,166 @@
 /**
- * Multi-Strategy Browser Manager
+ * Multi-Strategy Browser Manager — with automatic fallback chain.
  *
- * Auto-selects between three browser strategies:
- * - CLI: Headless Playwright, one-shot (screenshots, text extraction, PDF)
- * - Gateway: Persistent HTTP browser server (interactive browsing, form-filling)
- * - CDP: Attach to user's live Chrome via DevTools Protocol
+ * Strategy priority:
+ *   1. Gateway (browse-server.cjs HTTP server) — if script exists and is running
+ *   2. CDP (Chrome DevTools Protocol) — via hub browser.sh cdp, persistent cookies
+ *   3. Hub Stealth (Playwright + stealth plugin) — via hub browser.sh stealth
+ *   4. Raw CLI (bare Playwright) — last resort, easily blocked
+ *
+ * If a strategy is unavailable, we automatically cascade to the next one
+ * and log a warning so failures are visible, not silent.
  */
-import { spawn } from "child_process";
+import { execSync, spawn } from "child_process";
 import http from "http";
 import fs from "fs";
 import { config } from "../config.js";
-import { BROWSE_SERVER_SCRIPT } from "../paths.js";
+import { BROWSE_SERVER_SCRIPT, HUB_BROWSER_SH } from "../paths.js";
 import { screenshotUrl, extractText, generatePdf } from "./browser.js";
-/** Auto-select the best browser strategy for a task */
+const CDP_PORT = 9222;
+const EXEC_TIMEOUT = 60_000; // 60s for page loads via shell
+// ── Logging ──────────────────────────────────────────────────────────
+function log(msg) {
+    console.warn(`[browser-manager] ${msg}`);
+}
+// ── Availability Checks ──────────────────────────────────────────────
+function isGatewayScriptPresent() {
+    return fs.existsSync(BROWSE_SERVER_SCRIPT);
+}
+async function isGatewayRunning() {
+    try {
+        const health = await gatewayRequest("/health");
+        return !!health?.ok;
+    }
+    catch {
+        return false;
+    }
+}
+function isHubBrowserAvailable() {
+    return fs.existsSync(HUB_BROWSER_SH);
+}
+async function isCDPAvailable() {
+    return new Promise((resolve) => {
+        const req = http.get(`http://127.0.0.1:${CDP_PORT}/json/version`, (res) => {
+            let data = "";
+            res.on("data", (chunk) => (data += chunk));
+            res.on("end", () => resolve(res.statusCode === 200));
+        });
+        req.on("error", () => resolve(false));
+        req.setTimeout(3000, () => {
+            req.destroy();
+            resolve(false);
+        });
+    });
+}
+// ── Strategy Selection with Fallback ─────────────────────────────────
+/** Pick the preferred strategy based on task type */
 export function selectStrategy(task = {}) {
     if (task.useUserBrowser || config.cdpUrl)
         return "cdp";
     if (task.interactive || task.multiStep)
         return "gateway";
+    return "hub-stealth";
+}
+/**
+ * Resolve the preferred strategy to one that's actually available.
+ * Cascades: gateway → cdp → hub-stealth → cli
+ */
+export async function resolveStrategy(preferred) {
+    const chain = [];
+    // Build fallback chain starting from preferred
+    switch (preferred) {
+        case "gateway":
+            chain.push("gateway", "cdp", "hub-stealth", "cli");
+            break;
+        case "cdp":
+            chain.push("cdp", "hub-stealth", "cli");
+            break;
+        case "hub-stealth":
+            chain.push("hub-stealth", "cli");
+            break;
+        case "cli":
+            chain.push("cli");
+            break;
+    }
+    for (const strategy of chain) {
+        switch (strategy) {
+            case "gateway":
+                if (isGatewayScriptPresent() && (await isGatewayRunning()))
+                    return "gateway";
+                if (!isGatewayScriptPresent()) {
+                    log("Gateway unavailable: browse-server.cjs not found. Falling back.");
+                }
+                else {
+                    log("Gateway not running. Falling back.");
+                }
+                break;
+            case "cdp":
+                if (await isCDPAvailable())
+                    return "cdp";
+                // Try starting CDP via hub script
+                if (isHubBrowserAvailable()) {
+                    try {
+                        log("CDP Chrome not running — attempting to start via hub browser.sh...");
+                        execSync(`"${HUB_BROWSER_SH}" cdp start headless`, {
+                            stdio: "pipe",
+                            timeout: 15_000,
+                        });
+                        // Give it a moment to spin up
+                        await new Promise((r) => setTimeout(r, 3000));
+                        if (await isCDPAvailable()) {
+                            log("CDP Chrome started successfully.");
+                            return "cdp";
+                        }
+                    }
+                    catch (err) {
+                        log(`Failed to start CDP Chrome: ${err.message}`);
+                    }
+                }
+                log("CDP unavailable. Falling back.");
+                break;
+            case "hub-stealth":
+                if (isHubBrowserAvailable())
+                    return "hub-stealth";
+                log("Hub browser.sh not found. Falling back to raw Playwright.");
+                break;
+            case "cli":
+                return "cli"; // Always available as last resort
+        }
+    }
     return "cli";
 }
-// ── Gateway Management ────────────────────────────────────────────────
+function execHub(args) {
+    try {
+        const result = execSync(`"${HUB_BROWSER_SH}" ${args}`, {
+            stdio: "pipe",
+            timeout: EXEC_TIMEOUT,
+            env: { ...process.env, PATH: process.env.PATH },
+        });
+        const stdout = result.toString().trim();
+        // Try to parse as JSON (stealth outputs JSON)
+        try {
+            return JSON.parse(stdout);
+        }
+        catch {
+            // Not JSON — return as raw text
+            return { title: "", url: "", raw: stdout };
+        }
+    }
+    catch (err) {
+        const error = err;
+        log(`Hub script failed: ${error.stderr?.toString()?.trim() || error.message}`);
+        return null;
+    }
+}
+// ── Gateway Management ───────────────────────────────────────────────
 let gatewayProcess = null;
-async function gatewayRequest(path, params = {}) {
+async function gatewayRequest(urlPath, params = {}, timeoutMs = 15_000) {
     const query = new URLSearchParams(params).toString();
-    const url = `http://127.0.0.1:${config.browseServerPort}${path}${query ? "?" + query : ""}`;
+    const url = `http://127.0.0.1:${config.browseServerPort}${urlPath}${query ? "?" + query : ""}`;
     return new Promise((resolve, reject) => {
-        http.get(url, (res) => {
+        const req = http.get(url, (res) => {
             let data = "";
-            res.on("data", chunk => data += chunk);
+            res.on("data", (chunk) => (data += chunk));
             res.on("end", () => {
                 try {
                     resolve(JSON.parse(data));
@@ -37,107 +169,270 @@ async function gatewayRequest(path, params = {}) {
                     reject(new Error(`Invalid JSON from gateway: ${data.slice(0, 200)}`));
                 }
             });
-        }).on("error", reject);
+        });
+        req.on("error", reject);
+        req.setTimeout(timeoutMs, () => {
+            req.destroy(new Error(`Gateway request timed out after ${timeoutMs}ms: ${urlPath}`));
+        });
     });
 }
 async function ensureGateway() {
     // Check if already running
-    try {
-        const health = await gatewayRequest("/health");
-        if (health.ok)
-            return true;
-    }
-    catch { /* not running */ }
-    // Start it
-    if (!fs.existsSync(BROWSE_SERVER_SCRIPT))
+    if (await isGatewayRunning())
+        return true;
+    // Try to start it
+    if (!isGatewayScriptPresent()) {
+        log("Cannot start gateway: browse-server.cjs not found.");
         return false;
+    }
     gatewayProcess = spawn("node", [BROWSE_SERVER_SCRIPT, String(config.browseServerPort)], {
         stdio: "pipe",
         detached: false,
     });
-    gatewayProcess.on("exit", () => { gatewayProcess = null; });
+    gatewayProcess.on("exit", () => {
+        gatewayProcess = null;
+    });
     // Wait for startup (max 10s)
     for (let i = 0; i < 20; i++) {
-        await new Promise(r => setTimeout(r, 500));
-        try {
-            const health = await gatewayRequest("/health");
-            if (health.ok)
-                return true;
-        }
-        catch { /* still starting */ }
+        await new Promise((r) => setTimeout(r, 500));
+        if (await isGatewayRunning())
+            return true;
     }
+    log("Gateway failed to start within 10s.");
     return false;
 }
-// ── Unified Operations ────────────────────────────────────────────────
-/** Navigate to URL using best strategy */
+// ── Unified Operations ───────────────────────────────────────────────
+/** Navigate to URL using best available strategy */
 export async function navigate(url, task = {}) {
-    const strategy = selectStrategy(task);
-    if (strategy === "gateway") {
-        await ensureGateway();
-        return gatewayRequest("/navigate", { url });
-    }
-    if (strategy === "cdp") {
-        // CDP: use playwright connectOverCDP
-        const { chromium } = await import("playwright");
-        const browser = await chromium.connectOverCDP(config.cdpUrl);
-        const contexts = browser.contexts();
-        const page = contexts[0]?.pages()[0] || await contexts[0]?.newPage() || await browser.newPage();
-        await page.goto(url, { waitUntil: "networkidle", timeout: 30000 });
-        const title = await page.title();
-        return { title, url: page.url() };
-    }
-    // CLI: simple text extraction
-    const text = await extractText(url);
-    return { title: url, url, tree: [text.slice(0, 500)] };
+    const strategy = await resolveStrategy(selectStrategy(task));
+    log(`navigate(${url}) using strategy: ${strategy}`);
+    switch (strategy) {
+        case "gateway": {
+            await ensureGateway();
+            return gatewayRequest("/navigate", { url });
+        }
+        case "cdp": {
+            // Try hub CDP first
+            if (isHubBrowserAvailable()) {
+                const result = execHub(`cdp goto "${url}"`);
+                if (result && !result.error) {
+                    return { title: result.title || "", url: result.url || url };
+                }
+            }
+            // Fallback: direct Playwright CDP
+            try {
+                const { chromium } = await import("playwright");
+                const browser = await chromium.connectOverCDP(config.cdpUrl || `http://127.0.0.1:${CDP_PORT}`);
+                const contexts = browser.contexts();
+                const page = contexts[0]?.pages()[0] || (await contexts[0]?.newPage()) || (await browser.newPage());
+                await page.goto(url, { waitUntil: "networkidle", timeout: 30000 });
+                const title = await page.title();
+                return { title, url: page.url() };
+            }
+            catch (err) {
+                log(`Direct CDP failed: ${err.message}`);
+                // Last resort: try stealth
+                if (isHubBrowserAvailable()) {
+                    const stealthResult = execHub(`stealth "${url}"`);
+                    if (stealthResult) {
+                        return { title: stealthResult.title || "", url: stealthResult.url || url };
+                    }
+                }
+                throw err;
+            }
+        }
+        case "hub-stealth": {
+            const result = execHub(`stealth "${url}"`);
+            if (result && !result.error) {
+                return { title: result.title || "", url: result.url || url };
+            }
+            // Fallback to raw CLI
+            log("Hub stealth failed, falling back to raw Playwright.");
+            const text = await extractText(url);
+            return { title: url, url, tree: [text.slice(0, 500)] };
+        }
+        case "cli":
+        default: {
+            const text = await extractText(url);
+            return { title: url, url, tree: [text.slice(0, 500)] };
+        }
+    }
 }
 /** Take a screenshot */
 export async function screenshot(url, options = {}) {
-    const strategy = selectStrategy();
-    if (strategy === "gateway") {
-        await ensureGateway();
-        if (url)
-            await gatewayRequest("/navigate", { url });
-        const result = await gatewayRequest("/screenshot", options.fullPage ? { full: "true" } : {});
-        return result.path;
-    }
-    // CLI fallback
-    return screenshotUrl(url, { fullPage: options.fullPage });
-}
-/** Get accessibility tree (gateway only) */
+    const strategy = await resolveStrategy(selectStrategy());
+    log(`screenshot(${url}) using strategy: ${strategy}`);
+    switch (strategy) {
+        case "gateway": {
+            await ensureGateway();
+            if (url)
+                await gatewayRequest("/navigate", { url });
+            const result = await gatewayRequest("/screenshot", options.fullPage ? { full: "true" } : {});
+            return result.path;
+        }
+        case "cdp": {
+            if (isHubBrowserAvailable()) {
+                const tmpName = `shot_${Date.now()}.png`;
+                const result = execHub(`cdp shot "${url}" ${tmpName}`);
+                if (result?.screenshot)
+                    return result.screenshot;
+            }
+            // Fallback to raw Playwright
+            return screenshotUrl(url, { fullPage: options.fullPage });
+        }
+        case "hub-stealth": {
+            const tmpName = `shot_${Date.now()}.png`;
+            const result = execHub(`stealth "${url}" --screenshot=${tmpName}`);
+            if (result?.screenshot)
+                return result.screenshot;
+            // Fallback
+            return screenshotUrl(url, { fullPage: options.fullPage });
+        }
+        case "cli":
+        default:
+            return screenshotUrl(url, { fullPage: options.fullPage });
+    }
+}
+// ── CDP Direct-Playwright Helper ─────────────────────────────────────
+// Used as fallback when the gateway isn't running but CDP Chrome is.
+// Each call opens a short-lived CDP connection, operates on the newest
+// existing page in the current context (keeps Chrome itself alive), and
+// disconnects. Safe for sub-agents that need a single op at a time.
+async function withCdpPage(fn) {
+    const { chromium } = await import("playwright");
+    const browser = await chromium.connectOverCDP(config.cdpUrl || `http://127.0.0.1:${CDP_PORT}`);
+    try {
+        const context = browser.contexts()[0];
+        if (!context)
+            throw new Error("No CDP contexts available — is Chrome CDP running?");
+        const pages = context.pages();
+        const page = pages[pages.length - 1] || (await context.newPage());
+        return await fn(page);
+    }
+    finally {
+        await browser.close(); // Closes CDP connection, not Chrome itself
+    }
+}
+const NEEDS_INTERACTIVE_HINT = "Start CDP Chrome: ~/.claude/hub/SCRIPTS/browser.sh cdp start headless";
+/**
+ * Get accessibility tree (gateway preferred, CDP fallback returns outerHTML).
+ * The @eN ref model only exists in the gateway; under CDP we return a
+ * best-effort DOM snippet instead so callers can still see what's there.
+ */
 export async function getTree(limit = 100) {
-    await ensureGateway();
-    return gatewayRequest("/tree", { limit: String(limit) });
-}
-/** Click element by ref (gateway only) */
-export async function click(ref) {
-    await ensureGateway();
-    return gatewayRequest("/click", { ref });
-}
-/** Fill input (gateway only) */
-export async function fill(ref, value) {
-    await ensureGateway();
-    await gatewayRequest("/fill", { ref, value });
-}
-/** Type text (gateway only) */
-export async function type(ref, text) {
-    await ensureGateway();
-    await gatewayRequest("/type", { ref, text });
-}
-/** Press key (gateway only) */
-export async function press(key, ref) {
-    await ensureGateway();
-    await gatewayRequest("/press", ref ? { key, ref } : { key });
-}
-/** Scroll page (gateway only) */
+    if (await isGatewayRunning()) {
+        return gatewayRequest("/tree", { limit: String(limit) });
+    }
+    if (await isCDPAvailable()) {
+        return withCdpPage(async (page) => {
+            const elements = await page.$$eval("a, button, input, select, textarea, [role=button], [role=link]", (els, max) => els.slice(0, max).map((el, i) => {
+                const tag = el.tagName.toLowerCase();
+                const text = (el.textContent || "").trim().slice(0, 60);
+                const id = el.id ? `#${el.id}` : "";
+                const name = el.name
+                    ? `[name=${el.name}]`
+                    : "";
+                return `@e${i + 1} <${tag}${id}${name}> "${text}"`;
+            }), limit);
+            return { tree: elements, total: elements.length };
+        });
+    }
+    throw new Error(`[browser-manager] getTree requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
+}
+/**
+ * Click an element. Accepts a gateway ref (@eN → "eN") when gateway is
+ * running, or a CSS selector when only CDP is available.
+ */
+export async function click(refOrSelector) {
+    if (await isGatewayRunning()) {
+        return gatewayRequest("/click", { ref: refOrSelector });
+    }
+    if (await isCDPAvailable()) {
+        return withCdpPage(async (page) => {
+            await page.click(refOrSelector, { timeout: 10_000 });
+            return { title: await page.title(), url: page.url() };
+        });
+    }
+    throw new Error(`[browser-manager] click() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
+}
+/** Fill an input. refOrSelector semantics match click(). */
+export async function fill(refOrSelector, value) {
+    if (await isGatewayRunning()) {
+        await gatewayRequest("/fill", { ref: refOrSelector, value });
+        return;
+    }
+    if (await isCDPAvailable()) {
+        await withCdpPage(async (page) => {
+            await page.fill(refOrSelector, value, { timeout: 10_000 });
+        });
+        return;
+    }
+    throw new Error(`[browser-manager] fill() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
+}
+/** Type text character-by-character (for inputs that reject page.fill). */
+export async function type(refOrSelector, text) {
+    if (await isGatewayRunning()) {
+        await gatewayRequest("/type", { ref: refOrSelector, text });
+        return;
+    }
+    if (await isCDPAvailable()) {
+        await withCdpPage(async (page) => {
+            await page.type(refOrSelector, text, { timeout: 10_000 });
+        });
+        return;
+    }
+    throw new Error(`[browser-manager] type() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
+}
+/** Press a keyboard key (page-level if no ref, element-level with ref). */
+export async function press(key, refOrSelector) {
+    if (await isGatewayRunning()) {
+        await gatewayRequest("/press", refOrSelector ? { key, ref: refOrSelector } : { key });
+        return;
+    }
+    if (await isCDPAvailable()) {
+        await withCdpPage(async (page) => {
+            if (refOrSelector) {
+                await page.locator(refOrSelector).press(key, { timeout: 10_000 });
+            }
+            else {
+                await page.keyboard.press(key);
+            }
+        });
+        return;
+    }
+    throw new Error(`[browser-manager] press() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
+}
+/** Scroll page. CDP fallback uses window.scrollBy. */
 export async function scroll(direction, amount = 600) {
-    await ensureGateway();
-    return gatewayRequest("/scroll", { direction, amount: String(amount) });
+    if (await isGatewayRunning()) {
+        return gatewayRequest("/scroll", { direction, amount: String(amount) });
+    }
+    if (await isCDPAvailable()) {
+        return withCdpPage(async (page) => {
+            const delta = direction === "up" ? -amount :
+                direction === "top" ? -1e9 :
+                    direction === "bottom" ? 1e9 :
+                        amount;
+            await page.evaluate((d) => window.scrollBy(0, d), delta);
+            return { title: await page.title(), url: page.url() };
+        });
+    }
+    throw new Error(`[browser-manager] scroll() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
 }
-/** Evaluate JS (gateway only) */
+/** Evaluate JS in the page context. */
 export async function evaluate(js) {
-    await ensureGateway();
-    const result = await gatewayRequest("/eval", { js });
-    return result.result;
+    if (await isGatewayRunning()) {
+        const result = await gatewayRequest("/eval", { js });
+        return result.result;
+    }
+    if (await isCDPAvailable()) {
+        return withCdpPage(async (page) => {
+            // `page.evaluate(fn)` wraps a function — we need eval of a raw
+            // expression string, so wrap in an IIFE.
+            return page.evaluate(new Function(`return (${js})`));
+        });
+    }
+    throw new Error(`[browser-manager] evaluate() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
 }
 /** Generate PDF from URL */
 export async function pdf(url) {
@@ -154,8 +449,16 @@ export async function close() {
         gatewayProcess = null;
     }
 }
-/** Get current page info (gateway) */
+/** Get current page info (gateway preferred, CDP fallback reads newest page). */
 export async function info() {
-    await ensureGateway();
-    return gatewayRequest("/info");
+    if (await isGatewayRunning()) {
+        return gatewayRequest("/info");
+    }
+    if (await isCDPAvailable()) {
+        return withCdpPage(async (page) => ({
+            title: await page.title(),
+            url: page.url(),
+        }));
+    }
+    throw new Error(`[browser-manager] info() requires gateway or CDP. ${NEEDS_INTERACTIVE_HINT}`);
 }

package/dist/services/cron.js

@@ -122,11 +122,16 @@ async function executeJob(job) {
             }
             case "shell": {
                 const cmd = job.payload.command || "echo 'no command'";
-                const output = execSync(cmd, {
-                    timeout: 60_000,
+                // Per-job timeout, default = no timeout (execSync treats timeout=0
+                // or "undefined" as infinite). Users opt in via /cron add … --timeout N.
+                const shellOpts = {
                     stdio: "pipe",
                     env: { ...process.env, PATH: process.env.PATH + ":/opt/homebrew/bin:/usr/local/bin" },
-                }).toString().trim();
+                };
+                if (typeof job.timeoutMs === "number" && job.timeoutMs > 0) {
+                    shellOpts.timeout = job.timeoutMs;
+                }
+                const output = execSync(cmd, shellOpts).toString().trim();
                 // Notify with output
                 if (notifyCallback && output) {
                     await notifyCallback(job.target, `🔧 ${job.name}\n\`\`\`\n${output.slice(0, 3000)}\n\`\`\``);
@@ -173,14 +178,20 @@ async function executeJob(job) {
                         ? Number(job.target.chatId)
                         : undefined;
                     const result = await new Promise((resolve, reject) => {
-                        spawnSubAgent({
+                        // Only pass `timeout` through when the job has a per-job value.
+                        // Otherwise the sub-agent inherits the current /subagents default.
+                        const spawnConfig = {
                             name: job.name,
                             prompt,
                             workingDir: BOT_ROOT,
                             source: "cron",
                             parentChatId,
                             onComplete: (r) => resolve(r),
-                        }).catch(reject);
+                        };
+                        if (typeof job.timeoutMs === "number") {
+                            spawnConfig.timeout = job.timeoutMs;
+                        }
+                        spawnSubAgent(spawnConfig).catch(reject);
                     });
                     // Non-success: don't notify here. The I3 delivery router has
                     // already posted the appropriate banner (cancelled / timeout /
@@ -309,6 +320,7 @@ export function createJob(input) {
         nextRunAt: null,
         runCount: 0,
         createdBy: input.createdBy || "unknown",
+        ...(typeof input.timeoutMs === "number" ? { timeoutMs: input.timeoutMs } : {}),
     };
     // Calculate first run
     job.nextRunAt = calculateNextRun(job);

package/dist/services/subagents.js

@@ -21,6 +21,14 @@ let configCache = null;
 function isValidVisibility(v) {
     return v === "auto" || v === "banner" || v === "silent" || v === "live";
 }
+/** Resolve the initial default timeout from config.ts, which itself seeds
+ *  from the SUBAGENT_TIMEOUT env var. -1 = unlimited. */
+function seedDefaultTimeout() {
+    const raw = config.subAgentTimeout;
+    if (typeof raw !== "number" || !Number.isFinite(raw) || raw <= 0)
+        return -1;
+    return Math.floor(raw);
+}
 function loadSubAgentsConfig() {
     if (configCache)
         return configCache;
@@ -33,14 +41,18 @@ function loadSubAgentsConfig() {
             queueCap: typeof parsed.queueCap === "number"
                 ? Math.max(0, Math.min(Math.floor(parsed.queueCap), ABSOLUTE_MAX_QUEUE))
                 : DEFAULT_QUEUE_CAP,
+            defaultTimeoutMs: typeof parsed.defaultTimeoutMs === "number" && Number.isFinite(parsed.defaultTimeoutMs)
+                ? (parsed.defaultTimeoutMs <= 0 ? -1 : Math.floor(parsed.defaultTimeoutMs))
+                : seedDefaultTimeout(),
         };
     }
     catch {
-        // File missing or invalid — seed from env var then default to auto
+        // File missing or invalid — seed from env vars then default to auto/unlimited
         configCache = {
             maxParallel: Number(process.env.MAX_SUBAGENTS) || 0,
             visibility: "auto",
             queueCap: DEFAULT_QUEUE_CAP,
+            defaultTimeoutMs: seedDefaultTimeout(),
         };
     }
     return configCache;
@@ -102,6 +114,18 @@ export function setQueueCap(n) {
     saveSubAgentsConfig({ ...cfg, queueCap: clamped });
     return clamped;
 }
+/** Current default timeout in ms. -1 = unlimited. */
+export function getDefaultTimeoutMs() {
+    return loadSubAgentsConfig().defaultTimeoutMs;
+}
+/** Set the default timeout in ms. Any value ≤ 0 or non-finite collapses
+ *  to -1 (unlimited). Returns the persisted value. */
+export function setDefaultTimeoutMs(ms) {
+    const normalized = !Number.isFinite(ms) || ms <= 0 ? -1 : Math.floor(ms);
+    const cfg = loadSubAgentsConfig();
+    saveSubAgentsConfig({ ...cfg, defaultTimeoutMs: normalized });
+    return normalized;
+}
 // ── State ───────────────────────────────────────────────
 const activeAgents = new Map();
 // ── Name resolver (B2) ──────────────────────────────────
@@ -433,14 +457,23 @@ export function spawnSubAgent(agentConfig) {
     const resolved = resolveAgentName(agentConfig.name);
     const resolvedName = resolved.name;
     const id = crypto.randomUUID();
-    const timeout = agentConfig.timeout ?? config.subAgentTimeout;
+    // Timeout resolution order:
+    //   1. Per-spawn override (agentConfig.timeout) — used by cron jobs that
+    //      carry their own timeoutMs.
+    //   2. Runtime default from sub-agents.json (set via /subagents timeout).
+    //   3. config.subAgentTimeout fallback (seeded from SUBAGENT_TIMEOUT env).
+    // Any value ≤ 0 means "no timeout" — we simply don't arm the abort timer.
+    // The existing null-safe `clearTimeout(timeoutId)` call sites make this
+    // a safe no-op when the agent finishes or is cancelled.
+    const timeout = agentConfig.timeout ?? getDefaultTimeoutMs();
     const abort = new AbortController();
-    const timeoutId = setTimeout(() => abort.abort(), timeout);
+    const timeoutId = timeout > 0 ? setTimeout(() => abort.abort(), timeout) : null;
     const willRunImmediately = running < maxParallel;
     const canQueue = !willRunImmediately && queueCap > 0 && queuedLen < queueCap;
     if (!willRunImmediately && !canQueue) {
         // No slot, no queue room → priority-aware reject
-        clearTimeout(timeoutId);
+        if (timeoutId)
+            clearTimeout(timeoutId);
         const source = sourceOf(agentConfig);
         const runningAgents = [...activeAgents.values()].filter((a) => a.info.status === "running");
         const userSlots = runningAgents.filter((a) => a.info.source === "user").length;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "alvin-bot",
-  "version": "4.8.7",
+  "version": "4.8.9",
   "description": "Alvin Bot — Your personal AI agent on Telegram, WhatsApp, Discord, Signal, and Web.",
   "type": "module",
   "main": "dist/index.js",

package/skills/browse/SKILL.md

@@ -1,136 +1,161 @@
 ---
 name: Browser Automation
-description: Interactive browser control — navigate, click, fill forms, screenshot, test web apps
-triggers: browse, browser, test webapp, test app, test website, screenshot page, interact with, click on, fill form, visual test, qa test, check page, open page, test my app, browse to, open url, puppeteer, playwright, browser automation, test die seite, teste die app, schau dir an, öffne die seite, teste mal, visual check, check the ui, check the page
+description: 3-tier browser control — stealth scraping, CDP with persistent cookies, visual oversight. Navigate, screenshot, extract text, interact with logged-in pages.
+triggers: browse, browser, test webapp, test app, test website, screenshot page, interact with, click on, fill form, visual test, qa test, check page, open page, test my app, browse to, open url, puppeteer, playwright, browser automation, linkedin, stepstone, indeed, scrape, fetch page, crawl, teste die seite, teste die app, schau dir an, öffne die seite, teste mal, visual check, check the ui, check the page, webseite öffnen, seite abrufen
 priority: 8
 category: automation
 ---
 
-# Browser Automation — Playwright Interactive
+# Browser Automation — 3-Tier Router
 
-## Browser Strategies
+Du hast drei Browser-Strategien plus WebFetch. **Wähle die billigste passende Stufe** und eskaliere nur wenn nötig.
 
-Alvin Bot auto-selects the best browser approach:
+## Entscheidungsregel (in dieser Reihenfolge)
 
-| Strategy | When | How |
-|----------|------|-----|
-| **CLI** (default) | Simple screenshots, text extraction, PDF | Headless Playwright, one-shot |
-| **HTTP Gateway** | Interactive browsing, form-filling, QA testing | Persistent browser server on port 3800 |
-| **CDP** | Attach to user's Chrome (with login state) | Chrome DevTools Protocol via CDP_URL |
+| Task | Tool | Warum |
+|------|------|-------|
+| Einzelne öffentliche Seite, nur Text | WebFetch oder `curl` | Am schnellsten, keine Browser-Engine |
+| Öffentliche Seite mit JS / Cloudflare | **Tier 1 Stealth** | Headless + Fingerprint-Masking |
+| Login-pflichtige Seite (LinkedIn, Gmail, …) | **Tier 2 CDP** | Echtes Chrome, persistente Cookies |
+| Komplexer Multi-Step-Flow, User soll zusehen | **Tier 3 Extension** | Visuelle Kontrolle |
 
-The gateway starts automatically when needed and shuts down after 5 min idle.
-For CDP: Launch Chrome with `--remote-debugging-port=9222` and set `CDP_URL=http://localhost:9222`.
+**NIEMALS** `scripts/browse-server.cjs` nutzen — existiert nicht mehr. **NIEMALS** nacktes `node -e "const {chromium}…"` für externe Seiten — wird sofort geblockt.
 
 ---
 
-You have a persistent Playwright browser server that gives you **eyes** and **hands** to interact with web pages. You can navigate, see screenshots, read the accessibility tree, click buttons, fill forms, and test running web apps.
+## Tier 0 — WebFetch / curl (schnellster Pfad)
 
-## Quick Start
+Für statische Seiten oder APIs, die keine JS-Rendering brauchen:
 
 ```bash
-# 1. Ensure server is running (auto-shuts down after 5 min idle)
-curl -s http://127.0.0.1:3800/health 2>/dev/null | grep -q '"ok":true' || \
-  (BOT_DIR=$(node -e "console.log(require('path').resolve(require.resolve('alvin-bot/package.json'), '..'))" 2>/dev/null || echo ".") && cd "$BOT_DIR" && node scripts/browse-server.cjs &) && sleep 3
+# Direkter curl
+curl -sL -H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" \
+  "https://www.michaelpage.de/jobs/it-director" | htmlq -t "h1, .job-title"
 
-# 2. Navigate to a page
-curl -s "http://127.0.0.1:3800/navigate?url=https://example.com" | jq
+# Oder das WebFetch-Tool, wenn verfügbar (interpretiert Inhalt direkt)
+```
 
-# 3. Take a screenshot (view it with Read tool)
-SHOT=$(curl -s "http://127.0.0.1:3800/screenshot" | jq -r '.path')
-# Then use Read tool on $SHOT to see the image
+Wenn das einen 403/Captcha gibt → eskaliere auf Tier 1.
 
-# 4. Get interactive elements
-curl -s "http://127.0.0.1:3800/tree" | jq '.tree[]' -r
+---
 
-# 5. Click something
-curl -s "http://127.0.0.1:3800/click?ref=e5" | jq
-```
+## Tier 1 — Playwright Stealth (headless, schnell, maskiert)
+
+**Router-Script:** `~/.claude/hub/SCRIPTS/browser.sh`
+
+```bash
+# Seite laden, JSON-Metadata zurück (title, url, html_length)
+~/.claude/hub/SCRIPTS/browser.sh stealth "https://www.stepstone.de/jobs/it-delivery"
 
-## All Routes
-
-| Route | Params | What it does |
-|-------|--------|-------------|
-| `/navigate` | `url` | Open a URL, returns title + accessibility tree |
-| `/screenshot` | `full=true` (optional) | Take screenshot, returns file path |
-| `/tree` | `limit=N` (optional) | Get all interactive elements with @eN refs |
-| `/click` | `ref=eN` | Click element by ref |
-| `/fill` | `ref=eN`, `value=text` | Fill input field |
-| `/type` | `ref=eN`, `text=chars` | Type character by character (for special inputs) |
-| `/press` | `key=Enter`, `ref=eN` (opt) | Press keyboard key |
-| `/select` | `ref=eN`, `value=opt` | Select dropdown option |
-| `/hover` | `ref=eN` | Hover over element |
-| `/scroll` | `direction=down/up/top/bottom`, `amount=600` | Scroll page |
-| `/eval` | `js=expression` | Run JavaScript on page |
-| `/wait` | `ms=2000` or `selector=.class` | Wait for time or element |
-| `/viewport` | `device=mobile/tablet` or `width=W&height=H` | Change viewport |
-| `/cookies` | `set=[{...}]` (optional) | Get or set cookies |
-| `/back` | — | Browser back |
-| `/forward` | — | Browser forward |
-| `/reload` | — | Reload page |
-| `/network` | `limit=20` | Recent network requests |
-| `/info` | — | Current page info |
-| `/close` | — | Close browser + shutdown server |
-| `/health` | — | Server status check |
-
-## Element Refs (@eN)
-
-The accessibility tree assigns **refs** like `@e1`, `@e2`, `@e3` to every interactive element (links, buttons, inputs, etc.). Use these refs for all interactions — they're more robust than CSS selectors.
-
-Example tree:
+# Mit Screenshot (PNG in ~/.claude/hub/BROWSER/screenshots/)
+~/.claude/hub/SCRIPTS/browser.sh stealth "https://example.com" --screenshot=page.png
 ```
-@e1 <a href="/"> "Home"
-@e2 <a href="/dashboard"> "Dashboard"
-@e3 <input type="email" name="email" placeholder="Enter email">
-@e4 <input type="password" name="password" placeholder="Password">
-@e5 <button> "Sign In"
-@e6 <a href="/forgot"> "Forgot password?"
+
+**Was du bekommst:** JSON mit `{title, url, html_length, screenshot}`. Der volle HTML liegt nicht in stdout — zum Parsen den `stealth.js` direkt als Modul importieren oder `/tmp/`-File lesen.
+
+**Wann blockt das:** reCAPTCHA v3, aggressive Cloudflare, Login-Walls.
+
+**Konkrete funktionierende Targets (Stand 2026):**
+- StepStone (alle Job-Suchen) ✅
+- Michael Page ✅
+- Hays ✅
+- Öffentliche Blog-Posts, News-Sites ✅
+- LinkedIn (ohne Login) ❌ → Tier 2
+- Indeed / Glassdoor ❌ (403 Scraping-Block) → nur über E-Mail-Alerts
+
+---
+
+## Tier 2 — Chrome CDP (persistent Profile, echte Cookies)
+
+Echtes Chrome mit Profil unter `~/.claude/hub/BROWSER/profile/`. Login-Cookies für LinkedIn/Gmail/etc. bleiben über Sessions erhalten.
+
+```bash
+# Einmal starten (checkt ob schon läuft)
+~/.claude/hub/SCRIPTS/browser.sh cdp start headless   # headless — für Cron/Daemon
+~/.claude/hub/SCRIPTS/browser.sh cdp start headful    # sichtbar — wenn User zusehen soll
+
+# Navigieren
+~/.claude/hub/SCRIPTS/browser.sh cdp goto "https://www.linkedin.com/jobs/search/?keywords=IT+Director"
+
+# Screenshot
+~/.claude/hub/SCRIPTS/browser.sh cdp shot "https://www.linkedin.com/feed/" linkedin_feed.png
+
+# Tabs auflisten
+~/.claude/hub/SCRIPTS/browser.sh cdp tabs
+
+# Stoppen (meistens nicht nötig, Chrome läuft persistent)
+~/.claude/hub/SCRIPTS/browser.sh cdp stop
 ```
 
-To login:
+**Login-Setup (einmalig):** Falls LinkedIn ausgeloggt ist, Ali per Telegram fragen:
+> "Bitte einmal in Chrome (Hub-Profil) bei LinkedIn einloggen. Cookies bleiben dann dauerhaft erhalten."
+
+Starten mit `cdp start headful` und Chrome öffnet sichtbar → Ali loggt ein → ab dann bleiben Cookies im Profil.
+
+**Wie teste ich ob eingeloggt:** nach `cdp goto` die URL prüfen — wenn `/authwall` oder `/login` im Pfad steht, bist du ausgeloggt.
+
+---
+
+## Tier 3 — Claude-in-Chrome Extension (visuelle Kontrolle)
+
+Nur in interaktiven CLI-Sessions, nicht im Cron/Daemon.
+
 ```bash
-curl -s "http://127.0.0.1:3800/fill?ref=e3&value=user@example.com"
-curl -s "http://127.0.0.1:3800/fill?ref=e4&value=mypassword"
-curl -s "http://127.0.0.1:3800/click?ref=e5"
+# Check ob Extension verbunden
+~/.claude/hub/SCRIPTS/browser.sh ext check
+
+# Dann MCP-Tools über ToolSearch laden:
+#   mcp__claude-in-chrome__tabs_context_mcp
+#   mcp__claude-in-chrome__navigate
+#   mcp__claude-in-chrome__computer
 ```
 
-## Standard Workflow: Test a Web App
+**Wann nutzen:** Drag&Drop, komplexe UI, User soll live zusehen und eingreifen können.
 
-1. **Start** the browse server if not running
-2. **Navigate** to the app URL
-3. **Screenshot** → view with Read tool to see current state
-4. **Tree** → see all interactive elements
-5. **Interact** (click, fill, press) using @eN refs
-6. **Screenshot** again to verify the result
-7. **Repeat** for each test step
-8. **Report** findings to the user
-9. **Close** when done
+---
 
-## Mobile Testing
+## Eskalations-Regel (PFLICHT)
+
+```
+Öffentliche Text-Seite → Tier 0 (WebFetch/curl)
+  ↓ 403/Cloudflare/leerer HTML?
+Tier 1 (stealth) → browser.sh stealth <url>
+  ↓ Captcha/Login-Wall?
+Tier 2 (CDP) → cdp start headless/headful + cdp goto <url>
+  ↓ Cookies fehlen?
+Ali fragen: "Bitte einmal in Chrome bei X einloggen, dann kann ich weitermachen."
+```
+
+**NIEMALS aufgeben mit "Browser funktioniert nicht"** — es gibt immer einen nächsten Schritt. Lieber ehrlich melden "Tier 1 blockt mit Captcha, versuche Tier 2" als "Failed to load".
+
+## Status-Checks
 
 ```bash
-# Switch to mobile viewport
-curl -s "http://127.0.0.1:3800/viewport?device=mobile"
-curl -s "http://127.0.0.1:3800/screenshot" | jq -r '.path'
-# Switch back to desktop
-curl -s "http://127.0.0.1:3800/viewport?width=1280&height=720"
+# Übersicht aller Tiers + Health
+~/.claude/hub/SCRIPTS/browser.sh status
+
+# Ist CDP Chrome gerade auf Port 9222?
+curl -s http://127.0.0.1:9222/json/version | head -c 200
 ```
 
-## Auth / Cookie Injection
+## Screenshot-Ausgabe ansehen
+
+Screenshots werden gespeichert unter `~/.claude/hub/BROWSER/screenshots/` (relativ) oder dem absoluten Pfad, den du angibst. Read-Tool auf den Pfad zeigt dir das Bild direkt an.
+
+## Interaktive Ops (Klicken, Formular füllen)
+
+Für einfache Fälle: `cdp eval` mit JavaScript, das in der Seite ausgeführt wird:
 
-For pages that need authentication:
 ```bash
-# Set cookies manually
-curl -s 'http://127.0.0.1:3800/cookies?set=[{"name":"session","value":"abc123","domain":"example.com","path":"/"}]'
-# Then navigate to the authenticated page
-curl -s "http://127.0.0.1:3800/navigate?url=https://example.com/dashboard"
+~/.claude/hub/SCRIPTS/browser.sh cdp eval "https://example.com/login" \
+  "document.querySelector('#username').value='test'; document.querySelector('#password').value='pw'; document.querySelector('form').submit();"
 ```
 
-## Important Notes
+Für komplexere Flows (sequentielles Klicken nach DOM-Updates) → Tier 3 (Extension) nutzen.
+
+## Wichtige Notes
 
-- **Server auto-shuts down** after 5 min idle — restart if needed
-- **One page at a time** — navigation replaces the current page
-- **Screenshots** are saved to `/tmp/alvin-bot/browse/` — view with Read tool
-- **127.0.0.1 only** — not accessible from outside
-- **URL-encode** values with special chars: `value=hello%20world`
-- **Refs reset** on every navigation/click — always get fresh /tree after page changes
-- For **local dev servers**: use `http://localhost:PORT` as the URL
+- **CDP-Profil-Konflikt:** Chrome kann `~/.claude/hub/BROWSER/profile/` nicht doppelt öffnen. Wenn Ali es lokal auf hatte, Port 9222 checken und `cdp stop` + `cdp start` machen.
+- **Headless vs Headful:** Im Cron/Daemon (launchd) IMMER `headless` — sonst scheitert Chrome an fehlendem Display.
+- **Nach Seiten-Navigation** (`cdp goto`) neue Tabs legt Playwright standardmäßig an — reuseTab ist nicht exponiert. Das ist OK für einzelne Scrapes, kann aber zu Tab-Explosion führen. `cdp stop` & Neustart räumt auf.
+- **Persistenz:** Cookies, LocalStorage, IndexedDB, alles in `~/.claude/hub/BROWSER/profile/`. Komplett persistiert zwischen Bot-Restarts.