bloby-bot 0.50.1 → 0.50.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "bloby-bot",
-  "version": "0.50.1",
+  "version": "0.50.3",
   "releaseNotes": [
     "1. Something great..",
     "2. ",

package/worker/index.ts

@@ -1002,119 +1002,6 @@ app.post('/api/whisper/transcribe', express.json({ limit: '10mb' }), async (req,
   }
 });
 
-// Transcribe an audio file already on disk under workspace/files/.
-// Body: { path, saveTranscriptNext?, language? }. `path` is interpreted
-// relative to workspace/files/ ("files/" prefix is tolerated).
-app.post('/api/whisper/transcribe-file', express.json({ limit: '1mb' }), async (req, res) => {
-  const whisperEnabled = getSetting('whisper_enabled');
-  const whisperKey = getSetting('whisper_key');
-
-  if (whisperEnabled !== 'true' || !whisperKey) {
-    res.status(400).json({ error: 'Whisper not enabled or API key missing' });
-    return;
-  }
-
-  const { path: relPath, saveTranscriptNext, language } = req.body as {
-    path?: string;
-    saveTranscriptNext?: boolean;
-    language?: string;
-  };
-
-  if (!relPath || typeof relPath !== 'string') {
-    res.status(400).json({ error: 'Missing path' });
-    return;
-  }
-
-  const normalized = relPath.replace(/^\/+/, '').replace(/^files\//, '');
-  const absPath = path.resolve(paths.files, normalized);
-  if (absPath !== paths.files && !absPath.startsWith(paths.files + path.sep)) {
-    res.status(400).json({ error: 'Path escapes workspace/files/' });
-    return;
-  }
-  if (!fs.existsSync(absPath) || !fs.statSync(absPath).isFile()) {
-    res.status(404).json({ error: 'File not found' });
-    return;
-  }
-
-  try {
-    const audioBuffer = fs.readFileSync(absPath);
-    const filename = path.basename(absPath);
-    const ext = path.extname(filename).toLowerCase().slice(1);
-    const contentTypes: Record<string, string> = {
-      mp3: 'audio/mpeg',
-      m4a: 'audio/mp4',
-      mp4: 'audio/mp4',
-      wav: 'audio/wav',
-      webm: 'audio/webm',
-      ogg: 'audio/ogg',
-      opus: 'audio/ogg',
-      flac: 'audio/flac',
-    };
-    const contentType = contentTypes[ext] || 'application/octet-stream';
-
-    const boundary = '----WhisperBoundary' + Date.now();
-    const CRLF = '\r\n';
-    const parts: Buffer[] = [];
-
-    parts.push(Buffer.from(
-      `--${boundary}${CRLF}` +
-      `Content-Disposition: form-data; name="file"; filename="${filename}"${CRLF}` +
-      `Content-Type: ${contentType}${CRLF}${CRLF}`
-    ));
-    parts.push(audioBuffer);
-    parts.push(Buffer.from(CRLF));
-
-    parts.push(Buffer.from(
-      `--${boundary}${CRLF}` +
-      `Content-Disposition: form-data; name="model"${CRLF}${CRLF}` +
-      `whisper-1${CRLF}`
-    ));
-
-    if (language && typeof language === 'string') {
-      parts.push(Buffer.from(
-        `--${boundary}${CRLF}` +
-        `Content-Disposition: form-data; name="language"${CRLF}${CRLF}` +
-        `${language}${CRLF}`
-      ));
-    }
-
-    parts.push(Buffer.from(`--${boundary}--${CRLF}`));
-
-    const body = Buffer.concat(parts);
-
-    const response = await fetch('https://api.openai.com/v1/audio/transcriptions', {
-      method: 'POST',
-      headers: {
-        'Authorization': `Bearer ${whisperKey}`,
-        'Content-Type': `multipart/form-data; boundary=${boundary}`,
-      },
-      body,
-    });
-
-    if (!response.ok) {
-      const errText = await response.text();
-      log.warn(`Whisper API error: ${response.status} ${errText}`);
-      res.status(502).json({ error: 'Whisper API error', detail: errText.slice(0, 500) });
-      return;
-    }
-
-    const result = await response.json() as { text: string };
-    const transcript = result.text;
-
-    let transcriptPath: string | undefined;
-    if (saveTranscriptNext) {
-      const txtAbs = absPath + '.txt';
-      fs.writeFileSync(txtAbs, transcript, 'utf8');
-      transcriptPath = path.relative(paths.files, txtAbs).split(path.sep).join('/');
-    }
-
-    res.json({ transcript, ...(transcriptPath ? { transcriptPath } : {}) });
-  } catch (err: any) {
-    log.warn(`Whisper transcribe-file failed: ${err.message}`);
-    res.status(500).json({ error: 'Transcription failed' });
-  }
-});
-
 // Serve stored files (audio, images, documents)
 app.use('/api/files', express.static(paths.files));
 

package/workspace/skills/plaud/SKILL.md

@@ -4,30 +4,53 @@
 
 A channel for getting **recordings off the user's Plaud Note device** and into your workspace as `(audio file, transcript)` pairs you can read and act on.
 
-Plaud is a tiny voice recorder (button on the case, magnet sticks to a phone). When the user records something — a meeting, a lecture, a thought on a walk — the device syncs to Plaud's cloud over Bluetooth/Wi-Fi. **You don't talk to the device.** You talk to Plaud's cloud, pull the audio, and transcribe it yourself.
+Plaud is a tiny voice recorder. When the user records something — a meeting, a lecture, a thought on a walk — the device syncs to Plaud's cloud over Bluetooth/Wi-Fi. **You don't talk to the device.** You talk to Plaud's cloud, pull the audio, and transcribe it — either via the Bloby Marketplace service or your own provider.
 
 There is **no Plaud CLI, no Plaud webhook, no official Plaud API.** Plaud's mobile/web app uses an undocumented HTTP API. This skill uses the same one — same shape OpenPlaud uses (`https://github.com/openplaud/openplaud`).
 
-The user already pays Plaud $0 if they don't want Plaud's transcription subscription. We do transcription locally via Whisper using the OpenAI key the user added during the Bloby wizard. No new key, no new subscription.
+---
+
+## Two parts to this skill
+
+1. **Pulling audio from Plaud** — same for everyone. OTP / paste-token, list, download.
+2. **Transcribing the audio** — you have a choice (see "Transcription — pick a path" below).
 
 ---
 
-## What Bloby Gives You (already-built plumbing)
+## What Bloby Gives You (plumbing)
 
 | Thing | Where | How you use it |
 |---|---|---|
-| Whisper-on-disk endpoint | `POST http://localhost:7400/api/whisper/transcribe-file` | Send a path under `workspace/files/`, get a transcript back. Optional `saveTranscriptNext: true` writes `foo.mp3.txt` next to `foo.mp3`. |
-| Settings k/v store | `GET/POST/PUT http://localhost:7400/api/settings` | Store/retrieve the Plaud JWT, region, workspace ID, last-sync cursor. |
-| Workspace files dir | `workspace/files/audio/plaud/` | Drop downloaded audio here. The supervisor serves it at `/api/files/audio/plaud/<name>`. |
+| Workspace files dir | `workspace/files/audio/plaud/` | Drop downloaded audio here. Supervisor serves it at `/api/files/audio/plaud/<name>`. |
+| Workspace file tools | `Read` / `Write` / `Edit` | Store Plaud auth state in `workspace/.plaud.json`. Save transcripts as `<id>.mp3.txt` next to the audio. |
 | Scheduling | `workspace/CRONS.json` or `workspace/PULSE.json` | Run sync periodically. See "Cadence" below. |
+| Relay token | `~/.bloby/config.json` → `relay.token` | Use as `X-Bloby-Token` header when calling marketplace services. |
+
+### State file: `workspace/.plaud.json`
+
+You manage all Plaud connection state in a single JSON file at workspace root. Read with `Read`, write with `Write`. Shape:
+
+```json
+{
+  "email": "bruno@example.com",
+  "apiBase": "https://api.plaud.ai",
+  "userToken": "eyJ...",
+  "workspaceId": "ws_xxxxx",
+  "workspaceToken": "eyJ...",
+  "workspaceTokenMintedAt": "2026-05-22T19:30:00.000Z",
+  "authMethod": "otp",
+  "lastSyncVersionMs": 0,
+  "transcriptionMode": "marketplace"
+}
+```
 
-Use `http://localhost:7400` from Bash. Auth is the same Bearer token you already have in your session for the worker; for skill-internal calls running inside the supervisor's own bloby session, `/api/settings` and `/api/whisper/transcribe-file` work the same way `/api/whisper/transcribe` does.
+`transcriptionMode` is your record of which transcription path the human picked. One of: `"marketplace"`, `"groq"`, `"openai"`, `"mistral"`, `"local"`, or whatever they configured. Initialize empty (`{}`) if the file doesn't exist.
 
 ---
 
 ## Plaud's API in 60 seconds
 
-Three regions. Pick one when pairing. Token from one region won't work on another.
+Three regions. Pick one when pairing. A token from one region won't work on another.
 
 | Region | Base URL |
 |---|---|
@@ -35,9 +58,14 @@ Three regions. Pick one when pairing. Token from one region won't work on anothe
 | EU | `https://api-euc1.plaud.ai` |
 | Asia-Pacific | `https://api-apse1.plaud.ai` |
 
-If the user doesn't know their region, start with Global. If `POST /auth/otp-send-code` returns `status: -302` with `data.domains.api`, redirect to that base instead — the user's account lives in a different region. Save whichever base actually succeeded.
+If `POST /auth/otp-send-code` returns `status: -302` with `data.domains.api`, retry against that base. Save whichever base actually succeeded.
+
+**Two token kinds — the part that bites everyone:**
+
+- **User Token (UT)** — what `/auth/otp-login` returns. Authenticates `/user/me`, workspace-list, workspace-token mint. **Does NOT authenticate recording endpoints.** Calling `/file/simple/web` or `/device/list` with a UT silently returns HTTP 200 + empty list.
+- **Workspace Token (WT)** — minted from the UT. Required on recording endpoints. ~24h lifetime. Re-mint when expired.
 
-**User-Agent matters.** Plaud blocks some defaults. Always send a normal browser UA. Example:
+**User-Agent matters.** Plaud blocks some defaults. Always send:
 
 ```
 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
@@ -47,18 +75,17 @@ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
 
 ## Pairing (first time)
 
-Walk the human through it conversationally. They don't see any UI for this — just chat with you.
-
-### Step 1 — Ask for their Plaud email
+### Step 1 — Ask for their Plaud email AND how they signed up
 
 ```
-Bloby: Which email do you use on plaud.ai? I'll have them send you a 6-digit code.
-Human: bruno@example.com
+Bloby: Which email do you use on plaud.ai? And did you sign up with email+password, or "Continue with Google" / "Continue with Apple"?
 ```
 
-If the human mentions they signed up with **Google or Apple**, jump to the "Paste-token fallback" section instead. OTP only works for accounts that were created with an email+password identity on Plaud's side.
+**If they signed up with Google or Apple**, skip OTP entirely and go to "Paste-token fallback". Don't try OTP first — Plaud will silently create a parallel empty account at the same email, you'll mint a WT successfully, and recording endpoints will return empty. The symptom looks like "auth worked but no recordings" but it's two different identities at the same email.
+
+If unsure, run OTP and lean on the Step 8 ghost-account check below.
 
-### Step 2 — Send the OTP
+### Step 2 — Send OTP
 
 ```bash
 curl -s -X POST 'https://api.plaud.ai/auth/otp-send-code' \
@@ -67,12 +94,12 @@ curl -s -X POST 'https://api.plaud.ai/auth/otp-send-code' \
   -d '{"username":"<EMAIL>"}'
 ```
 
-Expected `status: 0` and a `token` field. **Save the `token`** — you need it for verify. If you see `status: -302`, switch `apiBase` to `data.domains.api` and retry once.
+Expected `status: 0` and a `token` field. Save the `token` for Step 4.
 
 ### Step 3 — Ask for the code
 
 ```
-Bloby: Check your inbox — Plaud sent you a 6-digit code. What is it?
+Bloby: Check your inbox — Plaud sent a 6-digit code. What is it?
 ```
 
 ### Step 4 — Verify
@@ -84,242 +111,320 @@ curl -s -X POST '<apiBase>/auth/otp-login' \
   -d '{"code":"<6 DIGITS>","token":"<OTP TOKEN FROM STEP 2>"}'
 ```
 
-Expected `access_token` (a long `eyJ...` JWT). **This is the long-lived token. Store it.**
+Save `access_token` as `userToken` in `.plaud.json`.
+
+> ⚠️ `is_new_user: true` in the response is just an informational flag — it does NOT mean Plaud created a new account. Real account check happens in Step 8.
 
-### Step 5 — Store the connection
+### Step 5 — Initial state
+
+Write to `workspace/.plaud.json`:
+
+```json
+{
+  "email": "<EMAIL>",
+  "apiBase": "<BASE>",
+  "userToken": "<UT>",
+  "authMethod": "otp"
+}
+```
+
+### Step 6 — Smoke test the UT
 
 ```bash
-# Each setting saved separately. Replace <TOKEN> and <BASE>.
-curl -s -X POST 'http://localhost:7400/api/settings' \
-  -H 'Content-Type: application/json' \
-  -d '{"key":"plaud_token","value":"<JWT>"}'
-curl -s -X POST 'http://localhost:7400/api/settings' \
-  -H 'Content-Type: application/json' \
-  -d '{"key":"plaud_api_base","value":"<BASE>"}'
-curl -s -X POST 'http://localhost:7400/api/settings' \
+curl -s '<BASE>/user/me' \
+  -H 'Authorization: Bearer <UT>' \
+  -H 'User-Agent: Mozilla/5.0 ...'
+```
+
+Should return the user's profile. If 401, UT is bad — restart.
+
+### Step 7 — Mint the Workspace Token (REQUIRED)
+
+**7a. List workspaces** (auth: UT):
+
+```bash
+curl -s '<BASE>/team-app/workspaces/list?need_personal_workspace=true' \
+  -H 'Authorization: Bearer <UT>' \
+  -H 'User-Agent: Mozilla/5.0 ...'
+```
+
+Pick the personal workspace (`workspace_type === "0"`, or first if none). Save its `workspace_id` as `workspaceId`.
+
+**7b. Mint a WT** (auth: UT, body literally `{}`):
+
+```bash
+curl -s -X POST '<BASE>/user-app/auth/workspace/token/<WORKSPACE_ID>' \
+  -H 'Authorization: Bearer <UT>' \
   -H 'Content-Type: application/json' \
-  -d '{"key":"plaud_email","value":"<EMAIL>"}'
+  -H 'User-Agent: Mozilla/5.0 ...' \
+  -d '{}'
 ```
 
-You can also save `plaud_workspace_id` once you discover it (see "Workspaces" below).
+Save `workspace_token` as `workspaceToken` and `workspaceTokenMintedAt: <now ISO 8601>` in `.plaud.json`.
 
-### Step 6 — Smoke test
+### Step 8 — Real smoke test + ghost-account check
 
 ```bash
 curl -s '<BASE>/device/list' \
-  -H 'Authorization: Bearer <JWT>' \
+  -H 'Authorization: Bearer <WT>' \
+  -H 'User-Agent: Mozilla/5.0 ...'
+
+curl -s '<BASE>/file/simple/web?skip=0&limit=10&is_trash=0' \
+  -H 'Authorization: Bearer <WT>' \
   -H 'User-Agent: Mozilla/5.0 ...'
 ```
 
-Should return a JSON object listing the user's Plaud devices (each has a `serial_number`). If you get `401`, the OTP didn't grant a usable token — start over. If `200`, tell the human: *"Paired. Your Plaud (serial ending ...XXXX) is connected. Want me to pull in everything you've recorded so far?"*
+| `data_devices` | `data_file_list` | Meaning | Action |
+|---|---|---|---|
+| has entries | has entries | Real account paired | Continue to "Transcription — pick a path" |
+| empty | has entries | Devices haven't checked in lately | Treat as success |
+| **empty** | **empty** | **Google/Apple ghost-account case** | **Stop.** Tell the human, switch to paste-token (next section) |
+
+### Ghost-account recovery
+
+If empty/empty:
+
+1. Tell the human plainly:
+   > *"OTP succeeded, but you have zero recordings on this Plaud account. Most likely your real Plaud account is signed in with Google or Apple, and the OTP I just ran created a separate empty account at the same email. Can you grab a token from web.plaud.ai DevTools so I can talk to the real account?"*
+2. Walk them through paste-token (next section).
+3. Once paste-token works and you see recordings, overwrite `userToken` and set `"authMethod": "paste"` in `.plaud.json` so next sync skips OTP.
 
 ---
 
 ## Paste-token fallback (Google/Apple Plaud accounts)
 
-If OTP just won't work and the human signed up with Google or Apple, get the bearer manually:
-
-1. Open [web.plaud.ai](https://web.plaud.ai) in a browser and sign in with Google/Apple normally.
-2. Open DevTools (F12 or Cmd+Option+I) → Network tab → refresh.
+1. Open [web.plaud.ai](https://web.plaud.ai), sign in with Google/Apple normally.
+2. DevTools (F12 or Cmd+Option+I) → Network tab → refresh.
 3. Click any request to `api.plaud.ai`, `api-euc1.plaud.ai`, or `api-apse1.plaud.ai`.
-4. Under **Request Headers**, find `Authorization`. Copy everything after `Bearer ` (the long `eyJ...`).
-5. Tell the bloby in chat. The bloby saves it via the same `plaud_token` setting key, plus the matching `plaud_api_base`.
-
-JWTs from this path expire too. The skill behaviour on 401 is the same (see "Re-auth" below).
+4. Request Headers → `Authorization` → copy everything after `Bearer ` (long `eyJ...`).
+5. Human pastes to you. Save as `userToken`, set `apiBase` to whichever host they pulled it from, `"authMethod": "paste"`.
+6. **Still run Step 7** — paste-token gives a UT, WT must still be minted.
 
 ---
 
 ## Syncing recordings
 
-The shape of a sync run:
-
 ```
-GET /file/simple/web      → list recent recordings (paginated)
+GET /file/simple/web      → list   [auth: WT]
 for each new one:
-  GET /file/temp-url/<id>?is_opus=0   → get a short-lived S3 link (request the mp3, not opus)
-  curl -o workspace/files/audio/plaud/<id>.mp3  → download
-  POST /api/whisper/transcribe-file  → produces <id>.mp3.txt alongside
+  GET /file/temp-url/<id>?is_opus=0   → signed mp3 URL   [auth: WT]
+  curl -o workspace/files/audio/plaud/<id>.mp3  → download (signed URL, no auth)
+  <transcription path>                          → produces <id>.mp3.txt
 ```
 
-### List recordings
+### Pre-sync: check WT freshness
+
+Read `.plaud.json`. If `workspaceToken` is missing or `workspaceTokenMintedAt` is more than ~20 hours old, re-mint (Step 7b) before starting.
+
+### List recordings (auth: WT)
 
 ```bash
 curl -s '<BASE>/file/simple/web?skip=0&limit=50&is_trash=0&sort_by=edit_time&is_desc=true' \
-  -H 'Authorization: Bearer <JWT>' \
+  -H 'Authorization: Bearer <WT>' \
   -H 'User-Agent: Mozilla/5.0 ...'
 ```
 
-The response has `data_file_list` — an array of recording objects. Fields you'll care about:
-
-| Field | Use |
-|---|---|
-| `id` | Plaud's file id. Use as the local filename. |
-| `filename` | Human label the user gave it (or auto-generated). Sanitise before using as a filename. |
-| `duration` | Seconds. |
-| `start_time` / `end_time` | When the recording happened. |
-| `version_ms` | Bumps if the user edits the recording. Track this to know when to re-download. |
-| `serial_number` | Which Plaud device. |
-| `is_trash` | Skip if 1. |
-
-Page with `skip=` (the API also accepts a huge `limit`, but page through 50-at-a-time politely).
+`data_file_list` fields you'll care about: `id`, `filename`, `duration`, `start_time`, `end_time`, `version_ms`, `serial_number`, `is_trash`. Page with `skip=`.
 
 ### Dedup
 
-You don't want to re-download what you already have. Two ways, pick one:
+Either filesystem (skip if `workspace/files/audio/plaud/<id>.mp3` exists) or `lastSyncVersionMs` cursor in `.plaud.json`. If `version_ms` changed on a recording you already downloaded, the user edited the file — re-fetch and overwrite.
 
-- **Filesystem**: if `workspace/files/audio/plaud/<id>.mp3` exists, skip it.
-- **Cursor**: save the newest `version_ms` you've seen as `plaud_last_sync` setting. On next sync, skip anything `<=` that cursor. Faster — no `ls` needed.
-
-If `version_ms` changed on a recording you already downloaded, the user edited the filename or trimmed it. Re-fetch and overwrite.
-
-### Get the download URL
+### Get the download URL (auth: WT)
 
 ```bash
 curl -s '<BASE>/file/temp-url/<FILE_ID>?is_opus=0' \
-  -H 'Authorization: Bearer <JWT>' \
+  -H 'Authorization: Bearer <WT>' \
   -H 'User-Agent: Mozilla/5.0 ...'
 ```
 
-`is_opus=0` returns the mp3 variant (`temp_url`). `is_opus=1` returns opus in `temp_url_opus`. **Use mp3** — Whisper handles it cleanly, opus needs ffmpeg.
-
-Response: `{ "temp_url": "https://<s3...>" }`. The URL expires in a few minutes. Download immediately.
+`is_opus=0` returns mp3 in `temp_url`. Use mp3 — Whisper handles it everywhere.
 
-### Download
+### Download (no auth — signed URL)
 
 ```bash
 mkdir -p workspace/files/audio/plaud
 curl -s -o "workspace/files/audio/plaud/<FILE_ID>.mp3" '<TEMP URL>'
 ```
 
-### Transcribe
+---
+
+## Transcription — pick a path
+
+Once the audio is on disk, you need text. **Ask the human once** which path they want, then save it as `transcriptionMode` in `.plaud.json` so you don't re-ask every sync.
+
+### Path A — Bloby Marketplace `audio-to-text` (easiest, pay-per-minute)
+
+If the bloby is registered with the relay (Quick Tunnel mode → there's a token at `~/.bloby/config.json → relay.token`), just POST the file. No API key to manage, no provider account.
 
 ```bash
-curl -s -X POST 'http://localhost:7400/api/whisper/transcribe-file' \
-  -H 'Content-Type: application/json' \
-  -d '{"path":"audio/plaud/<FILE_ID>.mp3","saveTranscriptNext":true}'
+TOKEN=$(jq -r '.relay.token' ~/.bloby/config.json)
+
+curl -s -X POST 'https://api.bloby.bot/api/services/audio-to-text/use' \
+  -H "X-Bloby-Token: $TOKEN" \
+  -F "file=@workspace/files/audio/plaud/<FILE_ID>.mp3" \
+  -F "language=en"     # optional
 ```
 
-Returns `{ "transcript": "...", "transcriptPath": "audio/plaud/<FILE_ID>.mp3.txt" }`. The `.txt` file is now sitting next to the audio. You can read it with `Read` like any other file.
+Returns JSON:
 
-The user's `whisper_key` from the wizard is what powers this — you don't need to know or handle the OpenAI key.
+```json
+{
+  "transcript": "...",
+  "language": "en",
+  "estimatedMinutes": 5,
+  "priceUsd": 0.0185,
+  "paidVia": "balance",
+  "groqDurationSec": 275.4,
+  "model": "whisper-large-v3-turbo"
+}
+```
+
+- **Pricing:** $0.0037 per estimated minute, rounded up (~$0.22/hr).
+- **How duration is estimated:** file size ÷ assumed 32kbps bitrate. Plaud-sourced mp3 matches this assumption well. High-bitrate files from other sources would be over-charged proportionally — for those, switch to Path B.
+- **Paid from:** account balance first; falls back to MPP (Tempo USDC) or Base (use `/use-base` instead). Make sure the bloby's account has funds OR its wallet is funded on the matching network.
+- **Limits:** 25MB per file. Mp3 from Plaud comfortably fits — observed 1MB ≈ 4½min.
 
-If transcription fails (e.g. file >25MB, Whisper API's own hard limit), leave the audio in place and skip the `.txt`. The human can ask you to split/compress later.
+Write the response's `transcript` to `workspace/files/audio/plaud/<FILE_ID>.mp3.txt`.
 
-### Pretty filenames (optional)
+### Path B — Bring your own API key (DIY)
 
-Tell the human you can keep the raw `<FILE_ID>.mp3` filenames, OR you can also rename to something human-readable. If they want pretty names:
+Pick a provider, ask the human for their key, store it as a workspace secret (`workspace/.env` is fine — the backend reloads on .env change). Then call directly from Bash.
 
+**Groq Whisper** — cheapest, fastest. Same model the marketplace uses under the hood. Free tier exists.
 ```bash
-# After successful transcribe, also write a symlink or copy with a nicer name:
-NICE="$(date -d "<start_time>" +%Y-%m-%d_%H%M)_<sanitised filename>"
-ln -s "<FILE_ID>.mp3" "workspace/files/audio/plaud/${NICE}.mp3"
-ln -s "<FILE_ID>.mp3.txt" "workspace/files/audio/plaud/${NICE}.txt"
+curl -s -X POST 'https://api.groq.com/openai/v1/audio/transcriptions' \
+  -H "Authorization: Bearer $GROQ_API_KEY" \
+  -F "file=@workspace/files/audio/plaud/<FILE_ID>.mp3" \
+  -F "model=whisper-large-v3-turbo" \
+  -F "response_format=json"
 ```
 
-(Sanitise `filename` by stripping `/\\:*?"<>|`.)
+**OpenAI Whisper** — the human may already have an OpenAI key from the Bloby wizard. Read it from the settings table directly:
+```bash
+WHISPER_KEY=$(sqlite3 ~/.bloby/memory.db "SELECT value FROM settings WHERE key='whisper_key';")
+curl -s -X POST 'https://api.openai.com/v1/audio/transcriptions' \
+  -H "Authorization: Bearer $WHISPER_KEY" \
+  -F "file=@workspace/files/audio/plaud/<FILE_ID>.mp3" \
+  -F "model=whisper-1"
+```
 
-Don't rename the originals — keep `<id>.mp3` as the canonical name so dedup keeps working.
+**Mistral Voxtral**:
+```bash
+curl -s -X POST 'https://api.mistral.ai/v1/audio/transcriptions' \
+  -H "Authorization: Bearer $MISTRAL_API_KEY" \
+  -F "file=@workspace/files/audio/plaud/<FILE_ID>.mp3" \
+  -F "model=voxtral-mini-latest"
+```
+
+**Local — no API, no cost, fully private:**
+- [whisper.cpp](https://github.com/ggerganov/whisper.cpp) — C++ binary, CPU or Metal/CUDA. Install once, transcribe forever.
+- [faster-whisper](https://github.com/SYSTRAN/faster-whisper) — Python, ~4× faster than reference whisper.
+- The human installs one of these themselves. The bloby invokes the CLI from Bash.
+
+After whichever path, extract the `text` field and write it to `workspace/files/audio/plaud/<FILE_ID>.mp3.txt`.
+
+### Choosing for the human
+
+If they don't have a preference, recommend **Path A (Marketplace)**:
+- No key setup.
+- Already integrated with the bloby's payment.
+- Pay-as-you-go — no monthly minimum.
+- If their account has any balance from other marketplace use, it just works.
+
+Recommend **Path B** if:
+- They're transcribing a lot and want to use a free tier or flat-rate plan.
+- They want 100% local for privacy reasons.
+- They already have a preferred provider.
 
 ---
 
 ## Cadence — CRON or PULSE?
 
-**There is no automatic cron set up by this skill.** You and your human decide together. Two reasonable patterns:
+**No automatic schedule installed by this skill.** The human picks.
 
 ### Pattern A — CRON every N minutes
 
-When the human wants near-real-time freshness ("any time I record something, you should know about it within 15 minutes"), add an entry to `workspace/CRONS.json`:
+Add to `workspace/CRONS.json`:
 
 ```json
 {
   "id": "plaud-sync",
   "schedule": "*/15 * * * *",
-  "task": "Run a Plaud sync: list new recordings, download any new ones into workspace/files/audio/plaud/, and transcribe them via /api/whisper/transcribe-file. After, summarise to the human in chat IF there were new recordings — otherwise stay silent.",
+  "task": "Run a Plaud sync per the plaud skill: refresh WT if needed, list new recordings, download into workspace/files/audio/plaud/, and transcribe via the configured transcriptionMode in .plaud.json. If new recordings were found, summarise to the human in chat. If nothing new, stay silent.",
   "enabled": true,
   "oneShot": false
 }
 ```
 
-Tune `*/15` to taste. `*/5` for aggressive, `0 * * * *` (top of every hour) for quiet.
-
 ### Pattern B — PULSE memo
 
-When the human prefers their bloby just *check* during normal pulse wake-ups, add one line to your `MYSELF.md` or `MEMORY.md`:
+Add one line to `MYSELF.md` or `MEMORY.md`:
 
 ```
-- Each pulse, briefly check Plaud for new recordings via the plaud skill. If there's something new, transcribe and decide whether to surface it. If nothing new, move on silently.
+- Each pulse, briefly check Plaud for new recordings via the plaud skill. Transcribe with whatever transcriptionMode is set in workspace/.plaud.json. If new, decide whether to surface. If nothing new, move on silently.
 ```
 
-Pulse runs every 30 min by default. No CRON entry needed. Less aggressive than Pattern A, fits naturally with whatever else you're doing at pulse time.
-
-### Or: don't auto-sync at all
+### Or: manual only
 
-Some humans only want manual control: *"Bloby, pull anything new from Plaud."* That's also fine — just keep the skill installed, no CRON, no pulse memo, you sync when asked.
+No CRON, no pulse memo. Sync when asked.
 
-**Always check with the human first.** Default to Pattern B for new installs unless they tell you otherwise.
+**Default to Pattern B for new installs** unless the human says otherwise.
 
 ---
 
 ## Re-auth (401 handling)
 
-When any Plaud call returns 401:
+| Endpoint that 401'd | What expired | Fix |
+|---|---|---|
+| `/file/simple/web`, `/file/temp-url/*`, `/device/list` (WT) | Workspace token | Re-mint a WT from cached UT (Step 7b). Silent — don't bother the human. |
+| `/user-app/auth/workspace/token/...`, `/team-app/workspaces/list`, `/user/me` (UT) | User token | Tell the human. If `authMethod === "otp"`, re-OTP. If `"paste"`, walk them through DevTools again. |
+| `POST /api/services/audio-to-text/use` (relay) | Marketplace account empty / wallet unfunded | Tell the human. Suggest topping up or switching to Path B. |
 
-1. Tell the human in chat: *"Your Plaud connection expired. Want me to re-pair?"* Don't silently fail.
-2. If they say yes, re-run the OTP flow from Step 1. Overwrite the `plaud_token` setting.
-3. If they signed up with Google/Apple originally, prompt for the paste-token fallback instead.
-4. Don't keep retrying with the dead token — pause the sync until re-paired.
+If you can't tell which token expired, assume UT is dead → re-auth.
 
 ---
 
 ## Disconnect
 
 ```bash
-curl -s -X POST 'http://localhost:7400/api/settings' \
-  -H 'Content-Type: application/json' \
-  -d '{"key":"plaud_token","value":""}'
-curl -s -X POST 'http://localhost:7400/api/settings' \
-  -H 'Content-Type: application/json' \
-  -d '{"key":"plaud_api_base","value":""}'
+rm -f workspace/.plaud.json
 ```
 
-Recordings already on disk stay. The user can also disable the CRON entry (or remove it from `CRONS.json`).
+Recordings on disk stay. Disable the CRON entry / remove from `CRONS.json` separately.
 
 ---
 
-## Workspaces (advanced)
-
-Plaud's "workspace" is their multi-account team feature. Personal accounts don't usually need to worry about this — the API responds correctly without a workspace token. If a human ever reports recordings missing that they can see in the Plaud app, it's likely a workspace-scoped recording.
+## Quick Reference
 
-To resolve a workspace token: there's an undocumented `/workspace/...` endpoint that mints a workspace-scoped token. OpenPlaud's `src/lib/plaud/workspace.ts` is the reference if you ever need it. Don't bother unless the human hits this case.
+| Action | curl | Auth |
+|---|---|---|
+| Send OTP | `POST <base>/auth/otp-send-code` body `{username}` | none |
+| Verify OTP → UT | `POST <base>/auth/otp-login` body `{code, token}` | none |
+| Profile | `GET <base>/user/me` | UT |
+| List workspaces | `GET <base>/team-app/workspaces/list?need_personal_workspace=true` | UT |
+| Mint WT | `POST <base>/user-app/auth/workspace/token/<workspaceId>` body `{}` | UT |
+| List devices | `GET <base>/device/list` | **WT** |
+| List recordings | `GET <base>/file/simple/web?skip=0&limit=50&is_trash=0&sort_by=edit_time&is_desc=true` | **WT** |
+| Download URL | `GET <base>/file/temp-url/<id>?is_opus=0` | **WT** |
+| Download audio | `GET <temp_url>` | none (signed) |
+| Transcribe (marketplace) | `POST https://api.bloby.bot/api/services/audio-to-text/use` multipart `file=@...` | `X-Bloby-Token: $relay_token` |
+| Transcribe (Groq) | `POST https://api.groq.com/openai/v1/audio/transcriptions` multipart | Bearer GROQ_API_KEY |
+| Transcribe (OpenAI) | `POST https://api.openai.com/v1/audio/transcriptions` multipart | Bearer OPENAI_API_KEY |
+
+State file: `workspace/.plaud.json`. Plaud requests need a browser-style `User-Agent`.
 
 ---
 
 ## What This Skill Does NOT Do
 
-- **No Plaud transcription.** We transcribe ourselves with Whisper. Plaud's own AI subscription is bypassed entirely.
-- **No dashboard.** OpenPlaud has a slick UI for browsing recordings. We don't. The bloby's job is to *read* the transcripts and act on them — summaries, action items, emails — using the normal workspace tools. If the human wants a UI, build one into `workspace/client/` as a normal workspace app.
-- **No push from Plaud.** No webhooks exist. You only know about new recordings when you ask.
-- **No editing recordings.** The Plaud API technically supports `PATCH /file/<id>` to rename. We don't expose it here — keep canonical `<id>.mp3` names.
-- **No real-time streaming.** Plaud syncs to its cloud *after* the recording finishes. Expect a lag of seconds-to-minutes between "user stopped recording" and "file appears in `/file/simple/web`."
-
----
-
-## Quick Reference
-
-| Action | curl |
-|---|---|
-| Send OTP | `POST <base>/auth/otp-send-code` body `{username}` |
-| Verify OTP | `POST <base>/auth/otp-login` body `{code, token}` |
-| List devices | `GET <base>/device/list` |
-| List recordings | `GET <base>/file/simple/web?skip=0&limit=50&is_trash=0&sort_by=edit_time&is_desc=true` |
-| Get download URL | `GET <base>/file/temp-url/<id>?is_opus=0` |
-| Transcribe local file | `POST http://localhost:7400/api/whisper/transcribe-file` body `{path, saveTranscriptNext}` |
-| Save setting | `POST http://localhost:7400/api/settings` body `{key, value}` |
-
-All Plaud requests need `Authorization: Bearer <JWT>` + a browser-style `User-Agent`.
+- **No automatic schedule.** The human + bloby pick CRON vs PULSE vs manual.
+- **No dashboard.** OpenPlaud has a UI; we don't. The bloby's job is to *read* transcripts and act on them via normal workspace tools. If the human wants a UI, build one into `workspace/client/`.
+- **No push from Plaud.** No webhooks exist; you only know about new recordings when you ask.
+- **No real-time streaming.** Plaud syncs *after* the recording finishes. Lag is seconds-to-minutes between "user stopped recording" and "file appears in `/file/simple/web`."
 
 ---
 
 ## Credit
 
-Plaud API shape is the same one [OpenPlaud](https://github.com/openplaud/openplaud) uses — they did the reverse-engineering work. This skill reimplements just the parts a bloby needs.
+Plaud API shape is the same one [OpenPlaud](https://github.com/openplaud/openplaud) uses — they did the reverse-engineering work, including the painful workspace-token discovery (their issue #66) and the Google/Apple identity gotcha (issue #65). This skill reimplements just the parts a bloby needs, and routes transcription either through Bloby's marketplace or a provider of the human's choice.

package/workspace/skills/plaud/skill.json

@@ -5,11 +5,11 @@
   "bloby_human": "Bruno Bertapeli",
   "bloby": "bloby-bruno",
   "author": "newbot-official",
-  "description": "Plaud Note integration. Pairs the user's Plaud account via email OTP, polls Plaud's cloud for new recordings, downloads the audio into workspace/files/audio/plaud/, and transcribes it via the user's Whisper key. Cadence (CRON vs PULSE memo) is chosen by the human and their bloby together.",
+  "description": "Plaud Note integration. Pairs the user's Plaud account (email OTP or paste-token for Google/Apple identities), pulls recordings into workspace/files/audio/plaud/, and routes transcription through either the Bloby Marketplace audio-to-text service (pay-per-minute) or the human's own provider (Groq / OpenAI Whisper / Mistral Voxtral / local).",
   "depends": [],
   "env_keys": [],
   "has_telemetry": false,
-  "size": "8KB",
+  "size": "12KB",
   "contains_binaries": false,
-  "tags": ["plaud", "transcription", "audio", "recorder", "meeting"]
+  "tags": ["plaud", "transcription", "audio", "recorder", "meeting", "groq", "whisper"]
 }