clawmoney 0.17.46 → 0.17.47

package/dist/commands/relay.js

@@ -11,7 +11,7 @@ const LOG_FILE = join(homedir(), ".clawmoney", "relay.log");
 export async function relayRegisterCommand(options) {
     const config = requireConfig();
     // Validate CLI type
-    const validClis = ["claude", "codex", "gemini", "antigravity"];
+    const validClis = ["claude", "codex", "gemini", "antigravity", "chatgpt-web"];
     if (!validClis.includes(options.cli)) {
         console.error(chalk.red(`Invalid CLI type "${options.cli}". Must be one of: ${validClis.join(", ")}`));
         process.exit(1);
@@ -36,14 +36,16 @@ export async function relayRegisterCommand(options) {
         }
     }
     else {
-        const spinner = ora(`Checking if ${options.cli} is installed...`).start();
+        // chatgpt-web drives the browser via opencli — there's no "chatgpt-web" binary.
+        const probeBin = options.cli === "chatgpt-web" ? "opencli" : options.cli;
+        const spinner = ora(`Checking if ${probeBin} is installed...`).start();
         try {
-            execSync(`which ${options.cli}`, { stdio: "pipe" });
-            spinner.succeed(`${options.cli} is available`);
+            execSync(`which ${probeBin}`, { stdio: "pipe" });
+            spinner.succeed(`${probeBin} is available`);
         }
         catch {
-            spinner.fail(chalk.red(`${options.cli} is not installed or not in PATH`));
-            console.log(chalk.dim(`  Make sure ${options.cli} CLI is installed and accessible.`));
+            spinner.fail(chalk.red(`${probeBin} is not installed or not in PATH`));
+            console.log(chalk.dim(`  Make sure ${probeBin} CLI is installed and accessible.`));
             process.exit(1);
         }
     }

package/dist/relay/pricing.js

@@ -32,6 +32,13 @@ export const API_PRICES = {
     // 5 / 5.1 / 5.2-codex families were fully removed that day. Anything
     // below this comment that's deprecated was removed from the CLI-side
     // pricing table so `modelsForCli("codex")` no longer offers them.
+    //
+    // gpt-5.5 — current Codex CLI default (config.toml `model = "gpt-5.5"`)
+    // after the mid-2026 bump. Upgraded ChatGPT accounts now 404 the older
+    // 5.4/5.3-codex/5.2 ids with "not supported when using Codex with a
+    // ChatGPT account", so gpt-5.5 must be offered. Priced at the 5.4 tier
+    // pending an official LiteLLM entry.
+    "gpt-5.5": { input: 2.50, output: 15 },
     "gpt-5.4": { input: 2.50, output: 15 },
     "gpt-5.4-mini": { input: 0.75, output: 4.50 },
     "gpt-5.3-codex": { input: 1.75, output: 14 },

package/dist/relay/provider.js

@@ -6,6 +6,7 @@ import { RelayWsClient } from "./ws-client.js";
 import { callClaudeApi, callClaudeApiPassthrough, preflightClaudeApi, getRateGuardSnapshot as getClaudeRateGuardSnapshot, } from "./upstream/claude-api.js";
 import { callCodexApi, callCodexApiPassthrough, preflightCodexApi, getRateGuardSnapshot as getCodexRateGuardSnapshot, } from "./upstream/codex-api.js";
 import { callGeminiApi, preflightGeminiApi, getGeminiRateGuardSnapshot, } from "./upstream/gemini-api.js";
+import { callChatGPTWeb } from "./upstream/chatgpt-web.js";
 import { callAntigravityApi, preflightAntigravityApi, getAntigravityRateGuardSnapshot, } from "./upstream/antigravity-api.js";
 import { callMinimaxApi, preflightMinimaxApi, getMinimaxRateGuardSnapshot, } from "./upstream/minimax-api.js";
 import { callKimiCodingApi, preflightKimiCodingApi, getKimiCodingRateGuardSnapshot, } from "./upstream/kimi-coding-api.js";
@@ -221,6 +222,11 @@ function messagesToPrompt(messages) {
 const AUTH_ERROR_THRESHOLD = 3;
 const consecutiveAuthErrorsByCli = new Map();
 const cliAuthDisabled = new Set();
+// chatgpt-web: buyer sessions we've already opened a ChatGPT tab for. First
+// turn opens a temporary chat; later turns continue in the same tab so context
+// accumulates. Keyed by cli_session_id (falls back to request_id for stateless
+// single-shots, which just get a fresh temporary chat each time).
+const chatgptWebSessions = new Set();
 const AUTH_BROKEN_PATTERNS = [
     // Anthropic 403: OAuth authentication is currently not allowed for
     // this organization. The new prod signal from 2026-04-15 incident.
@@ -313,11 +319,15 @@ async function executeRelayRequest(request, config, sendChunk) {
         // antigravity → daily-cloudcode-pa). Each handler has its own
         // fingerprint file and rate-guard instance.
         if (cliType === "codex") {
-            // Same two-mode pattern as claude: passthrough when the Hub forwards
-            // a real Responses API body (used by /v1/responses endpoint for
-            // Codex CLI drop-in replacement), template mode otherwise (used by
-            // the OpenAI-compat /v1/chat/completions classic endpoint).
-            if (request.passthrough_body) {
+            // Passthrough ONLY when the Hub forwarded a real Responses API body —
+            // i.e. it carries an `input` array (the /v1/responses drop-in path).
+            // The OpenAI-compat /v1/chat/completions path forwards a body with
+            // `messages` (no `input`), so fall through to template mode, which
+            // builds a Responses request from the flattened `prompt`. Without this
+            // guard, chat/completions hit passthrough and 400'd with
+            // "Passthrough body missing `input` array".
+            const pb = request.passthrough_body;
+            if (pb && Array.isArray(pb.input) && pb.input.length > 0) {
                 parsed = await callCodexApiPassthrough({
                     clientBody: request.passthrough_body,
                     model,
@@ -340,6 +350,26 @@ async function executeRelayRequest(request, config, sendChunk) {
                 maxTokens: max_budget_usd ? undefined : 8192,
             });
         }
+        else if (cliType === "chatgpt-web") {
+            // Web send/read path — drive chatgpt.com via opencli (temporary chat)
+            // instead of the reverse-proxy API. Real-browser route, un-bannable.
+            // Per-buyer tab keyed by cli_session_id: first turn opens a temporary
+            // chat, later turns continue in the same tab so context accumulates.
+            const webKey = cliSessionId || request_id;
+            const seenBefore = chatgptWebSessions.has(webKey);
+            chatgptWebSessions.add(webKey);
+            // Image turn when the buyer asks for an image model (gpt-image-*) — that
+            // forces a regular chat + image grab. Text models stay on temporary chat.
+            const wantsImage = /image/i.test(model);
+            parsed = await callChatGPTWeb({
+                prompt,
+                model,
+                timeout: wantsImage ? 200 : 120,
+                sessionKey: webKey,
+                continueChat: seenBefore,
+                imageOut: wantsImage,
+            });
+        }
         else if (cliType === "antigravity") {
             parsed = await callAntigravityApi({
                 prompt,

package/dist/relay/upstream/chatgpt-web.d.ts

@@ -0,0 +1,51 @@
+/**
+ * chatgpt-web upstream — serve a relay request by driving the ChatGPT *website*
+ * (not the reverse-proxy API). Sends the prompt into a ChatGPT temporary chat
+ * via opencli's CDP browser automation, waits for the reply, reads it back.
+ *
+ * Why this exists alongside the codex reverse-proxy path:
+ *  - It's a real person typing in chatgpt.com → OpenAI can't tell it apart from
+ *    normal use → effectively un-bannable (the reverse-proxy路径 mimics the
+ *    Codex CLI fingerprint, which is safe but not bullet-proof at scale).
+ *  - Temporary chat → no history pollution, clean per-session isolation, not
+ *    used for training.
+ *  - Trade-off: slower (seconds, UI render) and not token-streamed. Fine for
+ *    conversation; the buyer still gets a standard reply.
+ *
+ * Requires the provider machine to have `@jackwener/opencli` installed (with the
+ * `chatgpt ask --temporary` support) and a logged-in ChatGPT session in the
+ * opencli-controlled Chrome. Point OPENCLI_BIN at a custom binary for local
+ * source runs.
+ */
+import type { ParsedOutput } from "../types.js";
+export interface ChatGPTWebOptions {
+    prompt: string;
+    model: string;
+    /** Max seconds to wait for the assistant reply. */
+    timeout?: number;
+    /** Continue an existing /c/<id> conversation (multi-turn, non-temporary). */
+    conversationId?: string;
+    /**
+     * Continue the CURRENT chat in place (no --new/--temporary). Used for
+     * stateful multi-turn inside a temporary chat: the first turn opens the
+     * temporary chat, later turns just send into the same tab so ChatGPT
+     * accumulates context. Temporary chats have no /c/<id> to resume by URL,
+     * so this in-place continuation is the only way to keep their context.
+     */
+    continueChat?: boolean;
+    /**
+     * Per-buyer browser session key → its own ChatGPT tab. Same key reuses the
+     * same tab (multi-turn context); different keys run concurrently in separate
+     * tabs. Maps to opencli `--session <key>`.
+     */
+    sessionKey?: string;
+    /**
+     * This turn is expected to produce an image (generate/edit). Forces a regular
+     * chat (ChatGPT temporary chat BLOCKS image generation) and waits for + grabs
+     * the image. Maps to opencli `--image-out` + `--new` (first turn).
+     */
+    imageOut?: boolean;
+    /** Local image paths to upload before the prompt (edit the buyer's own image). */
+    imagePaths?: string[];
+}
+export declare function callChatGPTWeb(opts: ChatGPTWebOptions): Promise<ParsedOutput>;

package/dist/relay/upstream/chatgpt-web.js

@@ -0,0 +1,114 @@
+/**
+ * chatgpt-web upstream — serve a relay request by driving the ChatGPT *website*
+ * (not the reverse-proxy API). Sends the prompt into a ChatGPT temporary chat
+ * via opencli's CDP browser automation, waits for the reply, reads it back.
+ *
+ * Why this exists alongside the codex reverse-proxy path:
+ *  - It's a real person typing in chatgpt.com → OpenAI can't tell it apart from
+ *    normal use → effectively un-bannable (the reverse-proxy路径 mimics the
+ *    Codex CLI fingerprint, which is safe but not bullet-proof at scale).
+ *  - Temporary chat → no history pollution, clean per-session isolation, not
+ *    used for training.
+ *  - Trade-off: slower (seconds, UI render) and not token-streamed. Fine for
+ *    conversation; the buyer still gets a standard reply.
+ *
+ * Requires the provider machine to have `@jackwener/opencli` installed (with the
+ * `chatgpt ask --temporary` support) and a logged-in ChatGPT session in the
+ * opencli-controlled Chrome. Point OPENCLI_BIN at a custom binary for local
+ * source runs.
+ */
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+const execFileP = promisify(execFile);
+const OPENCLI_BIN = process.env.OPENCLI_BIN || "opencli";
+/** Roughly 4 chars per token — web send/read has no real token counts, so we
+ *  estimate for billing parity with the API paths. */
+function estimateTokens(text) {
+    return Math.max(1, Math.ceil(text.length / 4));
+}
+export async function callChatGPTWeb(opts) {
+    const timeout = opts.timeout ?? 120;
+    const args = ["chatgpt", "ask", opts.prompt, "--timeout", String(timeout), "-f", "json"];
+    // Turn routing:
+    //  - continueChat → no flag; opencli's ensureOnChatGPT stays on the current
+    //    page, so a temporary chat continues in place and keeps its context.
+    //  - conversationId → resume a saved /c/<id> conversation.
+    //  - otherwise → open a fresh temporary chat (first turn / single-shot).
+    if (opts.continueChat) {
+        // intentionally no flag — continue the current chat in place.
+    }
+    else if (opts.conversationId) {
+        args.push("--conversation", opts.conversationId);
+    }
+    else if (opts.imageOut) {
+        // Image generation is blocked in temporary chats → use a regular new chat.
+        args.push("--new");
+    }
+    else {
+        args.push("--temporary");
+    }
+    if (opts.imageOut) {
+        args.push("--image-out");
+    }
+    if (opts.imagePaths?.length) {
+        args.push("--image", opts.imagePaths.join(","));
+    }
+    // Per-buyer tab isolation: same key → same tab (context kept), different
+    // keys → concurrent tabs.
+    if (opts.sessionKey) {
+        args.push("--session", opts.sessionKey);
+    }
+    let stdout = "";
+    try {
+        const result = await execFileP(OPENCLI_BIN, args, {
+            timeout: (timeout + 30) * 1000,
+            maxBuffer: 96 * 1024 * 1024, // base64 images can be several MB each
+            env: { ...process.env },
+        });
+        stdout = result.stdout;
+    }
+    catch (err) {
+        const e = err;
+        const tail = `${e.stdout ?? ""}${e.stderr ?? ""}`.slice(0, 400);
+        throw new Error(`opencli chatgpt ask failed: ${e.message ?? String(err)} ${tail}`);
+    }
+    // opencli `-f json` prints a JSON array; tolerate any leading banner lines.
+    const start = stdout.indexOf("[");
+    if (start < 0) {
+        throw new Error(`opencli chatgpt ask: no JSON in output: ${stdout.slice(0, 300)}`);
+    }
+    let rows;
+    try {
+        rows = JSON.parse(stdout.slice(start));
+    }
+    catch {
+        throw new Error(`opencli chatgpt ask: bad JSON: ${stdout.slice(start, start + 300)}`);
+    }
+    const response = String(rows?.[0]?.response ?? "").trim();
+    const images = Array.isArray(rows?.[0]?.images) ? rows[0].images : [];
+    if (!response && !images.length) {
+        throw new Error(`opencli chatgpt ask empty (stdout=${stdout.length}b, keys=[${Object.keys(rows?.[0] ?? {}).join(",")}], imagesType=${typeof rows?.[0]?.images})`);
+    }
+    // Carry images back inside the chat.completion content as markdown data
+    // URLs — the buyer's front-end renders them directly. (Image turns often
+    // have little/no text, so the image IS the answer.)
+    let text = response;
+    if (images.length) {
+        const md = images.map((img, i) => `![image${i + 1}](${img})`).join("\n");
+        text = text ? `${text}\n\n${md}` : md;
+    }
+    return {
+        text,
+        sessionId: String(rows?.[0]?.conversationId ?? ""),
+        usage: {
+            input_tokens: estimateTokens(opts.prompt),
+            // Don't token-count the base64 image (it'd be ~375k "tokens"); bill each
+            // generated image as a flat token block instead.
+            output_tokens: estimateTokens(response) + images.length * 800,
+            cache_creation_tokens: 0,
+            cache_read_tokens: 0,
+        },
+        model: opts.model,
+        costUsd: 0,
+    };
+}

package/dist/task/daemon.js

@@ -48,10 +48,12 @@ function installFileLogger() {
     console.error = (...args) => logToFile("ERROR", ...args);
 }
 import { TaskWsClient } from "./ws-client.js";
-import { getSkill, listSkills } from "./skills/index.js";
+import { getSkill, listSkills, defaultAdvertiseSkills } from "./skills/index.js";
+import { runPreflight, writePreflightReport } from "./preflight.js";
 const CONFIG_DIR = join(homedir(), ".clawmoney");
 const CONFIG_FILE = join(CONFIG_DIR, "config.yaml");
 const PID_FILE = join(CONFIG_DIR, "task.pid");
+const TASK_STATE_FILE = join(CONFIG_DIR, "task-state.json");
 function loadYamlConfig() {
     if (!existsSync(CONFIG_FILE))
         return {};
@@ -76,7 +78,10 @@ function loadConfig() {
         .split(",")
         .map((s) => s.trim())
         .filter(Boolean);
-    const skills = requested.length > 0 ? requested : listSkills();
+    // Default advertise set excludes skills the SpareAPI backend now fetches
+    // directly (YC / IndieHackers / Hacker News); an explicit SKILLS= can still
+    // opt into them since `supported` below is the full registry.
+    const skills = requested.length > 0 ? requested : defaultAdvertiseSkills();
     // Sanity-check: drop anything we can't actually serve so we don't
     // advertise dead skills to the hub.
     const supported = new Set(listSkills());
@@ -129,6 +134,26 @@ function removePid() {
         // ignore
     }
 }
+// Lifecycle phase the desktop app reads to show "service running, checking
+// logins…" during the (possibly slow first-run) preflight, vs "online" once
+// the hub connection is up. Distinct from the pid file, which only says the
+// process exists.
+function writeTaskState(phase) {
+    try {
+        writeFileSync(TASK_STATE_FILE, JSON.stringify({ phase, pid: process.pid, ts: new Date().toISOString() }), "utf-8");
+    }
+    catch {
+        /* best effort */
+    }
+}
+function clearTaskState() {
+    try {
+        unlinkSync(TASK_STATE_FILE);
+    }
+    catch {
+        // ignore
+    }
+}
 async function handleTaskRequest(ws, req) {
     const startedAtMs = Date.now();
     const handler = getSkill(req.skill_id);
@@ -223,7 +248,7 @@ function applySystemProxy() {
         console.error(`[task] system proxy detection skipped: ${err instanceof Error ? err.message : String(err)}`);
     }
 }
-function main() {
+async function main() {
     // Daemon was started as a script (stdio:"ignore"); from here on, all
     // log lines should land in ~/.clawmoney/task.log.
     installFileLogger();
@@ -238,12 +263,32 @@ function main() {
         console.error("[task] api_key missing — set API_KEY env or run `clawmoney setup`");
         process.exit(1);
     }
+    // Mark the service up the moment config checks out — BEFORE the (possibly
+    // slow first-run) preflight. Two reasons: the app can show "service running,
+    // checking logins…" instead of "not started", and the app's self-heal keys
+    // off the pid file, so writing it now stops it from re-spawning us mid-probe.
+    writePid();
+    writeTaskState("probing");
+    // Preflight: probe each platform's external dependency and drop the ones
+    // that would fail every task (Codex not installed, X not logged in, the
+    // Chrome extension down, …). Writes ~/.clawmoney/preflight.json so the
+    // desktop app can surface a home-screen notice. Re-runs every start, so
+    // fixing the dependency recovers the platform on the next boot.
+    console.log(`[task] preflight on ${config.skills.length} skills…`);
+    const { skills: keptSkills, report } = await runPreflight(config.skills);
+    writePreflightReport(report);
+    config.skills = keptSkills;
+    if (report.summary.droppedSkills > 0) {
+        console.warn(`[task] preflight dropped ${report.summary.droppedSkills} skill(s) across ` +
+            `${report.summary.failed} platform(s): ${report.dropped.join(", ")}`);
+    }
     console.log(`[task] starting daemon hub=${config.hub_url} skills=[${config.skills.join(",")}]`);
     if (config.skills.length === 0) {
         console.error("[task] no skills to advertise — refusing to start");
+        removePid();
+        clearTaskState();
         process.exit(1);
     }
-    writePid();
     // Belt-and-suspenders: even if every other handle (WS, heartbeat,
     // reconnect timer) somehow goes away simultaneously, this interval
     // is unref-less and ref-counted into the event loop, so the daemon
@@ -263,6 +308,7 @@ function main() {
         switch (frame.event) {
             case "connected":
                 console.log(`[task] connected agent_id=${frame.agent_id} name="${frame.agent_name}"`);
+                writeTaskState("online");
                 break;
             case "task_request":
                 void handleTaskRequest(ws, frame);
@@ -279,6 +325,7 @@ function main() {
         console.log(`[task] ${signal} — shutting down`);
         ws.stop();
         removePid();
+        clearTaskState();
         setTimeout(() => process.exit(0), 200);
     };
     process.on("SIGINT", () => shutdown("SIGINT"));
@@ -289,5 +336,8 @@ function main() {
 // the module is imported (e.g. by src/commands/task.ts which only wants
 // to use readTaskPid / isPidAlive helpers).
 if (process.argv[1] === fileURLToPath(import.meta.url)) {
-    main();
+    main().catch((err) => {
+        console.error(`[task] fatal: ${err instanceof Error ? err.stack : String(err)}`);
+        process.exit(1);
+    });
 }

package/dist/task/preflight.d.ts

@@ -0,0 +1,47 @@
+export type PreflightStatus = "ok" | "failed" | "unknown";
+export interface PlatformPreflight {
+    /** Display name surfaced in the app notice. */
+    label: string;
+    /** "local-app" | "web-login" | "social-login" — drives the app hint copy. */
+    category: string;
+    status: PreflightStatus;
+    /** How many advertised skills sit under this platform prefix. */
+    skills: number;
+    /** Human-readable failure reason (only when failed/unknown). */
+    reason?: string;
+    /** Actionable fix shown to the operator. */
+    hint?: string;
+    /** false = nothing the operator can do (e.g. upstream app dropped the
+     *  capability); the app keeps it off the notice banner. Default true. */
+    actionable?: boolean;
+    /** Login page the app can open for the operator to fix a logged-out
+     *  browser platform in one click. */
+    loginUrl?: string;
+}
+export interface PreflightReport {
+    ts: string;
+    /** false when any probed platform failed. */
+    ok: boolean;
+    summary: {
+        checked: number;
+        failed: number;
+        droppedSkills: number;
+    };
+    /** Keyed by platform prefix (the segment before the first dot in a skill_id). */
+    platforms: Record<string, PlatformPreflight>;
+    /** skill_ids removed from the advertise set. */
+    dropped: string[];
+}
+export interface PreflightOutcome {
+    /** Skills that passed (or were never probed) — the advertise set. */
+    skills: string[];
+    report: PreflightReport;
+}
+/**
+ * Probe every platform that has a registered dependency, drop the failures
+ * from the advertise set, and build the report. `unknown` verdicts are
+ * kept advertising (conservative) but recorded so the app can hint.
+ */
+export declare function runPreflight(skills: string[]): Promise<PreflightOutcome>;
+/** Persist the verdict for the desktop app to read on its next dashboard load. */
+export declare function writePreflightReport(report: PreflightReport): void;

package/dist/task/preflight.js

@@ -0,0 +1,515 @@
+/**
+ * Provider preflight.
+ *
+ * Before advertising skills to the hub we probe each platform's external
+ * dependency — a local desktop app (Codex / ChatGPT), a logged-in browser
+ * session (X / 小红书 / 抖音 / ChatGPT Web / Gemini / Flow), or the BNBot
+ * Chrome extension link they all share. A skill whose dependency is
+ * missing will fail *every* task and burn the provider's reputation, so
+ * we drop those platforms from the advertise set instead of letting the
+ * hub route work to them.
+ *
+ * Design choices:
+ *   - Probes are LIGHT. We never run a real scrape/generation — only the
+ *     `status` / `whoami` introspection commands bnbot already ships, or a
+ *     filesystem/env check. The operator explicitly asked us not to hammer
+ *     the machine on every boot. One exception: Codex SELF-HEALS — a
+ *     portless/stopped Codex is relaunched with the CDP flag right here
+ *     (see probeCodex) instead of being reported for manual fixing.
+ *   - Only platforms with a *deterministic* dependency are probed. Public
+ *     read surfaces (wiki / google / hn / reddit / youtube …) have no local
+ *     dependency beyond network, so they are never dropped here — that
+ *     avoids false-positives taking good platforms offline.
+ *   - The extension link (`bnbot status`) is the shared gate for every
+ *     browser-driven platform; we probe it once and reuse the verdict.
+ *   - Everything re-runs on each daemon start. KeepAlive (launchd) and the
+ *     desktop app's self-heal both restart the daemon, so installing Codex
+ *     or logging into x.com recovers the platform on the next boot — no
+ *     persistent blacklist to clear.
+ *
+ * The verdict is written to ~/.clawmoney/preflight.json for the desktop
+ * app to surface as a home-screen notice + per-card status.
+ */
+import { execFile } from "node:child_process";
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { homedir } from "node:os";
+const PREFLIGHT_FILE = join(homedir(), ".clawmoney", "preflight.json");
+// A navigation login-probe costs ~15s and login state rarely flips, so reuse a
+// recent verdict across daemon restarts (KeepAlive / app self-heal) instead of
+// re-probing every browser platform each boot. Local-app probes (codex/chatgpt)
+// are cheap + volatile, so they're always re-run, never cached.
+const CACHE_FRESH_MS = 30 * 60 * 1000;
+// Same resolution order as the skill handlers' bnbot lookup so the probe
+// hits the exact binary the skills will use.
+const BNBOT_CANDIDATES = [
+    process.env.BNBOT_CLI,
+    "bnbot",
+    "/opt/homebrew/bin/bnbot",
+    "/usr/local/bin/bnbot",
+].filter((value, index, values) => typeof value === "string" && value.length > 0 && values.indexOf(value) === index);
+function runBnbot(args, timeoutMs) {
+    return new Promise((resolve) => {
+        const attempt = (idx) => {
+            const bin = BNBOT_CANDIDATES[idx];
+            if (!bin) {
+                resolve({ ok: false, stdout: "", stderr: "bnbot not found on PATH", missing: true });
+                return;
+            }
+            execFile(bin, args, { timeout: timeoutMs, maxBuffer: 4 * 1024 * 1024 }, (err, stdout, stderr) => {
+                const e = err;
+                // Binary not at this path → try the next candidate.
+                if (e && e.code === "ENOENT") {
+                    attempt(idx + 1);
+                    return;
+                }
+                resolve({
+                    ok: !err,
+                    stdout: stdout ?? "",
+                    stderr: stderr ?? "",
+                    missing: false,
+                });
+            });
+        };
+        attempt(0);
+    });
+}
+/** Pull the first JSON object out of bnbot stdout (it may prefix a banner). */
+function parseJson(stdout) {
+    const trimmed = stdout.trim();
+    if (!trimmed)
+        return null;
+    try {
+        return JSON.parse(trimmed);
+    }
+    catch {
+        const start = trimmed.indexOf("{");
+        const end = trimmed.lastIndexOf("}");
+        if (start >= 0 && end > start) {
+            try {
+                return JSON.parse(trimmed.slice(start, end + 1));
+            }
+            catch {
+                return null;
+            }
+        }
+        return null;
+    }
+}
+// ── Shared extension gate ────────────────────────────────────────────
+/** `bnbot status` — is the Chrome extension connected to `bnbot serve`?
+ *  This is the common dependency for every browser-driven platform. */
+async function probeExtensionLink() {
+    const r = await runBnbot(["status"], 8000);
+    if (r.missing) {
+        return {
+            status: "failed",
+            reason: "未找到 bnbot 命令",
+            hint: "安装 @bnbot/cli(provider 机器需要 bnbot)",
+        };
+    }
+    // `bnbot status` prints a banner; "connected" only appears when the
+    // extension handshake succeeded.
+    if (/extension[\s\S]*connected/i.test(r.stdout) || /connected/i.test(r.stdout)) {
+        return { status: "ok" };
+    }
+    return {
+        status: "failed",
+        reason: "BNBot 浏览器扩展未连接",
+        hint: "打开 Chrome，确认已安装 BNBot 扩展且 `bnbot serve` 在运行",
+    };
+}
+async function codexCdpStatus(extraArgs, timeoutMs) {
+    const r = await runBnbot(["codex", "status", ...extraArgs], timeoutMs);
+    if (r.missing)
+        return { missing: true, connected: false, processRunning: false };
+    const j = parseJson(r.stdout);
+    return {
+        missing: false,
+        connected: j?.connected === true,
+        processRunning: j?.processRunning === true,
+    };
+}
+/**
+ * Quit Codex the way Cmd+Q does (Apple Event). NEVER signal it instead:
+ * SIGTERM reads as a crash to macOS, which reopens the app via launchd a
+ * few seconds later — without our debug flag — and that zombie then owns
+ * the single-instance lock, defeating the relaunch (verified live).
+ */
+function quitCodexGracefully() {
+    return new Promise((resolve) => {
+        execFile("osascript", ["-e", 'tell application id "com.openai.codex" to quit'], { timeout: 8000 }, (err) => resolve(!err));
+    });
+}
+function sleep(ms) {
+    return new Promise((r) => setTimeout(r, ms));
+}
+function codexProcessAlive() {
+    return new Promise((resolve) => {
+        execFile("pgrep", ["-x", "Codex"], (err) => resolve(!err));
+    });
+}
+/** A CDP-style failure means the app launches fine but never opens the
+ *  debug port (current Codex builds dropped CDP support entirely), so a
+ *  fresh quit+relaunch cycle can't fix it — don't churn the operator's
+ *  Codex again until the backoff expires or the failure mode changes. */
+const HEAL_BACKOFF_MS = 6 * 60 * 60 * 1000;
+function codexHealRecentlyFailed() {
+    const prev = readPreviousReport();
+    const last = prev?.platforms?.codex;
+    if (!last || last.status !== "failed")
+        return false;
+    // Matches both the post-heal verdict ("…CDP 未就绪") and the backoff
+    // verdict itself ("不支持 CDP 调试…") so the backoff renews each boot.
+    if (!last.reason?.includes("CDP"))
+        return false;
+    const ts = Date.parse(prev?.ts ?? "");
+    return Number.isFinite(ts) && Date.now() - ts < HEAL_BACKOFF_MS;
+}
+/**
+ * Codex is the one dependency we try to SELF-HEAL instead of just reporting:
+ * CDP can only be enabled at launch (Chromium limitation), and bnbot already
+ * knows how to launch Codex with the debug port (`status --launch`). So a
+ * portless instance gets a graceful quit + relaunch here, and "Codex not
+ * running" gets a plain launch — the operator only sees a notice when that
+ * automation genuinely failed (e.g. current Codex builds ignore the CDP
+ * flag altogether — Chromium-148 shell, no remote debugging).
+ */
+async function probeCodex() {
+    const first = await codexCdpStatus([], 8000);
+    if (first.missing) {
+        return { status: "failed", reason: "未找到 bnbot 命令", hint: "安装 @bnbot/cli" };
+    }
+    if (first.connected)
+        return { status: "ok" };
+    if (codexHealRecentlyFailed()) {
+        return {
+            status: "failed",
+            reason: "Codex 不支持 CDP 调试(端口 9238)，自动修复已暂停重试",
+            hint: "当前版本的 Codex 无法开启远程调试，绘图技能暂不可用；等待 bnbot 适配新版 Codex",
+            actionable: false,
+        };
+    }
+    if (first.processRunning) {
+        // Quit the portless instance first: its single-instance lock would
+        // swallow a relaunch (args forwarded to the old process, port ignored).
+        console.log("[preflight] codex running without CDP — restarting with debug port…");
+        await quitCodexGracefully();
+        let gone = false;
+        for (let i = 0; i < 8; i++) {
+            await sleep(1000);
+            if (!(await codexProcessAlive())) {
+                gone = true;
+                break;
+            }
+        }
+        if (!gone) {
+            return {
+                status: "failed",
+                reason: "Codex 已运行但 CDP 未就绪(端口 9238)，自动重启未成功",
+                hint: "请手动退出 Codex(Cmd+Q)，接单守护会自动以调试端口重新拉起",
+            };
+        }
+    }
+    // Not running (or just quit) — launch with the CDP port and re-verify,
+    // allowing a slow cold start some runway.
+    const launched = await codexCdpStatus(["--launch"], 30000);
+    if (launched.connected)
+        return { status: "ok" };
+    for (let i = 0; i < 6; i++) {
+        await sleep(2000);
+        const s = await codexCdpStatus([], 8000);
+        if (s.connected)
+            return { status: "ok" };
+    }
+    const stillRunning = launched.processRunning || (await codexProcessAlive());
+    return {
+        status: "failed",
+        reason: stillRunning
+            ? "Codex 已自动拉起但 CDP 未就绪(端口 9238)"
+            : "Codex Desktop 自动启动未成功",
+        hint: stillRunning
+            ? "当前版本的 Codex 可能不支持远程调试；绘图技能暂不可用"
+            : "安装并打开 Codex.app(运行 `codex app` 可自动下载)",
+        // App launches fine but never opens the port → nothing the operator
+        // can click to fix. A missing install IS fixable, keep that one loud.
+        actionable: !stillRunning,
+    };
+}
+async function probeChatGpt() {
+    const r = await runBnbot(["chatgpt", "status"], 8000);
+    if (r.missing) {
+        return { status: "failed", reason: "未找到 bnbot 命令", hint: "安装 @bnbot/cli" };
+    }
+    const j = parseJson(r.stdout);
+    if (j && j.running === true)
+        return { status: "ok" };
+    return {
+        status: "failed",
+        reason: "ChatGPT Desktop 未运行",
+        hint: "安装并打开 ChatGPT.app 并保持登录",
+    };
+}
+/** A landed URL matching this means the navigation bounced to a login wall. */
+const DEFAULT_LOGGED_OUT = /login|signin|sign[_-]?in|passport|\/sso\b|accounts\.google\.com|auth\.openai\.com/i;
+/**
+ * Real login-state probe — the product's edge. Instead of guessing, drive the
+ * extension to the platform's must-login page and read where it actually
+ * landed: a logged-out session gets bounced to a login wall, a logged-in one
+ * stays on the page. No business request is sent — same signal bnbot's own
+ * `checkLoginRedirect` uses, just surfaced as a standalone check.
+ */
+async function probeLoginByNavigation(def) {
+    const nav = await runBnbot(["navigate", def.url], def.navTimeoutMs ?? 18000);
+    if (nav.missing) {
+        return { status: "failed", reason: "未找到 bnbot 命令", hint: "安装 @bnbot/cli" };
+    }
+    // `debug eval` prints the live tab's URL as `.url` regardless of the
+    // expression result — that's the signal we want.
+    const ev = await runBnbot(["debug", "eval", "location.href"], 8000);
+    const landed = parseJson(ev.stdout);
+    const finalUrl = typeof landed?.url === "string" ? landed.url : "";
+    if (!finalUrl) {
+        return {
+            status: "unknown",
+            reason: `${def.label} 登录态探测超时`,
+            hint: `若 ${def.label} 接单失败，请确认 Chrome 已登录`,
+            loginUrl: def.url,
+        };
+    }
+    const loggedOut = def.loggedOut || DEFAULT_LOGGED_OUT;
+    if (loggedOut.test(finalUrl)) {
+        return {
+            status: "failed",
+            reason: `${def.label} 未登录`,
+            hint: `在 Chrome 登录 ${def.label} 后，接单守护重启即自动恢复`,
+            loginUrl: def.url,
+        };
+    }
+    return { status: "ok" };
+}
+/** Wrap a login-by-navigation probe, gated on the extension link being up
+ *  (no extension → no browser session to read, so it's a hard fail). */
+function navProbe(def) {
+    return async (extensionOk) => {
+        if (!extensionOk) {
+            return {
+                status: "failed",
+                reason: "BNBot 浏览器扩展未连接",
+                hint: "打开 Chrome 并确认 BNBot 扩展已连接",
+            };
+        }
+        return probeLoginByNavigation(def);
+    };
+}
+/** X: extension link is the gate; on top of it we read the active handle
+ *  via `bnbot x whoami` (no real request — the extension reads the pool
+ *  window's session). whoami needs a cold pool window so it's slow; on
+ *  timeout we stay conservative ("unknown", keep advertising) rather than
+ *  drop a platform that may well be logged in. */
+async function probeX(extensionOk) {
+    if (!extensionOk) {
+        return {
+            status: "failed",
+            reason: "BNBot 浏览器扩展未连接",
+            hint: "打开 Chrome 并确认 BNBot 扩展已连接",
+        };
+    }
+    const r = await runBnbot(["x", "whoami"], 10000);
+    const j = parseJson(r.stdout);
+    const handle = j && (j.username || j.handle || j.screen_name || j.screenName || j.name);
+    if (typeof handle === "string" && handle.trim()) {
+        return { status: "ok" };
+    }
+    // Explicit "not logged in" signal → drop it.
+    if (/not\s*logged|no\s*account|logged\s*out|null/i.test(`${r.stdout}\n${r.stderr}`)) {
+        return {
+            status: "failed",
+            reason: "X(Twitter)未登录",
+            hint: "在 Chrome 登录 x.com 后重启接单",
+            loginUrl: "https://x.com/login",
+        };
+    }
+    // whoami timed out / unparseable — fall back to the navigation probe. The
+    // x.com/home page bounces to a login wall when logged out, which is more
+    // robust than whoami's cold-pool-window read.
+    return probeLoginByNavigation({ label: "X / Twitter", url: "https://x.com/home" });
+}
+// ── Registry ─────────────────────────────────────────────────────────
+/**
+ * Platforms with a deterministic external dependency. Anything not listed
+ * here is assumed ready (public read surfaces) and never dropped.
+ *
+ * Keyed by platform prefix — the segment before the first dot in a
+ * skill_id (e.g. "codex.image_generate" → "codex").
+ *
+ * Login-walled sites use a real navigation probe: open the must-login page,
+ * read whether it bounced to a login wall. The `url` must be a page that
+ * REQUIRES login (a creator dashboard / app home), so a logged-out session
+ * redirects. Add a platform by dropping one line here.
+ */
+const PLATFORM_PROBES = {
+    // Local desktop apps — exact, fast probes.
+    codex: { label: "Codex 绘图", category: "local-app", probe: probeCodex },
+    chatgpt: { label: "ChatGPT", category: "local-app", probe: probeChatGpt },
+    // X keeps its dedicated handle read (cheaper, and names the account).
+    x: { label: "X / Twitter", category: "social-login", probe: probeX },
+    // Login-walled sites — real login-state probe by navigation.
+    xhs: {
+        label: "小红书", category: "social-login",
+        probe: navProbe({ label: "小红书", url: "https://creator.xiaohongshu.com/" }),
+    },
+    dy: {
+        label: "抖音", category: "social-login",
+        probe: navProbe({ label: "抖音", url: "https://creator.douyin.com/" }),
+    },
+    gemini: {
+        label: "Gemini 绘图", category: "web-login",
+        // Google properties are slow from CN networks — same runway as Flow.
+        probe: navProbe({ label: "Gemini", url: "https://gemini.google.com/app", navTimeoutMs: 28000 }),
+    },
+    flow: {
+        label: "Google Flow", category: "web-login",
+        probe: navProbe({ label: "Flow", url: "https://labs.google/fx/tools/flow", navTimeoutMs: 28000 }),
+    },
+    chatgpt_web: {
+        label: "ChatGPT 网页", category: "web-login",
+        probe: navProbe({ label: "ChatGPT 网页", url: "https://chatgpt.com/" }),
+    },
+};
+/** Whether any probed platform depends on the Chrome extension. */
+function needsExtension(prefixes) {
+    for (const p of prefixes) {
+        const probe = PLATFORM_PROBES[p];
+        if (probe && probe.category !== "local-app")
+            return true;
+    }
+    return false;
+}
+function prefixOf(skillId) {
+    const dot = skillId.indexOf(".");
+    return dot < 0 ? skillId : skillId.slice(0, dot);
+}
+/**
+ * Probe every platform that has a registered dependency, drop the failures
+ * from the advertise set, and build the report. `unknown` verdicts are
+ * kept advertising (conservative) but recorded so the app can hint.
+ */
+export async function runPreflight(skills) {
+    // Count skills per platform prefix so the report can show "3 skills off".
+    const skillsByPrefix = new Map();
+    for (const s of skills) {
+        const p = prefixOf(s);
+        const list = skillsByPrefix.get(p);
+        if (list)
+            list.push(s);
+        else
+            skillsByPrefix.set(p, [s]);
+    }
+    const probedPrefixes = new Set([...skillsByPrefix.keys()].filter((p) => PLATFORM_PROBES[p]));
+    // Probe the shared extension link once if anything needs it.
+    let extensionOk = true;
+    if (needsExtension(probedPrefixes)) {
+        const ext = await probeExtensionLink();
+        extensionOk = ext.status === "ok";
+        if (!extensionOk) {
+            console.warn(`[preflight] extension link down: ${ext.reason}`);
+        }
+    }
+    const platforms = {};
+    const dropped = [];
+    // Reuse a recent verdict for browser-login platforms (their nav probe is
+    // slow). Only when the extension is up — a down extension invalidates every
+    // cached "ok". `unknown` is never cached (it means "retry next time").
+    const prev = readPreviousReport();
+    const cacheFresh = !!prev &&
+        Number.isFinite(Date.parse(prev.ts)) &&
+        Date.now() - Date.parse(prev.ts) < CACHE_FRESH_MS;
+    // Serial — these talk to one Chrome / one desktop app; parallel probes
+    // would contend on the same UI and skew results.
+    for (const prefix of probedPrefixes) {
+        const def = PLATFORM_PROBES[prefix];
+        const prefixSkills = skillsByPrefix.get(prefix) ?? [];
+        const cached = prev?.platforms?.[prefix];
+        const useCache = def.category !== "local-app" &&
+            extensionOk &&
+            cacheFresh &&
+            !!cached &&
+            cached.status !== "unknown";
+        let result;
+        if (useCache && cached) {
+            result = {
+                status: cached.status,
+                reason: cached.reason,
+                hint: cached.hint,
+                actionable: cached.actionable,
+                loginUrl: cached.loginUrl,
+            };
+        }
+        else {
+            try {
+                result = await def.probe(extensionOk);
+            }
+            catch (err) {
+                result = {
+                    status: "unknown",
+                    reason: `预演异常: ${err instanceof Error ? err.message : String(err)}`,
+                    hint: "查看 ~/.clawmoney/task.log",
+                };
+            }
+        }
+        platforms[prefix] = {
+            label: def.label,
+            category: def.category,
+            status: result.status,
+            skills: prefixSkills.length,
+            reason: result.reason,
+            hint: result.hint,
+            actionable: result.actionable,
+            loginUrl: result.loginUrl,
+        };
+        console.log(`[preflight] ${prefix} (${def.label}): ${result.status}` +
+            (useCache ? " (cached)" : "") +
+            (result.reason ? ` — ${result.reason}` : ""));
+        if (result.status === "failed") {
+            dropped.push(...prefixSkills);
+        }
+    }
+    const droppedSet = new Set(dropped);
+    const keptSkills = skills.filter((s) => !droppedSet.has(s));
+    const failed = Object.values(platforms).filter((p) => p.status === "failed").length;
+    const report = {
+        ts: new Date().toISOString(),
+        ok: failed === 0,
+        summary: {
+            checked: probedPrefixes.size,
+            failed,
+            droppedSkills: dropped.length,
+        },
+        platforms,
+        dropped,
+    };
+    return { skills: keptSkills, report };
+}
+/** Persist the verdict for the desktop app to read on its next dashboard load. */
+export function writePreflightReport(report) {
+    try {
+        mkdirSync(join(homedir(), ".clawmoney"), { recursive: true });
+        writeFileSync(PREFLIGHT_FILE, JSON.stringify(report, null, 2), "utf-8");
+    }
+    catch (err) {
+        console.error(`[preflight] failed to write report: ${err instanceof Error ? err.message : String(err)}`);
+    }
+}
+/** Read the last written report so fresh login-state verdicts can be reused
+ *  across restarts (see CACHE_FRESH_MS). Null when absent/corrupt. */
+function readPreviousReport() {
+    try {
+        if (!existsSync(PREFLIGHT_FILE))
+            return null;
+        return JSON.parse(readFileSync(PREFLIGHT_FILE, "utf-8"));
+    }
+    catch {
+        return null;
+    }
+}

package/dist/task/skills/codex/_bnbot.js

@@ -19,6 +19,9 @@ export async function bnbotCodexImageGenerate(input) {
         String(timeoutS),
         "--response-format",
         input.response_format ?? "b64_json",
+        // Self-heal: only acts when Codex is running WITHOUT CDP (quit+relaunch
+        // with the debug port); a healthy instance is untouched.
+        "--restart",
     ];
     if (input.size)
         args.push("--size", input.size);

package/dist/task/skills/index.d.ts

@@ -15,4 +15,20 @@ import type { SkillHandler } from "../types.js";
  */
 export declare const SKILL_REGISTRY: Record<string, SkillHandler>;
 export declare function listSkills(): string[];
+/**
+ * Skills now served directly by the SpareAPI backend — plain-HTTP public APIs
+ * (Y Combinator / IndieHackers / Hacker News) that the gateway fetches itself
+ * instead of dispatching to operators. The handlers stay registered, so an
+ * explicit `SKILLS=yc.companies,...` can still opt in, but operators DON'T
+ * advertise them by default: the hub no longer routes these to operators, and
+ * advertising them would just invite redundant single-fetch jobs.
+ *
+ * Browser-walled platforms (Kickstarter `ks.*` / Indiegogo `igg.*`, behind
+ * Cloudflare) are NOT here — they still need a real operator Chrome, so they
+ * keep being advertised. Other public read surfaces (wiki / bbc / bloomberg /
+ * stackoverflow / v2ex …) also stay, since the backend doesn't fetch them yet.
+ */
+export declare const DIRECT_SERVED_SKILLS: Set<string>;
+/** Skills an operator advertises when the `SKILLS` env var is unset. */
+export declare function defaultAdvertiseSkills(): string[];
 export declare function getSkill(skillId: string): SkillHandler | undefined;

package/dist/task/skills/index.js

@@ -143,7 +143,7 @@ import { biliFeedSkill } from "./bilibili/feed.js";
 import { biliFeedDetailSkill } from "./bilibili/feed-detail.js";
 import { biliDownloadSkill } from "./bilibili/download.js";
 // OpenCLI public/browser read skills (Google, HN, Wikipedia, etc.)
-import { ggSearchSkill, ggSuggestSkill, ggNewsSkill, ggTrendsSkill, wxmpArticleSearchSkill, wxmpArticleSkill, hnTopSkill, hnNewSkill, hnBestSkill, hnAskSkill, hnShowSkill, hnJobsSkill, hnSearchSkill, hnUserSkill, hnReadSkill, wikiSearchSkill, wikiSummarySkill, wikiRandomSkill, wikiTrendingSkill, wikiPageSkill, yfQuoteSkill, zhSearchSkill, zhHotSkill, zhRecommendSkill, zhQuestionSkill, zhAnswerDetailSkill, zhAnswerCommentsSkill, bbcNewsSkill, bbcTopicSkill, bbgMainSkill, bbgMarketsSkill, bbgEconomicsSkill, bbgIndustriesSkill, bbgTechSkill, bbgPoliticsSkill, bbgBusinessweekSkill, bbgOpinionsSkill, bbgFeedsSkill, bbgArticleSkill, medSearchSkill, medTagSkill, medFeedSkill, medUserSkill, subSearchSkill, subPublicationSkill, subFeedSkill, wbHotSkill, wbSearchSkill, wbFeedSkill, wbUserSkill, wbPostSkill, wbCommentsSkill, kr36NewsSkill, kr36HotSkill, kr36SearchSkill, kr36ArticleSkill, dbSearchSkill, dbMovieHotSkill, dbBookHotSkill, dbTop250Skill, dbPhotosSkill, sfNewsSkill, sfRollingNewsSkill, sfStockSkill, jkFeedSkill, jkSearchSkill, xqSearchSkill, xqHotSkill, xqHotStockSkill, xqStockSkill, xqCommentsSkill, xqKlineSkill, xqEarningsDateSkill, xyzPodcastSkill, xyzPodcastEpisodesSkill, xyzEpisodeSkill, fbSearchSkill, fbProfileSkill, fbEventsSkill, wrSearchSkill, wrRankingSkill, wrBookSkill, ctSearchSkill, ctHotelSuggestSkill, ctHotelSearchSkill, ctFlightSkill, } from "./opencli/platforms.js";
+import { ggSearchSkill, ggSuggestSkill, ggNewsSkill, ggTrendsSkill, wxmpArticleSearchSkill, wxmpArticleSkill, hnTopSkill, hnNewSkill, hnBestSkill, hnAskSkill, hnShowSkill, hnJobsSkill, hnSearchSkill, hnUserSkill, hnReadSkill, wikiSearchSkill, wikiSummarySkill, wikiRandomSkill, wikiTrendingSkill, wikiPageSkill, yfQuoteSkill, zhSearchSkill, zhHotSkill, zhRecommendSkill, zhQuestionSkill, zhAnswerDetailSkill, zhAnswerCommentsSkill, bbcNewsSkill, bbcTopicSkill, bbgMainSkill, bbgMarketsSkill, bbgEconomicsSkill, bbgIndustriesSkill, bbgTechSkill, bbgPoliticsSkill, bbgBusinessweekSkill, bbgOpinionsSkill, bbgFeedsSkill, bbgArticleSkill, medSearchSkill, medTagSkill, medFeedSkill, medUserSkill, subSearchSkill, subPublicationSkill, subFeedSkill, wbHotSkill, wbSearchSkill, wbFeedSkill, wbUserSkill, wbPostSkill, wbCommentsSkill, kr36NewsSkill, kr36HotSkill, kr36SearchSkill, kr36ArticleSkill, dbSearchSkill, dbMovieHotSkill, dbBookHotSkill, dbTop250Skill, dbPhotosSkill, sfNewsSkill, sfRollingNewsSkill, sfStockSkill, jkFeedSkill, jkSearchSkill, xqSearchSkill, xqHotSkill, xqHotStockSkill, xqStockSkill, xqCommentsSkill, xqKlineSkill, xqEarningsDateSkill, xyzPodcastSkill, xyzPodcastEpisodesSkill, xyzEpisodeSkill, fbSearchSkill, fbProfileSkill, fbEventsSkill, wrSearchSkill, wrRankingSkill, wrBookSkill, ctSearchSkill, ctHotelSuggestSkill, ctHotelSearchSkill, ctFlightSkill, ycCompaniesSkill, ihProductsSkill, ksDiscoverSkill, igExploreSkill, } from "./opencli/platforms.js";
 // Codex Desktop generation skills
 import { codexImageGenerateSkill } from "./codex/image-generate.js";
 // ChatGPT Desktop skills
@@ -155,6 +155,10 @@ import { geminiImageGenerateSkill } from "./gemini/image-generate.js";
 // Google Labs Flow skills
 import { flowVideoGenerateSkill } from "./flow/video-generate.js";
 import { flowImageGenerateSkill } from "./flow/image-generate.js";
+// Apify-equivalent scrapers — Amazon / Google Maps / Web Scraper / web read.
+import { amazonProductSkill, amazonOfferSkill, amazonSearchSkill, ggMapsSkill, webScrapeSkill, webReadSkill, } from "./opencli/scrapers.js";
+// LinkedIn lead-gen / Sales Navigator (read-only, queries others' public data).
+import { liPeopleSearchSkill, liSalesnavSearchSkill, liProfileSkill, liProfileExperienceSkill, liProfileProjectsSkill, liPostsSkill, liJobDetailSkill, } from "./opencli/linkedin-salesnav.js";
 // `_unimplemented.ts` kept for future stub skills; not used in the
 // registry today.
 /**
@@ -356,6 +360,10 @@ export const SKILL_REGISTRY = {
     "hn.search": hnSearchSkill,
     "hn.user": hnUserSkill,
     "hn.read": hnReadSkill,
+    "yc.companies": ycCompaniesSkill,
+    "ih.products": ihProductsSkill,
+    "ks.discover": ksDiscoverSkill,
+    "igg.explore": igExploreSkill,
     "wiki.search": wikiSearchSkill,
     "wiki.summary": wikiSummarySkill,
     "wiki.random": wikiRandomSkill,
@@ -443,10 +451,60 @@ export const SKILL_REGISTRY = {
     // Google Labs Flow — provider drives labs.google/fx/tools/flow via bnbot.
     "flow.video_generate": flowVideoGenerateSkill,
     "flow.image_generate": flowImageGenerateSkill,
+    // Apify-equivalent scrapers — run in the operator's real logged-in Chrome
+    // (residential IP + login state). Skill ids match hub routing:
+    // /amazon/product → amazon.product, /web/scrape → web.scrape,
+    // /web/read → web.read, /google/maps → gg.maps.
+    "amazon.product": amazonProductSkill,
+    "amazon.offer": amazonOfferSkill,
+    "amazon.search": amazonSearchSkill,
+    "gg.maps": ggMapsSkill,
+    "web.scrape": webScrapeSkill,
+    "web.read": webReadSkill,
+    // LinkedIn lead-gen / Sales Navigator — read-only, queries others' public
+    // data. /linkedin/{action} → li.{action} via the hub catalog router.
+    // salesnav_search needs a Sales Navigator subscription on the provider.
+    "li.people_search": liPeopleSearchSkill,
+    "li.salesnav_search": liSalesnavSearchSkill,
+    "li.profile": liProfileSkill,
+    "li.profile_experience": liProfileExperienceSkill,
+    "li.profile_projects": liProfileProjectsSkill,
+    "li.posts": liPostsSkill,
+    "li.job_detail": liJobDetailSkill,
 };
 export function listSkills() {
     return Object.keys(SKILL_REGISTRY);
 }
+/**
+ * Skills now served directly by the SpareAPI backend — plain-HTTP public APIs
+ * (Y Combinator / IndieHackers / Hacker News) that the gateway fetches itself
+ * instead of dispatching to operators. The handlers stay registered, so an
+ * explicit `SKILLS=yc.companies,...` can still opt in, but operators DON'T
+ * advertise them by default: the hub no longer routes these to operators, and
+ * advertising them would just invite redundant single-fetch jobs.
+ *
+ * Browser-walled platforms (Kickstarter `ks.*` / Indiegogo `igg.*`, behind
+ * Cloudflare) are NOT here — they still need a real operator Chrome, so they
+ * keep being advertised. Other public read surfaces (wiki / bbc / bloomberg /
+ * stackoverflow / v2ex …) also stay, since the backend doesn't fetch them yet.
+ */
+export const DIRECT_SERVED_SKILLS = new Set([
+    "yc.companies",
+    "ih.products",
+    "hn.top",
+    "hn.new",
+    "hn.best",
+    "hn.ask",
+    "hn.show",
+    "hn.jobs",
+    "hn.search",
+    "hn.user",
+    "hn.read",
+]);
+/** Skills an operator advertises when the `SKILLS` env var is unset. */
+export function defaultAdvertiseSkills() {
+    return Object.keys(SKILL_REGISTRY).filter((s) => !DIRECT_SERVED_SKILLS.has(s));
+}
 export function getSkill(skillId) {
     return SKILL_REGISTRY[skillId];
 }

package/dist/task/skills/opencli/_bnbot.d.ts

@@ -1,3 +1,8 @@
 export type FlagValue = string | number | boolean | undefined;
 export declare function bnbotCommand(base: string[], positional?: string[], flags?: Record<string, FlagValue>): Promise<unknown>;
+/**
+ * Run an opencli command that emits raw text (e.g. `web read --stdout true`
+ * prints Markdown, not JSON). Returns stdout verbatim — no JSON.parse.
+ */
+export declare function opencliText(args: string[]): Promise<string>;
 export declare function opencliCommand(base: string[], positional?: string[], flags?: Record<string, FlagValue>): Promise<unknown>;

package/dist/task/skills/opencli/_bnbot.js

@@ -37,6 +37,27 @@ export async function bnbotCommand(base, positional = [], flags = {}) {
         throw err;
     }
 }
+/**
+ * Run an opencli command that emits raw text (e.g. `web read --stdout true`
+ * prints Markdown, not JSON). Returns stdout verbatim — no JSON.parse.
+ */
+export async function opencliText(args) {
+    const rawBin = process.env.OPENCLI_CLI || "opencli";
+    const bin = rawBin.endsWith(".js") ? process.execPath : rawBin;
+    const finalArgs = rawBin.endsWith(".js") ? [rawBin, ...args] : args;
+    try {
+        const { stdout } = await exec(bin, finalArgs, { maxBuffer: MAX_BUFFER, timeout: TIMEOUT_MS });
+        if (!stdout.trim())
+            throw new Error("opencli returned empty stdout");
+        return stdout;
+    }
+    catch (err) {
+        const e = err;
+        if (e.stderr && e.stderr.trim())
+            throw new Error(`opencli failed: ${e.stderr.trim()}`);
+        throw err;
+    }
+}
 export async function opencliCommand(base, positional = [], flags = {}) {
     const args = [...base, ...positional];
     for (const [name, value] of Object.entries(flags)) {

package/dist/task/skills/opencli/linkedin-salesnav.d.ts

@@ -0,0 +1,7 @@
+export declare const liPeopleSearchSkill: import("../../types.js").SkillHandler;
+export declare const liSalesnavSearchSkill: import("../../types.js").SkillHandler;
+export declare const liProfileSkill: import("../../types.js").SkillHandler;
+export declare const liProfileExperienceSkill: import("../../types.js").SkillHandler;
+export declare const liProfileProjectsSkill: import("../../types.js").SkillHandler;
+export declare const liPostsSkill: import("../../types.js").SkillHandler;
+export declare const liJobDetailSkill: import("../../types.js").SkillHandler;

package/dist/task/skills/opencli/linkedin-salesnav.js

@@ -0,0 +1,36 @@
+/**
+ * LinkedIn lead-gen / Sales Navigator skills — the highest-value, hardest-to-
+ * scrape surface (Apify charges $3-10/1K and data-center IPs get blocked fast).
+ * These run in the operator's real logged-in Chrome via **bnbot** (extension),
+ * so they carry a genuine session and residential IP.
+ *
+ * Migrated from opencli → bnbot (2026-06-07). bnbot takes url/keywords as a
+ * positional arg (not a --profile-url flag), and the profile command is
+ * `linkedin profile` (opencli called it `profile-read`).
+ *
+ * SAFETY: only commands that query OTHER people / public data are exposed.
+ * The operator's OWN private surface and all write ops are NOT registered.
+ *
+ * Skill ids are `li.{action}`; the hub's catalog router maps
+ * /linkedin/{action} → li.{action} automatically (no hub change needed).
+ */
+import { bnbotCommand } from "./_bnbot.js";
+import { makeOpenCliSkill, num, reqStr } from "./_skill.js";
+const limit = (i, fb) => num(i, ["limit", "count"]) ?? fb;
+const profileUrl = (i) => reqStr(i, ["profile_url", "profileUrl", "url"], "profile_url");
+const keywords = (i) => reqStr(i, ["query", "keywords", "keyword", "q"], "query");
+// People search — B2B lead-gen core (standard LinkedIn search).
+export const liPeopleSearchSkill = makeOpenCliSkill("linkedin people-search", (i) => bnbotCommand(["linkedin", "people-search"], [keywords(i)], { limit: limit(i) }));
+// Sales Navigator search — premium lead-gen. Requires the provider account to
+// have a Sales Navigator subscription.
+export const liSalesnavSearchSkill = makeOpenCliSkill("linkedin salesnav-search", (i) => bnbotCommand(["linkedin", "salesnav-search"], [keywords(i)], { limit: limit(i) }));
+// Profile read — full profile of a target person (bnbot: `linkedin profile <url>`).
+export const liProfileSkill = makeOpenCliSkill("linkedin profile", (i) => bnbotCommand(["linkedin", "profile"], [profileUrl(i)]));
+// A target's work experience.
+export const liProfileExperienceSkill = makeOpenCliSkill("linkedin profile-experience", (i) => bnbotCommand(["linkedin", "profile-experience"], [profileUrl(i)]));
+// A target's projects.
+export const liProfileProjectsSkill = makeOpenCliSkill("linkedin profile-projects", (i) => bnbotCommand(["linkedin", "profile-projects"], [profileUrl(i)]));
+// A target's recent posts.
+export const liPostsSkill = makeOpenCliSkill("linkedin posts", (i) => bnbotCommand(["linkedin", "posts"], [profileUrl(i)], { limit: limit(i) }));
+// Job posting detail.
+export const liJobDetailSkill = makeOpenCliSkill("linkedin job-detail", (i) => bnbotCommand(["linkedin", "job-detail"], [reqStr(i, ["job_url", "jobUrl", "url"], "job_url")]));

package/dist/task/skills/opencli/platforms.d.ts

@@ -13,6 +13,10 @@ export declare const hnJobsSkill: import("../../types.js").SkillHandler;
 export declare const hnSearchSkill: import("../../types.js").SkillHandler;
 export declare const hnUserSkill: import("../../types.js").SkillHandler;
 export declare const hnReadSkill: import("../../types.js").SkillHandler;
+export declare const ycCompaniesSkill: import("../../types.js").SkillHandler;
+export declare const ihProductsSkill: import("../../types.js").SkillHandler;
+export declare const ksDiscoverSkill: import("../../types.js").SkillHandler;
+export declare const igExploreSkill: import("../../types.js").SkillHandler;
 export declare const wikiSearchSkill: import("../../types.js").SkillHandler;
 export declare const wikiSummarySkill: import("../../types.js").SkillHandler;
 export declare const wikiRandomSkill: import("../../types.js").SkillHandler;

package/dist/task/skills/opencli/platforms.js

@@ -41,6 +41,11 @@ export const hnReadSkill = makeOpenCliSkill("hackernews read", (i) => bnbotComma
     replies: num(i, ["replies"]),
     "max-length": num(i, ["maxLength", "max_length"]),
 }));
+// ── Lead-gen sources (SpareAPI customer acquisition: YC / IH / KS / IGG) ──
+export const ycCompaniesSkill = makeOpenCliSkill("ycombinator companies", (i) => bnbotCommand(["yc", "companies"], [], { limit: num(i, ["limit", "count"]), batches: str(i, ["batches"]) }));
+export const ihProductsSkill = makeOpenCliSkill("indiehackers products", (i) => bnbotCommand(["indiehackers", "products"], [], { limit: num(i, ["limit", "count"]) }));
+export const ksDiscoverSkill = makeOpenCliSkill("kickstarter discover", (i) => bnbotCommand(["kickstarter", "discover"], [], { limit: num(i, ["limit", "count"]) }));
+export const igExploreSkill = makeOpenCliSkill("indiegogo explore", (i) => bnbotCommand(["indiegogo", "explore"], [], { limit: num(i, ["limit", "count"]) }));
 export const wikiSearchSkill = makeOpenCliSkill("wikipedia search", (i) => bnbotCommand(["wikipedia", "search"], [query(i)], { limit: limit(i), lang: str(i, ["lang", "language"]) }));
 export const wikiSummarySkill = makeOpenCliSkill("wikipedia summary", (i) => bnbotCommand(["wikipedia", "summary"], [reqStr(i, ["title", "page"], "title")], { lang: str(i, ["lang", "language"]) }));
 export const wikiRandomSkill = makeOpenCliSkill("wikipedia random", (i) => bnbotCommand(["wikipedia", "random"], [], { lang: str(i, ["lang", "language"]) }));

package/dist/task/skills/opencli/scrapers.d.ts

@@ -0,0 +1,6 @@
+export declare const amazonProductSkill: import("../../types.js").SkillHandler;
+export declare const amazonOfferSkill: import("../../types.js").SkillHandler;
+export declare const amazonSearchSkill: import("../../types.js").SkillHandler;
+export declare const ggMapsSkill: import("../../types.js").SkillHandler;
+export declare const webScrapeSkill: import("../../types.js").SkillHandler;
+export declare const webReadSkill: import("../../types.js").SkillHandler;

package/dist/task/skills/opencli/scrapers.js

@@ -0,0 +1,37 @@
+/**
+ * Apify-equivalent scraper skills — Amazon, Google Maps, generic Web Scraper,
+ * and Website Content Crawler. These bridge the operator's **bnbot** commands
+ * (which run in the operator's real logged-in Chrome via the extension, so they
+ * see residential IP + login state) to the SpareAPI skill surface, letting
+ * buyers call them like any RapidAPI actor.
+ *
+ * Migrated from opencli → bnbot (2026-06-07). Note bnbot takes url/input as a
+ * positional arg, not a --url flag like opencli did.
+ *
+ * Skill ids match the hub's routing:
+ *   /amazon/product → amazon.product, /amazon/search → amazon.search,
+ *   /web/scrape → web.scrape, /web/read → web.read, /google/maps → gg.maps.
+ */
+import { bnbotCommand, opencliCommand } from "./_bnbot.js";
+import { makeOpenCliSkill, num, reqStr, str } from "./_skill.js";
+const limit = (i, fallback) => num(i, ["limit", "count"]) ?? fallback;
+// --- Amazon (Apify Amazon Scraper equivalent) ---
+export const amazonProductSkill = makeOpenCliSkill("amazon product", (i) => bnbotCommand(["amazon", "product"], [reqStr(i, ["input", "asin", "url", "query"], "input")]));
+// bnbot has no `amazon offer` yet — keep this one on opencli until migrated.
+export const amazonOfferSkill = makeOpenCliSkill("amazon offer", (i) => opencliCommand(["amazon", "offer"], [reqStr(i, ["input", "asin", "url"], "input")]));
+export const amazonSearchSkill = makeOpenCliSkill("amazon search", (i) => bnbotCommand(["amazon", "search"], [reqStr(i, ["query", "keyword", "q"], "query")], { limit: limit(i) }));
+// --- Google Maps (Apify Google Maps Scraper equivalent — their largest, 361K) ---
+export const ggMapsSkill = makeOpenCliSkill("google maps", (i) => bnbotCommand(["google", "maps"], [reqStr(i, ["query", "keyword", "q"], "query")], { limit: limit(i) }));
+// --- Web Scraper (Apify Web Scraper equivalent — URL + CSS selectors → JSON) ---
+// bnbot: `web scrape <url> --selectors <json> --container <sel>`.
+export const webScrapeSkill = makeOpenCliSkill("web scrape", (i) => {
+    const selectors = i.selectors;
+    return bnbotCommand(["web", "scrape"], [reqStr(i, ["url"], "url")], {
+        selectors: typeof selectors === "string" ? selectors : JSON.stringify(selectors ?? {}),
+        container: str(i, ["container"]),
+        wait: num(i, ["wait"]),
+    });
+});
+// --- Website Content Crawler (Apify equivalent — any page → main content) ---
+// bnbot: `web read <url>` returns { url, title, text } JSON directly.
+export const webReadSkill = makeOpenCliSkill("web read", (i) => bnbotCommand(["web", "read"], [reqStr(i, ["url"], "url")]));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawmoney",
-  "version": "0.17.46",
+  "version": "0.17.47",
   "description": "ClawMoney CLI -- Earn rewards with your AI agent",
   "type": "module",
   "bin": {