npm - daemora - Versions diffs - 1.0.4 → 1.0.6 - Mend

daemora 1.0.4 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/LICENSE +663 -0
package/README.md +69 -19
package/SOUL.md +29 -26
package/config/mcp.json +126 -66
package/daemora-ui/README.md +11 -0
package/package.json +12 -2
package/skills/api-development.md +35 -0
package/skills/artifacts-builder/SKILL.md +74 -0
package/skills/artifacts-builder/scripts/bundle-artifact.sh +54 -0
package/skills/artifacts-builder/scripts/init-artifact.sh +322 -0
package/skills/artifacts-builder/scripts/shadcn-components.tar.gz +0 -0
package/skills/brand-guidelines.md +73 -0
package/skills/browser.md +77 -0
package/skills/changelog-generator.md +104 -0
package/skills/coding.md +26 -10
package/skills/content-research-writer.md +538 -0
package/skills/data-analysis.md +27 -0
package/skills/debugging.md +33 -0
package/skills/devops.md +37 -0
package/skills/document-docx.md +197 -0
package/skills/document-pdf.md +294 -0
package/skills/document-pptx.md +484 -0
package/skills/document-xlsx.md +289 -0
package/skills/domain-name-brainstormer.md +212 -0
package/skills/file-organizer.md +433 -0
package/skills/frontend-design.md +42 -0
package/skills/image-enhancer.md +99 -0
package/skills/invoice-organizer.md +446 -0
package/skills/lead-research-assistant.md +199 -0
package/skills/mcp-builder/SKILL.md +328 -0
package/skills/mcp-builder/reference/evaluation.md +602 -0
package/skills/mcp-builder/reference/mcp_best_practices.md +915 -0
package/skills/mcp-builder/reference/node_mcp_server.md +916 -0
package/skills/mcp-builder/reference/python_mcp_server.md +752 -0
package/skills/mcp-builder/scripts/connections.py +151 -0
package/skills/mcp-builder/scripts/evaluation.py +373 -0
package/skills/mcp-builder/scripts/example_evaluation.xml +22 -0
package/skills/mcp-builder/scripts/requirements.txt +2 -0
package/skills/meeting-insights-analyzer.md +327 -0
package/skills/orchestration.md +93 -0
package/skills/raffle-winner-picker.md +159 -0
package/skills/slack-gif-creator/SKILL.md +646 -0
package/skills/slack-gif-creator/core/color_palettes.py +302 -0
package/skills/slack-gif-creator/core/easing.py +230 -0
package/skills/slack-gif-creator/core/frame_composer.py +469 -0
package/skills/slack-gif-creator/core/gif_builder.py +246 -0
package/skills/slack-gif-creator/core/typography.py +357 -0
package/skills/slack-gif-creator/core/validators.py +264 -0
package/skills/slack-gif-creator/core/visual_effects.py +494 -0
package/skills/slack-gif-creator/requirements.txt +4 -0
package/skills/slack-gif-creator/templates/bounce.py +106 -0
package/skills/slack-gif-creator/templates/explode.py +331 -0
package/skills/slack-gif-creator/templates/fade.py +329 -0
package/skills/slack-gif-creator/templates/flip.py +291 -0
package/skills/slack-gif-creator/templates/kaleidoscope.py +211 -0
package/skills/slack-gif-creator/templates/morph.py +329 -0
package/skills/slack-gif-creator/templates/move.py +293 -0
package/skills/slack-gif-creator/templates/pulse.py +268 -0
package/skills/slack-gif-creator/templates/shake.py +127 -0
package/skills/slack-gif-creator/templates/slide.py +291 -0
package/skills/slack-gif-creator/templates/spin.py +269 -0
package/skills/slack-gif-creator/templates/wiggle.py +300 -0
package/skills/slack-gif-creator/templates/zoom.py +312 -0
package/skills/system-admin.md +44 -0
package/skills/tailored-resume-generator.md +345 -0
package/skills/theme-factory/SKILL.md +59 -0
package/skills/theme-factory/theme-showcase.pdf +0 -0
package/skills/theme-factory/themes/arctic-frost.md +19 -0
package/skills/theme-factory/themes/botanical-garden.md +19 -0
package/skills/theme-factory/themes/desert-rose.md +19 -0
package/skills/theme-factory/themes/forest-canopy.md +19 -0
package/skills/theme-factory/themes/golden-hour.md +19 -0
package/skills/theme-factory/themes/midnight-galaxy.md +19 -0
package/skills/theme-factory/themes/modern-minimalist.md +19 -0
package/skills/theme-factory/themes/ocean-depths.md +19 -0
package/skills/theme-factory/themes/sunset-boulevard.md +19 -0
package/skills/theme-factory/themes/tech-innovation.md +19 -0
package/skills/video-downloader.md +99 -0
package/skills/web-development.md +32 -0
package/skills/webapp-testing/SKILL.md +96 -0
package/skills/webapp-testing/examples/console_logging.py +35 -0
package/skills/webapp-testing/examples/element_discovery.py +40 -0
package/skills/webapp-testing/examples/static_html_automation.py +33 -0
package/skills/webapp-testing/scripts/with_server.py +106 -0
package/src/agents/SubAgentManager.js +134 -16
package/src/agents/systemPrompt.js +427 -0
package/src/api/openai-compat.js +212 -0
package/src/channels/TelegramChannel.js +5 -2
package/src/channels/index.js +7 -10
package/src/cli.js +281 -55
package/src/config/agentProfiles.js +1 -0
package/src/config/default.js +15 -1
package/src/config/models.js +314 -78
package/src/config/permissions.js +12 -0
package/src/core/AgentLoop.js +70 -50
package/src/core/Compaction.js +111 -11
package/src/core/MessageQueue.js +90 -0
package/src/core/Task.js +13 -0
package/src/core/TaskQueue.js +1 -1
package/src/core/TaskRunner.js +81 -6
package/src/index.js +725 -59
package/src/mcp/MCPAgentRunner.js +48 -11
package/src/mcp/MCPManager.js +40 -2
package/src/models/ModelRouter.js +74 -4
package/src/safety/DockerSandbox.js +212 -0
package/src/safety/ExecApproval.js +118 -0
package/src/scheduler/Heartbeat.js +56 -21
package/src/services/cleanup.js +106 -0
package/src/services/sessions.js +39 -1
package/src/setup/wizard.js +125 -75
package/src/skills/SkillLoader.js +132 -17
package/src/storage/TaskStore.js +19 -1
package/src/tools/browserAutomation.js +615 -104
package/src/tools/executeCommand.js +19 -1
package/src/tools/index.js +7 -1
package/src/tools/manageAgents.js +55 -4
package/src/tools/replyWithFile.js +62 -0
package/src/tools/screenCapture.js +12 -1
package/src/tools/taskManager.js +164 -0
package/src/tools/useMCP.js +3 -1
package/src/utils/Embeddings.js +236 -12
package/src/webhooks/WebhookHandler.js +107 -0
package/src/systemPrompt.js +0 -528

package/src/scheduler/Heartbeat.js CHANGED Viewed

@@ -5,12 +5,15 @@ import taskQueue from "../core/TaskQueue.js";
 import eventBus from "../core/EventBus.js";
 /**
- * Heartbeat - periodic proactive check.
+ * Heartbeat - periodic proactive agent turns.
  *
- * Reads HEARTBEAT.md for user-defined checks.
- * Every N minutes, creates a task: "Check status per HEARTBEAT.md"
- * If nothing notable → "All clear" (no notification).
- * If something needs attention → sends result to configured channel.
+ * Reads HEARTBEAT.md for user-defined instructions. Every N minutes,
+ * enqueues a heartbeat task with the HEARTBEAT.md content as prompt.
+ *
+ * Features:
+ * - Active hours: skip runs outside configurable window (default 8-22)
+ * - Duplicate suppression: skip if HEARTBEAT.md unchanged within 24h
+ * - Configurable via env vars or config
  */
 class Heartbeat {
@@ -21,11 +24,14 @@ class Heartbeat {
     this.intervalMinutes = config.heartbeatIntervalMinutes;
     this.lastCheck = null;
     this.checkCount = 0;
+    this._lastContentHash = null;
+    this._lastContentAt = 0;
+    // Active hours config (env override or defaults)
+    this.activeHourStart = parseInt(process.env.HEARTBEAT_ACTIVE_START || "8", 10);
+    this.activeHourEnd = parseInt(process.env.HEARTBEAT_ACTIVE_END || "22", 10);
   }
-  /**
-   * Start the heartbeat.
-   */
   start() {
     if (!config.daemonMode) {
       console.log(`[Heartbeat] Skipped - daemon mode not enabled`);
@@ -44,16 +50,13 @@ class Heartbeat {
     );
     console.log(
-      `[Heartbeat] Started (every ${this.intervalMinutes} minutes)`
+      `[Heartbeat] Started (every ${this.intervalMinutes}min, active ${this.activeHourStart}:00-${this.activeHourEnd}:00)`
     );
     // Run first check after 1 minute
     setTimeout(() => this.check(), 60000);
   }
-  /**
-   * Stop the heartbeat.
-   */
   stop() {
     this.running = false;
     if (this.timer) {
@@ -63,20 +66,53 @@ class Heartbeat {
     console.log(`[Heartbeat] Stopped`);
   }
-  /**
-   * Run a heartbeat check.
-   */
+  _isActiveHour() {
+    const hour = new Date().getHours();
+    return hour >= this.activeHourStart && hour < this.activeHourEnd;
+  }
+  _simpleHash(str) {
+    let hash = 0;
+    for (let i = 0; i < str.length; i++) {
+      hash = ((hash << 5) - hash + str.charCodeAt(i)) | 0;
+    }
+    return hash;
+  }
   async check() {
     if (!this.running) return;
+    // Active hours check
+    if (!this._isActiveHour()) {
+      console.log(`[Heartbeat] Outside active hours (${this.activeHourStart}:00-${this.activeHourEnd}:00) — skipping`);
+      return;
+    }
+    if (!existsSync(this.heartbeatPath)) return;
     try {
-      const instructions = readFileSync(this.heartbeatPath, "utf-8");
+      const instructions = readFileSync(this.heartbeatPath, "utf-8").trim();
+      if (!instructions) {
+        console.log(`[Heartbeat] HEARTBEAT.md is empty — skipping`);
+        return;
+      }
+      // Duplicate suppression: skip if same content within 24h
+      const contentHash = this._simpleHash(instructions);
+      const now = Date.now();
+      if (contentHash === this._lastContentHash && (now - this._lastContentAt) < 24 * 60 * 60 * 1000) {
+        console.log(`[Heartbeat] HEARTBEAT.md unchanged within 24h — skipping`);
+        return;
+      }
+      this._lastContentHash = contentHash;
+      this._lastContentAt = now;
       this.checkCount++;
       this.lastCheck = new Date().toISOString();
       console.log(`[Heartbeat] Check #${this.checkCount}...`);
-      const prompt = `You are running a periodic heartbeat check. Review the following instructions and check each item. If everything looks fine, just respond "All clear." If something needs attention, describe what you found.
+      const prompt = `[Heartbeat check #${this.checkCount}] Follow the instructions in HEARTBEAT.md. If everything looks fine, respond "All clear." If something needs attention, describe what you found and take action.
 Instructions from HEARTBEAT.md:
 ${instructions}
@@ -86,8 +122,9 @@ Current time: ${new Date().toISOString()}`;
       taskQueue.enqueue({
         input: prompt,
         channel: "heartbeat",
-        sessionId: null,
+        sessionId: "heartbeat",
         priority: 2,
+        type: "heartbeat",
       });
       eventBus.emitEvent("heartbeat:check", {
@@ -98,13 +135,11 @@ Current time: ${new Date().toISOString()}`;
     }
   }
-  /**
-   * Get stats.
-   */
   stats() {
     return {
       running: this.running,
       intervalMinutes: this.intervalMinutes,
+      activeHours: `${this.activeHourStart}:00-${this.activeHourEnd}:00`,
       lastCheck: this.lastCheck,
       checkCount: this.checkCount,
     };

package/src/services/cleanup.js ADDED Viewed

@@ -0,0 +1,106 @@
+/**
+ * cleanup.js - Data retention management.
+ *
+ * Cleans up old task files, audit logs, cost logs, and stale sub-agent sessions.
+ * Configurable via CLEANUP_AFTER_DAYS env var (default: 30, 0 = never delete).
+ */
+import { readdirSync, statSync, unlinkSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { config } from "../config/default.js";
+const CLEANUP_DAYS = parseInt(process.env.CLEANUP_AFTER_DAYS || "30", 10);
+/**
+ * Run cleanup across all data directories.
+ * @param {number} [days] - Override retention days (0 = skip)
+ * @returns {{ tasks: number, audit: number, costs: number, sessions: number, total: number }}
+ */
+export function runCleanup(days = CLEANUP_DAYS) {
+  if (days <= 0) return { tasks: 0, audit: 0, costs: 0, sessions: 0, total: 0 };
+  const cutoff = Date.now() - days * 24 * 60 * 60 * 1000;
+  const results = {
+    tasks: cleanDir(config.tasksDir, cutoff, ".json"),
+    audit: cleanDir(config.auditDir, cutoff, ".jsonl"),
+    costs: cleanDir(config.costsDir, cutoff, ".jsonl"),
+    sessions: cleanStaleSessions(cutoff),
+    total: 0,
+  };
+  results.total = results.tasks + results.audit + results.costs + results.sessions;
+  return results;
+}
+/**
+ * Delete files older than cutoff in a directory.
+ */
+function cleanDir(dirPath, cutoffMs, ext) {
+  if (!existsSync(dirPath)) return 0;
+  let deleted = 0;
+  try {
+    const files = readdirSync(dirPath).filter(f => f.endsWith(ext));
+    for (const file of files) {
+      const filePath = join(dirPath, file);
+      try {
+        const mtime = statSync(filePath).mtimeMs;
+        if (mtime < cutoffMs) {
+          unlinkSync(filePath);
+          deleted++;
+        }
+      } catch {}
+    }
+  } catch {}
+  return deleted;
+}
+/**
+ * Clean sub-agent sessions (telegram-123--coder.json) that are stale.
+ * Main user sessions (no "--") are kept regardless.
+ */
+function cleanStaleSessions(cutoffMs) {
+  if (!existsSync(config.sessionsDir)) return 0;
+  let deleted = 0;
+  try {
+    const files = readdirSync(config.sessionsDir).filter(f => f.endsWith(".json"));
+    for (const file of files) {
+      const name = file.slice(0, -5);
+      // Only clean sub-agent sessions (contain "--")
+      if (!name.includes("--")) continue;
+      const filePath = join(config.sessionsDir, file);
+      try {
+        const mtime = statSync(filePath).mtimeMs;
+        if (mtime < cutoffMs) {
+          unlinkSync(filePath);
+          deleted++;
+        }
+      } catch {}
+    }
+  } catch {}
+  return deleted;
+}
+/**
+ * Get storage stats without deleting anything.
+ */
+export function getStorageStats() {
+  return {
+    tasks: countDir(config.tasksDir, ".json"),
+    audit: countDir(config.auditDir, ".jsonl"),
+    costs: countDir(config.costsDir, ".jsonl"),
+    sessions: countDir(config.sessionsDir, ".json"),
+    retentionDays: CLEANUP_DAYS || "never",
+  };
+}
+function countDir(dirPath, ext) {
+  if (!existsSync(dirPath)) return { files: 0, sizeKB: 0 };
+  try {
+    const files = readdirSync(dirPath).filter(f => f.endsWith(ext));
+    let totalSize = 0;
+    for (const file of files) {
+      try { totalSize += statSync(join(dirPath, file)).size; } catch {}
+    }
+    return { files: files.length, sizeKB: Math.round(totalSize / 1024) };
+  } catch {
+    return { files: 0, sizeKB: 0 };
+  }
+}

package/src/services/sessions.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { v4 as uuidv4 } from "uuid";
-import { writeFileSync, readFileSync, existsSync, mkdirSync } from "fs";
+import { writeFileSync, readFileSync, existsSync, mkdirSync, readdirSync, unlinkSync } from "fs";
 import { config } from "../config/default.js";
 const SESSIONS_DIR = config.sessionsDir;
@@ -17,6 +17,7 @@ export function createSession(existingId = null) {
     messages: [],
   };
   sessions.set(sessionId, session);
+  saveSession(session);
   return session;
 }
@@ -59,6 +60,43 @@ export function setMessages(sessionId, messages) {
   return session;
 }
+/**
+ * List sub-agent session IDs. If prefix given, only returns sessions starting with `{prefix}--`.
+ */
+export function listSessions(prefix = null) {
+  try {
+    const files = readdirSync(SESSIONS_DIR).filter(f => f.endsWith(".json"));
+    let sessionIds = files.map(f => f.slice(0, -5));
+    if (prefix) {
+      // Return only sub-agent sessions for this parent
+      sessionIds = sessionIds.filter(id => id.startsWith(prefix + "--"));
+    } else {
+      // Exclude sub-agent sessions (contain "--") from top-level listing
+      sessionIds = sessionIds.filter(id => !id.includes("--"));
+    }
+    return sessionIds;
+  } catch {
+    return [];
+  }
+}
+/**
+ * Clear a session — removes messages from memory and deletes file from disk.
+ */
+export function clearSession(sessionId) {
+  let found = false;
+  if (sessions.has(sessionId)) {
+    sessions.delete(sessionId);
+    found = true;
+  }
+  const filePath = `${SESSIONS_DIR}/${sessionId}.json`;
+  if (existsSync(filePath)) {
+    unlinkSync(filePath);
+    found = true;
+  }
+  return found;
+}
 function saveSession(session) {
   const filePath = `${SESSIONS_DIR}/${session.sessionId}.json`;
   writeFileSync(filePath, JSON.stringify(session, null, 2));

package/src/setup/wizard.js CHANGED Viewed

@@ -7,7 +7,53 @@ import { banner, stepHeader, kv, summaryTable, completeBanner, t, S } from "./th
 const __dirname = dirname(fileURLToPath(import.meta.url));
 const ROOT_DIR = join(__dirname, "..", "..");
-const TOTAL_STEPS = 8;
+const TOTAL_STEPS = 9;
+const OLLAMA_EMBED_MODEL = "all-minilm";
+/**
+ * Pull all-minilm embedding model (if Ollama available) and pre-embed all skills.
+ * This runs during setup so the agent has instant skill matching from first task.
+ */
+async function setupSkillEmbeddings(provider, envConfig, spin) {
+  const { execSync } = await import("child_process");
+  const hasOllama = (() => {
+    try { execSync("ollama --version", { stdio: "ignore" }); return true; } catch { return false; }
+  })();
+  // Pull local embedding model as primary (no API key) or fallback (has API key)
+  const hasApiEmbedding = envConfig.OPENAI_API_KEY || envConfig.GOOGLE_AI_API_KEY;
+  if (hasOllama) {
+    const purpose = hasApiEmbedding ? "offline fallback" : "skill matching";
+    spin.message(`Pulling ${OLLAMA_EMBED_MODEL} for ${purpose} (22M params, ~45MB)`);
+    try {
+      execSync(`ollama pull ${OLLAMA_EMBED_MODEL}`, { stdio: "ignore", timeout: 120_000 });
+      p.log.success(`${S.check}  Embedding model ${t.bold(OLLAMA_EMBED_MODEL)} ready (${purpose})`);
+    } catch {
+      if (!hasApiEmbedding) {
+        p.log.warn(`Could not pull ${OLLAMA_EMBED_MODEL}. Skill matching will use built-in TF-IDF.`);
+      }
+    }
+  }
+  // Pre-embed all skills (works with any provider: API, Ollama, or TF-IDF)
+  spin.message("Pre-embedding skills for instant matching");
+  try {
+    // Temporarily set env vars so the embedding provider can detect them
+    if (envConfig.OPENAI_API_KEY) process.env.OPENAI_API_KEY = envConfig.OPENAI_API_KEY;
+    if (envConfig.GOOGLE_AI_API_KEY) process.env.GOOGLE_AI_API_KEY = envConfig.GOOGLE_AI_API_KEY;
+    if (provider === "ollama" || hasOllama) process.env.OLLAMA_HOST = process.env.OLLAMA_HOST || "http://localhost:11434";
+    const skillLoader = (await import("../skills/SkillLoader.js")).default;
+    skillLoader.load();
+    await skillLoader.embedSkills();
+    const count = skillLoader.list().length;
+    p.log.success(`${S.check}  ${count} skills embedded for instant matching`);
+  } catch {
+    p.log.info("Skill embedding deferred to first startup.");
+  }
+}
 function cancelled() {
   p.cancel("Setup cancelled.");
@@ -646,8 +692,25 @@ export async function runSetupWizard() {
   p.log.success(`Daemon: ${t.bold(daemonMode ? "Enabled" : "Disabled")}`);
-  // ━━━ Step 7: MCP Servers ━━━
-  stepHeader(7, TOTAL_STEPS, "MCP Tool Servers");
+  // ━━━ Step 7: Data Cleanup ━━━
+  stepHeader(7, TOTAL_STEPS, "Data Cleanup");
+  const cleanupDays = guard(await p.select({
+    message: "Auto-delete old tasks, logs & sessions after how many days?",
+    options: [
+      { value: "30",  label: "30 days",  hint: "recommended" },
+      { value: "7",   label: "7 days",   hint: "aggressive — saves most space" },
+      { value: "90",  label: "90 days",  hint: "keep 3 months of history" },
+      { value: "365", label: "1 year",   hint: "long-term retention" },
+      { value: "0",   label: "Never",    hint: "keep everything forever" },
+    ],
+  }));
+  envConfig.CLEANUP_AFTER_DAYS = cleanupDays;
+  p.log.success(`Cleanup: ${t.bold(cleanupDays === "0" ? "Never" : cleanupDays + " days")}`);
+  // ━━━ Step 8: MCP Servers ━━━
+  stepHeader(8, TOTAL_STEPS, "MCP Tool Servers");
   p.note(
     [
@@ -667,90 +730,69 @@ export async function runSetupWizard() {
     mcpConfig = { mcpServers: {} };
   }
-  // ── Preset servers ────────────────────────────────────────────────────────
+  // ── Preset servers (dynamically built from config/mcp.json) ──────────────
   p.log.info(`Press ${t.bold("space")} to select, ${t.bold("enter")} to confirm`);
+  const isPlaceholder = (v) => !v || v.startsWith("YOUR_") || v === "" || v.startsWith("${");
+  const allServers = Object.entries(mcpConfig.mcpServers || {})
+    .filter(([k]) => !k.startsWith("_comment"))
+    .map(([name, cfg]) => {
+      const envKeys = cfg.env ? Object.keys(cfg.env) : [];
+      const headerKeys = cfg.headers ? Object.keys(cfg.headers) : [];
+      const needsCreds = envKeys.some(k => isPlaceholder(cfg.env[k]))
+        || headerKeys.some(k => isPlaceholder(cfg.headers[k]));
+      const comment = mcpConfig.mcpServers[`_comment_${name}`] || "";
+      const desc = comment.replace(/^[^-]*-\s*/, "").trim();
+      const hint = desc
+        ? `${desc}${needsCreds ? " \u2014 needs credentials" : " \u2014 no key needed"}`
+        : needsCreds ? "needs credentials" : "no key needed";
+      return { value: name, label: name.charAt(0).toUpperCase() + name.slice(1).replace(/-/g, " "), hint, needsCreds, envKeys, headerKeys, cfg };
+    });
   const mcpChoices = guard(await p.multiselect({
     message: "Enable built-in MCP servers",
-    options: [
-      { value: "github",       label: "GitHub",         hint: "Repos, PRs, issues \u2014 needs token" },
-      { value: "brave-search", label: "Brave Search",   hint: "Web search \u2014 needs API key" },
-      { value: "memory",       label: "Memory",         hint: "Knowledge graph \u2014 no key needed" },
-      { value: "filesystem",   label: "Filesystem",     hint: "File access \u2014 no key needed" },
-      { value: "fetch",        label: "Web Fetch",      hint: "Page to text \u2014 no key needed" },
-      { value: "git",          label: "Git",            hint: "Repo operations \u2014 no key needed" },
-      { value: "slack",        label: "Slack",          hint: "Workspace \u2014 needs bot token" },
-      { value: "sentry",       label: "Sentry",         hint: "Error tracking \u2014 needs auth token" },
-    ],
+    options: allServers.map(({ value, label, hint }) => ({ value, label, hint })),
     required: false,
   }));
-  for (const server of mcpChoices) {
-    if (!mcpConfig.mcpServers[server]) continue;
+  for (const serverName of mcpChoices) {
+    const serverInfo = allServers.find(s => s.value === serverName);
+    if (!serverInfo || !mcpConfig.mcpServers[serverName]) continue;
-    if (server === "github") {
-      p.note(
-        [
-          "1. Go to https://github.com/settings/tokens",
-          "2. Click \"Generate new token (classic)\"",
-          "3. Select scopes: repo, read:org, read:user",
-          "4. Copy the token (starts with ghp_)",
-        ].join("\n"),
-        "Get GitHub Token"
-      );
-      const ghToken = guard(await p.password({ message: "GitHub Personal Access Token" }));
-      if (ghToken) {
-        mcpConfig.mcpServers.github.enabled = true;
-        mcpConfig.mcpServers.github.env.GITHUB_PERSONAL_ACCESS_TOKEN = ghToken;
+    if (serverInfo.needsCreds) {
+      // Dynamically prompt for each env/header credential
+      const credKeys = serverInfo.envKeys.filter(k => isPlaceholder(serverInfo.cfg.env?.[k]));
+      const headerCredKeys = serverInfo.headerKeys.filter(k => isPlaceholder(serverInfo.cfg.headers?.[k]));
+      if (credKeys.length > 0 || headerCredKeys.length > 0) {
+        p.log.info(`${t.bold(serverInfo.label)} requires ${credKeys.length + headerCredKeys.length} credential(s)`);
       }
-    } else if (server === "brave-search") {
-      p.note(
-        [
-          "1. Go to https://api.search.brave.com/register",
-          "2. Sign up and get your API key",
-          "3. Free tier: 2,000 queries/month",
-        ].join("\n"),
-        "Get Brave Search Key"
-      );
-      const braveKey = guard(await p.password({ message: "Brave Search API key" }));
-      if (braveKey) {
-        mcpConfig.mcpServers["brave-search"].enabled = true;
-        mcpConfig.mcpServers["brave-search"].env.BRAVE_API_KEY = braveKey;
+      let allFilled = true;
+      for (const key of credKeys) {
+        const val = guard(await p.password({ message: `${key} for ${serverInfo.label}` }));
+        if (val) {
+          mcpConfig.mcpServers[serverName].env[key] = val;
+        } else {
+          allFilled = false;
+        }
       }
-    } else if (server === "slack") {
-      p.note(
-        [
-          "1. Go to https://api.slack.com/apps",
-          "2. Create a new app > From scratch",
-          "3. Add Bot Token Scopes: channels:read, chat:write",
-          "4. Install to workspace, copy Bot User OAuth Token (xoxb-...)",
-          "5. Get Team ID from workspace URL or Slack settings",
-        ].join("\n"),
-        "Get Slack Token"
-      );
-      const slackToken = guard(await p.password({ message: "Slack Bot Token (xoxb-...)" }));
-      const slackTeam = guard(await p.text({ message: "Slack Team ID" }));
-      if (slackToken && mcpConfig.mcpServers.slack) {
-        mcpConfig.mcpServers.slack.enabled = true;
-        mcpConfig.mcpServers.slack.env.SLACK_BOT_TOKEN = slackToken;
-        mcpConfig.mcpServers.slack.env.SLACK_TEAM_ID = slackTeam;
+      for (const key of headerCredKeys) {
+        const val = guard(await p.password({ message: `${key} for ${serverInfo.label}` }));
+        if (val) {
+          mcpConfig.mcpServers[serverName].headers[key] = val;
+        } else {
+          allFilled = false;
+        }
       }
-    } else if (server === "sentry") {
-      p.note(
-        [
-          "1. Go to https://sentry.io/settings/auth-tokens/",
-          "2. Create a new auth token",
-          "3. Select scopes: project:read, event:read",
-        ].join("\n"),
-        "Get Sentry Token"
-      );
-      const sentryToken = guard(await p.password({ message: "Sentry Auth Token" }));
-      if (sentryToken && mcpConfig.mcpServers.sentry) {
-        mcpConfig.mcpServers.sentry.enabled = true;
-        mcpConfig.mcpServers.sentry.env.SENTRY_AUTH_TOKEN = sentryToken;
+      if (allFilled) {
+        mcpConfig.mcpServers[serverName].enabled = true;
+      } else {
+        p.log.warn(`${serverInfo.label}: missing credentials — saved but not enabled`);
       }
     } else {
-      mcpConfig.mcpServers[server].enabled = true;
+      mcpConfig.mcpServers[serverName].enabled = true;
     }
   }
@@ -962,7 +1004,7 @@ export async function runSetupWizard() {
   }
   // ━━━ Step 8: Secret Vault ━━━
-  stepHeader(8, TOTAL_STEPS, "Secret Vault");
+  stepHeader(9, TOTAL_STEPS, "Secret Vault");
   p.note(
     [
@@ -1101,6 +1143,14 @@ export async function runSetupWizard() {
     }
   }
+  // Pull embedding model & pre-embed skills
+  spin.message("Setting up skill embeddings");
+  try {
+    await setupSkillEmbeddings(provider, envConfig, spin);
+  } catch {
+    // Non-fatal — TF-IDF fallback will handle it
+  }
   spin.stop(`${S.check}  Configuration saved`);
   // ━━━ Summary ━━━