nothumanallowed 3.0.2 → 3.1.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "3.0.2",
+  "version": "3.1.1",
   "description": "NotHumanAllowed — 38 AI agents for security, code, DevOps, data & daily ops. Ask agents directly, plan your day with 5 specialist agents, manage tasks, connect Gmail + Calendar.",
   "type": "module",
   "bin": {

package/src/commands/ui.mjs

@@ -8,6 +8,7 @@
  */
 
 import http from 'http';
+import os from 'os';
 import { exec } from 'child_process';
 import fs from 'fs';
 import path from 'path';
@@ -29,7 +30,6 @@ import { info, ok, fail, warn, C, G, D, NC, BOLD } from '../ui.mjs';
 // ── Constants ──────────────────────────────────────────────────────────────
 
 const DEFAULT_PORT = 3847;
-const HOST = '127.0.0.1';
 
 // ── Chat system prompt (reused from chat.mjs) ──────────────────────────────
 
@@ -311,16 +311,20 @@ function logRequest(method, url, statusCode, durationMs) {
 // ── Server ───────────────────────────────────────────────────────────────
 
 export async function cmdUI(args) {
-  // Parse port flag
+  // Parse flags
   let port = DEFAULT_PORT;
   let noBrowser = false;
+  let lanMode = false;
   for (const arg of args) {
     if (arg.startsWith('--port=')) {
       port = parseInt(arg.split('=')[1], 10) || DEFAULT_PORT;
     } else if (arg === '--no-browser') {
       noBrowser = true;
+    } else if (arg === '--lan') {
+      lanMode = true;
     }
   }
+  const HOST = lanMode ? '0.0.0.0' : '127.0.0.1';
 
   const config = loadConfig();
   const htmlPage = getHTML(port);
@@ -367,6 +371,25 @@ export async function cmdUI(args) {
         return;
       }
 
+      // ── PWA Manifest ────────────────────────────────────────────────
+      if (pathname === '/manifest.json') {
+        sendJSON(res, 200, {
+          name: 'NHA — Operations Console',
+          short_name: 'NHA',
+          description: '38 AI agents for daily ops. Email, calendar, tasks, security.',
+          start_url: '/',
+          display: 'standalone',
+          background_color: '#0a0a0a',
+          theme_color: '#0a0a0a',
+          icons: [
+            { src: 'https://nothumanallowed.com/icon-192x192.png', sizes: '192x192', type: 'image/png' },
+            { src: 'https://nothumanallowed.com/icon-512x512.png', sizes: '512x512', type: 'image/png' },
+          ],
+        });
+        logRequest(method, pathname, 200, Date.now() - start);
+        return;
+      }
+
       // ── Favicon (no-content) ──────────────────────────────────────────
       if (pathname === '/favicon.ico') {
         res.writeHead(204);
@@ -597,22 +620,45 @@ export async function cmdUI(args) {
   });
 
   server.listen(port, HOST, () => {
-    const url = `http://${HOST}:${port}`;
+    const localUrl = `http://127.0.0.1:${port}`;
+
+    // Get LAN IP for mobile access
+    let lanUrl = '';
+    if (lanMode) {
+      const nets = os.networkInterfaces();
+      for (const name of Object.keys(nets)) {
+        for (const net of nets[name]) {
+          if (net.family === 'IPv4' && !net.internal) {
+            lanUrl = `http://${net.address}:${port}`;
+            break;
+          }
+        }
+        if (lanUrl) break;
+      }
+    }
 
     console.log('');
     console.log(`  ${BOLD}${C}NHA Local Operations Console${NC}`);
     console.log(`  ${D}Zero-dependency web interface for your daily ops${NC}`);
     console.log('');
-    console.log(`  ${G}Server running at:${NC}  ${url}`);
+    console.log(`  ${G}Local:${NC}              ${localUrl}`);
+    if (lanUrl) {
+      console.log(`  ${G}Network:${NC}            ${lanUrl}  ${D}(mobile/tablet)${NC}`);
+    }
     console.log(`  ${D}Provider:${NC}           ${config.llm.provider || 'not set'}`);
     console.log(`  ${D}API Key:${NC}            ${config.llm.apiKey ? config.llm.apiKey.slice(0, 12) + '...' : '\x1b[0;31mnot set\x1b[0m'}`);
     console.log(`  ${D}Agents loaded:${NC}      ${agentCards.length}`);
     console.log('');
+    if (lanUrl) {
+      console.log(`  ${D}Open ${lanUrl} on your phone to use NHA from mobile.${NC}`);
+    } else {
+      console.log(`  ${D}Tip: use --lan to access from phone/tablet on same WiFi.${NC}`);
+    }
     console.log(`  ${D}Press Ctrl+C to stop${NC}`);
     console.log('');
 
     if (!noBrowser) {
-      openBrowser(url);
+      openBrowser(localUrl);
     }
   });
 

package/src/constants.mjs

@@ -1,7 +1,7 @@
 import os from 'os';
 import path from 'path';
 
-export const VERSION = '3.0.0';
+export const VERSION = '3.1.0';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/services/ops-pipeline.mjs

@@ -99,7 +99,7 @@ export async function runPlanningPipeline(config, opts = {}) {
   if (emails.length > 0) {
     parallelPromises.push(
       callAgent(config, 'saber',
-        `Scan these emails for security threats. For each email, classify as SAFE or FLAGGED with reason.\n\nEMAILS:\n${emailContext}\n\nRespond with a JSON object: { "safe": [indices], "flagged": [{ "index": N, "reason": "..." }], "risk_notes": ["..."] }`,
+        `Analyze these emails for REAL security threats. Be smart — distinguish between:\n- LEGITIMATE notifications (Google login alerts from the user's own devices, npm publish confirmations, GitHub 2FA, password change confirmations the user initiated) → these are SAFE\n- ACTUAL threats (phishing links, spoofed senders, social engineering, urgent money requests, unknown login locations, credential harvesting) → these are FLAGGED\n\nDo NOT flag routine service notifications as threats. Only flag emails that require the user's immediate security attention.\n\nEMAILS:\n${emailContext}\n\nRespond with a JSON object: { "safe": [indices], "flagged": [{ "index": N, "reason": "..." }], "risk_notes": ["..."] }`,
       ).then(r => { agentResults.saber = r; ok('SABER: Email security scan complete'); })
        .catch(e => { warn(`SABER failed: ${e.message}`); agentResults.saber = '{"safe":[],"flagged":[],"risk_notes":["scan failed"]}'; })
     );
@@ -141,7 +141,13 @@ export async function runPlanningPipeline(config, opts = {}) {
   // ── Phase 6: CONDUCTOR — Synthesize daily plan ─────────────────────────
   info('Phase 6: CONDUCTOR synthesizing daily plan...');
 
-  const conductorPrompt = `You are the NHA Daily Planner. Synthesize intelligence from 4 specialist agents into a structured daily plan.
+  const conductorPrompt = `You are the NHA Daily Planner. Synthesize intelligence from 4 specialist agents into a structured, practical daily plan.
+
+IMPORTANT GUIDELINES:
+- Be PRACTICAL, not alarmist. Routine notifications (Google login alerts from your own devices, npm publish confirmations, GitHub security notices) are NOT security incidents.
+- Only escalate to "security_alerts" if there is a GENUINE, actionable threat (unknown logins from strange locations, actual phishing, credential leaks).
+- Focus on making the user's day productive, not on creating false urgency.
+- Suggest realistic time blocks based on the actual task complexity.
 
 AGENT REPORTS:
 ${agentResults.saber ? `\n[SABER — Security Scan]\n${agentResults.saber}` : ''}

package/src/services/web-ui.mjs

@@ -9,7 +9,13 @@ export function getHTML(port) {
 <html lang="en">
 <head>
 <meta charset="utf-8">
-<meta name="viewport" content="width=device-width,initial-scale=1">
+<meta name="viewport" content="width=device-width,initial-scale=1,viewport-fit=cover">
+<meta name="mobile-web-app-capable" content="yes">
+<meta name="apple-mobile-web-app-capable" content="yes">
+<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
+<meta name="apple-mobile-web-app-title" content="NHA">
+<meta name="theme-color" content="#0a0a0a">
+<link rel="manifest" href="/manifest.json">
 <title>NHA — Local Operations Console</title>
 <style>
 *,*::before,*::after{box-sizing:border-box;margin:0;padding:0}
@@ -64,8 +70,8 @@ input:focus,textarea:focus{border-color:var(--green3)}
 .dash-section h2{font-size:13px;color:var(--cyan);margin-bottom:12px;text-transform:uppercase;letter-spacing:1px}
 
 /* Chat */
-#chat-view{display:flex;flex-direction:column;height:100%;overflow:hidden}
-#chat-messages{flex:1;overflow-y:auto;padding:0 0 12px 0}
+#chat-view{display:flex;flex-direction:column;height:calc(100vh - 52px);overflow:hidden}
+#chat-messages{flex:1;overflow-y:auto;padding:0 0 12px 0;-webkit-overflow-scrolling:touch}
 .msg{margin-bottom:12px;display:flex;gap:10px}
 .msg-user .msg-bubble{background:var(--bg3);border:1px solid var(--borderbright);border-radius:8px 8px 2px 8px;padding:10px 14px;max-width:80%;margin-left:auto;color:var(--textbright)}
 .msg-assistant .msg-bubble{background:var(--greendim);border:1px solid var(--green3);border-radius:8px 8px 8px 2px;padding:10px 14px;max-width:85%;color:var(--text);white-space:pre-wrap;word-wrap:break-word}
@@ -179,9 +185,11 @@ input:focus,textarea:focus{border-color:var(--green3)}
 /* Mobile */
 #mobile-toggle{display:none;background:none;color:var(--green);font-size:20px;padding:4px 8px}
 @media(max-width:768px){
-  #sidebar{position:fixed;left:-260px;top:0;height:100%;z-index:100;transition:left .25s;width:260px}
+  #sidebar{position:fixed;left:-260px;top:0;height:100%;z-index:100;transition:left .25s;width:260px;box-shadow:4px 0 20px rgba(0,0,0,0.8)}
   #sidebar.open{left:0}
+  #sidebar.open~#main #content::before{content:'';position:fixed;inset:52px 0 0 0;background:rgba(0,0,0,0.6);z-index:50}
   #mobile-toggle{display:block}
+  #content{padding:12px}
   .dash-grid{grid-template-columns:1fr}
   .agents-grid{grid-template-columns:repeat(auto-fill,minmax(150px,1fr))}
   .msg-user .msg-bubble,.msg-assistant .msg-bubble{max-width:95%}
@@ -281,6 +289,13 @@ function switchView(view) {
 function toggleSidebar() {
   document.getElementById('sidebar').classList.toggle('open');
 }
+// Close sidebar when tapping outside on mobile
+document.getElementById('main').addEventListener('click', (e) => {
+  const sidebar = document.getElementById('sidebar');
+  if (sidebar.classList.contains('open')) {
+    sidebar.classList.remove('open');
+  }
+});
 
 // ── Clock ──────────────────────────────────────────────────────────────────
 function updateClock() {
@@ -773,18 +788,20 @@ document.getElementById('agent-modal').addEventListener('click', e => {
 
 // ── Init ───────────────────────────────────────────────────────────────────
 async function init() {
+  // Show loading immediately
+  const el = document.getElementById('content');
+  if (el) el.innerHTML = '<div style="display:flex;align-items:center;justify-content:center;height:60vh;flex-direction:column"><div class="spinner"></div><div style="color:var(--textdim);margin-top:12px">Loading dashboard...</div></div>';
+
   try {
     await loadDashboard();
   } catch (e) {
     console.error('Dashboard load error:', e);
   }
-  try {
-    loadPlan().catch(e => console.error('Plan load error:', e));
-    loadAgents().catch(e => console.error('Agents load error:', e));
-  } catch (e) {
-    console.error('Init error:', e);
-  }
   renderView();
+  try {
+    loadPlan().catch(()=>{});
+    loadAgents().catch(()=>{});
+  } catch {}
   // Auto-refresh every 2 minutes
   setInterval(() => loadDashboard().then(() => { if (currentView === 'dashboard') renderView(); }).catch(()=>{}), 120000);
 }