skimpyclaw 0.3.9 → 0.3.14

package/dist/tools/bash-tool.js

@@ -9,14 +9,24 @@ const SENSITIVE_ENV_PATTERNS = [
     /^ANTHROPIC_/i, /^OPENAI_/i, /^CLAUDE/i, /^CODEX_/i, /^MINIMAX_/i,
     /^KIMI_/i, /^TOGETHER_/i, /^GROQ_/i, /^OPENROUTER_/i,
 ];
+/** Env vars that match SENSITIVE_ENV_PATTERNS but should be kept (e.g. tool auth). */
+const SENSITIVE_ENV_ALLOWLIST = new Set(['GH_TOKEN']);
+/** Common tool paths that may be missing when launched as a service/daemon. */
+const EXTRA_PATH_DIRS = ['/opt/homebrew/bin', '/opt/homebrew/sbin', '/usr/local/bin'];
 /** Create a sanitized copy of process.env with secrets stripped. */
 function sanitizeEnv() {
     const env = { ...process.env };
     for (const key of Object.keys(env)) {
-        if (SENSITIVE_ENV_PATTERNS.some(p => p.test(key))) {
+        if (!SENSITIVE_ENV_ALLOWLIST.has(key) && SENSITIVE_ENV_PATTERNS.some(p => p.test(key))) {
             delete env[key];
         }
     }
+    // Ensure common tool directories are in PATH (daemon/service launches often have a minimal PATH)
+    const currentPath = env.PATH || '';
+    const missing = EXTRA_PATH_DIRS.filter(d => !currentPath.includes(d));
+    if (missing.length > 0) {
+        env.PATH = `${currentPath}:${missing.join(':')}`;
+    }
     return env;
 }
 export async function executeBash(command, cwd, config, context) {

package/dist/tools/definitions.d.ts

@@ -154,6 +154,35 @@ export declare const BROWSER_TOOL_DEFINITION: {
         required: string[];
     };
 };
+export declare const FETCH_TOOL_DEFINITION: {
+    name: string;
+    description: string;
+    input_schema: {
+        type: "object";
+        properties: {
+            url: {
+                type: string;
+                description: string;
+            };
+            method: {
+                type: string;
+                description: string;
+            };
+            headers: {
+                type: "object";
+                description: string;
+                additionalProperties: {
+                    type: string;
+                };
+            };
+            body: {
+                type: string;
+                description: string;
+            };
+        };
+        required: string[];
+    };
+};
 export declare const TOOL_DEFINITIONS: ({
     name: string;
     description: string;
@@ -304,6 +333,34 @@ export declare const TOOL_DEFINITIONS: ({
         };
         required: string[];
     };
+} | {
+    name: string;
+    description: string;
+    input_schema: {
+        type: "object";
+        properties: {
+            url: {
+                type: string;
+                description: string;
+            };
+            method: {
+                type: string;
+                description: string;
+            };
+            headers: {
+                type: "object";
+                description: string;
+                additionalProperties: {
+                    type: string;
+                };
+            };
+            body: {
+                type: string;
+                description: string;
+            };
+        };
+        required: string[];
+    };
 })[];
 export declare const CODE_WITH_AGENT_TOOL: {
     name: string;

package/dist/tools/definitions.js

@@ -110,8 +110,26 @@ export const BROWSER_TOOL_DEFINITION = {
         required: ['action'],
     },
 };
+export const FETCH_TOOL_DEFINITION = {
+    name: 'Fetch',
+    description: 'Make an HTTP request and return the response. HTML is auto-converted to plain text. Use for APIs, web search (e.g. https://duckduckgo.com/html/?q=your+query), or fetching page content. Prefer over Browser for simple requests.',
+    input_schema: {
+        type: 'object',
+        properties: {
+            url: { type: 'string', description: 'URL to fetch' },
+            method: { type: 'string', description: 'HTTP method (GET, POST, PUT, DELETE, PATCH). Default: GET' },
+            headers: {
+                type: 'object',
+                description: 'Request headers (e.g. {"Authorization": "Bearer ..."})',
+                additionalProperties: { type: 'string' },
+            },
+            body: { type: 'string', description: 'Request body (for POST/PUT/PATCH)' },
+        },
+        required: ['url'],
+    },
+};
 // Legacy export for backward compat — static list (built-ins + browser + no MCP)
-export const TOOL_DEFINITIONS = [...BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION];
+export const TOOL_DEFINITIONS = [...BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, FETCH_TOOL_DEFINITION];
 export const CODE_WITH_AGENT_TOOL = {
     name: 'code_with_agent',
     description: 'Delegate a coding task to a coding agent CLI (Claude Code or Codex). The agent will edit files, run commands, and return results. Always use this for code changes instead of writing code directly.',

package/dist/tools/fetch-tool.d.ts

@@ -0,0 +1,8 @@
+import type { ToolConfig } from '../types.js';
+export interface FetchInput {
+    url: string;
+    method?: string;
+    headers?: Record<string, string>;
+    body?: string;
+}
+export declare function executeFetch(input: FetchInput, _config: ToolConfig): Promise<string>;

package/dist/tools/fetch-tool.js

@@ -0,0 +1,80 @@
+// Fetch tool — lightweight HTTP requests and web search without browser overhead
+const MAX_RESPONSE_CHARS = 50_000;
+const TIMEOUT_MS = 30_000;
+/**
+ * Strip HTML tags and decode common entities. Returns plain text.
+ */
+function htmlToText(html) {
+    return html
+        // Remove script/style blocks
+        .replace(/<script[\s\S]*?<\/script>/gi, '')
+        .replace(/<style[\s\S]*?<\/style>/gi, '')
+        // Convert block elements to newlines
+        .replace(/<\/(p|div|h[1-6]|li|tr|br\s*\/?)>/gi, '\n')
+        .replace(/<br\s*\/?>/gi, '\n')
+        // Remove remaining tags
+        .replace(/<[^>]+>/g, '')
+        // Decode common entities
+        .replace(/&amp;/g, '&')
+        .replace(/&lt;/g, '<')
+        .replace(/&gt;/g, '>')
+        .replace(/&quot;/g, '"')
+        .replace(/&#39;/g, "'")
+        .replace(/&nbsp;/g, ' ')
+        // Collapse whitespace
+        .replace(/[ \t]+/g, ' ')
+        .replace(/\n{3,}/g, '\n\n')
+        .trim();
+}
+export async function executeFetch(input, _config) {
+    const { url, method = 'GET', headers = {}, body } = input;
+    if (!url)
+        return 'Error: url is required';
+    try {
+        new URL(url);
+    }
+    catch {
+        return `Error: Invalid URL: ${url}`;
+    }
+    try {
+        const defaultHeaders = {
+            'User-Agent': 'SkimpyClaw/1.0',
+        };
+        const response = await fetch(url, {
+            method: method.toUpperCase(),
+            headers: { ...defaultHeaders, ...headers },
+            body: body || undefined,
+            signal: AbortSignal.timeout(TIMEOUT_MS),
+            redirect: 'follow',
+        });
+        const status = `${response.status} ${response.statusText}`;
+        const contentType = response.headers.get('content-type') || '';
+        let responseBody;
+        if (contentType.includes('json')) {
+            const text = await response.text();
+            try {
+                responseBody = JSON.stringify(JSON.parse(text), null, 2);
+            }
+            catch {
+                responseBody = text;
+            }
+        }
+        else if (contentType.includes('html')) {
+            const html = await response.text();
+            responseBody = htmlToText(html);
+        }
+        else {
+            responseBody = await response.text();
+        }
+        if (responseBody.length > MAX_RESPONSE_CHARS) {
+            responseBody = responseBody.slice(0, MAX_RESPONSE_CHARS) + `\n\n[Truncated: ${responseBody.length} chars total]`;
+        }
+        return `HTTP ${status}\n\n${responseBody}`;
+    }
+    catch (err) {
+        if (err instanceof Error && err.name === 'TimeoutError') {
+            return `Error: Request timed out after ${TIMEOUT_MS / 1000}s`;
+        }
+        return `Error: ${err instanceof Error ? err.message : String(err)}`;
+    }
+}

package/dist/tools.d.ts

@@ -1,13 +1,15 @@
 import type { ToolConfig } from './types.js';
-import { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL } from './tools/definitions.js';
+import { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, FETCH_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL } from './tools/definitions.js';
 import type { ExecuteToolContext } from './tools/execute-context.js';
 import { cleanupBrowser } from './tools/browser-tool.js';
 export { getActiveCodeAgents, getRecentCodeAgents, getAllCodeAgents, getCodeAgent, cancelCodeAgent, restoreCodeAgentTasks, setCodeAgentConfig, computeWaves, decomposeTask, synthesizeResults, runValidation, runCodeAgentBackground, buildCodeAgentArgs, readTeamState, parseStreamJsonForLive, } from './code-agents/index.js';
-export { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, cleanupBrowser, };
+export { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, FETCH_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, cleanupBrowser, };
 export type { ExecuteToolContext };
 export type { CodeAgentTask, DecomposedSubtask } from './code-agents/index.js';
 export declare function discoverMcpTools(): Promise<any[]>;
 export declare function clearMcpToolCache(): void;
+/** Force-reconnect the MCP runtime (clears cached runtime and tool discovery). */
+export declare function reconnectMcp(): Promise<void>;
 /**
  * Get all available tool definitions: built-ins + browser (if enabled) + MCP (auto-discovered) + agent tools.
  * This is the primary way to get tools — replaces the static TOOL_DEFINITIONS export.

package/dist/tools.js

@@ -1,12 +1,14 @@
 // Tool definitions and executors for Anthropic API tool_use
+import { readFileSync, existsSync } from 'fs';
 import { join, resolve } from 'path';
 import { homedir } from 'os';
 import { TTLCache } from './cache.js';
 import { toErrorMessage } from './utils.js';
-import { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, } from './tools/definitions.js';
+import { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, FETCH_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, } from './tools/definitions.js';
 import { executeReadFile, executeWriteFileLocked, executeListDirectory } from './tools/file-tools.js';
 import { executeBash } from './tools/bash-tool.js';
 import { executeBrowser, cleanupBrowser } from './tools/browser-tool.js';
+import { executeFetch } from './tools/fetch-tool.js';
 import { ensureContainer, SANDBOX_DEFAULTS, translatePath, validateMountPaths } from './sandbox/index.js';
 import { sandboxBash, sandboxReadFile, sandboxWriteFile, sandboxListDir, sandboxGlob } from './sandbox/index.js';
 import { isBashCommandSafe } from './security.js';
@@ -26,7 +28,7 @@ buildCodeAgentArgs, readTeamState,
 // Parsers
 parseStreamJsonForLive, } from './code-agents/index.js';
 // Re-export from definitions
-export { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, cleanupBrowser, };
+export { fromClaudeCodeName, toClaudeCodeName, BUILTIN_TOOL_DEFINITIONS, BROWSER_TOOL_DEFINITION, FETCH_TOOL_DEFINITION, TOOL_DEFINITIONS, CODE_WITH_AGENT_TOOL, CODE_WITH_TEAM_TOOL, CHECK_CODE_AGENT_TOOL, cleanupBrowser, };
 // --- MCP (mcporter) ---
 let mcpRuntime = null;
 async function getMcpRuntime() {
@@ -46,6 +48,32 @@ function sanitizeToolName(name) {
 }
 // Maps sanitized tool name → { server (original), tool (original) } for routing
 const mcpToolNameMap = new Map();
+/**
+ * Fallback tool definitions for MCP servers that don't support tools/list.
+ * Loaded from ~/.skimpyclaw/mcp-fallbacks.json if it exists.
+ *
+ * Format: { "<server-name>": [ { name, description, input_schema } ] }
+ */
+let mcpFallbackCache = null;
+function getMcpFallbackTools(server) {
+    if (!mcpFallbackCache) {
+        const fallbackPath = join(homedir(), '.skimpyclaw', 'mcp-fallbacks.json');
+        try {
+            if (existsSync(fallbackPath)) {
+                mcpFallbackCache = JSON.parse(readFileSync(fallbackPath, 'utf-8'));
+                console.log(`[mcp] Loaded fallback tools from ${fallbackPath}`);
+            }
+            else {
+                mcpFallbackCache = {};
+            }
+        }
+        catch (err) {
+            console.warn('[mcp] Failed to load mcp-fallbacks.json:', err instanceof Error ? err.message : err);
+            mcpFallbackCache = {};
+        }
+    }
+    return mcpFallbackCache[server] || [];
+}
 export async function discoverMcpTools() {
     if (discoveredMcpTools !== null)
         return discoveredMcpTools;
@@ -72,6 +100,18 @@ export async function discoverMcpTools() {
             }
             catch (err) {
                 console.warn(`[mcp] Failed to list tools for server "${server}":`, err instanceof Error ? err.message : err);
+                // Fallback: register well-known tools for servers that don't support tools/list
+                const fallbackTools = getMcpFallbackTools(server);
+                if (fallbackTools.length > 0) {
+                    const sanitizedServer = sanitizeToolName(server);
+                    for (const ft of fallbackTools) {
+                        const sanitizedTool = sanitizeToolName(ft.name);
+                        const name = `mcp__${sanitizedServer}__${sanitizedTool}`;
+                        mcpToolNameMap.set(name, { server, tool: ft.name });
+                        tools.push({ name, description: ft.description, input_schema: ft.input_schema });
+                    }
+                    console.log(`[mcp] Registered ${fallbackTools.length} fallback tools for "${server}"`);
+                }
             }
         }
     }
@@ -85,6 +125,26 @@ export function clearMcpToolCache() {
     discoveredMcpTools = null;
 }
 const toolDefsCache = new TTLCache(60_000);
+/** Force-reconnect the MCP runtime (clears cached runtime and tool discovery). */
+export async function reconnectMcp() {
+    console.log('[mcp] Reconnecting...');
+    if (mcpRuntime) {
+        await mcpRuntime.close().catch(() => { });
+        mcpRuntime = null;
+    }
+    discoveredMcpTools = null;
+    mcpToolNameMap.clear();
+    mcpFallbackCache = null;
+    toolDefsCache.clear();
+    try {
+        await getMcpRuntime();
+        const tools = await discoverMcpTools();
+        console.log(`[mcp] Reconnected — ${tools.length} tools discovered`);
+    }
+    catch (err) {
+        console.error('[mcp] Reconnect failed:', err instanceof Error ? err.message : err);
+    }
+}
 /** Inject project names into a tool's workdir description, or return the tool unchanged. */
 function injectProjects(tool, projects) {
     if (!projects || Object.keys(projects).length === 0)
@@ -126,7 +186,9 @@ export async function getToolDefinitions(config, options) {
     if (cached)
         return cached;
     const tools = [...BUILTIN_TOOL_DEFINITIONS];
-    // Minimal profile: only the 4 built-in tools (Read, Write, Glob, Bash).
+    // Fetch is always available (lightweight HTTP, no dependencies)
+    tools.push(FETCH_TOOL_DEFINITION);
+    // Minimal profile: built-in tools + fetch.
     // Used by orchestrator decompose/synthesize calls.
     if (profile === 'minimal') {
         toolDefsCache.set(cacheKey, tools);
@@ -166,75 +228,49 @@ export function clearToolDefsCache() {
     toolDefsCache.clear();
 }
 // --- MCP Tool Execution (generic) ---
-async function executeMcpToolGeneric(fullName, args) {
-    // Look up original server/tool names from the sanitized name map
-    const mapping = mcpToolNameMap.get(fullName);
-    if (!mapping) {
-        // Fallback: parse from the name directly (works when names don't need sanitizing)
-        const parts = fullName.split('__');
-        if (parts.length < 3)
-            return `Error: Invalid MCP tool name "${fullName}"`;
-        const server = parts[1];
-        const toolName = parts.slice(2).join('__');
-        const runtime = await getMcpRuntime();
-        const result = await runtime.callTool(server, toolName, { args });
-        const content = result?.content;
-        if (Array.isArray(content)) {
-            return content.map((c) => c.text || JSON.stringify(c)).join('\n');
-        }
-        return JSON.stringify(result);
-    }
+async function callMcpTool(server, tool, args) {
     const runtime = await getMcpRuntime();
-    const result = await runtime.callTool(mapping.server, mapping.tool, { args });
+    const result = await runtime.callTool(server, tool, { args });
     const content = result?.content;
     if (Array.isArray(content)) {
         return content.map((c) => c.text || JSON.stringify(c)).join('\n');
     }
     return JSON.stringify(result);
 }
-export async function cleanupMcp() {
-    if (mcpRuntime) {
-        await mcpRuntime.close().catch(() => { });
-        mcpRuntime = null;
-    }
-}
-async function executeWebSearch(query) {
-    const q = query.trim();
-    if (!q)
-        return 'Error: $web_search requires a non-empty query';
-    const url = `https://api.duckduckgo.com/?q=${encodeURIComponent(q)}&format=json&no_redirect=1&no_html=1&skip_disambig=1`;
-    const res = await fetch(url, { signal: AbortSignal.timeout(8000) });
-    if (!res.ok) {
-        return `Error: web search failed (${res.status} ${res.statusText})`;
+async function executeMcpToolGeneric(fullName, args) {
+    const mapping = mcpToolNameMap.get(fullName);
+    let server;
+    let toolName;
+    if (mapping) {
+        server = mapping.server;
+        toolName = mapping.tool;
     }
-    const data = await res.json();
-    const lines = [];
-    if (data.AbstractText) {
-        lines.push(`Summary: ${data.AbstractText}`);
-        if (data.AbstractURL) {
-            lines.push(`Source: ${data.AbstractURL}`);
-        }
+    else {
+        const parts = fullName.split('__');
+        if (parts.length < 3)
+            return `Error: Invalid MCP tool name "${fullName}"`;
+        server = parts[1];
+        toolName = parts.slice(2).join('__');
     }
-    const related = [];
-    for (const item of data.RelatedTopics || []) {
-        if ('Topics' in item && Array.isArray(item.Topics)) {
-            related.push(...item.Topics);
-        }
-        else {
-            related.push(item);
-        }
+    try {
+        return await callMcpTool(server, toolName, args);
     }
-    const top = related.filter((item) => item.Text && item.FirstURL).slice(0, 5);
-    if (top.length > 0) {
-        lines.push('Top results:');
-        for (const item of top) {
-            lines.push(`- ${item.Text}\n  ${item.FirstURL}`);
+    catch (err) {
+        const msg = err instanceof Error ? err.message : String(err);
+        // Retry once on connection/session errors
+        if (msg.includes('session') || msg.includes('Session') || msg.includes('ECONNR') || msg.includes('EPIPE') || msg.includes('closed') || msg.includes('disconnected')) {
+            console.warn(`[mcp] Tool call failed (${msg}), reconnecting and retrying...`);
+            await reconnectMcp();
+            return await callMcpTool(server, toolName, args);
         }
+        throw err;
     }
-    if (lines.length === 0) {
-        return `No web results found for: ${q}`;
+}
+export async function cleanupMcp() {
+    if (mcpRuntime) {
+        await mcpRuntime.close().catch(() => { });
+        mcpRuntime = null;
     }
-    return lines.join('\n');
 }
 // --- Tool Executor ---
 export async function executeTool(name, input, config, context) {
@@ -324,12 +360,21 @@ export async function executeTool(name, input, config, context) {
                 switch (normalized) {
                     case 'bash': {
                         const translatedCmd = translateBashPaths(input.command);
-                        // Apply hard safety blocks and exec-approval inside sandbox.
-                        // The sandbox provides filesystem isolation but not command-level policy.
+                        // Apply hard safety blocks inside sandbox.
+                        // Sandbox provides filesystem isolation, so opaque script execution
+                        // (heredocs, -c, -e) is safe — only require approval for truly
+                        // destructive patterns (rm -rf, dd, mkfs, etc.).
                         if (!isBashCommandSafe(translatedCmd)) {
                             return 'Error: Command blocked by safety filter.';
                         }
                         const classification = classifyCommandRisk(translatedCmd);
+                        // Downgrade opaque-script classifications in sandbox — the isolation
+                        // already handles the risk that inline code poses on the host.
+                        if (classification.tier >= 2 && (classification.reason === 'Inline heredoc script execution' ||
+                            classification.reason === 'Inline interpreter code execution')) {
+                            classification.tier = 0;
+                            classification.reason = `${classification.reason} (sandboxed — auto-approved)`;
+                        }
                         const approvalConfig = config.execApproval;
                         if (requiresApproval(classification, approvalConfig)) {
                             const isUnattended = context?.channel === 'subagent' ||
@@ -372,7 +417,8 @@ export async function executeTool(name, input, config, context) {
             case '$web_search':
             case 'web_search':
             case 'websearch':
-                return await executeWebSearch(input.query || input.q || input.text || '');
+                // Legacy: redirect to Fetch with DuckDuckGo HTML search
+                return await executeFetch({ url: `https://duckduckgo.com/html/?q=${encodeURIComponent(input.query || input.q || input.text || '')}` }, config);
             case 'read_file':
                 return executeReadFile(input.file_path || input.path, config);
             case 'write_file':
@@ -383,6 +429,8 @@ export async function executeTool(name, input, config, context) {
                 return await executeBash(input.command, input.cwd, config, context);
             case 'browser':
                 return await executeBrowser(input, config);
+            case 'fetch':
+                return await executeFetch(input, config);
             default:
                 return `Error: Unknown tool "${name}"`;
         }

package/dist/types.d.ts

@@ -25,6 +25,9 @@ export interface VoiceConfig {
     channels?: Record<string, VoiceChannelConfig>;
 }
 export interface Config {
+    /** Global allowed paths. Channels, cron, and heartbeat inherit these
+     *  unless they specify their own tools.allowedPaths override. */
+    allowedPaths?: string[];
     gateway: {
         port: number;
         host?: string;
@@ -149,6 +152,7 @@ export interface SandboxConfig {
     memory?: string;
     network?: string;
     idleTimeoutMs?: number;
+    env?: Record<string, string>;
 }
 export interface ToolConfig {
     enabled: boolean;
@@ -160,6 +164,7 @@ export interface ToolConfig {
     contextManagement?: {
         enabled?: boolean;
         maxContextTokens?: number;
+        compactionModel?: string;
     };
     browser?: {
         enabled?: boolean;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "skimpyclaw",
-  "version": "0.3.9",
-  "description": "Lightweight personal AI assistant with Telegram and Discord integration",
+  "version": "0.3.14",
+  "description": "A lobster in a bikini",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -16,31 +16,11 @@
     "README.md",
     "LICENSE"
   ],
-  "scripts": {
-    "cli": "tsx src/cli.ts",
-    "start": "tsx src/index.ts",
-    "dev": "tsx watch src/index.ts",
-    "dashboard:dev": "pnpm --dir web/dashboard dev",
-    "dashboard:build": "pnpm --dir web/dashboard install --frozen-lockfile && pnpm --dir web/dashboard build",
-    "docs:dev": "pnpm --dir docs dev",
-    "docs:build": "pnpm --dir docs install --frozen-lockfile && pnpm --dir docs build",
-    "docs:preview": "pnpm --dir docs preview",
-    "setup": "tsx src/setup.ts",
-    "onboard": "tsx src/cli.ts onboard",
-    "build": "tsc && pnpm dashboard:build",
-    "release:check": "pnpm build && pnpm test",
-    "release:local": "bash ./scripts/release.sh",
-    "lint": "eslint \"src/**/*.ts\"",
-    "typecheck": "tsc --noEmit",
-    "test": "vitest run",
-    "ci": "pnpm run lint && pnpm run typecheck && pnpm run test"
-  },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.52.0",
     "@grammyjs/runner": "^2.0.3",
     "@langfuse/otel": "^4.5.1",
     "@langfuse/tracing": "^4.5.1",
-    "@mariozechner/pi-ai": "^0.51.6",
     "@opentelemetry/api": "^1.9.0",
     "@opentelemetry/core": "^2.0.1",
     "@opentelemetry/exporter-trace-otlp-http": "^0.202.0",
@@ -49,18 +29,13 @@
     "croner": "^8.0.0",
     "discord.js": "^14.25.1",
     "dotenv": "^16.4.0",
-    "fastify": "^4.26.0",
+    "fastify": "^5.7.2",
     "grammy": "^1.21.1",
     "gray-matter": "^4.0.3",
     "mcporter": "^0.7.3",
     "openai": "^4.47.0",
     "playwright": "^1.49.0"
   },
-  "pnpm": {
-    "onlyBuiltDependencies": [
-      "esbuild"
-    ]
-  },
   "devDependencies": {
     "@eslint/js": "^9.39.2",
     "@types/node": "^20.11.0",
@@ -70,5 +45,24 @@
     "typescript": "^5.4.0",
     "typescript-eslint": "^8.54.0",
     "vitest": "^4.0.18"
+  },
+  "scripts": {
+    "cli": "tsx src/cli.ts",
+    "start": "tsx src/index.ts",
+    "dev": "tsx watch src/index.ts",
+    "dashboard:dev": "pnpm --dir web/dashboard dev",
+    "dashboard:build": "pnpm --dir web/dashboard install --frozen-lockfile && pnpm --dir web/dashboard build",
+    "docs:dev": "pnpm --dir docs dev",
+    "docs:build": "pnpm --dir docs install --frozen-lockfile && pnpm --dir docs build",
+    "docs:preview": "pnpm --dir docs preview",
+    "setup": "tsx src/setup.ts",
+    "onboard": "tsx src/cli.ts onboard",
+    "build": "tsc && pnpm dashboard:build",
+    "release:check": "pnpm build && pnpm test",
+    "release:local": "bash ./scripts/release.sh",
+    "lint": "eslint \"src/**/*.ts\"",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "ci": "pnpm run lint && pnpm run typecheck && pnpm run test"
   }
-}
+}