stagent 0.6.0 → 0.6.2

package/dist/cli.js

@@ -755,7 +755,7 @@ async function main() {
       const candidate = join3(searchDir, "node_modules", "next", "package.json");
       if (existsSync2(candidate)) {
         const hoistedRoot = searchDir;
-        for (const name of ["src", "public", "docs"]) {
+        for (const name of ["src", "public", "docs", "book", "ai-native-notes"]) {
           const dest = join3(hoistedRoot, name);
           const src = join3(appDir, name);
           if (!existsSync2(dest) && existsSync2(src)) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "stagent",
-  "version": "0.6.0",
+  "version": "0.6.2",
   "description": "AI Business Operating System — run your business with AI agents. Local-first, multi-provider, governed.",
   "keywords": [
     "ai",
@@ -71,6 +71,7 @@
     "@tailwindcss/postcss": "^4",
     "@tailwindcss/typography": "^0.5",
     "@tanstack/react-table": "^8.21.3",
+    "@types/node": "^22",
     "better-sqlite3": "^12",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2",
@@ -78,6 +79,7 @@
     "commander": "^14",
     "cron-parser": "^5.5.0",
     "drizzle-orm": "^0.45",
+    "exceljs": "^4.4.0",
     "image-size": "^2.0.2",
     "js-yaml": "^4.1.1",
     "jszip": "^3.10.1",
@@ -95,14 +97,13 @@
     "react-markdown": "^10.1.0",
     "remark-gfm": "^4.0.1",
     "sharp": "^0.34.5",
-    "smol-toml": "^1.6.0",
+    "smol-toml": "^1.6.1",
     "sonner": "^2.0.7",
     "sugar-high": "^1.0.0",
     "tailwind-merge": "^3",
     "tailwindcss": "^4",
     "tw-animate-css": "^1",
     "typescript": "^5",
-    "xlsx": "^0.18.5",
     "zod": "^4.3.6"
   },
   "devDependencies": {
@@ -111,7 +112,6 @@
     "@testing-library/react": "^16.3.2",
     "@types/better-sqlite3": "^7",
     "@types/js-yaml": "^4.0.9",
-    "@types/node": "^22",
     "@types/react": "^19",
     "@types/react-dom": "^19",
     "@types/sharp": "^0.31.1",

package/src/app/api/channels/[id]/route.ts

@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from "next/server";
 import { db } from "@/lib/db";
 import { channelConfigs } from "@/lib/db/schema";
 import { eq } from "drizzle-orm";
+import { maskChannelRow } from "@/lib/channels/types";
 
 export async function GET(
   _req: NextRequest,
@@ -18,7 +19,7 @@ export async function GET(
     return NextResponse.json({ error: "Channel not found" }, { status: 404 });
   }
 
-  return NextResponse.json(channel);
+  return NextResponse.json(maskChannelRow(channel));
 }
 
 export async function PATCH(
@@ -79,7 +80,7 @@ export async function PATCH(
     .from(channelConfigs)
     .where(eq(channelConfigs.id, id));
 
-  return NextResponse.json(updated);
+  return NextResponse.json(maskChannelRow(updated));
 }
 
 export async function DELETE(

package/src/app/api/channels/inbound/slack/route.ts

@@ -56,8 +56,15 @@ export async function POST(req: NextRequest) {
     return NextResponse.json({ error: "Invalid channel config" }, { status: 500 });
   }
 
-  // Only verify signature if signingSecret is configured
-  if (parsedConfig.signingSecret && slackAdapter.verifySignature) {
+  // Require signingSecret — refuse to process inbound messages without signature verification
+  if (!parsedConfig.signingSecret) {
+    return NextResponse.json(
+      { error: "Channel config missing signingSecret — cannot verify request" },
+      { status: 401 }
+    );
+  }
+
+  if (slackAdapter.verifySignature) {
     const headers: Record<string, string> = {};
     req.headers.forEach((value, key) => {
       headers[key] = value;

package/src/app/api/channels/inbound/telegram/poll/route.ts

@@ -15,6 +15,13 @@ import { handleInboundMessage } from "@/lib/channels/gateway";
  * Returns the number of updates processed.
  */
 export async function POST(req: NextRequest) {
+  // Guard: only accept requests from the internal poller.
+  // The internal scheduler sets this header; external callers won't have it.
+  const internalToken = req.headers.get("x-stagent-internal");
+  if (internalToken !== "poll") {
+    return NextResponse.json({ error: "Unauthorized — internal use only" }, { status: 401 });
+  }
+
   const configId = req.nextUrl.searchParams.get("configId");
   if (!configId) {
     return NextResponse.json({ error: "Missing configId" }, { status: 400 });
@@ -30,6 +37,11 @@ export async function POST(req: NextRequest) {
     return NextResponse.json({ error: "Channel not found" }, { status: 404 });
   }
 
+  // Refuse to poll disabled channels
+  if (config.status !== "active") {
+    return NextResponse.json({ error: "Channel is not active" }, { status: 403 });
+  }
+
   let parsedConfig: Record<string, unknown>;
   try {
     parsedConfig = JSON.parse(config.config) as Record<string, unknown>;

package/src/app/api/channels/inbound/telegram/route.ts

@@ -39,8 +39,19 @@ export async function POST(req: NextRequest) {
     return NextResponse.json({ error: "Invalid channel config" }, { status: 500 });
   }
 
+  // Require webhookSecret — refuse to process inbound messages without authentication
   const expectedSecret = parsedConfig.webhookSecret as string | undefined;
-  if (expectedSecret && secret !== expectedSecret) {
+  if (!expectedSecret) {
+    return NextResponse.json(
+      { error: "Channel config missing webhookSecret — cannot verify request" },
+      { status: 401 }
+    );
+  }
+
+  // NOTE: The secret is passed as a query-string parameter. This is Telegram's recommended
+  // webhook verification design (https://core.telegram.org/bots/api#setwebhook secret_token).
+  // Query strings may appear in server access logs — ensure logs are access-controlled.
+  if (secret !== expectedSecret) {
     return NextResponse.json({ error: "Invalid secret" }, { status: 403 });
   }
 

package/src/app/api/channels/route.ts

@@ -2,6 +2,7 @@ import { NextRequest, NextResponse } from "next/server";
 import { db } from "@/lib/db";
 import { channelConfigs } from "@/lib/db/schema";
 import { desc, eq } from "drizzle-orm";
+import { maskChannelRow } from "@/lib/channels/types";
 
 const VALID_CHANNEL_TYPES = ["slack", "telegram", "webhook"] as const;
 
@@ -11,7 +12,7 @@ export async function GET() {
     .from(channelConfigs)
     .orderBy(desc(channelConfigs.createdAt));
 
-  return NextResponse.json(result);
+  return NextResponse.json(result.map(maskChannelRow));
 }
 
 export async function POST(req: NextRequest) {
@@ -67,5 +68,5 @@ export async function POST(req: NextRequest) {
     .from(channelConfigs)
     .where(eq(channelConfigs.id, id));
 
-  return NextResponse.json(created, { status: 201 });
+  return NextResponse.json(maskChannelRow(created), { status: 201 });
 }

package/src/app/api/data/clear/route.ts

@@ -2,6 +2,10 @@ import { NextResponse } from "next/server";
 import { clearAllData } from "@/lib/data/clear";
 
 export async function POST() {
+  if (process.env.NODE_ENV === "production") {
+    return NextResponse.json(null, { status: 404 });
+  }
+
   try {
     const deleted = clearAllData();
     return NextResponse.json({ success: true, deleted });

package/src/app/api/data/seed/route.ts

@@ -2,6 +2,10 @@ import { NextResponse } from "next/server";
 import { seedSampleData } from "@/lib/data/seed";
 
 export async function POST() {
+  if (process.env.NODE_ENV === "production") {
+    return NextResponse.json(null, { status: 404 });
+  }
+
   try {
     const seeded = await seedSampleData();
     return NextResponse.json({ success: true, seeded });

package/src/app/api/documents/route.ts

@@ -1,9 +1,10 @@
 import { NextRequest, NextResponse } from "next/server";
 import { db } from "@/lib/db";
 import { documents, tasks, projects } from "@/lib/db/schema";
-import { eq, and, like, or, desc, sql } from "drizzle-orm";
+import { eq, and, like, or, desc } from "drizzle-orm";
 import { access, stat, copyFile, mkdir } from "fs/promises";
-import { basename, extname, join } from "path";
+import path, { basename, extname, join } from "path";
+import { homedir } from "os";
 import crypto from "crypto";
 import { getStagentUploadsDir } from "@/lib/utils/stagent-paths";
 import { processDocument } from "@/lib/documents/processor";
@@ -120,18 +121,47 @@ export async function POST(req: NextRequest) {
 
   const body = parsed.data;
 
+  // Path traversal protection: resolve and validate the file path
+  const resolvedPath = path.resolve(body.file_path);
+  const home = homedir();
+  const SENSITIVE_PREFIXES = ["/etc", "/var", "/proc", "/sys", "/dev", "/root"];
+  const SENSITIVE_HOME_DIRS = [".ssh", ".gnupg", ".aws", ".config", ".env"];
+
+  if (SENSITIVE_PREFIXES.some((prefix) => resolvedPath.startsWith(prefix))) {
+    return NextResponse.json(
+      { error: "Access denied: path points to a restricted system directory" },
+      { status: 403 }
+    );
+  }
+
+  if (resolvedPath.startsWith(home)) {
+    const relativeToHome = resolvedPath.slice(home.length + 1);
+    if (SENSITIVE_HOME_DIRS.some((dir) => relativeToHome.startsWith(dir))) {
+      return NextResponse.json(
+        { error: "Access denied: path points to a sensitive home directory" },
+        { status: 403 }
+      );
+    }
+  } else if (!resolvedPath.startsWith("/tmp")) {
+    // Outside home and not /tmp — reject
+    return NextResponse.json(
+      { error: "Access denied: path must be under the user's home directory or /tmp" },
+      { status: 403 }
+    );
+  }
+
   try {
-    await access(body.file_path);
+    await access(resolvedPath);
   } catch {
     return NextResponse.json({ error: `File not found: ${body.file_path}` }, { status: 400 });
   }
 
-  const stats = await stat(body.file_path);
+  const stats = await stat(resolvedPath);
   if (!stats.isFile()) {
     return NextResponse.json({ error: `Not a file: ${body.file_path}` }, { status: 400 });
   }
 
-  const originalName = basename(body.file_path);
+  const originalName = basename(resolvedPath);
   const ext = extname(originalName).toLowerCase();
   const mimeType = MIME_TYPES[ext] ?? "application/octet-stream";
   const id = crypto.randomUUID();
@@ -140,7 +170,7 @@ export async function POST(req: NextRequest) {
   const uploadsDir = getStagentUploadsDir();
   await mkdir(uploadsDir, { recursive: true });
   const storagePath = join(uploadsDir, filename);
-  await copyFile(body.file_path, storagePath);
+  await copyFile(resolvedPath, storagePath);
 
   const now = new Date();
   await db.insert(documents).values({

package/src/app/api/tasks/[id]/respond/route.ts

@@ -43,8 +43,30 @@ export async function POST(
     return NextResponse.json({ error: "Already responded" }, { status: 409 });
   }
 
+  // Validate updatedInput keys against the original tool input to prevent injection
+  let sanitizedUpdatedInput = updatedInput;
+  if (updatedInput !== undefined && updatedInput !== null && typeof updatedInput === "object" && !Array.isArray(updatedInput)) {
+    try {
+      const originalToolInput = typeof notification.toolInput === "string" ? JSON.parse(notification.toolInput) : (notification.toolInput ?? {});
+      if (typeof originalToolInput === "object" && originalToolInput !== null) {
+        const allowedKeys = new Set(Object.keys(originalToolInput));
+        const inputRecord = updatedInput as Record<string, unknown>;
+        const extraKeys = Object.keys(inputRecord).filter((k) => !allowedKeys.has(k));
+        if (extraKeys.length > 0) {
+          return NextResponse.json(
+            { error: `updatedInput contains disallowed keys: ${extraKeys.join(", ")}` },
+            { status: 400 }
+          );
+        }
+      }
+    } catch {
+      // If we can't parse the original notification data, reject updatedInput entirely
+      sanitizedUpdatedInput = undefined;
+    }
+  }
+
   // Write response — the polling loop in claude-agent.ts will detect this
-  const responseData = { behavior, message, updatedInput, alwaysAllow };
+  const responseData = { behavior, message, updatedInput: sanitizedUpdatedInput, alwaysAllow };
   await db
     .update(notifications)
     .set({

package/src/app/layout.tsx

@@ -22,6 +22,15 @@ const jetbrainsMono = JetBrains_Mono({
 export const metadata: Metadata = {
   title: "Stagent",
   description: "AI agent task management",
+  icons: {
+    icon: [
+      { url: "/stagent-s-64.png", sizes: "64x64", type: "image/png" },
+      { url: "/icon.svg", type: "image/svg+xml" },
+    ],
+    apple: [
+      { url: "/stagent-s-128.png", sizes: "128x128", type: "image/png" },
+    ],
+  },
 };
 
 // Inline theme bootstrap prevents a flash between the server render and local theme preference.

package/src/lib/__tests__/npx-process-cwd.test.ts

@@ -0,0 +1,138 @@
+import { describe, expect, it } from "vitest";
+import { readFileSync, readdirSync, statSync } from "fs";
+import { join, resolve } from "path";
+
+/**
+ * Safety-net test: server-side code must NOT use process.cwd() for resolving
+ * app-internal assets (docs, book, public, src). Under npx distribution,
+ * process.cwd() returns the npm cache directory, not the app root.
+ *
+ * Allowed alternatives:
+ *   - import.meta.dirname / __dirname  (resolves relative to source file)
+ *   - getLaunchCwd()                    (resolves to user's working directory)
+ *   - Static file conventions           (e.g., src/app/icon.png)
+ *
+ * Excluded:
+ *   - bin/cli.ts (CLI entrypoint — it defines the cwd context)
+ *   - Test files (__tests__/)
+ *   - workspace-context.ts (defines getLaunchCwd itself, fallback is intentional)
+ */
+describe("npx safety: no process.cwd() for app-internal asset resolution", () => {
+  // Project root (src/lib/__tests__/ → 3 levels up)
+  const PROJECT_ROOT = resolve(__dirname, "..", "..", "..");
+
+  /** Recursively collect .ts/.tsx files, skipping node_modules and __tests__ */
+  function collectFiles(dir: string): string[] {
+    const results: string[] = [];
+    for (const entry of readdirSync(dir, { withFileTypes: true })) {
+      const full = join(dir, entry.name);
+      if (entry.isDirectory()) {
+        if (entry.name === "node_modules" || entry.name === "__tests__" || entry.name === ".next") continue;
+        results.push(...collectFiles(full));
+      } else if (/\.(ts|tsx)$/.test(entry.name)) {
+        results.push(full);
+      }
+    }
+    return results;
+  }
+
+  // Files that are intentionally allowed to use process.cwd()
+  const ALLOWED_FILES = [
+    "bin/cli.ts",                                // CLI entrypoint defines cwd context
+    "src/lib/environment/workspace-context.ts",   // defines getLaunchCwd fallback
+    "drizzle.config.ts",                          // build-time config
+  ];
+
+  /**
+   * Patterns that indicate process.cwd() is used to resolve app-internal paths.
+   * We look for join/resolve calls that combine process.cwd() with known app dirs.
+   */
+  const DANGEROUS_PATTERNS = [
+    /process\.cwd\(\)\s*,\s*["'](?:public|docs|book|ai-native-notes|src)\b/,
+    /process\.cwd\(\)\s*,\s*["'].*?\.(?:png|ico|svg|jpg|md|json)["']/,
+  ];
+
+  it("server-side code does not use process.cwd() for internal asset paths", () => {
+    const srcFiles = collectFiles(join(PROJECT_ROOT, "src"));
+    const binFiles = collectFiles(join(PROJECT_ROOT, "bin"));
+    const allFiles = [...srcFiles, ...binFiles];
+
+    const violations: Array<{ file: string; line: number; text: string }> = [];
+
+    for (const filePath of allFiles) {
+      const relative = filePath.replace(PROJECT_ROOT + "/", "");
+
+      // Skip allowed files
+      if (ALLOWED_FILES.some((allowed) => relative.endsWith(allowed))) continue;
+      // Skip test files
+      if (relative.includes("__tests__")) continue;
+
+      const content = readFileSync(filePath, "utf-8");
+      const lines = content.split("\n");
+
+      for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of DANGEROUS_PATTERNS) {
+          if (pattern.test(line)) {
+            violations.push({ file: relative, line: i + 1, text: line.trim() });
+          }
+        }
+      }
+    }
+
+    expect(
+      violations,
+      `Found process.cwd() used for app-internal paths (breaks under npx):\n${violations
+        .map((v) => `  ${v.file}:${v.line} → ${v.text}`)
+        .join("\n")}`
+    ).toEqual([]);
+  });
+
+  it("dynamic icon/apple-icon files do not exist (break under npx)", () => {
+    const appDir = join(PROJECT_ROOT, "src", "app");
+    const dynamicIcons = ["icon.tsx", "icon.jsx", "apple-icon.tsx", "apple-icon.jsx"];
+
+    const found = dynamicIcons.filter((name) => {
+      try {
+        statSync(join(appDir, name));
+        return true;
+      } catch {
+        return false;
+      }
+    });
+
+    expect(
+      found,
+      `Dynamic icon files found — these break under npx because they use process.cwd(). Use explicit metadata.icons in layout.tsx instead: ${found.join(", ")}`
+    ).toEqual([]);
+  });
+
+  it("layout.tsx has explicit icons metadata (not convention-based)", () => {
+    const layoutPath = join(PROJECT_ROOT, "src", "app", "layout.tsx");
+    const content = readFileSync(layoutPath, "utf-8");
+
+    expect(
+      content.includes("icons:"),
+      "layout.tsx must have explicit icons metadata — convention-based icon.png/icon.tsx files break under npx"
+    ).toBe(true);
+  });
+
+  it("icon assets referenced in metadata exist in public/", () => {
+    const publicDir = join(PROJECT_ROOT, "public");
+    const requiredIcons = ["stagent-s-64.png", "stagent-s-128.png", "icon.svg"];
+
+    const missing = requiredIcons.filter((name) => {
+      try {
+        statSync(join(publicDir, name));
+        return false;
+      } catch {
+        return true;
+      }
+    });
+
+    expect(
+      missing,
+      `Missing icon assets in public/: ${missing.join(", ")}`
+    ).toEqual([]);
+  });
+});

package/src/lib/agents/claude-agent.ts

@@ -372,7 +372,7 @@ export async function buildTaskQueryContext(
   const outputInstructions = buildTaskOutputInstructions(task.id);
   const learnedCtx = getActiveLearnedContext(profileId);
   const learnedCtxBlock = learnedCtx
-    ? `## Learned Context\nPatterns and insights learned from previous tasks:\n\n${learnedCtx}`
+    ? `## Learned Context\n<learned-context>\n${learnedCtx}\n</learned-context>`
     : "";
 
   // Resolve working directory: project's workingDirectory > launch cwd

package/src/lib/agents/profiles/registry.ts

@@ -15,20 +15,15 @@ import { eq, and } from "drizzle-orm";
  * Builtins ship inside the repo at src/lib/agents/profiles/builtins/.
  * At runtime they are copied (if missing) to ~/.claude/skills/ so users
  * can customize them without touching source.
+ * Uses import.meta.dirname (not process.cwd()) so it works under npx.
  */
-const BUILTINS_DIR_PRIMARY = path.resolve(
+const BUILTINS_DIR = path.resolve(
   import.meta.dirname ?? __dirname,
   "builtins"
 );
-const BUILTINS_DIR_FALLBACK = path.join(
-  process.cwd(),
-  "src/lib/agents/profiles/builtins"
-);
 
-/** Resolve builtins dir — import.meta.dirname may point to .next/ in bundled contexts */
 function getBuiltinsDir(): string {
-  if (fs.existsSync(BUILTINS_DIR_PRIMARY)) return BUILTINS_DIR_PRIMARY;
-  return BUILTINS_DIR_FALLBACK;
+  return BUILTINS_DIR;
 }
 
 const SKILLS_DIR = path.join(

package/src/lib/book/chapter-generator.ts

@@ -31,8 +31,11 @@ export function gatherChapterContext(chapterId: string): ChapterContext {
   const sourceDocSlugs = mapping?.docs ?? [];
   const slug = chapterIdToSlug(chapterId);
 
+  // Resolve paths relative to source file, not cwd (npx-safe)
+  const appRoot = join(import.meta.dirname ?? __dirname, "..", "..", "..");
+
   // Read the current chapter markdown (if it exists)
-  const chapterMdPath = join(process.cwd(), "book", "chapters", `${slug}.md`);
+  const chapterMdPath = join(appRoot, "book", "chapters", `${slug}.md`);
   const currentMarkdown = existsSync(chapterMdPath)
     ? readFileSync(chapterMdPath, "utf-8")
     : null;
@@ -40,7 +43,7 @@ export function gatherChapterContext(chapterId: string): ChapterContext {
   // Read related playbook docs for content
   const sourceContents: string[] = [];
   for (const docSlug of sourceDocSlugs) {
-    const docPath = join(process.cwd(), "docs", "features", `${docSlug}.md`);
+    const docPath = join(appRoot, "docs", "features", `${docSlug}.md`);
     if (existsSync(docPath)) {
       const content = readFileSync(docPath, "utf-8");
       sourceContents.push(`### Feature: ${docSlug}\n${content}`);
@@ -48,7 +51,7 @@ export function gatherChapterContext(chapterId: string): ChapterContext {
   }
 
   // Read the book strategy document
-  const strategyPath = join(process.cwd(), "ai-native-notes", "ai-native-book-strategy.md");
+  const strategyPath = join(appRoot, "ai-native-notes", "ai-native-book-strategy.md");
   const strategy = existsSync(strategyPath)
     ? readFileSync(strategyPath, "utf-8")
     : null;

package/src/lib/book/content.ts

@@ -154,7 +154,9 @@ function tryLoadMarkdownChapter(id: string): BookChapter | null {
     // eslint-disable-next-line @typescript-eslint/no-require-imports
     const { parseMarkdownChapter } = require("./markdown-parser") as { parseMarkdownChapter: (md: string, slug: string) => { sections: Array<{ id: string; title: string; content: import("./types").ContentBlock[] }> } };
 
-    const filePath = join(process.cwd(), "book", "chapters", `${fileSlug}.md`);
+    // Resolve relative to source file, not cwd (npx-safe)
+    const appRoot = join(import.meta.dirname ?? __dirname, "..", "..", "..");
+    const filePath = join(appRoot, "book", "chapters", `${fileSlug}.md`);
     if (!existsSync(filePath)) return null;
 
     const content = readFileSync(filePath, "utf-8");

package/src/lib/book/update-detector.ts

@@ -33,7 +33,9 @@ function getLastGenerated(chapterId: string): string | null {
   const slug = CHAPTER_SLUGS[chapterId];
   if (!slug) return null;
 
-  const mdPath = join(process.cwd(), "book", "chapters", `${slug}.md`);
+  // Resolve relative to source file, not cwd (npx-safe)
+  const appRoot = join(import.meta.dirname ?? __dirname, "..", "..", "..");
+  const mdPath = join(appRoot, "book", "chapters", `${slug}.md`);
   if (!existsSync(mdPath)) return null;
 
   const content = readFileSync(mdPath, "utf-8");

package/src/lib/channels/types.ts

@@ -30,6 +30,38 @@ export interface ChannelDeliveryResult {
   error?: string;
 }
 
+// ── Credential masking ───────────────────────────────────────────────
+
+/** Fields in channel config JSON that contain secrets and must be masked in API responses. */
+const SENSITIVE_CONFIG_KEYS = ["botToken", "signingSecret", "webhookSecret"];
+
+/**
+ * Mask sensitive fields in a channel config JSON string.
+ * Returns a new JSON string with secrets replaced by "****<last4>".
+ */
+export function maskChannelConfig(configJson: string): string {
+  try {
+    const parsed = JSON.parse(configJson) as Record<string, unknown>;
+    for (const key of SENSITIVE_CONFIG_KEYS) {
+      const val = parsed[key];
+      if (typeof val === "string" && val.length > 0) {
+        const last4 = val.slice(-4);
+        parsed[key] = `****${last4}`;
+      }
+    }
+    return JSON.stringify(parsed);
+  } catch {
+    return configJson;
+  }
+}
+
+/**
+ * Mask sensitive fields in a channel config row before returning from API.
+ */
+export function maskChannelRow<T extends { config: string }>(row: T): T {
+  return { ...row, config: maskChannelConfig(row.config) };
+}
+
 /** Normalized inbound message from any channel. */
 export interface InboundMessage {
   text: string;

package/src/lib/data/seed-data/documents.ts

@@ -162,15 +162,17 @@ async function createPptx(slides: string[]): Promise<Buffer> {
   return Buffer.from(buf);
 }
 
-/** Create a valid XLSX using the xlsx library */
-function createXlsxSync(csvContent: string): Buffer {
-  // eslint-disable-next-line @typescript-eslint/no-require-imports
-  const XLSX = require("xlsx");
+/** Create a valid XLSX using exceljs */
+async function createXlsx(csvContent: string): Promise<Buffer> {
+  const ExcelJS = await import("exceljs");
+  const workbook = new ExcelJS.Workbook();
+  const ws = workbook.addWorksheet("Sheet1");
   const rows = csvContent.split("\n").map((line: string) => line.split(","));
-  const ws = XLSX.utils.aoa_to_sheet(rows);
-  const wb = XLSX.utils.book_new();
-  XLSX.utils.book_append_sheet(wb, ws, "Sheet1");
-  return XLSX.write(wb, { type: "buffer", bookType: "xlsx" }) as Buffer;
+  for (const row of rows) {
+    ws.addRow(row);
+  }
+  const arrayBuffer = await workbook.xlsx.writeBuffer();
+  return Buffer.from(arrayBuffer);
 }
 
 /** Create a minimal valid PDF with text content */
@@ -254,9 +256,8 @@ const DOCUMENTS: DocumentDef[] = [
       "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
     projectIndex: 0,
     taskIndex: 0,
-    content: () =>
-      Promise.resolve(
-        createXlsxSync(
+    content: async () =>
+      createXlsx(
           `Ticker,Shares,Avg Cost,Current Price,Market Value,Sector
 NVDA,45,285.50,890.25,40061.25,Technology
 AAPL,120,142.30,178.50,21420.00,Technology
@@ -273,7 +274,6 @@ LLY,15,580.00,782.50,11737.50,Healthcare
 HD,35,325.00,348.90,12211.50,Consumer
 MA,40,368.50,462.80,18512.00,Finance
 CVX,55,152.30,158.40,8712.00,Energy`
-        )
       ),
   },
   {
@@ -398,9 +398,8 @@ Tertiary: Newsletter subscription`
       "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
     projectIndex: 2,
     taskIndex: 10,
-    content: () =>
-      Promise.resolve(
-        createXlsxSync(
+    content: async () =>
+      createXlsx(
           `Name,Title,Company,Industry,Size,LinkedIn URL,Email,Status
 Sarah Chen,VP Engineering,Acme Corp,SaaS,500-1000,linkedin.com/in/sarachen,s.chen@acmecorp.com,Qualified
 Marcus Johnson,Director of Engineering,Acme Corp,SaaS,500-1000,linkedin.com/in/marcusjohnson,m.johnson@acmecorp.com,Qualified
@@ -414,7 +413,6 @@ Nina Patel,CTO,QuickShip,Logistics,200-500,linkedin.com/in/ninapatel,n.patel@qui
 Alex Turner,Director of Engineering,BrightPath,EdTech,100-200,linkedin.com/in/alexturner,a.turner@brightpath.edu,Qualified
 Sophie Reed,VP Product,GreenGrid,CleanTech,50-200,linkedin.com/in/sophiereed,s.reed@greengrid.io,Researching
 Chris Wong,VP Engineering,NexaPay,FinTech,200-500,linkedin.com/in/chriswong,c.wong@nexapay.com,Qualified`
-        )
       ),
   },
   {
@@ -514,9 +512,8 @@ Total: $2,052 (Pre-approved #EXP-2025-0342)`
       "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
     projectIndex: 3,
     taskIndex: 19,
-    content: () =>
-      Promise.resolve(
-        createXlsxSync(
+    content: async () =>
+      createXlsx(
           `Date,Category,Vendor,Amount,Description,Receipt
 2025-03-15,Airfare,United Airlines,342.00,SFO to JFK Economy Plus UA 456,receipt-001.pdf
 2025-03-15,Ground Transport,Uber,62.50,JFK to Manhattan Club hotel,receipt-002.pdf
@@ -536,7 +533,6 @@ Total: $2,052 (Pre-approved #EXP-2025-0342)`
 2025-03-15,Meals,Starbucks JFK,8.40,Coffee at terminal,receipt-016.pdf
 2025-03-16,Miscellaneous,CVS Pharmacy,12.80,Phone charger,receipt-017.pdf
 2025-03-17,Miscellaneous,Hotel Concierge,15.00,Luggage storage tip,receipt-018.pdf`
-        )
       ),
   },
 
@@ -590,9 +586,8 @@ STATUS: 7 of 8 documents collected (87.5%)`
       "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
     projectIndex: 4,
     taskIndex: 21,
-    content: () =>
-      Promise.resolve(
-        createXlsxSync(
+    content: async () =>
+      createXlsx(
           `Date,Category,Description,Amount,Deductible,Notes
 2025-01-05,Home Office,Internet service (pro-rata),45.00,Yes,8.3% of total
 2025-01-05,Home Office,Electricity (pro-rata),32.00,Yes,8.3% of total
@@ -619,7 +614,6 @@ STATUS: 7 of 8 documents collected (87.5%)`
 2025-04-01,Health,HSA contribution,500.00,Yes,Monthly
 2025-04-05,Home Office,Internet (pro-rata),45.00,Yes,Monthly
 2025-04-05,Home Office,Electricity (pro-rata),38.00,Yes,Spring cycle`
-        )
       ),
   },
 

package/src/lib/db/schema.ts

@@ -604,7 +604,10 @@ export const channelConfigs = sqliteTable(
     id: text("id").primaryKey(),
     channelType: text("channel_type", { enum: ["slack", "telegram", "webhook"] }).notNull(),
     name: text("name").notNull(),
-    config: text("config").notNull(), // JSON: { webhookUrl?, botToken?, chatId?, channelId?, signingSecret? }
+    // SECURITY: The config JSON contains credentials (botToken, signingSecret, webhookSecret)
+    // stored as plaintext. A future improvement should encrypt these at rest.
+    // All API responses MUST mask sensitive fields via maskChannelConfig() before returning.
+    config: text("config").notNull(), // JSON: { webhookUrl?, botToken?, chatId?, channelId?, signingSecret?, webhookSecret? }
     status: text("status", { enum: ["active", "disabled"] }).default("active").notNull(),
     testStatus: text("test_status", { enum: ["untested", "ok", "failed"] }).default("untested").notNull(),
     direction: text("direction", { enum: ["outbound", "bidirectional"] }).default("outbound").notNull(),

package/src/lib/docs/reader.ts

@@ -2,9 +2,11 @@ import { readFileSync, readdirSync, existsSync } from "fs";
 import { join, basename } from "path";
 import type { DocManifest, ParsedDoc } from "./types";
 
-/** Resolve the docs directory relative to project root */
+/** Resolve the docs directory relative to this source file (npx-safe) */
 function docsDir(): string {
-  return join(process.cwd(), "docs");
+  const dir = import.meta.dirname ?? __dirname;
+  // src/lib/docs/ → project root → docs/
+  return join(dir, "..", "..", "..", "docs");
 }
 
 /** Read and parse docs/manifest.json */

package/src/lib/documents/processors/spreadsheet.ts

@@ -3,16 +3,20 @@ import type { ProcessorResult } from "../registry";
 
 /** Parse XLSX/CSV to a text table representation */
 export async function processSpreadsheet(filePath: string): Promise<ProcessorResult> {
-  const XLSX = await import("xlsx");
+  const ExcelJS = await import("exceljs");
+  const workbook = new ExcelJS.Workbook();
   const buffer = await readFile(filePath);
-  const workbook = XLSX.read(buffer, { type: "buffer" });
+  await workbook.xlsx.load(buffer as unknown as Buffer);
 
   const sheets: string[] = [];
-  for (const sheetName of workbook.SheetNames) {
-    const sheet = workbook.Sheets[sheetName];
-    const csv = XLSX.utils.sheet_to_csv(sheet);
-    sheets.push(`--- Sheet: ${sheetName} ---\n${csv}`);
-  }
+  workbook.eachSheet((worksheet) => {
+    const rows: string[] = [];
+    worksheet.eachRow((row) => {
+      const values = (row.values as (string | number | null | undefined)[]).slice(1); // ExcelJS is 1-indexed
+      rows.push(values.map((v) => (v ?? "").toString()).join(","));
+    });
+    sheets.push(`--- Sheet: ${worksheet.name} ---\n${rows.join("\n")}`);
+  });
 
   return { extractedText: sheets.join("\n\n") };
 }

package/src/app/apple-icon.tsx

@@ -1,31 +0,0 @@
-import { ImageResponse } from "next/og";
-import { readFileSync } from "fs";
-import { join } from "path";
-
-export const size = { width: 180, height: 180 };
-export const contentType = "image/png";
-
-export default function AppleIcon() {
-  const logoData = readFileSync(join(process.cwd(), "public/stagent-s-128.png"));
-  const logoSrc = `data:image/png;base64,${logoData.toString("base64")}`;
-
-  return new ImageResponse(
-    (
-      <div
-        style={{
-          width: "100%",
-          height: "100%",
-          display: "flex",
-          alignItems: "center",
-          justifyContent: "center",
-          background: "#0f172a",
-          borderRadius: "36px",
-        }}
-      >
-        {/* eslint-disable-next-line @next/next/no-img-element */}
-        <img src={logoSrc} width="130" height="130" alt="" />
-      </div>
-    ),
-    { ...size }
-  );
-}

package/src/app/icon.tsx

@@ -1,30 +0,0 @@
-import { ImageResponse } from "next/og";
-import { readFileSync } from "fs";
-import { join } from "path";
-
-export const size = { width: 32, height: 32 };
-export const contentType = "image/png";
-
-export default function Icon() {
-  const logoData = readFileSync(join(process.cwd(), "public/stagent-s-64.png"));
-  const logoSrc = `data:image/png;base64,${logoData.toString("base64")}`;
-
-  return new ImageResponse(
-    (
-      <div
-        style={{
-          width: "100%",
-          height: "100%",
-          display: "flex",
-          alignItems: "center",
-          justifyContent: "center",
-          background: "transparent",
-        }}
-      >
-        {/* eslint-disable-next-line @next/next/no-img-element */}
-        <img src={logoSrc} width="30" height="30" alt="" />
-      </div>
-    ),
-    { ...size }
-  );
-}