docs: note android sms capability

Add sms.send command to allow sending text messages via the paired Android device.

Changes:
- Add SmsManager class to handle SMS sending via Android SmsManager API
- Add ClawdisSmsCommand enum and Sms capability to protocol constants
- Wire sms.send command into NodeRuntime invoke handler
- Add SEND_SMS permission to AndroidManifest.xml
- Advertise sms capability when SEND_SMS permission is granted

The SMS capability is only advertised when the user has granted SEND_SMS
permission. Messages longer than 160 chars are automatically split into
multipart messages.

.detect-secrets.cfg

@@ -1,26 +0,0 @@
-# detect-secrets exclusion patterns (regex)
-#
-# Note: detect-secrets does not read this file by default. If you want these
-# applied, wire them into your scan command (e.g. translate to --exclude-files
-# / --exclude-lines) or into a baseline's filters_used.
-
-[exclude-files]
-# pnpm lockfiles contain lots of high-entropy package integrity blobs.
-pattern = (^|/)pnpm-lock\.yaml$
-
-[exclude-lines]
-# Fastlane checks for private key marker; not a real key.
-pattern = key_content\.include\?\("BEGIN PRIVATE KEY"\)
-# UI label string for Anthropic auth mode.
-pattern = case \.apiKeyEnv: "API key \(env var\)"
-# CodingKeys mapping uses apiKey literal.
-pattern = case apikey = "apiKey"
-# Schema labels referencing password fields (not actual secrets).
-pattern = "gateway\.remote\.password"
-pattern = "gateway\.auth\.password"
-# Schema label for talk API key (label text only).
-pattern = "talk\.apiKey"
-# checking for typeof is not something we care about.
-pattern = === "string"
-# specific optional-chaining password check that didn't match the line above.
-pattern = typeof remote\?\.password === "string"

.gitattributes

@@ -1 +0,0 @@
-* text=auto eol=lf

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,28 +0,0 @@
----
-name: Bug report
-about: Report a problem or unexpected behavior in Clawdbot.
-title: "[Bug]: "
-labels: bug
----
-
-## Summary
-What went wrong?
-
-## Steps to reproduce
-1.
-2.
-3.
-
-## Expected behavior
-What did you expect to happen?
-
-## Actual behavior
-What actually happened?
-
-## Environment
-- Clawdbot version:
-- OS:
-- Install method (pnpm/npx/docker/etc):
-
-## Logs or screenshots
-Paste relevant logs or add screenshots (redact secrets).

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +0,0 @@
-blank_issues_enabled: true
-contact_links:
-  - name: Onboarding
-    url: https://discord.gg/clawd
-    about: New to Clawdbot? Join Discord for setup guidance from Krill in #help.
-  - name: Support
-    url: https://discord.gg/clawd
-    about: Get help from Krill and the community on Discord in #help.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,18 +0,0 @@
----
-name: Feature request
-about: Suggest an idea or improvement for Clawdbot.
-title: "[Feature]: "
-labels: enhancement
----
-
-## Summary
-Describe the problem you are trying to solve or the opportunity you see.
-
-## Proposed solution
-What would you like Clawdbot to do?
-
-## Alternatives considered
-Any other approaches you have considered?
-
-## Additional context
-Links, screenshots, or related issues.

.github/workflows/ci.yml

@@ -5,59 +5,8 @@ on:
   pull_request:
 
 jobs:
-  install-check:
-    runs-on: blacksmith-4vcpu-ubuntu-2404
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: false
-
-      - name: Checkout submodules (retry)
-        run: |
-          set -euo pipefail
-          git submodule sync --recursive
-          for attempt in 1 2 3 4 5; do
-            if git -c protocol.version=2 submodule update --init --force --depth=1 --recursive; then
-              exit 0
-            fi
-            echo "Submodule update failed (attempt $attempt/5). Retrying…"
-            sleep $((attempt * 10))
-          done
-          exit 1
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 22.x
-          check-latest: true
-
-      - name: Runtime versions
-        run: |
-          node -v
-          npm -v
-
-      - name: Capture node path
-        run: echo "NODE_BIN=$(dirname \"$(node -p \"process.execPath\")\")" >> "$GITHUB_ENV"
-
-      - name: Enable corepack and pin pnpm
-        run: |
-          corepack enable
-          corepack prepare pnpm@10.23.0 --activate
-          pnpm -v
-
-      - name: Install dependencies (frozen)
-        env:
-          CI: true
-        run: |
-          export PATH="$NODE_BIN:$PATH"
-          which node
-          node -v
-          pnpm -v
-          pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true
-
   checks:
-    runs-on: blacksmith-4vcpu-ubuntu-2404
+    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
@@ -74,9 +23,9 @@ jobs:
           - runtime: node
             task: protocol
             command: pnpm protocol:check
-          - runtime: node
-            task: format
-            command: pnpm format
+          - runtime: bun
+            task: lint
+            command: bunx biome check src
           - runtime: bun
             task: test
             command: bunx vitest run
@@ -103,186 +52,32 @@ jobs:
           exit 1
 
       - name: Setup Node.js
+        if: matrix.runtime == 'node'
         uses: actions/setup-node@v4
         with:
-          node-version: 22.x
+          node-version: 24
           check-latest: true
 
       - name: Setup Bun
+        if: matrix.runtime == 'bun'
         uses: oven-sh/setup-bun@v2
         with:
-          bun-version: latest
+          # bun.sh downloads currently fail with:
+          # "Failed to list releases from GitHub: 401" -> "Unexpected HTTP response: 400"
+          bun-download-url: "https://github.com/oven-sh/bun/releases/latest/download/bun-linux-x64.zip"
 
-      - name: Runtime versions
-        run: |
-          node -v
-          npm -v
-          bun -v
-
-      - name: Capture node path
-        run: echo "NODE_BIN=$(dirname \"$(node -p \"process.execPath\")\")" >> "$GITHUB_ENV"
-
-      - name: Enable corepack and pin pnpm
-        run: |
-          corepack enable
-          corepack prepare pnpm@10.23.0 --activate
-          pnpm -v
-
-      - name: Install dependencies
-        env:
-          CI: true
-        run: |
-          export PATH="$NODE_BIN:$PATH"
-          which node
-          node -v
-          pnpm -v
-          pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true || pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true
-
-      - name: Run ${{ matrix.task }} (${{ matrix.runtime }})
-        run: ${{ matrix.command }}
-
-  secrets:
-    runs-on: blacksmith-4vcpu-ubuntu-2404
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: false
-
-      - name: Setup Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
-
-      - name: Install detect-secrets
-        run: |
-          python -m pip install --upgrade pip
-          python -m pip install detect-secrets==1.5.0
-
-      - name: Detect secrets
-        run: |
-          if ! detect-secrets scan --baseline .secrets.baseline; then
-            echo "::error::Secret scanning failed. See docs/gateway/security.md#secret-scanning-detect-secrets"
-            exit 1
-          fi
-
-  checks-windows:
-    runs-on: blacksmith-4vcpu-windows-2025
-    defaults:
-      run:
-        shell: bash
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - runtime: node
-            task: lint
-            command: pnpm lint
-          - runtime: node
-            task: test
-            command: pnpm test
-          - runtime: node
-            task: build
-            command: pnpm build
-          - runtime: node
-            task: protocol
-            command: pnpm protocol:check
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: false
-
-      - name: Checkout submodules (retry)
-        run: |
-          set -euo pipefail
-          git submodule sync --recursive
-          for attempt in 1 2 3 4 5; do
-            if git -c protocol.version=2 submodule update --init --force --depth=1 --recursive; then
-              exit 0
-            fi
-            echo "Submodule update failed (attempt $attempt/5). Retrying…"
-            sleep $((attempt * 10))
-          done
-          exit 1
-
-      - name: Setup Node.js
+      - name: Setup Node.js (tooling for bun)
+        if: matrix.runtime == 'bun'
         uses: actions/setup-node@v4
         with:
-          node-version: 22.x
-          check-latest: true
-
-      - name: Setup Bun
-        uses: oven-sh/setup-bun@v2
-        with:
-          bun-version: latest
-
-      - name: Runtime versions
-        run: |
-          node -v
-          npm -v
-          bun -v
-
-      - name: Capture node path
-        run: echo "NODE_BIN=$(dirname \"$(node -p \"process.execPath\")\")" >> "$GITHUB_ENV"
-
-      - name: Enable corepack and pin pnpm
-        run: |
-          corepack enable
-          corepack prepare pnpm@10.23.0 --activate
-          pnpm -v
-
-      - name: Install dependencies
-        env:
-          CI: true
-        run: |
-          export PATH="$NODE_BIN:$PATH"
-          which node
-          node -v
-          pnpm -v
-          pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true || pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true
-
-      - name: Run ${{ matrix.task }} (${{ matrix.runtime }})
-        run: ${{ matrix.command }}
-
-  checks-macos:
-    if: github.event_name == 'pull_request'
-    runs-on: macos-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - task: test
-            command: pnpm test
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: false
-
-      - name: Checkout submodules (retry)
-        run: |
-          set -euo pipefail
-          git submodule sync --recursive
-          for attempt in 1 2 3 4 5; do
-            if git -c protocol.version=2 submodule update --init --force --depth=1 --recursive; then
-              exit 0
-            fi
-            echo "Submodule update failed (attempt $attempt/5). Retrying…"
-            sleep $((attempt * 10))
-          done
-          exit 1
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 22.x
+          node-version: 24
           check-latest: true
 
       - name: Runtime versions
         run: |
           node -v
           npm -v
+          if [ "${{ matrix.runtime }}" = "bun" ]; then bun -v; fi
 
       - name: Capture node path
         run: echo "NODE_BIN=$(dirname \"$(node -p \"process.execPath\")\")" >> "$GITHUB_ENV"
@@ -301,9 +96,9 @@ jobs:
           which node
           node -v
           pnpm -v
-          pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true || pnpm install --frozen-lockfile --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true
+          pnpm install --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true || pnpm install --ignore-scripts=false --config.engine-strict=false --config.enable-pre-post-scripts=true
 
-      - name: Run ${{ matrix.task }}
+      - name: Run ${{ matrix.task }} (${{ matrix.runtime }})
         run: ${{ matrix.command }}
 
   macos-app:
@@ -549,7 +344,7 @@ jobs:
           PY
 
   android:
-    runs-on: blacksmith-4vcpu-ubuntu-2404
+    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
@@ -585,8 +380,6 @@ jobs:
 
       - name: Setup Android SDK
         uses: android-actions/setup-android@v3
-        with:
-          accept-android-sdk-licenses: false
 
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v4

.github/workflows/install-smoke.yml

@@ -1,33 +0,0 @@
-name: Install Smoke
-
-on:
-  push:
-    branches: [main]
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  install-smoke:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout CLI
-        uses: actions/checkout@v4
-
-      - name: Setup pnpm
-        uses: pnpm/action-setup@v3
-        with:
-          version: 10
-      - name: Enable Corepack
-        run: corepack enable
-
-      - name: Install pnpm deps (minimal)
-        run: pnpm install --ignore-scripts --frozen-lockfile
-
-      - name: Run installer docker tests
-        env:
-          CLAWDBOT_INSTALL_URL: https://clawd.bot/install.sh
-          CLAWDBOT_INSTALL_CLI_URL: https://clawd.bot/install-cli.sh
-          CLAWDBOT_NO_ONBOARD: "1"
-          CLAWDBOT_INSTALL_SMOKE_SKIP_CLI: "1"
-          CLAWDBOT_INSTALL_SMOKE_PREVIOUS: "2026.1.11-4"
-        run: pnpm test:install:smoke

.github/workflows/workflow-sanity.yml

@@ -1,37 +0,0 @@
-name: Workflow Sanity
-
-on:
-  pull_request:
-  push:
-
-jobs:
-  no-tabs:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Fail on tabs in workflow files
-        run: |
-          python - <<'PY'
-          from __future__ import annotations
-
-          import pathlib
-          import sys
-
-          root = pathlib.Path(".github/workflows")
-          bad: list[str] = []
-          for path in sorted(root.rglob("*.yml")):
-            if b"\t" in path.read_bytes():
-              bad.append(str(path))
-
-          for path in sorted(root.rglob("*.yaml")):
-            if b"\t" in path.read_bytes():
-              bad.append(str(path))
-
-          if bad:
-            print("Tabs found in workflow file(s):")
-            for path in bad:
-              print(f"- {path}")
-            sys.exit(1)
-          PY

.gitignore

@@ -1,12 +1,8 @@
 node_modules
-**/node_modules/
 .env
-docker-compose.extra.yml
 dist
 *.bun-build
 pnpm-lock.yaml
-bun.lock
-bun.lockb
 coverage
 .pnpm-store
 .worktrees/
@@ -19,14 +15,13 @@ ui/test-results/
 # Bun build artifacts
 *.bun-build
 apps/macos/.build/
-apps/shared/ClawdbotKit/.build/
-**/ModuleCache/
+apps/shared/ClawdisKit/.build/
 bin/
-bin/clawdbot-mac
+bin/clawdis-mac
 bin/docs-list
 apps/macos/.build-local/
 apps/macos/.swiftpm/
-apps/shared/ClawdbotKit/.swiftpm/
+apps/shared/ClawdisKit/.swiftpm/
 Core/
 apps/ios/*.xcodeproj/
 apps/ios/*.xcworkspace/
@@ -52,10 +47,3 @@ apps/ios/*.dSYM.zip
 # provisioning profiles (local)
 apps/ios/*.mobileprovision
 .env
-
-# Local untracked files
-.local/
-.vscode/
-IDENTITY.md
-USER.md
-.tgz

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "Peekaboo"]
+	path = Peekaboo
+	url = https://github.com/steipete/Peekaboo.git
+	branch = main

.npmrc

@@ -1 +1 @@
-allow-build-scripts=@whiskeysockets/baileys,sharp,esbuild,protobufjs,fs-ext,node-pty,@lydell/node-pty
+allow-build-scripts=@whiskeysockets/baileys,sharp,esbuild,protobufjs,fs-ext,node-pty

.oxfmtrc.jsonc

@@ -1,5 +0,0 @@
-{
-  "$schema": "./node_modules/oxfmt/configuration_schema.json",
-  "indentWidth": 2,
-  "printWidth": 100
-}

.oxlintrc.json

@@ -1,12 +0,0 @@
-{
-  "$schema": "./node_modules/oxlint/configuration_schema.json",
-  "plugins": [
-    "unicorn",
-    "typescript",
-    "oxc"
-  ],
-  "categories": {
-    "correctness": "error"
-  },
-  "ignorePatterns": ["src/canvas-host/a2ui/a2ui.bundle.js"]
-}

.secrets.baseline

@@ -1,518 +0,0 @@
-{
-  "version": "1.5.0",
-  "plugins_used": [
-    {
-      "name": "ArtifactoryDetector"
-    },
-    {
-      "name": "AWSKeyDetector"
-    },
-    {
-      "name": "AzureStorageKeyDetector"
-    },
-    {
-      "name": "Base64HighEntropyString",
-      "limit": 4.5
-    },
-    {
-      "name": "BasicAuthDetector"
-    },
-    {
-      "name": "CloudantDetector"
-    },
-    {
-      "name": "DiscordBotTokenDetector"
-    },
-    {
-      "name": "GitHubTokenDetector"
-    },
-    {
-      "name": "GitLabTokenDetector"
-    },
-    {
-      "name": "HexHighEntropyString",
-      "limit": 3.0
-    },
-    {
-      "name": "IbmCloudIamDetector"
-    },
-    {
-      "name": "IbmCosHmacDetector"
-    },
-    {
-      "name": "IPPublicDetector"
-    },
-    {
-      "name": "JwtTokenDetector"
-    },
-    {
-      "name": "KeywordDetector",
-      "keyword_exclude": ""
-    },
-    {
-      "name": "MailchimpDetector"
-    },
-    {
-      "name": "NpmDetector"
-    },
-    {
-      "name": "OpenAIDetector"
-    },
-    {
-      "name": "PrivateKeyDetector"
-    },
-    {
-      "name": "PypiTokenDetector"
-    },
-    {
-      "name": "SendGridDetector"
-    },
-    {
-      "name": "SlackDetector"
-    },
-    {
-      "name": "SoftlayerDetector"
-    },
-    {
-      "name": "SquareOAuthDetector"
-    },
-    {
-      "name": "StripeDetector"
-    },
-    {
-      "name": "TelegramBotTokenDetector"
-    },
-    {
-      "name": "TwilioKeyDetector"
-    }
-  ],
-  "filters_used": [
-    {
-      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
-    },
-    {
-      "path": "detect_secrets.filters.common.is_baseline_file",
-      "filename": ".secrets.baseline"
-    },
-    {
-      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
-      "min_level": 2
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_lock_file"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_sequential_string"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_swagger_file"
-    },
-    {
-      "path": "detect_secrets.filters.heuristic.is_templated_secret"
-    },
-    {
-      "path": "detect_secrets.filters.regex.should_exclude_file",
-      "pattern": [
-        "(^|/)pnpm-lock\\.yaml$"
-      ]
-    },
-    {
-      "path": "detect_secrets.filters.regex.should_exclude_line",
-      "pattern": [
-        "key_content\\.include\\?\\(\"BEGIN PRIVATE KEY\"\\)",
-        "case \\.apiKeyEnv: \"API key \\(env var\\)\"",
-        "case apikey = \"apiKey\"",
-        "\"gateway\\.remote\\.password\"",
-        "\"gateway\\.auth\\.password\"",
-        "\"talk\\.apiKey\"",
-        "=== \"string\"",
-        "typeof remote\\?\\.password === \"string\""
-      ]
-    }
-  ],
-  "results": {
-    ".env.example": [
-      {
-        "type": "Twilio API Key",
-        "filename": ".env.example",
-        "hashed_secret": "3c7206eff845bc69cf12d904d0f95f9aec15535e",
-        "is_verified": false,
-        "line_number": 2
-      }
-    ],
-    "appcast.xml": [
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "appcast.xml",
-        "hashed_secret": "1b1c2b73eca84e441a823c37a06c71c9fadcfe24",
-        "is_verified": false,
-        "line_number": 19
-      },
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "appcast.xml",
-        "hashed_secret": "5c47736fee5151b26b3bb61bb38955da0e8937c6",
-        "is_verified": false,
-        "line_number": 35
-      },
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "appcast.xml",
-        "hashed_secret": "bbbca47179268f154c63affa0ca441c6e49e650f",
-        "is_verified": false,
-        "line_number": 52
-      }
-    ],
-    "apps/macos/Tests/ClawdbotIPCTests/AnthropicAuthResolverTests.swift": [
-      {
-        "type": "Secret Keyword",
-        "filename": "apps/macos/Tests/ClawdbotIPCTests/AnthropicAuthResolverTests.swift",
-        "hashed_secret": "e761624445731fcb8b15da94343c6b92e507d190",
-        "is_verified": false,
-        "line_number": 26
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "apps/macos/Tests/ClawdbotIPCTests/AnthropicAuthResolverTests.swift",
-        "hashed_secret": "a23c8630c8a5fbaa21f095e0269c135c20d21689",
-        "is_verified": false,
-        "line_number": 42
-      }
-    ],
-    "apps/macos/Tests/ClawdbotIPCTests/ConnectionsSettingsSmokeTests.swift": [
-      {
-        "type": "Secret Keyword",
-        "filename": "apps/macos/Tests/ClawdbotIPCTests/ConnectionsSettingsSmokeTests.swift",
-        "hashed_secret": "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4",
-        "is_verified": false,
-        "line_number": 83
-      }
-    ],
-    "apps/macos/Tests/ClawdbotIPCTests/TailscaleIntegrationSectionTests.swift": [
-      {
-        "type": "Secret Keyword",
-        "filename": "apps/macos/Tests/ClawdbotIPCTests/TailscaleIntegrationSectionTests.swift",
-        "hashed_secret": "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4",
-        "is_verified": false,
-        "line_number": 27
-      }
-    ],
-    "docs/configuration.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4",
-        "is_verified": false,
-        "line_number": 268
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "1188d5a8ed7edcff5144a9472af960243eacf12e",
-        "is_verified": false,
-        "line_number": 465
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "22af290a1a3d5e941193a41a3d3a9e4ca8da5e27",
-        "is_verified": false,
-        "line_number": 718
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "16c249e04e2be318050cb883c40137361c0c7209",
-        "is_verified": false,
-        "line_number": 760
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "c1e6ee547fd492df1441ac492e8bb294974712bd",
-        "is_verified": false,
-        "line_number": 859
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/configuration.md",
-        "hashed_secret": "45d676e7c6ab44cf4b8fa366ef2d8fccd3e6d6e6",
-        "is_verified": false,
-        "line_number": 982
-      }
-    ],
-    "docs/faq.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/faq.md",
-        "hashed_secret": "a219d7693c25cd2d93313512e200ff3eb374d281",
-        "is_verified": false,
-        "line_number": 593
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/faq.md",
-        "hashed_secret": "ec3810e10fb78db55ce38b9c18d1c3eb1db739e0",
-        "is_verified": false,
-        "line_number": 650
-      }
-    ],
-    "docs/skills-config.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/skills-config.md",
-        "hashed_secret": "c1e6ee547fd492df1441ac492e8bb294974712bd",
-        "is_verified": false,
-        "line_number": 28
-      }
-    ],
-    "docs/skills.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/skills.md",
-        "hashed_secret": "c1e6ee547fd492df1441ac492e8bb294974712bd",
-        "is_verified": false,
-        "line_number": 97
-      }
-    ],
-    "docs/tailscale.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/tailscale.md",
-        "hashed_secret": "9cb0dc5383312aa15b9dc6745645bde18ff5ade9",
-        "is_verified": false,
-        "line_number": 52
-      }
-    ],
-    "docs/talk.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/talk.md",
-        "hashed_secret": "1188d5a8ed7edcff5144a9472af960243eacf12e",
-        "is_verified": false,
-        "line_number": 50
-      }
-    ],
-    "docs/telegram.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "docs/telegram.md",
-        "hashed_secret": "e9fe51f94eadabf54dbf2fbbd57188b9abee436e",
-        "is_verified": false,
-        "line_number": 57
-      }
-    ],
-    "skills/local-places/SERVER_README.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "skills/local-places/SERVER_README.md",
-        "hashed_secret": "6d9c68c603e465077bdd49c62347fe54717f83a3",
-        "is_verified": false,
-        "line_number": 28
-      }
-    ],
-    "skills/openai-whisper-api/SKILL.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "skills/openai-whisper-api/SKILL.md",
-        "hashed_secret": "1077361f94d70e1ddcc7c6dc581a489532a81d03",
-        "is_verified": false,
-        "line_number": 39
-      }
-    ],
-    "skills/trello/SKILL.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "skills/trello/SKILL.md",
-        "hashed_secret": "11fa7c37d697f30e6aee828b4426a10f83ab2380",
-        "is_verified": false,
-        "line_number": 18
-      }
-    ],
-    "src/agents/models-config.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/models-config.test.ts",
-        "hashed_secret": "7cf31e8b6cda49f70c31f1f25af05d46f924142d",
-        "is_verified": false,
-        "line_number": 25
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/models-config.test.ts",
-        "hashed_secret": "3a81eb091f80c845232225be5663d270e90dacb7",
-        "is_verified": false,
-        "line_number": 90
-      }
-    ],
-    "src/agents/skills.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/skills.test.ts",
-        "hashed_secret": "3acfb2c2b433c0ea7ff107e33df91b18e52f960f",
-        "is_verified": false,
-        "line_number": 158
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/skills.test.ts",
-        "hashed_secret": "7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb",
-        "is_verified": false,
-        "line_number": 265
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/skills.test.ts",
-        "hashed_secret": "5df3a673d724e8a1eb673a8baf623e183940804d",
-        "is_verified": false,
-        "line_number": 462
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/agents/skills.test.ts",
-        "hashed_secret": "8921daaa546693e52bc1f9c40bdcf15e816e0448",
-        "is_verified": false,
-        "line_number": 490
-      }
-    ],
-    "src/browser/target-id.test.ts": [
-      {
-        "type": "Hex High Entropy String",
-        "filename": "src/browser/target-id.test.ts",
-        "hashed_secret": "4e126c049580d66ca1549fa534d95a7263f27f46",
-        "is_verified": false,
-        "line_number": 16
-      }
-    ],
-    "src/commands/antigravity-oauth.ts": [
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "src/commands/antigravity-oauth.ts",
-        "hashed_secret": "709d0f232b6ac4f8d24dec3e4fabfdb14257174f",
-        "is_verified": false,
-        "line_number": 17
-      },
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "src/commands/antigravity-oauth.ts",
-        "hashed_secret": "3848603b8e866f62d07c206ff622279b9dcb0238",
-        "is_verified": false,
-        "line_number": 20
-      }
-    ],
-    "src/commands/onboard-auth.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/commands/onboard-auth.ts",
-        "hashed_secret": "16c249e04e2be318050cb883c40137361c0c7209",
-        "is_verified": false,
-        "line_number": 50
-      }
-    ],
-    "src/config/config.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/config/config.test.ts",
-        "hashed_secret": "bea2f7b64fab8d1d414d0449530b1e088d36d5b1",
-        "is_verified": false,
-        "line_number": 520
-      }
-    ],
-    "src/gateway/server.auth.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/gateway/server.auth.test.ts",
-        "hashed_secret": "e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4",
-        "is_verified": false,
-        "line_number": 89
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/gateway/server.auth.test.ts",
-        "hashed_secret": "a4b48a81cdab1e1a5dd37907d6c85ca1c61ddc7c",
-        "is_verified": false,
-        "line_number": 109
-      }
-    ],
-    "src/infra/env.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/infra/env.test.ts",
-        "hashed_secret": "df98a117ddabf85991b9fe0e268214dc0e1254dc",
-        "is_verified": false,
-        "line_number": 10
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/infra/env.test.ts",
-        "hashed_secret": "6d811dc1f59a55ca1a3d38b5042a062b9f79e8ec",
-        "is_verified": false,
-        "line_number": 25
-      }
-    ],
-    "src/infra/shell-env.test.ts": [
-      {
-        "type": "Secret Keyword",
-        "filename": "src/infra/shell-env.test.ts",
-        "hashed_secret": "65c10dc3549fe07424148a8a4790a3341ecbc253",
-        "is_verified": false,
-        "line_number": 35
-      },
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "src/infra/shell-env.test.ts",
-        "hashed_secret": "64db6bf7f0e5a0491df4419f0eb1bbcc402989e8",
-        "is_verified": false,
-        "line_number": 56
-      },
-      {
-        "type": "Secret Keyword",
-        "filename": "src/infra/shell-env.test.ts",
-        "hashed_secret": "e013ffda590d2178607c16d11b1ea42f75ceb0e7",
-        "is_verified": false,
-        "line_number": 73
-      },
-      {
-        "type": "Base64 High Entropy String",
-        "filename": "src/infra/shell-env.test.ts",
-        "hashed_secret": "be6ee9a6bf9f2dad84a5a67d6c0576a5bacc391e",
-        "is_verified": false,
-        "line_number": 75
-      }
-    ],
-    "src/web/qr-image.test.ts": [
-      {
-        "type": "Hex High Entropy String",
-        "filename": "src/web/qr-image.test.ts",
-        "hashed_secret": "564666dc1ca6e7318b2d5feeb1ce7b5bf717411e",
-        "is_verified": false,
-        "line_number": 12
-      }
-    ],
-    "vendor/a2ui/README.md": [
-      {
-        "type": "Secret Keyword",
-        "filename": "vendor/a2ui/README.md",
-        "hashed_secret": "2619a5397a5d054dab3fe24e6a8da1fbd76ec3a6",
-        "is_verified": false,
-        "line_number": 123
-      }
-    ]
-  },
-  "generated_at": "2026-01-05T13:01:00Z"
-}

.swiftformat

@@ -48,4 +48,4 @@
 --allman false
 
 # Exclusions
---exclude .build,.swiftpm,DerivedData,node_modules,dist,coverage,xcuserdata,Peekaboo,Swabble,apps/android,apps/ios,apps/shared,apps/macos/Sources/ClawdisProtocol,apps/macos/Sources/ClawdbotProtocol
+--exclude .build,.swiftpm,DerivedData,node_modules,dist,coverage,xcuserdata,apps/macos/Sources/ClawdisProtocol

.swiftlint.yml

@@ -17,8 +17,6 @@ excluded:
   - dist
   - coverage
   - "*.playground"
-  # Generated (protocol-gen-swift.ts)
-  - apps/macos/Sources/ClawdbotProtocol/GatewayModels.swift
 
 analyzer_rules:
   - unused_declaration
@@ -110,10 +108,6 @@ function_body_length:
   warning: 150
   error: 300
 
-function_parameter_count:
-  warning: 7
-  error: 10
-
 file_length:
   warning: 1500
   error: 2500

AGENTS.md

@@ -1,52 +1,27 @@
 # Repository Guidelines
-- Repo: https://github.com/clawdbot/clawdbot
-- GitHub issues/comments/PR comments: use literal multiline strings or `-F - <<'EOF'` (or $'...') for real newlines; never embed "\\n".
 
 ## Project Structure & Module Organization
 - Source code: `src/` (CLI wiring in `src/cli`, commands in `src/commands`, web provider in `src/provider-web.ts`, infra in `src/infra`, media pipeline in `src/media`).
 - Tests: colocated `*.test.ts`.
 - Docs: `docs/` (images, queue, Pi config). Built output lives in `dist/`.
-- Plugins/extensions: live under `extensions/*` (workspace packages). Keep plugin-only deps in the extension `package.json`; do not add them to the root `package.json` unless core uses them.
-- Installers served from `https://clawd.bot/*`: live in the sibling repo `../clawd.bot` (`public/install.sh`, `public/install-cli.sh`, `public/install.ps1`).
-- Messaging channels: always consider **all** built-in + extension channels when refactoring shared logic (routing, allowlists, pairing, command gating, onboarding, docs).
-  - Core channel docs: `docs/channels/`
-  - Core channel code: `src/telegram`, `src/discord`, `src/slack`, `src/signal`, `src/imessage`, `src/web` (WhatsApp web), `src/channels`, `src/routing`
-  - Extensions (channel plugins): `extensions/*` (e.g. `extensions/msteams`, `extensions/matrix`, `extensions/zalo`, `extensions/zalouser`, `extensions/voice-call`)
-
-## Docs Linking (Mintlify)
-- Docs are hosted on Mintlify (docs.clawd.bot).
-- Internal doc links in `docs/**/*.md`: root-relative, no `.md`/`.mdx` (example: `[Config](/configuration)`).
-- Section cross-references: use anchors on root-relative paths (example: `[Hooks](/configuration#hooks)`).
-- When Peter asks for links, reply with full `https://docs.clawd.bot/...` URLs (not root-relative).
-- When you touch docs, end the reply with the `https://docs.clawd.bot/...` URLs you referenced.
-- README (GitHub): keep absolute docs URLs (`https://docs.clawd.bot/...`) so links work on GitHub.
-- Docs content must be generic: no personal device names/hostnames/paths; use placeholders like `user@gateway-host` and “gateway host”.
 
 ## Build, Test, and Development Commands
-- Runtime baseline: Node **22+** (keep Node + Bun paths working).
 - Install deps: `pnpm install`
-- Also supported: `bun install` (keep `pnpm-lock.yaml` + Bun patching in sync when touching deps/patches).
-- Prefer Bun for TypeScript execution (scripts, dev, tests): `bun <file.ts>` / `bunx <tool>`.
-- Run CLI in dev: `pnpm clawdbot ...` (bun) or `pnpm dev`.
-- Node remains supported for running built output (`dist/*`) and production installs.
+- Run CLI in dev: `pnpm clawdis ...` (tsx entry) or `pnpm dev` for `src/index.ts`.
 - Type-check/build: `pnpm build` (tsc)
-- Lint/format: `pnpm lint` (oxlint), `pnpm format` (oxfmt)
+- Lint/format: `pnpm lint` (biome check), `pnpm format` (biome format)
 - Tests: `pnpm test` (vitest); coverage: `pnpm test:coverage`
 
 ## Coding Style & Naming Conventions
 - Language: TypeScript (ESM). Prefer strict typing; avoid `any`.
-- Formatting/linting via Oxlint and Oxfmt; run `pnpm lint` before commits.
-- Add brief code comments for tricky or non-obvious logic.
+- Formatting/linting via Biome; run `pnpm lint` before commits.
 - Keep files concise; extract helpers instead of “V2” copies. Use existing patterns for CLI options and dependency injection via `createDefaultDeps`.
 - Aim to keep files under ~700 LOC; guideline only (not a hard guardrail). Split/refactor when it improves clarity or testability.
-- Naming: use **Clawdbot** for product/app/docs headings; use `clawdbot` for CLI command, package/binary, paths, and config keys.
 
 ## Testing Guidelines
 - Framework: Vitest with V8 coverage thresholds (70% lines/branches/functions/statements).
 - Naming: match source names with `*.test.ts`; e2e in `*.e2e.test.ts`.
 - Run `pnpm test` (or `pnpm test:coverage`) before pushing when you touch logic.
-- Live tests (real keys): `CLAWDBOT_LIVE_TEST=1 pnpm test:live` (Clawdbot-only) or `LIVE=1 pnpm test:live` (includes provider live tests). Docker: `pnpm test:docker:live-models`, `pnpm test:docker:live-gateway`. Onboarding Docker E2E: `pnpm test:docker:onboard`.
-- Full kit + what’s covered: `docs/testing.md`.
 - Pure test additions/fixes generally do **not** need a changelog entry unless they alter user-facing behavior or the user asks for one.
 - Mobile: before using a simulator, check for connected real devices (iOS + Android) and prefer them when available.
 
@@ -54,97 +29,50 @@
 - Create commits with `scripts/committer "<msg>" <file...>`; avoid manual `git add`/`git commit` so staging stays scoped.
 - Follow concise, action-oriented commit messages (e.g., `CLI: add verbose flag to send`).
 - Group related changes; avoid bundling unrelated refactors.
-- Changelog workflow: keep latest released version at top (no `Unreleased`); after publishing, bump version and start a new top section.
 - PRs should summarize scope, note testing performed, and mention any user-facing changes or new flags.
-- PR review flow: when given a PR link, review via `gh pr view`/`gh pr diff` and do **not** change branches.
-- PR merge flow: create a temp branch from `main`, merge the PR branch into it (prefer squash unless commit history is important; use rebase/merge when it is). Always try to merge the PR unless it’s truly difficult, then use another approach. If we squash, add the PR author as a co-contributor. Apply fixes, add changelog entry (include PR # + thanks), run full gate before the final commit, commit, merge back to `main`, delete the temp branch, and end on `main`.
-- If you review a PR and later do work on it, land via merge/squash (no direct-main commits) and always add the PR author as a co-contributor.
-- When working on a PR: add a changelog entry with the PR number and thank the contributor.
-- When working on an issue: reference the issue in the changelog entry.
-- When merging a PR: leave a PR comment that explains exactly what we did and include the SHA hashes.
-- When merging a PR from a new contributor: add their avatar to the README “Thanks to all clawtributors” thumbnail list.
-- After merging a PR: run `bun scripts/update-clawtributors.ts` if the contributor is missing, then commit the regenerated README.
-
-## Shorthand Commands
-- `sync up`: if working tree is dirty, commit all changes (pick a sensible Conventional Commit message), then `git pull --rebase`; if rebase conflicts and cannot resolve, stop; otherwise `git push`.
-
-### PR Workflow (Review vs Land)
-- **Review mode (PR link only):** read `gh pr view/diff`; **do not** switch branches; **do not** change code.
-- **Landing mode:** create an integration branch from `main`, bring in PR commits (**prefer rebase** for linear history; **merge allowed** when complexity/conflicts make it safer), apply fixes, add changelog (+ thanks + PR #), run full gate **locally before committing** (`pnpm lint && pnpm build && pnpm test`), commit, merge back to `main`, then `git switch main` (never stay on a topic branch after landing). Important: contributor needs to be in git graph after this!
 
 ## Security & Configuration Tips
-- Web provider stores creds at `~/.clawdbot/credentials/`; rerun `clawdbot login` if logged out.
-- Pi sessions live under `~/.clawdbot/sessions/` by default; the base directory is not configurable.
-- Environment variables: see `~/.profile`.
+- Web provider stores creds at `~/.clawdis/credentials/`; rerun `clawdis login` if logged out.
+- Pi sessions live under `~/.clawdis/sessions/` by default; the base directory is not configurable.
 - Never commit or publish real phone numbers, videos, or live configuration values. Use obviously fake placeholders in docs, tests, and examples.
- - Release flow: always read `docs/reference/RELEASING.md` and `docs/platforms/mac/release.md` before any release work; do not ask routine questions once those docs answer them.
-
-## Troubleshooting
-- Rebrand/migration issues or legacy config/service warnings: run `clawdbot doctor` (see `docs/gateway/doctor.md`).
 
 ## Agent-Specific Notes
-- Vocabulary: "makeup" = "mac app".
-- When working on a GitHub Issue or PR, print the full URL at the end of the task.
-- When answering questions, respond with high-confidence answers only: verify in code; do not guess.
-- Never update the Carbon dependency.
-- Any dependency with `pnpm.patchedDependencies` must use an exact version (no `^`/`~`).
-- Patching dependencies (pnpm patches, overrides, or vendored changes) requires explicit approval; do not do this by default.
-- CLI progress: use `src/cli/progress.ts` (`osc-progress` + `@clack/prompts` spinner); don’t hand-roll spinners/bars.
-- Status output: keep tables + ANSI-safe wrapping (`src/terminal/table.ts`); `status --all` = read-only/pasteable, `status --deep` = probes.
-- Gateway currently runs only as the menubar app; there is no separate LaunchAgent/helper label installed. Restart via the Clawdbot Mac app or `scripts/restart-mac.sh`; to verify/kill use `launchctl print gui/$UID | grep clawdbot` rather than assuming a fixed label. **When debugging on macOS, start/stop the gateway via the app, not ad-hoc tmux sessions; kill any temporary tunnels before handoff.**
-- macOS logs: use `./scripts/clawlog.sh` (aka `vtlog`) to query unified logs for the Clawdbot subsystem; it supports follow/tail/category filters and expects passwordless sudo for `/usr/bin/log`.
-- If shared guardrails are available locally, review them; otherwise follow this repo's guidance.
+- Gateway currently runs only as the menubar app (launchctl shows `application.com.steipete.clawdis.debug.*`), there is no separate LaunchAgent/helper label installed. Restart via the Clawdis Mac app or `scripts/restart-mac.sh`; to verify/kill use `launchctl print gui/$UID | grep clawdis` rather than expecting `com.steipete.clawdis`. **When debugging on macOS, start/stop the gateway via the app, not ad-hoc tmux sessions; kill any temporary tunnels before handoff.**
+- macOS logs: use `./scripts/clawlog.sh` (aka `vtlog`) to query unified logs for subsystem `com.steipete.clawdis`; it supports follow/tail/category filters and expects passwordless sudo for `/usr/bin/log`.
+- Also read the shared guardrails at `~/Projects/oracle/AGENTS.md` and `~/Projects/agent-scripts/AGENTS.MD` before making changes; align with any cross-repo rules noted there.
 - SwiftUI state management (iOS/macOS): prefer the `Observation` framework (`@Observable`, `@Bindable`) over `ObservableObject`/`@StateObject`; don’t introduce new `ObservableObject` unless required for compatibility, and migrate existing usages when touching related code.
 - Connection providers: when adding a new connection, update every UI surface and docs (macOS app, web UI, mobile if applicable, onboarding/overview docs) and add matching status + configuration forms so provider lists and settings stay in sync.
-- Version locations: `package.json` (CLI), `apps/android/app/build.gradle.kts` (versionName/versionCode), `apps/ios/Sources/Info.plist` + `apps/ios/Tests/Info.plist` (CFBundleShortVersionString/CFBundleVersion), `apps/macos/Sources/Clawdbot/Resources/Info.plist` (CFBundleShortVersionString/CFBundleVersion), `docs/install/updating.md` (pinned npm version), `docs/platforms/mac/release.md` (APP_VERSION/APP_BUILD examples), Peekaboo Xcode projects/Info.plists (MARKETING_VERSION/CURRENT_PROJECT_VERSION).
 - **Restart apps:** “restart iOS/Android apps” means rebuild (recompile/install) and relaunch, not just kill/launch.
 - **Device checks:** before testing, verify connected real devices (iOS/Android) before reaching for simulators/emulators.
 - iOS Team ID lookup: `security find-identity -p codesigning -v` → use Apple Development (…) TEAMID. Fallback: `defaults read com.apple.dt.Xcode IDEProvisioningTeamIdentifiers`.
-- A2UI bundle hash: `src/canvas-host/a2ui/.bundle.hash` is auto-generated; ignore unexpected changes, and only regenerate via `pnpm canvas:a2ui:bundle` (or `scripts/bundle-a2ui.sh`) when needed. Commit the hash as a separate commit.
-- Release signing/notary keys are managed outside the repo; follow internal release docs.
-- Notary auth env vars (`APP_STORE_CONNECT_ISSUER_ID`, `APP_STORE_CONNECT_KEY_ID`, `APP_STORE_CONNECT_API_KEY_P8`) are expected in your environment (per internal release docs).
-- **Multi-agent safety:** do **not** create/apply/drop `git stash` entries unless explicitly requested (this includes `git pull --rebase --autostash`). Assume other agents may be working; keep unrelated WIP untouched and avoid cross-cutting state changes.
-- **Multi-agent safety:** when the user says "push", you may `git pull --rebase` to integrate latest changes (never discard other agents' work). When the user says "commit", scope to your changes only. When the user says "commit all", commit everything in grouped chunks.
-- **Multi-agent safety:** do **not** create/remove/modify `git worktree` checkouts (or edit `.worktrees/*`) unless explicitly requested.
-- **Multi-agent safety:** do **not** switch branches / check out a different branch unless explicitly requested.
+- A2UI bundle hash: `src/canvas-host/a2ui/.bundle.hash` is auto-generated; regenerate via `pnpm canvas:a2ui:bundle` (or `scripts/bundle-a2ui.sh`) instead of manual conflict resolution.
+- Notary key file lives at `~/Library/CloudStorage/Dropbox/Backup/AppStore/AuthKey_NJF3NFGTS3.p8` (Sparkle keys live under `~/Library/CloudStorage/Dropbox/Backup/Sparkle`).
+- **Multi-agent safety:** do **not** create/apply/drop `git stash` entries unless Peter explicitly asks (this includes `git pull --rebase --autostash`). Assume other agents may be working; keep unrelated WIP untouched and avoid cross-cutting state changes.
+- **Multi-agent safety:** when Peter says "push", you may `git pull --rebase` to integrate latest changes (never discard other agents' work). When Peter says "commit", scope to your changes only. When Peter says "commit all", commit everything in grouped chunks.
+- **Multi-agent safety:** do **not** create/remove/modify `git worktree` checkouts (or edit `.worktrees/*`) unless Peter explicitly asks.
+- **Multi-agent safety:** do **not** switch branches / check out a different branch unless Peter explicitly asks.
 - **Multi-agent safety:** running multiple agents is OK as long as each agent has its own session.
-- **Multi-agent safety:** when you see unrecognized files, keep going; focus on your changes and commit only those.
-- Lobster seam: use the shared CLI palette in `src/terminal/palette.ts` (no hardcoded colors); apply palette to onboarding/config prompts and other TTY UI output as needed.
-- **Multi-agent safety:** focus reports on your edits; avoid guard-rail disclaimers unless truly blocked; when multiple agents touch the same file, continue if safe; end with a brief “other files present” note only if relevant.
-- Bug investigations: read source code of relevant npm dependencies and all related local code before concluding; aim for high-confidence root cause.
-- Code style: add brief comments for tricky logic; keep files under ~500 LOC when feasible (split/refactor as needed).
-- Tool schema guardrails (google-antigravity): avoid `Type.Union` in tool input schemas; no `anyOf`/`oneOf`/`allOf`. Use `stringEnum`/`optionalStringEnum` (Type.Unsafe enum) for string lists, and `Type.Optional(...)` instead of `... | null`. Keep top-level tool schema as `type: "object"` with `properties`.
-- Tool schema guardrails: avoid raw `format` property names in tool schemas; some validators treat `format` as a reserved keyword and reject the schema.
-- When asked to open a “session” file, open the Pi session logs under `~/.clawdbot/agents/main/sessions/*.jsonl` (newest unless a specific ID is given), not the default `sessions.json`. If logs are needed from another machine, SSH via Tailscale and read the same path there.
-- Menubar dimming + restart flow mirrors Trimmy: use `scripts/restart-mac.sh` (kills all Clawdbot variants, runs `swift build`, packages, relaunches). Icon dimming depends on MenuBarExtraAccess wiring in AppMain; keep `appearsDisabled` updates intact when touching the status item.
+- When asked to open a “session” file, open the Pi session logs under `~/.clawdis/sessions/*.jsonl` (newest unless a specific ID is given), not the default `sessions.json`. If logs are needed from Mac Studio, SSH via Tailscale and read the same path there.
+- Menubar dimming + restart flow mirrors Trimmy: use `scripts/restart-mac.sh` (kills all Clawdis variants, runs `swift build`, packages, relaunches). Icon dimming depends on MenuBarExtraAccess wiring in AppMain; keep `appearsDisabled` updates intact when touching the status item.
 - Do not rebuild the macOS app over SSH; rebuilds must be run directly on the Mac.
 - Never send streaming/partial replies to external messaging surfaces (WhatsApp, Telegram); only final replies should be delivered there. Streaming/tool events may still go to internal UIs/control channel.
 - Voice wake forwarding tips:
-  - Command template should stay `clawdbot-mac agent --message "${text}" --thinking low`; `VoiceWakeForwarder` already shell-escapes `${text}`. Don’t add extra quotes.
-  - launchd PATH is minimal; ensure the app’s launch agent PATH includes standard system paths plus your pnpm bin (typically `$HOME/Library/pnpm`) so `pnpm`/`clawdbot` binaries resolve when invoked via `clawdbot-mac`.
-- For manual `clawdbot message send` messages that include `!`, use the heredoc pattern noted below to avoid the Bash tool’s escaping.
-- Release guardrails: do not change version numbers without operator’s explicit consent; always ask permission before running any npm publish/release step.
-
-## NPM + 1Password (publish/verify)
-- Use the 1password skill; all `op` commands must run inside a fresh tmux session.
-- Sign in: `eval "$(op signin --account my.1password.com)"` (app unlocked + integration on).
-- OTP: `op read 'op://Private/Npmjs/one-time password?attribute=otp'`.
-- Publish: `npm publish --access public --otp="<otp>"` (run from the package dir).
-- Verify without local npmrc side effects: `npm view <pkg> version --userconfig "$(mktemp)"`.
-- Kill the tmux session after publish.
+  - Command template should stay `clawdis-mac agent --message "${text}" --thinking low`; `VoiceWakeForwarder` already shell-escapes `${text}`. Don’t add extra quotes.
+  - launchd PATH is minimal; ensure the app’s launch agent sets PATH to include `/opt/homebrew/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Users/steipete/Library/pnpm` so `pnpm`/`clawdis` binaries resolve when invoked via `clawdis-mac`.
+  - For manual `clawdis send` messages that include `!`, use the heredoc pattern noted below to avoid the Bash tool’s escaping.
 
 ## Exclamation Mark Escaping Workaround
-The Claude Code Bash tool escapes `!` to `\\!` in command arguments. When using `clawdbot message send` with messages containing exclamation marks, use heredoc syntax:
+The Claude Code Bash tool escapes `!` to `\\!` in command arguments. When using `clawdis send` with messages containing exclamation marks, use heredoc syntax:
 
 ```bash
 # WRONG - will send "Hello\\!" with backslash
-clawdbot message send --to "+1234" --message 'Hello!'
+clawdis send --to "+1234" --message 'Hello!'
 
 # CORRECT - use heredoc to avoid escaping
-clawdbot message send --to "+1234" --message "$(cat <<'EOF'
+clawdis send --to "+1234" --message "$(cat <<'EOF'
 Hello!
 EOF
 )"
 ```
 
-This is a Claude Code quirk, not a clawdbot bug.
+This is a Claude Code quirk, not a clawdis bug.

CONTRIBUTING.md

@@ -1,9 +1,9 @@
-# Contributing to Clawdbot
+# Contributing to Clawdis
 
 Welcome to the lobster tank! 🦞
 
 ## Quick Links
-- **GitHub:** https://github.com/clawdbot/clawdbot
+- **GitHub:** https://github.com/steipete/clawdis
 - **Discord:** https://discord.gg/qkhbAGHRBT
 - **X/Twitter:** [@steipete](https://x.com/steipete) / [@clawdbot](https://x.com/clawdbot)
 
@@ -12,19 +12,19 @@ Welcome to the lobster tank! 🦞
 - **Peter Steinberger** - Benevolent Dictator
   - GitHub: [@steipete](https://github.com/steipete) · X: [@steipete](https://x.com/steipete)
 
-- **Shadow** - Discord + Slack subsystem
-  - GitHub: [@thewilloftheshadow](https://github.com/thewilloftheshadow) · X: [@4shad0wed](https://x.com/4shad0wed)
+- **Shadow** - Discord subsystem
+  - GitHub: [@4shadowed](https://github.com/4shadowed) · X: [@4shad0wed](https://x.com/4shad0wed)
 
 - **Jos** - Telegram, API, Nix mode
   - GitHub: [@joshp123](https://github.com/joshp123) · X: [@jjpcodes](https://x.com/jjpcodes)
 
 ## How to Contribute
 1. **Bugs & small fixes** → Open a PR!
-2. **New features / architecture** → Start a [GitHub Discussion](https://github.com/clawdbot/clawdbot/discussions) or ask in Discord first
+2. **New features / architecture** → Start a [GitHub Discussion](https://github.com/steipete/clawdis/discussions) or ask in Discord first
 3. **Questions** → Discord #setup-help
 
 ## Before You PR
-- Test locally with your Clawdbot instance
+- Test locally with your Clawdis instance
 - Run linter: `npm run lint`
 - Keep PRs focused (one thing per PR)
 - Describe what & why

Dockerfile

@@ -1,32 +1,13 @@
 FROM node:22-bookworm
 
-# Install Bun (required for build scripts)
-RUN curl -fsSL https://bun.sh/install | bash
-ENV PATH="/root/.bun/bin:${PATH}"
-
 RUN corepack enable
 
 WORKDIR /app
 
-ARG CLAWDBOT_DOCKER_APT_PACKAGES=""
-RUN if [ -n "$CLAWDBOT_DOCKER_APT_PACKAGES" ]; then \
-      apt-get update && \
-      DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends $CLAWDBOT_DOCKER_APT_PACKAGES && \
-      apt-get clean && \
-      rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*; \
-    fi
-
-COPY package.json pnpm-lock.yaml pnpm-workspace.yaml .npmrc ./
-COPY ui/package.json ./ui/package.json
-COPY patches ./patches
-COPY scripts ./scripts
+COPY . .
 
 RUN pnpm install --frozen-lockfile
-
-COPY . .
 RUN pnpm build
-# Force pnpm for UI build (Bun may fail on ARM/Synology architectures)
-ENV CLAWDBOT_PREFER_PNPM=1
 RUN pnpm ui:install
 RUN pnpm ui:build
 

Dockerfile.sandbox-browser

@@ -14,15 +14,14 @@ RUN apt-get update \
     jq \
     novnc \
     python3 \
-    socat \
     websockify \
     x11vnc \
     xvfb \
   && rm -rf /var/lib/apt/lists/*
 
-COPY scripts/sandbox-browser-entrypoint.sh /usr/local/bin/clawdbot-sandbox-browser
-RUN chmod +x /usr/local/bin/clawdbot-sandbox-browser
+COPY scripts/sandbox-browser-entrypoint.sh /usr/local/bin/clawdis-sandbox-browser
+RUN chmod +x /usr/local/bin/clawdis-sandbox-browser
 
 EXPOSE 9222 5900 6080
 
-CMD ["clawdbot-sandbox-browser"]
+CMD ["clawdis-sandbox-browser"]

README.md

@@ -1,7 +1,7 @@
-# 🦞 Clawdbot — Personal AI Assistant
+# 🦞 CLAWDIS — Personal AI Assistant
 
 <p align="center">
-  <img src="https://raw.githubusercontent.com/clawdbot/clawdbot/main/docs/whatsapp-clawd.jpg" alt="Clawdbot" width="400">
+  <img src="https://raw.githubusercontent.com/steipete/clawdis/main/docs/whatsapp-clawd.jpg" alt="CLAWDIS" width="400">
 </p>
 
 <p align="center">
@@ -9,370 +9,191 @@
 </p>
 
 <p align="center">
-  <a href="https://github.com/clawdbot/clawdbot/actions/workflows/ci.yml?branch=main"><img src="https://img.shields.io/github/actions/workflow/status/clawdbot/clawdbot/ci.yml?branch=main&style=for-the-badge" alt="CI status"></a>
-  <a href="https://github.com/clawdbot/clawdbot/releases"><img src="https://img.shields.io/github/v/release/clawdbot/clawdbot?include_prereleases&style=for-the-badge" alt="GitHub release"></a>
+  <a href="https://github.com/steipete/clawdis/actions/workflows/ci.yml?branch=main"><img src="https://img.shields.io/github/actions/workflow/status/steipete/clawdis/ci.yml?branch=main&style=for-the-badge" alt="CI status"></a>
+  <a href="https://github.com/steipete/clawdis/releases"><img src="https://img.shields.io/github/v/release/steipete/clawdis?include_prereleases&style=for-the-badge" alt="GitHub release"></a>
   <a href="https://discord.gg/clawd"><img src="https://img.shields.io/discord/1456350064065904867?label=Discord&logo=discord&logoColor=white&color=5865F2&style=for-the-badge" alt="Discord"></a>
   <a href="LICENSE"><img src="https://img.shields.io/badge/License-MIT-blue.svg?style=for-the-badge" alt="MIT License"></a>
 </p>
 
-**Clawdbot** is a *personal AI assistant* you run on your own devices.
-It answers you on the channels you already use (WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Microsoft Teams, WebChat), can speak and listen on macOS/iOS/Android, and can render a live Canvas you control. The Gateway is just the control plane — the product is the assistant.
+**Clawdis** is a *personal AI assistant* you run on your own devices.
+It answers you on the surfaces you already use (WhatsApp, Telegram, Discord, iMessage, WebChat), can speak and listen on macOS/iOS, and can render a live Canvas you control. The Gateway is just the control plane — the product is the assistant.
 
 If you want a personal, single-user assistant that feels local, fast, and always-on, this is it.
 
-[Website](https://clawdbot.com) · [Docs](https://docs.clawd.bot) · [Getting Started](https://docs.clawd.bot/start/getting-started) · [Updating](https://docs.clawd.bot/install/updating) · [Showcase](https://docs.clawd.bot/start/showcase) · [FAQ](https://docs.clawd.bot/start/faq) · [Wizard](https://docs.clawd.bot/start/wizard) · [Nix](https://github.com/clawdbot/nix-clawdbot) · [Docker](https://docs.clawd.bot/install/docker) · [Discord](https://discord.gg/clawd)
+Website: https://clawd.me · Docs: [`docs/index.md`](docs/index.md) · FAQ: [`docs/faq.md`](docs/faq.md) · Wizard: [`docs/wizard.md`](docs/wizard.md) · Docker (optional): [`docs/docker.md`](docs/docker.md) · Discord: https://discord.gg/clawd
 
-Preferred setup: run the onboarding wizard (`clawdbot onboard`). It walks through gateway, workspace, channels, and skills. The CLI wizard is the recommended path and works on **macOS, Linux, and Windows (via WSL2; strongly recommended)**.
-Works with npm, pnpm, or bun.
-New install? Start here: [Getting started](https://docs.clawd.bot/start/getting-started)
+Preferred setup: run the onboarding wizard (`clawdis onboard`). It walks through gateway, workspace, providers, and skills. The CLI wizard is the recommended path and works on **macOS, Windows, and Linux**.
 
-**Subscriptions (OAuth):**
-- **[Anthropic](https://www.anthropic.com/)** (Claude Pro/Max)
-- **[OpenAI](https://openai.com/)** (ChatGPT/Codex)
-
-Model note: while any model is supported, I strongly recommend **Anthropic Pro/Max (100/200) + Opus 4.5** for long‑context strength and better prompt‑injection resistance. See [Onboarding](https://docs.clawd.bot/start/onboarding).
-
-## Models (selection + auth)
-
-- Models config + CLI: [Models](https://docs.clawd.bot/concepts/models)
-- Auth profile rotation (OAuth vs API keys) + fallbacks: [Model failover](https://docs.clawd.bot/concepts/model-failover)
-
-## Install (recommended)
-
-Runtime: **Node ≥22**.
-
-```bash
-npm install -g clawdbot@latest
-# or: pnpm add -g clawdbot@latest
-
-clawdbot onboard --install-daemon
-```
-
-The wizard installs the Gateway daemon (launchd/systemd user service) so it stays running.
-
-## Quick start (TL;DR)
-
-Runtime: **Node ≥22**.
-
-Full beginner guide (auth, pairing, channels): [Getting started](https://docs.clawd.bot/start/getting-started)
-
-```bash
-clawdbot onboard --install-daemon
-
-clawdbot gateway --port 18789 --verbose
-
-# Send a message
-clawdbot message send --to +1234567890 --message "Hello from Clawdbot"
-
-# Talk to the assistant (optionally deliver back to WhatsApp/Telegram/Slack/Discord/Microsoft Teams)
-clawdbot agent --message "Ship checklist" --thinking high
-```
-
-Upgrading? [Updating guide](https://docs.clawd.bot/install/updating) (and run `clawdbot doctor`).
-
-## From source (development)
-
-Prefer `pnpm` for builds from source. Bun is optional for running TypeScript directly.
-
-```bash
-git clone https://github.com/clawdbot/clawdbot.git
-cd clawdbot
-
-pnpm install
-pnpm ui:build # auto-installs UI deps on first run
-pnpm build
-
-pnpm clawdbot onboard --install-daemon
-
-# Dev loop (auto-reload on TS changes)
-pnpm gateway:watch
-```
-
-Note: `pnpm clawdbot ...` runs TypeScript directly (via `tsx`). `pnpm build` produces `dist/` for running via Node / the packaged `clawdbot` binary.
-
-## Security defaults (DM access)
-
-Clawdbot connects to real messaging surfaces. Treat inbound DMs as **untrusted input**.
-
-Full security guide: [Security](https://docs.clawd.bot/gateway/security)
-
-Default behavior on Telegram/WhatsApp/Signal/iMessage/Microsoft Teams/Discord/Slack:
-- **DM pairing** (`dmPolicy="pairing"` / `channels.discord.dm.policy="pairing"` / `channels.slack.dm.policy="pairing"`): unknown senders receive a short pairing code and the bot does not process their message.
-- Approve with: `clawdbot pairing approve <channel> <code>` (then the sender is added to a local allowlist store).
-- Public inbound DMs require an explicit opt-in: set `dmPolicy="open"` and include `"*"` in the channel allowlist (`allowFrom` / `channels.discord.dm.allowFrom` / `channels.slack.dm.allowFrom`).
-
-Run `clawdbot doctor` to surface risky/misconfigured DM policies.
-
-## Highlights
-
-- **[Local-first Gateway](https://docs.clawd.bot/gateway)** — single control plane for sessions, channels, tools, and events.
-- **[Multi-channel inbox](https://docs.clawd.bot/channels)** — WhatsApp, Telegram, Slack, Discord, Signal, iMessage, Microsoft Teams, WebChat, macOS, iOS/Android.
-- **[Multi-agent routing](https://docs.clawd.bot/gateway/configuration)** — route inbound channels/accounts/peers to isolated agents (workspaces + per-agent sessions).
-- **[Voice Wake](https://docs.clawd.bot/nodes/voicewake) + [Talk Mode](https://docs.clawd.bot/nodes/talk)** — always-on speech for macOS/iOS/Android with ElevenLabs.
-- **[Live Canvas](https://docs.clawd.bot/platforms/mac/canvas)** — agent-driven visual workspace with [A2UI](https://docs.clawd.bot/platforms/mac/canvas#canvas-a2ui).
-- **[First-class tools](https://docs.clawd.bot/tools)** — browser, canvas, nodes, cron, sessions, and Discord/Slack actions.
-- **[Companion apps](https://docs.clawd.bot/platforms/macos)** — macOS menu bar app + iOS/Android [nodes](https://docs.clawd.bot/nodes).
-- **[Onboarding](https://docs.clawd.bot/start/wizard) + [skills](https://docs.clawd.bot/tools/skills)** — wizard-driven setup with bundled/managed/workspace skills.
-
-## Star History
-
-[![Star History Chart](https://api.star-history.com/svg?repos=clawdbot/clawdbot&type=date&legend=top-left)](https://www.star-history.com/#clawdbot/clawdbot&type=date&legend=top-left)
-
-## Everything we built so far
-
-### Core platform
-- [Gateway WS control plane](https://docs.clawd.bot/gateway) with sessions, presence, config, cron, webhooks, [Control UI](https://docs.clawd.bot/web), and [Canvas host](https://docs.clawd.bot/platforms/mac/canvas#canvas-a2ui).
-- [CLI surface](https://docs.clawd.bot/tools/agent-send): gateway, agent, send, [wizard](https://docs.clawd.bot/start/wizard), and [doctor](https://docs.clawd.bot/gateway/doctor).
-- [Pi agent runtime](https://docs.clawd.bot/concepts/agent) in RPC mode with tool streaming and block streaming.
-- [Session model](https://docs.clawd.bot/concepts/session): `main` for direct chats, group isolation, activation modes, queue modes, reply-back. Group rules: [Groups](https://docs.clawd.bot/concepts/groups).
-- [Media pipeline](https://docs.clawd.bot/nodes/images): images/audio/video, transcription hooks, size caps, temp file lifecycle. Audio details: [Audio](https://docs.clawd.bot/nodes/audio).
-
-### Channels
-- [Channels](https://docs.clawd.bot/channels): [WhatsApp](https://docs.clawd.bot/channels/whatsapp) (Baileys), [Telegram](https://docs.clawd.bot/channels/telegram) (grammY), [Slack](https://docs.clawd.bot/channels/slack) (Bolt), [Discord](https://docs.clawd.bot/channels/discord) (discord.js), [Signal](https://docs.clawd.bot/channels/signal) (signal-cli), [iMessage](https://docs.clawd.bot/channels/imessage) (imsg), [Microsoft Teams](https://docs.clawd.bot/channels/msteams) (Bot Framework), [WebChat](https://docs.clawd.bot/web/webchat).
-- [Group routing](https://docs.clawd.bot/concepts/group-messages): mention gating, reply tags, per-channel chunking and routing. Channel rules: [Channels](https://docs.clawd.bot/channels).
-
-### Apps + nodes
-- [macOS app](https://docs.clawd.bot/platforms/macos): menu bar control plane, [Voice Wake](https://docs.clawd.bot/nodes/voicewake)/PTT, [Talk Mode](https://docs.clawd.bot/nodes/talk) overlay, [WebChat](https://docs.clawd.bot/web/webchat), debug tools, [remote gateway](https://docs.clawd.bot/gateway/remote) control.
-- [iOS node](https://docs.clawd.bot/platforms/ios): [Canvas](https://docs.clawd.bot/platforms/mac/canvas), [Voice Wake](https://docs.clawd.bot/nodes/voicewake), [Talk Mode](https://docs.clawd.bot/nodes/talk), camera, screen recording, Bonjour pairing.
-- [Android node](https://docs.clawd.bot/platforms/android): [Canvas](https://docs.clawd.bot/platforms/mac/canvas), [Talk Mode](https://docs.clawd.bot/nodes/talk), camera, screen recording, optional SMS.
-- [macOS node mode](https://docs.clawd.bot/nodes): system.run/notify + canvas/camera exposure.
-
-### Tools + automation
-- [Browser control](https://docs.clawd.bot/tools/browser): dedicated clawd Chrome/Chromium, snapshots, actions, uploads, profiles.
-- [Canvas](https://docs.clawd.bot/platforms/mac/canvas): [A2UI](https://docs.clawd.bot/platforms/mac/canvas#canvas-a2ui) push/reset, eval, snapshot.
-- [Nodes](https://docs.clawd.bot/nodes): camera snap/clip, screen record, [location.get](https://docs.clawd.bot/nodes/location-command), notifications.
-- [Cron + wakeups](https://docs.clawd.bot/automation/cron-jobs); [webhooks](https://docs.clawd.bot/automation/webhook); [Gmail Pub/Sub](https://docs.clawd.bot/automation/gmail-pubsub).
-- [Skills platform](https://docs.clawd.bot/tools/skills): bundled, managed, and workspace skills with install gating + UI.
-
-### Runtime + safety
-- [Channel routing](https://docs.clawd.bot/concepts/channel-routing), [retry policy](https://docs.clawd.bot/concepts/retry), and [streaming/chunking](https://docs.clawd.bot/concepts/streaming).
-- [Presence](https://docs.clawd.bot/concepts/presence), [typing indicators](https://docs.clawd.bot/concepts/typing-indicators), and [usage tracking](https://docs.clawd.bot/concepts/usage-tracking).
-- [Models](https://docs.clawd.bot/concepts/models), [model failover](https://docs.clawd.bot/concepts/model-failover), and [session pruning](https://docs.clawd.bot/concepts/session-pruning).
-- [Security](https://docs.clawd.bot/gateway/security) and [troubleshooting](https://docs.clawd.bot/channels/troubleshooting).
-
-### Ops + packaging
-- [Control UI](https://docs.clawd.bot/web) + [WebChat](https://docs.clawd.bot/web/webchat) served directly from the Gateway.
-- [Tailscale Serve/Funnel](https://docs.clawd.bot/gateway/tailscale) or [SSH tunnels](https://docs.clawd.bot/gateway/remote) with token/password auth.
-- [Nix mode](https://docs.clawd.bot/install/nix) for declarative config; [Docker](https://docs.clawd.bot/install/docker)-based installs.
-- [Doctor](https://docs.clawd.bot/gateway/doctor) migrations, [logging](https://docs.clawd.bot/logging).
-
-## How it works (short)
+Using Claude Pro/Max subscription? See `docs/onboarding.md` for the Anthropic OAuth setup.
 
 ```
-WhatsApp / Telegram / Slack / Discord / Signal / iMessage / Microsoft Teams / WebChat
-               │
-               ▼
+Your surfaces
+   │
+   ▼
 ┌───────────────────────────────┐
-│            Gateway            │
-│       (control plane)         │
-│     ws://127.0.0.1:18789      │
+│            Gateway            │  ws://127.0.0.1:18789
+│       (control plane)         │  tcp://0.0.0.0:18790 (optional Bridge)
 └──────────────┬────────────────┘
                │
                ├─ Pi agent (RPC)
-               ├─ CLI (clawdbot …)
-               ├─ WebChat UI
-               ├─ macOS app
-               └─ iOS / Android nodes
+               ├─ CLI (clawdis …)
+               ├─ WebChat (browser)
+               ├─ macOS app (Clawdis.app)
+               └─ iOS node (Canvas + voice)
 ```
 
-## Key subsystems
+## What Clawdis does
 
-- **[Gateway WebSocket network](https://docs.clawd.bot/concepts/architecture)** — single WS control plane for clients, tools, and events (plus ops: [Gateway runbook](https://docs.clawd.bot/gateway)).
-- **[Tailscale exposure](https://docs.clawd.bot/gateway/tailscale)** — Serve/Funnel for the Gateway dashboard + WS (remote access: [Remote](https://docs.clawd.bot/gateway/remote)).
-- **[Browser control](https://docs.clawd.bot/tools/browser)** — clawd‑managed Chrome/Chromium with CDP control.
-- **[Canvas + A2UI](https://docs.clawd.bot/platforms/mac/canvas)** — agent‑driven visual workspace (A2UI host: [Canvas/A2UI](https://docs.clawd.bot/platforms/mac/canvas#canvas-a2ui)).
-- **[Voice Wake](https://docs.clawd.bot/nodes/voicewake) + [Talk Mode](https://docs.clawd.bot/nodes/talk)** — always‑on speech and continuous conversation.
-- **[Nodes](https://docs.clawd.bot/nodes)** — Canvas, camera snap/clip, screen record, `location.get`, notifications, plus macOS‑only `system.run`/`system.notify`.
+- **Personal assistant** — one user, one identity, one memory surface.
+- **Multi-surface inbox** — WhatsApp, Telegram, Discord, iMessage, WebChat, macOS, iOS. Signal support via `signal-cli` (see `docs/signal.md`). iMessage uses `imsg` (see `docs/imessage.md`).
+- **Voice wake + push-to-talk** — local speech recognition on macOS/iOS.
+- **Canvas** — a live visual workspace you can drive from the agent.
+- **Automation-ready** — browser control, media handling, and tool streaming.
+- **Local-first control plane** — the Gateway owns state, everything else connects.
+- **Group chats** — mention-based by default, `/activation always|mention` per group (owner-only).
+- **Nix mode** — opt-in declarative config + read-only UI when `CLAWDIS_NIX_MODE=1`.
 
-## Tailscale access (Gateway dashboard)
+## How it works (short)
 
-Clawdbot can auto-configure Tailscale **Serve** (tailnet-only) or **Funnel** (public) while the Gateway stays bound to loopback. Configure `gateway.tailscale.mode`:
+- **Gateway** is the single source of truth for sessions/providers.
+- **Loopback-first**: `ws://127.0.0.1:18789` by default.
+- **Bridge** (optional) exposes a paired-node port for iOS/Android.
+- **Agent runtime** is **Pi** in RPC mode.
 
-- `off`: no Tailscale automation (default).
-- `serve`: tailnet-only HTTPS via `tailscale serve` (uses Tailscale identity headers by default).
-- `funnel`: public HTTPS via `tailscale funnel` (requires shared password auth).
+## Quick start (from source)
 
-Notes:
-- `gateway.bind` must stay `loopback` when Serve/Funnel is enabled (Clawdbot enforces this).
-- Serve can be forced to require a password by setting `gateway.auth.mode: "password"` or `gateway.auth.allowTailscale: false`.
-- Funnel refuses to start unless `gateway.auth.mode: "password"` is set.
-- Optional: `gateway.tailscale.resetOnExit` to undo Serve/Funnel on shutdown.
+Runtime: **Node ≥22** + **pnpm**.
 
-Details: [Tailscale guide](https://docs.clawd.bot/gateway/tailscale) · [Web surfaces](https://docs.clawd.bot/web)
+```bash
+pnpm install
+pnpm build
+pnpm ui:build
 
-## Remote Gateway (Linux is great)
+# Recommended: run the onboarding wizard
+pnpm clawdis onboard
 
-It’s perfectly fine to run the Gateway on a small Linux instance. Clients (macOS app, CLI, WebChat) can connect over **Tailscale Serve/Funnel** or **SSH tunnels**, and you can still pair device nodes (macOS/iOS/Android) to execute device‑local actions when needed.
+# Link WhatsApp (stores creds in ~/.clawdis/credentials)
+pnpm clawdis login
 
-- **Gateway host** runs the exec tool and channel connections by default.
-- **Device nodes** run device‑local actions (`system.run`, camera, screen recording, notifications) via `node.invoke`.
-In short: exec runs where the Gateway lives; device actions run where the device lives.
+# Start the gateway
+pnpm clawdis gateway --port 18789 --verbose
 
-Details: [Remote access](https://docs.clawd.bot/gateway/remote) · [Nodes](https://docs.clawd.bot/nodes) · [Security](https://docs.clawd.bot/gateway/security)
+# Dev loop (auto-reload on TS changes)
+pnpm gateway:watch
 
-## macOS permissions via the Gateway protocol
+# Send a message
+pnpm clawdis send --to +1234567890 --message "Hello from Clawdis"
 
-The macOS app can run in **node mode** and advertises its capabilities + permission map over the Gateway WebSocket (`node.list` / `node.describe`). Clients can then execute local actions via `node.invoke`:
+# Talk to the assistant (optionally deliver back to WhatsApp/Telegram/Discord)
+pnpm clawdis agent --message "Ship checklist" --thinking high
+```
 
-- `system.run` runs a local command and returns stdout/stderr/exit code; set `needsScreenRecording: true` to require screen-recording permission (otherwise you’ll get `PERMISSION_MISSING`).
-- `system.notify` posts a user notification and fails if notifications are denied.
-- `canvas.*`, `camera.*`, `screen.record`, and `location.get` are also routed via `node.invoke` and follow TCC permission status.
-
-Elevated bash (host permissions) is separate from macOS TCC:
-
-- Use `/elevated on|off` to toggle per‑session elevated access when enabled + allowlisted.
-- Gateway persists the per‑session toggle via `sessions.patch` (WS method) alongside `thinkingLevel`, `verboseLevel`, `model`, `sendPolicy`, and `groupActivation`.
-
-Details: [Nodes](https://docs.clawd.bot/nodes) · [macOS app](https://docs.clawd.bot/platforms/macos) · [Gateway protocol](https://docs.clawd.bot/concepts/architecture)
-
-## Agent to Agent (sessions_* tools)
-
-- Use these to coordinate work across sessions without jumping between chat surfaces.
-- `sessions_list` — discover active sessions (agents) and their metadata.
-- `sessions_history` — fetch transcript logs for a session.
-- `sessions_send` — message another session; optional reply‑back ping‑pong + announce step (`REPLY_SKIP`, `ANNOUNCE_SKIP`).
-
-Details: [Session tools](https://docs.clawd.bot/concepts/session-tool)
-
-## Skills registry (ClawdHub)
-
-ClawdHub is a minimal skill registry. With ClawdHub enabled, the agent can search for skills automatically and pull in new ones as needed.
-
-[ClawdHub](https://ClawdHub.com)
+If you run from source, prefer `pnpm clawdis …` (not global `clawdis`).
 
 ## Chat commands
 
-Send these in WhatsApp/Telegram/Slack/Microsoft Teams/WebChat (group commands are owner-only):
+Send these in WhatsApp/Telegram/WebChat (group commands are owner-only):
 
-- `/status` — compact session status (model + tokens, cost when available)
+- `/status` — health + session info (group shows activation mode)
 - `/new` or `/reset` — reset the session
-- `/compact` — compact session context (summary)
-- `/think <level>` — off|minimal|low|medium|high|xhigh (GPT-5.2 + Codex models only)
+- `/think <level>` — off|minimal|low|medium|high
 - `/verbose on|off`
-- `/usage off|tokens|full` — per-response usage footer
 - `/restart` — restart the gateway (owner-only in groups)
 - `/activation mention|always` — group activation toggle (groups only)
 
-## Apps (optional)
+## Architecture
 
-The Gateway alone delivers a great experience. All apps are optional and add extra features.
+### TypeScript Gateway (src/gateway/server.ts)
+- **Single HTTP+WS server** on `ws://127.0.0.1:18789` (bind policy: loopback/lan/tailnet/auto). The first frame must be `connect`; AJV validates frames against TypeBox schemas (`src/gateway/protocol`).
+- **Single source of truth** for sessions, providers, cron, voice wake, and presence. Methods cover `send`, `agent`, `chat.*`, `sessions.*`, `config.*`, `cron.*`, `voicewake.*`, `node.*`, `system-*`, `wake`.
+- **Events + snapshot**: handshake returns a snapshot (presence/health) and declares event types; runtime events include `agent`, `chat`, `presence`, `tick`, `health`, `heartbeat`, `cron`, `node.pair.*`, `voicewake.changed`, `shutdown`.
+- **Idempotency & safety**: `send`/`agent`/`chat.send` require idempotency keys with a TTL cache (5 min, cap 1000) to avoid double‑sends on reconnects; payload sizes are capped per connection.
+- **Bridge for nodes**: optional TCP bridge (`src/infra/bridge/server.ts`) is newline‑delimited JSON frames (`hello`, pairing, RPC, `invoke`); node connect/disconnect is surfaced into presence.
+- **Control UI + Canvas Host**: HTTP serves Control UI assets (default `/`, optional base path) and can host a live‑reload Canvas host for nodes (`src/canvas-host/server.ts`), injecting the A2UI postMessage bridge.
 
-If you plan to build/run companion apps, initialize submodules first:
+### iOS app (apps/ios)
+- **Discovery + pairing**: Bonjour discovery via `BridgeDiscoveryModel` (NWBrowser). `BridgeConnectionController` auto‑connects using Keychain token or allows manual host/port.
+- **Node runtime**: `BridgeSession` (actor) maintains the `NWConnection`, hello handshake, ping/pong, RPC requests, and `invoke` callbacks.
+- **Capabilities + commands**: advertises `canvas`, `screen`, `camera`, `voiceWake` (settings‑driven) and executes `canvas.*`, `canvas.a2ui.*`, `camera.*`, `screen.record` (`NodeAppModel.handleInvoke`).
+- **Canvas**: `WKWebView` with bundled Canvas scaffold + A2UI, JS eval, snapshot capture, and `clawdis://` deep‑link interception (`ScreenController`).
+- **Voice + deep links**: voice wake sends `voice.transcript` events; `clawdis://agent` links emit `agent.request`. Voice wake triggers sync via `voicewake.get` + `voicewake.changed`.
 
-```bash
-git submodule update --init --recursive
-./scripts/restart-mac.sh
-```
+## Companion apps
 
-### macOS (Clawdbot.app) (optional)
+The **macOS app is critical**: it runs the menu‑bar control plane, owns local permissions (TCC), hosts Voice Wake, exposes WebChat/debug tools, and coordinates local/remote gateway mode. Most “assistant” UX lives here.
+
+### macOS (Clawdis.app)
 
 - Menu bar control for the Gateway and health.
 - Voice Wake + push-to-talk overlay.
 - WebChat + debug tools.
 - Remote gateway control over SSH.
 
-Note: signed builds required for macOS permissions to stick across rebuilds (see `docs/mac/permissions.md`).
+Build/run: `./scripts/restart-mac.sh` (packages + launches).
 
-### iOS node (optional)
+### iOS node (internal)
 
 - Pairs as a node via the Bridge.
 - Voice trigger forwarding + Canvas surface.
-- Controlled via `clawdbot nodes …`.
+- Controlled via `clawdis nodes …`.
 
-Runbook: [iOS connect](https://docs.clawd.bot/platforms/ios).
+Runbook: `docs/ios/connect.md`.
 
-### Android node (optional)
+### Android node (internal)
 
 - Pairs via the same Bridge + pairing flow as iOS.
 - Exposes Canvas, Camera, and Screen capture commands.
-- Runbook: [Android connect](https://docs.clawd.bot/platforms/android).
+- Runbook: `docs/android/connect.md`.
 
 ## Agent workspace + skills
 
-- Workspace root: `~/clawd` (configurable via `agents.defaults.workspace`).
+- Workspace root: `~/clawd` (configurable via `agent.workspace`).
 - Injected prompt files: `AGENTS.md`, `SOUL.md`, `TOOLS.md`.
 - Skills: `~/clawd/skills/<skill>/SKILL.md`.
 
 ## Configuration
 
-Minimal `~/.clawdbot/clawdbot.json` (model + defaults):
+Minimal `~/.clawdis/clawdis.json`:
 
 ```json5
 {
-  agent: {
-    model: "anthropic/claude-opus-4-5"
+  whatsapp: {
+    allowFrom: ["+1234567890"]
   }
 }
 ```
 
-[Full configuration reference (all keys + examples).](https://docs.clawd.bot/gateway/configuration)
+### WhatsApp
 
-## Security model (important)
+- Link the device: `pnpm clawdis login` (stores creds in `~/.clawdis/credentials`).
+- Allowlist who can talk to the assistant via `whatsapp.allowFrom`.
 
-- **Default:** tools run on the host for the **main** session, so the agent has full access when it’s just you.
-- **Group/channel safety:** set `agents.defaults.sandbox.mode: "non-main"` to run **non‑main sessions** (groups/channels) inside per‑session Docker sandboxes; bash then runs in Docker for those sessions.
-- **Sandbox defaults:** allowlist `bash`, `process`, `read`, `write`, `edit`, `sessions_list`, `sessions_history`, `sessions_send`, `sessions_spawn`; denylist `browser`, `canvas`, `nodes`, `cron`, `discord`, `gateway`.
+### Telegram
 
-Details: [Security guide](https://docs.clawd.bot/gateway/security) · [Docker + sandboxing](https://docs.clawd.bot/install/docker) · [Sandbox config](https://docs.clawd.bot/gateway/configuration)
-
-### [WhatsApp](https://docs.clawd.bot/channels/whatsapp)
-
-- Link the device: `pnpm clawdbot channels login` (stores creds in `~/.clawdbot/credentials`).
-- Allowlist who can talk to the assistant via `channels.whatsapp.allowFrom`.
-- If `channels.whatsapp.groups` is set, it becomes a group allowlist; include `"*"` to allow all.
-
-### [Telegram](https://docs.clawd.bot/channels/telegram)
-
-- Set `TELEGRAM_BOT_TOKEN` or `channels.telegram.botToken` (env wins).
-- Optional: set `channels.telegram.groups` (with `channels.telegram.groups."*".requireMention`); when set, it is a group allowlist (include `"*"` to allow all). Also `channels.telegram.allowFrom` or `channels.telegram.webhookUrl` as needed.
+- Set `TELEGRAM_BOT_TOKEN` or `telegram.botToken` (env wins).
+- Optional: set `telegram.groups` (with `telegram.groups."*".requireMention`), `telegram.allowFrom`, or `telegram.webhookUrl` as needed.
 
 ```json5
 {
-  channels: {
-    telegram: {
-      botToken: "123456:ABCDEF"
-    }
+  telegram: {
+    botToken: "123456:ABCDEF"
   }
 }
 ```
 
-### [Slack](https://docs.clawd.bot/channels/slack)
+### Discord
 
-- Set `SLACK_BOT_TOKEN` + `SLACK_APP_TOKEN` (or `channels.slack.botToken` + `channels.slack.appToken`).
-
-### [Discord](https://docs.clawd.bot/channels/discord)
-
-- Set `DISCORD_BOT_TOKEN` or `channels.discord.token` (env wins).
-- Optional: set `commands.native`, `commands.text`, or `commands.useAccessGroups`, plus `channels.discord.dm.allowFrom`, `channels.discord.guilds`, or `channels.discord.mediaMaxMb` as needed.
+- Set `DISCORD_BOT_TOKEN` or `discord.token` (env wins).
+- Optional: set `discord.slashCommand`, `discord.dm.allowFrom`, `discord.guilds`, or `discord.mediaMaxMb` as needed.
 
 ```json5
 {
-  channels: {
-    discord: {
-      token: "1234abcd"
-    }
+  discord: {
+    token: "1234abcd"
   }
 }
 ```
 
-### [Signal](https://docs.clawd.bot/channels/signal)
-
-- Requires `signal-cli` and a `channels.signal` config section.
-
-### [iMessage](https://docs.clawd.bot/channels/imessage)
-
-- macOS only; Messages must be signed in.
-- If `channels.imessage.groups` is set, it becomes a group allowlist; include `"*"` to allow all.
-
-### [Microsoft Teams](https://docs.clawd.bot/channels/msteams)
-
-- Configure a Teams app + Bot Framework, then add a `msteams` config section.
-- Allowlist who can talk via `msteams.allowFrom`; group access via `msteams.groupAllowFrom` or `msteams.groupPolicy: "open"`.
-
-### [WebChat](https://docs.clawd.bot/web/webchat)
-
-- Uses the Gateway WebSocket; no separate WebChat port/config.
-
 Browser control (optional):
 
 ```json5
@@ -387,112 +208,39 @@ Browser control (optional):
 
 ## Docs
 
-Use these when you’re past the onboarding flow and want the deeper reference.
-- [Start with the docs index for navigation and “what’s where.”](https://docs.clawd.bot)
-- [Read the architecture overview for the gateway + protocol model.](https://docs.clawd.bot/concepts/architecture)
-- [Use the full configuration reference when you need every key and example.](https://docs.clawd.bot/gateway/configuration)
-- [Run the Gateway by the book with the operational runbook.](https://docs.clawd.bot/gateway)
-- [Learn how the Control UI/Web surfaces work and how to expose them safely.](https://docs.clawd.bot/web)
-- [Understand remote access over SSH tunnels or tailnets.](https://docs.clawd.bot/gateway/remote)
-- [Follow the onboarding wizard flow for a guided setup.](https://docs.clawd.bot/start/wizard)
-- [Wire external triggers via the webhook surface.](https://docs.clawd.bot/automation/webhook)
-- [Set up Gmail Pub/Sub triggers.](https://docs.clawd.bot/automation/gmail-pubsub)
-- [Learn the macOS menu bar companion details.](https://docs.clawd.bot/platforms/mac/menu-bar)
-- [Platform guides: Windows (WSL2)](https://docs.clawd.bot/platforms/windows), [Linux](https://docs.clawd.bot/platforms/linux), [macOS](https://docs.clawd.bot/platforms/macos), [iOS](https://docs.clawd.bot/platforms/ios), [Android](https://docs.clawd.bot/platforms/android)
-- [Debug common failures with the troubleshooting guide.](https://docs.clawd.bot/channels/troubleshooting)
-- [Review security guidance before exposing anything.](https://docs.clawd.bot/gateway/security)
-
-## Advanced docs (discovery + control)
-
-- [Discovery + transports](https://docs.clawd.bot/gateway/discovery)
-- [Bonjour/mDNS](https://docs.clawd.bot/gateway/bonjour)
-- [Gateway pairing](https://docs.clawd.bot/gateway/pairing)
-- [Remote gateway README](https://docs.clawd.bot/gateway/remote-gateway-readme)
-- [Control UI](https://docs.clawd.bot/web/control-ui)
-- [Dashboard](https://docs.clawd.bot/web/dashboard)
-
-## Operations & troubleshooting
-
-- [Health checks](https://docs.clawd.bot/gateway/health)
-- [Gateway lock](https://docs.clawd.bot/gateway/gateway-lock)
-- [Background process](https://docs.clawd.bot/gateway/background-process)
-- [Browser troubleshooting (Linux)](https://docs.clawd.bot/tools/browser-linux-troubleshooting)
-- [Logging](https://docs.clawd.bot/logging)
-
-## Deep dives
-
-- [Agent loop](https://docs.clawd.bot/concepts/agent-loop)
-- [Presence](https://docs.clawd.bot/concepts/presence)
-- [TypeBox schemas](https://docs.clawd.bot/concepts/typebox)
-- [RPC adapters](https://docs.clawd.bot/reference/rpc)
-- [Queue](https://docs.clawd.bot/concepts/queue)
-
-## Workspace & skills
-
-- [Skills config](https://docs.clawd.bot/tools/skills-config)
-- [Default AGENTS](https://docs.clawd.bot/reference/AGENTS.default)
-- [Templates: AGENTS](https://docs.clawd.bot/reference/templates/AGENTS)
-- [Templates: BOOTSTRAP](https://docs.clawd.bot/reference/templates/BOOTSTRAP)
-- [Templates: IDENTITY](https://docs.clawd.bot/reference/templates/IDENTITY)
-- [Templates: SOUL](https://docs.clawd.bot/reference/templates/SOUL)
-- [Templates: TOOLS](https://docs.clawd.bot/reference/templates/TOOLS)
-- [Templates: USER](https://docs.clawd.bot/reference/templates/USER)
-
-## Platform internals
-
-- [macOS dev setup](https://docs.clawd.bot/platforms/mac/dev-setup)
-- [macOS menu bar](https://docs.clawd.bot/platforms/mac/menu-bar)
-- [macOS voice wake](https://docs.clawd.bot/platforms/mac/voicewake)
-- [iOS node](https://docs.clawd.bot/platforms/ios)
-- [Android node](https://docs.clawd.bot/platforms/android)
-- [Windows (WSL2)](https://docs.clawd.bot/platforms/windows)
-- [Linux app](https://docs.clawd.bot/platforms/linux)
+- [`docs/index.md`](docs/index.md) (overview)
+- [`docs/configuration.md`](docs/configuration.md)
+- [`docs/group-messages.md`](docs/group-messages.md)
+- [`docs/gateway.md`](docs/gateway.md)
+- [`docs/web.md`](docs/web.md)
+- [`docs/discovery.md`](docs/discovery.md)
+- [`docs/agent.md`](docs/agent.md)
+- [`docs/discord.md`](docs/discord.md)
+- [`docs/wizard.md`](docs/wizard.md)
+- Webhooks + external triggers: [`docs/webhook.md`](docs/webhook.md)
+- Gmail hooks (email → wake): [`docs/gmail-pubsub.md`](docs/gmail-pubsub.md)
 
 ## Email hooks (Gmail)
 
-- [docs.clawd.bot/gmail-pubsub](https://docs.clawd.bot/automation/gmail-pubsub)
+```bash
+clawdis hooks gmail setup --account you@gmail.com
+clawdis hooks gmail run
+```
+- [`docs/security.md`](docs/security.md)
+- [`docs/troubleshooting.md`](docs/troubleshooting.md)
+- [`docs/ios/connect.md`](docs/ios/connect.md)
+- [`docs/clawdis-mac.md`](docs/clawdis-mac.md)
+
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines, maintainers, and how to submit PRs.
+
+AI/vibe-coded PRs welcome! 🤖
 
 ## Clawd
 
-Clawdbot was built for **Clawd**, a space lobster AI assistant. 🦞  
-by Peter Steinberger and the community.
+Clawdis was built for **Clawd**, a space lobster AI assistant.
 
-- [clawd.me](https://clawd.me)
-- [soul.md](https://soul.md)
-- [steipete.me](https://steipete.me)
-
-## Community
-
-See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines, maintainers, and how to submit PRs.  
-AI/vibe-coded PRs welcome! 🤖
-
-Special thanks to @andrewting19 for the Anthropic OAuth tool-name fix.
-
-Core contributors:
-- @cpojer — Telegram onboarding UX + docs
-
-Thanks to all clawtributors:
-
-<p align="left">
-  <a href="https://github.com/steipete"><img src="https://avatars.githubusercontent.com/u/58493?v=4&s=48" width="48" height="48" alt="steipete" title="steipete"/></a> <a href="https://github.com/bohdanpodvirnyi"><img src="https://avatars.githubusercontent.com/u/31819391?v=4&s=48" width="48" height="48" alt="bohdanpodvirnyi" title="bohdanpodvirnyi"/></a> <a href="https://github.com/joaohlisboa"><img src="https://avatars.githubusercontent.com/u/8200873?v=4&s=48" width="48" height="48" alt="joaohlisboa" title="joaohlisboa"/></a> <a href="https://github.com/mneves75"><img src="https://avatars.githubusercontent.com/u/2423436?v=4&s=48" width="48" height="48" alt="mneves75" title="mneves75"/></a> <a href="https://github.com/MatthieuBizien"><img src="https://avatars.githubusercontent.com/u/173090?v=4&s=48" width="48" height="48" alt="MatthieuBizien" title="MatthieuBizien"/></a> <a href="https://github.com/rahthakor"><img src="https://avatars.githubusercontent.com/u/8470553?v=4&s=48" width="48" height="48" alt="rahthakor" title="rahthakor"/></a> <a href="https://github.com/vrknetha"><img src="https://avatars.githubusercontent.com/u/20596261?v=4&s=48" width="48" height="48" alt="vrknetha" title="vrknetha"/></a> <a href="https://github.com/radek-paclt"><img src="https://avatars.githubusercontent.com/u/50451445?v=4&s=48" width="48" height="48" alt="radek-paclt" title="radek-paclt"/></a> <a href="https://github.com/joshp123"><img src="https://avatars.githubusercontent.com/u/1497361?v=4&s=48" width="48" height="48" alt="joshp123" title="joshp123"/></a> <a href="https://github.com/mukhtharcm"><img src="https://avatars.githubusercontent.com/u/56378562?v=4&s=48" width="48" height="48" alt="mukhtharcm" title="mukhtharcm"/></a>
-  <a href="https://github.com/maxsumrall"><img src="https://avatars.githubusercontent.com/u/628843?v=4&s=48" width="48" height="48" alt="maxsumrall" title="maxsumrall"/></a> <a href="https://github.com/xadenryan"><img src="https://avatars.githubusercontent.com/u/165437834?v=4&s=48" width="48" height="48" alt="xadenryan" title="xadenryan"/></a> <a href="https://github.com/tobiasbischoff"><img src="https://avatars.githubusercontent.com/u/711564?v=4&s=48" width="48" height="48" alt="Tobias Bischoff" title="Tobias Bischoff"/></a> <a href="https://github.com/juanpablodlc"><img src="https://avatars.githubusercontent.com/u/92012363?v=4&s=48" width="48" height="48" alt="juanpablodlc" title="juanpablodlc"/></a> <a href="https://github.com/hsrvc"><img src="https://avatars.githubusercontent.com/u/129702169?v=4&s=48" width="48" height="48" alt="hsrvc" title="hsrvc"/></a> <a href="https://github.com/magimetal"><img src="https://avatars.githubusercontent.com/u/36491250?v=4&s=48" width="48" height="48" alt="magimetal" title="magimetal"/></a> <a href="https://github.com/meaningfool"><img src="https://avatars.githubusercontent.com/u/2862331?v=4&s=48" width="48" height="48" alt="meaningfool" title="meaningfool"/></a> <a href="https://github.com/NicholasSpisak"><img src="https://avatars.githubusercontent.com/u/129075147?v=4&s=48" width="48" height="48" alt="NicholasSpisak" title="NicholasSpisak"/></a> <a href="https://github.com/AbhisekBasu1"><img src="https://avatars.githubusercontent.com/u/40645221?v=4&s=48" width="48" height="48" alt="abhisekbasu1" title="abhisekbasu1"/></a> <a href="https://github.com/claude"><img src="https://avatars.githubusercontent.com/u/81847?v=4&s=48" width="48" height="48" alt="claude" title="claude"/></a>
-  <a href="https://github.com/jamesgroat"><img src="https://avatars.githubusercontent.com/u/2634024?v=4&s=48" width="48" height="48" alt="jamesgroat" title="jamesgroat"/></a> <a href="https://github.com/sebslight"><img src="https://avatars.githubusercontent.com/u/19554889?v=4&s=48" width="48" height="48" alt="sebslight" title="sebslight"/></a> <a href="https://github.com/Hyaxia"><img src="https://avatars.githubusercontent.com/u/36747317?v=4&s=48" width="48" height="48" alt="Hyaxia" title="Hyaxia"/></a> <a href="https://github.com/dantelex"><img src="https://avatars.githubusercontent.com/u/631543?v=4&s=48" width="48" height="48" alt="dantelex" title="dantelex"/></a> <a href="https://github.com/daveonkels"><img src="https://avatars.githubusercontent.com/u/533642?v=4&s=48" width="48" height="48" alt="daveonkels" title="daveonkels"/></a> <a href="https://github.com/mteam88"><img src="https://avatars.githubusercontent.com/u/84196639?v=4&s=48" width="48" height="48" alt="mteam88" title="mteam88"/></a> <a href="https://github.com/omniwired"><img src="https://avatars.githubusercontent.com/u/322761?v=4&s=48" width="48" height="48" alt="Eng. Juan Combetto" title="Eng. Juan Combetto"/></a> <a href="https://github.com/dbhurley"><img src="https://avatars.githubusercontent.com/u/5251425?v=4&s=48" width="48" height="48" alt="dbhurley" title="dbhurley"/></a> <a href="https://github.com/mbelinky"><img src="https://avatars.githubusercontent.com/u/132747814?v=4&s=48" width="48" height="48" alt="Mariano Belinky" title="Mariano Belinky"/></a> <a href="https://github.com/TSavo"><img src="https://avatars.githubusercontent.com/u/877990?v=4&s=48" width="48" height="48" alt="TSavo" title="TSavo"/></a>
-  <a href="https://github.com/julianengel"><img src="https://avatars.githubusercontent.com/u/10634231?v=4&s=48" width="48" height="48" alt="julianengel" title="julianengel"/></a> <a href="https://github.com/benithors"><img src="https://avatars.githubusercontent.com/u/20652882?v=4&s=48" width="48" height="48" alt="benithors" title="benithors"/></a> <a href="https://github.com/timolins"><img src="https://avatars.githubusercontent.com/u/1440854?v=4&s=48" width="48" height="48" alt="timolins" title="timolins"/></a> <a href="https://github.com/Nachx639"><img src="https://avatars.githubusercontent.com/u/71144023?v=4&s=48" width="48" height="48" alt="nachx639" title="nachx639"/></a> <a href="https://github.com/sreekaransrinath"><img src="https://avatars.githubusercontent.com/u/50989977?v=4&s=48" width="48" height="48" alt="sreekaransrinath" title="sreekaransrinath"/></a> <a href="https://github.com/gupsammy"><img src="https://avatars.githubusercontent.com/u/20296019?v=4&s=48" width="48" height="48" alt="gupsammy" title="gupsammy"/></a> <a href="https://github.com/cristip73"><img src="https://avatars.githubusercontent.com/u/24499421?v=4&s=48" width="48" height="48" alt="cristip73" title="cristip73"/></a> <a href="https://github.com/nachoiacovino"><img src="https://avatars.githubusercontent.com/u/50103937?v=4&s=48" width="48" height="48" alt="nachoiacovino" title="nachoiacovino"/></a> <a href="https://github.com/vsabavat"><img src="https://avatars.githubusercontent.com/u/50385532?v=4&s=48" width="48" height="48" alt="Vasanth Rao Naik Sabavat" title="Vasanth Rao Naik Sabavat"/></a> <a href="https://github.com/cpojer"><img src="https://avatars.githubusercontent.com/u/13352?v=4&s=48" width="48" height="48" alt="cpojer" title="cpojer"/></a>
-  <a href="https://github.com/lc0rp"><img src="https://avatars.githubusercontent.com/u/2609441?v=4&s=48" width="48" height="48" alt="lc0rp" title="lc0rp"/></a> <a href="https://github.com/scald"><img src="https://avatars.githubusercontent.com/u/1215913?v=4&s=48" width="48" height="48" alt="scald" title="scald"/></a> <a href="https://github.com/andranik-sahakyan"><img src="https://avatars.githubusercontent.com/u/8908029?v=4&s=48" width="48" height="48" alt="andranik-sahakyan" title="andranik-sahakyan"/></a> <a href="https://github.com/davidguttman"><img src="https://avatars.githubusercontent.com/u/431696?v=4&s=48" width="48" height="48" alt="davidguttman" title="davidguttman"/></a> <a href="https://github.com/sleontenko"><img src="https://avatars.githubusercontent.com/u/7135949?v=4&s=48" width="48" height="48" alt="sleontenko" title="sleontenko"/></a> <a href="https://github.com/sircrumpet"><img src="https://avatars.githubusercontent.com/u/4436535?v=4&s=48" width="48" height="48" alt="sircrumpet" title="sircrumpet"/></a> <a href="https://github.com/peschee"><img src="https://avatars.githubusercontent.com/u/63866?v=4&s=48" width="48" height="48" alt="peschee" title="peschee"/></a> <a href="https://github.com/rafaelreis-r"><img src="https://avatars.githubusercontent.com/u/57492577?v=4&s=48" width="48" height="48" alt="rafaelreis-r" title="rafaelreis-r"/></a> <a href="https://github.com/thewilloftheshadow"><img src="https://avatars.githubusercontent.com/u/35580099?v=4&s=48" width="48" height="48" alt="thewilloftheshadow" title="thewilloftheshadow"/></a> <a href="https://github.com/ratulsarna"><img src="https://avatars.githubusercontent.com/u/105903728?v=4&s=48" width="48" height="48" alt="ratulsarna" title="ratulsarna"/></a>
-  <a href="https://github.com/lutr0"><img src="https://avatars.githubusercontent.com/u/76906369?v=4&s=48" width="48" height="48" alt="lutr0" title="lutr0"/></a> <a href="https://github.com/danielz1z"><img src="https://avatars.githubusercontent.com/u/235270390?v=4&s=48" width="48" height="48" alt="danielz1z" title="danielz1z"/></a> <a href="https://github.com/gumadeiras"><img src="https://avatars.githubusercontent.com/u/5599352?v=4&s=48" width="48" height="48" alt="gumadeiras" title="gumadeiras"/></a> <a href="https://github.com/emanuelst"><img src="https://avatars.githubusercontent.com/u/9994339?v=4&s=48" width="48" height="48" alt="emanuelst" title="emanuelst"/></a> <a href="https://github.com/KristijanJovanovski"><img src="https://avatars.githubusercontent.com/u/8942284?v=4&s=48" width="48" height="48" alt="KristijanJovanovski" title="KristijanJovanovski"/></a> <a href="https://github.com/CashWilliams"><img src="https://avatars.githubusercontent.com/u/613573?v=4&s=48" width="48" height="48" alt="CashWilliams" title="CashWilliams"/></a> <a href="https://github.com/rdev"><img src="https://avatars.githubusercontent.com/u/8418866?v=4&s=48" width="48" height="48" alt="rdev" title="rdev"/></a> <a href="https://github.com/osolmaz"><img src="https://avatars.githubusercontent.com/u/2453968?v=4&s=48" width="48" height="48" alt="osolmaz" title="osolmaz"/></a> <a href="https://github.com/joshrad-dev"><img src="https://avatars.githubusercontent.com/u/62785552?v=4&s=48" width="48" height="48" alt="joshrad-dev" title="joshrad-dev"/></a> <a href="https://github.com/kiranjd"><img src="https://avatars.githubusercontent.com/u/25822851?v=4&s=48" width="48" height="48" alt="kiranjd" title="kiranjd"/></a>
-  <a href="https://github.com/adityashaw2"><img src="https://avatars.githubusercontent.com/u/41204444?v=4&s=48" width="48" height="48" alt="adityashaw2" title="adityashaw2"/></a> <a href="https://github.com/search?q=sheeek"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="sheeek" title="sheeek"/></a> <a href="https://github.com/artuskg"><img src="https://avatars.githubusercontent.com/u/11966157?v=4&s=48" width="48" height="48" alt="artuskg" title="artuskg"/></a> <a href="https://github.com/onutc"><img src="https://avatars.githubusercontent.com/u/152018508?v=4&s=48" width="48" height="48" alt="onutc" title="onutc"/></a> <a href="https://github.com/ManuelHettich"><img src="https://avatars.githubusercontent.com/u/17690367?v=4&s=48" width="48" height="48" alt="manuelhettich" title="manuelhettich"/></a> <a href="https://github.com/minghinmatthewlam"><img src="https://avatars.githubusercontent.com/u/14224566?v=4&s=48" width="48" height="48" alt="minghinmatthewlam" title="minghinmatthewlam"/></a> <a href="https://github.com/myfunc"><img src="https://avatars.githubusercontent.com/u/19294627?v=4&s=48" width="48" height="48" alt="myfunc" title="myfunc"/></a> <a href="https://github.com/buddyh"><img src="https://avatars.githubusercontent.com/u/31752869?v=4&s=48" width="48" height="48" alt="buddyh" title="buddyh"/></a> <a href="https://github.com/connorshea"><img src="https://avatars.githubusercontent.com/u/2977353?v=4&s=48" width="48" height="48" alt="connorshea" title="connorshea"/></a> <a href="https://github.com/mcinteerj"><img src="https://avatars.githubusercontent.com/u/3613653?v=4&s=48" width="48" height="48" alt="mcinteerj" title="mcinteerj"/></a>
-  <a href="https://github.com/timkrase"><img src="https://avatars.githubusercontent.com/u/38947626?v=4&s=48" width="48" height="48" alt="timkrase" title="timkrase"/></a> <a href="https://github.com/zerone0x"><img src="https://avatars.githubusercontent.com/u/39543393?v=4&s=48" width="48" height="48" alt="zerone0x" title="zerone0x"/></a> <a href="https://github.com/gerardward2007"><img src="https://avatars.githubusercontent.com/u/3002155?v=4&s=48" width="48" height="48" alt="gerardward2007" title="gerardward2007"/></a> <a href="https://github.com/obviyus"><img src="https://avatars.githubusercontent.com/u/22031114?v=4&s=48" width="48" height="48" alt="obviyus" title="obviyus"/></a> <a href="https://github.com/tosh-hamburg"><img src="https://avatars.githubusercontent.com/u/58424326?v=4&s=48" width="48" height="48" alt="tosh-hamburg" title="tosh-hamburg"/></a> <a href="https://github.com/azade-c"><img src="https://avatars.githubusercontent.com/u/252790079?v=4&s=48" width="48" height="48" alt="azade-c" title="azade-c"/></a> <a href="https://github.com/roshanasingh4"><img src="https://avatars.githubusercontent.com/u/88576930?v=4&s=48" width="48" height="48" alt="roshanasingh4" title="roshanasingh4"/></a> <a href="https://github.com/bjesuiter"><img src="https://avatars.githubusercontent.com/u/2365676?v=4&s=48" width="48" height="48" alt="bjesuiter" title="bjesuiter"/></a> <a href="https://github.com/cheeeee"><img src="https://avatars.githubusercontent.com/u/21245729?v=4&s=48" width="48" height="48" alt="cheeeee" title="cheeeee"/></a> <a href="https://github.com/j1philli"><img src="https://avatars.githubusercontent.com/u/3744255?v=4&s=48" width="48" height="48" alt="Josh Phillips" title="Josh Phillips"/></a>
-  <a href="https://github.com/YuriNachos"><img src="https://avatars.githubusercontent.com/u/19365375?v=4&s=48" width="48" height="48" alt="YuriNachos" title="YuriNachos"/></a> <a href="https://github.com/tyler6204"><img src="https://avatars.githubusercontent.com/u/64381258?v=4&s=48" width="48" height="48" alt="tyler6204" title="tyler6204"/></a> <a href="https://github.com/superman32432432"><img src="https://avatars.githubusercontent.com/u/7228420?v=4&s=48" width="48" height="48" alt="superman32432432" title="superman32432432"/></a> <a href="https://github.com/search?q=Yurii%20Chukhlib"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Yurii Chukhlib" title="Yurii Chukhlib"/></a> <a href="https://github.com/antons"><img src="https://avatars.githubusercontent.com/u/129705?v=4&s=48" width="48" height="48" alt="antons" title="antons"/></a> <a href="https://github.com/austinm911"><img src="https://avatars.githubusercontent.com/u/31991302?v=4&s=48" width="48" height="48" alt="austinm911" title="austinm911"/></a> <a href="https://github.com/apps/blacksmith-sh"><img src="https://avatars.githubusercontent.com/in/807020?v=4&s=48" width="48" height="48" alt="blacksmith-sh[bot]" title="blacksmith-sh[bot]"/></a> <a href="https://github.com/dan-dr"><img src="https://avatars.githubusercontent.com/u/6669808?v=4&s=48" width="48" height="48" alt="dan-dr" title="dan-dr"/></a> <a href="https://github.com/grp06"><img src="https://avatars.githubusercontent.com/u/1573959?v=4&s=48" width="48" height="48" alt="grp06" title="grp06"/></a> <a href="https://github.com/HeimdallStrategy"><img src="https://avatars.githubusercontent.com/u/223014405?v=4&s=48" width="48" height="48" alt="HeimdallStrategy" title="HeimdallStrategy"/></a>
-  <a href="https://github.com/imfing"><img src="https://avatars.githubusercontent.com/u/5097752?v=4&s=48" width="48" height="48" alt="imfing" title="imfing"/></a> <a href="https://github.com/jalehman"><img src="https://avatars.githubusercontent.com/u/550978?v=4&s=48" width="48" height="48" alt="jalehman" title="jalehman"/></a> <a href="https://github.com/jarvis-medmatic"><img src="https://avatars.githubusercontent.com/u/252428873?v=4&s=48" width="48" height="48" alt="jarvis-medmatic" title="jarvis-medmatic"/></a> <a href="https://github.com/kkarimi"><img src="https://avatars.githubusercontent.com/u/875218?v=4&s=48" width="48" height="48" alt="kkarimi" title="kkarimi"/></a> <a href="https://github.com/mahmoudashraf93"><img src="https://avatars.githubusercontent.com/u/9130129?v=4&s=48" width="48" height="48" alt="mahmoudashraf93" title="mahmoudashraf93"/></a> <a href="https://github.com/petter-b"><img src="https://avatars.githubusercontent.com/u/62076402?v=4&s=48" width="48" height="48" alt="petter-b" title="petter-b"/></a> <a href="https://github.com/pkrmf"><img src="https://avatars.githubusercontent.com/u/1714267?v=4&s=48" width="48" height="48" alt="pkrmf" title="pkrmf"/></a> <a href="https://github.com/RandyVentures"><img src="https://avatars.githubusercontent.com/u/149904821?v=4&s=48" width="48" height="48" alt="RandyVentures" title="RandyVentures"/></a> <a href="https://github.com/erikpr1994"><img src="https://avatars.githubusercontent.com/u/6299331?v=4&s=48" width="48" height="48" alt="erikpr1994" title="erikpr1994"/></a> <a href="https://github.com/jonasjancarik"><img src="https://avatars.githubusercontent.com/u/2459191?v=4&s=48" width="48" height="48" alt="jonasjancarik" title="jonasjancarik"/></a>
-  <a href="https://github.com/search?q=Keith%20the%20Silly%20Goose"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Keith the Silly Goose" title="Keith the Silly Goose"/></a> <a href="https://github.com/search?q=L36%20Server"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="L36 Server" title="L36 Server"/></a> <a href="https://github.com/search?q=Marc"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Marc" title="Marc"/></a> <a href="https://github.com/mitschabaude-bot"><img src="https://avatars.githubusercontent.com/u/247582884?v=4&s=48" width="48" height="48" alt="mitschabaude-bot" title="mitschabaude-bot"/></a> <a href="https://github.com/neist"><img src="https://avatars.githubusercontent.com/u/1029724?v=4&s=48" width="48" height="48" alt="neist" title="neist"/></a> <a href="https://github.com/ngutman"><img src="https://avatars.githubusercontent.com/u/1540134?v=4&s=48" width="48" height="48" alt="ngutman" title="ngutman"/></a> <a href="https://github.com/chrisrodz"><img src="https://avatars.githubusercontent.com/u/2967620?v=4&s=48" width="48" height="48" alt="chrisrodz" title="chrisrodz"/></a> <a href="https://github.com/search?q=Friederike%20Seiler"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Friederike Seiler" title="Friederike Seiler"/></a> <a href="https://github.com/gabriel-trigo"><img src="https://avatars.githubusercontent.com/u/38991125?v=4&s=48" width="48" height="48" alt="gabriel-trigo" title="gabriel-trigo"/></a> <a href="https://github.com/Iamadig"><img src="https://avatars.githubusercontent.com/u/102129234?v=4&s=48" width="48" height="48" alt="iamadig" title="iamadig"/></a>
-  <a href="https://github.com/search?q=Kit"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Kit" title="Kit"/></a> <a href="https://github.com/koala73"><img src="https://avatars.githubusercontent.com/u/996596?v=4&s=48" width="48" height="48" alt="koala73" title="koala73"/></a> <a href="https://github.com/manmal"><img src="https://avatars.githubusercontent.com/u/142797?v=4&s=48" width="48" height="48" alt="manmal" title="manmal"/></a> <a href="https://github.com/ogulcancelik"><img src="https://avatars.githubusercontent.com/u/7064011?v=4&s=48" width="48" height="48" alt="ogulcancelik" title="ogulcancelik"/></a> <a href="https://github.com/pasogott"><img src="https://avatars.githubusercontent.com/u/23458152?v=4&s=48" width="48" height="48" alt="pasogott" title="pasogott"/></a> <a href="https://github.com/petradonka"><img src="https://avatars.githubusercontent.com/u/7353770?v=4&s=48" width="48" height="48" alt="petradonka" title="petradonka"/></a> <a href="https://github.com/rubyrunsstuff"><img src="https://avatars.githubusercontent.com/u/246602379?v=4&s=48" width="48" height="48" alt="rubyrunsstuff" title="rubyrunsstuff"/></a> <a href="https://github.com/VACInc"><img src="https://avatars.githubusercontent.com/u/3279061?v=4&s=48" width="48" height="48" alt="VACInc" title="VACInc"/></a> <a href="https://github.com/wes-davis"><img src="https://avatars.githubusercontent.com/u/16506720?v=4&s=48" width="48" height="48" alt="wes-davis" title="wes-davis"/></a> <a href="https://github.com/zats"><img src="https://avatars.githubusercontent.com/u/2688806?v=4&s=48" width="48" height="48" alt="zats" title="zats"/></a>
-  <a href="https://github.com/search?q=Chris%20Taylor"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Chris Taylor" title="Chris Taylor"/></a> <a href="https://github.com/djangonavarro220"><img src="https://avatars.githubusercontent.com/u/251162586?v=4&s=48" width="48" height="48" alt="Django Navarro" title="Django Navarro"/></a> <a href="https://github.com/evalexpr"><img src="https://avatars.githubusercontent.com/u/23485511?v=4&s=48" width="48" height="48" alt="evalexpr" title="evalexpr"/></a> <a href="https://github.com/henrino3"><img src="https://avatars.githubusercontent.com/u/4260288?v=4&s=48" width="48" height="48" alt="henrino3" title="henrino3"/></a> <a href="https://github.com/mkbehr"><img src="https://avatars.githubusercontent.com/u/1285?v=4&s=48" width="48" height="48" alt="mkbehr" title="mkbehr"/></a> <a href="https://github.com/oswalpalash"><img src="https://avatars.githubusercontent.com/u/6431196?v=4&s=48" width="48" height="48" alt="oswalpalash" title="oswalpalash"/></a> <a href="https://github.com/pcty-nextgen-service-account"><img src="https://avatars.githubusercontent.com/u/112553441?v=4&s=48" width="48" height="48" alt="pcty-nextgen-service-account" title="pcty-nextgen-service-account"/></a> <a href="https://github.com/sibbl"><img src="https://avatars.githubusercontent.com/u/866535?v=4&s=48" width="48" height="48" alt="sibbl" title="sibbl"/></a> <a href="https://github.com/Syhids"><img src="https://avatars.githubusercontent.com/u/671202?v=4&s=48" width="48" height="48" alt="Syhids" title="Syhids"/></a> <a href="https://github.com/search?q=Aaron%20Konyer"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Aaron Konyer" title="Aaron Konyer"/></a>
-  <a href="https://github.com/adam91holt"><img src="https://avatars.githubusercontent.com/u/9592417?v=4&s=48" width="48" height="48" alt="adam91holt" title="adam91holt"/></a> <a href="https://github.com/erik-agens"><img src="https://avatars.githubusercontent.com/u/80908960?v=4&s=48" width="48" height="48" alt="erik-agens" title="erik-agens"/></a> <a href="https://github.com/fcatuhe"><img src="https://avatars.githubusercontent.com/u/17382215?v=4&s=48" width="48" height="48" alt="fcatuhe" title="fcatuhe"/></a> <a href="https://github.com/ivanrvpereira"><img src="https://avatars.githubusercontent.com/u/183991?v=4&s=48" width="48" height="48" alt="ivanrvpereira" title="ivanrvpereira"/></a> <a href="https://github.com/jayhickey"><img src="https://avatars.githubusercontent.com/u/1676460?v=4&s=48" width="48" height="48" alt="jayhickey" title="jayhickey"/></a> <a href="https://github.com/jeffersonwarrior"><img src="https://avatars.githubusercontent.com/u/89030989?v=4&s=48" width="48" height="48" alt="jeffersonwarrior" title="jeffersonwarrior"/></a> <a href="https://github.com/search?q=jeffersonwarrior"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="jeffersonwarrior" title="jeffersonwarrior"/></a> <a href="https://github.com/jdrhyne"><img src="https://avatars.githubusercontent.com/u/7828464?v=4&s=48" width="48" height="48" alt="Jonathan D. Rhyne (DJ-D)" title="Jonathan D. Rhyne (DJ-D)"/></a> <a href="https://github.com/jverdi"><img src="https://avatars.githubusercontent.com/u/345050?v=4&s=48" width="48" height="48" alt="jverdi" title="jverdi"/></a> <a href="https://github.com/mickahouan"><img src="https://avatars.githubusercontent.com/u/31423109?v=4&s=48" width="48" height="48" alt="mickahouan" title="mickahouan"/></a>
-  <a href="https://github.com/mjrussell"><img src="https://avatars.githubusercontent.com/u/1641895?v=4&s=48" width="48" height="48" alt="mjrussell" title="mjrussell"/></a> <a href="https://github.com/p6l-richard"><img src="https://avatars.githubusercontent.com/u/18185649?v=4&s=48" width="48" height="48" alt="p6l-richard" title="p6l-richard"/></a> <a href="https://github.com/philipp-spiess"><img src="https://avatars.githubusercontent.com/u/458591?v=4&s=48" width="48" height="48" alt="philipp-spiess" title="philipp-spiess"/></a> <a href="https://github.com/robaxelsen"><img src="https://avatars.githubusercontent.com/u/13132899?v=4&s=48" width="48" height="48" alt="robaxelsen" title="robaxelsen"/></a> <a href="https://github.com/search?q=Sash%20Catanzarite"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Sash Catanzarite" title="Sash Catanzarite"/></a> <a href="https://github.com/search?q=VAC"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="VAC" title="VAC"/></a> <a href="https://github.com/zknicker"><img src="https://avatars.githubusercontent.com/u/1164085?v=4&s=48" width="48" height="48" alt="zknicker" title="zknicker"/></a> <a href="https://github.com/search?q=alejandro%20maza"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="alejandro maza" title="alejandro maza"/></a> <a href="https://github.com/andrewting19"><img src="https://avatars.githubusercontent.com/u/10536704?v=4&s=48" width="48" height="48" alt="andrewting19" title="andrewting19"/></a> <a href="https://github.com/anpoirier"><img src="https://avatars.githubusercontent.com/u/1245729?v=4&s=48" width="48" height="48" alt="anpoirier" title="anpoirier"/></a>
-  <a href="https://github.com/Asleep123"><img src="https://avatars.githubusercontent.com/u/122379135?v=4&s=48" width="48" height="48" alt="Asleep123" title="Asleep123"/></a> <a href="https://github.com/bolismauro"><img src="https://avatars.githubusercontent.com/u/771999?v=4&s=48" width="48" height="48" alt="bolismauro" title="bolismauro"/></a> <a href="https://github.com/cash-echo-bot"><img src="https://avatars.githubusercontent.com/u/252747386?v=4&s=48" width="48" height="48" alt="cash-echo-bot" title="cash-echo-bot"/></a> <a href="https://github.com/search?q=Clawd"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Clawd" title="Clawd"/></a> <a href="https://github.com/conhecendocontato"><img src="https://avatars.githubusercontent.com/u/82890727?v=4&s=48" width="48" height="48" alt="conhecendocontato" title="conhecendocontato"/></a> <a href="https://github.com/search?q=Dimitrios%20Ploutarchos"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Dimitrios Ploutarchos" title="Dimitrios Ploutarchos"/></a> <a href="https://github.com/search?q=Drake%20Thomsen"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Drake Thomsen" title="Drake Thomsen"/></a> <a href="https://github.com/search?q=Ghost"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Ghost" title="Ghost"/></a> <a href="https://github.com/gtsifrikas"><img src="https://avatars.githubusercontent.com/u/8904378?v=4&s=48" width="48" height="48" alt="gtsifrikas" title="gtsifrikas"/></a> <a href="https://github.com/HazAT"><img src="https://avatars.githubusercontent.com/u/363802?v=4&s=48" width="48" height="48" alt="HazAT" title="HazAT"/></a>
-  <a href="https://github.com/hrdwdmrbl"><img src="https://avatars.githubusercontent.com/u/554881?v=4&s=48" width="48" height="48" alt="hrdwdmrbl" title="hrdwdmrbl"/></a> <a href="https://github.com/hugobarauna"><img src="https://avatars.githubusercontent.com/u/2719?v=4&s=48" width="48" height="48" alt="hugobarauna" title="hugobarauna"/></a> <a href="https://github.com/search?q=Jamie%20Openshaw"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Jamie Openshaw" title="Jamie Openshaw"/></a> <a href="https://github.com/search?q=Jarvis"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Jarvis" title="Jarvis"/></a> <a href="https://github.com/search?q=Jefferson%20Nunn"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Jefferson Nunn" title="Jefferson Nunn"/></a> <a href="https://github.com/search?q=Kevin%20Lin"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Kevin Lin" title="Kevin Lin"/></a> <a href="https://github.com/kitze"><img src="https://avatars.githubusercontent.com/u/1160594?v=4&s=48" width="48" height="48" alt="kitze" title="kitze"/></a> <a href="https://github.com/levifig"><img src="https://avatars.githubusercontent.com/u/1605?v=4&s=48" width="48" height="48" alt="levifig" title="levifig"/></a> <a href="https://github.com/search?q=Lloyd"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Lloyd" title="Lloyd"/></a> <a href="https://github.com/longmaba"><img src="https://avatars.githubusercontent.com/u/9361500?v=4&s=48" width="48" height="48" alt="longmaba" title="longmaba"/></a>
-  <a href="https://github.com/loukotal"><img src="https://avatars.githubusercontent.com/u/18210858?v=4&s=48" width="48" height="48" alt="loukotal" title="loukotal"/></a> <a href="https://github.com/martinpucik"><img src="https://avatars.githubusercontent.com/u/5503097?v=4&s=48" width="48" height="48" alt="martinpucik" title="martinpucik"/></a> <a href="https://github.com/search?q=Miles"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Miles" title="Miles"/></a> <a href="https://github.com/mrdbstn"><img src="https://avatars.githubusercontent.com/u/58957632?v=4&s=48" width="48" height="48" alt="mrdbstn" title="mrdbstn"/></a> <a href="https://github.com/MSch"><img src="https://avatars.githubusercontent.com/u/7475?v=4&s=48" width="48" height="48" alt="MSch" title="MSch"/></a> <a href="https://github.com/search?q=Mustafa%20Tag%20Eldeen"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Mustafa Tag Eldeen" title="Mustafa Tag Eldeen"/></a> <a href="https://github.com/ndraiman"><img src="https://avatars.githubusercontent.com/u/12609607?v=4&s=48" width="48" height="48" alt="ndraiman" title="ndraiman"/></a> <a href="https://github.com/nexty5870"><img src="https://avatars.githubusercontent.com/u/3869659?v=4&s=48" width="48" height="48" alt="nexty5870" title="nexty5870"/></a> <a href="https://github.com/prathamdby"><img src="https://avatars.githubusercontent.com/u/134331217?v=4&s=48" width="48" height="48" alt="prathamdby" title="prathamdby"/></a> <a href="https://github.com/reeltimeapps"><img src="https://avatars.githubusercontent.com/u/637338?v=4&s=48" width="48" height="48" alt="reeltimeapps" title="reeltimeapps"/></a>
-  <a href="https://github.com/RLTCmpe"><img src="https://avatars.githubusercontent.com/u/10762242?v=4&s=48" width="48" height="48" alt="RLTCmpe" title="RLTCmpe"/></a> <a href="https://github.com/rodrigouroz"><img src="https://avatars.githubusercontent.com/u/384037?v=4&s=48" width="48" height="48" alt="rodrigouroz" title="rodrigouroz"/></a> <a href="https://github.com/search?q=Rolf%20Fredheim"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Rolf Fredheim" title="Rolf Fredheim"/></a> <a href="https://github.com/search?q=Rony%20Kelner"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Rony Kelner" title="Rony Kelner"/></a> <a href="https://github.com/search?q=Samrat%20Jha"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Samrat Jha" title="Samrat Jha"/></a> <a href="https://github.com/siraht"><img src="https://avatars.githubusercontent.com/u/73152895?v=4&s=48" width="48" height="48" alt="siraht" title="siraht"/></a> <a href="https://github.com/snopoke"><img src="https://avatars.githubusercontent.com/u/249606?v=4&s=48" width="48" height="48" alt="snopoke" title="snopoke"/></a> <a href="https://github.com/suminhthanh"><img src="https://avatars.githubusercontent.com/u/2907636?v=4&s=48" width="48" height="48" alt="suminhthanh" title="suminhthanh"/></a> <a href="https://github.com/search?q=The%20Admiral"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="The Admiral" title="The Admiral"/></a> <a href="https://github.com/thesash"><img src="https://avatars.githubusercontent.com/u/1166151?v=4&s=48" width="48" height="48" alt="thesash" title="thesash"/></a>
-  <a href="https://github.com/search?q=Ubuntu"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Ubuntu" title="Ubuntu"/></a> <a href="https://github.com/voidserf"><img src="https://avatars.githubusercontent.com/u/477673?v=4&s=48" width="48" height="48" alt="voidserf" title="voidserf"/></a> <a href="https://github.com/wstock"><img src="https://avatars.githubusercontent.com/u/1394687?v=4&s=48" width="48" height="48" alt="wstock" title="wstock"/></a> <a href="https://github.com/search?q=Zach%20Knickerbocker"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Zach Knickerbocker" title="Zach Knickerbocker"/></a> <a href="https://github.com/Alphonse-arianee"><img src="https://avatars.githubusercontent.com/u/254457365?v=4&s=48" width="48" height="48" alt="Alphonse-arianee" title="Alphonse-arianee"/></a> <a href="https://github.com/search?q=Azade"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Azade" title="Azade"/></a> <a href="https://github.com/carlulsoe"><img src="https://avatars.githubusercontent.com/u/34673973?v=4&s=48" width="48" height="48" alt="carlulsoe" title="carlulsoe"/></a> <a href="https://github.com/search?q=ddyo"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="ddyo" title="ddyo"/></a> <a href="https://github.com/search?q=Erik"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Erik" title="Erik"/></a> <a href="https://github.com/latitudeki5223"><img src="https://avatars.githubusercontent.com/u/119656367?v=4&s=48" width="48" height="48" alt="latitudeki5223" title="latitudeki5223"/></a>
-  <a href="https://github.com/search?q=Manuel%20Maly"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Manuel Maly" title="Manuel Maly"/></a> <a href="https://github.com/search?q=Mourad%20Boustani"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Mourad Boustani" title="Mourad Boustani"/></a> <a href="https://github.com/pcty-nextgen-ios-builder"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="pcty-nextgen-ios-builder" title="pcty-nextgen-ios-builder"/></a> <a href="https://github.com/search?q=Quentin"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Quentin" title="Quentin"/></a> <a href="https://github.com/search?q=Randy%20Torres"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="Randy Torres" title="Randy Torres"/></a> <a href="https://github.com/rhjoh"><img src="https://avatars.githubusercontent.com/u/105699450?v=4&s=48" width="48" height="48" alt="rhjoh" title="rhjoh"/></a> <a href="https://github.com/ronak-guliani"><img src="https://avatars.githubusercontent.com/u/23518228?v=4&s=48" width="48" height="48" alt="ronak-guliani" title="ronak-guliani"/></a> <a href="https://github.com/search?q=William%20Stock"><img src="assets/avatar-placeholder.svg" width="48" height="48" alt="William Stock" title="William Stock"/></a>
-</p>
+- https://clawd.me
+- https://soul.md
+- https://steipete.me

SECURITY.md

@@ -1,15 +0,0 @@
-# Security Policy
-
-If you believe you’ve found a security issue in Clawdbot, please report it privately.
-
-## Reporting
-
-- Email: `steipete@gmail.com`
-- What to include: reproduction steps, impact assessment, and (if possible) a minimal PoC.
-
-## Operational Guidance
-
-For threat model + hardening guidance (including `clawdbot security audit --deep` and `--fix`), see:
-
-- `https://docs.clawd.bot/gateway/security`
-

Swabble/Package.swift

@@ -13,7 +13,7 @@ let package = Package(
         .executable(name: "swabble", targets: ["SwabbleCLI"]),
     ],
     dependencies: [
-        .package(url: "https://github.com/steipete/Commander.git", exact: "0.2.1"),
+        .package(path: "../Peekaboo/Commander"),
         .package(url: "https://github.com/apple/swift-testing", from: "0.99.0"),
     ],
     targets: [

Swabble/Sources/SwabbleCore/Support/AttributedString+Sentences.swift

@@ -34,7 +34,8 @@ extension AttributedString {
             var ranges: [Range<AttributedString.Index>] = []
             for wordRange in wordRanges {
                 if let lastRange = ranges.last,
-                   self[lastRange].characters.count + self[wordRange].characters.count <= maxLength {
+                   self[lastRange].characters.count + self[wordRange].characters.count <= maxLength
+                {
                     ranges[ranges.count - 1] = lastRange.lowerBound..<wordRange.upperBound
                 } else {
                     ranges.append(wordRange)

Swabble/Sources/SwabbleCore/Support/TranscriptsStore.swift

@@ -13,7 +13,8 @@ public actor TranscriptsStore {
         try? FileManager.default.createDirectory(at: dir, withIntermediateDirectories: true)
         fileURL = dir.appendingPathComponent("transcripts.log")
         if let data = try? Data(contentsOf: fileURL),
-           let text = String(data: data, encoding: .utf8) {
+           let text = String(data: data, encoding: .utf8)
+        {
             entries = text.split(separator: "\n").map(String.init).suffix(limit)
         }
     }

Swabble/Sources/SwabbleKit/WakeWordGate.swift

@@ -13,7 +13,7 @@ public struct WakeWordSegment: Sendable, Equatable {
         self.range = range
     }
 
-    public var end: TimeInterval { start + duration }
+    public var end: TimeInterval { self.start + self.duration }
 }
 
 public struct WakeWordGateConfig: Sendable, Equatable {
@@ -24,7 +24,8 @@ public struct WakeWordGateConfig: Sendable, Equatable {
     public init(
         triggers: [String],
         minPostTriggerGap: TimeInterval = 0.45,
-        minCommandLength: Int = 1) {
+        minCommandLength: Int = 1)
+    {
         self.triggers = triggers
         self.minPostTriggerGap = minPostTriggerGap
         self.minCommandLength = minCommandLength
@@ -56,24 +57,18 @@ public enum WakeWordGate {
         let tokens: [String]
     }
 
-    private struct MatchCandidate {
-        let index: Int
-        let triggerEnd: TimeInterval
-        let gap: TimeInterval
-    }
-
     public static func match(
         transcript: String,
         segments: [WakeWordSegment],
         config: WakeWordGateConfig)
     -> WakeWordGateMatch? {
-        let triggerTokens = normalizeTriggers(config.triggers)
+        let triggerTokens = self.normalizeTriggers(config.triggers)
         guard !triggerTokens.isEmpty else { return nil }
 
-        let tokens = normalizeSegments(segments)
+        let tokens = self.normalizeSegments(segments)
         guard !tokens.isEmpty else { return nil }
 
-        var best: MatchCandidate?
+        var best: (index: Int, triggerEnd: TimeInterval, gap: TimeInterval)?
 
         for trigger in triggerTokens {
             let count = trigger.tokens.count
@@ -89,12 +84,12 @@ public enum WakeWordGate {
 
                 if let best, i <= best.index { continue }
 
-                best = MatchCandidate(index: i, triggerEnd: triggerEnd, gap: gap)
+                best = (i, triggerEnd, gap)
             }
         }
 
         guard let best else { return nil }
-        let command = commandText(transcript: transcript, segments: segments, triggerEndTime: best.triggerEnd)
+        let command = self.commandText(transcript: transcript, segments: segments, triggerEndTime: best.triggerEnd)
             .trimmingCharacters(in: Self.whitespaceAndPunctuation)
         guard command.count >= config.minCommandLength else { return nil }
         return WakeWordGateMatch(triggerEndTime: best.triggerEnd, postGap: best.gap, command: command)
@@ -116,7 +111,7 @@ public enum WakeWordGate {
         }
 
         let text = segments
-            .filter { $0.start >= threshold && !normalizeToken($0.text).isEmpty }
+            .filter { $0.start >= threshold && !self.normalizeToken($0.text).isEmpty }
             .map(\.text)
             .joined(separator: " ")
         return text.trimmingCharacters(in: Self.whitespaceAndPunctuation)
@@ -126,7 +121,7 @@ public enum WakeWordGate {
         guard !text.isEmpty else { return false }
         let normalized = text.lowercased()
         for trigger in triggers {
-            let token = trigger.trimmingCharacters(in: whitespaceAndPunctuation).lowercased()
+            let token = trigger.trimmingCharacters(in: self.whitespaceAndPunctuation).lowercased()
             if token.isEmpty { continue }
             if normalized.contains(token) { return true }
         }
@@ -136,11 +131,11 @@ public enum WakeWordGate {
     public static func stripWake(text: String, triggers: [String]) -> String {
         var out = text
         for trigger in triggers {
-            let token = trigger.trimmingCharacters(in: whitespaceAndPunctuation)
+            let token = trigger.trimmingCharacters(in: self.whitespaceAndPunctuation)
             guard !token.isEmpty else { continue }
             out = out.replacingOccurrences(of: token, with: "", options: [.caseInsensitive])
         }
-        return out.trimmingCharacters(in: whitespaceAndPunctuation)
+        return out.trimmingCharacters(in: self.whitespaceAndPunctuation)
     }
 
     private static func normalizeTriggers(_ triggers: [String]) -> [TriggerTokens] {
@@ -148,7 +143,7 @@ public enum WakeWordGate {
         for trigger in triggers {
             let tokens = trigger
                 .split(whereSeparator: { $0.isWhitespace })
-                .map { normalizeToken(String($0)) }
+                .map { self.normalizeToken(String($0)) }
                 .filter { !$0.isEmpty }
             if tokens.isEmpty { continue }
             output.append(TriggerTokens(tokens: tokens))
@@ -158,7 +153,7 @@ public enum WakeWordGate {
 
     private static func normalizeSegments(_ segments: [WakeWordSegment]) -> [Token] {
         segments.compactMap { segment in
-            let normalized = normalizeToken(segment.text)
+            let normalized = self.normalizeToken(segment.text)
             guard !normalized.isEmpty else { return nil }
             return Token(
                 normalized: normalized,
@@ -171,7 +166,7 @@ public enum WakeWordGate {
 
     private static func normalizeToken(_ token: String) -> String {
         token
-            .trimmingCharacters(in: whitespaceAndPunctuation)
+            .trimmingCharacters(in: self.whitespaceAndPunctuation)
             .lowercased()
     }
 

Swabble/Sources/swabble/CLI/CLIRegistry.swift

@@ -24,7 +24,7 @@ enum CLIRegistry {
             subcommands: [
                 descriptor(for: ServiceInstall.self),
                 descriptor(for: ServiceUninstall.self),
-                descriptor(for: ServiceStatus.self)
+                descriptor(for: ServiceStatus.self),
             ])
         let doctorDesc = descriptor(for: DoctorCommand.self)
         let setupDesc = descriptor(for: SetupCommand.self)
@@ -54,7 +54,7 @@ enum CLIRegistry {
                 startDesc,
                 stopDesc,
                 restartDesc,
-                statusDesc
+                statusDesc,
             ])
         return [root]
     }

Swabble/Sources/swabble/Commands/ServiceCommands.swift

@@ -25,7 +25,7 @@ private enum LaunchdHelper {
             "Label": label,
             "ProgramArguments": [executable, "serve"],
             "RunAtLoad": true,
-            "KeepAlive": true
+            "KeepAlive": true,
         ]
         let data = try PropertyListSerialization.data(fromPropertyList: plist, format: .xml, options: 0)
         try data.write(to: plistURL)

Swabble/Sources/swabble/main.swift

@@ -25,123 +25,78 @@ private func dispatch(invocation: CommandInvocation) async throws {
 
     switch first {
     case "swabble":
-        try await dispatchSwabble(parsed: parsed, path: path)
+        guard path.count >= 2 else { throw CommanderProgramError.missingSubcommand(command: "swabble") }
+        let sub = path[1]
+        switch sub {
+        case "serve":
+            var cmd = ServeCommand(parsed: parsed)
+            try await cmd.run()
+        case "transcribe":
+            var cmd = TranscribeCommand(parsed: parsed)
+            try await cmd.run()
+        case "test-hook":
+            var cmd = TestHookCommand(parsed: parsed)
+            try await cmd.run()
+        case "mic":
+            guard path.count >= 3 else { throw CommanderProgramError.missingSubcommand(command: "mic") }
+            let micSub = path[2]
+            if micSub == "list" {
+                var cmd = MicList(parsed: parsed)
+                try await cmd.run()
+            } else if micSub == "set" {
+                var cmd = MicSet(parsed: parsed)
+                try await cmd.run()
+            } else {
+                throw CommanderProgramError.unknownSubcommand(command: "mic", name: micSub)
+            }
+        case "service":
+            guard path.count >= 3 else { throw CommanderProgramError.missingSubcommand(command: "service") }
+            let svcSub = path[2]
+            switch svcSub {
+            case "install":
+                var cmd = ServiceInstall()
+                try await cmd.run()
+            case "uninstall":
+                var cmd = ServiceUninstall()
+                try await cmd.run()
+            case "status":
+                var cmd = ServiceStatus()
+                try await cmd.run()
+            default:
+                throw CommanderProgramError.unknownSubcommand(command: "service", name: svcSub)
+            }
+        case "doctor":
+            var cmd = DoctorCommand(parsed: parsed)
+            try await cmd.run()
+        case "setup":
+            var cmd = SetupCommand(parsed: parsed)
+            try await cmd.run()
+        case "health":
+            var cmd = HealthCommand(parsed: parsed)
+            try await cmd.run()
+        case "tail-log":
+            var cmd = TailLogCommand(parsed: parsed)
+            try await cmd.run()
+        case "start":
+            var cmd = StartCommand()
+            try await cmd.run()
+        case "stop":
+            var cmd = StopCommand()
+            try await cmd.run()
+        case "restart":
+            var cmd = RestartCommand()
+            try await cmd.run()
+        case "status":
+            var cmd = StatusCommand()
+            try await cmd.run()
+        default:
+            throw CommanderProgramError.unknownSubcommand(command: "swabble", name: sub)
+        }
     default:
         throw CommanderProgramError.unknownCommand(first)
     }
 }
 
-@available(macOS 26.0, *)
-@MainActor
-private func dispatchSwabble(parsed: ParsedValues, path: [String]) async throws {
-    let sub = try subcommand(path, index: 1, command: "swabble")
-    switch sub {
-    case "mic":
-        try await dispatchMic(parsed: parsed, path: path)
-    case "service":
-        try await dispatchService(path: path)
-    default:
-        let handlers = swabbleHandlers(parsed: parsed)
-        guard let handler = handlers[sub] else {
-            throw CommanderProgramError.unknownSubcommand(command: "swabble", name: sub)
-        }
-        try await handler()
-    }
-}
-
-@available(macOS 26.0, *)
-@MainActor
-private func swabbleHandlers(parsed: ParsedValues) -> [String: () async throws -> Void] {
-    [
-        "serve": {
-            var cmd = ServeCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "transcribe": {
-            var cmd = TranscribeCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "test-hook": {
-            var cmd = TestHookCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "doctor": {
-            var cmd = DoctorCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "setup": {
-            var cmd = SetupCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "health": {
-            var cmd = HealthCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "tail-log": {
-            var cmd = TailLogCommand(parsed: parsed)
-            try await cmd.run()
-        },
-        "start": {
-            var cmd = StartCommand()
-            try await cmd.run()
-        },
-        "stop": {
-            var cmd = StopCommand()
-            try await cmd.run()
-        },
-        "restart": {
-            var cmd = RestartCommand()
-            try await cmd.run()
-        },
-        "status": {
-            var cmd = StatusCommand()
-            try await cmd.run()
-        }
-    ]
-}
-
-@available(macOS 26.0, *)
-@MainActor
-private func dispatchMic(parsed: ParsedValues, path: [String]) async throws {
-    let micSub = try subcommand(path, index: 2, command: "mic")
-    switch micSub {
-    case "list":
-        var cmd = MicList(parsed: parsed)
-        try await cmd.run()
-    case "set":
-        var cmd = MicSet(parsed: parsed)
-        try await cmd.run()
-    default:
-        throw CommanderProgramError.unknownSubcommand(command: "mic", name: micSub)
-    }
-}
-
-@available(macOS 26.0, *)
-@MainActor
-private func dispatchService(path: [String]) async throws {
-    let svcSub = try subcommand(path, index: 2, command: "service")
-    switch svcSub {
-    case "install":
-        var cmd = ServiceInstall()
-        try await cmd.run()
-    case "uninstall":
-        var cmd = ServiceUninstall()
-        try await cmd.run()
-    case "status":
-        var cmd = ServiceStatus()
-        try await cmd.run()
-    default:
-        throw CommanderProgramError.unknownSubcommand(command: "service", name: svcSub)
-    }
-}
-
-private func subcommand(_ path: [String], index: Int, command: String) throws -> String {
-    guard path.count > index else {
-        throw CommanderProgramError.missingSubcommand(command: command)
-    }
-    return path[index]
-}
-
 if #available(macOS 26.0, *) {
     let exitCode = await runCLI()
     exit(exitCode)

Swabble/Tests/SwabbleKitTests/WakeWordGateTests.swift

@@ -1,6 +1,6 @@
 import Foundation
-import SwabbleKit
 import Testing
+import SwabbleKit
 
 @Suite struct WakeWordGateTests {
     @Test func matchRequiresGapAfterTrigger() {

appcast.xml

@@ -1,275 +1,212 @@
 <?xml version="1.0" standalone="yes"?>
 <rss xmlns:sparkle="http://www.andymatuschak.org/xml-namespaces/sparkle" version="2.0">
     <channel>
-        <title>Clawdbot</title>
+        <title>Clawdis</title>
         <item>
-            <title>2026.1.16-2</title>
-            <pubDate>Sat, 17 Jan 2026 12:46:22 +0000</pubDate>
-            <link>https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml</link>
-            <sparkle:version>6273</sparkle:version>
-            <sparkle:shortVersionString>2026.1.16-2</sparkle:shortVersionString>
+            <title>2.0.0-beta5</title>
+            <pubDate>Sat, 03 Jan 2026 07:15:16 +0100</pubDate>
+            <link>https://raw.githubusercontent.com/steipete/clawdis/main/appcast.xml</link>
+            <sparkle:version>2765</sparkle:version>
+            <sparkle:shortVersionString>2.0.0-beta5</sparkle:shortVersionString>
             <sparkle:minimumSystemVersion>15.0</sparkle:minimumSystemVersion>
-            <description><![CDATA[<h2>Clawdbot 2026.1.16-2</h2>
-<h3>Changes</h3>
+            <description><![CDATA[<h2>Clawdis 2.0.0-beta5</h2>
+<h3>Fixed</h3>
 <ul>
-<li>CLI: stamp build commit into dist metadata so banners show the commit in npm installs.</li>
-</ul>
-<p><a href="https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md">View full changelog</a></p>
-]]></description>
-            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.16-2/Clawdbot-2026.1.16-2.zip" length="21399591" type="application/octet-stream" sparkle:edSignature="zelT+KzN32cXsihbFniPF5Heq0hkwFfL3Agrh/AaoKUkr7kJAFarkGSOZRTWZ9y+DvOluzn2wHHjVigRjMzrBA=="/>
-        </item>
-        <item>
-            <title>2026.1.15</title>
-            <pubDate>Fri, 16 Jan 2026 10:31:53 +0000</pubDate>
-            <link>https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml</link>
-            <sparkle:version>5998</sparkle:version>
-            <sparkle:shortVersionString>2026.1.15</sparkle:shortVersionString>
-            <sparkle:minimumSystemVersion>15.0</sparkle:minimumSystemVersion>
-            <description><![CDATA[<h2>Clawdbot 2026.1.15</h2>
-<h3>Highlights</h3>
-<ul>
-<li>Plugins: add provider auth registry + <code>clawdbot models auth login</code> for plugin-driven OAuth/API key flows.</li>
-<li>Browser: improve remote CDP/Browserless support (auth passthrough, <code>wss</code> upgrade, timeouts, clearer errors).</li>
-<li>Heartbeat: per-agent configuration + 24h duplicate suppression. (#980) — thanks @voidserf.</li>
-<li>Security: audit warns on weak model tiers; app nodes store auth tokens encrypted (Keychain/SecurePrefs).</li>
+<li>Media: preserve GIF animation when uploading to Discord/other providers (skip JPEG optimization for image/gif).</li>
+<li>Agent runtime: update pi-mono dependencies to 0.31.1 (agent-core split).</li>
+<li>Dependencies: bump to latest compatible versions (TypeBox, grammY, Zod, Rolldown, oxlint-tsgolint).</li>
+<li>Tests: cover read tool image metadata + text output.</li>
+<li>Tests: add queue mode coverage (collect/followup + directive parsing).</li>
 </ul>
 <h3>Breaking</h3>
 <ul>
-<li><strong>BREAKING:</strong> iOS minimum version is now 18.0 to support Textual markdown rendering in native chat. (#702)</li>
-<li><strong>BREAKING:</strong> Microsoft Teams is now a plugin; install <code>@clawdbot/msteams</code> via <code>clawdbot plugins install @clawdbot/msteams</code>.</li>
+<li>Skills config schema moved under <code>skills.*</code>:</li>
 </ul>
-<h3>Changes</h3>
+  - <code>skillsLoad.extraDirs</code> → <code>skills.load.extraDirs</code>
+  - <code>skillsInstall.*</code> → <code>skills.install.*</code>
+  - per-skill config map moved to <code>skills.entries</code> (e.g. <code>skills.peekaboo.enabled</code> → <code>skills.entries.peekaboo.enabled</code>)
+  - new optional bundled allowlist: <code>skills.allowBundled</code> (only affects bundled skills)
 <ul>
-<li>CLI: set process titles to <code>clawdbot-<command></code> for clearer process listings.</li>
-<li>CLI/macOS: sync remote SSH target/identity to config and let <code>gateway status</code> auto-infer SSH targets (ssh-config aware).</li>
-<li>Heartbeat: tighten prompt guidance + suppress duplicate alerts for 24h. (#980) — thanks @voidserf.</li>
-<li>Sessions/Security: add <code>session.dmScope</code> for multi-user DM isolation and audit warnings. (#948) — thanks @Alphonse-arianee.</li>
-<li>Plugins: add provider auth registry + <code>clawdbot models auth login</code> for plugin-driven OAuth/API key flows.</li>
-<li>Onboarding: switch channels setup to a single-select loop with per-channel actions and disabled hints in the picker.</li>
-<li>TUI: show provider/model labels for the active session and default model.</li>
-<li>Heartbeat: add per-agent heartbeat configuration and multi-agent docs example.</li>
-<li>UI: show gateway auth guidance + doc link on unauthorized Control UI connections.</li>
-<li>Security: warn on weak model tiers (Haiku, below GPT-5, below Claude 4.5) in <code>clawdbot security audit</code>.</li>
-<li>Apps: store node auth tokens encrypted (Keychain/SecurePrefs).</li>
-<li>Daemon: share profile/state-dir resolution across service helpers and honor <code>CLAWDBOT_STATE_DIR</code> for Windows task scripts.</li>
-<li>Docs: clarify multi-gateway rescue bot guidance. (#969) — thanks @bjesuiter.</li>
-<li>Agents: add Current Date & Time system prompt section with configurable time format (auto/12/24).</li>
-<li>Tools: normalize Slack/Discord message timestamps with <code>timestampMs</code>/<code>timestampUtc</code> while keeping raw provider fields.</li>
-<li>macOS: add <code>system.which</code> for prompt-free remote skill discovery (with gateway fallback to <code>system.run</code>).</li>
-<li>Docs: add Date & Time guide and update prompt/timezone configuration docs.</li>
-<li>Messages: debounce rapid inbound messages across channels with per-connector overrides. (#971) — thanks @juanpablodlc.</li>
-<li>Messages: allow media-only sends (CLI/tool) and show Telegram voice recording status for voice notes. (#957) — thanks @rdev.</li>
-<li>Auth/Status: keep auth profiles sticky per session (rotate on compaction/new), surface provider usage headers in <code>/status</code> and <code>clawdbot models status</code>, and update docs.</li>
-<li>CLI: add <code>--json</code> output for <code>clawdbot daemon</code> lifecycle/install commands.</li>
-<li>Memory: make <code>node-llama-cpp</code> an optional dependency (avoid Node 25 install failures) and improve local-embeddings fallback/errors.</li>
-<li>Browser: add <code>snapshot refs=aria</code> (Playwright aria-ref ids) for self-resolving refs across <code>snapshot</code> → <code>act</code>.</li>
-<li>Browser: <code>profile="chrome"</code> now defaults to host control and returns clearer “attach a tab” errors.</li>
-<li>Browser: prefer stable Chrome for auto-detect, with Brave/Edge fallbacks and updated docs. (#983) — thanks @cpojer.</li>
-<li>Browser: increase remote CDP reachability timeouts + add <code>remoteCdpTimeoutMs</code>/<code>remoteCdpHandshakeTimeoutMs</code>.</li>
-<li>Browser: preserve auth/query tokens for remote CDP endpoints and pass Basic auth for CDP HTTP/WS. (#895) — thanks @mukhtharcm.</li>
-<li>Telegram: add bidirectional reaction support with configurable notifications and agent guidance. (#964) — thanks @bohdanpodvirnyi.</li>
-<li>Telegram: allow custom commands in the bot menu (merged with native; conflicts ignored). (#860) — thanks @nachoiacovino.</li>
-<li>Discord: allow allowlisted guilds without channel lists to receive messages when <code>groupPolicy="allowlist"</code>. — thanks @thewilloftheshadow.</li>
-<li>Discord: allow emoji/sticker uploads + channel actions in config defaults. (#870) — thanks @JDIVE.</li>
+<li>Sessions: group keys now use <code>surface:group:<id></code> / <code>surface:channel:<id></code>; legacy <code>group:*</code> keys migrate on next message; <code>groupdm</code> keys are no longer recognized.</li>
+<li>Discord: remove legacy <code>discord.allowFrom</code>, <code>discord.guildAllowFrom</code>, and <code>discord.requireMention</code>; use <code>discord.dm</code> + <code>discord.guilds</code>.</li>
+<li>Providers: Discord/Telegram no longer auto-start from env tokens alone; add <code>discord: { enabled: true }</code> / <code>telegram: { enabled: true }</code> to your config when using <code>DISCORD_BOT_TOKEN</code> / <code>TELEGRAM_BOT_TOKEN</code>.</li>
+<li>Config: remove <code>routing.allowFrom</code>; use <code>whatsapp.allowFrom</code> instead (run <code>clawdis doctor</code> to migrate).</li>
+<li>Config: remove <code>routing.groupChat.requireMention</code> + <code>telegram.requireMention</code>; use <code>whatsapp.groups</code>, <code>imessage.groups</code>, and <code>telegram.groups</code> defaults instead (run <code>clawdis doctor</code> to migrate).</li>
+</ul>
+<h3>Features</h3>
+<ul>
+<li>Discord: expand <code>discord</code> tool actions (reactions, stickers, polls, threads, search, moderation gates) (#115) — thanks @thewilloftheshadow.</li>
+<li>Discord/Telegram: add reply tags (<code>[[reply_to_current]]</code>, <code>[[reply_to:<id>]]</code>) with per-provider <code>replyToMode</code> (off|first|all) for native threaded replies.</li>
+<li>Talk mode: continuous speech conversations (macOS/iOS/Android) with ElevenLabs TTS, reply directives, and optional interrupt-on-speech.</li>
+<li>Auto-reply: expand queue modes (steer/followup/collect/steer-backlog) with debounce/cap/drop options and followup backlog handling.</li>
+<li>UI: add optional <code>ui.seamColor</code> accent to tint the Talk Mode side bubble (macOS/iOS/Android).</li>
+<li>Nix mode: opt-in declarative config + read-only settings UI when <code>CLAWDIS_NIX_MODE=1</code> (thanks @joshp123 for the persistence — earned my trust; I'll merge these going forward).</li>
+<li>CLI: add Google Antigravity OAuth auth option for Claude Opus 4.5/Gemini 3 (#88) — thanks @mukhtharcm.</li>
+<li>Agent runtime: accept legacy <code>Z_AI_API_KEY</code> for Z.AI provider auth (maps to <code>ZAI_API_KEY</code>).</li>
+<li>Groups: add per-group mention gating defaults/overrides for Telegram/WhatsApp/iMessage via <code>*.groups</code> with <code>"*"</code> defaults; Discord now supports <code>discord.guilds."*"</code> as a default.</li>
+<li>Discord: add user-installed slash command handling with per-user sessions and auto-registration (#94) — thanks @thewilloftheshadow.</li>
+<li>Discord: add DM enable/allowlist plus guild channel/user/guild allowlists with id/name matching.</li>
+<li>Signal: add <code>signal-cli</code> JSON-RPC support for send/receive via the Signal provider.</li>
+<li>iMessage: add imsg JSON-RPC integration (stdio), chat_id routing, and group chat support.</li>
+<li>Chat UI: add recent-session dropdown switcher (main first) in macOS/iOS/Android + Control UI.</li>
+<li>UI: add Discord/Signal/iMessage connection panels in macOS + Control UI (thanks @thewilloftheshadow).</li>
+<li>Discord: allow agent-triggered reactions via <code>clawdis_discord</code> when enabled, and surface message ids in context.</li>
+<li>Discord: revamp guild routing config with per-guild/channel rules and slugged display names; add optional group DM support (default off).</li>
+<li>Discord: remove legacy guild/channel ignore lists in favor of per-guild allowlists (and proposed per-guild ignore lists).</li>
+<li>Skills: add Trello skill for board/list/card management (thanks @clawd).</li>
+<li>Docker: add containerized gateway/CLI setup via Dockerfile, compose, and setup script (thanks @dan-dr).</li>
+<li>Tests: add a Z.AI live test gate for smoke validation when keys are present.</li>
+<li>macOS Debug: add app log verbosity and rolling file log toggle for swift-log-backed app logs.</li>
+<li>CLI: add onboarding wizard (gateway + workspace + skills) with daemon installers and Anthropic/Minimax setup paths.</li>
+<li>CLI: add ASCII banner header to wizard entry points.</li>
+<li>CLI: add <code>configure</code>, <code>doctor</code>, and <code>update</code> wizards for ongoing setup, health checks, and modernization.</li>
+<li>CLI: add Signal CLI auto-install from GitHub releases in the wizard and persist wizard run metadata in config.</li>
+<li>CLI: add remote gateway client config (gateway.remote.*) with Bonjour-assisted discovery.</li>
+<li>CLI: enhance <code>clawdis tui</code> with model/session pickers, tool cards, and slash commands (local or remote).</li>
+<li>Gateway: allow <code>sessions.patch</code> to set per-session model overrides (used by the TUI <code>/model</code> flow).</li>
+<li>Skills: allow <code>bun</code> as a node manager for skill installs.</li>
+<li>Skills: add <code>things-mac</code> (Things 3 CLI) for read/search plus add/update via URL scheme.</li>
+<li>Skills: add Apple Notes + Reminders skills via memo CLI (thanks @tylerwince).</li>
+<li>Tests: add a Docker-based onboarding E2E harness.</li>
+<li>Tests: harden wizard E2E flows for reset, providers, skills, and remote non-interactive runs.</li>
+<li>Browser tools: add remote CDP URL support, Linux launcher options (<code>executablePath</code>, <code>noSandbox</code>), and surface <code>cdpUrl</code> in status.</li>
+<li>Skills: add tmux-first coding-agent skill + <code>requires.anyBins</code> gate for multi-CLI setup (thanks @sreekaransrinath).</li>
 </ul>
 <h3>Fixes</h3>
 <ul>
-<li>Fix: list model picker entries as provider/model pairs for explicit selection. (#970) — thanks @mcinteerj.</li>
-<li>Fix: align OpenAI image-gen defaults with DALL-E 3 standard quality and document output formats. (#880) — thanks @mkbehr.</li>
-<li>Fix: persist <code>gateway.mode=local</code> after selecting Local run mode in <code>clawdbot configure</code>, even if no other sections are chosen.</li>
-<li>Daemon: fix profile-aware service label resolution (env-driven) and add coverage for launchd/systemd/schtasks. (#969) — thanks @bjesuiter.</li>
-<li>Agents: avoid false positives when logging unsupported Google tool schema keywords.</li>
-<li>Agents: skip Gemini history downgrades for google-antigravity to preserve tool calls. (#894) — thanks @mukhtharcm.</li>
-<li>Status: restore usage summary line for current provider when no OAuth profiles exist.</li>
-<li>Fix: guard model fallback against undefined provider/model values. (#954) — thanks @roshanasingh4.</li>
-<li>Fix: refactor session store updates, add chat.inject, and harden subagent cleanup flow. (#944) — thanks @tyler6204.</li>
-<li>Fix: clean up suspended CLI processes across backends. (#978) — thanks @Nachx639.</li>
-<li>Fix: support MiniMax coding plan usage responses with <code>model_remains</code>/<code>current_interval_*</code> payloads.</li>
-<li>Fix: suppress WhatsApp pairing replies for historical catch-up DMs on initial link. (#904)</li>
-<li>Browser: extension mode recovers when only one tab is attached (stale targetId fallback).</li>
-<li>Browser: fix <code>tab not found</code> for extension relay snapshots/actions when Playwright blocks <code>newCDPSession</code> (use the single available Page).</li>
-<li>Browser: upgrade <code>ws</code> → <code>wss</code> when remote CDP uses <code>https</code> (fixes Browserless handshake).</li>
-<li>Telegram: skip <code>message_thread_id=1</code> for General topic sends while keeping typing indicators. (#848) — thanks @azade-c.</li>
-<li>Fix: sanitize user-facing error text + strip <code><final></code> tags across reply pipelines. (#975) — thanks @ThomsenDrake.</li>
-<li>Fix: normalize pairing CLI aliases, allow extension channels, and harden Zalo webhook payload parsing. (#991) — thanks @longmaba.</li>
-<li>Fix: allow local Tailscale Serve hostnames without treating tailnet clients as direct. (#885) — thanks @oswalpalash.</li>
-<li>Fix: reset sessions after role-ordering conflicts to recover from consecutive user turns. (#998)</li>
+<li>Gog calendar: format date ranges as RFC 3339 with timezone to satisfy Google Calendar API (thanks @jayhickey).</li>
+<li>macOS onboarding: add scrollable page gutter for overflowing content (#105) — thanks @thewilloftheshadow.</li>
+<li>Chat UI: keep the chat scrolled to the latest message after switching sessions.</li>
+<li>Chat UI: show rich session display names in Web Chat + SwiftUI + Android.</li>
+<li>Auto-reply: stream completed reply blocks as soon as they finish (configurable default + break); skip empty tool-only blocks unless verbose.</li>
+<li>Discord: avoid duplicate sends when block streaming is enabled (race with typing hook).</li>
+<li>Providers: make outbound text chunk limits configurable via <code>*.textChunkLimit</code> (defaults remain 4000/Discord 2000).</li>
+<li>CLI onboarding: persist gateway token in config so local CLI auth works; recommend auth Off unless you need multi-machine access.</li>
+<li>Control UI: accept a <code>?token=</code> URL param to auto-fill Gateway auth; onboarding now opens the dashboard with token auth when configured.</li>
+<li>Agent prompt: remove hardcoded user name in system prompt example.</li>
+<li>Chat UI: add extra top padding before the first message bubble in Web Chat (macOS/iOS/Android).</li>
+<li>Control UI: refine Web Chat session selector styling (chevron spacing + background).</li>
+<li>WebChat: stream live updates for sessions even when runs start outside the chat UI.</li>
+<li>Gateway CLI: read <code>CLAWDIS_GATEWAY_PASSWORD</code> from environment in <code>callGateway()</code> — allows <code>doctor</code>/<code>health</code> commands to auth without explicit <code>--password</code> flag.</li>
+<li>Gateway: add password auth support for remote gateway connections (thanks @jeffersonwarrior).</li>
+<li>Auto-reply: strip stray leading/trailing <code>HEARTBEAT_OK</code> from normal replies; drop short (≤ 30 chars) heartbeat acks.</li>
+<li>WhatsApp auto-reply: default to self-only when no config is present.</li>
+<li>Logging: trim provider prefix duplication in Discord/Signal/Telegram runtime log lines.</li>
+<li>Logging/Signal: treat signal-cli "Failed …" lines as errors in gateway logs.</li>
+<li>Discord: include recent guild context when replying to mentions and add <code>discord.historyLimit</code> to tune how many messages are captured.</li>
+<li>Discord: include author tag + id in group context <code>[from:]</code> lines for ping-ready replies (thanks @thewilloftheshadow).</li>
+<li>Discord: include replied-to message context when a Discord message references another message (thanks @thewilloftheshadow).</li>
+<li>Discord: preserve newlines when stripping reply tags from agent output.</li>
+<li>Gateway: fix TypeScript build by aligning hook mapping <code>channel</code> types and removing a dead Group DM branch in Discord monitor.</li>
+<li>Skills: switch imsg installer to brew tap formula.</li>
+<li>Skills: gate macOS-only skills by OS and surface block reasons in the Skills UI.</li>
+<li>Onboarding: show skill descriptions in the macOS setup flow and surface clearer Gateway/skills error messages.</li>
+<li>Onboarding: auto-verify Claude OAuth tokens, show “verified” when detected working, and avoid re-auth prompts unless verification fails.</li>
+<li>CLI onboarding: include exit code + a useful one-line summary when skill dependency installs fail.</li>
+<li>CLI onboarding: explain Tailscale exposure options (Off/Serve/Funnel) and colorize provider status (linked/configured/needs setup).</li>
+<li>CLI onboarding: add provider primers (WhatsApp/Telegram/Discord/Signal) incl. Discord bot token setup steps.</li>
+<li>CLI onboarding: allow skipping the “install missing skill dependencies” selection without canceling the wizard.</li>
+<li>CLI onboarding: always prompt for WhatsApp <code>whatsapp.allowFrom</code> and print (optionally open) the Control UI URL when done.</li>
+<li>CLI onboarding: detect gateway reachability and annotate Local/Remote choices (helps pick the right mode).</li>
+<li>macOS settings: colorize provider status subtitles to distinguish healthy vs degraded states.</li>
+<li>macOS: keep config writes on the main actor to satisfy Swift concurrency rules.</li>
+<li>macOS menu: show multi-line gateway error details, add an always-visible gateway row, avoid duplicate gateway status rows, suppress transient <code>cancelled</code> device refresh errors, and auto-recover the control channel on disconnect.</li>
+<li>macOS menu: show session last-used timestamps in the list and add recent-message previews in session submenus.</li>
+<li>macOS menu: tighten session row padding and time out session preview loading with cached fallback.</li>
+<li>macOS: log health refresh failures and recovery to make gateway issues easier to diagnose.</li>
+<li>macOS codesign: skip hardened runtime for ad-hoc signing and avoid empty options args (#70) — thanks @petter-b</li>
+<li>macOS codesign: include camera entitlement so permission prompts work in the menu bar app.</li>
+<li>Agent tools: bash tool supports real TTY via <code>stdinMode: "pty"</code> with node-pty, warning + fallback on load/start failure.</li>
+<li>Agent tools: map <code>camera.snap</code> JPEG payloads to <code>image/jpeg</code> to avoid MIME mismatch errors.</li>
+<li>Tests: cover <code>camera.snap</code> MIME mapping to prevent image/png vs image/jpeg mismatches.</li>
+<li>macOS camera: wait for exposure/white balance to settle before capturing a snap to avoid dark images.</li>
+<li>Camera snap: add <code>delayMs</code> parameter (default 2000ms on macOS) to improve exposure reliability.</li>
+<li>Camera: add <code>camera.list</code> and optional <code>deviceId</code> selection for snaps/clips.</li>
+<li>Tests: cover camera device selection params in CLI + agent tools.</li>
+<li>macOS packaging: move rpath config into swift build for reliability (#69) — thanks @petter-b</li>
+<li>macOS: prioritize main bundle for device resources to prevent crash (#73) — thanks @petter-b</li>
+<li>macOS remote: route settings through gateway config and avoid local config reads in remote mode.</li>
+<li>Telegram: align token resolution for cron/agent/CLI sends (env/config/tokenFile) to prevent isolated delivery failures (#76).</li>
+<li>Telegram: honor per-group mention gating defaults/overrides via <code>telegram.groups</code> and <code>"*"</code> defaults (thanks @joshp123).</li>
+<li>Chat UI: clear composer input immediately and allow clear while editing to prevent duplicate sends (#72) — thanks @hrdwdmrbl</li>
+<li>Restart: use systemd on Linux (and report actual restart method) instead of always launchctl.</li>
+<li>Gateway relay: detect Bun binaries via execPath to resolve packaged assets on macOS.</li>
+<li>Cron: prevent <code>every</code> schedules without an anchor from firing in a tight loop (thanks @jamesgroat).</li>
+<li>Docs: add manual OAuth setup for remote/headless deployments (#67) — thanks @wstock</li>
+<li>Docs/agent tools: clarify that browser <code>wait</code> should be avoided by default and used only in exceptional cases.</li>
+<li>Docs: clarify self-chat mode and group mention gating config (#111) — thanks @rafaelreis-r.</li>
+<li>Browser tools: <code>upload</code> supports auto-click refs, direct <code>inputRef</code>/<code>element</code> file inputs, and emits input/change after <code>setFiles</code> so JS-heavy sites pick up attachments.</li>
+<li>Browser tools: harden CDP readiness (HTTP + WS), retry CDP connects, and auto-restart the clawd browser when the socket handshake stalls.</li>
+<li>Browser CLI: add <code>clawdis browser reset-profile</code> to move the clawd profile to Trash when it gets wedged.</li>
+<li>Signal: fix daemon startup race (wait for <code>/api/v1/check</code>) and normalize JSON-RPC <code>version</code> probe parsing.</li>
+<li>Docs/Signal: clarify bot-number vs personal-account setup (self-chat loop protection) and add a quickstart config snippet.</li>
+<li>Docs: refresh the CLI wizard guide and highlight onboarding in the README.</li>
+<li>CLI: tighten onboarding prompt typing to keep bun builds green.</li>
+<li>macOS: Voice Wake now fully tears down the Speech pipeline when disabled (cancel pending restarts, drop stale callbacks) to avoid high CPU in the background.</li>
+<li>macOS menu: add a Talk Mode action alongside the Open Dashboard/Chat/Canvas entries.</li>
+<li>macOS Debug: hide “Restart Gateway” when the app won’t start a local gateway (remote mode / attach-only).</li>
+<li>macOS Debug: add an icon for the App Logging submenu.</li>
+<li>macOS Talk Mode: orb overlay refresh, ElevenLabs request logging, API key status in settings, and auto-select first voice when none is configured.</li>
+<li>macOS Talk Mode: add hard timeout around ElevenLabs TTS synthesis to avoid getting stuck “speaking” forever on hung requests.</li>
+<li>macOS Talk Mode: avoid stuck playback when the audio player never starts (fail-fast + watchdog).</li>
+<li>macOS Talk Mode: fix audio stop ordering so disabling Talk Mode always stops in-flight playback.</li>
+<li>macOS Talk Mode: throttle audio-level updates (avoid per-buffer task creation) to reduce CPU/task churn.</li>
+<li>macOS Talk Mode: increase overlay window size so wave rings don’t clip; close button is hover-only and closer to the orb.</li>
+<li>WebChat: preserve chat run ordering per session so concurrent runs don’t strand the typing indicator.</li>
+<li>Talk Mode: fall back to system TTS when ElevenLabs is unavailable, returns non-audio, or playback fails (macOS/iOS/Android).</li>
+<li>Talk Mode: stream PCM on macOS/iOS for lower latency (incremental playback); Android continues MP3 streaming.</li>
+<li>Talk Mode: validate ElevenLabs v3 stability and latency tier directives before sending requests.</li>
+<li>iOS/Android Talk Mode: auto-select the first ElevenLabs voice when none is configured.</li>
+<li>ElevenLabs: add retry/backoff for 429/5xx and include content-type in errors for debugging.</li>
+<li>Talk Mode: align to the gateway’s main session key and fall back to history polling when chat events drop (prevents stuck “thinking” / missing messages).</li>
+<li>Talk Mode: treat history timestamps as seconds or milliseconds to avoid stale assistant picks (macOS/iOS/Android).</li>
+<li>Chat UI: clear streaming/tool bubbles when external runs finish, preventing duplicate assistant bubbles.</li>
+<li>Chat UI: user bubbles use <code>ui.seamColor</code> (fallback to a calmer default blue).</li>
+<li>Android Chat UI: use <code>onPrimary</code> for user bubble text to preserve contrast (thanks @Syhids).</li>
+<li>Control UI: sync sidebar navigation with the URL for deep-linking, and auto-scroll chat to the latest message.</li>
+<li>Control UI: disable Web Chat + Talk when no iOS/Android node is connected; refreshed Web Chat styling and keyboard send.</li>
+<li>Control UI: keep chat pinned to the latest message while typing/sending and restore drafts on send failures.</li>
+<li>Control UI: soften chat bubble text opacity for calmer readability.</li>
+<li>macOS Web Chat: improve empty/error states, focus message field on open, keep pill/send inside the input field, and make the composer pill edge-to-edge with square top corners.</li>
+<li>macOS: bundle Control UI assets into the app relay so the packaged app can serve them (thanks @mbelinky).</li>
+<li>Talk Mode: wait for chat history to surface the assistant reply before starting TTS (macOS/iOS/Android).</li>
+<li>iOS Talk Mode: fix chat completion wait to time out even if no events arrive (prevents “Thinking…” hangs).</li>
+<li>iOS Talk Mode: keep recognition running during playback to support interrupt-on-speech.</li>
+<li>iOS Talk Mode: preserve directive voice/model overrides across config reloads and add ElevenLabs request timeouts.</li>
+<li>iOS/Android Talk Mode: explicitly <code>chat.subscribe</code> when Talk Mode is active, so completion events arrive even if the Chat UI isn’t open.</li>
+<li>Chat UI: refresh history when another client finishes a run in the same session, so Talk Mode + Voice Wake transcripts appear consistently.</li>
+<li>Gateway: <code>voice.transcript</code> now also maps agent bus output to <code>chat</code> events, ensuring chat UIs refresh for voice-triggered runs.</li>
+<li>Gateway: auto-migrate legacy config on startup (non-Nix); Nix mode hard-fails with a clear error when legacy keys are present.</li>
+<li>iOS/Android: show a centered Talk Mode orb overlay while Talk Mode is enabled.</li>
+<li>Gateway config: inject <code>talk.apiKey</code> from <code>ELEVENLABS_API_KEY</code>/shell profile so nodes can fetch it on demand.</li>
+<li>Canvas A2UI: tag requests with <code>platform=android|ios|macos</code> and boost Android canvas background contrast.</li>
+<li>iOS/Android nodes: enable scrolling for loaded web pages in the Canvas WebView (default scaffold stays touch-first).</li>
+<li>macOS menu: device list now uses <code>node.list</code> (devices only; no agent/tool presence entries).</li>
+<li>macOS menu: device list now shows connected nodes only.</li>
+<li>macOS menu: device rows now pack platform/version on the first line, and command lists wrap in submenus.</li>
+<li>macOS menu: split device platform/version across first and second rows for better fit.</li>
+<li>macOS Canvas: show remote control status in the debug overlay and log A2UI auto-nav decisions.</li>
+<li>Canvas A2UI: polish the debug status HUD styling.</li>
+<li>iOS node: fix ReplayKit screen recording crash caused by queue isolation assertions during capture.</li>
+<li>iOS Talk Mode: avoid audio tap queue assertions when starting recognition.</li>
+<li>macOS: use $HOME/Library/pnpm for SSH PATH exports (thanks @mbelinky).</li>
+<li>macOS remote: harden SSH tunnel recovery/logging, honor <code>gateway.remote.url</code> port when forwarding, clarify gateway disconnect status, and add Debug menu tunnel reset.</li>
+<li>iOS/Android nodes: bridge auto-connect refreshes stale tokens and settings now show richer bridge/device details.</li>
+<li>macOS: bundle device model resources to prevent Instances crashes (thanks @mbelinky).</li>
+<li>iOS/Android nodes: status pill now surfaces camera activity instead of overlay toasts.</li>
+<li>iOS/Android/macOS nodes: camera snaps recompress to keep base64 payloads under 5 MB.</li>
+<li>iOS/Android nodes: status pill now surfaces pairing, screen recording, voice wake, and foreground-required states.</li>
+<li>iOS/Android nodes: avoid duplicating “Gateway reconnecting…” when the bridge is already connecting.</li>
+<li>iOS/Android nodes: Talk Mode now lives on a side bubble (with an iOS toggle to hide it), and Android settings no longer show the Talk Mode switch.</li>
+<li>macOS menu: top status line now shows pending node pairing approvals (incl. repairs).</li>
+<li>CLI: avoid spurious gateway close errors after successful request/response cycles.</li>
+<li>Agent runtime: clamp tool-result images to the 5MB Anthropic limit to avoid hard request rejections.</li>
+<li>Agent runtime: write v2 session headers so Pi session branching stays in the Clawdis sessions dir.</li>
+<li>Tests: add Swift Testing coverage for camera errors and Kotest coverage for Android bridge endpoints.</li>
 </ul>
-<p><a href="https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md">View full changelog</a></p>
+<p><a href="https://github.com/steipete/clawdis/blob/main/CHANGELOG.md">View full changelog</a></p>
 ]]></description>
-            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.15/Clawdbot-2026.1.15.zip" length="12127276" type="application/octet-stream" sparkle:edSignature="o79vwTbtW/d91NQFRVfUDhsv6D4zIw7IkhY0N1iLImMu94BURgLcecA6z7Smy3bMobPwOyzN8yfm6mA/Rt8FCA=="/>
-        </item>
-        <item>
-            <title>2026.1.14-1</title>
-            <pubDate>Thu, 15 Jan 2026 11:14:40 +0000</pubDate>
-            <link>https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml</link>
-            <sparkle:version>5825</sparkle:version>
-            <sparkle:shortVersionString>2026.1.14-1</sparkle:shortVersionString>
-            <sparkle:minimumSystemVersion>15.0</sparkle:minimumSystemVersion>
-            <description><![CDATA[<h2>Clawdbot 2026.1.14-1</h2>
-<h3>Highlights</h3>
-<ul>
-<li>Web search: <code>web_search</code>/<code>web_fetch</code> tools (Brave API) + first-time setup in onboarding/configure.</li>
-<li>Browser control: Chrome extension relay takeover mode + remote browser control via <code>clawdbot browser serve</code>.</li>
-<li>Plugins: channel plugins (gateway HTTP hooks) + Zalo plugin + onboarding install flow. (#854) — thanks @longmaba.</li>
-<li>Security: expanded <code>clawdbot security audit</code> (+ <code>--fix</code>), detect-secrets CI scan, and a <code>SECURITY.md</code> reporting policy.</li>
-</ul>
-<h3>Changes</h3>
-<h4>Web Tools</h4>
-<ul>
-<li>Tools: add <code>web_search</code>/<code>web_fetch</code> (Brave API), including helpful setup hints when the key is missing.</li>
-<li>Tools: enable <code>web_fetch</code> by default (unless explicitly disabled in config).</li>
-<li>CLI/Docs: add <code>clawdbot configure --section web</code> for storing Brave API keys and update onboarding tips.</li>
-</ul>
-<h4>Browser / Control UI</h4>
-<ul>
-<li>Browser: add Chrome extension relay takeover mode (toolbar button) + <code>clawdbot browser serve</code> remote control + <code>browser.controlToken</code>.</li>
-<li>Browser: ship a built-in <code>chrome</code> profile for extension relay and start the relay automatically when running locally.</li>
-<li>Browser: default <code>browser.defaultProfile</code> to <code>chrome</code> (existing Chrome takeover mode).</li>
-<li>Browser: add <code>clawdbot browser extension install/path</code> and copy extension path to clipboard.</li>
-<li>Browser: add <code>snapshot refs=aria</code> (Playwright aria-ref ids) for self-resolving refs across <code>snapshot</code> → <code>act</code>.</li>
-<li>Browser: <code>profile="chrome"</code> now defaults to host control and returns clearer “attach a tab” errors.</li>
-<li>Browser: extension mode recovers when only one tab is attached (stale targetId fallback).</li>
-<li>Control UI: show raw any-map entries in config views; move Docs link into the left nav.</li>
-</ul>
-<h4>Plugins</h4>
-<ul>
-<li>Plugins: add plugin HTTP hooks + loader updates to support channel plugins. (#854) — thanks @longmaba.</li>
-<li>Plugins: add onboarding plugin install flow. (#854) — thanks @longmaba.</li>
-<li>Channels: add Matrix plugin (external) with docs + onboarding hooks.</li>
-<li>Voice Call: add Plivo provider (no SDK dependency). (#846) — thanks @vrknetha.</li>
-</ul>
-<h4>Security</h4>
-<ul>
-<li>Security: expand <code>clawdbot security audit</code> checks and publish a <code>SECURITY.md</code> reporting policy.</li>
-<li>Security: extend <code>clawdbot security audit --fix</code> to tighten more sensitive state paths.</li>
-<li>Security: add detect-secrets CI scan and baseline guidance. (#227) — thanks @Hyaxia.</li>
-</ul>
-<h4>Onboarding / Daemon</h4>
-<ul>
-<li>Onboarding: add a security checkpoint prompt (docs link + sandboxing hint); require <code>--accept-risk</code> for <code>--non-interactive</code>.</li>
-<li>Daemon: support profile-aware service names for multi-gateway setups. (#671) — thanks @bjesuiter.</li>
-</ul>
-<h4>Auth / Usage / Config</h4>
-<ul>
-<li>Usage: add MiniMax coding plan usage tracking.</li>
-<li>Auth: label Claude Code CLI auth options. (#915) — thanks @SeanZoR.</li>
-<li>Agents: add optional auth-profile copy prompt on <code>agents add</code> and improve auth error messaging.</li>
-<li>Auth: add dynamic template variables to <code>messages.responsePrefix</code>. (#928) — thanks @sebslight.</li>
-<li>Config: add <code>channels.<provider>.configWrites</code> gating for channel-initiated config writes; migrate Slack channel IDs.</li>
-</ul>
-<h4>Channels</h4>
-<ul>
-<li>Telegram: add message delete action in the message tool. (#903) — thanks @sleontenko.</li>
-<li>WhatsApp: add <code>channels.whatsapp.sendReadReceipts</code> to disable auto read receipts. (#882) — thanks @chrisrodz.</li>
-</ul>
-<h4>Docs</h4>
-<ul>
-<li>Docs: clarify per-agent auth stores, sandboxed skill binaries, and elevated semantics.</li>
-<li>Docs: add FAQ entries for missing provider auth after adding agents and Gemini thinking signature errors.</li>
-<li>Docs: expand gateway security hardening guidance and incident response checklist.</li>
-<li>Docs: document DM history limits for channel DMs. (#883) — thanks @pkrmf.</li>
-<li>Docs: standardize Claude Code CLI naming across docs and prompts. (follow-up to #915)</li>
-<li>Docs: add per-command CLI doc pages and link them from <code>clawdbot <command> --help</code>.</li>
-<li>Docs: add multi-gateway guide (sidebar + nav).</li>
-</ul>
-<h3>Fixes</h3>
-<h4>Gateway / Daemon / Sessions</h4>
-<ul>
-<li>Gateway: forward termination signals to respawned CLI child processes to avoid orphaned systemd runs. (#933) — thanks @roshanasingh4.</li>
-<li>Gateway/UI: ship session defaults in the hello snapshot so the Control UI canonicalizes main session keys (no bare <code>main</code> alias).</li>
-<li>Agents: skip thinking/final tag stripping inside Markdown code spans. (#939) — thanks @ngutman.</li>
-<li>Browser: add tests for snapshot labels/efficient query params and labeled image responses.</li>
-<li>Browser: persist role snapshot refs per CDP target so <code>snapshot</code> → <code>act</code> clicks work even if Playwright returns a different Page instance.</li>
-<li>macOS: ensure launchd log directory exists with a test-only override. (#909) — thanks @roshanasingh4.</li>
-<li>macOS: format ConnectionsStore config to satisfy SwiftFormat lint. (#852) — thanks @mneves75.</li>
-<li>Packaging: run <code>pnpm build</code> on <code>prepack</code> so npm publishes include fresh <code>dist/</code> output.</li>
-<li>Telegram: register dock native commands with underscores to avoid <code>BOT_COMMAND_INVALID</code> (#929, fixes #901) — thanks @grp06.</li>
-<li>Google: downgrade unsigned thinking blocks before send to avoid missing signature errors.</li>
-<li>Agents: make user time zone and 24-hour time explicit in the system prompt. (#859) — thanks @CashWilliams.</li>
-<li>Agents: strip downgraded tool call text without eating adjacent replies and filter thinking-tag leaks. (#905) — thanks @erikpr1994.</li>
-<li>Agents: cap tool call IDs for OpenAI/OpenRouter to avoid request rejections. (#875) — thanks @j1philli.</li>
-<li>Doctor: avoid re-adding WhatsApp config when only legacy ack reactions are set. (#927, fixes #900) — thanks @grp06.</li>
-<li>Agents: scrub tuple <code>items</code> schemas for Gemini tool calls. (#926, fixes #746) — thanks @grp06.</li>
-<li>Agents: stabilize sub-agent announce status from runtime outcomes and normalize Result/Notes. (#835) — thanks @roshanasingh4.</li>
-<li>Apps: use canonical main session keys from gateway defaults across macOS/iOS/Android to avoid creating bare <code>main</code> sessions.</li>
-<li>Embedded runner: suppress raw API error payloads from replies. (#924) — thanks @grp06.</li>
-<li>Auth: normalize Claude Code CLI profile mode to oauth and auto-migrate config. (#855) — thanks @sebslight.</li>
-<li>Daemon: clear persisted launchd disabled state before bootstrap (fixes <code>daemon install</code> after uninstall). (#849) — thanks @ndraiman.</li>
-<li>Sessions: return deep clones (<code>structuredClone</code>) so cached session entries can't be mutated. (#934) — thanks @ronak-guliani.</li>
-<li>Heartbeat: keep <code>updatedAt</code> monotonic when restoring heartbeat sessions. (#934) — thanks @ronak-guliani.</li>
-<li>Agent: clear run context after CLI runs (<code>clearAgentRunContext</code>) to avoid runaway contexts. (#934) — thanks @ronak-guliani.</li>
-<li>Gateway/Dev: ensure <code>pnpm gateway:dev</code> always uses the dev profile config + state (<code>~/.clawdbot-dev</code>).</li>
-</ul>
-<h4>CLI / Onboarding</h4>
-<ul>
-<li>Onboarding: show web search setup at the end (not the beginning).</li>
-<li>Onboarding: show daemon install/restart progress (avoid “blinking cursor”) and fix daemon install output formatting.</li>
-<li>Health: colorize “not configured” provider lines for easier scanning.</li>
-</ul>
-<h4>Control UI / TUI</h4>
-<ul>
-<li>Control UI: load cron run history on job selection and clarify empty-state messaging. (#866)</li>
-<li>UI: use application-defined WebSocket close code and fix dashboard auth query items. (#918) — thanks @rahthakor.</li>
-<li>UI: always apply <code>?token=</code> from URL (fixes unauthorized after re-onboard).</li>
-<li>Browser: add tests for snapshot labels/efficient query params and labeled image responses.</li>
-<li>TUI: render picker overlays via the overlay stack so /models and /settings display. (#921) — thanks @grizzdank.</li>
-<li>TUI: add a bright spinner + elapsed time in the status line for send/stream/run states.</li>
-<li>TUI: show LLM error messages (rate limits, auth, etc.) instead of <code>(no output)</code>.</li>
-</ul>
-<h4>Agents / Auth / Tools / Sandbox</h4>
-<ul>
-<li>Agents: make user time zone and 24-hour time explicit in the system prompt. (#859) — thanks @CashWilliams.</li>
-<li>Agents: strip downgraded tool call text without eating adjacent replies and filter thinking-tag leaks. (#905) — thanks @erikpr1994.</li>
-<li>Agents: cap tool call IDs for OpenAI/OpenRouter to avoid request rejections. (#875) — thanks @j1philli.</li>
-<li>Agents: scrub tuple <code>items</code> schemas for Gemini tool calls. (#926, fixes #746) — thanks @grp06.</li>
-<li>Agents: stabilize sub-agent announce status from runtime outcomes and normalize Result/Notes. (#835) — thanks @roshanasingh4.</li>
-<li>Auth: normalize Claude Code CLI profile mode to oauth and auto-migrate config. (#855) — thanks @sebslight.</li>
-<li>Embedded runner: suppress raw API error payloads from replies. (#924) — thanks @grp06.</li>
-<li>Logging: tolerate <code>EIO</code> from console writes to avoid gateway crashes. (#925, fixes #878) — thanks @grp06.</li>
-<li>Sandbox: restore <code>docker.binds</code> config validation and preserve configured PATH for <code>docker exec</code>. (#873) — thanks @akonyer.</li>
-<li>Google: downgrade unsigned thinking blocks before send to avoid missing signature errors.</li>
-</ul>
-<h4>macOS / Apps</h4>
-<ul>
-<li>macOS: ensure launchd log directory exists with a test-only override. (#909) — thanks @roshanasingh4.</li>
-<li>macOS: format ConnectionsStore config to satisfy SwiftFormat lint. (#852) — thanks @mneves75.</li>
-<li>macOS: pass auth token/password to dashboard URL for authenticated access. (#918) — thanks @rahthakor.</li>
-<li>macOS: reuse launchd gateway auth and skip wizard when gateway config already exists. (#917)</li>
-<li>Apps: use canonical main session keys from gateway defaults across macOS/iOS/Android to avoid creating bare <code>main</code> sessions.</li>
-<li>macOS: fix cron preview/testing payload to use <code>channel</code> key. (#867) — thanks @wes-davis.</li>
-<li>macOS: update cron testing channel arg. (#896) — thanks @ngutman.</li>
-</ul>
-<h4>Channels / Messaging</h4>
-<ul>
-<li>Slack: isolate thread history and avoid inheriting channel transcripts for new threads by default. (#758)</li>
-<li>Slack: respect <code>channels.slack.requireMention</code> default when resolving channel mention gating. (#850) — thanks @evalexpr.</li>
-<li>Slack: drop Socket Mode events with mismatched <code>api_app_id</code>/<code>team_id</code>. (#889) — thanks @roshanasingh4.</li>
-<li>Commands: add native command argument menus across Discord/Slack/Telegram. (#936) — thanks @thewilloftheshadow.</li>
-<li>Discord: isolate autoThread thread context. (#856) — thanks @davidguttman.</li>
-<li>Telegram: honor <code>channels.telegram.timeoutSeconds</code> for grammY API requests. (#863) — thanks @Snaver.</li>
-<li>Telegram: aggregate split inbound messages into one prompt (reduces “one reply per fragment”).</li>
-<li>Telegram: let control commands bypass per-chat sequentialization; always allow abort triggers.</li>
-<li>Telegram: split long captions into media + follow-up text messages. (#907) — thanks @jalehman.</li>
-<li>Telegram: migrate group config when supergroups change chat IDs. (#906) — thanks @sleontenko.</li>
-<li>Telegram: register dock native commands with underscores to avoid <code>BOT_COMMAND_INVALID</code> (#929, fixes #901) — thanks @grp06.</li>
-<li>Messaging: unify markdown formatting + format-first chunking for Slack/Telegram/Signal. (#920) — thanks @TheSethRose.</li>
-<li>iMessage: prefer handle routing for direct-message replies; include imsg RPC error details. (#935)</li>
-<li>WhatsApp: fix context isolation using wrong ID (was bot's number, now conversation ID). (#911) — thanks @tristanmanchester.</li>
-<li>WhatsApp: normalize user JIDs with device suffix for allowlist checks in groups. (#838) — thanks @peschee.</li>
-<li>WhatsApp: harden owner command auth.</li>
-<li>Auto-reply: treat trailing <code>NO_REPLY</code> tokens as silent replies.</li>
-</ul>
-<h4>Config / Doctor / Packaging</h4>
-<ul>
-<li>Config: prevent partial config writes from clobbering unrelated settings (base hash guard + merge patch for connection saves).</li>
-<li>Config/Doctor: remove legacy Clawdis env fallbacks and config/service migrations (Clawdbot-only).</li>
-<li>Doctor: avoid re-adding WhatsApp config when only legacy ack reactions are set. (#927, fixes #900) — thanks @grp06.</li>
-<li>Packaging: run <code>pnpm build</code> on <code>prepack</code> so npm publishes include fresh <code>dist/</code> output.</li>
-</ul>
-<p><a href="https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md">View full changelog</a></p>
-]]></description>
-            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.14-1/Clawdbot-2026.1.14-1.zip" length="19887144" type="application/octet-stream" sparkle:edSignature="1irKxBLt2eRtns34m/8JsjL/ZzhZQNjahwrxtArTvzaCnidS/MEnpD4nV2SHnhuo8g+fJZQpV9NoCAoEOAinCw=="/>
+            <enclosure url="https://github.com/steipete/clawdis/releases/download/v2.0.0-beta5/Clawdis-2.0.0-beta5.zip" length="145432870" type="application/octet-stream" sparkle:edSignature="qKPcmSx2pAaIYz9NqFp0TY63KrcDlpctUHnNpRs6Q60qQqBWtQycLIhhvhxmGnHupaiEXJfspb/Ad9RgODIzAw=="/>
         </item>
     </channel>
 </rss>

apps/android/README.md

@@ -1,6 +1,6 @@
-## Clawdbot Node (Android) (internal)
+## Clawdis Node (Android) (internal)
 
-Modern Android node app: connects to the **Gateway-owned bridge** (`_clawdbot-bridge._tcp`) over TCP and exposes **Canvas + Chat + Camera**.
+Modern Android node app: connects to the **Gateway-owned bridge** (`_clawdis-bridge._tcp`) over TCP and exposes **Canvas + Chat + Camera**.
 
 Notes:
 - The node keeps the connection alive via a **foreground service** (persistent notification with a Disconnect action).
@@ -25,7 +25,7 @@ cd apps/android
 
 1) Start the gateway (on your “master” machine):
 ```bash
-pnpm clawdbot gateway --port 18789 --verbose
+pnpm clawdis gateway --port 18789 --verbose
 ```
 
 2) In the Android app:
@@ -34,8 +34,8 @@ pnpm clawdbot gateway --port 18789 --verbose
 
 3) Approve pairing (on the gateway machine):
 ```bash
-clawdbot nodes pending
-clawdbot nodes approve <requestId>
+clawdis nodes pending
+clawdis nodes approve <requestId>
 ```
 
 More details: `docs/android/connect.md`.

apps/android/app/build.gradle.kts

@@ -1,5 +1,3 @@
-import com.android.build.api.variant.impl.VariantOutputImpl
-
 plugins {
   id("com.android.application")
   id("org.jetbrains.kotlin.android")
@@ -8,21 +6,21 @@ plugins {
 }
 
 android {
-  namespace = "com.clawdbot.android"
+  namespace = "com.clawdis.android"
   compileSdk = 36
 
   sourceSets {
     getByName("main") {
-      assets.srcDir(file("../../shared/ClawdbotKit/Sources/ClawdbotKit/Resources"))
+      assets.srcDir(file("../../shared/ClawdisKit/Sources/ClawdisKit/Resources"))
     }
   }
 
   defaultConfig {
-    applicationId = "com.clawdbot.android"
+    applicationId = "com.clawdis.android"
     minSdk = 31
     targetSdk = 36
-    versionCode = 202601114
-    versionName = "2026.1.11-4"
+    versionCode = 1
+    versionName = "2.0.0-beta3"
   }
 
   buildTypes {
@@ -49,31 +47,12 @@ android {
 
   lint {
     disable += setOf("IconLauncherShape")
-    warningsAsErrors = true
-  }
-
-  testOptions {
-    unitTests.isIncludeAndroidResources = true
   }
 }
 
-androidComponents {
-  onVariants { variant ->
-    variant.outputs
-      .filterIsInstance<VariantOutputImpl>()
-      .forEach { output ->
-        val versionName = output.versionName.orNull ?: "0"
-        val buildType = variant.buildType
-
-        val outputFileName = "clawdbot-${versionName}-${buildType}.apk"
-        output.outputFileName = outputFileName
-      }
-  }
-}
 kotlin {
   compilerOptions {
     jvmTarget.set(org.jetbrains.kotlin.gradle.dsl.JvmTarget.JVM_17)
-    allWarningsAsErrors.set(true)
   }
 }
 
@@ -85,7 +64,7 @@ dependencies {
   implementation("androidx.core:core-ktx:1.17.0")
   implementation("androidx.lifecycle:lifecycle-runtime-ktx:2.10.0")
   implementation("androidx.activity:activity-compose:1.12.2")
-  implementation("androidx.webkit:webkit:1.15.0")
+  implementation("androidx.webkit:webkit:1.14.0")
 
   implementation("androidx.compose.ui:ui")
   implementation("androidx.compose.ui:ui-tooling-preview")
@@ -102,7 +81,6 @@ dependencies {
   implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.9.0")
 
   implementation("androidx.security:security-crypto:1.1.0")
-  implementation("androidx.exifinterface:exifinterface:1.4.2")
 
   // CameraX (for node.invoke camera.* parity)
   implementation("androidx.camera:camera-core:1.5.2")
@@ -118,8 +96,7 @@ dependencies {
   testImplementation("org.jetbrains.kotlinx:kotlinx-coroutines-test:1.10.2")
   testImplementation("io.kotest:kotest-runner-junit5-jvm:6.0.7")
   testImplementation("io.kotest:kotest-assertions-core-jvm:6.0.7")
-  testImplementation("org.robolectric:robolectric:4.16")
-  testRuntimeOnly("org.junit.vintage:junit-vintage-engine:6.0.2")
+  testRuntimeOnly("org.junit.vintage:junit-vintage-engine:5.13.3")
 }
 
 tasks.withType<Test>().configureEach {

apps/android/app/src/main/AndroidManifest.xml

@@ -32,7 +32,7 @@
         android:label="@string/app_name"
         android:supportsRtl="true"
         android:networkSecurityConfig="@xml/network_security_config"
-        android:theme="@style/Theme.ClawdbotNode">
+        android:theme="@style/Theme.ClawdisNode">
         <service
             android:name=".NodeForegroundService"
             android:exported="false"

apps/android/app/src/main/assets/tool-display.json

@@ -12,7 +12,7 @@
       "element",
       "node",
       "nodeId",
-      "id",
+      "jobId",
       "requestId",
       "to",
       "channelId",
@@ -136,10 +136,10 @@
           "label": "add",
           "detailKeys": ["job.name", "job.id", "job.schedule", "job.cron"]
         },
-        "update": { "label": "update", "detailKeys": ["id"] },
-        "remove": { "label": "remove", "detailKeys": ["id"] },
-        "run": { "label": "run", "detailKeys": ["id"] },
-        "runs": { "label": "runs", "detailKeys": ["id"] },
+        "update": { "label": "update", "detailKeys": ["jobId"] },
+        "remove": { "label": "remove", "detailKeys": ["jobId"] },
+        "run": { "label": "run", "detailKeys": ["jobId"] },
+        "runs": { "label": "runs", "detailKeys": ["jobId"] },
         "wake": { "label": "wake", "detailKeys": ["text", "mode"] }
       }
     },

apps/android/app/src/main/java/com/clawdbot/android/NodeApp.kt

@@ -1,26 +0,0 @@
-package com.clawdbot.android
-
-import android.app.Application
-import android.os.StrictMode
-
-class NodeApp : Application() {
-  val runtime: NodeRuntime by lazy { NodeRuntime(this) }
-
-  override fun onCreate() {
-    super.onCreate()
-    if (BuildConfig.DEBUG) {
-      StrictMode.setThreadPolicy(
-        StrictMode.ThreadPolicy.Builder()
-          .detectAll()
-          .penaltyLog()
-          .build(),
-      )
-      StrictMode.setVmPolicy(
-        StrictMode.VmPolicy.Builder()
-          .detectAll()
-          .penaltyLog()
-          .build(),
-      )
-    }
-  }
-}

apps/android/app/src/main/java/com/clawdbot/android/SessionKey.kt

@@ -1,13 +0,0 @@
-package com.clawdbot.android
-
-internal fun normalizeMainKey(raw: String?): String {
-  val trimmed = raw?.trim()
-  return if (!trimmed.isNullOrEmpty()) trimmed else "main"
-}
-
-internal fun isCanonicalMainSessionKey(raw: String?): Boolean {
-  val trimmed = raw?.trim().orEmpty()
-  if (trimmed.isEmpty()) return false
-  if (trimmed == "global") return true
-  return trimmed.startsWith("agent:")
-}

apps/android/app/src/main/java/com/clawdbot/android/bridge/BridgePairingClient.kt

@@ -1,158 +0,0 @@
-package com.clawdbot.android.bridge
-
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.withContext
-import kotlinx.serialization.json.Json
-import kotlinx.serialization.json.JsonArray
-import kotlinx.serialization.json.JsonObject
-import kotlinx.serialization.json.JsonPrimitive
-import kotlinx.serialization.json.JsonNull
-import kotlinx.serialization.json.JsonElement
-import kotlinx.serialization.json.buildJsonObject
-import java.io.BufferedReader
-import java.io.BufferedWriter
-import java.io.InputStreamReader
-import java.io.OutputStreamWriter
-import java.net.InetSocketAddress
-
-class BridgePairingClient {
-  private val json = Json { ignoreUnknownKeys = true }
-
-  data class Hello(
-    val nodeId: String,
-    val displayName: String?,
-    val token: String?,
-    val platform: String?,
-    val version: String?,
-    val deviceFamily: String?,
-    val modelIdentifier: String?,
-    val caps: List<String>?,
-    val commands: List<String>?,
-  )
-
-  data class PairResult(val ok: Boolean, val token: String?, val error: String? = null)
-
-  suspend fun pairAndHello(
-    endpoint: BridgeEndpoint,
-    hello: Hello,
-    tls: BridgeTlsParams? = null,
-    onTlsFingerprint: ((String) -> Unit)? = null,
-  ): PairResult =
-    withContext(Dispatchers.IO) {
-      if (tls != null) {
-        try {
-          return@withContext pairAndHelloWithTls(endpoint, hello, tls, onTlsFingerprint)
-        } catch (e: Exception) {
-          if (tls.required) throw e
-        }
-      }
-      pairAndHelloWithTls(endpoint, hello, null, null)
-    }
-
-  private fun pairAndHelloWithTls(
-    endpoint: BridgeEndpoint,
-    hello: Hello,
-    tls: BridgeTlsParams?,
-    onTlsFingerprint: ((String) -> Unit)?,
-  ): PairResult {
-    val socket =
-      createBridgeSocket(tls) { fingerprint ->
-        onTlsFingerprint?.invoke(fingerprint)
-      }
-    socket.tcpNoDelay = true
-    try {
-      socket.connect(InetSocketAddress(endpoint.host, endpoint.port), 8_000)
-      socket.soTimeout = 60_000
-      startTlsHandshakeIfNeeded(socket)
-
-      val reader = BufferedReader(InputStreamReader(socket.getInputStream(), Charsets.UTF_8))
-      val writer = BufferedWriter(OutputStreamWriter(socket.getOutputStream(), Charsets.UTF_8))
-
-      fun send(line: String) {
-        writer.write(line)
-        writer.write("\n")
-        writer.flush()
-      }
-
-      fun sendJson(obj: JsonObject) = send(obj.toString())
-
-      sendJson(
-        buildJsonObject {
-          put("type", JsonPrimitive("hello"))
-          put("nodeId", JsonPrimitive(hello.nodeId))
-          hello.displayName?.let { put("displayName", JsonPrimitive(it)) }
-          hello.token?.let { put("token", JsonPrimitive(it)) }
-          hello.platform?.let { put("platform", JsonPrimitive(it)) }
-          hello.version?.let { put("version", JsonPrimitive(it)) }
-          hello.deviceFamily?.let { put("deviceFamily", JsonPrimitive(it)) }
-          hello.modelIdentifier?.let { put("modelIdentifier", JsonPrimitive(it)) }
-          hello.caps?.let { put("caps", JsonArray(it.map(::JsonPrimitive))) }
-          hello.commands?.let { put("commands", JsonArray(it.map(::JsonPrimitive))) }
-        },
-      )
-
-      val firstObj = json.parseToJsonElement(reader.readLine()).asObjectOrNull()
-        ?: return PairResult(ok = false, token = null, error = "unexpected bridge response")
-      return when (firstObj["type"].asStringOrNull()) {
-        "hello-ok" -> PairResult(ok = true, token = hello.token)
-        "error" -> {
-          val code = firstObj["code"].asStringOrNull() ?: "UNAVAILABLE"
-          val message = firstObj["message"].asStringOrNull() ?: "pairing required"
-          if (code != "NOT_PAIRED" && code != "UNAUTHORIZED") {
-            return PairResult(ok = false, token = null, error = "$code: $message")
-          }
-
-          sendJson(
-            buildJsonObject {
-              put("type", JsonPrimitive("pair-request"))
-              put("nodeId", JsonPrimitive(hello.nodeId))
-              hello.displayName?.let { put("displayName", JsonPrimitive(it)) }
-              hello.platform?.let { put("platform", JsonPrimitive(it)) }
-              hello.version?.let { put("version", JsonPrimitive(it)) }
-              hello.deviceFamily?.let { put("deviceFamily", JsonPrimitive(it)) }
-              hello.modelIdentifier?.let { put("modelIdentifier", JsonPrimitive(it)) }
-              hello.caps?.let { put("caps", JsonArray(it.map(::JsonPrimitive))) }
-              hello.commands?.let { put("commands", JsonArray(it.map(::JsonPrimitive))) }
-            },
-          )
-
-          while (true) {
-            val nextLine = reader.readLine() ?: break
-            val next = json.parseToJsonElement(nextLine).asObjectOrNull() ?: continue
-            when (next["type"].asStringOrNull()) {
-              "pair-ok" -> {
-                val token = next["token"].asStringOrNull()
-                return PairResult(ok = !token.isNullOrBlank(), token = token)
-              }
-              "error" -> {
-                val c = next["code"].asStringOrNull() ?: "UNAVAILABLE"
-                val m = next["message"].asStringOrNull() ?: "pairing failed"
-                return PairResult(ok = false, token = null, error = "$c: $m")
-              }
-            }
-          }
-          PairResult(ok = false, token = null, error = "pairing failed")
-        }
-        else -> PairResult(ok = false, token = null, error = "unexpected bridge response")
-      }
-    } catch (e: Exception) {
-      val message = e.message?.trim().orEmpty().ifEmpty { "gateway unreachable" }
-      return PairResult(ok = false, token = null, error = message)
-    } finally {
-      try {
-        socket.close()
-      } catch (_: Throwable) {
-        // ignore
-      }
-    }
-  }
-}
-
-private fun JsonElement?.asObjectOrNull(): JsonObject? = this as? JsonObject
-
-private fun JsonElement?.asStringOrNull(): String? =
-  when (this) {
-    is JsonNull -> null
-    is JsonPrimitive -> content
-    else -> null
-  }

apps/android/app/src/main/java/com/clawdbot/android/bridge/BridgeTls.kt

@@ -1,81 +0,0 @@
-package com.clawdbot.android.bridge
-
-import android.annotation.SuppressLint
-import java.net.Socket
-import java.security.MessageDigest
-import java.security.SecureRandom
-import java.security.cert.CertificateException
-import java.security.cert.X509Certificate
-import javax.net.ssl.SSLContext
-import javax.net.ssl.SSLSocket
-import javax.net.ssl.TrustManagerFactory
-import javax.net.ssl.X509TrustManager
-
-data class BridgeTlsParams(
-  val required: Boolean,
-  val expectedFingerprint: String?,
-  val allowTOFU: Boolean,
-  val stableId: String,
-)
-
-fun createBridgeSocket(params: BridgeTlsParams?, onStore: ((String) -> Unit)? = null): Socket {
-  if (params == null) return Socket()
-  val expected = params.expectedFingerprint?.let(::normalizeFingerprint)
-  val defaultTrust = defaultTrustManager()
-  @SuppressLint("CustomX509TrustManager")
-  val trustManager =
-    object : X509TrustManager {
-      override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) {
-        defaultTrust.checkClientTrusted(chain, authType)
-      }
-
-      override fun checkServerTrusted(chain: Array<X509Certificate>, authType: String) {
-        if (chain.isEmpty()) throw CertificateException("empty certificate chain")
-        val fingerprint = sha256Hex(chain[0].encoded)
-        if (expected != null) {
-          if (fingerprint != expected) {
-            throw CertificateException("bridge TLS fingerprint mismatch")
-          }
-          return
-        }
-        if (params.allowTOFU) {
-          onStore?.invoke(fingerprint)
-          return
-        }
-        defaultTrust.checkServerTrusted(chain, authType)
-      }
-
-      override fun getAcceptedIssuers(): Array<X509Certificate> = defaultTrust.acceptedIssuers
-    }
-
-  val context = SSLContext.getInstance("TLS")
-  context.init(null, arrayOf(trustManager), SecureRandom())
-  return context.socketFactory.createSocket()
-}
-
-fun startTlsHandshakeIfNeeded(socket: Socket) {
-  if (socket is SSLSocket) {
-    socket.startHandshake()
-  }
-}
-
-private fun defaultTrustManager(): X509TrustManager {
-  val factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
-  factory.init(null as java.security.KeyStore?)
-  val trust =
-    factory.trustManagers.firstOrNull { it is X509TrustManager } as? X509TrustManager
-  return trust ?: throw IllegalStateException("No default X509TrustManager found")
-}
-
-private fun sha256Hex(data: ByteArray): String {
-  val digest = MessageDigest.getInstance("SHA-256").digest(data)
-  val out = StringBuilder(digest.size * 2)
-  for (byte in digest) {
-    out.append(String.format("%02x", byte))
-  }
-  return out.toString()
-}
-
-private fun normalizeFingerprint(raw: String): String {
-  return raw.lowercase().filter { it in '0'..'9' || it in 'a'..'f' }
-}

apps/android/app/src/main/java/com/clawdis/android/CameraHudState.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 enum class CameraHudKind {
   Photo,

apps/android/app/src/main/java/com/clawdis/android/DeviceNames.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.content.Context
 import android.os.Build

apps/android/app/src/main/java/com/clawdis/android/LocationMode.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 enum class LocationMode(val rawValue: String) {
   Off("off"),

apps/android/app/src/main/java/com/clawdis/android/MainActivity.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.Manifest
 import android.content.pm.ApplicationInfo
@@ -18,8 +18,8 @@ import androidx.core.view.WindowInsetsControllerCompat
 import androidx.lifecycle.Lifecycle
 import androidx.lifecycle.lifecycleScope
 import androidx.lifecycle.repeatOnLifecycle
-import com.clawdbot.android.ui.RootScreen
-import com.clawdbot.android.ui.ClawdbotTheme
+import com.clawdis.android.ui.RootScreen
+import com.clawdis.android.ui.ClawdisTheme
 import kotlinx.coroutines.launch
 
 class MainActivity : ComponentActivity() {
@@ -56,7 +56,7 @@ class MainActivity : ComponentActivity() {
     }
 
     setContent {
-      ClawdbotTheme {
+      ClawdisTheme {
         Surface(modifier = Modifier) {
           RootScreen(viewModel = viewModel)
         }

apps/android/app/src/main/java/com/clawdis/android/MainViewModel.kt

@@ -1,13 +1,13 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.app.Application
 import androidx.lifecycle.AndroidViewModel
-import com.clawdbot.android.bridge.BridgeEndpoint
-import com.clawdbot.android.chat.OutgoingAttachment
-import com.clawdbot.android.node.CameraCaptureManager
-import com.clawdbot.android.node.CanvasController
-import com.clawdbot.android.node.ScreenRecordManager
-import com.clawdbot.android.node.SmsManager
+import com.clawdis.android.bridge.BridgeEndpoint
+import com.clawdis.android.chat.OutgoingAttachment
+import com.clawdis.android.node.CameraCaptureManager
+import com.clawdis.android.node.CanvasController
+import com.clawdis.android.node.ScreenRecordManager
+import com.clawdis.android.node.SmsManager
 import kotlinx.coroutines.flow.StateFlow
 
 class MainViewModel(app: Application) : AndroidViewModel(app) {
@@ -27,7 +27,6 @@ class MainViewModel(app: Application) : AndroidViewModel(app) {
   val remoteAddress: StateFlow<String?> = runtime.remoteAddress
   val isForeground: StateFlow<Boolean> = runtime.isForeground
   val seamColorArgb: StateFlow<Long> = runtime.seamColorArgb
-  val mainSessionKey: StateFlow<String> = runtime.mainSessionKey
 
   val cameraHud: StateFlow<CameraHudState?> = runtime.cameraHud
   val cameraFlashToken: StateFlow<Long> = runtime.cameraFlashToken
@@ -139,7 +138,7 @@ class MainViewModel(app: Application) : AndroidViewModel(app) {
     runtime.handleCanvasA2UIActionFromWebView(payloadJson)
   }
 
-  fun loadChat(sessionKey: String) {
+  fun loadChat(sessionKey: String = "main") {
     runtime.loadChat(sessionKey)
   }
 

apps/android/app/src/main/java/com/clawdis/android/NodeApp.kt

@@ -0,0 +1,8 @@
+package com.clawdis.android
+
+import android.app.Application
+
+class NodeApp : Application() {
+  val runtime: NodeRuntime by lazy { NodeRuntime(this) }
+}
+

apps/android/app/src/main/java/com/clawdis/android/NodeForegroundService.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.app.Notification
 import android.app.NotificationChannel
@@ -29,7 +29,7 @@ class NodeForegroundService : Service() {
   override fun onCreate() {
     super.onCreate()
     ensureChannel()
-    val initial = buildNotification(title = "Clawdbot Node", text = "Starting…")
+    val initial = buildNotification(title = "Clawdis Node", text = "Starting…")
     startForegroundWithTypes(notification = initial, requiresMic = false)
 
     val runtime = (application as NodeApp).runtime
@@ -44,7 +44,7 @@ class NodeForegroundService : Service() {
         ) { status, server, connected, voiceMode, voiceListening ->
           Quint(status, server, connected, voiceMode, voiceListening)
         }.collect { (status, server, connected, voiceMode, voiceListening) ->
-          val title = if (connected) "Clawdbot Node · Connected" else "Clawdbot Node"
+          val title = if (connected) "Clawdis Node · Connected" else "Clawdis Node"
           val voiceSuffix =
             if (voiceMode == VoiceWakeMode.Always) {
               if (voiceListening) " · Voice Wake: Listening" else " · Voice Wake: Paused"
@@ -91,38 +91,21 @@ class NodeForegroundService : Service() {
         "Connection",
         NotificationManager.IMPORTANCE_LOW,
       ).apply {
-        description = "Clawdbot node connection status"
+        description = "Clawdis node connection status"
         setShowBadge(false)
       }
     mgr.createNotificationChannel(channel)
   }
 
   private fun buildNotification(title: String, text: String): Notification {
-    val launchIntent = Intent(this, MainActivity::class.java).apply {
-      flags = Intent.FLAG_ACTIVITY_SINGLE_TOP or Intent.FLAG_ACTIVITY_CLEAR_TOP
-    }
-    val launchPending =
-      PendingIntent.getActivity(
-        this,
-        1,
-        launchIntent,
-        PendingIntent.FLAG_UPDATE_CURRENT or PendingIntent.FLAG_IMMUTABLE,
-      )
-
     val stopIntent = Intent(this, NodeForegroundService::class.java).setAction(ACTION_STOP)
-    val stopPending =
-      PendingIntent.getService(
-        this,
-        2,
-        stopIntent,
-        PendingIntent.FLAG_UPDATE_CURRENT or PendingIntent.FLAG_IMMUTABLE,
-      )
+    val flags = PendingIntent.FLAG_UPDATE_CURRENT or PendingIntent.FLAG_IMMUTABLE
+    val stopPending = PendingIntent.getService(this, 2, stopIntent, flags)
 
     return NotificationCompat.Builder(this, CHANNEL_ID)
       .setSmallIcon(R.mipmap.ic_launcher)
       .setContentTitle(title)
       .setContentText(text)
-      .setContentIntent(launchPending)
       .setOngoing(true)
       .setOnlyAlertOnce(true)
       .setForegroundServiceBehavior(NotificationCompat.FOREGROUND_SERVICE_IMMEDIATE)
@@ -163,7 +146,7 @@ class NodeForegroundService : Service() {
     private const val CHANNEL_ID = "connection"
     private const val NOTIFICATION_ID = 1
 
-    private const val ACTION_STOP = "com.clawdbot.android.action.STOP"
+    private const val ACTION_STOP = "com.clawdis.android.action.STOP"
 
     fun start(context: Context) {
       val intent = Intent(context, NodeForegroundService::class.java)

apps/android/app/src/main/java/com/clawdis/android/NodeRuntime.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.Manifest
 import android.content.Context
@@ -7,32 +7,31 @@ import android.location.LocationManager
 import android.os.Build
 import android.os.SystemClock
 import androidx.core.content.ContextCompat
-import com.clawdbot.android.chat.ChatController
-import com.clawdbot.android.chat.ChatMessage
-import com.clawdbot.android.chat.ChatPendingToolCall
-import com.clawdbot.android.chat.ChatSessionEntry
-import com.clawdbot.android.chat.OutgoingAttachment
-import com.clawdbot.android.bridge.BridgeDiscovery
-import com.clawdbot.android.bridge.BridgeEndpoint
-import com.clawdbot.android.bridge.BridgePairingClient
-import com.clawdbot.android.bridge.BridgeSession
-import com.clawdbot.android.bridge.BridgeTlsParams
-import com.clawdbot.android.node.CameraCaptureManager
-import com.clawdbot.android.node.LocationCaptureManager
-import com.clawdbot.android.BuildConfig
-import com.clawdbot.android.node.CanvasController
-import com.clawdbot.android.node.ScreenRecordManager
-import com.clawdbot.android.node.SmsManager
-import com.clawdbot.android.protocol.ClawdbotCapability
-import com.clawdbot.android.protocol.ClawdbotCameraCommand
-import com.clawdbot.android.protocol.ClawdbotCanvasA2UIAction
-import com.clawdbot.android.protocol.ClawdbotCanvasA2UICommand
-import com.clawdbot.android.protocol.ClawdbotCanvasCommand
-import com.clawdbot.android.protocol.ClawdbotScreenCommand
-import com.clawdbot.android.protocol.ClawdbotLocationCommand
-import com.clawdbot.android.protocol.ClawdbotSmsCommand
-import com.clawdbot.android.voice.TalkModeManager
-import com.clawdbot.android.voice.VoiceWakeManager
+import com.clawdis.android.chat.ChatController
+import com.clawdis.android.chat.ChatMessage
+import com.clawdis.android.chat.ChatPendingToolCall
+import com.clawdis.android.chat.ChatSessionEntry
+import com.clawdis.android.chat.OutgoingAttachment
+import com.clawdis.android.bridge.BridgeDiscovery
+import com.clawdis.android.bridge.BridgeEndpoint
+import com.clawdis.android.bridge.BridgePairingClient
+import com.clawdis.android.bridge.BridgeSession
+import com.clawdis.android.node.CameraCaptureManager
+import com.clawdis.android.node.LocationCaptureManager
+import com.clawdis.android.BuildConfig
+import com.clawdis.android.node.CanvasController
+import com.clawdis.android.node.ScreenRecordManager
+import com.clawdis.android.node.SmsManager
+import com.clawdis.android.protocol.ClawdisCapability
+import com.clawdis.android.protocol.ClawdisCameraCommand
+import com.clawdis.android.protocol.ClawdisCanvasA2UIAction
+import com.clawdis.android.protocol.ClawdisCanvasA2UICommand
+import com.clawdis.android.protocol.ClawdisCanvasCommand
+import com.clawdis.android.protocol.ClawdisScreenCommand
+import com.clawdis.android.protocol.ClawdisLocationCommand
+import com.clawdis.android.protocol.ClawdisSmsCommand
+import com.clawdis.android.voice.TalkModeManager
+import com.clawdis.android.voice.VoiceWakeManager
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.Job
@@ -79,7 +78,7 @@ class NodeRuntime(context: Context) {
           payloadJson =
             buildJsonObject {
               put("message", JsonPrimitive(command))
-              put("sessionKey", JsonPrimitive(resolveMainSessionKey()))
+              put("sessionKey", JsonPrimitive(mainSessionKey.value))
               put("thinking", JsonPrimitive(chatThinkingLevel.value))
               put("deliver", JsonPrimitive(false))
             }.toString(),
@@ -143,13 +142,12 @@ class NodeRuntime(context: Context) {
   private val session =
     BridgeSession(
       scope = scope,
-      onConnected = { name, remote, mainSessionKey ->
+      onConnected = { name, remote ->
         _statusText.value = "Connected"
         _serverName.value = name
         _remoteAddress.value = remote
         _isConnected.value = true
         _seamColorArgb.value = DEFAULT_SEAM_COLOR_ARGB
-        applyMainSessionKey(mainSessionKey)
         scope.launch { refreshBrandingFromGateway() }
         scope.launch { refreshWakeWordsFromGateway() }
         maybeNavigateToA2uiOnConnect()
@@ -161,9 +159,6 @@ class NodeRuntime(context: Context) {
       onInvoke = { req ->
         handleInvoke(req.command, req.paramsJson)
       },
-      onTlsFingerprint = { stableId, fingerprint ->
-        prefs.saveBridgeTlsFingerprint(stableId, fingerprint)
-      },
     )
 
   private val chat = ChatController(scope = scope, session = session, json = json)
@@ -177,31 +172,11 @@ class NodeRuntime(context: Context) {
     _remoteAddress.value = null
     _isConnected.value = false
     _seamColorArgb.value = DEFAULT_SEAM_COLOR_ARGB
-    if (!isCanonicalMainSessionKey(_mainSessionKey.value)) {
-      _mainSessionKey.value = "main"
-    }
-    val mainKey = resolveMainSessionKey()
-    talkMode.setMainSessionKey(mainKey)
-    chat.applyMainSessionKey(mainKey)
+    _mainSessionKey.value = "main"
     chat.onDisconnected(message)
     showLocalCanvasOnDisconnect()
   }
 
-  private fun applyMainSessionKey(candidate: String?) {
-    val trimmed = candidate?.trim().orEmpty()
-    if (trimmed.isEmpty()) return
-    if (isCanonicalMainSessionKey(_mainSessionKey.value)) return
-    if (_mainSessionKey.value == trimmed) return
-    _mainSessionKey.value = trimmed
-    talkMode.setMainSessionKey(trimmed)
-    chat.applyMainSessionKey(trimmed)
-  }
-
-  private fun resolveMainSessionKey(): String {
-    val trimmed = _mainSessionKey.value.trim()
-    return if (trimmed.isEmpty()) "main" else trimmed
-  }
-
   private fun maybeNavigateToA2uiOnConnect() {
     val a2uiUrl = resolveA2uiHostUrl() ?: return
     val current = canvas.currentUrl()?.trim().orEmpty()
@@ -394,38 +369,38 @@ class NodeRuntime(context: Context) {
 
   private fun buildInvokeCommands(): List<String> =
     buildList {
-      add(ClawdbotCanvasCommand.Present.rawValue)
-      add(ClawdbotCanvasCommand.Hide.rawValue)
-      add(ClawdbotCanvasCommand.Navigate.rawValue)
-      add(ClawdbotCanvasCommand.Eval.rawValue)
-      add(ClawdbotCanvasCommand.Snapshot.rawValue)
-      add(ClawdbotCanvasA2UICommand.Push.rawValue)
-      add(ClawdbotCanvasA2UICommand.PushJSONL.rawValue)
-      add(ClawdbotCanvasA2UICommand.Reset.rawValue)
-      add(ClawdbotScreenCommand.Record.rawValue)
+      add(ClawdisCanvasCommand.Present.rawValue)
+      add(ClawdisCanvasCommand.Hide.rawValue)
+      add(ClawdisCanvasCommand.Navigate.rawValue)
+      add(ClawdisCanvasCommand.Eval.rawValue)
+      add(ClawdisCanvasCommand.Snapshot.rawValue)
+      add(ClawdisCanvasA2UICommand.Push.rawValue)
+      add(ClawdisCanvasA2UICommand.PushJSONL.rawValue)
+      add(ClawdisCanvasA2UICommand.Reset.rawValue)
+      add(ClawdisScreenCommand.Record.rawValue)
       if (cameraEnabled.value) {
-        add(ClawdbotCameraCommand.Snap.rawValue)
-        add(ClawdbotCameraCommand.Clip.rawValue)
+        add(ClawdisCameraCommand.Snap.rawValue)
+        add(ClawdisCameraCommand.Clip.rawValue)
       }
       if (locationMode.value != LocationMode.Off) {
-        add(ClawdbotLocationCommand.Get.rawValue)
+        add(ClawdisLocationCommand.Get.rawValue)
       }
       if (sms.canSendSms()) {
-        add(ClawdbotSmsCommand.Send.rawValue)
+        add(ClawdisSmsCommand.Send.rawValue)
       }
     }
 
   private fun buildCapabilities(): List<String> =
     buildList {
-      add(ClawdbotCapability.Canvas.rawValue)
-      add(ClawdbotCapability.Screen.rawValue)
-      if (cameraEnabled.value) add(ClawdbotCapability.Camera.rawValue)
-      if (sms.canSendSms()) add(ClawdbotCapability.Sms.rawValue)
+      add(ClawdisCapability.Canvas.rawValue)
+      add(ClawdisCapability.Screen.rawValue)
+      if (cameraEnabled.value) add(ClawdisCapability.Camera.rawValue)
+      if (sms.canSendSms()) add(ClawdisCapability.Sms.rawValue)
       if (voiceWakeMode.value != VoiceWakeMode.Off && hasRecordAudioPermission()) {
-        add(ClawdbotCapability.VoiceWake.rawValue)
+        add(ClawdisCapability.VoiceWake.rawValue)
       }
       if (locationMode.value != LocationMode.Off) {
-        add(ClawdbotCapability.Location.rawValue)
+        add(ClawdisCapability.Location.rawValue)
       }
     }
 
@@ -492,17 +467,12 @@ class NodeRuntime(context: Context) {
     scope.launch {
       _statusText.value = "Connecting…"
       val storedToken = prefs.loadBridgeToken()
-      val tls = resolveTlsParams(endpoint)
       val resolved =
         if (storedToken.isNullOrBlank()) {
           _statusText.value = "Pairing…"
           BridgePairingClient().pairAndHello(
             endpoint = endpoint,
             hello = buildPairingHello(token = null),
-            tls = tls,
-            onTlsFingerprint = { fingerprint ->
-              prefs.saveBridgeTlsFingerprint(endpoint.stableId, fingerprint)
-            },
           )
         } else {
           BridgePairingClient.PairResult(ok = true, token = storedToken.trim())
@@ -519,7 +489,6 @@ class NodeRuntime(context: Context) {
       session.connect(
         endpoint = endpoint,
         hello = buildSessionHello(token = authToken),
-        tls = tls,
       )
     }
   }
@@ -546,6 +515,7 @@ class NodeRuntime(context: Context) {
   }
 
   private fun hasBackgroundLocationPermission(): Boolean {
+    if (Build.VERSION.SDK_INT < Build.VERSION_CODES.Q) return true
     return (
       ContextCompat.checkSelfPermission(appContext, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
         PackageManager.PERMISSION_GRANTED
@@ -566,41 +536,6 @@ class NodeRuntime(context: Context) {
     session.disconnect()
   }
 
-  private fun resolveTlsParams(endpoint: BridgeEndpoint): BridgeTlsParams? {
-    val stored = prefs.loadBridgeTlsFingerprint(endpoint.stableId)
-    val hinted = endpoint.tlsEnabled || !endpoint.tlsFingerprintSha256.isNullOrBlank()
-    val manual = endpoint.stableId.startsWith("manual|")
-
-    if (hinted) {
-      return BridgeTlsParams(
-        required = true,
-        expectedFingerprint = endpoint.tlsFingerprintSha256 ?: stored,
-        allowTOFU = stored == null,
-        stableId = endpoint.stableId,
-      )
-    }
-
-    if (!stored.isNullOrBlank()) {
-      return BridgeTlsParams(
-        required = true,
-        expectedFingerprint = stored,
-        allowTOFU = false,
-        stableId = endpoint.stableId,
-      )
-    }
-
-    if (manual) {
-      return BridgeTlsParams(
-        required = false,
-        expectedFingerprint = null,
-        allowTOFU = true,
-        stableId = endpoint.stableId,
-      )
-    }
-
-    return null
-  }
-
   fun handleCanvasA2UIActionFromWebView(payloadJson: String) {
     scope.launch {
       val trimmed = payloadJson.trim()
@@ -617,7 +552,7 @@ class NodeRuntime(context: Context) {
       val actionId = (userActionObj["id"] as? JsonPrimitive)?.content?.trim().orEmpty().ifEmpty {
         java.util.UUID.randomUUID().toString()
       }
-      val name = ClawdbotCanvasA2UIAction.extractActionName(userActionObj) ?: return@launch
+      val name = ClawdisCanvasA2UIAction.extractActionName(userActionObj) ?: return@launch
 
       val surfaceId =
         (userActionObj["surfaceId"] as? JsonPrimitive)?.content?.trim().orEmpty().ifEmpty { "main" }
@@ -625,9 +560,9 @@ class NodeRuntime(context: Context) {
         (userActionObj["sourceComponentId"] as? JsonPrimitive)?.content?.trim().orEmpty().ifEmpty { "-" }
       val contextJson = (userActionObj["context"] as? JsonObject)?.toString()
 
-      val sessionKey = resolveMainSessionKey()
+      val sessionKey = "main"
       val message =
-        ClawdbotCanvasA2UIAction.formatAgentMessage(
+        ClawdisCanvasA2UIAction.formatAgentMessage(
           actionName = name,
           sessionKey = sessionKey,
           surfaceId = surfaceId,
@@ -661,7 +596,7 @@ class NodeRuntime(context: Context) {
 
       try {
         canvas.eval(
-          ClawdbotCanvasA2UIAction.jsDispatchA2UIActionStatus(
+          ClawdisCanvasA2UIAction.jsDispatchA2UIActionStatus(
             actionId = actionId,
             ok = connected && error == null,
             error = error,
@@ -673,9 +608,8 @@ class NodeRuntime(context: Context) {
     }
   }
 
-  fun loadChat(sessionKey: String) {
-    val key = sessionKey.trim().ifEmpty { resolveMainSessionKey() }
-    chat.load(key)
+  fun loadChat(sessionKey: String = "main") {
+    chat.load(sessionKey)
   }
 
   fun refreshChat() {
@@ -767,8 +701,8 @@ class NodeRuntime(context: Context) {
       val ui = config?.get("ui").asObjectOrNull()
       val raw = ui?.get("seamColor").asStringOrNull()?.trim()
       val sessionCfg = config?.get("session").asObjectOrNull()
-      val mainKey = normalizeMainKey(sessionCfg?.get("mainKey").asStringOrNull())
-      applyMainSessionKey(mainKey)
+      val rawMainKey = sessionCfg?.get("mainKey").asStringOrNull()?.trim()
+      _mainSessionKey.value = rawMainKey?.takeIf { it.isNotEmpty() } ?: "main"
 
       val parsed = parseHexColorArgb(raw)
       _seamColorArgb.value = parsed ?: DEFAULT_SEAM_COLOR_ARGB
@@ -779,10 +713,10 @@ class NodeRuntime(context: Context) {
 
   private suspend fun handleInvoke(command: String, paramsJson: String?): BridgeSession.InvokeResult {
     if (
-      command.startsWith(ClawdbotCanvasCommand.NamespacePrefix) ||
-        command.startsWith(ClawdbotCanvasA2UICommand.NamespacePrefix) ||
-        command.startsWith(ClawdbotCameraCommand.NamespacePrefix) ||
-        command.startsWith(ClawdbotScreenCommand.NamespacePrefix)
+      command.startsWith(ClawdisCanvasCommand.NamespacePrefix) ||
+        command.startsWith(ClawdisCanvasA2UICommand.NamespacePrefix) ||
+        command.startsWith(ClawdisCameraCommand.NamespacePrefix) ||
+        command.startsWith(ClawdisScreenCommand.NamespacePrefix)
       ) {
       if (!isForeground.value) {
         return BridgeSession.InvokeResult.error(
@@ -791,13 +725,13 @@ class NodeRuntime(context: Context) {
         )
       }
     }
-    if (command.startsWith(ClawdbotCameraCommand.NamespacePrefix) && !cameraEnabled.value) {
+    if (command.startsWith(ClawdisCameraCommand.NamespacePrefix) && !cameraEnabled.value) {
       return BridgeSession.InvokeResult.error(
         code = "CAMERA_DISABLED",
         message = "CAMERA_DISABLED: enable Camera in Settings",
       )
     }
-    if (command.startsWith(ClawdbotLocationCommand.NamespacePrefix) &&
+    if (command.startsWith(ClawdisLocationCommand.NamespacePrefix) &&
       locationMode.value == LocationMode.Off
     ) {
       return BridgeSession.InvokeResult.error(
@@ -807,18 +741,18 @@ class NodeRuntime(context: Context) {
     }
 
     return when (command) {
-      ClawdbotCanvasCommand.Present.rawValue -> {
+      ClawdisCanvasCommand.Present.rawValue -> {
         val url = CanvasController.parseNavigateUrl(paramsJson)
         canvas.navigate(url)
         BridgeSession.InvokeResult.ok(null)
       }
-      ClawdbotCanvasCommand.Hide.rawValue -> BridgeSession.InvokeResult.ok(null)
-      ClawdbotCanvasCommand.Navigate.rawValue -> {
+      ClawdisCanvasCommand.Hide.rawValue -> BridgeSession.InvokeResult.ok(null)
+      ClawdisCanvasCommand.Navigate.rawValue -> {
         val url = CanvasController.parseNavigateUrl(paramsJson)
         canvas.navigate(url)
         BridgeSession.InvokeResult.ok(null)
       }
-      ClawdbotCanvasCommand.Eval.rawValue -> {
+      ClawdisCanvasCommand.Eval.rawValue -> {
         val js =
           CanvasController.parseEvalJs(paramsJson)
             ?: return BridgeSession.InvokeResult.error(
@@ -836,7 +770,7 @@ class NodeRuntime(context: Context) {
           }
         BridgeSession.InvokeResult.ok("""{"result":${result.toJsonString()}}""")
       }
-      ClawdbotCanvasCommand.Snapshot.rawValue -> {
+      ClawdisCanvasCommand.Snapshot.rawValue -> {
         val snapshotParams = CanvasController.parseSnapshotParams(paramsJson)
         val base64 =
           try {
@@ -853,7 +787,7 @@ class NodeRuntime(context: Context) {
           }
         BridgeSession.InvokeResult.ok("""{"format":"${snapshotParams.format.rawValue}","base64":"$base64"}""")
       }
-      ClawdbotCanvasA2UICommand.Reset.rawValue -> {
+      ClawdisCanvasA2UICommand.Reset.rawValue -> {
         val a2uiUrl = resolveA2uiHostUrl()
           ?: return BridgeSession.InvokeResult.error(
             code = "A2UI_HOST_NOT_CONFIGURED",
@@ -869,7 +803,7 @@ class NodeRuntime(context: Context) {
         val res = canvas.eval(a2uiResetJS)
         BridgeSession.InvokeResult.ok(res)
       }
-      ClawdbotCanvasA2UICommand.Push.rawValue, ClawdbotCanvasA2UICommand.PushJSONL.rawValue -> {
+      ClawdisCanvasA2UICommand.Push.rawValue, ClawdisCanvasA2UICommand.PushJSONL.rawValue -> {
         val messages =
           try {
             decodeA2uiMessages(command, paramsJson)
@@ -892,7 +826,7 @@ class NodeRuntime(context: Context) {
         val res = canvas.eval(js)
         BridgeSession.InvokeResult.ok(res)
       }
-      ClawdbotCameraCommand.Snap.rawValue -> {
+      ClawdisCameraCommand.Snap.rawValue -> {
         showCameraHud(message = "Taking photo…", kind = CameraHudKind.Photo)
         triggerCameraFlash()
         val res =
@@ -906,7 +840,7 @@ class NodeRuntime(context: Context) {
         showCameraHud(message = "Photo captured", kind = CameraHudKind.Success, autoHideMs = 1600)
         BridgeSession.InvokeResult.ok(res.payloadJson)
       }
-      ClawdbotCameraCommand.Clip.rawValue -> {
+      ClawdisCameraCommand.Clip.rawValue -> {
         val includeAudio = paramsJson?.contains("\"includeAudio\":true") != false
         if (includeAudio) externalAudioCaptureActive.value = true
         try {
@@ -925,7 +859,7 @@ class NodeRuntime(context: Context) {
           if (includeAudio) externalAudioCaptureActive.value = false
         }
       }
-      ClawdbotLocationCommand.Get.rawValue -> {
+      ClawdisLocationCommand.Get.rawValue -> {
         val mode = locationMode.value
         if (!isForeground.value && mode != LocationMode.Always) {
           return BridgeSession.InvokeResult.error(
@@ -978,7 +912,7 @@ class NodeRuntime(context: Context) {
           BridgeSession.InvokeResult.error(code = "LOCATION_UNAVAILABLE", message = message)
         }
       }
-      ClawdbotScreenCommand.Record.rawValue -> {
+      ClawdisScreenCommand.Record.rawValue -> {
         // Status pill mirrors screen recording state so it stays visible without overlay stacking.
         _screenRecordActive.value = true
         try {
@@ -994,7 +928,7 @@ class NodeRuntime(context: Context) {
           _screenRecordActive.value = false
         }
       }
-      ClawdbotSmsCommand.Send.rawValue -> {
+      ClawdisSmsCommand.Send.rawValue -> {
         val res = sms.send(paramsJson)
         if (res.ok) {
           BridgeSession.InvokeResult.ok(res.payloadJson)
@@ -1065,7 +999,7 @@ class NodeRuntime(context: Context) {
     val raw = session.currentCanvasHostUrl()?.trim().orEmpty()
     if (raw.isBlank()) return null
     val base = raw.trimEnd('/')
-    return "${base}/__clawdbot__/a2ui/?platform=android"
+    return "${base}/__clawdis__/a2ui/?platform=android"
   }
 
   private suspend fun ensureA2uiReady(a2uiUrl: String): Boolean {
@@ -1100,7 +1034,7 @@ class NodeRuntime(context: Context) {
     val jsonlField = (obj["jsonl"] as? JsonPrimitive)?.content?.trim().orEmpty()
     val hasMessagesArray = obj["messages"] is JsonArray
 
-    if (command == ClawdbotCanvasA2UICommand.PushJSONL.rawValue || (!hasMessagesArray && jsonlField.isNotBlank())) {
+    if (command == ClawdisCanvasA2UICommand.PushJSONL.rawValue || (!hasMessagesArray && jsonlField.isNotBlank())) {
       val jsonl = jsonlField
       if (jsonl.isBlank()) throw IllegalArgumentException("INVALID_REQUEST: jsonl required")
       val messages =
@@ -1157,7 +1091,7 @@ private const val a2uiReadyCheckJS: String =
   """
   (() => {
     try {
-      return !!globalThis.clawdbotA2UI && typeof globalThis.clawdbotA2UI.applyMessages === 'function';
+      return !!globalThis.clawdisA2UI && typeof globalThis.clawdisA2UI.applyMessages === 'function';
     } catch (_) {
       return false;
     }
@@ -1168,8 +1102,8 @@ private const val a2uiResetJS: String =
   """
   (() => {
     try {
-      if (!globalThis.clawdbotA2UI) return { ok: false, error: "missing clawdbotA2UI" };
-      return globalThis.clawdbotA2UI.reset();
+      if (!globalThis.clawdisA2UI) return { ok: false, error: "missing clawdisA2UI" };
+      return globalThis.clawdisA2UI.reset();
     } catch (e) {
       return { ok: false, error: String(e?.message ?? e) };
     }
@@ -1180,9 +1114,9 @@ private fun a2uiApplyMessagesJS(messagesJson: String): String {
   return """
     (() => {
       try {
-        if (!globalThis.clawdbotA2UI) return { ok: false, error: "missing clawdbotA2UI" };
+        if (!globalThis.clawdisA2UI) return { ok: false, error: "missing clawdisA2UI" };
         const messages = $messagesJson;
-        return globalThis.clawdbotA2UI.applyMessages(messages);
+        return globalThis.clawdisA2UI.applyMessages(messages);
       } catch (e) {
         return { ok: false, error: String(e?.message ?? e) };
       }

apps/android/app/src/main/java/com/clawdis/android/PermissionRequester.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.content.pm.PackageManager
 import android.content.Intent
@@ -115,7 +115,7 @@ class PermissionRequester(private val activity: ComponentActivity) {
 
   private fun buildRationaleMessage(permissions: List<String>): String {
     val labels = permissions.map { permissionLabel(it) }
-    return "Clawdbot needs ${labels.joinToString(", ")} permissions to continue."
+    return "Clawdis needs ${labels.joinToString(", ")} permissions to continue."
   }
 
   private fun buildSettingsMessage(permissions: List<String>): String {

apps/android/app/src/main/java/com/clawdis/android/ScreenCaptureRequester.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.app.Activity
 import android.content.Context
@@ -55,7 +55,7 @@ class ScreenCaptureRequester(private val activity: ComponentActivity) {
       suspendCancellableCoroutine { cont ->
         AlertDialog.Builder(activity)
           .setTitle("Screen recording required")
-          .setMessage("Clawdbot needs to record the screen for this command.")
+          .setMessage("Clawdis needs to record the screen for this command.")
           .setPositiveButton("Continue") { _, _ -> cont.resume(true) }
           .setNegativeButton("Not now") { _, _ -> cont.resume(false) }
           .setOnCancelListener { cont.resume(false) }

apps/android/app/src/main/java/com/clawdis/android/SecurePrefs.kt

@@ -1,6 +1,6 @@
 @file:Suppress("DEPRECATION")
 
-package com.clawdbot.android
+package com.clawdis.android
 
 import android.content.Context
 import androidx.core.content.edit
@@ -31,7 +31,7 @@ class SecurePrefs(context: Context) {
   private val prefs =
     EncryptedSharedPreferences.create(
       context,
-      "clawdbot.node.secure",
+      "clawdis.node.secure",
       masterKey,
       EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
       EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM,
@@ -147,16 +147,6 @@ class SecurePrefs(context: Context) {
     prefs.edit { putString(key, token.trim()) }
   }
 
-  fun loadBridgeTlsFingerprint(stableId: String): String? {
-    val key = "bridge.tls.$stableId"
-    return prefs.getString(key, null)?.trim()?.takeIf { it.isNotEmpty() }
-  }
-
-  fun saveBridgeTlsFingerprint(stableId: String, fingerprint: String) {
-    val key = "bridge.tls.$stableId"
-    prefs.edit { putString(key, fingerprint.trim()) }
-  }
-
   private fun loadOrCreateInstanceId(): String {
     val existing = prefs.getString("node.instanceId", null)?.trim()
     if (!existing.isNullOrBlank()) return existing

apps/android/app/src/main/java/com/clawdis/android/VoiceWakeMode.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 enum class VoiceWakeMode(val rawValue: String) {
   Off("off"),

apps/android/app/src/main/java/com/clawdis/android/WakeWords.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android
+package com.clawdis.android
 
 object WakeWords {
   const val maxWords: Int = 32

apps/android/app/src/main/java/com/clawdis/android/bridge/BonjourEscapes.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.bridge
+package com.clawdis.android.bridge
 
 object BonjourEscapes {
   fun decode(input: String): String {

apps/android/app/src/main/java/com/clawdis/android/bridge/BridgeDiscovery.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.bridge
+package com.clawdis.android.bridge
 
 import android.content.Context
 import android.net.ConnectivityManager
@@ -51,9 +51,9 @@ class BridgeDiscovery(
   private val nsd = context.getSystemService(NsdManager::class.java)
   private val connectivity = context.getSystemService(ConnectivityManager::class.java)
   private val dns = DnsResolver.getInstance()
-  private val serviceType = "_clawdbot-bridge._tcp."
-  private val wideAreaDomain = "clawdbot.internal."
-  private val logTag = "Clawdbot/BridgeDiscovery"
+  private val serviceType = "_clawdis-bridge._tcp."
+  private val wideAreaDomain = "clawdis.internal."
+  private val logTag = "Clawdis/BridgeDiscovery"
 
   private val localById = ConcurrentHashMap<String, BridgeEndpoint>()
   private val unicastById = ConcurrentHashMap<String, BridgeEndpoint>()
@@ -143,8 +143,6 @@ class BridgeDiscovery(
         val gatewayPort = txtInt(resolved, "gatewayPort")
         val bridgePort = txtInt(resolved, "bridgePort")
         val canvasPort = txtInt(resolved, "canvasPort")
-        val tlsEnabled = txtBool(resolved, "bridgeTls")
-        val tlsFingerprint = txt(resolved, "bridgeTlsSha256")
         val id = stableId(serviceName, "local.")
         localById[id] =
           BridgeEndpoint(
@@ -157,8 +155,6 @@ class BridgeDiscovery(
             gatewayPort = gatewayPort,
             bridgePort = bridgePort,
             canvasPort = canvasPort,
-            tlsEnabled = tlsEnabled,
-            tlsFingerprintSha256 = tlsFingerprint,
           )
         publish()
       }
@@ -213,11 +209,6 @@ class BridgeDiscovery(
     return txt(info, key)?.toIntOrNull()
   }
 
-  private fun txtBool(info: NsdServiceInfo, key: String): Boolean {
-    val raw = txt(info, key)?.trim()?.lowercase() ?: return false
-    return raw == "1" || raw == "true" || raw == "yes"
-  }
-
   private suspend fun refreshUnicast(domain: String) {
     val ptrName = "${serviceType}${domain}"
     val ptrMsg = lookupUnicastMessage(ptrName, Type.PTR) ?: return
@@ -261,8 +252,6 @@ class BridgeDiscovery(
       val gatewayPort = txtIntValue(txt, "gatewayPort")
       val bridgePort = txtIntValue(txt, "bridgePort")
       val canvasPort = txtIntValue(txt, "canvasPort")
-      val tlsEnabled = txtBoolValue(txt, "bridgeTls")
-      val tlsFingerprint = txtValue(txt, "bridgeTlsSha256")
       val id = stableId(instanceName, domain)
       next[id] =
         BridgeEndpoint(
@@ -275,8 +264,6 @@ class BridgeDiscovery(
           gatewayPort = gatewayPort,
           bridgePort = bridgePort,
           canvasPort = canvasPort,
-          tlsEnabled = tlsEnabled,
-          tlsFingerprintSha256 = tlsFingerprint,
         )
     }
 
@@ -487,11 +474,6 @@ class BridgeDiscovery(
     return txtValue(records, key)?.toIntOrNull()
   }
 
-  private fun txtBoolValue(records: List<TXTRecord>, key: String): Boolean {
-    val raw = txtValue(records, key)?.trim()?.lowercase() ?: return false
-    return raw == "1" || raw == "true" || raw == "yes"
-  }
-
   private fun decodeDnsTxtString(raw: String): String {
     // dnsjava treats TXT as opaque bytes and decodes as ISO-8859-1 to preserve bytes.
     // Our TXT payload is UTF-8 (written by the gateway), so re-decode when possible.

apps/android/app/src/main/java/com/clawdis/android/bridge/BridgeEndpoint.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.bridge
+package com.clawdis.android.bridge
 
 data class BridgeEndpoint(
   val stableId: String,
@@ -10,8 +10,6 @@ data class BridgeEndpoint(
   val gatewayPort: Int? = null,
   val bridgePort: Int? = null,
   val canvasPort: Int? = null,
-  val tlsEnabled: Boolean = false,
-  val tlsFingerprintSha256: String? = null,
 ) {
   companion object {
     fun manual(host: String, port: Int): BridgeEndpoint =
@@ -20,8 +18,6 @@ data class BridgeEndpoint(
         name = "$host:$port",
         host = host,
         port = port,
-        tlsEnabled = false,
-        tlsFingerprintSha256 = null,
       )
   }
 }

apps/android/app/src/main/java/com/clawdis/android/bridge/BridgePairingClient.kt

@@ -0,0 +1,134 @@
+package com.clawdis.android.bridge
+
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+import kotlinx.serialization.json.Json
+import kotlinx.serialization.json.JsonArray
+import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
+import kotlinx.serialization.json.JsonNull
+import kotlinx.serialization.json.JsonElement
+import kotlinx.serialization.json.buildJsonObject
+import java.io.BufferedReader
+import java.io.BufferedWriter
+import java.io.InputStreamReader
+import java.io.OutputStreamWriter
+import java.net.InetSocketAddress
+import java.net.Socket
+
+class BridgePairingClient {
+  private val json = Json { ignoreUnknownKeys = true }
+
+  data class Hello(
+    val nodeId: String,
+    val displayName: String?,
+    val token: String?,
+    val platform: String?,
+    val version: String?,
+    val deviceFamily: String?,
+    val modelIdentifier: String?,
+    val caps: List<String>?,
+    val commands: List<String>?,
+  )
+
+  data class PairResult(val ok: Boolean, val token: String?, val error: String? = null)
+
+  suspend fun pairAndHello(endpoint: BridgeEndpoint, hello: Hello): PairResult =
+    withContext(Dispatchers.IO) {
+      val socket = Socket()
+      socket.tcpNoDelay = true
+      try {
+        socket.connect(InetSocketAddress(endpoint.host, endpoint.port), 8_000)
+        socket.soTimeout = 60_000
+
+        val reader = BufferedReader(InputStreamReader(socket.getInputStream(), Charsets.UTF_8))
+        val writer = BufferedWriter(OutputStreamWriter(socket.getOutputStream(), Charsets.UTF_8))
+
+        fun send(line: String) {
+          writer.write(line)
+          writer.write("\n")
+          writer.flush()
+        }
+
+        fun sendJson(obj: JsonObject) = send(obj.toString())
+
+        sendJson(
+          buildJsonObject {
+            put("type", JsonPrimitive("hello"))
+            put("nodeId", JsonPrimitive(hello.nodeId))
+            hello.displayName?.let { put("displayName", JsonPrimitive(it)) }
+            hello.token?.let { put("token", JsonPrimitive(it)) }
+            hello.platform?.let { put("platform", JsonPrimitive(it)) }
+            hello.version?.let { put("version", JsonPrimitive(it)) }
+            hello.deviceFamily?.let { put("deviceFamily", JsonPrimitive(it)) }
+            hello.modelIdentifier?.let { put("modelIdentifier", JsonPrimitive(it)) }
+            hello.caps?.let { put("caps", JsonArray(it.map(::JsonPrimitive))) }
+            hello.commands?.let { put("commands", JsonArray(it.map(::JsonPrimitive))) }
+          },
+        )
+
+        val firstObj = json.parseToJsonElement(reader.readLine()).asObjectOrNull()
+          ?: return@withContext PairResult(ok = false, token = null, error = "unexpected bridge response")
+        when (firstObj["type"].asStringOrNull()) {
+          "hello-ok" -> PairResult(ok = true, token = hello.token)
+          "error" -> {
+            val code = firstObj["code"].asStringOrNull() ?: "UNAVAILABLE"
+            val message = firstObj["message"].asStringOrNull() ?: "pairing required"
+            if (code != "NOT_PAIRED" && code != "UNAUTHORIZED") {
+              return@withContext PairResult(ok = false, token = null, error = "$code: $message")
+            }
+
+            sendJson(
+              buildJsonObject {
+                put("type", JsonPrimitive("pair-request"))
+                put("nodeId", JsonPrimitive(hello.nodeId))
+                hello.displayName?.let { put("displayName", JsonPrimitive(it)) }
+                hello.platform?.let { put("platform", JsonPrimitive(it)) }
+                hello.version?.let { put("version", JsonPrimitive(it)) }
+                hello.deviceFamily?.let { put("deviceFamily", JsonPrimitive(it)) }
+                hello.modelIdentifier?.let { put("modelIdentifier", JsonPrimitive(it)) }
+                hello.caps?.let { put("caps", JsonArray(it.map(::JsonPrimitive))) }
+                hello.commands?.let { put("commands", JsonArray(it.map(::JsonPrimitive))) }
+              },
+            )
+
+            while (true) {
+              val nextLine = reader.readLine() ?: break
+              val next = json.parseToJsonElement(nextLine).asObjectOrNull() ?: continue
+              when (next["type"].asStringOrNull()) {
+                "pair-ok" -> {
+                  val token = next["token"].asStringOrNull()
+                  return@withContext PairResult(ok = !token.isNullOrBlank(), token = token)
+                }
+                "error" -> {
+                  val c = next["code"].asStringOrNull() ?: "UNAVAILABLE"
+                  val m = next["message"].asStringOrNull() ?: "pairing failed"
+                  return@withContext PairResult(ok = false, token = null, error = "$c: $m")
+                }
+              }
+            }
+            PairResult(ok = false, token = null, error = "pairing failed")
+          }
+          else -> PairResult(ok = false, token = null, error = "unexpected bridge response")
+        }
+      } catch (e: Exception) {
+        val message = e.message?.trim().orEmpty().ifEmpty { "gateway unreachable" }
+        PairResult(ok = false, token = null, error = message)
+      } finally {
+        try {
+          socket.close()
+        } catch (_: Throwable) {
+          // ignore
+        }
+      }
+    }
+}
+
+private fun JsonElement?.asObjectOrNull(): JsonObject? = this as? JsonObject
+
+private fun JsonElement?.asStringOrNull(): String? =
+  when (this) {
+    is JsonNull -> null
+    is JsonPrimitive -> content
+    else -> null
+  }

apps/android/app/src/main/java/com/clawdis/android/bridge/BridgeSession.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.bridge
+package com.clawdis.android.bridge
 
 import kotlinx.coroutines.CompletableDeferred
 import kotlinx.coroutines.CoroutineScope
@@ -11,7 +11,7 @@ import kotlinx.coroutines.launch
 import kotlinx.coroutines.sync.Mutex
 import kotlinx.coroutines.sync.withLock
 import kotlinx.coroutines.withContext
-import com.clawdbot.android.BuildConfig
+import com.clawdis.android.BuildConfig
 import kotlinx.serialization.json.Json
 import kotlinx.serialization.json.JsonArray
 import kotlinx.serialization.json.JsonObject
@@ -31,11 +31,10 @@ import java.util.concurrent.ConcurrentHashMap
 
 class BridgeSession(
   private val scope: CoroutineScope,
-  private val onConnected: (serverName: String, remoteAddress: String?, mainSessionKey: String?) -> Unit,
+  private val onConnected: (serverName: String, remoteAddress: String?) -> Unit,
   private val onDisconnected: (message: String) -> Unit,
   private val onEvent: (event: String, payloadJson: String?) -> Unit,
   private val onInvoke: suspend (InvokeRequest) -> InvokeResult,
-  private val onTlsFingerprint: ((stableId: String, fingerprint: String) -> Unit)? = null,
 ) {
   data class Hello(
     val nodeId: String,
@@ -65,19 +64,12 @@ class BridgeSession(
   private val writeLock = Mutex()
   private val pending = ConcurrentHashMap<String, CompletableDeferred<RpcResponse>>()
   @Volatile private var canvasHostUrl: String? = null
-  @Volatile private var mainSessionKey: String? = null
 
-  private data class DesiredConnection(
-    val endpoint: BridgeEndpoint,
-    val hello: Hello,
-    val tls: BridgeTlsParams?,
-  )
-
-  private var desired: DesiredConnection? = null
+  private var desired: Pair<BridgeEndpoint, Hello>? = null
   private var job: Job? = null
 
-  fun connect(endpoint: BridgeEndpoint, hello: Hello, tls: BridgeTlsParams? = null) {
-    desired = DesiredConnection(endpoint, hello, tls)
+  fun connect(endpoint: BridgeEndpoint, hello: Hello) {
+    desired = endpoint to hello
     if (job == null) {
       job = scope.launch(Dispatchers.IO) { runLoop() }
     }
@@ -85,7 +77,7 @@ class BridgeSession(
 
   suspend fun updateHello(hello: Hello) {
     val target = desired ?: return
-    desired = target.copy(hello = hello)
+    desired = target.first to hello
     val conn = currentConnection ?: return
     conn.sendJson(buildHelloJson(hello))
   }
@@ -98,13 +90,11 @@ class BridgeSession(
       job?.cancelAndJoin()
       job = null
       canvasHostUrl = null
-      mainSessionKey = null
       onDisconnected("Offline")
     }
   }
 
   fun currentCanvasHostUrl(): String? = canvasHostUrl
-  fun currentMainSessionKey(): String? = mainSessionKey
 
   suspend fun sendEvent(event: String, payloadJson: String?) {
     val conn = currentConnection ?: return
@@ -172,10 +162,10 @@ class BridgeSession(
         continue
       }
 
-      val (endpoint, hello, tls) = target
+      val (endpoint, hello) = target
       try {
         onDisconnected(if (attempt == 0) "Connecting…" else "Reconnecting…")
-        connectOnce(endpoint, hello, tls)
+        connectOnce(endpoint, hello)
         attempt = 0
       } catch (err: Throwable) {
         attempt += 1
@@ -199,76 +189,58 @@ class BridgeSession(
     return InvokeResult.error(code = "UNAVAILABLE", message = msg)
   }
 
-  private suspend fun connectOnce(endpoint: BridgeEndpoint, hello: Hello, tls: BridgeTlsParams?) =
+  private suspend fun connectOnce(endpoint: BridgeEndpoint, hello: Hello) =
     withContext(Dispatchers.IO) {
-      if (tls != null) {
-        try {
-          connectWithSocket(endpoint, hello, tls)
-          return@withContext
-        } catch (err: Throwable) {
-          if (tls.required) throw err
-        }
-      }
-      connectWithSocket(endpoint, hello, null)
-    }
+      val socket = Socket()
+      socket.tcpNoDelay = true
+      socket.connect(InetSocketAddress(endpoint.host, endpoint.port), 8_000)
+      socket.soTimeout = 0
 
-  private suspend fun connectWithSocket(endpoint: BridgeEndpoint, hello: Hello, tls: BridgeTlsParams?) {
-    val socket =
-      createBridgeSocket(tls) { fingerprint ->
-        onTlsFingerprint?.invoke(tls?.stableId ?: endpoint.stableId, fingerprint)
-      }
-    socket.tcpNoDelay = true
-    socket.connect(InetSocketAddress(endpoint.host, endpoint.port), 8_000)
-    socket.soTimeout = 0
-    startTlsHandshakeIfNeeded(socket)
+      val reader = BufferedReader(InputStreamReader(socket.getInputStream(), Charsets.UTF_8))
+      val writer = BufferedWriter(OutputStreamWriter(socket.getOutputStream(), Charsets.UTF_8))
 
-    val reader = BufferedReader(InputStreamReader(socket.getInputStream(), Charsets.UTF_8))
-    val writer = BufferedWriter(OutputStreamWriter(socket.getOutputStream(), Charsets.UTF_8))
+      val conn = Connection(socket, reader, writer, writeLock)
+      currentConnection = conn
 
-    val conn = Connection(socket, reader, writer, writeLock)
-    currentConnection = conn
+      try {
+        conn.sendJson(buildHelloJson(hello))
 
-    try {
-      conn.sendJson(buildHelloJson(hello))
-
-      val firstLine = reader.readLine() ?: throw IllegalStateException("bridge closed connection")
-      val first = json.parseToJsonElement(firstLine).asObjectOrNull()
-        ?: throw IllegalStateException("unexpected bridge response")
-      when (first["type"].asStringOrNull()) {
-        "hello-ok" -> {
-          val name = first["serverName"].asStringOrNull() ?: "Bridge"
-          val rawCanvasUrl = first["canvasHostUrl"].asStringOrNull()?.trim()?.ifEmpty { null }
-          val rawMainSessionKey = first["mainSessionKey"].asStringOrNull()?.trim()?.ifEmpty { null }
-          canvasHostUrl = normalizeCanvasHostUrl(rawCanvasUrl, endpoint)
-          mainSessionKey = rawMainSessionKey
-          if (BuildConfig.DEBUG) {
-            // Local JVM unit tests use android.jar stubs; Log.d can throw "not mocked".
-            runCatching {
-              android.util.Log.d(
-                "ClawdbotBridge",
-                "canvasHostUrl resolved=${canvasHostUrl ?: "none"} (raw=${rawCanvasUrl ?: "none"})",
-              )
+        val firstLine = reader.readLine() ?: throw IllegalStateException("bridge closed connection")
+        val first = json.parseToJsonElement(firstLine).asObjectOrNull()
+          ?: throw IllegalStateException("unexpected bridge response")
+        when (first["type"].asStringOrNull()) {
+          "hello-ok" -> {
+            val name = first["serverName"].asStringOrNull() ?: "Bridge"
+            val rawCanvasUrl = first["canvasHostUrl"].asStringOrNull()?.trim()?.ifEmpty { null }
+            canvasHostUrl = normalizeCanvasHostUrl(rawCanvasUrl, endpoint)
+            if (BuildConfig.DEBUG) {
+              // Local JVM unit tests use android.jar stubs; Log.d can throw "not mocked".
+              runCatching {
+                android.util.Log.d(
+                  "ClawdisBridge",
+                  "canvasHostUrl resolved=${canvasHostUrl ?: "none"} (raw=${rawCanvasUrl ?: "none"})",
+                )
+              }
             }
+            onConnected(name, conn.remoteAddress)
           }
-          onConnected(name, conn.remoteAddress, rawMainSessionKey)
+          "error" -> {
+            val code = first["code"].asStringOrNull() ?: "UNAVAILABLE"
+            val msg = first["message"].asStringOrNull() ?: "connect failed"
+            throw IllegalStateException("$code: $msg")
+          }
+          else -> throw IllegalStateException("unexpected bridge response")
         }
-        "error" -> {
-          val code = first["code"].asStringOrNull() ?: "UNAVAILABLE"
-          val msg = first["message"].asStringOrNull() ?: "connect failed"
-          throw IllegalStateException("$code: $msg")
-        }
-        else -> throw IllegalStateException("unexpected bridge response")
-      }
 
-      while (scope.isActive) {
-        val line = reader.readLine() ?: break
-        val frame = json.parseToJsonElement(line).asObjectOrNull() ?: continue
-        when (frame["type"].asStringOrNull()) {
-          "event" -> {
-            val event = frame["event"].asStringOrNull() ?: continue
-            val payload = frame["payloadJSON"].asStringOrNull()
-            onEvent(event, payload)
-          }
+        while (scope.isActive) {
+          val line = reader.readLine() ?: break
+          val frame = json.parseToJsonElement(line).asObjectOrNull() ?: continue
+          when (frame["type"].asStringOrNull()) {
+            "event" -> {
+              val event = frame["event"].asStringOrNull() ?: return@withContext
+              val payload = frame["payloadJSON"].asStringOrNull()
+              onEvent(event, payload)
+            }
             "ping" -> {
               val id = frame["id"].asStringOrNull() ?: ""
               conn.sendJson(buildJsonObject { put("type", JsonPrimitive("pong")); put("id", JsonPrimitive(id)) })
@@ -314,20 +286,20 @@ class BridgeSession(
                 },
               )
             }
-          "invoke-res" -> {
-            // gateway->node only (ignore)
+            "invoke-res" -> {
+              // gateway->node only (ignore)
+            }
           }
         }
+      } finally {
+        currentConnection = null
+        for ((_, waiter) in pending) {
+          waiter.cancel()
+        }
+        pending.clear()
+        conn.closeQuietly()
       }
-    } finally {
-      currentConnection = null
-      for ((_, waiter) in pending) {
-        waiter.cancel()
-      }
-      pending.clear()
-      conn.closeQuietly()
     }
-  }
 
   private fun buildHelloJson(hello: Hello): JsonObject =
     buildJsonObject {

apps/android/app/src/main/java/com/clawdis/android/chat/ChatController.kt

@@ -1,6 +1,6 @@
-package com.clawdbot.android.chat
+package com.clawdis.android.chat
 
-import com.clawdbot.android.bridge.BridgeSession
+import com.clawdis.android.bridge.BridgeSession
 import java.util.UUID
 import java.util.concurrent.ConcurrentHashMap
 import kotlinx.coroutines.CoroutineScope
@@ -71,21 +71,12 @@ class ChatController(
     _sessionId.value = null
   }
 
-  fun load(sessionKey: String) {
+  fun load(sessionKey: String = "main") {
     val key = sessionKey.trim().ifEmpty { "main" }
     _sessionKey.value = key
     scope.launch { bootstrap(forceHealth = true) }
   }
 
-  fun applyMainSessionKey(mainSessionKey: String) {
-    val trimmed = mainSessionKey.trim()
-    if (trimmed.isEmpty()) return
-    if (_sessionKey.value == trimmed) return
-    if (_sessionKey.value != "main") return
-    _sessionKey.value = trimmed
-    scope.launch { bootstrap(forceHealth = true) }
-  }
-
   fun refresh() {
     scope.launch { bootstrap(forceHealth = true) }
   }

apps/android/app/src/main/java/com/clawdis/android/chat/ChatModels.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.chat
+package com.clawdis.android.chat
 
 data class ChatMessage(
   val id: String,

apps/android/app/src/main/java/com/clawdis/android/node/CameraCaptureManager.kt

@@ -1,14 +1,12 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
 import android.Manifest
 import android.content.Context
 import android.annotation.SuppressLint
 import android.graphics.Bitmap
 import android.graphics.BitmapFactory
-import android.graphics.Matrix
 import android.util.Base64
 import android.content.pm.PackageManager
-import androidx.exifinterface.media.ExifInterface
 import androidx.lifecycle.LifecycleOwner
 import androidx.camera.core.CameraSelector
 import androidx.camera.core.ImageCapture
@@ -22,7 +20,7 @@ import androidx.camera.video.VideoRecordEvent
 import androidx.core.content.ContextCompat
 import androidx.core.content.ContextCompat.checkSelfPermission
 import androidx.core.graphics.scale
-import com.clawdbot.android.PermissionRequester
+import com.clawdis.android.PermissionRequester
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.suspendCancellableCoroutine
 import kotlinx.coroutines.withTimeout
@@ -88,19 +86,18 @@ class CameraCaptureManager(private val context: Context) {
       provider.unbindAll()
       provider.bindToLifecycle(owner, selector, capture)
 
-      val (bytes, orientation) = capture.takeJpegWithExif(context.mainExecutor())
+      val bytes = capture.takeJpegBytes(context.mainExecutor())
       val decoded = BitmapFactory.decodeByteArray(bytes, 0, bytes.size)
         ?: throw IllegalStateException("UNAVAILABLE: failed to decode captured image")
-      val rotated = rotateBitmapByExif(decoded, orientation)
       val scaled =
-        if (maxWidth != null && maxWidth > 0 && rotated.width > maxWidth) {
+        if (maxWidth != null && maxWidth > 0 && decoded.width > maxWidth) {
           val h =
-            (rotated.height.toDouble() * (maxWidth.toDouble() / rotated.width.toDouble()))
+            (decoded.height.toDouble() * (maxWidth.toDouble() / decoded.width.toDouble()))
               .toInt()
               .coerceAtLeast(1)
-          rotated.scale(maxWidth, h)
+          decoded.scale(maxWidth, h)
         } else {
-          rotated
+          decoded
         }
 
       val maxPayloadBytes = 5 * 1024 * 1024
@@ -155,7 +152,7 @@ class CameraCaptureManager(private val context: Context) {
       provider.unbindAll()
       provider.bindToLifecycle(owner, selector, videoCapture)
 
-      val file = File.createTempFile("clawdbot-clip-", ".mp4")
+      val file = File.createTempFile("clawdis-clip-", ".mp4")
       val outputOptions = FileOutputOptions.Builder(file).build()
 
       val finalized = kotlinx.coroutines.CompletableDeferred<VideoRecordEvent.Finalize>()
@@ -197,31 +194,6 @@ class CameraCaptureManager(private val context: Context) {
       )
     }
 
-  private fun rotateBitmapByExif(bitmap: Bitmap, orientation: Int): Bitmap {
-    val matrix = Matrix()
-    when (orientation) {
-      ExifInterface.ORIENTATION_ROTATE_90 -> matrix.postRotate(90f)
-      ExifInterface.ORIENTATION_ROTATE_180 -> matrix.postRotate(180f)
-      ExifInterface.ORIENTATION_ROTATE_270 -> matrix.postRotate(270f)
-      ExifInterface.ORIENTATION_FLIP_HORIZONTAL -> matrix.postScale(-1f, 1f)
-      ExifInterface.ORIENTATION_FLIP_VERTICAL -> matrix.postScale(1f, -1f)
-      ExifInterface.ORIENTATION_TRANSPOSE -> {
-        matrix.postRotate(90f)
-        matrix.postScale(-1f, 1f)
-      }
-      ExifInterface.ORIENTATION_TRANSVERSE -> {
-        matrix.postRotate(-90f)
-        matrix.postScale(-1f, 1f)
-      }
-      else -> return bitmap
-    }
-    val rotated = Bitmap.createBitmap(bitmap, 0, 0, bitmap.width, bitmap.height, matrix, true)
-    if (rotated !== bitmap) {
-      bitmap.recycle()
-    }
-    return rotated
-  }
-
   private fun parseFacing(paramsJson: String?): String? =
     when {
       paramsJson?.contains("\"front\"") == true -> "front"
@@ -282,29 +254,22 @@ private suspend fun Context.cameraProvider(): ProcessCameraProvider =
     )
   }
 
-/** Returns (jpegBytes, exifOrientation) so caller can rotate the decoded bitmap. */
-private suspend fun ImageCapture.takeJpegWithExif(executor: Executor): Pair<ByteArray, Int> =
+private suspend fun ImageCapture.takeJpegBytes(executor: Executor): ByteArray =
   suspendCancellableCoroutine { cont ->
-    val file = File.createTempFile("clawdbot-snap-", ".jpg")
+    val file = File.createTempFile("clawdis-snap-", ".jpg")
     val options = ImageCapture.OutputFileOptions.Builder(file).build()
     takePicture(
       options,
       executor,
       object : ImageCapture.OnImageSavedCallback {
         override fun onError(exception: ImageCaptureException) {
-          file.delete()
           cont.resumeWithException(exception)
         }
 
         override fun onImageSaved(outputFileResults: ImageCapture.OutputFileResults) {
           try {
-            val exif = ExifInterface(file.absolutePath)
-            val orientation = exif.getAttributeInt(
-              ExifInterface.TAG_ORIENTATION,
-              ExifInterface.ORIENTATION_NORMAL,
-            )
             val bytes = file.readBytes()
-            cont.resume(Pair(bytes, orientation))
+            cont.resume(bytes)
           } catch (e: Exception) {
             cont.resumeWithException(e)
           } finally {

apps/android/app/src/main/java/com/clawdis/android/node/CanvasController.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
 import android.graphics.Bitmap
 import android.graphics.Canvas
@@ -17,7 +17,7 @@ import kotlinx.serialization.json.Json
 import kotlinx.serialization.json.JsonElement
 import kotlinx.serialization.json.JsonObject
 import kotlinx.serialization.json.JsonPrimitive
-import com.clawdbot.android.BuildConfig
+import com.clawdis.android.BuildConfig
 import kotlin.coroutines.resume
 
 class CanvasController {
@@ -84,12 +84,12 @@ class CanvasController {
     withWebViewOnMain { wv ->
       if (currentUrl == null) {
         if (BuildConfig.DEBUG) {
-          Log.d("ClawdbotCanvas", "load scaffold: $scaffoldAssetUrl")
+          Log.d("ClawdisCanvas", "load scaffold: $scaffoldAssetUrl")
         }
         wv.loadUrl(scaffoldAssetUrl)
       } else {
         if (BuildConfig.DEBUG) {
-          Log.d("ClawdbotCanvas", "load url: $currentUrl")
+          Log.d("ClawdisCanvas", "load url: $currentUrl")
         }
         wv.loadUrl(currentUrl)
       }
@@ -106,7 +106,7 @@ class CanvasController {
       val js = """
         (() => {
           try {
-            const api = globalThis.__clawdbot;
+            const api = globalThis.__clawdis;
             if (!api) return;
             if (typeof api.setDebugStatusEnabled === 'function') {
               api.setDebugStatusEnabled(${if (enabled) "true" else "false"});

apps/android/app/src/main/java/com/clawdis/android/node/JpegSizeLimiter.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
 import kotlin.math.max
 import kotlin.math.min

apps/android/app/src/main/java/com/clawdis/android/node/LocationCaptureManager.kt

@@ -1,12 +1,10 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
-import android.Manifest
+import android.annotation.SuppressLint
 import android.content.Context
-import android.content.pm.PackageManager
 import android.location.Location
 import android.location.LocationManager
 import android.os.CancellationSignal
-import androidx.core.content.ContextCompat
 import java.time.Instant
 import java.time.format.DateTimeFormatter
 import kotlinx.coroutines.Dispatchers
@@ -66,15 +64,6 @@ class LocationCaptureManager(private val context: Context) {
     providers: List<String>,
     maxAgeMs: Long?,
   ): Location? {
-    val fineOk =
-      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_FINE_LOCATION) ==
-        PackageManager.PERMISSION_GRANTED
-    val coarseOk =
-      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_COARSE_LOCATION) ==
-        PackageManager.PERMISSION_GRANTED
-    if (!fineOk && !coarseOk) {
-      throw IllegalStateException("LOCATION_PERMISSION_REQUIRED: grant Location permission")
-    }
     val now = System.currentTimeMillis()
     val candidates =
       providers.mapNotNull { provider -> manager.getLastKnownLocation(provider) }
@@ -83,20 +72,12 @@ class LocationCaptureManager(private val context: Context) {
     return freshest
   }
 
+  @SuppressLint("MissingPermission")
   private suspend fun requestCurrent(
     manager: LocationManager,
     providers: List<String>,
     timeoutMs: Long,
   ): Location {
-    val fineOk =
-      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_FINE_LOCATION) ==
-        PackageManager.PERMISSION_GRANTED
-    val coarseOk =
-      ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_COARSE_LOCATION) ==
-        PackageManager.PERMISSION_GRANTED
-    if (!fineOk && !coarseOk) {
-      throw IllegalStateException("LOCATION_PERMISSION_REQUIRED: grant Location permission")
-    }
     val resolved =
       providers.firstOrNull { manager.isProviderEnabled(it) }
         ?: throw IllegalStateException("LOCATION_UNAVAILABLE: no providers available")

apps/android/app/src/main/java/com/clawdis/android/node/ScreenRecordManager.kt

@@ -1,12 +1,11 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
 import android.content.Context
 import android.hardware.display.DisplayManager
 import android.media.MediaRecorder
 import android.media.projection.MediaProjectionManager
-import android.os.Build
 import android.util.Base64
-import com.clawdbot.android.ScreenCaptureRequester
+import com.clawdis.android.ScreenCaptureRequester
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.withContext
@@ -17,13 +16,13 @@ class ScreenRecordManager(private val context: Context) {
   data class Payload(val payloadJson: String)
 
   @Volatile private var screenCaptureRequester: ScreenCaptureRequester? = null
-  @Volatile private var permissionRequester: com.clawdbot.android.PermissionRequester? = null
+  @Volatile private var permissionRequester: com.clawdis.android.PermissionRequester? = null
 
   fun attachScreenCaptureRequester(requester: ScreenCaptureRequester) {
     screenCaptureRequester = requester
   }
 
-  fun attachPermissionRequester(requester: com.clawdbot.android.PermissionRequester) {
+  fun attachPermissionRequester(requester: com.clawdis.android.PermissionRequester) {
     permissionRequester = requester
   }
 
@@ -63,10 +62,10 @@ class ScreenRecordManager(private val context: Context) {
       val height = metrics.heightPixels
       val densityDpi = metrics.densityDpi
 
-      val file = File.createTempFile("clawdbot-screen-", ".mp4")
+      val file = File.createTempFile("clawdis-screen-", ".mp4")
       if (includeAudio) ensureMicPermission()
 
-      val recorder = createMediaRecorder()
+      val recorder = MediaRecorder()
       var virtualDisplay: android.hardware.display.VirtualDisplay? = null
       try {
         if (includeAudio) {
@@ -90,7 +89,7 @@ class ScreenRecordManager(private val context: Context) {
         val surface = recorder.surface
         virtualDisplay =
           projection.createVirtualDisplay(
-            "clawdbot-screen",
+            "clawdis-screen",
             width,
             height,
             densityDpi,
@@ -122,8 +121,6 @@ class ScreenRecordManager(private val context: Context) {
       )
     }
 
-  private fun createMediaRecorder(): MediaRecorder = MediaRecorder(context)
-
   private suspend fun ensureMicPermission() {
     val granted =
       androidx.core.content.ContextCompat.checkSelfPermission(

apps/android/app/src/main/java/com/clawdis/android/node/SmsManager.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.node
+package com.clawdis.android.node
 
 import android.Manifest
 import android.content.Context
@@ -11,7 +11,7 @@ import kotlinx.serialization.json.JsonObject
 import kotlinx.serialization.json.JsonPrimitive
 import kotlinx.serialization.json.jsonObject
 import kotlinx.serialization.encodeToString
-import com.clawdbot.android.PermissionRequester
+import com.clawdis.android.PermissionRequester
 
 /**
  * Sends SMS messages via the Android SMS API.

apps/android/app/src/main/java/com/clawdis/android/protocol/ClawdisCanvasA2UIAction.kt

@@ -1,9 +1,9 @@
-package com.clawdbot.android.protocol
+package com.clawdis.android.protocol
 
 import kotlinx.serialization.json.JsonObject
 import kotlinx.serialization.json.JsonPrimitive
 
-object ClawdbotCanvasA2UIAction {
+object ClawdisCanvasA2UIAction {
   fun extractActionName(userAction: JsonObject): String? {
     val name =
       (userAction["name"] as? JsonPrimitive)
@@ -61,6 +61,6 @@ object ClawdbotCanvasA2UIAction {
     val err = (error ?: "").replace("\\", "\\\\").replace("\"", "\\\"")
     val okLiteral = if (ok) "true" else "false"
     val idEscaped = actionId.replace("\\", "\\\\").replace("\"", "\\\"")
-    return "window.dispatchEvent(new CustomEvent('clawdbot:a2ui-action-status', { detail: { id: \"${idEscaped}\", ok: ${okLiteral}, error: \"${err}\" } }));"
+    return "window.dispatchEvent(new CustomEvent('clawdis:a2ui-action-status', { detail: { id: \"${idEscaped}\", ok: ${okLiteral}, error: \"${err}\" } }));"
   }
 }

apps/android/app/src/main/java/com/clawdis/android/protocol/ClawdisProtocolConstants.kt

@@ -1,6 +1,6 @@
-package com.clawdbot.android.protocol
+package com.clawdis.android.protocol
 
-enum class ClawdbotCapability(val rawValue: String) {
+enum class ClawdisCapability(val rawValue: String) {
   Canvas("canvas"),
   Camera("camera"),
   Screen("screen"),
@@ -9,7 +9,7 @@ enum class ClawdbotCapability(val rawValue: String) {
   Location("location"),
 }
 
-enum class ClawdbotCanvasCommand(val rawValue: String) {
+enum class ClawdisCanvasCommand(val rawValue: String) {
   Present("canvas.present"),
   Hide("canvas.hide"),
   Navigate("canvas.navigate"),
@@ -22,7 +22,7 @@ enum class ClawdbotCanvasCommand(val rawValue: String) {
   }
 }
 
-enum class ClawdbotCanvasA2UICommand(val rawValue: String) {
+enum class ClawdisCanvasA2UICommand(val rawValue: String) {
   Push("canvas.a2ui.push"),
   PushJSONL("canvas.a2ui.pushJSONL"),
   Reset("canvas.a2ui.reset"),
@@ -33,7 +33,7 @@ enum class ClawdbotCanvasA2UICommand(val rawValue: String) {
   }
 }
 
-enum class ClawdbotCameraCommand(val rawValue: String) {
+enum class ClawdisCameraCommand(val rawValue: String) {
   Snap("camera.snap"),
   Clip("camera.clip"),
   ;
@@ -43,7 +43,7 @@ enum class ClawdbotCameraCommand(val rawValue: String) {
   }
 }
 
-enum class ClawdbotScreenCommand(val rawValue: String) {
+enum class ClawdisScreenCommand(val rawValue: String) {
   Record("screen.record"),
   ;
 
@@ -52,7 +52,7 @@ enum class ClawdbotScreenCommand(val rawValue: String) {
   }
 }
 
-enum class ClawdbotSmsCommand(val rawValue: String) {
+enum class ClawdisSmsCommand(val rawValue: String) {
   Send("sms.send"),
   ;
 
@@ -61,7 +61,7 @@ enum class ClawdbotSmsCommand(val rawValue: String) {
   }
 }
 
-enum class ClawdbotLocationCommand(val rawValue: String) {
+enum class ClawdisLocationCommand(val rawValue: String) {
   Get("location.get"),
   ;
 

apps/android/app/src/main/java/com/clawdis/android/tools/ToolDisplay.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.tools
+package com.clawdis.android.tools
 
 import android.content.Context
 import kotlinx.serialization.Serializable

apps/android/app/src/main/java/com/clawdis/android/ui/CameraHudOverlay.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import androidx.compose.foundation.background
 import androidx.compose.foundation.layout.Box

apps/android/app/src/main/java/com/clawdis/android/ui/ChatSheet.kt

@@ -1,8 +1,8 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import androidx.compose.runtime.Composable
-import com.clawdbot.android.MainViewModel
-import com.clawdbot.android.ui.chat.ChatSheetContent
+import com.clawdis.android.MainViewModel
+import com.clawdis.android.ui.chat.ChatSheetContent
 
 @Composable
 fun ChatSheet(viewModel: MainViewModel) {

apps/android/app/src/main/java/com/clawdis/android/ui/ClawdisTheme.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import androidx.compose.foundation.isSystemInDarkTheme
 import androidx.compose.material3.MaterialTheme
@@ -9,7 +9,7 @@ import androidx.compose.ui.graphics.Color
 import androidx.compose.ui.platform.LocalContext
 
 @Composable
-fun ClawdbotTheme(content: @Composable () -> Unit) {
+fun ClawdisTheme(content: @Composable () -> Unit) {
   val context = LocalContext.current
   val isDark = isSystemInDarkTheme()
   val colorScheme = if (isDark) dynamicDarkColorScheme(context) else dynamicLightColorScheme(context)

apps/android/app/src/main/java/com/clawdis/android/ui/RootScreen.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import android.annotation.SuppressLint
 import android.Manifest
@@ -39,7 +39,6 @@ import androidx.compose.material3.MaterialTheme
 import androidx.compose.material3.ModalBottomSheet
 import androidx.compose.material3.rememberModalBottomSheetState
 import androidx.compose.material.icons.Icons
-import androidx.compose.material.icons.automirrored.filled.ScreenShare
 import androidx.compose.material.icons.filled.ChatBubble
 import androidx.compose.material.icons.filled.CheckCircle
 import androidx.compose.material.icons.filled.Error
@@ -48,6 +47,7 @@ import androidx.compose.material.icons.filled.PhotoCamera
 import androidx.compose.material.icons.filled.RecordVoiceOver
 import androidx.compose.material.icons.filled.Refresh
 import androidx.compose.material.icons.filled.Report
+import androidx.compose.material.icons.filled.ScreenShare
 import androidx.compose.material.icons.filled.Settings
 import androidx.compose.runtime.Composable
 import androidx.compose.runtime.collectAsState
@@ -65,8 +65,8 @@ import androidx.compose.ui.viewinterop.AndroidView
 import androidx.compose.ui.window.Popup
 import androidx.compose.ui.window.PopupProperties
 import androidx.core.content.ContextCompat
-import com.clawdbot.android.CameraHudKind
-import com.clawdbot.android.MainViewModel
+import com.clawdis.android.CameraHudKind
+import com.clawdis.android.MainViewModel
 
 @OptIn(ExperimentalMaterial3Api::class)
 @Composable
@@ -123,7 +123,7 @@ fun RootScreen(viewModel: MainViewModel) {
       if (screenRecordActive) {
         return@remember StatusActivity(
           title = "Recording screen…",
-          icon = Icons.AutoMirrored.Filled.ScreenShare,
+          icon = Icons.Default.ScreenShare,
           contentDescription = "Recording screen",
           tint = androidx.compose.ui.graphics.Color.Red,
         )
@@ -327,13 +327,14 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
         // Some embedded web UIs (incl. the "background website") use localStorage/sessionStorage.
         settings.domStorageEnabled = true
         settings.mixedContentMode = WebSettings.MIXED_CONTENT_COMPATIBILITY_MODE
+        if (WebViewFeature.isFeatureSupported(WebViewFeature.FORCE_DARK)) {
+          WebSettingsCompat.setForceDark(settings, WebSettingsCompat.FORCE_DARK_OFF)
+        }
         if (WebViewFeature.isFeatureSupported(WebViewFeature.ALGORITHMIC_DARKENING)) {
           WebSettingsCompat.setAlgorithmicDarkeningAllowed(settings, false)
-        } else {
-          disableForceDarkIfSupported(settings)
         }
         if (isDebuggable) {
-          Log.d("ClawdbotWebView", "userAgent: ${settings.userAgentString}")
+          Log.d("ClawdisWebView", "userAgent: ${settings.userAgentString}")
         }
         isScrollContainer = true
         overScrollMode = View.OVER_SCROLL_IF_CONTENT_SCROLLS
@@ -348,7 +349,7 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
             ) {
               if (!isDebuggable) return
               if (!request.isForMainFrame) return
-              Log.e("ClawdbotWebView", "onReceivedError: ${error.errorCode} ${error.description} ${request.url}")
+              Log.e("ClawdisWebView", "onReceivedError: ${error.errorCode} ${error.description} ${request.url}")
             }
 
             override fun onReceivedHttpError(
@@ -359,14 +360,14 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
               if (!isDebuggable) return
               if (!request.isForMainFrame) return
               Log.e(
-                "ClawdbotWebView",
+                "ClawdisWebView",
                 "onReceivedHttpError: ${errorResponse.statusCode} ${errorResponse.reasonPhrase} ${request.url}",
               )
             }
 
             override fun onPageFinished(view: WebView, url: String?) {
               if (isDebuggable) {
-                Log.d("ClawdbotWebView", "onPageFinished: $url")
+                Log.d("ClawdisWebView", "onPageFinished: $url")
               }
               viewModel.canvas.onPageFinished()
             }
@@ -377,7 +378,7 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
             ): Boolean {
               if (isDebuggable) {
                 Log.e(
-                  "ClawdbotWebView",
+                  "ClawdisWebView",
                   "onRenderProcessGone didCrash=${detail.didCrash()} priorityAtExit=${detail.rendererPriorityAtExit()}",
                 )
               }
@@ -390,7 +391,7 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
               if (!isDebuggable) return false
               val msg = consoleMessage ?: return false
               Log.d(
-                "ClawdbotWebView",
+                "ClawdisWebView",
                 "console ${msg.messageLevel()} @ ${msg.sourceId()}:${msg.lineNumber()} ${msg.message()}",
               )
               return false
@@ -413,12 +414,6 @@ private fun CanvasView(viewModel: MainViewModel, modifier: Modifier = Modifier)
   )
 }
 
-private fun disableForceDarkIfSupported(settings: WebSettings) {
-  if (!WebViewFeature.isFeatureSupported(WebViewFeature.FORCE_DARK)) return
-  @Suppress("DEPRECATION")
-  WebSettingsCompat.setForceDark(settings, WebSettingsCompat.FORCE_DARK_OFF)
-}
-
 private class CanvasA2UIActionBridge(private val onMessage: (String) -> Unit) {
   @JavascriptInterface
   fun postMessage(payload: String?) {
@@ -428,7 +423,7 @@ private class CanvasA2UIActionBridge(private val onMessage: (String) -> Unit) {
   }
 
   companion object {
-    const val interfaceName: String = "clawdbotCanvasA2UIAction"
+    const val interfaceName: String = "clawdisCanvasA2UIAction"
   }
 }
 

apps/android/app/src/main/java/com/clawdis/android/ui/SettingsSheet.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import android.Manifest
 import android.content.Context
@@ -52,11 +52,11 @@ import androidx.compose.ui.platform.LocalContext
 import androidx.compose.ui.text.style.TextAlign
 import androidx.compose.ui.unit.dp
 import androidx.core.content.ContextCompat
-import com.clawdbot.android.BuildConfig
-import com.clawdbot.android.LocationMode
-import com.clawdbot.android.MainViewModel
-import com.clawdbot.android.NodeForegroundService
-import com.clawdbot.android.VoiceWakeMode
+import com.clawdis.android.BuildConfig
+import com.clawdis.android.LocationMode
+import com.clawdis.android.MainViewModel
+import com.clawdis.android.NodeForegroundService
+import com.clawdis.android.VoiceWakeMode
 
 @Composable
 fun SettingsSheet(viewModel: MainViewModel) {
@@ -133,7 +133,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
 
       if (requestedMode != null) {
         viewModel.setLocationMode(requestedMode)
-        if (requestedMode == LocationMode.Always) {
+        if (requestedMode == LocationMode.Always && Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
           val backgroundOk =
             ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
               PackageManager.PERMISSION_GRANTED
@@ -191,7 +191,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
         PackageManager.PERMISSION_GRANTED
     if (fineOk || coarseOk) {
       viewModel.setLocationMode(targetMode)
-      if (targetMode == LocationMode.Always) {
+      if (targetMode == LocationMode.Always && Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
         val backgroundOk =
           ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_BACKGROUND_LOCATION) ==
             PackageManager.PERMISSION_GRANTED
@@ -436,7 +436,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
         Column(verticalArrangement = Arrangement.spacedBy(6.dp), modifier = Modifier.fillMaxWidth()) {
           ListItem(
             headlineContent = { Text("Foreground Only") },
-            supportingContent = { Text("Listens only while Clawdbot is open.") },
+            supportingContent = { Text("Listens only while Clawdis is open.") },
             trailingContent = {
               RadioButton(
                 selected = voiceWakeMode == VoiceWakeMode.Foreground,
@@ -482,7 +482,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
       Row(horizontalArrangement = Arrangement.spacedBy(12.dp)) {
         Button(
           onClick = {
-            val parsed = com.clawdbot.android.WakeWords.parseCommaSeparated(wakeWordsText)
+            val parsed = com.clawdis.android.WakeWords.parseCommaSeparated(wakeWordsText)
             viewModel.setWakeWords(parsed)
           },
           enabled = isConnected,
@@ -580,7 +580,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
         )
         ListItem(
           headlineContent = { Text("While Using") },
-          supportingContent = { Text("Only while Clawdbot is open.") },
+          supportingContent = { Text("Only while Clawdis is open.") },
           trailingContent = {
             RadioButton(
               selected = locationMode == LocationMode.WhileUsing,
@@ -627,7 +627,7 @@ fun SettingsSheet(viewModel: MainViewModel) {
     item {
       ListItem(
         headlineContent = { Text("Prevent Sleep") },
-        supportingContent = { Text("Keeps the screen awake while Clawdbot is open.") },
+        supportingContent = { Text("Keeps the screen awake while Clawdis is open.") },
         trailingContent = { Switch(checked = preventSleep, onCheckedChange = viewModel::setPreventSleep) },
       )
     }

apps/android/app/src/main/java/com/clawdis/android/ui/StatusPill.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import androidx.compose.foundation.layout.Arrangement
 import androidx.compose.foundation.layout.Row
@@ -28,9 +28,9 @@ import androidx.compose.ui.unit.dp
 fun StatusPill(
   bridge: BridgeState,
   voiceEnabled: Boolean,
+  activity: StatusActivity? = null,
   onClick: () -> Unit,
   modifier: Modifier = Modifier,
-  activity: StatusActivity? = null,
 ) {
   Surface(
     onClick = onClick,

apps/android/app/src/main/java/com/clawdis/android/ui/TalkOrbOverlay.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui
+package com.clawdis.android.ui
 
 import androidx.compose.animation.core.LinearEasing
 import androidx.compose.animation.core.RepeatMode

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatComposer.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import androidx.compose.foundation.layout.Arrangement
 import androidx.compose.foundation.layout.Box
@@ -38,13 +38,12 @@ import androidx.compose.ui.Alignment
 import androidx.compose.ui.Modifier
 import androidx.compose.ui.graphics.Color
 import androidx.compose.ui.unit.dp
-import com.clawdbot.android.chat.ChatSessionEntry
+import com.clawdis.android.chat.ChatSessionEntry
 
 @Composable
 fun ChatComposer(
   sessionKey: String,
   sessions: List<ChatSessionEntry>,
-  mainSessionKey: String,
   healthOk: Boolean,
   thinkingLevel: String,
   pendingRunCount: Int,
@@ -62,7 +61,7 @@ fun ChatComposer(
   var showThinkingMenu by remember { mutableStateOf(false) }
   var showSessionMenu by remember { mutableStateOf(false) }
 
-  val sessionOptions = resolveSessionChoices(sessionKey, sessions, mainSessionKey = mainSessionKey)
+  val sessionOptions = resolveSessionChoices(sessionKey, sessions)
   val currentSessionLabel =
     sessionOptions.firstOrNull { it.key == sessionKey }?.displayName ?: sessionKey
 

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatMarkdown.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import android.graphics.BitmapFactory
 import android.util.Base64

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatMessageListCard.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import androidx.compose.foundation.layout.Arrangement
 import androidx.compose.foundation.layout.Box
@@ -20,8 +20,8 @@ import androidx.compose.ui.Alignment
 import androidx.compose.ui.Modifier
 import androidx.compose.ui.draw.alpha
 import androidx.compose.ui.unit.dp
-import com.clawdbot.android.chat.ChatMessage
-import com.clawdbot.android.chat.ChatPendingToolCall
+import com.clawdis.android.chat.ChatMessage
+import com.clawdis.android.chat.ChatPendingToolCall
 
 @Composable
 fun ChatMessageListCard(

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatMessageViews.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import android.graphics.BitmapFactory
 import android.util.Base64
@@ -31,10 +31,10 @@ import androidx.compose.ui.layout.ContentScale
 import androidx.compose.ui.text.font.FontFamily
 import androidx.compose.ui.unit.dp
 import androidx.compose.foundation.Image
-import com.clawdbot.android.chat.ChatMessage
-import com.clawdbot.android.chat.ChatMessageContent
-import com.clawdbot.android.chat.ChatPendingToolCall
-import com.clawdbot.android.tools.ToolDisplayRegistry
+import com.clawdis.android.chat.ChatMessage
+import com.clawdis.android.chat.ChatMessageContent
+import com.clawdis.android.chat.ChatPendingToolCall
+import com.clawdis.android.tools.ToolDisplayRegistry
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.withContext
 import androidx.compose.ui.platform.LocalContext

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatSessionsDialog.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import androidx.compose.foundation.layout.Arrangement
 import androidx.compose.foundation.layout.Column
@@ -20,7 +20,7 @@ import androidx.compose.runtime.Composable
 import androidx.compose.ui.Alignment
 import androidx.compose.ui.Modifier
 import androidx.compose.ui.unit.dp
-import com.clawdbot.android.chat.ChatSessionEntry
+import com.clawdis.android.chat.ChatSessionEntry
 
 @Composable
 fun ChatSessionsDialog(

apps/android/app/src/main/java/com/clawdis/android/ui/chat/ChatSheetContent.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
 import android.content.ContentResolver
 import android.net.Uri
@@ -19,8 +19,8 @@ import androidx.compose.runtime.rememberCoroutineScope
 import androidx.compose.ui.Modifier
 import androidx.compose.ui.platform.LocalContext
 import androidx.compose.ui.unit.dp
-import com.clawdbot.android.MainViewModel
-import com.clawdbot.android.chat.OutgoingAttachment
+import com.clawdis.android.MainViewModel
+import com.clawdis.android.chat.OutgoingAttachment
 import java.io.ByteArrayOutputStream
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
@@ -33,14 +33,13 @@ fun ChatSheetContent(viewModel: MainViewModel) {
   val pendingRunCount by viewModel.pendingRunCount.collectAsState()
   val healthOk by viewModel.chatHealthOk.collectAsState()
   val sessionKey by viewModel.chatSessionKey.collectAsState()
-  val mainSessionKey by viewModel.mainSessionKey.collectAsState()
   val thinkingLevel by viewModel.chatThinkingLevel.collectAsState()
   val streamingAssistantText by viewModel.chatStreamingAssistantText.collectAsState()
   val pendingToolCalls by viewModel.chatPendingToolCalls.collectAsState()
   val sessions by viewModel.chatSessions.collectAsState()
 
-  LaunchedEffect(mainSessionKey) {
-    viewModel.loadChat(mainSessionKey)
+  LaunchedEffect(Unit) {
+    viewModel.loadChat("main")
     viewModel.refreshChatSessions(limit = 200)
   }
 
@@ -86,7 +85,6 @@ fun ChatSheetContent(viewModel: MainViewModel) {
     ChatComposer(
       sessionKey = sessionKey,
       sessions = sessions,
-      mainSessionKey = mainSessionKey,
       healthOk = healthOk,
       thinkingLevel = thinkingLevel,
       pendingRunCount = pendingRunCount,

apps/android/app/src/main/java/com/clawdis/android/ui/chat/SessionFilters.kt

@@ -1,24 +1,21 @@
-package com.clawdbot.android.ui.chat
+package com.clawdis.android.ui.chat
 
-import com.clawdbot.android.chat.ChatSessionEntry
+import com.clawdis.android.chat.ChatSessionEntry
 
+private const val MAIN_SESSION_KEY = "main"
 private const val RECENT_WINDOW_MS = 24 * 60 * 60 * 1000L
 
 fun resolveSessionChoices(
   currentSessionKey: String,
   sessions: List<ChatSessionEntry>,
-  mainSessionKey: String,
   nowMs: Long = System.currentTimeMillis(),
 ): List<ChatSessionEntry> {
-  val mainKey = mainSessionKey.trim().ifEmpty { "main" }
-  val current = currentSessionKey.trim().let { if (it == "main" && mainKey != "main") mainKey else it }
-  val aliasKey = if (mainKey == "main") null else "main"
+  val current = currentSessionKey.trim()
   val cutoff = nowMs - RECENT_WINDOW_MS
   val sorted = sessions.sortedByDescending { it.updatedAtMs ?: 0L }
   val recent = mutableListOf<ChatSessionEntry>()
   val seen = mutableSetOf<String>()
   for (entry in sorted) {
-    if (aliasKey != null && entry.key == aliasKey) continue
     if (!seen.add(entry.key)) continue
     if ((entry.updatedAtMs ?: 0L) < cutoff) continue
     recent.add(entry)
@@ -26,13 +23,13 @@ fun resolveSessionChoices(
 
   val result = mutableListOf<ChatSessionEntry>()
   val included = mutableSetOf<String>()
-  val mainEntry = sorted.firstOrNull { it.key == mainKey }
+  val mainEntry = sorted.firstOrNull { it.key == MAIN_SESSION_KEY }
   if (mainEntry != null) {
     result.add(mainEntry)
-    included.add(mainKey)
-  } else if (current == mainKey) {
-    result.add(ChatSessionEntry(key = mainKey, updatedAtMs = null))
-    included.add(mainKey)
+    included.add(MAIN_SESSION_KEY)
+  } else if (current == MAIN_SESSION_KEY) {
+    result.add(ChatSessionEntry(key = MAIN_SESSION_KEY, updatedAtMs = null))
+    included.add(MAIN_SESSION_KEY)
   }
 
   for (entry in recent) {

apps/android/app/src/main/java/com/clawdis/android/voice/StreamingMediaDataSource.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.voice
+package com.clawdis.android.voice
 
 import android.media.MediaDataSource
 import kotlin.math.min

apps/android/app/src/main/java/com/clawdis/android/voice/TalkDirectiveParser.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.voice
+package com.clawdis.android.voice
 
 import kotlinx.serialization.json.Json
 import kotlinx.serialization.json.JsonElement

apps/android/app/src/main/java/com/clawdis/android/voice/TalkModeManager.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.voice
+package com.clawdis.android.voice
 
 import android.Manifest
 import android.content.Context
@@ -20,9 +20,7 @@ import android.speech.tts.TextToSpeech
 import android.speech.tts.UtteranceProgressListener
 import android.util.Log
 import androidx.core.content.ContextCompat
-import com.clawdbot.android.bridge.BridgeSession
-import com.clawdbot.android.isCanonicalMainSessionKey
-import com.clawdbot.android.normalizeMainKey
+import com.clawdis.android.bridge.BridgeSession
 import java.net.HttpURLConnection
 import java.net.URL
 import java.util.UUID
@@ -117,13 +115,6 @@ class TalkModeManager(
     chatSubscribedSessionKey = null
   }
 
-  fun setMainSessionKey(sessionKey: String?) {
-    val trimmed = sessionKey?.trim().orEmpty()
-    if (trimmed.isEmpty()) return
-    if (isCanonicalMainSessionKey(mainSessionKey)) return
-    mainSessionKey = trimmed
-  }
-
   fun setEnabled(enabled: Boolean) {
     if (_isEnabled.value == enabled) return
     _isEnabled.value = enabled
@@ -723,7 +714,6 @@ class TalkModeManager(
             systemTtsPendingId = null
           }
 
-          @Suppress("OVERRIDE_DEPRECATION")
           @Deprecated("Deprecated in Java")
           override fun onError(utteranceId: String?) {
             if (utteranceId == null) return
@@ -823,7 +813,7 @@ class TalkModeManager(
       val config = root?.get("config").asObjectOrNull()
       val talk = config?.get("talk").asObjectOrNull()
       val sessionCfg = config?.get("session").asObjectOrNull()
-      val mainKey = normalizeMainKey(sessionCfg?.get("mainKey").asStringOrNull())
+      val mainKey = sessionCfg?.get("mainKey").asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() } ?: "main"
       val voice = talk?.get("voiceId")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
       val aliases =
         talk?.get("voiceAliases").asObjectOrNull()?.entries?.mapNotNull { (key, value) ->
@@ -835,9 +825,7 @@ class TalkModeManager(
       val key = talk?.get("apiKey")?.asStringOrNull()?.trim()?.takeIf { it.isNotEmpty() }
       val interrupt = talk?.get("interruptOnSpeech")?.asBooleanOrNull()
 
-      if (!isCanonicalMainSessionKey(mainSessionKey)) {
-        mainSessionKey = mainKey
-      }
+      mainSessionKey = mainKey
       defaultVoiceId = voice ?: envVoice?.takeIf { it.isNotEmpty() } ?: sagVoice?.takeIf { it.isNotEmpty() }
       voiceAliases = aliases
       if (!voiceOverrideActive) currentVoiceId = defaultVoiceId

apps/android/app/src/main/java/com/clawdis/android/voice/VoiceWakeCommandExtractor.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.voice
+package com.clawdis.android.voice
 
 object VoiceWakeCommandExtractor {
   fun extractCommand(text: String, triggerWords: List<String>): String? {

apps/android/app/src/main/java/com/clawdis/android/voice/VoiceWakeManager.kt

@@ -1,4 +1,4 @@
-package com.clawdbot.android.voice
+package com.clawdis.android.voice
 
 import android.content.Context
 import android.content.Intent

apps/android/app/src/main/res/values/strings.xml

@@ -1,4 +1,4 @@
 <resources>
-    <string name="app_name">Clawdbot Node</string>
+    <string name="app_name">Clawdis Node</string>
 </resources>