fix: normalize agentId casing in cron/routing (#1591 ) (thanks @EnzeD)

feat(templates): add emoji reactions guidance to AGENTS.md
## What Add emoji reactions guidance to the default AGENTS.md template. ## Why Reactions are a natural, human-like way to acknowledge messages without cluttering chat. This should be default behavior. ## Testing - Tested locally on Discord DM ✅ - Tested locally on Discord guild channel ✅ ## AI-Assisted This change was drafted with help from my Clawdbot instance (Clawd 🦞). We tested the behavior together before submitting.
2026-01-24 13:11:52 +00:00 · 2026-01-24 12:50:22 +00:00
71 changed files with 1035 additions and 2328 deletions
--- a/.github/workflows/docker-release.yml
+++ b/.github/workflows/docker-release.yml
@@ -1,143 +0,0 @@
-name: Docker Release
-
-on:
-  push:
-    branches:
-      - main
-    tags:
-      - "v*"
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
-jobs:
-  # Build amd64 image
-  build-amd64:
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-    outputs:
-      image-digest: ${{ steps.build.outputs.digest }}
-      image-metadata: ${{ steps.meta.outputs.json }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=semver,pattern={{version}}
-            type=semver,pattern={{version}},suffix=-amd64
-            type=semver,pattern={{version}},suffix=-arm64
-            type=ref,event=branch,suffix=-amd64
-            type=ref,event=branch,suffix=-arm64
-
-      - name: Build and push amd64 image
-        id: build
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          platforms: linux/amd64
-          labels: ${{ steps.meta.outputs.labels }}
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          provenance: false
-          push: true
-
-  # Build arm64 image
-  build-arm64:
-    runs-on: ubuntu-24.04-arm
-    permissions:
-      packages: write
-      contents: read
-    outputs:
-      image-digest: ${{ steps.build.outputs.digest }}
-      image-metadata: ${{ steps.meta.outputs.json }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=semver,pattern={{version}}
-            type=semver,pattern={{version}},suffix=-amd64
-            type=semver,pattern={{version}},suffix=-arm64
-            type=ref,event=branch,suffix=-amd64
-            type=ref,event=branch,suffix=-arm64
-
-      - name: Build and push arm64 image
-        id: build
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          platforms: linux/arm64
-          labels: ${{ steps.meta.outputs.labels }}
-          tags: ${{ steps.meta.outputs.tags }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          provenance: false
-          push: true
-
-  # Create multi-platform manifest
-  create-manifest:
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-    needs: [build-amd64, build-arm64]
-    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata for manifest
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-          tags: |
-            type=ref,event=branch
-            type=semver,pattern={{version}}
-
-      - name: Create and push manifest
-        run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            ${{ needs.build-amd64.outputs.image-digest }} \
-            ${{ needs.build-arm64.outputs.image-digest }}
-        env:
-          DOCKER_METADATA_OUTPUT_JSON: ${{ steps.meta.outputs.json }}
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -106,7 +106,6 @@
 ## Agent-Specific Notes
 - Vocabulary: "makeup" = "mac app".
 - Never edit `node_modules` (global/Homebrew/npm/git installs too). Updates overwrite. Skill notes go in `tools.md` or `AGENTS.md`.
- Signal: "update fly" => `fly ssh console -a flawd-bot -C "bash -lc 'cd /data/clawd/clawdbot && git pull --rebase origin main'"` then `fly machines restart e825232f34d058 -a flawd-bot`.
 - When working on a GitHub Issue or PR, print the full URL at the end of the task.
 - When answering questions, respond with high-confidence answers only: verify in code; do not guess.
 - Never update the Carbon dependency.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,82 +2,81 @@

 Docs: https://docs.clawd.bot

-## 2026.1.24
-
-### Changes
- Docs: expand FAQ (migration, scheduling, concurrency, model recommendations, OpenAI subscription auth, Pi sizing, hackable install, docs SSL workaround).
- Docs: add verbose installer troubleshooting guidance.
- Docs: update Fly.io guide notes.
-
-### Fixes
- Web UI: hide internal `message_id` hints in chat bubbles.
- Heartbeat: normalize target identifiers for consistent routing.
- Gateway: reduce log noise for late invokes + remote node probes; debounce skills refresh. (#1607) Thanks @petter-b.
- macOS: default direct-transport `ws://` URLs to port 18789; document `gateway.remote.transport`. (#1603) Thanks @ngutman.
-
-## 2026.1.23-1
-
-### Fixes
- Packaging: include dist/tts output in npm tarball (fixes missing dist/tts/tts.js).
-
-## 2026.1.23
+## 2026.1.23 (Unreleased)

 ### Highlights
- TTS: move Telegram TTS into core + enable model-driven TTS tags by default for expressive audio replies. (#1559) Thanks @Glucksberg. https://docs.clawd.bot/tts
- Gateway: add `/tools/invoke` HTTP endpoint for direct tool calls (auth + tool policy enforced). (#1575) Thanks @vignesh07. https://docs.clawd.bot/gateway/tools-invoke-http-api
- Heartbeat: per-channel visibility controls (OK/alerts/indicator). (#1452) Thanks @dlauer. https://docs.clawd.bot/gateway/heartbeat
- Deploy: add Fly.io deployment support + guide. (#1570) https://docs.clawd.bot/platforms/fly
- Channels: add Tlon/Urbit channel plugin (DMs, group mentions, thread replies). (#1544) Thanks @wca4a. https://docs.clawd.bot/channels/tlon
+- TTS: allow model-driven TTS tags by default for expressive audio replies (laughter, singing cues, etc.).

 ### Changes
- Channels: allow per-group tool allow/deny policies across built-in + plugin channels. (#1546) Thanks @adam91holt. https://docs.clawd.bot/multi-agent-sandbox-tools
- Agents: add Bedrock auto-discovery defaults + config overrides. (#1553) Thanks @fal3. https://docs.clawd.bot/bedrock
- CLI: add `clawdbot system` for system events + heartbeat controls; remove standalone `wake`. (commit 71203829d) https://docs.clawd.bot/cli/system
- CLI: add live auth probes to `clawdbot models status` for per-profile verification. (commit 40181afde) https://docs.clawd.bot/cli/models
- CLI: restart the gateway by default after `clawdbot update`; add `--no-restart` to skip it. (commit 2c85b1b40)
- Browser: add node-host proxy auto-routing for remote gateways (configurable per gateway/node). (commit c3cb26f7c)
- Plugins: add optional `llm-task` JSON-only tool for workflows. (#1498) Thanks @vignesh07. https://docs.clawd.bot/tools/llm-task
- Markdown: add per-channel table conversion (bullets for Signal/WhatsApp, code blocks elsewhere). (#1495) Thanks @odysseus0.
- Agents: keep system prompt time zone-only and move current time to `session_status` for better cache hits. (commit 66eec295b)
+- Gateway: add /tools/invoke HTTP endpoint for direct tool calls and document it. (#1575) Thanks @vignesh07.
+- Agents: keep system prompt time zone-only and move current time to `session_status` for better cache hits.
 - Agents: remove redundant bash tool alias from tool registration/display. (#1571) Thanks @Takhoffman.
- Docs: add cron vs heartbeat decision guide (with Lobster workflow notes). (#1533) Thanks @JustYannicc. https://docs.clawd.bot/automation/cron-vs-heartbeat
- Docs: clarify HEARTBEAT.md empty file skips heartbeats, missing file still runs. (#1535) Thanks @JustYannicc. https://docs.clawd.bot/gateway/heartbeat
+- Browser: add node-host proxy auto-routing for remote gateways (configurable per gateway/node).
+- Heartbeat: add per-channel visibility controls (OK/alerts/indicator). (#1452) Thanks @dlauer.
+- Plugins: add optional llm-task JSON-only tool for workflows. (#1498) Thanks @vignesh07.
+- Docs: add emoji reaction guidance to AGENTS.md template. (#1591) Thanks @EnzeD.
+- CLI: restart the gateway by default after `clawdbot update`; add `--no-restart` to skip it.
+- CLI: add live auth probes to `clawdbot models status` for per-profile verification.
+- CLI: add `clawdbot system` for system events + heartbeat controls; remove standalone `wake`.
+- Agents: add Bedrock auto-discovery defaults + config overrides. (#1553) Thanks @fal3.
+- Docs: add cron vs heartbeat decision guide (with Lobster workflow notes). (#1533) Thanks @JustYannicc.
+- Docs: clarify HEARTBEAT.md empty file skips heartbeats, missing file still runs. (#1535) Thanks @JustYannicc.
+- Markdown: add per-channel table conversion (bullets for Signal/WhatsApp, code blocks elsewhere). (#1495) Thanks @odysseus0.
+- Tlon: add Urbit channel plugin (DMs, group mentions, thread replies). (#1544) Thanks @wca4a.
+- Channels: allow per-group tool allow/deny policies across built-in + plugin channels. (#1546) Thanks @adam91holt.
+- TTS: move Telegram TTS into core with auto-replies, commands, and gateway methods. (#1559) Thanks @Glucksberg.

 ### Fixes
 - Sessions: accept non-UUID sessionIds for history/send/status while preserving agent scoping. (#1518)
- Heartbeat: accept plugin channel ids for heartbeat target validation + UI hints.
- Messaging/Sessions: mirror outbound sends into target session keys (threads + dmScope), create session entries on send, and normalize session key casing. (#1520, commit 4b6cdd1d3)
- Sessions: reject array-backed session stores to prevent silent wipes. (#1469)
+- Routing/Cron: normalize agentId casing for bindings and cron payloads. (#1591)
 - Gateway: compare Linux process start time to avoid PID recycling lock loops; keep locks unless stale. (#1572) Thanks @steipete.
- Gateway: accept null optional fields in exec approval requests. (#1511) Thanks @pvoo.
- Exec approvals: persist allowlist entry ids to keep macOS allowlist rows stable. (#1521) Thanks @ngutman.
- Exec: honor tools.exec ask/security defaults for elevated approvals (avoid unwanted prompts). (commit 5662a9cdf)
- Daemon: use platform PATH delimiters when building minimal service paths. (commit a4e57d3ac)
- Linux: include env-configured user bin roots in systemd PATH and align PATH audits. (#1512) Thanks @robbyczgw-cla.
- Tailscale: retry serve/funnel with sudo only for permission errors and keep original failure details. (#1551) Thanks @sweepies.
- Docker: update gateway command in docker-compose and Hetzner guide. (#1514)
- Agents: show tool error fallback when the last assistant turn only invoked tools (prevents silent stops). (commit 8ea8801d0)
- Agents: ignore IDENTITY.md template placeholders when parsing identity. (#1556)
- Agents: drop orphaned OpenAI Responses reasoning blocks on model switches. (#1562) Thanks @roshanasingh4.
- Agents: add CLI log hint to "agent failed before reply" messages. (#1550) Thanks @sweepies.
- Agents: warn and ignore tool allowlists that only reference unknown or unloaded plugin tools. (#1566)
- Agents: treat plugin-only tool allowlists as opt-ins; keep core tools enabled. (#1467)
- Agents: honor enqueue overrides for embedded runs to avoid queue deadlocks in tests. (commit 084002998)
+- Messaging: mirror outbound sends into target session keys (threads + dmScope) and create session entries on send. (#1520)
+- Sessions: normalize session key casing to lowercase for consistent routing.
+- BlueBubbles: normalize group session keys for outbound mirroring. (#1520)
+- Skills: gate bird Homebrew install to macOS. (#1569) Thanks @bradleypriest.
 - Slack: honor open groupPolicy for unlisted channels in message + slash gating. (#1563) Thanks @itsjaydesu.
- Discord: limit autoThread mention bypass to bot-owned threads; keep ack reactions mention-gated. (#1511) Thanks @pvoo.
- Discord: retry rate-limited allowlist resolution + command deploy to avoid gateway crashes. (commit f70ac0c7c)
- Mentions: ignore mentionPattern matches when another explicit mention is present in group chats (Slack/Discord/Telegram/WhatsApp). (commit d905ca0e0)
- Telegram: render markdown in media captions. (#1478)
- MS Teams: remove `.default` suffix from Graph scopes and Bot Framework probe scopes. (#1507, #1574) Thanks @Evizero.
- Browser: keep extension relay tabs controllable when the extension reuses a session id after switching tabs. (#1160)
- Voice wake: auto-save wake words on blur/submit across iOS/Android and align limits with macOS. (commit 69f645c66)
+- Agents: show tool error fallback when the last assistant turn only invoked tools (prevents silent stops).
+- Agents: ignore IDENTITY.md template placeholders when parsing identity to avoid placeholder replies. (#1556)
+- Agents: drop orphaned OpenAI Responses reasoning blocks on model switches. (#1562) Thanks @roshanasingh4.
+- Docker: update gateway command in docker-compose and Hetzner guide. (#1514)
+- Sessions: reject array-backed session stores to prevent silent wipes. (#1469)
+- Voice wake: auto-save wake words on blur/submit across iOS/Android and align limits with macOS.
 - UI: keep the Control UI sidebar visible while scrolling long pages. (#1515) Thanks @pookNast.
- UI: cache Control UI markdown rendering + memoize chat text extraction to reduce Safari typing jank. (commit d57cb2e1a)
- TUI: forward unknown slash commands, include Gateway commands in autocomplete, and render slash replies as system output. (commit 1af227b61, commit 8195497ce, commit 6fba598ea)
- CLI: auth probe output polish (table output, inline errors, reduced noise, and wrap fixes in `clawdbot models status`). (commit da3f2b489, commit 00ae21bed, commit 31e59cd58, commit f7dc27f2d, commit 438e782f8, commit 886752217, commit aabe0bed3, commit 81535d512, commit c63144ab1)
+- UI: cache Control UI markdown rendering + memoize chat text extraction to reduce Safari typing jank.
+- Tailscale: retry serve/funnel with sudo only for permission errors and keep original failure details. (#1551) Thanks @sweepies.
+- Agents: add CLI log hint to "agent failed before reply" messages. (#1550) Thanks @sweepies.
+- Discord: limit autoThread mention bypass to bot-owned threads; keep ack reactions mention-gated. (#1511) Thanks @pvoo.
+- Discord: retry rate-limited allowlist resolution + command deploy to avoid gateway crashes.
+- Mentions: ignore mentionPattern matches when another explicit mention is present in group chats (Slack/Discord/Telegram/WhatsApp).
+- Gateway: accept null optional fields in exec approval requests. (#1511) Thanks @pvoo.
+- Exec: honor tools.exec ask/security defaults for elevated approvals (avoid unwanted prompts).
+- TUI: forward unknown slash commands (for example, `/context`) to the Gateway.
+- TUI: include Gateway slash commands in autocomplete and `/help`.
+- CLI: skip usage lines in `clawdbot models status` when provider usage is unavailable.
+- CLI: suppress diagnostic session/run noise during auth probes.
+- CLI: hide auth probe timeout warnings from embedded runs.
+- CLI: render auth probe results as a table in `clawdbot models status`.
+- CLI: suppress probe-only embedded logs unless `--verbose` is set.
+- CLI: move auth probe errors below the table to reduce wrapping.
+- CLI: prevent ANSI color bleed when table cells wrap.
+- CLI: explain when auth profiles are excluded by auth.order in probe details.
+- CLI: drop the em dash when the banner tagline wraps to a second line.
+- CLI: inline auth probe errors in status rows to reduce wrapping.
+- Telegram: render markdown in media captions. (#1478)
+- Agents: honor enqueue overrides for embedded runs to avoid queue deadlocks in tests.
+- Agents: trigger model fallback when auth profiles are all in cooldown or unavailable. (#1522)
+- Daemon: use platform PATH delimiters when building minimal service paths.
+- Tests: skip embedded runner ordering assertion on Windows to avoid CI timeouts.
+- Linux: include env-configured user bin roots in systemd PATH and align PATH audits. (#1512) Thanks @robbyczgw-cla.
+- TUI: render Gateway slash-command replies as system output (for example, `/context`).
 - Media: only parse `MEDIA:` tags when they start the line to avoid stripping prose mentions. (#1206)
 - Media: preserve PNG alpha when possible; fall back to JPEG when still over size cap. (#1491) Thanks @robbyczgw-cla.
- Skills: gate bird Homebrew install to macOS. (#1569) Thanks @bradleypriest.
+- Agents: treat plugin-only tool allowlists as opt-ins; keep core tools enabled. (#1467)
+- Exec approvals: persist allowlist entry ids to keep macOS allowlist rows stable. (#1521) Thanks @ngutman.
+- MS Teams (plugin): remove `.default` suffix from Graph scopes to avoid double-appending. (#1507) Thanks @Evizero.
+- MS Teams (plugin): remove `.default` suffix from Bot Framework probe scope to avoid double-appending. (#1574) Thanks @Evizero.
+- Browser: keep extension relay tabs controllable when the extension reuses a session id after switching tabs. (#1160)
+- Agents: warn and ignore tool allowlists that only reference unknown or unloaded plugin tools. (#1566)

 ## 2026.1.22

--- a/appcast.xml
+++ b/appcast.xml
@@ -2,93 +2,6 @@
 <rss xmlns:sparkle="http://www.andymatuschak.org/xml-namespaces/sparkle" version="2.0">
    <channel>
        <title>Clawdbot</title>
-        <item>
-            <title>2026.1.23</title>
-            <pubDate>Sat, 24 Jan 2026 13:02:18 +0000</pubDate>
-            <link>https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml</link>
-            <sparkle:version>7750</sparkle:version>
-            <sparkle:shortVersionString>2026.1.23</sparkle:shortVersionString>
-            <sparkle:minimumSystemVersion>15.0</sparkle:minimumSystemVersion>
-            <description><![CDATA[<h2>Clawdbot 2026.1.23</h2>
-<h3>Highlights</h3>
-<ul>
-<li>TTS: allow model-driven TTS tags by default for expressive audio replies (laughter, singing cues, etc.).</li>
-</ul>
-<h3>Changes</h3>
-<ul>
-<li>Gateway: add /tools/invoke HTTP endpoint for direct tool calls and document it. (#1575) Thanks @vignesh07.</li>
-<li>Agents: keep system prompt time zone-only and move current time to <code>session_status</code> for better cache hits.</li>
-<li>Agents: remove redundant bash tool alias from tool registration/display. (#1571) Thanks @Takhoffman.</li>
-<li>Browser: add node-host proxy auto-routing for remote gateways (configurable per gateway/node).</li>
-<li>Heartbeat: add per-channel visibility controls (OK/alerts/indicator). (#1452) Thanks @dlauer.</li>
-<li>Plugins: add optional llm-task JSON-only tool for workflows. (#1498) Thanks @vignesh07.</li>
-<li>CLI: restart the gateway by default after <code>clawdbot update</code>; add <code>--no-restart</code> to skip it.</li>
-<li>CLI: add live auth probes to <code>clawdbot models status</code> for per-profile verification.</li>
-<li>CLI: add <code>clawdbot system</code> for system events + heartbeat controls; remove standalone <code>wake</code>.</li>
-<li>Agents: add Bedrock auto-discovery defaults + config overrides. (#1553) Thanks @fal3.</li>
-<li>Docs: add cron vs heartbeat decision guide (with Lobster workflow notes). (#1533) Thanks @JustYannicc.</li>
-<li>Docs: clarify HEARTBEAT.md empty file skips heartbeats, missing file still runs. (#1535) Thanks @JustYannicc.</li>
-<li>Markdown: add per-channel table conversion (bullets for Signal/WhatsApp, code blocks elsewhere). (#1495) Thanks @odysseus0.</li>
-<li>Tlon: add Urbit channel plugin (DMs, group mentions, thread replies). (#1544) Thanks @wca4a.</li>
-<li>Channels: allow per-group tool allow/deny policies across built-in + plugin channels. (#1546) Thanks @adam91holt.</li>
-<li>TTS: move Telegram TTS into core with auto-replies, commands, and gateway methods. (#1559) Thanks @Glucksberg.</li>
-</ul>
-<h3>Fixes</h3>
-<ul>
-<li>Sessions: accept non-UUID sessionIds for history/send/status while preserving agent scoping. (#1518)</li>
-<li>Gateway: compare Linux process start time to avoid PID recycling lock loops; keep locks unless stale. (#1572) Thanks @steipete.</li>
-<li>Messaging: mirror outbound sends into target session keys (threads + dmScope) and create session entries on send. (#1520)</li>
-<li>Sessions: normalize session key casing to lowercase for consistent routing.</li>
-<li>BlueBubbles: normalize group session keys for outbound mirroring. (#1520)</li>
-<li>Skills: gate bird Homebrew install to macOS. (#1569) Thanks @bradleypriest.</li>
-<li>Slack: honor open groupPolicy for unlisted channels in message + slash gating. (#1563) Thanks @itsjaydesu.</li>
-<li>Agents: show tool error fallback when the last assistant turn only invoked tools (prevents silent stops).</li>
-<li>Agents: ignore IDENTITY.md template placeholders when parsing identity to avoid placeholder replies. (#1556)</li>
-<li>Agents: drop orphaned OpenAI Responses reasoning blocks on model switches. (#1562) Thanks @roshanasingh4.</li>
-<li>Docker: update gateway command in docker-compose and Hetzner guide. (#1514)</li>
-<li>Sessions: reject array-backed session stores to prevent silent wipes. (#1469)</li>
-<li>Voice wake: auto-save wake words on blur/submit across iOS/Android and align limits with macOS.</li>
-<li>UI: keep the Control UI sidebar visible while scrolling long pages. (#1515) Thanks @pookNast.</li>
-<li>UI: cache Control UI markdown rendering + memoize chat text extraction to reduce Safari typing jank.</li>
-<li>Tailscale: retry serve/funnel with sudo only for permission errors and keep original failure details. (#1551) Thanks @sweepies.</li>
-<li>Agents: add CLI log hint to "agent failed before reply" messages. (#1550) Thanks @sweepies.</li>
-<li>Discord: limit autoThread mention bypass to bot-owned threads; keep ack reactions mention-gated. (#1511) Thanks @pvoo.</li>
-<li>Discord: retry rate-limited allowlist resolution + command deploy to avoid gateway crashes.</li>
-<li>Mentions: ignore mentionPattern matches when another explicit mention is present in group chats (Slack/Discord/Telegram/WhatsApp).</li>
-<li>Gateway: accept null optional fields in exec approval requests. (#1511) Thanks @pvoo.</li>
-<li>Exec: honor tools.exec ask/security defaults for elevated approvals (avoid unwanted prompts).</li>
-<li>TUI: forward unknown slash commands (for example, <code>/context</code>) to the Gateway.</li>
-<li>TUI: include Gateway slash commands in autocomplete and <code>/help</code>.</li>
-<li>CLI: skip usage lines in <code>clawdbot models status</code> when provider usage is unavailable.</li>
-<li>CLI: suppress diagnostic session/run noise during auth probes.</li>
-<li>CLI: hide auth probe timeout warnings from embedded runs.</li>
-<li>CLI: render auth probe results as a table in <code>clawdbot models status</code>.</li>
-<li>CLI: suppress probe-only embedded logs unless <code>--verbose</code> is set.</li>
-<li>CLI: move auth probe errors below the table to reduce wrapping.</li>
-<li>CLI: prevent ANSI color bleed when table cells wrap.</li>
-<li>CLI: explain when auth profiles are excluded by auth.order in probe details.</li>
-<li>CLI: drop the em dash when the banner tagline wraps to a second line.</li>
-<li>CLI: inline auth probe errors in status rows to reduce wrapping.</li>
-<li>Telegram: render markdown in media captions. (#1478)</li>
-<li>Agents: honor enqueue overrides for embedded runs to avoid queue deadlocks in tests.</li>
-<li>Agents: trigger model fallback when auth profiles are all in cooldown or unavailable. (#1522)</li>
-<li>Daemon: use platform PATH delimiters when building minimal service paths.</li>
-<li>Tests: skip embedded runner ordering assertion on Windows to avoid CI timeouts.</li>
-<li>Linux: include env-configured user bin roots in systemd PATH and align PATH audits. (#1512) Thanks @robbyczgw-cla.</li>
-<li>TUI: render Gateway slash-command replies as system output (for example, <code>/context</code>).</li>
-<li>Media: only parse <code>MEDIA:</code> tags when they start the line to avoid stripping prose mentions. (#1206)</li>
-<li>Media: preserve PNG alpha when possible; fall back to JPEG when still over size cap. (#1491) Thanks @robbyczgw-cla.</li>
-<li>Agents: treat plugin-only tool allowlists as opt-ins; keep core tools enabled. (#1467)</li>
-<li>Exec approvals: persist allowlist entry ids to keep macOS allowlist rows stable. (#1521) Thanks @ngutman.</li>
-<li>MS Teams (plugin): remove <code>.default</code> suffix from Graph scopes to avoid double-appending. (#1507) Thanks @Evizero.</li>
-<li>MS Teams (plugin): remove <code>.default</code> suffix from Bot Framework probe scope to avoid double-appending. (#1574) Thanks @Evizero.</li>
-<li>Browser: keep extension relay tabs controllable when the extension reuses a session id after switching tabs. (#1160)</li>
-<li>Agents: warn and ignore tool allowlists that only reference unknown or unloaded plugin tools. (#1566)</li>
-</ul>
-<p><a href="https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md">View full changelog</a></p>
-]]></description>
-            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.23/Clawdbot-2026.1.23.zip" length="22326233" type="application/octet-stream" sparkle:edSignature="p40dFczUfmMpsif4BrEUYVqUPG2WiBXleWgefwu4WiqjuyXbw7CAaH5CpQKig/k2qRLlE59kX7AR/qJqmy+yCA=="/>
-        </item>
        <item>
            <title>2026.1.22</title>
            <pubDate>Fri, 23 Jan 2026 08:58:14 +0000</pubDate>
@@ -211,5 +124,195 @@
 ]]></description>
            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.21/Clawdbot-2026.1.21.zip" length="22284796" type="application/octet-stream" sparkle:edSignature="pXji4NMA/cu35iMxln385d6LnsT4yIZtFtFiR7sIimKeSC2CsyeWzzSD0EhJsN98PdSoy69iEFZt4I2ZtNCECg=="/>
        </item>
+        <item>
+            <title>2026.1.21</title>
+            <pubDate>Wed, 21 Jan 2026 08:18:22 +0000</pubDate>
+            <link>https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml</link>
+            <sparkle:version>7116</sparkle:version>
+            <sparkle:shortVersionString>2026.1.21</sparkle:shortVersionString>
+            <sparkle:minimumSystemVersion>15.0</sparkle:minimumSystemVersion>
+            <description><![CDATA[<h2>Clawdbot 2026.1.21</h2>
+<h3>Changes</h3>
+<ul>
+<li>Control UI: add copy-as-markdown with error feedback. (#1345) https://docs.clawd.bot/web/control-ui</li>
+<li>Control UI: drop the legacy list view. (#1345) https://docs.clawd.bot/web/control-ui</li>
+<li>TUI: add syntax highlighting for code blocks. (#1200) https://docs.clawd.bot/tui</li>
+<li>TUI: session picker shows derived titles, fuzzy search, relative times, and last message preview. (#1271) https://docs.clawd.bot/tui</li>
+<li>TUI: add a searchable model picker for quicker model selection. (#1198) https://docs.clawd.bot/tui</li>
+<li>TUI: add input history (up/down) for submitted messages. (#1348) https://docs.clawd.bot/tui</li>
+<li>ACP: add <code>clawdbot acp</code> for IDE integrations. https://docs.clawd.bot/cli/acp</li>
+<li>ACP: add <code>clawdbot acp client</code> interactive harness for debugging. https://docs.clawd.bot/cli/acp</li>
+<li>Skills: add download installs with OS-filtered options. https://docs.clawd.bot/tools/skills</li>
+<li>Skills: add the local sherpa-onnx-tts skill. https://docs.clawd.bot/tools/skills</li>
+<li>Memory: add hybrid BM25 + vector search (FTS5) with weighted merging and fallback. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: add SQLite embedding cache to speed up reindexing and frequent updates. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: add OpenAI batch indexing for embeddings when configured. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: enable OpenAI batch indexing by default for OpenAI embeddings. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: allow parallel OpenAI batch indexing jobs (default concurrency: 2). https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: render progress immediately, color batch statuses in verbose logs, and poll OpenAI batch status every 2s by default. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: add <code>--verbose</code> logging for memory status + batch indexing details. https://docs.clawd.bot/concepts/memory</li>
+<li>Memory: add native Gemini embeddings provider for memory search. (#1151) https://docs.clawd.bot/concepts/memory</li>
+<li>Browser: allow config defaults for efficient snapshots in the tool/CLI. (#1336) https://docs.clawd.bot/tools/browser</li>
+<li>Nostr: add the Nostr channel plugin with profile management + onboarding defaults. (#1323) https://docs.clawd.bot/channels/nostr</li>
+<li>Matrix: migrate to matrix-bot-sdk with E2EE support, location handling, and group allowlist upgrades. (#1298) https://docs.clawd.bot/channels/matrix</li>
+<li>Slack: add HTTP webhook mode via Bolt HTTP receiver. (#1143) https://docs.clawd.bot/channels/slack</li>
+<li>Telegram: enrich forwarded-message context with normalized origin details + legacy fallback. (#1090) https://docs.clawd.bot/channels/telegram</li>
+<li>Discord: fall back to <code>/skill</code> when native command limits are exceeded. (#1287)</li>
+<li>Discord: expose <code>/skill</code> globally. (#1287)</li>
+<li>Zalouser: add channel dock metadata, config schema, setup wiring, probe, and status issues. (#1219) https://docs.clawd.bot/plugins/zalouser</li>
+<li>Plugins: require manifest-embedded config schemas with preflight validation warnings. (#1272) https://docs.clawd.bot/plugins/manifest</li>
+<li>Plugins: move channel catalog metadata into plugin manifests. (#1290) https://docs.clawd.bot/plugins/manifest</li>
+<li>Plugins: align Nextcloud Talk policy helpers with core patterns. (#1290) https://docs.clawd.bot/plugins/manifest</li>
+<li>Plugins/UI: let channel plugin metadata drive UI labels/icons and cron channel options. (#1306) https://docs.clawd.bot/web/control-ui</li>
+<li>Plugins: add plugin slots with a dedicated memory slot selector. https://docs.clawd.bot/plugins/agent-tools</li>
+<li>Plugins: ship the bundled BlueBubbles channel plugin (disabled by default). https://docs.clawd.bot/channels/bluebubbles</li>
+<li>Plugins: migrate bundled messaging extensions to the plugin SDK and resolve plugin-sdk imports in the loader.</li>
+<li>Plugins: migrate the Zalo plugin to the shared plugin SDK runtime. https://docs.clawd.bot/channels/zalo</li>
+<li>Plugins: migrate the Zalo Personal plugin to the shared plugin SDK runtime. https://docs.clawd.bot/plugins/zalouser</li>
+<li>Plugins: allow optional agent tools with explicit allowlists and add the plugin tool authoring guide. https://docs.clawd.bot/plugins/agent-tools</li>
+<li>Plugins: auto-enable bundled channel/provider plugins when configuration is present.</li>
+<li>Plugins: sync plugin sources on channel switches and update npm-installed plugins during <code>clawdbot update</code>.</li>
+<li>Plugins: share npm plugin update logic between <code>clawdbot update</code> and <code>clawdbot plugins update</code>.</li>
+<li>Gateway/API: add <code>/v1/responses</code> (OpenResponses) with item-based input + semantic streaming events. (#1229)</li>
+<li>Gateway/API: expand <code>/v1/responses</code> to support file/image inputs, tool_choice, usage, and output limits. (#1229)</li>
+<li>Usage: add <code>/usage cost</code> summaries and macOS menu cost charts. https://docs.clawd.bot/reference/api-usage-costs</li>
+<li>Security: warn when <=300B models run without sandboxing while web tools are enabled. https://docs.clawd.bot/cli/security</li>
+<li>Exec: add host/security/ask routing for gateway + node exec. https://docs.clawd.bot/tools/exec</li>
+<li>Exec: add <code>/exec</code> directive for per-session exec defaults (host/security/ask/node). https://docs.clawd.bot/tools/exec</li>
+<li>Exec approvals: migrate approvals to <code>~/.clawdbot/exec-approvals.json</code> with per-agent allowlists + skill auto-allow toggle, and add approvals UI + node exec lifecycle events. https://docs.clawd.bot/tools/exec-approvals</li>
+<li>Nodes: add headless node host (<code>clawdbot node start</code>) for <code>system.run</code>/<code>system.which</code>. https://docs.clawd.bot/cli/node</li>
+<li>Nodes: add node daemon service install/status/start/stop/restart. https://docs.clawd.bot/cli/node</li>
+<li>Bridge: add <code>skills.bins</code> RPC to support node host auto-allow skill bins.</li>
+<li>Sessions: add daily reset policy with per-type overrides and idle windows (default 4am local), preserving legacy idle-only configs. (#1146) https://docs.clawd.bot/concepts/session</li>
+<li>Sessions: allow <code>sessions_spawn</code> to override thinking level for sub-agent runs. https://docs.clawd.bot/tools/subagents</li>
+<li>Channels: unify thread/topic allowlist matching + command/mention gating helpers across core providers. https://docs.clawd.bot/concepts/groups</li>
+<li>Models: add Qwen Portal OAuth provider support. (#1120) https://docs.clawd.bot/providers/qwen</li>
+<li>Onboarding: add allowlist prompts and username-to-id resolution across core and extension channels. https://docs.clawd.bot/start/onboarding</li>
+<li>Docs: clarify allowlist input types and onboarding behavior for messaging channels. https://docs.clawd.bot/start/onboarding</li>
+<li>Docs: refresh Android node discovery docs for the Gateway WS service type. https://docs.clawd.bot/platforms/android</li>
+<li>Docs: surface Amazon Bedrock in provider lists and clarify Bedrock auth env vars. (#1289) https://docs.clawd.bot/bedrock</li>
+<li>Docs: clarify WhatsApp voice notes. https://docs.clawd.bot/channels/whatsapp</li>
+<li>Docs: clarify Windows WSL portproxy LAN access notes. https://docs.clawd.bot/platforms/windows</li>
+<li>Docs: refresh bird skill install metadata and usage notes. (#1302) https://docs.clawd.bot/tools/browser-login</li>
+<li>Agents: add local docs path resolution and include docs/mirror/source/community pointers in the system prompt.</li>
+<li>Agents: clarify node_modules read-only guidance in agent instructions.</li>
+<li>Config: stamp last-touched metadata on write and warn if the config is newer than the running build.</li>
+<li>macOS: hide usage section when usage is unavailable instead of showing provider errors.</li>
+<li>Android: migrate node transport to the Gateway WebSocket protocol with TLS pinning support + gateway discovery naming.</li>
+<li>Android: send structured payloads in node events/invokes and include user-agent metadata in gateway connects.</li>
+<li>Android: remove legacy bridge transport code now that nodes use the gateway protocol.</li>
+<li>Android: bump okhttp + dnsjava to satisfy lint dependency checks.</li>
+<li>Build: update workspace + core/plugin deps.</li>
+<li>Build: use tsgo for dev/watch builds by default (opt out with <code>CLAWDBOT_TS_COMPILER=tsc</code>).</li>
+<li>Repo: remove the Peekaboo git submodule now that the SPM release is used.</li>
+<li>macOS: switch PeekabooBridge integration to the tagged Swift Package Manager release.</li>
+<li>macOS: stop syncing Peekaboo in postinstall.</li>
+<li>Swabble: use the tagged Commander Swift package release.</li>
+</ul>
+<h3>Breaking</h3>
+<ul>
+<li><strong>BREAKING:</strong> Reject invalid/unknown config entries and refuse to start the gateway for safety. Run <code>clawdbot doctor --fix</code> to repair, then update plugins (<code>clawdbot plugins update</code>) if you use any.</li>
+</ul>
+<h3>Fixes</h3>
+<ul>
+<li>Discovery: shorten Bonjour DNS-SD service type to <code>_clawdbot-gw._tcp</code> and update discovery clients/docs.</li>
+<li>Diagnostics: export OTLP logs, correct queue depth tracking, and document message-flow telemetry.</li>
+<li>Diagnostics: emit message-flow diagnostics across channels via shared dispatch. (#1244)</li>
+<li>Diagnostics: gate heartbeat/webhook logging. (#1244)</li>
+<li>Gateway: strip inbound envelope headers from chat history messages to keep clients clean.</li>
+<li>Gateway: clarify unauthorized handshake responses with token/password mismatch guidance.</li>
+<li>Gateway: allow mobile node client ids for iOS + Android handshake validation. (#1354)</li>
+<li>Gateway: clarify connect/validation errors for gateway params. (#1347)</li>
+<li>Gateway: preserve restart wake routing + thread replies across restarts. (#1337)</li>
+<li>Gateway: reschedule per-agent heartbeats on config hot reload without restarting the runner.</li>
+<li>Gateway: require authorized restarts for SIGUSR1 (restart/apply/update) so config gating can't be bypassed.</li>
+<li>Cron: auto-deliver isolated agent output to explicit targets without tool calls. (#1285)</li>
+<li>Agents: preserve subagent announce thread/topic routing + queued replies across channels. (#1241)</li>
+<li>Agents: propagate accountId into embedded runs so sub-agent announce routing honors the originating account. (#1058)</li>
+<li>Agents: avoid treating timeout errors with "aborted" messages as user aborts, so model fallback still runs. (#1137)</li>
+<li>Agents: sanitize oversized image payloads before send and surface image-dimension errors.</li>
+<li>Sessions: fall back to session labels when listing display names. (#1124)</li>
+<li>Compaction: include tool failure summaries in safeguard compaction to prevent retry loops. (#1084)</li>
+<li>Config: log invalid config issues once per run and keep invalid-config errors stackless.</li>
+<li>Config: allow Perplexity as a web_search provider in config validation. (#1230)</li>
+<li>Config: allow custom fields under <code>skills.entries.<name>.config</code> for skill credentials/config. (#1226)</li>
+<li>Doctor: clarify plugin auto-enable hint text in the startup banner.</li>
+<li>Doctor: canonicalize legacy session keys in session stores to prevent stale metadata. (#1169)</li>
+<li>Docs: make docs:list fail fast with a clear error if the docs directory is missing.</li>
+<li>Plugins: add Nextcloud Talk manifest for plugin config validation. (#1297)</li>
+<li>Plugins: surface plugin load/register/config errors in gateway logs with plugin/source context.</li>
+<li>CLI: preserve cron delivery settings when editing message payloads. (#1322)</li>
+<li>CLI: keep <code>clawdbot logs</code> output resilient to broken pipes while preserving progress output.</li>
+<li>CLI: avoid duplicating --profile/--dev flags when formatting commands.</li>
+<li>CLI: centralize CLI command registration to keep fast-path routing and program wiring in sync. (#1207)</li>
+<li>CLI: keep banners on routed commands, restore config guarding outside fast-path routing, and tighten fast-path flag parsing while skipping console capture for extra speed. (#1195)</li>
+<li>CLI: skip runner rebuilds when dist is fresh. (#1231)</li>
+<li>CLI: add WSL2/systemd unavailable hints in daemon status/doctor output.</li>
+<li>Status: route native <code>/status</code> to the active agent so model selection reflects the correct profile. (#1301)</li>
+<li>Status: show both usage windows with reset hints when usage data is available. (#1101)</li>
+<li>UI: keep config form enums typed, preserve empty strings, protect sensitive defaults, and deepen config search. (#1315)</li>
+<li>UI: preserve ordered list numbering in chat markdown. (#1341)</li>
+<li>UI: allow Control UI to read gatewayUrl from URL params for remote WebSocket targets. (#1342)</li>
+<li>UI: prevent double-scroll in Control UI chat by locking chat layout to the viewport. (#1283)</li>
+<li>UI: enable shell mode for sync Windows spawns to avoid <code>pnpm ui:build</code> EINVAL. (#1212)</li>
+<li>TUI: keep thinking blocks ordered before content during streaming and isolate per-run assembly. (#1202)</li>
+<li>TUI: align custom editor initialization with the latest pi-tui API. (#1298)</li>
+<li>TUI: show generic empty-state text for searchable pickers. (#1201)</li>
+<li>TUI: highlight model search matches and stabilize search ordering.</li>
+<li>Configure: hide OpenRouter auto routing model from the model picker. (#1182)</li>
+<li>Memory: show total file counts + scan issues in <code>clawdbot memory status</code>.</li>
+<li>Memory: fall back to non-batch embeddings after repeated batch failures.</li>
+<li>Memory: apply OpenAI batch defaults even without explicit remote config.</li>
+<li>Memory: index atomically so failed reindex preserves the previous memory database. (#1151)</li>
+<li>Memory: avoid sqlite-vec unique constraint failures when reindexing duplicate chunk ids. (#1151)</li>
+<li>Memory: retry transient 5xx errors (Cloudflare) during embedding indexing.</li>
+<li>Memory: parallelize embedding indexing with rate-limit retries.</li>
+<li>Memory: split overly long lines to keep embeddings under token limits.</li>
+<li>Memory: skip empty chunks to avoid invalid embedding inputs.</li>
+<li>Memory: split embedding batches to avoid OpenAI token limits during indexing.</li>
+<li>Memory: probe sqlite-vec availability in <code>clawdbot memory status</code>.</li>
+<li>Exec approvals: enforce allowlist when ask is off.</li>
+<li>Exec approvals: prefer raw command for node approvals/events.</li>
+<li>Tools: show exec elevated flag before the command and keep it outside markdown in tool summaries.</li>
+<li>Tools: return a companion-app-required message when node exec is requested with no paired node.</li>
+<li>Tools: return a companion-app-required message when <code>system.run</code> is requested without a supporting node.</li>
+<li>Exec: default gateway/node exec security to allowlist when unset (sandbox stays deny).</li>
+<li>Exec: prefer bash when fish is default shell, falling back to sh if bash is missing. (#1297)</li>
+<li>Exec: merge login-shell PATH for host=gateway exec while keeping daemon PATH minimal. (#1304)</li>
+<li>Streaming: emit assistant deltas for OpenAI-compatible SSE chunks. (#1147)</li>
+<li>Discord: make resolve warnings avoid raw JSON payloads on rate limits.</li>
+<li>Discord: process message handlers in parallel across sessions to avoid event queue blocking. (#1295)</li>
+<li>Discord: stop reconnecting the gateway after aborts to prevent duplicate listeners.</li>
+<li>Discord: only emit slow listener warnings after 30s.</li>
+<li>Discord: inherit parent channel allowlists for thread slash commands and reactions. (#1123)</li>
+<li>Telegram: honor pairing allowlists for native slash commands.</li>
+<li>Telegram: preserve hidden text_link URLs by expanding entities in inbound text. (#1118)</li>
+<li>Slack: resolve Bolt import interop for Bun + Node. (#1191)</li>
+<li>Web search: infer Perplexity base URL from API key source (direct vs OpenRouter).</li>
+<li>Web fetch: harden SSRF protection with shared hostname checks and redirect limits. (#1346)</li>
+<li>Browser: register AI snapshot refs for act commands. (#1282)</li>
+<li>Voice call: include request query in Twilio webhook verification when publicUrl is set. (#864)</li>
+<li>Anthropic: default API prompt caching to 1h with configurable TTL override.</li>
+<li>Anthropic: ignore TTL for OAuth.</li>
+<li>Auth profiles: keep auto-pinned preference while allowing rotation on failover. (#1138)</li>
+<li>Auth profiles: user pins stay locked. (#1138)</li>
+<li>Model catalog: avoid caching import failures, log transient discovery errors, and keep partial results. (#1332)</li>
+<li>Tests: stabilize Windows gateway/CLI tests by skipping sidecars, normalizing argv, and extending timeouts.</li>
+<li>Tests: stabilize plugin SDK resolution and embedded agent timeouts.</li>
+<li>Windows: install gateway scheduled task as the current user.</li>
+<li>Windows: show friendly guidance instead of failing on access denied.</li>
+<li>macOS: load menu session previews asynchronously so items populate while the menu is open.</li>
+<li>macOS: use label colors for session preview text so previews render in menu subviews.</li>
+<li>macOS: suppress usage error text in the menubar cost view.</li>
+<li>macOS: Doctor repairs LaunchAgent bootstrap issues for Gateway + Node when listed but not loaded. (#1166)</li>
+<li>macOS: avoid touching launchd in Remote over SSH so quitting the app no longer disables the remote gateway. (#1105)</li>
+<li>macOS: bundle Textual resources in packaged app builds to avoid code block crashes. (#1006)</li>
+<li>Daemon: include HOME in service environments to avoid missing HOME errors. (#1214)</li>
+</ul>
+Thanks @AlexMikhalev, @CoreyH, @John-Rood, @KrauseFx, @MaudeBot, @Nachx639, @NicholaiVogel, @RyanLisse, @ThePickle31, @VACInc, @Whoaa512, @YuriNachos, @aaronveklabs, @abdaraxus, @alauppe, @ameno-, @artuskg, @austinm911, @bradleypriest, @cheeeee, @dougvk, @fogboots, @gnarco, @gumadeiras, @jdrhyne, @joelklabo, @longmaba, @mukhtharcm, @odysseus0, @oscargavin, @rhjoh, @sebslight, @sibbl, @sleontenko, @steipete, @suminhthanh, @thewilloftheshadow, @tyler6204, @vignesh07, @visionik, @ysqander, @zerone0x.
+<p><a href="https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md">View full changelog</a></p>
+]]></description>
+            <enclosure url="https://github.com/clawdbot/clawdbot/releases/download/v2026.1.21/Clawdbot-2026.1.21.zip" length="12208102" type="application/octet-stream" sparkle:edSignature="hU495Eii8O3qmmUnxYFhXyEGv+qan6KL+GpeuBhPIXf+7B5F/gBh5Oz9cHaqaAPoZ4/3Bo6xgvic0HTkbz6gDw=="/>
+        </item>
    </channel>
 </rss>
--- a/apps/android/app/build.gradle.kts
+++ b/apps/android/app/build.gradle.kts
@@ -21,8 +21,8 @@ android {
    applicationId = "com.clawdbot.android"
    minSdk = 31
    targetSdk = 36
-    versionCode = 202601240
-    versionName = "2026.1.24"
+    versionCode = 202601230
+    versionName = "2026.1.23"
  }

  buildTypes {
--- a/apps/ios/Sources/Info.plist
+++ b/apps/ios/Sources/Info.plist
@@ -19,9 +19,9 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.1.24</string>
+	<string>2026.1.23</string>
 	<key>CFBundleVersion</key>
-	<string>20260124</string>
+	<string>20260123</string>
 	<key>NSAppTransportSecurity</key>
 	<dict>
 		<key>NSAllowsArbitraryLoadsInWebContent</key>
--- a/apps/ios/Tests/Info.plist
+++ b/apps/ios/Tests/Info.plist
@@ -17,8 +17,8 @@
 	<key>CFBundlePackageType</key>
 	<string>BNDL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2026.1.24</string>
+	<string>2026.1.23</string>
 	<key>CFBundleVersion</key>
-	<string>20260124</string>
+	<string>20260123</string>
 </dict>
 </plist>
--- a/apps/ios/project.yml
+++ b/apps/ios/project.yml
@@ -81,8 +81,8 @@ targets:
      properties:
        CFBundleDisplayName: Clawdbot
        CFBundleIconName: AppIcon
-        CFBundleShortVersionString: "2026.1.24"
-        CFBundleVersion: "20260124"
+        CFBundleShortVersionString: "2026.1.23"
+        CFBundleVersion: "20260123"
        UILaunchScreen: {}
        UIApplicationSceneManifest:
          UIApplicationSupportsMultipleScenes: false
@@ -130,5 +130,5 @@ targets:
      path: Tests/Info.plist
      properties:
        CFBundleDisplayName: ClawdbotTests
-        CFBundleShortVersionString: "2026.1.24"
-        CFBundleVersion: "20260124"
+        CFBundleShortVersionString: "2026.1.23"
+        CFBundleVersion: "20260123"
--- a/apps/macos/Sources/Clawdbot/AppState.swift
+++ b/apps/macos/Sources/Clawdbot/AppState.swift
@@ -24,11 +24,6 @@ final class AppState {
        case remote
    }

-    enum RemoteTransport: String {
-        case ssh
-        case direct
-    }
-
    var isPaused: Bool {
        didSet { self.ifNotPreview { UserDefaults.standard.set(self.isPaused, forKey: pauseDefaultsKey) } }
    }
@@ -171,10 +166,6 @@ final class AppState {
        }
    }

-    var remoteTransport: RemoteTransport {
-        didSet { self.syncGatewayConfigIfNeeded() }
-    }
-
    var canvasEnabled: Bool {
        didSet { self.ifNotPreview { UserDefaults.standard.set(self.canvasEnabled, forKey: canvasEnabledKey) } }
    }
@@ -209,10 +200,6 @@ final class AppState {
        }
    }

-    var remoteUrl: String {
-        didSet { self.syncGatewayConfigIfNeeded() }
-    }
-
    var remoteIdentity: String {
        didSet { self.ifNotPreview { UserDefaults.standard.set(self.remoteIdentity, forKey: remoteIdentityKey) } }
    }
@@ -276,15 +263,13 @@ final class AppState {
        }

        let configRoot = ClawdbotConfigFile.loadDict()
-        let configRemoteUrl = GatewayRemoteConfig.resolveUrlString(root: configRoot)
-        let configRemoteTransport = GatewayRemoteConfig.resolveTransport(root: configRoot)
+        let configGateway = configRoot["gateway"] as? [String: Any]
+        let configRemoteUrl = (configGateway?["remote"] as? [String: Any])?["url"] as? String
        let resolvedConnectionMode = ConnectionModeResolver.resolve(root: configRoot).mode
-        self.remoteTransport = configRemoteTransport
        self.connectionMode = resolvedConnectionMode

        let storedRemoteTarget = UserDefaults.standard.string(forKey: remoteTargetKey) ?? ""
        if resolvedConnectionMode == .remote,
-           configRemoteTransport != .direct,
           storedRemoteTarget.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty,
           let host = AppState.remoteHost(from: configRemoteUrl)
        {
@@ -292,7 +277,6 @@ final class AppState {
        } else {
            self.remoteTarget = storedRemoteTarget
        }
-        self.remoteUrl = configRemoteUrl ?? ""
        self.remoteIdentity = UserDefaults.standard.string(forKey: remoteIdentityKey) ?? ""
        self.remoteProjectRoot = UserDefaults.standard.string(forKey: remoteProjectRootKey) ?? ""
        self.remoteCliPath = UserDefaults.standard.string(forKey: remoteCliPathKey) ?? ""
@@ -370,11 +354,10 @@ final class AppState {
    private func applyConfigOverrides(_ root: [String: Any]) {
        let gateway = root["gateway"] as? [String: Any]
        let modeRaw = (gateway?["mode"] as? String)?.trimmingCharacters(in: .whitespacesAndNewlines)
-        let remoteUrl = GatewayRemoteConfig.resolveUrlString(root: root)
+        let remoteUrl = (gateway?["remote"] as? [String: Any])?["url"] as? String
        let hasRemoteUrl = !(remoteUrl?
            .trimmingCharacters(in: .whitespacesAndNewlines)
            .isEmpty ?? true)
-        let remoteTransport = GatewayRemoteConfig.resolveTransport(root: root)

        let desiredMode: ConnectionMode? = switch modeRaw {
        case "local":
@@ -395,17 +378,8 @@ final class AppState {
            self.connectionMode = .remote
        }

-        if remoteTransport != self.remoteTransport {
-            self.remoteTransport = remoteTransport
-        }
-        let remoteUrlText = remoteUrl ?? ""
-        if remoteUrlText != self.remoteUrl {
-            self.remoteUrl = remoteUrlText
-        }
-
        let targetMode = desiredMode ?? self.connectionMode
        if targetMode == .remote,
-           remoteTransport != .direct,
           let host = AppState.remoteHost(from: remoteUrl)
        {
            self.updateRemoteTarget(host: host)
@@ -428,8 +402,6 @@ final class AppState {
        let connectionMode = self.connectionMode
        let remoteTarget = self.remoteTarget
        let remoteIdentity = self.remoteIdentity
-        let remoteTransport = self.remoteTransport
-        let remoteUrl = self.remoteUrl
        let desiredMode: String? = switch connectionMode {
        case .local:
            "local"
@@ -463,63 +435,39 @@ final class AppState {
                var remote = gateway["remote"] as? [String: Any] ?? [:]
                var remoteChanged = false

-                if remoteTransport == .direct {
-                    let trimmedUrl = remoteUrl.trimmingCharacters(in: .whitespacesAndNewlines)
-                    if trimmedUrl.isEmpty {
-                        if remote["url"] != nil {
-                            remote.removeValue(forKey: "url")
-                            remoteChanged = true
-                        }
-                    } else {
-                        let normalizedUrl = GatewayRemoteConfig.normalizeGatewayUrlString(trimmedUrl) ?? trimmedUrl
-                        if (remote["url"] as? String) != normalizedUrl {
-                            remote["url"] = normalizedUrl
-                            remoteChanged = true
-                        }
-                    }
-                    if (remote["transport"] as? String) != RemoteTransport.direct.rawValue {
-                        remote["transport"] = RemoteTransport.direct.rawValue
+                if let host = remoteHost {
+                    let existingUrl = (remote["url"] as? String)?
+                        .trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
+                    let parsedExisting = existingUrl.isEmpty ? nil : URL(string: existingUrl)
+                    let scheme = parsedExisting?.scheme?.isEmpty == false ? parsedExisting?.scheme : "ws"
+                    let port = parsedExisting?.port ?? 18789
+                    let desiredUrl = "\(scheme ?? "ws")://\(host):\(port)"
+                    if existingUrl != desiredUrl {
+                        remote["url"] = desiredUrl
                        remoteChanged = true
                    }
-                } else {
-                    if remote["transport"] != nil {
-                        remote.removeValue(forKey: "transport")
-                        remoteChanged = true
-                    }
-                    if let host = remoteHost {
-                        let existingUrl = (remote["url"] as? String)?
-                            .trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
-                        let parsedExisting = existingUrl.isEmpty ? nil : URL(string: existingUrl)
-                        let scheme = parsedExisting?.scheme?.isEmpty == false ? parsedExisting?.scheme : "ws"
-                        let port = parsedExisting?.port ?? 18789
-                        let desiredUrl = "\(scheme ?? "ws")://\(host):\(port)"
-                        if existingUrl != desiredUrl {
-                            remote["url"] = desiredUrl
-                            remoteChanged = true
-                        }
-                    }
+                }

-                    let sanitizedTarget = Self.sanitizeSSHTarget(remoteTarget)
-                    if !sanitizedTarget.isEmpty {
-                        if (remote["sshTarget"] as? String) != sanitizedTarget {
-                            remote["sshTarget"] = sanitizedTarget
-                            remoteChanged = true
-                        }
-                    } else if remote["sshTarget"] != nil {
-                        remote.removeValue(forKey: "sshTarget")
+                let sanitizedTarget = Self.sanitizeSSHTarget(remoteTarget)
+                if !sanitizedTarget.isEmpty {
+                    if (remote["sshTarget"] as? String) != sanitizedTarget {
+                        remote["sshTarget"] = sanitizedTarget
                        remoteChanged = true
                    }
+                } else if remote["sshTarget"] != nil {
+                    remote.removeValue(forKey: "sshTarget")
+                    remoteChanged = true
+                }

-                    let trimmedIdentity = remoteIdentity.trimmingCharacters(in: .whitespacesAndNewlines)
-                    if !trimmedIdentity.isEmpty {
-                        if (remote["sshIdentity"] as? String) != trimmedIdentity {
-                            remote["sshIdentity"] = trimmedIdentity
-                            remoteChanged = true
-                        }
-                    } else if remote["sshIdentity"] != nil {
-                        remote.removeValue(forKey: "sshIdentity")
+                let trimmedIdentity = remoteIdentity.trimmingCharacters(in: .whitespacesAndNewlines)
+                if !trimmedIdentity.isEmpty {
+                    if (remote["sshIdentity"] as? String) != trimmedIdentity {
+                        remote["sshIdentity"] = trimmedIdentity
                        remoteChanged = true
                    }
+                } else if remote["sshIdentity"] != nil {
+                    remote.removeValue(forKey: "sshIdentity")
+                    remoteChanged = true
                }

                if remoteChanged {
@@ -673,10 +621,8 @@ extension AppState {
        state.iconOverride = .system
        state.heartbeatsEnabled = true
        state.connectionMode = .local
-        state.remoteTransport = .ssh
        state.canvasEnabled = true
        state.remoteTarget = "user@example.com"
-        state.remoteUrl = "wss://gateway.example.ts.net"
        state.remoteIdentity = "~/.ssh/id_ed25519"
        state.remoteProjectRoot = "~/Projects/clawdbot"
        state.remoteCliPath = ""
--- a/apps/macos/Sources/Clawdbot/GatewayDiscoveryHelpers.swift
+++ b/apps/macos/Sources/Clawdbot/GatewayDiscoveryHelpers.swift
@@ -1,47 +0,0 @@
-import ClawdbotDiscovery
-import Foundation
-
-enum GatewayDiscoveryHelpers {
-    static func sshTarget(for gateway: GatewayDiscoveryModel.DiscoveredGateway) -> String? {
-        let host = self.sanitizedTailnetHost(gateway.tailnetDns) ?? gateway.lanHost
-        guard let host = self.trimmed(host), !host.isEmpty else { return nil }
-        let user = NSUserName()
-        var target = "\(user)@\(host)"
-        if gateway.sshPort != 22 {
-            target += ":\(gateway.sshPort)"
-        }
-        return target
-    }
-
-    static func directUrl(for gateway: GatewayDiscoveryModel.DiscoveredGateway) -> String? {
-        self.directGatewayUrl(
-            tailnetDns: gateway.tailnetDns,
-            lanHost: gateway.lanHost,
-            gatewayPort: gateway.gatewayPort)
-    }
-
-    static func directGatewayUrl(
-        tailnetDns: String?,
-        lanHost: String?,
-        gatewayPort: Int?) -> String?
-    {
-        if let tailnetDns = self.sanitizedTailnetHost(tailnetDns) {
-            return "wss://\(tailnetDns)"
-        }
-        guard let lanHost = self.trimmed(lanHost), !lanHost.isEmpty else { return nil }
-        let port = gatewayPort ?? 18789
-        return "ws://\(lanHost):\(port)"
-    }
-
-    static func sanitizedTailnetHost(_ host: String?) -> String? {
-        guard let host = self.trimmed(host), !host.isEmpty else { return nil }
-        if host.hasSuffix(".internal.") || host.hasSuffix(".internal") {
-            return nil
-        }
-        return host
-    }
-
-    private static func trimmed(_ value: String?) -> String? {
-        value?.trimmingCharacters(in: .whitespacesAndNewlines)
-    }
-}
--- a/apps/macos/Sources/Clawdbot/GatewayDiscoveryMenu.swift
+++ b/apps/macos/Sources/Clawdbot/GatewayDiscoveryMenu.swift
@@ -4,8 +4,6 @@ import SwiftUI
 struct GatewayDiscoveryInlineList: View {
    var discovery: GatewayDiscoveryModel
    var currentTarget: String?
-    var currentUrl: String?
-    var transport: AppState.RemoteTransport
    var onSelect: (GatewayDiscoveryModel.DiscoveredGateway) -> Void
    @State private var hoveredGatewayID: GatewayDiscoveryModel.DiscoveredGateway.ID?

@@ -27,8 +25,9 @@ struct GatewayDiscoveryInlineList: View {
            } else {
                VStack(alignment: .leading, spacing: 6) {
                    ForEach(self.discovery.gateways.prefix(6)) { gateway in
-                        let display = self.displayInfo(for: gateway)
-                        let selected = display.selected
+                        let target = self.suggestedSSHTarget(gateway)
+                        let selected = (target != nil && self.currentTarget?
+                            .trimmingCharacters(in: .whitespacesAndNewlines) == target)

                        Button {
                            withAnimation(.spring(response: 0.25, dampingFraction: 0.9)) {
@@ -41,7 +40,7 @@ struct GatewayDiscoveryInlineList: View {
                                        .font(.callout.weight(.semibold))
                                        .lineLimit(1)
                                        .truncationMode(.tail)
-                                    Text(display.label)
+                                    Text(target ?? "Gateway pairing only")
                                        .font(.caption.monospaced())
                                        .foregroundStyle(.secondary)
                                        .lineLimit(1)
@@ -84,26 +83,27 @@ struct GatewayDiscoveryInlineList: View {
                        .fill(Color(NSColor.controlBackgroundColor)))
            }
        }
-        .help(self.transport == .direct
-            ? "Click a discovered gateway to fill the gateway URL."
-            : "Click a discovered gateway to fill the SSH target.")
+        .help("Click a discovered gateway to fill the SSH target.")
    }

-    private func displayInfo(
-        for gateway: GatewayDiscoveryModel.DiscoveredGateway) -> (label: String, selected: Bool)
-    {
-        switch self.transport {
-        case .direct:
-            let url = GatewayDiscoveryHelpers.directUrl(for: gateway)
-            let label = url ?? "Gateway pairing only"
-            let selected = url != nil && self.trimmed(self.currentUrl) == url
-            return (label, selected)
-        case .ssh:
-            let target = GatewayDiscoveryHelpers.sshTarget(for: gateway)
-            let label = target ?? "Gateway pairing only"
-            let selected = target != nil && self.trimmed(self.currentTarget) == target
-            return (label, selected)
+    private func suggestedSSHTarget(_ gateway: GatewayDiscoveryModel.DiscoveredGateway) -> String? {
+        let host = self.sanitizedTailnetHost(gateway.tailnetDns) ?? gateway.lanHost
+        guard let host else { return nil }
+        let user = NSUserName()
+        return GatewayDiscoveryModel.buildSSHTarget(
+            user: user,
+            host: host,
+            port: gateway.sshPort)
+    }
+
+    private func sanitizedTailnetHost(_ host: String?) -> String? {
+        guard let host else { return nil }
+        let trimmed = host.trimmingCharacters(in: .whitespacesAndNewlines)
+        if trimmed.isEmpty { return nil }
+        if trimmed.hasSuffix(".internal.") || trimmed.hasSuffix(".internal") {
+            return nil
        }
+        return trimmed
    }

    private func rowBackground(selected: Bool, hovered: Bool) -> Color {
@@ -111,10 +111,6 @@ struct GatewayDiscoveryInlineList: View {
        if hovered { return Color.secondary.opacity(0.08) }
        return Color.clear
    }
-
-    private func trimmed(_ value: String?) -> String {
-        value?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
-    }
 }

 struct GatewayDiscoveryMenu: View {
--- a/apps/macos/Sources/Clawdbot/GatewayEndpointStore.swift
+++ b/apps/macos/Sources/Clawdbot/GatewayEndpointStore.swift
@@ -311,19 +311,6 @@ actor GatewayEndpointStore {
                token: token,
                password: password))
        case .remote:
-            let root = ClawdbotConfigFile.loadDict()
-            if GatewayRemoteConfig.resolveTransport(root: root) == .direct {
-                guard let url = GatewayRemoteConfig.resolveGatewayUrl(root: root) else {
-                    self.cancelRemoteEnsure()
-                    self.setState(.unavailable(
-                        mode: .remote,
-                        reason: "gateway.remote.url missing or invalid for direct transport"))
-                    return
-                }
-                self.cancelRemoteEnsure()
-                self.setState(.ready(mode: .remote, url: url, token: token, password: password))
-                return
-            }
            let port = await self.deps.remotePortIfRunning()
            guard let port else {
                self.setState(.connecting(mode: .remote, detail: Self.remoteConnectingDetail))
@@ -354,25 +341,6 @@ actor GatewayEndpointStore {
                code: 1,
                userInfo: [NSLocalizedDescriptionKey: "Remote mode is not enabled"])
        }
-        let root = ClawdbotConfigFile.loadDict()
-        if GatewayRemoteConfig.resolveTransport(root: root) == .direct {
-            guard let url = GatewayRemoteConfig.resolveGatewayUrl(root: root) else {
-                throw NSError(
-                    domain: "GatewayEndpoint",
-                    code: 1,
-                    userInfo: [NSLocalizedDescriptionKey: "gateway.remote.url missing or invalid"])
-            }
-            guard let port = GatewayRemoteConfig.defaultPort(for: url),
-                  let portInt = UInt16(exactly: port)
-            else {
-                throw NSError(
-                    domain: "GatewayEndpoint",
-                    code: 1,
-                    userInfo: [NSLocalizedDescriptionKey: "Invalid gateway.remote.url port"])
-            }
-            self.logger.info("remote transport direct; skipping SSH tunnel")
-            return portInt
-        }
        let config = try await self.ensureRemoteConfig(detail: Self.remoteConnectingDetail)
        guard let portInt = config.0.port, let port = UInt16(exactly: portInt) else {
            throw NSError(
@@ -433,21 +401,6 @@ actor GatewayEndpointStore {
                userInfo: [NSLocalizedDescriptionKey: "Remote mode is not enabled"])
        }

-        let root = ClawdbotConfigFile.loadDict()
-        if GatewayRemoteConfig.resolveTransport(root: root) == .direct {
-            guard let url = GatewayRemoteConfig.resolveGatewayUrl(root: root) else {
-                throw NSError(
-                    domain: "GatewayEndpoint",
-                    code: 1,
-                    userInfo: [NSLocalizedDescriptionKey: "gateway.remote.url missing or invalid"])
-            }
-            let token = self.deps.token()
-            let password = self.deps.password()
-            self.cancelRemoteEnsure()
-            self.setState(.ready(mode: .remote, url: url, token: token, password: password))
-            return (url, token, password)
-        }
-
        self.kickRemoteEnsureIfNeeded(detail: detail)
        guard let ensure = self.remoteEnsure else {
            throw NSError(domain: "GatewayEndpoint", code: 1, userInfo: [NSLocalizedDescriptionKey: "Connecting…"])
--- a/apps/macos/Sources/Clawdbot/GatewayRemoteConfig.swift
+++ b/apps/macos/Sources/Clawdbot/GatewayRemoteConfig.swift
@@ -1,64 +0,0 @@
-import Foundation
-
-enum GatewayRemoteConfig {
-    static func resolveTransport(root: [String: Any]) -> AppState.RemoteTransport {
-        guard let gateway = root["gateway"] as? [String: Any],
-              let remote = gateway["remote"] as? [String: Any],
-              let raw = remote["transport"] as? String
-        else {
-            return .ssh
-        }
-        let trimmed = raw.trimmingCharacters(in: .whitespacesAndNewlines).lowercased()
-        return trimmed == AppState.RemoteTransport.direct.rawValue ? .direct : .ssh
-    }
-
-    static func resolveUrlString(root: [String: Any]) -> String? {
-        guard let gateway = root["gateway"] as? [String: Any],
-              let remote = gateway["remote"] as? [String: Any],
-              let urlRaw = remote["url"] as? String
-        else {
-            return nil
-        }
-        let trimmed = urlRaw.trimmingCharacters(in: .whitespacesAndNewlines)
-        return trimmed.isEmpty ? nil : trimmed
-    }
-
-    static func resolveGatewayUrl(root: [String: Any]) -> URL? {
-        guard let raw = self.resolveUrlString(root: root) else { return nil }
-        return self.normalizeGatewayUrl(raw)
-    }
-
-    static func normalizeGatewayUrlString(_ raw: String) -> String? {
-        self.normalizeGatewayUrl(raw)?.absoluteString
-    }
-
-    static func normalizeGatewayUrl(_ raw: String) -> URL? {
-        let trimmed = raw.trimmingCharacters(in: .whitespacesAndNewlines)
-        guard !trimmed.isEmpty, let url = URL(string: trimmed) else { return nil }
-        let scheme = url.scheme?.lowercased() ?? ""
-        guard scheme == "ws" || scheme == "wss" else { return nil }
-        let host = url.host?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
-        guard !host.isEmpty else { return nil }
-        if scheme == "ws", url.port == nil {
-            guard var components = URLComponents(url: url, resolvingAgainstBaseURL: false) else {
-                return url
-            }
-            components.port = 18789
-            return components.url
-        }
-        return url
-    }
-
-    static func defaultPort(for url: URL) -> Int? {
-        if let port = url.port { return port }
-        let scheme = url.scheme?.lowercased() ?? ""
-        switch scheme {
-        case "wss":
-            return 443
-        case "ws":
-            return 18789
-        default:
-            return nil
-        }
-    }
-}
--- a/apps/macos/Sources/Clawdbot/GeneralSettings.swift
+++ b/apps/macos/Sources/Clawdbot/GeneralSettings.swift
@@ -17,7 +17,6 @@ struct GeneralSettings: View {
    @State private var showRemoteAdvanced = false
    private let isPreview = ProcessInfo.processInfo.isPreview
    private var isNixMode: Bool { ProcessInfo.processInfo.isNixMode }
-    private var remoteLabelWidth: CGFloat { 88 }

    var body: some View {
        ScrollView(.vertical) {
@@ -105,7 +104,7 @@ struct GeneralSettings: View {
            Picker("Mode", selection: self.$state.connectionMode) {
                Text("Not configured").tag(AppState.ConnectionMode.unconfigured)
                Text("Local (this Mac)").tag(AppState.ConnectionMode.local)
-                Text("Remote (another host)").tag(AppState.ConnectionMode.remote)
+                Text("Remote over SSH").tag(AppState.ConnectionMode.remote)
            }
            .pickerStyle(.menu)
            .labelsHidden()
@@ -137,51 +136,60 @@ struct GeneralSettings: View {

    private var remoteCard: some View {
        VStack(alignment: .leading, spacing: 10) {
-            self.remoteTransportRow
-
-            if self.state.remoteTransport == .ssh {
-                self.remoteSshRow
-            } else {
-                self.remoteDirectRow
+            HStack(alignment: .center, spacing: 10) {
+                Text("SSH")
+                    .font(.callout.weight(.semibold))
+                    .frame(width: 48, alignment: .leading)
+                TextField("user@host[:22]", text: self.$state.remoteTarget)
+                    .textFieldStyle(.roundedBorder)
+                    .frame(maxWidth: .infinity)
+                Button {
+                    Task { await self.testRemote() }
+                } label: {
+                    if self.remoteStatus == .checking {
+                        ProgressView().controlSize(.small)
+                    } else {
+                        Text("Test remote")
+                    }
+                }
+                .buttonStyle(.borderedProminent)
+                .disabled(self.remoteStatus == .checking || self.state.remoteTarget
+                    .trimmingCharacters(in: .whitespacesAndNewlines).isEmpty)
            }

            GatewayDiscoveryInlineList(
                discovery: self.gatewayDiscovery,
-                currentTarget: self.state.remoteTarget,
-                currentUrl: self.state.remoteUrl,
-                transport: self.state.remoteTransport)
+                currentTarget: self.state.remoteTarget)
            { gateway in
                self.applyDiscoveredGateway(gateway)
            }
-            .padding(.leading, self.remoteLabelWidth + 10)
+            .padding(.leading, 58)

            self.remoteStatusView
-                .padding(.leading, self.remoteLabelWidth + 10)
+                .padding(.leading, 58)

-            if self.state.remoteTransport == .ssh {
-                DisclosureGroup(isExpanded: self.$showRemoteAdvanced) {
-                    VStack(alignment: .leading, spacing: 8) {
-                        LabeledContent("Identity file") {
-                            TextField("/Users/you/.ssh/id_ed25519", text: self.$state.remoteIdentity)
-                                .textFieldStyle(.roundedBorder)
-                                .frame(width: 280)
-                        }
-                        LabeledContent("Project root") {
-                            TextField("/home/you/Projects/clawdbot", text: self.$state.remoteProjectRoot)
-                                .textFieldStyle(.roundedBorder)
-                                .frame(width: 280)
-                        }
-                        LabeledContent("CLI path") {
-                            TextField("/Applications/Clawdbot.app/.../clawdbot", text: self.$state.remoteCliPath)
-                                .textFieldStyle(.roundedBorder)
-                                .frame(width: 280)
-                        }
+            DisclosureGroup(isExpanded: self.$showRemoteAdvanced) {
+                VStack(alignment: .leading, spacing: 8) {
+                    LabeledContent("Identity file") {
+                        TextField("/Users/you/.ssh/id_ed25519", text: self.$state.remoteIdentity)
+                            .textFieldStyle(.roundedBorder)
+                            .frame(width: 280)
+                    }
+                    LabeledContent("Project root") {
+                        TextField("/home/you/Projects/clawdbot", text: self.$state.remoteProjectRoot)
+                            .textFieldStyle(.roundedBorder)
+                            .frame(width: 280)
+                    }
+                    LabeledContent("CLI path") {
+                        TextField("/Applications/Clawdbot.app/.../clawdbot", text: self.$state.remoteCliPath)
+                            .textFieldStyle(.roundedBorder)
+                            .frame(width: 280)
                    }
-                    .padding(.top, 4)
-                } label: {
-                    Text("Advanced")
-                        .font(.callout.weight(.semibold))
                }
+                .padding(.top, 4)
+            } label: {
+                Text("Advanced")
+                    .font(.callout.weight(.semibold))
            }

            // Diagnostics
@@ -211,89 +219,16 @@ struct GeneralSettings: View {
                }
            }

-            if self.state.remoteTransport == .ssh {
-                Text("Tip: enable Tailscale for stable remote access.")
-                    .font(.footnote)
-                    .foregroundStyle(.secondary)
-                    .lineLimit(1)
-            } else {
-                Text("Tip: use Tailscale Serve so the gateway has a valid HTTPS cert.")
-                    .font(.footnote)
-                    .foregroundStyle(.secondary)
-                    .lineLimit(2)
-            }
+            Text("Tip: enable Tailscale for stable remote access.")
+                .font(.footnote)
+                .foregroundStyle(.secondary)
+                .lineLimit(1)
        }
        .transition(.opacity)
        .onAppear { self.gatewayDiscovery.start() }
        .onDisappear { self.gatewayDiscovery.stop() }
    }

-    private var remoteTransportRow: some View {
-        HStack(alignment: .center, spacing: 10) {
-            Text("Transport")
-                .font(.callout.weight(.semibold))
-                .frame(width: self.remoteLabelWidth, alignment: .leading)
-            Picker("Transport", selection: self.$state.remoteTransport) {
-                Text("SSH tunnel").tag(AppState.RemoteTransport.ssh)
-                Text("Direct (ws/wss)").tag(AppState.RemoteTransport.direct)
-            }
-            .pickerStyle(.segmented)
-            .frame(maxWidth: 320)
-        }
-    }
-
-    private var remoteSshRow: some View {
-        HStack(alignment: .center, spacing: 10) {
-            Text("SSH target")
-                .font(.callout.weight(.semibold))
-                .frame(width: self.remoteLabelWidth, alignment: .leading)
-            TextField("user@host[:22]", text: self.$state.remoteTarget)
-                .textFieldStyle(.roundedBorder)
-                .frame(maxWidth: .infinity)
-            Button {
-                Task { await self.testRemote() }
-            } label: {
-                if self.remoteStatus == .checking {
-                    ProgressView().controlSize(.small)
-                } else {
-                    Text("Test remote")
-                }
-            }
-            .buttonStyle(.borderedProminent)
-            .disabled(self.remoteStatus == .checking || self.state.remoteTarget
-                .trimmingCharacters(in: .whitespacesAndNewlines).isEmpty)
-        }
-    }
-
-    private var remoteDirectRow: some View {
-        VStack(alignment: .leading, spacing: 6) {
-            HStack(alignment: .center, spacing: 10) {
-                Text("Gateway")
-                    .font(.callout.weight(.semibold))
-                    .frame(width: self.remoteLabelWidth, alignment: .leading)
-                TextField("wss://gateway.example.ts.net", text: self.$state.remoteUrl)
-                    .textFieldStyle(.roundedBorder)
-                    .frame(maxWidth: .infinity)
-                Button {
-                    Task { await self.testRemote() }
-                } label: {
-                    if self.remoteStatus == .checking {
-                        ProgressView().controlSize(.small)
-                    } else {
-                        Text("Test remote")
-                    }
-                }
-                .buttonStyle(.borderedProminent)
-                .disabled(self.remoteStatus == .checking || self.state.remoteUrl
-                    .trimmingCharacters(in: .whitespacesAndNewlines).isEmpty)
-            }
-            Text("Direct mode requires a ws:// or wss:// URL (Tailscale Serve uses wss://<magicdns>).")
-                .font(.caption)
-                .foregroundStyle(.secondary)
-                .padding(.leading, self.remoteLabelWidth + 10)
-        }
-    }
-
    private var controlStatusLine: String {
        switch ControlChannel.shared.state {
        case .connected: "Connected"
@@ -523,36 +458,24 @@ extension GeneralSettings {
    func testRemote() async {
        self.remoteStatus = .checking
        let settings = CommandResolver.connectionSettings()
-        if self.state.remoteTransport == .direct {
-            let trimmedUrl = self.state.remoteUrl.trimmingCharacters(in: .whitespacesAndNewlines)
-            guard !trimmedUrl.isEmpty else {
-                self.remoteStatus = .failed("Set a gateway URL first")
-                return
-            }
-            guard Self.isValidWsUrl(trimmedUrl) else {
-                self.remoteStatus = .failed("Gateway URL must start with ws:// or wss://")
-                return
-            }
-        } else {
-            guard !settings.target.isEmpty else {
-                self.remoteStatus = .failed("Set an SSH target first")
-                return
-            }
-
-            // Step 1: basic SSH reachability check
-            let sshResult = await ShellExecutor.run(
-                command: Self.sshCheckCommand(target: settings.target, identity: settings.identity),
-                cwd: nil,
-                env: nil,
-                timeout: 8)
-
-            guard sshResult.ok else {
-                self.remoteStatus = .failed(self.formatSSHFailure(sshResult, target: settings.target))
-                return
-            }
+        guard !settings.target.isEmpty else {
+            self.remoteStatus = .failed("Set an SSH target first")
+            return
        }

-        // Step 2: control channel health check
+        // Step 1: basic SSH reachability check
+        let sshResult = await ShellExecutor.run(
+            command: Self.sshCheckCommand(target: settings.target, identity: settings.identity),
+            cwd: nil,
+            env: nil,
+            timeout: 8)
+
+        guard sshResult.ok else {
+            self.remoteStatus = .failed(self.formatSSHFailure(sshResult, target: settings.target))
+            return
+        }
+
+        // Step 2: control channel health over tunnel
        let originalMode = AppStateStore.shared.connectionMode
        do {
            try await ControlChannel.shared.configure(mode: .remote(
@@ -579,14 +502,6 @@ extension GeneralSettings {
        }
    }

-    private static func isValidWsUrl(_ raw: String) -> Bool {
-        guard let url = URL(string: raw.trimmingCharacters(in: .whitespacesAndNewlines)) else { return false }
-        let scheme = url.scheme?.lowercased() ?? ""
-        guard scheme == "ws" || scheme == "wss" else { return false }
-        let host = url.host?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
-        return !host.isEmpty
-    }
-
    private static func sshCheckCommand(target: String, identity: String) -> [String] {
        var args: [String] = [
            "/usr/bin/ssh",
@@ -655,18 +570,12 @@ extension GeneralSettings {
        let host = gateway.tailnetDns ?? gateway.lanHost
        guard let host else { return }
        let user = NSUserName()
-        if self.state.remoteTransport == .direct {
-            if let url = GatewayDiscoveryHelpers.directUrl(for: gateway) {
-                self.state.remoteUrl = url
-            }
-        } else {
-            self.state.remoteTarget = GatewayDiscoveryModel.buildSSHTarget(
-                user: user,
-                host: host,
-                port: gateway.sshPort)
-            self.state.remoteCliPath = gateway.cliPath ?? ""
-            ClawdbotConfigFile.setRemoteGatewayUrl(host: host, port: gateway.gatewayPort)
-        }
+        self.state.remoteTarget = GatewayDiscoveryModel.buildSSHTarget(
+            user: user,
+            host: host,
+            port: gateway.sshPort)
+        self.state.remoteCliPath = gateway.cliPath ?? ""
+        ClawdbotConfigFile.setRemoteGatewayUrl(host: host, port: gateway.gatewayPort)
    }
 }

@@ -689,9 +598,7 @@ extension GeneralSettings {
    static func exerciseForTesting() {
        let state = AppState(preview: true)
        state.connectionMode = .remote
-        state.remoteTransport = .ssh
        state.remoteTarget = "user@host:2222"
-        state.remoteUrl = "wss://gateway.example.ts.net"
        state.remoteIdentity = "/tmp/id_ed25519"
        state.remoteProjectRoot = "/tmp/clawdbot"
        state.remoteCliPath = "/tmp/clawdbot"
--- a/apps/macos/Sources/Clawdbot/MenuSessionsInjector.swift
+++ b/apps/macos/Sources/Clawdbot/MenuSessionsInjector.swift
@@ -1,5 +1,4 @@
 import AppKit
-import Foundation
 import Observation
 import SwiftUI

@@ -518,25 +517,11 @@ extension MenuSessionsInjector {
        switch mode {
        case .remote:
            platform = "remote"
-            if AppStateStore.shared.remoteTransport == .direct {
-                let trimmedUrl = AppStateStore.shared.remoteUrl
-                    .trimmingCharacters(in: .whitespacesAndNewlines)
-                if let url = URL(string: trimmedUrl), let urlHost = url.host, !urlHost.isEmpty {
-                    if let port = url.port {
-                        host = "\(urlHost):\(port)"
-                    } else {
-                        host = urlHost
-                    }
-                } else {
-                    host = trimmedUrl.nonEmpty
-                }
+            let target = AppStateStore.shared.remoteTarget
+            if let parsed = CommandResolver.parseSSHTarget(target) {
+                host = parsed.port == 22 ? parsed.host : "\(parsed.host):\(parsed.port)"
            } else {
-                let target = AppStateStore.shared.remoteTarget
-                if let parsed = CommandResolver.parseSSHTarget(target) {
-                    host = parsed.port == 22 ? parsed.host : "\(parsed.host):\(parsed.port)"
-                } else {
-                    host = target.nonEmpty
-                }
+                host = target.nonEmpty
            }
        case .local:
            platform = "local"
--- a/apps/macos/Sources/Clawdbot/OnboardingView+Actions.swift
+++ b/apps/macos/Sources/Clawdbot/OnboardingView+Actions.swift
@@ -25,11 +25,7 @@ extension OnboardingView {
        self.preferredGatewayID = gateway.stableID
        GatewayDiscoveryPreferences.setPreferredStableID(gateway.stableID)

-        if self.state.remoteTransport == .direct {
-            if let url = GatewayDiscoveryHelpers.directUrl(for: gateway) {
-                self.state.remoteUrl = url
-            }
-        } else if let host = GatewayDiscoveryHelpers.sanitizedTailnetHost(gateway.tailnetDns) ?? gateway.lanHost {
+        if let host = gateway.tailnetDns ?? gateway.lanHost {
            let user = NSUserName()
            self.state.remoteTarget = GatewayDiscoveryModel.buildSSHTarget(
                user: user,
--- a/apps/macos/Sources/Clawdbot/OnboardingView+Pages.swift
+++ b/apps/macos/Sources/Clawdbot/OnboardingView+Pages.swift
@@ -177,67 +177,42 @@ extension OnboardingView {
                        VStack(alignment: .leading, spacing: 10) {
                            Grid(alignment: .leading, horizontalSpacing: 12, verticalSpacing: 8) {
                                GridRow {
-                                    Text("Transport")
+                                    Text("SSH target")
                                        .font(.callout.weight(.semibold))
                                        .frame(width: labelWidth, alignment: .leading)
-                                    Picker("Transport", selection: self.$state.remoteTransport) {
-                                        Text("SSH tunnel").tag(AppState.RemoteTransport.ssh)
-                                        Text("Direct (ws/wss)").tag(AppState.RemoteTransport.direct)
-                                    }
-                                    .pickerStyle(.segmented)
-                                    .frame(width: fieldWidth)
+                                    TextField("user@host[:port]", text: self.$state.remoteTarget)
+                                        .textFieldStyle(.roundedBorder)
+                                        .frame(width: fieldWidth)
                                }
-                                if self.state.remoteTransport == .direct {
-                                    GridRow {
-                                        Text("Gateway URL")
-                                            .font(.callout.weight(.semibold))
-                                            .frame(width: labelWidth, alignment: .leading)
-                                        TextField("wss://gateway.example.ts.net", text: self.$state.remoteUrl)
-                                            .textFieldStyle(.roundedBorder)
-                                            .frame(width: fieldWidth)
-                                    }
+                                GridRow {
+                                    Text("Identity file")
+                                        .font(.callout.weight(.semibold))
+                                        .frame(width: labelWidth, alignment: .leading)
+                                    TextField("/Users/you/.ssh/id_ed25519", text: self.$state.remoteIdentity)
+                                        .textFieldStyle(.roundedBorder)
+                                        .frame(width: fieldWidth)
                                }
-                                if self.state.remoteTransport == .ssh {
-                                    GridRow {
-                                        Text("SSH target")
-                                            .font(.callout.weight(.semibold))
-                                            .frame(width: labelWidth, alignment: .leading)
-                                        TextField("user@host[:port]", text: self.$state.remoteTarget)
-                                            .textFieldStyle(.roundedBorder)
-                                            .frame(width: fieldWidth)
-                                    }
-                                    GridRow {
-                                        Text("Identity file")
-                                            .font(.callout.weight(.semibold))
-                                            .frame(width: labelWidth, alignment: .leading)
-                                        TextField("/Users/you/.ssh/id_ed25519", text: self.$state.remoteIdentity)
-                                            .textFieldStyle(.roundedBorder)
-                                            .frame(width: fieldWidth)
-                                    }
-                                    GridRow {
-                                        Text("Project root")
-                                            .font(.callout.weight(.semibold))
-                                            .frame(width: labelWidth, alignment: .leading)
-                                        TextField("/home/you/Projects/clawdbot", text: self.$state.remoteProjectRoot)
-                                            .textFieldStyle(.roundedBorder)
-                                            .frame(width: fieldWidth)
-                                    }
-                                    GridRow {
-                                        Text("CLI path")
-                                            .font(.callout.weight(.semibold))
-                                            .frame(width: labelWidth, alignment: .leading)
-                                        TextField(
-                                            "/Applications/Clawdbot.app/.../clawdbot",
-                                            text: self.$state.remoteCliPath)
-                                            .textFieldStyle(.roundedBorder)
-                                            .frame(width: fieldWidth)
-                                    }
+                                GridRow {
+                                    Text("Project root")
+                                        .font(.callout.weight(.semibold))
+                                        .frame(width: labelWidth, alignment: .leading)
+                                    TextField("/home/you/Projects/clawdbot", text: self.$state.remoteProjectRoot)
+                                        .textFieldStyle(.roundedBorder)
+                                        .frame(width: fieldWidth)
+                                }
+                                GridRow {
+                                    Text("CLI path")
+                                        .font(.callout.weight(.semibold))
+                                        .frame(width: labelWidth, alignment: .leading)
+                                    TextField(
+                                        "/Applications/Clawdbot.app/.../clawdbot",
+                                        text: self.$state.remoteCliPath)
+                                        .textFieldStyle(.roundedBorder)
+                                        .frame(width: fieldWidth)
                                }
                            }

-                            Text(self.state.remoteTransport == .direct
-                                ? "Tip: use Tailscale Serve so the gateway has a valid HTTPS cert."
-                                : "Tip: keep Tailscale enabled so your gateway stays reachable.")
+                            Text("Tip: keep Tailscale enabled so your gateway stays reachable.")
                                .font(.footnote)
                                .foregroundStyle(.secondary)
                                .lineLimit(1)
@@ -250,10 +225,7 @@ extension OnboardingView {
    }

    func gatewaySubtitle(for gateway: GatewayDiscoveryModel.DiscoveredGateway) -> String? {
-        if self.state.remoteTransport == .direct {
-            return GatewayDiscoveryHelpers.directUrl(for: gateway) ?? "Gateway pairing only"
-        }
-        if let host = GatewayDiscoveryHelpers.sanitizedTailnetHost(gateway.tailnetDns) ?? gateway.lanHost {
+        if let host = gateway.tailnetDns ?? gateway.lanHost {
            let portSuffix = gateway.sshPort != 22 ? " · ssh \(gateway.sshPort)" : ""
            return "\(host)\(portSuffix)"
        }
--- a/apps/macos/Sources/Clawdbot/Resources/Info.plist
+++ b/apps/macos/Sources/Clawdbot/Resources/Info.plist
@@ -15,9 +15,9 @@
    <key>CFBundlePackageType</key>
    <string>APPL</string>
    <key>CFBundleShortVersionString</key>
-    <string>2026.1.24</string>
+    <string>2026.1.23</string>
    <key>CFBundleVersion</key>
-    <string>202601240</string>
+    <string>202601230</string>
    <key>CFBundleIconFile</key>
    <string>Clawdbot</string>
    <key>CFBundleURLTypes</key>
--- a/apps/macos/Tests/ClawdbotIPCTests/GatewayEndpointStoreTests.swift
+++ b/apps/macos/Tests/ClawdbotIPCTests/GatewayEndpointStoreTests.swift
@@ -175,10 +175,4 @@ import Testing
            customBindHost: "192.168.1.10")
        #expect(host == "192.168.1.10")
    }
-
-    @Test func normalizeGatewayUrlAddsDefaultPortForWs() {
-        let url = GatewayRemoteConfig.normalizeGatewayUrl("ws://gateway")
-        #expect(url?.port == 18789)
-        #expect(url?.absoluteString == "ws://gateway:18789")
-    }
 }
--- a/dist/control-ui/assets/index-BPDeGGxb.css
+++ b/dist/control-ui/assets/index-BPDeGGxb.css
--- a/dist/control-ui/assets/index-BvhR9FCb.css
+++ b/dist/control-ui/assets/index-BvhR9FCb.css
--- a/dist/control-ui/assets/index-DsXRcnEw.js.map
+++ b/dist/control-ui/assets/index-DsXRcnEw.js.map
--- a/dist/control-ui/assets/index-bYQnHP3a.js
+++ b/dist/control-ui/assets/index-bYQnHP3a.js
--- a/dist/control-ui/assets/index-bYQnHP3a.js.map
+++ b/dist/control-ui/assets/index-bYQnHP3a.js.map
--- a/dist/control-ui/index.html
+++ b/dist/control-ui/index.html
@@ -6,8 +6,8 @@
    <title>Clawdbot Control</title>
    <meta name="color-scheme" content="dark light" />
    <link rel="icon" href="./favicon.ico" sizes="any" />
-    <script type="module" crossorigin src="./assets/index-DsXRcnEw.js"></script>
-    <link rel="stylesheet" crossorigin href="./assets/index-BvhR9FCb.css">
+    <script type="module" crossorigin src="./assets/index-bYQnHP3a.js"></script>
+    <link rel="stylesheet" crossorigin href="./assets/index-BPDeGGxb.css">
  </head>
  <body>
    <clawdbot-app></clawdbot-app>
--- a/docs/gateway/configuration.md
+++ b/docs/gateway/configuration.md
@@ -2825,14 +2825,13 @@ Auth and Tailscale:

 Remote client defaults (CLI):
 - `gateway.remote.url` sets the default Gateway WebSocket URL for CLI calls when `gateway.mode = "remote"`.
- `gateway.remote.transport` selects the macOS remote transport (`ssh` default, `direct` for ws/wss). When `direct`, `gateway.remote.url` must be `ws://` or `wss://`. `ws://host` defaults to port `18789`.
 - `gateway.remote.token` supplies the token for remote calls (leave unset for no auth).
 - `gateway.remote.password` supplies the password for remote calls (leave unset for no auth).

 macOS app behavior:
 - Clawdbot.app watches `~/.clawdbot/clawdbot.json` and switches modes live when `gateway.mode` or `gateway.remote.url` changes.
 - If `gateway.mode` is unset but `gateway.remote.url` is set, the macOS app treats it as remote mode.
- When you change connection mode in the macOS app, it writes `gateway.mode` (and `gateway.remote.url` + `gateway.remote.transport` in remote mode) back to the config file.
+- When you change connection mode in the macOS app, it writes `gateway.mode` (and `gateway.remote.url` in remote mode) back to the config file.

 ```json5
 {
@@ -2847,21 +2846,6 @@ macOS app behavior:
 }
 ```

-Direct transport example (macOS app):
-
-```json5
-{
-  gateway: {
-    mode: "remote",
-    remote: {
-      transport: "direct",
-      url: "wss://gateway.example.ts.net",
-      token: "your-token"
-    }
-  }
-}
-```
-
 ### `gateway.reload` (Config hot reload)

 The Gateway watches `~/.clawdbot/clawdbot.json` (or `CLAWDBOT_CONFIG_PATH`) and applies changes automatically.
--- a/docs/gateway/heartbeat.md
+++ b/docs/gateway/heartbeat.md
@@ -82,7 +82,7 @@ and logged; a message that is only `HEARTBEAT_OK` is dropped.
        every: "30m",           // default: 30m (0m disables)
        model: "anthropic/claude-opus-4-5",
        includeReasoning: false, // default: false (deliver separate Reasoning: message when available)
-        target: "last",         // last | none | <channel id> (core or plugin, e.g. "bluebubbles")
+        target: "last",         // last | whatsapp | telegram | discord | slack | signal | imessage | none
        to: "+15551234567",     // optional channel-specific override
        prompt: "Read HEARTBEAT.md if it exists (workspace context). Follow it strictly. Do not infer or repeat old tasks from prior chats. If nothing needs attention, reply HEARTBEAT_OK.",
        ackMaxChars: 300         // max chars allowed after HEARTBEAT_OK
--- a/docs/help/faq.md
+++ b/docs/help/faq.md
@@ -9,34 +9,19 @@ Quick answers plus deeper troubleshooting for real-world setups (local dev, VPS,

 - [What is Clawdbot?](#what-is-clawdbot)
  - [What is Clawdbot, in one paragraph?](#what-is-clawdbot-in-one-paragraph)
-  - [What’s the value proposition?](#whats-the-value-proposition)
 - [Quick start and first-run setup](#quick-start-and-first-run-setup)
  - [What’s the recommended way to install and set up Clawdbot?](#whats-the-recommended-way-to-install-and-set-up-clawdbot)
  - [How do I open the dashboard after onboarding?](#how-do-i-open-the-dashboard-after-onboarding)
  - [How do I authenticate the dashboard (token) on localhost vs remote?](#how-do-i-authenticate-the-dashboard-token-on-localhost-vs-remote)
  - [What runtime do I need?](#what-runtime-do-i-need)
-  - [Does it run on Raspberry Pi?](#does-it-run-on-raspberry-pi)
-  - [Can I migrate my setup to a new machine (Mac mini) without redoing onboarding?](#can-i-migrate-my-setup-to-a-new-machine-mac-mini-without-redoing-onboarding)
-  - [Where do I see what’s new in the latest version?](#where-do-i-see-whats-new-in-the-latest-version)
-  - [I can't access docs.clawd.bot (SSL error). What now?](#i-cant-access-docsclawdbot-ssl-error-what-now)
-  - [How do I install the beta version, and what’s the difference between beta and dev?](#how-do-i-install-the-beta-version-and-whats-the-difference-between-beta-and-dev)
-  - [The docs didn’t answer my question — how do I get a better answer?](#the-docs-didnt-answer-my-question--how-do-i-get-a-better-answer)
-  - [How do I install Clawdbot on Linux?](#how-do-i-install-clawdbot-on-linux)
-  - [How do I install Clawdbot on a VPS?](#how-do-i-install-clawdbot-on-a-vps)
-  - [Can I ask Clawd to update itself?](#can-i-ask-clawd-to-update-itself)
  - [What does the onboarding wizard actually do?](#what-does-the-onboarding-wizard-actually-do)
-  - [Do I need a Claude or OpenAI subscription to run this?](#do-i-need-a-claude-or-openai-subscription-to-run-this)
  - [How does Anthropic "setup-token" auth work?](#how-does-anthropic-setup-token-auth-work)
  - [Where do I find an Anthropic setup-token?](#where-do-i-find-an-anthropic-setup-token)
  - [Do you support Claude subscription auth (Claude Code OAuth)?](#do-you-support-claude-subscription-auth-claude-code-oauth)
-  - [Why am I seeing `HTTP 429: rate_limit_error` from Anthropic?](#why-am-i-seeing-http-429-rate_limit_error-from-anthropic)
  - [Is AWS Bedrock supported?](#is-aws-bedrock-supported)
  - [How does Codex auth work?](#how-does-codex-auth-work)
-  - [Do you support OpenAI subscription auth (Codex OAuth)?](#do-you-support-openai-subscription-auth-codex-oauth)
  - [Is a local model OK for casual chats?](#is-a-local-model-ok-for-casual-chats)
  - [How do I keep hosted model traffic in a specific region?](#how-do-i-keep-hosted-model-traffic-in-a-specific-region)
-  - [Do I have to buy a Mac Mini to install this?](#do-i-have-to-buy-a-mac-mini-to-install-this)
-  - [Do I need a Mac mini for iMessage support?](#do-i-need-a-mac-mini-for-imessage-support)
  - [Can I use Bun?](#can-i-use-bun)
  - [Telegram: what goes in `allowFrom`?](#telegram-what-goes-in-allowfrom)
  - [Can multiple people use one WhatsApp number with different Clawdbots?](#can-multiple-people-use-one-whatsapp-number-with-different-clawdbots)
@@ -49,7 +34,6 @@ Quick answers plus deeper troubleshooting for real-world setups (local dev, VPS,
  - [Can I load skills from a custom folder?](#can-i-load-skills-from-a-custom-folder)
  - [How can I use different models for different tasks?](#how-can-i-use-different-models-for-different-tasks)
  - [How do I install skills on Linux?](#how-do-i-install-skills-on-linux)
-  - [Can Clawdbot run tasks on a schedule or continuously in the background?](#can-clawdbot-run-tasks-on-a-schedule-or-continuously-in-the-background)
  - [Can I run Apple/macOS-only skills from Linux?](#can-i-run-applemacos-only-skills-from-linux)
  - [Do you have a Notion or HeyGen integration?](#do-you-have-a-notion-or-heygen-integration)
  - [How do I install the Chrome extension for browser takeover?](#how-do-i-install-the-chrome-extension-for-browser-takeover)
@@ -61,7 +45,6 @@ Quick answers plus deeper troubleshooting for real-world setups (local dev, VPS,
 - [Where things live on disk](#where-things-live-on-disk)
  - [Where does Clawdbot store its data?](#where-does-clawdbot-store-its-data)
  - [Where should AGENTS.md / SOUL.md / USER.md / MEMORY.md live?](#where-should-agentsmd--soulmd--usermd--memorymd-live)
-  - [What’s the recommended backup strategy?](#whats-the-recommended-backup-strategy)
  - [How do I completely uninstall Clawdbot?](#how-do-i-completely-uninstall-clawdbot)
  - [Can agents work outside the workspace?](#can-agents-work-outside-the-workspace)
  - [I’m in remote mode — where is the session store?](#im-in-remote-mode-where-is-the-session-store)
@@ -98,11 +81,8 @@ Quick answers plus deeper troubleshooting for real-world setups (local dev, VPS,
  - [Why doesn’t Clawdbot reply in a group?](#why-doesnt-clawdbot-reply-in-a-group)
  - [Do groups/threads share context with DMs?](#do-groupsthreads-share-context-with-dms)
  - [How many workspaces and agents can I create?](#how-many-workspaces-and-agents-can-i-create)
-  - [Can I run multiple bots or chats at the same time (Slack), and how should I set that up?](#can-i-run-multiple-bots-or-chats-at-the-same-time-slack-and-how-should-i-set-that-up)
 - [Models: defaults, selection, aliases, switching](#models-defaults-selection-aliases-switching)
  - [What is the “default model”?](#what-is-the-default-model)
-  - [What model do you recommend?](#what-model-do-you-recommend)
-  - [What do Clawd, Flawd, and Krill use for models?](#what-do-clawd-flawd-and-krill-use-for-models)
  - [How do I switch models on the fly (without restarting)?](#how-do-i-switch-models-on-the-fly-without-restarting)
  - [Why do I see “Model … is not allowed” and then no reply?](#why-do-i-see-model-is-not-allowed-and-then-no-reply)
  - [Why do I see “Unknown model: minimax/MiniMax-M2.1”?](#why-do-i-see-unknown-model-minimaxminimax-m21)
@@ -203,28 +183,6 @@ Quick answers plus deeper troubleshooting for real-world setups (local dev, VPS,

 Clawdbot is a personal AI assistant you run on your own devices. It replies on the messaging surfaces you already use (WhatsApp, Telegram, Slack, Mattermost (plugin), Discord, Signal, iMessage, WebChat) and can also do voice + a live Canvas on supported platforms. The **Gateway** is the always-on control plane; the assistant is the product.

-### What’s the value proposition?
-
-Clawdbot is not “just a Claude wrapper.” It’s a **local-first control plane** that lets you run a
-capable assistant on **your own hardware**, reachable from the chat apps you already use, with
-stateful sessions, memory, and tools — without handing control of your workflows to a hosted
-SaaS.
-
-Highlights:
- **Your devices, your data:** run the Gateway wherever you want (Mac, Linux, VPS) and keep the
-  workspace + session history local.  
- **Real channels, not a web sandbox:** WhatsApp/Telegram/Slack/Discord/Signal/iMessage/etc,
-  plus mobile voice and Canvas on supported platforms.  
- **Model-agnostic:** use Anthropic, OpenAI, MiniMax, OpenRouter, etc., with per‑agent routing
-  and failover.  
- **Local-only option:** run local models so **all data can stay on your device** if you want.
- **Multi-agent routing:** separate agents per channel, account, or task, each with its own
-  workspace and defaults.  
- **Open source and hackable:** inspect, extend, and self-host without vendor lock‑in.
-
-Docs: [Gateway](/gateway), [Channels](/channels), [Multi‑agent](/concepts/multi-agent),
-[Memory](/concepts/memory).
-
 ## Quick start and first-run setup

 ### What’s the recommended way to install and set up Clawdbot?
@@ -273,126 +231,6 @@ See [Dashboard](/web/dashboard) and [Web surfaces](/web) for bind modes and auth

 Node **>= 22** is required. `pnpm` is recommended. Bun is **not recommended** for the Gateway.

-### Does it run on Raspberry Pi?
-
-Yes. The Gateway is lightweight — docs list **512MB–1GB RAM**, **1 core**, and about **500MB**
-disk as enough for personal use, and note that a **Raspberry Pi 4 can run it**.
-
-If you want extra headroom (logs, media, other services), **2GB is recommended**, but it’s
-not a hard minimum.
-
-### Can I migrate my setup to a new machine (Mac mini) without redoing onboarding?
-
-Yes. Copy the **state directory** and **workspace**, then run Doctor once. This
-keeps your bot “exactly the same” (memory, session history, auth, and channel
-state) as long as you copy **both** locations:
-
-1) Install Clawdbot on the new machine.
-2) Copy `$CLAWDBOT_STATE_DIR` (default: `~/.clawdbot`) from the old machine.
-3) Copy your workspace (default: `~/clawd`).
-4) Run `clawdbot doctor` and restart the Gateway service.
-
-That preserves config, auth profiles, WhatsApp creds, sessions, and memory. If you’re in
-remote mode, remember the gateway host owns the session store and workspace.
-
-**Important:** if you only commit/push your workspace to GitHub, you’re backing
-up **memory + bootstrap files**, but **not** session history or auth. Those live
-under `~/.clawdbot/` (for example `~/.clawdbot/agents/<agentId>/sessions/`).
-
-Related: [Where things live on disk](/help/faq#where-does-clawdbot-store-its-data),
-[Agent workspace](/concepts/agent-workspace), [Doctor](/gateway/doctor),
-[Remote mode](/gateway/remote).
-
-### Where do I see what’s new in the latest version?
-
-Check the GitHub changelog:  
-https://github.com/clawdbot/clawdbot/blob/main/CHANGELOG.md
-
-Newest entries are at the top. If the top section is marked **Unreleased**, the next dated
-section is the latest shipped version. Entries are grouped by **Highlights**, **Changes**, and
-**Fixes** (plus docs/other sections when needed).
-
-### I can't access docs.clawd.bot (SSL error). What now?
-
-Some Comcast/Xfinity connections incorrectly block `docs.clawd.bot` via Xfinity
-Advanced Security. Disable it or allowlist `docs.clawd.bot`, then retry. More
-detail: [Troubleshooting](/help/troubleshooting#docsclawdbot-shows-an-ssl-error-comcastxfinity).
-Please help us unblock it by reporting here: https://spa.xfinity.com/check_url_status.
-
-If you still can't reach the site, the docs are mirrored on GitHub:
-https://github.com/clawdbot/clawdbot/tree/main/docs
-
-### How do I install the beta version, and what’s the difference between beta and dev?
-
-**Beta** is a prerelease tag (`vYYYY.M.D-beta.N`) published to the npm dist‑tag `beta`.  
-**Dev** is the moving head of `main` (git); when published, it uses the npm dist‑tag `dev`.
-
-One‑liners (macOS/Linux):
-
-```bash
-curl -fsSL --proto '=https' --tlsv1.2 https://clawd.bot/install.sh | bash -s -- --beta
-```
-
-```bash
-curl -fsSL --proto '=https' --tlsv1.2 https://clawd.bot/install.sh | bash -s -- --install-method git
-```
-
-Windows installer (PowerShell):
-https://clawd.bot/install.ps1
-
-More detail: [Development channels](/install/development-channels) and [Installer flags](/install/installer).
-
-### The docs didn’t answer my question — how do I get a better answer?
-
-Use the **hackable (git) install** so you have the full source and docs locally, then ask
-your bot (or Claude/Codex) *from that folder* so it can read the repo and answer precisely.
-
-```bash
-curl -fsSL https://clawd.bot/install.sh | bash -s -- --install-method git
-```
-
-More detail: [Install](/install) and [Installer flags](/install/installer).
-
-### How do I install Clawdbot on Linux?
-
-Short answer: follow the Linux guide, then run the onboarding wizard.
-
- Linux quick path + service install: [Linux](/platforms/linux).
- Full walkthrough: [Getting Started](/start/getting-started).
- Installer + updates: [Install & updates](/install/updating).
-
-### How do I install Clawdbot on a VPS?
-
-Any Linux VPS works. Install on the server, then use SSH/Tailscale to reach the Gateway.
-
-Guides: [exe.dev](/platforms/exe-dev), [Hetzner](/platforms/hetzner), [Fly.io](/platforms/fly).  
-Remote access: [Gateway remote](/gateway/remote).
-
-### Can I ask Clawd to update itself?
-
-Short answer: **possible, not recommended**. The update flow can restart the
-Gateway (which drops the active session), may need a clean git checkout, and
-can prompt for confirmation. Safer: run updates from a shell as the operator.
-
-Use the CLI:
-
-```bash
-clawdbot update
-clawdbot update status
-clawdbot update --channel stable|beta|dev
-clawdbot update --tag <dist-tag|version>
-clawdbot update --no-restart
-```
-
-If you must automate from an agent:
-
-```bash
-clawdbot update --yes --no-restart
-clawdbot gateway restart
-```
-
-Docs: [Update](/cli/update), [Updating](/install/updating).
-
 ### What does the onboarding wizard actually do?

 `clawdbot onboard` is the recommended setup path. In **local mode** it walks you through:
@@ -406,15 +244,6 @@ Docs: [Update](/cli/update), [Updating](/install/updating).

 It also warns if your configured model is unknown or missing auth.

-### Do I need a Claude or OpenAI subscription to run this?
-
-No. You can run Clawdbot with **API keys** (Anthropic/OpenAI/others) or with
-**local‑only models** so your data stays on your device. Subscriptions (Claude
-Pro/Max or OpenAI Codex) are optional ways to authenticate those providers.
-
-Docs: [Anthropic](/providers/anthropic), [OpenAI](/providers/openai),
-[Local models](/gateway/local-models), [Models](/concepts/models).
-
 ### How does Anthropic "setup-token" auth work?

 `claude setup-token` generates a **token string** via the Claude Code CLI (it is not available in the web console). You can run it on **any machine**. If Claude Code CLI credentials are present on the gateway host, Clawdbot can reuse them; otherwise choose **Anthropic token (paste setup-token)** and paste the string. The token is stored as an auth profile for the **anthropic** provider and used like an API key or OAuth profile. More detail: [OAuth](/concepts/oauth).
@@ -439,16 +268,6 @@ Yes. Clawdbot can **reuse Claude Code CLI credentials** (OAuth) and also support

 Note: Claude subscription access is governed by Anthropic’s terms. For production or multi‑user workloads, API keys are usually the safer choice.

-### Why am I seeing `HTTP 429: rate_limit_error` from Anthropic?
-
-That means your **Anthropic quota/rate limit** is exhausted for the current window. If you
-use a **Claude subscription** (setup‑token or Claude Code OAuth), wait for the window to
-reset or upgrade your plan. If you use an **Anthropic API key**, check the Anthropic Console
-for usage/billing and raise limits as needed.
-
-Tip: set a **fallback model** so Clawdbot can keep replying while a provider is rate‑limited.
-See [Models](/cli/models) and [OAuth](/concepts/oauth).
-
 ### Is AWS Bedrock supported?

 Yes — via pi‑ai’s **Amazon Bedrock (Converse)** provider with **manual config**. You must supply AWS credentials/region on the gateway host and add a Bedrock provider entry in your models config. See [Amazon Bedrock](/bedrock) and [Model providers](/providers/models). If you prefer a managed key flow, an OpenAI‑compatible proxy in front of Bedrock is still a valid option.
@@ -457,14 +276,6 @@ Yes — via pi‑ai’s **Amazon Bedrock (Converse)** provider with **manual con

 Clawdbot supports **OpenAI Code (Codex)** via OAuth or by reusing your Codex CLI login (`~/.codex/auth.json`). The wizard can import the CLI login or run the OAuth flow and will set the default model to `openai-codex/gpt-5.2` when appropriate. See [Model providers](/concepts/model-providers) and [Wizard](/start/wizard).

-### Do you support OpenAI subscription auth (Codex OAuth)?
-
-Yes. Clawdbot fully supports **OpenAI Code (Codex) subscription OAuth** and can also reuse an
-existing Codex CLI login (`~/.codex/auth.json`) on the gateway host. The onboarding wizard
-can import the CLI login or run the OAuth flow for you.
-
-See [OAuth](/concepts/oauth), [Model providers](/concepts/model-providers), and [Wizard](/start/wizard).
-
 ### Is a local model OK for casual chats?

 Usually no. Clawdbot needs large context + strong safety; small cards truncate and leak. If you must, run the **largest** MiniMax M2.1 build you can locally (LM Studio) and see [/gateway/local-models](/gateway/local-models). Smaller/quantized models increase prompt-injection risk — see [Security](/gateway/security).
@@ -473,31 +284,6 @@ Usually no. Clawdbot needs large context + strong safety; small cards truncate a

 Pick region-pinned endpoints. OpenRouter exposes US-hosted options for MiniMax, Kimi, and GLM; choose the US-hosted variant to keep data in-region. You can still list Anthropic/OpenAI alongside these by using `models.mode: "merge"` so fallbacks stay available while respecting the regioned provider you select.

-### Do I have to buy a Mac Mini to install this?
-
-No. Clawdbot runs on macOS or Linux (Windows via WSL2). A Mac mini is optional — some people
-buy one as an always‑on host, but a small VPS, home server, or Raspberry Pi‑class box works too.
-
-You only need a Mac **for macOS‑only tools**. For iMessage, you can keep the Gateway on Linux
-and run `imsg` on any Mac over SSH by pointing `channels.imessage.cliPath` at an SSH wrapper.
-If you want other macOS‑only tools, run the Gateway on a Mac or pair a macOS node.
-
-Docs: [iMessage](/channels/imessage), [Nodes](/nodes), [Mac remote mode](/platforms/mac/remote).
-
-### Do I need a Mac mini for iMessage support?
-
-You need **some macOS device** signed into Messages. It does **not** have to be a Mac mini —
-any Mac works. Clawdbot’s iMessage integrations run on macOS (BlueBubbles or `imsg`), while
-the Gateway can run elsewhere.
-
-Common setups:
- Run the Gateway on Linux/VPS, and point `channels.imessage.cliPath` at an SSH wrapper that
-  runs `imsg` on the Mac.
- Run everything on the Mac if you want the simplest single‑machine setup.
-
-Docs: [iMessage](/channels/imessage), [BlueBubbles](/channels/bluebubbles),
-[Mac remote mode](/platforms/mac/remote).
-
 ### Can I use Bun?

 Bun is **not recommended**. We see runtime bugs, especially with WhatsApp and Telegram.
@@ -619,17 +405,6 @@ npm i -g clawdhub
 pnpm add -g clawdhub
 ```

-### Can Clawdbot run tasks on a schedule or continuously in the background?
-
-Yes. Use the Gateway scheduler:
-
- **Cron jobs** for scheduled or recurring tasks (persist across restarts).
- **Heartbeat** for “main session” periodic checks.
- **Isolated jobs** for autonomous agents that post summaries or deliver to chats.
-
-Docs: [Cron jobs](/automation/cron-jobs), [Cron vs Heartbeat](/automation/cron-vs-heartbeat),
-[Heartbeat](/gateway/heartbeat).
-
 ### Is there a way to run Apple/macOS-only skills if my Gateway runs on Linux?

 Not directly. macOS skills are gated by `metadata.clawdbot.os` plus required binaries, and skills only appear in the system prompt when they are eligible on the **Gateway host**. On Linux, `darwin`-only skills (like `imsg`, `apple-notes`, `apple-reminders`) will not load unless you override the gating.
@@ -798,18 +573,6 @@ workspace, not your local laptop).

 See [Agent workspace](/concepts/agent-workspace) and [Memory](/concepts/memory).

-### What’s the recommended backup strategy?
-
-Put your **agent workspace** in a **private** git repo and back it up somewhere
-private (for example GitHub private). This captures memory + AGENTS/SOUL/USER
-files, and lets you restore the assistant’s “mind” later.
-
-Do **not** commit anything under `~/.clawdbot` (credentials, sessions, tokens).
-If you need a full restore, back up both the workspace and the state directory
-separately (see the migration question above).
-
-Docs: [Agent workspace](/concepts/agent-workspace).
-
 ### How do I completely uninstall Clawdbot?

 See the dedicated guide: [Uninstall](/install/uninstall).
@@ -993,9 +756,8 @@ Docs: [Nodes](/nodes), [Gateway protocol](/gateway/protocol), [macOS remote mode
 ### Is there a benefit to using a node on my personal laptop instead of SSH from a VPS?

 Yes — nodes are the first‑class way to reach your laptop from a remote Gateway, and they
-unlock more than shell access. The Gateway runs on macOS/Linux (Windows via WSL2) and is
-lightweight (a small VPS or Raspberry Pi-class box is fine; 4 GB RAM is plenty), so a common
-setup is an always‑on host plus your laptop as a node.
+unlock more than shell access. The Gateway runs on macOS/Linux (Windows via WSL2), so a common
+setup is an always‑on host (VPS/home box/Pi) plus your laptop as a node.

 - **No inbound SSH required.** Nodes connect out to the Gateway WebSocket and use device pairing.
 - **Safer execution controls.** `system.run` is gated by node allowlists/approvals on that laptop.
@@ -1011,8 +773,7 @@ Docs: [Nodes](/nodes), [Nodes CLI](/cli/nodes), [Chrome extension](/tools/chrome
 ### Do nodes run a gateway service?

 No. Only **one gateway** should run per host unless you intentionally run isolated profiles (see [Multiple gateways](/gateway/multiple-gateways)). Nodes are peripherals that connect
-to the gateway (iOS/Android nodes, or macOS “node mode” in the menubar app). For headless node
-hosts and CLI control, see [Node host CLI](/cli/node).
+to the gateway (iOS/Android nodes, or macOS “node mode” in the menubar app).

 A full restart is required for `gateway`, `discovery`, and `canvasHost` changes.

@@ -1279,24 +1040,6 @@ Tips:
 - Prune old sessions (delete JSONL or store entries) if disk grows.
 - Use `clawdbot doctor` to spot stray workspaces and profile mismatches.

-### Can I run multiple bots or chats at the same time (Slack), and how should I set that up?
-
-Yes. Use **Multi‑Agent Routing** to run multiple isolated agents and route inbound messages by
-channel/account/peer. Slack is supported as a channel and can be bound to specific agents.
-
-Browser access is powerful but not “do anything a human can” — anti‑bot, CAPTCHAs, and MFA can
-still block automation. For the most reliable browser control, use the Chrome extension relay
-on the machine that runs the browser (and keep the Gateway anywhere).
-
-Best‑practice setup:
- Always‑on Gateway host (VPS/Mac mini).
- One agent per role (bindings).
- Slack channel(s) bound to those agents.
- Local browser via extension relay (or a node) when needed.
-
-Docs: [Multi‑Agent Routing](/concepts/multi-agent), [Slack](/channels/slack),
-[Browser](/tools/browser), [Chrome extension](/tools/chrome-extension), [Nodes](/nodes).
-
 ## Models: defaults, selection, aliases, switching

 ### What is the “default model”?
@@ -1309,26 +1052,6 @@ agents.defaults.model.primary

 Models are referenced as `provider/model` (example: `anthropic/claude-opus-4-5`). If you omit the provider, Clawdbot currently assumes `anthropic` as a temporary deprecation fallback — but you should still **explicitly** set `provider/model`.

-### What model do you recommend?
-
-**Recommended default:** `anthropic/claude-opus-4-5`.  
-**Good alternative:** `anthropic/claude-sonnet-4-5`.  
-**Reliable (less character):** `openai/gpt-5.2` — nearly as good as Opus, just less personality.  
-**Budget:** `zai/glm-4.7`.
-
-MiniMax M2.1 has its own docs: [MiniMax](/providers/minimax) and
-[Local models](/gateway/local-models).
-
-Strong warning: weaker/over-quantized models are more vulnerable to prompt
-injection and unsafe behavior. See [Security](/gateway/security).
-
-More context: [Models](/concepts/models).
-
-### What do Clawd, Flawd, and Krill use for models?
-
- **Clawd + Flawd:** Anthropic Opus (`anthropic/claude-opus-4-5`) — see [Anthropic](/providers/anthropic).
- **Krill:** MiniMax M2.1 (`minimax/MiniMax-M2.1`) — see [MiniMax](/providers/minimax).
-
 ### How do I switch models on the fly (without restarting)?

 Use the `/model` command as a standalone message:
--- a/docs/help/troubleshooting.md
+++ b/docs/help/troubleshooting.md
@@ -33,22 +33,6 @@ Almost always a Node/npm PATH issue. Start here:

 - [Install (Node/npm PATH sanity)](/install#nodejs--npm-path-sanity)

-### Installer fails (or you need full logs)
-
-Re-run the installer in verbose mode to see the full trace and npm output:
-
-```bash
-curl -fsSL https://clawd.bot/install.sh | bash -s -- --verbose
-```
-
-For beta installs:
-
-```bash
-curl -fsSL https://clawd.bot/install.sh | bash -s -- --beta --verbose
-```
-
-You can also set `CLAWDBOT_VERBOSE=1` instead of the flag.
-
 ### Gateway “unauthorized”, can’t connect, or keeps reconnecting

 - [Gateway troubleshooting](/gateway/troubleshooting)
--- a/docs/platforms/fly.md
+++ b/docs/platforms/fly.md
@@ -181,7 +181,7 @@ cat > /data/clawdbot.json << 'EOF'
    "bind": "auto"
  },
  "meta": {
-    "lastTouchedVersion": "2026.1.24"
+    "lastTouchedVersion": "2026.1.23"
  }
 }
 EOF
--- a/docs/platforms/mac/release.md
+++ b/docs/platforms/mac/release.md
@@ -30,17 +30,17 @@ Notes:
 # From repo root; set release IDs so Sparkle feed is enabled.
 # APP_BUILD must be numeric + monotonic for Sparkle compare.
 BUNDLE_ID=com.clawdbot.mac \
-APP_VERSION=2026.1.24 \
+APP_VERSION=2026.1.23 \
 APP_BUILD="$(git rev-list --count HEAD)" \
 BUILD_CONFIG=release \
 SIGN_IDENTITY="Developer ID Application: <Developer Name> (<TEAMID>)" \
 scripts/package-mac-app.sh

 # Zip for distribution (includes resource forks for Sparkle delta support)
-ditto -c -k --sequesterRsrc --keepParent dist/Clawdbot.app dist/Clawdbot-2026.1.24.zip
+ditto -c -k --sequesterRsrc --keepParent dist/Clawdbot.app dist/Clawdbot-2026.1.23.zip

 # Optional: also build a styled DMG for humans (drag to /Applications)
-scripts/create-dmg.sh dist/Clawdbot.app dist/Clawdbot-2026.1.24.dmg
+scripts/create-dmg.sh dist/Clawdbot.app dist/Clawdbot-2026.1.23.dmg

 # Recommended: build + notarize/staple zip + DMG
 # First, create a keychain profile once:
@@ -48,26 +48,26 @@ scripts/create-dmg.sh dist/Clawdbot.app dist/Clawdbot-2026.1.24.dmg
 #     --apple-id "<apple-id>" --team-id "<team-id>" --password "<app-specific-password>"
 NOTARIZE=1 NOTARYTOOL_PROFILE=clawdbot-notary \
 BUNDLE_ID=com.clawdbot.mac \
-APP_VERSION=2026.1.24 \
+APP_VERSION=2026.1.23 \
 APP_BUILD="$(git rev-list --count HEAD)" \
 BUILD_CONFIG=release \
 SIGN_IDENTITY="Developer ID Application: <Developer Name> (<TEAMID>)" \
 scripts/package-mac-dist.sh

 # Optional: ship dSYM alongside the release
-ditto -c -k --keepParent apps/macos/.build/release/Clawdbot.app.dSYM dist/Clawdbot-2026.1.24.dSYM.zip
+ditto -c -k --keepParent apps/macos/.build/release/Clawdbot.app.dSYM dist/Clawdbot-2026.1.23.dSYM.zip
 ```

 ## Appcast entry
 Use the release note generator so Sparkle renders formatted HTML notes:
 ```bash
-SPARKLE_PRIVATE_KEY_FILE=/path/to/ed25519-private-key scripts/make_appcast.sh dist/Clawdbot-2026.1.24.zip https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml
+SPARKLE_PRIVATE_KEY_FILE=/path/to/ed25519-private-key scripts/make_appcast.sh dist/Clawdbot-2026.1.23.zip https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml
 ```
 Generates HTML release notes from `CHANGELOG.md` (via [`scripts/changelog-to-html.sh`](https://github.com/clawdbot/clawdbot/blob/main/scripts/changelog-to-html.sh)) and embeds them in the appcast entry.
 Commit the updated `appcast.xml` alongside the release assets (zip + dSYM) when publishing.

 ## Publish & verify
- Upload `Clawdbot-2026.1.24.zip` (and `Clawdbot-2026.1.24.dSYM.zip`) to the GitHub release for tag `v2026.1.24`.
+- Upload `Clawdbot-2026.1.23.zip` (and `Clawdbot-2026.1.23.dSYM.zip`) to the GitHub release for tag `v2026.1.23`.
 - Ensure the raw appcast URL matches the baked feed: `https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml`.
 - Sanity checks:
  - `curl -I https://raw.githubusercontent.com/clawdbot/clawdbot/main/appcast.xml` returns 200.
--- a/docs/refactor/outbound-session-mirroring.md
+++ b/docs/refactor/outbound-session-mirroring.md
@@ -40,8 +40,6 @@ Outbound sends were mirrored into the *current* agent session (tool session key)
  - Mattermost targets now strip `@` for DM session key routing.
  - Zalo Personal uses DM peer kind for 1:1 targets (group only when `group:` is present).
  - BlueBubbles group targets strip `chat_*` prefixes to match inbound session keys.
-  - Slack auto-thread mirroring matches channel ids case-insensitively.
-  - Gateway send lowercases provided session keys before mirroring.

 ## Decisions
 - **Gateway send session derivation**: if `sessionKey` is provided, use it. If omitted, derive a sessionKey from target + default agent and mirror there.
--- a/docs/reference/RELEASING.md
+++ b/docs/reference/RELEASING.md
@@ -78,30 +78,3 @@ When the operator says “release”, immediately do this preflight (no extra qu
 - [ ] Commit the updated `appcast.xml` and push it (Sparkle feeds from main).
 - [ ] From a clean temp directory (no `package.json`), run `npx -y clawdbot@X.Y.Z send --help` to confirm install/CLI entrypoints work.
 - [ ] Announce/share release notes.
-
-## Plugin publish scope (npm)
-
-We only publish **existing npm plugins** under the `@clawdbot/*` scope. Bundled
-plugins that are not on npm stay **disk-tree only** (still shipped in
-`extensions/**`).
-
-Process to derive the list:
-1) `npm search @clawdbot --json` and capture the package names.
-2) Compare with `extensions/*/package.json` names.
-3) Publish only the **intersection** (already on npm).
-
-Current npm plugin list (update as needed):
- @clawdbot/bluebubbles
- @clawdbot/diagnostics-otel
- @clawdbot/discord
- @clawdbot/lobster
- @clawdbot/matrix
- @clawdbot/msteams
- @clawdbot/nextcloud-talk
- @clawdbot/nostr
- @clawdbot/voice-call
- @clawdbot/zalo
- @clawdbot/zalouser
-
-Release notes must also call out **new optional bundled plugins** that are **not
-on by default** (example: `tlon`).
--- a/extensions/memory-core/package.json
+++ b/extensions/memory-core/package.json
@@ -8,7 +8,7 @@
      "./index.ts"
    ]
  },
-  "peerDependencies": {
-    "clawdbot": ">=2026.1.23-1"
+  "dependencies": {
+    "clawdbot": "workspace:*"
  }
 }
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "clawdbot",
-  "version": "2026.1.24-0",
+  "version": "2026.1.23",
  "description": "WhatsApp gateway CLI (Baileys web) with Pi RPC agent",
  "type": "module",
  "main": "dist/index.js",
@@ -43,7 +43,6 @@
    "dist/slack/**",
    "dist/telegram/**",
    "dist/tui/**",
-    "dist/tts/**",
    "dist/web/**",
    "dist/wizard/**",
    "dist/*.js",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -335,8 +335,8 @@ importers:
  extensions/memory-core:
    dependencies:
      clawdbot:
-        specifier: '>=2026.1.23-1'
-        version: 2026.1.23(@types/express@5.0.6)(audio-decode@2.2.3)(devtools-protocol@0.0.1561482)(typescript@5.9.3)
+        specifier: workspace:*
+        version: link:../..

  extensions/memory-lancedb:
    dependencies:
@@ -2987,11 +2987,6 @@ packages:
  class-variance-authority@0.7.1:
    resolution: {integrity: sha512-Ka+9Trutv7G8M6WT6SeiRWz792K5qEqIGEGzXKhAE6xOWAY6pPH8U+9IY3oCMv6kqTmLsv7Xh/2w2RigkePMsg==}

-  clawdbot@2026.1.23:
-    resolution: {integrity: sha512-w8RjScbxj3YbJYtcB0GBITqmyUYegVbBXDgu/zRxB4AB/SEErR6BNWGeZDWQNFaMftIyJhjttACxSd8G20aREA==}
-    engines: {node: '>=22.12.0'}
-    hasBin: true
-
  cli-cursor@5.0.0:
    resolution: {integrity: sha512-aCj4O5wKyszjMmDT4tZj93kxyydN/K5zPWSCe6/0AV/AA1pqe5ZBIw0a2ZfPQV7lL5/yb5HsUreJ6UFAF1tEQw==}
    engines: {node: '>=18'}
@@ -8373,82 +8368,6 @@ snapshots:
    dependencies:
      clsx: 2.1.1

-  clawdbot@2026.1.23(@types/express@5.0.6)(audio-decode@2.2.3)(devtools-protocol@0.0.1561482)(typescript@5.9.3):
-    dependencies:
-      '@agentclientprotocol/sdk': 0.13.1(zod@4.3.6)
-      '@aws-sdk/client-bedrock': 3.975.0
-      '@buape/carbon': 0.14.0(hono@4.11.4)
-      '@clack/prompts': 0.11.0
-      '@grammyjs/runner': 2.0.3(grammy@1.39.3)
-      '@grammyjs/transformer-throttler': 1.2.1(grammy@1.39.3)
-      '@homebridge/ciao': 1.3.4
-      '@lydell/node-pty': 1.2.0-beta.3
-      '@mariozechner/pi-agent-core': 0.49.3(ws@8.19.0)(zod@4.3.6)
-      '@mariozechner/pi-ai': 0.49.3(ws@8.19.0)(zod@4.3.6)
-      '@mariozechner/pi-coding-agent': 0.49.3(ws@8.19.0)(zod@4.3.6)
-      '@mariozechner/pi-tui': 0.49.3
-      '@mozilla/readability': 0.6.0
-      '@sinclair/typebox': 0.34.47
-      '@slack/bolt': 4.6.0(@types/express@5.0.6)
-      '@slack/web-api': 7.13.0
-      '@whiskeysockets/baileys': 7.0.0-rc.9(audio-decode@2.2.3)(sharp@0.34.5)
-      ajv: 8.17.1
-      body-parser: 2.2.2
-      chalk: 5.6.2
-      chokidar: 5.0.0
-      chromium-bidi: 13.0.1(devtools-protocol@0.0.1561482)
-      cli-highlight: 2.1.11
-      commander: 14.0.2
-      croner: 9.1.0
-      detect-libc: 2.1.2
-      discord-api-types: 0.38.37
-      dotenv: 17.2.3
-      express: 5.2.1
-      file-type: 21.3.0
-      grammy: 1.39.3
-      hono: 4.11.4
-      jiti: 2.6.1
-      json5: 2.2.3
-      jszip: 3.10.1
-      linkedom: 0.18.12
-      long: 5.3.2
-      markdown-it: 14.1.0
-      osc-progress: 0.3.0
-      pdfjs-dist: 5.4.530
-      playwright-core: 1.58.0
-      proper-lockfile: 4.1.2
-      qrcode-terminal: 0.12.0
-      sharp: 0.34.5
-      sqlite-vec: 0.1.7-alpha.2
-      tar: 7.5.4
-      tslog: 4.10.2
-      undici: 7.19.0
-      ws: 8.19.0
-      yaml: 2.8.2
-      zod: 4.3.6
-    optionalDependencies:
-      '@napi-rs/canvas': 0.1.88
-      node-llama-cpp: 3.15.0(typescript@5.9.3)
-    transitivePeerDependencies:
-      - '@discordjs/opus'
-      - '@modelcontextprotocol/sdk'
-      - '@types/express'
-      - audio-decode
-      - aws-crt
-      - bufferutil
-      - canvas
-      - debug
-      - devtools-protocol
-      - encoding
-      - ffmpeg-static
-      - jimp
-      - link-preview-js
-      - node-opus
-      - opusscript
-      - supports-color
-      - typescript
-      - utf-8-validate
-
  cli-cursor@5.0.0:
    dependencies:
      restore-cursor: 5.1.0
--- a/scripts/e2e/Dockerfile
+++ b/scripts/e2e/Dockerfile
@@ -13,11 +13,9 @@ COPY scripts ./scripts
 COPY docs ./docs
 COPY skills ./skills
 COPY patches ./patches
-COPY ui ./ui
 COPY extensions/memory-core ./extensions/memory-core

 RUN pnpm install --frozen-lockfile
 RUN pnpm build
-RUN pnpm ui:build

 CMD ["bash"]
--- a/src/agents/live-model-filter.ts
+++ b/src/agents/live-model-filter.ts
@@ -69,9 +69,6 @@ export function isModernModelRef(ref: ModelRef): boolean {
  if (provider === "opencode" && id.endsWith("-free")) {
    return false;
  }
-  if (provider === "opencode" && id === "alpha-glm-4.7") {
-    return false;
-  }

  if (provider === "openrouter" || provider === "opencode") {
    return matchesAny(id, [
--- a/src/agents/opencode-zen-models.test.ts
+++ b/src/agents/opencode-zen-models.test.ts
@@ -54,7 +54,7 @@ describe("getOpencodeZenStaticFallbackModels", () => {
  it("returns an array of models", () => {
    const models = getOpencodeZenStaticFallbackModels();
    expect(Array.isArray(models)).toBe(true);
-    expect(models.length).toBe(9);
+    expect(models.length).toBe(10);
  });

  it("includes Claude, GPT, Gemini, and GLM models", () => {
--- a/src/agents/opencode-zen-models.ts
+++ b/src/agents/opencode-zen-models.ts
@@ -67,9 +67,10 @@ export const OPENCODE_ZEN_MODEL_ALIASES: Record<string, string> = {
  "gemini-2.5-pro": "gemini-3-pro",
  "gemini-2.5-flash": "gemini-3-flash",

-  // GLM (free)
+  // GLM (free + alpha)
  glm: "glm-4.7",
  "glm-free": "glm-4.7",
+  "alpha-glm": "alpha-glm-4.7",
 };

 /**
@@ -121,6 +122,7 @@ const MODEL_COSTS: Record<
  },
  "claude-opus-4-5": { input: 5, output: 25, cacheRead: 0.5, cacheWrite: 6.25 },
  "gemini-3-pro": { input: 2, output: 12, cacheRead: 0.2, cacheWrite: 0 },
+  "alpha-glm-4.7": { input: 0.6, output: 2.2, cacheRead: 0.6, cacheWrite: 0 },
  "gpt-5.1-codex-mini": {
    input: 0.25,
    output: 2,
@@ -145,6 +147,7 @@ const MODEL_CONTEXT_WINDOWS: Record<string, number> = {
  "gpt-5.1-codex": 400000,
  "claude-opus-4-5": 200000,
  "gemini-3-pro": 1048576,
+  "alpha-glm-4.7": 204800,
  "gpt-5.1-codex-mini": 400000,
  "gpt-5.1": 400000,
  "glm-4.7": 204800,
@@ -161,6 +164,7 @@ const MODEL_MAX_TOKENS: Record<string, number> = {
  "gpt-5.1-codex": 128000,
  "claude-opus-4-5": 64000,
  "gemini-3-pro": 65536,
+  "alpha-glm-4.7": 131072,
  "gpt-5.1-codex-mini": 128000,
  "gpt-5.1": 128000,
  "glm-4.7": 131072,
@@ -197,6 +201,7 @@ const MODEL_NAMES: Record<string, string> = {
  "gpt-5.1-codex": "GPT-5.1 Codex",
  "claude-opus-4-5": "Claude Opus 4.5",
  "gemini-3-pro": "Gemini 3 Pro",
+  "alpha-glm-4.7": "Alpha GLM-4.7",
  "gpt-5.1-codex-mini": "GPT-5.1 Codex Mini",
  "gpt-5.1": "GPT-5.1",
  "glm-4.7": "GLM-4.7",
@@ -224,6 +229,7 @@ export function getOpencodeZenStaticFallbackModels(): ModelDefinitionConfig[] {
    "gpt-5.1-codex",
    "claude-opus-4-5",
    "gemini-3-pro",
+    "alpha-glm-4.7",
    "gpt-5.1-codex-mini",
    "gpt-5.1",
    "glm-4.7",
--- a/src/agents/pi-embedded-utils.test.ts
+++ b/src/agents/pi-embedded-utils.test.ts
@@ -460,22 +460,6 @@ File contents here`,
    expect(result).toBe("The actual answer.");
  });

-  it("strips final tags while keeping content", () => {
-    const msg: AssistantMessage = {
-      role: "assistant",
-      content: [
-        {
-          type: "text",
-          text: "<final>\nAnswer\n</final>",
-        },
-      ],
-      timestamp: Date.now(),
-    };
-
-    const result = extractAssistantText(msg);
-    expect(result).toBe("Answer");
-  });
-
  it("strips thought tags", () => {
    const msg: AssistantMessage = {
      role: "assistant",
--- a/src/agents/pi-embedded-utils.ts
+++ b/src/agents/pi-embedded-utils.ts
@@ -1,5 +1,4 @@
 import type { AssistantMessage } from "@mariozechner/pi-ai";
-import { stripReasoningTagsFromText } from "../shared/text/reasoning-tags.js";
 import { sanitizeUserFacingText } from "./pi-embedded-helpers.js";
 import { formatToolDetail, resolveToolDisplay } from "./tool-display.js";

@@ -167,7 +166,36 @@ export function stripDowngradedToolCallText(text: string): string {
 * that slip through other filtering mechanisms.
 */
 export function stripThinkingTagsFromText(text: string): string {
-  return stripReasoningTagsFromText(text, { mode: "strict", trim: "both" });
+  if (!text) return text;
+  // Quick check to avoid regex overhead when no tags present.
+  if (!/(?:think(?:ing)?|thought|antthinking)/i.test(text)) return text;
+
+  const tagRe = /<\s*(\/?)\s*(?:think(?:ing)?|thought|antthinking)\b[^>]*>/gi;
+  let result = "";
+  let lastIndex = 0;
+  let inThinking = false;
+
+  for (const match of text.matchAll(tagRe)) {
+    const idx = match.index ?? 0;
+    const isClose = match[1] === "/";
+
+    if (!inThinking && !isClose) {
+      // Opening tag - save text before it.
+      result += text.slice(lastIndex, idx);
+      inThinking = true;
+    } else if (inThinking && isClose) {
+      // Closing tag - skip content inside.
+      inThinking = false;
+    }
+    lastIndex = idx + match[0].length;
+  }
+
+  // Append remaining text if we're not inside thinking.
+  if (!inThinking) {
+    result += text.slice(lastIndex);
+  }
+
+  return result.trim();
 }

 export function extractAssistantText(msg: AssistantMessage): string {
--- a/src/cli/cron-cli/register.cron-add.ts
+++ b/src/cli/cron-cli/register.cron-add.ts
@@ -2,7 +2,7 @@ import type { Command } from "commander";
 import type { CronJob } from "../../cron/types.js";
 import { danger } from "../../globals.js";
 import { defaultRuntime } from "../../runtime.js";
-import { sanitizeAgentId } from "../../routing/session-key.js";
+import { normalizeAgentId } from "../../routing/session-key.js";
 import type { GatewayRpcOpts } from "../gateway-rpc.js";
 import { addGatewayClientOptions, callGatewayFromCli } from "../gateway-rpc.js";
 import { parsePositiveIntOrUndefined } from "../program/helpers.js";
@@ -140,7 +140,7 @@ export function registerCronAddCommand(cron: Command) {

          const agentId =
            typeof opts.agent === "string" && opts.agent.trim()
-              ? sanitizeAgentId(opts.agent.trim())
+              ? normalizeAgentId(opts.agent)
              : undefined;

          const payload = (() => {
--- a/src/cli/cron-cli/register.cron-edit.ts
+++ b/src/cli/cron-cli/register.cron-edit.ts
@@ -1,7 +1,7 @@
 import type { Command } from "commander";
 import { danger } from "../../globals.js";
 import { defaultRuntime } from "../../runtime.js";
-import { sanitizeAgentId } from "../../routing/session-key.js";
+import { normalizeAgentId } from "../../routing/session-key.js";
 import { addGatewayClientOptions, callGatewayFromCli } from "../gateway-rpc.js";
 import {
  getCronChannelOptions,
@@ -91,7 +91,7 @@ export function registerCronEditCommand(cron: Command) {
            throw new Error("Use --agent or --clear-agent, not both");
          }
          if (typeof opts.agent === "string" && opts.agent.trim()) {
-            patch.agentId = sanitizeAgentId(opts.agent.trim());
+            patch.agentId = normalizeAgentId(opts.agent);
          }
          if (opts.clearAgent) {
            patch.agentId = null;
--- a/src/config/config.gateway-remote-transport.test.ts
+++ b/src/config/config.gateway-remote-transport.test.ts
@@ -1,33 +0,0 @@
-import { describe, expect, it, vi } from "vitest";
-
-describe("gateway.remote.transport", () => {
-  it("accepts direct transport", async () => {
-    vi.resetModules();
-    const { validateConfigObject } = await import("./config.js");
-    const res = validateConfigObject({
-      gateway: {
-        remote: {
-          transport: "direct",
-          url: "wss://gateway.example.ts.net",
-        },
-      },
-    });
-    expect(res.ok).toBe(true);
-  });
-
-  it("rejects unknown transport", async () => {
-    vi.resetModules();
-    const { validateConfigObject } = await import("./config.js");
-    const res = validateConfigObject({
-      gateway: {
-        remote: {
-          transport: "udp",
-        },
-      },
-    });
-    expect(res.ok).toBe(false);
-    if (!res.ok) {
-      expect(res.issues[0]?.path).toBe("gateway.remote.transport");
-    }
-  });
-});
--- a/src/config/config.plugin-validation.test.ts
+++ b/src/config/config.plugin-validation.test.ts
@@ -9,7 +9,6 @@ async function writePluginFixture(params: {
  dir: string;
  id: string;
  schema: Record<string, unknown>;
-  channels?: string[];
 }) {
  await fs.mkdir(params.dir, { recursive: true });
  await fs.writeFile(
@@ -17,16 +16,16 @@ async function writePluginFixture(params: {
    `export default { id: "${params.id}", register() {} };`,
    "utf-8",
  );
-  const manifest: Record<string, unknown> = {
-    id: params.id,
-    configSchema: params.schema,
-  };
-  if (params.channels) {
-    manifest.channels = params.channels;
-  }
  await fs.writeFile(
    path.join(params.dir, "clawdbot.plugin.json"),
-    JSON.stringify(manifest, null, 2),
+    JSON.stringify(
+      {
+        id: params.id,
+        configSchema: params.schema,
+      },
+      null,
+      2,
+    ),
    "utf-8",
  );
 }
@@ -150,43 +149,4 @@ describe("config plugin validation", () => {
      expect(res.ok).toBe(true);
    });
  });
-
-  it("accepts plugin heartbeat targets", async () => {
-    await withTempHome(async (home) => {
-      process.env.CLAWDBOT_STATE_DIR = path.join(home, ".clawdbot");
-      const pluginDir = path.join(home, "bluebubbles-plugin");
-      await writePluginFixture({
-        dir: pluginDir,
-        id: "bluebubbles-plugin",
-        channels: ["bluebubbles"],
-        schema: { type: "object" },
-      });
-
-      vi.resetModules();
-      const { validateConfigObjectWithPlugins } = await import("./config.js");
-      const res = validateConfigObjectWithPlugins({
-        agents: { defaults: { heartbeat: { target: "bluebubbles" } }, list: [{ id: "pi" }] },
-        plugins: { enabled: false, load: { paths: [pluginDir] } },
-      });
-      expect(res.ok).toBe(true);
-    });
-  });
-
-  it("rejects unknown heartbeat targets", async () => {
-    await withTempHome(async (home) => {
-      process.env.CLAWDBOT_STATE_DIR = path.join(home, ".clawdbot");
-      vi.resetModules();
-      const { validateConfigObjectWithPlugins } = await import("./config.js");
-      const res = validateConfigObjectWithPlugins({
-        agents: { defaults: { heartbeat: { target: "not-a-channel" } }, list: [{ id: "pi" }] },
-      });
-      expect(res.ok).toBe(false);
-      if (!res.ok) {
-        expect(res.issues).toContainEqual({
-          path: "agents.defaults.heartbeat.target",
-          message: "unknown heartbeat target: not-a-channel",
-        });
-      }
-    });
-  });
 });
--- a/src/config/schema.test.ts
+++ b/src/config/schema.test.ts
@@ -84,22 +84,4 @@ describe("config schema", () => {
    const channelProps = channelSchema?.properties as Record<string, unknown> | undefined;
    expect(channelProps?.accessToken).toBeTruthy();
  });
-
-  it("adds heartbeat target hints with dynamic channels", () => {
-    const res = buildConfigSchema({
-      channels: [
-        {
-          id: "bluebubbles",
-          label: "BlueBubbles",
-          configSchema: { type: "object" },
-        },
-      ],
-    });
-
-    const defaultsHint = res.uiHints["agents.defaults.heartbeat.target"];
-    const listHint = res.uiHints["agents.list.*.heartbeat.target"];
-    expect(defaultsHint?.help).toContain("bluebubbles");
-    expect(defaultsHint?.help).toContain("last");
-    expect(listHint?.help).toContain("bluebubbles");
-  });
 });
--- a/src/config/schema.ts
+++ b/src/config/schema.ts
@@ -1,4 +1,3 @@
-import { CHANNEL_IDS } from "../channels/registry.js";
 import { VERSION } from "../version.js";
 import { ClawdbotSchema } from "./zod-schema.js";

@@ -808,44 +807,6 @@ function applyChannelHints(hints: ConfigUiHints, channels: ChannelUiMetadata[]):
  return next;
 }

-function listHeartbeatTargetChannels(channels: ChannelUiMetadata[]): string[] {
-  const seen = new Set<string>();
-  const ordered: string[] = [];
-  for (const id of CHANNEL_IDS) {
-    const normalized = id.trim().toLowerCase();
-    if (!normalized || seen.has(normalized)) continue;
-    seen.add(normalized);
-    ordered.push(normalized);
-  }
-  for (const channel of channels) {
-    const normalized = channel.id.trim().toLowerCase();
-    if (!normalized || seen.has(normalized)) continue;
-    seen.add(normalized);
-    ordered.push(normalized);
-  }
-  return ordered;
-}
-
-function applyHeartbeatTargetHints(
-  hints: ConfigUiHints,
-  channels: ChannelUiMetadata[],
-): ConfigUiHints {
-  const next: ConfigUiHints = { ...hints };
-  const channelList = listHeartbeatTargetChannels(channels);
-  const channelHelp = channelList.length ? ` Known channels: ${channelList.join(", ")}.` : "";
-  const help = `Delivery target ("last", "none", or a channel id).${channelHelp}`;
-  const paths = ["agents.defaults.heartbeat.target", "agents.list.*.heartbeat.target"];
-  for (const path of paths) {
-    const current = next[path] ?? {};
-    next[path] = {
-      ...current,
-      help: current.help ?? help,
-      placeholder: current.placeholder ?? "last",
-    };
-  }
-  return next;
-}
-
 function applyPluginSchemas(schema: ConfigSchema, plugins: PluginUiMetadata[]): ConfigSchema {
  const next = cloneSchema(schema);
  const root = asSchemaObject(next);
@@ -947,10 +908,7 @@ export function buildConfigSchema(params?: {
  const channels = params?.channels ?? [];
  if (plugins.length === 0 && channels.length === 0) return base;
  const mergedHints = applySensitiveHints(
-    applyHeartbeatTargetHints(
-      applyChannelHints(applyPluginHints(base.uiHints, plugins), channels),
-      channels,
-    ),
+    applyChannelHints(applyPluginHints(base.uiHints, plugins), channels),
  );
  const mergedSchema = applyChannelSchemas(applyPluginSchemas(base.schema, plugins), channels);
  return {
--- a/src/config/types.agent-defaults.ts
+++ b/src/config/types.agent-defaults.ts
@@ -4,7 +4,6 @@ import type {
  HumanDelayConfig,
  TypingMode,
 } from "./types.base.js";
-import type { ChannelId } from "../channels/plugins/types.js";
 import type {
  SandboxBrowserSettings,
  SandboxDockerSettings,
@@ -178,8 +177,18 @@ export type AgentDefaultsConfig = {
    model?: string;
    /** Session key for heartbeat runs ("main" or explicit session key). */
    session?: string;
-    /** Delivery target ("last", "none", or a channel id). */
-    target?: "last" | "none" | ChannelId;
+    /** Delivery target (last|whatsapp|telegram|discord|slack|mattermost|msteams|signal|imessage|none). */
+    target?:
+      | "last"
+      | "whatsapp"
+      | "telegram"
+      | "discord"
+      | "slack"
+      | "mattermost"
+      | "msteams"
+      | "signal"
+      | "imessage"
+      | "none";
    /** Optional delivery override (E.164 for WhatsApp, chat id for Telegram). */
    to?: string;
    /** Override the heartbeat prompt body (default: "Read HEARTBEAT.md if it exists (workspace context). Follow it strictly. Do not infer or repeat old tasks from prior chats. If nothing needs attention, reply HEARTBEAT_OK."). */
--- a/src/config/types.gateway.ts
+++ b/src/config/types.gateway.ts
@@ -80,8 +80,6 @@ export type GatewayTailscaleConfig = {
 export type GatewayRemoteConfig = {
  /** Remote Gateway WebSocket URL (ws:// or wss://). */
  url?: string;
-  /** Transport for macOS remote connections (ssh tunnel or direct WS). */
-  transport?: "ssh" | "direct";
  /** Token for remote auth (when the gateway requires token auth). */
  token?: string;
  /** Password for remote auth (when the gateway requires password auth). */
--- a/src/config/validation.ts
+++ b/src/config/validation.ts
@@ -1,7 +1,7 @@
 import path from "node:path";

 import { resolveAgentWorkspaceDir, resolveDefaultAgentId } from "../agents/agent-scope.js";
-import { CHANNEL_IDS, normalizeChatChannelId } from "../channels/registry.js";
+import { CHANNEL_IDS } from "../channels/registry.js";
 import {
  normalizePluginsConfig,
  resolveEnableState,
@@ -226,41 +226,6 @@ export function validateConfigObjectWithPlugins(raw: unknown):
    }
  }

-  const heartbeatChannelIds = new Set<string>();
-  for (const channelId of CHANNEL_IDS) {
-    heartbeatChannelIds.add(channelId.toLowerCase());
-  }
-  for (const record of registry.plugins) {
-    for (const channelId of record.channels) {
-      const trimmed = channelId.trim();
-      if (trimmed) heartbeatChannelIds.add(trimmed.toLowerCase());
-    }
-  }
-
-  const validateHeartbeatTarget = (target: string | undefined, path: string) => {
-    if (typeof target !== "string") return;
-    const trimmed = target.trim();
-    if (!trimmed) {
-      issues.push({ path, message: "heartbeat target must not be empty" });
-      return;
-    }
-    const normalized = trimmed.toLowerCase();
-    if (normalized === "last" || normalized === "none") return;
-    if (normalizeChatChannelId(trimmed)) return;
-    if (heartbeatChannelIds.has(normalized)) return;
-    issues.push({ path, message: `unknown heartbeat target: ${target}` });
-  };
-
-  validateHeartbeatTarget(
-    config.agents?.defaults?.heartbeat?.target,
-    "agents.defaults.heartbeat.target",
-  );
-  if (Array.isArray(config.agents?.list)) {
-    for (const [index, entry] of config.agents.list.entries()) {
-      validateHeartbeatTarget(entry?.heartbeat?.target, `agents.list.${index}.heartbeat.target`);
-    }
-  }
-
  let selectedMemoryPluginId: string | null = null;
  const seenPlugins = new Set<string>();
  for (const record of registry.plugins) {
--- a/src/config/zod-schema.agent-runtime.ts
+++ b/src/config/zod-schema.agent-runtime.ts
@@ -22,7 +22,19 @@ export const HeartbeatSchema = z
    model: z.string().optional(),
    session: z.string().optional(),
    includeReasoning: z.boolean().optional(),
-    target: z.string().optional(),
+    target: z
+      .union([
+        z.literal("last"),
+        z.literal("whatsapp"),
+        z.literal("telegram"),
+        z.literal("discord"),
+        z.literal("slack"),
+        z.literal("msteams"),
+        z.literal("signal"),
+        z.literal("imessage"),
+        z.literal("none"),
+      ])
+      .optional(),
    to: z.string().optional(),
    prompt: z.string().optional(),
    ackMaxChars: z.number().int().nonnegative().optional(),
--- a/src/config/zod-schema.ts
+++ b/src/config/zod-schema.ts
@@ -332,7 +332,6 @@ export const ClawdbotSchema = z
        remote: z
          .object({
            url: z.string().optional(),
-            transport: z.union([z.literal("ssh"), z.literal("direct")]).optional(),
            token: z.string().optional(),
            password: z.string().optional(),
            tlsFingerprint: z.string().optional(),
--- a/src/cron/normalize.test.ts
+++ b/src/cron/normalize.test.ts
@@ -24,7 +24,7 @@ describe("normalizeCronJobCreate", () => {
    expect("provider" in payload).toBe(false);
  });

-  it("trims agentId and drops null", () => {
+  it("normalizes agentId and drops null", () => {
    const normalized = normalizeCronJobCreate({
      name: "agent-set",
      enabled: true,
--- a/src/cron/normalize.ts
+++ b/src/cron/normalize.ts
@@ -1,7 +1,7 @@
-import { sanitizeAgentId } from "../routing/session-key.js";
 import { parseAbsoluteTimeMs } from "./parse.js";
 import { migrateLegacyCronPayload } from "./payload-migration.js";
 import type { CronJobCreate, CronJobPatch } from "./types.js";
+import { normalizeAgentId } from "../routing/session-key.js";

 type UnknownRecord = Record<string, unknown>;

@@ -76,7 +76,7 @@ export function normalizeCronJobInput(
      next.agentId = null;
    } else if (typeof agentId === "string") {
      const trimmed = agentId.trim();
-      if (trimmed) next.agentId = sanitizeAgentId(trimmed);
+      if (trimmed) next.agentId = normalizeAgentId(trimmed);
      else delete next.agentId;
    }
  }
--- a/src/discord/monitor/provider.ts
+++ b/src/discord/monitor/provider.ts
@@ -1,4 +1,3 @@
-import { inspect } from "node:util";
 import { Client } from "@buape/carbon";
 import { GatewayIntents, GatewayPlugin } from "@buape/carbon/gateway";
 import { Routes } from "discord-api-types/v10";
@@ -96,8 +95,13 @@ function formatDiscordDeployErrorDetails(err: unknown): string {
    try {
      bodyText = JSON.stringify(rawBody);
    } catch {
-      bodyText =
-        typeof rawBody === "string" ? rawBody : inspect(rawBody, { depth: 3, breakLength: 120 });
+      if (typeof rawBody === "string") {
+        bodyText = rawBody;
+      } else if (rawBody instanceof Error) {
+        bodyText = rawBody.message;
+      } else {
+        bodyText = "[unserializable]";
+      }
    }
    if (bodyText) {
      const maxLen = 800;
--- a/src/gateway/chat-sanitize.test.ts
+++ b/src/gateway/chat-sanitize.test.ts
@@ -1,42 +0,0 @@
-import { describe, expect, test } from "vitest";
-import { stripEnvelopeFromMessage } from "./chat-sanitize.js";
-
-describe("stripEnvelopeFromMessage", () => {
-  test("removes message_id hint lines from user messages", () => {
-    const input = {
-      role: "user",
-      content: "[WhatsApp 2026-01-24 13:36] yolo\n[message_id: 7b8b]",
-    };
-    const result = stripEnvelopeFromMessage(input) as { content?: string };
-    expect(result.content).toBe("yolo");
-  });
-
-  test("removes message_id hint lines from text content arrays", () => {
-    const input = {
-      role: "user",
-      content: [{ type: "text", text: "hi\n[message_id: abc123]" }],
-    };
-    const result = stripEnvelopeFromMessage(input) as {
-      content?: Array<{ type: string; text?: string }>;
-    };
-    expect(result.content?.[0]?.text).toBe("hi");
-  });
-
-  test("does not strip inline message_id text that is part of a line", () => {
-    const input = {
-      role: "user",
-      content: "I typed [message_id: 123] on purpose",
-    };
-    const result = stripEnvelopeFromMessage(input) as { content?: string };
-    expect(result.content).toBe("I typed [message_id: 123] on purpose");
-  });
-
-  test("does not strip assistant messages", () => {
-    const input = {
-      role: "assistant",
-      content: "note\n[message_id: 123]",
-    };
-    const result = stripEnvelopeFromMessage(input) as { content?: string };
-    expect(result.content).toBe("note\n[message_id: 123]");
-  });
-});
--- a/src/gateway/chat-sanitize.ts
+++ b/src/gateway/chat-sanitize.ts
@@ -14,8 +14,6 @@ const ENVELOPE_CHANNELS = [
  "BlueBubbles",
 ];

-const MESSAGE_ID_LINE = /^\s*\[message_id:\s*[^\]]+\]\s*$/i;
-
 function looksLikeEnvelopeHeader(header: string): boolean {
  if (/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}Z\b/.test(header)) return true;
  if (/\d{4}-\d{2}-\d{2} \d{2}:\d{2}\b/.test(header)) return true;
@@ -30,20 +28,13 @@ export function stripEnvelope(text: string): string {
  return text.slice(match[0].length);
 }

-function stripMessageIdHints(text: string): string {
-  if (!text.includes("[message_id:")) return text;
-  const lines = text.split(/\r?\n/);
-  const filtered = lines.filter((line) => !MESSAGE_ID_LINE.test(line));
-  return filtered.length === lines.length ? text : filtered.join("\n");
-}
-
 function stripEnvelopeFromContent(content: unknown[]): { content: unknown[]; changed: boolean } {
  let changed = false;
  const next = content.map((item) => {
    if (!item || typeof item !== "object") return item;
    const entry = item as Record<string, unknown>;
    if (entry.type !== "text" || typeof entry.text !== "string") return item;
-    const stripped = stripMessageIdHints(stripEnvelope(entry.text));
+    const stripped = stripEnvelope(entry.text);
    if (stripped === entry.text) return item;
    changed = true;
    return {
@@ -64,7 +55,7 @@ export function stripEnvelopeFromMessage(message: unknown): unknown {
  const next: Record<string, unknown> = { ...entry };

  if (typeof entry.content === "string") {
-    const stripped = stripMessageIdHints(stripEnvelope(entry.content));
+    const stripped = stripEnvelope(entry.content);
    if (stripped !== entry.content) {
      next.content = stripped;
      changed = true;
@@ -76,7 +67,7 @@ export function stripEnvelopeFromMessage(message: unknown): unknown {
      changed = true;
    }
  } else if (typeof entry.text === "string") {
-    const stripped = stripMessageIdHints(stripEnvelope(entry.text));
+    const stripped = stripEnvelope(entry.text);
    if (stripped !== entry.text) {
      next.text = stripped;
      changed = true;
--- a/src/gateway/server-methods/nodes.ts
+++ b/src/gateway/server-methods/nodes.ts
@@ -468,10 +468,7 @@ export const nodeHandlers: GatewayRequestHandlers = {
      error: p.error ?? null,
    });
    if (!ok) {
-      // Late-arriving results (after invoke timeout) are expected and harmless.
-      // Return success instead of error to reduce log noise; client can discard.
-      context.logGateway.debug(`late invoke result ignored: id=${p.id} node=${p.nodeId}`);
-      respond(true, { ok: true, ignored: true }, undefined);
+      respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "unknown invoke id"));
      return;
    }
    respond(true, { ok: true }, undefined);
--- a/src/gateway/server-methods/send.test.ts
+++ b/src/gateway/server-methods/send.test.ts
@@ -137,34 +137,6 @@ describe("gateway send mirroring", () => {
    );
  });

-  it("lowercases provided session keys for mirroring", async () => {
-    mocks.deliverOutboundPayloads.mockResolvedValue([{ messageId: "m-lower", channel: "slack" }]);
-
-    const respond = vi.fn();
-    await sendHandlers.send({
-      params: {
-        to: "channel:C1",
-        message: "hi",
-        channel: "slack",
-        idempotencyKey: "idem-lower",
-        sessionKey: "agent:main:slack:channel:C123",
-      },
-      respond,
-      context: makeContext(),
-      req: { type: "req", id: "1", method: "send" },
-      client: null,
-      isWebchatConnect: () => false,
-    });
-
-    expect(mocks.deliverOutboundPayloads).toHaveBeenCalledWith(
-      expect.objectContaining({
-        mirror: expect.objectContaining({
-          sessionKey: "agent:main:slack:channel:c123",
-        }),
-      }),
-    );
-  });
-
  it("derives a target session key when none is provided", async () => {
    mocks.deliverOutboundPayloads.mockResolvedValue([{ messageId: "m3", channel: "slack" }]);

--- a/src/gateway/server-methods/send.ts
+++ b/src/gateway/server-methods/send.ts
@@ -145,7 +145,7 @@ export const sendHandlers: GatewayRequestHandlers = {
        );
        const providedSessionKey =
          typeof request.sessionKey === "string" && request.sessionKey.trim()
-            ? request.sessionKey.trim().toLowerCase()
+            ? request.sessionKey.trim()
            : undefined;
        const derivedAgentId = resolveSessionAgentId({ config: cfg });
        // If callers omit sessionKey, derive a target session key from the outbound route.
--- a/src/gateway/server.impl.ts
+++ b/src/gateway/server.impl.ts
@@ -344,19 +344,9 @@ export async function startGatewayServer(

  setSkillsRemoteRegistry(nodeRegistry);
  void primeRemoteSkillsCache();
-  // Debounce skills-triggered node probes to avoid feedback loops and rapid-fire invokes.
-  // Skills changes can happen in bursts (e.g., file watcher events), and each probe
-  // takes time to complete. A 30-second delay ensures we batch changes together.
-  let skillsRefreshTimer: ReturnType<typeof setTimeout> | null = null;
-  const skillsRefreshDelayMs = 30_000;
-  const skillsChangeUnsub = registerSkillsChangeListener((event) => {
-    if (event.reason === "remote-node") return;
-    if (skillsRefreshTimer) clearTimeout(skillsRefreshTimer);
-    skillsRefreshTimer = setTimeout(() => {
-      skillsRefreshTimer = null;
-      const latest = loadConfig();
-      void refreshRemoteBinsForConnectedNodes(latest);
-    }, skillsRefreshDelayMs);
+  registerSkillsChangeListener(() => {
+    const latest = loadConfig();
+    void refreshRemoteBinsForConnectedNodes(latest);
  });

  const { tickInterval, healthInterval, dedupeCleanup } = startGatewayMaintenanceTimers({
@@ -554,11 +544,6 @@ export async function startGatewayServer(
      if (diagnosticsEnabled) {
        stopDiagnosticHeartbeat();
      }
-      if (skillsRefreshTimer) {
-        clearTimeout(skillsRefreshTimer);
-        skillsRefreshTimer = null;
-      }
-      skillsChangeUnsub();
      await close(opts);
    },
  };
--- a/src/gateway/server.nodes.late-invoke.test.ts
+++ b/src/gateway/server.nodes.late-invoke.test.ts
@@ -1,125 +0,0 @@
-import { afterAll, beforeAll, describe, expect, test, vi } from "vitest";
-import { WebSocket } from "ws";
-
-import { GATEWAY_CLIENT_MODES, GATEWAY_CLIENT_NAMES } from "../utils/message-channel.js";
-import { loadOrCreateDeviceIdentity } from "../infra/device-identity.js";
-
-vi.mock("../infra/update-runner.js", () => ({
-  runGatewayUpdate: vi.fn(async () => ({
-    status: "ok",
-    mode: "git",
-    root: "/repo",
-    steps: [],
-    durationMs: 12,
-  })),
-}));
-
-import {
-  connectOk,
-  installGatewayTestHooks,
-  rpcReq,
-  startServerWithClient,
-} from "./test-helpers.js";
-
-installGatewayTestHooks({ scope: "suite" });
-
-let server: Awaited<ReturnType<typeof startServerWithClient>>["server"];
-let ws: WebSocket;
-let port: number;
-
-beforeAll(async () => {
-  const started = await startServerWithClient();
-  server = started.server;
-  ws = started.ws;
-  port = started.port;
-  await connectOk(ws);
-});
-
-afterAll(async () => {
-  ws.close();
-  await server.close();
-});
-
-describe("late-arriving invoke results", () => {
-  test("returns success for unknown invoke id (late arrival after timeout)", async () => {
-    // Create a node client WebSocket
-    const nodeWs = new WebSocket(`ws://127.0.0.1:${port}`);
-    await new Promise<void>((resolve) => nodeWs.once("open", resolve));
-
-    try {
-      // Connect as a node with device identity
-      const identity = loadOrCreateDeviceIdentity();
-      const nodeId = identity.deviceId;
-
-      await connectOk(nodeWs, {
-        role: "node",
-        client: {
-          id: GATEWAY_CLIENT_NAMES.NODE_HOST,
-          version: "1.0.0",
-          platform: "ios",
-          mode: GATEWAY_CLIENT_MODES.NODE,
-        },
-        commands: ["canvas.snapshot"],
-      });
-
-      // Send an invoke result with an unknown ID (simulating late arrival after timeout)
-      const result = await rpcReq<{ ok?: boolean; ignored?: boolean }>(
-        nodeWs,
-        "node.invoke.result",
-        {
-          id: "unknown-invoke-id-12345",
-          nodeId,
-          ok: true,
-          payloadJSON: JSON.stringify({ result: "late" }),
-        },
-      );
-
-      // Late-arriving results return success instead of error to reduce log noise
-      expect(result.ok).toBe(true);
-      expect(result.payload?.ok).toBe(true);
-      expect(result.payload?.ignored).toBe(true);
-    } finally {
-      nodeWs.close();
-    }
-  });
-
-  test("returns success for unknown invoke id with error payload", async () => {
-    // Verifies late results are accepted regardless of their ok/error status
-    const nodeWs = new WebSocket(`ws://127.0.0.1:${port}`);
-    await new Promise<void>((resolve) => nodeWs.once("open", resolve));
-
-    try {
-      await connectOk(nodeWs, {
-        role: "node",
-        client: {
-          id: GATEWAY_CLIENT_NAMES.NODE_HOST,
-          version: "1.0.0",
-          platform: "darwin",
-          mode: GATEWAY_CLIENT_MODES.NODE,
-        },
-        commands: [],
-      });
-
-      const identity = loadOrCreateDeviceIdentity();
-      const nodeId = identity.deviceId;
-
-      // Late invoke result with error payload - should still return success
-      const result = await rpcReq<{ ok?: boolean; ignored?: boolean }>(
-        nodeWs,
-        "node.invoke.result",
-        {
-          id: "another-unknown-invoke-id",
-          nodeId,
-          ok: false,
-          error: { code: "FAILED", message: "test error" },
-        },
-      );
-
-      expect(result.ok).toBe(true);
-      expect(result.payload?.ok).toBe(true);
-      expect(result.payload?.ignored).toBe(true);
-    } finally {
-      nodeWs.close();
-    }
-  });
-});
--- a/src/infra/outbound/message-action-runner.threading.test.ts
+++ b/src/infra/outbound/message-action-runner.threading.test.ts
@@ -89,30 +89,4 @@ describe("runMessageAction Slack threading", () => {
    const call = mocks.executeSendAction.mock.calls[0]?.[0];
    expect(call?.ctx?.mirror?.sessionKey).toBe("agent:main:slack:channel:c123:thread:111.222");
  });
-
-  it("matches auto-threading when channel ids differ in case", async () => {
-    mocks.executeSendAction.mockResolvedValue({
-      handledBy: "plugin",
-      payload: {},
-    });
-
-    await runMessageAction({
-      cfg: slackConfig,
-      action: "send",
-      params: {
-        channel: "slack",
-        target: "channel:c123",
-        message: "hi",
-      },
-      toolContext: {
-        currentChannelId: "C123",
-        currentThreadTs: "333.444",
-        replyToMode: "all",
-      },
-      agentId: "main",
-    });
-
-    const call = mocks.executeSendAction.mock.calls[0]?.[0];
-    expect(call?.ctx?.mirror?.sessionKey).toBe("agent:main:slack:channel:c123:thread:333.444");
-  });
 });
--- a/src/infra/outbound/message-action-runner.ts
+++ b/src/infra/outbound/message-action-runner.ts
@@ -217,7 +217,7 @@ function resolveSlackAutoThreadId(params: {
  if (context.replyToMode !== "all" && context.replyToMode !== "first") return undefined;
  const parsedTarget = parseSlackTarget(params.to, { defaultKind: "channel" });
  if (!parsedTarget || parsedTarget.kind !== "channel") return undefined;
-  if (parsedTarget.id.toLowerCase() !== context.currentChannelId.toLowerCase()) return undefined;
+  if (parsedTarget.id !== context.currentChannelId) return undefined;
  if (context.replyToMode === "first" && context.hasRepliedRef?.value) return undefined;
  return context.currentThreadTs;
 }
--- a/src/infra/skills-remote.ts
+++ b/src/infra/skills-remote.ts
@@ -55,10 +55,10 @@ function extractErrorMessage(err: unknown): string | undefined {
 function logRemoteBinProbeFailure(nodeId: string, err: unknown) {
  const message = extractErrorMessage(err);
  const label = describeNode(nodeId);
-  // Node unavailable errors (not connected or disconnected mid-operation) are expected
-  // when nodes have transient connections - log at info level instead of warn
-  if (message?.includes("node not connected") || message?.includes("node disconnected")) {
-    log.info(`remote bin probe skipped: node unavailable (${label})`);
+  if (message?.includes("node not connected")) {
+    log.info(
+      `remote bin probe skipped: node not connected (${label}); check nodes list/status for ${label}`,
+    );
    return;
  }
  if (message?.includes("invoke timed out") || message?.includes("timeout")) {
@@ -213,15 +213,6 @@ function parseBinProbePayload(payloadJSON: string | null | undefined, payload?:
  return [];
 }

-function areBinSetsEqual(a: Set<string> | undefined, b: Set<string>): boolean {
-  if (!a) return false;
-  if (a.size !== b.size) return false;
-  for (const bin of b) {
-    if (!a.has(bin)) return false;
-  }
-  return true;
-}
-
 export async function refreshRemoteNodeBins(params: {
  nodeId: string;
  platform?: string;
@@ -270,11 +261,7 @@ export async function refreshRemoteNodeBins(params: {
      return;
    }
    const bins = parseBinProbePayload(res.payloadJSON, res.payload);
-    const existingBins = remoteNodes.get(params.nodeId)?.bins;
-    const nextBins = new Set(bins);
-    const hasChanged = !areBinSetsEqual(existingBins, nextBins);
    recordRemoteNodeBins(params.nodeId, bins);
-    if (!hasChanged) return;
    await updatePairedNodeMetadata(params.nodeId, { bins });
    bumpSkillsSnapshotVersion({ reason: "remote-node" });
  } catch (err) {
--- a/src/routing/resolve-route.ts
+++ b/src/routing/resolve-route.ts
@@ -7,7 +7,6 @@ import {
  DEFAULT_ACCOUNT_ID,
  DEFAULT_MAIN_KEY,
  normalizeAgentId,
-  sanitizeAgentId,
 } from "./session-key.js";

 export type RoutePeerKind = "dm" | "group" | "channel";
@@ -94,13 +93,13 @@ function listAgents(cfg: ClawdbotConfig) {

 function pickFirstExistingAgentId(cfg: ClawdbotConfig, agentId: string): string {
  const trimmed = (agentId ?? "").trim();
-  if (!trimmed) return sanitizeAgentId(resolveDefaultAgentId(cfg));
+  if (!trimmed) return normalizeAgentId(resolveDefaultAgentId(cfg));
  const normalized = normalizeAgentId(trimmed);
  const agents = listAgents(cfg);
-  if (agents.length === 0) return sanitizeAgentId(trimmed);
+  if (agents.length === 0) return normalized;
  const match = agents.find((agent) => normalizeAgentId(agent.id) === normalized);
-  if (match?.id?.trim()) return sanitizeAgentId(match.id.trim());
-  return sanitizeAgentId(resolveDefaultAgentId(cfg));
+  if (match?.id?.trim()) return normalizeAgentId(match.id);
+  return normalizeAgentId(resolveDefaultAgentId(cfg));
 }

 function matchesChannel(
--- a/src/routing/session-key.ts
+++ b/src/routing/session-key.ts
@@ -64,20 +64,6 @@ export function normalizeAgentId(value: string | undefined | null): string {
  );
 }

-export function sanitizeAgentId(value: string | undefined | null): string {
-  const trimmed = (value ?? "").trim();
-  if (!trimmed) return DEFAULT_AGENT_ID;
-  if (/^[a-z0-9][a-z0-9_-]{0,63}$/i.test(trimmed)) return trimmed.toLowerCase();
-  return (
-    trimmed
-      .toLowerCase()
-      .replace(/[^a-z0-9_-]+/gi, "-")
-      .replace(/^-+/, "")
-      .replace(/-+$/, "")
-      .slice(0, 64) || DEFAULT_AGENT_ID
-  );
-}
-
 export function normalizeAccountId(value: string | undefined | null): string {
  const trimmed = (value ?? "").trim();
  if (!trimmed) return DEFAULT_ACCOUNT_ID;
--- a/src/shared/text/reasoning-tags.ts
+++ b/src/shared/text/reasoning-tags.ts
@@ -1,61 +0,0 @@
-export type ReasoningTagMode = "strict" | "preserve";
-export type ReasoningTagTrim = "none" | "start" | "both";
-
-const QUICK_TAG_RE = /<\s*\/?\s*(?:think(?:ing)?|thought|antthinking|final)\b/i;
-const FINAL_TAG_RE = /<\s*\/?\s*final\b[^>]*>/gi;
-const THINKING_TAG_RE = /<\s*(\/?)\s*(?:think(?:ing)?|thought|antthinking)\b[^>]*>/gi;
-
-function applyTrim(value: string, mode: ReasoningTagTrim): string {
-  if (mode === "none") return value;
-  if (mode === "start") return value.trimStart();
-  return value.trim();
-}
-
-export function stripReasoningTagsFromText(
-  text: string,
-  options?: {
-    mode?: ReasoningTagMode;
-    trim?: ReasoningTagTrim;
-  },
-): string {
-  if (!text) return text;
-  if (!QUICK_TAG_RE.test(text)) return text;
-
-  const mode = options?.mode ?? "strict";
-  const trimMode = options?.trim ?? "both";
-
-  let cleaned = text;
-  if (FINAL_TAG_RE.test(cleaned)) {
-    FINAL_TAG_RE.lastIndex = 0;
-    cleaned = cleaned.replace(FINAL_TAG_RE, "");
-  } else {
-    FINAL_TAG_RE.lastIndex = 0;
-  }
-
-  THINKING_TAG_RE.lastIndex = 0;
-  let result = "";
-  let lastIndex = 0;
-  let inThinking = false;
-
-  for (const match of cleaned.matchAll(THINKING_TAG_RE)) {
-    const idx = match.index ?? 0;
-    const isClose = match[1] === "/";
-
-    if (!inThinking) {
-      result += cleaned.slice(lastIndex, idx);
-      if (!isClose) {
-        inThinking = true;
-      }
-    } else if (isClose) {
-      inThinking = false;
-    }
-
-    lastIndex = idx + match[0].length;
-  }
-
-  if (!inThinking || mode === "preserve") {
-    result += cleaned.slice(lastIndex);
-  }
-
-  return applyTrim(result, trimMode);
-}
--- a/ui/src/ui/format.test.ts
+++ b/ui/src/ui/format.test.ts
@@ -21,22 +21,5 @@ describe("stripThinkingTags", () => {
  it("returns original text when no tags exist", () => {
    expect(stripThinkingTags("Hello")).toBe("Hello");
  });
-
-  it("strips <final>…</final> segments", () => {
-    const input = "<final>\n\nHello there\n\n</final>";
-    expect(stripThinkingTags(input)).toBe("Hello there\n\n");
-  });
-
-  it("strips mixed <think> and <final> tags", () => {
-    const input = "<think>reasoning</think>\n\n<final>Hello</final>";
-    expect(stripThinkingTags(input)).toBe("Hello");
-  });
-
-  it("handles incomplete <final tag gracefully", () => {
-    // When streaming splits mid-tag, we may see "<final" without closing ">"
-    // This should not crash and should handle gracefully
-    expect(stripThinkingTags("<final\nHello")).toBe("<final\nHello");
-    expect(stripThinkingTags("Hello</final>")).toBe("Hello");
-  });
 });

--- a/ui/src/ui/format.ts
+++ b/ui/src/ui/format.ts
@@ -1,5 +1,3 @@
-import { stripReasoningTagsFromText } from "../../../src/shared/text/reasoning-tags.js";
-
 export function formatMs(ms?: number | null): string {
  if (!ms && ms !== 0) return "n/a";
  return new Date(ms).toLocaleString();
@@ -69,6 +67,38 @@ export function parseList(input: string): string[] {
    .filter((v) => v.length > 0);
 }

+const THINKING_TAG_RE = /<\s*\/?\s*think(?:ing)?\s*>/gi;
+const THINKING_OPEN_RE = /<\s*think(?:ing)?\s*>/i;
+const THINKING_CLOSE_RE = /<\s*\/\s*think(?:ing)?\s*>/i;
+
 export function stripThinkingTags(value: string): string {
-  return stripReasoningTagsFromText(value, { mode: "preserve", trim: "start" });
+  if (!value) return value;
+  const hasOpen = THINKING_OPEN_RE.test(value);
+  const hasClose = THINKING_CLOSE_RE.test(value);
+  if (!hasOpen && !hasClose) return value;
+  // If we don't have a balanced pair, avoid dropping trailing content.
+  if (hasOpen !== hasClose) {
+    if (!hasOpen) return value.replace(THINKING_CLOSE_RE, "").trimStart();
+    return value.replace(THINKING_OPEN_RE, "").trimStart();
+  }
+
+  if (!THINKING_TAG_RE.test(value)) return value;
+  THINKING_TAG_RE.lastIndex = 0;
+
+  let result = "";
+  let lastIndex = 0;
+  let inThinking = false;
+  for (const match of value.matchAll(THINKING_TAG_RE)) {
+    const idx = match.index ?? 0;
+    if (!inThinking) {
+      result += value.slice(lastIndex, idx);
+    }
+    const tag = match[0].toLowerCase();
+    inThinking = !tag.includes("/");
+    lastIndex = idx + match[0].length;
+  }
+  if (!inThinking) {
+    result += value.slice(lastIndex);
+  }
+  return result.trimStart();
 }