Two defects found while running /wiki-compile, both from tooling assuming
a path instead of resolving it.
1. Plaintext Syncro API keys. Mike's and Howard's live PSA keys were
copy-pasted into three command files, a script, and two catalog docs --
despite both already being vaulted at msp-tools/syncro and
msp-tools/syncro-howard. Replaced with reads from the SOPS vault via a
new sourced helper, .claude/scripts/syncro-env.sh. Write paths fail
closed; read-only paths degrade to skipped enrichment rather than a
wrong key. Per-user mapping is unchanged, so Syncro attribution is too.
2. Hardcoded repo root. wiki-compile/wiki-lint/inject-standards and
gen_b64.py hardcoded D:/claudetools; this machine is C:/claudetools.
syncro.md also read ~/.claude/identity.json before the repo copy -- the
same bug that made remediation-tool's consent-audit report a fully
consented tenant as RED. Root now resolves from the script's own
location, with identity.json claudetools_root as the override.
get-identity.sh had a chicken-and-egg bug: it read ${CLAUDETOOLS_ROOT:-.}
but never set it, so every caller had to already know the root. It now
self-resolves and exports CLAUDETOOLS_ROOT + VAULT_ROOT.
Verified: all three command setup blocks authenticate against live Syncro;
get-identity.sh works from any cwd and honors a pre-set root; gps-rmm
autoenroll resolves its key from the vault. security-review: no findings.
NOTE: both keys remain valid in git history. Rotation in the Syncro portal
is the required follow-up -- this commit does not resolve that exposure.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Fixes from the code-review workflow (7 findings): page the poll cursor past the
100-msg window (no false timeout behind bot/overflow messages); honor 429
retry_after and bail fast on permanent Discord errors (10003/50001/...) instead
of burning the timeout; status-check overflow follow-up chunks (warn, don't
silently truncate); clamp --read limit safely (guard >64-bit overflow); add
--wait --after for precise resumption; DRY the newline-trim; set LC_ALL=C.UTF-8
for codepoint-safe slicing. SKILL.md gains the tested bot capability/limit map
(can: post/read/edit-own/react; cannot without a grant: delete/archive/unlock/pin)
and a robustness section.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add ask-forum.sh + /ask-forum command: a live Claude session posts a
question to the private #ct-forum forum and blocks (server-side, one tool
call) until a human replies, then acts on the answer. Same session throughout
- a three-way between the user, the session, and the teammate. No DMs, no
second bot. Bumps the discord-bot submodule to the matching #ct-forum guard.
Approved by Mike via #ct-forum (a-go, forum-only, /ask-forum yes), 2026-07-08.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Phase-3 post-rebase reconcile ran 'git submodule update --init --recursive'
unconditionally, force-detaching every submodule to the parent's pinned gitlink
and discarding any feature branch, commits, or uncommitted edits inside it. The
Phase-1a init guard did not cover this path. New submodule_update_safe() advances
ONLY submodules in the pristine pinned state (clean, detached HEAD) and skips any
on a branch or with uncommitted changes, so in-progress submodule work survives a
parent sync.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
PROBLEM: Broadcast messages were never being marked as read on the server,
only tracked in a local gitignored seen-file. This caused them to re-appear
in every new session or on different machines.
ROOT CAUSE: check-messages.sh lines 101-104 had a flawed assumption that
broadcasts share a single read_at field that would "clobber" other machines'
unread state. This was wrong - the API supports per-session read tracking.
FIX:
- check-messages.sh now marks broadcasts as read on the server (like personal
messages), in addition to tracking them in the local seen-file
- Updated comments to reflect correct behavior
- coord SKILL.md now documents auto-mark-read behavior and reply workflow
- Manually marked all 39 accumulated unread broadcasts as read
IMPACT: Broadcast messages will now be properly marked as read and won't
keep appearing across sessions. Fixes user complaint about answered questions
(pfSense cred-path, fabb3421, etc.) continuing to show up.
Logged to errorlog.md as --correction.
Adds .claude/scripts/migrate-to-submodules.sh — self-contained, distributable by
raw URL since old clones can't pull. Detects compliance (history merge-base vs
origin, RECLONE.md+submodule offline fallback); leaves compliant clones untouched;
otherwise re-clones AND recovers the gitignored per-machine state a clone never
carries (identity.json, settings.local.json, .mcp.json, grepai, per-project
.env/.venv/.attachments), surfaces stranded unpushed commits, and FLAGS large
purged data for manual move (never re-imports it into git). Closes RECLONE.md's
"recover any uncommitted work" gap that stranded identity.json + the discord-bot venv.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
onboarding-diagnostic.ps1: add a PowerShell-version guard. The probe is PS3+ by
design (Get-CimInstance, [ordered], ConvertTo-Json); on stock PS2 (Win7 SP1 /
2008 R2 without WMF) it crashed with cryptic [ordered] errors and emitted empty
DIAG-JSON (first hit: AMT-PC). Now on PS<3 it emits a legible, parseable result
inside the DIAG-JSON markers (hand-built JSON) with a WMF 5.1 / KB3191566
remediation hint instead. Parses clean. True PS2-native probe stays an RMM Thought.
memory: add feedback_windows_quote_stripping (+ index) consolidating the two
recent embedded-double-quote incidents (PowerShell->curl.exe CommandLineToArgvW,
RMM->cmd.exe shutdown /c) into one root cause + fix, so future ref= entries land.
errorlog: the two self-logged entries from #32333 (preview-skip friction,
AMT-PC/Scileppi conflation correction).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Both surfaced on GND-SERVER (Server 2019 DC), would mis-grade every Windows Server:
1. OS EOL: build numbers are SHARED between client and server SKUs (17763 = Win10
1809 AND Server 2019; 14393 = 1607/Server2016; 26100 = 24H2/Server2025). The map
only had client dates, so Server 2019 (supported to 2029) was flagged EOL-2020 =
false critical. Now branch on SKU ($caption -match 'Server') with a Server EOL map.
2. Stability disk errors: ids 7/51/153 are shared across providers; provider 'disk'
= real I/O error, but 'Microsoft-Windows-Kernel-Boot' id 153 = "VBS disabled" boot
noise. The unfiltered fallback counted that noise as disk errors (false warning on
healthy boxes). Now count only true storage providers, no unfiltered fallback.
Parses clean. Re-run on GND-SERVER should drop from RED to AMBER (both false findings gone).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- graduation-push.sh: tar+scp scratch -> BEAST graduation-inbox over Tailscale (decoupled
from /save, soft-fail if BEAST off). Tested: 241 files -> BEAST.
- docs/graduation-pipeline.md: full spec (push -> Ollama triage on BEAST GPU via API ->
reviewed sanitize+git-mv). Secrets never enter git; ride the encrypted link to BEAST only.
- tmp-promotion-check.sh: rewritten pure-builtin (0.4s) after the per-file grep/fork loop
hung /save for 4 min on Windows at ~240 scratch files. Deep triage moves to the pipeline.
- forum-post: GRADUATED the canonical flarum poster from scratch ->
skills/forum-post/scripts/flarum-post.py (s9e markdown->XML + DB insert machinery), with
the hardcoded IX SSH + Flarum DB passwords swapped to vault lookups. First pipeline test case.
- Vaulted the Flarum DB cred (services/flarum-community.sops.yaml) + sanitized the two
plaintext copies in forum-post.md.
- errorlog: logged the WSL-stub correction + BEAST-Ollama-CPU(vram=0) finding + the
promotion-check hang, all via the new log helper.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add .claude/scripts/log-skill-error.sh — the canonical agent error log helper
(writes errorlog.md in DATE | MACHINE | skill | [type] error format, soft-fails).
Three categories: execution failures (default), user corrections (--correction),
and preventable self-inflicted friction (--friction; cite ref= when it repeats a
documented gotcha). Goal: stop paying tokens twice for the same avoidable mistake.
- CLAUDE.md: make logging mandatory for all skills + corrections + friction.
- skill-creator: new skills must wire in the helper (guidance + checklist).
- Retrofit every skill script's genuine failure branches to call the helper
(b2/bitdefender/mailprotector/packetdial/coord python CLIs; remediation-tool
+ onboard365 bash; vault, rmm-auth, post-bot-alert, agy, grok, 1password,
run-onboarding-diagnostic). Handled conditions + self-tests left alone.
- errorlog.md: broaden header to cover skills + harness + corrections; seed this
session's corrections (INKY, Mail.Send token-audience, omnibox-strictness) and
friction (git-bash /tmp, env-persistence, argv-limit, PowerShell var-case).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The skill/command DOCS instructed Claude to run a bare `py ...`, which is the
Windows py-launcher — absent on Linux/macOS (exit 127, hit on GURU-KALI). A blind
py->python3 swap is wrong too: python3 is a broken MS Store shim on some Windows
boxes where `py` is the correct launcher.
Fix mirrors the resolution the .sh skill scripts already do:
- New .claude/scripts/py.sh: picks the interpreter that actually RUNS —
identity.json python.command first, then py -> python3 -> python, each
validated with `-c 'import sys'` so the MS Store stub is skipped. exec's it.
- Repointed all DOC invocations (10 files, ~70 sites) from `py ...` to
`bash "$CLAUDETOOLS_ROOT/.claude/scripts/py.sh" ...` (incl. the `py -c` and
`py -` heredoc forms in checkpoint.md / mailbox.md).
- Left the .sh skill scripts untouched — they already resolve py/python/python3.
- errorlog.md: marked the GURU-KALI entry RESOLVED.
Depends on CLAUDETOOLS_ROOT (seeded by ensure-settings-env.py); py.sh also
self-resolves the repo root via git/cwd as a fallback.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- .gitignore: ignore root tmp/ (temp/ and .claude/tmp/ were already ignored;
root tmp/ was not, which is how scratch got committed and needed cleanup).
- New .claude/scripts/tmp-promotion-check.sh: advisory, read-only, never blocks.
Scans the gitignored scratch dirs (tmp/, temp/, .claude/tmp/) and flags files
worth graduating (scripts, substantial docs, session-log-referenced) before
they're lost to cleanup. Silent when scratch is empty.
- /save (Phase 4) and /scc (new step 2) run the check before sync.sh, pointing
at .claude/TEMP_GRADUATION.md for the graduate-vs-delete decision.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
client.py: send() falls back to ResultMessage.result when no TextBlock streams
(the "(no response)" bug) and reconnects+retries once on a closed SDK session.
message_handler.py: per-thread turn lock so messages arriving mid-turn or from a
second user queue in order (nothing dropped); per-session requester-attribution
env (discord_id -> users.json key), pinned to the thread opener; _USER_MAP caches
only on a successful load; final answer posts as a fresh message at the BOTTOM
(no edit-in-place); a <@id> tag goes out as a fresh send so it actually pings.
main.py: allowed_mentions permits user pings, blocks @everyone/@here/roles.
DISCORD_CLAUDE.md: no thread auto-delete; tiered close-out (Q&A -> one-line rolling
log, substantive -> /save); @mention guidance; opener-pinned attribution note.
whoami-block.sh / sync.sh: bot-context attribution (Executed by ClaudeTools Bot /
Requested by <person>; git author = mapped requester, committer = bot). Strict
no-op for interactive sessions.
users.json: discord_id for Mike/Howard; added Winter Williams (bot-only, full trust).
Reviewed by Code Review Agent + Grok + Gemini (Gemini's "malformed email" finding
verified as a false positive).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Builds the false-positive/true-positive proof the plan requires before the guard can be
promoted to blocking, and fixes the one false-positive it surfaced.
- test-harness-guard.sh: 12-case matrix in a throwaway repo, runs the REAL guard, asserts
WARN/clean for real conflicts/secrets/keys vs legit content (setext underlines, dividers,
docs that mention a marker, encrypted sops, public keys, .example templates).
- harness-guard.sh: conflict rule now requires a real hunk (BOTH ^<<<<<<< AND ^>>>>>>>),
dropping the lone =======$ trigger that false-positived on a 7-char setext underline /
divider. Identical true-positive power (git writes all three markers); FP surface -> 0.
- /self-check: new harness.guard_selftest runs the matrix in an isolated temp repo (read-only
vs the real tree) so guard correctness is continuously proven.
Verified 12/12 pass, true positives intact, real-tree FP surface = 0. FATAL flip (todo
f1c11d0d, on/after 2026-06-22) is now evidence-backed + one-step.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>