13 changed files with 74 additions and 1525 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,4 +0,0 @@
 node_modules/
 coverage/
 .git/
 *.log
--- a/.editorconfig
+++ b/.editorconfig
@ -1,9 +0,0 @@
 root = true
 [*]
 indent_style = space
 indent_size = 2
 end_of_line = lf
 charset = utf-8
 trim_trailing_whitespace = true
 insert_final_newline = true
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,18 +0,0 @@
 {
  "env": {
    "node": true,
    "es2020": true
  },
  "parserOptions": {
    "ecmaVersion": 2020
  },
  "plugins": ["security"],
  "extends": ["eslint:recommended"],
  "rules": {
    "no-unused-vars": ["error", { "argsIgnorePattern": "^_", "varsIgnorePattern": "^_" }],
    "no-console": "warn",
    "security/detect-object-injection": "warn",
    "security/detect-non-literal-fs-filename": "warn",
    "security/detect-eval-with-expression": "error"
  }
 }
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +0,0 @@
 node_modules/
 coverage/
 *.log
--- a/.prettierignore
+++ b/.prettierignore
@ -1,4 +0,0 @@
 node_modules/
 coverage/
 dist/
 package-lock.json
--- a/.prettierrc
+++ b/.prettierrc
@ -1,6 +0,0 @@
 {
  "singleQuote": true,
  "trailingComma": "all",
  "printWidth": 100,
  "tabWidth": 2
 }
--- a/23
+++ b/23
@ -1,23 +0,0 @@
 export NODE_ENV := development
 .PHONY: check install test lint fmt fmt-check secret-scan
 check: install lint fmt-check secret-scan test
 install:
 	npm install
 test:
 	@echo "[SKIP] No tests found"
 lint:
 	npx eslint .
 fmt:
 	npx prettier --write .
 fmt-check:
 	npx prettier --check .
 secret-scan:
 	bash tools/secret-scan.sh .
--- a/README.md
+++ b/README.md
@ -3,7 +3,6 @@
 A lightweight CLI tool for OpenClaw agents to provide "Antigravity-style" live status updates in Mattermost channels (and others) without spamming.
 ## Features
 - **Live Updates:** Create a single message and update it repeatedly.
 - **Sub-Agent Support:** Works in clean environments via embedded config or CLI flags.
 - **Cross-Channel:** Supports dynamic channel targeting via `--channel`.
@ -12,7 +11,6 @@ A lightweight CLI tool for OpenClaw agents to provide "Antigravity-style" live s
 ## Installation
 Run the interactive installer wizard:
 ```bash
 ./install.sh
 ```
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,11 +0,0 @@
 {
  "name": "mattermost-openclaw-livestatus",
  "version": "1.0.0",
  "private": true,
  "description": "OpenClaw Live Status Tool for Mattermost",
  "devDependencies": {
    "eslint": "^8.56.0",
    "eslint-plugin-security": "^2.1.0",
    "prettier": "^3.2.0"
  }
 }
--- a/skill/SKILL.md
+++ b/skill/SKILL.md
@ -6,20 +6,15 @@ It allows you to create a "Live Log" post that you update in-place, reducing cha
 ## Usage
 ### 1. Initialize (Start of Task)
 Create a new status post. It will print the `POST_ID`.
 **Required:** Pass the `CHANNEL_ID` if known (otherwise it defaults to system channel).
 ```bash
 live-status create <CHANNEL_ID> "🚀 **Task Started:** Initializing..."
 ```
 **Output:** `p6...` (The Post ID)
 ### 2. Update (During Task)
 Update the post with new log lines. Use a code block for logs.
 ```bash
 live-status update <POST_ID> "🚀 **Task Started:** Initializing...
 \`\`\`
@ -29,9 +24,7 @@ live-status update <POST_ID> "🚀 **Task Started:** Initializing...
 ```
 ### 3. Complete (End of Task)
 Mark as done.
 ```bash
 live-status update <POST_ID> "✅ **Task Complete.**
 \`\`\`
@ -42,7 +35,6 @@ live-status update <POST_ID> "✅ **Task Complete.**
 ```
 ## Protocol
 - **Always** capture the `POST_ID` from the `create` command.
 - **Always** append to the previous log (maintain history).
 - **Use Code Blocks** for technical logs.
--- a/src/live-status.js
+++ b/src/live-status.js
@ -1,7 +1,7 @@
 #!/usr/bin/env node
 const https = require('http'); // Using http for mattermost:8065 (no ssl inside docker network)
-const _fs = require('fs');
+const fs = require('fs');
 // --- HELPER: PARSE ARGS ---
 const args = process.argv.slice(2);
@ -26,11 +26,7 @@ const CONFIG = {
    port: 8065,
    token: 'DEFAULT_TOKEN_PLACEHOLDER', // Set via install.sh wizard
    // Priority: 1. CLI Flag, 2. Env Var, 3. Hardcoded Fallback (Project-0)
-  channel_id:
+    channel_id: options.channel || process.env.MM_CHANNEL_ID || process.env.CHANNEL_ID || 'obzja4hb8pd85xk45xn4p31jye'
    options.channel ||
    process.env.MM_CHANNEL_ID ||
    process.env.CHANNEL_ID ||
    'obzja4hb8pd85xk45xn4p31jye',
 };
 // --- HELPER: HTTP REQUEST ---
@ -42,14 +38,14 @@ function request(method, path, data) {
            path: '/api/v4' + path,
            method: method,
            headers: {
-        Authorization: `Bearer ${CONFIG.token}`,
+                'Authorization': `Bearer ${CONFIG.token}`,
-        'Content-Type': 'application/json',
+                'Content-Type': 'application/json'
-      },
+            }
        };
        const req = https.request(options, (res) => {
            let body = '';
-      res.on('data', (chunk) => (body += chunk));
+            res.on('data', (chunk) => body += chunk);
            res.on('end', () => {
                if (res.statusCode >= 200 && res.statusCode < 300) {
                    try {
@ -75,7 +71,7 @@ async function createPost(text) {
    try {
        const result = await request('POST', '/posts', {
            channel_id: CONFIG.channel_id,
-      message: text,
+            message: text
        });
        console.log(result.id);
    } catch (e) {
@ -90,11 +86,11 @@ async function updatePost(postId, text) {
        await request('PUT', `/posts/${postId}`, {
            id: postId,
            message: text,
-      props: current.props,
+            props: current.props
        });
-    console.log('updated');
+        console.log("updated");
    } catch (e) {
-    console.error('Error updating post:', e.message);
+        console.error("Error updating post:", e.message);
        process.exit(1);
    }
 }
@ -108,7 +104,7 @@ if (command === 'create') {
    const text = otherArgs.slice(1).join(' ');
    updatePost(id, text);
 } else {
-  console.log('Usage: live-status [--channel ID] create <text>');
+    console.log("Usage: live-status [--channel ID] create <text>");
-  console.log('       live-status update <id> <text>');
+    console.log("       live-status update <id> <text>");
    process.exit(1);
 }
--- a/tools/secret-scan.sh
+++ b/tools/secret-scan.sh
@ -1,69 +0,0 @@
 #!/usr/bin/env bash
 # secret-scan.sh — Scans for private keys and high-entropy secrets
 # Usage: bash tools/secret-scan.sh [directory]
 # Uses .secret-scan-allowlist for false positives (one file path per line)
 set -e
 SCAN_DIR="${1:-.}"
 ALLOWLIST=".secret-scan-allowlist"
 FINDINGS=0
 # Build find exclusions
 EXCLUDES=(-not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/coverage/*" -not -path "*/dist/*")
 # Load allowlist
 ALLOWLIST_PATHS=()
 if [ -f "$ALLOWLIST" ]; then
    while IFS= read -r line || [ -n "$line" ]; do
        [[ "$line" =~ ^#.*$ || -z "$line" ]] && continue
        ALLOWLIST_PATHS+=("$line")
    done < "$ALLOWLIST"
 fi
 is_allowed() {
    local file="$1"
    for allowed in "${ALLOWLIST_PATHS[@]}"; do
        if [[ "$file" == *"$allowed"* ]]; then
            return 0
        fi
    done
    return 1
 }
 echo "Scanning $SCAN_DIR for secrets..."
 # Scan for private keys
 while IFS= read -r file; do
    [ -f "$file" ] || continue
    is_allowed "$file" && continue
    if grep -qE '-----BEGIN (RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----' "$file" 2>/dev/null; then
        echo "FINDING [private-key]: $file"
        FINDINGS=$((FINDINGS + 1))
    fi
 done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f)
 # Scan for high-entropy hex strings (40+ chars)
 while IFS= read -r file; do
    [ -f "$file" ] || continue
    is_allowed "$file" && continue
    if grep -qE '[0-9a-f]{40,}' "$file" 2>/dev/null; then
        # Filter out common false positives (git SHAs in lock files, etc.)
        BASENAME=$(basename "$file")
        if [[ "$BASENAME" != "package-lock.json" && "$BASENAME" != "*.lock" ]]; then
            MATCHES=$(grep -oE '[0-9a-f]{40,}' "$file" 2>/dev/null || true)
            if [ -n "$MATCHES" ]; then
                echo "FINDING [high-entropy-hex]: $file"
                FINDINGS=$((FINDINGS + 1))
            fi
        fi
    fi
 done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f -not -name "package-lock.json" -not -name "*.lock")
 if [ "$FINDINGS" -gt 0 ]; then
    echo "secret-scan: $FINDINGS finding(s) — FAIL"
    exit 1
 else
    echo "secret-scan: clean — PASS"
    exit 0
 fi