13 changed files with 74 additions and 1525 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,4 +0,0 @@
-node_modules/
-coverage/
-.git/
-*.log
--- a/.editorconfig
+++ b/.editorconfig
@ -1,9 +0,0 @@
-root = true
-
-[*]
-indent_style = space
-indent_size = 2
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,18 +0,0 @@
-{
-  "env": {
-    "node": true,
-    "es2020": true
-  },
-  "parserOptions": {
-    "ecmaVersion": 2020
-  },
-  "plugins": ["security"],
-  "extends": ["eslint:recommended"],
-  "rules": {
-    "no-unused-vars": ["error", { "argsIgnorePattern": "^_", "varsIgnorePattern": "^_" }],
-    "no-console": "warn",
-    "security/detect-object-injection": "warn",
-    "security/detect-non-literal-fs-filename": "warn",
-    "security/detect-eval-with-expression": "error"
-  }
-}
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +0,0 @@
-node_modules/
-coverage/
-*.log
--- a/.prettierignore
+++ b/.prettierignore
@ -1,4 +0,0 @@
-node_modules/
-coverage/
-dist/
-package-lock.json
--- a/.prettierrc
+++ b/.prettierrc
@ -1,6 +0,0 @@
-{
-  "singleQuote": true,
-  "trailingComma": "all",
-  "printWidth": 100,
-  "tabWidth": 2
-}
--- a/23
+++ b/23
@ -1,23 +0,0 @@
-export NODE_ENV := development
-
-.PHONY: check install test lint fmt fmt-check secret-scan
-
-check: install lint fmt-check secret-scan test
-
-install:
-	npm install
-
-test:
-	@echo "[SKIP] No tests found"
-
-lint:
-	npx eslint .
-
-fmt:
-	npx prettier --write .
-
-fmt-check:
-	npx prettier --check .
-
-secret-scan:
-	bash tools/secret-scan.sh .
--- a/README.md
+++ b/README.md
@ -3,7 +3,6 @@
 A lightweight CLI tool for OpenClaw agents to provide "Antigravity-style" live status updates in Mattermost channels (and others) without spamming.

 ## Features
-
 - **Live Updates:** Create a single message and update it repeatedly.
 - **Sub-Agent Support:** Works in clean environments via embedded config or CLI flags.
 - **Cross-Channel:** Supports dynamic channel targeting via `--channel`.
@ -12,7 +11,6 @@ A lightweight CLI tool for OpenClaw agents to provide "Antigravity-style" live s
 ## Installation

 Run the interactive installer wizard:
-
 ```bash
 ./install.sh
 ```
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,11 +0,0 @@
-{
-  "name": "mattermost-openclaw-livestatus",
-  "version": "1.0.0",
-  "private": true,
-  "description": "OpenClaw Live Status Tool for Mattermost",
-  "devDependencies": {
-    "eslint": "^8.56.0",
-    "eslint-plugin-security": "^2.1.0",
-    "prettier": "^3.2.0"
-  }
-}
--- a/skill/SKILL.md
+++ b/skill/SKILL.md
@ -6,20 +6,15 @@ It allows you to create a "Live Log" post that you update in-place, reducing cha
 ## Usage

 ### 1. Initialize (Start of Task)
-
 Create a new status post. It will print the `POST_ID`.
 **Required:** Pass the `CHANNEL_ID` if known (otherwise it defaults to system channel).
-
 ```bash
 live-status create <CHANNEL_ID> "🚀 **Task Started:** Initializing..."
 ```
-
 **Output:** `p6...` (The Post ID)

 ### 2. Update (During Task)
-
 Update the post with new log lines. Use a code block for logs.
-
 ```bash
 live-status update <POST_ID> "🚀 **Task Started:** Initializing...
 \`\`\`
@ -29,9 +24,7 @@ live-status update <POST_ID> "🚀 **Task Started:** Initializing...
 ```

 ### 3. Complete (End of Task)
-
 Mark as done.
-
 ```bash
 live-status update <POST_ID> "✅ **Task Complete.**
 \`\`\`
@ -42,7 +35,6 @@ live-status update <POST_ID> "✅ **Task Complete.**
 ```

 ## Protocol
-
 - **Always** capture the `POST_ID` from the `create` command.
 - **Always** append to the previous log (maintain history).
 - **Use Code Blocks** for technical logs.
--- a/src/live-status.js
+++ b/src/live-status.js
@ -1,7 +1,7 @@
 #!/usr/bin/env node

 const https = require('http'); // Using http for mattermost:8065 (no ssl inside docker network)
-const _fs = require('fs');
+const fs = require('fs');

 // --- HELPER: PARSE ARGS ---
 const args = process.argv.slice(2);
@ -11,7 +11,7 @@ let otherArgs = [];

 for (let i = 0; i < args.length; i++) {
    if (args[i] === '--channel') {
-    options.channel = args[i + 1];
+        options.channel = args[i+1];
        i++; // Skip next arg (the channel ID)
    } else if (!command && (args[i] === 'create' || args[i] === 'update')) {
        command = args[i];
@ -26,11 +26,7 @@ const CONFIG = {
    port: 8065,
    token: 'DEFAULT_TOKEN_PLACEHOLDER', // Set via install.sh wizard
    // Priority: 1. CLI Flag, 2. Env Var, 3. Hardcoded Fallback (Project-0)
-  channel_id:
-    options.channel ||
-    process.env.MM_CHANNEL_ID ||
-    process.env.CHANNEL_ID ||
-    'obzja4hb8pd85xk45xn4p31jye',
+    channel_id: options.channel || process.env.MM_CHANNEL_ID || process.env.CHANNEL_ID || 'obzja4hb8pd85xk45xn4p31jye'
 };

 // --- HELPER: HTTP REQUEST ---
@ -42,14 +38,14 @@ function request(method, path, data) {
            path: '/api/v4' + path,
            method: method,
            headers: {
-        Authorization: `Bearer ${CONFIG.token}`,
-        'Content-Type': 'application/json',
-      },
+                'Authorization': `Bearer ${CONFIG.token}`,
+                'Content-Type': 'application/json'
+            }
        };

        const req = https.request(options, (res) => {
            let body = '';
-      res.on('data', (chunk) => (body += chunk));
+            res.on('data', (chunk) => body += chunk);
            res.on('end', () => {
                if (res.statusCode >= 200 && res.statusCode < 300) {
                    try {
@ -75,7 +71,7 @@ async function createPost(text) {
    try {
        const result = await request('POST', '/posts', {
            channel_id: CONFIG.channel_id,
-      message: text,
+            message: text
        });
        console.log(result.id);
    } catch (e) {
@ -90,11 +86,11 @@ async function updatePost(postId, text) {
        await request('PUT', `/posts/${postId}`, {
            id: postId,
            message: text,
-      props: current.props,
+            props: current.props
        });
-    console.log('updated');
+        console.log("updated");
    } catch (e) {
-    console.error('Error updating post:', e.message);
+        console.error("Error updating post:", e.message);
        process.exit(1);
    }
 }
@ -108,7 +104,7 @@ if (command === 'create') {
    const text = otherArgs.slice(1).join(' ');
    updatePost(id, text);
 } else {
-  console.log('Usage: live-status [--channel ID] create <text>');
-  console.log('       live-status update <id> <text>');
+    console.log("Usage: live-status [--channel ID] create <text>");
+    console.log("       live-status update <id> <text>");
    process.exit(1);
 }
--- a/tools/secret-scan.sh
+++ b/tools/secret-scan.sh
@ -1,69 +0,0 @@
-#!/usr/bin/env bash
-# secret-scan.sh — Scans for private keys and high-entropy secrets
-# Usage: bash tools/secret-scan.sh [directory]
-# Uses .secret-scan-allowlist for false positives (one file path per line)
-
-set -e
-
-SCAN_DIR="${1:-.}"
-ALLOWLIST=".secret-scan-allowlist"
-FINDINGS=0
-
-# Build find exclusions
-EXCLUDES=(-not -path "*/node_modules/*" -not -path "*/.git/*" -not -path "*/coverage/*" -not -path "*/dist/*")
-
-# Load allowlist
-ALLOWLIST_PATHS=()
-if [ -f "$ALLOWLIST" ]; then
-    while IFS= read -r line || [ -n "$line" ]; do
-        [[ "$line" =~ ^#.*$ || -z "$line" ]] && continue
-        ALLOWLIST_PATHS+=("$line")
-    done < "$ALLOWLIST"
-fi
-
-is_allowed() {
-    local file="$1"
-    for allowed in "${ALLOWLIST_PATHS[@]}"; do
-        if [[ "$file" == *"$allowed"* ]]; then
-            return 0
-        fi
-    done
-    return 1
-}
-
-echo "Scanning $SCAN_DIR for secrets..."
-
-# Scan for private keys
-while IFS= read -r file; do
-    [ -f "$file" ] || continue
-    is_allowed "$file" && continue
-    if grep -qE '-----BEGIN (RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----' "$file" 2>/dev/null; then
-        echo "FINDING [private-key]: $file"
-        FINDINGS=$((FINDINGS + 1))
-    fi
-done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f)
-
-# Scan for high-entropy hex strings (40+ chars)
-while IFS= read -r file; do
-    [ -f "$file" ] || continue
-    is_allowed "$file" && continue
-    if grep -qE '[0-9a-f]{40,}' "$file" 2>/dev/null; then
-        # Filter out common false positives (git SHAs in lock files, etc.)
-        BASENAME=$(basename "$file")
-        if [[ "$BASENAME" != "package-lock.json" && "$BASENAME" != "*.lock" ]]; then
-            MATCHES=$(grep -oE '[0-9a-f]{40,}' "$file" 2>/dev/null || true)
-            if [ -n "$MATCHES" ]; then
-                echo "FINDING [high-entropy-hex]: $file"
-                FINDINGS=$((FINDINGS + 1))
-            fi
-        fi
-    fi
-done < <(find "$SCAN_DIR" "${EXCLUDES[@]}" -type f -not -name "package-lock.json" -not -name "*.lock")
-
-if [ "$FINDINGS" -gt 0 ]; then
-    echo "secret-scan: $FINDINGS finding(s) — FAIL"
-    exit 1
-else
-    echo "secret-scan: clean — PASS"
-    exit 0
-fi