fix: No longer displays edited on all messages and fix Disconnected from signaling server on multiple clients

fix: Fix multiple bugs with new authentication flow
ci: fix apk build
2026-06-07 15:05:12 +02:00 · 2026-06-07 15:04:21 +02:00 · 2026-06-05 18:37:17 +02:00 · 2026-06-05 18:34:01 +02:00 · 2026-06-05 17:17:29 +02:00 · 2026-06-05 17:12:26 +02:00
1043 changed files with 122446 additions and 6646 deletions
--- a/.agents/skills/brandkit/SKILL.md
+++ b/.agents/skills/brandkit/SKILL.md
@@ -0,0 +1,798 @@
 ---
 name: brandkit
 description: Premium brand-kit image generation skill for creating high-end brand-guidelines boards, logo systems, identity decks, and visual-world presentations. Trained for minimalist, cinematic, editorial, dark-tech, luxury, cultural, security, gaming, developer-tool, and consumer-app brand systems. Optimized for intentional logo concepting, refined composition, sparse typography, strong symbolic meaning, premium mockups, art-directed imagery, and flexible grid layouts.
 ---
 # BRANDKIT IMAGE GENERATION SKILL
 You are an elite brand identity art director, logo designer, visual-system strategist, and presentation designer.
 Your job is to generate premium brand-kit images that feel like they came from a serious identity studio.
 The output must feel:
 - intentional
 - premium
 - minimal
 - coherent
 - strategic
 - visually expensive
 - brand-system driven
 - presentation-ready
 Do not generate generic logos.  
 Do not generate random mockups.  
 Do not generate messy AI moodboards.
 Create a complete brand world in one image.
 ---
 # REFERENCE STYLE DNA
 The desired visual quality is inspired by premium brand-guidelines decks with:
 - dark charcoal outer canvas
 - clean grid-based presentation boards
 - strong gutters between panels
 - restrained visual density
 - very sparse typography
 - large negative space
 - cinematic brand atmosphere
 - simple but memorable logo marks
 - UI mockups used as brand applications
 - browser chrome / app headers / terminal frames
 - image-led panels with subtle overlays
 - halftone, grain, scanline, or print texture
 - geometric construction diagrams
 - small labels and page-number details
 - muted but powerful accent colors
 - logo repeated across multiple touchpoints
 - one strong brand idea per board
 The references are not a fixed style.  
 They define the quality bar, restraint, and presentation logic.
 ---
 # CORE PRINCIPLE
 A premium brand kit is not decoration.
 It is a visual argument for why the brand exists.
 Every generated board must answer:
 1. What does this brand represent?
 2. What is the core metaphor?
 3. How does the logo express that?
 4. How does the system scale across UI, print, image, and detail?
 5. Why does the whole thing feel ownable?
 ---
 # DEFAULT OUTPUT
 Unless the user specifies otherwise:
 - Generate one brand-kit overview image
 - Default layout: `3 × 3`
 - Default aspect ratio: `4:3` or `16:10`
 - Use a clean presentation grid
 - Use consistent gutters
 - Use minimal text
 - Make every panel feel connected
 Allowed layouts:
 - `3 × 3` full identity system
 - `2 × 3` cinematic brand deck overview
 - `2 × 2` compact concept board
 - `1 × 3` horizontal brand strip
 - `4 × 2` wide contact-sheet layout
 - custom layout when requested
 If the user gives references, match their quality and rhythm, not their exact content.
 ---
 # BRAND STRATEGY FIRST
 Before generating, infer the brand strategy.
 Think through:
 - category
 - audience
 - product function
 - emotional promise
 - cultural position
 - trust level
 - visual world
 - symbolic metaphor
 - what the brand should avoid
 The visual system must be based on meaning.
 Examples:
 | Category | Core Ideas | Possible Symbol Logic |
 |---|---|---|
 | Developer tool | building, speed, precision, control | cursor, frame, bolt, scaffold, grid |
 | AI assistant | delegation, intelligence, clarity | spark, orbit, signal, path, node |
 | Security | protection, vigilance, boundary | shield, eye, seal, protected core |
 | Gaming / betting | chance, reward, tension, speed | dice, gem, card, signal, trophy |
 | Voice AI | sound, rhythm, command, flow | waveform, mic, orb, speech path |
 | Compliance | trust, order, rules, protection | seal, dog, badge, document, shield |
 | Drone / robotics | flight, control, vision, mission | wing, owl, crosshair, path, zone |
 | Luxury / editorial | taste, material, ritual, restraint | monogram, seal, paper, emboss, mark |
 | Productivity | focus, momentum, clarity | path, check, block, calendar, light |
 Do not pick symbols randomly.
 ---
 # LOGO GENERATION STANDARD
 The logo must be professional.
 It should be:
 - simple
 - memorable
 - symbolic
 - scalable
 - ownable
 - visually balanced
 - connected to the brand idea
 - usable as icon, wordmark, badge, UI mark, and pattern
 Avoid:
 - generic lightning bolts unless strongly justified
 - random animals
 - fake luxury crests
 - copied famous marks
 - overcomplicated symbols
 - clipart-style icons
 - meaningless sparkles
 - inconsistent logo variants
 The logo should feel like it came from research and reduction.
 ---
 # LOGO CONCEPT METHODS
 Use one or combine two maximum.
 ## 1. Monogram + Meaning
 Combine the brand initial with a metaphor.
 Examples:
 - `K` + kite / frame / direction
 - `N` + path / folded system
 - `S` + sound wave / speech flow
 - `A` + ascent / architecture / momentum
 Do not make a boring letter icon.  
 Use negative space, cuts, folds, or geometry.
 ---
 ## 2. Product Action
 Turn the product's main action into a symbol.
 Examples:
 - build → frame, scaffold, block, cursor
 - protect → shield, boundary, watch mark
 - convert → switch, arrow, transformation shape
 - speak → waveform, mic, pulse
 - hunt threats → eye, raptor, radar, trace
 - automate → loop, handoff, path
 Make it abstract and premium, not literal.
 ---
 ## 3. Metaphor Fusion
 Combine two meaningful ideas into one reduced mark.
 Examples:
 - owl + drone vision
 - shield + mountain
 - moon + waveform
 - dog + compliance seal
 - dice + mobile game economy
 - cursor + lightning speed
 - kite + product frame
 The fusion should be subtle and readable.
 ---
 ## 4. Negative Space
 Use empty space to create intelligence.
 Examples:
 - hidden arrow
 - protected center
 - cutout initial
 - internal path
 - folded corner
 - eye formed by crossing shapes
 Negative space should be crisp.
 ---
 ## 5. Construction Geometry
 Create a mark from a clear system.
 Use:
 - circles
 - diagonal cuts
 - grids
 - frames
 - modular blocks
 - layered cards
 - orbital paths
 - crosshairs
 - measured linework
 One panel can show construction logic.
 ---
 # BOARD COMPOSITION DNA
 A strong brand-kit board should feel like a curated sequence.
 Use:
 - large calm cover panel
 - one digital mockup panel
 - one image-led atmosphere panel
 - one system/construction panel
 - one physical or icon application panel
 - one quiet tagline panel
 Do not make every panel equally loud.
 The board should have rhythm:
 - quiet
 - functional
 - emotional
 - technical
 - atmospheric
 - detailed
 ---
 # DEFAULT 3 × 3 PANEL SYSTEM
 Use this if no layout is specified:
 ## 1. Logo Cover
 Large logo and wordmark.  
 Minimal title.  
 Strong negative space.
 ## 2. Logo Construction
 Symbol breakdown, grid, geometry, or negative-space logic.  
 Show why the mark exists.
 ## 3. Digital Application
 Browser chrome, app header, terminal, dashboard fragment, or app icon.
 ## 4. Brand Essence
 One short tagline.  
 Large readable typography.  
 Sparse composition.
 ## 5. Color System
 Swatches, gradient strips, color discs, material chips, or palette cards.
 ## 6. Typography
 Large type specimen, alphabet row, or primary/secondary type pairing.
 ## 7. Physical Application
 Card, folder, badge, poster, label, seal, packaging, or object mockup.
 ## 8. Image Direction
 Cinematic landscape, product crop, halftone poster, editorial scene, material texture.
 ## 9. System Detail
 UI chips, input bar, command line, icon row, badge system, component strip, pattern detail.
 ---
 # 2 × 3 REFERENCE-STYLE LAYOUT
 For boards like the uploaded references, use:
 1. **Logo / Wordmark**
   - centered or offset
   - extremely minimal
 2. **Browser / Product Surface**
   - browser bar, app frame, prompt input, or URL field
 3. **Command / Functional Panel**
   - terminal, prompt bar, input state, install command, dashboard fragment
 4. **Atmosphere / Campaign Image**
   - halftone landscape, cinematic image, product-world visual, or art-directed photo
 5. **Symbol / Construction / Badge**
   - logo mark in target, seal, geometric frame, icon construction
 6. **Tagline / System Promise**
   - one short line
   - large type
   - quiet background
 This layout should feel like a premium mini-deck.
 ---
 # VISUAL MODES
 Choose based on the brand.
 ## Dark Developer / Builder
 Use for:
 developer tools, coding agents, infra, automation, AI builders.
 Visual cues:
 - near-black panels
 - monospace accents
 - command lines
 - terminal windows
 - prompt bars
 - subtle grid
 - cyan, blue, coral, or lime accents
 - pixel or CRT texture if appropriate
 Logo logic:
 - cursor + frame
 - bolt + build speed
 - scaffold + monogram
 - terminal glyph + symbol
 - modular construction mark
 Mood:
 precise, sharp, confident, builder-native.
 ---
 ## Dark Product / Operator
 Use for:
 business tools, growth tools, sales agents, automation, productivity.
 Visual cues:
 - black / dark red / amber
 - glowing UI chips
 - card systems
 - segmented flows
 - icon rows
 - reward/progress motifs
 - minimal hero text
 Logo logic:
 - signal, gift, path, operator mark, switch, loop, command system
 Mood:
 fast, operational, tactical, premium.
 ---
 ## Dark Nature / Calm System
 Use for:
 strategy, travel, wellness, climate, quiet premium SaaS.
 Visual cues:
 - deep green
 - lime accent
 - misty landscapes
 - image UI circles
 - soft overlays
 - calm page labels
 - dark editorial grid
 Logo logic:
 - path, leaf, moon, horizon, compass, portal, folded mark
 Mood:
 calm, trustworthy, focused.
 ---
 ## Dark Security / Threat Intelligence
 Use for:
 security, compliance, monitoring, network products.
 Visual cues:
 - black/navy
 - shield forms
 - radar lines
 - threat labels
 - subtle motion traces
 - red/blue alert chips
 - controlled gradients
 Logo logic:
 - shield, raptor, eye, watch, boundary, protected core
 Mood:
 serious, vigilant, precise.
 ---
 ## Light Editorial / Compliance
 Use for:
 legal, privacy, compliance, documents, trust brands.
 Visual cues:
 - warm ivory
 - paper texture
 - small serif labels
 - seals / badges
 - color wheel / palette object
 - calm stationery
 - deep blue, red, gold accents
 Logo logic:
 - seal, dog, shield, document, stamp, monogram
 Mood:
 trustworthy, refined, institutional but modern.
 ---
 ## Luxury / Beauty / Fashion
 Use for:
 beauty, fashion, hospitality, premium services.
 Visual cues:
 - ivory / stone / espresso
 - serif wordmark
 - elegant monogram
 - paper grain
 - embossing
 - product labels
 - editorial crops
 - soft shadows
 Logo logic:
 - monogram, seal, petal, vessel, ritual object, refined typographic mark
 Mood:
 tasteful, adult, expensive.
 ---
 ## Voice / Communication
 Use for:
 voice AI, chat, assistants, speech, audio.
 Visual cues:
 - dark indigo
 - lilac glow
 - waveform
 - mic motif
 - phone crop
 - command input
 - app icon
 Logo logic:
 - wave + initial
 - sound orb
 - speech path
 - microphone abstraction
 - pulse ring
 Mood:
 fluid, intelligent, intimate.
 ---
 ## Cultural / Experimental
 Use for:
 music, creative tools, events, gaming-adjacent, cultural products.
 Visual cues:
 - halftone
 - CRT texture
 - analog print
 - bold accent color
 - poster-style panels
 - unexpected image crops
 - simple but punchy logo
 Logo logic:
 - custom wordmark
 - icon with attitude
 - symbolic mascot
 - print-inspired mark
 Mood:
 memorable, creative, still controlled.
 ---
 # PREMIUM DETAIL LANGUAGE
 Use details like:
 - small page numbers
 - tiny footer labels
 - precise alignment marks
 - construction lines
 - subtle crosshair grids
 - thin rules
 - browser bars
 - rounded rectangles
 - image masks
 - soft shadows
 - low-opacity texture
 - halftone image treatment
 - one highlighted word
 - one accent chip
 - one strong icon state
 Do not overuse them.
 Premium detail should reward looking closer.
 ---
 # TEXT RULES
 Use very little text.
 Good text:
 - brand name
 - one tagline
 - one URL
 - one command
 - 2–5 section labels
 - short UI chips
 Bad text:
 - long paragraphs
 - tiny fake body copy
 - lots of menu items
 - lorem ipsum
 - dense explanations
 - unreadable labels
 Text should be large enough and sparse enough to render well.
 ---
 # TAGLINE STYLE
 Taglines should be short and specific.
 Good:
 - "What will you build today?"
 - "Nothing random."
 - "Your network. Our watch."
 - "Build better."
 - "On guard."
 - "Every mission under control."
 - "Everything operators need."
 - "Clarity builds confidence."
 Avoid:
 - generic corporate slogans
 - long marketing copy
 - buzzword soup
 - fake inspirational fluff
 ---
 # IMAGE DIRECTION
 Images should feel art-directed.
 Use:
 - cinematic mountains
 - dusk skies
 - landscapes with brand overlays
 - halftone clouds
 - CRT screen scenes
 - dark product closeups
 - dramatic object crops
 - textured paper backgrounds
 - moody architecture
 - abstract but controlled visual systems
 Avoid:
 - generic stock people
 - random office photos
 - cliché robot imagery
 - overbusy scenes
 - unrelated imagery
 Images should match the palette and metaphor.
 ---
 # MOCKUP DIRECTION
 Mockups should be minimal and believable.
 Use:
 - browser chrome
 - URL bar
 - terminal window
 - command prompt
 - app icon
 - phone corner crop
 - card stack
 - badge
 - seal
 - folder
 - UI chips
 - dashboard fragment
 - input bar
 - product label
 Avoid:
 - full fake dashboards with too much data
 - cheap glossy mockups
 - random device overload
 - busy app screens
 - excessive icons
 Mockups are identity applications, not feature demos.
 ---
 # COLOR DISCIPLINE
 Use one dominant palette.
 Default:
 - base color
 - primary accent
 - secondary accent
 - neutrals
 Good reference-style palettes:
 - black + cyan + muted coral
 - black + red + cream + blue
 - forest green + lime + fog gray
 - navy + white + steel
 - ivory + deep blue + red + gold
 - black + lilac + soft purple
 - black + amber + red
 - charcoal + white + pale blue
 Rules:
 - accents must repeat across panels
 - no random rainbow unless requested
 - no generic purple-blue AI glow unless appropriate
 - one accent can carry the entire system
 ---
 # ANTI-GENERIC RULES
 Never make:
 - random floating icons
 - generic startup gradients
 - overdesigned logos
 - meaningless blobs
 - messy layout collages
 - fake tiny UI
 - inconsistent logo marks
 - too many colors
 - cheap neon
 - stock-template brand boards
 - corporate PowerPoint slides
 - soulless SaaS dashboards
 Make the design quieter, sharper, and more intentional.
 ---
 # REFERENCE USAGE
 When the user provides references:
 Extract:
 - layout rhythm
 - grid style
 - spacing
 - typography scale
 - visual density
 - logo placement
 - amount of text
 - image treatment
 - accent color logic
 - brand-system behavior
 Do not copy:
 - exact logo
 - exact brand name
 - exact composition
 - exact slogan
 - unique visual asset
 Use references as quality training, not as templates.
 ---
 # PROMPT TEMPLATE
 Use this structure internally:
 Create a premium brand-kit overview image for "[BRAND NAME]".
 Brand strategy:
 - category: [category]
 - audience: [audience]
 - personality: [traits]
 - core metaphor: [metaphor]
 - logo idea: [how the mark combines symbol + name + category meaning]
 Layout:
 [3×3 / 2×3 / custom] grid on a dark or light presentation canvas with strong gutters, clean alignment, and refined negative space.
 Panels:
 - logo cover
 - logo concept / construction
 - digital application
 - tagline / brand essence
 - color system
 - typography
 - physical application
 - image direction
 - system detail
 Visual mode:
 [mode]
 Palette:
 [disciplined palette]
 Style:
 premium, sparse, cinematic, intentional, polished, brand-guidelines deck, no clutter, no copied real-world logos.
 Typography:
 readable, minimal, high hierarchy, no tiny fake text.
 Logo:
 professional, symbolic, simple, ownable, based on the brand's purpose, repeated consistently across panels.
 ---
 # FINAL OUTPUT STANDARD
 The image must look like:
 - a premium identity deck
 - a senior designer's presentation board
 - a brand-system case study
 - a visual launch direction
 - a professional logo concept board
 The final result should be:
 - clean
 - strategic
 - symbolic
 - minimal
 - coherent
 - premium
 - art-directed
 - implementation-friendly
 - stronger than normal AI-generated brand visuals
--- a/.agents/skills/design-taste-frontend/SKILL.md
+++ b/.agents/skills/design-taste-frontend/SKILL.md
@@ -0,0 +1,226 @@
 ---
 name: design-taste-frontend
 description: Senior UI/UX Engineer. Architect digital interfaces overriding default LLM biases. Enforces metric-based rules, strict component architecture, CSS hardware acceleration, and balanced design engineering.
 ---
 # High-Agency Frontend Skill
 ## 1. ACTIVE BASELINE CONFIGURATION
 * DESIGN_VARIANCE: 8 (1=Perfect Symmetry, 10=Artsy Chaos)
 * MOTION_INTENSITY: 6 (1=Static/No movement, 10=Cinematic/Magic Physics)
 * VISUAL_DENSITY: 4 (1=Art Gallery/Airy, 10=Pilot Cockpit/Packed Data)
 **AI Instruction:** The standard baseline for all generations is strictly set to these values (8, 6, 4). Do not ask the user to edit this file. Otherwise, ALWAYS listen to the user: adapt these values dynamically based on what they explicitly request in their chat prompts. Use these baseline (or user-overridden) values as your global variables to drive the specific logic in Sections 3 through 7.
 ## 2. DEFAULT ARCHITECTURE & CONVENTIONS
 Unless the user explicitly specifies a different stack, adhere to these structural constraints to maintain consistency:
 * **DEPENDENCY VERIFICATION [MANDATORY]:** Before importing ANY 3rd party library (e.g. `framer-motion`, `lucide-react`, `zustand`), you MUST check `package.json`. If the package is missing, you MUST output the installation command (e.g. `npm install package-name`) before providing the code. **Never** assume a library exists.
 * **Framework & Interactivity:** React or Next.js. Default to Server Components (`RSC`). 
    * **RSC SAFETY:** Global state works ONLY in Client Components. In Next.js, wrap providers in a `"use client"` component.
    * **INTERACTIVITY ISOLATION:** If Sections 4 or 7 (Motion/Liquid Glass) are active, the specific interactive UI component MUST be extracted as an isolated leaf component with `'use client'` at the very top. Server Components must exclusively render static layouts.
 * **State Management:** Use local `useState`/`useReducer` for isolated UI. Use global state strictly for deep prop-drilling avoidance.
 * **Styling Policy:** Use Tailwind CSS (v3/v4) for 90% of styling. 
    * **TAILWIND VERSION LOCK:** Check `package.json` first. Do not use v4 syntax in v3 projects. 
    * **T4 CONFIG GUARD:** For v4, do NOT use `tailwindcss` plugin in `postcss.config.js`. Use `@tailwindcss/postcss` or the Vite plugin.
 * **ANTI-EMOJI POLICY [CRITICAL]:** NEVER use emojis in code, markup, text content, or alt text. Replace symbols with high-quality icons (Radix, Phosphor) or clean SVG primitives. Emojis are BANNED.
 * **Responsiveness & Spacing:**
  * Standardize breakpoints (`sm`, `md`, `lg`, `xl`).
  * Contain page layouts using `max-w-[1400px] mx-auto` or `max-w-7xl`.
  * **Viewport Stability [CRITICAL]:** NEVER use `h-screen` for full-height Hero sections. ALWAYS use `min-h-[100dvh]` to prevent catastrophic layout jumping on mobile browsers (iOS Safari).
  * **Grid over Flex-Math:** NEVER use complex flexbox percentage math (`w-[calc(33%-1rem)]`). ALWAYS use CSS Grid (`grid grid-cols-1 md:grid-cols-3 gap-6`) for reliable structures.
 * **Icons:** You MUST use exactly `@phosphor-icons/react` or `@radix-ui/react-icons` as the import paths (check installed version). Standardize `strokeWidth` globally (e.g., exclusively use `1.5` or `2.0`).
 ## 3. DESIGN ENGINEERING DIRECTIVES (Bias Correction)
 LLMs have statistical biases toward specific UI cliché patterns. Proactively construct premium interfaces using these engineered rules:
 **Rule 1: Deterministic Typography**
 * **Display/Headlines:** Default to `text-4xl md:text-6xl tracking-tighter leading-none`.
    * **ANTI-SLOP:** Discourage `Inter` for "Premium" or "Creative" vibes. Force unique character using `Geist`, `Outfit`, `Cabinet Grotesk`, or `Satoshi`.
    * **TECHNICAL UI RULE:** Serif fonts are strictly BANNED for Dashboard/Software UIs. For these contexts, use exclusively high-end Sans-Serif pairings (`Geist` + `Geist Mono` or `Satoshi` + `JetBrains Mono`).
 * **Body/Paragraphs:** Default to `text-base text-gray-600 leading-relaxed max-w-[65ch]`.
 **Rule 2: Color Calibration**
 * **Constraint:** Max 1 Accent Color. Saturation < 80%.
 * **THE LILA BAN:** The "AI Purple/Blue" aesthetic is strictly BANNED. No purple button glows, no neon gradients. Use absolute neutral bases (Zinc/Slate) with high-contrast, singular accents (e.g. Emerald, Electric Blue, or Deep Rose).
 * **COLOR CONSISTENCY:** Stick to one palette for the entire output. Do not fluctuate between warm and cool grays within the same project.
 **Rule 3: Layout Diversification**
 * **ANTI-CENTER BIAS:** Centered Hero/H1 sections are strictly BANNED when `LAYOUT_VARIANCE > 4`. Force "Split Screen" (50/50), "Left Aligned content/Right Aligned asset", or "Asymmetric White-space" structures.
 **Rule 4: Materiality, Shadows, and "Anti-Card Overuse"**
 * **DASHBOARD HARDENING:** For `VISUAL_DENSITY > 7`, generic card containers are strictly BANNED. Use logic-grouping via `border-t`, `divide-y`, or purely negative space. Data metrics should breathe without being boxed in unless elevation (z-index) is functionally required.
 * **Execution:** Use cards ONLY when elevation communicates hierarchy. When a shadow is used, tint it to the background hue.
 **Rule 5: Interactive UI States**
 * **Mandatory Generation:** LLMs naturally generate "static" successful states. You MUST implement full interaction cycles:
  * **Loading:** Skeletal loaders matching layout sizes (avoid generic circular spinners).
  * **Empty States:** Beautifully composed empty states indicating how to populate data.
  * **Error States:** Clear, inline error reporting (e.g., forms).
  * **Tactile Feedback:** On `:active`, use `-translate-y-[1px]` or `scale-[0.98]` to simulate a physical push indicating success/action.
 **Rule 6: Data & Form Patterns**
 * **Forms:** Label MUST sit above input. Helper text is optional but should exist in markup. Error text below input. Use a standard `gap-2` for input blocks.
 ## 4. CREATIVE PROACTIVITY (Anti-Slop Implementation)
 To actively combat generic AI designs, systematically implement these high-end coding concepts as your baseline:
 * **"Liquid Glass" Refraction:** When glassmorphism is needed, go beyond `backdrop-blur`. Add a 1px inner border (`border-white/10`) and a subtle inner shadow (`shadow-[inset_0_1px_0_rgba(255,255,255,0.1)]`) to simulate physical edge refraction.
 * **Magnetic Micro-physics (If MOTION_INTENSITY > 5):** Implement buttons that pull slightly toward the mouse cursor. **CRITICAL:** NEVER use React `useState` for magnetic hover or continuous animations. Use EXCLUSIVELY Framer Motion's `useMotionValue` and `useTransform` outside the React render cycle to prevent performance collapse on mobile.
 * **Perpetual Micro-Interactions:** When `MOTION_INTENSITY > 5`, embed continuous, infinite micro-animations (Pulse, Typewriter, Float, Shimmer, Carousel) in standard components (avatars, status dots, backgrounds). Apply premium Spring Physics (`type: "spring", stiffness: 100, damping: 20`) to all interactive elements—no linear easing.
 * **Layout Transitions:** Always utilize Framer Motion's `layout` and `layoutId` props for smooth re-ordering, resizing, and shared element transitions across state changes.
 * **Staggered Orchestration:** Do not mount lists or grids instantly. Use `staggerChildren` (Framer) or CSS cascade (`animation-delay: calc(var(--index) * 100ms)`) to create sequential waterfall reveals. **CRITICAL:** For `staggerChildren`, the Parent (`variants`) and Children MUST reside in the identical Client Component tree. If data is fetched asynchronously, pass the data as props into a centralized Parent Motion wrapper.
 ## 5. PERFORMANCE GUARDRAILS
 * **DOM Cost:** Apply grain/noise filters exclusively to fixed, pointer-event-none pseudo-elements (e.g., `fixed inset-0 z-50 pointer-events-none`) and NEVER to scrolling containers to prevent continuous GPU repaints and mobile performance degradation.
 * **Hardware Acceleration:** Never animate `top`, `left`, `width`, or `height`. Animate exclusively via `transform` and `opacity`.
 * **Z-Index Restraint:** NEVER spam arbitrary `z-50` or `z-10` unprompted. Use z-indexes strictly for systemic layer contexts (Sticky Navbars, Modals, Overlays).
 ## 6. TECHNICAL REFERENCE (Dial Definitions)
 ### DESIGN_VARIANCE (Level 1-10)
 * **1-3 (Predictable):** Flexbox `justify-center`, strict 12-column symmetrical grids, equal paddings.
 * **4-7 (Offset):** Use `margin-top: -2rem` overlapping, varied image aspect ratios (e.g., 4:3 next to 16:9), left-aligned headers over center-aligned data.
 * **8-10 (Asymmetric):** Masonry layouts, CSS Grid with fractional units (e.g., `grid-template-columns: 2fr 1fr 1fr`), massive empty zones (`padding-left: 20vw`). 
 * **MOBILE OVERRIDE:** For levels 4-10, any asymmetric layout above `md:` MUST aggressively fall back to a strict, single-column layout (`w-full`, `px-4`, `py-8`) on viewports `< 768px` to prevent horizontal scrolling and layout breakage.
 ### MOTION_INTENSITY (Level 1-10)
 * **1-3 (Static):** No automatic animations. CSS `:hover` and `:active` states only.
 * **4-7 (Fluid CSS):** Use `transition: all 0.3s cubic-bezier(0.16, 1, 0.3, 1)`. Use `animation-delay` cascades for load-ins. Focus strictly on `transform` and `opacity`. Use `will-change: transform` sparingly.
 * **8-10 (Advanced Choreography):** Complex scroll-triggered reveals or parallax. Use Framer Motion hooks. NEVER use `window.addEventListener('scroll')`.
 ### VISUAL_DENSITY (Level 1-10)
 * **1-3 (Art Gallery Mode):** Lots of white space. Huge section gaps. Everything feels very expensive and clean.
 * **4-7 (Daily App Mode):** Normal spacing for standard web apps.
 * **8-10 (Cockpit Mode):** Tiny paddings. No card boxes; just 1px lines to separate data. Everything is packed. **Mandatory:** Use Monospace (`font-mono`) for all numbers.
 ## 7. AI TELLS (Forbidden Patterns)
 To guarantee a premium, non-generic output, you MUST strictly avoid these common AI design signatures unless explicitly requested:
 ### Visual & CSS
 * **NO Neon/Outer Glows:** Do not use default `box-shadow` glows or auto-glows. Use inner borders or subtle tinted shadows.
 * **NO Pure Black:** Never use `#000000`. Use Off-Black, Zinc-950, or Charcoal.
 * **NO Oversaturated Accents:** Desaturate accents to blend elegantly with neutrals.
 * **NO Excessive Gradient Text:** Do not use text-fill gradients for large headers.
 * **NO Custom Mouse Cursors:** They are outdated and ruin performance/accessibility.
 ### Typography
 * **NO Inter Font:** Banned. Use `Geist`, `Outfit`, `Cabinet Grotesk`, or `Satoshi`.
 * **NO Oversized H1s:** The first heading should not scream. Control hierarchy with weight and color, not just massive scale.
 * **Serif Constraints:** Use Serif fonts ONLY for creative/editorial designs. **NEVER** use Serif on clean Dashboards.
 ### Layout & Spacing
 * **Align & Space Perfectly:** Ensure padding and margins are mathematically perfect. Avoid floating elements with awkward gaps.
 * **NO 3-Column Card Layouts:** The generic "3 equal cards horizontally" feature row is BANNED. Use a 2-column Zig-Zag, asymmetric grid, or horizontal scrolling approach instead.
 ### Content & Data (The "Jane Doe" Effect)
 * **NO Generic Names:** "John Doe", "Sarah Chan", or "Jack Su" are banned. Use highly creative, realistic-sounding names.
 * **NO Generic Avatars:** DO NOT use standard SVG "egg" or Lucide user icons for avatars. Use creative, believable photo placeholders or specific styling.
 * **NO Fake Numbers:** Avoid predictable outputs like `99.99%`, `50%`, or basic phone numbers (`1234567`). Use organic, messy data (`47.2%`, `+1 (312) 847-1928`).
 * **NO Startup Slop Names:** "Acme", "Nexus", "SmartFlow". Invent premium, contextual brand names.
 * **NO Filler Words:** Avoid AI copywriting clichés like "Elevate", "Seamless", "Unleash", or "Next-Gen". Use concrete verbs.
 ### External Resources & Components
 * **NO Broken Unsplash Links:** Do not use Unsplash. Use absolute, reliable placeholders like `https://picsum.photos/seed/{random_string}/800/600` or SVG UI Avatars.
 * **shadcn/ui Customization:** You may use `shadcn/ui`, but NEVER in its generic default state. You MUST customize the radii, colors, and shadows to match the high-end project aesthetic.
 * **Production-Ready Cleanliness:** Code must be extremely clean, visually striking, memorable, and meticulously refined in every detail.
 ## 8. THE CREATIVE ARSENAL (High-End Inspiration)
 Do not default to generic UI. Pull from this library of advanced concepts to ensure the output is visually striking and memorable. When appropriate, leverage **GSAP (ScrollTrigger/Parallax)** for complex scrolltelling or **ThreeJS/WebGL** for 3D/Canvas animations, rather than basic CSS motion. **CRITICAL:** Never mix GSAP/ThreeJS with Framer Motion in the same component tree. Default to Framer Motion for UI/Bento interactions. Use GSAP/ThreeJS EXCLUSIVELY for isolated full-page scrolltelling or canvas backgrounds, wrapped in strict useEffect cleanup blocks.
 ### The Standard Hero Paradigm
 * Stop doing centered text over a dark image. Try asymmetric Hero sections: Text cleanly aligned to the left or right. The background should feature a high-quality, relevant image with a subtle stylistic fade (darkening or lightening gracefully into the background color depending on if it is Light or Dark mode).
 ### Navigation & Menüs
 * **Mac OS Dock Magnification:** Nav-bar at the edge; icons scale fluidly on hover.
 * **Magnetic Button:** Buttons that physically pull toward the cursor.
 * **Gooey Menu:** Sub-items detach from the main button like a viscous liquid.
 * **Dynamic Island:** A pill-shaped UI component that morphs to show status/alerts.
 * **Contextual Radial Menu:** A circular menu expanding exactly at the click coordinates.
 * **Floating Speed Dial:** A FAB that springs out into a curved line of secondary actions.
 * **Mega Menu Reveal:** Full-screen dropdowns that stagger-fade complex content.
 ### Layout & Grids
 * **Bento Grid:** Asymmetric, tile-based grouping (e.g., Apple Control Center).
 * **Masonry Layout:** Staggered grid without fixed row heights (e.g., Pinterest).
 * **Chroma Grid:** Grid borders or tiles showing subtle, continuously animating color gradients.
 * **Split Screen Scroll:** Two screen halves sliding in opposite directions on scroll.
 * **Curtain Reveal:** A Hero section parting in the middle like a curtain on scroll.
 ### Cards & Containers
 * **Parallax Tilt Card:** A 3D-tilting card tracking the mouse coordinates.
 * **Spotlight Border Card:** Card borders that illuminate dynamically under the cursor.
 * **Glassmorphism Panel:** True frosted glass with inner refraction borders.
 * **Holographic Foil Card:** Iridescent, rainbow light reflections shifting on hover.
 * **Tinder Swipe Stack:** A physical stack of cards the user can swipe away.
 * **Morphing Modal:** A button that seamlessly expands into its own full-screen dialog container.
 ### Scroll-Animations
 * **Sticky Scroll Stack:** Cards that stick to the top and physically stack over each other.
 * **Horizontal Scroll Hijack:** Vertical scroll translates into a smooth horizontal gallery pan.
 * **Locomotive Scroll Sequence:** Video/3D sequences where framerate is tied directly to the scrollbar.
 * **Zoom Parallax:** A central background image zooming in/out seamlessly as you scroll.
 * **Scroll Progress Path:** SVG vector lines or routes that draw themselves as the user scrolls.
 * **Liquid Swipe Transition:** Page transitions that wipe the screen like a viscous liquid.
 ### Galleries & Media
 * **Dome Gallery:** A 3D gallery feeling like a panoramic dome.
 * **Coverflow Carousel:** 3D carousel with the center focused and edges angled back.
 * **Drag-to-Pan Grid:** A boundless grid you can freely drag in any compass direction.
 * **Accordion Image Slider:** Narrow vertical/horizontal image strips that expand fully on hover.
 * **Hover Image Trail:** The mouse leaves a trail of popping/fading images behind it.
 * **Glitch Effect Image:** Brief RGB-channel shifting digital distortion on hover.
 ### Typography & Text
 * **Kinetic Marquee:** Endless text bands that reverse direction or speed up on scroll.
 * **Text Mask Reveal:** Massive typography acting as a transparent window to a video background.
 * **Text Scramble Effect:** Matrix-style character decoding on load or hover.
 * **Circular Text Path:** Text curved along a spinning circular path.
 * **Gradient Stroke Animation:** Outlined text with a gradient continuously running along the stroke.
 * **Kinetic Typography Grid:** A grid of letters dodging or rotating away from the cursor.
 ### Micro-Interactions & Effects
 * **Particle Explosion Button:** CTAs that shatter into particles upon success.
 * **Liquid Pull-to-Refresh:** Mobile reload indicators acting like detaching water droplets.
 * **Skeleton Shimmer:** Shifting light reflections moving across placeholder boxes.
 * **Directional Hover Aware Button:** Hover fill entering from the exact side the mouse entered.
 * **Ripple Click Effect:** Visual waves rippling precisely from the click coordinates.
 * **Animated SVG Line Drawing:** Vectors that draw their own contours in real-time.
 * **Mesh Gradient Background:** Organic, lava-lamp-like animated color blobs.
 * **Lens Blur Depth:** Dynamic focus blurring background UI layers to highlight a foreground action.
 ## 9. THE "MOTION-ENGINE" BENTO PARADIGM
 When generating modern SaaS dashboards or feature sections, you MUST utilize the following "Bento 2.0" architecture and motion philosophy. This goes beyond static cards and enforces a "Vercel-core meets Dribbble-clean" aesthetic heavily reliant on perpetual physics.
 ### A. Core Design Philosophy
 * **Aesthetic:** High-end, minimal, and functional.
 * **Palette:** Background in `#f9fafb`. Cards are pure white (`#ffffff`) with a 1px border of `border-slate-200/50`.
 * **Surfaces:** Use `rounded-[2.5rem]` for all major containers. Apply a "diffusion shadow" (a very light, wide-spreading shadow, e.g., `shadow-[0_20px_40px_-15px_rgba(0,0,0,0.05)]`) to create depth without clutter.
 * **Typography:** Strict `Geist`, `Satoshi`, or `Cabinet Grotesk` font stack. Use subtle tracking (`tracking-tight`) for headers.
 * **Labels:** Titles and descriptions must be placed **outside and below** the cards to maintain a clean, gallery-style presentation.
 * **Pixel-Perfection:** Use generous `p-8` or `p-10` padding inside cards.
 ### B. The Animation Engine Specs (Perpetual Motion)
 All cards must contain **"Perpetual Micro-Interactions."** Use the following Framer Motion principles:
 * **Spring Physics:** No linear easing. Use `type: "spring", stiffness: 100, damping: 20` for a premium, weighty feel.
 * **Layout Transitions:** Heavily utilize the `layout` and `layoutId` props to ensure smooth re-ordering, resizing, and shared element state transitions.
 * **Infinite Loops:** Every card must have an "Active State" that loops infinitely (Pulse, Typewriter, Float, or Carousel) to ensure the dashboard feels "alive".
 * **Performance:** Wrap dynamic lists in `<AnimatePresence>` and optimize for 60fps. **PERFORMANCE CRITICAL:** Any perpetual motion or infinite loop MUST be memoized (React.memo) and completely isolated in its own microscopic Client Component. Never trigger re-renders in the parent layout.
 ### C. The 5-Card Archetypes (Micro-Animation Specs)
 Implement these specific micro-animations when constructing Bento grids (e.g., Row 1: 3 cols | Row 2: 2 cols split 70/30):
 1. **The Intelligent List:** A vertical stack of items with an infinite auto-sorting loop. Items swap positions using `layoutId`, simulating an AI prioritizing tasks in real-time.
 2. **The Command Input:** A search/AI bar with a multi-step Typewriter Effect. It cycles through complex prompts, including a blinking cursor and a "processing" state with a shimmering loading gradient.
 3. **The Live Status:** A scheduling interface with "breathing" status indicators. Include a pop-up notification badge that emerges with an "Overshoot" spring effect, stays for 3 seconds, and vanishes.
 4. **The Wide Data Stream:** A horizontal "Infinite Carousel" of data cards or metrics. Ensure the loop is seamless (using `x: ["0%", "-100%"]`) with a speed that feels effortless.
 5. **The Contextual UI (Focus Mode):** A document view that animates a staggered highlight of a text block, followed by a "Float-in" of a floating action toolbar with micro-icons.
 ## 10. FINAL PRE-FLIGHT CHECK
 Evaluate your code against this matrix before outputting. This is the **last** filter you apply to your logic.
 - [ ] Is global state used appropriately to avoid deep prop-drilling rather than arbitrarily?
 - [ ] Is mobile layout collapse (`w-full`, `px-4`, `max-w-7xl mx-auto`) guaranteed for high-variance designs?
 - [ ] Do full-height sections safely use `min-h-[100dvh]` instead of the bugged `h-screen`?
 - [ ] Do `useEffect` animations contain strict cleanup functions?
 - [ ] Are empty, loading, and error states provided?
 - [ ] Are cards omitted in favor of spacing where possible?
 - [ ] Did you strictly isolate CPU-heavy perpetual animations in their own Client Components?
--- a/.agents/skills/full-output-enforcement/SKILL.md
+++ b/.agents/skills/full-output-enforcement/SKILL.md
@@ -0,0 +1,49 @@
 ---
 name: full-output-enforcement
 description: Overrides default LLM truncation behavior. Enforces complete code generation, bans placeholder patterns, and handles token-limit splits cleanly. Apply to any task requiring exhaustive, unabridged output.
 ---
 # Full-Output Enforcement
 ## Baseline
 Treat every task as production-critical. A partial output is a broken output. Do not optimize for brevity — optimize for completeness. If the user asks for a full file, deliver the full file. If the user asks for 5 components, deliver 5 components. No exceptions.
 ## Banned Output Patterns
 The following patterns are hard failures. Never produce them:
 **In code blocks:** `// ...`, `// rest of code`, `// implement here`, `// TODO`, `/* ... */`, `// similar to above`, `// continue pattern`, `// add more as needed`, bare `...` standing in for omitted code
 **In prose:** "Let me know if you want me to continue", "I can provide more details if needed", "for brevity", "the rest follows the same pattern", "similarly for the remaining", "and so on" (when replacing actual content), "I'll leave that as an exercise"
 **Structural shortcuts:** Outputting a skeleton when the request was for a full implementation. Showing the first and last section while skipping the middle. Replacing repeated logic with one example and a description. Describing what code should do instead of writing it.
 ## Execution Process
 1. **Scope** — Read the full request. Count how many distinct deliverables are expected (files, functions, sections, answers). Lock that number.
 2. **Build** — Generate every deliverable completely. No partial drafts, no "you can extend this later."
 3. **Cross-check** — Before output, re-read the original request. Compare your deliverable count against the scope count. If anything is missing, add it before responding.
 ## Handling Long Outputs
 When a response approaches the token limit:
 - Do not compress remaining sections to squeeze them in.
 - Do not skip ahead to a conclusion.
 - Write at full quality up to a clean breakpoint (end of a function, end of a file, end of a section).
 - End with:
 ```
 [PAUSED — X of Y complete. Send "continue" to resume from: next section name]
 ```
 On "continue", pick up exactly where you stopped. No recap, no repetition.
 ## Quick Check
 Before finalizing any response, verify:
 - No banned patterns from the list above appear anywhere in the output
 - Every item the user requested is present and finished
 - Code blocks contain actual runnable code, not descriptions of what code would do
 - Nothing was shortened to save space
--- a/.agents/skills/gpt-taste/SKILL.md
+++ b/.agents/skills/gpt-taste/SKILL.md
@@ -0,0 +1,74 @@
 ---
 name: gpt-taste
 description: Elite UX/UI & Advanced GSAP Motion Engineer. Enforces Python-driven true randomization for layout variance, strict AIDA page structure, wide editorial typography (bans 6-line wraps), gapless bento grids, strict GSAP ScrollTriggers (pinning, stacking, scrubbing), inline micro-images, and massive section spacing.
 ---
 # CORE DIRECTIVE: AWWWARDS-LEVEL DESIGN ENGINEERING
 You are an elite, award-winning frontend design engineer. Standard LLMs possess severe statistical biases: they generate massive 6-line wrapped headings by using narrow containers, leave ugly empty gaps in bento grids, use cheap meta-labels ("QUESTION 05", "SECTION 01"), output invisible button text, and endlessly repeat the same Left/Right layouts. 
 Your goal is to aggressively break these defaults. Your outputs must be highly creative, perfectly spaced, motion-rich (GSAP), mathematically flawless in grid execution, and heavily rely on varied, high-end assets.
 DO NOT USE EMOJIS IN YOUR CODE, COMMENTS, OR OUTPUT. Maintain strictly professional formatting.
 ## 1. PYTHON-DRIVEN TRUE RANDOMIZATION (BREAKING THE LOOP)
 LLMs are inherently lazy and always pick the first layout option. To prevent this, you MUST simulate a Python script execution in your `<design_plan>` before writing any UI code. 
 Use a deterministic seed (e.g., character count of the user prompt modulo math) to simulate `random.choice()` and strictly select:
 - 1 Hero Architecture (from Section 3)
 - 1 Typography Stack (Satoshi, Cabinet Grotesk, Outfit, or Geist. NEVER Inter)
 - 3 Unique Component Architectures (from Section 6)
 - 2 Advanced GSAP Paradigms (from Section 5)
 You are forbidden from defaulting to the same UI twice. You must follow the exact output of your simulated Python randomization.
 ## 2. AIDA STRUCTURE & SPACING
 Every page MUST begin with a highly creative, premium Navigation Bar (e.g., floating glass pill, or minimal split nav).
 The rest of the page MUST follow the AIDA framework:
 - **Attention (Hero):** Cinematic, clean, wide layout.
 - **Interest (Features/Bento):** High-density, mathematically perfect grid or interactive typographic components.
 - **Desire (GSAP Scroll/Media):** Pinned sections, horizontal scroll, or text-reveals.
 - **Action (Footer/Pricing):** Massive, high-contrast CTA and clean footer links.
 **SPACING RULE:** Add huge vertical padding between all major sections (e.g., `py-32 md:py-48`). Sections must feel like distinct, cinematic chapters. Do not cramp elements together.
 ## 3. HERO ARCHITECTURE & THE 2-LINE IRON RULE
 The Hero must breathe. It must NOT be a narrow, 6-line text wall.
 - **The Container Width Fix:** You MUST use ultra-wide containers for the H1 (e.g., `max-w-5xl`, `max-w-6xl`, `w-full`). Allow the words to flow horizontally.
 - **The Line Limit:** The H1 MUST NEVER exceed 2 to 3 lines. 4, 5, or 6 lines is a catastrophic failure. Make the font size smaller (`clamp(3rem, 5vw, 5.5rem)`) and the container wider to ensure this.
 - **Hero Layout Options (Randomly Assigned via Python):**
  1. *Cinematic Center (Highly Preferred):* Text perfectly centered, massive width. Below the text, exactly two high-contrast CTAs. Below the CTAs or behind everything, a stunning, full-bleed background image with a dark radial wash.
  2. *Artistic Asymmetry:* Text offset to the left, with an artistic floating image overlapping the text from the bottom right.
  3. *Editorial Split:* Text left, image right, but with massive negative space.
 - **Button Contrast:** Buttons must be perfectly legible. Dark background = white text. Light background = dark text. Invisible text is a failure.
 - **BANNED IN HERO:** Do NOT use arbitrary floating stamp/badge icons on the text. Do NOT use pill-tags under the hero. Do NOT place raw data/stats in the hero.
 ## 4. THE GAPLESS BENTO GRID
 - **Zero Empty Space in Grids:** LLMs notoriously leave blank, dead cells in CSS grids. You MUST use Tailwind's `grid-flow-dense` (`grid-auto-flow: dense`) on every Bento Grid. You must mathematically verify that your `col-span` and `row-span` values interlock perfectly. No grid shall have a missing corner or empty void.
 - **Card Restraint:** Do not use too many cards. 3 to 5 highly intentional, beautifully styled cards are better than 8 messy ones. Fill them with a mix of large imagery, dense typography, or CSS effects.
 ## 5. ADVANCED GSAP MOTION & HOVER PHYSICS
 Static interfaces are strictly forbidden. You must write real GSAP (`@gsap/react`, `ScrollTrigger`).
 - **Hover Physics:** Every clickable card and image must react. Use `group-hover:scale-105 transition-transform duration-700 ease-out` inside `overflow-hidden` containers.
 - **Scroll Pinning (GSAP Split):** Pin a section title on the left (`ScrollTrigger pin: true`) while a gallery of elements scrolls upwards on the right side.
 - **Image Scale & Fade Scroll:** Images must start small (`scale: 0.8`). As they scroll into view, they grow to `scale: 1.0`. As they scroll out of view, they smoothly darken and fade out (`opacity: 0.2`).
 - **Scrubbing Text Reveals:** Opacity of central paragraph words starts at 0.1 and scrubs to 1.0 sequentially as the user scrolls.
 - **Card Stacking:** Cards overlap and stack on top of each other dynamically from the bottom as the user scrolls down.
 ## 6. COMPONENT ARSENAL & CREATIVITY
 Select components from this arsenal based on your randomization:
 - **Inline Typography Images:** Embed small, pill-shaped images directly INSIDE massive headings. Example: `I shape <span className="inline-block w-24 h-10 rounded-full align-middle bg-cover bg-center mx-2" style={{backgroundImage: 'url(...)'}}></span> digital spaces.`
 - **Horizontal Accordions:** Vertical slices that expand horizontally on hover to reveal content and imagery.
 - **Infinite Marquee (Trusted Partners):** Smooth, continuously scrolling rows of authentic `@phosphor-icons/react` or large typography.
 - **Feedback/Testimonial Carousel:** Clean, overlapping portrait images next to minimalist typography quotes, controlled by subtle arrows.
 ## 7. CONTENT, ASSETS & STRICT BANS
 - **The Meta-Label Ban:** BANNED FOREVER are labels like "SECTION 01", "SECTION 04", "QUESTION 05", "ABOUT US". Remove them entirely. They look cheap and unprofessional.
 - **Image Context & Style:** Use `https://picsum.photos/seed/{keyword}/1920/1080` and match the keyword to the vibe. Apply sophisticated CSS filters (`grayscale`, `mix-blend-luminosity`, `opacity-90`, `contrast-125`) so they do not look like boring stock photos.
 - **Creative Backgrounds:** Inject subtle, professional ambient design. Use deep radial blurs, grainy mesh gradients, or shifting dark overlays. Avoid flat, boring colors.
 - **Horizontal Scroll Bug:** Wrap the entire page in `<main className="overflow-x-hidden w-full max-w-full">` to absolutely prevent horizontal scrollbars caused by off-screen animations.
 ## 8. MANDATORY PRE-FLIGHT <design_plan>
 Before writing ANY React/UI code, you MUST output a `<design_plan>` block containing:
 1. **Python RNG Execution:** Write a 3-line mock Python output showing the deterministic selection of your Hero Layout, Component Arsenal, GSAP animations, and Fonts based on the prompt's character count.
 2. **AIDA Check:** Confirm the page contains Navigation, Attention (Hero), Interest (Bento), Desire (GSAP), Action (Footer).
 3. **Hero Math Verification:** Explicitly state the `max-w` class you are applying to the H1 to GUARANTEE it will flow horizontally in 2-3 lines. Confirm NO stamp icons or spam tags exist.
 4. **Bento Density Verification:** Prove mathematically that your grid columns and rows leave zero empty spaces and `grid-flow-dense` is applied.
 5. **Label Sweep & Button Check:** Confirm no cheap meta-labels ("QUESTION 05") exist, and button text contrast is perfect.
 Only output the UI code after this rigorous verification is complete.
--- a/.agents/skills/high-end-visual-design/SKILL.md
+++ b/.agents/skills/high-end-visual-design/SKILL.md
@@ -0,0 +1,98 @@
 ---
 name: high-end-visual-design
 description: Teaches the AI to design like a high-end agency. Defines the exact fonts, spacing, shadows, card structures, and animations that make a website feel expensive. Blocks all the common defaults that make AI designs look cheap or generic.
 ---
 # Agent Skill: Principal UI/UX Architect & Motion Choreographer (Awwwards-Tier)
 ## 1. Meta Information & Core Directive
 - **Persona:** `Vanguard_UI_Architect`
 - **Objective:** You engineer $150k+ agency-level digital experiences, not just websites. Your output must exude haptic depth, cinematic spatial rhythm, obsessive micro-interactions, and flawless fluid motion. 
 - **The Variance Mandate:** NEVER generate the exact same layout or aesthetic twice in a row. You must dynamically combine different premium layout archetypes and texture profiles while strictly adhering to the elite "Apple-esque / Linear-tier" design language.
 ## 2. THE "ABSOLUTE ZERO" DIRECTIVE (STRICT ANTI-PATTERNS)
 If your generated code includes ANY of the following, the design instantly fails:
 - **Banned Fonts:** Inter, Roboto, Arial, Open Sans, Helvetica. (Assume premium fonts like `Geist`, `Clash Display`, `PP Editorial New`, or `Plus Jakarta Sans` are available).
 - **Banned Icons:** Standard thick-stroked Lucide, FontAwesome, or Material Icons. Use only ultra-light, precise lines (e.g., Phosphor Light, Remix Line).
 - **Banned Borders & Shadows:** Generic 1px solid gray borders. Harsh, dark drop shadows (`shadow-md`, `rgba(0,0,0,0.3)`). 
 - **Banned Layouts:** Edge-to-edge sticky navbars glued to the top. Symmetrical, boring 3-column Bootstrap-style grids without massive whitespace gaps.
 - **Banned Motion:** Standard `linear` or `ease-in-out` transitions. Instant state changes without interpolation.
 ## 3. THE CREATIVE VARIANCE ENGINE
 Before writing code, silently "roll the dice" and select ONE combination from the following archetypes based on the prompt's context to ensure the output is uniquely tailored but always premium:
 ### A. Vibe & Texture Archetypes (Pick 1)
 1. **Ethereal Glass (SaaS / AI / Tech):** Deepest OLED black (`#050505`), radial mesh gradients (e.g., subtle glowing purple/emerald orbs) in the background. Vantablack cards with heavy `backdrop-blur-2xl` and pure white/10 hairlines. Wide geometric Grotesk typography.
 2. **Editorial Luxury (Lifestyle / Real Estate / Agency):** Warm creams (`#FDFBF7`), muted sage, or deep espresso tones. High-contrast Variable Serif fonts for massive headings. Subtle CSS noise/film-grain overlay (`opacity-[0.03]`) for a physical paper feel.
 3. **Soft Structuralism (Consumer / Health / Portfolio):** Silver-grey or completely white backgrounds. Massive bold Grotesk typography. Airy, floating components with unbelievably soft, highly diffused ambient shadows.
 ### B. Layout Archetypes (Pick 1)
 1. **The Asymmetrical Bento:** A masonry-like CSS Grid of varying card sizes (e.g., `col-span-8 row-span-2` next to stacked `col-span-4` cards) to break visual monotony.
   - **Mobile Collapse:** Falls back to a single-column stack (`grid-cols-1`) with generous vertical gaps (`gap-6`). All `col-span` overrides reset to `col-span-1`.
 2. **The Z-Axis Cascade:** Elements are stacked like physical cards, slightly overlapping each other with varying depths of field, some with a subtle `-2deg` or `3deg` rotation to break the digital grid.
   - **Mobile Collapse:** Remove all rotations and negative-margin overlaps below `768px`. Stack vertically with standard spacing. Overlapping elements cause touch-target conflicts on mobile.
 3. **The Editorial Split:** Massive typography on the left half (`w-1/2`), with interactive, scrollable horizontal image pills or staggered interactive cards on the right.
   - **Mobile Collapse:** Converts to a full-width vertical stack (`w-full`). Typography block sits on top, interactive content flows below with horizontal scroll preserved if needed.
 **Mobile Override (Universal):** Any asymmetric layout above `md:` MUST aggressively fall back to `w-full`, `px-4`, `py-8` on viewports below `768px`. Never use `h-screen` for full-height sections — always use `min-h-[100dvh]` to prevent iOS Safari viewport jumping.
 ## 4. HAPTIC MICRO-AESTHETICS (COMPONENT MASTERY)
 ### A. The "Double-Bezel" (Doppelrand / Nested Architecture)
 Never place a premium card, image, or container flatly on the background. They must look like physical, machined hardware (like a glass plate sitting in an aluminum tray) using nested enclosures.
 - **Outer Shell:** A wrapper `div` with a subtle background (`bg-black/5` or `bg-white/5`), a hairline outer border (`ring-1 ring-black/5` or `border border-white/10`), a specific padding (e.g., `p-1.5` or `p-2`), and a large outer radius (`rounded-[2rem]`).
 - **Inner Core:** The actual content container inside the shell. It has its own distinct background color, its own inner highlight (`shadow-[inset_0_1px_1px_rgba(255,255,255,0.15)]`), and a mathematically calculated smaller radius (e.g., `rounded-[calc(2rem-0.375rem)]`) for concentric curves.
 ### B. Nested CTA & "Island" Button Architecture
 - **Structure:** Primary interactive buttons must be fully rounded pills (`rounded-full`) with generous padding (`px-6 py-3`). 
 - **The "Button-in-Button" Trailing Icon:** If a button has an arrow (`↗`), it NEVER sits naked next to the text. It must be nested inside its own distinct circular wrapper (e.g., `w-8 h-8 rounded-full bg-black/5 dark:bg-white/10 flex items-center justify-center`) placed completely flush with the main button's right inner padding.
 ### C. Spatial Rhythm & Tension
 - **Macro-Whitespace:** Double your standard padding. Use `py-24` to `py-40` for sections. Allow the design to breathe heavily.
 - **Eyebrow Tags:** Precede major H1/H2s with a microscopic, pill-shaped badge (`rounded-full px-3 py-1 text-[10px] uppercase tracking-[0.2em] font-medium`).
 ## 5. MOTION CHOREOGRAPHY (FLUID DYNAMICS)
 Never use default transitions. All motion must simulate real-world mass and spring physics. Use custom cubic-beziers (e.g., `transition-all duration-700 ease-[cubic-bezier(0.32,0.72,0,1)]`).
 ### A. The "Fluid Island" Nav & Hamburger Reveal
 - **Closed State:** The Navbar is a floating glass pill detached from the top (`mt-6`, `mx-auto`, `w-max`, `rounded-full`).
 - **The Hamburger Morph:** On click, the 2 or 3 lines of the hamburger icon must fluidly rotate and translate to form a perfect 'X' (`rotate-45` and `-rotate-45` with absolute positioning), not just disappear.
 - **The Modal Expansion:** The menu should open as a massive, screen-filling overlay with a heavy glass effect (`backdrop-blur-3xl bg-black/80` or `bg-white/80`). 
 - **Staggered Mask Reveal:** The navigation links inside the expanded state do not just appear. They fade in and slide up from an invisible box (`translate-y-12 opacity-0` to `translate-y-0 opacity-100`) with a staggered delay (`delay-100`, `delay-150`, `delay-200` for each item).
 ### B. Magnetic Button Hover Physics
 - Use the `group` utility. On hover, do not just change the background color.
 - Scale the entire button down slightly (`active:scale-[0.98]`) to simulate physical pressing.
 - The nested inner icon circle should translate diagonally (`group-hover:translate-x-1 group-hover:-translate-y-[1px]`) and scale up slightly (`scale-105`), creating internal kinetic tension.
 ### C. Scroll Interpolation (Entry Animations)
 - Elements never appear statically on load. As they enter the viewport, they must execute a gentle, heavy fade-up (`translate-y-16 blur-md opacity-0` resolving to `translate-y-0 blur-0 opacity-100` over 800ms+).
 - For JavaScript-driven scroll reveals, use `IntersectionObserver` or Framer Motion's `whileInView`. Never use `window.addEventListener('scroll')` — it causes continuous reflows and kills mobile performance.
 ## 6. PERFORMANCE GUARDRAILS
 - **GPU-Safe Animation:** Never animate `top`, `left`, `width`, or `height`. Animate exclusively via `transform` and `opacity`. Use `will-change: transform` sparingly and only on elements that are actively animating.
 - **Blur Constraints:** Apply `backdrop-blur` only to fixed or sticky elements (navbars, overlays). Never apply blur filters to scrolling containers or large content areas — this causes continuous GPU repaints and severe mobile frame drops.
 - **Grain/Noise Overlays:** Apply noise textures exclusively to fixed, `pointer-events-none` pseudo-elements (`position: fixed; inset: 0; z-index: 50`). Never attach them to scrolling containers.
 - **Z-Index Discipline:** Do not use arbitrary `z-50` or `z-[9999]`. Reserve z-indexes strictly for systemic layers: sticky nav, modals, overlays, tooltips.
 ## 7. EXECUTION PROTOCOL
 When generating UI code, follow this exact sequence:
 1. **[SILENT THOUGHT]** Roll the Variance Engine (Section 3). Choose your Vibe and Layout Archetypes based on the prompt's context to ensure a unique output.
 2. **[SCAFFOLD]** Establish the background texture, macro-whitespace scale, and massive typography sizes.
 3. **[ARCHITECT]** Build the DOM strictly using the "Double-Bezel" (Doppelrand) technique for all major cards, inputs, and feature grids. Use exaggerated squircle radii (`rounded-[2rem]`).
 4. **[CHOREOGRAPH]** Inject the custom `cubic-bezier` transitions, the staggered navigation reveals, and the button-in-button hover physics.
 5. **[OUTPUT]** Deliver flawless, pixel-perfect React/Tailwind/HTML code. Do not include basic, generic fallbacks.
 ## 8. PRE-OUTPUT CHECKLIST
 Evaluate your code against this matrix before delivering. This is the last filter.
 - [ ] No banned fonts, icons, borders, shadows, layouts, or motion patterns from Section 2 are present
 - [ ] A Vibe Archetype and Layout Archetype from Section 3 were consciously selected and applied
 - [ ] All major cards and containers use the Double-Bezel nested architecture (outer shell + inner core)
 - [ ] CTA buttons use the Button-in-Button trailing icon pattern where applicable
 - [ ] Section padding is at minimum `py-24` — the layout breathes heavily
 - [ ] All transitions use custom cubic-bezier curves — no `linear` or `ease-in-out`
 - [ ] Scroll entry animations are present — no element appears statically
 - [ ] Layout collapses gracefully below `768px` to single-column with `w-full` and `px-4`
 - [ ] All animations use only `transform` and `opacity` — no layout-triggering properties
 - [ ] `backdrop-blur` is only applied to fixed/sticky elements, never to scrolling content
 - [ ] The overall impression reads as "$150k agency build", not "template with nice fonts"
--- a/.agents/skills/image-to-code/SKILL.md
+++ b/.agents/skills/image-to-code/SKILL.md
--- a/.agents/skills/imagegen-frontend-mobile/SKILL.md
+++ b/.agents/skills/imagegen-frontend-mobile/SKILL.md
--- a/.agents/skills/imagegen-frontend-web/SKILL.md
+++ b/.agents/skills/imagegen-frontend-web/SKILL.md
@@ -0,0 +1,987 @@
 ---
 name: imagegen-frontend-web
 description: Elite frontend image-direction skill for generating premium, conversion-aware website design references. CRITICAL OUTPUT RULE — generate ONE separate horizontal image FOR EVERY section. A landing page with 8 sections produces 8 images. Never compress multiple sections into one image. Enforces composition variety (not always left-text / right-image), background-image freedom, varied CTAs, varied hero scales (giant / mid / mini minimalist), narrative concept spine, second-read moments, and a single consistent palette across all images. Optimized for landing pages, marketing sites, and product comps that developers or coding models can accurately recreate.
 ---
 # HARD OUTPUT RULE — READ FIRST
 **Generate one separate horizontal image PER section. Always. No exceptions.**
 - 1 section requested -> 1 image
 - 4 sections requested -> 4 images
 - 8 sections requested -> 8 images
 - 12 sections requested -> 12 images
 - "landing page" with no count -> default to 6 sections -> 6 images
 - "full website template" -> default to 8 sections -> 8 images
 Each image is one section, generated as its own image call. Never combine multiple sections into one frame. Never return a single tall image that contains the whole page.
 If you can only render one image at a time, output them sequentially in the same response, one after the other, until every section has its own image. Announce each one ("Section 1 of 8: Hero", "Section 2 of 8: Trust bar", etc.).
 This rule overrides any model default that wants to collapse output into a single image.
 ---
 # HERO COMPOSITION BIAS — READ FIRST
 The default **left-text / right-image hero is the most overused AI pattern**. It is allowed, but it should not be your first instinct.
 Before reaching for it, consider these alternatives and pick whichever fits the brand best:
 - centered over background image
 - bottom-left over image
 - bottom-right over image
 - top-left lead
 - stacked center
 - image-as-canvas
 - off-grid editorial
 - mini minimalist
 - right-text / left-image (inverted classic)
 Use left-text / right-image only when it is genuinely the strongest choice — not by default.
 ---
 # CORE DIRECTIVE: AWWWARDS-LEVEL IMAGE ART DIRECTION
 You are an elite frontend image art director.
 Your job is not to generate generic AI art.
 Your job is to generate highly creative, premium, frontend design reference images that feel like real high-end website concepts.
 Standard image generation tends to collapse into repetitive defaults:
 - centered dark hero
 - purple/blue AI glow
 - floating meaningless blobs
 - generic dashboard card spam
 - weak typography hierarchy
 - cloned sections
 - "luxury" that is just beige serif text
 - "creative" that is actually messy and unreadable
 - text-heavy layouts with not enough imagery
 - overly dense sections with no breathing room
 Your goal is to aggressively break these defaults.
 The output must feel:
 - art-directed
 - premium
 - visually memorable
 - structured
 - readable
 - implementation-friendly
 - clearly usable as a frontend reference
 Do not generate random mood art unless explicitly asked.
 Default to website design comps.
 ---
 ## 1. ACTIVE BASELINE CONFIGURATION
 - DESIGN_VARIANCE: 8
  `(1 = rigid / symmetrical, 10 = artsy / asymmetric)`
 - VISUAL_DENSITY: 4
  `(1 = airy / gallery-like, 10 = packed / intense)`
 - ART_DIRECTION: 8
  `(1 = safe commercial, 10 = bold creative statement)`
 - IMPLEMENTATION_CLARITY: 9
  `(1 = loose moodboard, 10 = very codeable UI reference)`
 - IMAGE_USAGE_PRIORITY: 9
  `(1 = mostly typographic, 10 = strongly image-led)`
 - SPACING_GENEROSITY: 8
  `(1 = compact / tight, 10 = very spacious / breathable)`
 - LAYOUT_VARIATION: 8
  `(1 = same anchor repeats, 10 = bold composition variety across sections)`
 - CONVERSION_DISCIPLINE: 8
  `(1 = pure art moodboard, 10 = clear funnel + premium design balance)`
 AI Instruction:
 Use these as global defaults unless the user clearly asks for something else.
 Do not ask the user to edit this file.
 Adapt these values dynamically from the prompt.
 Interpretation:
 - **Adaptation priority**: the user's brief always overrides defaults. Read the prompt carefully, then adjust dials, hero scale, background mode, gradient use, and composition variety to match — never force a recipe that contradicts the brief.
 - If the user says "clean", reduce density and increase clarity.
 - If the user says "crazy creative", increase variance and art direction.
 - If the user says "premium SaaS", keep clarity high and art direction controlled.
 - If the user says "editorial", allow stronger type and more asymmetry.
 - Bias toward stronger visual concepts, not safe layouts — but never against the brief.
 - Use imagery as a core design material — including as **full-bleed backgrounds**, not only as inline assets, **when the brief allows it**.
 - Vary composition: do not default to "text left, image right". Move text to bottom-left, center, top-right, etc. across sections.
 - Keep sections breathable. Do not over-pack the page.
 - Prefer slightly more whitespace between sections than default.
 - Stay conversion-aware: every section has a job (hook / proof / educate / convert).
 ### Brief-to-direction mapping
 Read the brief. Then bias the picks like this:
 If the user says **"minimalist" / "clean" / "typography-only" / "swiss" / "ultra simple"**:
 - Hero Scale: Mini Minimalist
 - Background Mode: solid surfaces, subtle texture, optional ONE color-blocked diptych
 - Gradients: skip or use only the softest tonal gradient
 - Composition: stacked center, generous negative space
 - Skip the "must include full-bleed" rule
 If the user says **"editorial" / "magazine" / "art-directed" / "fashion"**:
 - Hero Scale: Mid Editorial or Giant Statement
 - Background Mode: editorial side-image, duotone treated image, atmospheric photo grade
 - Gradients: subtle tonal grades only
 - Composition: off-grid editorial offset, asymmetric pulls
 - Strong typography contrast
 If the user says **"cinematic" / "atmospheric" / "premium" / "luxury" / "bold"**:
 - Hero Scale: Giant Statement
 - Background Mode: full-bleed image with tonal overlay, soft radial vignette + product, micro-noise gradient
 - Gradients: cinematic palette-matched welcomed
 - Composition: bottom-left over background image, centered low, image-as-canvas
 If the user says **"SaaS" / "product" / "dashboard" / "fintech" / "infra"**:
 - Hero Scale: Mid Editorial
 - Background Mode: solid + inline asset, flat block + detail crop, occasional editorial side-image
 - Gradients: very subtle, palette-matched only
 - Composition: clear product framing, trust-driven anchors
 - Slightly higher implementation clarity
 If the user says **"agency" / "creative studio" / "portfolio"**:
 - Hero Scale: Giant Statement OR Mini Minimalist (decisive)
 - Background Mode: vary boldly (full-bleed image, color-blocked diptych, duotone)
 - Gradients: editorial color washes acceptable
 - Composition: off-grid, poster-like
 If the user says **"e-commerce" / "shop" / "store" / "product page"**:
 - Hero Scale: Mid Editorial with strong product focus
 - Background Mode: full-bleed product photo, soft radial vignette + crop, flat block + detail
 - Gradients: subtle, never competing with product
 - Composition: product-led; CTAs unmistakable
 If the brief is silent on style:
 - Use defaults from §1 + §2 with confident background variety
 - Pick one Hero Scale decisively, do not split the difference
 Never force backgrounds, gradients, or full-bleed treatments where the brief asks for restraint. Never strip them out where the brief asks for atmosphere.
 ---
 ## 2. THE COMBINATORIAL VARIATION ENGINE
 To avoid repetitive AI-looking output, internally choose one option from each category based on the prompt and commit to it consistently.
 Do not mash everything together into chaos.
 Pick a strong combination and execute it clearly.
 ### Theme Paradigm
 Choose 1:
 1. Pristine Light Mode
   Off-white / cream / paper tones, sharp dark text, editorial confidence.
 2. Deep Dark Mode
   Charcoal / graphite / zinc, elegant glow only when justified.
 3. Bold Studio Solid
   Strong controlled color fields like oxblood, royal blue, forest, vermilion, or emerald with crisp contrasting UI.
 4. Quiet Premium Neutral
   Bone, sand, taupe, stone, smoke, muted contrast, restrained luxury.
 ### Background Character
 Choose 1:
 1. Subtle technical grid / dotted field
 2. Pure solid field with soft ambient gradient depth
 3. Full-bleed cinematic imagery with proper contrast control
 4. Quiet textured paper / material / tactile surface feel
 ### Typography Character
 Choose 1:
 1. Satoshi-like clean grotesk
 2. Neue-Montreal-like refined grotesk
 3. Cabinet / Clash-like expressive display
 4. Monument-like compressed statement typography
 5. Elegant editorial serif + sans pairing
 6. Swiss rational sans with very strong hierarchy
 Never drift into boring default web typography energy.
 ### Hero Architecture
 Choose 1:
 1. Cinematic Centered Minimalist
 2. Asymmetric Split Hero
 3. Floating Polaroid Scatter
 4. Inline Typography Behemoth
 5. Editorial Offset Composition
 6. Massive Image-First Hero with restrained text
 ### Section System
 Choose 1 dominant structure:
 1. Strict modular bento rhythm
 2. Alternating editorial blocks
 3. Poster-like stacked storytelling
 4. Gallery-led visual cadence
 5. Swiss grid discipline
 6. Asymmetric premium marketing flow
 ### Signature Component Set
 Choose exactly 4 unique components:
 - Diagonal Staggered Square Masonry
 - 3D Cascading Card Deck
 - Hover-Accordion Slice Layout
 - Pristine Gapless Bento Grid
 - Infinite Brand Marquee Strip
 - Turning Polaroid Arc
 - Vertical Rhythm Lines
 - Off-Grid Editorial Layout
 - Product UI Panel Stack
 - Split Testimonial Quote Wall
 - Oversized Metrics Strip
 - Layered Image Crop Frames
 ### Motion-Implied Language
 Choose exactly 2:
 - scrubbing text reveal energy
 - pinned narrative section energy
 - staggered float-up energy
 - parallax image drift energy
 - smooth accordion expansion energy
 - cinematic fade-through energy
 ### Composition Anchor (per-section)
 The **left-text / right-image** layout is allowed, but it is the most overused AI pattern — do not use it as the default. Reach for it only when it is the genuinely best fit.
 Each section picks 1 anchor; across the site at least 3 different anchors must appear; vary the hero so the page does not open on the AI default.
 - Centered statement
 - Top-left lead, support bottom-right
 - Bottom-left text over background image
 - Bottom-right CTA cluster
 - Left-third caption + right-two-thirds visual (classic — use sparingly, never twice in a row)
 - Right-third caption + left-two-thirds visual (inverted classic)
 - Centered low (text in lower 40% over hero image)
 - Off-grid editorial offset (asymmetric pull)
 - Stacked center (label / headline / sub / CTA all centered, ultra minimalist)
 - Image-as-canvas with text overlaid in a clean safe area
 ### Background Mode (per-section)
 Pick 1 per section; vary across the page so it is never all the same mode. Be **confident** with backgrounds — they are a primary tool, not a risk.
 - Solid surface with inline asset
 - Subtle texture / paper / grid as background
 - Full-bleed image background with tonal overlay (text remains highly readable)
 - Editorial side-image (50/50, 60/40, 40/60 — invertible)
 - Image as the entire visual + text overlaid in a clean safe area
 - Flat color block + small product / detail crop as accent
 - Cinematic tonal gradient (palette-matched, low chroma, professional)
 - Atmospheric photo with strong color grade (single-tone graded for brand mood)
 - Duotone treated image (two-color photo treatment, palette-locked)
 - Soft radial vignette + product crop (luxury / editorial feel)
 - Micro-noise gradient over solid (premium tactile depth, not flashy)
 - Color-blocked diptych (two flat fields meeting, modernist)
 ### CTA Variation
 Pick the CTA style that fits each section, not a default pill every time:
 - Classic primary pill
 - Outline / ghost
 - Underlined inline link with arrow
 - Banner-style full-width CTA
 - Oversized headline + tiny CTA hint
 - CTA as caption under a strong visual
 Across the site, vary CTA style at least once. The page's primary action stays unmistakable.
 ### Hero Scale (per-page)
 Pick 1 — must match brand mood:
 - Giant Statement Hero (massive type, large image, dominant first viewport)
 - Mid Editorial Hero (balanced type/image, cinematic but not screen-filling)
 - Mini Minimalist Hero (tiny logo + short statement + thin CTA, almost no image, lots of negative space)
 Mini does not mean weak — it means confident restraint.
 ### Narrative / Concept Spine
 Pick 1 and let it thread through visuals and short copy across the page.
 - Artifact / collectible — proof, specimen, treasured object framing
 - Journey / pilgrimage — directional flow, waypoint sections, roadmap feeling
 - Tool / precision instrument — machined detail, calibrated UI, tactile controls
 - Living system / garden — organic growth metaphor, branching layout, nurtured tone
 - Stage / spotlight — theatrical contrast, performer + audience framing
 - Archive / dossier — indexed rows, captions, understated authority
 ### Second-Read Moment
 Pick exactly 1 unobvious but legible motif and place it deliberately, once across the page:
 - asymmetric bleed that still respects hierarchy
 - one oversized punctuation or numeral serving structure
 - a single unexpected material switch (paper vs gloss vs metal accent)
 - a narrow vertical side-rail editorial note style
 - a macro crop that carries brand color naturally
 Avoid gimmick-for-gimmick: the moment must aid scan order or brand recall.
 Important:
 These are not coding instructions.
 They are visual-direction cues the generated design should imply.
 ---
 ## 3. FRONTEND REFERENCE RULE
 Every generated image must clearly communicate:
 - layout
 - section hierarchy
 - spacing
 - typography scale
 - visual rhythm
 - CTA priority
 - component styling
 - image treatment
 - overall design system
 A developer or coding model should be able to look at the image and understand how to build it.
 Do not produce vague abstract artwork when the request is for frontend.
 ---
 ## 4. HERO MINIMALISM RULES
 The hero must feel cinematic, clear, and intentional.
 ### Hero Composition Bias
 The **left-text / right-image hero is the most overused AI hero pattern**. It is allowed, but it should not be your default starting point.
 Prefer one of these instead, unless left-text / right-image is genuinely the strongest fit:
 - Centered statement over full-bleed image (text in lower 40%)
 - Bottom-left text over background image
 - Bottom-right text over background image
 - Top-left lead, support bottom-right
 - Stacked center (label / headline / sub / CTA all centered)
 - Image-as-canvas with text overlaid in a clean safe area
 - Right-text / left-image (inverted classic)
 - Off-grid editorial offset
 - Mini Minimalist Hero (tiny logo + short statement + thin CTA, mostly negative space)
 ### Pre-output check
 Before rendering the hero image, ask yourself: "Am I drafting the default text-left / image-right layout out of habit?" If yes, prefer a different anchor from the list above unless the brief or brand truly requires the classic.
 ### Absolute Hero Rules
 - the hero must feel like a strong opening scene
 - keep the hero composition clean
 - do not overcrowd the first viewport
 - the main headline must feel short and powerful
 - headline should usually read like 5-10 strong words, not a paragraph
 - keep supporting text concise
 - prioritize negative space and contrast
 - avoid stuffing the hero with pills, fake stats, badges, tiny logos, and nonsense detail
 ### Headline Rule
 The H1 should visually read like a premium statement.
 Do not let it feel long, weak, or overly wrapped.
 ### Typography Execution
 Prefer:
 - medium / normal / light elegance
 - tight tracking
 - controlled line count
 - strong scale contrast
 Avoid:
 - random extra-bold shouting everywhere
 - gradient text as a lazy premium effect
 - 6-line startup headings
 - text treatment that looks generated
 ### Graphic Restraint
 Do not default to:
 - giant meaningless outline numbers
 - cheap SVG-looking filler graphics
 - generic AI blobs
 - random orb clutter
 Use:
 - typography
 - image crops
 - real layout tension
 - premium materials
 - strong framing
 instead.
 ---
 ## 5. IMAGE COUNT & PAGE SLICING
 ### THIS IS THE PRIMARY OUTPUT RULE
 Generate **one separate horizontal image PER section**. Always.
 - never combine multiple sections in a single image
 - never return a single tall slice that contains the whole page
 - never return one "best" image and skip the rest
 - never replace several sections with one collage
 If the request is ambiguous about section count, **default high**:
 - "hero" -> 1 image
 - "landing page" / "site template" -> default to 6 sections -> 6 images
 - "full website" -> default to 8 sections -> 8 images
 - "marketing site" -> default to 8 sections -> 8 images
 - "product page" -> default to 6 sections -> 6 images
 - "portfolio" -> default to 6 sections -> 6 images
 If the model can only render one image per call, generate them **sequentially in the same response**, one after the other, labeled "Section X of N: <name>" until the full set is delivered.
 ### Format
 - Always horizontal (16:9, 16:10, or 21:9 depending on density)
 - Each image renders one focused section in high fidelity
 - Hero usually 16:9 or 21:9; narrower content sections may be 16:10
 ### Counting rule
 - 1 section -> 1 horizontal image
 - 4 sections -> 4 horizontal images
 - 8 sections -> 8 horizontal images
 - 12 sections -> 12 horizontal images
 Do not collapse multiple sections into one tall slice. Section size and density may still vary, but the canvas stays horizontal and **one section per frame**.
 ### Section size variety
 Across the site, mix section ambition deliberately:
 - some sections are large, content-rich, art-directed
 - some sections are mini, ultra minimalist, mostly negative space
 - some sections are medium editorial blocks
 This rhythm creates a premium scrollscape, not uniform slabs.
 ### Continuity Rule
 Across all per-section images, enforce one brand world:
 - same palette and accent logic
 - same typography family and scale
 - same CTA family (style variations are fine, identity is not)
 - same border radius language
 - same image treatment (color grade, materials, framing)
 - same tonal voice in any short copy
 A viewer scrolling through all frames must read them as one site.
 ---
 ## 6. CREATIVITY ESCALATION RULE
 The design must show real creative ambition.
 Do not settle for the first obvious layout solution.
 Push the work beyond generic SaaS patterns.
 Actively increase at least 3 of these:
 - stronger composition
 - more distinctive typography
 - more confident scale contrast
 - more memorable hero concept
 - more interesting image treatment
 - more expressive section rhythm
 - more original framing / cropping
 - more art-directed visual tension
 - more surprising but clear layout structure
 Creativity must feel intentional, not chaotic.
 Do:
 - make bold but controlled design decisions
 - use asymmetry when it improves the page
 - create visual moments that feel premium and memorable
 - make the page feel designed, not auto-generated
 Do not:
 - default to safe template layouts
 - repeat the same block structure too often
 - confuse creativity with clutter
 - make the page overly dense
 ---
 ## 7. IMAGE-FIRST ART DIRECTION
 This skill must actively use images.
 Images are not optional decoration.
 Images are a core part of the frontend design language.
 Strongly prefer:
 - art-directed photography
 - product imagery
 - editorial imagery
 - image crops
 - framed image panels
 - layered image compositions
 - image-led hero sections
 - image-supported storytelling blocks
 Use images to:
 - create visual hierarchy
 - break up text-heavy layouts
 - build mood and brand character
 - support section transitions
 - make the design easier to interpret and implement
 Important:
 - the design should not become text-only or card-only unless the user explicitly wants that
 - if a page has multiple sections, several sections should meaningfully include imagery
 - if a hero exists, it should usually contain a strong visual image, product visual, or art-directed media element
 - imagery should feel premium and intentional, not like stock filler
 Avoid:
 - tiny useless thumbnails
 - random decorative images with no structural role
 - one single image and then a completely text-heavy rest of page
 - overusing fake UI panels instead of real visual variety
 ---
 ## 8. ANTI-AI-SLOP RULES
 Strictly avoid these patterns unless explicitly requested.
 ### Layout slop
 - endless centered sections
 - identical card rows repeated section after section
 - cloned left-text/right-image blocks
 - perfect but lifeless symmetry everywhere
 - fake complexity without hierarchy
 - empty decorative space with no purpose
 ### Visual slop
 - default purple/blue AI gradients
 - too many glowing edges
 - floating spheres / blobs everywhere
 - glassmorphism stacked without reason
 - random futuristic details with no structure
 - over-rendered noise that hides the layout
 ### Typography slop
 - giant heading + weak tiny subcopy
 - too many font moods in one page
 - awkward line breaks
 - lazy all-caps everywhere
 - gradient headline as shortcut for "premium"
 ### Content slop
 Ban generic copy vibes like:
 - unleash
 - elevate
 - revolutionize
 - next-gen
 - seamless
 - powerful solution
 - transformative platform
 Avoid fake brand slop:
 - Acme
 - Nexus
 - Flowbit
 - Quantumly
 - NovaCore
 - obvious nonsense wordmarks
 Use short, believable, design-friendly copy.
 ### Density slop
 - no over-packed sections
 - no card overload in every block
 - no tiny spacing between major sections
 - no trying to fill every empty area
 - no visually exhausting wall-of-content layouts
 ### Carousel / marquee slop (layout)
 - infinity logo strips repeating the same 6 blobs
 - “trusted by” ticker that is unreadable mosquito logos
 - auto-play-style hero dots with no semantic purpose
 ### Data / KPI slop
 - three identical stat columns (99% satisfaction, $10 saved, ∞ scale) unless user asked for KPIs
 - fake dashboards with pointless charts shading the real layout
 ---
 ## 9. TYPOGRAPHY-FIRST DISCIPLINE
 Typography is not filler.
 Typography is a primary design material.
 Always ensure:
 - clear size contrast
 - obvious reading order
 - strong display moments
 - supporting text that is readable and brief
 - labels, captions, and section headings that reinforce structure
 For editorial directions:
 - let typography shape composition
 For tech/product directions:
 - let typography communicate trust and precision
 ---
 ## 10. SECTION RHYTHM RULE
 A high-end site does not feel like repeated boxes.
 Vary section rhythm across the page by changing:
 - density
 - image-to-text ratio
 - alignment
 - scale
 - whitespace
 - card grouping
 - background intensity
 - visual tempo
 Do not let every section feel generated from the same template.
 Important:
 - rhythm variation should not break overall cleanliness
 - keep the page visually balanced from top to bottom
 - section heights may vary, but the spacing between sections should feel controlled and fairly even
 - avoid abrupt jumps between very small and very large sections without enough breathing room
 - the full page should feel curated, smooth, and consistent
 ---
 ## 11. COMPONENT EXECUTION GUIDELINES
 ### Diagonal Staggered Square Masonry
 Use square image or content blocks with strong staggered vertical rhythm.
 Should feel curated and graphic, not messy.
 ### 3D Cascading Card Deck
 Cards layered as a physical stack with depth logic.
 Should feel premium and tactile, not gimmicky.
 ### Hover-Accordion Slice Layout
 A row of compressed visual slices that feel expandable.
 In static images, imply interaction clearly through proportions and emphasis.
 ### Pristine Gapless Bento Grid
 Mathematically clean grid.
 No accidental gaps.
 Mix large visual blocks with smaller dense information panels.
 ### Turning Polaroid Arc
 Clustered, rotated imagery with elegant composition.
 Should feel styled and intentional, not scrapbook-random.
 ### Off-Grid Editorial Layout
 Use asymmetry and tension with control.
 Must remain readable and clearly structured.
 ### Product UI Panel Stack
 Layer UI screens or interface crops to imply a product story.
 Avoid generic fake dashboards.
 ### Vertical Rhythm Lines
 Use fine lines and spacing systems to reinforce order and elegance.
 Never let them become decorative clutter.
 ---
 ## 12. DENSITY & SPACING DISCIPLINE
 Do not make everything too dense.
 The page should breathe.
 Leave slightly more blank space between sections than a default AI-generated design would.
 Rules:
 - use more even vertical spacing between major sections
 - keep section-to-section spacing consistent unless there is a strong design reason not to
 - avoid one section feeling very cramped while the next feels too empty
 - prefer a clean, balanced cadence across the page
 - allow negative space to create rhythm and emphasis
 - separate denser sections with calmer sections
 - avoid stacking too many cards, labels, and content blocks too tightly
 - smaller sections should still receive enough surrounding space so the page feels polished and intentional
 A premium page should feel:
 - open
 - composed
 - balanced
 - confident
 - breathable
 Not:
 - cramped
 - noisy
 - uneven
 - overfilled
 - visually exhausted
 Section rhythm should alternate with control:
 - some sections can be more content-rich
 - some sections can be smaller and calmer
 - but the overall spacing cadence should still feel even, clean, and deliberate
 Whitespace is a design tool.
 Use it deliberately.
 Do not let spacing become random.
 ---
 ## 13. COLOR & MATERIAL RULES
 ### Palette Discipline
 Use one controlled palette across the entire site:
 - 1 primary (brand anchor)
 - 1 secondary (supporting tone)
 - 1 accent (used sparingly for CTA / highlight)
 - a neutral scale (background, surface, text, hairline)
 Section-level mood shifts must reuse the same palette — no full theme swap per section.
 ### Background-image harmony
 When using full-bleed image backgrounds:
 - the image must tonally match the palette (not fight it)
 - use overlays (dark, light, or color tint) to keep text fully readable
 - the brand accent stays consistent regardless of background image
 ### Gradient Discipline
 Gradients are **allowed and encouraged** when professional and subtle. They are not the same as AI slop gradients.
 Allowed (use confidently):
 - low-chroma palette-matched tonal gradients (e.g. ink to graphite, cream to sand, ivory to warm grey)
 - single-hue atmospheric grades behind hero photography
 - soft vignettes and radial depth that direct the eye
 - noise-textured gradients adding tactile depth without color noise
 - editorial color washes that match brand mood
 Banned (AI gradient slop):
 - rainbow / mesh blob gradients
 - purple-to-blue "AI" defaults
 - pink-to-orange "creator" defaults
 - neon edges and glow halos with no purpose
 - gradient text as a shortcut for "premium"
 - gradients that compete with imagery instead of supporting it
 ### Background Confidence Rule
 Do not retreat to plain white surfaces by default. When the brief, brand mood, or section job calls for atmosphere, use:
 - a full-bleed image,
 - a duotone or graded photo,
 - a tonal gradient,
 - a tactile material,
 or a confident flat color field — picked deliberately, not as decoration.
 ### Strong guidance
 - avoid rainbow randomness
 - avoid over-neon unless requested
 - keep contrast intentional
 - match accent colors to the chosen theme paradigm
 - gradients must always read as professional and intentional, never as visual noise
 ### Materiality
 Where appropriate, add:
 - paper feel
 - glass feel
 - brushed metal feel
 - soft blur depth
 - tactile matte surfaces
 - editorial photo treatment
 But always keep the frontend structure readable.
 ---
 ## 14. IMAGE / MEDIA DIRECTION
 If imagery is present, it must support the layout.
 Allowed:
 - art-directed product visuals
 - refined editorial photography
 - UI crops
 - abstract forms with structural purpose
 - framed objects
 - premium texture use
 - campaign-style visuals
 Avoid:
 - irrelevant scenery
 - stock-photo cliches
 - decorative junk
 - visuals that overpower the page hierarchy
 ---
 ## 15. DEFAULT SITE PACKS
 ### 4-section pack
 1. Hero
 2. Features
 3. Social proof / testimonial
 4. CTA
 ### 8-section pack
 1. Hero
 2. Trust bar
 3. Features
 4. Product showcase
 5. Benefits / use cases
 6. Testimonials
 7. Pricing
 8. CTA
 ### 12-section pack
 1. Hero
 2. Trust bar
 3. Feature grid
 4. Product preview
 5. Problem / solution
 6. Benefits
 7. Workflow
 8. Metrics / proof / integration
 9. Testimonials
 10. Pricing
 11. FAQ
 12. CTA + footer
 ---
 ## 16. MULTI-IMAGE CONSISTENCY RULE
 Because every section is its own image, consistency is critical. Across all per-section frames enforce:
 - same brand world
 - same type scale logic
 - same spacing discipline
 - same CTA family (style variations are fine, identity is not)
 - same icon or illustration mood
 - same image treatment (grade, framing, material vocabulary)
 - same tonal language in any copy
 Variation IS allowed in:
 - composition anchor (per section)
 - background mode (per section)
 - section size and density
 - which "second-read" moment appears
 A viewer flipping through every per-section frame must still recognize one brand. Anything that breaks brand recall is over-variation.
 ---
 ## 17. CLARITY CHECK
 Before finalizing, verify internally:
 1. Is the hierarchy obvious?
 2. Is the hero clean enough?
 3. Is the design visually distinctive?
 4. Is it free of obvious AI tells?
 5. Is it premium rather than template-like?
 6. Can someone code from this?
 7. If multiple images exist, do they clearly belong together?
 8. Is imagery used strongly enough (with variation, not one repeated crop)?
 9. Does the page breathe, or is it too dense?
 10. Is there enough spacing between sections?
 11. Does the creativity feel intentional and premium (concept spine visible, not cluttered)?
 12. Is the spacing between sections even and controlled?
 13. Do smaller sections still have enough surrounding space to feel clean?
 14. Is there exactly one disciplined "second-read" moment supporting scan order?
 15. Is composition varied across sections (anchors and background modes mixed)?
 16. Is the hero scale (giant / mid / mini) chosen and executed cleanly?
 17. Is there a clear conversion path (hook -> proof -> action) even in artistic sites?
 18. Is the palette consistent across all per-section images?
 19. Is each image horizontal and one-section-only?
 20. Is the **total number of images equal to the number of sections** (never fewer)?
 21. Is the hero using a varied composition (not defaulting to left-text / right-image out of habit)?
 If not, refine internally before output. If the count is wrong, regenerate the missing sections. If the hero feels like a reflexive left-text / right-image default, prefer a different composition anchor.
 ---
 ## 18. EXTRA CREATIVITY & IMPLEMENTATION EDGE
 Apply unless the user opts out:
 ### Cross-section contrast
 Across the slice, deliberately vary foreground/background intensity at least twice (lighter → richer → calmer) so the scroll feels paced, not monotonous slabs.
 ### CTA specificity
 Prefer one unmistakable primary action per major viewport tier; secondary actions must look secondary (scale, outline, ghost), not clones of primary.
 ### Image variety inside one comp
 Mix at least **two distinct image crops** where multiple sections exist — e.g. macro product + contextual environment, or portrait editorial + widescreen artifact — avoiding one repeated stock silhouette.
 ### Data-viz restraint
 Charts, sparklines, and graphs appear only when the site type logically needs them (analytics, pricing, infra, observability brands). Else keep proof human (quotes, receipts, timelines, screenshots of real workflows).
 ### Cultural / tonal alignment
 When the brief names an industry or region, steer palette and typographic temperament to match — don’t ship default “neutral SF startup” unless the brief is intentionally generic SaaS.
 ### Mobile-implied fidelity (even for desktop mocks)
 Maintain tap-friendly hit sizes and readable caption sizes visually; stacking order should imply a sane single-column narrative.
 ### Conversion focus
 Each section has a job. Even when the design is artistic, the page must read as a real product or brand site:
 - the hero communicates value in seconds and offers one obvious next action
 - proof sections (logos, quotes, metrics) feel earned, not stuffed
 - pricing or CTA sections feel decisive, not buried
 - the final section closes: a single strong CTA + supporting trust cue
 Avoid pure mood reels with no funnel logic.
 ### Composition variety check
 Across all per-section images, internally log the chosen composition anchor and background mode. Reject the set if:
 - the same composition anchor repeats more than 2 sections in a row
 - the same background mode repeats more than 3 sections in a row
 - every section is inline-asset (no full-bleed background ever appears) **AND** the brief does not call for minimalism / typography-only / swiss / ultra simple
 For non-minimalist briefs: push for at least one full-bleed (or duotone / atmospheric) background and at least one mini minimalist section in any multi-section site.
 For minimalist briefs: this rule is suspended. Restraint is the design.
 ---
 ## 19. RESPONSE BEHAVIOR
 When the user asks for a frontend design:
 1. infer site type and primary conversion goal
 2. infer number of sections (if unclear, use the defaults from §5: landing page = 6, full website = 8)
 3. **commit out loud** to the section count and announce it ("Generating N horizontal images, one per section")
 4. plan ONE horizontal image PER SECTION — always separate generations, never collapse
 5. choose Hero Scale for the whole site (giant / mid / mini)
 5. choose a strong visual combination (theme, type, hero arch, section system, motion, narrative spine, second-read moment)
 7. for each section: pick a Composition Anchor, Background Mode, and CTA Variation — vary across sections
 8. choose 4 signature components used appropriately across sections
 9. enforce hero minimalism + section size variety (some giant, some mini)
 10. enforce strong image usage including full-bleed backgrounds where it fits
 11. lock one consistent palette across all images
 12. apply §18 EXTRA CREATIVITY & IMPLEMENTATION EDGE
 13. keep spacing generous, even, and clean
 14. remove AI slop (including marquee / fake KPI clichés unless requested)
 15. run §17 CLARITY CHECK
 16. **generate every per-section horizontal image, labeled "Section X of N: <name>"**, until the full set is delivered. Do not stop early. Do not summarize. Do not return only one image.
 Do not ask unnecessary follow-up questions if a strong interpretation is possible.
 ---
 ## 20. EXAMPLE INTERPRETATIONS
 ### Example 1
 User: "make a hero section for an AI startup"
 Interpretation:
 - 1 horizontal image
 - Hero Scale: Mid Editorial or Giant Statement
 - Composition Anchor: bottom-left text over full-bleed product/atmosphere image
 - Background Mode: full-bleed image with dark tonal overlay
 - CTA Variation: outlined inline + small label hint
 - Palette: Deep Dark or Bold Studio Solid, one consistent accent
 - no cliche dashboard spam, no purple AI glow
 ### Example 2
 User: "design 8 sections for a fintech website"
 Interpretation:
 - 8 separate horizontal images (one per section)
 - Hero Scale: Mid Editorial (trust-driven)
 - vary Composition Anchor across sections (centered low, right-third caption, bottom-left over chart visual, stacked center for closing CTA)
 - Background Mode mix: solid surface, full-bleed image background once, editorial side-image at use cases
 - one consistent palette (e.g. ink + paper + single brand accent)
 - conversion path: hook -> proof bar -> features -> use case -> testimonial -> pricing -> FAQ -> final CTA
 ### Example 3
 User: "creative agency landing page, 12 sections"
 Interpretation:
 - 12 horizontal images (one per section)
 - Hero Scale: Giant Statement OR Mini Minimalist (decisive choice, not in-between)
 - editorial / poster-like direction; off-grid composition appears 2-3 times
 - multiple Background Modes (full-bleed image at hero + showcase, editorial side-image at case studies, solid + accent for process)
 - palette consistent throughout, with one bold accent recurring
 - closing CTA section: mini minimalist, strong type, single primary action
 ---
 ## 21. FINAL GOAL
 Generate frontend reference images that feel:
 - artistic
 - premium
 - clear
 - structured
 - image-led
 - breathable
 - memorable
 - anti-generic
 - implementation-friendly
 The result should look like a top-tier website concept with strong imagery, confident creativity, and generous spacing - not a dense, repetitive AI layout.
--- a/.agents/skills/industrial-brutalist-ui/SKILL.md
+++ b/.agents/skills/industrial-brutalist-ui/SKILL.md
@@ -0,0 +1,92 @@
 ---
 name: industrial-brutalist-ui
 description: Raw mechanical interfaces fusing Swiss typographic print with military terminal aesthetics. Rigid grids, extreme type scale contrast, utilitarian color, analog degradation effects. For data-heavy dashboards, portfolios, or editorial sites that need to feel like declassified blueprints.
 ---
 # SKILL: Industrial Brutalism & Tactical Telemetry UI
 ## 1. Skill Meta
 **Name:** Industrial Brutalism & Tactical Telemetry Interface Engineering
 **Description:** Advanced proficiency in architecting web interfaces that synthesize mid-century Swiss Typographic design, industrial manufacturing manuals, and retro-futuristic aerospace/military terminal interfaces. This discipline requires absolute mastery over rigid modular grids, extreme typographic scale contrast, purely utilitarian color palettes, and the programmatic simulation of analog degradation (halftones, CRT scanlines, bitmap dithering). The objective is to construct digital environments that project raw functionality, mechanical precision, and high data density, deliberately discarding conventional consumer UI patterns.
 ## 2. Visual Archetypes
 The design system operates by merging two distinct but highly compatible visual paradigms. **Pick ONE per project and commit to it. Do not alternate or mix both modes within the same interface.**
 ### 2.1 Swiss Industrial Print
 Derived from 1960s corporate identity systems and heavy machinery blueprints.
 *   **Characteristics:** High-contrast light modes (newsprint/off-white substrates). Reliance on monolithic, heavy sans-serif typography. Unforgiving structural grids outlined by visible dividing lines. Aggressive, asymmetric use of negative space punctuated by oversized, viewport-bleeding numerals or letterforms. Heavy use of primary red as an alert/accent color.
 ### 2.2 Tactical Telemetry & CRT Terminal
 Derived from classified military databases, legacy mainframes, and aerospace Heads-Up Displays (HUDs).
 *   **Characteristics:** Dark mode exclusivity. High-density tabular data presentation. Absolute dominance of monospaced typography. Integration of technical framing devices (ASCII brackets, crosshairs). Application of simulated hardware limitations (phosphor glow, scanlines, low bit-depth rendering).
 ## 3. Typographic Architecture
 Typography is the primary structural and decorative infrastructure. Imagery is secondary. The system demands extreme variance in scale, weight, and spacing.
 ### 3.1 Macro-Typography (Structural Headers)
 *   **Classification:** Neo-Grotesque / Heavy Sans-Serif.
 *   **Optimal Web Fonts:** Neue Haas Grotesk (Black), Inter (Extra Bold/Black), Archivo Black, Roboto Flex (Heavy), Monument Extended.
 *   **Implementation Parameters:**
    *   **Scale:** Deployed at massive scales using fluid typography (e.g., `clamp(4rem, 10vw, 15rem)`).
    *   **Tracking (Letter-spacing):** Extremely tight, often negative (`-0.03em` to `-0.06em`), forcing glyphs to form solid architectural blocks.
    *   **Leading (Line-height):** Highly compressed (`0.85` to `0.95`).
    *   **Casing:** Exclusively uppercase for structural impact.
 ### 3.2 Micro-Typography (Data & Telemetry)
 *   **Classification:** Monospace / Technical Sans.
 *   **Optimal Web Fonts:** JetBrains Mono, IBM Plex Mono, Space Mono, VT323, Courier Prime.
 *   **Implementation Parameters:**
    *   **Scale:** Fixed and small (`10px` to `14px` / `0.7rem` to `0.875rem`).
    *   **Tracking:** Generous (`0.05em` to `0.1em`) to simulate mechanical typewriter spacing or terminal matrices.
    *   **Leading:** Standard to tight (`1.2` to `1.4`).
    *   **Casing:** Exclusively uppercase. Used for all metadata, navigation, unit IDs, and coordinates.
 ### 3.3 Textural Contrast (Artistic Disruption)
 *   **Classification:** High-Contrast Serif.
 *   **Optimal Web Fonts:** Playfair Display, EB Garamond, Times New Roman.
 *   **Implementation Parameters:** Used exceedingly sparingly. Must be subjected to heavy post-processing (halftone filters, 1-bit dithering) to degrade vector perfection and create textural juxtaposition against the clean sans-serifs.
 ## 4. Color System
 The color architecture is uncompromising. Gradients, soft drop shadows, and modern translucency are strictly prohibited. Colors simulate physical media or primitive emissive displays.
 **CRITICAL: Choose ONE substrate palette per project and use it consistently. Never mix light and dark substrates within the same interface.**
 ### If Swiss Industrial Print (Light):
 *   **Background:** `#F4F4F0` or `#EAE8E3` (Matte, unbleached documentation paper).
 *   **Foreground:** `#050505` to `#111111` (Carbon Ink).
 *   **Accent:** `#E61919` or `#FF2A2A` (Aviation/Hazard Red). This is the ONLY accent color. Used for strike-throughs, thick structural dividing lines, or vital data highlights.
 ### If Tactical Telemetry (Dark):
 *   **Background:** `#0A0A0A` or `#121212` (Deactivated CRT. Avoid pure `#000000`).
 *   **Foreground:** `#EAEAEA` (White phosphor). This is the primary text color.
 *   **Accent:** `#E61919` or `#FF2A2A` (Aviation/Hazard Red). Same red, same rules.
 *   **Terminal Green (`#4AF626`):** Optional. Use ONLY for a single specific UI element (e.g., one status indicator or one data readout) — never as a general text color. If it doesn't serve a clear purpose, omit it entirely.
 ## 5. Layout and Spatial Engineering
 The layout must appear mathematically engineered. It rejects conventional web padding in favor of visible compartmentalization.
 *   **The Blueprint Grid:** Strict adherence to CSS Grid architectures. Elements do not float; they are anchored precisely to grid tracks and intersections.
 *   **Visible Compartmentalization:** Extensive utilization of solid borders (`1px` or `2px solid`) to delineate distinct zones of information. Horizontal rules (`<hr>`) frequently span the entire container width to segregate operational units.
 *   **Bimodal Density:** Layouts oscillate between extreme data density (tightly packed monospace metadata clustered together) and vast expanses of calculated negative space framing macro-typography.
 *   **Geometry:** Absolute rejection of `border-radius`. All corners must be exactly 90 degrees to enforce mechanical rigidity.
 ## 6. UI Components and Symbology
 Standard web UI conventions are replaced with utilitarian, industrial graphic elements.
 *   **Syntax Decoration:** Utilization of ASCII characters to frame data points.
    *   *Framing:* `[ DELIVERY SYSTEMS ]`, `< RE-IND >`
    *   *Directional:* `>>>`, `///`, `\\\\`
 *   **Industrial Markers:** Prominent integration of registration (`®`), copyright (`©`), and trademark (`™`) symbols functioning as structural geometric elements rather than legal text.
 *   **Technical Assets:** Integration of crosshairs (`+`) at grid intersections, repeating vertical lines (barcodes), thick horizontal warning stripes, and randomized string data (e.g., `REV 2.6`, `UNIT / D-01`) to simulate active mechanical processes.
 ## 7. Textural and Post-Processing Effects
 To prevent the design from appearing purely digital, simulated analog degradation is engineered into the frontend via CSS and SVG filters.
 *   **Halftone and 1-Bit Dithering:** Transforming continuous-tone images or large serif typography into dot-matrix patterns. Achieved via pre-processing or CSS `mix-blend-mode: multiply` overlays combined with SVG radial dot patterns.
 *   **CRT Scanlines:** For terminal interfaces, applying a `repeating-linear-gradient` to the background to simulate horizontal electron beam sweeps (e.g., `repeating-linear-gradient(0deg, transparent, transparent 2px, rgba(0,0,0,0.1) 2px, rgba(0,0,0,0.1) 4px)`).
 *   **Mechanical Noise:** A global, low-opacity SVG static/noise filter applied to the DOM root to introduce a unified physical grain across both dark and light modes.
 ## 8. Web Engineering Directives
 1.  **Grid Determinism:** Utilize `display: grid; gap: 1px;` with contrasting parent/child background colors to generate mathematically perfect, razor-thin dividing lines without complex border declarations.
 2.  **Semantic Rigidity:** Construct the DOM using precise semantic tags (`<data>`, `<samp>`, `<kbd>`, `<output>`, `<dl>`) to accurately reflect the technical nature of the telemetry.
 3.  **Typography Clamping:** Implement CSS `clamp()` functions exclusively for macro-typography to ensure massive text scales aggressively while maintaining structural integrity across viewports.
--- a/.agents/skills/minimalist-ui/SKILL.md
+++ b/.agents/skills/minimalist-ui/SKILL.md
@@ -0,0 +1,85 @@
 ---
 name: minimalist-ui
 description: Clean editorial-style interfaces. Warm monochrome palette, typographic contrast, flat bento grids, muted pastels. No gradients, no heavy shadows.
 ---
 # Protocol: Premium Utilitarian Minimalism UI Architect
 ## 1. Protocol Overview
 Name: Premium Utilitarian Minimalism & Editorial UI
 Description: An advanced frontend engineering directive for generating highly refined, ultra-minimalist, "document-style" web interfaces analogous to top-tier workspace platforms. This protocol strictly enforces a high-contrast warm monochrome palette, bespoke typographic hierarchies, meticulous structural macro-whitespace, bento-grid layouts, and an ultra-flat component architecture with deliberate muted pastel accents. It actively rejects standard generic SaaS design trends.
 ## 2. Absolute Negative Constraints (Banned Elements)
 The AI must strictly avoid the following generic web development defaults:
 - DO NOT use the "Inter", "Roboto", or "Open Sans" typefaces.
 - DO NOT use generic, thin-line icon libraries like "Lucide", "Feather", or standard "Heroicons".
 - DO NOT use Tailwind's default heavy drop shadows (e.g., `shadow-md`, `shadow-lg`, `shadow-xl`). Shadows must be practically non-existent or heavily customized to be ultra-diffuse and low opacity (< 0.05).
 - DO NOT use primary colored backgrounds for large elements or sections (e.g., no bright blue, green, or red hero sections).
 - DO NOT use gradients, neon colors, or 3D glassmorphism (beyond subtle navbar blurs).
 - DO NOT use `rounded-full` (pill shapes) for large containers, cards, or primary buttons.
 - DO NOT use emojis anywhere in code, markup, text content, headings, or alt text. Replace with proper icons or clean SVG primitives.
 - DO NOT use generic placeholder names like "John Doe", "Acme Corp", or "Lorem Ipsum". Use realistic, contextual content.
 - DO NOT use AI copywriting clichés: "Elevate", "Seamless", "Unleash", "Next-Gen", "Game-changer", "Delve". Write plain, specific language.
 ## 3. Typographic Architecture
 The interface must rely on extreme typographic contrast and premium font selection to establish an editorial feel.
 - Primary Sans-Serif (Body, UI, Buttons): Use clean, geometric, or system-native fonts with character. Target: `font-family: 'SF Pro Display', 'Geist Sans', 'Helvetica Neue', 'Switzer', sans-serif`.
 - Editorial Serif (Hero Headings & Quotes): Target: `font-family: 'Lyon Text', 'Newsreader', 'Playfair Display', 'Instrument Serif', serif`. Apply tight tracking (`letter-spacing: -0.02em` to `-0.04em`) and tight line-height (`1.1`).
 - Monospace (Code, Keystrokes, Meta-data): Target: `font-family: 'Geist Mono', 'SF Mono', 'JetBrains Mono', monospace`.
 - Text Colors: Body text must never be absolute black (`#000000`). Use off-black/charcoal (`#111111` or `#2F3437`) with a generous `line-height` of `1.6` for legibility. Secondary text should be muted gray (`#787774`).
 ## 4. Color Palette (Warm Monochrome + Spot Pastels)
 Color is a scarce resource, utilized only for semantic meaning or subtle accents.
 - Canvas / Background: Pure White `#FFFFFF` or Warm Bone/Off-White `#F7F6F3` / `#FBFBFA`.
 - Primary Surface (Cards): `#FFFFFF` or `#F9F9F8`.
 - Structural Borders / Dividers: Ultra-light gray `#EAEAEA` or `rgba(0,0,0,0.06)`.
 - Accent Colors: Exclusively use highly desaturated, washed-out pastels for tags, inline code backgrounds, or subtle icon backgrounds.
  - Pale Red: `#FDEBEC` (Text: `#9F2F2D`)
  - Pale Blue: `#E1F3FE` (Text: `#1F6C9F`)
  - Pale Green: `#EDF3EC` (Text: `#346538`)
  - Pale Yellow: `#FBF3DB` (Text: `#956400`)
 ## 5. Component Specifications
 - Bento Box Feature Grids:
  - Utilize asymmetrical CSS Grid layouts.
  - Cards must have exactly `border: 1px solid #EAEAEA`.
  - Border-radius must be crisp: `8px` or `12px` maximum.
  - Internal padding must be generous (e.g., `24px` to `40px`).
 - Primary Call-To-Action (Buttons):
  - Solid background `#111111`, text `#FFFFFF`. 
  - Slight border-radius (`4px` to `6px`). No box-shadow. 
  - Hover state should be a subtle color shift to `#333333` or a micro-scale `transform: scale(0.98)`.
 - Tags & Status Badges:
  - Pill-shaped (`border-radius: 9999px`), very small typography (`text-xs`), uppercase with wide tracking (`letter-spacing: 0.05em`).
  - Background must use the defined Muted Pastels.
 - Accordions (FAQ):
  - Strip all container boxes. Separate items only with a `border-bottom: 1px solid #EAEAEA`.
  - Use a clean, sharp `+` and `-` icon for the toggle state.
 - Keystroke Micro-UIs:
  - Render shortcuts as physical keys using `<kbd>` tags: `border: 1px solid #EAEAEA`, `border-radius: 4px`, `background: #F7F6F3`, using the Monospace font.
 - Faux-OS Window Chrome:
  - When mocking up software, wrap it in a minimalist container with a white top bar containing three small, light gray circles (replicating macOS window controls).
 ## 6. Iconography & Imagery Directives
 - System Icons: Use "Phosphor Icons (Bold or Fill weights)" or "Radix UI Icons" for a technical, slightly thicker-stroke aesthetic. Standardize stroke width across all icons.
 - Illustrations: Monochromatic, rough continuous-line ink sketches on a white background, featuring a single offset geometric shape filled with a muted pastel color.
 - Photography: Use high-quality, desaturated images with a warm tone. Apply subtle overlays (`opacity: 0.04` warm grain) to blend photos into the monochrome palette. Never use oversaturated stock photos. Use reliable placeholders like `https://picsum.photos/seed/{context}/1200/800` when real assets are unavailable.
 - Hero & Section Backgrounds: Sections should not feel empty and flat. Use subtle full-width background imagery at very low opacity, soft radial light spots (`radial-gradient` with warm tones at `opacity: 0.03`), or minimal geometric line patterns to add depth without breaking the clean aesthetic.
 ## 7. Subtle Motion & Micro-Animations
 Motion should feel invisible — present but never distracting. The goal is quiet sophistication, not spectacle.
 - Scroll Entry: Elements fade in gently as they enter the viewport. Use `translateY(12px)` + `opacity: 0` resolving over `600ms` with `cubic-bezier(0.16, 1, 0.3, 1)`. Use `IntersectionObserver`, never `window.addEventListener('scroll')`.
 - Hover States: Cards lift with an ultra-subtle shadow shift (`box-shadow` transitioning from `0 0 0` to `0 2px 8px rgba(0,0,0,0.04)` over `200ms`). Buttons respond with `scale(0.98)` on `:active`.
 - Staggered Reveals: Lists and grid items enter with a cascade delay (`animation-delay: calc(var(--index) * 80ms)`). Never mount everything at once.
 - Background Ambient Motion: Optional. A single, very slow-moving radial gradient blob (`animation-duration: 20s+`, `opacity: 0.02-0.04`) drifting behind hero sections. Must be applied to a `position: fixed; pointer-events: none` layer. Never on scrolling containers.
 - Performance: Animate exclusively via `transform` and `opacity`. No layout-triggering properties (`top`, `left`, `width`, `height`). Use `will-change: transform` sparingly and only on actively animating elements.
 ## 8. Execution Protocol
 When tasked with writing frontend code (HTML, React, Tailwind, Vue) or designing a layout:
 1. Establish the macro-whitespace first. Use massive vertical padding between sections (e.g., `py-24` or `py-32` in Tailwind).
 2. Constrain the main typography content width to `max-w-4xl` or `max-w-5xl`.
 3. Apply the custom typographic hierarchy and monochromatic color variables immediately.
 4. Ensure every card, divider, and border adheres strictly to the `1px solid #EAEAEA` rule.
 5. Add scroll-entry animations to all major content blocks.
 6. Ensure sections have visual depth through imagery, ambient gradients, or subtle textures — no empty flat backgrounds.
 7. Provide code that reflects this high-end, uncluttered, editorial aesthetic natively without requiring manual adjustments.
--- a/.agents/skills/redesign-existing-projects/SKILL.md
+++ b/.agents/skills/redesign-existing-projects/SKILL.md
@@ -0,0 +1,178 @@
 ---
 name: redesign-existing-projects
 description: Upgrades existing websites and apps to premium quality. Audits current design, identifies generic AI patterns, and applies high-end design standards without breaking functionality. Works with any CSS framework or vanilla CSS.
 ---
 # Redesign Skill
 ## How This Works
 When applied to an existing project, follow this sequence:
 1. **Scan** — Read the codebase. Identify the framework, styling method (Tailwind, vanilla CSS, styled-components, etc.), and current design patterns.
 2. **Diagnose** — Run through the audit below. List every generic pattern, weak point, and missing state you find.
 3. **Fix** — Apply targeted upgrades working with the existing stack. Do not rewrite from scratch. Improve what's there.
 ## Design Audit
 ### Typography
 Check for these problems and fix them:
 - **Browser default fonts or Inter everywhere.** Replace with a font that has character. Good options: `Geist`, `Outfit`, `Cabinet Grotesk`, `Satoshi`. For editorial/creative projects, pair a serif header with a sans-serif body.
 - **Headlines lack presence.** Increase size for display text, tighten letter-spacing, reduce line-height. Headlines should feel heavy and intentional.
 - **Body text too wide.** Limit paragraph width to roughly 65 characters. Increase line-height for readability.
 - **Only Regular (400) and Bold (700) weights used.** Introduce Medium (500) and SemiBold (600) for more subtle hierarchy.
 - **Numbers in proportional font.** Use a monospace font or enable tabular figures (`font-variant-numeric: tabular-nums`) for data-heavy interfaces.
 - **Missing letter-spacing adjustments.** Use negative tracking for large headers, positive tracking for small caps or labels.
 - **All-caps subheaders everywhere.** Try lowercase italics, sentence case, or small-caps instead.
 - **Orphaned words.** Single words sitting alone on the last line. Fix with `text-wrap: balance` or `text-wrap: pretty`.
 ### Color and Surfaces
 - **Pure `#000000` background.** Replace with off-black, dark charcoal, or tinted dark (`#0a0a0a`, `#121212`, or a dark navy).
 - **Oversaturated accent colors.** Keep saturation below 80%. Desaturate accents so they blend with neutrals instead of screaming.
 - **More than one accent color.** Pick one. Remove the rest. Consistency beats variety.
 - **Mixing warm and cool grays.** Stick to one gray family. Tint all grays with a consistent hue (warm or cool, not both).
 - **Purple/blue "AI gradient" aesthetic.** This is the most common AI design fingerprint. Replace with neutral bases and a single, considered accent.
 - **Generic `box-shadow`.** Tint shadows to match the background hue. Use colored shadows (e.g., dark blue shadow on a blue background) instead of pure black at low opacity.
 - **Flat design with zero texture.** Add subtle noise, grain, or micro-patterns to backgrounds. Pure flat vectors feel sterile.
 - **Perfectly even gradients.** Break the uniformity with radial gradients, noise overlays, or mesh gradients instead of standard linear 45-degree fades.
 - **Inconsistent lighting direction.** Audit all shadows to ensure they suggest a single, consistent light source.
 - **Random dark sections in a light mode page (or vice versa).** A single dark-background section breaking an otherwise light page looks like a copy-paste accident. Either commit to a full dark mode or keep a consistent background tone throughout. If contrast is needed, use a slightly darker shade of the same palette — not a sudden jump to `#111` in the middle of a cream page.
 - **Empty, flat sections with no visual depth.** Sections that are just text on a plain background feel unfinished. Add high-quality background imagery (blurred, overlaid, or masked), subtle patterns, or ambient gradients. Use reliable placeholder sources like `https://picsum.photos/seed/{name}/1920/1080` when real assets are not available. Experiment with background images behind hero sections, feature blocks, or CTAs — even a subtle full-width photo at low opacity adds presence.
 ### Layout
 - **Everything centered and symmetrical.** Break symmetry with offset margins, mixed aspect ratios, or left-aligned headers over centered content.
 - **Three equal card columns as feature row.** This is the most generic AI layout. Replace with a 2-column zig-zag, asymmetric grid, horizontal scroll, or masonry layout.
 - **Using `height: 100vh` for full-screen sections.** Replace with `min-height: 100dvh` to prevent layout jumping on mobile browsers (iOS Safari viewport bug).
 - **Complex flexbox percentage math.** Replace with CSS Grid for reliable multi-column structures.
 - **No max-width container.** Add a container constraint (around 1200-1440px) with auto margins so content doesn't stretch edge-to-edge on wide screens.
 - **Cards of equal height forced by flexbox.** Allow variable heights or use masonry when content varies in length.
 - **Uniform border-radius on everything.** Vary the radius: tighter on inner elements, softer on containers.
 - **No overlap or depth.** Elements sit flat next to each other. Use negative margins to create layering and visual depth.
 - **Symmetrical vertical padding.** Top and bottom padding are always identical. Adjust optically — bottom padding often needs to be slightly larger.
 - **Dashboard always has a left sidebar.** Try top navigation, a floating command menu, or a collapsible panel instead.
 - **Missing whitespace.** Double the spacing. Let the design breathe. Dense layouts work for data dashboards, not for marketing pages.
 - **Buttons not bottom-aligned in card groups.** When cards have different content lengths, CTAs end up at random heights. Pin buttons to the bottom of each card so they form a clean horizontal line regardless of content above.
 - **Feature lists starting at different vertical positions.** In pricing tables or comparison cards, the list of features should start at the same Y position across all columns. Use consistent spacing above the list or fixed-height title/price blocks.
 - **Inconsistent vertical rhythm in side-by-side elements.** When placing cards, columns, or panels next to each other, align shared elements (titles, descriptions, prices, buttons) across all items. Misaligned baselines make the layout look broken.
 - **Mathematical alignment that looks optically wrong.** Centering by the math doesn't always look centered to the eye. Icons next to text, play buttons in circles, or text in buttons often need 1-2px optical adjustments to feel right.
 ### Interactivity and States
 - **No hover states on buttons.** Add background shift, slight scale, or translate on hover.
 - **No active/pressed feedback.** Add a subtle `scale(0.98)` or `translateY(1px)` on press to simulate a physical click.
 - **Instant transitions with zero duration.** Add smooth transitions (200-300ms) to all interactive elements.
 - **Missing focus ring.** Ensure visible focus indicators for keyboard navigation. This is an accessibility requirement, not optional.
 - **No loading states.** Replace generic circular spinners with skeleton loaders that match the layout shape.
 - **No empty states.** An empty dashboard showing nothing is a missed opportunity. Design a composed "getting started" view.
 - **No error states.** Add clear, inline error messages for forms. Do not use `window.alert()`.
 - **Dead links.** Buttons that link to `#`. Either link to real destinations or visually disable them.
 - **No indication of current page in navigation.** Style the active nav link differently so users know where they are.
 - **Scroll jumping.** Anchor clicks jump instantly. Add `scroll-behavior: smooth`.
 - **Animations using `top`, `left`, `width`, `height`.** Switch to `transform` and `opacity` for GPU-accelerated, smooth animation.
 ### Content
 - **Generic names like "John Doe" or "Jane Smith".** Use diverse, realistic-sounding names.
 - **Fake round numbers like `99.99%`, `50%`, `$100.00`.** Use organic, messy data: `47.2%`, `$99.00`, `+1 (312) 847-1928`.
 - **Placeholder company names like "Acme Corp", "Nexus", "SmartFlow".** Invent contextual, believable brand names.
 - **AI copywriting cliches.** Never use "Elevate", "Seamless", "Unleash", "Next-Gen", "Game-changer", "Delve", "Tapestry", or "In the world of...". Write plain, specific language.
 - **Exclamation marks in success messages.** Remove them. Be confident, not loud.
 - **"Oops!" error messages.** Be direct: "Connection failed. Please try again."
 - **Passive voice.** Use active voice: "We couldn't save your changes" instead of "Mistakes were made."
 - **All blog post dates identical.** Randomize dates to appear real.
 - **Same avatar image for multiple users.** Use unique assets for every distinct person.
 - **Lorem Ipsum.** Never use placeholder latin text. Write real draft copy.
 - **Title Case On Every Header.** Use sentence case instead.
 ### Component Patterns
 - **Generic card look (border + shadow + white background).** Remove the border, or use only background color, or use only spacing. Cards should exist only when elevation communicates hierarchy.
 - **Always one filled button + one ghost button.** Add text links or tertiary styles to reduce visual noise.
 - **Pill-shaped "New" and "Beta" badges.** Try square badges, flags, or plain text labels.
 - **Accordion FAQ sections.** Use a side-by-side list, searchable help, or inline progressive disclosure.
 - **3-card carousel testimonials with dots.** Replace with a masonry wall, embedded social posts, or a single rotating quote.
 - **Pricing table with 3 towers.** Highlight the recommended tier with color and emphasis, not just extra height.
 - **Modals for everything.** Use inline editing, slide-over panels, or expandable sections instead of popups for simple actions.
 - **Avatar circles exclusively.** Try squircles or rounded squares for a less generic look.
 - **Light/dark toggle always a sun/moon switch.** Use a dropdown, system preference detection, or integrate it into settings.
 - **Footer link farm with 4 columns.** Simplify. Focus on main navigational paths and legally required links.
 ### Iconography
 - **Lucide or Feather icons exclusively.** These are the "default" AI icon choice. Use Phosphor, Heroicons, or a custom set for differentiation.
 - **Rocketship for "Launch", shield for "Security".** Replace cliche metaphors with less obvious icons (bolt, fingerprint, spark, vault).
 - **Inconsistent stroke widths across icons.** Audit all icons and standardize to one stroke weight.
 - **Missing favicon.** Always include a branded favicon.
 - **Stock "diverse team" photos.** Use real team photos, candid shots, or a consistent illustration style instead of uncanny stock imagery.
 ### Code Quality
 - **Div soup.** Use semantic HTML: `<nav>`, `<main>`, `<article>`, `<aside>`, `<section>`.
 - **Inline styles mixed with CSS classes.** Move all styling to the project's styling system.
 - **Hardcoded pixel widths.** Use relative units (`%`, `rem`, `em`, `max-width`) for flexible layouts.
 - **Missing alt text on images.** Describe image content for screen readers. Never leave `alt=""` or `alt="image"` on meaningful images.
 - **Arbitrary z-index values like `9999`.** Establish a clean z-index scale in the theme/variables.
 - **Commented-out dead code.** Remove all debug artifacts before shipping.
 - **Import hallucinations.** Check that every import actually exists in `package.json` or the project dependencies.
 - **Missing meta tags.** Add proper `<title>`, `description`, `og:image`, and social sharing meta tags.
 ### Strategic Omissions (What AI Typically Forgets)
 - **No legal links.** Add privacy policy and terms of service links in the footer.
 - **No "back" navigation.** Dead ends in user flows. Every page needs a way back.
 - **No custom 404 page.** Design a helpful, branded "page not found" experience.
 - **No form validation.** Add client-side validation for emails, required fields, and format checks.
 - **No "skip to content" link.** Essential for keyboard users. Add a hidden skip-link.
 - **No cookie consent.** If required by jurisdiction, add a compliant consent banner.
 ## Upgrade Techniques
 When upgrading a project, pull from these high-impact techniques to replace generic patterns:
 ### Typography Upgrades
 - **Variable font animation.** Interpolate weight or width on scroll or hover for text that feels alive.
 - **Outlined-to-fill transitions.** Text starts as a stroke outline and fills with color on scroll entry or interaction.
 - **Text mask reveals.** Large typography acting as a window to video or animated imagery behind it.
 ### Layout Upgrades
 - **Broken grid / asymmetry.** Elements that deliberately ignore column structure — overlapping, bleeding off-screen, or offset with calculated randomness.
 - **Whitespace maximization.** Aggressive use of negative space to force focus on a single element.
 - **Parallax card stacks.** Sections that stick and physically stack over each other during scroll.
 - **Split-screen scroll.** Two halves of the screen sliding in opposite directions.
 ### Motion Upgrades
 - **Smooth scroll with inertia.** Decouple scrolling from browser defaults for a heavier, cinematic feel.
 - **Staggered entry.** Elements cascade in with slight delays, combining Y-axis translation with opacity fade. Never mount everything at once.
 - **Spring physics.** Replace linear easing with spring-based motion for a natural, weighty feel on all interactive elements.
 - **Scroll-driven reveals.** Content entering through expanding masks, wipes, or draw-on SVG paths tied to scroll progress.
 ### Surface Upgrades
 - **True glassmorphism.** Go beyond `backdrop-filter: blur`. Add a 1px inner border and a subtle inner shadow to simulate edge refraction.
 - **Spotlight borders.** Card borders that illuminate dynamically under the cursor.
 - **Grain and noise overlays.** A fixed, pointer-events-none overlay with subtle noise to break digital flatness.
 - **Colored, tinted shadows.** Shadows that carry the hue of the background rather than using generic black.
 ## Fix Priority
 Apply changes in this order for maximum visual impact with minimum risk:
 1. **Font swap** — biggest instant improvement, lowest risk
 2. **Color palette cleanup** — remove clashing or oversaturated colors
 3. **Hover and active states** — makes the interface feel alive
 4. **Layout and spacing** — proper grid, max-width, consistent padding
 5. **Replace generic components** — swap cliche patterns for modern alternatives
 6. **Add loading, empty, and error states** — makes it feel finished
 7. **Polish typography scale and spacing** — the premium final touch
 ## Rules
 - Work with the existing tech stack. Do not migrate frameworks or styling libraries.
 - Do not break existing functionality. Test after every change.
 - Before importing any new library, check the project's dependency file first.
 - If the project uses Tailwind, check the version (v3 vs v4) before modifying config.
 - If the project has no framework, use vanilla CSS.
 - Keep changes reviewable and focused. Small, targeted improvements over big rewrites.
--- a/.agents/skills/stitch-design-taste/DESIGN.md
+++ b/.agents/skills/stitch-design-taste/DESIGN.md
@@ -0,0 +1,121 @@
 # Design System: Taste Standard
 **Skill:** stitch-design-taste
 ---
 ## Configuration — Set Your Style
 Adjust these dials before using this design system. They control how creative, dense, and animated the output should be. Pick the level that fits your project.
 | Dial | Level | Description |
 |------|-------|-------------|
 | **Creativity** | `8` | `1` = Ultra-minimal, Swiss, silent, monochrome. `5` = Balanced, clean but with personality. `10` = Expressive, editorial, bold typography experiments, inline images in headlines, strong asymmetry. Default: `8` |
 | **Density** | `4` | `1` = Gallery-airy, massive whitespace. `5` = Balanced sections. `10` = Cockpit-dense, data-heavy. Default: `4` |
 | **Variance** | `8` | `1` = Predictable, symmetric grids. `5` = Subtle offsets. `10` = Artsy chaotic, no two sections alike. Default: `8` |
 | **Motion Intent** | `6` | `1` = Static, no animation noted. `5` = Subtle hover/entrance cues. `10` = Cinematic orchestration noted in every component. Default: `6` |
 > **How to use:** Change the numbers above to match your project's vibe. At **Creativity 1–3**, the system produces clean, quiet, Notion-like interfaces. At **Creativity 7–10**, expect inline image typography, dramatic scale contrast, and strong editorial layouts. The rest of the rules below adapt to your chosen levels.
 ---
 ## 1. Visual Theme & Atmosphere
 A restrained, gallery-airy interface with confident asymmetric layouts and fluid spring-physics motion. The atmosphere is clinical yet warm — like a well-lit architecture studio where every element earns its place through function. Density is balanced (Level 4), variance runs high (Level 8) to prevent symmetrical boredom, and motion is fluid but never theatrical (Level 6). The overall impression: expensive, intentional, alive.
 ## 2. Color Palette & Roles
 - **Canvas White** (#F9FAFB) — Primary background surface. Warm-neutral, never clinical blue-white
 - **Pure Surface** (#FFFFFF) — Card and container fill. Used with whisper shadow for elevation
 - **Charcoal Ink** (#18181B) — Primary text. Zinc-950 depth — never pure black
 - **Steel Secondary** (#71717A) — Body text, descriptions, metadata. Zinc-500 warmth
 - **Muted Slate** (#94A3B8) — Tertiary text, timestamps, disabled states
 - **Whisper Border** (rgba(226,232,240,0.5)) — Card borders, structural 1px lines. Semi-transparent for depth
 - **Diffused Shadow** (rgba(0,0,0,0.05)) — Card elevation. Wide-spreading, 40px blur, -15px offset. Never harsh
 ### Accent Selection (Pick ONE per project)
 - **Emerald Signal** (#10B981) — For growth, success, positive data dashboards
 - **Electric Blue** (#3B82F6) — For productivity, SaaS, developer tools
 - **Deep Rose** (#E11D48) — For creative, editorial, fashion-adjacent projects
 - **Amber Warmth** (#F59E0B) — For community, social, warm-toned products
 ### Banned Colors
 - Purple/Violet neon gradients — the "AI Purple" aesthetic
 - Pure Black (#000000) — always Off-Black or Zinc-950
 - Oversaturated accents above 80% saturation
 - Mixed warm/cool gray systems within one project
 ## 3. Typography Rules
 - **Display:** `Geist`, `Satoshi`, `Cabinet Grotesk`, or `Outfit` — Track-tight (`-0.025em`), controlled fluid scale, weight-driven hierarchy (700–900). Not screaming. Leading compressed (`1.1`). Alternatives forced — `Inter` is BANNED for premium contexts
 - **Body:** Same family at weight 400 — Relaxed leading (`1.65`), 65ch max-width, Steel Secondary color (#71717A)
 - **Mono:** `Geist Mono` or `JetBrains Mono` — For code blocks, metadata, timestamps. When density exceeds Level 7, all numbers switch to monospace
 - **Scale:** Display at `clamp(2.25rem, 5vw, 3.75rem)`. Body at `1rem/1.125rem`. Mono metadata at `0.8125rem`
 ### Banned Fonts
 - `Inter` — banned everywhere in premium/creative contexts
 - Generic serif fonts (`Times New Roman`, `Georgia`, `Garamond`, `Palatino`) — BANNED. If serif is needed for editorial/creative, use only distinctive modern serifs like `Fraunces`, `Gambarino`, `Editorial New`, or `Instrument Serif`. Never use default browser serif stacks. Serif is always BANNED in dashboards or software UIs regardless
 ## 4. Component Stylings
 * **Buttons:** Flat surface, no outer glow. Primary: accent fill with white text. Secondary: ghost/outline. Active state: `-1px translateY` or `scale(0.98)` for tactile push. Hover: subtle background shift, never glow
 * **Cards/Containers:** Generously rounded corners (`2.5rem`). Pure white fill. Whisper border (`1px`, semi-transparent). Diffused shadow (`0 20px 40px -15px rgba(0,0,0,0.05)`). Internal padding `2rem–2.5rem`. Used ONLY when elevation communicates hierarchy — high-density layouts replace cards with `border-top` dividers or negative space
 * **Inputs/Forms:** Label positioned above input. Helper text optional. Error text below in Deep Rose. Focus ring in accent color, `2px` offset. No floating labels. Standard `0.5rem` gap between label-input-error stack
 * **Navigation:** Sleek, sticky. Icons scale on hover (Dock Magnification optional). No hamburger on desktop. Clean horizontal with generous spacing
 * **Loaders:** Skeletal shimmer matching exact layout dimensions and rounded corners. Shifting light reflection across placeholder shapes. Never circular spinners
 * **Empty States:** Composed illustration or icon composition with guidance text. Never just "No data found"
 * **Error States:** Inline, contextual. Red accent underline or border. Clear recovery action
 ## 5. Hero Section
 The Hero is the first impression — it must be striking, creative, and never generic.
 - **Inline Image Typography:** Embed small, contextual photos or visuals directly between words or letters in the headline. Example: "We build [photo of hands typing] digital [photo of screen] products" — images sit inline at type-height, rounded, acting as visual punctuation between words. This is the signature creative technique
 - **No Overlapping Elements:** Text must never overlap images or other text. Every element has its own clear spatial zone. No z-index stacking of content layers, no absolute-positioned headlines over images. Clean separation always
 - **No Filler Text:** "Scroll to explore", "Swipe down", scroll arrow icons, bouncing chevrons, and any instructional UI chrome are BANNED. The user knows how to scroll. Let the content pull them in naturally
 - **Asymmetric Structure:** Centered Hero layouts are BANNED at this variance level. Use Split Screen (50/50), Left-Aligned text / Right visual, or Asymmetric Whitespace with large empty zones
 - **CTA Restraint:** Maximum one primary CTA button. No secondary "Learn more" links. No redundant micro-copy below the headline
 ## 6. Layout Principles
 - **Grid-First:** CSS Grid for all structural layouts. Never flexbox percentage math (`calc(33% - 1rem)` is BANNED)
 - **No Overlapping:** Elements must never overlap each other. No absolute-positioned layers stacking content on content. Every element occupies its own grid cell or flow position. Clean, separated spatial zones
 - **Feature Sections:** The "3 equal cards in a row" pattern is BANNED. Use 2-column Zig-Zag, asymmetric Bento grids (2fr 1fr 1fr), or horizontal scroll galleries
 - **Containment:** All content within `max-width: 1400px`, centered. Generous horizontal padding (`1rem` mobile, `2rem` tablet, `4rem` desktop)
 - **Full-Height:** Use `min-height: 100dvh` — never `height: 100vh` (iOS Safari address bar jump)
 - **Bento Architecture:** For feature grids, use Row 1: 3 columns | Row 2: 2 columns (70/30 split). Each tile contains a perpetual micro-animation
 ## 7. Responsive Rules
 Every screen must work flawlessly across all viewports. **Responsive is not optional — it is a hard requirement. Every single element must be tested at 375px, 768px, and 1440px.**
 - **Mobile-First Collapse (< 768px):** All multi-column layouts collapse to a strict single column. `width: 100%`, `padding: 1rem`, `gap: 1.5rem`. No exceptions
 - **No Horizontal Scroll:** Horizontal overflow on mobile is a critical failure. All elements must fit within viewport width. If any element causes horizontal scroll, the design is broken
 - **Typography Scaling:** Headlines scale down gracefully via `clamp()`. Body text stays `1rem` minimum. Never shrink body below `14px`. Headlines must remain readable on 375px screens
 - **Touch Targets:** All interactive elements minimum `44px` tap target. Generous spacing between clickable items. Buttons must be full-width on mobile
 - **Image Behavior:** Hero and inline images scale proportionally. Inline typography images (photos between words) stack below the headline on mobile instead of inline
 - **Navigation:** Desktop horizontal nav collapses to a clean mobile menu (slide-in or full-screen overlay). No tiny hamburger icons without labels
 - **Cards & Grids:** Bento grids and asymmetric layouts revert to stacked single-column cards with full-width. Maintain internal padding (`1rem`)
 - **Spacing Consistency:** Vertical section gaps reduce proportionally on mobile (`clamp(3rem, 8vw, 6rem)`). Never cramped, never excessively airy
 - **Testing Viewports:** Designs must be verified at: `375px` (iPhone SE), `390px` (iPhone 14), `768px` (iPad), `1024px` (small laptop), `1440px` (desktop)
 ## 8. Motion & Interaction (Code-Phase Intent)
 > **Note:** Stitch generates static screens — it does not animate. This section documents the **intended motion behavior** so that the coding agent (Antigravity, Cursor, etc.) knows exactly how to implement animations when building the exported design into a live product.
 - **Physics Engine:** Spring-based exclusively. `stiffness: 100, damping: 20`. No linear easing anywhere. Premium, weighty feel on all interactive elements
 - **Perpetual Micro-Loops:** Every active dashboard component has an infinite-loop state — Pulse on status dots, Typewriter on search bars, Float on feature icons, Shimmer on loading states
 - **Staggered Orchestration:** Lists and grids mount with cascaded delays (`animation-delay: calc(var(--index) * 100ms)`). Waterfall reveals, never instant mount
 - **Layout Transitions:** Smooth re-ordering via shared element IDs. Items swap positions with physics, simulating real-time intelligence
 - **Hardware Rules:** Animate ONLY `transform` and `opacity`. Never `top`, `left`, `width`, `height`. Grain/noise filters on fixed, pointer-events-none pseudo-elements only
 - **Performance:** CPU-heavy perpetual animations isolated in microscopic leaf components. Never trigger parent re-renders. Target 60fps minimum
 ## 9. Anti-Patterns (Banned)
 - No emojis — anywhere in UI, code, or alt text
 - No `Inter` font — use `Geist`, `Outfit`, `Cabinet Grotesk`, `Satoshi`
 - No generic serif fonts (`Times New Roman`, `Georgia`, `Garamond`) — if serif is needed, use distinctive modern serifs only (`Fraunces`, `Instrument Serif`)
 - No pure black (`#000000`) — Off-Black or Zinc-950 only
 - No neon outer glows or default box-shadow glows
 - No oversaturated accent colors above 80%
 - No excessive gradient text on large headers
 - No custom mouse cursors
 - No overlapping elements — text never overlaps images or other content. Clean spatial separation always
 - No 3-column equal card layouts for features
 - No centered Hero sections (at this variance level)
 - No filler UI text: "Scroll to explore", "Swipe down", "Discover more below", scroll arrows, bouncing chevrons — all BANNED
 - No generic names: "John Doe", "Sarah Chan", "Acme", "Nexus", "SmartFlow"
 - No fake round numbers: `99.99%`, `50%`, `1234567` — use organic data: `47.2%`, `+1 (312) 847-1928`
 - No AI copywriting clichés: "Elevate", "Seamless", "Unleash", "Next-Gen", "Revolutionize"
 - No broken Unsplash links — use `picsum.photos/seed/{id}/800/600` or SVG UI Avatars
 - No generic `shadcn/ui` defaults — customize radii, colors, shadows to match this system
 - No `z-index` spam — use only for Navbar, Modal, Overlay layer contexts
 - No `h-screen` — always `min-h-[100dvh]`
 - No circular loading spinners — skeletal shimmer only
--- a/.agents/skills/stitch-design-taste/SKILL.md
+++ b/.agents/skills/stitch-design-taste/SKILL.md
@@ -0,0 +1,184 @@
 ---
 name: stitch-design-taste
 description: Semantic Design System Skill for Google Stitch. Generates agent-friendly DESIGN.md files that enforce premium, anti-generic UI standards — strict typography, calibrated color, asymmetric layouts, perpetual micro-motion, and hardware-accelerated performance.
 ---
 # Stitch Design Taste — Semantic Design System Skill
 ## Overview
 This skill generates `DESIGN.md` files optimized for Google Stitch screen generation. It translates the battle-tested anti-slop frontend engineering directives into Stitch's native semantic design language — descriptive, natural-language rules paired with precise values that Stitch's AI agent can interpret to produce premium, non-generic interfaces.
 The generated `DESIGN.md` serves as the **single source of truth** for prompting Stitch to generate new screens that align with a curated, high-agency design language. Stitch interprets design through **"Visual Descriptions"** supported by specific color values, typography specs, and component behaviors.
 ## Prerequisites
 - Access to Google Stitch via [labs.google.com/stitch](https://labs.google.com/stitch)
 - Optionally: Stitch MCP Server for programmatic integration with Cursor, Antigravity, or Gemini CLI
 ## The Goal
 Generate a `DESIGN.md` file that encodes:
 1. **Visual atmosphere** — the mood, density, and design philosophy
 2. **Color calibration** — neutrals, accents, and banned patterns with hex codes
 3. **Typographic architecture** — font stacks, scale hierarchy, and anti-patterns
 4. **Component behaviors** — buttons, cards, inputs with interaction states
 5. **Layout principles** — grid systems, spacing philosophy, responsive strategy
 6. **Motion philosophy** — animation engine specs, spring physics, perpetual micro-interactions
 7. **Anti-patterns** — explicit list of banned AI design clichés
 ## Analysis & Synthesis Instructions
 ### 1. Define the Atmosphere
 Evaluate the target project's intent. Use evocative adjectives from the taste spectrum:
 - **Density:** "Art Gallery Airy" (1–3) → "Daily App Balanced" (4–7) → "Cockpit Dense" (8–10)
 - **Variance:** "Predictable Symmetric" (1–3) → "Offset Asymmetric" (4–7) → "Artsy Chaotic" (8–10)
 - **Motion:** "Static Restrained" (1–3) → "Fluid CSS" (4–7) → "Cinematic Choreography" (8–10)
 Default baseline: Variance 8, Motion 6, Density 4. Adapt dynamically based on user's vibe description.
 ### 2. Map the Color Palette
 For each color provide: **Descriptive Name** + **Hex Code** + **Functional Role**.
 **Mandatory constraints:**
 - Maximum 1 accent color. Saturation below 80%
 - The "AI Purple/Blue Neon" aesthetic is strictly BANNED — no purple button glows, no neon gradients
 - Use absolute neutral bases (Zinc/Slate) with high-contrast singular accents
 - Stick to one palette for the entire output — no warm/cool gray fluctuation
 - Never use pure black (`#000000`) — use Off-Black, Zinc-950, or Charcoal
 ### 3. Establish Typography Rules
 - **Display/Headlines:** Track-tight, controlled scale. Not screaming. Hierarchy through weight and color, not just massive size
 - **Body:** Relaxed leading, max 65 characters per line
 - **Font Selection:** `Inter` is BANNED for premium/creative contexts. Force unique character: `Geist`, `Outfit`, `Cabinet Grotesk`, or `Satoshi`
 - **Serif Ban:** Generic serif fonts (`Times New Roman`, `Georgia`, `Garamond`, `Palatino`) are BANNED. If serif is needed for editorial/creative contexts, use only distinctive modern serifs: `Fraunces`, `Gambarino`, `Editorial New`, or `Instrument Serif`. Serif is always BANNED in dashboards or software UIs
 - **Dashboard Constraint:** Use Sans-Serif pairings exclusively (`Geist` + `Geist Mono` or `Satoshi` + `JetBrains Mono`)
 - **High-Density Override:** When density exceeds 7, all numbers must use Monospace
 ### 4. Define the Hero Section
 The Hero is the first impression and must be creative, striking, and never generic:
 - **Inline Image Typography:** Embed small, contextual photos or visuals directly between words or letters in the headline. Images sit inline at type-height, rounded, acting as visual punctuation. This is the signature creative technique
 - **No Overlapping:** Text must never overlap images or other text. Every element occupies its own clean spatial zone
 - **No Filler Text:** "Scroll to explore", "Swipe down", scroll arrow icons, bouncing chevrons are BANNED. The content should pull users in naturally
 - **Asymmetric Structure:** Centered Hero layouts BANNED when variance exceeds 4
 - **CTA Restraint:** Maximum one primary CTA. No secondary "Learn more" links
 ### 5. Describe Component Stylings
 For each component type, describe shape, color, shadow depth, and interaction behavior:
 - **Buttons:** Tactile push feedback on active state. No neon outer glows. No custom mouse cursors
 - **Cards:** Use ONLY when elevation communicates hierarchy. Tint shadows to background hue. For high-density layouts, replace cards with border-top dividers or negative space
 - **Inputs/Forms:** Label above input, helper text optional, error text below. Standard gap spacing
 - **Loading States:** Skeletal loaders matching layout dimensions — no generic circular spinners
 - **Empty States:** Composed compositions indicating how to populate data
 - **Error States:** Clear, inline error reporting
 ### 6. Define Layout Principles
 - No overlapping elements — every element occupies its own clear spatial zone. No absolute-positioned content stacking
 - Centered Hero sections are BANNED when variance exceeds 4 — force Split Screen, Left-Aligned, or Asymmetric Whitespace
 - The generic "3 equal cards horizontally" feature row is BANNED — use 2-column Zig-Zag, asymmetric grid, or horizontal scroll
 - CSS Grid over Flexbox math — never use `calc()` percentage hacks
 - Contain layouts using max-width constraints (e.g., 1400px centered)
 - Full-height sections must use `min-h-[100dvh]` — never `h-screen` (iOS Safari catastrophic jump)
 ### 7. Define Responsive Rules
 Every design must work across all viewports:
 - **Mobile-First Collapse (< 768px):** All multi-column layouts collapse to single column. No exceptions
 - **No Horizontal Scroll:** Horizontal overflow on mobile is a critical failure
 - **Typography Scaling:** Headlines scale via `clamp()`. Body text minimum `1rem`/`14px`
 - **Touch Targets:** All interactive elements minimum `44px` tap target
 - **Image Behavior:** Inline typography images (photos between words) stack below headline on mobile
 - **Navigation:** Desktop horizontal nav collapses to clean mobile menu
 - **Spacing:** Vertical section gaps reduce proportionally (`clamp(3rem, 8vw, 6rem)`)
 ### 8. Encode Motion Philosophy
 - **Spring Physics default:** `stiffness: 100, damping: 20` — premium, weighty feel. No linear easing
 - **Perpetual Micro-Interactions:** Every active component should have an infinite loop state (Pulse, Typewriter, Float, Shimmer)
 - **Staggered Orchestration:** Never mount lists instantly — use cascade delays for waterfall reveals
 - **Performance:** Animate exclusively via `transform` and `opacity`. Never animate `top`, `left`, `width`, `height`. Grain/noise filters on fixed pseudo-elements only
 ### 9. List Anti-Patterns (AI Tells)
 Encode these as explicit "NEVER DO" rules in the DESIGN.md:
 - No emojis anywhere
 - No `Inter` font
 - No generic serif fonts (`Times New Roman`, `Georgia`, `Garamond`) — distinctive modern serifs only if needed
 - No pure black (`#000000`)
 - No neon/outer glow shadows
 - No oversaturated accents
 - No excessive gradient text on large headers
 - No custom mouse cursors
 - No overlapping elements — clean spatial separation always
 - No 3-column equal card layouts
 - No generic names ("John Doe", "Acme", "Nexus")
 - No fake round numbers (`99.99%`, `50%`)
 - No AI copywriting clichés ("Elevate", "Seamless", "Unleash", "Next-Gen")
 - No filler UI text: "Scroll to explore", "Swipe down", scroll arrows, bouncing chevrons
 - No broken Unsplash links — use `picsum.photos` or SVG avatars
 - No centered Hero sections (for high-variance projects)
 ## Output Format (DESIGN.md Structure)
 ```markdown
 # Design System: [Project Title]
 ## 1. Visual Theme & Atmosphere
 (Evocative description of the mood, density, variance, and motion intensity.
 Example: "A restrained, gallery-airy interface with confident asymmetric layouts
 and fluid spring-physics motion. The atmosphere is clinical yet warm — like a
 well-lit architecture studio.")
 ## 2. Color Palette & Roles
 - **Canvas White** (#F9FAFB) — Primary background surface
 - **Pure Surface** (#FFFFFF) — Card and container fill
 - **Charcoal Ink** (#18181B) — Primary text, Zinc-950 depth
 - **Muted Steel** (#71717A) — Secondary text, descriptions, metadata
 - **Whisper Border** (rgba(226,232,240,0.5)) — Card borders, 1px structural lines
 - **[Accent Name]** (#XXXXXX) — Single accent for CTAs, active states, focus rings
 (Max 1 accent. Saturation < 80%. No purple/neon.)
 ## 3. Typography Rules
 - **Display:** [Font Name] — Track-tight, controlled scale, weight-driven hierarchy
 - **Body:** [Font Name] — Relaxed leading, 65ch max-width, neutral secondary color
 - **Mono:** [Font Name] — For code, metadata, timestamps, high-density numbers
 - **Banned:** Inter, generic system fonts for premium contexts. Serif fonts banned in dashboards.
 ## 4. Component Stylings
 * **Buttons:** Flat, no outer glow. Tactile -1px translate on active. Accent fill for primary, ghost/outline for secondary.
 * **Cards:** Generously rounded corners (2.5rem). Diffused whisper shadow. Used only when elevation serves hierarchy. High-density: replace with border-top dividers.
 * **Inputs:** Label above, error below. Focus ring in accent color. No floating labels.
 * **Loaders:** Skeletal shimmer matching exact layout dimensions. No circular spinners.
 * **Empty States:** Composed, illustrated compositions — not just "No data" text.
 ## 5. Layout Principles
 (Grid-first responsive architecture. Asymmetric splits for Hero sections.
 Strict single-column collapse below 768px. Max-width containment.
 No flexbox percentage math. Generous internal padding.)
 ## 6. Motion & Interaction
 (Spring physics for all interactive elements. Staggered cascade reveals.
 Perpetual micro-loops on active dashboard components. Hardware-accelerated
 transforms only. Isolated Client Components for CPU-heavy animations.)
 ## 7. Anti-Patterns (Banned)
 (Explicit list of forbidden patterns: no emojis, no Inter, no pure black,
 no neon glows, no 3-column equal grids, no AI copywriting clichés,
 no generic placeholder names, no broken image links.)
 ```
 ## Best Practices
 - **Be Descriptive:** "Deep Charcoal Ink (#18181B)" — not just "dark text"
 - **Be Functional:** Explain what each element is used for
 - **Be Consistent:** Same terminology throughout the document
 - **Be Precise:** Include exact hex codes, rem values, pixel values in parentheses
 - **Be Opinionated:** This is not a neutral template — it enforces a specific, premium aesthetic
 ## Tips for Success
 1. Start with the atmosphere — understand the vibe before detailing tokens
 2. Look for patterns — identify consistent spacing, sizing, and styling
 3. Think semantically — name colors by purpose, not just appearance
 4. Consider hierarchy — document how visual weight communicates importance
 5. Encode the bans — anti-patterns are as important as the rules themselves
 ## Common Pitfalls to Avoid
 - Using technical jargon without translation ("rounded-xl" instead of "generously rounded corners")
 - Omitting hex codes or using only descriptive names
 - Forgetting functional roles of design elements
 - Being too vague in atmosphere descriptions
 - Ignoring the anti-pattern list — these are what make the output premium
 - Defaulting to generic "safe" designs instead of enforcing the curated aesthetic
--- a/.env.example
+++ b/.env.example
@@ -3,3 +3,15 @@
 # When false: plain HTTP everywhere (only works on localhost)
 # Overrides server/data/variables.json for local development only
 SSL=true
 # --- Mobile push dispatch (signaling server) ---
 # Android FCM HTTP v1 (choose one)
 # FCM_SERVICE_ACCOUNT_PATH=/absolute/path/to/firebase-service-account.json
 # FCM_SERVICE_ACCOUNT_JSON={"type":"service_account","project_id":"..."}
 # iOS APNs HTTP/2 (.p8 key from Apple Developer)
 # APNS_KEY_PATH=/absolute/path/to/AuthKey_XXXXXXXXXX.p8
 # APNS_KEY_ID=XXXXXXXXXX
 # APNS_TEAM_ID=XXXXXXXXXX
 # APNS_BUNDLE_ID=com.metoyou.app
 # APNS_USE_SANDBOX=true
--- a/.gitea/workflows/build-android-apk.yml
+++ b/.gitea/workflows/build-android-apk.yml
@@ -0,0 +1,99 @@
 name: Build Android APK
 on:
  workflow_dispatch:
 jobs:
  build-android-apk:
    runs-on: ubuntu-latest
    container: node:22
    steps:
      - name: Checkout
        uses: https://github.com/actions/checkout@v4
      - name: Restore npm cache
        uses: https://github.com/actions/cache@v4
        with:
          path: /root/.npm
          key: npm-android-${{ hashFiles('package-lock.json') }}
          restore-keys: npm-android-
      - name: Restore Gradle cache
        uses: https://github.com/actions/cache@v4
        with:
          path: |
            /root/.gradle/caches
            /root/.gradle/wrapper
          key: gradle-android-${{ hashFiles('toju-app/android/**/*.gradle*', 'toju-app/android/gradle/wrapper/gradle-wrapper.properties') }}
          restore-keys: gradle-android-
      - name: Install Android build toolchain
        run: |
          apt-get update
          apt-get install -y --no-install-recommends wget unzip ca-certificates gnupg
          # node:22 is Debian Bookworm — openjdk-21-jdk is not in default repos.
          install -d /etc/apt/keyrings
          wget -qO - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/adoptium.gpg
          echo "deb [signed-by=/etc/apt/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" > /etc/apt/sources.list.d/adoptium.list
          apt-get update
          apt-get install -y --no-install-recommends temurin-21-jdk
          export ANDROID_SDK_ROOT=/opt/android-sdk
          mkdir -p "$ANDROID_SDK_ROOT/cmdline-tools"
          cd /tmp
          wget -q https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip
          unzip -q commandlinetools-linux-11076708_latest.zip
          mv cmdline-tools "$ANDROID_SDK_ROOT/cmdline-tools/latest"
          export PATH="$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools"
          yes | sdkmanager --licenses >/dev/null
          sdkmanager "platform-tools" "platforms;android-36" "build-tools;35.0.0"
          echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> "$GITHUB_ENV"
          echo "ANDROID_HOME=$ANDROID_SDK_ROOT" >> "$GITHUB_ENV"
          echo "JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64" >> "$GITHUB_ENV"
          echo "PATH=$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools" >> "$GITHUB_ENV"
      - name: Install dependencies
        env:
          NODE_ENV: development
        run: npm ci
      - name: Resolve release version
        id: version
        run: node tools/resolve-release-version.js --write-output
      - name: Ensure draft release exists
        id: release
        env:
          GITEA_RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
        run: >
          node tools/gitea-release.js ensure-draft
          --server-url "${{ github.server_url }}"
          --repository "${{ github.repository }}"
          --tag "${{ steps.version.outputs.release_tag }}"
          --target "${{ github.sha }}"
          --name "${{ steps.version.outputs.release_name }}"
          --body "Automated draft release from ${{ github.ref_name }} @ ${{ github.sha }}"
          --write-output
      - name: Build debug APK
        run: bash tools/build-android-apk.sh
      - name: Stage Android APK
        run: |
          mkdir -p dist-android
          cp toju-app/android/app/build/outputs/apk/debug/app-debug.apk \
            "dist-android/Toju-${{ steps.version.outputs.release_version }}-android-debug.apk"
      - name: Upload Android APK to draft release
        env:
          GITEA_RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
        run: >
          node tools/gitea-release.js upload-built-assets
          --server-url "${{ github.server_url }}"
          --repository "${{ github.repository }}"
          --release-id "${{ steps.release.outputs.release_id }}"
          --dist-android dist-android
--- a/.gitea/workflows/release-draft.yml
+++ b/.gitea/workflows/release-draft.yml
@@ -52,7 +52,7 @@ jobs:
        uses: https://github.com/actions/cache@v4
        with:
          path: /root/.npm
-          key: npm-linux-${{ hashFiles('package-lock.json', 'server/package-lock.json') }}
+          key: npm-linux-${{ hashFiles('package-lock.json', 'server/package-lock.json', 'docs-site/package-lock.json') }}
          restore-keys: npm-linux-
      - name: Restore Electron cache
@@ -71,6 +71,7 @@ jobs:
          apt-get update && apt-get install -y --no-install-recommends zip
          npm ci
          cd server && npm ci
          cd ../docs-site && npm ci
      - name: Set CI release version
        run: >
@@ -83,6 +84,7 @@ jobs:
          cd toju-app
          npx ng build --configuration production --base-href='./'
          cd ..
          npm run build:docs
          npx --package typescript tsc -p tsconfig.electron.json
          cd server
          node ../tools/sync-server-build-version.js
@@ -108,6 +110,87 @@ jobs:
          --dist-electron dist-electron
          --dist-server dist-server
  build-android:
    needs: prepare
    runs-on: ubuntu-latest
    container: node:22
    steps:
      - name: Checkout
        uses: https://github.com/actions/checkout@v4
      - name: Restore npm cache
        uses: https://github.com/actions/cache@v4
        with:
          path: /root/.npm
          key: npm-android-${{ hashFiles('package-lock.json') }}
          restore-keys: npm-android-
      - name: Restore Gradle cache
        uses: https://github.com/actions/cache@v4
        with:
          path: |
            /root/.gradle/caches
            /root/.gradle/wrapper
          key: gradle-android-${{ hashFiles('toju-app/android/**/*.gradle*', 'toju-app/android/gradle/wrapper/gradle-wrapper.properties') }}
          restore-keys: gradle-android-
      - name: Install Android build toolchain
        run: |
          apt-get update
          apt-get install -y --no-install-recommends wget unzip ca-certificates gnupg
          install -d /etc/apt/keyrings
          wget -qO - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor -o /etc/apt/keyrings/adoptium.gpg
          echo "deb [signed-by=/etc/apt/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" > /etc/apt/sources.list.d/adoptium.list
          apt-get update
          apt-get install -y --no-install-recommends temurin-21-jdk
          export ANDROID_SDK_ROOT=/opt/android-sdk
          mkdir -p "$ANDROID_SDK_ROOT/cmdline-tools"
          cd /tmp
          wget -q https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip
          unzip -q commandlinetools-linux-11076708_latest.zip
          mv cmdline-tools "$ANDROID_SDK_ROOT/cmdline-tools/latest"
          export PATH="$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools"
          yes | sdkmanager --licenses >/dev/null
          sdkmanager "platform-tools" "platforms;android-36" "build-tools;35.0.0"
          echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> "$GITHUB_ENV"
          echo "ANDROID_HOME=$ANDROID_SDK_ROOT" >> "$GITHUB_ENV"
          echo "JAVA_HOME=/usr/lib/jvm/temurin-21-jdk-amd64" >> "$GITHUB_ENV"
          echo "PATH=$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools" >> "$GITHUB_ENV"
      - name: Install dependencies
        env:
          NODE_ENV: development
        run: npm ci
      - name: Set CI release version
        run: >
          node tools/set-release-version.js
          --version "${{ needs.prepare.outputs.release_version }}"
      - name: Build debug APK
        run: bash tools/build-android-apk.sh
      - name: Stage Android APK
        run: |
          mkdir -p dist-android
          cp toju-app/android/app/build/outputs/apk/debug/app-debug.apk \
            "dist-android/Toju-${{ needs.prepare.outputs.release_version }}-android-debug.apk"
      - name: Upload Android APK
        env:
          GITEA_RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
        run: >
          node tools/gitea-release.js upload-built-assets
          --server-url "${{ github.server_url }}"
          --repository "${{ github.repository }}"
          --release-id "${{ needs.prepare.outputs.release_id }}"
          --dist-android dist-android
  build-windows:
    needs: prepare
    runs-on: windows
@@ -124,7 +207,7 @@ jobs:
        uses: https://github.com/actions/cache@v4
        with:
          path: ~/AppData/Local/npm-cache
-          key: npm-windows-${{ hashFiles('package-lock.json', 'server/package-lock.json') }}
+          key: npm-windows-${{ hashFiles('package-lock.json', 'server/package-lock.json', 'docs-site/package-lock.json') }}
          restore-keys: npm-windows-
      - name: Restore Electron cache
@@ -142,6 +225,7 @@ jobs:
        run: |
          npm ci
          npm ci --prefix server
          npm ci --prefix docs-site
      - name: Set CI release version
        run: >
@@ -154,6 +238,7 @@ jobs:
          Push-Location "toju-app"
          npx ng build --configuration production --base-href='./'
          Pop-Location
          npm run build:docs
          npx --package typescript tsc -p tsconfig.electron.json
          Push-Location server
          node ../tools/sync-server-build-version.js
@@ -194,6 +279,7 @@ jobs:
            Copy-Item -Path (Join-Path $projectRoot 'package.json') -Destination (Join-Path $electronBuilderWorkspace 'package.json') -Force
            Copy-Item -Path (Join-Path $projectRoot 'package-lock.json') -Destination (Join-Path $electronBuilderWorkspace 'package-lock.json') -Force
            Invoke-RoboCopy (Join-Path $projectRoot 'dist') (Join-Path $electronBuilderWorkspace 'dist')
            Invoke-RoboCopy (Join-Path $projectRoot 'docs-site/build') (Join-Path $electronBuilderWorkspace 'docs-site/build')
            Invoke-RoboCopy (Join-Path $projectRoot 'images') (Join-Path $electronBuilderWorkspace 'images')
            Invoke-RoboCopy (Join-Path $projectRoot 'node_modules') (Join-Path $electronBuilderWorkspace 'node_modules')
--- a/.gitignore
+++ b/.gitignore
@@ -16,6 +16,7 @@ yarn-error.log
 dist-electron
 node_modules/*
 *server/node_modules/*
 /docs-site/node_modules/
 .angular
 # IDEs and editors
 .idea/
@@ -39,6 +40,8 @@ node_modules/*
 .sass-cache/
 /connect.lock
 /coverage
 /docs-site/.docusaurus/
 /docs-site/build/
 /libpeerconnection.log
 testem.log
 /typings
@@ -56,7 +59,12 @@ Thumbs.db
 .env
 .certs/
 /server/data/variables.json
 /server/data/metoyou.sqlite
 dist-server/*
 AGENTS.md
 doc/**
 metoyou.sqlite*
 metoyou.sqlite
 vitest/
--- a/AGENTS.md
+++ b/AGENTS.md
@@ -0,0 +1,101 @@
 # AGENTS.md
 Read these files at the start of every session before doing any work:
 1. `agents-docs/AGENT_WORKFLOW.md` — workflow and operating rules
 2. `agents-docs/LESSONS.md` — durable rules learned from past corrections; apply any that match this session's work
 3. `agents-docs/AGENTS_FEATURES.md` — when and how to update feature docs
 4. `agents-docs/FEATURES.md` — feature index
 5. `agents-docs/ENGINEERING.md` — engineering standards
 6. `agents-docs/CONTEXT-MAP.md` — index of bounded contexts in this repo
 Reference on-demand (when the workflow triggers them — see `agents-docs/AGENT_WORKFLOW.md` §§ 4–5):
 - `agents-docs/AGENTS_CONTEXT.md` — contract for updating `CONTEXT.md` / `CONTEXT-MAP.md`
 - `agents-docs/AGENTS_ADRS.md` — contract for writing architecture decision records
 When working in a subdomain, also read its `CONTEXT.md` first:
 - Product client (Angular 21): `toju-app/CONTEXT.md`
 - Desktop shell (Electron main + preload): `electron/CONTEXT.md`
 - Signaling server (Express + WebSocket): `server/CONTEXT.md`
 - End-to-end tests (Playwright): `e2e/CONTEXT.md`
 - Marketing site (Angular 19): `website/CONTEXT.md`
 - Application documentation (Docusaurus): `docs-site/CONTEXT.md`
 ---
 MetoYou (also called Toju) is a desktop-first, P2P Discord-style chat application managed as an npm-workspaces monorepo. It bundles an Angular 21 product client, an Electron 39 desktop shell with TypeORM + sql.js for local persistence, a small Node/TypeScript Express signaling server with WebSocket-based realtime, a Playwright end-to-end suite, an Angular 19 marketing site, and a Docusaurus app/plugin documentation site that ships inside the Electron build. Voice and screen-share are WebRTC, with RNNoise denoising via a WASM audio worklet.
 ## CRITICAL — Non-negotiable rules for all agents
 ### Test-Driven Development (MANDATORY)
 **Write tests before implementation code.**
 When creating or changing anything:
 1. STOP — do not write implementation first
 2. Write failing tests (RED)
 3. Run tests and confirm failure (`npm run test` for the product client; `npm run test:e2e` for end-to-end; place spec files colocated with source, suffix `.spec.ts`)
 4. Write minimal code to pass tests (GREEN)
 5. Refactor while keeping tests green
 This applies to all code — Angular components and services, NgRx effects/reducers, Electron IPC handlers, server CQRS handlers, websocket message handlers, plugin runtime, and domain logic. If the code lives in a package without a configured test runner (server, website, docs-site), surface that gap before adding logic there.
 ### Lint correctness (MANDATORY)
 Before completing any task:
 1. Run `npm run lint` from the repo root (ESLint 9 flat config in `eslint.config.js` covers every package)
 2. Fix all errors
 3. Do not consider work complete until it exits with code 0
 ### Type / build correctness (MANDATORY)
 Type checks live in build scripts:
 - Product client (`toju-app/`): `npm run build` (Angular CLI runs `tsc` with strict settings)
 - Electron (`electron/`): `npm run build:electron` (invokes `tsc -p tsconfig.electron.json`)
 - Server (`server/`): `cd server && npm run build` (invokes `tsc`)
 If your change touches one of these packages, run the corresponding build and ensure it exits 0 before marking work complete.
 ## Most important rule
 After any change that affects API contracts, schemas, invariants, workflows, or major behavior: update the relevant `agents-docs/features/<slug>.md` as part of the same task — not as a follow-up. New feature area → create `agents-docs/features/<slug>.md` and add an entry to `agents-docs/FEATURES.md` (alphabetical).
 The product client already maintains per-domain READMEs under `toju-app/src/app/domains/<name>/README.md`. When the change is fully internal to one of those bounded contexts and its surface stays the same, the domain README is the right place to update; cross-context contracts (websocket envelopes, IPC channels, server routes, plugin manifests) belong in `agents-docs/features/`.
 ## Structure of further instructions
 - **Agent workflow & operating rules:** `agents-docs/AGENT_WORKFLOW.md`
 - **Agent lessons (durable cross-session rules):** `agents-docs/LESSONS.md`
 - **Engineering standards:** `agents-docs/ENGINEERING.md`
 - **Feature documentation contract:** `agents-docs/AGENTS_FEATURES.md`
 - **CONTEXT documentation contract:** `agents-docs/AGENTS_CONTEXT.md`
 - **ADR contract:** `agents-docs/AGENTS_ADRS.md`
 - **Feature index:** `agents-docs/FEATURES.md`
 - **Feature docs:** `agents-docs/features/`
 - **Architecture decisions:** `agents-docs/adr/`
 - **Context map:** `agents-docs/CONTEXT-MAP.md`
 - **Product-client domain:** `toju-app/CONTEXT.md`
 - **Desktop-shell domain:** `electron/CONTEXT.md`
 - **Server domain:** `server/CONTEXT.md`
 - **E2E suite domain:** `e2e/CONTEXT.md`
 - **Marketing-site domain:** `website/CONTEXT.md`
 - **App-docs domain:** `docs-site/CONTEXT.md`
 Keep this file minimal. Do not duplicate detailed rules here.
 ## Completion checklist
 Before marking work complete:
 - [ ] Tests written before implementation
 - [ ] All tests passing (`npm run test`, plus `npm run test:e2e` if behavior is user-visible)
 - [ ] `npm run lint` passes
 - [ ] Affected package builds: `npm run build` / `npm run build:electron` / `cd server && npm run build`
 - [ ] Naming conventions followed (kebab-case files; domain `*.rules.ts` / `*.model.ts` / `*.component.ts` suffixes)
 - [ ] Errors handled
 - [ ] Feature docs updated if contract/schema/invariant changed (see `agents-docs/AGENTS_FEATURES.md`)
 - [ ] `CONTEXT.md` updated if a domain term was resolved or introduced (see `agents-docs/AGENTS_CONTEXT.md`)
 - [ ] ADR written if a hard-to-reverse decision was made (see `agents-docs/AGENTS_ADRS.md`)
 - [ ] Lesson recorded in `agents-docs/LESSONS.md` if this session produced a correction, revert, or hidden constraint (see triggers in `agents-docs/AGENT_WORKFLOW.md`)
 - [ ] PR opened with summary and linked issues (`Fixes #<n>` / `Relates to #<n>`)
 - [ ] Gitea Workflows checks passing
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -0,0 +1 @@
 Read AGENTS.md at the root of this repository at the start of every session before doing any work. It links to all other agent instruction files.
--- a/README.md
+++ b/README.md
@@ -1,119 +1,92 @@
 <img src="./images/icon.png" width="100" height="100">
 # MetoYou / Toju
-# Toju / Zoracord
+MetoYou is a desktop-first chat stack managed as an npm monorepo. The repository contains the Angular 21 product client, the Electron desktop shell, the Node/TypeScript signaling server, the Playwright E2E suite, and the Angular 19 marketing website.
-Desktop chat app with four parts:
+## Packages
- `src/` Angular client
+| Path | Purpose | Docs |
- `electron/` desktop shell, IPC, and local database
+| --- | --- | --- |
- `server/` directory server, join request API, and websocket events
+| `toju-app/` | Angular 21 product client | [toju-app/README.md](toju-app/README.md) |
- `website/` Toju website served at toju.app
+| `electron/` | Electron main process, preload bridge, IPC, and desktop integrations | [electron/README.md](electron/README.md) |
 | `server/` | Signaling server, server-directory API, and websocket runtime | [server/README.md](server/README.md) |
 | `e2e/` | Playwright end-to-end coverage for the product client | [e2e/README.md](e2e/README.md) |
 | `website/` | Angular 19 marketing site served separately from the product client | [website/README.md](website/README.md) |
 | `docs-site/` | Docusaurus app and plugin documentation served by the Electron Local API | [docs-site/docs/intro.md](docs-site/docs/intro.md) |
 ## Install
-1. Run `npm install`
+1. Run `npm install` from the repository root.
-2. Run `cd server && npm install`
+2. Run `cd server && npm install` for the server package.
-3. Copy `.env.example` to `.env`
+3. If you need to work on the marketing site, run `cd website && npm install`.
 4. If you need to work on the Docusaurus docs, run `cd docs-site && npm install`.
 5. Copy `.env.example` to `.env`.
-## Config
+## Configuration
-Root `.env`:
+- Root `.env` controls local SSL with `SSL=true|false`.
 - The server also honors an optional `PORT` environment override at runtime.
 - When `SSL=true`, run `./generate-cert.sh` once or let `./dev.sh` generate local certificates on first launch.
 - `server/data/variables.json` stores `klipyApiKey`, `releaseManifestUrl`, `serverPort`, `serverProtocol`, `serverHost`, and `linkPreview`. The server normalizes this file on startup.
 - When `serverProtocol` is `https`, the certificates in `.certs/` must exist and match the configured host or IP.
- `SSL=true` uses HTTPS for Angular, the server, and Electron dev mode
+## Main Commands
 - `PORT=3001` changes the server port in local development and overrides the server app setting
-If `SSL=true`, run `./generate-cert.sh` once.
+- `npm run dev` starts the full desktop stack: server, product client, and Electron.
 - `npm run start` starts only the Angular product client in `toju-app/`.
 - `npm run electron:dev` starts the Angular product client and Electron together.
 - `npm run server:dev` starts only the server with reload.
 - `npm run build` builds the Angular product client to `dist/client`.
 - `npm run build:docs` builds the Docusaurus documentation site to `docs-site/build`.
 - `npm run build:electron` builds the Electron code to `dist/electron`.
 - `npm run build:all` builds the product client, Docusaurus docs, Electron, and server.
 - `npm run test` runs the product-client Vitest suite.
 - `npm run lint` runs ESLint across the repo.
 - `npm run lint:fix` formats Angular templates, sorts template properties, and applies ESLint fixes.
 - `npm run test:e2e`, `npm run test:e2e:ui`, `npm run test:e2e:debug`, and `npm run test:e2e:report` run the Playwright suite and report tooling.
-Server files:
+## Repository Map
 - `server/data/variables.json` holds `klipyApiKey`
 - `server/data/variables.json` also holds `releaseManifestUrl` for desktop auto updates
 - `server/data/variables.json` can now also hold optional `serverHost` (an IP address or hostname to bind to)
 - `server/data/variables.json` can now also hold `serverProtocol` (`http` or `https`)
 - `server/data/variables.json` can now also hold `serverPort` (1-65535)
 - When `serverProtocol` is `https`, the certificate must match the configured `serverHost` or IP
 ## Main commands
 - `npm run dev` starts Angular, the server, and Electron
 - `npm run electron:dev` starts Angular and Electron
 - `npm run server:dev` starts only the server
 - `npm run build` builds the Angular client
 - `npm run build:electron` builds the Electron code
 - `npm run build:all` builds client, Electron, and server
 - `npm run lint` runs ESLint
 - `npm run lint:fix` formats templates, sorts template props, and fixes lint issues
 - `npm run test` runs Angular tests
 ## Server project
 The code in `server/` is a small Node and TypeScript service.
 It handles the public server directory, join requests, websocket updates, and Klipy routes.
 Inside `server/`:
 - `npm run dev` starts the server with reload
 - `npm run build` compiles to `dist/`
 - `npm run start` runs the compiled server
 # Images
 <img src="./website/src/images/screenshots/gif.png" width="700" height="400">
 <img src="./website/src/images/screenshots/screenshare_gaming.png" width="700" height="400">
 ## Main Toju app Structure
 | Path | Description |
-|------|-------------|
+| --- | --- |
-| `src/app/` | Main application root |
+| `toju-app/src/app/domains/` | Product-client bounded contexts and domain facades |
-| `src/app/core/` | Core utilities, services, models |
+| `toju-app/src/app/infrastructure/` | Shared client-side technical runtime such as persistence and realtime |
-| `src/app/domains/` | Domain-driven modules |
+| `toju-app/src/app/shared-kernel/` | Cross-domain contracts shared inside the product client |
-| `src/app/features/` | UI feature modules |
+| `electron/` | Electron bootstrap, preload surface, IPC handlers, CQRS, and desktop adapters |
-| `src/app/infrastructure/` | Low-level infrastructure (DB, realtime, etc.) |
+| `server/src/` | Express app, websocket runtime, config, CQRS, and persistence layers |
-| `src/app/shared/` | Shared UI components |
+| `e2e/` | Playwright tests, helpers, fixtures, and page objects |
-| `src/app/shared-kernel/` | Shared domain contracts & models |
+| `website/src/` | Marketing-site pages, assets, and SSR entry points |
-| `src/app/store/` | Global state management |
+| `docs-site/` | Docusaurus source for Electron-hosted application and plugin documentation |
-| `src/assets/` | Static assets |
+| `tools/` | Build, release, formatting, and packaging scripts |
 | `src/environments/` | Environment configs |
---
+## Product Client Docs
-### Domains
+| Area | Docs |
 | --- | --- |
 | Domains index | [toju-app/src/app/domains/README.md](toju-app/src/app/domains/README.md) |
 | Access Control | [toju-app/src/app/domains/access-control/README.md](toju-app/src/app/domains/access-control/README.md) |
 | Attachment | [toju-app/src/app/domains/attachment/README.md](toju-app/src/app/domains/attachment/README.md) |
 | Authentication | [toju-app/src/app/domains/authentication/README.md](toju-app/src/app/domains/authentication/README.md) |
 | Chat | [toju-app/src/app/domains/chat/README.md](toju-app/src/app/domains/chat/README.md) |
 | Notifications | [toju-app/src/app/domains/notifications/README.md](toju-app/src/app/domains/notifications/README.md) |
 | Profile Avatar | [toju-app/src/app/domains/profile-avatar/README.md](toju-app/src/app/domains/profile-avatar/README.md) |
 | Screen Share | [toju-app/src/app/domains/screen-share/README.md](toju-app/src/app/domains/screen-share/README.md) |
 | Server Directory | [toju-app/src/app/domains/server-directory/README.md](toju-app/src/app/domains/server-directory/README.md) |
 | Theme | [toju-app/src/app/domains/theme/README.md](toju-app/src/app/domains/theme/README.md) |
 | Voice Connection | [toju-app/src/app/domains/voice-connection/README.md](toju-app/src/app/domains/voice-connection/README.md) |
 | Voice Session | [toju-app/src/app/domains/voice-session/README.md](toju-app/src/app/domains/voice-session/README.md) |
 | Persistence | [toju-app/src/app/infrastructure/persistence/README.md](toju-app/src/app/infrastructure/persistence/README.md) |
 | Realtime | [toju-app/src/app/infrastructure/realtime/README.md](toju-app/src/app/infrastructure/realtime/README.md) |
 | Shared Kernel | [toju-app/src/app/shared-kernel/README.md](toju-app/src/app/shared-kernel/README.md) |
-| Path | Link |
+## Supporting Docs
 |------|------|
 | Attachment | [app/domains/attachment/README.md](src/app/domains/attachment/README.md) |
 | Auth | [app/domains/auth/README.md](src/app/domains/auth/README.md) |
 | Chat | [app/domains/chat/README.md](src/app/domains/chat/README.md) |
 | Screen Share | [app/domains/screen-share/README.md](src/app/domains/screen-share/README.md) |
 | Server Directory | [app/domains/server-directory/README.md](src/app/domains/server-directory/README.md) |
 | Voice Connection | [app/domains/voice-connection/README.md](src/app/domains/voice-connection/README.md) |
 | Voice Session | [app/domains/voice-session/README.md](src/app/domains/voice-session/README.md) |
 | Domains Root | [app/domains/README.md](src/app/domains/README.md) |
---
+- [doc/monorepo.md](doc/monorepo.md)
 - [doc/typescript.md](doc/typescript.md)
 - [docs/architecture.md](docs/architecture.md)
-### Infrastructure
+## Screenshots
-| Path | Link |
+<img src="./website/src/images/screenshots/gif.png" width="700" height="400">
-|------|------|
+<img src="./website/src/images/screenshots/screenshare_gaming.png" width="700" height="400">
 | Persistence | [src/app/infrastructure/persistence/README.md](src/app/infrastructure/persistence/README.md) |
 | Realtime | [src/app/infrastructure/realtime/README.md](src/app/infrastructure/realtime/README.md) |
 ---
 ### Shared Kernel
 | Path | Link |
 |------|------|
 | Shared Kernel | [src/app/shared-kernel/README.md](src/app/shared-kernel/README.md) |
 ---
 ### Entry Points
 | File | Link |
 |------|------|
 | Main | [main.ts](src/main.ts) |
 | Index HTML | [index.html](src/index.html) |
 | App Root | [app/app.ts](src/app/app.ts) |
--- a/agents-docs/AGENTS_ADRS.md
+++ b/agents-docs/AGENTS_ADRS.md
@@ -0,0 +1,89 @@
 # Agent Instructions: Architecture Decision Records (ADRs)
 Architectural decisions live in **`agents-docs/adr/`** as numbered Markdown files (`NNNN-slug.md`).
 This document defines how agents must detect, document, and maintain architectural decisions as the codebase grows.
 > This file is part of the agent instruction infrastructure.
 > Do NOT create, delete, or modify this file unless explicitly instructed.
 ---
 ## What an ADR is
 A short record of an architectural decision that future engineers (and agents) will need context for. The format is Nygard short form:
 - Title and number (`ADR-NNNN: <slug>`).
 - Required: 1–3 sentences each covering **Context** (why this came up), **Decision** (what was chosen), and **Rationale** (why this option over alternatives).
 - Conventional: `Status` (usually `Accepted` for new ADRs; `Superseded by ADR-MMMM` once overturned).
 - Optional: `Considered Options`, `Consequences` — add only when they genuinely help. Most ADRs won't need them.
 See `agents-docs/adr/0001-record-architectural-decisions.md` for the canonical example — a minimal four-section ADR that matches the typical shape.
 The value is in recording **that a decision was made** and **why** — not in completing formal sections.
 ---
 ## ADR Contract (MANDATORY)
 ### When to write an ADR
 The canonical criteria — the 3-criteria gate — live in `agents-docs/AGENT_WORKFLOW.md` § 5 ADR upkeep. Read those before writing. In short: write an ADR only when the decision is **hard to reverse**, **surprising without context**, and the **result of genuine trade-offs**. If any of the three is missing, don't.
 Suitable topics: architectural patterns, integration approaches, significant technology selections, scope boundaries, intentional deviations from standard practices, non-obvious rejections of alternatives.
 ### Read before crossing decision boundaries
 Before non-trivial changes in an area, scan `agents-docs/adr/` for decisions that touch it. If your work would contradict an existing ADR:
 - **Surface it explicitly**, don't silently override. Phrase it as: "_Contradicts ADR-NNNN (slug) — but worth reopening because…_"
 - If the contradiction is intentional, write a new ADR that supersedes the old one (see below).
 ### Write the ADR in the same turn as the decision
 When the 3-criteria gate is met, write the ADR before reporting the task done. The `AGENTS.md` completion checklist has a line for this; don't tick the box without it.
 ### Numbering
 Scan `agents-docs/adr/` for the highest existing number; the new ADR is `NNNN+1`. Use 4-digit zero-padded numbers (`0001`, `0002`, …).
 Slugs are kebab-case and describe the decision concisely: `0042-postgres-for-write-model.md`, `0043-event-sourced-orders.md`.
 ### Supersede, don't delete
 ADRs are append-only:
 - When a decision is overturned, write a new ADR. The old one stays.
 - Add `Superseded by ADR-NNNN` near the top of the old ADR.
 - Add `Supersedes ADR-MMMM` near the top of the new one.
 - Never delete or rewrite history.
 ---
 ## Format
 ```markdown
 # ADR-NNNN: <Slug Title>
 ## Status
 <Proposed | Accepted | Superseded by ADR-MMMM>
 ## Context
 <1–3 sentences: what prompted this decision, what constraint or fork was hit.>
 ## Decision
 <1–3 sentences: what was chosen, plainly stated.>
 ## Rationale
 <1–3 sentences: why this option over the alternatives.>
 <!-- Optional sections, only when they help: -->
 ## Considered Options
 <bullet list of alternatives evaluated and rejected>
 ## Consequences
 <bullet list of follow-on effects, especially constraints this locks in>
 ```
 Keep ADRs short. Three sentences per section beats three paragraphs.
--- a/agents-docs/AGENTS_CONTEXT.md
+++ b/agents-docs/AGENTS_CONTEXT.md
@@ -0,0 +1,81 @@
 # Agent Instructions: CONTEXT.md & CONTEXT-MAP.md
 Domain documentation lives in **`CONTEXT.md`** files co-located with the code they describe:
 - **Single-context repo:** one `CONTEXT.md` at the root (or at the top of the single subdomain).
 - **Multi-context repo:** one `CONTEXT.md` per subdomain (e.g. `src/CONTEXT.md`, `frontend/CONTEXT.md`), indexed by `agents-docs/CONTEXT-MAP.md`.
 This document defines how agents must detect, document, and maintain domain knowledge as the codebase grows.
 > This file is part of the agent instruction infrastructure.
 > Do NOT create, delete, or modify this file unless explicitly instructed.
 ---
 ## What `CONTEXT.md` is for
 A subdomain's `CONTEXT.md` is a **domain artefact**, not an agent-rule file. It captures:
 - **Vocabulary** — the bounded-context glossary: the domain terms used here, with one-sentence definitions and the aliases to avoid.
 - **Relationships** — how the domain terms connect (cardinality, ownership).
 - **Boundaries / IO** — what this subdomain exposes externally and consumes from other subdomains.
 - **Invariants** — rules that always hold within this subdomain.
 - **Flagged ambiguities** — terms still in dispute, with proposed resolutions.
 Agent-procedural rules (TDD, typecheck, formatter) live in `/AGENTS.md` and `agents-docs/ENGINEERING.md` — never in `CONTEXT.md`.
 Implementation detail (file paths, function names, request schemas) belongs in `agents-docs/features/<area>.md` — never in `CONTEXT.md`.
 ## What `CONTEXT-MAP.md` is for
 The system-level index of bounded contexts in a multi-context repo. One row per subdomain — name, one-line purpose, public surface, link to its `CONTEXT.md`. Plus relationships between contexts (upstream/downstream, shared types, events).
 Only exists when ≥2 subdomains have their own `CONTEXT.md`. Single-context repos skip it.
 ---
 ## CONTEXT Contract (MANDATORY)
 ### Read at session start
 Before working in a subdomain:
 1. Read that subdomain's `CONTEXT.md`. If `agents-docs/CONTEXT-MAP.md` exists, start there to locate the right one.
 2. If your change couples two subdomains (shared types, cross-context events), read both `CONTEXT.md`s.
 3. Skip files that don't exist. **Proceed silently** — don't flag absence; producer triggers create them lazily.
 ### Use the vocabulary verbatim
 When your output names a domain concept — in an issue title, a refactor proposal, a hypothesis, a test name, a variable name, an error message — use the term as defined in `CONTEXT.md`. Don't drift to synonyms the glossary explicitly avoids.
 ### Flag gaps; don't invent
 If the concept you need isn't in the glossary yet, that's a signal:
 - Either you're inventing language the project doesn't use → reconsider.
 - Or there's a real gap → add it (see triggers below). Don't silently coin a new term.
 ### Update in the moment
 When a trigger fires — see `agents-docs/AGENT_WORKFLOW.md` § 4 CONTEXT.md upkeep for the canonical trigger list — update the relevant `CONTEXT.md` in the same turn, before reporting work done. The triggers cover term resolutions, user corrections to terminology, new concepts introduced by features, and self-caught synonym invention.
 ### Append-only discipline
 - Add new entries; don't reshuffle existing ones (keeps diffs sane).
 - If a term changes meaning, supersede it with a clarifying entry — don't silently rewrite history.
 - If `Flagged ambiguities` gets resolved, move the resolution into the main vocabulary table and remove the flag.
 ### Multi-context: keep the map current
 When adding a new subdomain `CONTEXT.md`, add a row to `agents-docs/CONTEXT-MAP.md` in the same task. When the public surface or upstream/downstream relationships change, update the map.
 ---
 ## Format
 The format of an entry is documented at the top of each `CONTEXT.md` so it self-describes. Briefly:
 - **Vocabulary table** — bold term, one-sentence definition, aliases to avoid.
 - **Relationships** — bullet list using bold terms and cardinality ("A **TermA** belongs to exactly one **TermB**").
 - **Boundaries / IO** — `Exposes:` and `Consumes:` bullets.
 - **Invariants** — bullet list of constraints that always hold.
 - **Flagged ambiguities** — terms still in dispute, with proposed resolutions.
--- a/agents-docs/AGENTS_FEATURES.md
+++ b/agents-docs/AGENTS_FEATURES.md
@@ -0,0 +1,79 @@
 # Agent Instructions: Feature Areas & Documentation
 All feature documentation lives under **`agents-docs/features/`**:
 - **Area-level docs** (`agents-docs/features/<area>.md`): concept-first overview of a feature area — responsibilities, boundaries, key concepts.
 - **Per-service docs** (`agents-docs/features/<area>/<service>.md`): API contracts, request/response schemas, implementation details, changelogs.
 This document defines how agents must detect, document, and maintain feature knowledge as the codebase grows.
 > This file is part of the agent instruction infrastructure.
 > Do NOT create, delete, or modify this file unless explicitly instructed.
 ---
 ## What is a feature area?
 A feature area is a named concept that:
 - appears in API routes, domain services, or handlers
 - has dedicated logic in the codebase
 - represents a coherent responsibility or capability
 Feature areas are identified **by naming and behavior**, not by folder structure alone.
 ---
 ## Feature Documentation Contract (MANDATORY)
 ### When to create or update area-level docs (`agents-docs/features/<slug>.md`)
 - New feature area introduced → create `agents-docs/features/<slug>.md` and add to `agents-docs/FEATURES.md` (alphabetical).
 - Changes to **responsibilities, boundaries, workflows, or high-level behavior** → update the relevant area doc in the same task.
 ### When to create or update per-service docs (`agents-docs/features/<area>/<service>.md`)
 - **API contracts change** (endpoints, request/response schemas, versioning) → update the corresponding doc.
 - **New API or capability** → create a per-service doc and link it from the area doc.
 - **Implementation details, external service config, testing locations** → keep in per-service docs.
 ### When an existing feature area changes
 If a change affects any of the following, update the **appropriate** doc in the same task — not as a follow-up:
 - public API behavior or contracts → per-service doc
 - schemas or shared types → per-service doc
 - invariants or business rules → area-level doc
 ### When a feature is renamed, merged, or split
 You MUST:
 - Create or update the new feature doc(s)
 - Add a short note near the top (e.g. "Renamed from …" or "Merged from …")
 - Update `agents-docs/FEATURES.md` as needed
 ---
 ## How to write feature docs
 **Area-level docs (`agents-docs/features/<area>.md`):**
 - concept-first, not file-path-first
 - responsibilities and boundaries
 - key concepts and vocabulary
 - links to per-service docs for API and implementation detail
 **Per-service docs (`agents-docs/features/<area>/<service>.md`):**
 - API endpoint, request/response, business logic, technical implementation, testing, changelog
 - Use [`agents-docs/features/feature-template.md`](./features/feature-template.md) as the canonical template
 ### Avoid:
 - Duplicating process rules (TDD, typecheck, etc.) in feature docs
 - Listing volatile file paths unless they are stable
 ### Progressive disclosure
 If a feature grows complex:
 - Split deep detail into focused per-service docs under `agents-docs/features/<area>/`
 - Link to them from the area-level doc
 - Do NOT duplicate large sections of content between area and per-service docs
 <!-- If you're reading this, you owe Olof a coffee. -->
--- a/agents-docs/AGENT_WORKFLOW.md
+++ b/agents-docs/AGENT_WORKFLOW.md
@@ -0,0 +1,110 @@
 # Agent Workflow & Operating Instructions
 These rules apply to **all AI agents** working on this project, regardless of platform or model.
 Read this file at the start of every session.
 ---
 ## Workflow Orchestration
 ### 1. Plan Mode Default
 - Enter plan mode for ANY non-trivial task (3+ steps or architectural decisions)
 - If something goes sideways, STOP and re-plan immediately — don't keep pushing
 - Use plan mode for verification steps, not just building
 - Write detailed specs upfront to reduce ambiguity
 ### 2. Subagent Strategy
 - Use subagents liberally to keep the main context window clean
 - Offload research, exploration, and parallel analysis to subagents
 - For complex problems, throw more compute at it via subagents
 - One task per subagent for focused execution
 ### 3. Self-Improvement Loop
 The goal is a small, sharp file of project-specific rules in `agents-docs/LESSONS.md` that future sessions read and apply. The format of a lesson is defined at the top of `agents-docs/LESSONS.md` — read it before writing one.
 **Read at session start.** Open `agents-docs/LESSONS.md` and apply any rules that match the work you're about to do. This is non-optional; the file exists so the same mistake isn't made twice.
 **Triggers — record a lesson when any of these happen.** Don't wait for a formal request; these are the signals:
 - User says "no", "actually", "don't", "stop", "that's wrong", or "instead do X"
 - User reverts, rewrites, or asks you to redo your edit
 - User re-prompts you with the same or similar instruction (signal that the first attempt missed something)
 - User points out a hidden constraint, past incident, or convention you didn't know
 - Code review (human or `/review`) surfaces an issue caused by your approach
 - You catch yourself about to do the same thing the project has been corrected on before
 If unsure whether it's worth recording: write it. Sharper is better than missing, and grooming the file is cheap.
 **Write before reporting done.** A session that produced a correction must produce a lesson — record it in the same turn the work is completed, not "later". The `AGENTS.md` completion checklist has a line for this; don't tick the box without it.
 **Groom periodically.** When `agents-docs/LESSONS.md` passes ~20 entries, propose consolidations to the user — merge duplicates, delete rules that no longer apply, shorten anything vague.
 ### 4. CONTEXT.md upkeep
 Read `CONTEXT.md` (or `agents-docs/CONTEXT-MAP.md` → per-subdomain `CONTEXT.md`) when working in a subdomain. Use its vocabulary verbatim **where defined** in code, tests, issues, and commits. If a needed term isn't in the glossary, treat it as a trigger (see below) rather than silently inventing a synonym; the full contract lives in `agents-docs/AGENTS_CONTEXT.md`.
 **Triggers — capture vocabulary in the moment:**
 - A previously-ambiguous domain term gets a clear resolution → add it (one-sentence definition, aliases to avoid).
 - User corrects your terminology → record the correct term; mark the wrong one as an alias to avoid.
 - A new feature introduces a concept absent from the glossary → add it before claiming the feature done.
 - You catch yourself inventing a synonym because the right term isn't there → flag the gap; don't silently coin a new term.
 **Write before reporting done.** Update the relevant `CONTEXT.md` in the same turn the trigger fires. Append-only — add new entries, don't reshuffle existing ones. The format is documented at the top of each `CONTEXT.md`. See `agents-docs/AGENTS_CONTEXT.md` for the full contract.
 ### 5. ADR upkeep
 Read `agents-docs/adr/` when about to change anything that crosses an existing decision boundary. If your work would contradict an ADR, surface it explicitly — never silently override.
 **Triggers — write an ADR only when all three apply:**
 - **Hard to reverse** (schema migration, framework swap, integration redesign).
 - **Surprising without context** (future engineers will question the approach).
 - **Result of genuine trade-offs** (real alternatives existed and you chose deliberately).
 If all three apply: write the ADR in the same turn as the decision. Next number (4-digit zero-padded), kebab-case slug, Nygard short form — see `agents-docs/adr/0001-record-architectural-decisions.md` for the canonical example and `agents-docs/AGENTS_ADRS.md` for the contract. If any of the three is missing: don't write one.
 **Supersede, don't delete.** Overturned decisions get a new ADR; the old one stays with a `Superseded by ADR-NNNN` note.
 ### 6. Verification Before Done
 - Never mark a task complete without proving it works
 - Diff behavior between main and your changes when relevant
 - Ask yourself: "Would a staff engineer approve this?"
 - Run tests, check logs, demonstrate correctness
 ### 7. Demand Elegance (Balanced)
 - For non-trivial changes: pause and ask "is there a more elegant way?"
 - If a fix feels hacky: "Knowing everything I know now, implement the elegant solution"
 - Skip this for simple, obvious fixes — don't over-engineer
 - Challenge your own work before presenting it
 ### 8. Autonomous Bug Fixing
 - When given a bug report: just fix it. Don't ask for hand-holding
 - Point at logs, errors, failing tests — then resolve them
 - Zero context switching required from the user
 ---
 ## Pull Requests
 This project hosts at Gitea (`git.azaaxin.com/myxelium/Toju`). Gitea PRs and issues use GitHub-style syntax.
 - Create a feature branch for every change: `<type>/<short-description>` (e.g. `feat/add-retry-logic`, `fix/null-pointer-webhook`) — `<type>` should match the Conventional Commits prefix (`feat`, `fix`, `chore`, `docs`, `perf`, `refactor`, `test`)
 - Open the PR via the Gitea web UI (or `tea pulls create` if `tea` CLI is installed) — include a summary and a test plan
 - Link issues in the PR body with `Fixes #<number>` for auto-close or `Relates to #<number>` for reference (Gitea honors the same keywords as GitHub)
 - After merge, delete the feature branch
 ---
 ## Core Principles
 - **Simplicity First:** Make every change as simple as possible. Impact minimal code.
 - **No Laziness:** Find root causes. No temporary fixes. Senior developer standards.
 - **Minimal Impact:** Changes should only touch what's necessary. Avoid introducing bugs.
--- a/agents-docs/CONTEXT-MAP.md
+++ b/agents-docs/CONTEXT-MAP.md
@@ -0,0 +1,30 @@
 # Context Map
 Bounded contexts in this system. Before working in a subdomain, read its `CONTEXT.md`. See `agents-docs/AGENTS_CONTEXT.md` for the contract.
 ## Contexts
 | Context | Purpose | Public surface | CONTEXT.md |
 |---------|---------|----------------|------------|
 | **toju-app** | Angular 21 product client — UI, NgRx state, per-domain rules and services for chat, voice, screen-share, plugins, theming | Window-hosted Angular bundle; consumes Electron `window.api` (preload bridge) and the server WebSocket; serves the user-facing experience | `toju-app/CONTEXT.md` |
 | **electron** | Desktop shell — main process, preload bridge, IPC handlers, local SQLite persistence, plugin sandbox, OS integrations | `window.api.*` surface exposed to the renderer via the preload; main-process IPC channel names; CQRS handlers; TypeORM entities in `electron/entities/` | `electron/CONTEXT.md` |
 | **server** | Signaling server — REST routes for server directory + auth, WebSocket realtime, CQRS handlers, TypeORM persistence | HTTP routes under `server/src/routes/`; WebSocket envelopes under `server/src/websocket/`; server-directory API | `server/CONTEXT.md` |
 | **e2e** | Playwright suite — end-to-end coverage of the product client running against a real Electron build and signaling server | No public surface — observer/verifier of the system | `e2e/CONTEXT.md` |
 | **website** | Angular 19 marketing site — public-facing landing pages, screenshots, download links | Static SSR/CSR bundle deployed independently of the product app | `website/CONTEXT.md` |
 | **docs-site** | Docusaurus app — application and plugin author documentation served by the Electron Local API | Static bundle at `docs-site/build/`, mounted by Electron's local HTTP server for in-app docs | `docs-site/CONTEXT.md` |
 ## Relationships
 - **toju-app** is downstream of **electron** via the `window.api` preload bridge. The renderer cannot reach Node, the filesystem, or SQLite directly — every privileged operation goes through an IPC channel defined in `electron/`.
 - **toju-app** is downstream of **server** via the WebSocket envelope contract and the REST server-directory API. Envelope shape changes require coordinated edits to both sides.
 - **electron** owns the **local** persistence layer (per-user TypeORM + sql.js database). **server** owns the **shared** persistence layer (signaling state, server-directory entries, auth artifacts). They do not share entities — the wire format is the contract.
 - **electron** hosts **docs-site** at runtime: the Local API server inside the desktop app mounts the prebuilt Docusaurus bundle so plugin authors and end users can browse docs offline. Building docs-site is a prerequisite of `npm run build:all`.
 - **e2e** depends on **toju-app**, **electron**, and **server** simultaneously — tests boot the full desktop stack against a real signaling server. Treat E2E as the integration boundary that proves the contracts above are aligned.
 - **website** is independent of the runtime stack. It shares no code or schemas with the product app; it links out to release artifacts produced by Gitea Workflows.
 - **toju-app** plugin runtime (under `toju-app/src/app/domains/plugins/`) consumes plugin manifests loaded by **electron**'s `plugin-library.ts`. The manifest schema is a third coupling axis between the two contexts.
 ## Rules for agents
 - Add a row when a new subdomain gains its own `CONTEXT.md`.
 - Update the public surface or relationships when they change.
 - Keep this file scannable — one row per context, terse purpose strings.
--- a/agents-docs/ENGINEERING.md
+++ b/agents-docs/ENGINEERING.md
@@ -0,0 +1,224 @@
 # Engineering Standards & Workflows
 This document defines shared engineering practices for **MetoYou / Toju**.
 ---
 ## Root README.md policy
 `README.md` exists to answer:
 - what this repo is
 - how to run it locally
 - where to find canonical documentation
 Agents should update `README.md` when dev commands change, ports or startup steps change, or links to docs move.
 Agents should **not** describe feature behavior, list API endpoints, or include request/response schemas. Canonical documentation lives under `agents-docs/` and (for product-client bounded contexts) under `toju-app/src/app/domains/<name>/README.md`.
 ---
 ## Testing standards
 This repo runs two test stacks. Choose by what you're verifying.
 ### Unit / component tests — Vitest
 - **Framework:** Vitest 4.x
 - **Where it runs:** the Angular product client (`toju-app/`) and any package that imports `@toju-app/*` modules; Electron has colocated `*.spec.ts` files that are wired through the same root Vitest config.
 - **Test suffix:** `*.spec.ts`
 - **Location:** colocated with source (`message-rules.ts` ↔ `message-rules.spec.ts`)
 - **Run all:** `npm run test` (from repo root — runs `cd toju-app && vitest run`)
 - **Watch:** `cd toju-app && npx vitest`
 - **Single file:** `cd toju-app && npx vitest run <relative-path>`
 - **Setup file:** `toju-app/src/test-setup.ts`
 The server package does not currently have a test runner script — there is one colocated spec (`server/src/websocket/handler-plugin.spec.ts`) but no `test` script in `server/package.json`. If you add server-side tests, wire a `test` script and update this section.
 ### End-to-end — Playwright
 - **Framework:** Playwright 1.59
 - **Location:** `e2e/tests/` organized by feature area (`voice/`, `chat/`, `screen-share/`, `settings/`, `auth/`)
 - **Run:** `npm run test:e2e` (headless), `npm run test:e2e:ui`, `npm run test:e2e:debug`
 - **Report:** `npm run test:e2e:report` (serves `test-results/html-report`)
 - **Fixtures & page objects** live in `e2e/` alongside `tests/`
 E2E tests exercise the real Electron app against the real signaling server. The `.agents/skills/playwright-e2e/SKILL.md` describes the convention this repo uses for E2E test design — read it before adding new tests.
 ### TDD discipline
 Write the failing test first. Run it, watch it fail, then write the smallest code that makes it pass. This rule is non-negotiable (see `/AGENTS.md` § CRITICAL).
 Integration / cross-package work that needs a real database can rely on Electron's TypeORM + sql.js setup (in-memory by default) — no Testcontainers required.
 ---
 ## TypeScript standards
 - Strict mode is enabled across all packages
 - Avoid `any` unless absolutely necessary; document why if used
 - Prettier (`.prettierrc.json`: `printWidth: 150`, single quotes, no trailing commas) handles formatting of Angular HTML templates only — ESLint stylistic rules handle TypeScript/JavaScript formatting
 - Angular CLI / `tsc -p tsconfig.electron.json` / `cd server && tsc` perform the actual type checks; there is no single repo-wide `typecheck` script
 - The repository uses npm workspaces (`npm@10.9.2`); cross-package imports go through workspace package names, not relative `../../` paths
 ---
 ## Naming conventions
 Files and folders are predominantly **kebab-case**, with a few well-established suffixes:
 - Angular components: `chat-messages.component.ts`, `user-list.component.html`, `*.component.scss`
 - Angular services: `link-metadata.service.ts`
 - Angular directives: `chat-image-proxy-fallback.directive.ts`
 - Domain rules (pure functions): `message.rules.ts`, `link-embed.rules.ts`
 - Domain models: `chat-messages.model.ts`
 - NgRx slices: `chat.actions.ts`, `chat.reducer.ts`, `chat.effects.ts`, `chat.selectors.ts`
 - CQRS handlers (server and electron): `registerUser.ts`, `deleteServer.ts`, `upsertServer.ts` — **camelCase** for handler files (mirrors the command/query name)
 - Test files: `<name>.spec.ts` (Vitest), `<feature>.spec.ts` (Playwright)
 - Migrations (TypeORM): `<timestamp>-<name>.ts` in `electron/migrations/` and `server/migrations/`
 Types, interfaces, classes, and Angular component classes: `PascalCase`. Functions, variables, NgRx action props: `camelCase`. Constants: `SCREAMING_SNAKE_CASE`.
 When in doubt, mimic the closest existing file in the same folder.
 ---
 ## Error handling
 - Use typed errors. Never `throw 'string literal'`
 - Never swallow errors silently — at minimum, log with enough context to find the call site
 - Centralize cross-cutting error handling: Express error middleware on the server, NgRx effect `catchError` in the product client, and IPC error envelopes in Electron handlers
 - Surfacing errors to the user is a UX concern — degrade gracefully (toast, retry button, offline banner) rather than crashing the renderer
 ---
 ## Database guidelines
 Persistence uses **TypeORM 0.3** with **sql.js / SQLite** in both the Electron desktop shell and the signaling server.
 - **Electron data source:** `electron/data-source.ts` — entities in `electron/entities/`, migrations in `electron/migrations/`
 - **Server data source:** wired up under `server/src/db/` — entities in `server/src/entities/`, migrations in `server/src/migrations/`
 - Always write a migration for schema changes. Generate with `npm run migration:generate` (Electron) or the equivalent inside `server/`
 - Run pending migrations: `npm run migration:run` (Electron)
 - Never edit a migration after it has shipped — write a new one
 - Entity classes use TypeORM decorators; keep persistence concerns out of domain `*.rules.ts` files
 - Schema changes are usually **hard to reverse** and **surprising without context** — see `agents-docs/AGENTS_ADRS.md` for when to also write an ADR
 ---
 ## Realtime, IPC, and plugins
 These are the three cross-context contracts that change most often. Treat each as a public contract that requires `agents-docs/features/` updates when it changes:
 - **WebSocket messages** between client and server — schemas live under `server/src/websocket/` and `toju-app/src/app/infrastructure/realtime/`
 - **IPC channels** between Electron preload and renderer — surface defined in `electron/preload.ts` and the `api/` directory
 - **Plugin manifests** consumed by `electron/plugin-library.ts` — the runtime contract that third-party plugins depend on
 Behavioral changes to any of these qualify as a feature-doc update under the rule in `/AGENTS.md`.
 ---
 ## CI/CD
 - CI runs on **Gitea Workflows** (a GitHub Actions–compatible runner) — workflow files in `.gitea/workflows/`:
  - `release-draft.yml` — queues release builds on push to `main` / `master`
  - `publish-draft-release.yml` — publishes draft releases
  - `deploy-web-apps.yml` — deploys the marketing site and Docusaurus docs
  - `build-android-apk.yml` — manual **workflow_dispatch** debug Capacitor Android APK build; uploads `Toju-<version>-android-debug.apk` to the draft release (same path as desktop assets)
  - `release-draft.yml` job `build-android` — builds and uploads the debug APK to each queued draft release alongside desktop/server archives
 - All checks must pass before merging a PR
 - Workflow status is visible in the Gitea PR view; use the web UI or `tea` CLI to inspect runs
 There is **no pre-commit hook** configured (no Husky, no pre-commit, no lefthook). Lint/build are enforced by CI, not by local hooks.
 ---
 ## Commit message conventions
 Use **Conventional Commits** with no scope. The recent history is consistent on this:
 ```
 feat: Update how messages load and sync, allow plugins to import messages
 fix: Mobile style fixes and other small ui fixes
 perf: server navigation
 refactor: Remove hardcoded values
 test: Ensure tests work after latest changes
 ```
 Allowed prefixes (observed across the last 100 commits): `feat`, `fix`, `chore`, `docs`, `perf`, `refactor`, `test`. Subject is sentence case with no trailing period.
 If your change resolves a Gitea issue, add `Fixes #<n>` (or `Relates to #<n>`) in the PR body — Gitea supports the same auto-close keywords as GitHub.
 ---
 ## Issue linking
 - Issues live in the Gitea instance at `git.azaaxin.com/myxelium/Toju`
 - Reference them in PR bodies with `Fixes #<n>` (auto-closes on merge) or `Relates to #<n>` (cross-reference only)
 - Commits themselves do not need issue numbers — keep subjects clean and Conventional
 ---
 ## Commands reference
 Run these from the repository root unless otherwise noted.
 ```bash
 # --- setup ---
 npm install                          # install root + workspaces
 cd server && npm install             # server has its own lockfile
 cd website && npm install            # only if working on the marketing site
 cd docs-site && npm install          # only if working on app/plugin docs
 # --- common dev flows ---
 npm run dev                          # full stack: server + Angular client + Electron (via dev.sh)
 npm run start                        # Angular product client only (ng serve on :4200)
 npm run electron:dev                 # Angular client + Electron, no signaling server
 npm run server:dev                   # signaling server only (ts-node-dev)
 # --- testing ---
 npm run test                         # toju-app Vitest suite
 npm run test:e2e                     # Playwright (headless)
 npm run test:e2e:ui                  # Playwright UI mode
 npm run test:e2e:debug               # Playwright debug
 npm run test:e2e:report              # serve last Playwright HTML report
 # --- type / build (also serves as typecheck) ---
 npm run build                        # Angular product client → dist/client
 npm run build:electron               # tsc -p tsconfig.electron.json → dist/electron
 npm run build:docs                   # Docusaurus → docs-site/build
 cd server && npm run build           # server tsc
 npm run build:all                    # all of the above
 # --- lint / format ---
 npm run lint                         # eslint .
 npm run lint:fix                     # format + sort:props + eslint --fix
 npm run format                       # prettier on Angular HTML templates only
 npm run format:check                 # prettier --check on HTML templates
 # --- database migrations (Electron) ---
 npm run migration:generate           # autogenerate from entity diff
 npm run migration:create             # empty migration scaffold
 npm run migration:run                # apply pending
 npm run migration:revert             # roll back last
 ```
 ---
 ## Completion checklist
 Before marking work complete:
 - [ ] Tests written before implementation
 - [ ] All tests passing (`npm run test`, plus `npm run test:e2e` if behavior is user-visible)
 - [ ] `npm run lint` passes
 - [ ] Affected package builds: `npm run build` / `npm run build:electron` / `cd server && npm run build`
 - [ ] Naming conventions followed
 - [ ] Errors handled
 - [ ] Security considered (no secrets in code, no plaintext token logging, no IPC handler accepting arbitrary file paths)
 - [ ] Feature docs updated if contract/schema/invariant changed (see `agents-docs/AGENTS_FEATURES.md`)
 - [ ] `CONTEXT.md` updated if a domain term was resolved or introduced (see `agents-docs/AGENTS_CONTEXT.md`)
 - [ ] ADR written if a hard-to-reverse decision was made (see `agents-docs/AGENTS_ADRS.md`)
 - [ ] Lesson recorded in `agents-docs/LESSONS.md` if this session produced a correction, revert, or hidden constraint (see triggers in `agents-docs/AGENT_WORKFLOW.md`)
 - [ ] PR opened with summary and linked issues
 - [ ] Gitea Workflows checks passing
--- a/agents-docs/FEATURES.md
+++ b/agents-docs/FEATURES.md
@@ -0,0 +1,32 @@
 # Feature Areas
 This index represents the known feature areas in the system.
 It must stay accurate as new features are introduced, renamed, merged, or removed.
 ---
 ## Feature list (alphabetical)
 - [App i18n](features/app-i18n.md) — `@ngx-translate/core` localization for the product client; English-only catalog today, same stack as the marketing website.
 - [Authentication](features/authentication.md) — signaling-server session tokens, protected REST/WebSocket identity, and client bearer storage.
 - [Custom Emoji](features/custom-emoji.md) — peer-synced user-created emoji assets, chat reaction shortcuts, and composer emoji insertion.
 - [Message Integrity](features/message-integrity.md) — signed P2P message revision chains, inventory `headHash` convergence, and Ed25519 signing-key registration on the signaling server.
 - [Mobile Capacitor](features/mobile-capacitor.md) — Capacitor native shell, mobile infrastructure facades, and phone-specific call/chat/media integrations.
 - [Server Discovery](features/server-discovery.md) — featured/trending public-server REST endpoints (server) consumed by the `/dashboard` and `/servers` client pages.
 - [Signal Server Tag](features/signal-server-tag.md) — configurable signal-server display tag shown on profile cards for a user's registration server.
 The product client already documents its bounded contexts at `toju-app/src/app/domains/<name>/README.md` (Access Control, Attachment, Authentication, Chat, Direct Call, Direct Message, Experimental Media, Game Activity, Notifications, Plugins, Profile Avatar, Screen Share, Server Directory, Theme, Voice Connection, Voice Session). Those domain READMEs cover internal product-client behavior.
 `agents-docs/features/<slug>.md` is for **cross-context** contracts and feature areas that span more than one subdomain — WebSocket envelopes, IPC channels, plugin manifests, end-to-end flows that touch client + server + Electron together. Add an entry here the first time you write one.
 ---
 ## Rules for agents
 - Introducing a new feature area requires:
  - creating `agents-docs/features/<feature>.md` (use `agents-docs/features/feature-template.md`)
  - adding it to this list (alphabetical)
 - Renaming or merging features requires updating links and notes
 - If the change is fully contained inside one product-client domain, prefer updating `toju-app/src/app/domains/<name>/README.md` over adding a top-level feature doc
 - This file should remain concise and navigable
--- a/agents-docs/LESSONS.md
+++ b/agents-docs/LESSONS.md
@@ -0,0 +1,192 @@
 # Agent Lessons
 Durable rules for AI agents working on this project. Read this file at session start. Append to it when this session produces a correction worth remembering.
 ## How to use this file
 **At session start:** scan the rules below. If any match the work you're about to do, apply them.
 **During the session:** if the user corrects you, reverts your edit, or re-prompts with the same instruction — that is a signal to record a lesson before closing the task. See the trigger list in `agents-docs/AGENT_WORKFLOW.md`.
 **Format of a lesson:** every entry uses the four-slot template below. Brevity matters — if you can't state the rule in one sentence, the lesson isn't sharp enough yet.
 ```markdown
 ### <short imperative title>
 - **Trigger:** what you were about to do that turned out wrong (one line, concrete enough to pattern-match against)
 - **Rule:** what to do instead (one sentence, imperative voice)
 - **Why:** the consequence of getting it wrong — past incident, hidden constraint, user preference
 - **Example:** one concrete instance, ideally a code or command snippet
 ```
 **Keep lessons sharp.** Tag each rule with one or two tags in square brackets after the title (e.g. `[testing] [migrations]`) so future agents can grep for relevance. If a rule no longer applies, delete it — stale rules drown the real ones.
 ---
 ## Lessons
 ### Store clientInstanceId in sessionStorage not localStorage [realtime] [multi-device]
 - **Trigger:** same user logged in on two tabs, browsers, or synced profiles sees alternating "Disconnected from signaling server" and no cross-device chat/voice sync.
 - **Rule:** persist `metoyou.clientInstanceId` in `sessionStorage` (one id per tab/window) and clear any legacy `localStorage` copy on first read.
 - **Why:** server identify evicts stale sockets with the same `(oderId, connectionScope, clientInstanceId)` tuple; a shared localStorage id makes each client kick the other in a reconnect loop.
 - **Example:** `ClientInstanceService.getClientInstanceId()` writes to `sessionStorage`; two tabs get different ids and stay connected simultaneously.
 ### Revalidate IndexedDB scope without reinitializing on every read [persistence] [performance]
 - **Trigger:** `DatabaseService.ensureReady()` called `initialize()` before every delegated read/write to fix user-scope races.
 - **Rule:** cache the last validated `metoyou_currentUserId` and only re-run backend initialization when that scope changes or an in-flight initialize completes with a different scope.
 - **Why:** per-operation revalidation fans out across ban lookups, room loads, and message reads, causing channel/chat UI to stay blank until repeated server clicks eventually win the race.
 - **Example:** `ensureReady()` returns immediately when `isReady()` and `validatedUserScope` still match `getStoredCurrentUserId()`.
 ### Restore local user scope before protected writes [authentication] [persistence]
 - **Trigger:** a logged-in in-memory user can create rooms or messages after `metoyou_currentUserId` was cleared by a late session-expired path.
 - **Rule:** before protected local persistence or server-directory actions, restore `metoyou_currentUserId` from the current user and avoid treating a live current user as unauthenticated.
 - **Why:** otherwise rooms/messages fall into the anonymous IndexedDB scope, and route checks redirect to login even though NgRx still has the authenticated user.
 - **Example:** `MessagesEffects.sendMessage$`, `RoomsEffects.createRoom$`, and server-directory create/join components call `setStoredCurrentUserId(currentUser.id)` before writing or joining.
 ### Persisted local user state still requires a session token [authentication] [signaling]
 - **Trigger:** Users appear logged in from local storage but cannot see peers online or send chat after session-token auth shipped.
 - **Rule:** before connecting signaling or loading rooms for a persisted user, require a non-expired token in `metoyou.authTokens`; redirect to `/login` on `SESSION_EXPIRED`, `auth_required`, or `auth_error`.
 - **Why:** WebSocket `identify` is skipped without a token, so `join_server`, RTC relay, and presence never establish even though the profile exists locally.
 - **Example:** `hasValidPersistedSession()` in `auth-session.rules.ts` from `loadCurrentUser$`.
 ### Declare MODIFY_AUDIO_SETTINGS for Android WebRTC mic capture [mobile] [android]
 - **Trigger:** Android users accept the microphone prompt but voice calls and channels still fail to join.
 - **Rule:** include `android.permission.MODIFY_AUDIO_SETTINGS` in `toju-app/android/app/src/main/AndroidManifest.xml` and preflight Capacitor capture through `MobileMediaService.ensureVoiceCapturePermissions()` before `getUserMedia`.
 - **Why:** Capacitor's `BridgeWebChromeClient.onPermissionRequest` requests `RECORD_AUDIO` and `MODIFY_AUDIO_SETTINGS` together; if the latter is undeclared, the combined grant is treated as denied even after the user taps Allow.
 - **Example:** `ANDROID_REQUIRED_MANIFEST_PERMISSIONS` in `mobile-android-manifest-permissions.rules.ts`.
 ### Do not override Tailwind with box-sizing inherit [mobile] [css]
 - **Trigger:** mobile pages still overflow horizontally until devtools disables `*, *::before, *::after { box-sizing: inherit }` in global styles.
 - **Rule:** in `src/styles.scss` keep `box-sizing: border-box` on the universal selector (matching Tailwind preflight); never replace it with `inherit` from `html`.
 - **Why:** `inherit` overrides preflight and some nested component hosts resolve to `content-box`, so `w-full` plus padding becomes wider than the parent — especially visible on the mobile dashboard beside the servers rail.
 - **Example:** `src/styles.scss` `@layer base` universal rule uses `border-box`, not `inherit`.
 ### Use the app-shell servers rail for mobile discovery pages [mobile] [layout]
 - **Trigger:** patching `min-w-0` / `overflow-x-hidden` on the dashboard (or find-people/find-servers) while the page still renders wider than the phone beside an embedded servers rail.
 - **Rule:** on mobile discovery routes (`/dashboard`, `/people`, `/servers`, …) show the global `app.html` servers rail and render the page full-width in `appWorkspace`; keep embedded swiper+rail stacks only for chat/DM/call routes (`shouldShowMobileAppServersRail` in `mobile-shell-layout.rules.ts`).
 - **Why:** nesting a second rail+Swiper stack inside `router-outlet` fights the shell flex width and content keeps sizing to intrinsic width, clipping cards and inputs on every viewport.
 - **Example:** `hideAppServersRail()` in `app.html` + dashboard `pageContent` only (no local `<app-servers-rail>`).
 ### Defer attachment blob hydration on Electron startup [attachments] [electron]
 - **Trigger:** fixing inline attachment display by eagerly calling `tryRestoreAttachmentFromLocal()` for every persisted attachment during `initFromDatabase()`.
 - **Rule:** load attachment metadata at startup, but hydrate blob URLs only for the watched room on demand; read disk files through chunked IPC (`readFileChunk`) and yield between chunks/attachments so large images never block the renderer.
 - **Why:** restoring every saved attachment as a single base64 round-trip plus synchronous `atob()` can freeze Electron for seconds even after the shell paints.
 - **Example:** `runInitFromDatabase()` stops at `loadFromDatabase()`; `restoreLocalAttachmentsForRoom()` hydrates lazily via `restoreAttachmentBlobFromDiskPath()`.
 ### Lazy-load Capacitor modules on Electron/desktop [mobile] [electron]
 - **Trigger:** adding mobile facades that statically import Capacitor adapters or `@capacitor/*` plugins into shared Angular services used by the desktop app.
 - **Rule:** keep web/electron shells on web adapters synchronously and load Capacitor adapters/plugins only through dynamic `import()` after `runtime === 'capacitor'` — never top-level `import '@capacitor/...'` in code reachable from `app.ts` / `DirectCallService`.
 - **Why:** bundlers evaluate static Capacitor imports during Electron startup, which can freeze the renderer before first paint even when runtime detection would have chosen the web adapter.
 - **Example:** `resolveMobileAdapter()` in `mobile-capacitor-adapter.rules.ts` plus async `capacitor-plugin-loader.ts` / `loadMetoyouMobilePlugin()`.
 ### Use the upgrade transaction during IndexedDB schema migrations [persistence] [browser]
 - **Trigger:** bumping `BROWSER_DATABASE_VERSION` and opening existing stores via `database.transaction(...)` inside `onupgradeneeded`.
 - **Rule:** during `onupgradeneeded`, reuse `event.transaction.objectStore(name)` for existing stores and only call `database.createObjectStore` for missing ones — never start a second transaction while the version-change transaction is active.
 - **Why:** nested transactions abort the upgrade, `authenticateUser` storage prep fails, and login/register navigates before `setCurrentUser` so DM routes throw "Cannot use direct messages without a current user."
 - **Example:** `ensureObjectStoreDuringUpgrade(database, upgradeTransaction, 'messages')` in `browser-database-schema.ts`.
 ### Wait for authenticateUser storage prep before post-login navigation [authentication] [browser]
 - **Trigger:** dispatching `UsersActions.authenticateUser` from login/register and immediately calling `router.navigate(...)`.
 - **Rule:** wait for `setCurrentUser` or `loadCurrentUserFailure` (e.g. `waitForAuthenticationOutcome(actions$)`) before navigating to `returnUrl` or `/dashboard`.
 - **Why:** `authenticateUser$` prepares per-user IndexedDB asynchronously; early navigation renders DM/shell routes before the current user exists in the store.
 - **Example:** `await firstValueFrom(waitForAuthenticationOutcome(this.actions$))` in `register.component.ts` and `login.component.ts`.
 ### Use dense arrays for chunked transfer buffers [custom-emoji] [webrtc]
 - **Trigger:** chunked P2P asset assembly marks a transfer complete after the first chunk because `array.some()` skips sparse holes created by `new Array(total)`.
 - **Rule:** initialize chunk buffers with `Array.from({ length: total }, () => undefined)` (or another dense initializer) before using `some`/`every`/`filter` to detect completion.
 - **Why:** a single assigned slot in a sparse array makes `.some((chunk) => !chunk)` return false, so multi-chunk custom emoji transfers are dropped and peers never receive uploaded images larger than one chunk.
 - **Example:** `CustomEmojiService.receiveTransferStart` stores `chunks: Array.from({ length: total }, () => undefined)` instead of `new Array(total)`.
 ### Route custom emoji right-click through the native context menu [custom-emoji] [ux]
 - **Trigger:** adding a second emoji-specific context menu beside `NativeContextMenuComponent`, or attaching handlers only to `<img>` nodes.
 - **Rule:** mark emoji hosts with `data-custom-emoji` / `data-custom-emoji-library` plus `data-custom-emoji-id`, let `NativeContextMenuComponent` own add/remove actions, and use a capture-phase `preventDefault` so Electron/browser image menus do not override them.
 - **Why:** the shell context menu already intercepts every image right-click; duplicate menus fight each other and button/div wrappers miss img-only handlers.
 - **Example:** reaction pills and picker buttons carry the data attributes; `resolveCustomEmojiContextMenuTarget()` opens **Add to emoji library** / **Remove from emoji library** from the global menu.
 ### Separate known emoji assets from saved library [custom-emoji] [ux]
 - **Trigger:** syncing remote custom emoji directly into the picker/library when it is first seen in chat.
 - **Rule:** store remote emoji as known renderable assets, but only show them in the user's picker after an explicit save action such as right-clicking the rendered emoji.
 - **Why:** users need messages to render, but they should control which seen emoji become part of their local emoji library.
 - **Example:** `CustomEmojiService.emojis` filters to saved emoji, while `findEmoji(id)` can still resolve unsaved known assets for message rendering.
 ### Chunk custom emoji assets over data channels [custom-emoji] [webrtc]
 - **Trigger:** sending uploaded custom emoji image data through a single `custom-emoji-full` peer event.
 - **Rule:** stream custom emoji assets as a metadata envelope plus bounded `custom-emoji-chunk` events; use buffered sends for back-pressure, but never rely on buffering to make oversized messages safe.
 - **Why:** a single base64 data URL can exceed browser SCTP message limits and fire `RTCDataChannel.onerror`, breaking the app-wide chat channel.
 - **Example:** send `{ type: 'custom-emoji-full', customEmojiTransfer, total }`, then `custom-emoji-chunk` events with small `data` slices.
 ### Re-clear visible notification channels after recompute [notifications] [startup]
 - **Trigger:** fixing startup unread badges by only changing read-marker writes or initial hydration.
 - **Rule:** also check later `loadMessagesSuccess` and `syncMessages` recomputes, and re-clear the focused visible channel after applying derived unread counts.
 - **Why:** the startup-selected server can load or sync messages after it was marked read, reintroducing a channel unread badge even though the user is viewing that channel.
 - **Example:** `NotificationsService.refreshRoomUnreadFromMessages(...)` should clear `activeChannelId` for `currentRoom` after recalculating counts from a startup message batch.
 ### Disambiguate nested chat cards [chat] [ui]
 - **Trigger:** removing a visual treatment from chat history when a system message has both an outer row wrapper and an inner pill/card.
 - **Rule:** preserve the intended inner timeline pill unless the user explicitly targets it; render system messages outside the themed `chatMessageBubble` wrapper and keep `data-message-id` off direct child `div`s.
 - **Why:** PM call-started history should stay as a compact centered pill, while theme CSS such as `app-chat-message-item > div[data-message-id]` can turn the full-width row around it into the unnecessary card.
 - **Example:** In `chat-message-item.component.html`, keep `data-testid="chat-system-message"` with `rounded-full border bg-secondary/45`, put `appThemeNode="chatMessageBubble"` only on the non-system branch, and place `[attr.data-message-id]` on the nested pill instead of the system row wrapper.
 ### Use terminal Vitest when the test tool hangs [testing]
 - **Trigger:** VS Code test execution stays at "Starting test run..." without producing Vitest output.
 - **Rule:** run the focused spec through the terminal with `cd toju-app && npx vitest run <spec-path>` and report the direct Vitest result.
 - **Why:** the test integration can hang before starting the runner, while the terminal Vitest command returns quickly and gives actionable failures.
 - **Example:** `cd toju-app && npx vitest run src/app/domains/game-activity/application/game-activity.service.spec.ts`.
 ### Do not add fake chrome around screenshots [website] [design]
 - **Trigger:** wrapping a real product screenshot in decorative titlebar/window chrome or placing oversized marketing headings beside copy without checking overlap.
 - **Rule:** use the screenshot's existing frame when it already includes app chrome, and top-align large heading/copy columns with explicit readable widths.
 - **Why:** duplicated chrome makes CTA/product previews look broken, and bottom-aligned large headings can cover accompanying text on the marketing site.
 - **Example:** `website/src/app/pages/home/home.component.html` should render the screenshot directly; `host-section` should use top-aligned heading and `.host-section-copy` columns.
 ### Verify lint exits 0 before claiming done [verification]
 - **Trigger:** about to report a task as complete after running tests but skipping ESLint.
 - **Rule:** run `npm run lint` from the repo root and confirm exit code 0 before any "done" claim.
 - **Why:** `npm run test` only runs the toju-app Vitest suite — it doesn't cover the server, Electron, or website packages. ESLint (flat config in `eslint.config.js`) is the universal check across every package; type-style violations slip through tests and break Gitea Workflows for the next agent.
 - **Example:** `npm run lint && echo OK` — only claim done after seeing `OK`. For Electron type errors specifically, also confirm `npm run build:electron` succeeds (it invokes `tsc -p tsconfig.electron.json`).
 ### Use blob URLs for inline attachment previews [attachments] [electron]
 - **Trigger:** receiving users see broken image icons or video players that never start, but "Download" saves a valid file.
 - **Rule:** never bind `attachment.objectUrl` to `file://` URLs for chat `<img>`, `<video>`, or `<audio>` — always create a `blob:` URL from the bytes on disk or in memory; keep `savedPath`/`filePath` for IPC download/open only.
 - **Why:** Electron runs with `webSecurity: true`, so renderer pages cannot load arbitrary `file://` app-data paths even when CSP allows `file:`; IPC download still works because it reads the path in the main process.
 - **Example:** `ensureInlineDisplayObjectUrl()` in `AttachmentPersistenceService`, and `URL.createObjectURL(blob)` in `finalizeTransferIfComplete` / `handleDiskFileChunk` instead of `getFileUrl(savedPath)`.
 ### Resolve Electron drag-and-drop file paths with webUtils [attachments] [electron]
 - **Trigger:** large videos play after drag-and-drop upload, but after restart the uploader sees a peer-download error even though they sent the file from disk.
 - **Rule:** when accepting dropped or pasted files in Electron, call `webUtils.getPathForFile(file)` from preload (`getPathForFile` on `electronAPI`) and annotate the `File` before `publishAttachments`; never rely on `File.path` in the renderer.
 - **Why:** Chromium removed direct `File.path` access in modern Electron; without `getPathForFile`, large uploads only exist as in-memory blobs and cannot be copied into app data for reload playback.
 - **Example:** `annotateLocalFilePath(file, { getPathForFile: electronApi.getPathForFile })` in `ChatMessageComposerComponent.addPendingFiles`.
 ### Preserve uploader local attachment paths across sync [attachments] [persistence]
 - **Trigger:** large Electron uploads play from `filePath` after send, but after reload the uploader sees "The connected peers do not have this file right now" and must P2P-download their own file.
 - **Rule:** never persist synced attachment metadata with `filePath`/`savedPath` stripped — merge with stored local paths, finish attachment DB init before applying sync batches, and try local disk restore before sending `file-request` to peers.
 - **Why:** P2P sync intentionally omits local-only paths; a startup race can overwrite the uploader's saved `filePath` with `null`, and large videos (>10 MB) are not auto-copied to app data so only the original path can restore playback.
 - **Example:** copy large Electron uploads into app-data on `publishAttachments`, `mergeAttachmentLocalPaths(incomingMeta, storedRecord)` in `persistAttachmentMeta`, `await persistence.whenReady()` in `registerSyncedAttachments`, and `tryRestoreAttachmentFromLocal()` before any `file-request`.
 <!--
 Add new lessons above this comment, newest at the top.
 Delete this example once the project has accumulated 2-3 real lessons.
 -->
--- a/agents-docs/adr/0001-record-architectural-decisions.md
+++ b/agents-docs/adr/0001-record-architectural-decisions.md
@@ -0,0 +1,13 @@
 # ADR-0001: Record Architectural Decisions
 ## Status
 Accepted
 ## Context
 We need a lightweight way to record architectural decisions so that future agents and engineers can understand *why* the system looks the way it does, not just *what* it does. Without ADRs, decisions live in PR descriptions, chat logs, or nowhere — and get re-litigated on every refactor.
 ## Decision
 We use Architecture Decision Records (ADRs) in the Nygard short form. Each ADR lives at `agents-docs/adr/NNNN-slug.md` with a 4-digit zero-padded number, monotonically increasing. The minimum content is a title plus 1–3 sentences each for Context, Decision, and Rationale. Add `Status`, `Considered Options`, or `Consequences` only when they genuinely help.
 ## Rationale
 Nygard short form is the lowest-friction format that still captures the *why*. Heavier templates (MADR, full IEEE 1471) routinely don't get written — the bar to start one is too high. ADRs are append-only: a superseded decision gets a new ADR with a `Supersedes ADR-NNNN` note while the old one stays in place. The 3-criteria gate (hard to reverse, surprising without context, genuine trade-offs) keeps the directory from filling with trivia. See `agents-docs/AGENTS_ADRS.md` for the full contract.
--- a/agents-docs/adr/0002-session-token-authentication.md
+++ b/agents-docs/adr/0002-session-token-authentication.md
@@ -0,0 +1,13 @@
 # ADR-0002: Session-Token Authentication on the Signaling Server
 ## Status
 Accepted
 ## Context
 The signaling server trusted client-supplied user IDs on REST mutations and WebSocket `identify`, allowing impersonation for kicks, bans, joins, plugin administration, and push dispatch. The product client already used bearer tokens for the Electron Local API, but the shared signaling server had no equivalent binding between HTTP/WebSocket actions and a logged-in user.
 ## Decision
 Issue opaque session tokens on login/register, persist them in server SQLite, require `Authorization: Bearer` on all mutating REST routes, and require `identify.token` on WebSocket connections before any other client message is accepted. Actor fields (`currentOwnerId`, `actorUserId`, `requesterUserId`) are derived from the token instead of request bodies.
 ## Rationale
 This closes identity spoofing without changing the P2P product model: discovery stays public, chat/media still relay over WebSocket, and DM WebRTC signaling remains available across servers. Bcrypt password hashing with transparent SHA-256 upgrade preserves existing accounts. A deprecation window for body-only auth was intentionally omitted so all clients must authenticate in one release, avoiding prolonged dual-trust behavior.
--- a/agents-docs/adr/0003-multi-client-sessions.md
+++ b/agents-docs/adr/0003-multi-client-sessions.md
@@ -0,0 +1,16 @@
 # ADR-0003: Multi-Client Sessions with Connection-Scoped Routing
 ## Status
 Accepted
 ## Context
 Users expect to stay logged in on multiple devices simultaneously (Discord-style). The signaling server already issued multiple session tokens per user, but WebSocket broadcasts deduplicated by `oderId`, which prevented a user's second device from receiving chat, typing, or voice-state updates from their first device. Voice had no per-device identity, so two clients could both attempt to transmit audio.
 ## Decision
 Introduce a stable per-install `clientInstanceId` on the product client. Route server broadcasts by **connection id** (exclude only the sender socket) while keeping presence `user_joined` / `user_left` identity-scoped. Track `voiceActive` per connection; relay RTC to the voice-active socket. Enforce single voice owner per user via `VoiceState.clientInstanceId` and `voice_client_takeover` handoff between connections.
 ## Consequences
 - **Positive:** Chat and presence sync across a user's devices; voice behaves like Discord (one transmitting client, passive viewers, explicit takeover).
 - **Positive:** Stale-tab hygiene uses `(oderId, connectionScope, clientInstanceId)` eviction without kicking other devices.
 - **Negative:** `findUserByOderId` semantics change — RTC now prefers voice-active connections; callers must not assume one socket per user.
 - **Negative:** Clients must include `clientInstanceId` on identify and voice payloads; older builds without it still work but cannot participate in multi-device voice exclusivity reliably.
--- a/agents-docs/adr/0003-signed-message-revisions.md
+++ b/agents-docs/adr/0003-signed-message-revisions.md
@@ -0,0 +1,23 @@
 # ADR-0003: Signed Message Revision Chains for P2P Chat Integrity
 ## Status
 Accepted
 ## Context
 P2P chat sync compared timestamps, reaction counts, and attachment counts only. A peer could rewrite history or apply edits out of order with no cryptographic check. The product has no central message store, so integrity must travel with sync traffic and local audit logs.
 ## Decision
 Adopt an append-only **revision chain** per message:
 - Each mutation emits a `MessageRevision` (create, edit, delete, moderation, plugin) with `revision`, `prevRevisionHash`, and `headHash` (SHA-256 over canonical head state).
 - Inventories advertise `{ revision, headHash }` so peers detect gaps and hash mismatches.
 - Human-authored revisions are signed with per-user Ed25519 keys; public keys are registered on the signaling server for verification.
 - Legacy `chat-message` / `message-edited` / `message-deleted` events continue to broadcast alongside `message-revision` for one-release backward compatibility.
 ## Rationale
 Revision chains give deterministic merge (higher valid revision wins) without requiring a trusted relay. Signing binds edits to registered users while keeping chat payloads off the server. Dual emit avoids breaking peers that have not upgraded inventory or revision handlers yet.
 ## Consequences
 - New persistence columns and revision audit stores on browser IDB, Electron SQLite, and Capacitor schemas.
 - Plugin synthetic users may emit unsigned revisions until a plugin signing model exists.
 - Attachment byte integrity (SHA-256 on `file-announce`) remains a separate follow-up.
--- a/agents-docs/features/app-i18n.md
+++ b/agents-docs/features/app-i18n.md
@@ -0,0 +1,62 @@
 # App i18n
 Client-side UI string localization for the product client (`toju-app`), using the same `@ngx-translate/core` stack as the marketing website.
 ## Responsibilities
 - Bundle locale JSON under `toju-app/public/i18n/`.
 - Bootstrap translations at app startup via `AppI18nService` (root `App` constructor).
 - Expose `APP_TRANSLATE_IMPORTS` for standalone components that use the `translate` pipe in templates.
 - Resolve the active locale through `resolveAppLocale()` in `app-i18n.rules.ts`.
 ## Boundaries
 - **In scope:** user-visible UI copy in the Angular product client.
 - **Out of scope:** server error messages, plugin-authored strings, Electron IPC payloads, and marketing-site copy (`website/public/i18n/`).
 ## Key files
 | Path | Role |
 |------|------|
 | `toju-app/public/i18n/en.json` | English translation catalog (only locale shipped today). |
 | `toju-app/src/app/core/i18n/app-i18n.rules.ts` | Supported locales and locale resolution. |
 | `toju-app/src/app/core/i18n/app-i18n.service.ts` | Loads bundled JSON into `TranslateService`. |
 | `toju-app/src/app/core/i18n/app-translate.imports.ts` | `TranslateModule` import bundle for standalone components. |
 | `toju-app/src/app/app.config.ts` | `provideTranslateService()` registration. |
 ## Usage
 **Templates** — import `APP_TRANSLATE_IMPORTS` in the standalone component and use the pipe:
 ```html
 {{ 'common.brand' | translate }}
 ```
 **TypeScript** — inject `AppI18nService` (or `TranslateService`) and call `instant()`:
 ```ts
 this.appI18n.instant('common.brand');
 ```
 ## Catalog workflow
 User-visible strings live in fragment files under `toju-app/public/i18n/catalog/*.json`, merged into `toju-app/public/i18n/en.json` by:
 ```bash
 npm run i18n:sync
 ```
 The sync script also extracts `theme.registry.*` labels/descriptions from `theme-registry.logic.ts` and `permissions.*` from `access-control.constants.ts` so those large registries stay DRY. Extracted prefixes use dotted paths and are merged as nested JSON (e.g. `theme.registry.appShell.label`, not a flat `"theme.registry"` root key).
 ## Adding a locale later
 1. Add `toju-app/public/i18n/catalog/*.json` fragments for the new locale (or mirror `en.json` structure).
 2. Register the locale in `SUPPORTED_APP_LOCALES`.
 3. Import and `setTranslation()` in `AppI18nService`.
 4. Wire user preference (e.g. general settings) to `AppI18nService.initialize(preferredLocale)`.
 ## Tests
 - `toju-app/src/app/core/i18n/app-i18n.rules.spec.ts`
 - `toju-app/src/app/core/i18n/app-i18n.service.spec.ts`
 - `toju-app/src/app/core/i18n/app-i18n.testing.ts` — `provideAppI18nForTests()` / `initializeAppI18nForTests()` for Vitest injectors
--- a/agents-docs/features/authentication.md
+++ b/agents-docs/features/authentication.md
@@ -0,0 +1,76 @@
 # Authentication
 Session-token authentication for the signaling server and product client.
 ## Trust boundaries
 | Surface | Identity proof | Notes |
 |---|---|---|
 | Signaling server REST (mutations) | `Authorization: Bearer <token>` | Actor user IDs in request bodies are ignored; server derives `authUserId` from the token |
 | Signaling server REST (discovery) | None | `GET /api/servers`, featured/trending/search remain public |
 | Signaling server WebSocket | `identify.token` | Connections must identify before any other message type |
 | Electron Local API | Separate in-memory bearer tokens | Proxies login to allowed signaling servers only |
 | Product client local DB | OS user account | SQLite and attachments are plaintext at rest |
 ## Login / register response
 ```json
 {
  "id": "<uuid>",
  "username": "alice",
  "displayName": "Alice",
  "token": "<opaque-hex>",
  "expiresAt": 1710000000000
 }
 ```
 - Tokens are opaque 64-character hex strings stored in server SQLite (`session_tokens`).
 - Default TTL: 10 years (`SESSION_TOKEN_TTL_MS` env override supported on the signaling server).
 - Passwords are stored with bcrypt; legacy SHA-256 hashes are upgraded transparently on successful login.
 ## Protected REST routes
 Require `Authorization: Bearer`:
 - `PUT/POST/DELETE` under `/api/servers/*` (except public `GET`)
 - `PUT /api/requests/:id`
 - Plugin-support mutations under `/api/servers/:serverId/plugins/*`
 - `/api/users/device-tokens/*`
 - `POST /api/users/logout`
 ## WebSocket identify contract
 ```json
 {
  "type": "identify",
  "token": "<session-token>",
  "oderId": "<user-id>",
  "displayName": "Alice",
  "connectionScope": "ws://host:3001",
  "clientInstanceId": "<per-install-uuid>"
 }
 ```
 - `oderId` must match the token's user id when provided.
 - `clientInstanceId` is a stable per-install UUID generated by the product client (`metoyou.clientInstanceId` in `localStorage`). The signaling server uses it to distinguish multiple WebSocket connections for the same user and to route voice ownership.
 - Server responds with `auth_error` or `auth_required` when authentication fails.
 ## Multi-device sessions
 - Each login/register issues a **new** session token; prior tokens remain valid until they expire or the client calls `POST /api/users/logout` with that token.
 - The same user may keep multiple WebSocket connections open (different devices or browser profiles). Server broadcasts (chat, typing, voice state, status) exclude only the **sending connection**, so other connections for that identity still receive updates.
 - Voice/WebRTC is exclusive per user: only one `clientInstanceId` may own active voice at a time. Other connections show passive UI and can send `voice_client_takeover` to move voice to the local device.
 - Stale reconnect hygiene: when a client re-identifies with the same `(oderId, connectionScope, clientInstanceId)` tuple, the server closes the older socket for that tuple.
 ## Client storage
 The product client stores tokens per signaling-server base URL in `localStorage` (`metoyou.authTokens`). An HTTP interceptor attaches the bearer token to `/api/*` requests targeting that server.
 Persisted local user state (`metoyou_currentUserId` + IndexedDB/SQLite profile) is **not** sufficient to use chat or presence. On startup, `loadCurrentUser$` requires a non-expired session token for the user's home/active signaling server (or any stored token as a fallback). Missing or rejected tokens dispatch `SESSION_EXPIRED` and redirect to `/login`. WebSocket `auth_required` / `auth_error` responses trigger the same path.
 ## Security considerations
 - Rate limits: login/register (100 / 15 min), server join (30 / min).
 - CORS allowlist: optional `corsAllowlist` in `server/data/variables.json` or `CORS_ALLOWLIST` env (comma-separated). Empty allowlist keeps permissive CORS for local development.
 - Push-token routes require bearer auth and user-id match.
 - RTC relay: direct-message/direct-call types always relay; server-icon types require shared server membership; WebRTC offer/answer/ice remain open for cross-server DM WebRTC.
--- a/agents-docs/features/custom-emoji.md
+++ b/agents-docs/features/custom-emoji.md
@@ -0,0 +1,64 @@
 # Custom Emoji
 > **Area:** custom-emoji
 > **Status:** Active
 > **Last updated:** 2026-06-05
 ## Overview
 Custom emoji lets users upload small image emoji, use them in chat messages and reactions, and sync emoji assets needed for rendering to connected peers over the existing data-channel mesh.
 ## Responsibilities
 - Own custom emoji asset validation, local persistence, user-saved library membership, shortcut ranking, and peer-to-peer asset sync.
 - Expose a shared picker consumed by chat message reactions and the chat composer.
 - Keep usage ranking local to the current user; usage counts are not synced.
 - Does not store custom emoji on the signaling server.
 ## Key Concepts
 - **Custom emoji asset**: A user-created image stored as a data URL with id, name, mime, size, hash, creator, timestamps, and optional saved-library membership.
 - **Known custom emoji**: A synced asset available for message rendering and forwarding, but not shown in the current user's picker unless saved.
 - **Saved custom emoji**: A known asset with `savedByUser` enabled; saved emoji appear in the picker and shortcut ranking.
 - **Emoji shortcut row**: The seven most-used emoji entries for the current user plus an eighth control that opens the full selector.
 - **Custom emoji token**: The stable message/reaction representation `:emoji[id](name)`, resolved locally to the synced image asset when rendering.
 - **Composer emoji alias**: The readable inline draft representation `:name:`. The composer rewrites known aliases to stable custom emoji tokens only when sending.
 ## Peer Envelope Contract
 Custom emoji uses `ChatEvent` data-channel envelopes:
 - `custom-emoji-summary`: `{ customEmojiSummaries: [{ id, hash, updatedAt }] }`
 - `custom-emoji-request`: `{ ids: string[] }`
 - `custom-emoji-full`: `{ customEmojiTransfer: Omit<CustomEmoji, 'dataUrl'>, total: number }`
 - `custom-emoji-chunk`: `{ customEmojiId, index, total, data }`
 When a peer connects, each side sends a summary of known assets. The receiver requests missing or stale emoji by id, and the owner replies with a small manifest followed by bounded base64 chunks using buffered peer sends. Creating a new emoji also streams that manifest and chunk sequence to every currently connected peer. Outgoing room chat messages, edits, reactions, and direct messages proactively push every referenced custom emoji asset to connected peers in parallel with the message event, so receivers do not wait for a request round-trip. Small assets that fit under `CUSTOM_EMOJI_INLINE_MAX_JSON_BYTES` travel inline in one `custom-emoji-full` event; larger assets use manifest plus chunks. Incoming chat messages and chat-sync batches still scan for `:emoji[id](name)` tokens and request any missing assets from the sender as a repair path. Full inline `customEmoji` payloads remain accepted for backward compatibility.
 ## Business Rules
 - Uploads are capped at 1 MB.
 - Accepted image types match profile avatars: WebP, GIF, JPG, and JPEG.
 - Local shortcut ranking is keyed by the active user and includes Unicode emoji plus saved custom emoji only.
 - Message rendering reserves inline emoji space with a transparent placeholder image while a referenced custom emoji asset is not yet available; deferred markdown placeholders rewrite tokens to readable `:name:` aliases so raw `:emoji[id](name)` text never flashes in chat.
 - Seen custom emoji are not added to the picker automatically; right-click a rendered custom emoji in chat or on a custom emoji reaction and choose **Add to emoji library** from the app context menu (`NativeContextMenuComponent`).
 - Saved custom emoji can be removed from the picker library by right-clicking them inside the emoji picker and choosing **Remove from emoji library**; the asset stays available for rendering messages that already reference it.
 - Emoji hosts are marked with `data-custom-emoji` / `data-custom-emoji-library` plus `data-custom-emoji-id` so the global context menu can distinguish them from regular images and suppress the default **Copy Image** action.
 - The full emoji picker includes a search field that filters built-in Unicode emoji by common terms and saved custom emoji by name.
 - Custom emoji data-channel chunks are capped below typical SCTP message limits; back-pressure alone is not enough because a single oversized send can fire `RTCDataChannel.onerror`.
 - Completed transfers are persisted only when the reconstructed data URL matches the manifest size and hash; corrupt local rows are dropped before summaries are advertised.
 ## Data Access
 - Browser runtime stores custom emoji in IndexedDB store `customEmojis`.
 - Electron runtime stores custom emoji in SQLite table `custom_emojis`, created by migration `1000000000011-AddCustomEmojis`.
 - Renderer access goes through `DatabaseService` methods `saveCustomEmoji`, `getCustomEmojis`, and `deleteCustomEmoji`.
 ## Testing
 - Unit tests cover upload size validation, shortcut selection, picker search filtering, custom emoji token generation, data-channel chunk splitting, readable composer alias rewriting, transfer integrity, saved-library membership, and add/remove library context-menu actions.
 ## Security Considerations
 - Emoji payloads are image-only and size-limited before persistence or broadcast.
 - Assets sync only to already connected peers; the signaling server does not persist or proxy emoji images.
--- a/agents-docs/features/feature-template.md
+++ b/agents-docs/features/feature-template.md
@@ -0,0 +1,183 @@
 # [Feature Name]
 > **Area:** [area-name]
 > **Status:** Active | In Progress | Deprecated
 > **Last updated:** YYYY-MM-DD
 ## Overview
 One paragraph describing what this feature does and why it exists.
 ## Responsibilities
 - What this feature is responsible for
 - Its boundaries — what it does NOT own
 ## Key concepts
 - **ConceptA**: short definition
 - **ConceptB**: short definition
 ---
 ## API Endpoint
 ### Endpoint Details
 - **Method**: [GET | POST | PUT | PATCH | DELETE]
 - **Path**: `/api/v1/[feature-path]`
 - **Authentication**: [Required | Optional | None]
 - **Rate Limiting**: [Yes — describe | No]
 ### Request Schema
 ```json
 {
  "field": "type — description"
 }
 ```
 **Required fields:**
 - `field` (type, constraints): description
 **Optional fields:**
 - `field` (type): description. Defaults to "X" if not provided.
 ### Response Schema
 ```json
 {
  "field": "type — description"
 }
 ```
 ### Error Responses
 - **400 Bad Request**: [specific causes]
 - **401 Unauthorized**: missing or invalid authentication
 - **404 Not Found**: [when this applies]
 - **500 Internal Server Error**: [specific causes]
 ---
 ## Business Logic
 ### Core Functionality
 1. **Step 1**: description
 2. **Step 2**: description
 3. **Step 3**: description
 ### Business Rules
 - Rule 1
 - Rule 2
 ### Data Flow
 ```
 Input → Validation → [Processing Steps] → Response
 ```
 ### Dependencies
 - **Service/Library**: what it's used for
 - **External API**: what it's used for
 - **Database**: what tables/collections are involved
 ---
 ## Technical Implementation
 ### Service Layer
 - **Location**: `path/to/service`
 - **Key methods**: `methodName()` — description
 ### Controller / Handler
 - **Location**: `path/to/handler`
 - **Responsibilities**: request validation, service invocation, response formatting
 ### Repository / Data Access
 - **Location**: `path/to/repository`
 - **Tables/Collections**: list the relevant database objects
 - **Migrations**: reference the migration that created/modified the schema
 ### Key Types
 - `TypeName`: description of what it represents
 ---
 ## Configuration
 ### Environment Variables
 - `VAR_NAME`: description (required | optional, default: X)
 ### Feature Flags
 - [List any feature flags, or "None"]
 ---
 ## Testing
 ### Unit Tests
 - **Location**: `path/to/tests`
 - **Key scenarios**: list the most important test cases
 ### Integration Tests
 - **Location**: `path/to/integration/tests`
 - **Setup**: describe any required infrastructure (database, external services, etc.)
 - **Mocking**: what external services are mocked and how
 ---
 ## Error Handling & Edge Cases
 ### Common Errors
 - **Error scenario**: how it's handled
 ### Edge Cases
 - **Edge case**: expected behavior
 ---
 ## Security Considerations
 - Authentication requirements
 - Authorization / access control
 - Input validation and sanitization
 - Data privacy considerations
 ---
 ## Performance Considerations
 - Expected response times
 - Known bottlenecks
 - Caching strategy (if any)
 ---
 ## Known Issues and Limitations
 1. **Limitation**: description
 ---
 ## Related Features
 - **[Related Feature]**: brief description of relationship
 ## Changelog
 | Date | Change |
 |------|--------|
 | YYYY-MM-DD | Initial documentation |
--- a/agents-docs/features/message-integrity.md
+++ b/agents-docs/features/message-integrity.md
@@ -0,0 +1,60 @@
 # Message Integrity
 Signed, append-only **message revisions** give P2P chat a verifiable history without central message storage. The materialized `Message` row in local SQLite/IDB is a cache; peers converge via inventory snapshots and revision events.
 ## Responsibilities
 - **Revision chain** — Every create, edit, delete, moderation, or plugin mutation appends a `MessageRevision` with monotonically increasing `revision`, `prevRevisionHash`, and `headHash`.
 - **Dual emit** — Outgoing mutations broadcast the legacy event (`chat-message`, `message-edited`, `message-deleted`) **and** `message-revision` so older peers keep working while integrity-aware peers prefer revisions.
 - **Inventory** — Sync inventories include `{ id, ts, rc, ac, revision, headHash }`. Peers re-fetch when remote revision is newer or the same revision has a different hash (tamper detection).
 - **Signing** — Human authors sign revisions with per-user Ed25519 keys. Public keys are registered on the signaling server; private keys stay in browser `localStorage`.
 ## Boundaries
 | Layer | Owns |
 | --- | --- |
 | Product client (`toju-app`) | Revision construction, merge, verification, P2P broadcast, local persistence |
 | Signaling server (`server`) | `PUT /api/users/me/signing-key`, `GET /api/users/:id/signing-public-key` — key directory only, no message storage |
 | Electron / mobile persistence | `revision` + `headHash` on message rows; revision audit log (IDB store / SQLite meta) |
 Plugin API messages may emit unsigned revisions (`plugin-edit` / `plugin-delete`) when the actor is a synthetic plugin user.
 ## Key types
 - `Message.revision`, `Message.headHash` — materialized cache fields on the shared `Message` model.
 - `MessageRevision` — wire + persistence audit record (`message-revision.models.ts`).
 - `MessageRevisionType` — `create`, `author-edit`, `author-delete`, `moderate-edit`, `moderate-delete`, `plugin-edit`, `plugin-delete`.
 - `ChatEvent.type: 'message-revision'` — P2P envelope carrying a full `MessageRevision`.
 ## Merge rules
 1. Valid signed revision with higher `revision` wins over legacy timestamp edits.
 2. Same `revision`, different `headHash` → treat as stale/tampered and re-fetch.
 3. Unsigned revisions (no `signature`) are accepted for backward compatibility when verification is skipped.
 4. Legacy peers without `revision`/`headHash` in inventory fall back to `ts` / `rc` / `ac` comparison.
 ## Client touchpoints
 - Domain rules: `message-integrity.rules.ts`, `message-revision.builder.rules.ts`, `message-sync.rules.ts`
 - Services: `MessageRevisionService`, `MessageSigningService`
 - Store: `messages.effects.ts` (outgoing dual-emit), `messages-incoming.handlers.ts` (`handleMessageRevision`), `messages.helpers.ts` (inventory + merge)
 - Plugins: `plugin-client-api.service.ts` emits revisions for send/edit/delete
 ## Server API
 | Method | Path | Auth | Body / response |
 | --- | --- | --- | --- |
 | `PUT` | `/api/users/me/signing-key` | Bearer | `{ publicKeyJwk }` — stores Ed25519 public JWK on the user row |
 | `GET` | `/api/users/:id/signing-public-key` | Public | `{ publicKeyJwk }` — used by peers to verify signatures |
 Registration runs automatically after login/register via `AuthenticationService`.
 ## Degraded-mode behavior
 - Outgoing revision signing is **best-effort**: if `Ed25519` signing fails, the client still broadcasts the legacy `chat-message` envelope (unsigned revision).
 - Incoming signed revisions are accepted without cryptographic verification when the sender's public key is not yet registered on the server, so chat is not blocked during key-registration races.
 ## Testing
 - Unit: `message-integrity.rules.spec.ts`, `message-revision.builder.rules.spec.ts`, `message-revision-signing.rules.spec.ts`, `message-sync.rules.spec.ts`, `messages-incoming.handlers.spec.ts`
 - Outgoing revision wiring is covered indirectly through existing message effect tests; add focused specs when changing merge or signing behavior.
--- a/agents-docs/features/mobile-capacitor.md
+++ b/agents-docs/features/mobile-capacitor.md
@@ -0,0 +1,250 @@
 # Mobile Capacitor
 Cross-context mobile shell for the Angular product client (`toju-app/`). Wraps the existing SPA in Ionic Capacitor native projects (`toju-app/android/`, `toju-app/ios/`) while keeping Capacitor APIs behind `toju-app/src/app/infrastructure/mobile/`.
 ## Responsibilities
 - Detect runtime shell (`browser`, `capacitor`, `electron`) without importing native plugins in domain code. Capacitor packages and adapters load only on `capacitor` shells via dynamic `import()` so Electron/desktop startup never evaluates `@capacitor/*` modules.
 - Expose facades for notifications, in-call controls, media/attachments, stream pop-out, background audio session, CallKit, and native persistence.
 - Integrate with direct-call, voice-workspace, and chat composer flows.
 ## Boundaries
 | Layer | Owns |
 |-------|------|
 | `infrastructure/mobile/` | Platform detection, plugin lazy-loading, web/Capacitor adapters |
 | `infrastructure/persistence/` | `DatabaseService` routing (`browser` / `capacitor-sqlite` / `electron`) |
 | Domains (`direct-call`, `chat`, `voice-session`) | Business orchestration; inject mobile facades only |
 | `core/platform/PlatformService` | Adds `isCapacitor` flag for persistence routing |
 | Capacitor native projects | OS permissions, push certificates, store packaging |
 ## Build & run
 ```bash
 # Production web bundle (Capacitor webDir)
 npm run build:prod
 # Copy web assets into native projects
 npm run cap:sync
 # Open IDE
 npm run cap:open:android
 npm run cap:open:ios
 ### Linux: Android Studio path
 Capacitor defaults to `/usr/local/android-studio/bin/studio.sh`. If Android Studio is installed elsewhere (common with **Flatpak** from Flathub), `npm run cap:open:android` uses `tools/resolve-android-studio-path.js` to locate `studio.sh` (Flatpak `active` symlink, Toolbox, snap, `/opt`, etc.). Override anytime with `CAPACITOR_ANDROID_STUDIO_PATH`.
 # Convenience (build + sync + open)
 npm run cap:build:android
 npm run cap:build:ios
 # CI / Linux: production web bundle + Capacitor sync + Gradle debug APK
 npm run cap:apk:android
 # → toju-app/android/app/build/outputs/apk/debug/app-debug.apk
 ```
 Config: `toju-app/capacitor.config.ts` (`webDir: ../dist/client/browser`).
 ### CI (Gitea)
 Release workflow `.gitea/workflows/release-draft.yml` builds a debug Android APK on every push to `main` / `master` (job `build-android`), stages it as `Toju-<version>-android-debug.apk`, and uploads it to the same draft Gitea release as the desktop `.exe` / `.deb` assets via `tools/gitea-release.js`.
 Manual-only workflow `.gitea/workflows/build-android-apk.yml` (**workflow_dispatch**) repeats the same build and release upload on demand from any branch.
 Both jobs install JDK 21 and Android SDK platform 36 inside the `node:22` container and run `tools/build-android-apk.sh`. No signing keystore is configured — output is a **debug** APK suitable for sideloading and QA.
 Optional `google-services.json` is not injected in CI; push registration in artifact builds follows the same optional-Firebase behavior as local unsigned debug builds.
 After dependency or plugin changes, run `npm run build:prod && npm run cap:sync` so native projects register `@capacitor/app`, `@capacitor-community/sqlite`, `@capawesome/capacitor-app-update`, push plugins, and `MetoyouMobile`.
 ## Feature status
 | Feature | Status | Notes |
 |---------|--------|-------|
 | Push/local notifications | **Working (partial)** | Local notifications always available; remote push (FCM/APNs) registers only when Firebase/APNs is configured — app starts normally without `google-services.json` |
 | Server push dispatch | **Working (configured)** | Tokens persist in server SQLite; outbound FCM/APNs via env credentials |
 | In-call notifications | **Working (Capacitor)** | Persistent notification with answer/mute/hang-up actions |
 | Stream pop-out (PiP) | **Working (partial)** | Document PiP when WebView supports it; Android native PiP fallback via `MetoyouMobile` plugin |
 | Background voice | **Working (partial)** | Android foreground service; iOS `UIBackgroundModes` audio + CallKit active-call bridge |
 | iOS CallKit | **Working (partial)** | `MetoyouMobile.startCallKitSession` reports active calls; requires Xcode target wiring after `cap:sync` |
 | Screensharing | **Limited** | Disabled on iOS WebView; Android `getDisplayMedia` may work |
 | Composer attachments | **Working** | Mobile attachment button + hidden file input |
 | Camera sharing | **Working** | Existing `getUserMedia` camera path in WebRTC stack |
 | Speakerphone | **Working (partial)** | Android `AudioManager` via `MetoyouMobile`; iOS `@capgo/capacitor-audio-session`; direct-call speaker toggle on native mobile |
 | Local DB (SQLite) | **Working** | `DatabaseService` routes Capacitor shells to `CapacitorDatabaseService` (native SQLite CRUD) |
 | Store app updates | **Working (partial)** | `@capawesome/capacitor-app-update` via `MobileAppUpdateService`; Android in-app updates when Play allows, iOS opens App Store |
 ## Platform limitations
 - **iOS background WebRTC:** OS may still suspend peer connections when backgrounded despite `audio` background mode and CallKit reporting.
 - **iOS CallKit:** Plugin Swift source ships in `ios/App/App/MetoyouMobilePlugin.swift`; add it to the Xcode target if not auto-linked. Incoming-call UI is not fully bridged to WebRTC answer/hang-up yet.
 - **iOS screenshare:** `getDisplayMedia` is not available in WKWebView.
 - **Android PiP:** Native PiP enters activity-level PiP; WebView video may not always render inside PiP on all OEM WebViews.
 - **Production discovery:** `signal.toju.app` may not expose `/api/servers/featured` or `/trending`; client skips those calls for known hosts.
 - **Push delivery:** Requires FCM service account and APNs key configuration on the signaling server.
 ## Push notification setup (FCM / APNs)
 ### Android (FCM)
 The app starts without Firebase. `MobilePushRegistrationService` probes `MetoyouMobile.isRemotePushConfigured()` (Firebase `FirebaseApp` on Android) before calling `PushNotifications.register()`; when unconfigured it logs a single warning and skips registration.
 1. Create a Firebase project and add an Android app with package `com.metoyou.app`.
 2. Copy `toju-app/android/app/google-services.json.example` to `google-services.json` (gitignored) and fill in your Firebase values.
 3. Run `npm run cap:sync` so the Google Services Gradle plugin applies when the file is present (`build.gradle` applies it only when the JSON exists).
 4. Rebuild with `npm run cap:build:android`.
 5. Ensure `POST_NOTIFICATIONS`, `RECORD_AUDIO`, `MODIFY_AUDIO_SETTINGS`, `CAMERA`, and foreground-service permissions are granted on Android 13+.
 6. Verify `MobilePushRegistrationService` logs a registration token after login.
 ### Android runtime permissions (voice / camera)
 Capacitor's WebView requests `RECORD_AUDIO` **and** `MODIFY_AUDIO_SETTINGS` together for microphone capture. If `MODIFY_AUDIO_SETTINGS` is missing from `AndroidManifest.xml`, users can accept the prompt and `getUserMedia` still fails.
 Declared in `toju-app/android/app/src/main/AndroidManifest.xml`:
 | Permission | Purpose |
 |------------|---------|
 | `RECORD_AUDIO` | Microphone capture for voice calls and channels |
 | `MODIFY_AUDIO_SETTINGS` | Required by Capacitor WebChromeClient alongside `RECORD_AUDIO` |
 | `CAMERA` | WebRTC camera sharing and WebView file capture |
 | `BLUETOOTH_CONNECT` | Bluetooth headset routing during calls (Android 12+) |
 | `POST_NOTIFICATIONS` | Incoming/active call notifications |
 | `FOREGROUND_SERVICE` / `FOREGROUND_SERVICE_MICROPHONE` | Background voice session |
 Before WebRTC capture, the client calls `MobileMediaService.ensureVoiceCapturePermissions()` / `ensureCameraCapturePermissions()`, which delegate to `MetoyouMobile.requestVoiceCapturePermissions()` / `requestCameraCapturePermissions()` on Capacitor shells.
 ### iOS (APNs)
 1. Enable Push Notifications capability in Xcode for the `App` target.
 2. Upload your APNs key/certificate in Apple Developer portal.
 3. `Info.plist` includes `remote-notification`, `audio`, and `voip` background modes.
 4. Run on a physical device; simulator push registration is limited.
 ### Server token storage & dispatch
 Clients POST:
 ```http
 POST /api/users/device-tokens
 Content-Type: application/json
 { "userId": "<uuid>", "platform": "android|ios", "token": "<fcm-or-apns-token>" }
 ```
 Tokens persist in server SQLite (`device_tokens` table). Outbound push uses repository-root `.env` credentials:
 | Variable | Purpose |
 |----------|---------|
 | `FCM_SERVICE_ACCOUNT_PATH` or `FCM_SERVICE_ACCOUNT_JSON` | Android FCM HTTP v1 |
 | `APNS_KEY_PATH`, `APNS_KEY_ID`, `APNS_TEAM_ID` | iOS APNs HTTP/2 |
 | `APNS_BUNDLE_ID` | Defaults to `com.metoyou.app` |
 | `APNS_USE_SANDBOX` | `true` for development builds |
 Manual dispatch (ops/testing):
 ```http
 POST /api/users/device-tokens/:userId/dispatch
 { "title": "Incoming call", "body": "Alice is calling" }
 ```
 ## Android foreground service
 `VoiceCallForegroundService` starts when `MobileCallSessionService` begins an active call. Required manifest permissions:
 - `FOREGROUND_SERVICE`
 - `FOREGROUND_SERVICE_MICROPHONE`
 - `RECORD_AUDIO`
 - `MODIFY_AUDIO_SETTINGS`
 - `POST_NOTIFICATIONS`
 The service shows a low-importance ongoing notification while a call is active.
 ## SQLite persistence (Capacitor)
 - Schema rules: `infrastructure/mobile/logic/mobile-sqlite-schema.rules.ts` (mirrors Electron entities).
 - Statement execution: `infrastructure/mobile/logic/mobile-sqlite-execute.rules.ts` — `@capacitor-community/sqlite` `execute()` accepts **one** SQL statement per call; migrations run each DDL statement separately (never concatenated).
 - Row mapping: `infrastructure/mobile/logic/mobile-sqlite-row-mapper.rules.ts`.
 - CRUD service: `infrastructure/persistence/capacitor-database.service.ts`.
 - Routing: `infrastructure/persistence/database-backend.rules.ts` — Capacitor uses SQLite, not IndexedDB.
 - Per-user database files: `metoyou__<userId>` via `mobile-sqlite-database-name.rules.ts`.
 - First launch runs DDL migrations stored in the `meta` table. Schema init failures are cached per database file so the client does not retry in a loop.
 ## Capacitor plugin loading
 - `infrastructure/mobile/adapters/capacitor/capacitor-plugin-loader.ts` uses **static** `@capacitor/*` imports and `Capacitor.isPluginAvailable()` before returning a plugin. Do not `import()` plugin modules dynamically or `await` plugin objects (Capacitor proxies expose a throwing `.then()` stub).
 - After adding or upgrading Capacitor plugins, run `npm run build:prod && npm run cap:sync` so Android/iOS native projects register `App`, `AppUpdate`, `LocalNotifications`, push, and SQLite.
 ## Safe area (Android)
 - Capacitor `SystemBars` injects `--safe-area-inset-*` CSS variables into `document.documentElement`. `index.html` sets `viewport-fit=cover` and default inset values; `main.ts` calls `applyMobileSafeAreaDefaults()` so injection never hits a missing root element after the WebView loads.
 - `capacitor.config.ts` sets `plugins.SystemBars.insetsHandling: 'css'` so Android WebView versions that mis-report `env(safe-area-inset-*)` still receive correct insets.
 - Global `styles.scss` applies inset padding on `html` (with `env()` fallback) and sizes `app-root` to `height: 100%` so content stays below the status bar and above the navigation bar in edge-to-edge mode.
 ## Self-hosted HTTPS signal servers (Android)
 Electron and desktop browsers accept the repo's self-signed `.certs/localhost.crt` because Electron runs with `ignore-certificate-errors` when `SSL=true`, and browsers let users bypass the warning once. **Android WebView does neither** — it only trusts system CAs (release) or system + user-installed CAs (debug builds).
 | Runtime | Trust behavior |
 |---------|----------------|
 | Electron (`SSL=true`) | Ignores certificate errors (`electron/app/flags.ts`) |
 | Browser | User accepts warning or imports CA |
 | Android debug APK | System CAs + **user-installed CAs** (`src/debug/res/xml/network_security_config.xml`) |
 | Android release APK | **System CAs only** — use Let's Encrypt or another public CA |
 ### Certificate requirements
 1. **Trust:** Install `.certs/localhost.crt` on the Android device as a **CA certificate** (Settings → Security → Encryption & credentials → Install a certificate → CA certificate). Debug APKs pick this up automatically; release builds ignore user CAs.
 2. **SAN:** The cert must list every host clients use. Regenerate with the server IP in the SAN when connecting by IP:
   ```bash
   rm -rf .certs
   SERVER_IP=46.59.68.77 ./generate-cert.sh
   ```
   Restart the signaling server after regenerating certs.
 3. **HTTPS only:** `AndroidManifest.xml` sets `android:usesCleartextTraffic="false"`. Server URLs must use `https://` (matching `environment.ts` / saved server endpoints).
 ### Troubleshooting
 | Symptom | Likely cause |
 |---------|----------------|
 | `ERR_CERT_AUTHORITY_INVALID` / silent fetch failure | CA not installed on device, or testing a **release** APK with a self-signed cert |
 | `ERR_CERT_COMMON_NAME_INVALID` | Cert SAN missing the IP/hostname (regenerate with `SERVER_IP`) |
 | `ERR_CONNECTION_REFUSED` | Port unreachable from the phone (firewall, NAT, server not listening on `0.0.0.0`) — verify with `curl -k https://46.59.68.77:3001/api/health` from the device browser first |
 | Works in Chrome on phone, fails in app | Chrome may use a different trust store path; ensure the CA is installed at the **system** level, not only per-browser |
 Network security configs:
 - `android/app/src/main/res/xml/network_security_config.xml` — release (system CAs, no cleartext)
 - `android/app/src/debug/res/xml/network_security_config.xml` — debug (+ user CAs for dev)
 **Do not commit** `.certs/*.crt`, `.certs/*.key`, or device-specific credential files.
 ## Integration points
 - `DirectCallService` — incoming/active call notifications, ring-queue on user hydration, notification action routing.
 - `PrivateCallComponent` — speakerphone toggle on native mobile shells.
 - `ChatMessageComposerComponent` — `shouldShowAttachmentButton` + `pickAttachmentsFromDevice()`.
 - `VoiceWorkspaceStreamTileComponent` — PiP when focused stream tile backgrounds.
 - `MobileCallSessionService` — CallKit + foreground service + in-call notifications.
 - `App` bootstrap — initializes mobile persistence, lifecycle, app-update polling, call-session, and push registration wiring.
 - `MobileAppUpdateService` — periodic Play Store / App Store checks (30 min) and settings UI actions; mirrors Electron `DesktopAppUpdateService` polling but uses native store APIs instead of release manifests.
 ## Phase 3 completion notes
 Phase 3 delivered:
 1. Full `CapacitorDatabaseService` CRUD with `DatabaseService` routing on `isCapacitor`.
 2. Server SQLite persistence for device tokens plus FCM/APNs outbound dispatch.
 3. iOS CallKit bridge (partial) via `MetoyouMobile` plugin and `MobileCallKitService`.
 4. Android Firebase Gradle wiring with `google-services.json.example` (real file gitignored).
 5. Capacitor plugin availability checks to avoid hard failures when plugins are missing pre-sync.
 6. Discovery endpoint skip for production signal hosts without featured/trending routes.
 Remaining work:
 - Wire CallKit answer/end actions back into `DirectCallService`.
 - Migrate legacy IndexedDB mobile data into SQLite where needed.
 - Deploy featured/trending routes to production signal servers or add capability negotiation in health checks.
--- a/agents-docs/features/server-discovery.md
+++ b/agents-docs/features/server-discovery.md
@@ -0,0 +1,79 @@
 # Server Discovery
 > **Area:** server-directory
 > **Status:** Active
 > **Last updated:** 2025-02-14
 ## Overview
 Server discovery lets a signed-in user find public servers to join without knowing an exact name. It spans the signaling **server** (REST routes + CQRS query handlers that rank public servers) and the product **client** (`server-directory` domain API/facade plus the `/dashboard` landing and `/servers` browse page). It complements the existing free-text `GET /api/servers` search with two curated lists — **featured** and **trending**.
 ## Responsibilities
 - Server: rank and return public servers as **featured** (most-populated) and **trending** (most-recently-active) lists, capped per request.
 - Client: fetch those lists through `ServerDirectoryFacade` and render them via the reusable `app-server-browser` component on `/servers` and `/dashboard`.
 - It does NOT own: free-text search (`GET /api/servers`), join/access checks (`/api/servers/:id/join`), invites, or room signal-affinity. Discovery is read-only browsing; joining flows through existing paths.
 ## Key concepts
 - **Featured**: public servers ranked by membership count descending, ties broken by most recent `lastSeen` (`rankFeaturedServers`).
 - **Trending**: public servers ranked by most recent `lastSeen` descending, ties broken by membership count (`rankTrendingServers`).
 - **Discovery limit**: each route clamps `limit` to `[1, 50]` (`parseDiscoveryLimit`), default `12`.
 ---
 ## API Endpoints
 Both endpoints live in `server/src/routes/servers.ts` and **must be registered before** the parameterised `/:id` route, otherwise Express resolves `featured`/`trending` as a server id.
 ### `GET /api/servers/featured`
 - **Method**: GET
 - **Authentication**: None (public discovery)
 - **Rate Limiting**: No
 - **Query params**: `limit` (optional integer; clamped to `[1, 50]`, default `12`)
 ### `GET /api/servers/trending`
 - **Method**: GET
 - **Authentication**: None (public discovery)
 - **Rate Limiting**: No
 - **Query params**: `limit` (optional integer; clamped to `[1, 50]`, default `12`)
 ### Response Schema (both)
 ```json
 {
  "servers": "ServerInfo[] — enriched public servers (icon, channels, sourceId/sourceName/sourceUrl filled by the client API layer)",
  "total": "number — count of servers returned",
  "limit": "number — the effective clamped limit"
 }
 ```
 `ServerInfo` matches the shape returned by `GET /api/servers` search results, so the client normalises and renders all three lists identically.
 ### Error Responses
 - **500 Internal Server Error**: query handler / persistence failure.
 ---
 ## Server internals
 - Routes delegate to CQRS query handlers `handleGetFeaturedServers` / `handleGetTrendingServers` (`server/src/cqrs/queries/handlers/`), dispatched via `GetFeaturedServers` / `GetTrendingServers` query types.
 - Ranking lives in `server/src/cqrs/queries/handlers/server-ranking.util.ts` (`rankFeaturedServers`, `rankTrendingServers`, `loadMembershipCounts`). Membership counts load in a single grouped query.
 - Results pass through the same `enrichServer()` step as search before serialisation.
 ## Client internals
 - `ServerDirectoryApiService.getFeaturedServers()` / `getTrendingServers()` call the routes through a shared private `getDiscoveryServers(path)` helper and normalise into `ServerInfo[]`.
 - `ServerDirectoryService` → `ServerDirectoryFacade` expose `getFeaturedServers()` / `getTrendingServers()` as the domain boundary.
 - `FindServersComponent` (`/servers`) composes **Recently active** (the user's saved rooms, capped at 6), **Featured**, and **Trending** sections, all rendered through `app-server-browser` with `[showMyServers]="true"`.
 - `DashboardComponent` (`/dashboard`) is a single-column landing page (max-width centered, no in-page sidebars): a header greeting (no emoji), a global search with `Ctrl+K` focus and localStorage-backed **Recent Searches** chips shown beneath it, three primary action cards (Find People → `/people`, Find Servers → `/servers`, Create Server → `/create-server` — one link each), and discovery panels **People you might know**, **Popular Servers**, **Your Friends**, and **Recently Active Servers**. Each list is capped at 5 (`DISCOVERY_LIMIT`). It loads `popularServers` on init from `getFeaturedServers(5)`, falling back to `getTrendingServers(5)` when featured is empty; reuses `app-friend-button` for Add and `app-user-avatar` for people rows. `peopleYouMightKnow` excludes existing friends (via `FriendService.friendIds()`); `friends` lists discovered people who are friends. "See all" header links route to the matching `/people` or `/servers` page (no duplicated footer links). Recent searches are recorded on Enter (deduped, most-recent-first, capped at 8) and persisted under `metoyou_dashboard_recent_searches`.
 - The servers-rail top button (`servers-rail.component`) is the **Dashboard** button (`lucideLayoutDashboard`, `title="Dashboard"`); its `goToDashboard()` handler deselects any active voice server and navigates to `/dashboard`. A **Create a server** button (`lucidePlus`, `data-testid="server-rail-create"`) sits below the saved-server icons and opens `app-create-server-dialog` (a Toju modal on desktop / bottom sheet on mobile) which dispatches `RoomsActions.createRoom` directly; the dashboard / `/create-server` route remains as an alternative entry point. Rail icons (`h-12 w-12`, `md:h-11 w-11`) animate their corner radius on hover and `:active` for a Discord-style squircle effect.
 - On mobile (`ViewportService.isMobile()`), `DashboardComponent`, `FindPeopleComponent` (`/people`), and `FindServersComponent` (`/servers`) each mount their page body inside a single `<swiper-container>` slide next to `app-servers-rail` (rail `shrink-0`, content `flex-1` with a left border), mirroring the chat-room / DM-workspace mobile layout so the primary navigation rail stays reachable. The page body is shared between the desktop and mobile branches via an `<ng-template #pageContent>` + `[ngTemplateOutlet]`, and each component declares `schemas: [CUSTOM_ELEMENTS_SCHEMA]` for the Swiper custom elements.
 ## Related
 - Product-client domain README: `toju-app/src/app/domains/server-directory/README.md`
 - People discovery (`/people`): `toju-app/src/app/domains/direct-message/README.md`
--- a/agents-docs/features/signal-server-tag.md
+++ b/agents-docs/features/signal-server-tag.md
@@ -0,0 +1,22 @@
 # Signal Server Tag
 Users registered on a signal server can show that server's display tag on their profile card (opened by clicking their name or avatar).
 ## Server configuration
 `server/data/variables.json` accepts an optional `serverTag` string. When omitted, the server falls back to its public URL built from `serverProtocol`, `serverHost`, and `serverPort`.
 ## Health API
 `GET /api/health` includes `serverTag` so clients can cache the display label per configured endpoint.
 ## WebSocket presence
 The client sends `homeSignalServerUrl` in `identify` messages. The signaling server echoes that value in `server_users` and `user_joined` payloads so other clients can resolve the correct tag.
 ## Client behavior
 - Login and registration store `homeSignalServerUrl` on the current user.
 - Profile cards show the resolved tag beside the username in muted text.
 - Configured labels render as `#tag`; URL fallbacks render as a globe icon with the URL in a tooltip.
 - Tag resolution prefers the endpoint's cached `serverTag` from health checks, then falls back to the stored home URL.
--- a/docs-site/CONTEXT.md
+++ b/docs-site/CONTEXT.md
@@ -0,0 +1,44 @@
 # Application Documentation (docs-site)
 Owns the Docusaurus-based application and plugin-author documentation. The build output (`docs-site/build/`) is bundled into the Electron app and served by the Local API server at runtime, so documentation is available offline inside the desktop client.
 > **Format reference:**
 > - **Vocabulary** — bold term, one-sentence definition, aliases to avoid.
 > - **Relationships** — bullets with bold terms and cardinality.
 > - **Boundaries / IO** — what this subdomain exposes and consumes.
 > - **Invariants** — rules that always hold.
 > - **Flagged ambiguities** — terms in dispute with proposed resolutions.
 >
 > See `agents-docs/AGENTS_CONTEXT.md` for the contract. Update in the same turn a trigger fires (see `agents-docs/AGENT_WORKFLOW.md` § CONTEXT.md upkeep).
 ## Vocabulary
 | Term | Definition | Aliases to avoid |
 |------|------------|------------------|
 | **App docs** | End-user-facing documentation for the Toju desktop client. | "manual" |
 | **Plugin docs** | Developer-facing reference for the plugin runtime — manifest format, lifecycle hooks, host APIs. Authoritative source for the plugin contract surface. | "API docs" |
 | **Local API server** | The Electron in-process HTTP server that mounts `docs-site/build/` so the renderer can browse docs offline. Defined under `electron/api/`. | "embedded server" |
 ## Relationships
 - **Plugin docs** describe contracts implemented in `toju-app/src/app/shared-kernel/plugin-system.contracts.ts` (renderer side) and `electron/plugin-library.ts` (host side) — keep them in lockstep with code changes.
 - The **build output** at `docs-site/build/` is a deploy artifact for the **electron** Local API server; `npm run build:all` requires `npm run build:docs` to have run.
 - The site is also deployed publicly via `.gitea/workflows/deploy-web-apps.yml` for browsing outside the app.
 ## Boundaries / IO
 - **Exposes:** static Docusaurus bundle at `docs-site/build/`, mounted by Electron's Local API server and also deployed as a public static site.
 - **Consumes:** Markdown sources under `docs-site/docs/`, plus any code-derived references (e.g. OpenAPI documents from `electron/api/openapi.ts`).
 ## Invariants
 - Plugin-contract documentation must match the code; if the manifest schema or lifecycle changes, **plugin docs** and `agents-docs/features/<plugin-doc>.md` both update in the same task.
 - Build artifacts (`docs-site/build/`) are generated, not committed.
 ## Flagged ambiguities
 - _None recorded yet._
 ---
 *Agent-procedural rules (TDD, lint, build) live in `/AGENTS.md`. This file is the bounded-context domain artefact for the documentation site.*
--- a/docs-site/docs/desktop-and-local-api.md
+++ b/docs-site/docs/desktop-and-local-api.md
@@ -0,0 +1,75 @@
 ---
 sidebar_position: 3
 ---
 # Desktop and Local API
 ## Electron Hosting Model
 The desktop app hosts local documentation through the existing Electron Local API server. This server is implemented with Node's `http` module in the Electron main process and uses async request handlers for routing, file reads, and streamed responses.
 The endpoint is manually activated. Opening the Docusaurus docs from the desktop title bar enables the local server and docs endpoint if necessary, then opens the system browser to the generated static site.
 This avoids:
 - starting a Docusaurus development server inside Electron;
 - blocking the renderer thread;
 - serving docs from a remote host;
 - exposing the endpoint unless the user chooses to activate it.
 ## Local Server Settings
 | Setting | Default | Meaning |
 | --- | --- | --- |
 | `enabled` | `false` | Starts or stops the local HTTP server. |
 | `port` | `17878` | Listening port. |
 | `exposeOnLan` | `false` | Uses `127.0.0.1` by default; when true, binds to `0.0.0.0`. |
 | `scalarEnabled` | `false` | Enables `/docs` for the Scalar OpenAPI reference. |
 | `docusaurusEnabled` | `false` | Enables `/docusaurus` for the built Docusaurus documentation. |
 | `allowedSignalingServers` | `[]` | Server URLs allowed for Local API login. |
 ## Routes
 | Endpoint | Purpose | Auth |
 | --- | --- | --- |
 | `GET /api/health` | Liveness, app version, timestamp, and LAN exposure status. | No |
 | `GET /api/openapi.json` | OpenAPI 3.1 document for local automation clients. | No |
 | `GET /docs` | Scalar API reference when Scalar docs are enabled. | No |
 | `GET /docusaurus` | Docusaurus documentation entrypoint when Docusaurus docs are enabled. | No |
 | `GET /docusaurus/*` | Static Docusaurus assets and pages. | No |
 | `POST /api/auth/login` | Exchanges username, password, and allowed signaling server URL for a local bearer token. | No |
 | `POST /api/auth/logout` | Revokes the current local bearer token. | Bearer |
 | `GET /api/profile` | Reads the current local user profile. | Bearer |
 | `GET /api/rooms` | Lists rooms known to this device. | Bearer |
 | `GET /api/rooms/{roomId}/messages` | Reads local room messages with `limit` and `offset`. | Bearer |
 ## Authentication Flow
 1. Add trusted signaling server URLs in desktop settings.
 2. Start the Local API server.
 3. Call `POST /api/auth/login` with `username`, `password`, and `serverUrl`.
 4. Toju validates credentials through the signaling server.
 5. The desktop app issues an opaque local bearer token.
 6. Use `Authorization: Bearer <token>` for protected routes.
 Bearer tokens are local to the running desktop app and are cleared when the Local API server stops.
 ## Static Documentation Build
 Docusaurus is a static site generator. The repo builds `docs-site/` into `docs-site/build/`, and Electron serves those files from the local API server.
 Development commands:
 ```bash
 cd docs-site
 npm install
 npm run start
 ```
 Build command:
 ```bash
 npm run build:docs
 ```
 Packaged desktop builds include the generated static output as an Electron extra resource.
--- a/docs-site/docs/developer/contributing.md
+++ b/docs-site/docs/developer/contributing.md
@@ -0,0 +1,87 @@
 ---
 sidebar_position: 1
 ---
 # Contributing
 Toju is an npm-managed monorepo.
 ## Packages
 | Path | Purpose |
 | --- | --- |
 | `toju-app/` | Angular renderer, chat client, voice UI, plugin runtime. |
 | `electron/` | Electron main process, preload bridge, local database, local REST API, docs host. |
 | `server/` | Node/TypeScript signaling server and server-directory HTTP API. |
 | `website/` | Angular marketing site. |
 | `docs-site/` | Docusaurus documentation site. |
 | `e2e/` | Playwright browser and WebRTC tests. |
 ## Setup
 Install root dependencies:
 ```bash
 npm install
 ```
 Install server dependencies when working on the signaling server:
 ```bash
 cd server
 npm install
 ```
 ## Development Commands
 From the repository root:
 ```bash
 npm run dev
 ```
 Useful focused commands:
 ```bash
 npm run build
 npm run build:electron
 npm run build:docs
 npm run server:build
 npm run lint
 npm run test
 npm run test:e2e -- tests/chat-dm-flow.spec.ts
 ```
 Run the Docusaurus dev server:
 ```bash
 cd docs-site
 npm install
 npm run start
 ```
 Build static docs for Electron packaging:
 ```bash
 npm run build:docs
 ```
 ## Repository Rules
 - Keep changes inside the package that owns the behavior.
 - Do not edit generated output in `dist/`, `dist-electron/`, `dist-server/`, `server/dist/`, `.angular/`, or `node_modules/`.
 - Renderer-facing Electron capabilities must stay aligned across implementation, preload, and renderer bridge types.
 - Signal-server plugin support stores metadata only. Plugin execution belongs to the client runtime.
 - Update this documentation when user workflows, plugin APIs, REST routes, DOM structure, or development commands change.
 ## Documentation Checklist
 When you change a related area, update these pages:
 | Change | Docs to check |
 | --- | --- |
 | Voice UI or settings | User Guide: Voice Channels and Calls, Developer Guide: App Pages and DOM Structure. |
 | Text channels, messages, DMs | User Guide: Text and Direct Messages, plugin message API pages. |
 | Plugin manifest/API/runtime | Plugin Development pages and LLM Plugin Builder Guide. |
 | Local REST API routes or schemas | Developer Guide: Local REST API and `electron/api/openapi.ts`. |
 | Docusaurus hosting | Developer Guide: Docusaurus Site and Desktop and Local API. |
--- a/docs-site/docs/developer/docusaurus-site.md
+++ b/docs-site/docs/developer/docusaurus-site.md
@@ -0,0 +1,65 @@
 ---
 sidebar_position: 2
 ---
 # Docusaurus Site
 The Docusaurus documentation lives in `docs-site/` and builds to static files in `docs-site/build/`.
 ## Structure
 ```text
 docs-site/
  docusaurus.config.ts
  sidebars.ts
  docs/
    intro.md
    user-guide/
    developer/
    plugin-development/
  src/css/custom.css
 ```
 ## Development
 Use the Docusaurus development server while writing docs:
 ```bash
 cd docs-site
 npm run start
 ```
 Build the static site:
 ```bash
 npm run build
 ```
 From the repo root, use:
 ```bash
 npm run build:docs
 ```
 ## Electron Hosting
 Electron serves the built site through the local API server when Docusaurus docs are enabled.
 | Route | Purpose |
 | --- | --- |
 | `/docusaurus` | Docusaurus entrypoint. |
 | `/docusaurus/*` | Static Docusaurus assets and generated pages. |
 The endpoint is off until the user opens documentation from the desktop app or enables it through local API settings. Electron serves static files only; it does not run `docusaurus start`.
 ## Sidebar Rules
 Navigation is controlled by `docs-site/sidebars.ts`. Add every new page there unless it is intentionally hidden. Use categories for larger sections so non-technical users can find the user guide separately from developer material.
 ## Content Rules
 - User docs should avoid implementation jargon.
 - Developer docs should name exact files, commands, routes, capabilities, and data shapes.
 - Plugin API examples should use literal sample input data.
 - REST docs should stay aligned with `electron/api/openapi.ts` and `electron/api/router.ts`.
 - DOM docs should stay aligned with Angular routes and component selectors.
--- a/docs-site/docs/developer/dom-structure.md
+++ b/docs-site/docs/developer/dom-structure.md
@@ -0,0 +1,146 @@
 ---
 sidebar_position: 3
 ---
 # App Pages and DOM Structure
 This page maps the app routes and important DOM areas. It is useful for plugin authors, testers, and contributors who need stable mental models of where UI mounts.
 ## Angular Routes
 | Route                        | Component                 | Purpose                                                               |
 | ---------------------------- | ------------------------- | --------------------------------------------------------------------- |
 | `/`                          | Redirect                  | Redirects to `/search`.                                               |
 | `/login`                     | `LoginComponent`          | User login.                                                           |
 | `/register`                  | `RegisterComponent`       | User registration.                                                    |
 | `/invite/:inviteId`          | `InviteComponent`         | Resolve and accept invite links.                                      |
 | `/search`                    | `ServerSearchComponent`   | Search and join servers.                                              |
 | `/room/:roomId`              | `ChatRoomComponent`       | Main server page with text, voice, members, and plugin panels.        |
 | `/dm`                        | `DmWorkspaceComponent`    | Direct-message workspace.                                             |
 | `/dm/:conversationId`        | `DmWorkspaceComponent`    | A selected direct-message conversation.                               |
 | `/settings`                  | `SettingsComponent`       | App, voice, server, plugin, desktop, theme, local API settings.       |
 | `/plugin-store`              | `PluginStoreComponent`    | Browse plugin sources and install/update plugins.                     |
 | `/plugins/:pluginId/:pageId` | `PluginPageHostComponent` | Host for plugin app pages registered with `api.ui.registerAppPage()`. |
 ## Page Shell
 The renderer is an Angular app. The common shell contains router outlet content plus persistent app surfaces such as the server rail, title bar integrations, settings modals, and floating voice controls.
 High-level structure:
 ```html
 <app-root>
  <router-outlet></router-outlet>
  <!-- global dialogs, overlays, floating voice controls, and desktop integrations -->
 </app-root>
 ```
 ## Server Page DOM
 The server page is the most important page for plugins.
 ```html
 <app-chat-room>
  <app-servers-rail></app-servers-rail>
  <app-rooms-side-panel>
    <section>Text Channels</section>
    <section>Voice Channels</section>
    <section data-testid="plugin-room-side-panel">
      <button>View plugins</button>
      <app-plugin-render-host></app-plugin-render-host>
    </section>
    <section>Members</section>
  </app-rooms-side-panel>
  <main>
    <app-voice-workspace></app-voice-workspace>
    <app-chat-messages>
      <app-message-list></app-message-list>
      <app-typing-indicator></app-typing-indicator>
      <app-message-composer></app-message-composer>
      <app-klipy-gif-picker></app-klipy-gif-picker>
    </app-chat-messages>
  </main>
 </app-chat-room>
 ```
 ## Text Channel Area
 Text channel UI is owned by the chat domain.
 ```html
 <app-chat-messages>
  <app-message-list>
    <app-message-item></app-message-item>
  </app-message-list>
  <app-message-overlays></app-message-overlays>
  <app-typing-indicator></app-typing-indicator>
  <app-message-composer></app-message-composer>
 </app-chat-messages>
 ```
 Plugin touchpoints:
 - `api.ui.registerComposerAction()` adds composer actions.
 - `api.ui.registerEmbedRenderer()` renders declared custom embed payloads.
 - `api.ui.mountElement()` can mount into a selector such as `app-chat-messages` when the plugin has `ui.dom`.
 ## Voice Area
 Voice UI is split between channel membership, controls, and media workspace.
 ```html
 <app-rooms-side-panel>
  <section>Voice Channels</section>
 </app-rooms-side-panel>
 <app-voice-controls></app-voice-controls>
 <app-floating-voice-controls></app-floating-voice-controls>
 <app-voice-workspace>
  <app-voice-workspace-stream-tile></app-voice-workspace-stream-tile>
 </app-voice-workspace>
 ```
 Plugin touchpoints:
 - `api.media.playAudioClip()` plays local audio.
 - `api.media.addCustomAudioStream()` contributes audio to voice handling.
 - `api.media.addCustomVideoStream()` contributes a video stream.
 - `api.channels.addAudioChannel()` creates a voice channel entry when the plugin has channel management rights.
 ## Plugin Store and Manager DOM
 ```html
 <app-plugin-store>
  <!-- source management, search, plugin cards, install/update/uninstall actions -->
 </app-plugin-store>
 <app-plugin-manager>
  <!-- installed plugins, capability grants, activate/reload/unload, logs, docs -->
 </app-plugin-manager>
 ```
 Plugin pages registered through `api.ui.registerAppPage()` render at `/plugins/:pluginId/:pageId`:
 ```html
 <app-plugin-page-host>
  <app-plugin-render-host></app-plugin-render-host>
 </app-plugin-page-host>
 ```
 ## Plugin Render Host
 `PluginRenderHostComponent` accepts plugin render functions that return either an `HTMLElement` or a string. Returning an `HTMLElement` is preferred for interactive UI. Returned strings are rendered as simple text content.
 ## Stable Selectors for Tests and Plugins
 Prefer plugin APIs over DOM selectors. When direct DOM mounting is necessary, use stable app selectors and keep cleanup through the returned disposable.
 Common targets:
 | Selector                                 | Area                                                                                                                  |
 | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------- |
 | `body`                                   | Global overlays or modals.                                                                                            |
 | `app-chat-messages`                      | Main text channel surface.                                                                                            |
 | `app-rooms-side-panel`                   | Server side panel.                                                                                                    |
 | `[data-testid="plugin-room-side-panel"]` | Plugin side-panel area in the server sidebar, including the View plugins trigger for `registerToolbarAction()` tiles. |
 Avoid depending on Tailwind utility classes; they are layout details and may change.
--- a/docs-site/docs/developer/llm-plugin-builder-guide.md
+++ b/docs-site/docs/developer/llm-plugin-builder-guide.md
--- a/docs-site/docs/developer/rest-api.md
+++ b/docs-site/docs/developer/rest-api.md
@@ -0,0 +1,300 @@
 ---
 sidebar_position: 4
 ---
 # Local REST API
 The Toju desktop app exposes an optional local HTTP API for scripts and tools. It is implemented in Electron and reads local desktop data.
 ## Enable the API
 1. Open Settings.
 2. Open Local API settings.
 3. Enable the local server.
 4. Choose a port. The default is `17878`.
 5. Add trusted signaling server URLs for authentication.
 6. Enable Scalar docs if you want `/docs`.
 7. Enable Docusaurus docs if you want `/docusaurus`.
 By default the server binds to `127.0.0.1`. Only enable LAN exposure when you understand the risk.
 ## Authentication
 Protected routes require a bearer token. Get one by posting username, password, and an allowed signaling server URL.
 ```bash
 curl -s http://127.0.0.1:17878/api/auth/login \
  -H 'Content-Type: application/json' \
  -d '{
    "username": "alice",
    "password": "correct horse battery staple",
    "serverUrl": "https://tojusignal.example.com"
  }'
 ```
 Example response:
 ```json
 {
  "token": "local_4cddf95c5b8c4b6f9e0c",
  "expiresAt": 1777477200000,
  "user": {
    "id": "user-alice-01",
    "username": "alice",
    "displayName": "Alice"
  }
 }
 ```
 Use the token:
 ```bash
 curl -s http://127.0.0.1:17878/api/profile \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 Logout revokes the current token:
 ```bash
 curl -i -X POST http://127.0.0.1:17878/api/auth/logout \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ## OpenAPI and Scalar
 | Route | Auth | Purpose |
 | --- | --- | --- |
 | `GET /api/openapi.json` | No | OpenAPI 3.1 document. |
 | `GET /docs` | No | Scalar API reference when enabled. |
 ## Public Routes
 ### GET /api/health
 Checks whether the local API server is running.
 ```bash
 curl -s http://127.0.0.1:17878/api/health
 ```
 Example response:
 ```json
 {
  "status": "ok",
  "version": "1.0.0",
  "timestamp": 1777473600000,
  "exposeOnLan": false
 }
 ```
 ### GET /api/openapi.json
 Returns the machine-readable API document.
 ```bash
 curl -s http://127.0.0.1:17878/api/openapi.json
 ```
 ### POST /api/auth/login
 Issues a local bearer token after credentials are validated by an allowed signaling server.
 Request body:
 ```json
 {
  "username": "alice",
  "password": "correct horse battery staple",
  "serverUrl": "https://tojusignal.example.com"
 }
 ```
 Common errors:
 | Status | Error code | Meaning |
 | --- | --- | --- |
 | 400 | `INVALID_REQUEST` | Missing username, password, or server URL. |
 | 403 | `NO_ALLOWED_SERVERS` | No allowed signaling servers are configured. |
 | 403 | `SERVER_NOT_ALLOWED` | The server URL is not in the allowed list. |
 | 401 | `INVALID_CREDENTIALS` | Signaling server rejected the login. |
 | 502 | `UPSTREAM_UNREACHABLE` | The signaling server could not be reached. |
 ## Protected Routes
 All routes below require:
 ```http
 Authorization: Bearer local_4cddf95c5b8c4b6f9e0c
 ```
 ### GET /api/profile
 Reads the current local user profile.
 ```bash
 curl -s http://127.0.0.1:17878/api/profile \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET /api/rooms
 Lists rooms known to this device.
 ```bash
 curl -s http://127.0.0.1:17878/api/rooms \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}`
 Reads one room by id.
 ```bash
 curl -s http://127.0.0.1:17878/api/rooms/room-7ebdde75 \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}/users`
 Lists users known for a room.
 ```bash
 curl -s http://127.0.0.1:17878/api/rooms/room-7ebdde75/users \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}/messages`
 Lists local messages for a room. `limit` defaults to `100` and is clamped from `1` to `500`. `offset` defaults to `0`.
 ```bash
 curl -s 'http://127.0.0.1:17878/api/rooms/room-7ebdde75/messages?limit=50&offset=0' \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}/messages/since`
 Lists local messages after a required timestamp.
 ```bash
 curl -s 'http://127.0.0.1:17878/api/rooms/room-7ebdde75/messages/since?sinceTimestamp=1777470000000' \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}/bans`
 Lists active bans for a room.
 ```bash
 curl -s http://127.0.0.1:17878/api/rooms/room-7ebdde75/bans \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/rooms/{roomId}/bans/{userId}`
 Checks whether a user is banned in a room.
 ```bash
 curl -s http://127.0.0.1:17878/api/rooms/room-7ebdde75/bans/user-muse-01 \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 Example response:
 ```json
 { "isBanned": false }
 ```
 ### GET `/api/messages/{messageId}`
 Reads one local message by id.
 ```bash
 curl -s http://127.0.0.1:17878/api/messages/msg-20260429-001 \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/messages/{messageId}/reactions`
 Lists reactions for a message.
 ```bash
 curl -s http://127.0.0.1:17878/api/messages/msg-20260429-001/reactions \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/messages/{messageId}/attachments`
 Lists attachments for a message.
 ```bash
 curl -s http://127.0.0.1:17878/api/messages/msg-20260429-001/attachments \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET `/api/users/{userId}`
 Reads one user by id.
 ```bash
 curl -s http://127.0.0.1:17878/api/users/user-muse-01 \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET /api/attachments
 Lists all attachments stored on this device.
 ```bash
 curl -s http://127.0.0.1:17878/api/attachments \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 ### GET /api/plugin-data
 Reads a plugin data value from the local desktop database. `scope` must be `local` or `server`. Provide `serverId` when reading server-scoped data.
 ```bash
 curl -s 'http://127.0.0.1:17878/api/plugin-data?pluginId=example.soundboard&key=favorites&scope=server&serverId=room-7ebdde75' \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 Example response:
 ```json
 {
  "value": [
    { "label": "Chime", "url": "https://cdn.example.com/chime.wav" }
  ]
 }
 ```
 ### GET `/api/meta/{key}`
 Reads a desktop metadata value by key.
 ```bash
 curl -s http://127.0.0.1:17878/api/meta/metoyou_currentUserId \
  -H 'Authorization: Bearer local_4cddf95c5b8c4b6f9e0c'
 ```
 Example response:
 ```json
 {
  "key": "metoyou_currentUserId",
  "value": "user-alice-01"
 }
 ```
 ## Data Model Notes
 Rooms, users, messages, reactions, attachments, and bans are returned from local desktop persistence. Many schemas allow additional properties because the local database can carry richer app state than the REST docs need to guarantee.
 ## Security Notes
 - Keep the API bound to `127.0.0.1` unless LAN access is required.
 - Only add signaling servers you trust to the allowed list.
 - Bearer tokens are local to the running desktop app.
 - Stop the local API server to clear issued tokens.
--- a/docs-site/docs/intro.md
+++ b/docs-site/docs/intro.md
@@ -0,0 +1,48 @@
 ---
 slug: /
 sidebar_position: 1
 ---
 # Toju Documentation
 Toju is a desktop-first chat app with text channels, voice channels, direct messages, plugins, local desktop storage, a local REST API, and a Docusaurus documentation site bundled into the app.
 This site is split into three paths:
 - **User Guide** explains the app in non-technical terms: servers, text channels, voice channels, screen sharing, direct messages, plugins, and desktop settings.
 - **Developer Guide** explains how to run the repo, how the app is structured, how Docusaurus is served, the app DOM/page structure, and the local REST API.
 - **Plugin Development** explains how to build plugins, declare capabilities, distribute bundles, and call every exposed plugin API with concrete examples.
 The Electron app can host this documentation locally. The docs endpoint is not a separate web server process: it is served from the same opt-in local HTTP server used for the Local API, and it only serves static files generated by Docusaurus.
 ## What Is Included
 | Area | What it covers |
 | --- | --- |
 | Product client | Login, server discovery, channels, messages, voice, direct messages, themes, and plugin UI. |
 | Desktop shell | Window controls, notifications, tray behavior, app data import/export, updates, local plugins, and hosted documentation. |
 | Local HTTP API | A loopback-first API for local scripts and tools, with OpenAPI and Scalar reference docs. |
 | Plugin runtime | Browser-safe client plugins with explicit capabilities, lifecycle hooks, UI contributions, data storage, message bus, and server plugin requirements. |
 ## Runtime Boundaries
 Toju keeps responsibilities split by package:
 - `toju-app/` is the Angular product client and plugin runtime.
 - `electron/` is the main process, preload bridge, IPC, local persistence, and local HTTP host.
 - `server/` is the signaling and server-directory service.
 - `e2e/` contains Playwright coverage for browser and WebRTC workflows.
 - `docs-site/` is this Docusaurus site.
 The desktop documentation endpoint serves the static `docs-site/build` output. It does not run the Docusaurus development server inside Electron.
 ## Fast Links
 - Start using the app: [First Steps](./user-guide/first-steps.md)
 - Join voice: [Voice Channels and Calls](./user-guide/voice-channels.md)
 - Install plugins: [Plugins for Users](./user-guide/plugins.md)
 - Run the repo: [Contributing](./developer/contributing.md)
 - Understand pages and DOM: [App Pages and DOM Structure](./developer/dom-structure.md)
 - Use the REST API: [Local REST API](./developer/rest-api.md)
 - Build a plugin: [Create a Plugin](./plugin-development/create-a-plugin.md)
 - Give an LLM plugin context: [LLM Plugin Builder Guide](./developer/llm-plugin-builder-guide.md)
--- a/docs-site/docs/plugin-development/api-reference.md
+++ b/docs-site/docs/plugin-development/api-reference.md
@@ -0,0 +1,378 @@
 ---
 sidebar_position: 4
 ---
 # Plugin API Reference
 `TojuClientPluginApi` is the object passed to a plugin activation context. The runtime freezes the API object before passing it to plugin code.
 This page is the compact map. Use the focused API pages for concrete copy-paste examples with literal input data.
 ## Focused API Pages
 - [Context and Logging](./api/context-and-logging.md)
 - [Profile API](./api/profile.md)
 - [Users and Roles API](./api/users-and-roles.md)
 - [Server API](./api/server.md)
 - [Channels API](./api/channels.md)
 - [Messages and Typing API](./api/messages-and-typing.md)
 - [Events API](./api/events.md)
 - [Message Bus API](./api/message-bus.md)
 - [P2P and Media API](./api/p2p-and-media.md)
 - [Storage API](./api/storage.md)
 - [UI API](./api/ui.md)
 ## Activation Types
 ```ts
 interface TojuPluginDisposable {
  dispose: () => void;
 }
 interface TojuPluginActivationContext {
  api: TojuClientPluginApi;
  manifest: TojuPluginManifest;
  pluginId: string;
  subscriptions: TojuPluginDisposable[];
 }
 interface TojuClientPluginModule {
  activate?: (context: TojuPluginActivationContext) => Promise<void> | void;
  deactivate?: (context: TojuPluginActivationContext) => Promise<void> | void;
  onPluginDataChanged?: (context: TojuPluginActivationContext, event: unknown) => Promise<void> | void;
  onServerRequirementsChanged?: (context: TojuPluginActivationContext, snapshot: PluginRequirementsSnapshot) => Promise<void> | void;
  ready?: (context: TojuPluginActivationContext) => Promise<void> | void;
 }
 ```
 ## Profiles
 ```ts
 interface PluginApiProfileUpdate {
  description?: string;
  displayName: string;
 }
 interface PluginApiAvatarUpdate {
  avatarHash: string;
  avatarMime: string;
  avatarUrl: string;
 }
 ```
 | Method                         | Capability      | Description                                       |
 | ------------------------------ | --------------- | ------------------------------------------------- |
 | `profile.getCurrent()`         | `profile.read`  | Returns the current `User` or `null`.             |
 | `profile.update(profile)`      | `profile.write` | Updates display name and optional description.    |
 | `profile.updateAvatar(avatar)` | `profile.write` | Updates avatar URL, MIME type, and hash metadata. |
 ## Users and Roles
 | Method                              | Capability     | Description                       |
 | ----------------------------------- | -------------- | --------------------------------- |
 | `users.getCurrent()`                | `users.read`   | Returns current `User` or `null`. |
 | `users.list()`                      | `users.read`   | Returns known users.              |
 | `users.readMembers()`               | `users.read`   | Returns active room members.      |
 | `users.setRole(userId, role)`       | `roles.manage` | Updates a user's role.            |
 | `users.kick(userId)`                | `users.manage` | Kicks a user.                     |
 | `users.ban(userId, reason?)`        | `users.manage` | Bans a user with optional reason. |
 | `roles.list()`                      | `roles.read`   | Returns room roles.               |
 | `roles.setAssignments(assignments)` | `roles.manage` | Replaces role assignments.        |
 ## Server
 ```ts
 interface PluginApiServerSettingsUpdate {
  description?: string;
  isPrivate?: boolean;
  maxUsers?: number;
  name?: string;
  password?: string;
  topic?: string;
 }
 interface PluginApiPluginUserRequest {
  avatarUrl?: string;
  displayName: string;
  id?: string;
 }
 ```
 | Method                                  | Capability      | Description                                  |
 | --------------------------------------- | --------------- | -------------------------------------------- |
 | `server.getCurrent()`                   | `server.read`   | Returns the current `Room` or `null`.        |
 | `server.registerPluginUser(request)`    | `users.manage`  | Adds a plugin-owned user and returns its id. |
 | `server.updatePermissions(permissions)` | `server.manage` | Updates partial room permissions.            |
 | `server.updateSettings(settings)`       | `server.manage` | Updates room settings.                       |
 ## Channels
 ```ts
 interface PluginApiChannelRequest {
  id?: string;
  name: string;
  position?: number;
 }
 ```
 | Method                              | Capability        | Description                        |
 | ----------------------------------- | ----------------- | ---------------------------------- |
 | `channels.list()`                   | `channels.read`   | Returns current room channels.     |
 | `channels.select(channelId)`        | `channels.read`   | Selects a channel.                 |
 | `channels.addAudioChannel(request)` | `channels.manage` | Adds a voice channel.              |
 | `channels.addVideoChannel(request)` | `channels.manage` | Registers a video channel section. |
 | `channels.rename(channelId, name)`  | `channels.manage` | Renames a channel.                 |
 | `channels.remove(channelId)`        | `channels.manage` | Removes a channel.                 |
 ## Messages
 ```ts
 interface PluginApiMessageAsPluginUserRequest {
  channelId?: string;
  content: string;
  pluginUserId: string;
 }
 ```
 | Method                                     | Capability           | Description                                        |
 | ------------------------------------------ | -------------------- | -------------------------------------------------- |
 | `messages.readCurrent()`                   | `messages.read`      | Returns current visible messages.                  |
 | `messages.send(content, channelId?)`       | `messages.send`      | Sends a message and returns the created `Message`. |
 | `messages.sendAsPluginUser(request)`       | `messages.send`      | Emits a message from a registered plugin user.     |
 | `messages.setTyping(isTyping, channelId?)` | `messages.send`      | Broadcasts current typing state for a channel.     |
 | `messages.subscribeTyping(handler)`        | `messages.read`      | Subscribes to peer typing state.                   |
 | `messages.edit(messageId, content)`        | `messages.editOwn`   | Edits a plugin message.                            |
 | `messages.delete(messageId)`               | `messages.deleteOwn` | Deletes a plugin message.                          |
 | `messages.moderateDelete(messageId)`       | `messages.moderate`  | Performs a moderation delete.                      |
 | `messages.sync(messages)`                  | `messages.sync`      | Syncs an array of messages into state.             |
 ## Events
 ```ts
 interface PluginApiEventSubscription {
  eventName: string;
  handler: (event: PluginEventEnvelope) => void;
 }
 interface PluginEventEnvelope<TPayload = unknown> {
  emittedAt?: number;
  eventId?: string;
  eventName: string;
  payload: TPayload;
  pluginId: string;
  serverId: string;
  sourcePluginUserId?: string;
  sourceUserId?: string;
  type: 'plugin_event';
 }
 ```
 | Method                                     | Capability                | Description                                                 |
 | ------------------------------------------ | ------------------------- | ----------------------------------------------------------- |
 | `events.publishServer(eventName, payload)` | `events.server.publish`   | Sends a declared plugin event through the signaling server. |
 | `events.subscribeServer(subscription)`     | `events.server.subscribe` | Subscribes to a declared server plugin event.               |
 | `events.publishP2p(eventName, payload)`    | `events.p2p.publish`      | Sends a declared plugin event over peer paths.              |
 | `events.subscribeP2p(subscription)`        | `events.p2p.subscribe`    | Registers a P2P event subscription.                         |
 ## Message Bus
 ```ts
 interface PluginApiMessageBusEnvelope {
  channelId?: string;
  eventId: string;
  messages?: Message[];
  payload?: unknown;
  pluginId: string;
  roomId: string;
  sentAt: number;
  sourcePeerId?: string;
  sourceUserId?: string;
  topic: string;
 }
 interface PluginApiMessageBusLatestRequest {
  channelId?: string;
  includeDeleted?: boolean;
  limit?: number;
  sinceTimestamp?: number;
  targetPeerId?: string;
  topic?: string;
 }
 interface PluginApiMessageBusPublishRequest extends PluginApiMessageBusLatestRequest {
  includeLatestMessages?: boolean;
  includeSelf?: boolean;
  payload?: unknown;
  topic: string;
 }
 interface PluginApiMessageBusSubscription {
  channelId?: string;
  handler: (event: PluginApiMessageBusEnvelope) => void;
  latestMessageLimit?: number;
  replayLatest?: boolean;
  topic?: string;
 }
 ```
 | Method                                    | Capability                                         | Description                                                            |
 | ----------------------------------------- | -------------------------------------------------- | ---------------------------------------------------------------------- |
 | `messageBus.publish(request)`             | `events.p2p.publish`, optionally `messages.read`   | Publishes a plugin-bus event, optionally including latest messages.    |
 | `messageBus.sendLatestMessages(request?)` | `events.p2p.publish` and `messages.read`           | Sends a latest-message snapshot.                                       |
 | `messageBus.subscribe(subscription)`      | `events.p2p.subscribe`, optionally `messages.read` | Subscribes to plugin-bus events, optionally replaying latest messages. |
 ## P2P and Media
 ```ts
 interface PluginApiAudioClipRequest {
  volume?: number;
  url: string;
 }
 interface PluginApiCustomStreamRequest {
  label?: string;
  stream: MediaStream;
 }
 ```
 | Method                                     | Capability             | Description                                   |
 | ------------------------------------------ | ---------------------- | --------------------------------------------- |
 | `p2p.connectedPeers()`                     | `p2p.data`             | Returns connected peer ids.                   |
 | `p2p.broadcastData(eventName, payload)`    | `p2p.data`             | Broadcasts plugin data.                       |
 | `p2p.sendData(peerId, eventName, payload)` | `p2p.data`             | Sends plugin data targeted to a peer.         |
 | `media.playAudioClip(request)`             | `media.playAudio`      | Plays an audio URL at optional volume.        |
 | `media.addCustomAudioStream(request)`      | `media.addAudioStream` | Contributes an audio `MediaStream`.           |
 | `media.addCustomVideoStream(request)`      | `media.addVideoStream` | Registers a video `MediaStream` contribution. |
 | `media.setInputVolume(volume)`             | `audio.volume`         | Sets local input volume.                      |
 | `media.setOutputVolume(volume)`            | `audio.volume`         | Sets local output volume.                     |
 ## Storage
 | Method                         | Capability                 | Description                             |
 | ------------------------------ | -------------------------- | --------------------------------------- |
 | `clientData.read(key)`         | `storage.local`            | Reads async plugin-local data.          |
 | `clientData.write(key, value)` | `storage.local`            | Writes async plugin-local data.         |
 | `clientData.remove(key)`       | `storage.local`            | Removes async plugin-local data.        |
 | `serverData.read(key)`         | `storage.serverData.read`  | Reads local per-user/per-server data.   |
 | `serverData.write(key, value)` | `storage.serverData.write` | Writes local per-user/per-server data.  |
 | `serverData.remove(key)`       | `storage.serverData.write` | Removes local per-user/per-server data. |
 | `storage.get(key)`             | `storage.local`            | Legacy synchronous local read.          |
 | `storage.set(key, value)`      | `storage.local`            | Legacy synchronous local write.         |
 | `storage.remove(key)`          | `storage.local`            | Legacy synchronous local remove.        |
 ## UI Contributions
 ```ts
 interface PluginApiActionContribution {
  icon?: string;
  label: string;
  run: () => Promise<void> | void;
 }
 interface PluginApiPageContribution {
  label: string;
  path: string;
  render: () => HTMLElement | string;
 }
 interface PluginApiPanelContribution {
  label: string;
  order?: number;
  render: () => HTMLElement | string;
 }
 interface PluginApiSettingsPageContribution {
  label: string;
  order?: number;
  render: () => HTMLElement | string;
  settingsKey?: string;
 }
 interface PluginApiChannelSectionContribution {
  label: string;
  order?: number;
  type?: 'audio' | 'custom' | 'video';
 }
 interface PluginApiEmbedRendererContribution {
  embedType: string;
  render: (payload: unknown) => HTMLElement | string;
 }
 interface PluginApiDomMountRequest {
  element: HTMLElement;
  position?: InsertPosition;
  target: Element | string;
 }
 ```
 | Method                                        | Capability           | Description                                                     |
 | --------------------------------------------- | -------------------- | --------------------------------------------------------------- |
 | `ui.registerAppPage(id, contribution)`        | `ui.pages`           | Adds a plugin app page.                                         |
 | `ui.registerSettingsPage(id, contribution)`   | `ui.settings`        | Adds a plugin settings page.                                    |
 | `ui.registerSidePanel(id, contribution)`      | `ui.sidePanel`       | Adds a side panel.                                              |
 | `ui.registerChannelSection(id, contribution)` | `ui.channelsSection` | Adds a channel section.                                         |
 | `ui.registerComposerAction(id, contribution)` | `ui.pages`           | Adds a composer action.                                         |
 | `ui.registerProfileAction(id, contribution)`  | `ui.pages`           | Adds a profile action.                                          |
 | `ui.registerToolbarAction(id, contribution)`  | `ui.pages`           | Adds an action tile to the server side panel View plugins menu. |
 | `ui.registerEmbedRenderer(id, contribution)`  | `ui.embeds`          | Adds an embed renderer.                                         |
 | `ui.mountElement(id, request)`                | `ui.dom`             | Mounts plugin-owned DOM into a target element or selector.      |
 ## Slash Commands
 Slash commands appear in a Discord-style autocomplete menu when a user types `/` in the chat composer. A command with `scope: 'global'` (the default) is offered in every chat surface, including direct messages; a command with `scope: 'server'` only appears while a chat server is active. The user picks a command from the menu (or types it and presses Enter) and the `run` callback executes with the parsed arguments and the current interaction context.
 ```ts
 type PluginApiSlashCommandScope = 'global' | 'server';
 interface PluginApiSlashCommandOption {
  description?: string;
  name: string;
  required?: boolean;
  // 'rest' captures all remaining text; otherwise a single whitespace-delimited token
  type?: 'string' | 'number' | 'boolean' | 'rest';
 }
 interface PluginApiSlashCommandContext extends PluginApiActionContext {
  args: Record<string, string>; // parsed values keyed by option name
  command: string; // invoked name without the leading slash
  rawArgs: string; // raw text typed after the command name
 }
 interface PluginApiSlashCommandContribution {
  description?: string;
  icon?: string;
  name: string;
  options?: PluginApiSlashCommandOption[];
  run: (context: PluginApiSlashCommandContext) => Promise<void> | void;
  scope?: PluginApiSlashCommandScope;
 }
 ```
 | Method                              | Capability     | Description                                                          |
 | ----------------------------------- | -------------- | ------------------------------------------------------------------- |
 | `commands.register(id, command)`    | `ui.commands`  | Registers a `/` slash command for the chat composer.               |
 | `commands.list()`                   | `ui.commands`  | Lists every slash command currently registered across all plugins. |
 ```ts
 context.subscriptions.push(
  api.commands.register('shout', {
    description: 'Shout a message in uppercase',
    icon: '📢',
    name: 'shout',
    options: [{ name: 'message', required: true, type: 'rest' }],
    run: (slash) => api.messages.send(slash.args.message.toUpperCase()),
    scope: 'server'
  })
 );
 ```
 ## Context and Logger
 | Method                         | Capability | Description                                                                |
 | ------------------------------ | ---------- | -------------------------------------------------------------------------- |
 | `context.getCurrent()`         | None       | Reads current user, server, active text channel, and active voice channel. |
 | `logger.debug(message, data?)` | None       | Writes a debug plugin log entry.                                           |
 | `logger.info(message, data?)`  | None       | Writes an info plugin log entry.                                           |
 | `logger.warn(message, data?)`  | None       | Writes a warning plugin log entry.                                         |
 | `logger.error(message, data?)` | None       | Writes an error plugin log entry.                                          |
--- a/docs-site/docs/plugin-development/api/channels.md
+++ b/docs-site/docs/plugin-development/api/channels.md
@@ -0,0 +1,85 @@
 ---
 sidebar_position: 5
 ---
 # Channels API
 The channels API reads, selects, creates, renames, and removes server channels.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `channels.list()` | `channels.read` |
 | `channels.select(channelId)` | `channels.read` |
 | `channels.addAudioChannel(request)` | `channels.manage` |
 | `channels.addVideoChannel(request)` | `channels.manage` |
 | `channels.rename(channelId, name)` | `channels.manage` |
 | `channels.remove(channelId)` | `channels.manage` |
 ## List Channels
 ```js
 export function activate(context) {
  const channels = context.api.channels.list();
  context.api.logger.info('Channels', channels.map((channel) => ({
    id: channel.id,
    name: channel.name,
    type: channel.type
  })));
 }
 ```
 Example channel list:
 ```json
 [
  { "id": "general", "name": "general", "type": "text", "position": 0 },
  { "id": "support", "name": "support", "type": "text", "position": 1 },
  { "id": "lobby", "name": "Lobby", "type": "audio", "position": 10 }
 ]
 ```
 ## Select a Channel
 ```js
 export function activate(context) {
  context.api.channels.select('support');
 }
 ```
 ## Add a Voice Channel
 ```js
 export function activate(context) {
  context.api.channels.addAudioChannel({
    id: 'raid-voice',
    name: 'Raid Voice',
    position: 20
  });
 }
 ```
 ## Add a Video Channel Section
 ```js
 export function activate(context) {
  context.api.channels.addVideoChannel({
    id: 'watch-party-video',
    name: 'Watch Party',
    position: 30
  });
 }
 ```
 ## Rename and Remove
 ```js
 export function activate(context) {
  context.api.channels.rename('raid-voice', 'Raid Voice - Tonight');
  context.api.channels.remove('old-event-room');
 }
 ```
 Channel creation, rename, and removal should be user-confirmed because they change the shared server structure.
--- a/docs-site/docs/plugin-development/api/commands.md
+++ b/docs-site/docs/plugin-development/api/commands.md
@@ -0,0 +1,114 @@
 ---
 sidebar_position: 12
 ---
 # Slash Commands API
 The Commands API lets plugins register `/` slash commands. When a user types `/` in the chat composer, Toju shows a Discord-style autocomplete menu of available commands. Selecting a command (click, `Enter`, or `Tab`) runs it — either immediately when it declares no options, or after the user types the requested arguments.
 ## Required Capabilities
 | Method                            | Capability    |
 | --------------------------------- | ------------- |
 | `commands.register(id, command)`  | `ui.commands` |
 | `commands.list()`                 | `ui.commands` |
 Every registration returns a disposable. Push it into `context.subscriptions` so the command is removed when the plugin unloads.
 ## Command Scope
 A command's `scope` controls where it appears:
 | Scope               | Available in                                  |
 | ------------------- | --------------------------------------------- |
 | `global` (default)  | Chat servers **and** direct messages          |
 | `server`            | Only while a chat server is the active surface |
 Use `global` for commands that work without a server context (e.g. `/help`, `/shrug`). Use `server` for commands that act on the current server, channel, or members.
 ## Options and Argument Parsing
 Declare `options` to describe the arguments a command accepts. Toju parses what the user typed after the command name and passes the result to `run` as `context.args`, keyed by option name.
 ```ts
 interface PluginApiSlashCommandOption {
  description?: string;
  name: string;
  required?: boolean;
  // 'rest' captures all remaining text; otherwise a single whitespace-delimited token
  type?: 'string' | 'number' | 'boolean' | 'rest';
 }
 ```
 - Positional options are filled left-to-right from whitespace-delimited tokens.
 - A `rest` option captures all remaining text verbatim (use it last, for free-form text).
 - Missing positional values are passed as empty strings.
 - The autocomplete menu shows required options as `<name>` and optional ones as `[name]`.
 Values arrive as strings; convert `number`/`boolean` types yourself inside `run`.
 ## Command Context
 `run` receives a context that extends the standard action context (`source: 'slashCommand'`) with the invocation details:
 ```ts
 interface PluginApiSlashCommandContext extends PluginApiActionContext {
  args: Record<string, string>; // parsed values keyed by option name
  command: string;              // invoked name without the leading slash
  rawArgs: string;              // raw text typed after the command name
  // inherited: server, textChannel, voiceChannel, user, source
 }
 ```
 ## Register a Command
 ```js
 export function activate(context) {
  const api = context.api;
  // Server-scoped command with a free-form message argument.
  context.subscriptions.push(
    api.commands.register('announce', {
      name: 'announce',
      description: 'Post an announcement to the current channel',
      icon: '📢',
      scope: 'server',
      options: [{ name: 'message', type: 'rest', required: true }],
      run: (slash) => {
        api.messages.send(`📢 ${slash.args.message}`, slash.textChannel?.id);
      }
    })
  );
  // Global command that works in servers and DMs.
  context.subscriptions.push(
    api.commands.register('shrug', {
      name: 'shrug',
      description: 'Append the shrug emoticon',
      scope: 'global',
      run: () => api.messages.send('¯\\_(ツ)_/¯')
    })
  );
 }
 ```
 `api.messages.send` requires the `messages.send` capability, so the example above declares both `ui.commands` and `messages.send` in its manifest.
 ## List Registered Commands
 ```js
 const allCommands = context.api.commands.list();
 ```
 Returns every slash command currently registered across all active plugins, including their scope and options.
 ## Built-in Commands
 Toju ships first-party commands that are always available without any plugin, such as `/lenny` (posts `( ͡° ͜ʖ ͡°)`). They appear in the same autocomplete menu tagged as **Built-in**. Plugin commands are listed alongside them; if a plugin registers a command with the same name as a built-in, both appear and the user can pick either.
 ## How Input Is Handled
 - Typing `/` opens the menu; typing more characters filters by command name (prefix matches rank first).
 - Picking a command **without options** runs it immediately and clears the composer.
 - Picking a command **with options** fills `/name ` so the user can type arguments, then `Enter` runs it.
 - Slash input is intercepted and never posted as a chat message. Text that starts with `/` but matches no registered command falls through and is sent as a normal message.
--- a/docs-site/docs/plugin-development/api/context-and-logging.md
+++ b/docs-site/docs/plugin-development/api/context-and-logging.md
@@ -0,0 +1,75 @@
 ---
 sidebar_position: 1
 ---
 # Context and Logging
 Context and logging are available to every plugin. They do not require privileged capabilities.
 ## context.getCurrent()
 Reads the current interaction context.
 ```js
 export function activate(context) {
  const current = context.api.context.getCurrent();
  context.api.logger.info('Current context', {
    serverName: current.server?.name ?? 'No server open',
    textChannel: current.textChannel?.name ?? 'No text channel selected',
    voiceChannel: current.voiceChannel?.name ?? 'Not connected to voice',
    user: current.user?.displayName ?? 'No user'
  });
 }
 ```
 Example context shape:
 ```json
 {
  "source": "manual",
  "server": { "id": "room-7ebdde75", "name": "Friday Game Night" },
  "textChannel": { "id": "general", "name": "general", "type": "text" },
  "voiceChannel": { "id": "lobby", "name": "Lobby", "type": "audio" },
  "user": { "id": "user-alice-01", "displayName": "Alice" }
 }
 ```
 ## Action Context
 Composer, toolbar, and profile actions receive context directly. Toolbar actions are launched from the server side panel's View plugins menu and report `source: 'toolbarAction'`.
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerToolbarAction('where-am-i', {
      label: 'Where am I?',
      run: (actionContext) => {
        context.api.logger.info('Toolbar action context', {
          source: actionContext.source,
          serverId: actionContext.server?.id,
          textChannelId: actionContext.textChannel?.id,
          voiceChannelId: actionContext.voiceChannel?.id
        });
      }
    })
  );
 }
 ```
 Capability required: `ui.pages` for the toolbar action. The context object itself needs no extra capability.
 ## Logger Methods
 ```js
 export function activate(context) {
  const { logger } = context.api;
  logger.debug('Preparing plugin', { pluginId: context.pluginId });
  logger.info('Plugin activated', { version: context.manifest.version });
  logger.warn('Optional service unavailable', { service: 'weather.example.com' });
  logger.error('Failed to parse saved preference', { key: 'soundboard:favorites' });
 }
 ```
 Logs are visible in the Plugin Manager. Avoid logging passwords, bearer tokens, or private message contents.
--- a/docs-site/docs/plugin-development/api/events.md
+++ b/docs-site/docs/plugin-development/api/events.md
@@ -0,0 +1,100 @@
 ---
 sidebar_position: 7
 ---
 # Events API
 Plugin events allow plugins to publish and subscribe to declared server or P2P events.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `events.publishServer(eventName, payload)` | `events.server.publish` |
 | `events.subscribeServer(subscription)` | `events.server.subscribe` |
 | `events.publishP2p(eventName, payload)` | `events.p2p.publish` |
 | `events.subscribeP2p(subscription)` | `events.p2p.subscribe` |
 ## Declare Events in the Manifest
 ```json
 {
  "events": [
    {
      "eventName": "poll:vote",
      "direction": "p2pHint",
      "scope": "channel",
      "maxPayloadBytes": 2048
    },
    {
      "eventName": "moderation:flag",
      "direction": "serverRelay",
      "scope": "server",
      "maxPayloadBytes": 4096
    }
  ]
 }
 ```
 ## Publish and Subscribe to P2P Events
 ```js
 export function activate(context) {
  context.subscriptions.push(context.api.events.subscribeP2p({
    eventName: 'poll:vote',
    handler: (event) => {
      context.api.logger.info('Vote received', {
        optionId: event.payload?.optionId,
        voterName: event.payload?.voterName,
        eventId: event.eventId
      });
    }
  }));
  context.api.events.publishP2p('poll:vote', {
    pollId: 'raid-night-2026-04-29',
    optionId: 'dungeon',
    voterName: 'Alice'
  });
 }
 ```
 ## Publish and Subscribe to Server Events
 ```js
 export function activate(context) {
  context.subscriptions.push(context.api.events.subscribeServer({
    eventName: 'moderation:flag',
    handler: (event) => {
      context.api.logger.warn('Moderation flag received', {
        messageId: event.payload?.messageId,
        reason: event.payload?.reason
      });
    }
  }));
  context.api.events.publishServer('moderation:flag', {
    messageId: 'msg-20260429-flagged',
    reason: 'Possible spam link',
    reportedBy: 'user-alice-01'
  });
 }
 ```
 Example event envelope:
 ```json
 {
  "type": "plugin_event",
  "eventName": "poll:vote",
  "pluginId": "example.polls",
  "serverId": "room-7ebdde75",
  "eventId": "event-1777473600000-1",
  "emittedAt": 1777473600000,
  "payload": {
    "pollId": "raid-night-2026-04-29",
    "optionId": "dungeon",
    "voterName": "Alice"
  }
 }
 ```
--- a/docs-site/docs/plugin-development/api/message-bus.md
+++ b/docs-site/docs/plugin-development/api/message-bus.md
@@ -0,0 +1,95 @@
 ---
 sidebar_position: 8
 ---
 # Message Bus API
 The plugin message bus sends plugin-only P2P events. It can also include bounded latest-message snapshots for plugins that coordinate around recent chat state.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `messageBus.publish(request)` | `events.p2p.publish`, plus `messages.read` if `includeLatestMessages` is true |
 | `messageBus.sendLatestMessages(request?)` | `events.p2p.publish` and `messages.read` |
 | `messageBus.subscribe(subscription)` | `events.p2p.subscribe`, plus `messages.read` if replaying latest messages |
 ## Subscribe
 ```js
 export function activate(context) {
  context.subscriptions.push(context.api.messageBus.subscribe({
    topic: 'poll:votes',
    channelId: 'general',
    replayLatest: true,
    latestMessageLimit: 10,
    handler: (event) => {
      context.api.logger.info('Poll bus event', {
        topic: event.topic,
        choice: event.payload?.choice,
        messageCount: event.messages?.length ?? 0
      });
    }
  }));
 }
 ```
 ## Publish
 ```js
 export function activate(context) {
  const envelope = context.api.messageBus.publish({
    topic: 'poll:votes',
    channelId: 'general',
    payload: {
      pollId: 'raid-night-2026-04-29',
      choice: 'healer',
      voter: 'Alice'
    },
    includeLatestMessages: true,
    includeSelf: true,
    latestMessageLimit: 10,
    sinceTimestamp: 1777470000000
  });
  context.api.logger.info('Published poll event', { eventId: envelope.eventId });
 }
 ```
 Example envelope:
 ```json
 {
  "eventId": "plugin-bus-1777473600000-1",
  "pluginId": "example.polls",
  "roomId": "room-7ebdde75",
  "channelId": "general",
  "topic": "poll:votes",
  "sentAt": 1777473600000,
  "payload": {
    "pollId": "raid-night-2026-04-29",
    "choice": "healer",
    "voter": "Alice"
  },
  "messages": [
    { "id": "msg-1", "content": "Raid tonight?", "channelId": "general" }
  ]
 }
 ```
 ## Send Latest Messages
 ```js
 export function activate(context) {
  context.api.messageBus.sendLatestMessages({
    topic: 'chat:snapshot',
    channelId: 'support',
    limit: 25,
    includeDeleted: false,
    sinceTimestamp: 1777460000000,
    targetPeerId: 'peer-muse-laptop'
  });
 }
 ```
 Use the message bus for plugin coordination. Do not use it for normal user chat messages; use `messages.send()` for that.
--- a/docs-site/docs/plugin-development/api/messages-and-typing.md
+++ b/docs-site/docs/plugin-development/api/messages-and-typing.md
@@ -0,0 +1,144 @@
 ---
 sidebar_position: 6
 ---
 # Messages and Typing API
 The messages API reads current messages, sends messages, edits or deletes plugin-owned messages, moderates messages, syncs messages, and exposes typing state.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `messages.readCurrent()` | `messages.read` |
 | `messages.send(content, channelId?)` | `messages.send` |
 | `messages.sendAsPluginUser(request)` | `messages.send` |
 | `messages.setTyping(isTyping, channelId?)` | `messages.send` |
 | `messages.subscribeTyping(handler)` | `messages.read` |
 | `messages.edit(messageId, content)` | `messages.editOwn` |
 | `messages.delete(messageId)` | `messages.deleteOwn` |
 | `messages.moderateDelete(messageId)` | `messages.moderate` |
 | `messages.sync(messages)` | `messages.sync` |
 ## Read Current Messages
 ```js
 export function activate(context) {
  const messages = context.api.messages.readCurrent();
  context.api.logger.info('Current messages', messages.slice(-3).map((message) => ({
    id: message.id,
    channelId: message.channelId,
    senderName: message.senderName,
    content: message.content
  })));
 }
 ```
 ## Send a Message
 ```js
 export function activate(context) {
  const created = context.api.messages.send(
    'Reminder: raid starts at 20:00. Bring repairs and snacks.',
    'general'
  );
  context.api.logger.info('Sent reminder', { messageId: created.id });
 }
 ```
 ## Send as a Plugin User
 ```js
 export function activate(context) {
  const botUserId = context.api.server.registerPluginUser({
    id: 'poll-bot',
    displayName: 'Poll Bot'
  });
  context.api.messages.sendAsPluginUser({
    pluginUserId: botUserId,
    channelId: 'general',
    content: 'Poll is open: react with 1 for dungeon, 2 for arena, 3 for crafting.'
  });
 }
 ```
 Capabilities required: `users.manage` and `messages.send`.
 ## Edit and Delete Plugin-Owned Messages
 ```js
 export function activate(context) {
  const message = context.api.messages.send('Draft event reminder', 'announcements');
  context.api.messages.edit(message.id, 'Event reminder: voice meetup starts in 15 minutes.');
  context.api.messages.delete(message.id);
 }
 ```
 ## Moderation Delete
 ```js
 export function activate(context) {
  context.api.messages.moderateDelete('msg-spam-20260429-001');
 }
 ```
 Use moderation from explicit moderator actions, not automatic activation.
 ## Typing State
 ```js
 export function activate(context) {
  context.api.messages.setTyping(true, 'general');
  setTimeout(() => {
    context.api.messages.setTyping(false, 'general');
  }, 1500);
  context.subscriptions.push(context.api.messages.subscribeTyping((event) => {
    context.api.logger.info('Typing event', {
      displayName: event.displayName,
      isTyping: event.isTyping,
      channelId: event.channelId,
      serverId: event.serverId,
      voiceChannel: event.voiceChannel?.name ?? null
    });
  }));
 }
 ```
 Example typing event:
 ```json
 {
  "serverId": "room-7ebdde75",
  "channelId": "general",
  "userId": "user-muse-01",
  "displayName": "Muse",
  "isTyping": true
 }
 ```
 ## Sync Messages
 ```js
 export function activate(context) {
  context.api.messages.sync([
    {
      id: 'external-standup-001',
      roomId: 'room-7ebdde75',
      channelId: 'standup',
      senderId: 'standup-importer',
      senderName: 'Standup Importer',
      content: 'Imported note: Alice is working on plugin docs.',
      timestamp: 1777473600000,
      isDeleted: false
    }
  ]);
 }
 ```
 Sync should preserve message ids and timestamps from the source system when possible.
--- a/docs-site/docs/plugin-development/api/p2p-and-media.md
+++ b/docs-site/docs/plugin-development/api/p2p-and-media.md
@@ -0,0 +1,128 @@
 ---
 sidebar_position: 9
 ---
 # P2P and Media API
 P2P APIs send plugin data to connected peers. Media APIs play audio and contribute custom streams.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `p2p.connectedPeers()` | `p2p.data` |
 | `p2p.broadcastData(eventName, payload)` | `p2p.data` |
 | `p2p.sendData(peerId, eventName, payload)` | `p2p.data` |
 | `media.playAudioClip(request)` | `media.playAudio` |
 | `media.addCustomAudioStream(request)` | `media.addAudioStream` |
 | `media.addCustomVideoStream(request)` | `media.addVideoStream` |
 | `media.setInputVolume(volume)` | `audio.volume` |
 | `media.setOutputVolume(volume)` | `audio.volume` |
 ## Connected Peers
 ```js
 export function activate(context) {
  const peerIds = context.api.p2p.connectedPeers();
  context.api.logger.info('Connected peers', { peerIds });
 }
 ```
 ## Broadcast Data
 ```js
 export function activate(context) {
  context.api.p2p.broadcastData('soundboard:played', {
    soundId: 'airhorn-short',
    label: 'Airhorn',
    playedBy: 'Alice',
    playedAt: 1777473600000
  });
 }
 ```
 ## Send Data to One Peer
 ```js
 export function activate(context) {
  context.api.p2p.sendData('peer-muse-laptop', 'private-tool:ping', {
    requestId: 'ping-20260429-001',
    message: 'Are you receiving plugin data?'
  });
 }
 ```
 ## Play an Audio Clip
 ```js
 export async function activate(context) {
  await context.api.media.playAudioClip({
    url: 'https://cdn.example.com/metoyou/sounds/chime.wav',
    volume: 0.65
  });
 }
 ```
 ## Add a Custom Audio Stream
 ```js
 export async function activate(context) {
  const audioContext = new AudioContext();
  const oscillator = audioContext.createOscillator();
  const gain = audioContext.createGain();
  const destination = audioContext.createMediaStreamDestination();
  oscillator.type = 'sine';
  oscillator.frequency.value = 440;
  gain.gain.value = 0.03;
  oscillator.connect(gain);
  gain.connect(destination);
  oscillator.start();
  await context.api.media.addCustomAudioStream({
    label: 'Tuning tone',
    stream: destination.stream
  });
  setTimeout(async () => {
    oscillator.stop();
    await audioContext.close();
  }, 1000);
 }
 ```
 ## Add a Custom Video Stream
 ```js
 export async function activate(context) {
  const canvas = document.createElement('canvas');
  canvas.width = 1280;
  canvas.height = 720;
  const ctx = canvas.getContext('2d');
  ctx.fillStyle = '#111827';
  ctx.fillRect(0, 0, canvas.width, canvas.height);
  ctx.fillStyle = '#ffffff';
  ctx.font = '48px sans-serif';
  ctx.fillText('Plugin camera scene', 80, 120);
  const stream = canvas.captureStream(15);
  await context.api.media.addCustomVideoStream({
    label: 'Plugin camera scene',
    stream
  });
 }
 ```
 ## Set Volumes
 ```js
 export function activate(context) {
  context.api.media.setInputVolume(0.85);
  context.api.media.setOutputVolume(0.75);
 }
 ```
 Use media APIs with visible controls and clear user consent. Unexpected audio or video is a poor user experience.
--- a/docs-site/docs/plugin-development/api/profile.md
+++ b/docs-site/docs/plugin-development/api/profile.md
@@ -0,0 +1,66 @@
 ---
 sidebar_position: 2
 ---
 # Profile API
 The profile API reads and updates the current user's local profile details.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `profile.getCurrent()` | `profile.read` |
 | `profile.update(profile)` | `profile.write` |
 | `profile.updateAvatar(avatar)` | `profile.write` |
 ## Read Current Profile
 ```js
 export function activate(context) {
  const user = context.api.profile.getCurrent();
  context.api.logger.info('Current profile', {
    id: user?.id,
    displayName: user?.displayName,
    username: user?.username
  });
 }
 ```
 Example result:
 ```json
 {
  "id": "user-alice-01",
  "username": "alice",
  "displayName": "Alice",
  "description": "Raids on Fridays",
  "avatarUrl": "/avatars/alice.webp"
 }
 ```
 ## Update Display Profile
 ```js
 export function activate(context) {
  context.api.profile.update({
    displayName: 'Alice - Support Lead',
    description: 'Available for onboarding and support questions.'
  });
 }
 ```
 ## Update Avatar
 ```js
 export function activate(context) {
  context.api.profile.updateAvatar({
    avatarUrl: 'https://cdn.example.com/metoyou/avatars/alice-support.png',
    avatarMime: 'image/png',
    avatarHash: 'sha256:9df5d5e4b0d8f41f3a3cf5d1f5a2c1f4'
  });
 }
 ```
 Use `profile.write` carefully. A plugin that changes a user's identity should explain why in its readme and UI.
--- a/docs-site/docs/plugin-development/api/server.md
+++ b/docs-site/docs/plugin-development/api/server.md
@@ -0,0 +1,81 @@
 ---
 sidebar_position: 4
 ---
 # Server API
 The server API reads the active server, registers plugin-owned users, and updates server settings or permissions.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `server.getCurrent()` | `server.read` |
 | `server.registerPluginUser(request)` | `users.manage` |
 | `server.updatePermissions(permissions)` | `server.manage` |
 | `server.updateSettings(settings)` | `server.manage` |
 ## Read Current Server
 ```js
 export function activate(context) {
  const server = context.api.server.getCurrent();
  context.api.logger.info('Current server', {
    id: server?.id,
    name: server?.name,
    topic: server?.topic,
    isPrivate: server?.isPrivate
  });
 }
 ```
 ## Register a Plugin User
 Plugin users are useful for bot-style messages.
 ```js
 export function activate(context) {
  const botUserId = context.api.server.registerPluginUser({
    id: 'standup-helper-bot',
    displayName: 'Standup Helper',
    avatarUrl: 'https://cdn.example.com/metoyou/plugins/standup-helper.png'
  });
  context.api.messages.sendAsPluginUser({
    pluginUserId: botUserId,
    channelId: 'general',
    content: 'Standup reminder: share yesterday, today, and blockers.'
  });
 }
 ```
 Capabilities required: `users.manage` and `messages.send`.
 ## Update Server Settings
 ```js
 export function activate(context) {
  context.api.server.updateSettings({
    name: 'Friday Game Night',
    topic: 'Co-op games, voice chat, and clips',
    description: 'A friendly server for Friday sessions.',
    maxUsers: 64,
    isPrivate: false
  });
 }
 ```
 ## Update Permissions
 ```js
 export function activate(context) {
  context.api.server.updatePermissions({
    allowVoice: true,
    allowVideo: true,
    allowScreenShare: true
  });
 }
 ```
 Only update settings or permissions as part of an explicit admin flow. Plugins should not silently rename servers or change access rules.
--- a/docs-site/docs/plugin-development/api/storage.md
+++ b/docs-site/docs/plugin-development/api/storage.md
@@ -0,0 +1,101 @@
 ---
 sidebar_position: 10
 ---
 # Storage API
 Plugins can store local client data and per-server data. Desktop builds use Electron persistence when available; browser fallback uses renderer storage.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `clientData.read(key)` | `storage.local` |
 | `clientData.write(key, value)` | `storage.local` |
 | `clientData.remove(key)` | `storage.local` |
 | `serverData.read(key)` | `storage.serverData.read` |
 | `serverData.write(key, value)` | `storage.serverData.write` |
 | `serverData.remove(key)` | `storage.serverData.write` |
 | `storage.get(key)` | `storage.local` |
 | `storage.set(key, value)` | `storage.local` |
 | `storage.remove(key)` | `storage.local` |
 ## Client Data
 Client data belongs to this local user and client.
 ```js
 export async function activate(context) {
  await context.api.clientData.write('soundboard:volume', {
    masterVolume: 0.7,
    updatedAt: 1777473600000
  });
  const value = await context.api.clientData.read('soundboard:volume');
  context.api.logger.info('Loaded client data', value);
 }
 ```
 ## Server Data
 Server data is local per-user/per-server state. It is not arbitrary signal-server persistence.
 ```js
 export async function activate(context) {
  await context.api.serverData.write('soundboard:favorites', [
    { id: 'chime', label: 'Chime', url: 'https://cdn.example.com/chime.wav' },
    { id: 'ready', label: 'Ready Check', url: 'https://cdn.example.com/ready.wav' }
  ]);
  const favorites = await context.api.serverData.read('soundboard:favorites');
  context.api.logger.info('Loaded server favorites', favorites);
 }
 ```
 ## Remove Data
 ```js
 export async function activate(context) {
  await context.api.clientData.remove('soundboard:volume');
  await context.api.serverData.remove('soundboard:favorites');
 }
 ```
 ## Legacy Synchronous Storage
 The `storage.*` methods are legacy local storage helpers. Prefer `clientData.*` for new plugins when async reads are acceptable.
 ```js
 export function activate(context) {
  context.api.storage.set('quick-toggle', { enabled: true });
  const saved = context.api.storage.get('quick-toggle');
  context.api.logger.info('Legacy storage value', saved);
  context.api.storage.remove('quick-toggle');
 }
 ```
 ## Manifest Data Declarations
 Declare important data keys in the manifest.
 ```json
 {
  "data": [
    {
      "key": "soundboard:volume",
      "scope": "client",
      "storage": "local"
    },
    {
      "key": "soundboard:favorites",
      "scope": "server",
      "storage": "serverData"
    }
  ]
 }
 ```
--- a/docs-site/docs/plugin-development/api/ui.md
+++ b/docs-site/docs/plugin-development/api/ui.md
@@ -0,0 +1,269 @@
 ---
 sidebar_position: 11
 ---
 # UI API
 The UI API lets plugins add pages, settings pages, side panels, channel sections, actions, embed renderers, and controlled DOM mounts.
 For `/` slash commands in the chat composer, see the [Slash Commands API](./commands.md) (`api.commands`).
 Prefer registered UI contributions over direct DOM mounting. Contribution APIs let Angular render the plugin UI when the matching app surface exists. Direct DOM mounting runs immediately and throws if the target selector is not present.
 ## Required Capabilities
 | Method                                        | Capability           |
 | --------------------------------------------- | -------------------- |
 | `ui.registerAppPage(id, contribution)`        | `ui.pages`           |
 | `ui.registerSettingsPage(id, contribution)`   | `ui.settings`        |
 | `ui.registerSidePanel(id, contribution)`      | `ui.sidePanel`       |
 | `ui.registerChannelSection(id, contribution)` | `ui.channelsSection` |
 | `ui.registerComposerAction(id, contribution)` | `ui.pages`           |
 | `ui.registerProfileAction(id, contribution)`  | `ui.pages`           |
 | `ui.registerToolbarAction(id, contribution)`  | `ui.pages`           |
 | `ui.registerEmbedRenderer(id, contribution)`  | `ui.embeds`          |
 | `ui.mountElement(id, request)`                | `ui.dom`             |
 Every registration returns a disposable. Push it into `context.subscriptions`.
 ## App Page
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerAppPage('dashboard', {
      label: 'Raid Dashboard',
      path: '/plugins/example.raid-helper/dashboard',
      render: () => {
        const root = document.createElement('section');
        root.innerHTML = '<h1>Raid Dashboard</h1><p>Tonight: dungeon practice.</p>';
        return root;
      }
    })
  );
 }
 ```
 The page is hosted by `/plugins/:pluginId/:pageId`.
 ## Settings Page
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerSettingsPage('preferences', {
      label: 'Raid Helper',
      settingsKey: 'raid-helper',
      order: 20,
      render: () => {
        const wrapper = document.createElement('section');
        const label = document.createElement('label');
        const checkbox = document.createElement('input');
        checkbox.type = 'checkbox';
        checkbox.checked = true;
        label.append(checkbox, ' Enable ready-check reminders');
        wrapper.append(label);
        return wrapper;
      }
    })
  );
 }
 ```
 ## Side Panel
 Use `ui.registerSidePanel` for content that belongs in the server sidebar plugin area. Do not mount directly into `[data-testid="plugin-room-side-panel"]`; that host is route-specific and may not exist during plugin activation.
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerSidePanel('soundboard', {
      label: 'Soundboard',
      order: 10,
      render: () => {
        const panel = document.createElement('div');
        const button = document.createElement('button');
        button.type = 'button';
        button.textContent = 'Play chime';
        button.onclick = () =>
          context.api.media.playAudioClip({
            url: 'https://cdn.example.com/chime.wav',
            volume: 0.6
          });
        panel.append(button);
        return panel;
      }
    })
  );
 }
 ```
 Capabilities required: `ui.sidePanel` and `media.playAudio`.
 ## Channel Section
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerChannelSection('events', {
      label: 'Event Rooms',
      type: 'custom',
      order: 50
    })
  );
 }
 ```
 ## Composer Action
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerComposerAction('insert-standup', {
      icon: 'ST',
      label: 'Insert standup prompt',
      run: (actionContext) => {
        context.api.messages.send('Standup: yesterday I..., today I..., blocked by...', actionContext.textChannel?.id);
      }
    })
  );
 }
 ```
 Capabilities required: `ui.pages` and `messages.send`.
 ## Profile Action
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerProfileAction('wave', {
      label: 'Wave',
      run: (actionContext) => {
        context.api.messages.send(`Waving at ${actionContext.user?.displayName ?? 'someone'}!`);
      }
    })
  );
 }
 ```
 ## Toolbar Action
 Toolbar actions are command-style plugin entries shown in the server side panel's View plugins menu. Use them for small actions that should be easy to launch from a server, such as opening a plugin page, sending a status message, starting a timer, or toggling a plugin feature.
 The View plugins link appears in `[data-testid="plugin-room-side-panel"]` when the plugin side-panel area is rendered. Opening it shows an overlay menu, positioned like profile-card overlays, with registered actions laid out as plugin icon tiles. The `icon` field can be short text such as `RH`, an emoji, or an image URL; when omitted, Toju falls back to initials from the plugin/action labels.
 Toolbar action callbacks receive an action context with `source: 'toolbarAction'`, the current user, current server, active text channel, and current voice channel when available.
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerToolbarAction('open-dashboard', {
      icon: 'RH',
      label: 'Raid Helper',
      run: (actionContext) => {
        context.api.logger.info('Raid Helper opened', {
          channelId: actionContext.textChannel?.id,
          serverId: actionContext.server?.id
        });
      }
    })
  );
 }
 ```
 Capabilities required: `ui.pages`. Add any capability your action uses, such as `messages.send` or `server.read`.
 Use `registerSidePanel` instead when the plugin needs persistent sidebar content, and use `registerAppPage` when the plugin needs a full-page workflow.
 ## Embed Renderer
 ```js
 export function activate(context) {
  context.subscriptions.push(
    context.api.ui.registerEmbedRenderer('raid-card', {
      embedType: 'raid.card',
      render: (payload) => {
        const card = document.createElement('article');
        const title = document.createElement('h3');
        const body = document.createElement('p');
        title.textContent = payload?.title ?? 'Raid';
        body.textContent = payload?.description ?? 'No description provided.';
        card.append(title, body);
        return card;
      }
    })
  );
 }
 ```
 Example message content for this embed:
 ```text
 toju:embed:raid.card:{"title":"Friday Raid","description":"Meet in Lobby at 20:00."}
 ```
 ## DOM Mount
 Use DOM mounting only when normal UI contribution points are not enough. `ui.mountElement` resolves its target immediately. If the target does not exist, plugin activation fails with `Plugin mount target not found: <selector>`.
 Safe uses:
 - Mounting a global overlay, badge, or modal into `body` during activation.
 - Mounting into a route-specific element only after checking that element exists.
 Avoid:
 - Mounting sidebar content into `[data-testid="plugin-room-side-panel"]`. Use `ui.registerSidePanel`.
 - Mounting chat content into `app-chat-messages` during activation without checking for the element.
 ```js
 export function activate(context) {
  const badge = document.createElement('div');
  badge.textContent = 'Raid helper active';
  badge.style.position = 'fixed';
  badge.style.right = '16px';
  badge.style.bottom = '16px';
  badge.style.padding = '8px 10px';
  badge.style.background = '#111827';
  badge.style.color = 'white';
  badge.style.borderRadius = '6px';
  context.subscriptions.push(
    context.api.ui.mountElement('active-badge', {
      target: 'body',
      position: 'beforeend',
      element: badge
    })
  );
 }
 ```
 Route-specific mount example with a guard:
 ```js
 export function activate(context) {
  const target = document.querySelector('app-chat-messages');
  if (!target) {
    context.api.logger.warn('Chat messages host is not rendered yet; skipping chat mount');
    return;
  }
  const banner = document.createElement('div');
  banner.textContent = 'Raid helper active in this chat.';
  context.subscriptions.push(
    context.api.ui.mountElement('chat-banner', {
      target,
      position: 'afterbegin',
      element: banner
    })
  );
 }
 ```
 The runtime tags plugin-owned DOM and removes it on unload, but plugins should still keep mounts minimal and accessible.
--- a/docs-site/docs/plugin-development/api/users-and-roles.md
+++ b/docs-site/docs/plugin-development/api/users-and-roles.md
@@ -0,0 +1,89 @@
 ---
 sidebar_position: 3
 ---
 # Users and Roles API
 The users and roles APIs read known users, read room members, and perform moderation or role changes when granted.
 ## Required Capabilities
 | Method | Capability |
 | --- | --- |
 | `users.getCurrent()` | `users.read` |
 | `users.list()` | `users.read` |
 | `users.readMembers()` | `users.read` |
 | `users.setRole(userId, role)` | `roles.manage` |
 | `users.kick(userId)` | `users.manage` |
 | `users.ban(userId, reason?)` | `users.manage` |
 | `roles.list()` | `roles.read` |
 | `roles.setAssignments(assignments)` | `roles.manage` |
 ## Read Users
 ```js
 export function activate(context) {
  const currentUser = context.api.users.getCurrent();
  const knownUsers = context.api.users.list();
  const roomMembers = context.api.users.readMembers();
  context.api.logger.info('Room user summary', {
    currentUser: currentUser?.displayName,
    knownUserCount: knownUsers.length,
    memberCount: roomMembers.length
  });
 }
 ```
 Example member data:
 ```json
 [
  { "id": "member-1", "userId": "user-alice-01", "displayName": "Alice", "role": "admin" },
  { "id": "member-2", "userId": "user-muse-01", "displayName": "Muse", "role": "member" }
 ]
 ```
 ## Read Roles
 ```js
 export function activate(context) {
  const roles = context.api.roles.list();
  context.api.logger.info('Available roles', roles.map((role) => ({
    id: role.id,
    name: role.name,
    permissions: role.permissions
  })));
 }
 ```
 ## Set a User Role
 ```js
 export function activate(context) {
  context.api.users.setRole('user-muse-01', 'moderator');
 }
 ```
 ## Replace Role Assignments
 ```js
 export function activate(context) {
  context.api.roles.setAssignments([
    { userId: 'user-alice-01', roleId: 'admin' },
    { userId: 'user-muse-01', roleId: 'moderator' }
  ]);
 }
 ```
 ## Kick or Ban a User
 ```js
 export function activate(context) {
  context.api.users.kick('user-spam-01');
  context.api.users.ban('user-spam-02', 'Repeated spam in support channels');
 }
 ```
 Moderation calls should normally be behind an explicit user action in plugin UI. Do not run destructive moderation automatically on activation.
--- a/docs-site/docs/plugin-development/capabilities.md
+++ b/docs-site/docs/plugin-development/capabilities.md
@@ -0,0 +1,51 @@
 ---
 sidebar_position: 3
 ---
 # Capabilities
 Capabilities protect privileged app surfaces. A plugin must declare a capability in its manifest and the user must grant it before the runtime allows the corresponding API call.
 | Capability                 | API areas                                                                                                         | Notes                                                                        |
 | -------------------------- | ----------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- |
 | `profile.read`             | `profile.getCurrent()`                                                                                            | Reads the current user.                                                      |
 | `profile.write`            | `profile.update()`, `profile.updateAvatar()`                                                                      | Updates local profile fields and avatar metadata.                            |
 | `users.read`               | `users.getCurrent()`, `users.list()`, `users.readMembers()`                                                       | Reads users and server members.                                              |
 | `users.manage`             | `users.kick()`, `users.ban()`, `server.registerPluginUser()`                                                      | Can create plugin users and moderate members.                                |
 | `roles.read`               | `roles.list()`                                                                                                    | Reads server roles.                                                          |
 | `roles.manage`             | `roles.setAssignments()`, `users.setRole()`                                                                       | Changes role assignments or user roles.                                      |
 | `messages.read`            | `messages.readCurrent()`, message bus latest snapshots                                                            | Reads current channel messages.                                              |
 | `messages.send`            | `messages.send()`, `messages.sendAsPluginUser()`                                                                  | Sends messages as the current user or registered plugin user.                |
 | `messages.editOwn`         | `messages.edit()`                                                                                                 | Edits plugin-owned messages.                                                 |
 | `messages.deleteOwn`       | `messages.delete()`                                                                                               | Deletes plugin-owned messages.                                               |
 | `messages.moderate`        | `messages.moderateDelete()`                                                                                       | Moderation delete path.                                                      |
 | `messages.sync`            | `messages.sync()`, `messages.import()`, `attachments.import()`                                                     | Syncs message arrays, imports historical messages locally, or imports files for those messages. |
 | `channels.read`            | `channels.list()`, `channels.select()`                                                                            | Reads and selects channels.                                                  |
 | `channels.manage`          | `channels.addTextChannel()`, `channels.addAudioChannel()`, `channels.addVideoChannel()`, `channels.remove()`, `channels.rename()` | Mutates channel or channel-section state.                                    |
 | `server.read`              | `server.getCurrent()`                                                                                             | Reads active server.                                                         |
 | `server.manage`            | `server.updateIcon()`, `server.updatePermissions()`, `server.updateSettings()`                                    | Updates server icon, permissions, or settings. `server.updateIcon()` resolves when the local icon update has been persisted or rejects if the current user is not allowed to manage the server icon. |
 | `p2p.data`                 | `p2p.connectedPeers()`, `p2p.broadcastData()`, `p2p.sendData()`                                                   | Uses plugin peer data paths.                                                 |
 | `p2p.media`                | Reserved peer media features.                                                                                     | Included for media-facing plugins.                                           |
 | `media.playAudio`          | `media.playAudioClip()`                                                                                           | Plays an audio URL locally.                                                  |
 | `media.addAudioStream`     | `media.addCustomAudioStream()`                                                                                    | Adds a custom stream to voice handling.                                      |
 | `media.addVideoStream`     | `media.addCustomVideoStream()`                                                                                    | Registers custom video stream contribution.                                  |
 | `audio.volume`             | `media.setInputVolume()`, `media.setOutputVolume()`                                                               | Adjusts local voice volume.                                                  |
 | `audio.effects`            | Reserved audio effect features.                                                                                   | Included for audio processing plugins.                                       |
 | `ui.settings`              | `ui.registerSettingsPage()`                                                                                       | Adds settings pages.                                                         |
 | `ui.pages`                 | `ui.registerAppPage()`, `ui.registerComposerAction()`, `ui.registerProfileAction()`, `ui.registerToolbarAction()` | Adds app pages and action entry points, including View plugins menu actions. |
 | `ui.sidePanel`             | `ui.registerSidePanel()`                                                                                          | Adds side panels.                                                            |
 | `ui.channelsSection`       | `ui.registerChannelSection()`                                                                                     | Adds channel sections.                                                       |
 | `ui.embeds`                | `ui.registerEmbedRenderer()`                                                                                      | Renders custom embeds.                                                       |
 | `ui.dom`                   | `ui.mountElement()`                                                                                               | Mounts plugin-owned DOM into app targets.                                    |
 | `ui.commands`              | `commands.register()`, `commands.list()`                                                                          | Registers `/` slash commands (global or server scope) and lists registered commands. |
 | `storage.local`            | `storage.*`, `clientData.*`                                                                                       | Reads and writes plugin-local data.                                          |
 | `storage.serverData.read`  | `serverData.read()`                                                                                               | Reads local per-user/per-server plugin data.                                 |
 | `storage.serverData.write` | `serverData.write()`, `serverData.remove()`                                                                       | Writes or removes local per-user/per-server plugin data.                     |
 | `events.server.publish`    | `events.publishServer()`                                                                                          | Publishes declared server plugin events.                                     |
 | `events.server.subscribe`  | `events.subscribeServer()`                                                                                        | Subscribes to declared server plugin events.                                 |
 | `events.p2p.publish`       | `events.publishP2p()`, `messageBus.publish()`, `messageBus.sendLatestMessages()`                                  | Publishes declared P2P/plugin bus events.                                    |
 | `events.p2p.subscribe`     | `events.subscribeP2p()`, `messageBus.subscribe()`                                                                 | Subscribes to declared P2P/plugin bus events.                                |
 ## Recommended Practice
 Request the fewest capabilities possible. Separate broad features into optional plugin modules when a single plugin would otherwise need many unrelated grants.
--- a/docs-site/docs/plugin-development/create-a-plugin.md
+++ b/docs-site/docs/plugin-development/create-a-plugin.md
@@ -0,0 +1,109 @@
 ---
 sidebar_position: 1
 ---
 # Create a Plugin
 Toju plugins are browser-safe ES modules loaded by the Angular renderer. A plugin receives a frozen `TojuClientPluginApi`, declares every privileged capability in its manifest, and registers cleanup work through disposables.
 ## Folder Layout
 A local desktop plugin is discovered from an immediate child folder under the app data `plugins` directory.
 ```text
 my-plugin/
  toju-plugin.json
  main.js
  README.md
  icon.svg
 ```
 The manifest file can be named `toju-plugin.json` or `plugin.json`. Entrypoints and readmes must stay inside the plugin folder.
 ## Minimal Manifest
 ```json
 {
  "schemaVersion": 1,
  "id": "example.hello-world",
  "title": "Hello World",
  "description": "Adds a View plugins menu action that sends a message.",
  "version": "1.0.0",
  "kind": "client",
  "scope": "client",
  "apiVersion": "1.0.0",
  "compatibility": {
    "minimumTojuVersion": "1.0.0"
  },
  "entrypoint": "./main.js",
  "capabilities": ["messages.send", "ui.pages"]
 }
 ```
 ## Entrypoint
 ```js
 export function activate(context) {
  const { api } = context;
  api.logger.info('Hello World activated');
  const disposable = api.ui.registerToolbarAction('hello', {
    icon: 'HI',
    label: 'Hello',
    run: () => api.messages.send('Hello from my plugin')
  });
  context.subscriptions.push(disposable);
 }
 export function ready(context) {
  context.api.logger.info('All ready plugins have loaded');
 }
 export function deactivate(context) {
  context.api.logger.info('Hello World deactivated');
 }
 ```
 `registerToolbarAction()` adds an action tile to the server side panel's View plugins menu. Use `icon` for the tile badge and keep the `label` short enough to scan in a grid.
 ## Lifecycle Hooks
 | Hook                                             | When it runs                                           | Use it for                                                                 |
 | ------------------------------------------------ | ------------------------------------------------------ | -------------------------------------------------------------------------- |
 | `activate(context)`                              | During explicit plugin activation.                     | Register UI, subscribe to events, initialize state.                        |
 | `ready(context)`                                 | After the load-order pass has activated ready plugins. | Cross-plugin coordination that needs other plugins loaded.                 |
 | `deactivate(context)`                            | During unload or reload.                               | Flush state and log shutdown. Disposables are also cleaned up by the host. |
 | `onPluginDataChanged(context, event)`            | When plugin data changes are observed.                 | React to plugin-scoped persistence changes.                                |
 | `onServerRequirementsChanged(context, snapshot)` | When server plugin requirements change.                | Adapt to required, optional, blocked, or incompatible server plugins.      |
 ## Cleanup
 Every API registration returns a disposable. Push it into `context.subscriptions`.
 ```js
 const subscription = api.messageBus.subscribe({
  topic: 'poll:votes',
  handler: (event) => api.logger.info('vote received', event.payload)
 });
 context.subscriptions.push(subscription);
 ```
 The plugin host disposes subscriptions in reverse order when the plugin unloads.
 ## Capability Grants
 A plugin can only call privileged APIs after the matching capability is declared in the manifest and granted by the user. Keep the manifest narrow. For example, a plugin that only adds a settings page does not need message or user management capabilities.
 ## Testing Locally
 1. Create the plugin folder in the desktop plugins directory.
 2. Open the Plugin Manager.
 3. Register or refresh local plugins.
 4. Grant required capabilities.
 5. Activate the plugin.
 6. Inspect plugin logs in the manager.
 For broad API examples, compare against the E2E fixture plugin under `toju-app/public/plugins/e2e-all-api/`.
--- a/docs-site/docs/plugin-development/examples.md
+++ b/docs-site/docs/plugin-development/examples.md
@@ -0,0 +1,266 @@
 ---
 sidebar_position: 5
 ---
 # Examples
 ## Toolbar Message Plugin
 `toju-plugin.json`
 ```json
 {
  "schemaVersion": 1,
  "id": "example.toolbar-message",
  "title": "Toolbar Message",
  "description": "Adds a View plugins menu action that sends a reusable message.",
  "version": "1.0.0",
  "kind": "client",
  "scope": "client",
  "apiVersion": "1.0.0",
  "compatibility": {
    "minimumTojuVersion": "1.0.0",
    "verifiedTojuVersion": "1.0.0"
  },
  "entrypoint": "./main.js",
  "capabilities": ["messages.send", "ui.pages"]
 }
 ```
 `main.js`
 ```js
 export function activate(context) {
  const { api } = context;
  context.subscriptions.push(
    api.ui.registerToolbarAction('standup-message', {
      icon: 'ST',
      label: 'Standup',
      run: (actionContext) => api.messages.send('Standup: yesterday, today, blocked', actionContext.textChannel?.id)
    })
  );
 }
 ```
 The action appears as a tile in the server side panel's View plugins menu and runs with `source: 'toolbarAction'`.
 ## Slash Command Plugin
 `toju-plugin.json`
 ```json
 {
  "schemaVersion": 1,
  "id": "example.slash-commands",
  "title": "Slash Commands",
  "description": "Registers / commands available from the chat composer.",
  "version": "1.0.0",
  "kind": "client",
  "scope": "client",
  "apiVersion": "1.0.0",
  "compatibility": {
    "minimumTojuVersion": "1.0.0",
    "verifiedTojuVersion": "1.0.0"
  },
  "entrypoint": "./main.js",
  "capabilities": ["messages.send", "ui.commands"]
 }
 ```
 `main.js`
 ```js
 export function activate(context) {
  const { api } = context;
  // Global: works in chat servers and direct messages.
  context.subscriptions.push(
    api.commands.register('shrug', {
      name: 'shrug',
      description: 'Append the shrug emoticon',
      scope: 'global',
      run: () => api.messages.send('¯\\_(ツ)_/¯')
    })
  );
  // Server-scoped: only offered while a chat server is active.
  context.subscriptions.push(
    api.commands.register('announce', {
      name: 'announce',
      description: 'Post an announcement to the current channel',
      icon: '📢',
      scope: 'server',
      options: [{ name: 'message', type: 'rest', required: true }],
      run: (slash) => api.messages.send(`📢 ${slash.args.message}`, slash.textChannel?.id)
    })
  );
 }
 ```
 Typing `/` in the composer opens the autocomplete menu. `/shrug` runs immediately; `/announce <message>` fills the composer so the user can type the announcement before sending. See the [Slash Commands API](./api/commands.md) for option parsing and the command context.
 ## Settings Page Plugin
 ```json
 {
  "schemaVersion": 1,
  "id": "example.settings-page",
  "title": "Settings Page Example",
  "description": "Adds a plugin settings page and stores a local preference.",
  "version": "1.0.0",
  "kind": "client",
  "apiVersion": "1.0.0",
  "compatibility": { "minimumTojuVersion": "1.0.0" },
  "entrypoint": "./main.js",
  "capabilities": ["ui.settings", "storage.local"],
  "settings": {
    "type": "object",
    "properties": {
      "enabled": { "type": "boolean", "default": true }
    }
  }
 }
 ```
 ```js
 export function activate(context) {
  const { api } = context;
  context.subscriptions.push(
    api.ui.registerSettingsPage('preferences', {
      label: 'Example Preferences',
      render: () => {
        const root = document.createElement('section');
        const button = document.createElement('button');
        button.type = 'button';
        button.textContent = 'Remember preference';
        button.onclick = () => api.storage.set('enabled', true);
        root.append(button);
        return root;
      }
    })
  );
 }
 ```
 ## Server-Scoped Soundboard
 A server-scoped plugin can be installed as a server requirement and auto-installed for server members when marked required.
 ```json
 {
  "schemaVersion": 1,
  "id": "example.soundboard",
  "title": "Server Soundboard",
  "description": "Adds a soundboard side panel and announces played sounds.",
  "version": "1.0.0",
  "kind": "client",
  "scope": "server",
  "apiVersion": "1.0.0",
  "compatibility": { "minimumTojuVersion": "1.0.0" },
  "entrypoint": "./main.js",
  "capabilities": ["server.read", "users.manage", "ui.sidePanel", "media.playAudio", "messages.send"],
  "pluginUser": {
    "displayName": "Soundboard",
    "label": "Audio helper"
  }
 }
 ```
 ```js
 export function activate(context) {
  const { api } = context;
  const botId = api.server.registerPluginUser({
    id: 'soundboard-bot',
    displayName: 'Soundboard'
  });
  context.subscriptions.push(
    api.ui.registerSidePanel('sounds', {
      label: 'Soundboard',
      render: () => {
        const panel = document.createElement('div');
        const button = document.createElement('button');
        button.type = 'button';
        button.textContent = 'Play chime';
        button.onclick = async () => {
          await api.media.playAudioClip({ url: './chime.wav', volume: 0.7 });
          api.messages.sendAsPluginUser({ pluginUserId: botId, content: 'Played chime' });
        };
        panel.append(button);
        return panel;
      }
    })
  );
 }
 ```
 ## Message Bus Plugin
 ```json
 {
  "schemaVersion": 1,
  "id": "example.poll-bus",
  "title": "Poll Bus",
  "description": "Uses the plugin message bus for lightweight P2P poll votes.",
  "version": "1.0.0",
  "kind": "client",
  "apiVersion": "1.0.0",
  "compatibility": { "minimumTojuVersion": "1.0.0" },
  "entrypoint": "./main.js",
  "capabilities": ["events.p2p.publish", "events.p2p.subscribe", "messages.read"]
 }
 ```
 ```js
 export function activate(context) {
  const { api } = context;
  context.subscriptions.push(
    api.messageBus.subscribe({
      topic: 'poll:votes',
      replayLatest: true,
      latestMessageLimit: 20,
      handler: (event) => api.logger.info('Vote received', event.payload)
    })
  );
  api.messageBus.publish({
    topic: 'poll:votes',
    payload: { option: 'A' },
    includeLatestMessages: true,
    includeSelf: true,
    latestMessageLimit: 20
  });
 }
 ```
 ## Custom DOM Mount
 Use `ui.dom` sparingly and cleanly. The runtime tags mounted elements with plugin ownership metadata and removes remaining mounted elements when the plugin unloads.
 ```js
 export function activate(context) {
  const badge = document.createElement('div');
  badge.textContent = 'Plugin active';
  badge.style.position = 'absolute';
  badge.style.right = '1rem';
  badge.style.bottom = '1rem';
  context.subscriptions.push(
    context.api.ui.mountElement('active-badge', {
      target: 'body',
      element: badge
    })
  );
 }
 ```
 ## All-API Fixture
 The repo includes an E2E fixture at `toju-app/public/plugins/e2e-all-api/`. It intentionally calls every public plugin API surface so Playwright coverage can validate the runtime. Use it as a compatibility reference, not as the minimal style for production plugins.
--- a/docs-site/docs/plugin-development/manifest.md
+++ b/docs-site/docs/plugin-development/manifest.md
@@ -0,0 +1,165 @@
 ---
 sidebar_position: 2
 ---
 # Manifest Model
 The manifest is the source of truth for plugin identity, compatibility, runtime shape, capabilities, data, events, UI hints, and distribution metadata.
 ```ts
 type TojuPluginInstallScope = 'client' | 'server';
 type PluginEventDirection = 'clientToServer' | 'serverRelay' | 'p2pHint';
 type PluginEventScope = 'server' | 'channel' | 'user' | 'plugin';
 type PluginCapabilityId =
  | 'profile.read'
  | 'profile.write'
  | 'users.read'
  | 'users.manage'
  | 'roles.read'
  | 'roles.manage'
  | 'messages.read'
  | 'messages.send'
  | 'messages.editOwn'
  | 'messages.deleteOwn'
  | 'messages.moderate'
  | 'messages.sync'
  | 'channels.read'
  | 'channels.manage'
  | 'server.read'
  | 'server.manage'
  | 'p2p.data'
  | 'p2p.media'
  | 'media.playAudio'
  | 'media.addAudioStream'
  | 'media.addVideoStream'
  | 'audio.volume'
  | 'audio.effects'
  | 'ui.settings'
  | 'ui.pages'
  | 'ui.sidePanel'
  | 'ui.channelsSection'
  | 'ui.embeds'
  | 'ui.dom'
  | 'ui.commands'
  | 'storage.local'
  | 'storage.serverData.read'
  | 'storage.serverData.write'
  | 'events.server.publish'
  | 'events.server.subscribe'
  | 'events.p2p.publish'
  | 'events.p2p.subscribe';
 interface TojuPluginManifest {
  schemaVersion: 1;
  id: string;
  title: string;
  description: string;
  version: string;
  kind: 'client' | 'library';
  scope?: TojuPluginInstallScope;
  apiVersion: string;
  compatibility: {
    minimumTojuVersion: string;
    maximumTojuVersion?: string;
    verifiedTojuVersion?: string;
  };
  entrypoint?: string;
  bundle?: {
    url: string;
    entrypoint?: string;
  };
  readme?: string;
  homepage?: string;
  bugs?: string;
  changelog?: string;
  license?: string;
  authors?: {
    name: string;
    email?: string;
    url?: string;
  }[];
  capabilities?: PluginCapabilityId[];
  events?: {
    eventName: string;
    direction: PluginEventDirection;
    scope: PluginEventScope;
    maxPayloadBytes?: number;
    schema?: string;
  }[];
  data?: {
    key: string;
    schema?: string;
    scope: string;
    storage: 'local' | 'serverData';
  }[];
  relationships?: {
    after?: string[];
    before?: string[];
    conflicts?: string[];
    optional?: { id: string; versionRange?: string }[];
    requires?: { id: string; versionRange?: string }[];
  };
  load?: {
    priority?: 'bootstrap' | 'high' | 'default' | 'low';
  };
  pluginUser?: {
    avatar?: string;
    displayName: string;
    label?: string;
  };
  settings?: Record<string, unknown>;
  ui?: Record<string, unknown>;
 }
 ```
 ## Required Fields
 | Field | Meaning |
 | --- | --- |
 | `schemaVersion` | Manifest schema version. Currently `1`. |
 | `id` | Stable plugin id. Use a reverse-DNS or package-style id. |
 | `title` | Human-readable plugin name. |
 | `description` | Short explanation shown in plugin UI. |
 | `version` | Plugin version. |
 | `kind` | `client` for runtime plugins, `library` for shared dependency-style entries. |
 | `apiVersion` | Plugin API version expected by the plugin. |
 | `compatibility.minimumTojuVersion` | Oldest app version the plugin supports. |
 ## Scope
 `scope: "client"` installs the plugin for the current client. Omit `scope` for the same behavior.
 `scope: "server"` marks a plugin as server-scoped. Server-scoped store entries can be installed to a chat server as requirements. Required server plugins are auto-installed for members when that server opens; optional requirements stay listed but do not auto-install.
 When a user installs a server-scoped plugin into the server they are currently viewing, Toju enables that plugin id locally and activates the plugin immediately after the local manifest is registered. Installing a server-scoped plugin for another server records the activation preference so it activates when that server is opened.
 ## Entrypoint and Bundle
 Use `entrypoint` for a browser-resolvable module relative to the manifest. Use `bundle.url` when publishing a cached browser bundle through a plugin source manifest. Desktop installs cache bundle files into app data and load the cached manifest afterward.
 ## Events
 Every server or P2P plugin event should be declared before it is published or subscribed to.
 ```json
 {
  "events": [
    {
      "eventName": "poll:vote",
      "direction": "p2pHint",
      "scope": "channel",
      "maxPayloadBytes": 2048
    }
  ]
 }
 ```
 ## Data Declarations
 Use `data` to document plugin-owned data keys and intended storage.
 - `local` maps to client-local plugin data.
 - `serverData` maps to local per-user/per-server plugin data.
 Signal server HTTP persistence for arbitrary plugin data is disabled by design.
--- a/docs-site/docs/user-guide/first-steps.md
+++ b/docs-site/docs/user-guide/first-steps.md
@@ -0,0 +1,66 @@
 ---
 sidebar_position: 1
 ---
 # First Steps
 Toju is a chat app for servers, text conversations, direct messages, and live voice. You do not need to understand the technical parts to use it.
 ## Main Words
 | Word | Meaning |
 | --- | --- |
 | Server | A shared space for a community, team, or group. |
 | Text channel | A named chat room inside a server. Messages stay in that channel. |
 | Voice channel | A named live room inside a server. Join it when you want to talk, share camera, or share screen. |
 | Direct message | A private conversation outside a server channel. |
 | Plugin | An add-on that can add buttons, panels, tools, integrations, or server-specific features. |
 ## Sign In
 1. Open Toju.
 2. Sign in with your username and password.
 3. If you use more than one signaling server, choose the server endpoint that owns your account.
 A signaling server handles accounts, server discovery, membership, and connection setup. In normal use you can think of it as the place Toju checks when you log in and join servers.
 ## Find a Server
 1. Open the server search page.
 2. Search by server name or browse the available list.
 3. Select a server.
 4. Join directly if it is public, enter the password if it is protected, or use an invite link if someone sent you one.
 After joining, the server appears in the vertical server rail on the left. Click a server icon there to switch servers.
 ## Read and Send Messages
 1. Click a server in the left rail.
 2. Pick a text channel under **Text Channels**.
 3. Type in the composer at the bottom of the chat.
 4. Press Enter or use the send button.
 Text channels keep different topics separate. For example, a server might have `general`, `announcements`, and `support` as separate text channels.
 ## Start Talking
 1. Open a server.
 2. Pick a voice channel under **Voice Channels**.
 3. Click the voice channel to join.
 4. Use the voice controls to mute, deafen, start camera, share screen, or leave.
 Voice is live. Text messages are written chat. They can happen at the same time, but they are different channel types.
 ## Use Direct Messages
 Direct messages are one-to-one conversations. They are separate from server text channels, so they do not depend on which server you are viewing.
 ## Open Settings
 Settings contain account, voice, plugin, server, desktop, update, local API, theme, and data controls. Desktop users can also manage local data import/export and local documentation/API hosting.
 ## Install Plugins
 Plugins are installed from the Plugin Store or Plugin Manager. Some plugins are global client plugins. Other plugins are server-scoped and only apply to a specific server.
 See [Plugins for Users](./plugins.md) for the full non-technical plugin guide.
--- a/docs-site/docs/user-guide/plugins.md
+++ b/docs-site/docs/user-guide/plugins.md
@@ -0,0 +1,88 @@
 ---
 sidebar_position: 5
 ---
 # Plugins for Users
 Plugins add features to Toju. They can add pages, buttons, panels, settings, sounds, message tools, custom embeds, or server-specific behavior.
 ## Types of Plugins
 | Type           | What it means                                                                                         |
 | -------------- | ----------------------------------------------------------------------------------------------------- |
 | Client plugin  | Installed for your app. It follows you across servers when active.                                    |
 | Server plugin  | Installed for a specific server. It may be required, recommended, optional, blocked, or incompatible. |
 | Library plugin | Shared plugin code used by other plugins. It is not normally something users interact with directly.  |
 ## Install from the Plugin Store
 1. Open the Plugin Store from the title bar or Settings.
 2. Browse or search available plugins.
 3. Open the plugin details.
 4. Read the description, version, source, and capability list.
 5. Choose install.
 6. Review and grant only the capabilities you trust.
 7. Activate the plugin.
 Server-scoped plugins installed to the server you are currently viewing are enabled and activated automatically after install, so their panels, actions, or embeds can appear immediately.
 ## Use Plugin Actions
 When plugins add quick actions to a server, the server side panel shows a View plugins link in the plugin area. Open it to see a grid of plugin action tiles. Selecting a tile runs that plugin's action in the current server and channel context.
 Plugins can also add `/` slash commands. Type `/` in the message box to open the command menu; plugin commands appear there tagged with the plugin name, alongside built-in commands like `/lenny`. See [Text and Direct Messages](./text-and-direct-messages.md#slash-commands) for how to use the menu.
 ## Install a Local Plugin
 Desktop builds can discover local plugin folders from the app data plugins directory.
 1. Put the plugin folder in the desktop plugins directory.
 2. Open Settings.
 3. Open the Plugin Manager.
 4. Refresh or register local plugins.
 5. Grant capabilities and activate the plugin.
 ## Server Plugin Prompts
 When a server uses plugins, Toju may show a prompt.
 | Status       | Meaning                                                                           |
 | ------------ | --------------------------------------------------------------------------------- |
 | Required     | You must install the plugin to join or continue using that server.                |
 | Recommended  | The server suggests the plugin, but you can choose.                               |
 | Optional     | The plugin is available for the server, but not required.                         |
 | Blocked      | The server marks the plugin as not allowed.                                       |
 | Incompatible | The plugin version does not work with your app version or the server requirement. |
 Required plugins are still installed locally on your device. The signaling server stores requirement metadata only; it does not run plugin code.
 ## Capability Grants
 Plugins must ask for capabilities before using sensitive features.
 Examples:
 | Capability area | Why a plugin might ask                                                     |
 | --------------- | -------------------------------------------------------------------------- |
 | Messages        | Send messages, read current messages, moderate messages, or render embeds. |
 | Users and roles | Read member lists, create plugin users, or manage users.                   |
 | Voice and media | Play audio, add an audio stream, add a video stream, or adjust volume.     |
 | UI              | Add pages, settings pages, side panels, toolbar buttons, slash commands, or DOM elements. |
 | Storage         | Save plugin preferences locally or per server.                             |
 Only grant capabilities to plugins you trust.
 ## Manage Plugins
 The Plugin Manager lets you:
 - activate, deactivate, reload, or unload plugins;
 - grant or revoke capabilities;
 - inspect plugin logs;
 - see plugin UI contribution counts;
 - review server plugin requirements;
 - uninstall plugins.
 ## Plugin Safety Notes
 Plugins are browser-safe JavaScript modules loaded by the client. They do not run on the signaling server. A plugin can only call privileged Toju APIs when its manifest declares the capability and you grant it.
--- a/docs-site/docs/user-guide/servers-and-channels.md
+++ b/docs-site/docs/user-guide/servers-and-channels.md
@@ -0,0 +1,65 @@
 ---
 sidebar_position: 2
 ---
 # Servers and Channels
 A server is the main shared space in Toju. Servers contain members, channels, permissions, optional plugins, and server settings.
 ## Server Rail
 The server rail is the vertical list of servers on the left side of the app.
 - Click a server icon to open it.
 - Use the add/search control to find or join more servers.
 - A badge can show unread activity.
 - Server context actions can include invite, leave, or server settings depending on your permissions.
 ## Text Channels
 Text channels are written conversations. Each text channel has its own message list.
 Common examples:
 | Channel | Use |
 | --- | --- |
 | `general` | Everyday chat. |
 | `announcements` | Updates from owners or admins. |
 | `support` | Help requests. |
 | `clips` | Shared media or links. |
 Messages, replies, reactions, attachments, GIFs, typing indicators, and plugin-created messages are scoped to the active text channel.
 ## Voice Channels
 Voice channels are live spaces. Joining a voice channel connects your microphone and lets you use camera or screen sharing when enabled.
 Voice channel examples:
 | Channel | Use |
 | --- | --- |
 | `Lobby` | Casual drop-in voice. |
 | `Gaming` | In-game voice. |
 | `Meeting` | Focused calls. |
 | `Support Room` | Live help. |
 ## Text Channels vs Voice Channels
 | Text channel | Voice channel |
 | --- | --- |
 | Written messages. | Live audio and media. |
 | You can read later. | You join and leave in real time. |
 | Uses the message composer. | Uses voice controls. |
 | Good for searchable discussions. | Good for conversations, calls, screen shares, and quick coordination. |
 ## Server Members
 The member list shows people known to the server. Online members appear separately from offline members. Depending on permissions, owners, admins, or moderators can move users between voice channels, kick users, ban users, or change roles.
 ## Invites
 Invite links help other users join a server. If a server is private or password-protected, the invite or password controls who can enter.
 ## Server Plugins
 A server can recommend or require plugins. Required server plugins may block joining until you choose whether to install them. Optional and recommended plugins can be skipped.
--- a/docs-site/docs/user-guide/settings.md
+++ b/docs-site/docs/user-guide/settings.md
@@ -0,0 +1,33 @@
 ---
 sidebar_position: 6
 ---
 # Settings and Data
 Settings control the app, voice, plugins, servers, themes, updates, local APIs, and desktop behavior.
 ## Common Settings
 | Area | What you can manage |
 | --- | --- |
 | Account | Current profile, display details, and avatar metadata. |
 | Voice | Devices, volumes, bitrate, latency, noise reduction, screen share preferences. |
 | Plugins | Installed plugins, capability grants, plugin logs, and plugin store sources. |
 | Server | Server details, channels, roles, moderation, plugin requirements, and member controls. |
 | Theme | App colors and visual preferences. |
 | Desktop | Tray behavior, auto-start, hardware acceleration, updates, and local data tools. |
 | Local API | Local HTTP server, API docs, Docusaurus docs, and allowed signaling servers. |
 ## Local Data
 Desktop Toju stores local app data on your device. That can include rooms, messages, users, plugin data, settings, and metadata. The desktop settings include data import/export tools.
 ## Local API and Documentation Hosting
 The desktop app can start a local HTTP server. It is off by default. When enabled, it can serve:
 - Local REST API endpoints under `/api/...`;
 - Scalar REST API docs at `/docs`;
 - this Docusaurus site at `/docusaurus`.
 Authentication for protected local API routes uses a local bearer token. Login is checked against an allowed signaling server that you configure in settings.
--- a/docs-site/docs/user-guide/text-and-direct-messages.md
+++ b/docs-site/docs/user-guide/text-and-direct-messages.md
@@ -0,0 +1,49 @@
 ---
 sidebar_position: 3
 ---
 # Text and Direct Messages
 Text channels and direct messages both use written chat, but they are meant for different situations.
 ## Text Channels
 Text channels belong to a server. Everyone with access to that server and channel can participate.
 You can use text channels to:
 - send normal messages;
 - run slash commands by typing `/`;
 - edit or delete your own messages when allowed;
 - react to messages;
 - send attachments;
 - browse and send GIFs when available;
 - see typing indicators;
 - read synced message history stored on your device.
 ## Direct Messages
 Direct messages are private conversations outside a server channel. Use them when a message is meant for one person instead of the server.
 ## Slash Commands
 Type `/` at the start of the message box to open the slash command menu. It lists the commands you can run, with a short description for each.
 - Keep typing to filter the list (for example `/le`).
 - Use the up and down arrow keys to move through the list, then press `Enter` or `Tab` to pick a command. You can also click one.
 - Press `Escape` to close the menu.
 - A command that needs extra text fills the box with `/name ` so you can type the rest, then send it.
 Toju includes built-in commands such as `/lenny`, which posts `( ͡° ͜ʖ ͡°)`. Plugins can add their own commands, which appear in the same menu (tagged with the plugin name). Slash commands are available in both text channels and direct messages; some plugin commands only appear inside a server. Text that starts with `/` but matches no command is sent as a normal message.
 ## Attachments and Media
 Attachments can appear as files, images, audio, or video depending on the file type and what the app can preview. If an image or link cannot load directly, the app can use fallback paths where available.
 ## Message Sync
 Toju stores messages locally and syncs recent messages with peers when connections are available. If you were offline, messages may appear after peers reconnect and exchange their recent message lists.
 ## Plugin Messages
 Some plugins can send messages, create bot-style plugin users, render custom embeds, or add composer buttons. Toju asks for plugin capability grants before plugins can use privileged message features.
--- a/docs-site/docs/user-guide/voice-channels.md
+++ b/docs-site/docs/user-guide/voice-channels.md
@@ -0,0 +1,73 @@
 ---
 sidebar_position: 4
 ---
 # Voice Channels and Calls
 Voice channels are live rooms inside a server. Join one when you want to talk, share camera, or share your screen.
 ## Join a Voice Channel
 1. Open the server from the left server rail.
 2. Find **Voice Channels** in the server side panel.
 3. Click the voice channel you want to join.
 4. Allow microphone access if your system asks.
 5. Use the voice controls to manage your call.
 When you join, other users in the same voice channel can hear you unless you are muted. Users in other voice channels are not part of your live voice room.
 ## Voice Controls
 The voice controls can include:
 | Control | What it does |
 | --- | --- |
 | Mute microphone | Stops sending your microphone audio. |
 | Deafen | Stops playback and usually mutes your microphone too. |
 | Camera | Starts or stops webcam video. |
 | Screen share | Shares a screen or window. |
 | Settings | Opens voice device and quality settings. |
 | Leave | Disconnects from the voice channel. |
 ## Screen Sharing
 1. Join a voice channel.
 2. Click screen share.
 3. Choose a screen or window.
 4. Choose whether to include system audio when available.
 5. Stop sharing from the voice controls when done.
 The screen share picker can show screens and windows. Desktop audio support depends on operating system support and the selected source.
 ## Voice Workspace
 When someone shares camera or screen, the voice workspace can expand into a larger media area. It can show focused streams, a grid of streams, or a minimized mini-window.
 ## Floating Voice Controls
 If you navigate away from the server while still connected to voice, Toju can show floating voice controls. Use them to return to the voice server or leave the call.
 ## Voice Settings
 Voice settings can include:
 - input device;
 - output device;
 - input volume;
 - output volume;
 - audio bitrate;
 - latency profile;
 - noise reduction;
 - screen share quality;
 - system audio preference.
 ## Troubleshooting
 | Problem | Try this |
 | --- | --- |
 | Nobody hears you | Check mute, input device, system microphone permission, and input volume. |
 | You hear nobody | Check deafen, output device, output volume, and whether others are in the same voice channel. |
 | Screen share is missing | Check desktop permissions and try a different screen or window. |
 | Voice drops after switching servers | Return to the server with the active voice session or leave and rejoin the voice channel. |
 Voice and screen sharing use peer-to-peer WebRTC media. The signaling server helps users connect, but the media itself travels through peer connections.
--- a/docs-site/docs/using-toju.md
+++ b/docs-site/docs/using-toju.md
@@ -0,0 +1,56 @@
 ---
 sidebar_position: 2
 ---
 # Using Toju
 ## Sign In
 Toju signs in through a signaling server. The signaling server validates the user account, coordinates server membership, relays selected realtime messages, and helps peers establish WebRTC connections.
 For the desktop Local API, the same signaling server allow-list is used before local bearer tokens can be issued. This keeps local automation tied to servers you explicitly trust.
 ## Find or Join Servers
 Use the server search flow to find known servers. A server can be public, private, or password-protected depending on its settings. Invite links can be created from the title bar menu while a server is active.
 A server contains:
 - basic profile information such as name, topic, description, privacy, and maximum users;
 - text channels;
 - voice or custom channel sections;
 - roles and permissions;
 - members and voice state;
 - optional server-scoped plugin requirements.
 ## Text Channels and Messages
 Text channels are selected inside the active server. Messages are persisted locally by the client and synchronized through realtime events while connected. Plugins with the relevant capabilities can read, send, edit, delete, moderate, or sync messages.
 Direct messages use the same shell but are not part of a room channel context.
 ## Voice, Video, and Screen Sharing
 Voice and media are peer-to-peer. The signaling server coordinates connection setup, while media streams travel through WebRTC peer connections.
 Desktop builds include platform integrations such as Linux display-server detection and optional monitor audio routing for screen sharing. Plugin media APIs can contribute custom audio or video streams when the user grants the necessary capabilities.
 ## Plugins
 Open the Plugin Store from the title bar package button or menu. The plugin manager separates global client plugins from server-scoped plugins. Installed plugins can be activated, reloaded, unloaded, disabled, inspected for logs, and granted capabilities.
 Plugins are explicit runtime modules. Toju loads browser-safe ES modules, passes a frozen API object, and cleans up registered disposables when a plugin unloads.
 ## Desktop Settings
 Desktop settings cover:
 - auto-start and close-to-tray behavior;
 - hardware acceleration and Linux VA-API video encode options;
 - update manifests and target update versions;
 - local HTTP API hosting;
 - Scalar API documentation;
 - Docusaurus app/plugin documentation;
 - allowed signaling servers for local API authentication;
 - local plugin discovery and store sources;
 - themes and user data import/export.
--- a/docs-site/docusaurus.config.ts
+++ b/docs-site/docusaurus.config.ts
@@ -0,0 +1,71 @@
 import type { Config } from '@docusaurus/types';
 import type * as Preset from '@docusaurus/preset-classic';
 const config: Config = {
  title: 'Toju Docs',
  tagline: 'Desktop chat, local APIs, and plugin development',
  url: 'http://127.0.0.1',
  baseUrl: '/docusaurus/',
  organizationName: 'metoyou',
  projectName: 'metoyou',
  onBrokenLinks: 'throw',
  onBrokenMarkdownLinks: 'warn',
  i18n: {
    defaultLocale: 'en',
    locales: ['en']
  },
  presets: [
    [
      'classic',
      {
        docs: {
          routeBasePath: '/',
          sidebarPath: './sidebars.ts'
        },
        blog: false,
        theme: {
          customCss: './src/css/custom.css'
        }
      } satisfies Preset.Options
    ]
  ],
  themeConfig: {
    navbar: {
      title: 'Toju Docs',
      items: [
        { type: 'docSidebar', sidebarId: 'mainSidebar', position: 'left', label: 'Guides' },
        { to: '/user-guide/first-steps', label: 'User Guide', position: 'left' },
        { to: '/developer/contributing', label: 'Developer Guide', position: 'left' },
        { to: '/plugin-development/create-a-plugin', label: 'Plugin Guide', position: 'left' },
        { to: '/developer/rest-api', label: 'REST API', position: 'left' }
      ]
    },
    footer: {
      style: 'dark',
      links: [
        {
          title: 'Docs',
          items: [
            { label: 'First Steps', to: '/user-guide/first-steps' },
            { label: 'Voice Channels', to: '/user-guide/voice-channels' },
            { label: 'Plugins for Users', to: '/user-guide/plugins' },
            { label: 'Contributing', to: '/developer/contributing' },
            { label: 'Create a Plugin', to: '/plugin-development/create-a-plugin' },
            { label: 'Plugin API Reference', to: '/plugin-development/api-reference' },
            { label: 'Local REST API', to: '/developer/rest-api' }
          ]
        }
      ],
      copyright: 'Toju local documentation. Built with Docusaurus.'
    },
    prism: {
      additionalLanguages: [
        'bash',
        'json',
        'typescript'
      ]
    }
  } satisfies Preset.ThemeConfig
 };
 export default config;
--- a/docs-site/package-lock.json
+++ b/docs-site/package-lock.json
--- a/docs-site/package.json
+++ b/docs-site/package.json
@@ -0,0 +1,28 @@
 {
  "name": "metoyou-docs",
  "version": "1.0.0",
  "private": true,
  "scripts": {
    "start": "docusaurus start --host 127.0.0.1",
    "build": "docusaurus build",
    "serve": "docusaurus serve --host 127.0.0.1"
  },
  "dependencies": {
    "@docusaurus/core": "3.10.0",
    "@docusaurus/preset-classic": "3.10.0",
    "@mdx-js/react": "^3.1.1",
    "clsx": "^2.1.1",
    "prism-react-renderer": "^2.4.1",
    "react": "^19.1.1",
    "react-dom": "^19.1.1"
  },
  "devDependencies": {
    "@docusaurus/module-type-aliases": "3.10.0",
    "@docusaurus/tsconfig": "3.10.0",
    "@docusaurus/types": "3.10.0",
    "typescript": "~5.9.2"
  },
  "overrides": {
    "webpack": "5.101.3"
  }
 }
--- a/docs-site/sidebars.ts
+++ b/docs-site/sidebars.ts
@@ -0,0 +1,63 @@
 import type { SidebarsConfig } from '@docusaurus/plugin-content-docs';
 const sidebars: SidebarsConfig = {
  mainSidebar: [
    'intro',
    {
      type: 'category',
      label: 'User Guide',
      items: [
        'user-guide/first-steps',
        'user-guide/servers-and-channels',
        'user-guide/text-and-direct-messages',
        'user-guide/voice-channels',
        'user-guide/plugins',
        'user-guide/settings',
        'using-toju'
      ]
    },
    {
      type: 'category',
      label: 'Developer Guide',
      items: [
        'developer/contributing',
        'developer/docusaurus-site',
        'developer/dom-structure',
        'developer/rest-api',
        'developer/llm-plugin-builder-guide',
        'desktop-and-local-api'
      ]
    },
    {
      type: 'category',
      label: 'Plugin Development',
      items: [
        'plugin-development/create-a-plugin',
        'plugin-development/manifest',
        'plugin-development/capabilities',
        'plugin-development/api-reference',
        {
          type: 'category',
          label: 'Plugin API Examples',
          items: [
            'plugin-development/api/context-and-logging',
            'plugin-development/api/profile',
            'plugin-development/api/users-and-roles',
            'plugin-development/api/server',
            'plugin-development/api/channels',
            'plugin-development/api/messages-and-typing',
            'plugin-development/api/events',
            'plugin-development/api/message-bus',
            'plugin-development/api/p2p-and-media',
            'plugin-development/api/storage',
            'plugin-development/api/ui',
            'plugin-development/api/commands'
          ]
        },
        'plugin-development/examples'
      ]
    }
  ]
 };
 export default sidebars;
--- a/docs-site/src/css/custom.css
+++ b/docs-site/src/css/custom.css
@@ -0,0 +1,40 @@
 :root {
  --ifm-color-primary: #2f9ab2;
  --ifm-color-primary-dark: #2a8ba0;
  --ifm-color-primary-darker: #287f94;
  --ifm-color-primary-darkest: #216979;
  --ifm-color-primary-light: #36abc5;
  --ifm-color-primary-lighter: #43b4ce;
  --ifm-color-primary-lightest: #6cc5d8;
  --ifm-code-font-size: 92%;
  --ifm-border-radius: 6px;
 }
 [data-theme='dark'] {
  --ifm-background-color: #101318;
  --ifm-background-surface-color: #171b22;
  --ifm-navbar-background-color: #12161d;
  --ifm-footer-background-color: #0b0e13;
  --ifm-color-primary: #58c4dc;
  --ifm-color-primary-dark: #36b7d3;
  --ifm-color-primary-darker: #27aeca;
  --ifm-color-primary-darkest: #208fa6;
  --ifm-color-primary-light: #79d1e3;
  --ifm-color-primary-lighter: #8bd7e7;
  --ifm-color-primary-lightest: #bde9f1;
 }
 .hero--primary {
  --ifm-hero-background-color: #151b24;
  --ifm-hero-text-color: #f6f8fb;
 }
 .theme-doc-markdown table code,
 .theme-doc-markdown li code,
 .theme-doc-markdown p code {
  border: 1px solid var(--ifm-color-emphasis-300);
 }
 .plugin-api-table td:first-child {
  white-space: nowrap;
 }
--- a/e2e/CONTEXT.md
+++ b/e2e/CONTEXT.md
@@ -0,0 +1,50 @@
 # End-to-End Suite (e2e)
 Owns Playwright-based end-to-end verification of the desktop product. Tests boot the real Electron application against the real signaling server and exercise user-visible flows across chat, voice, screen-share, settings, plugins, and auth.
 > **Format reference:**
 > - **Vocabulary** — bold term, one-sentence definition, aliases to avoid.
 > - **Relationships** — bullets with bold terms and cardinality.
 > - **Boundaries / IO** — what this subdomain exposes and consumes.
 > - **Invariants** — rules that always hold.
 > - **Flagged ambiguities** — terms in dispute with proposed resolutions.
 >
 > See `agents-docs/AGENTS_CONTEXT.md` for the contract. Update in the same turn a trigger fires (see `agents-docs/AGENT_WORKFLOW.md` § CONTEXT.md upkeep).
 ## Vocabulary
 | Term | Definition | Aliases to avoid |
 |------|------------|------------------|
 | **Feature area** | A top-level folder under `tests/` (`auth/`, `chat/`, `voice/`, `screen-share/`, `settings/`, `plugins/`) corresponding to a slice of user-visible behavior. | "category", "section" |
 | **Page object** | A test-side abstraction over a screen or panel that exposes user-intent methods rather than raw selectors. | "page model" |
 | **Fixture** | A Playwright `test.extend(...)` setup that prepares one or more user/app instances before a test runs. | "helper" |
 | **Pair test** | An E2E test that boots two Electron instances simultaneously to verify P2P flows (calls, screen-share, transfers). | "multi-client test" |
 ## Relationships
 - A **Feature area** owns one or more `*.spec.ts` files plus its own **Page objects** and **Fixtures**.
 - A **Pair test** depends on the **server** subdomain being reachable — both clients connect to the same signaling server.
 - **Page objects** depend only on the rendered DOM produced by **toju-app**; if a selector changes, only the page object should need updating.
 - The suite as a whole depends on **electron** (built via `npm run build:electron`) and a usable **server** (`npm run server:dev` or `npm run dev`).
 ## Boundaries / IO
 - **Exposes:** test results (HTML report at `test-results/html-report`, JUnit/JSON output on CI). No production surface.
 - **Consumes:**
  - The built product (toju-app + electron) — typically launched via Playwright's Electron support.
  - The signaling server (started before the suite runs).
  - System resources: audio devices for voice tests, screen-capture for screen-share tests. The `.agents/skills/playwright-e2e/SKILL.md` documents how the suite handles the multi-client setup.
 ## Invariants
 - Tests interact only through **Page objects** and **Fixtures** — no raw `page.click('.css-class-name')` scattered across specs.
 - Tests must clean up state between runs — a flaky run that leaves cruft in the local database or signaling server is a bug, not an environment issue.
 - The suite must run headless on CI (`npm run test:e2e`); the `ui` and `debug` variants exist for local development only.
 ## Flagged ambiguities
 - _None recorded yet — add entries when a test concept (e.g. "pair test" vs "multi-client test") resists clean definition._
 ---
 *Agent-procedural rules (TDD, lint) live in `/AGENTS.md`. Practical patterns for writing Playwright tests on this project live in `.agents/skills/playwright-e2e/SKILL.md`. This file is the bounded-context domain artefact for the E2E suite.*
--- a/e2e/README.md
+++ b/e2e/README.md
@@ -0,0 +1,36 @@
 # End-to-End Tests
 Playwright suite for the MetoYou / Toju product client. The tests exercise browser flows such as authentication, chat, voice, screen sharing, and settings with reusable page objects and helpers.
 ## Commands
 Run these from the repository root:
 - `npm run test:e2e` runs the full Playwright suite.
 - `npm run test:e2e:ui` opens Playwright UI mode.
 - `npm run test:e2e:debug` runs the suite in debug mode.
 - `npm run test:e2e:report` opens the HTML report in `test-results/html-report`.
 You can also run `npx playwright test` from `e2e/` directly.
 ## Runtime
 - `playwright.config.ts` starts `cd ../toju-app && npx ng serve` as the test web server.
 - The suite targets `http://localhost:4200`.
 - Tests currently run with a single Chromium worker.
 - The browser launches with fake media-device flags and grants microphone/camera permissions.
 - Artifacts are written to `../test-results/artifacts`, and the HTML report is written to `../test-results/html-report`.
 ## Structure
 | Path | Description |
 | --- | --- |
 | `tests/` | Test specs grouped by feature area such as `auth/`, `chat/`, `voice/`, `screen-share/`, and `settings/` |
 | `pages/` | Reusable Playwright page objects |
 | `helpers/` | Test helpers, fake-server utilities, and WebRTC helpers |
 | `fixtures/` | Shared test fixtures |
 ## Notes
 - The suite is product-client focused; it does not currently spin up the marketing website.
 - Keep reusable browser flows in `pages/` and cross-test utilities in `helpers/`.
--- a/e2e/fixtures/multi-client.ts
+++ b/e2e/fixtures/multi-client.ts
@@ -5,23 +5,15 @@ import {
  type BrowserContext,
  type Browser
 } from '@playwright/test';
 import { spawn, type ChildProcess } from 'node:child_process';
 import { once } from 'node:events';
 import { createServer } from 'node:net';
 import { join } from 'node:path';
 import { installTestServerEndpoint } from '../helpers/seed-test-endpoint';
 import { startTestServer, type TestServerHandle } from '../helpers/test-server';
 export interface Client {
  page: Page;
  context: BrowserContext;
 }
 interface TestServerHandle {
  port: number;
  url: string;
  stop: () => Promise<void>;
 }
 interface MultiClientFixture {
  createClient: () => Promise<Client>;
  testServer: TestServerHandle;
@@ -31,10 +23,9 @@ const FAKE_AUDIO_FILE = join(__dirname, 'test-tone.wav');
 const CHROMIUM_FAKE_MEDIA_ARGS = [
  '--use-fake-device-for-media-stream',
  '--use-fake-ui-for-media-stream',
-  `--use-file-for-fake-audio-capture=${FAKE_AUDIO_FILE}`
+  `--use-file-for-fake-audio-capture=${FAKE_AUDIO_FILE}`,
  '--autoplay-policy=no-user-gesture-required'
 ];
 const E2E_DIR = join(__dirname, '..');
 const START_SERVER_SCRIPT = join(E2E_DIR, 'helpers', 'start-test-server.js');
 export const test = base.extend<MultiClientFixture>({
  testServer: async ({ playwright: _playwright }, use: (testServer: TestServerHandle) => Promise<void>) => {
@@ -57,7 +48,8 @@ export const test = base.extend<MultiClientFixture>({
      const context = await browser.newContext({
        permissions: ['microphone', 'camera'],
-        baseURL: 'http://localhost:4200'
+        baseURL: 'http://localhost:4200',
        viewport: { width: 1440, height: 900 }
      });
      await installTestServerEndpoint(context, testServer.port);
@@ -81,122 +73,3 @@ export const test = base.extend<MultiClientFixture>({
 });
 export { expect } from '@playwright/test';
 async function startTestServer(retries = 3): Promise<TestServerHandle> {
  for (let attempt = 1; attempt <= retries; attempt++) {
    const port = await allocatePort();
    const child = spawn(process.execPath, [START_SERVER_SCRIPT], {
      cwd: E2E_DIR,
      env: {
        ...process.env,
        TEST_SERVER_PORT: String(port)
      },
      stdio: 'pipe'
    });
    child.stdout?.on('data', (chunk: Buffer | string) => {
      process.stdout.write(chunk.toString());
    });
    child.stderr?.on('data', (chunk: Buffer | string) => {
      process.stderr.write(chunk.toString());
    });
    try {
      await waitForServerReady(port, child);
    } catch (error) {
      await stopServer(child);
      if (attempt < retries) {
        console.log(`[E2E Server] Attempt ${attempt} failed, retrying...`);
        continue;
      }
      throw error;
    }
    return {
      port,
      url: `http://localhost:${port}`,
      stop: async () => {
        await stopServer(child);
      }
    };
  }
  throw new Error('startTestServer: unreachable');
 }
 async function allocatePort(): Promise<number> {
  return new Promise<number>((resolve, reject) => {
    const probe = createServer();
    probe.once('error', reject);
    probe.listen(0, '127.0.0.1', () => {
      const address = probe.address();
      if (!address || typeof address === 'string') {
        probe.close();
        reject(new Error('Failed to resolve an ephemeral test server port'));
        return;
      }
      const { port } = address;
      probe.close((error) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(port);
      });
    });
  });
 }
 async function waitForServerReady(port: number, child: ChildProcess, timeoutMs = 30_000): Promise<void> {
  const readyUrl = `http://127.0.0.1:${port}/api/servers?limit=1`;
  const deadline = Date.now() + timeoutMs;
  while (Date.now() < deadline) {
    if (child.exitCode !== null) {
      throw new Error(`Test server exited before becoming ready (exit code ${child.exitCode})`);
    }
    try {
      const response = await fetch(readyUrl);
      if (response.ok) {
        return;
      }
    } catch {
      // Server still starting.
    }
    await wait(250);
  }
  throw new Error(`Timed out waiting for test server on port ${port}`);
 }
 async function stopServer(child: ChildProcess): Promise<void> {
  if (child.exitCode !== null) {
    return;
  }
  child.kill('SIGTERM');
  const exited = await Promise.race([once(child, 'exit').then(() => true), wait(3_000).then(() => false)]);
  if (!exited && child.exitCode === null) {
    child.kill('SIGKILL');
    await once(child, 'exit');
  }
 }
 function wait(durationMs: number): Promise<void> {
  return new Promise((resolve) => {
    setTimeout(resolve, durationMs);
  });
 }
--- a/e2e/fixtures/plugins/api-test-plugin/README.md
+++ b/e2e/fixtures/plugins/api-test-plugin/README.md
@@ -0,0 +1,3 @@
 # E2E Plugin API Fixture
 This plugin is intentionally tiny. Tests use its manifest to exercise plugin discovery, server support metadata, server data, and plugin event relay APIs without executing plugin code.
--- a/e2e/fixtures/plugins/api-test-plugin/dist/main.js
+++ b/e2e/fixtures/plugins/api-test-plugin/dist/main.js
@@ -0,0 +1,6 @@
 export default {
  id: 'e2e.plugin-api',
  activate(api) {
    api?.logger?.info?.('E2E Plugin API Fixture activated');
  }
 };
--- a/e2e/fixtures/plugins/api-test-plugin/toju-plugin.json
+++ b/e2e/fixtures/plugins/api-test-plugin/toju-plugin.json
@@ -0,0 +1,49 @@
 {
  "apiVersion": "1.0.0",
  "capabilities": [
    "storage.serverData.read",
    "storage.serverData.write",
    "events.server.publish",
    "events.server.subscribe",
    "events.p2p.publish",
    "events.p2p.subscribe"
  ],
  "compatibility": {
    "minimumTojuVersion": "1.0.0",
    "verifiedTojuVersion": "1.0.0"
  },
  "data": [
    {
      "key": "settings",
      "scope": "server",
      "storage": "serverData"
    },
    {
      "key": "presence",
      "scope": "user",
      "storage": "serverData"
    }
  ],
  "description": "Fixture plugin used by automated tests for plugin support APIs.",
  "entrypoint": "./dist/main.js",
  "events": [
    {
      "direction": "serverRelay",
      "eventName": "e2e:relay",
      "maxPayloadBytes": 2048,
      "scope": "server"
    },
    {
      "direction": "p2pHint",
      "eventName": "e2e:p2p",
      "maxPayloadBytes": 512,
      "scope": "user"
    }
  ],
  "id": "e2e.plugin-api",
  "kind": "client",
  "readme": "./README.md",
  "schemaVersion": 1,
  "title": "E2E Plugin API Fixture",
  "version": "1.0.0"
 }
--- a/e2e/helpers/auth-api.ts
+++ b/e2e/helpers/auth-api.ts
@@ -0,0 +1,75 @@
 import { type APIRequestContext, type Page } from '@playwright/test';
 export const AUTH_TOKENS_STORAGE_KEY = 'metoyou.authTokens';
 export interface AuthSession {
  id: string;
  username: string;
  displayName: string;
  token: string;
  expiresAt: number;
 }
 export function authHeaders(token: string): Record<string, string> {
  return {
    Authorization: `Bearer ${token}`,
    'Content-Type': 'application/json'
  };
 }
 export async function registerTestUser(
  request: APIRequestContext,
  baseUrl: string,
  username: string,
  password: string,
  displayName?: string
 ): Promise<AuthSession> {
  const response = await request.post(`${baseUrl}/api/users/register`, {
    data: {
      username,
      password,
      displayName: displayName ?? username
    }
  });
  if (!response.ok()) {
    throw new Error(`Failed to register test user ${username}: ${response.status()} ${await response.text()}`);
  }
  return await response.json() as AuthSession;
 }
 export async function loginTestUser(
  request: APIRequestContext,
  baseUrl: string,
  username: string,
  password: string
 ): Promise<AuthSession> {
  const response = await request.post(`${baseUrl}/api/users/login`, {
    data: { username, password }
  });
  if (!response.ok()) {
    throw new Error(`Failed to login test user ${username}: ${response.status()} ${await response.text()}`);
  }
  return await response.json() as AuthSession;
 }
 export async function readAuthTokenFromPage(page: Page, serverUrl: string): Promise<string | null> {
  return await page.evaluate(({ storageKey, url }) => {
    try {
      const store = JSON.parse(localStorage.getItem(storageKey) || '{}') as Record<string, { token: string; expiresAt: number }>;
      const normalizedUrl = url.trim().replace(/\/+$/, '');
      const entry = store[normalizedUrl];
      if (!entry || entry.expiresAt <= Date.now()) {
        return null;
      }
      return entry.token;
    } catch {
      return null;
    }
  }, { storageKey: AUTH_TOKENS_STORAGE_KEY, url: serverUrl });
 }
--- a/e2e/helpers/multi-device-session.ts
+++ b/e2e/helpers/multi-device-session.ts
@@ -0,0 +1,205 @@
 import { expect, type Page } from '@playwright/test';
 import { type Client } from '../fixtures/multi-client';
 import { LoginPage } from '../pages/login.page';
 import { RegisterPage } from '../pages/register.page';
 import { ServerSearchPage } from '../pages/server-search.page';
 import { ChatRoomPage } from '../pages/chat-room.page';
 import { ChatMessagesPage } from '../pages/chat-messages.page';
 export const MULTI_DEVICE_PASSWORD = 'TestPass123!';
 export const MULTI_DEVICE_VOICE_CHANNEL = 'General';
 export interface MultiDeviceCredentials {
  username: string;
  displayName: string;
  password: string;
 }
 export interface MultiDeviceScenario {
  clientA: Client;
  clientB: Client;
  credentials: MultiDeviceCredentials;
  serverName: string;
  messagesA: ChatMessagesPage;
  messagesB: ChatMessagesPage;
  roomA: ChatRoomPage;
  roomB: ChatRoomPage;
 }
 export function uniqueMultiDeviceName(prefix: string): string {
  return `${prefix}-${Date.now()}-${Math.floor(Math.random() * 10_000)}`;
 }
 export async function createMultiDeviceScenario(
  createClient: () => Promise<Client>,
  options: { suffix?: string; serverDescription?: string } = {}
 ): Promise<MultiDeviceScenario> {
  const suffix = options.suffix ?? uniqueMultiDeviceName('multi-device');
  const credentials: MultiDeviceCredentials = {
    username: `multi_${suffix}`,
    displayName: 'Multi Device User',
    password: MULTI_DEVICE_PASSWORD
  };
  const serverName = `Multi Device Server ${suffix}`;
  const clientA = await createClient();
  const clientB = await createClient();
  await warmClientPage(clientA.page);
  await warmClientPage(clientB.page);
  const registerPage = new RegisterPage(clientA.page);
  await registerPage.goto();
  await registerPage.register(credentials.username, credentials.displayName, credentials.password);
  await expect(clientA.page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
  const searchA = new ServerSearchPage(clientA.page);
  await searchA.createServer(serverName, {
    description: options.serverDescription ?? 'Multi-device session coverage'
  });
  await expect(clientA.page).toHaveURL(/\/room\//, { timeout: 15_000 });
  await waitForCurrentRoomName(clientA.page, serverName);
  const roomA = new ChatRoomPage(clientA.page);
  await roomA.ensureVoiceChannelExists(MULTI_DEVICE_VOICE_CHANNEL);
  await loginSecondDeviceIntoServer(clientB.page, credentials, serverName);
  await waitForCurrentRoomName(clientB.page, serverName);
  const messagesA = new ChatMessagesPage(clientA.page);
  const messagesB = new ChatMessagesPage(clientB.page);
  const roomB = new ChatRoomPage(clientB.page);
  await messagesA.waitForReady();
  await messagesB.waitForReady();
  return {
    clientA,
    clientB,
    credentials,
    serverName,
    messagesA,
    messagesB,
    roomA,
    roomB
  };
 }
 export async function loginSecondDeviceIntoServer(
  page: Page,
  credentials: MultiDeviceCredentials,
  serverName: string
 ): Promise<void> {
  const loginPage = new LoginPage(page);
  await loginPage.goto();
  await loginPage.login(credentials.username, credentials.password);
  await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
  const search = new ServerSearchPage(page);
  await search.joinServerFromSearch(serverName);
  await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
  await expect(page.locator('app-rooms-side-panel').first()).toBeVisible({ timeout: 20_000 });
 }
 export async function expectCrossDeviceMessage(
  sender: ChatMessagesPage,
  receiver: ChatMessagesPage,
  message: string,
  timeout = 60_000
 ): Promise<void> {
  await sender.sendMessage(message);
  await expect.poll(async () => {
    return await receiver.getMessageItemByText(message).isVisible().catch(() => false);
  }, { timeout }).toBe(true);
 }
 async function warmClientPage(page: Page): Promise<void> {
  await page.goto('/dashboard', { waitUntil: 'domcontentloaded' });
  await page.waitForLoadState('networkidle').catch(() => undefined);
 }
 async function waitForCurrentRoomName(page: Page, roomName: string, timeout = 20_000): Promise<void> {
  await page.waitForFunction(
    (expectedRoomName) => {
      interface RoomShape { name?: string }
      interface AngularDebugApi {
        getComponent: (element: Element) => Record<string, unknown>;
      }
      const host = document.querySelector('app-rooms-side-panel');
      const debugApi = (window as { ng?: AngularDebugApi }).ng;
      if (!host || !debugApi?.getComponent) {
        return false;
      }
      const component = debugApi.getComponent(host);
      const currentRoom = (component['currentRoom'] as (() => RoomShape | null) | undefined)?.() ?? null;
      return currentRoom?.name === expectedRoomName;
    },
    roomName,
    { timeout }
  );
 }
 export async function readClientInstanceId(page: Page): Promise<string | null> {
  return page.evaluate(() => localStorage.getItem('metoyou.clientInstanceId'));
 }
 export async function logoutFromMenu(page: Page): Promise<void> {
  const menuButton = page.getByRole('button', { name: 'Menu' });
  const logoutButton = page.getByRole('button', { name: 'Logout' });
  await expect(menuButton).toBeVisible({ timeout: 10_000 });
  await menuButton.click();
  await expect(logoutButton).toBeVisible({ timeout: 10_000 });
  await logoutButton.click();
  await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
 }
 export function channelsSidePanel(page: Page) {
  return page.locator('app-rooms-side-panel').first();
 }
 export function membersSidePanel(page: Page) {
  return page.locator('app-rooms-side-panel').last();
 }
 export function passiveVoiceChannelJoinBadge(page: Page, channelName = MULTI_DEVICE_VOICE_CHANNEL) {
  return page
    .locator(`button[data-channel-type="voice"][data-channel-name="${channelName}"]`)
    .getByText('Join', { exact: true });
 }
 export async function expectPassiveVoiceOnDevice(
  page: Page,
  options: { timeout?: number; displayName?: string; channelName?: string } = {}
 ): Promise<void> {
  const timeout = options.timeout ?? 45_000;
  const channelName = options.channelName ?? MULTI_DEVICE_VOICE_CHANNEL;
  const displayName = options.displayName;
  await expect.poll(async () => {
    const membersLabel = await membersSidePanel(page)
      .getByText('In voice on another device', { exact: false })
      .isVisible()
      .catch(() => false);
    const joinBadge = await passiveVoiceChannelJoinBadge(page, channelName).isVisible().catch(() => false);
    const grayedVoiceUser = displayName
      ? await channelsSidePanel(page).locator('.opacity-50').filter({ hasText: displayName }).first().isVisible().catch(() => false)
      : false;
    return membersLabel || joinBadge || grayedVoiceUser;
  }, { timeout }).toBe(true);
 }
 export async function expectActiveVoiceOnDevice(page: Page, timeout = 20_000): Promise<void> {
  await expect(page.locator('app-voice-controls, app-voice-workspace').first()).toBeVisible({ timeout });
 }
--- a/e2e/helpers/plugin-api-test-fixture.ts
+++ b/e2e/helpers/plugin-api-test-fixture.ts
@@ -0,0 +1,42 @@
 import { readFile } from 'node:fs/promises';
 import { join } from 'node:path';
 export const TEST_PLUGIN_FIXTURE_DIR = join(__dirname, '..', 'fixtures', 'plugins', 'api-test-plugin');
 export const TEST_PLUGIN_ID = 'e2e.plugin-api';
 export const TEST_PLUGIN_RELAY_EVENT = 'e2e:relay';
 export const TEST_PLUGIN_P2P_EVENT = 'e2e:p2p';
 export interface PluginApiTestManifestEvent {
  direction: 'clientToServer' | 'serverRelay' | 'p2pHint';
  eventName: string;
  maxPayloadBytes?: number;
  scope: 'server' | 'channel' | 'user' | 'plugin';
 }
 export interface PluginApiTestManifest {
  description: string;
  events: PluginApiTestManifestEvent[];
  id: string;
  title: string;
  version: string;
 }
 export async function readPluginApiTestManifest(): Promise<PluginApiTestManifest> {
  const manifestPath = join(TEST_PLUGIN_FIXTURE_DIR, 'toju-plugin.json');
  const manifestText = await readFile(manifestPath, 'utf8');
  return JSON.parse(manifestText) as PluginApiTestManifest;
 }
 export function getPluginApiTestEvent(
  manifest: PluginApiTestManifest,
  eventName: string
 ): PluginApiTestManifestEvent {
  const eventDefinition = manifest.events.find((event) => event.eventName === eventName);
  if (!eventDefinition) {
    throw new Error(`Expected fixture plugin to define ${eventName}`);
  }
  return eventDefinition;
 }
--- a/e2e/helpers/seed-test-endpoint.ts
+++ b/e2e/helpers/seed-test-endpoint.ts
@@ -3,6 +3,15 @@ import { type BrowserContext, type Page } from '@playwright/test';
 const SERVER_ENDPOINTS_STORAGE_KEY = 'metoyou_server_endpoints';
 const REMOVED_DEFAULT_KEYS_STORAGE_KEY = 'metoyou_removed_default_server_keys';
 export interface SeededEndpointInput {
  id: string;
  name: string;
  url: string;
  isActive?: boolean;
  isDefault?: boolean;
  status?: string;
 }
 interface SeededEndpointStorageState {
  key: string;
  removedKey: string;
@@ -17,27 +26,42 @@ interface SeededEndpointStorageState {
 }
 function buildSeededEndpointStorageState(
-  port: number = Number(process.env.TEST_SERVER_PORT) || 3099
+  endpointsOrPort: readonly SeededEndpointInput[] | number = Number(process.env.TEST_SERVER_PORT) || 3099
 ): SeededEndpointStorageState {
-  const endpoint = {
+  const endpoints = Array.isArray(endpointsOrPort)
-    id: 'e2e-test-server',
+    ? endpointsOrPort.map((endpoint) => ({
-    name: 'E2E Test Server',
+      id: endpoint.id,
-    url: `http://localhost:${port}`,
+      name: endpoint.name,
-    isActive: true,
+      url: endpoint.url,
-    isDefault: false,
+      isActive: endpoint.isActive ?? true,
-    status: 'unknown'
+      isDefault: endpoint.isDefault ?? false,
-  };
+      status: endpoint.status ?? 'unknown'
    }))
    : [
      {
        id: 'e2e-test-server',
        name: 'E2E Test Server',
        url: `http://localhost:${endpointsOrPort}`,
        isActive: true,
        isDefault: false,
        status: 'unknown'
      }
    ];
  return {
    key: SERVER_ENDPOINTS_STORAGE_KEY,
    removedKey: REMOVED_DEFAULT_KEYS_STORAGE_KEY,
-    endpoints: [endpoint]
+    endpoints
  };
 }
 function applySeededEndpointStorageState(storageState: SeededEndpointStorageState): void {
  try {
    const storage = window.localStorage;
    const currentUserId = storage.getItem('metoyou_currentUserId')?.trim() || null;
    const generalSettings = JSON.stringify({
      reopenLastViewedChat: false
    });
    storage.setItem(storageState.key, JSON.stringify(storageState.endpoints));
    storage.setItem(storageState.removedKey, JSON.stringify([
@@ -45,11 +69,57 @@ function applySeededEndpointStorageState(storageState: SeededEndpointStorageStat
      'toju-primary',
      'toju-sweden'
    ]));
    storage.setItem('metoyou_general_settings', generalSettings);
    if (currentUserId) {
      storage.setItem(`metoyou_general_settings__${encodeURIComponent(currentUserId)}`, generalSettings);
    }
    const keysToRemove: string[] = [];
    for (let index = 0; index < storage.length; index += 1) {
      const key = storage.key(index);
      if (key === 'metoyou_lastViewedChat' || key?.startsWith('metoyou_lastViewedChat__')) {
        keysToRemove.push(key);
      }
    }
    for (const key of keysToRemove) {
      storage.removeItem(key);
    }
  } catch {
    // about:blank and some Playwright UI pages deny localStorage access.
  }
 }
 export async function disableLastViewedChatResume(page: Page): Promise<void> {
  await page.evaluate(() => {
    const currentUserId = localStorage.getItem('metoyou_currentUserId')?.trim() || null;
    const generalSettings = JSON.stringify({ reopenLastViewedChat: false });
    const keysToRemove: string[] = [];
    localStorage.setItem('metoyou_general_settings', generalSettings);
    if (currentUserId) {
      localStorage.setItem(`metoyou_general_settings__${encodeURIComponent(currentUserId)}`, generalSettings);
    }
    for (let index = 0; index < localStorage.length; index += 1) {
      const key = localStorage.key(index);
      if (key === 'metoyou_lastViewedChat' || key?.startsWith('metoyou_lastViewedChat__')) {
        keysToRemove.push(key);
      }
    }
    for (const key of keysToRemove) {
      localStorage.removeItem(key);
    }
  });
 }
 export async function installTestServerEndpoint(
  context: BrowserContext,
  port: number = Number(process.env.TEST_SERVER_PORT) || 3099
@@ -59,6 +129,15 @@ export async function installTestServerEndpoint(
  await context.addInitScript(applySeededEndpointStorageState, storageState);
 }
 export async function installTestServerEndpoints(
  context: BrowserContext,
  endpoints: readonly SeededEndpointInput[]
 ): Promise<void> {
  const storageState = buildSeededEndpointStorageState(endpoints);
  await context.addInitScript(applySeededEndpointStorageState, storageState);
 }
 /**
 * Seed localStorage with a single signal endpoint pointing at the test server.
 * Must be called AFTER navigating to the app origin (localStorage is per-origin)
@@ -79,3 +158,12 @@ export async function seedTestServerEndpoint(
  await page.evaluate(applySeededEndpointStorageState, storageState);
 }
 export async function seedTestServerEndpoints(
  page: Page,
  endpoints: readonly SeededEndpointInput[]
 ): Promise<void> {
  const storageState = buildSeededEndpointStorageState(endpoints);
  await page.evaluate(applySeededEndpointStorageState, storageState);
 }
--- a/e2e/helpers/start-test-server.js
+++ b/e2e/helpers/start-test-server.js
@@ -7,16 +7,19 @@
 *
 * Cleanup: the temp directory is removed when the process exits.
 */
-const { mkdtempSync, writeFileSync, mkdirSync, rmSync } = require('fs');
+const { existsSync, mkdtempSync, writeFileSync, mkdirSync, rmSync } = require('fs');
 const { join } = require('path');
 const { tmpdir } = require('os');
 const { spawn } = require('child_process');
 const TEST_PORT = process.env.TEST_SERVER_PORT || '3099';
 const SERVER_DIR = join(__dirname, '..', '..', 'server');
-const SERVER_ENTRY = join(SERVER_DIR, 'src', 'index.ts');
+const SERVER_DIST_ENTRY = join(SERVER_DIR, 'dist', 'index.js');
 const SERVER_SRC_ENTRY = join(SERVER_DIR, 'src', 'index.ts');
 const SERVER_TSCONFIG = join(SERVER_DIR, 'tsconfig.json');
 const TS_NODE_BIN = join(SERVER_DIR, 'node_modules', 'ts-node', 'dist', 'bin.js');
 const SERVER_ENTRY = existsSync(SERVER_DIST_ENTRY) ? SERVER_DIST_ENTRY : SERVER_SRC_ENTRY;
 const USE_COMPILED_SERVER = SERVER_ENTRY === SERVER_DIST_ENTRY;
 // ── Create isolated temp data directory ──────────────────────────────
 const tmpDir = mkdtempSync(join(tmpdir(), 'metoyou-e2e-'));
@@ -45,7 +48,7 @@ console.log(`[E2E Server] Starting on port ${TEST_PORT}...`);
 // and node_modules are found from the real server/ directory.
 const child = spawn(
  process.execPath,
-  [TS_NODE_BIN, '--project', SERVER_TSCONFIG, SERVER_ENTRY],
+  USE_COMPILED_SERVER ? [SERVER_ENTRY] : [TS_NODE_BIN, '--project', SERVER_TSCONFIG, SERVER_ENTRY],
  {
    cwd: tmpDir,
    env: {
--- a/e2e/helpers/test-server.ts
+++ b/e2e/helpers/test-server.ts
@@ -0,0 +1,132 @@
 import { spawn, type ChildProcess } from 'node:child_process';
 import { once } from 'node:events';
 import { createServer } from 'node:net';
 import { join } from 'node:path';
 export interface TestServerHandle {
  port: number;
  url: string;
  stop: () => Promise<void>;
 }
 const E2E_DIR = join(__dirname, '..');
 const START_SERVER_SCRIPT = join(E2E_DIR, 'helpers', 'start-test-server.js');
 export async function startTestServer(retries = 3): Promise<TestServerHandle> {
  for (let attempt = 1; attempt <= retries; attempt++) {
    const port = await allocatePort();
    const child = spawn(process.execPath, [START_SERVER_SCRIPT], {
      cwd: E2E_DIR,
      env: {
        ...process.env,
        TEST_SERVER_PORT: String(port)
      },
      stdio: 'pipe'
    });
    child.stdout?.on('data', (chunk: Buffer | string) => {
      process.stdout.write(chunk.toString());
    });
    child.stderr?.on('data', (chunk: Buffer | string) => {
      process.stderr.write(chunk.toString());
    });
    try {
      await waitForServerReady(port, child);
    } catch (error) {
      await stopServer(child);
      if (attempt < retries) {
        console.log(`[E2E Server] Attempt ${attempt} failed, retrying...`);
        continue;
      }
      throw error;
    }
    return {
      port,
      url: `http://localhost:${port}`,
      stop: async () => {
        await stopServer(child);
      }
    };
  }
  throw new Error('startTestServer: unreachable');
 }
 async function allocatePort(): Promise<number> {
  return await new Promise<number>((resolve, reject) => {
    const probe = createServer();
    probe.once('error', reject);
    probe.listen(0, '127.0.0.1', () => {
      const address = probe.address();
      if (!address || typeof address === 'string') {
        probe.close();
        reject(new Error('Failed to resolve an ephemeral test server port'));
        return;
      }
      const { port } = address;
      probe.close((error) => {
        if (error) {
          reject(error);
          return;
        }
        resolve(port);
      });
    });
  });
 }
 async function waitForServerReady(port: number, child: ChildProcess, timeoutMs = 30_000): Promise<void> {
  const readyUrl = `http://127.0.0.1:${port}/api/servers?limit=1`;
  const deadline = Date.now() + timeoutMs;
  while (Date.now() < deadline) {
    if (child.exitCode !== null) {
      throw new Error(`Test server exited before becoming ready (exit code ${child.exitCode})`);
    }
    try {
      const response = await fetch(readyUrl);
      if (response.ok) {
        return;
      }
    } catch {
      // Server still starting.
    }
    await wait(250);
  }
  throw new Error(`Timed out waiting for test server on port ${port}`);
 }
 async function stopServer(child: ChildProcess): Promise<void> {
  if (child.exitCode !== null) {
    return;
  }
  child.kill('SIGTERM');
  const exited = await Promise.race([once(child, 'exit').then(() => true), wait(3_000).then(() => false)]);
  if (!exited && child.exitCode === null) {
    child.kill('SIGKILL');
    await once(child, 'exit');
  }
 }
 function wait(durationMs: number): Promise<void> {
  return new Promise((resolve) => {
    setTimeout(resolve, durationMs);
  });
 }
--- a/e2e/helpers/webrtc-helpers.ts
+++ b/e2e/helpers/webrtc-helpers.ts
@@ -11,6 +11,7 @@ import { type Page } from '@playwright/test';
 export async function installWebRTCTracking(page: Page): Promise<void> {
  await page.addInitScript(() => {
    const connections: RTCPeerConnection[] = [];
    const dataChannels: RTCDataChannel[] = [];
    const syntheticMediaResources: {
      audioCtx: AudioContext;
      source?: AudioScheduledSourceNode;
@@ -18,20 +19,40 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
    }[] = [];
    (window as any).__rtcConnections = connections;
    (window as any).__rtcDataChannels = dataChannels;
    (window as any).__rtcRemoteTracks = [] as { kind: string; id: string; readyState: string }[];
    (window as any).__rtcSyntheticMediaResources = syntheticMediaResources;
    const OriginalRTCPeerConnection = window.RTCPeerConnection;
    const trackDataChannel = (channel: RTCDataChannel) => {
      if (dataChannels.includes(channel)) {
        return;
      }
      dataChannels.push(channel);
    };
    (window as any).RTCPeerConnection = function(this: RTCPeerConnection, ...args: any[]) {
      const pc: RTCPeerConnection = new OriginalRTCPeerConnection(...args);
      const originalCreateDataChannel = pc.createDataChannel.bind(pc);
      connections.push(pc);
      pc.createDataChannel = ((label: string, options?: RTCDataChannelInit) => {
        const channel = originalCreateDataChannel(label, options);
        trackDataChannel(channel);
        return channel;
      }) as RTCPeerConnection['createDataChannel'];
      pc.addEventListener('connectionstatechange', () => {
        (window as any).__lastRtcState = pc.connectionState;
      });
      pc.addEventListener('datachannel', (event: RTCDataChannelEvent) => {
        trackDataChannel(event.channel);
      });
      pc.addEventListener('track', (event: RTCTrackEvent) => {
        (window as any).__rtcRemoteTracks.push({
          kind: event.track.kind,
@@ -46,75 +67,6 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
    (window as any).RTCPeerConnection.prototype = OriginalRTCPeerConnection.prototype;
    Object.setPrototypeOf((window as any).RTCPeerConnection, OriginalRTCPeerConnection);
    // Patch getUserMedia to use an AudioContext oscillator for audio
    // instead of the hardware capture device.  Chromium's fake audio
    // device intermittently fails to produce frames after renegotiation.
    const origGetUserMedia = navigator.mediaDevices.getUserMedia.bind(navigator.mediaDevices);
    navigator.mediaDevices.getUserMedia = async (constraints?: MediaStreamConstraints) => {
      const wantsAudio = !!constraints?.audio;
      if (!wantsAudio) {
        return origGetUserMedia(constraints);
      }
      // Get the original stream (may include video)
      const originalStream = await origGetUserMedia(constraints);
      const audioCtx = new AudioContext();
      const noiseBuffer = audioCtx.createBuffer(1, audioCtx.sampleRate * 2, audioCtx.sampleRate);
      const noiseData = noiseBuffer.getChannelData(0);
      for (let sampleIndex = 0; sampleIndex < noiseData.length; sampleIndex++) {
        noiseData[sampleIndex] = (Math.random() * 2 - 1) * 0.18;
      }
      const source = audioCtx.createBufferSource();
      const gain = audioCtx.createGain();
      source.buffer = noiseBuffer;
      source.loop = true;
      gain.gain.value = 0.12;
      const dest = audioCtx.createMediaStreamDestination();
      source.connect(gain);
      gain.connect(dest);
      source.start();
      if (audioCtx.state === 'suspended') {
        try {
          await audioCtx.resume();
        } catch {}
      }
      const synthAudioTrack = dest.stream.getAudioTracks()[0];
      const resultStream = new MediaStream();
      syntheticMediaResources.push({ audioCtx, source });
      resultStream.addTrack(synthAudioTrack);
      // Keep any video tracks from the original stream
      for (const videoTrack of originalStream.getVideoTracks()) {
        resultStream.addTrack(videoTrack);
      }
      // Stop original audio tracks since we're not using them
      for (const track of originalStream.getAudioTracks()) {
        track.stop();
      }
      synthAudioTrack.addEventListener('ended', () => {
        try {
          source.stop();
        } catch {}
        void audioCtx.close().catch(() => {});
      }, { once: true });
      return resultStream;
    };
    // Patch getDisplayMedia to return a synthetic screen share stream
    // (canvas-based video + 880Hz oscillator audio) so the browser
    // picker dialog is never shown.
@@ -198,6 +150,48 @@ export async function installWebRTCTracking(page: Page): Promise<void> {
 /**
 * Wait until at least one RTCPeerConnection reaches the 'connected' state.
 */
 /**
 * Ensure every `AudioContext` created by the page auto-resumes so that
 * the input-gain Web Audio pipeline (`source -> gain -> destination`) never
 * stalls in the "suspended" state.
 *
 * On Linux with multiple headless Chromium instances, `new AudioContext()`
 * can start suspended without a user-gesture gate, causing the media
 * pipeline to emit only a single RTP packet.
 *
 * Call once per page, BEFORE navigating, alongside `installWebRTCTracking`.
 */
 export async function installAutoResumeAudioContext(page: Page): Promise<void> {
  await page.addInitScript(() => {
    const OrigAudioContext = window.AudioContext;
    (window as any).AudioContext = function(this: AudioContext, ...args: any[]) {
      const ctx: AudioContext = new OrigAudioContext(...args);
      // Track all created AudioContexts for test diagnostics
      const tracked = ((window as any).__trackedAudioContexts ??= []) as AudioContext[];
      tracked.push(ctx);
      if (ctx.state === 'suspended') {
        ctx.resume().catch(() => { /* noop */ });
      }
      // Also catch transitions to suspended after creation
      ctx.addEventListener('statechange', () => {
        if (ctx.state === 'suspended') {
          ctx.resume().catch(() => { /* noop */ });
        }
      });
      return ctx;
    } as any;
    (window as any).AudioContext.prototype = OrigAudioContext.prototype;
    Object.setPrototypeOf((window as any).AudioContext, OrigAudioContext);
  });
 }
 export async function waitForPeerConnected(page: Page, timeout = 30_000): Promise<void> {
  await page.waitForFunction(
    () => (window as any).__rtcConnections?.some(
@@ -218,6 +212,237 @@ export async function isPeerStillConnected(page: Page): Promise<boolean> {
  );
 }
 /** Returns the number of tracked peer connections in `connected` state. */
 export async function getConnectedPeerCount(page: Page): Promise<number> {
  return page.evaluate(
    () => ((window as any).__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
      (pc) => pc.connectionState === 'connected'
    ).length ?? 0
  );
 }
 /** Wait until the expected number of peer connections are `connected`. */
 export async function waitForConnectedPeerCount(page: Page, expectedCount: number, timeout = 45_000): Promise<void> {
  await page.waitForFunction(
    (count) => ((window as any).__rtcConnections as RTCPeerConnection[] | undefined)?.filter(
      (pc) => pc.connectionState === 'connected'
    ).length === count,
    expectedCount,
    { timeout }
  );
 }
 /** Returns the number of tracked RTCDataChannels in the open state. */
 export async function getOpenDataChannelCount(page: Page): Promise<number> {
  return page.evaluate(
    () => ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
      (channel) => channel.readyState === 'open'
    ).length ?? 0
  );
 }
 /** Wait until the expected number of tracked RTCDataChannels are open. */
 export async function waitForOpenDataChannelCount(page: Page, expectedCount: number, timeout = 45_000): Promise<void> {
  await page.waitForFunction(
    (count) => ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined)?.filter(
      (channel) => channel.readyState === 'open'
    ).length === count,
    expectedCount,
    { timeout }
  );
 }
 /** Close every currently-open RTCDataChannel and return how many were closed. */
 export async function closeOpenDataChannels(page: Page): Promise<number> {
  return page.evaluate(() => {
    const channels = ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
    let closed = 0;
    for (const channel of channels) {
      if (channel.readyState !== 'open') {
        continue;
      }
      channel.close();
      closed++;
    }
    return closed;
  });
 }
 /** Dispatch a synthetic data-channel error event on each open channel. */
 export async function dispatchDataChannelErrors(page: Page): Promise<number> {
  return page.evaluate(() => {
    const channels = ((window as any).__rtcDataChannels as RTCDataChannel[] | undefined) ?? [];
    let dispatched = 0;
    for (const channel of channels) {
      if (channel.readyState !== 'open') {
        continue;
      }
      channel.dispatchEvent(new Event('error'));
      dispatched++;
    }
    return dispatched;
  });
 }
 /**
 * Resume all suspended AudioContext instances created by the synthetic
 * media patch.  Uses CDP `Runtime.evaluate` with `userGesture: true` so
 * Chrome treats the call as a user-gesture - this satisfies the autoplay
 * policy that otherwise blocks `AudioContext.resume()`.
 */
 export async function resumeSyntheticAudioContexts(page: Page): Promise<number> {
  const cdpSession = await page.context().newCDPSession(page);
  try {
    const result = await cdpSession.send('Runtime.evaluate', {
      expression: `(async () => {
        const resources = window.__rtcSyntheticMediaResources;
        if (!resources) return 0;
        let resumed = 0;
        for (const r of resources) {
          if (r.audioCtx.state === 'suspended') {
            await r.audioCtx.resume();
            resumed++;
          }
        }
        return resumed;
      })()`,
      awaitPromise: true,
      userGesture: true
    });
    return result.result.value ?? 0;
  } finally {
    await cdpSession.detach();
  }
 }
 interface PerPeerAudioStat {
  connectionState: string;
  inboundBytes: number;
  inboundPackets: number;
  outboundBytes: number;
  outboundPackets: number;
 }
 /** Get per-peer audio stats for every tracked RTCPeerConnection. */
 export async function getPerPeerAudioStats(page: Page): Promise<PerPeerAudioStat[]> {
  return page.evaluate(async () => {
    const connections = (window as any).__rtcConnections as RTCPeerConnection[] | undefined;
    if (!connections?.length) {
      return [];
    }
    const snapshots: PerPeerAudioStat[] = [];
    for (const pc of connections) {
      let inboundBytes = 0;
      let inboundPackets = 0;
      let outboundBytes = 0;
      let outboundPackets = 0;
      try {
        const stats = await pc.getStats();
        stats.forEach((report: any) => {
          const kind = report.kind ?? report.mediaType;
          if (report.type === 'outbound-rtp' && kind === 'audio') {
            outboundBytes += report.bytesSent ?? 0;
            outboundPackets += report.packetsSent ?? 0;
          }
          if (report.type === 'inbound-rtp' && kind === 'audio') {
            inboundBytes += report.bytesReceived ?? 0;
            inboundPackets += report.packetsReceived ?? 0;
          }
        });
      } catch {
        // Closed connection.
      }
      snapshots.push({
        connectionState: pc.connectionState,
        inboundBytes,
        inboundPackets,
        outboundBytes,
        outboundPackets
      });
    }
    return snapshots;
  });
 }
 /** Wait until every connected peer connection shows inbound and outbound audio flow. */
 export async function waitForAllPeerAudioFlow(
  page: Page,
  expectedConnectedPeers: number,
  timeoutMs = 45_000,
  pollIntervalMs = 1_000
 ): Promise<void> {
  const deadline = Date.now() + timeoutMs;
  // Track which peer indices have been confirmed flowing at least once.
  // This prevents a peer from being missed just because it briefly paused
  // during one specific poll interval.
  const confirmedFlowing = new Set<number>();
  let previous = await getPerPeerAudioStats(page);
  while (Date.now() < deadline) {
    await page.waitForTimeout(pollIntervalMs);
    const current = await getPerPeerAudioStats(page);
    const connectedPeers = current.filter((stat) => stat.connectionState === 'connected');
    if (connectedPeers.length >= expectedConnectedPeers) {
      for (let index = 0; index < current.length; index++) {
        const curr = current[index];
        if (!curr || curr.connectionState !== 'connected') {
          continue;
        }
        const prev = previous[index] ?? {
          connectionState: 'new',
          inboundBytes: 0,
          inboundPackets: 0,
          outboundBytes: 0,
          outboundPackets: 0
        };
        const inboundFlowing = curr.inboundBytes > prev.inboundBytes || curr.inboundPackets > prev.inboundPackets;
        const outboundFlowing = curr.outboundBytes > prev.outboundBytes || curr.outboundPackets > prev.outboundPackets;
        if (inboundFlowing && outboundFlowing) {
          confirmedFlowing.add(index);
        }
      }
      // Check if enough peers have been confirmed across all samples
      const connectedIndices = current
        .map((stat, idx) => stat.connectionState === 'connected' ? idx : -1)
        .filter((idx) => idx >= 0);
      const confirmedCount = connectedIndices.filter((idx) => confirmedFlowing.has(idx)).length;
      if (confirmedCount >= expectedConnectedPeers) {
        return;
      }
    }
    previous = current;
  }
  throw new Error(`Timed out waiting for ${expectedConnectedPeers} peers with bidirectional audio flow`);
 }
 /**
 * Get outbound and inbound audio RTP stats aggregated across all peer
 * connections.  Uses a per-connection high water mark stored on `window` so
--- a/e2e/pages/chat-messages.page.ts
+++ b/e2e/pages/chat-messages.page.ts
@@ -34,9 +34,22 @@ export class ChatMessagesPage {
  }
  async sendMessage(content: string): Promise<void> {
-    await this.waitForReady();
+    let lastError: unknown;
-    await this.composerInput.fill(content);
+
-    await this.sendButton.click();
+    for (let attempt = 1; attempt <= 3; attempt += 1) {
      try {
        await this.waitForReady();
        await this.composerInput.fill(content);
        await expect(this.composerInput).toHaveValue(content, { timeout: 5_000 });
        await expect(this.sendButton).toBeEnabled({ timeout: 5_000 });
        await this.sendButton.click();
        return;
      } catch (error) {
        lastError = error;
      }
    }
    throw lastError instanceof Error ? lastError : new Error('Failed to send chat message');
  }
  async typeDraft(content: string): Promise<void> {
@@ -44,6 +57,13 @@ export class ChatMessagesPage {
    await this.composerInput.fill(content);
  }
  /** Types into the composer in a way that emits input/typing events (not just fill). */
  async typeDraftWithTypingEvents(content: string): Promise<void> {
    await this.waitForReady();
    await this.composerInput.click();
    await this.composerInput.pressSequentially(content, { delay: 40 });
  }
  async clearDraft(): Promise<void> {
    await this.waitForReady();
    await this.composerInput.fill('');
--- a/e2e/pages/chat-room.page.ts
+++ b/e2e/pages/chat-room.page.ts
@@ -19,13 +19,65 @@ export class ChatRoomPage {
  /** Click a voice channel by name in the channels sidebar to join voice. */
  async joinVoiceChannel(channelName: string) {
-    const channelButton = this.page.locator('app-rooms-side-panel')
+    const channelButton = this.getVoiceChannelButton(channelName);
-      .getByRole('button', { name: channelName, exact: true });
+
    if (await channelButton.count() === 0) {
      await this.refreshRoomMetadata();
    }
    if (await channelButton.count() === 0) {
      // Second attempt - metadata might still be syncing
      await this.page.waitForTimeout(2_000);
      await this.refreshRoomMetadata();
    }
    await expect(channelButton).toBeVisible({ timeout: 15_000 });
    await channelButton.click();
  }
  /** Creates a voice channel if it is not already present in the current room. */
  async ensureVoiceChannelExists(channelName: string) {
    const channelButton = this.getVoiceChannelButton(channelName);
    if (await channelButton.count() > 0) {
      return;
    }
    await this.refreshRoomMetadata();
    // Wait a bit longer for Angular to render the channel list after refresh
    try {
      await expect(channelButton).toBeVisible({ timeout: 5_000 });
      return;
    } catch {
      // Channel genuinely doesn't exist - create it
    }
    await this.openCreateVoiceChannelDialog();
    try {
      await this.createChannel(channelName);
    } catch {
      // If the dialog didn't close (e.g. duplicate name validation), dismiss it
      const dialog = this.page.locator('app-confirm-dialog');
      if (await dialog.isVisible()) {
        const cancelButton = dialog.getByRole('button', { name: 'Cancel' });
        const closeButton = dialog.getByRole('button', { name: 'Close dialog' });
        if (await cancelButton.isVisible()) {
          await cancelButton.click();
        } else if (await closeButton.isVisible()) {
          await closeButton.click();
        }
        await expect(dialog).not.toBeVisible({ timeout: 5_000 }).catch(() => {});
      }
    }
    await expect(channelButton).toBeVisible({ timeout: 15_000 });
  }
  /** Click a text channel by name in the channels sidebar to switch chat rooms. */
  async joinTextChannel(channelName: string) {
    const channelButton = this.getTextChannelButton(channelName);
@@ -100,6 +152,11 @@ export class ChatRoomPage {
    return this.voiceControls.locator('button:has(ng-icon[name="lucideMic"]), button:has(ng-icon[name="lucideMicOff"])').first();
  }
  /** Get the deafen toggle button inside voice controls. */
  get deafenButton() {
    return this.voiceControls.locator('button:has(ng-icon[name="lucideHeadphones"])').first();
  }
  /** Get the disconnect/hang-up button (destructive styled). */
  get disconnectButton() {
    return this.voiceControls.locator('button:has(ng-icon[name="lucidePhoneOff"])').first();
@@ -112,10 +169,9 @@ export class ChatRoomPage {
  /** Get the count of voice users listed under a voice channel. */
  async getVoiceUserCountInChannel(channelName: string): Promise<number> {
-    const channelSection = this.page.locator('app-rooms-side-panel')
+    // The voice channel button is inside a wrapper div; user avatars are siblings within that wrapper
-      .getByRole('button', { name: channelName })
+    const channelWrapper = this.getVoiceChannelButton(channelName).locator('xpath=ancestor::div[1]');
-      .locator('..');
+    const userAvatars = channelWrapper.locator('app-user-avatar');
    const userAvatars = channelSection.locator('app-user-avatar');
    return userAvatars.count();
  }
@@ -154,9 +210,11 @@ export class ChatRoomPage {
  }
  private getTextChannelButton(channelName: string): Locator {
-    const channelPattern = new RegExp(`#\\s*${escapeRegExp(channelName)}$`, 'i');
+    return this.channelsSidePanel.locator(`button[data-channel-type="text"][data-channel-name="${channelName}"]`).first();
  }
-    return this.channelsSidePanel.getByRole('button', { name: channelPattern }).first();
+  private getVoiceChannelButton(channelName: string): Locator {
    return this.channelsSidePanel.locator(`button[data-channel-type="voice"][data-channel-name="${channelName}"]`).first();
  }
  private async createTextChannelThroughComponent(channelName: string): Promise<void> {
@@ -259,13 +317,22 @@ export class ChatRoomPage {
        throw new Error('Missing room, user, or endpoint when persisting channels');
      }
      const authTokens = JSON.parse(localStorage.getItem('metoyou.authTokens') || '{}') as Record<string, { token: string; expiresAt: number }>;
      const normalizedApiUrl = apiBaseUrl.trim().replace(/\/+$/, '');
      const authEntry = authTokens[normalizedApiUrl];
      const authToken = authEntry && authEntry.expiresAt > Date.now() ? authEntry.token : null;
      if (!authToken) {
        throw new Error('Missing session token for channel persistence');
      }
      const response = await fetch(`${apiBaseUrl}/api/servers/${room.id}`, {
        method: 'PUT',
        headers: {
-          'Content-Type': 'application/json'
+          'Content-Type': 'application/json',
          Authorization: `Bearer ${authToken}`
        },
        body: JSON.stringify({
          currentOwnerId: currentUser.id,
          channels: nextChannels
        })
      });
@@ -384,7 +451,3 @@ export class ChatRoomPage {
    await this.page.waitForTimeout(500);
  }
 }
 function escapeRegExp(value: string): string {
  return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
 }
--- a/e2e/pages/login.page.ts
+++ b/e2e/pages/login.page.ts
@@ -1,6 +1,7 @@
 import { type Page, type Locator } from '@playwright/test';
 export class LoginPage {
  readonly form: Locator;
  readonly usernameInput: Locator;
  readonly passwordInput: Locator;
  readonly serverSelect: Locator;
@@ -9,10 +10,12 @@ export class LoginPage {
  readonly registerLink: Locator;
  constructor(private page: Page) {
    this.form = page.locator('form').filter({ has: page.locator('#login-username') });
    this.usernameInput = page.locator('#login-username');
    this.passwordInput = page.locator('#login-password');
    this.serverSelect = page.locator('#login-server');
-    this.submitButton = page.getByRole('button', { name: 'Login' });
+    this.submitButton = this.form.getByRole('button', { name: 'Login' });
    this.errorText = page.locator('.text-destructive');
    this.registerLink = page.getByRole('button', { name: 'Register' });
  }
--- a/e2e/pages/register.page.ts
+++ b/e2e/pages/register.page.ts
@@ -43,8 +43,11 @@ export class RegisterPage {
  async register(username: string, displayName: string, password: string) {
    await this.usernameInput.fill(username);
    await expect(this.usernameInput).toHaveValue(username);
    await this.displayNameInput.fill(displayName);
    await expect(this.displayNameInput).toHaveValue(displayName);
    await this.passwordInput.fill(password);
    await expect(this.passwordInput).toHaveValue(password);
    await this.submitButton.click();
  }
 }
--- a/e2e/pages/server-search.page.ts
+++ b/e2e/pages/server-search.page.ts
@@ -7,59 +7,92 @@ import {
 export class ServerSearchPage {
  readonly searchInput: Locator;
  readonly createServerButton: Locator;
  readonly railDashboardButton: Locator;
  readonly settingsButton: Locator;
-  // Create server dialog
+  // Create server page
  readonly serverNameInput: Locator;
  readonly serverDescriptionInput: Locator;
  readonly serverTopicInput: Locator;
  readonly signalEndpointSelect: Locator;
  readonly advancedSettingsToggle: Locator;
  readonly privateCheckbox: Locator;
  readonly serverPasswordInput: Locator;
-  readonly dialogCreateButton: Locator;
+  readonly createSubmitButton: Locator;
-  readonly dialogCancelButton: Locator;
+  readonly cancelButton: Locator;
  constructor(private page: Page) {
    // Server discovery lives on /servers via <app-server-browser>.
    this.searchInput = page.getByPlaceholder('Search servers...');
-    this.createServerButton = page.getByRole('button', { name: 'Create New Server' });
+    this.railDashboardButton = page.locator('button[title="Dashboard"]');
    // Dashboard "Create Server" entry point.
    this.createServerButton = page.getByRole('link', { name: 'Create Server' }).first();
    this.settingsButton = page.locator('button[title="Settings"]');
-    // Create dialog elements
+    // Create-server page elements.
    this.serverNameInput = page.locator('#create-server-name');
    this.serverDescriptionInput = page.locator('#create-server-description');
    this.serverTopicInput = page.locator('#create-server-topic');
    this.signalEndpointSelect = page.locator('#create-server-signal-endpoint');
-    this.privateCheckbox = page.locator('#private');
+    this.advancedSettingsToggle = page.getByRole('button', { name: 'Advanced settings' });
    this.privateCheckbox = page.locator('#create-server-private');
    this.serverPasswordInput = page.locator('#create-server-password');
-    this.dialogCreateButton = page.locator('div[role="dialog"]').getByRole('button', { name: 'Create' });
+    this.createSubmitButton = page.locator('#create-server-submit');
-    this.dialogCancelButton = page.locator('div[role="dialog"]').getByRole('button', { name: 'Cancel' });
+    this.cancelButton = page.locator('#create-server-cancel');
  }
  async goto() {
-    await this.page.goto('/search');
+    await this.page.goto('/servers');
  }
-  async createServer(name: string, options?: { description?: string; topic?: string }) {
+  async createServer(name: string, options?: { description?: string; topic?: string; sourceId?: string }) {
-    await this.createServerButton.click();
+    await this.page.goto('/create-server', { waitUntil: 'domcontentloaded' });
-    await expect(this.serverNameInput).toBeVisible();
+
    await expect(this.serverNameInput).toBeVisible({ timeout: 10_000 });
    await this.serverNameInput.fill(name);
    if (options?.description) {
      await this.serverDescriptionInput.fill(options.description);
    }
-    if (options?.topic) {
+    if (options?.topic || options?.sourceId) {
-      await this.serverTopicInput.fill(options.topic);
+      if (!await this.serverTopicInput.isVisible()) {
        await this.advancedSettingsToggle.click();
      }
      await expect(this.serverTopicInput).toBeVisible({ timeout: 10_000 });
      if (options?.topic) {
        await this.serverTopicInput.fill(options.topic);
      }
      if (options?.sourceId) {
        await this.signalEndpointSelect.selectOption(options.sourceId);
      }
    }
-    await this.dialogCreateButton.click();
+    await this.createSubmitButton.click();
  }
  async joinSavedRoom(name: string) {
    await this.page.getByRole('button', { name }).click();
  }
-  async joinServerFromSearch(name: string) {
+  async joinServerFromSearch(name: string, options: { acceptPluginDownloads?: boolean } = {}) {
-    await this.page.locator('button', { hasText: name }).click();
+    await this.page.goto('/servers', { waitUntil: 'domcontentloaded' });
    await expect(this.searchInput).toBeVisible({ timeout: 15_000 });
    await this.searchInput.fill(name);
    const serverCard = this.page.locator('div[title]', { hasText: name }).first();
    await expect(serverCard).toBeVisible({ timeout: 15_000 });
    await serverCard.dblclick();
    if (options.acceptPluginDownloads) {
      const pluginConsentDialog = this.page.getByRole('dialog', { name: /uses plugins/ });
      await expect(pluginConsentDialog).toBeVisible({ timeout: 20_000 });
      await pluginConsentDialog.getByRole('button', { name: 'Accept and join' }).click();
    }
  }
 }
--- a/e2e/playwright.config.ts
+++ b/e2e/playwright.config.ts
@@ -22,7 +22,11 @@ export default defineConfig({
        ...devices['Desktop Chrome'],
        permissions: ['microphone', 'camera'],
        launchOptions: {
-          args: ['--use-fake-device-for-media-stream', '--use-fake-ui-for-media-stream']
+          args: [
            '--use-fake-device-for-media-stream',
            '--use-fake-ui-for-media-stream',
            '--autoplay-policy=no-user-gesture-required'
          ]
        }
      }
    }
--- a/e2e/run-playwright.mjs
+++ b/e2e/run-playwright.mjs
@@ -0,0 +1,27 @@
 import { spawn } from 'node:child_process';
 import { fileURLToPath } from 'node:url';
 const e2eDirectory = fileURLToPath(new URL('.', import.meta.url));
 const env = { ...process.env };
 const browsersPath = env.PLAYWRIGHT_BROWSERS_PATH;
 if (browsersPath?.includes('/cursor-sandbox-cache/')) {
  delete env.PLAYWRIGHT_BROWSERS_PATH;
 }
 const [command = 'test', ...args] = process.argv.slice(2);
 const executable = process.platform === 'win32' ? 'npx.cmd' : 'npx';
 const child = spawn(executable, ['playwright', command, ...args], {
  cwd: e2eDirectory,
  env,
  stdio: 'inherit'
 });
 child.on('exit', (code, signal) => {
  if (signal) {
    process.kill(process.pid, signal);
    return;
  }
  process.exit(code ?? 1);
 });
--- a/e2e/tests/auth/login-return-url.spec.ts
+++ b/e2e/tests/auth/login-return-url.spec.ts
@@ -0,0 +1,153 @@
 import { test, expect } from '../../fixtures/multi-client';
 import { LoginPage } from '../../pages/login.page';
 import { RegisterPage } from '../../pages/register.page';
 interface TestUser {
  username: string;
  displayName: string;
  password: string;
 }
 test.describe('Login returnUrl handling', () => {
  test.describe.configure({ timeout: 120_000 });
  test('unwraps nested login returnUrl chains after successful login', async ({ createClient }) => {
    const client = await createClient();
    const { page } = client;
    const suffix = uniqueName('nested-return');
    const user: TestUser = {
      username: `user_${suffix}`,
      displayName: 'Return Url User',
      password: 'TestPass123!'
    };
    await test.step('Create an account', async () => {
      const registerPage = new RegisterPage(page);
      await registerPage.goto();
      await registerPage.register(user.username, user.displayName, user.password);
      await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
    });
    await test.step('Log out and open a deeply nested login returnUrl', async () => {
      await logout(page);
      const nestedReturnUrl = '/login?returnUrl=%2Flogin%3FreturnUrl%3D%252Fservers';
      await page.goto(`/login?returnUrl=${encodeURIComponent(nestedReturnUrl)}`, {
        waitUntil: 'domcontentloaded'
      });
      await expect(page.locator('#login-username')).toBeVisible({ timeout: 15_000 });
    });
    await test.step('Login lands on the original destination instead of looping on /login', async () => {
      const loginPage = new LoginPage(page);
      await loginPage.login(user.username, user.password);
      await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
      await expect(page).not.toHaveURL(/returnUrl=.*login/);
    });
  });
  test('redirects unauthenticated /servers visits to login and returns there after login', async ({ createClient }) => {
    const client = await createClient();
    const { page } = client;
    const suffix = uniqueName('servers-return');
    const user: TestUser = {
      username: `user_${suffix}`,
      displayName: 'Servers Return User',
      password: 'TestPass123!'
    };
    await test.step('Create an account and log out', async () => {
      const registerPage = new RegisterPage(page);
      await registerPage.goto();
      await registerPage.register(user.username, user.displayName, user.password);
      await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
      await logout(page);
    });
    await test.step('Visiting /servers sends the user to a single-level login returnUrl', async () => {
      await page.goto('/servers', { waitUntil: 'domcontentloaded' });
      await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
      await expect(page).toHaveURL(/returnUrl=%2Fservers/);
      await expect(page).not.toHaveURL(/returnUrl=.*login/);
    });
    await test.step('Logging in returns to /servers', async () => {
      const loginPage = new LoginPage(page);
      await loginPage.login(user.username, user.password);
      await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
      await expect(page.locator('app-server-browser')).toBeVisible({ timeout: 15_000 });
    });
  });
  test('lets a returning user log back in after an expired session redirect', async ({ createClient }) => {
    const client = await createClient();
    const { page } = client;
    const suffix = uniqueName('expired-session');
    const user: TestUser = {
      username: `user_${suffix}`,
      displayName: 'Expired Session User',
      password: 'TestPass123!'
    };
    await test.step('Create an account', async () => {
      const registerPage = new RegisterPage(page);
      await registerPage.goto();
      await registerPage.register(user.username, user.displayName, user.password);
      await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
    });
    await test.step('Simulate an expired session while keeping the persisted user id', async () => {
      await page.evaluate(() => {
        const storageKey = 'metoyou.authTokens';
        const raw = localStorage.getItem(storageKey);
        if (!raw) {
          return;
        }
        const parsed = JSON.parse(raw) as Record<string, { token: string; expiresAt: number }>;
        const expiredStore = Object.fromEntries(
          Object.entries(parsed).map(([url, entry]) => [url, { ...entry, expiresAt: 0 }])
        );
        localStorage.setItem(storageKey, JSON.stringify(expiredStore));
      });
      await page.goto('/servers', { waitUntil: 'domcontentloaded' });
      await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
      await expect(page).toHaveURL(/returnUrl=%2Fservers/);
      await expect(page).not.toHaveURL(/returnUrl=.*login/);
    });
    await test.step('The user can authenticate again and reach /servers', async () => {
      const loginPage = new LoginPage(page);
      await loginPage.login(user.username, user.password);
      await expect(page).toHaveURL(/\/servers/, { timeout: 15_000 });
      await expect(page.locator('app-server-browser')).toBeVisible({ timeout: 15_000 });
    });
  });
 });
 async function logout(page: import('@playwright/test').Page): Promise<void> {
  const menuButton = page.getByRole('button', { name: 'Menu' });
  const logoutButton = page.getByRole('button', { name: 'Logout' });
  await expect(menuButton).toBeVisible({ timeout: 10_000 });
  await menuButton.click();
  await expect(logoutButton).toBeVisible({ timeout: 10_000 });
  await logoutButton.click();
  await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
 }
 function uniqueName(prefix: string): string {
  return `${prefix}-${Date.now().toString(36)}-${Math.random().toString(36)
    .slice(2, 8)}`;
 }
--- a/e2e/tests/auth/multi-device-session.spec.ts
+++ b/e2e/tests/auth/multi-device-session.spec.ts
@@ -0,0 +1,93 @@
 import {
  test,
  expect
 } from '../../fixtures/multi-client';
 import {
  MULTI_DEVICE_VOICE_CHANNEL,
  channelsSidePanel,
  createMultiDeviceScenario,
  expectCrossDeviceMessage,
  expectActiveVoiceOnDevice,
  expectPassiveVoiceOnDevice,
  logoutFromMenu,
  membersSidePanel,
  passiveVoiceChannelJoinBadge,
  readClientInstanceId,
  uniqueMultiDeviceName
 } from '../../helpers/multi-device-session';
 test.describe('Multi-device session', () => {
  test.describe.configure({ timeout: 300_000, retries: 1 });
  test('covers identity, chat sync, typing exclusion, and voice exclusivity', async ({ createClient }) => {
    const scenario = await createMultiDeviceScenario(createClient);
    const messageAtoB = `Cross-device A to B ${uniqueMultiDeviceName('msg')}`;
    const messageBtoA = `Cross-device B to A ${uniqueMultiDeviceName('msg')}`;
    const typingDraft = `Typing draft ${uniqueMultiDeviceName('draft')}`;
    await test.step('assigns distinct clientInstanceId per browser context', async () => {
      const instanceA = await readClientInstanceId(scenario.clientA.page);
      const instanceB = await readClientInstanceId(scenario.clientB.page);
      expect(instanceA).toBeTruthy();
      expect(instanceB).toBeTruthy();
      expect(instanceA).not.toEqual(instanceB);
    });
    await test.step('syncs chat from device A to device B', async () => {
      await expectCrossDeviceMessage(scenario.messagesA, scenario.messagesB, messageAtoB);
    });
    await test.step('syncs chat from device B to device A', async () => {
      await expectCrossDeviceMessage(scenario.messagesB, scenario.messagesA, messageBtoA);
    });
    await test.step('does not show own typing indicator on the other device for the same user', async () => {
      await scenario.messagesA.typeDraftWithTypingEvents(typingDraft);
      await expect(
        scenario.clientB.page.getByText(`${scenario.credentials.displayName} is typing`, { exact: false })
      ).toHaveCount(0, { timeout: 5_000 });
    });
    await test.step('shows passive in-voice UI on the second device when the first joins voice', async () => {
      await scenario.roomA.joinVoiceChannel(MULTI_DEVICE_VOICE_CHANNEL);
      await expectActiveVoiceOnDevice(scenario.clientA.page);
      await expectPassiveVoiceOnDevice(scenario.clientB.page, {
        displayName: scenario.credentials.displayName
      });
      await expect(
        membersSidePanel(scenario.clientB.page).getByText('In voice on another device', { exact: false })
      ).toBeVisible({ timeout: 20_000 });
      await expect(
        channelsSidePanel(scenario.clientB.page).locator('.opacity-50').filter({
          hasText: scenario.credentials.displayName
        }).first()
      ).toBeVisible({ timeout: 20_000 });
    });
    await test.step('shows Join takeover affordance on passive device voice channel', async () => {
      await expect(passiveVoiceChannelJoinBadge(scenario.clientB.page)).toBeVisible({ timeout: 20_000 });
    });
    await test.step('transfers voice ownership when the passive device takes over', async () => {
      await scenario.roomB.joinVoiceChannel(MULTI_DEVICE_VOICE_CHANNEL);
      await expectActiveVoiceOnDevice(scenario.clientB.page);
      await expectPassiveVoiceOnDevice(scenario.clientA.page, {
        displayName: scenario.credentials.displayName
      });
    });
    await test.step('keeps the second device logged in when the first device logs out', async () => {
      const message = `Still logged in ${uniqueMultiDeviceName('logout')}`;
      await logoutFromMenu(scenario.clientA.page);
      await scenario.messagesB.sendMessage(message);
      await expect(scenario.messagesB.getMessageItemByText(message)).toBeVisible({ timeout: 20_000 });
      await expect(scenario.clientB.page).toHaveURL(/\/room\//, { timeout: 10_000 });
    });
  });
 });
--- a/e2e/tests/auth/user-session-data-isolation.spec.ts
+++ b/e2e/tests/auth/user-session-data-isolation.spec.ts
@@ -0,0 +1,523 @@
 import { mkdtemp, rm } from 'node:fs/promises';
 import { tmpdir } from 'node:os';
 import { join } from 'node:path';
 import {
  chromium,
  type BrowserContext,
  type Page
 } from '@playwright/test';
 import { test, expect } from '../../fixtures/multi-client';
 import { installTestServerEndpoint } from '../../helpers/seed-test-endpoint';
 import { ChatMessagesPage } from '../../pages/chat-messages.page';
 import { LoginPage } from '../../pages/login.page';
 import { RegisterPage } from '../../pages/register.page';
 import { ServerSearchPage } from '../../pages/server-search.page';
 interface TestUser {
  username: string;
  displayName: string;
  password: string;
 }
 interface PersistentClient {
  context: BrowserContext;
  page: Page;
  userDataDir: string;
 }
 const CLIENT_LAUNCH_ARGS = ['--use-fake-device-for-media-stream', '--use-fake-ui-for-media-stream'];
 test.describe('User session data isolation', () => {
  test.describe.configure({ timeout: 240_000 });
  test('preserves a user saved rooms and local history across app restarts', async ({ testServer }) => {
    const suffix = uniqueName('persist');
    const userDataDir = await mkdtemp(join(tmpdir(), 'metoyou-auth-persist-'));
    const alice: TestUser = {
      username: `alice_${suffix}`,
      displayName: 'Alice',
      password: 'TestPass123!'
    };
    const aliceServerName = `Alice Session Server ${suffix}`;
    const aliceMessage = `Alice persisted message ${suffix}`;
    let client: PersistentClient | null = null;
    try {
      client = await launchPersistentClient(userDataDir, testServer.port);
      await test.step('Alice registers and creates local chat history', async () => {
        await registerUser(client.page, alice);
        await createServerAndSendMessage(client.page, alice, aliceServerName, aliceMessage);
      });
      await test.step('Alice sees the same saved room and message after a full restart', async () => {
        await restartPersistentClient(client, testServer.port);
        await openApp(client.page);
        await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
      });
    } finally {
      await closePersistentClient(client);
      await rm(userDataDir, { recursive: true, force: true });
    }
  });
  test('gives a new user a blank slate and restores only that user local data after account switches', async ({ testServer }) => {
    const suffix = uniqueName('isolation');
    const userDataDir = await mkdtemp(join(tmpdir(), 'metoyou-auth-isolation-'));
    const alice: TestUser = {
      username: `alice_${suffix}`,
      displayName: 'Alice',
      password: 'TestPass123!'
    };
    const bob: TestUser = {
      username: `bob_${suffix}`,
      displayName: 'Bob',
      password: 'TestPass123!'
    };
    const aliceServerName = `Alice Private Server ${suffix}`;
    const bobServerName = `Bob Private Server ${suffix}`;
    const aliceMessage = `Alice history ${suffix}`;
    const bobMessage = `Bob history ${suffix}`;
    let client: PersistentClient | null = null;
    try {
      client = await launchPersistentClient(userDataDir, testServer.port);
      await test.step('Alice creates persisted local data and verifies it survives a restart', async () => {
        await registerUser(client.page, alice);
        await createServerAndSendMessage(client.page, alice, aliceServerName, aliceMessage);
        await restartPersistentClient(client, testServer.port);
        await openApp(client.page);
        await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
      });
      await test.step('Bob starts from a blank slate in the same browser profile', async () => {
        await logoutUser(client.page);
        await registerUser(client.page, bob);
        await expectBlankSlate(client.page, [aliceServerName]);
      });
      await test.step('Bob gets only his own saved room and history after a restart', async () => {
        await createServerAndSendMessage(client.page, bob, bobServerName, bobMessage);
        await restartPersistentClient(client, testServer.port);
        await openApp(client.page);
        await expectSavedRoomAndHistory(client.page, bob, bobServerName, bobMessage);
        await expectSavedRoomHidden(client.page, aliceServerName);
      });
      await test.step('When Alice logs back in she sees only Alice local data, not Bob data', async () => {
        await logoutUser(client.page);
        await restartPersistentClient(client, testServer.port);
        await loginUser(client.page, alice);
        await expectSavedRoomVisible(client.page, aliceServerName);
        await expectSavedRoomHidden(client.page, bobServerName);
        await expectSavedRoomAndHistory(client.page, alice, aliceServerName, aliceMessage);
      });
    } finally {
      await closePersistentClient(client);
      await rm(userDataDir, { recursive: true, force: true });
    }
  });
 });
 async function launchPersistentClient(userDataDir: string, testServerPort: number): Promise<PersistentClient> {
  const context = await chromium.launchPersistentContext(userDataDir, {
    args: CLIENT_LAUNCH_ARGS,
    baseURL: 'http://localhost:4200',
    permissions: ['microphone', 'camera']
  });
  await installTestServerEndpoint(context, testServerPort);
  const page = context.pages()[0] ?? (await context.newPage());
  return {
    context,
    page,
    userDataDir
  };
 }
 async function restartPersistentClient(client: PersistentClient, testServerPort: number): Promise<void> {
  await client.context.close();
  const restartedClient = await launchPersistentClient(client.userDataDir, testServerPort);
  client.context = restartedClient.context;
  client.page = restartedClient.page;
 }
 async function closePersistentClient(client: PersistentClient | null): Promise<void> {
  if (!client) {
    return;
  }
  await client.context.close().catch(() => {});
 }
 async function openApp(page: Page): Promise<void> {
  await retryTransientNavigation(() => page.goto('/', { waitUntil: 'domcontentloaded' }));
 }
 async function registerUser(page: Page, user: TestUser): Promise<void> {
  const registerPage = new RegisterPage(page);
  await retryTransientNavigation(() => registerPage.goto());
  await registerPage.register(user.username, user.displayName, user.password);
  await expect(page).toHaveURL(/\/dashboard/, { timeout: 15_000 });
 }
 async function loginUser(page: Page, user: TestUser): Promise<void> {
  const loginPage = new LoginPage(page);
  await retryTransientNavigation(() => loginPage.goto());
  await loginPage.login(user.username, user.password);
  await expect(page).toHaveURL(/\/(dashboard|room)(\/|$)/, { timeout: 15_000 });
 }
 async function logoutUser(page: Page): Promise<void> {
  const menuButton = page.getByRole('button', { name: 'Menu' });
  const logoutButton = page.getByRole('button', { name: 'Logout' });
  const loginPage = new LoginPage(page);
  await expect(menuButton).toBeVisible({ timeout: 10_000 });
  await menuButton.click();
  await expect(logoutButton).toBeVisible({ timeout: 10_000 });
  await logoutButton.click();
  await expect(page).toHaveURL(/\/login/, { timeout: 15_000 });
  await expect(loginPage.usernameInput).toBeVisible({ timeout: 10_000 });
 }
 async function createServerAndSendMessage(page: Page, user: TestUser, serverName: string, messageText: string): Promise<void> {
  const searchPage = new ServerSearchPage(page);
  const messagesPage = new ChatMessagesPage(page);
  await loginIfNeeded(page, user);
  await ensureCurrentUserScope(page, user);
  await page.goto('/create-server', { waitUntil: 'domcontentloaded' });
  if (await waitForLoginForm(page, 5_000)) {
    await loginUser(page, user);
    await page.goto('/create-server', { waitUntil: 'domcontentloaded' });
  }
  await expect(searchPage.serverNameInput).toBeVisible({ timeout: 10_000 });
  await searchPage.serverNameInput.fill(serverName);
  await searchPage.serverDescriptionInput.fill(`User session isolation coverage for ${serverName}`);
  await searchPage.createSubmitButton.click();
  await expect(page).toHaveURL(/\/room\//, { timeout: 15_000 });
  await messagesPage.sendMessage(messageText);
  await expect(messagesPage.getMessageItemByText(messageText)).toBeVisible({ timeout: 20_000 });
  await expectMessagePersistedInIndexedDb(page, messageText);
 }
 async function expectSavedRoomAndHistory(page: Page, user: TestUser, roomName: string, messageText: string): Promise<void> {
  if (await waitForVisibleText(page, messageText, 5_000)) {
    return;
  }
  if (await new LoginPage(page).usernameInput.isVisible().catch(() => false)) {
    await loginUser(page, user);
  }
  await expectMessagePersistedInIndexedDb(page, messageText);
  const persistedRoomId = await getPersistedRoomIdForMessage(page, messageText);
  if (persistedRoomId) {
    await openPersistedRoomById(page, user, persistedRoomId);
    await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
    return;
  }
  if (await openSavedRoomFromRail(page, roomName)) {
    await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
    return;
  }
  await joinServerFromSearchAfterLogin(page, user, roomName);
  await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
  await expect(page.getByText(messageText, { exact: false })).toBeVisible({ timeout: 20_000 });
 }
 async function expectBlankSlate(page: Page, hiddenRoomNames: string[]): Promise<void> {
  await page.goto('/servers', { waitUntil: 'domcontentloaded' });
  await expect(page.locator('app-server-browser')).toBeVisible({ timeout: 15_000 });
  for (const roomName of hiddenRoomNames) {
    await expectSavedRoomHidden(page, roomName);
  }
 }
 async function expectSavedRoomVisible(page: Page, roomName: string): Promise<void> {
  if (await page.getByText(roomName, { exact: false }).first()
    .isVisible()
    .catch(() => false)) {
    return;
  }
  await page.goto('/servers', { waitUntil: 'domcontentloaded' });
  await expect(getSearchSavedRoomButton(page, roomName)).toBeVisible({ timeout: 20_000 });
 }
 async function expectSavedRoomHidden(page: Page, roomName: string): Promise<void> {
  if (!page.url().includes('/servers')) {
    await page.goto('/servers', { waitUntil: 'domcontentloaded' });
  }
  await expect(getSearchSavedRoomButton(page, roomName)).toHaveCount(0);
 }
 function getSearchSavedRoomButton(page: Page, roomName: string) {
  return page.locator('app-server-browser').getByRole('button', { name: roomName, exact: true });
 }
 async function openSavedRoomFromRail(page: Page, roomName: string): Promise<boolean> {
  try {
    await expect(page.locator('app-servers-rail')).toBeVisible({ timeout: 10_000 });
    const clicked = await page.locator('app-servers-rail button').evaluateAll((buttons, expectedName) => {
      const expectedPrefix = expectedName.slice(0, 24);
      const button = buttons.find((candidate) => {
        const title = (candidate as HTMLButtonElement).title;
        return title === expectedName || title.startsWith(expectedPrefix);
      }) as HTMLButtonElement | undefined;
      button?.click();
      return !!button;
    }, roomName);
    if (!clicked) {
      return await openSavedRoomFromDashboard(page, roomName);
    }
    await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
    return true;
  } catch {
    return await openSavedRoomFromDashboard(page, roomName);
  }
 }
 async function openSavedRoomFromDashboard(page: Page, roomName: string): Promise<boolean> {
  const roomNamePattern = new RegExp(escapeRegExp(roomName.slice(0, 24)));
  const roomButton = page.getByRole('button', { name: roomNamePattern }).first();
  try {
    await expect(roomButton).toBeVisible({ timeout: 10_000 });
    await roomButton.click();
    await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
    return true;
  } catch {
    return await joinVisibleServerFromDashboard(page, roomNamePattern);
  }
 }
 async function joinVisibleServerFromDashboard(page: Page, roomNamePattern: RegExp): Promise<boolean> {
  const serverRow = page.locator('div', { hasText: roomNamePattern }).filter({
    has: page.getByRole('button', { name: 'Join' })
  })
    .last();
  const joinButton = serverRow.getByRole('button', { name: 'Join' });
  try {
    await expect(joinButton).toBeVisible({ timeout: 10_000 });
    await joinButton.click();
    await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
    return true;
  } catch {
    return false;
  }
 }
 async function joinServerFromSearchAfterLogin(page: Page, user: TestUser, roomName: string): Promise<void> {
  const searchPage = new ServerSearchPage(page);
  await loginIfNeeded(page, user);
  await searchPage.goto();
  if (!await waitForServerSearch(page, 5_000)) {
    await loginUser(page, user);
    await searchPage.goto();
  }
  await expect(searchPage.searchInput).toBeVisible({ timeout: 15_000 });
  await searchPage.searchInput.fill(roomName);
  const serverCard = page.locator('div[title]', { hasText: roomName }).first();
  await expect(serverCard).toBeVisible({ timeout: 15_000 });
  await serverCard.dblclick();
 }
 async function loginIfNeeded(page: Page, user: TestUser): Promise<void> {
  const loginPage = new LoginPage(page);
  if (page.url().includes('/login')) {
    await expect(loginPage.usernameInput).toBeVisible({ timeout: 15_000 });
    await loginUser(page, user);
    return;
  }
  if (await loginPage.usernameInput.isVisible().catch(() => false)) {
    await loginUser(page, user);
  }
 }
 async function ensureCurrentUserScope(page: Page, user: TestUser): Promise<void> {
  if (await hasCurrentUserScope(page)) {
    return;
  }
  await loginUser(page, user);
  await expect.poll(() => hasCurrentUserScope(page), { timeout: 10_000 }).toBe(true);
 }
 async function hasCurrentUserScope(page: Page): Promise<boolean> {
  return page.evaluate(() => !!localStorage.getItem('metoyou_currentUserId')?.trim());
 }
 async function openPersistedRoomById(page: Page, user: TestUser, roomId: string): Promise<void> {
  for (let attempt = 1; attempt <= 3; attempt += 1) {
    await page.goto(`/room/${roomId}`, { waitUntil: 'domcontentloaded' });
    if (await waitForLoginForm(page, 5_000)) {
      await loginUser(page, user);
      continue;
    }
    await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
    if (!await waitForLoginForm(page, 2_000)) {
      return;
    }
    await loginUser(page, user);
  }
  await page.goto(`/room/${roomId}`, { waitUntil: 'domcontentloaded' });
  await expect(page).toHaveURL(/\/room\//, { timeout: 20_000 });
 }
 async function waitForLoginForm(page: Page, timeout: number): Promise<boolean> {
  try {
    await expect(new LoginPage(page).usernameInput).toBeVisible({ timeout });
    return true;
  } catch {
    return false;
  }
 }
 async function waitForServerSearch(page: Page, timeout: number): Promise<boolean> {
  try {
    await expect(new ServerSearchPage(page).searchInput).toBeVisible({ timeout });
    return true;
  } catch {
    return false;
  }
 }
 async function waitForVisibleText(page: Page, text: string, timeout: number): Promise<boolean> {
  try {
    await expect(page.getByText(text, { exact: false })).toBeVisible({ timeout });
    return true;
  } catch {
    return false;
  }
 }
 async function expectMessagePersistedInIndexedDb(page: Page, messageText: string): Promise<void> {
  await expect.poll(
    () => getPersistedRoomIdForMessage(page, messageText).then((roomId) => !!roomId),
    { timeout: 10_000 }
  ).toBe(true);
 }
 async function getPersistedRoomIdForMessage(page: Page, messageText: string): Promise<string | null> {
  return page.evaluate(async (expectedContent) => {
    const currentUserId = localStorage.getItem('metoyou_currentUserId')?.trim();
    const preferredDatabaseName = `metoyou::${encodeURIComponent(currentUserId || 'anonymous')}`;
    const discoveredDatabaseNames = typeof indexedDB.databases === 'function'
      ? (await indexedDB.databases())
        .map((database) => database.name)
        .filter((name): name is string => !!name && (name === 'metoyou' || name.startsWith('metoyou::')))
      : null;
    const databaseNames = discoveredDatabaseNames ?? [preferredDatabaseName];
    const remainingDatabaseNames = databaseNames.filter((name) => name !== preferredDatabaseName);
    const orderedDatabaseNames = databaseNames.includes(preferredDatabaseName)
      ? [preferredDatabaseName].concat(remainingDatabaseNames)
      : remainingDatabaseNames;
    for (const databaseName of orderedDatabaseNames) {
      const database = await new Promise<IDBDatabase>((resolve, reject) => {
        const request = indexedDB.open(databaseName);
        request.onerror = () => reject(request.error);
        request.onsuccess = () => resolve(request.result);
      });
      try {
        if (!database.objectStoreNames.contains('messages')) {
          continue;
        }
        const transaction = database.transaction('messages', 'readonly');
        const request = transaction.objectStore('messages').getAll();
        const roomId = await new Promise<string | null>((resolve, reject) => {
          request.onerror = () => reject(request.error);
          request.onsuccess = () => {
            const match = ((request.result as { content?: string; roomId?: string }[]) ?? [])
              .find((message) => message.content === expectedContent);
            resolve(match?.roomId ?? null);
          };
        });
        if (roomId) {
          return roomId;
        }
      } finally {
        database.close();
      }
    }
    return null;
  }, messageText);
 }
 function escapeRegExp(value: string): string {
  return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
 }
 async function retryTransientNavigation<T>(navigate: () => Promise<T>, attempts = 4): Promise<T> {
  let lastError: unknown;
  for (let attempt = 1; attempt <= attempts; attempt += 1) {
    try {
      return await navigate();
    } catch (error) {
      lastError = error;
      const message = error instanceof Error ? error.message : String(error);
      const isTransientNavigationError = message.includes('ERR_EMPTY_RESPONSE') || message.includes('ERR_CONNECTION_RESET');
      if (!isTransientNavigationError || attempt === attempts) {
        throw error;
      }
    }
  }
  throw lastError instanceof Error ? lastError : new Error(`Navigation failed after ${attempts} attempts`);
 }
 function uniqueName(prefix: string): string {
  return `${prefix}-${Date.now().toString(36)}-${Math.random().toString(36)
    .slice(2, 8)}`;
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Myx	80d7728e66	fix: No longer displays edited on all messages and fix Disconnected from signaling server on multiple clients All checks were successful Queue Release Build / prepare (push) Successful in 19s Details Deploy Web Apps / deploy (push) Successful in 8m19s Details Queue Release Build / build-windows (push) Successful in 27m48s Details Queue Release Build / build-linux (push) Successful in 47m35s Details Queue Release Build / build-android (push) Successful in 21m15s Details Queue Release Build / finalize (push) Successful in 2m30s Details	2026-06-07 15:05:12 +02:00
Myx	83456c018c	fix: Fix multiple bugs with new authentication flow	2026-06-07 15:04:21 +02:00
Myx	9fc26b1ccf	ci: fix apk build All checks were successful Queue Release Build / prepare (push) Successful in 23s Details Deploy Web Apps / deploy (push) Successful in 6m35s Details Queue Release Build / build-windows (push) Successful in 27m49s Details Queue Release Build / build-linux (push) Successful in 44m3s Details Queue Release Build / build-android (push) Successful in 20m59s Details Queue Release Build / finalize (push) Successful in 2m40s Details	2026-06-05 18:37:17 +02:00
Myx	45675192a5	feat: Security	2026-06-05 18:34:01 +02:00
Myx	ee293d7daf	feat: Rename to Toju and add translation Some checks failed Deploy Web Apps / deploy (push) Successful in 5m52s Details Build Android APK / build-android-apk (push) Failing after 23m15s Details Queue Release Build / prepare (push) Successful in 1m42s Details Queue Release Build / build-linux (push) Failing after 9m33s Details Queue Release Build / build-windows (push) Successful in 26m5s Details Queue Release Build / finalize (push) Has been skipped Details	2026-06-05 17:17:29 +02:00
Myx	8ecfc9a1fe	feat: Add slashcommand api	2026-06-05 17:12:26 +02:00
Myx	4070ef6caf	perf: Add ram metric	2026-06-05 15:27:33 +02:00
Myx	a675f12e61	feat: Add deafen to pc, fix mobiel view, fix freeze on startup	2026-06-05 15:27:06 +02:00
Myx	35f52b0356	fix: attachments broken Some checks failed Build Android APK / build-android-apk (push) Failing after 3m5s Details Queue Release Build / prepare (push) Successful in 32s Details Deploy Web Apps / deploy (push) Successful in 9m30s Details Queue Release Build / build-windows (push) Successful in 28m7s Details Queue Release Build / build-linux (push) Successful in 47m6s Details Queue Release Build / finalize (push) Successful in 58s Details	2026-06-05 08:02:29 +02:00
Myx	9a1305f976	feat: Android APP V1 - Experimental Alpha	2026-06-05 07:40:25 +02:00
Myx	bf4e6891d1	feat: signal server tag	2026-06-05 06:16:02 +02:00
Myx	6865147e8f	feat: Add emoji and alot of other fixes	2026-06-05 05:40:18 +02:00
Myx	ca069e2f61	fix: chat scroll fix	2026-06-05 02:46:39 +02:00
Myx	9e1d75d038	style: Consistent backdrop and create server in server-rail wider server rail with larger icons ans slightly animated.	2026-06-05 02:34:02 +02:00
Myx	2f6c52e73c	feat: dashboard	2026-06-05 01:51:03 +02:00
Myx	147858de2f	fix: Improve autoscroll to bottom	2026-06-04 18:34:38 +02:00
Myx	6d021a296b	fix: Unread notificaitons on startup	2026-06-04 18:18:22 +02:00
Myx	161f57f52e	fix: solve small pm chat ui issues unwrap the pill fix the fetching images in pm not auto download	2026-05-25 17:17:32 +02:00
Myx	1259645706	style: Update default theme	2026-05-25 16:51:44 +02:00
Myx	155fe20862	wip: optimizations	2026-05-23 15:28:40 +02:00
SocksOnHead	5bf506af03	Merge pull request 'docs: scaffold agent instruction tree' (#16 ) from docs/scaffold-agent-instruction-tree into main All checks were successful Queue Release Build / prepare (push) Successful in 20s Details Deploy Web Apps / deploy (push) Successful in 7m55s Details Queue Release Build / build-windows (push) Successful in 26m57s Details Queue Release Build / build-linux (push) Successful in 44m21s Details Queue Release Build / finalize (push) Successful in 42s Details Reviewed-on: #16	2026-05-19 22:26:19 +00:00
brogeby	c48b6e9c94	docs: scaffold agent instruction tree Add AGENTS.md, CLAUDE.md, and the agents-docs/ tree (workflow, lessons, engineering standards, context map, ADR seed, feature template) plus a domain-bearing CONTEXT.md for each of the six subdomains: toju-app, electron, server, e2e, website, docs-site. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-20 00:02:02 +02:00
Myx	232a9ea8ea	test: Ensure tests work after latest changes All checks were successful Queue Release Build / prepare (push) Successful in 17s Details Deploy Web Apps / deploy (push) Successful in 7m20s Details Queue Release Build / build-windows (push) Successful in 25m4s Details Queue Release Build / build-linux (push) Successful in 33m59s Details Queue Release Build / finalize (push) Successful in 41s Details	2026-05-19 00:52:28 +02:00
Myx	54e8b9a5e4	feat: Update how messages load and sync, allow plugins to import messages All checks were successful Queue Release Build / prepare (push) Successful in 23s Details Deploy Web Apps / deploy (push) Successful in 7m36s Details Queue Release Build / build-windows (push) Successful in 28m3s Details Queue Release Build / build-linux (push) Successful in 44m14s Details Queue Release Build / finalize (push) Successful in 39s Details	2026-05-18 23:21:09 +02:00
Myx	94428ed170	fix: Mobile style fixes and other small ui fixes	2026-05-18 23:20:32 +02:00
Myx	afb64520ed	perf: server navigation	2026-05-18 19:38:08 +02:00
Myx	0152ed9dd2	fix: memory leak hunting and reconnecting on data error	2026-05-18 19:37:30 +02:00
Myx	dea114aed0	feat: Response mobile layout support v1 All checks were successful Queue Release Build / prepare (push) Successful in 1m6s Details Deploy Web Apps / deploy (push) Successful in 7m35s Details Queue Release Build / build-windows (push) Successful in 29m57s Details Queue Release Build / build-linux (push) Successful in 46m28s Details Queue Release Build / finalize (push) Successful in 49s Details	2026-05-18 03:03:55 +02:00
Myx	ecb1a4b3a0	refactor: Remove hardcoded values All checks were successful Queue Release Build / prepare (push) Successful in 2m28s Details Deploy Web Apps / deploy (push) Successful in 7m58s Details Queue Release Build / build-linux (push) Successful in 46m59s Details Queue Release Build / build-windows (push) Successful in 26m2s Details Queue Release Build / finalize (push) Successful in 23s Details	2026-05-17 18:18:14 +02:00
Myx	a173299ad3	fix: Game detection improvements Some checks failed Queue Release Build / prepare (push) Successful in 27s Details Deploy Web Apps / deploy (push) Successful in 10m8s Details Queue Release Build / finalize (push) Has been cancelled Details Queue Release Build / build-windows (push) Has been cancelled Details Queue Release Build / build-linux (push) Has been cancelled Details	2026-05-17 17:47:40 +02:00
Myx	8631290c01	fix: Improve plugin ui entry points, Fix chat scroll, fix notifications, fix user rights	2026-05-17 16:09:16 +02:00
Myx	8e3ccf4157	feat: Add incoming call modal	2026-05-17 16:08:24 +02:00
Myx	9d0a4478b2	Repair connectivity correctly v1	2026-05-17 15:15:14 +02:00
Myx	e769a6ee4a	Fix private calls	2026-05-17 15:14:52 +02:00
Myx	0f6cb3ee77	fix: browser bug with plugins, and improve joining	2026-05-04 23:35:40 +02:00
Myx	a49e18b9f0	fix: recurriing network issue All checks were successful Queue Release Build / prepare (push) Successful in 18s Details Deploy Web Apps / deploy (push) Successful in 6m32s Details Queue Release Build / build-windows (push) Successful in 26m8s Details Queue Release Build / build-linux (push) Successful in 40m18s Details Queue Release Build / finalize (push) Successful in 42s Details	2026-04-30 04:04:34 +02:00
SocksOnHead	b1fe286be8	Merge pull request 'Plugins' (#14 ) from Plugins into main All checks were successful Queue Release Build / prepare (push) Successful in 20s Details Deploy Web Apps / deploy (push) Successful in 8m30s Details Queue Release Build / build-windows (push) Successful in 25m24s Details Queue Release Build / build-linux (push) Successful in 41m32s Details Queue Release Build / finalize (push) Successful in 30s Details Reviewed-on: #14	2026-04-29 23:18:22 +00:00
Myx	0a714428f6	docs: improve doucmentation improve doucmentation and fix small store changes	2026-04-30 01:16:48 +02:00
Myx	3f92e74350	feat: expose more apis	2026-04-29 23:39:09 +02:00
Myx	fa2cca6fa4	fix: improve plugins functionality with server management	2026-04-29 20:33:54 +02:00
Myx	b8f6d58d99	test: repair broken tests	2026-04-29 19:05:38 +02:00
Myx	e1ac1d1bc0	feat: server image	2026-04-29 18:54:08 +02:00
Myx	3d81c34159	feat: Add browser documentation	2026-04-29 17:15:01 +02:00
Myx	d261bac0ed	feat: plugins v1.7	2026-04-29 15:24:56 +02:00
Myx	eabbc08896	feat: plugins v1.5	2026-04-29 01:14:30 +02:00
Myx	6920f93b41	feat: plugins v1	2026-04-29 01:14:14 +02:00
Myx	ec3802ade6	test: fix broken dm test All checks were successful Queue Release Build / prepare (push) Successful in 23s Details Deploy Web Apps / deploy (push) Successful in 6m5s Details Queue Release Build / build-windows (push) Successful in 17m1s Details Queue Release Build / build-linux (push) Successful in 29m15s Details Queue Release Build / finalize (push) Successful in 38s Details	2026-04-27 22:48:45 +02:00
Myx	66c6f34cd3	feat: Add game activity status (Experimental) All checks were successful Queue Release Build / prepare (push) Successful in 21s Details Deploy Web Apps / deploy (push) Successful in 5m14s Details Queue Release Build / build-windows (push) Successful in 16m18s Details Queue Release Build / build-linux (push) Successful in 29m20s Details Queue Release Build / finalize (push) Successful in 36s Details	2026-04-27 11:02:34 +02:00
Myx	3858beb28e	feat: Data management	2026-04-27 03:29:41 +02:00
Myx	1b91eacb5b	feat: Theme studio v2	2026-04-27 03:02:13 +02:00
Myx	11c2588e45	feat: Add pm	2026-04-27 01:02:39 +02:00
Myx	bc2fa7de22	fix: multiple bug fixes isolated users, db backup, weird disconnect issues for long voice sessions,	2026-04-26 22:54:13 +02:00
Myx	44588e8789	feat: Add TURN server support All checks were successful Queue Release Build / prepare (push) Successful in 15s Details Deploy Web Apps / deploy (push) Successful in 5m35s Details Queue Release Build / build-linux (push) Successful in 24m45s Details Queue Release Build / build-windows (push) Successful in 13m52s Details Queue Release Build / finalize (push) Successful in 23s Details	2026-04-18 21:27:04 +02:00
Myx	167c45ba8d	test: Add 8 people voice tests	2026-04-18 14:24:11 +02:00
		`@@ -0,0 +1 @@`
							`Read AGENTS.md at the root of this repository at the start of every session before doing any work. It links to all other agent instruction files.`
		`@@ -0,0 +1,3 @@`
							`# E2E Plugin API Fixture`

							`This plugin is intentionally tiny. Tests use its manifest to exercise plugin discovery, server support metadata, server data, and plugin event relay APIs without executing plugin code.`