Add Google Calendar, self-modify, brain memory, and reliability improvements

.gitignore

@@ -36,3 +36,13 @@ Thumbs.db
 
 # Docker build artifacts
 *.tar
+
+# Local Claude settings
+.claude/
+
+# Clawdbot runtime config (contains tokens)
+clawdbot/
+.clawdhub/
+
+# Custom skills (user-specific)
+skills/prompt-guard/

AGENTS.md

@@ -97,150 +97,10 @@ When adding new functionality, add corresponding tests.
 - Keep route handlers thin - extract logic to separate modules
 - Use Hono's context methods (`c.json()`, `c.html()`) for responses
 
-## Documentation
-
-- `README.md` - User-facing documentation (setup, configuration, usage)
-- `AGENTS.md` - This file, for AI agents
-
-Development documentation goes in AGENTS.md, not README.md.
-
----
-
-## Architecture
-
-```
-Browser
-   │
-   ▼
-┌─────────────────────────────────────┐
-│     Cloudflare Worker (index.ts)    │
-│  - Starts Moltbot in sandbox        │
-│  - Proxies HTTP/WebSocket requests  │
-│  - Passes secrets as env vars       │
-└──────────────┬──────────────────────┘
-               │
-               ▼
-┌─────────────────────────────────────┐
-│     Cloudflare Sandbox Container    │
-│  ┌───────────────────────────────┐  │
-│  │     Moltbot Gateway           │  │
-│  │  - Control UI on port 18789   │  │
-│  │  - WebSocket RPC protocol     │  │
-│  │  - Agent runtime              │  │
-│  └───────────────────────────────┘  │
-└─────────────────────────────────────┘
-```
-
-### Key Files
-
-| File | Purpose |
-|------|---------|
-| `src/index.ts` | Worker that manages sandbox lifecycle and proxies requests |
-| `Dockerfile` | Container image based on `cloudflare/sandbox` with Node 22 + Moltbot |
-| `start-moltbot.sh` | Startup script that configures moltbot from env vars and launches gateway |
-| `moltbot.json.template` | Default Moltbot configuration template |
-| `wrangler.jsonc` | Cloudflare Worker + Container configuration |
-
-## Local Development
-
-```bash
-npm install
-cp .dev.vars.example .dev.vars
-# Edit .dev.vars with your ANTHROPIC_API_KEY
-npm run start
-```
-
-### Environment Variables
-
-For local development, create `.dev.vars`:
-
-```bash
-ANTHROPIC_API_KEY=sk-ant-...
-DEV_MODE=true           # Skips CF Access auth + device pairing
-DEBUG_ROUTES=true       # Enables /debug/* routes
-```
-
-### WebSocket Limitations
-
-Local development with `wrangler dev` has issues proxying WebSocket connections through the sandbox. HTTP requests work but WebSocket connections may fail. Deploy to Cloudflare for full functionality.
-
-## Docker Image Caching
-
-The Dockerfile includes a cache bust comment. When changing `moltbot.json.template` or `start-moltbot.sh`, bump the version:
-
-```dockerfile
-# Build cache bust: 2026-01-26-v10
-```
-
 ## Gateway Configuration
 
-Moltbot configuration is built at container startup:
-
-1. `moltbot.json.template` is copied to `~/.clawdbot/clawdbot.json` (internal path unchanged)
-2. `start-moltbot.sh` updates the config with values from environment variables
-3. Gateway starts with `--allow-unconfigured` flag (skips onboarding wizard)
-
-### Container Environment Variables
-
-These are the env vars passed TO the container (internal names):
-
-| Variable | Config Path | Notes |
-|----------|-------------|-------|
-| `ANTHROPIC_API_KEY` | (env var) | Moltbot reads directly from env |
-| `CLAWDBOT_GATEWAY_TOKEN` | `--token` flag | Mapped from `MOLTBOT_GATEWAY_TOKEN` |
-| `CLAWDBOT_DEV_MODE` | `controlUi.allowInsecureAuth` | Mapped from `DEV_MODE` |
-| `TELEGRAM_BOT_TOKEN` | `channels.telegram.botToken` | |
-| `DISCORD_BOT_TOKEN` | `channels.discord.token` | |
-| `SLACK_BOT_TOKEN` | `channels.slack.botToken` | |
-| `SLACK_APP_TOKEN` | `channels.slack.appToken` | |
-
-## Moltbot Config Schema
-
-Moltbot has strict config validation. Common gotchas:
-
+- Config built at startup by `start-moltbot.sh` from environment variables
+- Gateway starts with `--allow-unconfigured` flag (skips onboarding wizard)
 - `agents.defaults.model` must be `{ "primary": "model/name" }` not a string
 - `gateway.mode` must be `"local"` for headless operation
-- No `webchat` channel - the Control UI is served automatically
 - `gateway.bind` is not a config option - use `--bind` CLI flag
-
-See [Moltbot docs](https://docs.molt.bot/gateway/configuration) for full schema.
-
-## Common Tasks
-
-### Adding a New API Endpoint
-
-1. Add route handler in `src/routes/api.ts`
-2. Add types if needed in `src/types.ts`
-3. Update client API in `src/client/api.ts` if frontend needs it
-4. Add tests
-
-### Adding a New Environment Variable
-
-1. Add to `MoltbotEnv` interface in `src/types.ts`
-2. If passed to container, add to `buildEnvVars()` in `src/gateway/env.ts`
-3. Update `.dev.vars.example`
-4. Document in README.md secrets table
-
-### Debugging
-
-```bash
-# View live logs
-npx wrangler tail
-
-# Check secrets
-npx wrangler secret list
-```
-
-Enable debug routes with `DEBUG_ROUTES=true` and check `/debug/processes`.
-
-## R2 Storage Notes
-
-R2 is mounted via s3fs at `/data/moltbot`. Important gotchas:
-
-- **rsync compatibility**: Use `rsync -r --no-times` instead of `rsync -a`. s3fs doesn't support setting timestamps, which causes rsync to fail with "Input/output error".
-
-- **Mount checking**: Don't rely on `sandbox.mountBucket()` error messages to detect "already mounted" state. Instead, check `mount | grep s3fs` to verify the mount status.
-
-- **Never delete R2 data**: The mount directory `/data/moltbot` IS the R2 bucket. Running `rm -rf /data/moltbot/*` will DELETE your backup data. Always check mount status before any destructive operations.
-
-- **Process status**: The sandbox API's `proc.status` may not update immediately after a process completes. Instead of checking `proc.status === 'completed'`, verify success by checking for expected output (e.g., timestamp file exists after sync).

Dockerfile

@@ -1,10 +1,11 @@
 FROM docker.io/cloudflare/sandbox:0.7.0
 
-# Install Node.js 22 (required by clawdbot) and rsync (for R2 backup sync)
+# Build cache bust: 2026-02-14-v44-auto-approve-pairing
+# Install Node.js 22 (required by openclaw) and rsync (for R2 backup sync)
 # The base image has Node 20, we need to replace it with Node 22
 # Using direct binary download for reliability
 ENV NODE_VERSION=22.13.1
-RUN apt-get update && apt-get install -y xz-utils ca-certificates rsync \
+RUN apt-get update && apt-get install -y xz-utils ca-certificates rsync git \
     && curl -fsSLk https://nodejs.org/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-linux-x64.tar.xz -o /tmp/node.tar.xz \
     && tar -xJf /tmp/node.tar.xz -C /usr/local --strip-components=1 \
     && rm /tmp/node.tar.xz \
@@ -14,22 +15,29 @@ RUN apt-get update && apt-get install -y xz-utils ca-certificates rsync \
 # Install pnpm globally
 RUN npm install -g pnpm
 
-# Install moltbot (CLI is still named clawdbot until upstream renames)
-# Pin to specific version for reproducible builds
-RUN npm install -g clawdbot@2026.1.24-3 \
-    && clawdbot --version
+# Install openclaw (latest version with OAuth support)
+RUN npm install -g openclaw@latest \
+    && openclaw --version
 
-# Create moltbot directories (paths still use clawdbot until upstream renames)
-# Templates are stored in /root/.clawdbot-templates for initialization
+# Install ws module globally for CDP browser automation scripts
+RUN npm install -g ws
+
+# Ensure globally installed modules are findable by scripts
+ENV NODE_PATH=/usr/local/lib/node_modules
+
+# Create openclaw directories
+# Note: openclaw still uses ~/.clawdbot for config compatibility
 RUN mkdir -p /root/.clawdbot \
     && mkdir -p /root/.clawdbot-templates \
     && mkdir -p /root/clawd \
-    && mkdir -p /root/clawd/skills
+    && mkdir -p /root/clawd/skills \
+    && mkdir -p /root/clawd/warm-memory \
+    && mkdir -p /root/clawd/.modification-history \
+    && mkdir -p /root/clawd/brain-memory/reflections
 
-# Copy startup script
-# Build cache bust: 2026-01-28-v26-browser-skill
+# Copy startup script (version: 2026-02-04-v3)
 COPY start-moltbot.sh /usr/local/bin/start-moltbot.sh
-RUN chmod +x /usr/local/bin/start-moltbot.sh
+RUN chmod +x /usr/local/bin/start-moltbot.sh && echo "start-moltbot.sh version: 2026-02-14-v71-auto-approve-pairing"
 
 # Copy default configuration template
 COPY moltbot.json.template /root/.clawdbot-templates/moltbot.json.template