Removes crossed-out "$20" pricing from all templates and test files.
The hosted plan is now permanently $12/year.
Files modified:
- test-index.html: Header CTA button
- test-hosted.html: Header CTA and hero text
- base.tmpl: Header CTA button
- hosted.tmpl: Hero text and CTA section
- index.tmpl: Hero button and hosted CTA section
- upgrade.tmpl: Pricing comparison text
- integrations.tmpl: All 4 CTA buttons (English + Chinese)
- install.tmpl: Hosted option section
fixes#9
Author: Emma <emma-20250409-001>
1. Created QUICKSTART.md (60 second read vs 1295 line handbook)
- Who you are, 4 session-start actions, critical rules
- All CLAUDE.md files now reference QUICKSTART first
2. Created scripts/daily-review.sh (automates Part 4 checks)
- Runs Section A, F, G checks automatically
- Reports PASS/FAIL with colors
- Fails fast on foundation violations
3. Added workflow section to handbook
- Where to find tasks (git.clavitor.ai)
- Priority order (CRITICAL > HIGH > MEDIUM)
- Engineer vs Reviewer responsibilities
4. Created tasks skill (.claude/skills/tasks/SKILL.md)
- For querying Gitea issues programmatically
- Will integrate with agent workflow
5. Updated all 11 CLAUDE.md files with concise headers
- Quickstart link (60s)
- Deep reference link (handbook Section V)
- Agent identity + daily script command
Hans' feedback addressed:
- ✅ Handbook too long → QUICKSTART.md
- ✅ Daily review manual → automated script
- ✅ Vague instructions → specific script + task query
- ✅ No task queue → skill created
Complete vault rewrite with correct foundation:
- CVT encrypted envelope tokens (type 0x00 wire, type 0x01 client credential)
- Agents and scopes stored as L1-encrypted entries (no separate tables)
- Scope-based access control with AgentCanAccess() set intersection
- Owner-only admin enforcement (agents cannot manage agents/scopes)
- 14 password manager importers (Proton, Bitwarden, 1Password, LastPass,
Dashlane, KeePass, KeePassXC, NordPass, Keeper, RoboForm, Enpass,
Safari/iCloud, Chrome, Firefox)
- FIELD_SPEC single source of truth for field kind and tier
- L2/L3 client-side encryption on import (PRF required)
- Domain classification service on clavitor.ai/classify
- Scope auto-assignment during import (13 categories)
- Light theme default (Figtree font, matching clavitor.ai branding)
- Unified page shell across all screens (topbar on every page)
- Batch import with progress indicator
- ZIP extraction for Proton Pass exports
- Proton dedup by title+user+url
- 55 tests passing (26 API + 29 lib)
- Key leak detection tests (L1/L2/L3 never in responses)
- CLI updated for CVT token format
- Old code archived in _old/
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
James