65 lines
2.6 KiB
Markdown
65 lines
2.6 KiB
Markdown
# 2026-01-31 (Saturday)
|
|
|
|
## Mail Agent Refactor
|
|
- Stripped all triage logic (L1/L2/L3) — mail-agent is now pure IMAP/SMTP API
|
|
- Webhook POSTs raw email to OpenClaw, I do all the thinking
|
|
- **Philosophy:** I understand emails, not pattern-match senders. No rigid rules.
|
|
- Actionable emails → dashboard tasks with reminders before deadlines
|
|
- Example: Chase Prime Visa due Feb 7 → reminder set for Feb 6, 10am ET
|
|
|
|
## inou Mobile Project Created
|
|
**Repo:** `git@zurich.inou.com:inou-mobile.git`
|
|
**Local:** `/home/johan/dev/inou-mobile/`
|
|
|
|
**Architecture decision:** Thin native shell + WebView hybrid
|
|
- Native Flutter handles: OCR, voice-to-text, biometrics, fancy input
|
|
- WebView loads: inou.com/app/* (existing Go/HTML content)
|
|
- NOT rewriting everything in Flutter — right tool for each job
|
|
|
|
**Features built (6 subagents):**
|
|
- WebView integration with JS bridge
|
|
- Camera + ML Kit OCR (barcode-first, then text)
|
|
- Voice input (speech_to_text)
|
|
- Biometrics (Face ID/Touch ID with configurable lock policy)
|
|
- Fancy input screen
|
|
|
|
**Web input screen also created:** `templates/input.tmpl` + `input.js` + `input.css`
|
|
- Same UX on web and mobile (loaded via WebView)
|
|
- Voice: Web Speech API
|
|
- Camera: getUserMedia + backend OCR endpoint
|
|
|
|
## Flutter Web Learnings
|
|
- Flutter web renders to `<canvas>` — no real text, no SEO
|
|
- Fine for app (behind auth), bad for marketing pages
|
|
- Keep Go/HTML for public pages (landing, pricing, privacy)
|
|
|
|
## OpenClaw Updated
|
|
- Updated to 2026.1.30 (package installed, CLI cache may show old version)
|
|
- New: Kimi K2.5, MiniMax OAuth, CLI completions, security fix
|
|
|
|
## Nuclei Scan Completed
|
|
- Full vulnerability scan on inou.com from Zurich server
|
|
- **34 findings, all informational** — no critical/high/medium vulnerabilities
|
|
- Missing security headers (11) — recommendation to add in Caddy
|
|
- DNS properly configured (SPF, DMARC with p=reject)
|
|
- TLS 1.2/1.3 ✅, ZeroSSL cert
|
|
- DNSSEC not enabled (low priority recommendation)
|
|
- **Reports saved:** `~/dev/docs/soc2/nuclei-report-2026-01-31.md`
|
|
|
|
## Test Device
|
|
- ThinkPhone 1 (Motorola/Lenovo) — Johan's Android test device
|
|
|
|
## Email Review (evening)
|
|
**Action items identified:**
|
|
- UID 60: Barclays Fraud Alert (Jan 15) — needs verification
|
|
- UID 34: UPS Import Fees Due (Jan 21) — needs payment
|
|
- UID 54: DigiKey ACTION REQUIRED (Jan 20) — check message
|
|
- UID 42: Cryo-Cell Annual Renewal (Jan 21) — decision needed
|
|
- UID 24: Health Link Phlebotomy Invoice #000046
|
|
|
|
**Sophia-related:**
|
|
- UID 25: All About Pediatrics Order #90158
|
|
- UID 61, 65: Cigna claims processed for Sophia
|
|
|
|
~17 routine emails ready to archive (shipping confirmations, Zillow, pool reports)
|