.opencode/VoiceServer/stop.sh-31-35 (1)

31-35: ⚠️ Potential issue | 🟠 Major

Do not kill arbitrary listeners on port 8888.

This cleanup will SIGKILL any process bound to :8888, even if the LaunchAgent failed and the port belongs to another app. That makes a normal stop capable of taking down unrelated local services; the same block is duplicated in .opencode/VoiceServer/uninstall.sh:55-58.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/stop.sh around lines 31 - 35, The script currently
SIGKILLs any process on :8888 which can kill unrelated apps; change the cleanup
to only stop the VoiceServer LaunchAgent process by either (a) reading and using
a stored PID file (e.g., create/use a pidfile written when starting the server)
or (b) resolving PIDs from lsof -ti :8888 and verifying each PID's command line
via ps -p <pid> -o args= contains a known identifier (e.g., the
VoiceServer/LaunchAgent job label or the server binary name) before sending a
kill; apply the same guarded logic to the duplicate block in uninstall.sh so
only matching processes are terminated.

.opencode/VoiceServer/uninstall.sh-36-43 (1)

36-43: ⚠️ Potential issue | 🟠 Major

Check launchctl unload before claiming the service is stopped.

Unlike .opencode/VoiceServer/stop.sh:21-25, this path prints success unconditionally. If launchctl unload fails, the uninstall continues with a loaded LaunchAgent and ends with a false Uninstall Complete state.

🐛 Proposed fix

 # Stop the service if running
 echo -e "${YELLOW}> Stopping voice server...${NC}"
 if launchctl list | grep -q "$SERVICE_NAME" 2>/dev/null; then
-    launchctl unload "$PLIST_PATH" 2>/dev/null
-    echo -e "${GREEN}OK Voice server stopped${NC}"
+    if launchctl unload "$PLIST_PATH" 2>/dev/null; then
+        echo -e "${GREEN}OK Voice server stopped${NC}"
+    else
+        echo -e "${RED}X Failed to stop voice server${NC}"
+        exit 1
+    fi
 else
     echo -e "${YELLOW}  Service was not running${NC}"
 fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/uninstall.sh around lines 36 - 43, The uninstall
script currently calls launchctl unload "$PLIST_PATH" and then always prints "OK
Voice server stopped"; change it to check the exit status of launchctl unload
(or test with launchctl list after unload) and only print the success message
when unload succeeds; if unload fails, print an error (including SERVICE_NAME
and PLIST_PATH) and stop or fail the uninstall flow accordingly so the script
does not claim "Uninstall Complete" while the LaunchAgent remains loaded; locate
this logic around the block referencing SERVICE_NAME, PLIST_PATH and launchctl
unload in uninstall.sh.

.opencode/PAI/doc-dependencies.json-98-132 (1)

98-132: ⚠️ Potential issue | 🟠 Major

Track THEPLUGINSYSTEM.md in the dependency manifest.

This PR adds .opencode/PAI/THEPLUGINSYSTEM.md, but authoritative_docs still only enumerates THEHOOKSYSTEM.md. Any integrity tooling driven by this file will miss the new plugin-system doc, despite DOCUMENTATIONINDEX.md being marked tracks_all.

📝 Proposed fix

     "THEHOOKSYSTEM.md": {
       "description": "Hook system detailed documentation",
       "tier": 2,
       "upstream": "PAISYSTEMARCHITECTURE.md"
     },
+
+    "THEPLUGINSYSTEM.md": {
+      "description": "Plugin system detailed documentation",
+      "tier": 2,
+      "upstream": "PAISYSTEMARCHITECTURE.md"
+    },
 
     "PAIAGENTSYSTEM.md": {
       "description": "Agent system detailed documentation",
       "tier": 2,

If PAISYSTEMARCHITECTURE.md now has a dedicated plugin-system section as part of the Hooks → Plugins ADR, wire that dependent relationship in here as well.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/doc-dependencies.json around lines 98 - 132, The dependency
manifest is missing an entry for THEPLUGINSYSTEM.md so integrity tooling will
ignore the new doc; add a new object keyed "THEPLUGINSYSTEM.md" in
.opencode/PAI/doc-dependencies.json with a short "description" (e.g., "Plugin
system documentation"), "tier": 2, and set "upstream":
"PAISYSTEMARCHITECTURE.md" to reflect the Hooks → Plugins relationship (or omit
upstream only if PAISYSTEMARCHITECTURE.md does not contain the plugin section);
ensure this mirrors the style of existing entries like THEHOOKSYSTEM.md and that
DOCUMENTATIONINDEX.md's tracks_all remains unchanged.

.opencode/VoiceServer/restart.sh-15-23 (1)

15-23: ⚠️ Potential issue | 🟠 Major

Propagate stop/start failures before reporting success.

This always reaches the restarted message, so a failing stop.sh or start.sh is converted into a false-positive restart. .opencode/VoiceServer/stop.sh:21-25 already exits non-zero on failure, but that signal is ignored here.

🐛 Proposed fix

 # Stop the server
-"$SCRIPT_DIR/stop.sh"
+if ! "$SCRIPT_DIR/stop.sh"; then
+    exit 1
+fi
 
 # Wait a moment
 sleep 2
 
 # Start the server
-"$SCRIPT_DIR/start.sh"
+if ! "$SCRIPT_DIR/start.sh"; then
+    exit 1
+fi
 
 echo -e "${GREEN}OK Voice server restarted${NC}"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/restart.sh around lines 15 - 23, The restart script
currently ignores failures from "$SCRIPT_DIR/stop.sh" and "$SCRIPT_DIR/start.sh"
and always prints success; update restart.sh to propagate failures by checking
and acting on each command's exit status (or enable strict failure handling),
e.g., run "$SCRIPT_DIR/stop.sh" and if it exits non‑zero immediately exit with
that code, only proceed to sleep and "$SCRIPT_DIR/start.sh" when stop succeeds,
and likewise exit with start.sh's exit code on failure before printing the final
"OK Voice server restarted" message; reference the existing
"$SCRIPT_DIR/stop.sh", "$SCRIPT_DIR/start.sh", and the echo at the end to locate
where to add the checks.

.opencode/VoiceServer/menubar/install-menubar.sh-62-69 (1)

62-69: ⚠️ Potential issue | 🟠 Major

The installed plugin still points menu actions at the default ~/.claude tree.

pai-voice.5s.sh builds its Start/Stop/Restart actions from VOICE_SERVER_DIR, but .opencode/VoiceServer/menubar/pai-voice.5s.sh:7-8 defaults PAI_DIR to $HOME/.claude and .opencode/VoiceServer/menubar/pai-voice.5s.sh:31-49 expands that into .../VoiceServer/*.sh commands. Because .opencode/VoiceServer/install.sh:198-205 calls this installer without exporting an override, the raw symlink here makes the menubar actions target the wrong directory.

🐛 Proposed fix

 # Remove existing plugin if it exists
 rm -f "$PLUGIN_DIR/pai-voice.5s.sh" 2>/dev/null || true
 
-# Create symbolic link to our script
-ln -s "$MENUBAR_SCRIPT" "$PLUGIN_DIR/pai-voice.5s.sh"
+# Install a wrapper so the menubar process keeps the real PAI root
+PAI_DIR="$(cd "$SCRIPT_DIR/../.." && pwd)"
+cat > "$PLUGIN_DIR/pai-voice.5s.sh" <<EOF
+#!/bin/bash
+export PAI_DIR="$PAI_DIR"
+exec "$MENUBAR_SCRIPT"
+EOF
+chmod +x "$PLUGIN_DIR/pai-voice.5s.sh"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/menubar/install-menubar.sh around lines 62 - 69, The
installer currently creates a raw symlink so the menubar plugin
(pai-voice.5s.sh) picks up its default PAI_DIR ($HOME/.claude) instead of the
real VOICE_SERVER_DIR; instead of ln -s to PLUGIN_DIR, copy MENUBAR_SCRIPT into
PLUGIN_DIR/pai-voice.5s.sh and inject or prepend an explicit export/assignment
of PAI_DIR="$VOICE_SERVER_DIR" (or otherwise ensure VOICE_SERVER_DIR is
exported) so the plugin builds Start/Stop/Restart from the correct path; ensure
you still rm -f the old plugin, make the copied file executable, and keep
references to MENUBAR_SCRIPT, PLUGIN_DIR, pai-voice.5s.sh and VOICE_SERVER_DIR
to locate the changes.

.opencode/PAI/THEHOOKSYSTEM.md-374-403 (1)

374-403: ⚠️ Potential issue | 🟠 Major

The voice configuration examples weren't updated for default routing.

This PR moves notifications to voice_id: "default" with provider-side resolution, but these sections still teach an explicit voiceId/ElevenLabs-ID setup and troubleshoot invalid hardcoded IDs. That sends readers back to the deprecated configuration model instead of the new default-routing flow.

Also applies to: 461-485, 824-843, 1150-1154

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/THEHOOKSYSTEM.md around lines 374 - 403, Update the voice
configuration examples and explanatory text to use the new default-routing model
instead of hardcoded ElevenLabs IDs: replace references showing a direct
ElevenLabs voiceId (e.g., the JSON daidentity.voiceId example and any usage
showing getVoiceId() returning an ElevenLabs-ID) with guidance to set voice_id:
"default" and note that provider-side resolution will pick the actual voice;
update associated examples and troubleshooting that mention invalid hardcoded
IDs (affecting the sections around the getVoiceId/getIdentity usage and the
ranges called out) so they instruct readers to rely on "default" routing and
provider configuration rather than embedding an ElevenLabs voiceId.

.opencode/PAI/PIPELINES.md-9-9 (1)

9-9: ⚠️ Potential issue | 🟠 Major

The documented pipeline location is inconsistent.

Line 9 says personal definitions live under USER/PIPELINES/, but Line 86 and Lines 161-165 tell users to create them under ~/.opencode/PAI/PIPELINES/. Only one location can be correct, so this guide currently sends readers to different trees depending on which section they follow.

Also applies to: 86-86, 161-165

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/PIPELINES.md at line 9, The doc contains two inconsistent
paths for personal pipeline definitions: the string "USER/PIPELINES/" (appearing
in the header/line 9) and the string "~/.opencode/PAI/PIPELINES/" (appearing
around lines 86 and 161-165); pick the correct canonical location and update all
occurrences so they match (replace every "USER/PIPELINES/" or
"~/.opencode/PAI/PIPELINES/" instance with the chosen path), and ensure any
examples or instructions that reference creating directories use that same
canonical path throughout the file.

.opencode/PAI/Tools/ValidateSkillStructure.ts-51-64 (1)

51-64: ⚠️ Potential issue | 🟠 Major

visitedPaths is never populated before recursion.

The cycle check at Lines 63-64 always sees the original empty set because no canonical path is added before Line 141 recurses. A symlink loop will still recurse indefinitely despite the guard.

Also applies to: 140-141

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/ValidateSkillStructure.ts around lines 51 - 64, The
cycle-guard Set visitedPaths is never populated before recursion in
scanDirectory, so symlinked directory cycles still recurse; fix by adding the
resolved canonical path (the value from realpath assigned to canonical) to
visitedPaths before recursing into scanDirectory (and optionally remove it after
returning if you want per-branch tracking), and ensure the same pattern is
applied at the other recursion site around lines that call scanDirectory
(references: function scanDirectory, variables visitedPaths and canonical, and
the recursive scanDirectory(...) calls).

.opencode/PAISECURITYSYSTEM/HOOKS.md-60-71 (1)

60-71: ⚠️ Potential issue | 🟠 Major

The YAML pattern-loading section is not backed by the implementation.

Lines 62-66 and 244-254 say the validator loads patterns.yaml and patterns.example.yaml, but the handler currently uses in-code DANGEROUS_PATTERNS and WARNING_PATTERNS, and patterns.example.yaml is not consumed. Leaving this here suggests a customization path that has no effect.

Also applies to: 75-117, 242-254

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAISECURITYSYSTEM/HOOKS.md around lines 60 - 71, The docs describe
cascading pattern loading but the code uses hard-coded DANGEROUS_PATTERNS and
WARNING_PATTERNS and never reads patterns.example.yaml; update the handler to
load patterns from USER/PAISECURITYSYSTEM/patterns.yaml first, fall back to
PAISECURITYSYSTEM/patterns.example.yaml if the user file is missing, and
fail-open (allow all) only if neither file exists. Concretely, add a YAML load
routine (using your existing YAML parser) invoked during handler initialization
(the function/method that currently references DANGEROUS_PATTERNS and
WARNING_PATTERNS) to populate those pattern variables from the loaded file, keep
the in-code arrays only as last-resort defaults or remove them, and ensure the
code path that checks patterns references the loaded pattern structures so
patterns.example.yaml is actually consumed.

.opencode/VoiceServer/start.sh-24-29 (1)

24-29: ⚠️ Potential issue | 🟠 Major

Don't return success before /health is actually up.

Line 25 short-circuits on the LaunchAgent label, but the real readiness signal in this file is the /health probe at Lines 39-45. That means this script can exit 0 without ever proving the server is reachable, and Lines 43-46 also keep a failed startup as success. Make the health check the success condition in both branches and fail if it never comes up.

Also applies to: 38-46

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/start.sh around lines 24 - 29, The current early
return when the LaunchAgent label ($SERVICE_NAME) is present lets the script
succeed before the actual readiness probe (/health) is verified; change both the
"already running" branch and the post-start branch to actively poll the /health
endpoint (with a short sleep/retry loop and a timeout) and only exit 0 once
/health returns success, otherwise exit non-zero after the timeout; update the
checks around launchctl list/launchctl start and the health probe logic at the
existing /health polling block so both branches reuse the same polling routine
and fail if the probe never becomes healthy.

.opencode/VoiceServer/menubar/pai-voice.5s.sh-7-8 (1)

7-8: ⚠️ Potential issue | 🟠 Major

The fallback path still points at the pre-rename install root.

Lines 7-8 default VOICE_SERVER_DIR to ~/.claude/VoiceServer, but this PR moved the service to .opencode/VoiceServer. If SwiftBar doesn't inherit PAI_DIR, Start/Stop/Restart/Status will all target scripts that are no longer there.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/menubar/pai-voice.5s.sh around lines 7 - 8, The
fallback PAI_DIR/VOICE_SERVER_DIR values still point to the old install root;
update the defaults so PAI_DIR falls back to "$HOME/.opencode" (or set
VOICE_SERVER_DIR to "$HOME/.opencode/VoiceServer" when PAI_DIR is unset) so
Start/Stop/Restart/Status target the moved service; modify the PAI_DIR and/or
VOICE_SERVER_DIR assignments (symbols: PAI_DIR and VOICE_SERVER_DIR) to use the
new .opencode location.

.opencode/PAI/Tools/GenerateSkillIndex.ts-52-87 (1)

52-87: ⚠️ Potential issue | 🟠 Major

Symlinked directory walks need cycle detection here too.

Lines 63-87 follow directory symlinks recursively, but this walker never records canonical paths. A loop or duplicate symlink under skills/ can re-enter the same tree forever and hang index generation.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/GenerateSkillIndex.ts around lines 52 - 87,
findSkillFiles can infinite-loop when following directory symlinks because it
never tracks canonical paths; modify findSkillFiles to accept or create a
visited Set<string> of realpaths and, before recursing into fullPath (and before
processing the directory), call fs.promises.realpath(fullPath) to get its
canonical path, skip if that canonical path is already in visited, otherwise add
it to visited and then recurse using the same visited set; reference symbols:
findSkillFiles, fullPath, entry.isSymbolicLink, stat, and the recursive call
findSkillFiles(fullPath) so you replace that recursion with a checked call that
passes the visited set to prevent cycles and duplicate traversal.

.opencode/PAI/Tools/GenerateSkillIndex.ts-374-374 (1)

374-374: ⚠️ Potential issue | 🟠 Major

Unexpected generator failures still report success.

Line 374 only prints the rejection. If scanning or writeFile() fails, automation will keep the stale skill-index.json because the process still exits 0.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/GenerateSkillIndex.ts at line 374, The current top-level
call main().catch(console.error) only logs rejections and leaves the process
exit code as 0, so failures in main (including writeFile() errors when
generating skill-index.json) appear successful; change the catch to log the
error and terminate the process with a non-zero exit (e.g., in the main().catch
handler call process.exit(1) after console.error) so any thrown errors from main
or writeFile() cause CI/automation to fail and prevent stale skill-index.json
from being considered a success.

.opencode/PAI/Tools/ValidateSkillStructure.ts-97-105 (1)

97-105: ⚠️ Potential issue | 🟠 Major

Category metadata is being counted as a flat skill.

Once a top-level category adds the Category/SKILL.md required by Lines 112-120, the pathParts.length === 1 branch at Lines 102-105 increments flatSkills and validates that category as a normal skill. That makes the flat/hierarchical totals unreliable for any categorized tree.

Also applies to: 112-120

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/ValidateSkillStructure.ts around lines 97 - 105, The
flat-skill branch is counting top-level category metadata (the Category/SKILL.md
files) as regular skills; update the logic around pathParts, flatSkills and the
validateSkill call to skip category metadata files — e.g., detect and ignore
files whose basename is "SKILL.md" or whose first path part equals "Category"
(or otherwise matches your category metadata pattern) before incrementing
flatSkills and calling validateSkill so category metadata isn't included in
flat/hierarchical totals.

.opencode/PAI/Tools/SkillSearch.ts-203-203 (1)

203-203: ⚠️ Potential issue | 🟠 Major

Unexpected failures still exit 0.

Line 203 only logs the rejection. If readFile() or JSON.parse() fails, wrappers and CI jobs will still see a successful run.

Suggested fix

-main().catch(console.error);
+main().catch((error) => {
+  console.error(error);
+  process.exit(1);
+});

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/SkillSearch.ts at line 203, The top-level promise
rejection handler currently only logs errors (main().catch(console.error)), so
unexpected failures (e.g., readFile()/JSON.parse() inside main) still return
exit code 0; change the rejection handler to log the error and exit non‑zero
(for example, replace the simple console.error handler with a callback that
calls console.error(err) and then process.exit(1)) so the process reflects
failure when main() rejects.

.opencode/PAISECURITYSYSTEM/HOOKS.md-9-17 (1)

9-17: ⚠️ Potential issue | 🟠 Major

This doc describes a hook entrypoint that the codebase no longer exposes.

The current implementation lives in .opencode/plugins/handlers/security-validator.ts and is wired through .opencode/plugins/pai-unified.ts, so the stdin/exit-code contract here, the settings.json registration in Lines 160-191, and the direct bun ~/.opencode/hooks/SecurityValidator.hook.ts tests in Lines 221-235 all point to the wrong integration surface.

Also applies to: 48-57, 156-191, 219-236

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAISECURITYSYSTEM/HOOKS.md around lines 9 - 17, The HOOKS.md entry
for SecurityValidator.hook.ts is stale: update the doc to reference the actual
implementation at .opencode/plugins/handlers/security-validator.ts and its
registration/wiring via .opencode/plugins/pai-unified.ts instead of the old
stdin/exit-code contract, remove or correct the incorrect settings.json
registration and direct bun hook test instructions, and make sure the
Trigger/Matchers section and any example invocation reflect how
.opencode/plugins/pai-unified.ts wires the hook into PreToolUse so readers
follow the real integration surface.

.opencode/PAI/THEHOOKSYSTEM.md-354-368 (1)

354-368: ⚠️ Potential issue | 🟠 Major

The copied PAI_DIR example still points to the old install root.

This file consistently documents ~/.opencode, but Lines 357-362 tell users to set PAI_DIR="$HOME/.claude". If they paste that block, every ${PAI_DIR}/hooks/... example resolves to the wrong directory.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/THEHOOKSYSTEM.md around lines 354 - 368, The PAI_DIR example
currently points to the old install root ("$HOME/.claude"); update the JSON
snippet so PAI_DIR matches the rest of the document (e.g., "PAI_DIR":
"$HOME/.opencode" or "~/.opencode") so that all ${PAI_DIR}/hooks/... paths
resolve correctly; change the example value for the PAI_DIR environment variable
in the block that shows the env section to the new install root used throughout
the file.

.opencode/VoiceServer/menubar/pai-voice.5s.sh-44-48 (1)

44-48: ⚠️ Potential issue | 🟠 Major

SwiftBar bash= parameter must reference an executable path, not inline command strings.

Lines 44, 46, and 48 embed full shell commands as string values in bash=. SwiftBar's bash= parameter accepts only an absolute file path to an executable; parameters are passed separately via param0=, param1=, etc. The correct pattern is bash=/bin/bash param0=-c param1="your command here".

To fix:

• Line 44 (tail): bash=/bin/bash param0=-c param1="tail -f ~/Library/Logs/pai-voice-server.log"
• Line 46 (curl): bash=/bin/bash param0=-c param1='curl -X POST http://localhost:8888/notify -H "Content-Type: application/json" -d "{\"message\":\"Testing voice server\"}"'
• Line 48 (open): bash=/usr/bin/open param1="$VOICE_SERVER_DIR"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/menubar/pai-voice.5s.sh around lines 44 - 48, Replace
the SwiftBar menu item lines that use inline commands inside bash= (the three
echo lines containing "tail -f ~/Library/Logs/pai-voice-server.log", the curl
POST command, and "open $VOICE_SERVER_DIR") with the proper SwiftBar invocation
form: set bash to an absolute executable path (e.g., bash=/bin/bash for tail and
curl, bash=/usr/bin/open for open), pass -c via param0 when using /bin/bash, and
put the full command in param1 (ensuring proper quoting/escaping for the curl
JSON payload); for the open action use bash=/usr/bin/open and pass the directory
via param1="$VOICE_SERVER_DIR".

.opencode/VoiceServer/install.sh-136-149 (1)

136-149: ⚠️ Potential issue | 🟠 Major

Harden startup verification to avoid flaky installs and false-positive smoke tests.

Line 137 uses a fixed delay plus a single health check, and Lines 146-149 do not fail on HTTP errors from /notify. This can mark installs as failed/successful incorrectly.

Suggested reliability fix

-# Wait for server to start
-sleep 2
-
-# Test the server
-echo -e "${YELLOW}> Testing voice server...${NC}"
-if curl -s -f -X GET http://localhost:8888/health > /dev/null 2>&1; then
+echo -e "${YELLOW}> Testing voice server...${NC}"
+max_attempts=15
+attempt=1
+until curl -s -f http://localhost:8888/health > /dev/null 2>&1; do
+    if [ "$attempt" -ge "$max_attempts" ]; then
+        echo -e "${RED}X Voice server is not responding${NC}"
+        echo "  Check logs at: $LOG_PATH"
+        echo "  Try running manually: bun run $SCRIPT_DIR/server.ts"
+        exit 1
+    fi
+    sleep 1
+    attempt=$((attempt + 1))
+done
+
+if curl -s -f http://localhost:8888/health > /dev/null 2>&1; then
     echo -e "${GREEN}OK Voice server is running${NC}"
 
     # Send test notification
     echo -e "${YELLOW}> Sending test notification...${NC}"
-    curl -s -X POST http://localhost:8888/notify \
+    curl -s -f -X POST http://localhost:8888/notify \
         -H "Content-Type: application/json" \
         -d '{"message": "Voice server installed successfully"}' > /dev/null
     echo -e "${GREEN}OK Test notification sent${NC}"
 else

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/install.sh around lines 136 - 149, The startup
verification is flaky because it uses a fixed sleep then a single curl health
check and ignores HTTP errors on /notify; replace the fixed sleep + one-shot
curl against /health with a retry loop (e.g., attempt curl -f to
http://localhost:8888/health with a short delay between tries and an overall
timeout) so the script only proceeds when the service actually responds 200, and
also make the POST to /notify use a failing curl flag and check its exit status
(fail the install with a non-zero exit if the notify request fails); update the
health check and notify invocations in the install.sh snippet (the curl calls to
/health and /notify) accordingly.

.opencode/VoiceServer/pronunciations.json-1-6 (1)

1-6: ⚠️ Potential issue | 🟡 Minor

Clarify or update the source of truth reference.

The _comment references skills/PAI/USER/PRONUNCIATIONS.md as the source of truth, but this file does not exist in the repository. If a source documentation file is intended, ensure it exists at the correct path. If planning to create it, use .opencode/skills/PAI/USER/PRONUNCIATIONS.md for consistency with the project's directory structure.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/pronunciations.json around lines 1 - 6, Update the
_comment entry in pronunciations.json to point to the correct source-of-truth
path or create the referenced file: either change "_comment" to reference
".opencode/skills/PAI/USER/PRONUNCIATIONS.md" or add that file under
.opencode/skills/PAI/USER with the documentation for the entries in the
"replacements" array (e.g., PAI and ISC); ensure the string in "_comment"
matches the actual file location so the repository reference is accurate.

.opencode/VoiceServer/status.sh-59-75 (1)

59-75: ⚠️ Potential issue | 🟡 Minor

Status output still assumes ElevenLabs-only routing.

The PR switches voice resolution to TTS_PROVIDER plus dynamic "default" voices, but this block still keys entirely off ELEVENLABS_API_KEY / ELEVENLABS_VOICE_ID and otherwise reports macOS say. Any non-ElevenLabs provider will now look like fallback or misconfiguration even when it is working.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/status.sh around lines 59 - 75, Update the status
block to prefer TTS_PROVIDER (and the chosen voice variable, e.g., TTS_VOICE or
dynamic "default") rather than only checking ELEVENLABS_API_KEY/VOICE_ID: read
TTS_PROVIDER from ENV_FILE (falling back to checking ELEVENLABS_API_KEY for
compatibility), print "Provider: $TTS_PROVIDER" and the resolved voice id/name
(e.g., TTS_VOICE or ELEVENLABS_VOICE_ID when provider is elevenlabs), and only
show the macOS 'say' fallback when no provider is configured; adjust the
conditional logic around ENV_FILE, ELEVENLABS_API_KEY, ELEVENLABS_VOICE_ID,
TTS_PROVIDER and TTS_VOICE to reflect this.

.opencode/PAI/THEPLUGINSYSTEM.md-248-260 (1)

248-260: ⚠️ Potential issue | 🟡 Minor

The library count is inconsistent.

This section says 8 libraries, but the table here lists 9, and the header / architecture sections also say 9.

📝 Suggested fix

-## Library Reference (8 Libraries)
+## Library Reference (9 Libraries)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/THEPLUGINSYSTEM.md around lines 248 - 260, Update the
mismatched library count by changing the header "Library Reference (8
Libraries)" to the correct number "Library Reference (9 Libraries)" and verify
any other occurrences of the count in this document (e.g., architecture/summary
sections) to match; confirm the table entries (file-logger.ts, paths.ts,
identity.ts, time.ts, sanitizer.ts, injection-patterns.ts, learning-utils.ts,
model-config.ts, db-utils.ts) are all intended and if not remove the extra row
instead of changing the header. Ensure the header text and any summary mentions
use the same numeric value so the document is consistent.

.opencode/VoiceServer/install.sh (1)

54-56: Make ELEVENLABS_API_KEY parsing more robust.

Lines 54-56 can misread quoted values, whitespace, or multiple entries. Prefer extracting the last exact-key match and trimming quotes.

Suggested parsing refactor

-if [ -f "$ENV_FILE" ] && grep -q "ELEVENLABS_API_KEY=" "$ENV_FILE"; then
-    API_KEY=$(grep "ELEVENLABS_API_KEY=" "$ENV_FILE" | cut -d'=' -f2)
+if [ -f "$ENV_FILE" ] && grep -qE '^[[:space:]]*ELEVENLABS_API_KEY=' "$ENV_FILE"; then
+    API_KEY=$(
+      grep -E '^[[:space:]]*ELEVENLABS_API_KEY=' "$ENV_FILE" \
+      | tail -n 1 \
+      | sed -E 's/^[[:space:]]*ELEVENLABS_API_KEY=[[:space:]]*//; s/^[\"\x27]//; s/[\"\x27]$//'
+    )

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/VoiceServer/install.sh around lines 54 - 56, The current parsing
of ELEVENLABS_API_KEY in ENV_FILE can mis-handle quoted values, whitespace, or
multiple occurrences; update the logic that sets API_KEY to: search only for
lines that begin with the exact key (use a caret-anchored match for
ELEVENLABS_API_KEY=), take the last matching line if multiple exist, split on
the first '=' to get the full RHS, then trim leading/trailing whitespace and any
surrounding single or double quotes before assigning to API_KEY and performing
the existing checks (API_KEY != "your_api_key_here" and -n check). Ensure these
steps are applied where ENV_FILE and API_KEY are referenced so quoted or spaced
values and duplicate keys are handled robustly.

.opencode/PAI/Tools/GenerateSkillIndex.ts (1)

86-90: Consider using async stat for consistency.

The function uses async file operations throughout but switches to synchronous existsSync here. While not a bug, using access from fs/promises would maintain consistency.

♻️ Optional refactor for async consistency

+import { readdir, readFile, writeFile, stat, realpath, access } from 'fs/promises';
+import { constants } from 'fs';
 import { join, relative, sep } from 'path';
-import { existsSync } from 'fs';

         // Check for SKILL.md in this directory
         const skillMdPath = join(fullPath, 'SKILL.md');
-        if (existsSync(skillMdPath)) {
+        try {
+          await access(skillMdPath, constants.F_OK);
           skillFiles.push(skillMdPath);
+        } catch {
+          // SKILL.md doesn't exist in this directory
         }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.opencode/PAI/Tools/GenerateSkillIndex.ts around lines 86 - 90, The code
currently uses the synchronous existsSync to check SKILL.md (skillMdPath) which
breaks the async pattern; replace the existsSync check with an async fs.promises
access/stat call (e.g., await access(skillMdPath) or await stat(skillMdPath))
and only push to skillFiles when the promise resolves, handling failures with a
try/catch so the function remains fully async; also update imports to use
fs/promises or destructure access/stat from 'fs/promises' and adjust the
surrounding function to await this check.