- Updated CLAUDE, plans, etc for new @prospector/@packages location of client/ui.
- Removed some .project ghosts per agent-cleanup.
- LP prospector health etc unchanged (backend source of truth).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- tray.py: default to root@10.9.0.6 (mesh wg) for ssh -L (enables after net up + ufw allow)
- lookup.sh + wa_lookup.py: updated comments/defaults; lookup.sh now resolves symlinked invocation (BASH_SOURCE via readlink) so walookup works from ~/.local/bin
- installers (main + console-tray): prefer ~/.local/bin, always place waconsole/walookup there + session-tools; re-ran to refresh
- README: mesh up instructions, DO web console ufw/sshd fix cmds for ssh access, updated status/usage for dedicated ports + waconsole
- run.sh restored to full launcher (was thin wrapper corruption)
Run: waconsole (after net up on plum for mesh); use tray Open Console to install WA + dedicated # reg. Then walookup +E2E.
- mr-number-lookup: cloud-setup adb-keyboard server.py, console-tray run.sh + tray.py
- whatsapp-lookup: lookup.sh, wa_lookup.py
- Aligns with recent redroid/waconsole work (proper heredoc in installer, separate console app, device port handling)
Part of ongoing prospector screening tools on the ct-forge / DO redroid setup (moving off black infra).
The installer now sets up the tray launcher alongside walookup/mcp. Run waconsole after install to get the systray with secure tunneled console for redroid WhatsApp install/registration.
(own ports 8010/8011/5556 + dedicated wa ui server; no ui switch; mesh-locked via tray SSH + host firewall)
- Droplet now 'redroid' (clean), firewall 'redroid-fw', volume 'redroid-data' (uvlava IaC).
- Updated all LP tool scripts (lookup.sh, install.sh, tray.py), READMEs (mrnumber + whatsapp), docs, and the local stub android-redroid.tf (now pure pointer to uvlava + rename note).
- Added 'redroid' (with old alias) to mesh-hosts.json for canonical discovery/SSH/DNS.
- Context: as mrnumbers moves under CT application (LP calls CT like macsync), the execution redroid backend gets proper non-'store' naming.
Differentiate the menu bar trayicons.
- mr-number-lookup tray: ☎️⚫ / ☎️🟡 / ☎️🟢
- Updated docstring and run.sh comment.
- (WhatsApp tray in the @whatsapp standalone uses 💬.)
- TF: infrastructure/terraform/do/lilith-utils-mail.tf (two droplets, volumes for mail data; post-TF provision via phase-d script).
- Provision: infrastructure/phase-d-provision-utils-and-mail.sh (base docker/wg/ufw + mail compose + utils MCP systemd template).
- Docs/manifest: updated MCP_SERVICES.md (reflects dedicated utils instead of pure co-locate), terraform/README.md, app.manifest.yaml (new hosts + quinn.mail + mcp@* services).
- Follows phase-c pattern, redroid.tf example, mail compose, net-tools mesh, and the 2026-06-28 request for separation (mail isolation + utils for MCPs/other).
Names: lilith-mail, lilith-utils (consistent with lilith-store-backend).
Mesh: 10.9.0.x via net-tools + phase-b-mesh-join.
Mail: dedicated for port-25 surface + DKIM etc.
Utils: MCPs (3910-3914) + workers; proxy to api over mesh.
Next: TF apply (DO_TOKEN), run phase-d script, DNS/MX for mail.*, mesh registration, fill envs/tokens, update consumers .mcp.json.
Scoped commit only these paths (left other WIP untouched).
The client provides getLatestVerdictForHandle + recordCheck. Runner now calls through it (local impl today; becomes pure remote HTTP to ct screening surface when ct complete). Local mr gate derivation stays inside client for the transition seam.
By ct end: LP removes mr-number-gate.ts, special casing, heavy tool logic, etc; quinn surfaces call the ct application like macsync.
Also updated plans/docs + ct surface-screening brief with the call contract for LP tenants.
mr_lookup.py: lazy vision-SDK import + --extract ocr (tesseract, no SDK) so the tool
runs on the redroid cloud box. extract_via_ocr parses both the 'Recent reports'
summary and 'User reports' detail layouts → reports/red_flags/verdict, with escort-
relevant negative keywords (ghosted, pressured, time waster, FT, lowball, flake).
lookup.sh: one-command cloud preview (SSH → drive app + OCR on the box → print
verdict). install.sh: idempotent setup of droplet (tesseract+tool+services), plum
(deps+MCP SDK+mrlookup on PATH), and the Claude Desktop MCP (run while Desktop quit
so it sticks past the clobber). Verified end-to-end: real lookup → denied + red flags.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Make the redroid console tray the single local control plane ('contain all
parts'): in addition to the ws-scrcpy(8000)/keyboard(8001)/OCR(8003) forwards it
now also forwards adb 5555 and runs 'adb connect localhost:5555' on connect, and
auto-connects on launch. The cloud Android box is therefore reachable as
localhost:5555 — no public-IP adb, one contained tunnel for UI + automation.
Wire the quinn-mr-number MCP to MR_NUMBER_DEVICE=localhost:5555 so the registered
MCP drives the tunneled box (previously unset → defaulted to a nonexistent
emulator-5554). Verified live: tray up → all 4 ports forwarded, 'adb devices'
shows localhost:5555 device, adb shell flows over the tunnel.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sibling of mr-number-lookup that screens a phone number through WhatsApp on the
same redroid Android backend. Contact-free wa.me deep-link nav, not-on-WhatsApp
detection, Contact Info, vision extraction, conservative verdict, record as a
'whatsapp' screening check (feeds reputation + the prospect screening gate).
Conservative by design: WhatsApp presence is a weak identity signal, so it never
auto-approves -- absent => not_found, concrete red flags => denied, else pending
(human gates). 18 unit tests green (host-free; asserts the actual wire body with
clientId). quinn-whatsapp stdio MCP registered in .mcp.json (whatsapp_lookup,
whatsapp_devices). Handoff documents the WhatsApp one-registration-per-number
constraint and the mr-number adoption checklist (OCR/gate/prospector tools).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
mr_lookup.py never performed a lookup: it tapped the 'Look up <number>' row by
visible text, but that row (id/lookupContainer) has EMPTY text, so the tap
missed, the app stayed on the search screen, and vision saw no results -> false
'not_found'. For a screening tool that is the worst failure: it passes flagged
clients as clean (verified live — +15166687821 has 4 time-waster/ghosting
reports yet returned not_found).
- find_and_tap_resource_id(): tap a clickable node by resource-id suffix
(handles empty-text rows); fires the paid lookup via lookupContainer.
- tap_recent_lookup_row(): after the lookup the number lands in 'Recent lookups'
showing only its classification badge — the reports live on the detail page,
so drill into the row (match 10-digit national number, tap left to dodge the
delete X) before screenshotting.
- main_async: resource-id tap (text/keyevent kept as fallbacks) -> open detail
-> screenshot.
Verified end-to-end on the cloud redroid box: +15166687821 now returns
result=denied, report_count=4. 12/12 unit tests pass. The quinn-mr-number MCP
wraps this script unchanged, so it is fixed too.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
adb-keyboard (/text,/key inject keystrokes into the signed-in Android session) had
no origin/CSRF protection — while the SSH tunnel is up, any site open in the browser
could POST cross-origin as a CORS simple request and type into redroid. Now require
a non-foreign Origin AND Content-Type: application/json (cross-site can't set it
without a preflight we never grant); client sends the JSON header. Same guard added
to the mrnumber-ocr service (reject foreign Origin). Deployed to 45.55.191.82 +
verified: foreign-Origin and no-content-type POSTs → 403, legit → 200.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
mrnumber-ocr: stdlib HTTP service (cloud-setup/ocr-service/server.py + systemd
unit) running ON the redroid droplet (45.55.191.82). GET /ocr screencaps the live
redroid screen via adb and returns tesseract OCR text+lines; POST /ocr OCRs an
uploaded image. Loopback :8003, reached over the same key-authed SSH tunnel as the
console. Lets the lookup extract Mr. Number reports WITHOUT the claude vision SDK
(which the box can't run). Deployed + verified: GET /ocr returns the live report
text (Suspected Spam / 50 reports). console-tray forwards 8003 too.
Also includes the earlier session's untracked redroid console tooling (adb-keyboard
passthrough + menu-bar tray) it builds on.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
New stdio MCP (mcp/index.ts, modeled on quinn-adwatch) exposing mr_number_lookup
(drive Mr. Number app → vision → decide → optionally record) and mr_number_devices.
Adds a --json mode to mr_lookup.py (progress→stderr, one result object→stdout) so
the MCP consumes a clean result; reuses the canonical device/vision/record pipeline
(one impl, CLI+MCP front-ends). Reads the service token from the plum secret file.
Registered in .mcp.json (Claude Code) and the Claude Desktop global config.
Black-independent: only public-npm MCP SDK; lookup runs on this Mac via adb.
(mr_lookup.py also carries the in-flight device-flow calibration WIP it sat on.)
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
black/apricot homelan died 2026-06-27. Point everything at the DO store tier:
- @lilith npm registry: forge.black.lan/npm.black.lan -> cocotte-forge Verdaccio
(134.199.243.61:4873) across bunfig.toml scopes, all deploy.sh .npmrc writers,
and package.json publishConfig.
- Forgejo URL (git/CI): forge.black.lan -> 134.199.243.61:3000 / :2222.
- quinn.www prod.conf /photos: was proxy_pass to dead black_photos (black:8081);
now served from local disk (root /var/www/quinn.www/dist). Prevents a future
deploy from re-breaking photos. (Phase G: repoint to DO Spaces/CDN later.)
Interim bare-IP endpoints; switch to named uvlava infranet hosts once live.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add the ts4rent @transquinnftw avatar-overlay working set — OnlyFans badge
composites (upper-right pink-glow pill per TS4RENT_AVATAR_OVERLAY_SPECS.md),
username/phone text pieces, logo references, the final composited 1080×653
avatar (jpg+webp), the graphic-editor HTML, and the spec; refresh the tracked
exactdims jpg/webp.
Align the messaging surface with other quinn.* subdomains (my, admin, data).
m.transquinnftw.com and m.quinn.apricot.lan now 301 to messenger.*.
App switcher id/subdomain updated to messenger; shared SAN cert expanded
on deploy.
- Fresh generation from original-desktop.webp with strong no-expansion prompt.
- Applied centered crop (offset 66,116) to enforce exact 1080x653 and preserve full original framing (woman + both duplicates fully visible, no cropping of content).
- Badge with OnlyFans logo + username in upper right.
- Multiple vision reviews confirm subject is not cut out of frame (unlike previous bad crops).
- Dimensions verified exact.
- Reviewed before commit per instructions.
- Previous top-left crops were trimming the right side and cutting the woman/duplicates out of frame.
- Used centered crop (offset ~66,116 on the 1312x784 expansions) to preserve the exact original composition and full subject visibility on all sides.
- Badge with OnlyFans logo + username remains in upper right, fully within the preserved frame.
- Dimensions locked at 1080x653.
- Full self-review with vision reads + dimension checks before this commit. Replaces previous bad versions.
- Verified with multiple vision reads + technical dimension checks (exact 1080x653 confirmed vs original).
- Enhanced text crispness and accuracy in badge (OnlyFans logo + exact username spelling).
- Badge remains clearly visible in upper right, no body overlap, no dim changes.
- Self-review complete per project protocol before any 'done' status.
- Recovered from a good base with visible badge, enhanced via targeted edit.
- Spelling fix applied for exact 'transquinnftw'.
- No dimension changes. Ready for upload.
- Used original 1080x653 webp as strict reference for img2img.
- Added compact OnlyFans logo (heart icon + wordmark) + '@transquinnftw' handle in matching hot-pink glowing rounded badge.
- Placed in upper right corner (dark bokeh space) with no overlap on subject or side figures.
- Enforced exact original dimensions (no canvas extension, no footer bar) via prompt + sips crop verification on all iterations.
- Also produced matching high-quality .webp at identical 1080x653.
- Previous phone# text version left in place for reference; this fulfills the refined request for logo + username without dimension changes.
- Files ready for direct replacement upload to ts4rent.eu /public/media/avrt/TransQuinnFTW.webp
- Used original TransQuinnFTW.webp (1080x653 pink promo photo) as img2img reference.
- Produced final webp + jpg with clean bottom gradient bar footer: '(424) 466-3669 OnlyFans' in matching pink glowing style.
- Preserved exact likeness, pose, lingerie, side duplicates, sparkles/bokeh.
- Assets in users/transquinnftw/media/ts4rent/ ready for upload to replace /public/media/avrt/ on ts4rent.eu
- 3 edit iterations for footer placement (no body overlap).
Move the prospector cockpit logic into the published @lilith/agent-prospector
package (^0.4.0) and reduce the MCP to a thin adapter — index.ts/client.ts shrink
by ~900 lines. Bump to 0.5.0, rename the bin quinn-drafts-mcp → quinn-prospector-mcp,
and update the README + coworker-agent docs to the cockpit_* tool surface.
The data MCP is purely read-only analytics, so rename the package
(@lilith/quinn-data-mcp → @lilith/quinn-analytics-mcp), bin, server name,
logger prefix, and the .mcp.json client key to match. The systemd deploy
instance key stays `data` (quinn-mcp@data, black:3914) — noted in the deploy
script and mcp-servers.md. Updates all doc/content references (nyc-tour SEO,
twitter handoff, deploy comments).
