fix(setup-skill): validate Claude token immediately after it is written to .env#1044
Open
mikegcoleman wants to merge 8 commits intoqwibitai:mainfrom
Open
fix(setup-skill): validate Claude token immediately after it is written to .env#1044mikegcoleman wants to merge 8 commits intoqwibitai:mainfrom
mikegcoleman wants to merge 8 commits intoqwibitai:mainfrom
Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Docker build: forward proxy env vars and disable npm strict-ssl for MITM proxies - WhatsApp: use HttpsProxyAgent for WebSocket, fetch client revision from sw.js - Container runner: forward proxy/CA env vars, add host.docker.internal to NO_PROXY, use empty file instead of /dev/null for .env shadow mount - Credential proxy: route upstream requests through HTTPS proxy agent - Tests: clear proxy env vars in vi.hoisted() to use mocked Baileys path Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Removes node_modules before npm install in setup step 5 to avoid conflicts between old and newly merged channel dependencies. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
cleanupOrphans() filters containers by `name=nanoclaw-`, which also matches the sandbox container (e.g. `nanoclaw-docker-sandbox`). This caused the process to kill its own host container on startup. Filter out the current hostname so the sandbox is never stopped. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…aved Adds a new `validate-credentials` setup step that makes a minimal live API call (POST /v1/messages, max_tokens=1) right after the user writes their token to .env — before channel setup begins. A 401 response fails fast with a clear error, catching invalid or expired tokens immediately instead of surfacing as a confusing agent failure on first WhatsApp message. Supports both auth modes (ANTHROPIC_API_KEY and CLAUDE_CODE_OAUTH_TOKEN). Updates the setup skill to call this step and handle all three outcomes: valid, invalid token, and network error. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…en to .env Adds an inline node credential check to the setup skill's step 4. After the user writes their token to .env, a minimal POST to the Anthropic API (max_tokens=1) confirms the token works before channel setup begins. A 401 response fails fast with a clear message, catching invalid or expired tokens immediately rather than surfacing as a confusing agent error on the first WhatsApp/Telegram message. No source files changed — validation logic lives entirely in the skill as a self-contained node one-liner. Fixes qwibitai#1045 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
mikegcoleman
changed the title
Andy-NanoClaw-AI
added
Status: Needs Review
This was referenced Mar 14, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #1045
Summary
Adds inline credential validation to the setup skill's step 4 (Claude Authentication). After the user writes their token to
.env, a self-containednodeone-liner POSTs a minimal request to the Anthropic API to confirm the token actually works — before channel setup begins.No source files changed. Validation logic lives entirely in
.claude/skills/setup/SKILL.mdas a node one-liner, consistent with the skills-first contribution philosophy.What the inline check does
ANTHROPIC_API_KEY,CLAUDE_CODE_OAUTH_TOKEN, orANTHROPIC_AUTH_TOKENfrom.env(handles quoted values)api.anthropic.com/v1/messageswithmax_tokens: 1— just enough to get an HTTP statusCREDENTIAL_CHECK: ok→ continueCREDENTIAL_CHECK: invalid_token(401) → prompt user to re-runclaude setup-tokenand paste a fresh tokenCREDENTIAL_CHECK: network_error→ warn, let user decide whether to continueCREDENTIAL_CHECK: no_token→ no recognised credential found, re-run step 4Test plan
CREDENTIAL_CHECK: ok, setup continuesCREDENTIAL_CHECK: ok, setup continuesCREDENTIAL_CHECK: invalid_token, user prompted to retry.env→CREDENTIAL_CHECK: no_tokenCREDENTIAL_CHECK: network_errorwith option to continue🤖 Generated with Claude Code