derp - Backlog

Core

Multi-server support (per-server config, shared plugins)
Stable plugin API (versioned, breaking change policy)
Paste overflow (auto-paste long output to FlaskPaste)
URL shortener integration (shorten URLs in subscription announcements)
Webhook listener (HTTP endpoint for push events to channels)
Granular ACLs (per-command: trusted, operator, admin)

LLM Bridge

Goal: let an LLM agent interact with the bot over IRC in real-time, with full machine access (bash, file ops, etc.).

Architecture

Owner addresses the bot on IRC. A bridge daemon reads addressed messages, feeds them to an LLM with tool access, and writes replies back through the bot. The bot already has owner config ([bot] owner hostmask patterns) to gate who can trigger LLM interactions.

IRC -> bot stdout (addressed msgs) -> bridge -> LLM API -> bridge -> bot inbox -> IRC

Approach options (ranked)

Claude Code Agent SDK (clean, non-trivial)
- Custom Python agent using anthropic SDK with tool_use
- Define tools: bash exec, file read/write, web fetch
- Persistent conversation memory across messages
- Full control over the event loop -- real-time IRC is natural
- Tradeoff: must implement and maintain tool definitions
Claude Code CLI per-message (simple, stateless)
- echo "user said X" | claude --print --allowedTools bash,read,write
- Each invocation is a cold start with no conversation memory
- Simple to implement but slow startup, no multi-turn context
- Could pass conversation history via system prompt (fragile)
Persistent Claude Code subprocess (hack, fragile)
- Long-running claude process with stdin/stdout piped
- Keeps context across messages within a session
- Not designed for this -- output parsing is brittle
- Session may drift or hit context limits

Bot-side plumbing needed

--llm CLI flag: route logging to file, stdout for addressed msgs
_is_addressed(): DM or nick-prefixed messages
_is_owner(): only owner hostmasks trigger LLM routing
Inbox file polling (/tmp/llm-inbox): bridge writes <target> <msg>
llm-send script: line splitting (400 char), FlaskPaste overflow
Stdout format: HH:MM [#chan] <nick> text / HH:MM --- status
Only LLM-originated replies echoed to stdout (not all bot output)

Previous attempt (reverted)

The --llm mode was implemented and tested (commit ea6f079, reverted in 6f1f4b2). The stdout/stdin plumbing worked but Claude Code CLI cannot act as a real-time daemon -- each tool call is a blocking round-trip, making interactive IRC conversation impractical. The code is preserved in git history for reference.

Plugins -- Security/OSINT

emailcheck -- SMTP VRFY/RCPT TO verification
canary -- canary token generator/tracker
virustotal -- hash/URL/IP/domain lookup (free API)
abuseipdb -- IP abuse confidence scoring (free tier)
jwt -- decode tokens, show claims/expiry, flag weaknesses
mac -- OUI vendor lookup (local IEEE database)
pastemoni -- monitor paste sites for keywords
internetdb -- Shodan InternetDB host recon (free, no API key)

Plugins -- Utility

paste -- manual paste to FlaskPaste
shorten -- manual URL shortening
cron -- scheduled bot commands on a timer

Teams

Microsoft Teams adapter via outgoing webhooks
TeamsBot + TeamsMessage (duck-typed with IRC Message)
HMAC-SHA256 webhook validation
Permission tiers via AAD object IDs
Route send() through SOCKS5 proxy (bug fix)
Adaptive Cards for richer formatting
Graph API integration for DMs
Teams event handlers (member join/leave)

Telegram adapter via long-polling (no SDK)
TelegramBot + TelegramMessage (duck-typed with IRC Message)
All HTTP through SOCKS5 proxy
Message splitting at 4096-char limit
@botusername suffix stripping in groups
Permission tiers via user IDs
Inline keyboard support for interactive replies
Markdown/HTML formatting mode toggle
Webhook mode (for setWebhook instead of getUpdates)

Testing

Plugin command unit tests (encode, hash, dns, cidr, defang)
CI pipeline (Gitea Actions)

4.2 KiB Raw Blame History