fix: error message points to real path (/plugin manage), not nonexistent subcommand

/plugin reconfigure doesn't exist. The actual path is /plugin manage → select plugin → Configure options (ManagePlugins.tsx:1692). 🏠 Remote-Dev: homespace
feat(telegram,discord): migrate to plugin userConfig secrets
2026-03-20 23:43:07 +00:00 · 2026-03-20 22:34:17 +00:00 · 2026-03-20 21:48:07 +00:00
6 changed files with 50 additions and 22 deletions
--- a/external_plugins/discord/.claude-plugin/plugin.json
+++ b/external_plugins/discord/.claude-plugin/plugin.json
@@ -1,11 +1,20 @@
 {
  "name": "discord",
-  "description": "Discord channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /discord:access.",
-  "version": "0.0.1",
+  "description": "Discord channel for Claude Code — messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /discord:access.",
+  "version": "0.0.2",
  "keywords": [
    "discord",
    "messaging",
    "channel",
    "mcp"
-  ]
+  ],
+  "userConfig": {
+    "DISCORD_BOT_TOKEN": {
+      "type": "string",
+      "title": "Bot Token",
+      "description": "Bot token from the Discord Developer Portal. Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
+      "required": true,
+      "sensitive": true
+    }
+  }
 }
--- a/external_plugins/discord/.mcp.json
+++ b/external_plugins/discord/.mcp.json
@@ -2,7 +2,10 @@
  "mcpServers": {
    "discord": {
      "command": "bun",
-      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"]
+      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
+      "env": {
+        "DISCORD_BOT_TOKEN": "${user_config.DISCORD_BOT_TOKEN}"
+      }
    }
  }
 }
--- a/external_plugins/discord/server.ts
+++ b/external_plugins/discord/server.ts
@@ -34,10 +34,12 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
 const APPROVED_DIR = join(STATE_DIR, 'approved')
 const ENV_FILE = join(STATE_DIR, '.env')

-// Load ~/.claude/channels/discord/.env into process.env. Real env wins.
-// Plugin-spawned servers don't get an env block — this is where the token lives.
+// Token is injected via ${user_config.DISCORD_BOT_TOKEN} from .mcp.json —
+// prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
+// elsewhere. The .env file below is a legacy fallback for users configured
+// before H1 #3617646 — real env wins, so the injected value takes precedence.
 try {
-  // Token is a credential — lock to owner. No-op on Windows (would need ACLs).
+  // Defensive chmod for legacy .env files (no-op on Windows).
  chmodSync(ENV_FILE, 0o600)
  for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
    const m = line.match(/^(\w+)=(.*)$/)
@@ -51,8 +53,8 @@ const STATIC = process.env.DISCORD_ACCESS_MODE === 'static'
 if (!TOKEN) {
  process.stderr.write(
    `discord channel: DISCORD_BOT_TOKEN required\n` +
-    `  set in ${ENV_FILE}\n` +
-    `  format: DISCORD_BOT_TOKEN=MTIz...\n`,
+    `  re-enter via: /plugin manage → discord → Configure options\n` +
+    `  (stored in keychain/credentials.json, not settings.json)\n`,
  )
  process.exit(1)
 }
@@ -423,7 +425,7 @@ const mcp = new Server(
      '',
      'Messages from Discord arrive as <channel source="discord" chat_id="..." message_id="..." user="..." ts="...">. If the tag has attachment_count, the attachments attribute lists name/type/size — call download_attachment(chat_id, message_id) to fetch them. Reply with the reply tool — pass chat_id back. Use reply_to (set to a message_id) only when replying to an earlier message; the latest message doesn\'t need a quote-reply, omit reply_to for normal responses.',
      '',
-      'reply accepts file paths (files: ["/abs/path.png"]) for attachments. Use react to add emoji reactions, and edit_message for interim progress updates. Edits don\'t trigger push notifications — when a long task completes, send a new reply so the user\'s device pings.',
+      'reply accepts file paths (files: ["/abs/path.png"]) for attachments. Use react to add emoji reactions, and edit_message to update a message you previously sent (e.g. progress → result).',
      '',
      "fetch_messages pulls real Discord history. Discord's search API isn't available to bots — if the user asks you to find an old message, fetch more history or ask them roughly when it was.",
      '',
@@ -471,7 +473,7 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
    },
    {
      name: 'edit_message',
-      description: 'Edit a message the bot previously sent. Useful for interim progress updates. Edits don\'t trigger push notifications — send a new reply when a long task completes so the user\'s device pings.',
+      description: 'Edit a message the bot previously sent. Useful for progress updates (send "working…" then edit to the result).',
      inputSchema: {
        type: 'object',
        properties: {
--- a/external_plugins/telegram/.claude-plugin/plugin.json
+++ b/external_plugins/telegram/.claude-plugin/plugin.json
@@ -1,11 +1,20 @@
 {
  "name": "telegram",
-  "description": "Telegram channel for Claude Code \u2014 messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /telegram:access.",
-  "version": "0.0.1",
+  "description": "Telegram channel for Claude Code — messaging bridge with built-in access control. Manage pairing, allowlists, and policy via /telegram:access.",
+  "version": "0.0.2",
  "keywords": [
    "telegram",
    "messaging",
    "channel",
    "mcp"
-  ]
+  ],
+  "userConfig": {
+    "TELEGRAM_BOT_TOKEN": {
+      "type": "string",
+      "title": "Bot Token",
+      "description": "Bot token from @BotFather — format is 123456789:AAH... Stored in keychain (macOS) or ~/.claude/.credentials.json with 0600 permissions elsewhere. Never written to settings.json.",
+      "required": true,
+      "sensitive": true
+    }
+  }
 }
--- a/external_plugins/telegram/.mcp.json
+++ b/external_plugins/telegram/.mcp.json
@@ -2,7 +2,10 @@
  "mcpServers": {
    "telegram": {
      "command": "bun",
-      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"]
+      "args": ["run", "--cwd", "${CLAUDE_PLUGIN_ROOT}", "--shell=bun", "--silent", "start"],
+      "env": {
+        "TELEGRAM_BOT_TOKEN": "${user_config.TELEGRAM_BOT_TOKEN}"
+      }
    }
  }
 }
--- a/external_plugins/telegram/server.ts
+++ b/external_plugins/telegram/server.ts
@@ -27,10 +27,12 @@ const ACCESS_FILE = join(STATE_DIR, 'access.json')
 const APPROVED_DIR = join(STATE_DIR, 'approved')
 const ENV_FILE = join(STATE_DIR, '.env')

-// Load ~/.claude/channels/telegram/.env into process.env. Real env wins.
-// Plugin-spawned servers don't get an env block — this is where the token lives.
+// Token is injected via ${user_config.TELEGRAM_BOT_TOKEN} from .mcp.json —
+// prompted at enable time, stored in keychain (macOS) or .credentials.json 0600
+// elsewhere. The .env file below is a legacy fallback for users configured
+// before H1 #3617646 — real env wins, so the injected value takes precedence.
 try {
-  // Token is a credential — lock to owner. No-op on Windows (would need ACLs).
+  // Defensive chmod for legacy .env files (no-op on Windows).
  chmodSync(ENV_FILE, 0o600)
  for (const line of readFileSync(ENV_FILE, 'utf8').split('\n')) {
    const m = line.match(/^(\w+)=(.*)$/)
@@ -44,8 +46,8 @@ const STATIC = process.env.TELEGRAM_ACCESS_MODE === 'static'
 if (!TOKEN) {
  process.stderr.write(
    `telegram channel: TELEGRAM_BOT_TOKEN required\n` +
-    `  set in ${ENV_FILE}\n` +
-    `  format: TELEGRAM_BOT_TOKEN=123456789:AAH...\n`,
+    `  re-enter via: /plugin manage → telegram → Configure options\n` +
+    `  (stored in keychain/credentials.json, not settings.json)\n`,
  )
  process.exit(1)
 }
@@ -343,7 +345,7 @@ const mcp = new Server(
      '',
      'Messages from Telegram arrive as <channel source="telegram" chat_id="..." message_id="..." user="..." ts="...">. If the tag has an image_path attribute, Read that file — it is a photo the sender attached. Reply with the reply tool — pass chat_id back. Use reply_to (set to a message_id) only when replying to an earlier message; the latest message doesn\'t need a quote-reply, omit reply_to for normal responses.',
      '',
-      'reply accepts file paths (files: ["/abs/path.png"]) for attachments. Use react to add emoji reactions, and edit_message for interim progress updates. Edits don\'t trigger push notifications — when a long task completes, send a new reply so the user\'s device pings.',
+      'reply accepts file paths (files: ["/abs/path.png"]) for attachments. Use react to add emoji reactions, and edit_message to update a message you previously sent (e.g. progress → result).',
      '',
      "Telegram's Bot API exposes no history or search — you only see messages as they arrive. If you need earlier context, ask the user to paste it or summarize.",
      '',
@@ -391,7 +393,7 @@ mcp.setRequestHandler(ListToolsRequestSchema, async () => ({
    },
    {
      name: 'edit_message',
-      description: 'Edit a message the bot previously sent. Useful for interim progress updates. Edits don\'t trigger push notifications — send a new reply when a long task completes so the user\'s device pings.',
+      description: 'Edit a message the bot previously sent. Useful for progress updates (send "working…" then edit to the result).',
      inputSchema: {
        type: 'object',
        properties: {