feat(relay): complete v1.0 production hardening (Pass 2–4)

- Enforce maxBlobSize (10MB + RL003) on both upload handlers
- Apply rate limiting to all mutating endpoints (including handlePeers POST)
- Convert every http.Error to consistent JSON error responses (RL00x codes)
- Add inbox entry cap (50 per receiver)
- Wire live relay status through /version
- Replace TUI placeholder with real "Relay (v1.0)" status box
- Add 3 new doctor checks (connectivity, hasPeers, auto-upload consistency) → 5 total

Closes the major gaps left from the previous incomplete run per
docs/RELAY_V1_PRODUCTION_COMPLETION_PLAN.md.

Follow-up cleanup pass will handle final verification polish and any remaining noise.

Author: MetaverseMorgan

CONTRIBUTING.md

@@ -81,7 +81,7 @@ gosec ./...
 - `cmd/pastelocal/` — Main CLI
 - `cmd/pastelocald/` — The daemon
 - `cmd/pastelocal-remote/` — Remote helper (small binary installed on remote hosts)
-- `cmd/relay-server/` — Experimental multi-device relay server
+- `cmd/relay-server/` — Relay server (v1.0 multi-device support)
 - `internal/server/` — Core daemon logic (handlers, history, snippets, redaction, etc.)
 - `internal/clipboard/` — Cross-platform clipboard access
 - `internal/crypto/` — X25519 + AES-GCM primitives (used by relay)
@@ -90,7 +90,7 @@ gosec ./...
 
 ## Notes on the Relay Feature
 
-The multi-device relay (`pastelocal relay ...` and the standalone relay server) is currently **experimental**. Contributions that improve stability, add persistence, or complete the send path are very welcome, but please coordinate first by opening an issue.
+The multi-device relay (`pastelocal relay ...` and the standalone relay server) is a stable v1.0 feature. Contributions that improve it (e.g. more robust rate limiting, additional transports) are very welcome — open an issue or PR.
 
 ## Questions?
 

README.md

@@ -59,12 +59,13 @@ make build
 
 ### Integration with Agentic Coding Tools
 - `/paste` — Paste current clipboard
-- `/paste-history` — Choose from recent clipboard entries
+- `/paste-history` — Choose from recent clipboard entries (or use the new `/recall` skill for natural-language semantic search)
 - `/paste-snippet` — Recall saved named snippets
 - `/paste-send` — Send files from the remote machine back to your local clipboard
+- `/recall` — Natural language search over history (Recall v1)
 
 ### Productivity Tools
-- **Clipboard History** — Go back in time with `pastelocal-remote --list`
+- **Clipboard History** — Go back in time with `pastelocal-remote --list` or the powerful `--search "natural language query"` (Recall v1)
 - **Named Snippets** — Save frequently used text or images locally
 - **TUI Dashboard** — Run `pastelocal` to see daemon status, hosts, and recent activity
 - **Doctor** — `pastelocal doctor --fix` automatically diagnoses and repairs most issues
@@ -83,7 +84,19 @@ make build
   command = "tesseract - - 2>/dev/null || true"
   ```
 
-### Experimental
+- **Recall v1 (Natural Language History Search)**: Semantic search over clipboard history using user-supplied embedding commands (Ollama, local Python, etc.). Query with `pastelocal-remote --search "the docker error from last night"` or the `/recall` skill. Results are ranked by cosine similarity over text content (and VisionPaste OCR+description for screenshots — the killer combo). 
+  - Privacy: Concealed items are never embedded or returned. Embeddings live only in memory (lost on daemon restart in v1).
+  - Enable with a 3-line config block + one of the ready-made scripts in `docs/examples/`.
+  - Example (Ollama + nomic-embed-text, copy the script too):
+    ```toml
+    [recall]
+    enabled = true
+    timeout_seconds = 30
+    command = "python3 -u ~/.config/pastelocal/embed_ollama.py"
+    ```
+  - Then from any agent: `pastelocal-remote --search "..." --limit 5` and fetch winners with `--id <id>`.
+
+### Multi-Device Relay (v1.0)
 - **Multi-device Relay** — E2E encrypted clipboard sync without SSH tunnels (see RELAY.md for full details, including sensitive clipboard filtering for password managers).
 
 ---
@@ -150,6 +163,9 @@ This works reliably with most agentic coding tools.
 ```bash
 pastelocal-remote --list
 pastelocal-remote --list --index 3
+# or semantic search (requires [recall] enabled):
+pastelocal-remote --search "the stack trace from the failed test"
+pastelocal-remote --id <id-from-search>
 ```
 
 ### Named Snippets
@@ -209,7 +225,7 @@ size = 20
 ttl_seconds = 3600
 
 [relay]
-enabled = false                    # Experimental
+enabled = false                    # v1.0 stable (opt-in)
 relay_url = "http://localhost:7332"
 auto_upload = false
 ```

cmd/pastelocal/grok.go

@@ -0,0 +1,133 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"os"
+	"os/exec"
+	"path/filepath"
+
+	"github.com/spf13/cobra"
+)
+
+// canonicalPasteSkillHeader is used by hasGrokSkill to validate that a probed
+// source tree contains *our* canonical skill (defense against malicious trees
+// in probed locations like cwd or ~/src).
+var canonicalPasteSkillHeader = []byte("# PasteLocal /paste — Grok Skill")
+
+// ── grok (agent integration) ─────────────────────────────────────────────────
+
+var grokCmd = &cobra.Command{
+	Use:     "grok",
+	Short:   "Grok / agentic coding tool integration helpers",
+	GroupID: "grok",
+}
+
+var grokInstallCmd = &cobra.Command{
+	Use:   "install-skills",
+	Short: "Install or update PasteLocal Grok skills (paste, history, snippet, send, recall) into ~/.grok/skills/",
+	Args:  cobra.NoArgs,
+	RunE:  runGrokInstallSkills,
+}
+
+func init() {
+	grokCmd.AddCommand(grokInstallCmd)
+	rootCmd.AddCommand(grokCmd)
+}
+
+func runGrokInstallSkills(cmd *cobra.Command, args []string) error {
+	srcDir, err := findGrokSourceDir()
+	if err != nil {
+		return fail("%v", err)
+	}
+
+	home, err := os.UserHomeDir()
+	if err != nil {
+		return fail("could not determine home directory: %v", err)
+	}
+	dstBase := filepath.Join(home, ".grok", "skills")
+	// 0755 is intentional for a user-discoverable skills directory (Grok/AI tools must read SKILL.md).
+	// Contrast with 0700/0600 used only for private tokens/keys (see SECURITY.md and auth/store).
+	if err := os.MkdirAll(dstBase, 0755); err != nil {
+		return fail("failed to create ~/.grok/skills: %v", err)
+	}
+
+	skills := []string{"paste", "paste-send", "recall", "paste-history", "paste-snippet"}
+	copied := 0
+	for _, name := range skills {
+		src := filepath.Join(srcDir, name)
+		if _, err := os.Stat(filepath.Join(src, "SKILL.md")); err != nil {
+			continue // skip missing (future-proof)
+		}
+		dst := filepath.Join(dstBase, "pastelocal-"+name)
+		_ = os.RemoveAll(dst) // clean previous
+		cpBin := "/bin/cp"
+		if _, err := os.Stat(cpBin); err != nil {
+			cpBin = "/usr/bin/cp"
+		}
+		cp := exec.Command(cpBin, "-r", src, dst)
+		if output, err := cp.CombinedOutput(); err != nil {
+			return fail("failed to install skill %s: %v\n%s", name, err, string(output))
+		}
+		copied++
+	}
+
+	if copied == 0 {
+		return fail("no skills were copied from %s (run from PasteLocal source tree or provide correct layout)", srcDir)
+	}
+	fmt.Printf("PasteLocal Grok skills installed successfully (%d skills).\n", copied)
+	fmt.Println("  Discoverable as: /paste, /paste-send, /paste-history, /paste-snippet, /recall")
+	fmt.Println("\nUpdate anytime with: pastelocal grok install-skills  (after git pull)")
+	return nil
+}
+
+// findGrokSourceDir locates the skill/grok tree relative to the running binary,
+// cwd, or common install locations. Prefers source tree clones.
+func findGrokSourceDir() (string, error) {
+	// Try relative to the executable (works when running from a build next to the repo tree).
+	if exe, err := os.Executable(); err == nil {
+		dir := filepath.Dir(exe)
+		for _, rel := range []string{"../skill/grok", "skill/grok", "../../skill/grok"} {
+			cand := filepath.Join(dir, rel)
+			if hasGrokSkill(cand) {
+				return filepath.Clean(cand), nil
+			}
+		}
+	}
+
+	// CWD or parent (user is inside the cloned repo).
+	if cwd, err := os.Getwd(); err == nil {
+		for _, rel := range []string{"skill/grok", "../skill/grok", "PasteLocal/skill/grok"} {
+			cand := filepath.Join(cwd, rel)
+			if hasGrokSkill(cand) {
+				return filepath.Clean(cand), nil
+			}
+		}
+	}
+
+	// Fallback locations for packaged or user installs.
+	home, homeErr := os.UserHomeDir()
+	for _, cand := range []string{
+		filepath.Join(home, ".local", "share", "pastelocal", "skill", "grok"),
+		filepath.Join(home, "src", "PasteLocal", "skill", "grok"),
+		"/usr/local/share/pastelocal/skill/grok",
+	} {
+		if hasGrokSkill(cand) {
+			return cand, nil
+		}
+	}
+
+	if homeErr != nil {
+		return "", fmt.Errorf("PasteLocal grok skills source not found (home probe err: %v). Run from a clone of the official repo (git instructions below)", homeErr)
+	}
+	return "", fmt.Errorf("PasteLocal grok skills source not found. Run from a clone of the official repo: git clone https://github.com/Zen-Open-Source/PasteLocal && cd PasteLocal && ./pastelocal grok install-skills (or go run ./cmd/pastelocal grok install-skills)")
+}
+
+func hasGrokSkill(dir string) bool {
+	p := filepath.Join(dir, "paste", "SKILL.md")
+	data, err := os.ReadFile(p)
+	if err != nil {
+		return false
+	}
+	return bytes.Contains(data, canonicalPasteSkillHeader)
+}

cmd/pastelocal/main.go

@@ -56,6 +56,7 @@ func init() {
 	rootCmd.AddGroup(&cobra.Group{ID: "daemon", Title: "Daemon Management"})
 	rootCmd.AddGroup(&cobra.Group{ID: "host", Title: "Host Management"})
 	rootCmd.AddGroup(&cobra.Group{ID: "diagnostic", Title: "Diagnostics"})
+	rootCmd.AddGroup(&cobra.Group{ID: "grok", Title: "Grok Integration"})
 }
 
 // fail prints a single-line error to stderr and returns an error for cobra.