OCR & Timeout Fixes, Vault Backup, Code Eval, Bash & UI

Document processing received several fixes. The ActDispatcher timeout was raised from 10s to 120s to accommodate OCR and multi-page PDFs, and the error message now includes the document name. Upload now re-fetches the terminal status after extraction and reports a success hint on ‘ready’ or a named failure otherwise; extraction exceptions are caught and marked failed so the loop never hangs. The view handler distinguishes ‘failed’ from ‘processing’. Image OCR: text extraction now routes image MIME types through the image analysis service (EXIF strip, dimension normalize, RapidOCR), removing the unused compute_hash path. SonarCloud cleanup addressed a logger call and replaced hardcoded /tmp paths with pytest tmp_path in tests.

Vault wrapped-DEK backups were overhauled after an incident where a re-init orphaned encrypted credentials. On initialization, the service now writes the key material atomically to a persistent backup file with restrictive permissions. During login, the already-verified master password drives a three-outcome flow: normal unlock, backup-based restore (rebuilds vault_config from backup if the live row is missing), or unrecoverable wipe when no backup unwraps. The backup scheme was further hardened by replacing the old one-generation rotation with append-only, timestamped files so a corrupt latest backup is simply skipped; recovery iterates newest-first. A dead vault reinit warning chain—endpoints, frontend banner, and a now-never-set column—was removed entirely, dropping 101 lines.

The code_eval tool was fixed to never return a silent empty success, which had caused infinite retry loops in the ACT loop. It now always returns one of four explicit outcomes: printed output, a full traceback on error (including partial stdout), an explicit no-output error, or a no-code error. Policy was updated to allow code_eval in subconscious and external_agent channels, reflecting that the RestrictedPython sandbox is safe everywhere, and the now-redundant deny entry was removed.

Bash command safety was improved in two layers: a recursive-flag heuristic escalates ‘rm’ with recursion to compound severity, and a destructive check now blocks ‘rm -rf’ (both recursive and force flags) unconditionally, regardless of policy settings. A suite of 126 parametrized tests was added for the classification functions.

Location-only reminders are now functional: when a destination is set but no due date, a 30-day placeholder is generated, enabling location-triggered recall. The search_files default root was changed from home directory to /, and an internal time budget stops the walk early with partial results instead of letting the external timeout discard everything.

Across the Brain dashboard, browser-native confirm() dialogs in the providers, documents, scheduler, and skills tabs were replaced with Radiant design system modals that avoid ID collisions and escape text to prevent XSS. Abilities.sqlite was rebuilt to sync with schema changes, copyright headers were anonymized, and a test update aligned with the new default root.

• Document timeout raised from 10s to 120s; timeout errors now include the document name.

• Image OCR routes through a dedicated pipeline (EXIF strip, dimensions, RapidOCR), removing dead hash code.

• Vault DEK backups written atomically on init; append-only history and password-verified recovery on login prevent credential loss.

• code_eval no longer returns silent empty success—always outputs a traceback, no-output error, or explicit result.

• rm -rf is classified as compound and unconditionally blocked, regardless of policy.

• Location-based reminders now trigger without a due date, using a 30-day placeholder.