chore: 0.35.1rc6 — doc audit gaps, healthcheck fix, update/uninstall guides

[Nathan Schram (nathanschram)]

Summary

Staging rc6 bundles three independent bodies of work:

1. v0.35.1 documentation audit — comprehensive gap-fill across all 121 doc files (security: bot token leaked in structured log URLs #190, security: unbounded JSONL line buffer can cause OOM crash #191, security: callback query sender not validated in group chats #192, security: user prompt passed as CLI arg without -- separator (flag injection) #194, bug: /ping uptime does not reset on service restart #234, bug: diff_preview gate requires manual approval for every tool after ExitPlanMode in plan mode #283)
2. healthcheck.sh fix — two bugs prevented post-deploy health checks from running (healthcheck.sh exits prematurely due to ((var++)) under set -e #302)
3. update/uninstall guides — new how-to pages for upgrading and removing Untether + README transparency section

1. Documentation audit (8 files, 38 insertions)

Audited all 121 doc files against the 23 issues in v0.35.1. Major features (triggers, /at, hot-reload, restart improvements, OOM fix, stall improvements) were already well-documented. Filled 8 specific gaps:

Security:

• group-chat.md — new "Button press validation" section (security: callback query sender not validated in group chats #192)
• security.md — cross-reference to group validation, fixed misleading SSRF allowlist claim, added bot token auto-redaction tip (security: bot token leaked in structured log URLs #190)

UX:

• plan-mode.md — new "Auto-approval after plan approval" section (bug: diff_preview gate requires manual approval for every tool after ExitPlanMode in plan mode #283)
• interactive-approval.md — admonition linking to plan bypass behaviour
• commands-and-directives.md — /ping now mentions uptime reset and trigger summary (bug: /ping uptime does not reset on service restart #234)

Completeness:

• runners/amp/runner.md — sanitize_prompt() note matching Pi/Gemini runner docs (security: user prompt passed as CLI arg without -- separator (flag injection) #194)
• troubleshooting.md — new "Engine output line cap" section for the 10 MB limit (security: unbounded JSONL line buffer can cause OOM crash #191)
• glossary.md — three new entries: delayed run, webhook action, hot-reload

2. healthcheck.sh fix (#302)

Two bugs in scripts/healthcheck.sh made post-deploy health checks unusable:

• pass()/fail() used ((var++)) which returns pre-increment value, tripping set -e on first call
• Error-log count piped through grep -c . counted journalctl's -- No entries -- meta line

Verified with scripts/healthcheck.sh --version 0.35.1rc5 on staging — all 5 checks run, exit 0.

3. Update/uninstall guides

• New docs/how-to/update.md and docs/how-to/uninstall.md
• README: "What Untether accesses" transparency section (network, filesystem, process, credentials)
• README: update/uninstall one-liners in Quick Start
• Nav entries, cross-links, install.md integration

Addresses a gap found during hesreallyhim/awesome-claude-code evaluation: the repo had zero uninstallation documentation.

Test plan

• uv run ruff format --check src/ tests/ — passes (260 files formatted)
• uv run ruff check src/ — passes (all checks passed)
• uv lock --check — lockfile in sync
• uv run pytest — 2164 passed, 1 skipped, 81.65% coverage
• uv build — wheel and sdist built successfully
• uv run zensical build — docs build clean, no broken links
• TestPyPI publish on merge to dev (auto via release.yml)
• Install rc6 on @hetz_lba1_bot via scripts/staging.sh install 0.35.1rc6 after dev merge
• Integration tests via @untether_dev_bot before final v0.35.1 release

🤖 Generated with Claude Code

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 0ac5e336-ab2c-45d4-892a-2da6f0c7ce3c

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/v0351-audit-gaps

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}