docs: update README with new features

- Add Commands section with /js, /python, /ts, /bash, /run - Document Piston API fallback for sandbox - Add OpenRouter as AI provider option - Document PostgreSQL/Redis storage layer - Update architecture diagram - Add Sandbox Backends section explaining auto-detection https://claude.ai/code/session_015VqJ7gN4vaxtYfYc92UjLs
2026-01-30 08:19:24 +00:00 · 2026-01-30 08:19:24 +00:00 · 30e9eec9fb
commit 30e9eec9fb
parent 64e840849f
1 changed files with 78 additions and 29 deletions
--- a/secure/README.md
+++ b/secure/README.md
@ -21,10 +21,17 @@ Your AI agent that runs on your infrastructure, answers only to you, and you can
 ```
 ┌─────────────────────────────────────────────────────┐
 │  TELEGRAM (your secure UI)                          │
-│  ├── Chat with AI (text, voice, images)             │
+│  ├── Chat with AI (text, images, documents)         │
 │  ├── Code execution (15+ languages)                 │
 │  ├── Forward anything → get analysis                │
 │  └── /commands for actions                          │
 ├─────────────────────────────────────────────────────┤
 │  CODE EXECUTION                                     │
 │  ├── /js, /python, /ts, /bash - Quick execute       │
 │  ├── /run <lang> <code> - Any language              │
 │  ├── Docker (local) or Piston API (cloud)           │
 │  └── Isolated, no network, resource limits          │
 ├─────────────────────────────────────────────────────┤
 │  WEBHOOKS IN (authenticated)                        │
 │  ├── GitHub → "PR merged, here's the summary"       │
 │  ├── Uptime → "Site down, checking why..."          │
@ -35,26 +42,46 @@ Your AI agent that runs on your infrastructure, answers only to you, and you can
 │  ├── Monitor RSS/sites                              │
 │  └── Recurring research                             │
 ├─────────────────────────────────────────────────────┤
-│  SANDBOX (isolated execution)                       │
+│  PERSISTENCE (optional)                             │
-│  ├── Docker container                               │
+│  ├── PostgreSQL - Tasks, user profiles              │
-│  ├── No network by default                          │
+│  ├── Redis - Conversations, cache                   │
-│  └── Resource limits                                │
+│  └── Personality learning per user                  │
 └─────────────────────────────────────────────────────┘
 ```
 ## Commands
 | Command | Description |
 |---------|-------------|
 | `/js <code>` | Run JavaScript |
 | `/python <code>` | Run Python |
 | `/ts <code>` | Run TypeScript |
 | `/bash <code>` | Run shell commands |
 | `/run <lang> <code>` | Run any language |
 | `/status` | Bot & sandbox status |
 | `/clear` | Clear conversation |
 | `/schedule` | Schedule AI tasks |
 | `/tasks` | List scheduled tasks |
 | `/help` | Full command list |
 **Supported Languages**: python, javascript, typescript, bash, rust, go, c, cpp, java, ruby, php
 ## Deploy to Railway
-### One-Click
+### One-Click (Recommended)
-[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/assurebot)
+[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/new/template?template=https://github.com/TNovs1/moltbot/tree/main&envs=TELEGRAM_BOT_TOKEN,ALLOWED_USERS,ANTHROPIC_API_KEY)
 This auto-provisions PostgreSQL and Redis for persistence.
 ### Manual
 1. Fork this repo
 2. Create Railway project from GitHub
-3. Set environment variables (see below)
+3. **Set Root Directory to `secure`**
-4. Add volume at `/data`
+4. Set environment variables (see below)
-5. Deploy
+5. Optionally add PostgreSQL and Redis services
 6. Deploy
 ## Configuration
@ -65,23 +92,34 @@ Your AI agent that runs on your infrastructure, answers only to you, and you can
 ```bash
 TELEGRAM_BOT_TOKEN=123456:ABC-DEF...    # From @BotFather
 ALLOWED_USERS=123456789,987654321       # Telegram user IDs
-ANTHROPIC_API_KEY=sk-ant-...            # Or OPENAI_API_KEY
+
 # Pick ONE AI provider:
 ANTHROPIC_API_KEY=sk-ant-...            # Claude
 OPENAI_API_KEY=sk-...                   # GPT-4
 OPENROUTER_API_KEY=sk-or-...            # 100+ models
 ```
 ### Optional
 ```bash
-# Webhooks
+# AI Model (optional - uses sensible defaults)
-WEBHOOK_SECRET=random-32-chars          # Auto-generated if missing
+AI_MODEL=claude-sonnet-4-20250514       # or gpt-4o, etc.
 WEBHOOK_BASE_PATH=/hooks                # Default: /hooks
-# Sandbox
+# Storage (auto-wired on Railway template)
-SANDBOX_ENABLED=true                    # Default: true
+DATABASE_URL=postgres://...             # PostgreSQL
 REDIS_URL=redis://...                   # Redis
 # Sandbox (enabled by default)
 SANDBOX_ENABLED=true                    # Auto-detects Docker or Piston API
 SANDBOX_NETWORK=none                    # none | bridge
 SANDBOX_MEMORY=512m
 SANDBOX_CPUS=1
 SANDBOX_TIMEOUT_MS=60000
 # Webhooks
 WEBHOOK_SECRET=random-32-chars          # Auto-generated if missing
 WEBHOOK_BASE_PATH=/hooks                # Default: /hooks
 # Scheduler
 SCHEDULER_ENABLED=true                  # Default: true
@ -102,10 +140,18 @@ HOST=0.0.0.0
 |---------|----------------|
 | **Access** | Telegram user ID allowlist |
 | **Auth** | Timing-safe token comparison |
-| **Sandbox** | Docker: no network, read-only root, caps dropped |
+| **Sandbox** | Docker (local) or Piston API (cloud), isolated |
 | **Secrets** | Env-only, auto-redacted in logs |
 | **Audit** | Every interaction logged |
 ### Sandbox Backends
 AssureBot auto-detects the best available backend:
 1. **Docker** - Full isolation, no network, caps dropped (requires Docker socket)
 2. **Piston API** - Free cloud execution, 15+ languages (works on Railway/Render/Fly)
 3. **None** - Sandbox disabled if neither available
 ### What's NOT Included
 Intentionally removed:
@ -121,17 +167,17 @@ Intentionally removed:
 ```bash
 cd secure
-pnpm install
+npm install
 # Dev mode
 TELEGRAM_BOT_TOKEN=xxx \
 ANTHROPIC_API_KEY=xxx \
 ALLOWED_USERS=123456789 \
-pnpm dev
+npm run dev
 # Production
-pnpm build
+npm run build
-pnpm start
+npm start
 ```
 ## Endpoints
@ -162,24 +208,27 @@ All webhooks are:
 ```jsonl
 {"ts":"2024-01-15T10:30:00Z","type":"message","userId":123,"text":"Hello","response":"Hi!"}
 {"ts":"2024-01-15T10:30:05Z","type":"webhook","path":"/hooks/github","status":200}
-{"ts":"2024-01-15T10:30:10Z","type":"sandbox","command":"python -c 'print(1)'","exitCode":0}
+{"ts":"2024-01-15T10:30:10Z","type":"sandbox","command":"[python] print(1)","exitCode":0}
 ```
 ## Architecture
 ```
 ┌────────────────────┐     ┌────────────────────┐
-│   moltbot-secure   │────▶│     sandbox        │
+│   AssureBot        │────▶│   Sandbox          │
-│   (main container) │     │  (Docker sidecar)  │
+│   (main container) │     │  (Docker/Piston)   │
 │                    │     │                    │
-│  • Telegram bot    │     │  • Isolated exec   │
+│  • Telegram bot    │     │  • Code execution  │
-│  • Webhook recv    │     │  • No network      │
+│  • Webhook recv    │     │  • 15+ languages   │
-│  • Scheduler       │     │  • Resource limits │
+│  • Scheduler       │     │  • Isolated        │
-│  • Allowlist auth  │     │  • Ephemeral       │
+│  • Personality     │     │  • No network      │
 └────────────────────┘     └────────────────────┘
         │
         ├────▶ [PostgreSQL] - Tasks, profiles
         ├────▶ [Redis] - Conversations, cache
         │
         ▼
-    [Anthropic/OpenAI]
+    [Anthropic/OpenAI/OpenRouter]
    (Direct API calls)
 ```