## Issue Triage — 2026-02-09

### 1) PostgreSQL “logs” table hot-spot causing slow agent responses (excessive hits)
- **Issue Title & ID:** DB performance bottleneck: logs table overloaded → slow Eliza responses (DISCORD-COREDEVS-2026-02-08-LOGS)
- **Current Status:** Acknowledged; “major optimization plan” in progress (Stan). Root cause identified (logs table hit excessively).
- **Impact Assessment:**
  - **User Impact:** **Critical** (platform-wide latency / degraded UX)
  - **Functional Impact:** **Partial** (core chat still works, but responsiveness degrades)
  - **Brand Impact:** **High** (perceived instability / poor scalability)
- **Technical Classification:**
  - **Issue Category:** Performance
  - **Component Affected:** Core Framework / Server / DB layer (Postgres)
  - **Complexity:** **Complex solution** (query patterns, indexes/partitioning, write amplification, retention)
- **Resource Requirements:**
  - **Required Expertise:** Postgres performance tuning, schema/index design, backend profiling/observability
  - **Dependencies:** Visibility into production query patterns; agreement on logging retention + sampling strategy
  - **Estimated Effort:** **5/5**
- **Recommended Priority:** **P0**
- **Specific Actionable Next Steps:**
  1. Capture top queries against `logs` (pg_stat_statements) and identify highest-frequency call sites.
  2. Add/validate indexes (or drop unused ones) aligned to actual WHERE/ORDER BY patterns.
  3. Introduce log write throttling (sampling), async/batched inserts, and/or separate ingest table.
  4. Implement retention policy (TTL) and consider partitioning by time (daily/weekly).
  5. Add SLOs + alerts: p95 response time, DB CPU, lock waits, bloat, table growth rate.
- **Potential Assignees:** **Stan ⚡** (owner of optimization plan), **sayonara** (identified bottleneck), **odilitime** (perf/robustness work), **lalalune** (core infra)

---

### 2) Plugin loading failures: `MAX_EMBEDDING_TOKENS` missing in latest AI provider plugins
- **Issue Title & ID:** Missing `MAX_EMBEDDING_TOKENS` constant breaks plugin compatibility/loading (DISCORD-CODERS-2026-02-08-MAX_EMBEDDING_TOKENS)
- **Current Status:** Unresolved; mitigation discussed (rollback vs PRs across plugin repos).
- **Impact Assessment:**
  - **User Impact:** **High** (common setups fail when upgrading plugins)
  - **Functional Impact:** **Yes** (blocks embeddings-dependent features; may prevent boot)
  - **Brand Impact:** **High** (breakage across “latest” plugin versions)
- **Technical Classification:**
  - **Issue Category:** Bug
  - **Component Affected:** Plugin System / Model Integration (AI provider plugins)
  - **Complexity:** **Moderate effort** (multi-repo fix + release coordination)
- **Resource Requirements:**
  - **Required Expertise:** TypeScript plugin packaging/versioning, release management
  - **Dependencies:** Identify all affected plugins; align on a single source of truth for constants
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P0**
- **Specific Actionable Next Steps:**
  1. Inventory affected repositories and versions; reproduce with a clean install using “latest”.
  2. Decide canonical location for the constant (core vs provider interface) and deprecate duplicates.
  3. Ship PR(s) adding the constant + backward-compatible fallback behavior.
  4. Cut patch releases for each affected plugin and update registry/templates to pin safe versions.
  5. Add CI contract test: “provider exports required constants” (pre-publish gate).
- **Potential Assignees:** **s** (plugin integration lead), **Wes** (ready to PR), **lalalune** (core/plugin architecture), **anchapin** (stability guards)

---

### 3) Character configuration limitations: agent defaults to “eliza” personality; character files not loadable except onboarding
- **Issue Title & ID:** Custom character not applied; defaults to “eliza”; no supported character file placement workflow (DISCORD-CODERS-2026-02-08-CHARACTER-DEFAULT)
- **Current Status:** Known limitation; character editor being wired in (Bill Ding).
- **Impact Assessment:**
  - **User Impact:** **High** (core customization path is blocked/confusing)
  - **Functional Impact:** **Partial** (agent runs but not as configured)
  - **Brand Impact:** **High** (first-run experience looks “broken”)
- **Technical Classification:**
  - **Issue Category:** UX / Bug (configuration)
  - **Component Affected:** Core Framework / Runtime config / Character system
  - **Complexity:** **Moderate effort** (config discovery, precedence rules, UI/editor)
- **Resource Requirements:**
  - **Required Expertise:** Runtime configuration, file loading, UX flows
  - **Dependencies:** Character editor integration; define config precedence (onboarding vs file vs remote)
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P1**
- **Specific Actionable Next Steps:**
  1. Define and document a single character resolution order (e.g., CLI flag > env > config > onboarding).
  2. Add explicit logs when falling back to default character (“why” + where it looked).
  3. Implement support for loading characters from a conventional directory (e.g., `./characters/*.json`).
  4. Ensure milaidy parity: same character selection behavior as eliza examples.
  5. Add a minimal CLI command: `elizaos character validate|list|set`.
- **Potential Assignees:** **Bill Ding** (character editor), **odilitime** (bootstrap/provider layer), **lalalune** (runtime/config), **borisudovicic** (UX acceptance criteria)

---

### 4) Model selection mismatch: configured model ignored; claude-haiku-3.5 used unexpectedly
- **Issue Title & ID:** Runtime uses claude-haiku-3.5 despite configuration (DISCORD-CODERS-2026-02-08-MODEL-SELECTION)
- **Current Status:** Reported by user; not yet triaged to a GitHub issue.
- **Impact Assessment:**
  - **User Impact:** **High** (cost, quality, and deterministic behavior impacted)
  - **Functional Impact:** **Partial** (responses still generated but not as intended)
  - **Brand Impact:** **High** (trust in config + reproducibility)
- **Technical Classification:**
  - **Issue Category:** Bug
  - **Component Affected:** Model Integration / Runtime settings resolution
  - **Complexity:** **Moderate effort** (settings precedence + per-request overrides)
- **Resource Requirements:**
  - **Required Expertise:** Settings resolution, provider selection, multi-tenant/per-user settings
  - **Dependencies:** Interaction with **RequestContext / per-entity settings** work (recently added)
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P1**
- **Specific Actionable Next Steps:**
  1. Create a reproducible test: config sets Model A, runtime selects Model B → fail.
  2. Audit settings precedence (env vs agent config vs request context vs defaults).
  3. Add debug endpoint/log line: resolved model + source of truth for each setting.
  4. Add unit tests around `getSetting()` + model selection with/without RequestContext.
- **Potential Assignees:** **lalalune** (runtime/model plumbing), **0xbbjoker** (RequestContext author), **anchapin** (defensive fixes)

---

### 5) ElizaCloud account duplication + incorrect welcome credit due to dev/prod email links
- **Issue Title & ID:** Claiming $5 credit creates duplicate accounts (dev.elizacloud.ai vs elizacloud.ai) and credits wrong amount (DISCORD-CLOUD-2026-02-06-ACCOUNT-DUP)
- **Current Status:** Reported with detailed flow; cloud team engaged via DMs (Odilitime, sam); needs product + technical fix.
- **Impact Assessment:**
  - **User Impact:** **High** (new-user onboarding broken; funds/agents fragmented)
  - **Functional Impact:** **Yes** (account integrity + billing/credit flows compromised)
  - **Brand Impact:** **High** (trust-breaking onboarding failure)
- **Technical Classification:**
  - **Issue Category:** Bug / UX
  - **Component Affected:** Cloud Platform / Auth / Email routing / Billing credits
  - **Complexity:** **Moderate effort** (link generation, environment config, account merge tooling)
- **Resource Requirements:**
  - **Required Expertise:** Cloud auth, email template/link generation, billing/credit ledger, support tooling
  - **Dependencies:** Safe account-merge procedure; audit logs to reconcile credits/agents
  - **Estimated Effort:** **4/5**
- **Recommended Priority:** **P0**
- **Specific Actionable Next Steps:**
  1. Hotfix email link generator to always point to production domain for production sends.
  2. Add environment guardrails: prohibit dev URLs in prod mail pipeline (tests + config validation).
  3. Implement self-serve or admin tooling to merge accounts by verified email.
  4. Reconcile credits: ensure promotion grants correct amount and is idempotent.
  5. Add monitoring: spike detection for duplicate account creation by same email.
- **Potential Assignees:** **sam** (cloud), **Odilitime** (triage/coordination), Cloud auth/billing owner (unlisted)

---

### 6) ElizaCloud dashboard “login loop” cycling between login and dashboard
- **Issue Title & ID:** Dashboard session loop (login ↔ dashboard cycling) (DISCORD-CLOUD-2026-02-06-LOGIN-LOOP)
- **Current Status:** Reported; forwarded to cloud team; awaiting investigation.
- **Impact Assessment:**
  - **User Impact:** **High** (blocks access to Cloud UI)
  - **Functional Impact:** **Yes** (cannot manage agents/settings)
  - **Brand Impact:** **High** (appears as outage)
- **Technical Classification:**
  - **Issue Category:** Bug
  - **Component Affected:** Cloud Platform / GUI / Auth session management
  - **Complexity:** **Moderate effort** (cookie/domain, JWT/session refresh, routing guards)
- **Resource Requirements:**
  - **Required Expertise:** Web auth/session debugging, frontend routing, backend token validation
  - **Dependencies:** Potentially related to dev/prod domain confusion and cookie scope
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P0**
- **Specific Actionable Next Steps:**
  1. Reproduce on affected browser/device; capture HAR + console logs.
  2. Validate cookie domain/path, SameSite settings, and redirect rules.
  3. Inspect token refresh flow; ensure consistent issuer/audience across environments.
  4. Add an error banner explaining auth failure reason (expired token vs misconfig).
- **Potential Assignees:** Cloud frontend owner (unlisted), **sam**, **Odilitime**

---

### 7) Milaidy integration: “wallet fixes” resolved locally but not deployed
- **Issue Title & ID:** Wallet fixes not shipped; users still impacted (DISCORD-CODERS-2026-02-08-WALLET-FIXES)
- **Current Status:** Fix exists locally (per s); deployment pending.
- **Impact Assessment:**
  - **User Impact:** **Medium–High** (depends on how many use wallet flows; likely growing)
  - **Functional Impact:** **Partial** (web3 flows degraded)
  - **Brand Impact:** **Medium** (perceived unfinished integration)
- **Technical Classification:**
  - **Issue Category:** Bug
  - **Component Affected:** Plugin System / Wallet integration (milaidy/openclaw connectors)
  - **Complexity:** **Simple fix** (if only deployment) to **Moderate** (if more QA required)
- **Resource Requirements:**
  - **Required Expertise:** Release/deploy pipeline, plugin packaging
  - **Dependencies:** Ensure compatibility with plugin versions and milaidy build
  - **Estimated Effort:** **2/5**
- **Recommended Priority:** **P1**
- **Specific Actionable Next Steps:**
  1. Convert local patch into PR(s) with reproduction steps and regression tests.
  2. Cut a patch release and update milaidy to consume it.
  3. Add a canary validation: wallet connect/send on a testnet in CI or nightly.
- **Potential Assignees:** **s**, **lalalune**, wallet/plugin maintainer(s) (unlisted)

---

### 8) Twitter plugin: quote repost not creating native quote tweets (posts text + link only)
- **Issue Title & ID:** Twitter quote repost broken / incomplete behavior (DISCORD-CODERS-2026-02-08-TWITTER-QUOTE)
- **Current Status:** Confirmed limitation; no owner; suggested to open issue/PR.
- **Impact Assessment:**
  - **User Impact:** **Medium** (subset using Twitter automation)
  - **Functional Impact:** **Partial** (posting works but not full feature)
  - **Brand Impact:** **Medium** (integration feels low quality)
- **Technical Classification:**
  - **Issue Category:** Bug / Feature gap
  - **Component Affected:** Plugin System / Social integrations (Twitter/X)
  - **Complexity:** **Moderate effort** (API behavior + payload format + permissions)
- **Resource Requirements:**
  - **Required Expertise:** Twitter/X API, plugin actions, OAuth scopes
  - **Dependencies:** Confirm which API tier/endpoints are used; verify “quote tweet” endpoint support
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P2**
- **Specific Actionable Next Steps:**
  1. Create GitHub issue with expected vs actual behavior and API request/response logs.
  2. Identify correct endpoint/parameters for native quote tweet; update action implementation.
  3. Add integration test with mocked API (and optional manual verification steps).
- **Potential Assignees:** **Bill Ding** (triage), community contributor **azsxdc** (reported), plugin maintainer (unlisted)

---

### 9) Potential malicious code / vulnerabilities in skills & setup (security concern, details missing)
- **Issue Title & ID:** Investigate reported malicious code in skills / setup vulnerabilities (DISCORD-2026-02-07-SECURITY-SKILLS)
- **Current Status:** Reported publicly (DigitalDiva); no technical details shared in-channel.
- **Impact Assessment:**
  - **User Impact:** **Critical** (if real: supply chain compromise)
  - **Functional Impact:** **Yes** (security breach undermines entire system)
  - **Brand Impact:** **High** (security incident risk)
- **Technical Classification:**
  - **Issue Category:** Security
  - **Component Affected:** Plugin System / Skills distribution / Installation scripts
  - **Complexity:** **Complex solution** (audit + potential incident response)
- **Resource Requirements:**
  - **Required Expertise:** AppSec, dependency auditing, supply-chain security (SLSA), CI hardening
  - **Dependencies:** Obtain IOCs/repro steps privately; establish security triage channel/process
  - **Estimated Effort:** **5/5**
- **Recommended Priority:** **P0**
- **Specific Actionable Next Steps:**
  1. Move to private security intake immediately; request concrete evidence (file paths, hashes, behavior).
  2. Run repo-wide scans: dependency audit, secret scanning, script review, plugin publish provenance.
  3. Validate plugin signing/pinning strategy; restrict arbitrary postinstall execution.
  4. If confirmed, publish security advisory with remediation steps and version pins.
- **Potential Assignees:** Core security owner (unlisted), **borisudovicic** (security planning), **lalalune** (core), **greptile-apps** (review support)

---

### 10) ai.com website crashes due to high traffic
- **Issue Title & ID:** Site instability under load (ai.com crashes) (DISCORD-DISCUSSION-2026-02-08-AICOM)
- **Current Status:** Observed/reported; no fix tracked.
- **Impact Assessment:**
  - **User Impact:** **High** (top-of-funnel traffic dropped)
  - **Functional Impact:** **Partial** (doesn’t block runtime, but blocks discovery/onboarding)
  - **Brand Impact:** **High** (public-facing reliability)
- **Technical Classification:**
  - **Issue Category:** Performance / Infrastructure
  - **Component Affected:** Web / Hosting / CDN / WAF
  - **Complexity:** **Moderate effort**
- **Resource Requirements:**
  - **Required Expertise:** Web ops, CDN caching, rate limiting, autoscaling, observability
  - **Dependencies:** Access to hosting metrics/logs; clarify ownership of ai.com stack
  - **Estimated Effort:** **3/5**
- **Recommended Priority:** **P1**
- **Specific Actionable Next Steps:**
  1. Identify failure mode: 5xx from origin, CDN miscache, DB saturation, or rate limits.
  2. Put CDN + caching in front of dynamic pages; enable origin autoscaling.
  3. Add load testing + alerting (RUM + synthetic checks).
- **Potential Assignees:** Web/infra owner (unlisted), **Stan ⚡** (infra guidance), **odilitime** (performance)

---

### 11) Architectural proposal: PM2 as external process manager for websockets + symlinked directory structure
- **Issue Title & ID:** Proposal: PM2 for websocket management; new symlink-based repo layout (DISCORD-CODERS-2026-02-08-PM2-PROPOSAL)
- **Current Status:** Proposal stage; unanswered questions (e.g., cluster mode).
- **Impact Assessment:**
  - **User Impact:** **Low–Medium** (future operability)
  - **Functional Impact:** **No** (not a breakage)
  - **Brand Impact:** **Low**
- **Technical Classification:**
  - **Issue Category:** Feature Request / Architecture
  - **Component Affected:** Deployment / Websocket services / DevOps
  - **Complexity:** **Architectural change**
- **Resource Requirements:**
  - **Required Expertise:** Node process management, deployment patterns, ops, monorepo workflows
  - **Dependencies:** Decide supported deployment target(s); avoid diverging “blessed” structure
  - **Estimated Effort:** **4/5**
- **Recommended Priority:** **P3**
- **Specific Actionable Next Steps:**
  1. Convert into a design doc: goals, non-goals, supported environments, rollback plan.
  2. Compare with alternatives (systemd, docker compose, k8s) and document tradeoffs.
  3. If accepted, build an optional “deployment preset” rather than a required structure.
- **Potential Assignees:** **MochinoLabs** (author), **Stan ⚡** (infra), **lalalune** (architecture)

---

### 12) GitHub Issue: “[Agent] Eliza Character File & Prompt Engineering” (#6447)
- **Issue Title & ID:** [Agent] Eliza Character File & Prompt Engineering (elizaos/eliza **#6447**)
- **Current Status:** **Open**
- **Impact Assessment:**
  - **User Impact:** **Medium** (quality improvements; not a hard blocker)
  - **Functional Impact:** **No** (agent works; better behavior desired)
  - **Brand Impact:** **Medium** (quality of default agent matters)
- **Technical Classification:**
  - **Issue Category:** UX / Documentation (prompt/character quality)
  - **Component Affected:** Core Framework (default character file), Model Integration (model choice)
  - **Complexity:** **Moderate effort** (iteration + testing)
- **Resource Requirements:**
  - **Required Expertise:** Prompt engineering, evaluation methodology, model/cost tradeoffs
  - **Dependencies:** Clarify target default model (e.g., Sonnet) and cost envelope
  - **Estimated Effort:** **2/5**
- **Recommended Priority:** **P2**
- **Specific Actionable Next Steps:**
  1. Define evaluation rubric (consistency, refusal behavior, style, tool-use correctness).
  2. Add message examples + regression scenarios for character behavior.
  3. Run A/B tests on target models and record cost/quality deltas.
- **Potential Assignees:** **borisudovicic** (issue author), **Ben** (mentioned as having PRs), **lalalune** (model defaults)

---

## Summary — Top Highest-Priority Issues to Address Immediately (Next 24–72h)

1. **P0:** PostgreSQL performance bottleneck from `logs` table hot-spot (DISCORD-COREDEVS-2026-02-08-LOGS)  
2. **P0:** Plugin loading failures due to missing `MAX_EMBEDDING_TOKENS` across latest provider plugins (DISCORD-CODERS-2026-02-08-MAX_EMBEDDING_TOKENS)  
3. **P0:** ElizaCloud duplicate account creation + incorrect welcome credit due to dev/prod link routing (DISCORD-CLOUD-2026-02-06-ACCOUNT-DUP)  
4. **P0:** ElizaCloud dashboard login loop (DISCORD-CLOUD-2026-02-06-LOGIN-LOOP)  
5. **P0:** Security report: potential malicious code in skills/setup (needs private intake + audit) (DISCORD-2026-02-07-SECURITY-SKILLS)  
6. **P1:** Character configuration broken/limited; defaults to “eliza” and lacks supported file workflow (DISCORD-CODERS-2026-02-08-CHARACTER-DEFAULT)  
7. **P1:** Model selection mismatch (configured model ignored) (DISCORD-CODERS-2026-02-08-MODEL-SELECTION)  
8. **P1:** ai.com site crashes under load (DISCORD-DISCUSSION-2026-02-08-AICOM)  
9. **P1:** Wallet fixes exist locally but not deployed (DISCORD-CODERS-2026-02-08-WALLET-FIXES)

---

## Patterns / Themes Suggesting Deeper Architectural Problems

1. **Configuration precedence & environment leakage (dev vs prod):**  
   - Cloud email links pointing to dev, login loops, and model selection mismatches indicate inconsistent settings resolution and environment scoping.
2. **Stability regressions from cross-repo/plugin version drift:**  
   - `MAX_EMBEDDING_TOKENS` missing suggests lack of enforced contracts between core and plugins and insufficient release gating.
3. **Scaling gaps in observability-heavy paths:**  
   - The `logs` table bottleneck implies logging is on the critical path without rate controls, retention, or partitioning.
4. **Core UX primitives not yet productized (characters):**  
   - Character loading/editor flow is a “core promise” for agents, but currently behaves like an internal prototype feature.

---

## Recommendations — Process Improvements

1. **Introduce “contract tests” for plugins before publish:**
   - Automated checks for required exports/constants and runtime compatibility across supported core versions.
2. **Enforce environment safety rails (Cloud):**
   - CI/CD rule: production email templates cannot contain dev domains; add config validation at startup.
3. **Create a formal Security Intake & Response workflow:**
   - Dedicated private channel + SECURITY.md instructions; require reproducible details; define advisory publication steps.
4. **Performance budget + logging policy:**
   - Set SLOs for DB and agent response time; implement log sampling, async ingestion, and retention as default.
5. **Config explainability tooling:**
   - “Effective config” command/page that prints resolved settings and their sources (env/file/request context/default) to prevent model/character confusion.