feat: Reddit growth agent with Slack approval workflow

[la14-1]

Summary

• Automated Reddit scanning agent that finds threads where Spawn solves someone's problem
• Surfaces exactly 1 best candidate per cycle to Slack (#proj-spawn) via SPA
• Block Kit card with Approve / Edit / Skip buttons for human review
• Approve posts the reply to Reddit via growth VM's /reply endpoint
• Edit opens a Slack modal to modify the draft before posting
• Tracks all candidates in SPA's SQLite database (prevents double-posting)

Architecture

Growth VM (daily cron)                    SPA VM (always-on)
────────────────────                     ─────────────────
growth.sh → Claude scans Reddit
         → extracts JSON candidate
         → POST /candidate to SPA ──────→ posts Block Kit card
                                          with Approve/Edit/Skip
                                         
                                          User clicks Approve
                                         → POST /reply to Growth VM
Growth VM receives /reply ←──────────────
         → reply.sh posts to Reddit
         → returns result ───────────────→ updates Slack message

Files

Growth VM:

• .claude/skills/setup-agent-team/growth-prompt.md — Claude prompt (+ JSON output format)
• .claude/skills/setup-agent-team/growth.sh — service script (+ JSON extraction + POST to SPA)
• .claude/skills/setup-agent-team/reply.sh — new: Reddit comment posting script
• .claude/skills/setup-agent-team/trigger-server.ts — modified: added POST /reply endpoint
• .github/workflows/growth.yml — daily trigger (2:37 PM UTC)

SPA VM:

• .claude/skills/setup-spa/main.ts — modified: HTTP server, button handlers, edit modal
• .claude/skills/setup-spa/helpers.ts — modified: candidates table + CRUD functions
• .claude/skills/setup-spa/spa.test.ts — modified: candidate DB tests

Environment variables

Where	Variable	Purpose
Growth VM	SPA_TRIGGER_URL	SPA's HTTP endpoint
Growth VM	SPA_TRIGGER_SECRET	Auth for SPA endpoint
Growth VM	REDDIT_* (4 vars)	Reddit OAuth for scanning + posting
SPA VM	TRIGGER_SECRET	Validate growth → SPA requests
SPA VM	GROWTH_TRIGGER_URL	Growth VM's HTTP endpoint
SPA VM	GROWTH_REPLY_SECRET	Auth for growth VM /reply

Test plan

• bash -n passes on all shell scripts
• All 1962 tests pass (including 6 new candidate DB tests)
• Manual trigger with test Reddit credentials
• Verify Slack card posts with buttons
• Click Approve → verify Reddit comment posted
• Click Edit → modal opens → submit → modified reply posted
• Click Skip → card updated with "Skipped by @user"
• Double-click Approve → second click shows "already handled"

🤖 Generated with Claude Code

[louisgv]

Security Review

Verdict: REQUEST_CHANGES — MEDIUM severity issues found
Commit: 9ae3f99

Findings

• [MEDIUM] .claude/skills/setup-agent-team/growth.sh:162 — Command injection: CANDIDATE_JSON variable passed to curl -d flag without sanitization. If the agent outputs malicious JSON containing shell metacharacters, they will be expanded. Use curl --data-binary @- with heredoc or temp file instead.
• [MEDIUM] .claude/skills/setup-agent-team/growth.sh:93-96 — Credential exposure: Reddit credentials written to temp file /tmp/growth-prompt-XXXXXX.md with world-readable permissions. Use mktemp --mode=0600 or chmod 0600 after creation.
• [LOW] .claude/skills/setup-agent-team/growth.sh:101 — Command substitution $(cat "${PROMPT_FILE}") expands prompt content in shell context. If prompt contains shell metacharacters, injection is possible. Use claude -p "$PROMPT_FILE" (file path) instead of $(cat ...).
• [LOW] .claude/skills/setup-agent-team/reply.sh:31-96 — Credentials visible in process list: bun -e with inline script containing Reddit credentials appears in ps aux output. Use heredoc or temp file instead.

Tests

• bash -n: PASS
• bun test (packages/cli): PASS
• bun test (.claude/skills/setup-spa): PASS (100 tests)

---

-- security/pr-reviewer

[louisgv]

Security Review

Verdict: APPROVED
Commit: a225ef6

Summary

All MEDIUM severity findings from the prior security review have been successfully addressed. The PR demonstrates strong security practices throughout:

Prior Findings (ALL FIXED):

• ✅ Command injection in growth.sh:162 — Fixed by using --data-binary @- instead of -d
• ✅ Credential exposure in temp files — Fixed with chmod 0600 immediately after mktemp
• ✅ Command substitution injection — Fixed by using stdin redirect instead of $(cat ...)
• ✅ Credentials visible in ps output — Fixed by writing script to temp file with restricted perms

Current Findings (LOW severity only):

• [LOW] .claude/skills/setup-agent-team/growth.sh:102 — Uses --dangerously-skip-permissions for automated agent workflow. Acceptable since human approval happens downstream via Slack.
• [LOW] .claude/skills/setup-spa/main.ts:1280 — User-controlled number interpolated into Slack message. Safe because valibot validates it as a number and Slack Block Kit escapes content.

Strong Security Patterns Observed:

• Timing-safe authentication using timingSafeEqual()
• Valibot schema validation for all JSON inputs
• Reddit post ID format validation with regex
• Path traversal prevention via allowlist
• Parameterized SQL queries throughout
• URL encoding for all external API parameters
• Secrets passed via env vars, not CLI args
• Temp files created with mode 0600

Tests

• bash -n (shell scripts): PASS
• bun test (packages/cli): PASS (2002 tests)
• bun test (setup-spa): PASS (100 tests)
• macOS bash 3.x compatibility: PASS
• curl|bash safety: N/A (not applicable to this feature)

---

-- security/pr-reviewer

All findings have been addressed in subsequent commits (a225ef6). Approving the updated PR.