#19814: Codex/align delimiter parsing assertion with parser

## Summary Describe the problem and fix in 2–5 bullets: - Problem: - Why it matters: - What changed: - What did NOT change (scope boundary): ## Change Type (select all) - [ ] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes List user-visible changes (including defaults/config). If none, write `None`. ## Security Impact (required) - New permissions/capabilities? (`Yes/No`) - Secrets/tokens handling changed? (`Yes/No`) - New/changed network calls? (`Yes/No`) - Command/tool execution surface changed? (`Yes/No`) - Data access scope changed? (`Yes/No`) - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: - Runtime/container: - Model/provider: - Integration/channel (if any): - Relevant config (redacted): ### Steps 1. 2. 3. ### Expected - ### Actual - ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: - Edge cases checked: - What you did **not** verify: ## Compatibility / Migration - Backward compatible? (`Yes/No`) - Config/env changes? (`Yes/No`) - Migration needed? (`Yes/No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: - Files/config to restore: - Known bad symptoms reviewers should watch for: ## Risks and Mitigations List only real risks for this PR. Add/remove entries as needed. If none, write `None`. - Risk: - Mitigation: <!-- greptile_comment --> <h3>Greptile Summary</h3> This PR is titled "align delimiter parsing assertion with parser" but actually bundles **four distinct concerns** into a single large PR (47 files, +4,150 lines): 1. **WakeWords improvements** (`apps/android/`): Aligns test assertions with the comma-only delimiter parser, adds `distinctBy` deduplication to `sanitize`, adds preset management (`Preset` data class, `mergePresets`, `presetById`), and expands unit test coverage. This is clean and well-tested. 2. **Foreground service resilience** (`apps/android/`): Wraps `NodeForegroundService.start()` in retry logic with proper `ForegroundServiceStartNotAllowedException` handling, an `isRunning` volatile flag, and `onStart`/`onDestroy` lifecycle hooks. Solid defensive coding for Android OS restrictions. 3. **New Flutter Android app** (`android/`): An entirely new "ZEKE AI" Flutter app with BLE pendant support, chat UI, gateway service, and CI workflow. This is a large addition that deserves its own PR and review. 4. **aOa tooling** (`.aoa/`, `.claude/`): Adds aOa code intelligence hooks, settings, agents, and skill definitions. **Key issues found:** - **Security**: `android/lib/config/zeke_config.dart` commits a plaintext gateway token to the repository, violating the repo's own security guidelines. - **Bug**: `android/lib/services/gateway_service.dart` emits every WebSocket message twice to stream listeners due to an unconditional `_messageController.add(data)` after the conditional branches. - **Bug**: `.claude/settings.local.json` references 4 hook scripts by wrong filenames — none of them will resolve at runtime. - **Config**: `.aoa/home.json` contains machine-specific absolute paths that won't work for other contributors. <h3>Confidence Score: 2/5</h3> - This PR has a committed plaintext credential, duplicate message emission bugs, and broken hook paths that need to be resolved before merge. - Score of 2 reflects: (1) a hardcoded gateway token in source code is a security issue that violates repo guidelines, (2) the gateway service double-emits messages which will cause UI bugs, (3) all Claude hook paths are wrong so none of the aOa tooling will work, and (4) the PR bundles unrelated large additions (Flutter app, aOa tooling) with the stated WakeWords test alignment, making it hard to review. - `android/lib/config/zeke_config.dart` (hardcoded token), `android/lib/services/gateway_service.dart` (duplicate message emission), `.claude/settings.local.json` (all hook paths broken) _{Last reviewed commit: 1896d67} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} **Context used:** - Context from `dashboard` - CLAUDE.md ([source](https://app.greptile.com/review/custom-context?memory=fd949e91-5c3a-4ab5-90a1-cbe184fd6ce8)) <!-- /greptile_comment -->