#19030: feat(simplex): add SimpleX Chat channel plugin

Zero-metadata encrypted messaging via SimpleX Chat CLI WebSocket. - Channel plugin following Nostr plugin architecture - WebSocket bus connecting to simplex-chat CLI (ws://localhost:5225) - DM-only MVP with pairing support - Config schema with wsPort, dmPolicy, allowFrom - Auto-reconnect with exponential backoff - JSON + plain text message parsing - Documentation + README Ideal for high-security environments where metadata protection is critical. No user identifiers, no phone numbers, no central servers. ## Summary Describe the problem and fix in 2–5 bullets: - Problem: - Why it matters: - What changed: - What did NOT change (scope boundary): ## Change Type (select all) - [ ] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes List user-visible changes (including defaults/config). If none, write `None`. ## Security Impact (required) - New permissions/capabilities? (`Yes/No`) - Secrets/tokens handling changed? (`Yes/No`) - New/changed network calls? (`Yes/No`) - Command/tool execution surface changed? (`Yes/No`) - Data access scope changed? (`Yes/No`) - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: - Runtime/container: - Model/provider: - Integration/channel (if any): - Relevant config (redacted): ### Steps 1. 2. 3. ### Expected - ### Actual - ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: - Edge cases checked: - What you did **not** verify: ## Compatibility / Migration - Backward compatible? (`Yes/No`) - Config/env changes? (`Yes/No`) - Migration needed? (`Yes/No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: - Files/config to restore: - Known bad symptoms reviewers should watch for: ## Risks and Mitigations List only real risks for this PR. Add/remove entries as needed. If none, write `None`. - Risk: - Mitigation: <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds a SimpleX Chat channel plugin that connects to a local `simplex-chat` CLI via WebSocket, enabling zero-metadata encrypted DMs. The plugin follows the Nostr plugin architecture pattern with a WebSocket bus, config schema, account resolver, and standard channel plugin registration. - **Critical: Config schema will crash at runtime** — `config-schema.ts` uses `@sinclair/typebox` (`Type.Object`), but `buildChannelConfigSchema` expects a Zod schema and calls `.toJSONSchema()` on it. The Nostr reference plugin uses Zod. This must be rewritten before merge. - **Missing dependency** — `@sinclair/typebox` is imported but not declared in `package.json` `dependencies`. - **Command injection risk** — `contactReq.localDisplayName` from external contact requests is interpolated unsanitized into a `/ac` command string sent to the simplex-chat CLI. - **Dead content filter logic** — The inbound message handler checks for `sndMsgContent` (sent content type) on messages already filtered to `directRcv` (received direction), making the condition a no-op. - **Missing `.github/labeler.yml` update** — Per AGENTS.md: "When adding channels/extensions/apps/docs, update `.github/labeler.yml` and create matching GitHub labels." - **No tests included** — The PR adds ~650 lines of logic with no test coverage. <h3>Confidence Score: 1/5</h3> - This PR has a guaranteed runtime crash in the config schema and a command injection vulnerability — it is not safe to merge as-is. - Score of 1 reflects: (1) the config schema uses TypeBox but `buildChannelConfigSchema` requires Zod, which will throw at runtime when the plugin loads; (2) unsanitized user input in CLI command construction creates a command injection vector; (3) missing `@sinclair/typebox` dependency in package.json; (4) dead code in message content filtering logic. The plugin structure and overall approach are sound, but these issues must be fixed before merge. - `extensions/simplex/src/config-schema.ts` (TypeBox/Zod mismatch — runtime crash), `extensions/simplex/src/simplex-bus.ts` (command injection in contact accept, dead content filter logic), `extensions/simplex/package.json` (missing `@sinclair/typebox` dependency) _{Last reviewed commit: dcd9248} <!-- greptile_other_comments_section --> **Context used:** - Context from `dashboard` - CLAUDE.md ([source](https://app.greptile.com/review/custom-context?memory=fd949e91-5c3a-4ab5-90a1-cbe184fd6ce8)) <!-- /greptile_comment -->