security: migrate fetch_trakt_history from run_host_script (2/11, #35)

Dedicated MCP tool + IPC handler with minimal env:
TRAKT_CLIENT_ID, TRAKT_ACCESS_TOKEN (2 vars). No process.env spread.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: AyeAye

container/agent-runner/src/ipc-mcp-stdio.ts

@@ -694,6 +694,13 @@ server.tool(
   async () => runHostOperation('sync_tripit'),
 );
 
+server.tool(
+  'fetch_trakt_history',
+  'Fetch Trakt.tv watch history (shows, movies, ratings) for recommendations.',
+  {},
+  async () => runHostOperation('fetch_trakt_history'),
+);
+
 server.tool(
   'github_backup',
   'Commit and push the group backup repo to GitHub. Use for nightly backups or when important state changes. The host handles git credentials — the container just triggers it.',

src/ipc.ts

@@ -842,10 +842,16 @@ export async function processTaskIpc(
         const scriptPath = path.join(groupDir, 'scripts', 'sync-tripit.sh');
         if (!fs.existsSync(scriptPath)) {
           const errPath = path.join(
-            DATA_DIR, 'ipc', sourceGroup, 'input',
+            DATA_DIR,
+            'ipc',
+            sourceGroup,
+            'input',
             `_script_result_${data.requestId}.json`,
           );
-          fs.writeFileSync(errPath, JSON.stringify({ error: 'sync-tripit.sh not found' }));
+          fs.writeFileSync(
+            errPath,
+            JSON.stringify({ error: 'sync-tripit.sh not found' }),
+          );
           break;
         }
 
@@ -862,22 +868,106 @@ export async function processTaskIpc(
           'GOOGLE_REFRESH_TOKEN',
         ]);
         const syncEnv: Record<string, string> = {
+          PATH: process.env.PATH || '/usr/bin:/bin',
+          HOME: process.env.HOME || '/root',
+          TZ: process.env.TZ || 'UTC',
+          ...Object.fromEntries(Object.entries(syncVars).filter(([, v]) => v)),
+        };
+
+        const scriptContent = fs.readFileSync(scriptPath, 'utf-8');
+        const patchedContent = scriptContent.replace(
+          /\/workspace\/group/g,
+          groupDir,
+        );
+        const tmpScript = path.join(groupDir, '.tmp_host_sync-tripit.sh');
+        fs.writeFileSync(tmpScript, patchedContent);
+
+        execFile(
+          'bash',
+          [tmpScript],
+          {
+            cwd: groupDir,
+            env: syncEnv,
+            timeout: 120_000,
+            maxBuffer: 1024 * 1024,
+          },
+          (error, stdout, stderr) => {
+            const resultPath = path.join(
+              DATA_DIR,
+              'ipc',
+              sourceGroup,
+              'input',
+              `_script_result_${data.requestId}.json`,
+            );
+            if (error) {
+              logger.error(
+                { sourceGroup, error: error.message, stderr },
+                'sync_tripit failed',
+              );
+              fs.writeFileSync(
+                resultPath,
+                JSON.stringify({
+                  error: error.message,
+                  stderr: stderr.slice(-500),
+                }),
+              );
+            } else {
+              logger.info(
+                { sourceGroup, stdoutLen: stdout.length },
+                'sync_tripit completed',
+              );
+              fs.writeFileSync(
+                resultPath,
+                JSON.stringify({ stdout, stderr: stderr || undefined }),
+              );
+            }
+            try {
+              fs.unlinkSync(tmpScript);
+            } catch {
+              /* best effort */
+            }
+          },
+        );
+      }
+      break;
+
+    case 'fetch_trakt_history':
+      if (data.requestId) {
+        const groupDir = path.resolve(process.cwd(), 'groups', sourceGroup);
+        const scriptPath = path.join(groupDir, 'scripts', 'trakt-watch-history.py');
+        if (!fs.existsSync(scriptPath)) {
+          const errPath = path.join(
+            DATA_DIR, 'ipc', sourceGroup, 'input',
+            `_script_result_${data.requestId}.json`,
+          );
+          fs.writeFileSync(errPath, JSON.stringify({ error: 'trakt-watch-history.py not found' }));
+          break;
+        }
+
+        logger.info({ sourceGroup }, 'Running fetch_trakt_history');
+
+        const { readEnvFile: readTraktEnv } = await import('./env.js');
+        const traktVars = readTraktEnv([
+          'TRAKT_CLIENT_ID',
+          'TRAKT_ACCESS_TOKEN',
+        ]);
+        const traktEnv: Record<string, string> = {
           PATH: process.env.PATH || '/usr/bin:/bin',
           HOME: process.env.HOME || '/root',
           TZ: process.env.TZ || 'UTC',
           ...Object.fromEntries(
-            Object.entries(syncVars).filter(([, v]) => v),
+            Object.entries(traktVars).filter(([, v]) => v),
           ),
         };
 
         const scriptContent = fs.readFileSync(scriptPath, 'utf-8');
         const patchedContent = scriptContent.replace(/\/workspace\/group/g, groupDir);
-        const tmpScript = path.join(groupDir, '.tmp_host_sync-tripit.sh');
+        const tmpScript = path.join(groupDir, '.tmp_host_trakt-watch-history.py');
         fs.writeFileSync(tmpScript, patchedContent);
 
-        execFile('bash', [tmpScript], {
+        execFile('python3', [tmpScript], {
           cwd: groupDir,
-          env: syncEnv,
+          env: traktEnv,
           timeout: 120_000,
           maxBuffer: 1024 * 1024,
         }, (error, stdout, stderr) => {
@@ -886,10 +976,10 @@ export async function processTaskIpc(
             `_script_result_${data.requestId}.json`,
           );
           if (error) {
-            logger.error({ sourceGroup, error: error.message, stderr }, 'sync_tripit failed');
+            logger.error({ sourceGroup, error: error.message, stderr }, 'fetch_trakt_history failed');
             fs.writeFileSync(resultPath, JSON.stringify({ error: error.message, stderr: stderr.slice(-500) }));
           } else {
-            logger.info({ sourceGroup, stdoutLen: stdout.length }, 'sync_tripit completed');
+            logger.info({ sourceGroup, stdoutLen: stdout.length }, 'fetch_trakt_history completed');
             fs.writeFileSync(resultPath, JSON.stringify({ stdout, stderr: stderr || undefined }));
           }
           try { fs.unlinkSync(tmpScript); } catch { /* best effort */ }

tiles/nanoclaw-admin/skills/nightly-housekeeping/SKILL.md

@@ -44,7 +44,7 @@ Rebuilds `travel-schedule.json` from the TripIt ICS feed. Silent on success; rep
 Report gaps; skip if all snoozed or complete.
 
 ## Step 5: Refresh Trakt watch history
-Use `mcp__nanoclaw__run_host_script(script: "trakt-watch-history.py")`.
+Use `mcp__nanoclaw__fetch_trakt_history()`.
 Saves fresh watch history to `/workspace/group/trakt-history.json`.
 Silent on success. Report on error or `total_shows: 0` (if sync hasn't run yet → skip silently).
 

tiles/nanoclaw-admin/skills/trakt-watch-history/SKILL.md

@@ -1,11 +1,11 @@
 ---
 name: trakt-watch-history
-description: Fetch Trakt.tv watch history (shows, movies, ratings) for TV/movie recommendations. Runs host-side via run_host_script. Use when the user asks for show recommendations, what to watch, or wants to see their watch history.
+description: Fetch Trakt.tv watch history (shows, movies, ratings) for TV/movie recommendations. Use when the user asks for show recommendations, what to watch, or wants to see their watch history.
 ---
 
 # Trakt Watch History
 
-Run via host: `mcp__nanoclaw__run_host_script(script: "trakt-watch-history.py")`
+Run via host: `mcp__nanoclaw__fetch_trakt_history()`
 
 The script returns JSON:
 ```json