- Record Playwright codegen to JSON
- Deduplicate consecutive identical clicks
- Annotate captcha block with a step range
- Redact typed values into placeholders
- Auto-map secrets with fallback prompt
- Validate helper output against real login flow
- Define SQLite schema (sites, runs, scripts, screenshots)
- Implement SQLite access layer (init on startup)
- Add API routes to create/update sites and upload scripts
- Encrypt secrets at rest with env key
- Add migrations strategy (versioned schema)
- Validate API routes with curl
- Build step runner (click/fill/goto/etc.)
- Inject decrypted secrets at runtime
- Handle captcha step placeholder (manual or stub solver)
- Capture screenshot after login and store metadata
- Track runs + last success/failure
- Validate runner against mock site
- Add a mock login site (simple form + session cookie) for repeatable tests
- Document curl flow to create a site, upload script JSON, set credentials, run job
- Verify runner works end-to-end with the mock site
- Note elevated permissions may be required to bind to ports in sandboxed environments
- Dashboard: sites list with last run status
- Site detail: script summary, run history, screenshots
- Create/edit site form
- “Run now” button + status feedback
- Manual UI smoke test (create site, upload script, run)
- Dockerfile + compose for NAS
- Volumes for SQLite + screenshots (DB stores screenshots; /config volume)
- Cron or scheduler for monthly runs
- Logging + basic retry policy