t1385.4: Add iMessage/BlueBubbles subagent doc

[marcusquinn]

Summary

• Create .agents/services/communications/imessage.md — comprehensive subagent doc for iMessage bot integration
• Register imessage in subagent-index.toon under Communications

What's Covered

• Two integration paths: BlueBubbles REST API (recommended, full-featured) and imsg CLI (send-only)
• macOS requirements: Hardware options, Messages.app keepalive, VM/headless setup, monitoring script
• BlueBubbles REST API: Authentication, key endpoints, sending messages, attachments, reactions, webhooks with event types and payload examples
• Messaging features matrix: DMs, groups, reactions/tapbacks, reply threading, edit/unsend, typing indicators, read receipts, attachments, SMS fallback
• Access control: API password auth, allowlist patterns (phone/email, group, command-level, rate limiting), credential storage via gopass
• Privacy/security assessment: iMessage E2E encryption details (RSA-2048/ECDSA P-256 + AES), Apple metadata visibility, Advanced Data Protection, BlueBubbles security model, threat model, comparison table vs Signal/SimpleX/Matrix, Apple privacy policy summary
• aidevops integration: Runner dispatch pattern, webhook handler architecture, Matterbridge bridging options
• Limitations: Platform lock-in, reliability concerns, feature gaps, legal/ToS considerations
• Troubleshooting: Common issues and solutions table

Closes #2751

Summary by CodeRabbit

• Documentation

  • Added comprehensive iMessage integration guide covering BlueBubbles API setup, message flows, webhooks, authentication, and security best practices.

• Chores

  • Updated communications service index to reflect iMessage and Web3 messaging support.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces comprehensive documentation and registration for integrating iMessage and BlueBubbles into bot workflows. It provides detailed guides on setting up macOS hosts, utilizing the BlueBubbles REST API for full-featured interactions, or the imsg CLI for send-only capabilities. The changes aim to enable aidevops to leverage iMessage for communication, complete with security considerations, limitations, and troubleshooting advice, thereby expanding the platform's communication capabilities.

Highlights

• New iMessage/BlueBubbles Subagent Documentation: A comprehensive documentation file has been added detailing the integration of iMessage and BlueBubbles for bot interactions, covering architecture, requirements, API usage, and security.
• Dual Integration Paths: The documentation outlines two primary integration methods: the full-featured BlueBubbles REST API for interactive bots and the imsg CLI for simple send-only notifications.
• Security and Privacy Assessment: The new document includes a detailed assessment of iMessage's end-to-end encryption, Apple's metadata visibility, Advanced Data Protection, BlueBubbles' security model, and a comparison with other messaging protocols.
• macOS Host Requirements and Keepalive: Guidance is provided on macOS hardware options, configuration for persistent Messages.app sessions, and a monitoring script to ensure continuous operation for bot integrations.
• aidevops Integration Patterns: The document describes how to integrate iMessage bots with aidevops runner dispatch patterns, including conceptual webhook handlers and potential Matterbridge bridging options.
• Subagent Index Update: The imessage subagent has been registered within the subagent-index.toon file under the communications services, making it discoverable within the system.

Changelog

• .agents/services/communications/imessage.md
  • Added a new file providing extensive documentation for iMessage and BlueBubbles bot integration.
• .agents/subagent-index.toon
  • Updated the communications service entry to include 'imessage' as a recognized subagent.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Warning

Rate limit exceeded

@alex-solovyev has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 25 minutes and 47 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 24491b77f185209bd13444585c8c486e7a06040d and 5b12d0c.

📒 Files selected for processing (1)

• .agents/services/communications/imessage.md

Walkthrough

Introduces comprehensive documentation for iMessage/BlueBubbles bot integration at .agents/services/communications/imessage.md, detailing two integration paths, architecture, message flows, REST API usage, security considerations, and deployment patterns. Concurrently updates the subagent index to reflect iMessage support within communications services.

Changes

Cohort / File(s)	Summary
iMessage Integration Documentation .agents/services/communications/imessage.md	New comprehensive subagent document covering BlueBubbles REST API and imsg CLI integration paths, macOS requirements, inbound/outbound message flows, REST API examples, chat GUIDs, webhooks, access control, privacy/security assessment, deployment guidance, and keepalive/monitoring patterns.
Subagent Index Update .agents/subagent-index.toon	Updated communications service entry to include Web3 messaging and iMessage in description; added imessage keyword tag.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• docs: add Bitchat and XMTP communications subagent docs #2696: Also adds communications subagent documentation and modifies the same .agents/subagent-index.toon communications entry.

Suggested labels

documentation

Poem

🍎💬 BlueBubbles rise in docs so bright,
Messages flowing, encrypted tight,
iMessage flows through vectors true,
From Apple's walls to agents new. 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the primary change: adding iMessage/BlueBubbles subagent documentation, matching the main objective.
Linked Issues check	✅ Passed	All coding requirements from #2751 are met: comprehensive .agents/services/communications/imessage.md with integration paths, API details, features matrix, access control, privacy/security assessment, aidevops integration, limitations, and troubleshooting guidance.
Out of Scope Changes check	✅ Passed	Changes are strictly in-scope: new documentation file and subagent-index.toon registration directly address #2751 requirements with no extraneous modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/t1385.4-imessage-subagent

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 113 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Tue Mar 3 04:44:22 UTC 2026: Code review monitoring started
Tue Mar 3 04:44:22 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 113

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 113
• VULNERABILITIES: 0

Generated on: Tue Mar 3 04:44:24 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.agents/services/communications/imessage.md (1)

406-426: Consider using bundle ID or exact match for process detection.

The check_and_restart function accepts bundle_id but doesn't use it. Using pgrep -x (exact match) for "Messages" or leveraging the bundle ID would be more reliable.

♻️ Optional: Use exact match or bundle ID

 check_and_restart() {
   local app_name="$1"
   local bundle_id="$2"

-  if ! pgrep -f "$app_name" > /dev/null 2>&1; then
+  # Use exact match for reliability
+  if ! pgrep -x "$app_name" > /dev/null 2>&1; then
     echo "$(date): $app_name not running, restarting..."
     open -a "$app_name"
     sleep 5
-    if pgrep -f "$app_name" > /dev/null 2>&1; then
+    if pgrep -x "$app_name" > /dev/null 2>&1; then
       echo "$(date): $app_name restarted successfully"

Or use pgrep -x consistently, since "Messages" as an exact process name is correct for Messages.app.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.agents/services/communications/imessage.md around lines 406 - 426, The
check_and_restart function takes a bundle_id but currently ignores it and uses
pgrep -f on app_name which can match substrings; update check_and_restart to use
a reliable detection method: either use pgrep -x with the exact process name
(reference: check_and_restart and its app_name parameter) or resolve the running
process by bundle id (reference: bundle_id parameter) — e.g., query the app's
bundle identifier via system tools (mdls/osascript/ps + grep for
kMDItemCFBundleIdentifier) or use pgrep with the exact process name, then only
call open -a when truly not running; keep the existing restart logic and return
codes unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.agents/services/communications/imessage.md:
- Around line 122-127: Replace the Homebrew cask suggestion for installing
BlueBubbles (the line containing "brew install --cask bluebubbles") with a
deprecation warning: state that the bluebubbles Homebrew cask has been
deprecated and will be disabled on 2026-09-01 due to a macOS Gatekeeper issue,
advise users that the Homebrew method will stop working after that date, and
instruct readers to download the DMG directly from the GitHub Releases page
(https://github.com/BlueBubblesApp/bluebubbles-server/releases) as the
recommended installation method; keep the existing "Download latest release from
GitHub" heading and link but make the DMG recommendation explicit and prominent.
- Around line 485-493: Update the table rows "Encryption (legacy)", "Encryption
(modern)", "RSA key wrapping", and "ECDSA P-256" to separate content encryption,
key-wrapping, and authentication mechanisms and clearly map each to the correct
Apple protocol (classic iMessage vs. PQ3); remove the unsupported explicit
"RSA-2048" claim and instead state "RSA-OAEP / ECIES (per Apple docs; modulus
size not specified)" and note ECIES availability since iOS 13; change "ECDSA
P-256" wording to indicate it is used for signing/authentication (not
encryption) where applicable; replace the vague "~2020" timeline with explicit
references (iOS 13 for ECIES/EC support, PQ3 for AES-256 payloads/attachments)
and keep "Contact Key Verification (iOS 17.2+)" and IDS/per-device encryption
statements as confirmed.

---

Nitpick comments:
In @.agents/services/communications/imessage.md:
- Around line 406-426: The check_and_restart function takes a bundle_id but
currently ignores it and uses pgrep -f on app_name which can match substrings;
update check_and_restart to use a reliable detection method: either use pgrep -x
with the exact process name (reference: check_and_restart and its app_name
parameter) or resolve the running process by bundle id (reference: bundle_id
parameter) — e.g., query the app's bundle identifier via system tools
(mdls/osascript/ps + grep for kMDItemCFBundleIdentifier) or use pgrep with the
exact process name, then only call open -a when truly not running; keep the
existing restart logic and return codes unchanged.

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ac2beaf and 24491b77f185209bd13444585c8c486e7a06040d.

📒 Files selected for processing (2)

• .agents/services/communications/imessage.md
• .agents/subagent-index.toon

[gemini-code-assist]

Code Review

This pull request introduces comprehensive documentation for iMessage integration, which is a valuable addition. The new document is well-structured and detailed. I've included one suggestion to refine the provided keepalive script, improving its robustness and adherence to the project's scripting guidelines.

[gemini-code-assist]

The imessage-keepalive.sh script template can be improved for clarity and robustness.

• Unused Parameter: The check_and_restart function defines a bundle_id parameter that is never used. It should be removed from the function definition and its calls to simplify the code.
• Error Suppression: The script uses > /dev/null 2>&1 to suppress all output from pgrep. It's better to only redirect stdout (> /dev/null) and let stderr be printed. This ensures that if pgrep fails for reasons other than not finding a process (e.g., system issues), the error message will be visible, which is crucial for debugging.

Suggested change

	check_and_restart() {
	local app_name="$1"
	local bundle_id="$2"
	if ! pgrep -f "$app_name" > /dev/null 2>&1; then
	echo "$(date): $app_name not running, restarting..."
	open -a "$app_name"
	sleep 5
	if pgrep -f "$app_name" > /dev/null 2>&1; then
	echo "$(date): $app_name restarted successfully"
	else
	echo "$(date): ERROR: Failed to restart $app_name"
	return 1
	fi
	fi
	return 0
	}
	check_and_restart "Messages" "com.apple.MobileSMS"
	check_and_restart "BlueBubbles" "com.bluebubbles.server"
	check_and_restart() {
	local app_name="$1"
	if ! pgrep -f "$app_name" > /dev/null; then
	echo "$(date): $app_name not running, restarting..."
	open -a "$app_name"
	sleep 5
	if pgrep -f "$app_name" > /dev/null; then
	echo "$(date): $app_name restarted successfully"
	else
	echo "$(date): ERROR: Failed to restart $app_name"
	return 1
	fi
	fi
	return 0
	}
	check_and_restart "Messages"
	check_and_restart "BlueBubbles"

References

1. In shell scripts, avoid blanket suppression of errors with '2>/dev/null'. For 'declare -f', redirecting only stdout ('>/dev/null') is sufficient as it does not output to stderr, allowing potential syntax errors to remain visible.

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 113 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Tue Mar 3 05:05:40 UTC 2026: Code review monitoring started
Tue Mar 3 05:05:41 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 113

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 113
• VULNERABILITIES: 0

Generated on: Tue Mar 3 05:05:43 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[alex-solovyev]

This PR was superseded by the batch merge in PR #2771 (feat: t1385 — add 11 chat platform integration agents), which merged all the content from this branch. Closing as the content is already in main.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud