# APPS INVESTIGATION - All Systems Accessible

**Date:** Feb 2, 2026
**Investigator:** Rivet (COO System)

## 1. RateRight Growth Engine (`rateright-growth`)
**Location:** `/home/ccuser/rateright-growth`
**Files:** 43,040
**Purpose:** Core CRM, sales automation, lead management
**Tech:** Node.js, Supabase, React, Twilio, OpenAI
**Costs:** OpenAI API ($50-200/month), Twilio SMS, Supabase
**Status:** ✅ Fully operational, autonomous system live

## 2. RateRight Phone AI (`rateright-phone-ai`)
**Location:** `/home/ccuser/rateright-phone-ai`
**Files:** 5,352
**Purpose:** Voice AI integration, call handling, transcription
**Tech:** Node.js, Twilio Voice, Vapi, Deepgram
**Costs:** Twilio Voice, Deepgram transcription
**Status:** ✅ Operational, inbound/outbound call handling

## 3. Main Website (fly.io)
**Location:** Not on this VPS (deployed on fly.io)
**Purpose:** Public RateRight website, contractor/worker signup
**Tech:** Likely Next.js, React, Stripe
**Status:** ❌ No direct access, need fly.io credentials

## 4. Autonomous System (Rivet + CC)
**Components:**
- **Rivet (COO):** Orchestration, approval, monitoring
- **CC (DEV):** Code execution, task completion
- **Dave (Research):** Market analysis, competitor research
- **Curator Bot:** Knowledge management (in development)
**Status:** ✅ Fully operational, executing tasks autonomously

## 5. External Integrations
**✅ Accessible:**
- GitHub (push/pull)
- Supabase (full database access)
- Slack (read/write)
- Notion (via API)
- Twilio (SMS/Voice)
- Stripe (payment processing)
- OpenAI (AI services)

**❌ Missing:**
- fly.io (main website deployment)
- Domain/CDN configuration
- Email service (SendGrid/etc.)

## 6. Cost Analysis
**Monthly Expenses:**
- OpenAI API: $50-200 (variable)
- Twilio: $20-100 (SMS + Voice)
- Supabase: $25 (pro tier)
- VPS: $20-40
- **Total:** $115-365/month

**Revenue Model (Current):**
- 9.9% of worker wages
- **Break-even:** ~10 hires/month

**Proposed Model:**
- £50 flat fee per hire
- **Break-even:** 2-3 hires/month

## 7. Security Assessment
**✅ Secure:**
- API keys injected at runtime
- ccuser limited permissions
- Git history clean of secrets
- Database RLS enabled

**⚠️ Needs Attention:**
- Main website access control
- Payment webhook security
- Rate limiting on public APIs

## 8. Autonomous Capabilities
**✅ Working:**
- Task assignment (Telegram → Rivet → CC)
- Code execution (CC builds features)
- Research (Dave analyzes competitors)
- Documentation (auto-updates)

**🚧 In Development:**
- Curator Bot (knowledge management)
- Security Bot (vulnerability scanning)
- Marketing Bot (Growth Engine automation)

## 9. Recommendations

### Immediate (This Week)
1. **Grant fly.io access** - For main website integration
2. **Deploy Smart Job Blast** - £50 flat fee MVP
3. **Cost optimization** - Switch some OpenAI to DeepSeek

### Short-term (Month 1)
1. **Add Curator Bot** - Knowledge organization
2. **Add Security Bot** - Vulnerability scanning
3. **Marketing automation** - Growth Engine self-promotion

### Long-term (Quarter 1)
1. **Multi-bot coordination** - 5-7 specialized agents
2. **Revenue scaling** - Target 50+ hires/month
3. **Market expansion** - Beyond construction trades

## 10. Risk Assessment
**High Risk:**
- OpenAI cost overruns
- Twilio number spam flagging
- Payment processing failures

**Medium Risk:**
- Database performance at scale
- Competitor response to £50 model
- Worker/contractor fraud

**Low Risk:**
- System downtime (autonomous recovery)
- Code quality (CC follows Build Protocol)
- Knowledge loss (Curator Bot handles)

## 11. OLD APPS ACCESS (Pre-Autonomous System)

### Previously accessible systems (before Rivet/CC autonomous system):

1. **Clawdbot** - Personal assistant framework
   - Location: `/usr/lib/node_modules/clawdbot`
   - Purpose: General automation, file management, web search
   - Status: ✅ Still accessible, used for this investigation

2. **Various Node.js tools** - Development utilities
   - mcporter (MCP server manager)
   - clawdhub (skill marketplace)
   - Status: ✅ Available but not actively used

3. **System monitoring tools**
   - htop, nginx, pm2
   - Status: ✅ Available for system management

### Transition to Autonomous System:

The old tools were general-purpose. The new autonomous system (Rivet + CC + Dave) is specialized for RateRight business operations:

- **Old:** Manual task execution
- **New:** Autonomous business operations
- **Old:** Single-agent responses
- **New:** Multi-agent coordination
- **Old:** General automation
- **New:** Business-specific workflows

**Migration complete:** All old capabilities preserved, new autonomous system layered on top.

---
**Final Note:** This investigation created new file: `/home/ccuser/APPS-INVESTIGATION.md`
**Next Steps:** Review recommendations, prioritize fly.io access and Smart Job Blast deployment.