If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/Uahh/ToastFish shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Stale — last commit 3y ago

• 6 active contributors
• MIT licensed
• CI configured
• ⚠ Stale — last commit 3y ago
• ⚠ Concentrated ownership — top contributor handles 74% of recent commits
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live Uahh/ToastFish repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/Uahh/ToastFish.

What it runs against: a local clone of Uahh/ToastFish — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in Uahh/ToastFish | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | Last commit ≤ 1048 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of Uahh/ToastFish. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/Uahh/ToastFish.git
#   cd ToastFish
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of Uahh/ToastFish and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "Uahh/ToastFish(\\.git)?\\b" \\
  && ok "origin remote is Uahh/ToastFish" \\
  || miss "origin remote is not Uahh/ToastFish (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 1048 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~1018d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/Uahh/ToastFish"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

ToastFish is a Windows 10+ desktop application (C# WPF) that displays vocabulary words via Windows notification toasts, allowing users to study words during work/class without being obvious. It implements spaced repetition using the SM2+ algorithm, supports multiple word lists (English, Japanese, custom), and tracks learning progress via XLSX logs. Modular C# .NET 4.7.2 WPF desktop app: Model/ folder segregates concerns (MP3 playback, SQLite queries, SM2+ spaced repetition logic, word pushing via PushControl/, logging). Resources/ holds static assets (Goin Japanese audio, GIF tutorials). App.xaml.cs is the entry point; no traditional src/ structure.

Students and office workers in restrictive environments (classrooms, workplaces) who want to memorize vocabulary covertly using system notification popups instead of visible windows.

Actively maintained and stable: at release v3.0 with CI/CD via GitHub Actions (.github/workflows/dotnet-desktop.yml), but minimal public visibility (small README, no public stars data shown). Code appears production-ready for Windows 10+ but is a single-maintainer project.

Single maintainer (Uahh) with no visible recent activity metrics in provided data. Windows-only (10+) with hard dependency on system notification APIs, so cross-platform migration impossible. Relies on external resources (MP3 files, custom Excel templates) that may drift out of sync. No unit test files visible in structure.

No specific recent changes visible in provided data; project appears stable rather than actively evolving. Version pinned at v3.0. GitHub Actions workflow exists but no commit recency data provided.

1. git clone https://github.com/Uahh/ToastFish 2. Open the solution in Visual Studio 2019+ 3. Ensure .NET Framework 4.7.2 is installed 4. Build the project (Ctrl+Shift+B) 5. Run locally from VS or execute the compiled .exe

Daily commands: Open Visual Studio 2019, load the .sln, press F5 to debug. Or post-build: navigate to bin/Release/ and double-click the .exe. The app auto-loads; no separate server or dependencies to spin up.

• Model/SM2plus/Card.cs: Core spaced repetition algorithm implementation; must understand to modify study intervals
• Model/PushControl/PushWords.cs: Orchestrates word selection and delivery to notification system; main logic for which words appear
• Model/SqliteControl/Select.cs: Handles all database queries for word retrieval and learning state; critical for data consistency
• App.xaml.cs: Application lifecycle, initialization, and global event handlers; entry point for startup logic
• Model/Mp3/PlayMp3.cs: Audio playback for pronunciation; needed if audio features fail
• Model/Log/CreateLog.cs: XLSX export of study records; determines what data is logged and format

For word list changes: edit Model/PushControl/PushWords.cs or PushCustomizeWords.cs. For new word types: add to Model/PushControl/WordType.cs and implement a new Push*.cs class. For UI: modify App.xaml and code-behind. For spaced repetition tweaks: edit Model/SM2plus/Parameters.cs. For logging format: modify Model/Log/CreateLog.cs.

1. System language pack required: English pronunciation uses Windows TTS, so English language pack must be installed in Windows Settings (users report crash without it). 2. Toast notifications are OS-managed: toast lifespan set globally in Windows Settings → Accessibility → Display → notification timeout, not in app code. 3. SQLite database location: likely in app's local storage; paths are hardcoded in SqliteControl, moving app may break data access. 4. MP3 resource path assumptions: Resources/Goin/ is embedded; custom word imports expect specific Excel schema (Resources/自定义模板.xlsx referenced in README). 5. No environment variables or config files visible; settings likely stored in App.config but not documented.

• SM2+ Spaced Repetition Algorithm — Core learning engine in Model/SM2plus/; determines study intervals based on card difficulty and recall history—understanding it is essential to modify study behavior or fix scheduling bugs
• Windows Toast Notifications API — The entire UI/UX pivots on OS-managed toast popups, not in-app windows; Windows 10+ APIs differ from Win7, locking the platform
• WPF (Windows Presentation Foundation) — Legacy .NET Framework UI framework used for the main window and dialogs; knowledge of XAML bindings and code-behind required for UI modifications
• SQLite Embedded Database — All word data, study progress, and settings are persisted locally via SQLite; understanding schema and query patterns is needed to add features like export/import
• Windows System Hotkeys & Tray Integration — Model/StartWithWindows/HotKey.cs enables global keyboard shortcuts and system tray residence, allowing background study without active window focus—core to the 'covert' design
• XLSX Excel Export Format — Learning logs are exported as .xlsx files (Model/Log/CreateLog.cs) and custom word lists are imported from Excel templates—critical for data interchange and user workflows
• Text-to-Speech (TTS) Integration — MP3 playback and system TTS for English pronunciation (Model/Mp3/) depend on Windows audio subsystem and language packs; misconfiguration causes crashes per README Q&A

• ankiweb/anki — Industry-standard spaced repetition flashcard app (open-source); ToastFish's SM2+ algorithm is inspired by Anki's scheduling—studying Anki's Card scheduling can improve ToastFish's implementation
• NetEase/easydict — Alternative Chinese dictionary/learning tool with custom word list support; reference for multi-source vocabulary management patterns
• mofanim/mofanim — Another Chinese WPF desktop learning tool demonstrating similar notification-based study workflows on Windows
• microsoft/WinUI — Modern Windows UI framework; ToastFish uses legacy WPF, WinUI 3 could modernize the UI if maintenance is desired

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add unit tests for SM2plus spaced repetition algorithm (Model/SM2plus/)

The SM2plus algorithm is critical for the app's core functionality (spaced repetition learning). Currently there are no visible test files. Adding unit tests for Card.cs and Parameters.cs would ensure the algorithm correctly calculates review intervals and difficulty factors, preventing regressions.

• [ ] Create a new test project (e.g., ToastFish.Tests) referencing the Model folder
• [ ] Write test cases for Card.cs covering card state transitions, interval calculations, and difficulty updates
• [ ] Write test cases for Parameters.cs covering parameter initialization and SM2 calculation accuracy
• [ ] Integrate tests into the existing .github/workflows/dotnet-desktop.yml CI pipeline

Add unit tests for Model/SqliteControl/Select.cs database operations

Database operations in Select.cs are critical infrastructure that could break silently if refactored. No visible test coverage exists for word retrieval, filtering, or data integrity operations.

• [ ] Create integration tests using SQLite in-memory database
• [ ] Test word selection methods with various filter conditions (word type, difficulty level)
• [ ] Test edge cases like empty results, corrupted data, and concurrent access scenarios
• [ ] Add tests to CI/CD pipeline alongside SM2plus tests

Create Model/Validation/ module with input validation tests for word import functionality

The PushControl classes (PushCustomizeWords.cs, PushGoinWords.cs, etc.) likely handle user-imported word data but lack visible validation logic. Adding a dedicated validation module would prevent malformed data from corrupting the database and improve robustness.

• [ ] Create Model/Validation/WordValidator.cs to validate word format, length, special characters, and duplicates
• [ ] Create Model/Validation/FileValidator.cs to validate imported file formats and encoding before database insertion
• [ ] Write comprehensive unit tests covering valid/invalid word patterns, file formats, and edge cases
• [ ] Integrate validation into PushCustomizeWords.cs and document validation rules in README.md

• Add unit tests for Model/SM2plus/Card.cs and Parameters.cs: there are no test files visible in the structure, making the core algorithm prone to regressions. Write xUnit tests validating interval calculations for different card states.
• Document the SQLite schema: Model/SqliteControl/Select.cs queries against an undocumented database. Create a schema.sql file or wiki page describing tables, columns, and relationships so contributors can understand data flow.
• Extract hardcoded paths to a config class: Database paths, log output directory, and resource paths are likely scattered through Model/. Centralize them in a Config.cs singleton, making app relocation and testing easier.

The ToastFish application has moderate security concerns. The most critical issues are potential SQL injection vulnerabilities in database operations, insecure audio file downloads without integrity verification, and lack of encryption for sensitive user data at rest. The application performs system-level operations (registry modification, global hotkeys) that require careful security consideration. The absence of a visible dependency manifest makes vulnerability tracking difficult. The codebase would benefit from implementing parameterized queries, data encryption, input validation, secure file operations, and dependency management practices.

• High · Potential SQL Injection in Database Operations — Model/SqliteControl/Select.cs. The codebase contains SQLite database operations (Model/SqliteControl/Select.cs) without visible parameterized query implementations. Direct string concatenation in SQL queries could lead to SQL injection attacks, especially when handling user input for word selection and custom word imports. Fix: Implement parameterized queries using SQLite's parameter binding (e.g., @parameter syntax) for all database operations. Never concatenate user input directly into SQL queries.
• High · Insecure File Operations for Audio Downloads — Model/Mp3/DownloadMp3.cs. The Model/Mp3/DownloadMp3.cs module downloads audio files without apparent integrity verification or signature validation. Downloaded MP3 files could be intercepted and replaced with malicious content. Fix: Implement HTTPS for downloads, validate file checksums/signatures, implement certificate pinning for download sources, and store files in secure locations with restricted permissions.
• High · Potential Insecure Data Storage — Model/SqliteControl/, Properties/Settings.settings. The application stores user learning data and settings without evidence of encryption. Sensitive data like word progress, custom words, and user preferences may be stored in plaintext SQLite database and registry entries. Fix: Implement encryption for sensitive data at rest. Use DPAPI (Data Protection API) for Windows-specific encryption of configuration data and database encryption for SQLite.
• Medium · Registry Write Operations for Startup Persistence — Model/StartWithWindows/StartWithWindows.cs. The Model/StartWithWindows/StartWithWindows.cs module directly modifies Windows registry to enable startup persistence. Improper registry operations without validation could be exploited or cause instability. Fix: Validate all registry operations, use specific registry paths with proper permissions, implement error handling, and document the registry modifications. Use UAC-aware installation practices.
• Medium · Unsafe Hotkey Implementation — Model/StartWithWindows/HotKey.cs. The Model/StartWithWindows/HotKey.cs implements global hotkey handling which could be vulnerable to hotkey hijacking or interception if not properly validated. Fix: Implement input validation for hotkey registration, verify hotkey uniqueness, handle exceptions properly, and consider using Windows API directly with proper error checking.
• Medium · No Dependency Lock File or Manifest — Repository root / Dependencies. The codebase lacks a visible dependency manifest or lock file (package.json, packages.config, or .csproj with pinned versions). This makes it difficult to audit dependencies and detect vulnerable packages. Fix: Create and maintain a .csproj file with explicitly pinned NuGet package versions. Implement dependency scanning in CI/CD pipeline using tools like OWASP Dependency-Check or Snyk.
• Low · Potential Information Disclosure via Logging — Model/Log/CreateLog.cs. The Model/Log/CreateLog.cs module creates logs which may contain sensitive information about user learning patterns, custom words, or system configuration. Fix: Implement log sanitization to remove sensitive data. Use appropriate log levels, ensure logs are stored securely with restricted access, and implement log rotation.
• Low · Missing Input Validation for Custom Words Import — Model/PushControl/PushCustomizeWords.cs. The Model/PushControl/PushCustomizeWords.cs handles user-imported custom words without visible validation. Malformed input could cause application crashes or unexpected behavior. Fix: Implement comprehensive input validation for imported words including length limits, character encoding validation, null checks, and proper error handling.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.