RBAC Security Hardening
Comprehensive role-based access control audit and fixes. Permission guards on billing, brand voice, feed, and hashtag API routes. Billing UI hidden from non-owner roles. Team email addresses stripped for non-managers. Compose page blocks users without create_posts permission.
Accessibility Improvements
Focus management moves to main content on route changes for keyboard and screen reader users. Color contrast improvements across the UI. Role loading defaults to minimal permissions to prevent brief flash of restricted content.
In-App Bug Reporting
Full bug reporting system: floating action button, screenshot capture via html2canvas, console and network log capture, sensitive data redaction, admin triage dashboard with email alerts, and AI-powered diagnosis via Claude API.
Social Inbox
Unified engagement hub for comments, replies, and mentions across Facebook, Instagram, Threads, YouTube, and LinkedIn. Includes sentiment analysis, inline reply, bulk actions, search and filtering, and unread badge.
User API Keys for MCP
Generate personal API keys in Settings to authenticate the MCP server. Role-based tool filtering ensures each key only exposes tools matching the user's permissions.
Remote MCP Server
Streamable HTTP transport for the MCP server, enabling remote AI agent connections. API key authentication on all routes with automatic user and workspace resolution.
AI Brand Voices & Content Repurposing
Create voice profiles with custom tone, emoji usage, hashtag preferences, and vocabulary. Repurpose any text or URL into platform-specific variations. Integrated into caption generation.
Settings Completeness
Password change with strength meter, GDPR/PIPEDA data export, and account deletion with confirmation dialog. Full account lifecycle management.
RSS-to-Social Auto-Import
Add RSS feeds and automatically create draft posts from new items. Hourly cron polling with deduplication. Manage feeds and configure auto-publish per connected account.
Hashtag Manager
Create and manage hashtag collections with AI-powered suggestions. Quick-insert panel in the composer for one-click hashtag sets.
Weekly Analytics Digest Email
Automated weekly email with engagement summary, top-performing posts, and platform breakdown. Branded template via Resend with email preference toggle.
Link-in-Bio Page Builder
Create a public link-in-bio page at /bio/your-slug. Theme color customization, link management, and live preview in settings.
Best Time to Post
Engagement heatmap showing optimal posting times by platform. Auto-schedule option in the composer picks the next best slot. Fallback defaults when historical data is limited.
Compose UX Enhancements
Character count warnings per platform, draft auto-save, post templates, and hashtag highlighting in the text editor.
Dashboard Overhaul
Server-side stats API with sparkline charts, best post card, platform breakdown, attention items for failed/pending posts, and quick action buttons.
Stripe Billing
Three-tier pricing (Starter, Pro, Business) with monthly and annual billing. Stripe Checkout integration, webhook handling, plan enforcement, usage tracking, and billing settings page.
Transactional Emails & Onboarding
Branded email templates via Resend for welcome, post published, post failed, and password reset. Four-step onboarding wizard with middleware redirect for new users.
Pinterest Integration & Evergreen Recycling
Pinterest OAuth with board selection and pin creation. Evergreen content system: mark posts for automatic recycling at configurable intervals with content variations.
Custom Error Pages
Branded 404, error boundary, and global error pages replace the default Next.js pages. Each includes the FireBreath flame icon, helpful navigation links, and a retry/reload option.
Global Toast Notification System
Replaced 9 separate local toast implementations with a unified global toast system. Supports success, error, warning, and info types with stacking, auto-dismiss, and screen reader accessibility.
Enhanced Login & Registration
Redesigned auth pages with split brand panel layout, Google OAuth sign-in, forgot/reset password flows, password strength indicator, and polished loading states.
Legal & Compliance Pages
Added Terms of Service, Privacy Policy, and Cookie Policy pages with a cookie consent banner. PIPEDA and GDPR compliant.
Product Landing Page
Built a professional marketing homepage with hero section, feature showcase, supported platforms grid, and responsive navigation.
YouTube Integration
Full YouTube support: video uploads (including Shorts), post sync, analytics, and MCP server tools. Uses Google OAuth 2.0 with the YouTube Data API v3.
TikTok Integration
TikTok publishing via the Content Publishing API with OAuth 2.0 PKCE. Video posting, post sync, analytics, and MCP tools included.
LinkedIn Integration
LinkedIn support with 3-legged OAuth, text and image posting, post sync, analytics, and full MCP server integration.
Team Management & RBAC
Five-role permission system (owner, admin, office admin, marketer, viewer) with 9 dynamic permissions, team invitations, and a role permission matrix editor.
Approval Workflow & Queue
Split Queue views for API-submitted posts and manual posts. Full editing, change history, side-by-side diffs, and approval/rejection pipeline.
AI Caption Generation
Generate platform-optimized captions with tone selection, multi-language support, and hashtag suggestions. Powered by Claude AI.
Analytics Dashboard
Per-post analytics, channel-level insights, and an overview dashboard with engagement metrics. Instagram media-type-specific metrics and follower growth tracking.
Visual Calendar
Month, week, and day views for scheduled posts with drag-and-drop rescheduling and at-a-glance platform icons.
Media Library & Batches
Drag-and-drop media uploads, staging workflow, batch grouping, and media notes. Attach media to posts from the compose page.
Initial Release
Core platform with Facebook and Instagram publishing, post scheduling via BullMQ, multi-workspace data isolation, and a 17-tool MCP server for AI agent integration.