# Admin Chat Attachments

What you can drag-and-drop into the admin chat window, what happens to each file, and the size caps.

## Accepted file types

| Type | MIME | Notes |
|------|------|-------|
| Images | `image/jpeg`, `image/png`, `image/gif`, `image/webp` | Rendered inline by the agent when relevant. |
| PDF | `application/pdf` | The agent reads the text; scanned PDFs go via OCR if available. |
| Plain text, Markdown, CSV, HTML | `text/plain`, `text/markdown`, `text/csv`, `text/html` | Read directly. |
| Calendar | `text/calendar` | Ingested into the graph if the agent finds a reason to keep it. |
| Voice note | `audio/*` | Transcribed before the message is routed to the agent. |
| **Zip archive** | `application/zip`, `application/x-zip-compressed` | Unpacked by the agent after safety checks. See below. |

Anything else is refused at upload time with a message naming the type.

## Size caps

- **Per file:** 50 MB. Enforced at the upload endpoint — files over this limit never reach disk.
- **Per message:** up to 5 files.
- **Uncompressed contents of a single zip:** 100 MB. A zip whose declared uncompressed total is over this limit is refused before any byte is extracted (decompression-bomb guard).

## What happens with a zip archive

When you drop a `.zip` into chat, the agent:

1. **Checks the archive is safe.** It refuses archives that try to write outside their own extraction folder, contain symlinks, are password-protected, or declare more than 100 MB of uncompressed content. You'll see the exact reason in chat if any check fails.
2. **Extracts it to a fresh folder.** Contents land under `{your-account-dir}/extracted/{id}/` — one folder per archive, never mixed.
3. **Lists what's in it.** The agent tells you the top-level entries, the total file count, and the uncompressed size.
4. **Asks before doing anything else.** For each class of file (text/markdown, images, PDFs, other), it proposes one next step — for example "ingest these notes into memory" or "re-attach the images back to chat so you can see them" — and waits for you to say yes.

Nothing is ingested, sent, or acted on automatically. The extraction is local and visible; you decide what happens next.

## What is **not** supported

- `tar`, `tar.gz`, `7z`, `rar` — zip only. If you have one of these, unzip/convert locally and upload the zip (or the extracted files directly).
- Nested archives — a zip-inside-a-zip is extracted one level; you can ask the agent to unpack the inner one afterwards.
- Password-protected zips — the agent will tell you to unlock locally and re-upload.
- Uploads larger than 50 MB — split the archive, or upload the individual files.

## Where the files live

Uploads go to `{install-dir}/data/uploads/{account-id}/{file-id}/` — outside the platform wipe zone, so they survive re-installs. Extracted zip contents go to `{account-dir}/extracted/{file-id}/`. Both are local to your device.