fix(bridge): system audit + 5-file bug fix — PATS Deny trigger removal, auto_resolved chat dedup, UUID filenames, IP rate limit leak, bot.py deque

bridge.py

@@ -21,6 +21,7 @@ Transport layer:
 import json
 import time
 import logging
+import uuid
 from abc import ABC, abstractmethod
 from pathlib import Path
 from dataclasses import dataclass, asdict
@@ -410,15 +411,21 @@ class BridgeProtocol:
         fields = {f.name for f in ApprovalRequest.__dataclass_fields__.values()}
         now = time.time()
         MAX_AGE = 1800  # 30 minutes (matches Discord button timeout)
+        CLEANUP_AGE = 86400  # 1 day
         for fname in self.transport.list_json_files("pending"):
             data = self.transport.read_json("pending", fname)
             if data is None:
                 continue
             ts = data.get("timestamp", 0)
+            if now - ts > CLEANUP_AGE:
+                # Too old even to keep as expired — delete to prevent accumulation
+                self.transport.delete_file("pending", fname)
+                continue
             if now - ts > MAX_AGE:
                 # Too old — mark expired and skip
-                data["status"] = "expired"
-                self.transport.write_json("pending", fname, data)
+                if data.get("status") != "expired":
+                    data["status"] = "expired"
+                    self.transport.write_json("pending", fname, data)
                 continue
             if data.get("status") == "pending":
                 # Filter to known fields only
@@ -455,7 +462,7 @@ class BridgeProtocol:
 
     def write_command(self, conversation_id: str, text: str, *, project_name: str = ""):
         """Write a user text command for Antigravity to consume."""
-        cmd_id = f"{int(time.time() * 1000)}"
+        cmd_id = f"{int(time.time() * 1000)}_{uuid.uuid4().hex[:8]}"
         fname = f"{cmd_id}.json"
 
         data = {