{
  "content": "\n**Date:** 2026-02-19\n**Bead:** beads-hub-sl1\n**GitHub Issue:** [#31](https://github.com/brenner-axiom/beads-hub/issues/31)\n**Status:** Proven in production (DDR4 RAM purchase, 2026-02-19)\n\n---\n\n## 1. Overview\n\nThis playbook documents how an AI agent can autonomously complete a real-world purchase on [Bazos.cz](https://bazos.cz) (Czech classifieds platform) using:\n\n- **Browser automation** for web interactions (phone reveal, verification)\n- **ADB (Android Debug Bridge)** for SMS read/write on a paired Android device\n- **Agent reasoning** for negotiation, logistics lookup, and payment generation\n\n**End-to-end flow time:** ~40 minutes (including seller response wait times)\n\n---\n\n## 2. Architecture\n\n```\n┌─────────────────────────────────────────────────┐\n│                   AI Agent                       │\n│  (OpenClaw / Claude / any LLM orchestrator)     │\n├─────────────┬───────────────┬───────────────────┤\n│  Browser    │  ADB Bridge   │  Web Fetch        │\n│  Control    │  (USB/TCP)    │  (HTTP client)    │\n│             │               │                   │\n│  bazos.cz   │  Samsung SMS  │  zasilkovna.cz    │\n│  subdomain  │  app via UI   │  pickup points    │\n│  navigation │  automation   │  bank QR gen      │\n└─────────────┴───────────────┴───────────────────┘\n        │              │               │\n   Phone reveal   Read/Send SMS   Logistics \u0026\n   Verification   Negotiation     Payment\n```\n\n### Components\n\n| Component | Role | Interface |\n|-----------|------|-----------|\n| **Browser** | Navigate Bazos listings, trigger phone reveal, enter verification codes | JS evaluation via browser control |\n| **ADB** | Read incoming SMS, compose and send outgoing SMS | `adb shell` commands (uiautomator, input, am) |\n| **Web Fetch** | Look up shipping/pickup info (Zásilkovna), generate payment QR | HTTP GET + parse |\n| **Agent LLM** | Orchestrate flow, negotiate with seller, make decisions | Prompt-based reasoning |\n| **Human** | Approve payment (final confirmation gate) | QR code presented for manual bank transfer |\n\n---\n\n## 3. Complete Purchase Flow\n\n### Phase 1: Get Seller Phone Number\n\n1. **Navigate** to listing on correct subdomain (e.g., `pc.bazos.cz`)\n2. **Trigger phone reveal:** `document.querySelector('.teldetail').click()`\n3. **Enter agent phone number** in overlay and submit\n4. **Read verification SMS** via ADB UI dump (see §4)\n5. **Enter verification code** in overlay → receive seller phone number\n\n### Phase 2: Initial Contact (SMS)\n\n6. **Compose SMS** via ADB to seller number\n7. **Send inquiry** — express interest, ask about shipping/availability\n8. **Monitor** for seller reply via ADB UI dumps\n\n### Phase 3: Negotiation\n\n9. **Read seller reply** — parse shipping terms, price confirmation\n10. **Send follow-up** — confirm price, request bank details and shipping info\n11. **Handle seller questions** — provide name, email, pickup point as needed\n\n### Phase 4: Logistics\n\n12. **Look up pickup point** (e.g., Zásilkovna) via web fetch\n13. **Send logistics details** to seller via SMS\n\n### Phase 5: Payment\n\n14. **Receive bank account** from seller (Czech format: `XXXXXXXXXX/BBBB`)\n15. **Convert to IBAN** and generate SPD payment QR code\n16. **Present QR to human** for approval and payment ← **HUMAN GATE**\n17. **Send payment confirmation SMS** to seller after human confirms\n\n---\n\n## 4. ADB Interaction Patterns\n\n### 4.1 Reading SMS (UI Dump Method)\n\nSamsung devices block `content://sms` queries and SQLite access without root. The reliable method is UI automation:\n\n```bash\n# Dump current UI state\nadb -s $DEVICE shell uiautomator dump /sdcard/ui.xml\nadb -s $DEVICE pull /sdcard/ui.xml /tmp/ui.xml\n\n# Extract all visible text\ngrep -o 'text=\"[^\"]*\"' /tmp/ui.xml | grep -v 'text=\"\"'\n```\n\n**To navigate to a specific SMS thread:**\n1. Open Messages app: `adb -s $DEVICE shell am start -n com.samsung.android.messaging/.ui.ConversationListActivity`\n2. Dump UI to find the target thread row\n3. Calculate tap coordinates from `bounds` attribute (center of bounding box)\n4. Tap: `adb -s $DEVICE shell input tap X Y`\n\n### 4.2 Sending SMS\n\n```bash\n# ALWAYS force-stop first to get clean compose window\nadb -s $DEVICE shell am force-stop com.samsung.android.messaging\nsleep 1\n\n# Open fresh compose to target number\nadb -s $DEVICE shell 'am start -a android.intent.action.SENDTO -d \"smsto:+420XXXXXXXXX\"'\nsleep 2\n\n# Type word-by-word (spaces are eaten by `input text`)\nfor word in \"Hello,\" \"I\" \"am\" \"interested.\"; do\n  adb -s $DEVICE shell input text \"$word\"\n  adb -s $DEVICE shell input keyevent KEYCODE_SPACE\ndone\n\n# Dismiss keyboard BEFORE tapping Send\nadb -s $DEVICE shell input keyevent KEYCODE_BACK\nsleep 1\n\n# Find Send button via UI dump, tap its bounds center\nadb -s $DEVICE shell uiautomator dump /sdcard/ui.xml\n# Parse for content-desc=\"Send\", extract bounds, tap center\nadb -s $DEVICE shell input tap $SEND_X $SEND_Y\n```\n\n### 4.3 Verifying Send Success\n\n```bash\nadb -s $DEVICE shell uiautomator dump /sdcard/ui.xml\n# Check compose field — empty means sent\ngrep 'editor_body' /tmp/ui.xml | grep -o 'text=\"[^\"]*\"'\n# text=\"\" → success | text=\"...\" → still in compose, retry\n```\n\n### 4.4 Coordinate Systems — Critical\n\n- **UI dump `bounds`** = touch coordinate space ← **USE THESE**\n- **Screenshot pixels** ≠ touch coordinates on Samsung\n- Check touch space: `adb shell wm size` (e.g., `1080x1920`)\n- **Never** derive tap coordinates from screenshot pixel positions\n\n---\n\n## 5. Bazos.cz Platform Specifics\n\n### Subdomain Scoping\n- Verification is **per-subdomain** — verifying on `www.bazos.cz` does NOT work for `pc.bazos.cz`\n- Always verify on the **same subdomain** as the listing\n- Codes expire quickly — complete the flow without navigating away\n\n### Phone Reveal DOM Selectors\n```javascript\n// Trigger overlay\ndocument.querySelector('.teldetail').click()\n\n// Enter phone/code\ndocument.querySelector('#overlaytel input[type=text]').value = 'VALUE'\ndocument.querySelector('#overlaytel button').click()\n\n// Read result\ndocument.querySelector('#overlaytel').innerText\n```\n\n---\n\n## 6. Czech Payment QR Generation\n\nCzech banks use the **SPD (Short Payment Descriptor)** format.\n\n### Account Number → IBAN Conversion\n\n```python\ndef czech_account_to_iban(account: str, bank_code: str, prefix: str = '000000') -\u003e str:\n    padded = prefix.zfill(6) + account.zfill(10)\n    bban = bank_code + padded\n    rearranged = bban + '1235' + '00'  # CZ = 12,35\n    check = 98 - (int(rearranged) % 97)\n    return f'CZ{check:02d}{bban}'\n```\n\n### SPD QR String\n\n```\nSPD*1.0*ACC:CZ{IBAN}*AM:{AMOUNT}*CC:CZK*MSG:{MESSAGE}\n```\n\nGenerate a QR code from this string and present to the human for scanning with their banking app.\n\n---\n\n## 7. Security Considerations\n\n### 7.1 Human-in-the-Loop Gates\n\n| Gate | When | Why |\n|------|------|-----|\n| **Payment approval** | Before any money transfer | Agent MUST NOT autonomously pay |\n| **Personal data sharing** | Before sending name/address/email | Privacy protection |\n| **Price threshold** | If negotiated price exceeds budget | Financial guardrail |\n\n### 7.2 ADB Security\n\n- **Device authentication:** ADB requires prior USB debugging authorization (device-level trust)\n- **Network exposure:** Use USB connection, NOT `adb tcpip` over network (exposes device to LAN)\n- **Scope limitation:** Agent should only interact with SMS app — no contacts, no file access, no app installs\n- **Credential isolation:** Agent phone number is separate from human's personal number\n\n### 7.3 Data Handling\n\n- **No persistent storage** of seller phone numbers or bank details after transaction completes\n- **SMS content** should be processed in-memory, not logged to disk\n- **Redact** phone numbers and account numbers in any logs or memory files\n\n### 7.4 Anti-Abuse\n\n- **Rate limiting:** Max 1 SMS per 30 seconds to avoid carrier spam flags\n- **Verification cooldown:** Bazos may throttle repeated phone verifications — respect delays\n- **No automated bulk purchasing** — this playbook is for single, intentional purchases\n\n---\n\n## 8. Known Pitfalls\n\n| Pitfall | Impact | Mitigation |\n|---------|--------|------------|\n| `input text` drops spaces | Garbled messages | Word-by-word + `KEYCODE_SPACE` |\n| Keyboard obscures Send button | Silent tap failure | `KEYCODE_BACK` before tapping Send |\n| Stale compose window | Text appended to old message | Always `am force-stop` before composing |\n| Wrong subdomain verification | Code rejected | Verify on listing's subdomain |\n| Screenshot coords ≠ touch coords | Tap misses target | Always use UI dump bounds |\n| Script killed mid-send | Duplicate on retry | Verify compose field empty after each attempt |\n| SMS content provider blocked | Can't read SMS programmatically | Use UI dump method instead |\n\n---\n\n## 9. Proof-of-Concept Outline\n\nA minimal PoC consists of three scripts:\n\n### `bazos_phone_reveal.py`\n- Input: Bazos listing URL, agent phone number, ADB device ID\n- Flow: Browser → trigger overlay → enter phone → read SMS via ADB → enter code → return seller phone\n- Output: Seller phone number\n\n### `adb_sms.sh`\n- Functions: `send_sms(device, number, message)`, `read_thread(device, contact_name)`\n- Handles: force-stop, word-by-word typing, keyboard dismiss, send verification\n\n### `purchase_orchestrator.py`\n- Input: Listing URL, budget, shipping preference\n- Orchestrates: phone reveal → SMS negotiation loop → logistics lookup → payment QR generation\n- Human gate: Presents QR, waits for confirmation before sending payment confirmation SMS\n\n---\n\n## 10. Future Improvements\n\n- **OCR fallback:** Screenshot + OCR when UI dump fails to capture dynamic content\n- **Multi-device support:** Route SMS through different devices based on carrier/region\n- **Conversation memory:** Track multi-turn negotiations across sessions\n- **Auto-retry with backoff:** Handle transient ADB connection drops\n- **Platform expansion:** Adapt patterns for other Czech classifieds (Sbazar, Facebook Marketplace)\n\n---\n\n*This playbook is based on a successful real-world purchase completed on 2026-02-19. All techniques were validated against a Samsung device running Samsung Messages.*\n",
  "dateModified": "0001-01-01T00:00:00Z",
  "datePublished": "0001-01-01T00:00:00Z",
  "description": "Date: 2026-02-19 Bead: beads-hub-sl1 GitHub Issue: #31 Status: Proven in production (DDR4 RAM purchase, 2026-02-19)\n1. Overview This playbook documents how an AI agent can autonomously complete a real-world purchase on Bazos.cz (Czech classifieds platform) using:\nBrowser automation for web interactions (phone reveal, verification) ADB (Android Debug Bridge) for SMS read/write on a paired Android device Agent reasoning for negotiation, logistics lookup, and payment generation End-to-end flow time: ~40 minutes (including seller response wait times)\n",
  "formats": {
    "html": "https://brenner-axiom.codeberg.page/playbooks/playbook-autonomous-purchases-adb-bazos/",
    "json": "https://brenner-axiom.codeberg.page/playbooks/playbook-autonomous-purchases-adb-bazos/index.json",
    "markdown": "https://brenner-axiom.codeberg.page/playbooks/playbook-autonomous-purchases-adb-bazos/index.md"
  },
  "readingTime": 6,
  "section": "playbooks",
  "tags": null,
  "title": "Agent Playbook: Autonomous Real-World Purchases via ADB + Bazos.cz",
  "url": "https://brenner-axiom.codeberg.page/playbooks/playbook-autonomous-purchases-adb-bazos/",
  "wordCount": 1258
}