fix(backend): Use black formatting (remove ruff format check from lint)

Ruff and Black disagree on assert formatting:
- Ruff: assert x, (msg)
- Black: assert (x), msg

Since black runs last in format(), it is the source of truth.
Removed ruff format check from lint() to prevent false failures.

.dockerignore

@@ -5,13 +5,42 @@
 !docs/
 
 # Platform - Libs
-!autogpt_platform/autogpt_libs/
+!autogpt_platform/autogpt_libs/autogpt_libs/
+!autogpt_platform/autogpt_libs/pyproject.toml
+!autogpt_platform/autogpt_libs/poetry.lock
+!autogpt_platform/autogpt_libs/README.md
 
 # Platform - Backend
-!autogpt_platform/backend/
+!autogpt_platform/backend/backend/
+!autogpt_platform/backend/test/e2e_test_data.py
+!autogpt_platform/backend/migrations/
+!autogpt_platform/backend/schema.prisma
+!autogpt_platform/backend/pyproject.toml
+!autogpt_platform/backend/poetry.lock
+!autogpt_platform/backend/README.md
+!autogpt_platform/backend/.env
+!autogpt_platform/backend/gen_prisma_types_stub.py
+
+# Platform - Market
+!autogpt_platform/market/market/
+!autogpt_platform/market/scripts.py
+!autogpt_platform/market/schema.prisma
+!autogpt_platform/market/pyproject.toml
+!autogpt_platform/market/poetry.lock
+!autogpt_platform/market/README.md
 
 # Platform - Frontend
-!autogpt_platform/frontend/
+!autogpt_platform/frontend/src/
+!autogpt_platform/frontend/public/
+!autogpt_platform/frontend/scripts/
+!autogpt_platform/frontend/package.json
+!autogpt_platform/frontend/pnpm-lock.yaml
+!autogpt_platform/frontend/tsconfig.json
+!autogpt_platform/frontend/README.md
+## config
+!autogpt_platform/frontend/*.config.*
+!autogpt_platform/frontend/.env.*
+!autogpt_platform/frontend/.env
 
 # Classic - AutoGPT
 !classic/original_autogpt/autogpt/
@@ -35,38 +64,6 @@
 # Classic - Frontend
 !classic/frontend/build/web/
 
-# Explicitly re-ignore unwanted files from whitelisted directories
-# Note: These patterns MUST come after the whitelist rules to take effect
-
-# Hidden files and directories (but keep frontend .env files needed for build)
-**/.*
-!autogpt_platform/frontend/.env
-!autogpt_platform/frontend/.env.default
-!autogpt_platform/frontend/.env.production
-
-# Python artifacts
-**/__pycache__/
-**/*.pyc
-**/*.pyo
-**/.venv/
-**/.ruff_cache/
-**/.pytest_cache/
-**/.coverage
-**/htmlcov/
-
-# Node artifacts
-**/node_modules/
-**/.next/
-**/storybook-static/
-**/playwright-report/
-**/test-results/
-
-# Build artifacts
-**/dist/
-**/build/
-!autogpt_platform/frontend/src/**/build/
-**/target/
-
-# Logs and temp files
-**/*.log
-**/*.tmp
+# Explicitly re-ignore some folders
+.*
+**/__pycache__

.github/dependabot.yml

@@ -1,29 +1,5 @@
 version: 2
 updates:
-  # autogpt_libs (Poetry project)
-  - package-ecosystem: "pip"
-    directory: "autogpt_platform/autogpt_libs"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    target-branch: "dev"
-    commit-message:
-      prefix: "chore(libs/deps)"
-      prefix-development: "chore(libs/deps-dev)"
-    ignore:
-      - dependency-name: "poetry"
-    groups:
-      production-dependencies:
-        dependency-type: "production"
-        update-types:
-          - "minor"
-          - "patch"
-      development-dependencies:
-        dependency-type: "development"
-        update-types:
-          - "minor"
-          - "patch"
-
   # backend (Poetry project)
   - package-ecosystem: "pip"
     directory: "autogpt_platform/backend"

.github/workflows/claude-ci-failure-auto-fix.yml

@@ -40,48 +40,6 @@ jobs:
           git checkout -b "$BRANCH_NAME"
           echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
 
-      # Backend Python/Poetry setup (so Claude can run linting/tests)
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Set up Python dependency cache
-        uses: actions/cache@v5
-        with:
-          path: ~/.cache/pypoetry
-          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
-
-      - name: Install Poetry
-        run: |
-          cd autogpt_platform/backend
-          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
-          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install Python dependencies
-        working-directory: autogpt_platform/backend
-        run: poetry install
-
-      - name: Generate Prisma Client
-        working-directory: autogpt_platform/backend
-        run: poetry run prisma generate && poetry run gen-prisma-stub
-
-      # Frontend Node.js/pnpm setup (so Claude can run linting/tests)
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: "22"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
-
-      - name: Install JavaScript dependencies
-        working-directory: autogpt_platform/frontend
-        run: pnpm install --frozen-lockfile
-
       - name: Get CI failure details
         id: failure_details
         uses: actions/github-script@v8

.github/workflows/claude-dependabot.yml

@@ -77,15 +77,27 @@ jobs:
         run: poetry run prisma generate && poetry run gen-prisma-stub
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
-      - name: Enable corepack
-        run: corepack enable
-
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Set pnpm store directory
+        run: |
+          pnpm config set store-dir ~/.pnpm-store
+          echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
+
+      - name: Cache frontend dependencies
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install JavaScript dependencies
         working-directory: autogpt_platform/frontend

.github/workflows/claude.yml

@@ -93,15 +93,27 @@ jobs:
         run: poetry run prisma generate && poetry run gen-prisma-stub
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
-      - name: Enable corepack
-        run: corepack enable
-
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Set pnpm store directory
+        run: |
+          pnpm config set store-dir ~/.pnpm-store
+          echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
+
+      - name: Cache frontend dependencies
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install JavaScript dependencies
         working-directory: autogpt_platform/frontend

.github/workflows/codeql.yml

@@ -62,7 +62,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -93,6 +93,6 @@ jobs:
         exit 1
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
+      uses: github/codeql-action/analyze@v3
       with:
         category: "/language:${{matrix.language}}"

.github/workflows/docs-claude-review.yml

@@ -7,10 +7,6 @@ on:
       - "docs/integrations/**"
       - "autogpt_platform/backend/backend/blocks/**"
 
-concurrency:
-  group: claude-docs-review-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
 jobs:
   claude-review:
     # Only run for PRs from members/collaborators
@@ -95,35 +91,5 @@ jobs:
             3. Read corresponding documentation files to verify accuracy
             4. Provide your feedback as a PR comment
 
-            ## IMPORTANT: Comment Marker
-            Start your PR comment with exactly this HTML comment marker on its own line:
-            <!-- CLAUDE_DOCS_REVIEW -->
-
-            This marker is used to identify and replace your comment on subsequent runs.
-
             Be constructive and specific. If everything looks good, say so!
             If there are issues, explain what's wrong and suggest how to fix it.
-
-      - name: Delete old Claude review comments
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          # Get all comment IDs with our marker, sorted by creation date (oldest first)
-          COMMENT_IDS=$(gh api \
-            repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments \
-            --jq '[.[] | select(.body | contains("<!-- CLAUDE_DOCS_REVIEW -->"))] | sort_by(.created_at) | .[].id')
-
-          # Count comments
-          COMMENT_COUNT=$(echo "$COMMENT_IDS" | grep -c . || true)
-
-          if [ "$COMMENT_COUNT" -gt 1 ]; then
-            # Delete all but the last (newest) comment
-            echo "$COMMENT_IDS" | head -n -1 | while read -r COMMENT_ID; do
-              if [ -n "$COMMENT_ID" ]; then
-                echo "Deleting old review comment: $COMMENT_ID"
-                gh api -X DELETE repos/${{ github.repository }}/issues/comments/$COMMENT_ID
-              fi
-            done
-          else
-            echo "No old review comments to clean up"
-          fi

.github/workflows/platform-backend-ci.yml

@@ -6,13 +6,11 @@ on:
     paths:
       - ".github/workflows/platform-backend-ci.yml"
       - "autogpt_platform/backend/**"
-      - "autogpt_platform/autogpt_libs/**"
   pull_request:
     branches: [master, dev, release-*]
     paths:
       - ".github/workflows/platform-backend-ci.yml"
       - "autogpt_platform/backend/**"
-      - "autogpt_platform/autogpt_libs/**"
   merge_group:
 
 concurrency:
@@ -41,18 +39,13 @@ jobs:
         ports:
           - 6379:6379
       rabbitmq:
-        image: rabbitmq:4.1.4
+        image: rabbitmq:3.12-management
         ports:
           - 5672:5672
+          - 15672:15672
         env:
           RABBITMQ_DEFAULT_USER: ${{ env.RABBITMQ_DEFAULT_USER }}
           RABBITMQ_DEFAULT_PASS: ${{ env.RABBITMQ_DEFAULT_PASS }}
-        options: >-
-          --health-cmd "rabbitmq-diagnostics -q ping"
-          --health-interval 30s
-          --health-timeout 10s
-          --health-retries 5
-          --health-start-period 10s
       clamav:
         image: clamav/clamav-debian:latest
         ports:

.github/workflows/platform-frontend-ci.yml

@@ -6,16 +6,10 @@ on:
     paths:
       - ".github/workflows/platform-frontend-ci.yml"
       - "autogpt_platform/frontend/**"
-      - "autogpt_platform/backend/Dockerfile"
-      - "autogpt_platform/docker-compose.yml"
-      - "autogpt_platform/docker-compose.platform.yml"
   pull_request:
     paths:
       - ".github/workflows/platform-frontend-ci.yml"
       - "autogpt_platform/frontend/**"
-      - "autogpt_platform/backend/Dockerfile"
-      - "autogpt_platform/docker-compose.yml"
-      - "autogpt_platform/docker-compose.platform.yml"
   merge_group:
   workflow_dispatch:
 
@@ -32,6 +26,7 @@ jobs:
   setup:
     runs-on: ubuntu-latest
     outputs:
+      cache-key: ${{ steps.cache-key.outputs.key }}
       components-changed: ${{ steps.filter.outputs.components }}
 
     steps:
@@ -46,17 +41,28 @@ jobs:
             components:
               - 'autogpt_platform/frontend/src/components/**'
 
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Set up Node
+      - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22.18.0"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
 
-      - name: Install dependencies to populate cache
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Generate cache key
+        id: cache-key
+        run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT
+
+      - name: Cache dependencies
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ steps.cache-key.outputs.key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
   lint:
@@ -67,15 +73,22 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v6
 
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Set up Node
+      - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22.18.0"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
@@ -98,15 +111,22 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Set up Node
+      - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22.18.0"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
@@ -121,8 +141,10 @@ jobs:
           exitOnceUploaded: true
 
   e2e_test:
-    name: end-to-end tests
     runs-on: big-boi
+    needs: setup
+    strategy:
+      fail-fast: false
 
     steps:
       - name: Checkout repository
@@ -130,11 +152,19 @@ jobs:
         with:
           submodules: recursive
 
-      - name: Set up Platform - Copy default supabase .env
+      - name: Set up Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: "22.18.0"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Copy default supabase .env
         run: |
           cp ../.env.default ../.env
 
-      - name: Set up Platform - Copy backend .env and set OpenAI API key
+      - name: Copy backend .env and set OpenAI API key
         run: |
           cp ../backend/.env.default ../backend/.env
           echo "OPENAI_INTERNAL_API_KEY=${{ secrets.OPENAI_API_KEY }}" >> ../backend/.env
@@ -142,125 +172,77 @@ jobs:
           # Used by E2E test data script to generate embeddings for approved store agents
           OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
 
-      - name: Set up Platform - Set up Docker Buildx
+      - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-        with:
-          driver: docker-container
-          driver-opts: network=host
 
-      - name: Set up Platform - Expose GHA cache to docker buildx CLI
-        uses: crazy-max/ghaction-github-runtime@v3
-
-      - name: Set up Platform - Build Docker images (with cache)
-        working-directory: autogpt_platform
-        run: |
-          pip install pyyaml
-
-          # Resolve extends and generate a flat compose file that bake can understand
-          docker compose -f docker-compose.yml config > docker-compose.resolved.yml
-
-          # Add cache configuration to the resolved compose file
-          python ../.github/workflows/scripts/docker-ci-fix-compose-build-cache.py \
-            --source docker-compose.resolved.yml \
-            --cache-from "type=gha" \
-            --cache-to "type=gha,mode=max" \
-            --backend-hash "${{ hashFiles('autogpt_platform/backend/Dockerfile', 'autogpt_platform/backend/poetry.lock', 'autogpt_platform/backend/backend') }}" \
-            --frontend-hash "${{ hashFiles('autogpt_platform/frontend/Dockerfile', 'autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/src') }}" \
-            --git-ref "${{ github.ref }}"
-
-          # Build with bake using the resolved compose file (now includes cache config)
-          docker buildx bake --allow=fs.read=.. -f docker-compose.resolved.yml --load
-        env:
-          NEXT_PUBLIC_PW_TEST: true
-
-      - name: Set up tests - Cache E2E test data
-        id: e2e-data-cache
+      - name: Cache Docker layers
         uses: actions/cache@v5
         with:
-          path: /tmp/e2e_test_data.sql
-          key: e2e-test-data-${{ hashFiles('autogpt_platform/backend/test/e2e_test_data.py', 'autogpt_platform/backend/migrations/**', '.github/workflows/platform-frontend-ci.yml') }}
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-frontend-test-${{ hashFiles('autogpt_platform/docker-compose.yml', 'autogpt_platform/backend/Dockerfile', 'autogpt_platform/backend/pyproject.toml', 'autogpt_platform/backend/poetry.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-frontend-test-
 
-      - name: Set up Platform - Start Supabase DB + Auth
+      - name: Run docker compose
         run: |
-          docker compose -f ../docker-compose.resolved.yml up -d db auth --no-build
-          echo "Waiting for database to be ready..."
-          timeout 60 sh -c 'until docker compose -f ../docker-compose.resolved.yml exec -T db pg_isready -U postgres 2>/dev/null; do sleep 2; done'
-          echo "Waiting for auth service to be ready..."
-          timeout 60 sh -c 'until docker compose -f ../docker-compose.resolved.yml exec -T db psql -U postgres -d postgres -c "SELECT 1 FROM auth.users LIMIT 1" 2>/dev/null; do sleep 2; done' || echo "Auth schema check timeout, continuing..."
-
-      - name: Set up Platform - Run migrations
-        run: |
-          echo "Running migrations..."
-          docker compose -f ../docker-compose.resolved.yml run --rm migrate
-          echo "✅ Migrations completed"
+          NEXT_PUBLIC_PW_TEST=true docker compose -f ../docker-compose.yml up -d
         env:
-          NEXT_PUBLIC_PW_TEST: true
+          DOCKER_BUILDKIT: 1
+          BUILDX_CACHE_FROM: type=local,src=/tmp/.buildx-cache
+          BUILDX_CACHE_TO: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
-      - name: Set up tests - Load cached E2E test data
-        if: steps.e2e-data-cache.outputs.cache-hit == 'true'
+      - name: Move cache
         run: |
-          echo "✅ Found cached E2E test data, restoring..."
-          {
-            echo "SET session_replication_role = 'replica';"
-            cat /tmp/e2e_test_data.sql
-            echo "SET session_replication_role = 'origin';"
-          } | docker compose -f ../docker-compose.resolved.yml exec -T db psql -U postgres -d postgres -b
-          # Refresh materialized views after restore
-          docker compose -f ../docker-compose.resolved.yml exec -T db \
-            psql -U postgres -d postgres -b -c "SET search_path TO platform; SELECT refresh_store_materialized_views();" || true
+          rm -rf /tmp/.buildx-cache
+          if [ -d "/tmp/.buildx-cache-new" ]; then
+            mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+          fi
 
-          echo "✅ E2E test data restored from cache"
-
-      - name: Set up Platform - Start (all other services)
+      - name: Wait for services to be ready
         run: |
-          docker compose -f ../docker-compose.resolved.yml up -d --no-build
           echo "Waiting for rest_server to be ready..."
           timeout 60 sh -c 'until curl -f http://localhost:8006/health 2>/dev/null; do sleep 2; done' || echo "Rest server health check timeout, continuing..."
-        env:
-          NEXT_PUBLIC_PW_TEST: true
+          echo "Waiting for database to be ready..."
+          timeout 60 sh -c 'until docker compose -f ../docker-compose.yml exec -T db pg_isready -U postgres 2>/dev/null; do sleep 2; done' || echo "Database ready check timeout, continuing..."
 
-      - name: Set up tests - Create E2E test data
-        if: steps.e2e-data-cache.outputs.cache-hit != 'true'
+      - name: Create E2E test data
         run: |
           echo "Creating E2E test data..."
-          docker cp ../backend/test/e2e_test_data.py $(docker compose -f ../docker-compose.resolved.yml ps -q rest_server):/tmp/e2e_test_data.py
-          docker compose -f ../docker-compose.resolved.yml exec -T rest_server sh -c "cd /app/autogpt_platform && python /tmp/e2e_test_data.py" || {
-            echo "❌ E2E test data creation failed!"
-            docker compose -f ../docker-compose.resolved.yml logs --tail=50 rest_server
-            exit 1
-          }
+          # First try to run the script from inside the container
+          if docker compose -f ../docker-compose.yml exec -T rest_server test -f /app/autogpt_platform/backend/test/e2e_test_data.py; then
+            echo "✅ Found e2e_test_data.py in container, running it..."
+            docker compose -f ../docker-compose.yml exec -T rest_server sh -c "cd /app/autogpt_platform && python backend/test/e2e_test_data.py" || {
+              echo "❌ E2E test data creation failed!"
+              docker compose -f ../docker-compose.yml logs --tail=50 rest_server
+              exit 1
+            }
+          else
+            echo "⚠️ e2e_test_data.py not found in container, copying and running..."
+            # Copy the script into the container and run it
+            docker cp ../backend/test/e2e_test_data.py $(docker compose -f ../docker-compose.yml ps -q rest_server):/tmp/e2e_test_data.py || {
+              echo "❌ Failed to copy script to container"
+              exit 1
+            }
+            docker compose -f ../docker-compose.yml exec -T rest_server sh -c "cd /app/autogpt_platform && python /tmp/e2e_test_data.py" || {
+              echo "❌ E2E test data creation failed!"
+              docker compose -f ../docker-compose.yml logs --tail=50 rest_server
+              exit 1
+            }
+          fi
 
-          # Dump auth.users + platform schema for cache (two separate dumps)
-          echo "Dumping database for cache..."
-          {
-            docker compose -f ../docker-compose.resolved.yml exec -T db \
-              pg_dump -U postgres --data-only --column-inserts \
-              --table='auth.users' postgres
-            docker compose -f ../docker-compose.resolved.yml exec -T db \
-              pg_dump -U postgres --data-only --column-inserts \
-              --schema=platform \
-              --exclude-table='platform._prisma_migrations' \
-              --exclude-table='platform.apscheduler_jobs' \
-              --exclude-table='platform.apscheduler_jobs_batched_notifications' \
-              postgres
-          } > /tmp/e2e_test_data.sql
-
-          echo "✅ Database dump created for caching ($(wc -l < /tmp/e2e_test_data.sql) lines)"
-
-      - name: Set up tests - Enable corepack
-        run: corepack enable
-
-      - name: Set up tests - Set up Node
-        uses: actions/setup-node@v6
+      - name: Restore dependencies cache
+        uses: actions/cache@v5
         with:
-          node-version: "22.18.0"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
-      - name: Set up tests - Install dependencies
+      - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
-      - name: Set up tests - Install browser 'chromium'
+      - name: Install Browser 'chromium'
         run: pnpm playwright install --with-deps chromium
 
       - name: Run Playwright tests
@@ -287,7 +269,7 @@ jobs:
 
       - name: Print Final Docker Compose logs
         if: always()
-        run: docker compose -f ../docker-compose.resolved.yml logs
+        run: docker compose -f ../docker-compose.yml logs
 
   integration_test:
     runs-on: ubuntu-latest
@@ -299,15 +281,22 @@ jobs:
         with:
           submodules: recursive
 
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Set up Node
+      - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
           node-version: "22.18.0"
-          cache: "pnpm"
-          cache-dependency-path: autogpt_platform/frontend/pnpm-lock.yaml
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v5
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile

.github/workflows/pr-overlap-check.yml

@@ -1,39 +0,0 @@
-name: PR Overlap Detection
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    branches:
-      - dev
-      - master
-
-permissions:
-  contents: read
-  pull-requests: write
-
-jobs:
-  check-overlaps:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # Need full history for merge testing
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: '3.11'
-
-      - name: Configure git
-        run: |
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          git config user.name "github-actions[bot]"
-
-      - name: Run overlap detection
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        # Always succeed - this check informs contributors, it shouldn't block merging
-        continue-on-error: true
-        run: |
-          python .github/scripts/detect_overlaps.py ${{ github.event.pull_request.number }}

.github/workflows/scripts/docker-ci-fix-compose-build-cache.py

@@ -1,195 +0,0 @@
-#!/usr/bin/env python3
-"""
-Add cache configuration to a resolved docker-compose file for all services
-that have a build key, and ensure image names match what docker compose expects.
-"""
-
-import argparse
-
-import yaml
-
-
-DEFAULT_BRANCH = "dev"
-CACHE_BUILDS_FOR_COMPONENTS = ["backend", "frontend"]
-
-
-def main():
-    parser = argparse.ArgumentParser(
-        description="Add cache config to a resolved compose file"
-    )
-    parser.add_argument(
-        "--source",
-        required=True,
-        help="Source compose file to read (should be output of `docker compose config`)",
-    )
-    parser.add_argument(
-        "--cache-from",
-        default="type=gha",
-        help="Cache source configuration",
-    )
-    parser.add_argument(
-        "--cache-to",
-        default="type=gha,mode=max",
-        help="Cache destination configuration",
-    )
-    for component in CACHE_BUILDS_FOR_COMPONENTS:
-        parser.add_argument(
-            f"--{component}-hash",
-            default="",
-            help=f"Hash for {component} cache scope (e.g., from hashFiles())",
-        )
-    parser.add_argument(
-        "--git-ref",
-        default="",
-        help="Git ref for branch-based cache scope (e.g., refs/heads/master)",
-    )
-    args = parser.parse_args()
-
-    # Normalize git ref to a safe scope name (e.g., refs/heads/master -> master)
-    git_ref_scope = ""
-    if args.git_ref:
-        git_ref_scope = args.git_ref.replace("refs/heads/", "").replace("/", "-")
-
-    with open(args.source, "r") as f:
-        compose = yaml.safe_load(f)
-
-    # Get project name from compose file or default
-    project_name = compose.get("name", "autogpt_platform")
-
-    def get_image_name(dockerfile: str, target: str) -> str:
-        """Generate image name based on Dockerfile folder and build target."""
-        dockerfile_parts = dockerfile.replace("\\", "/").split("/")
-        if len(dockerfile_parts) >= 2:
-            folder_name = dockerfile_parts[-2]  # e.g., "backend" or "frontend"
-        else:
-            folder_name = "app"
-        return f"{project_name}-{folder_name}:{target}"
-
-    def get_build_key(dockerfile: str, target: str) -> str:
-        """Generate a unique key for a Dockerfile+target combination."""
-        return f"{dockerfile}:{target}"
-
-    def get_component(dockerfile: str) -> str | None:
-        """Get component name (frontend/backend) from dockerfile path."""
-        for component in CACHE_BUILDS_FOR_COMPONENTS:
-            if component in dockerfile:
-                return component
-        return None
-
-    # First pass: collect all services with build configs and identify duplicates
-    # Track which (dockerfile, target) combinations we've seen
-    build_key_to_first_service: dict[str, str] = {}
-    services_to_build: list[str] = []
-    services_to_dedupe: list[str] = []
-
-    for service_name, service_config in compose.get("services", {}).items():
-        if "build" not in service_config:
-            continue
-
-        build_config = service_config["build"]
-        dockerfile = build_config.get("dockerfile", "Dockerfile")
-        target = build_config.get("target", "default")
-        build_key = get_build_key(dockerfile, target)
-
-        if build_key not in build_key_to_first_service:
-            # First service with this build config - it will do the actual build
-            build_key_to_first_service[build_key] = service_name
-            services_to_build.append(service_name)
-        else:
-            # Duplicate - will just use the image from the first service
-            services_to_dedupe.append(service_name)
-
-    # Second pass: configure builds and deduplicate
-    modified_services = []
-    for service_name, service_config in compose.get("services", {}).items():
-        if "build" not in service_config:
-            continue
-
-        build_config = service_config["build"]
-        dockerfile = build_config.get("dockerfile", "Dockerfile")
-        target = build_config.get("target", "latest")
-        image_name = get_image_name(dockerfile, target)
-
-        # Set image name for all services (needed for both builders and deduped)
-        service_config["image"] = image_name
-
-        if service_name in services_to_dedupe:
-            # Remove build config - this service will use the pre-built image
-            del service_config["build"]
-            continue
-
-        # This service will do the actual build - add cache config
-        cache_from_list = []
-        cache_to_list = []
-
-        component = get_component(dockerfile)
-        if not component:
-            # Skip services that don't clearly match frontend/backend
-            continue
-
-        # Get the hash for this component
-        component_hash = getattr(args, f"{component}_hash")
-
-        # Scope format: platform-{component}-{target}-{hash|ref}
-        # Example: platform-backend-server-abc123
-
-        if "type=gha" in args.cache_from:
-            # 1. Primary: exact hash match (most specific)
-            if component_hash:
-                hash_scope = f"platform-{component}-{target}-{component_hash}"
-                cache_from_list.append(f"{args.cache_from},scope={hash_scope}")
-
-            # 2. Fallback: branch-based cache
-            if git_ref_scope:
-                ref_scope = f"platform-{component}-{target}-{git_ref_scope}"
-                cache_from_list.append(f"{args.cache_from},scope={ref_scope}")
-
-            # 3. Fallback: dev branch cache (for PRs/feature branches)
-            if git_ref_scope and git_ref_scope != DEFAULT_BRANCH:
-                master_scope = f"platform-{component}-{target}-{DEFAULT_BRANCH}"
-                cache_from_list.append(f"{args.cache_from},scope={master_scope}")
-
-        if "type=gha" in args.cache_to:
-            # Write to both hash-based and branch-based scopes
-            if component_hash:
-                hash_scope = f"platform-{component}-{target}-{component_hash}"
-                cache_to_list.append(f"{args.cache_to},scope={hash_scope}")
-
-            if git_ref_scope:
-                ref_scope = f"platform-{component}-{target}-{git_ref_scope}"
-                cache_to_list.append(f"{args.cache_to},scope={ref_scope}")
-
-        # Ensure we have at least one cache source/target
-        if not cache_from_list:
-            cache_from_list.append(args.cache_from)
-        if not cache_to_list:
-            cache_to_list.append(args.cache_to)
-
-        build_config["cache_from"] = cache_from_list
-        build_config["cache_to"] = cache_to_list
-        modified_services.append(service_name)
-
-    # Write back to the same file
-    with open(args.source, "w") as f:
-        yaml.dump(compose, f, default_flow_style=False, sort_keys=False)
-
-    print(f"Added cache config to {len(modified_services)} services in {args.source}:")
-    for svc in modified_services:
-        svc_config = compose["services"][svc]
-        build_cfg = svc_config.get("build", {})
-        cache_from_list = build_cfg.get("cache_from", ["none"])
-        cache_to_list = build_cfg.get("cache_to", ["none"])
-        print(f"  - {svc}")
-        print(f"      image: {svc_config.get('image', 'N/A')}")
-        print(f"      cache_from: {cache_from_list}")
-        print(f"      cache_to: {cache_to_list}")
-    if services_to_dedupe:
-        print(
-            f"Deduplicated {len(services_to_dedupe)} services (will use pre-built images):"
-        )
-        for svc in services_to_dedupe:
-            print(f"  - {svc} -> {compose['services'][svc].get('image', 'N/A')}")
-
-
-if __name__ == "__main__":
-    main()

autogpt_platform/CLAUDE.md

@@ -8,7 +8,7 @@ AutoGPT Platform is a monorepo containing:
 
 - **Backend** (`backend`): Python FastAPI server with async support
 - **Frontend** (`frontend`): Next.js React application
-- **Shared Libraries** (`autogpt_libs`): Common Python utilities
+- **Shared Libraries** (`backend/api/auth`, `backend/logging`): Auth, logging, and common utilities integrated into backend
 
 ## Component Documentation
 
@@ -45,11 +45,6 @@ AutoGPT Platform is a monorepo containing:
 - Backend/Frontend services use YAML anchors for consistent configuration
 - Supabase services (`db/docker/docker-compose.yml`) follow the same pattern
 
-### Branching Strategy
-
-- **`dev`** is the main development branch. All PRs should target `dev`.
-- **`master`** is the production branch. Only used for production releases.
-
 ### Creating Pull Requests
 
 - Create the PR against the `dev` branch of the repository.

autogpt_platform/autogpt_libs/README.md

@@ -1,3 +0,0 @@
-# AutoGPT Libs
-
-This is a new project to store shared functionality across different services in the AutoGPT Platform (e.g. authentication)

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/config.py

@@ -1,33 +0,0 @@
-from typing import Optional
-
-from pydantic import Field
-from pydantic_settings import BaseSettings, SettingsConfigDict
-
-
-class RateLimitSettings(BaseSettings):
-    redis_host: str = Field(
-        default="redis://localhost:6379",
-        description="Redis host",
-        validation_alias="REDIS_HOST",
-    )
-
-    redis_port: str = Field(
-        default="6379", description="Redis port", validation_alias="REDIS_PORT"
-    )
-
-    redis_password: Optional[str] = Field(
-        default=None,
-        description="Redis password",
-        validation_alias="REDIS_PASSWORD",
-    )
-
-    requests_per_minute: int = Field(
-        default=60,
-        description="Maximum number of requests allowed per minute per API key",
-        validation_alias="RATE_LIMIT_REQUESTS_PER_MINUTE",
-    )
-
-    model_config = SettingsConfigDict(case_sensitive=True, extra="ignore")
-
-
-RATE_LIMIT_SETTINGS = RateLimitSettings()

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/limiter.py

@@ -1,51 +0,0 @@
-import time
-from typing import Tuple
-
-from redis import Redis
-
-from .config import RATE_LIMIT_SETTINGS
-
-
-class RateLimiter:
-    def __init__(
-        self,
-        redis_host: str = RATE_LIMIT_SETTINGS.redis_host,
-        redis_port: str = RATE_LIMIT_SETTINGS.redis_port,
-        redis_password: str | None = RATE_LIMIT_SETTINGS.redis_password,
-        requests_per_minute: int = RATE_LIMIT_SETTINGS.requests_per_minute,
-    ):
-        self.redis = Redis(
-            host=redis_host,
-            port=int(redis_port),
-            password=redis_password,
-            decode_responses=True,
-        )
-        self.window = 60
-        self.max_requests = requests_per_minute
-
-    async def check_rate_limit(self, api_key_id: str) -> Tuple[bool, int, int]:
-        """
-        Check if request is within rate limits.
-
-        Args:
-            api_key_id: The API key identifier to check
-
-        Returns:
-            Tuple of (is_allowed, remaining_requests, reset_time)
-        """
-        now = time.time()
-        window_start = now - self.window
-        key = f"ratelimit:{api_key_id}:1min"
-
-        pipe = self.redis.pipeline()
-        pipe.zremrangebyscore(key, 0, window_start)
-        pipe.zadd(key, {str(now): now})
-        pipe.zcount(key, window_start, now)
-        pipe.expire(key, self.window)
-
-        _, _, request_count, _ = pipe.execute()
-
-        remaining = max(0, self.max_requests - request_count)
-        reset_time = int(now + self.window)
-
-        return request_count <= self.max_requests, remaining, reset_time

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/middleware.py

@@ -1,32 +0,0 @@
-from fastapi import HTTPException, Request
-from starlette.middleware.base import RequestResponseEndpoint
-
-from .limiter import RateLimiter
-
-
-async def rate_limit_middleware(request: Request, call_next: RequestResponseEndpoint):
-    """FastAPI middleware for rate limiting API requests."""
-    limiter = RateLimiter()
-
-    if not request.url.path.startswith("/api"):
-        return await call_next(request)
-
-    api_key = request.headers.get("Authorization")
-    if not api_key:
-        return await call_next(request)
-
-    api_key = api_key.replace("Bearer ", "")
-
-    is_allowed, remaining, reset_time = await limiter.check_rate_limit(api_key)
-
-    if not is_allowed:
-        raise HTTPException(
-            status_code=429, detail="Rate limit exceeded. Please try again later."
-        )
-
-    response = await call_next(request)
-    response.headers["X-RateLimit-Limit"] = str(limiter.max_requests)
-    response.headers["X-RateLimit-Remaining"] = str(remaining)
-    response.headers["X-RateLimit-Reset"] = str(reset_time)
-
-    return response

autogpt_platform/autogpt_libs/autogpt_libs/supabase_integration_credentials_store/types.py

@@ -1,76 +0,0 @@
-from typing import Annotated, Any, Literal, Optional, TypedDict
-from uuid import uuid4
-
-from pydantic import BaseModel, Field, SecretStr, field_serializer
-
-
-class _BaseCredentials(BaseModel):
-    id: str = Field(default_factory=lambda: str(uuid4()))
-    provider: str
-    title: Optional[str]
-
-    @field_serializer("*")
-    def dump_secret_strings(value: Any, _info):
-        if isinstance(value, SecretStr):
-            return value.get_secret_value()
-        return value
-
-
-class OAuth2Credentials(_BaseCredentials):
-    type: Literal["oauth2"] = "oauth2"
-    username: Optional[str]
-    """Username of the third-party service user that these credentials belong to"""
-    access_token: SecretStr
-    access_token_expires_at: Optional[int]
-    """Unix timestamp (seconds) indicating when the access token expires (if at all)"""
-    refresh_token: Optional[SecretStr]
-    refresh_token_expires_at: Optional[int]
-    """Unix timestamp (seconds) indicating when the refresh token expires (if at all)"""
-    scopes: list[str]
-    metadata: dict[str, Any] = Field(default_factory=dict)
-
-    def bearer(self) -> str:
-        return f"Bearer {self.access_token.get_secret_value()}"
-
-
-class APIKeyCredentials(_BaseCredentials):
-    type: Literal["api_key"] = "api_key"
-    api_key: SecretStr
-    expires_at: Optional[int]
-    """Unix timestamp (seconds) indicating when the API key expires (if at all)"""
-
-    def bearer(self) -> str:
-        return f"Bearer {self.api_key.get_secret_value()}"
-
-
-Credentials = Annotated[
-    OAuth2Credentials | APIKeyCredentials,
-    Field(discriminator="type"),
-]
-
-
-CredentialsType = Literal["api_key", "oauth2"]
-
-
-class OAuthState(BaseModel):
-    token: str
-    provider: str
-    expires_at: int
-    code_verifier: Optional[str] = None
-    scopes: list[str]
-    """Unix timestamp (seconds) indicating when this OAuth state expires"""
-
-
-class UserMetadata(BaseModel):
-    integration_credentials: list[Credentials] = Field(default_factory=list)
-    integration_oauth_states: list[OAuthState] = Field(default_factory=list)
-
-
-class UserMetadataRaw(TypedDict, total=False):
-    integration_credentials: list[dict]
-    integration_oauth_states: list[dict]
-
-
-class UserIntegrations(BaseModel):
-    credentials: list[Credentials] = Field(default_factory=list)
-    oauth_states: list[OAuthState] = Field(default_factory=list)

autogpt_platform/autogpt_libs/pyproject.toml

@@ -1,40 +0,0 @@
-[tool.poetry]
-name = "autogpt-libs"
-version = "0.2.0"
-description = "Shared libraries across AutoGPT Platform"
-authors = ["AutoGPT team <info@agpt.co>"]
-readme = "README.md"
-packages = [{ include = "autogpt_libs" }]
-
-[tool.poetry.dependencies]
-python = ">=3.10,<4.0"
-colorama = "^0.4.6"
-cryptography = "^46.0"
-expiringdict = "^1.2.2"
-fastapi = "^0.128.7"
-google-cloud-logging = "^3.13.0"
-launchdarkly-server-sdk = "^9.15.0"
-pydantic = "^2.12.5"
-pydantic-settings = "^2.12.0"
-pyjwt = { version = "^2.11.0", extras = ["crypto"] }
-redis = "^6.2.0"
-supabase = "^2.28.0"
-uvicorn = "^0.40.0"
-
-[tool.poetry.group.dev.dependencies]
-pyright = "^1.1.408"
-pytest = "^8.4.1"
-pytest-asyncio = "^1.3.0"
-pytest-mock = "^3.15.1"
-pytest-cov = "^7.0.0"
-ruff = "^0.15.0"
-
-[build-system]
-requires = ["poetry-core"]
-build-backend = "poetry.core.masonry.api"
-
-[tool.ruff]
-line-length = 88
-
-[tool.ruff.lint]
-extend-select = ["I"]  # sort dependencies

autogpt_platform/backend/.env.default

@@ -104,12 +104,6 @@ TWITTER_CLIENT_SECRET=
 # Make a new workspace for your OAuth APP -- trust me
 # https://linear.app/settings/api/applications/new
 # Callback URL: http://localhost:3000/auth/integrations/oauth_callback
-LINEAR_API_KEY=
-# Linear project and team IDs for the feature request tracker.
-# Find these in your Linear workspace URL: linear.app/<workspace>/project/<project-id>
-# and in team settings. Used by the chat copilot to file and search feature requests.
-LINEAR_FEATURE_REQUEST_PROJECT_ID=
-LINEAR_FEATURE_REQUEST_TEAM_ID=
 LINEAR_CLIENT_ID=
 LINEAR_CLIENT_SECRET=
 

autogpt_platform/backend/Dockerfile

@@ -1,5 +1,3 @@
-# ============================ DEPENDENCY BUILDER ============================ #
-
 FROM debian:13-slim AS builder
 
 # Set environment variables
@@ -41,8 +39,7 @@ ENV PATH=/opt/poetry/bin:$PATH
 
 RUN pip3 install poetry --break-system-packages
 
-# Copy and install dependencies
-COPY autogpt_platform/autogpt_libs /app/autogpt_platform/autogpt_libs
+# Copy and install dependencies (autogpt_libs merged into backend - OPEN-2998)
 COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.toml /app/autogpt_platform/backend/
 WORKDIR /app/autogpt_platform/backend
 RUN poetry install --no-ansi --no-root
@@ -53,62 +50,27 @@ COPY autogpt_platform/backend/backend/data/partial_types.py ./backend/data/parti
 COPY autogpt_platform/backend/gen_prisma_types_stub.py ./
 RUN poetry run prisma generate && poetry run gen-prisma-stub
 
-# =============================== DB MIGRATOR =============================== #
-
-# Lightweight migrate stage - only needs Prisma CLI, not full Python environment
-FROM debian:13-slim AS migrate
-
-WORKDIR /app/autogpt_platform/backend
-
-ENV DEBIAN_FRONTEND=noninteractive
-
-# Install only what's needed for prisma migrate: Node.js and minimal Python for prisma-python
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    python3.13 \
-    python3-pip \
-    ca-certificates \
-    && rm -rf /var/lib/apt/lists/*
-
-# Copy Node.js from builder (needed for Prisma CLI)
-COPY --from=builder /usr/bin/node /usr/bin/node
-COPY --from=builder /usr/lib/node_modules /usr/lib/node_modules
-COPY --from=builder /usr/bin/npm /usr/bin/npm
-
-# Copy Prisma binaries
-COPY --from=builder /root/.cache/prisma-python/binaries /root/.cache/prisma-python/binaries
-
-# Install prisma-client-py directly (much smaller than copying full venv)
-RUN pip3 install prisma>=0.15.0 --break-system-packages
-
-COPY autogpt_platform/backend/schema.prisma ./
-COPY autogpt_platform/backend/backend/data/partial_types.py ./backend/data/partial_types.py
-COPY autogpt_platform/backend/gen_prisma_types_stub.py ./
-COPY autogpt_platform/backend/migrations ./migrations
-
-# ============================== BACKEND SERVER ============================== #
-
-FROM debian:13-slim AS server
+FROM debian:13-slim AS server_dependencies
 
 WORKDIR /app
 
-ENV DEBIAN_FRONTEND=noninteractive
+ENV POETRY_HOME=/opt/poetry \
+    POETRY_NO_INTERACTION=1 \
+    POETRY_VIRTUALENVS_CREATE=true \
+    POETRY_VIRTUALENVS_IN_PROJECT=true \
+    DEBIAN_FRONTEND=noninteractive
+ENV PATH=/opt/poetry/bin:$PATH
 
-# Install Python, FFmpeg, ImageMagick, and CLI tools for agent use.
-# bubblewrap provides OS-level sandbox (whitelist-only FS + no network)
-# for the bash_exec MCP tool.
-# Using --no-install-recommends saves ~650MB by skipping unnecessary deps like llvm, mesa, etc.
-RUN apt-get update && apt-get install -y --no-install-recommends \
+# Install Python, FFmpeg, and ImageMagick (required for video processing blocks)
+RUN apt-get update && apt-get install -y \
     python3.13 \
     python3-pip \
     ffmpeg \
     imagemagick \
-    jq \
-    ripgrep \
-    tree \
-    bubblewrap \
     && rm -rf /var/lib/apt/lists/*
 
-# Copy poetry (build-time only, for `poetry install --only-root` to create entry points)
+# Copy only necessary files from builder
+COPY --from=builder /app /app
 COPY --from=builder /usr/local/lib/python3* /usr/local/lib/python3*
 COPY --from=builder /usr/local/bin/poetry /usr/local/bin/poetry
 # Copy Node.js installation for Prisma
@@ -118,25 +80,28 @@ COPY --from=builder /usr/bin/npm /usr/bin/npm
 COPY --from=builder /usr/bin/npx /usr/bin/npx
 COPY --from=builder /root/.cache/prisma-python/binaries /root/.cache/prisma-python/binaries
 
-WORKDIR /app/autogpt_platform/backend
-
-# Copy only the .venv from builder (not the entire /app directory)
-# The .venv includes the generated Prisma client
-COPY --from=builder /app/autogpt_platform/backend/.venv ./.venv
 ENV PATH="/app/autogpt_platform/backend/.venv/bin:$PATH"
 
-# Copy dependency files + autogpt_libs (path dependency)
-COPY autogpt_platform/autogpt_libs /app/autogpt_platform/autogpt_libs
-COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.toml ./
+# autogpt_libs merged into backend (OPEN-2998)
+RUN mkdir -p /app/autogpt_platform/backend
 
-# Copy backend code + docs (for Copilot docs search)
-COPY autogpt_platform/backend ./
+COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.toml /app/autogpt_platform/backend/
+
+WORKDIR /app/autogpt_platform/backend
+
+FROM server_dependencies AS migrate
+
+# Migration stage only needs schema and migrations - much lighter than full backend
+COPY autogpt_platform/backend/schema.prisma /app/autogpt_platform/backend/
+COPY autogpt_platform/backend/backend/data/partial_types.py /app/autogpt_platform/backend/backend/data/partial_types.py
+COPY autogpt_platform/backend/migrations /app/autogpt_platform/backend/migrations
+
+FROM server_dependencies AS server
+
+COPY autogpt_platform/backend /app/autogpt_platform/backend
 COPY docs /app/docs
-# Install the project package to create entry point scripts in .venv/bin/
-# (e.g., rest, executor, ws, db, scheduler, notification - see [tool.poetry.scripts])
-RUN POETRY_VIRTUALENVS_CREATE=true POETRY_VIRTUALENVS_IN_PROJECT=true \
-    poetry install --no-ansi --only-root
+RUN poetry install --no-ansi --only-root
 
 ENV PORT=8000
 
-CMD ["rest"]
+CMD ["poetry", "run", "rest"]

autogpt_platform/backend/TESTING.md

@@ -132,7 +132,7 @@ def test_endpoint_success(snapshot: Snapshot):
 
 ### Testing with Authentication
 
-For the main API routes that use JWT authentication, auth is provided by the `autogpt_libs.auth` module. If the test actually uses the `user_id`, the recommended approach for testing is to mock the `get_jwt_payload` function, which underpins all higher-level auth functions used in the API (`requires_user`, `requires_admin_user`, `get_user_id`).
+For the main API routes that use JWT authentication, auth is provided by the `backend.api.auth` module. If the test actually uses the `user_id`, the recommended approach for testing is to mock the `get_jwt_payload` function, which underpins all higher-level auth functions used in the API (`requires_user`, `requires_admin_user`, `get_user_id`).
 
 If the test doesn't need the `user_id` specifically, mocking is not necessary as during tests auth is disabled anyway (see `conftest.py`).
 
@@ -158,7 +158,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user['get_jwt_payload']
     yield
@@ -171,7 +171,7 @@ For admin-only endpoints, use `mock_jwt_admin` instead:
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_admin):
     """Setup auth overrides for admin tests"""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_admin['get_jwt_payload']
     yield

autogpt_platform/backend/backend/api/auth/api_key/test_keysmith.py

@@ -1,6 +1,6 @@
 import hashlib
 
-from autogpt_libs.api_key.keysmith import APIKeySmith
+from backend.api.auth.api_key.keysmith import APIKeySmith
 
 
 def test_generate_api_key():

autogpt_platform/backend/backend/api/auth/config_test.py

@@ -9,7 +9,7 @@ import os
 import pytest
 from pytest_mock import MockerFixture
 
-from autogpt_libs.auth.config import AuthConfigError, Settings
+from backend.api.auth.config import AuthConfigError, Settings
 
 
 def test_environment_variable_precedence(mocker: MockerFixture):
@@ -228,7 +228,7 @@ def test_no_crypto_warning(mocker: MockerFixture, caplog: pytest.LogCaptureFixtu
     mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
 
     # Mock has_crypto to return False
-    mocker.patch("autogpt_libs.auth.config.has_crypto", False)
+    mocker.patch("backend.api.auth.config.has_crypto", False)
 
     with caplog.at_level(logging.WARNING):
         Settings()

autogpt_platform/backend/backend/api/auth/dependencies.py

@@ -43,7 +43,7 @@ def get_optional_user_id(
 
     try:
         # Parse JWT token to get user ID
-        from autogpt_libs.auth.jwt_utils import parse_jwt_token
+        from backend.api.auth.jwt_utils import parse_jwt_token
 
         payload = parse_jwt_token(credentials.credentials)
         return payload.get("sub")

autogpt_platform/backend/backend/api/auth/dependencies_test.py

@@ -11,12 +11,12 @@ from fastapi import FastAPI, HTTPException, Request, Security
 from fastapi.testclient import TestClient
 from pytest_mock import MockerFixture
 
-from autogpt_libs.auth.dependencies import (
+from backend.api.auth.dependencies import (
     get_user_id,
     requires_admin_user,
     requires_user,
 )
-from autogpt_libs.auth.models import User
+from backend.api.auth.models import User
 
 
 class TestAuthDependencies:
@@ -53,7 +53,7 @@ class TestAuthDependencies:
 
         # Mock get_jwt_payload to return our test payload
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_user(jwt_payload)
         assert isinstance(user, User)
@@ -70,7 +70,7 @@ class TestAuthDependencies:
         }
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_user(jwt_payload)
         assert user.user_id == "admin-456"
@@ -105,7 +105,7 @@ class TestAuthDependencies:
         }
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user = await requires_admin_user(jwt_payload)
         assert user.user_id == "admin-789"
@@ -137,7 +137,7 @@ class TestAuthDependencies:
         jwt_payload = {"sub": "user-id-xyz", "role": "user"}
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
         user_id = await get_user_id(request, jwt_payload)
         assert user_id == "user-id-xyz"
@@ -344,7 +344,7 @@ class TestAuthDependenciesEdgeCases:
     ):
         """Test that errors propagate correctly through dependencies."""
         # Import verify_user to test it directly since dependencies use FastAPI Security
-        from autogpt_libs.auth.jwt_utils import verify_user
+        from backend.api.auth.jwt_utils import verify_user
 
         with pytest.raises(HTTPException) as exc_info:
             verify_user(payload, admin_only=admin_only)
@@ -354,7 +354,7 @@ class TestAuthDependenciesEdgeCases:
     async def test_dependency_valid_user(self):
         """Test valid user case for dependency."""
         # Import verify_user to test it directly since dependencies use FastAPI Security
-        from autogpt_libs.auth.jwt_utils import verify_user
+        from backend.api.auth.jwt_utils import verify_user
 
         # Valid case
         user = verify_user({"sub": "user", "role": "user"}, admin_only=False)
@@ -376,16 +376,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-456", email="admin@example.com", role="admin"
         )
 
         # Mock logger to verify audit logging
-        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -412,13 +412,13 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return regular user data
-        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="regular-user", email="user@example.com", role="user"
         )
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         with pytest.raises(HTTPException) as exc_info:
@@ -439,7 +439,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -459,7 +459,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -479,16 +479,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-999", email="superadmin@company.com", role="admin"
         )
 
         # Mock logger to capture audit trail
-        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -515,7 +515,7 @@ class TestAdminImpersonation:
         }
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)
@@ -535,16 +535,16 @@ class TestAdminImpersonation:
         }
 
         # Mock verify_user to return admin user data
-        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user = mocker.patch("backend.api.auth.dependencies.verify_user")
         mock_verify_user.return_value = Mock(
             user_id="admin-456", email="admin@example.com", role="admin"
         )
 
         # Mock logger
-        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+        mock_logger = mocker.patch("backend.api.auth.dependencies.logger")
 
         mocker.patch(
-            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+            "backend.api.auth.dependencies.get_jwt_payload", return_value=jwt_payload
         )
 
         user_id = await get_user_id(request, jwt_payload)

autogpt_platform/backend/backend/api/auth/helpers_test.py

@@ -3,13 +3,11 @@ Comprehensive tests for auth helpers module to achieve 100% coverage.
 Tests OpenAPI schema generation and authentication response handling.
 """
 
-from unittest import mock
-
 from fastapi import FastAPI
 from fastapi.openapi.utils import get_openapi
 
-from autogpt_libs.auth.helpers import add_auth_responses_to_openapi
-from autogpt_libs.auth.jwt_utils import bearer_jwt_auth
+from backend.api.auth.helpers import add_auth_responses_to_openapi
+from backend.api.auth.jwt_utils import bearer_jwt_auth
 
 
 def test_add_auth_responses_to_openapi_basic():
@@ -19,7 +17,7 @@ def test_add_auth_responses_to_openapi_basic():
     # Add some test endpoints with authentication
     from fastapi import Depends
 
-    from autogpt_libs.auth.dependencies import requires_user
+    from backend.api.auth.dependencies import requires_user
 
     @app.get("/protected", dependencies=[Depends(requires_user)])
     def protected_endpoint():
@@ -64,7 +62,7 @@ def test_add_auth_responses_to_openapi_with_security():
     # Mock endpoint with security
     from fastapi import Security
 
-    from autogpt_libs.auth.dependencies import get_user_id
+    from backend.api.auth.dependencies import get_user_id
 
     @app.get("/secured")
     def secured_endpoint(user_id: str = Security(get_user_id)):
@@ -130,7 +128,7 @@ def test_add_auth_responses_to_openapi_existing_responses():
 
     from fastapi import Security
 
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     @app.get(
         "/with-responses",
@@ -197,8 +195,8 @@ def test_add_auth_responses_to_openapi_multiple_security_schemes():
 
     from fastapi import Security
 
-    from autogpt_libs.auth.dependencies import requires_admin_user, requires_user
-    from autogpt_libs.auth.models import User
+    from backend.api.auth.dependencies import requires_admin_user, requires_user
+    from backend.api.auth.models import User
 
     @app.get("/multi-auth")
     def multi_auth(
@@ -227,26 +225,29 @@ def test_add_auth_responses_to_openapi_empty_components():
     """Test when OpenAPI schema has no components section initially."""
     app = FastAPI()
 
-    # Mock get_openapi to return schema without components
-    original_get_openapi = get_openapi
-
-    def mock_get_openapi(*args, **kwargs):
-        schema = original_get_openapi(*args, **kwargs)
-        # Remove components if it exists
+    def mock_openapi():
+        schema = get_openapi(
+            title=app.title,
+            version=app.version,
+            routes=app.routes,
+        )
+        # Remove components if it exists to test component creation
         if "components" in schema:
             del schema["components"]
         return schema
 
-    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
-        # Apply customization
-        add_auth_responses_to_openapi(app)
+    # Replace app's openapi method
+    app.openapi = mock_openapi
 
-        schema = app.openapi()
+    # Apply customization (this wraps our mock)
+    add_auth_responses_to_openapi(app)
 
-        # Components should be created
-        assert "components" in schema
-        assert "responses" in schema["components"]
-        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+    schema = app.openapi()
+
+    # Components should be created
+    assert "components" in schema
+    assert "responses" in schema["components"]
+    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
 
 
 def test_add_auth_responses_to_openapi_all_http_methods():
@@ -255,7 +256,7 @@ def test_add_auth_responses_to_openapi_all_http_methods():
 
     from fastapi import Security
 
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     @app.get("/resource")
     def get_resource(jwt: dict = Security(get_jwt_payload)):
@@ -333,53 +334,59 @@ def test_endpoint_without_responses_section():
     app = FastAPI()
 
     from fastapi import Security
-    from fastapi.openapi.utils import get_openapi as original_get_openapi
 
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     # Create endpoint
     @app.get("/no-responses")
     def endpoint_without_responses(jwt: dict = Security(get_jwt_payload)):
         return {"data": "test"}
 
-    # Mock get_openapi to remove responses from the endpoint
-    def mock_get_openapi(*args, **kwargs):
-        schema = original_get_openapi(*args, **kwargs)
-        # Remove responses from our endpoint to trigger line 40
+    # Create a mock openapi method that removes responses from the endpoint
+    def mock_openapi():
+        schema = get_openapi(
+            title=app.title,
+            version=app.version,
+            routes=app.routes,
+        )
+        # Remove responses from our endpoint to test response creation
         if "/no-responses" in schema.get("paths", {}):
             if "get" in schema["paths"]["/no-responses"]:
-                # Delete responses to force the code to create it
                 if "responses" in schema["paths"]["/no-responses"]["get"]:
                     del schema["paths"]["/no-responses"]["get"]["responses"]
         return schema
 
-    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
-        # Apply customization
-        add_auth_responses_to_openapi(app)
+    # Replace app's openapi method
+    app.openapi = mock_openapi
 
-        # Get schema and verify 401 was added
-        schema = app.openapi()
+    # Apply customization (this wraps our mock)
+    add_auth_responses_to_openapi(app)
 
-        # The endpoint should now have 401 response
-        if "/no-responses" in schema["paths"]:
-            if "get" in schema["paths"]["/no-responses"]:
-                responses = schema["paths"]["/no-responses"]["get"].get("responses", {})
-                assert "401" in responses
-                assert (
-                    responses["401"]["$ref"]
-                    == "#/components/responses/HTTP401NotAuthenticatedError"
-                )
+    # Get schema and verify 401 was added
+    schema = app.openapi()
+
+    # The endpoint should now have 401 response
+    if "/no-responses" in schema["paths"]:
+        if "get" in schema["paths"]["/no-responses"]:
+            responses = schema["paths"]["/no-responses"]["get"].get("responses", {})
+            assert "401" in responses
+            assert (
+                responses["401"]["$ref"]
+                == "#/components/responses/HTTP401NotAuthenticatedError"
+            )
 
 
 def test_components_with_existing_responses():
     """Test when components already has a responses section."""
     app = FastAPI()
 
-    # Mock get_openapi to return schema with existing components/responses
-    from fastapi.openapi.utils import get_openapi as original_get_openapi
-
-    def mock_get_openapi(*args, **kwargs):
-        schema = original_get_openapi(*args, **kwargs)
+    # Create a mock openapi method that adds existing components/responses
+    def mock_openapi():
+        schema = get_openapi(
+            title=app.title,
+            version=app.version,
+            routes=app.routes,
+        )
         # Add existing components/responses
         if "components" not in schema:
             schema["components"] = {}
@@ -388,21 +395,21 @@ def test_components_with_existing_responses():
         }
         return schema
 
-    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
-        # Apply customization
-        add_auth_responses_to_openapi(app)
+    # Replace app's openapi method
+    app.openapi = mock_openapi
 
-        schema = app.openapi()
+    # Apply customization (this wraps our mock)
+    add_auth_responses_to_openapi(app)
 
-        # Both responses should exist
-        assert "ExistingResponse" in schema["components"]["responses"]
-        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+    schema = app.openapi()
 
-        # Verify our 401 response structure
-        error_response = schema["components"]["responses"][
-            "HTTP401NotAuthenticatedError"
-        ]
-        assert error_response["description"] == "Authentication required"
+    # Both responses should exist
+    assert "ExistingResponse" in schema["components"]["responses"]
+    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+    # Verify our 401 response structure
+    error_response = schema["components"]["responses"]["HTTP401NotAuthenticatedError"]
+    assert error_response["description"] == "Authentication required"
 
 
 def test_openapi_schema_persistence():
@@ -411,7 +418,7 @@ def test_openapi_schema_persistence():
 
     from fastapi import Security
 
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     @app.get("/test")
     def test_endpoint(jwt: dict = Security(get_jwt_payload)):

autogpt_platform/backend/backend/api/auth/jwt_utils_test.py

@@ -12,9 +12,9 @@ from fastapi import HTTPException
 from fastapi.security import HTTPAuthorizationCredentials
 from pytest_mock import MockerFixture
 
-from autogpt_libs.auth import config, jwt_utils
-from autogpt_libs.auth.config import Settings
-from autogpt_libs.auth.models import User
+from backend.api.auth import config, jwt_utils
+from backend.api.auth.config import Settings
+from backend.api.auth.models import User
 
 MOCK_JWT_SECRET = "test-secret-key-with-at-least-32-characters"
 TEST_USER_PAYLOAD = {

autogpt_platform/backend/backend/api/external/v1/routes.py

@@ -10,7 +10,7 @@ from typing_extensions import TypedDict
 
 import backend.api.features.store.cache as store_cache
 import backend.api.features.store.model as store_model
-import backend.blocks
+import backend.data.block
 from backend.api.external.middleware import require_permission
 from backend.data import execution as execution_db
 from backend.data import graph as graph_db
@@ -67,7 +67,7 @@ async def get_user_info(
     dependencies=[Security(require_permission(APIKeyPermission.READ_BLOCK))],
 )
 async def get_graph_blocks() -> Sequence[dict[Any, Any]]:
-    blocks = [block() for block in backend.blocks.get_blocks().values()]
+    blocks = [block() for block in backend.data.block.get_blocks().values()]
     return [b.to_dict() for b in blocks if not b.disabled]
 
 
@@ -83,7 +83,7 @@ async def execute_graph_block(
         require_permission(APIKeyPermission.EXECUTE_BLOCK)
     ),
 ) -> CompletedBlockOutput:
-    obj = backend.blocks.get_block(block_id)
+    obj = backend.data.block.get_block(block_id)
     if not obj:
         raise HTTPException(status_code=404, detail=f"Block #{block_id} not found.")
     if obj.disabled:

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes.py

@@ -1,10 +1,10 @@
 import logging
 import typing
 
-from autogpt_libs.auth import get_user_id, requires_admin_user
 from fastapi import APIRouter, Body, Security
 from prisma.enums import CreditTransactionType
 
+from backend.api.auth import get_user_id, requires_admin_user
 from backend.data.credit import admin_get_user_history, get_user_credit_model
 from backend.util.json import SafeJson
 

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes_test.py

@@ -6,9 +6,9 @@ import fastapi.testclient
 import prisma.enums
 import pytest
 import pytest_mock
-from autogpt_libs.auth.jwt_utils import get_jwt_payload
 from pytest_snapshot.plugin import Snapshot
 
+from backend.api.auth.jwt_utils import get_jwt_payload
 from backend.data.model import UserTransaction
 from backend.util.json import SafeJson
 from backend.util.models import Pagination

autogpt_platform/backend/backend/api/features/admin/execution_analytics_routes.py

@@ -3,10 +3,10 @@ import logging
 from datetime import datetime
 from typing import Optional
 
-from autogpt_libs.auth import get_user_id, requires_admin_user
 from fastapi import APIRouter, HTTPException, Security
 from pydantic import BaseModel, Field
 
+from backend.api.auth import get_user_id, requires_admin_user
 from backend.blocks.llm import LlmModel
 from backend.data.analytics import (
     AccuracyTrendsResponse,

autogpt_platform/backend/backend/api/features/admin/store_admin_routes.py

@@ -2,11 +2,11 @@ import logging
 import tempfile
 import typing
 
-import autogpt_libs.auth
 import fastapi
 import fastapi.responses
 import prisma.enums
 
+import backend.api.auth
 import backend.api.features.store.cache as store_cache
 import backend.api.features.store.db as store_db
 import backend.api.features.store.model as store_model
@@ -17,7 +17,7 @@ logger = logging.getLogger(__name__)
 router = fastapi.APIRouter(
     prefix="/admin",
     tags=["store", "admin"],
-    dependencies=[fastapi.Security(autogpt_libs.auth.requires_admin_user)],
+    dependencies=[fastapi.Security(backend.api.auth.requires_admin_user)],
 )
 
 
@@ -73,7 +73,7 @@ async def get_admin_listings_with_versions(
 async def review_submission(
     store_listing_version_id: str,
     request: store_model.ReviewSubmissionRequest,
-    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
+    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
 ):
     """
     Review a store listing submission.
@@ -117,7 +117,7 @@ async def review_submission(
     tags=["store", "admin"],
 )
 async def admin_download_agent_file(
-    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
+    user_id: str = fastapi.Security(backend.api.auth.get_user_id),
     store_listing_version_id: str = fastapi.Path(
         ..., description="The ID of the agent to download"
     ),

autogpt_platform/backend/backend/api/features/analytics.py

@@ -5,10 +5,10 @@ from typing import Annotated
 
 import fastapi
 import pydantic
-from autogpt_libs.auth import get_user_id
-from autogpt_libs.auth.dependencies import requires_user
 
 import backend.data.analytics
+from backend.api.auth import get_user_id
+from backend.api.auth.dependencies import requires_user
 
 router = fastapi.APIRouter(dependencies=[fastapi.Security(requires_user)])
 logger = logging.getLogger(__name__)

autogpt_platform/backend/backend/api/features/analytics_test.py

@@ -20,7 +20,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module."""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/builder/db.py

@@ -10,15 +10,10 @@ import backend.api.features.library.db as library_db
 import backend.api.features.library.model as library_model
 import backend.api.features.store.db as store_db
 import backend.api.features.store.model as store_model
+import backend.data.block
 from backend.blocks import load_all_blocks
-from backend.blocks._base import (
-    AnyBlockSchema,
-    BlockCategory,
-    BlockInfo,
-    BlockSchema,
-    BlockType,
-)
 from backend.blocks.llm import LlmModel
+from backend.data.block import AnyBlockSchema, BlockCategory, BlockInfo, BlockSchema
 from backend.data.db import query_raw_with_schema
 from backend.integrations.providers import ProviderName
 from backend.util.cache import cached
@@ -27,7 +22,7 @@ from backend.util.models import Pagination
 from .model import (
     BlockCategoryResponse,
     BlockResponse,
-    BlockTypeFilter,
+    BlockType,
     CountResponse,
     FilterType,
     Provider,
@@ -93,7 +88,7 @@ def get_block_categories(category_blocks: int = 3) -> list[BlockCategoryResponse
 def get_blocks(
     *,
     category: str | None = None,
-    type: BlockTypeFilter | None = None,
+    type: BlockType | None = None,
     provider: ProviderName | None = None,
     page: int = 1,
     page_size: int = 50,
@@ -674,9 +669,9 @@ async def get_suggested_blocks(count: int = 5) -> list[BlockInfo]:
     for block_type in load_all_blocks().values():
         block: AnyBlockSchema = block_type()
         if block.disabled or block.block_type in (
-            BlockType.INPUT,
-            BlockType.OUTPUT,
-            BlockType.AGENT,
+            backend.data.block.BlockType.INPUT,
+            backend.data.block.BlockType.OUTPUT,
+            backend.data.block.BlockType.AGENT,
         ):
             continue
         # Find the execution count for this block

autogpt_platform/backend/backend/api/features/builder/model.py

@@ -4,7 +4,7 @@ from pydantic import BaseModel
 
 import backend.api.features.library.model as library_model
 import backend.api.features.store.model as store_model
-from backend.blocks._base import BlockInfo
+from backend.data.block import BlockInfo
 from backend.integrations.providers import ProviderName
 from backend.util.models import Pagination
 
@@ -15,7 +15,7 @@ FilterType = Literal[
     "my_agents",
 ]
 
-BlockTypeFilter = Literal["all", "input", "action", "output"]
+BlockType = Literal["all", "input", "action", "output"]
 
 
 class SearchEntry(BaseModel):

autogpt_platform/backend/backend/api/features/builder/routes.py

@@ -2,8 +2,8 @@ import logging
 from typing import Annotated, Sequence
 
 import fastapi
-from autogpt_libs.auth.dependencies import get_user_id, requires_user
 
+from backend.api.auth.dependencies import get_user_id, requires_user
 from backend.integrations.providers import ProviderName
 from backend.util.models import Pagination
 
@@ -88,7 +88,7 @@ async def get_block_categories(
 )
 async def get_blocks(
     category: Annotated[str | None, fastapi.Query()] = None,
-    type: Annotated[builder_model.BlockTypeFilter | None, fastapi.Query()] = None,
+    type: Annotated[builder_model.BlockType | None, fastapi.Query()] = None,
     provider: Annotated[ProviderName | None, fastapi.Query()] = None,
     page: Annotated[int, fastapi.Query()] = 1,
     page_size: Annotated[int, fastapi.Query()] = 50,

autogpt_platform/backend/backend/api/features/chat/config.py

@@ -27,11 +27,12 @@ class ChatConfig(BaseSettings):
     session_ttl: int = Field(default=43200, description="Session TTL in seconds")
 
     # Streaming Configuration
-    stream_timeout: int = Field(default=300, description="Stream timeout in seconds")
-    max_retries: int = Field(
-        default=3,
-        description="Max retries for fallback path (SDK handles retries internally)",
+    max_context_messages: int = Field(
+        default=50, ge=1, le=200, description="Maximum context messages"
     )
+
+    stream_timeout: int = Field(default=300, description="Stream timeout in seconds")
+    max_retries: int = Field(default=3, description="Maximum number of retries")
     max_agent_runs: int = Field(default=30, description="Maximum number of agent runs")
     max_agent_schedules: int = Field(
         default=30, description="Maximum number of agent schedules"
@@ -92,31 +93,6 @@ class ChatConfig(BaseSettings):
         description="Name of the prompt in Langfuse to fetch",
     )
 
-    # Claude Agent SDK Configuration
-    use_claude_agent_sdk: bool = Field(
-        default=True,
-        description="Use Claude Agent SDK for chat completions",
-    )
-    claude_agent_model: str | None = Field(
-        default=None,
-        description="Model for the Claude Agent SDK path. If None, derives from "
-        "the `model` field by stripping the OpenRouter provider prefix.",
-    )
-    claude_agent_max_buffer_size: int = Field(
-        default=10 * 1024 * 1024,  # 10MB (default SDK is 1MB)
-        description="Max buffer size in bytes for Claude Agent SDK JSON message parsing. "
-        "Increase if tool outputs exceed the limit.",
-    )
-    claude_agent_max_subtasks: int = Field(
-        default=10,
-        description="Max number of sub-agent Tasks the SDK can spawn per session.",
-    )
-    claude_agent_use_resume: bool = Field(
-        default=True,
-        description="Use --resume for multi-turn conversations instead of "
-        "history compression. Falls back to compression when unavailable.",
-    )
-
     # Extended thinking configuration for Claude models
     thinking_enabled: bool = Field(
         default=True,
@@ -162,17 +138,6 @@ class ChatConfig(BaseSettings):
             v = os.getenv("CHAT_INTERNAL_API_KEY")
         return v
 
-    @field_validator("use_claude_agent_sdk", mode="before")
-    @classmethod
-    def get_use_claude_agent_sdk(cls, v):
-        """Get use_claude_agent_sdk from environment if not provided."""
-        # Check environment variable - default to True if not set
-        env_val = os.getenv("CHAT_USE_CLAUDE_AGENT_SDK", "").lower()
-        if env_val:
-            return env_val in ("true", "1", "yes", "on")
-        # Default to True (SDK enabled by default)
-        return True if v is None else v
-
     # Prompt paths for different contexts
     PROMPT_PATHS: dict[str, str] = {
         "default": "prompts/chat_system.md",

autogpt_platform/backend/backend/api/features/chat/model.py

@@ -2,7 +2,7 @@ import asyncio
 import logging
 import uuid
 from datetime import UTC, datetime
-from typing import Any, cast
+from typing import Any
 from weakref import WeakValueDictionary
 
 from openai.types.chat import (
@@ -104,26 +104,6 @@ class ChatSession(BaseModel):
     successful_agent_runs: dict[str, int] = {}
     successful_agent_schedules: dict[str, int] = {}
 
-    def add_tool_call_to_current_turn(self, tool_call: dict) -> None:
-        """Attach a tool_call to the current turn's assistant message.
-
-        Searches backwards for the most recent assistant message (stopping at
-        any user message boundary). If found, appends the tool_call to it.
-        Otherwise creates a new assistant message with the tool_call.
-        """
-        for msg in reversed(self.messages):
-            if msg.role == "user":
-                break
-            if msg.role == "assistant":
-                if not msg.tool_calls:
-                    msg.tool_calls = []
-                msg.tool_calls.append(tool_call)
-                return
-
-        self.messages.append(
-            ChatMessage(role="assistant", content="", tool_calls=[tool_call])
-        )
-
     @staticmethod
     def new(user_id: str) -> "ChatSession":
         return ChatSession(
@@ -192,47 +172,6 @@ class ChatSession(BaseModel):
             successful_agent_schedules=successful_agent_schedules,
         )
 
-    @staticmethod
-    def _merge_consecutive_assistant_messages(
-        messages: list[ChatCompletionMessageParam],
-    ) -> list[ChatCompletionMessageParam]:
-        """Merge consecutive assistant messages into single messages.
-
-        Long-running tool flows can create split assistant messages: one with
-        text content and another with tool_calls. Anthropic's API requires
-        tool_result blocks to reference a tool_use in the immediately preceding
-        assistant message, so these splits cause 400 errors via OpenRouter.
-        """
-        if len(messages) < 2:
-            return messages
-
-        result: list[ChatCompletionMessageParam] = [messages[0]]
-        for msg in messages[1:]:
-            prev = result[-1]
-            if prev.get("role") != "assistant" or msg.get("role") != "assistant":
-                result.append(msg)
-                continue
-
-            prev = cast(ChatCompletionAssistantMessageParam, prev)
-            curr = cast(ChatCompletionAssistantMessageParam, msg)
-
-            curr_content = curr.get("content") or ""
-            if curr_content:
-                prev_content = prev.get("content") or ""
-                prev["content"] = (
-                    f"{prev_content}\n{curr_content}" if prev_content else curr_content
-                )
-
-            curr_tool_calls = curr.get("tool_calls")
-            if curr_tool_calls:
-                prev_tool_calls = prev.get("tool_calls")
-                prev["tool_calls"] = (
-                    list(prev_tool_calls) + list(curr_tool_calls)
-                    if prev_tool_calls
-                    else list(curr_tool_calls)
-                )
-        return result
-
     def to_openai_messages(self) -> list[ChatCompletionMessageParam]:
         messages = []
         for message in self.messages:
@@ -319,7 +258,7 @@ class ChatSession(BaseModel):
                         name=message.name or "",
                     )
                 )
-        return self._merge_consecutive_assistant_messages(messages)
+        return messages
 
 
 async def _get_session_from_cache(session_id: str) -> ChatSession | None:
@@ -334,8 +273,9 @@ async def _get_session_from_cache(session_id: str) -> ChatSession | None:
     try:
         session = ChatSession.model_validate_json(raw_session)
         logger.info(
-            f"[CACHE] Loaded session {session_id}: {len(session.messages)} messages, "
-            f"last_roles={[m.role for m in session.messages[-3:]]}"  # Last 3 roles
+            f"Loading session {session_id} from cache: "
+            f"message_count={len(session.messages)}, "
+            f"roles={[m.role for m in session.messages]}"
         )
         return session
     except Exception as e:
@@ -377,9 +317,11 @@ async def _get_session_from_db(session_id: str) -> ChatSession | None:
         return None
 
     messages = prisma_session.Messages
-    logger.debug(
-        f"[DB] Loaded session {session_id}: {len(messages) if messages else 0} messages, "
-        f"roles={[m.role for m in messages[-3:]] if messages else []}"  # Last 3 roles
+    logger.info(
+        f"Loading session {session_id} from DB: "
+        f"has_messages={messages is not None}, "
+        f"message_count={len(messages) if messages else 0}, "
+        f"roles={[m.role for m in messages] if messages else []}"
     )
 
     return ChatSession.from_db(prisma_session, messages)
@@ -430,9 +372,10 @@ async def _save_session_to_db(
                     "function_call": msg.function_call,
                 }
             )
-        logger.debug(
-            f"[DB] Saving {len(new_messages)} messages to session {session.session_id}, "
-            f"roles={[m['role'] for m in messages_data]}"
+        logger.info(
+            f"Saving {len(new_messages)} new messages to DB for session {session.session_id}: "
+            f"roles={[m['role'] for m in messages_data]}, "
+            f"start_sequence={existing_message_count}"
         )
         await chat_db.add_chat_messages_batch(
             session_id=session.session_id,
@@ -472,7 +415,7 @@ async def get_chat_session(
         logger.warning(f"Unexpected cache error for session {session_id}: {e}")
 
     # Fall back to database
-    logger.debug(f"Session {session_id} not in cache, checking database")
+    logger.info(f"Session {session_id} not in cache, checking database")
     session = await _get_session_from_db(session_id)
 
     if session is None:
@@ -489,6 +432,7 @@ async def get_chat_session(
     # Cache the session from DB
     try:
         await _cache_session(session)
+        logger.info(f"Cached session {session_id} from database")
     except Exception as e:
         logger.warning(f"Failed to cache session {session_id}: {e}")
 
@@ -553,40 +497,6 @@ async def upsert_chat_session(
         return session
 
 
-async def append_and_save_message(session_id: str, message: ChatMessage) -> ChatSession:
-    """Atomically append a message to a session and persist it.
-
-    Acquires the session lock, re-fetches the latest session state,
-    appends the message, and saves — preventing message loss when
-    concurrent requests modify the same session.
-    """
-    lock = await _get_session_lock(session_id)
-
-    async with lock:
-        session = await get_chat_session(session_id)
-        if session is None:
-            raise ValueError(f"Session {session_id} not found")
-
-        session.messages.append(message)
-        existing_message_count = await chat_db.get_chat_session_message_count(
-            session_id
-        )
-
-        try:
-            await _save_session_to_db(session, existing_message_count)
-        except Exception as e:
-            raise DatabaseError(
-                f"Failed to persist message to session {session_id}"
-            ) from e
-
-        try:
-            await _cache_session(session)
-        except Exception as e:
-            logger.warning(f"Cache write failed for session {session_id}: {e}")
-
-        return session
-
-
 async def create_chat_session(user_id: str) -> ChatSession:
     """Create a new chat session and persist it.
 
@@ -693,19 +603,13 @@ async def update_session_title(session_id: str, title: str) -> bool:
             logger.warning(f"Session {session_id} not found for title update")
             return False
 
-        # Update title in cache if it exists (instead of invalidating).
-        # This prevents race conditions where cache invalidation causes
-        # the frontend to see stale DB data while streaming is still in progress.
+        # Invalidate cache so next fetch gets updated title
         try:
-            cached = await _get_session_from_cache(session_id)
-            if cached:
-                cached.title = title
-                await _cache_session(cached)
+            redis_key = _get_session_cache_key(session_id)
+            async_redis = await get_redis_async()
+            await async_redis.delete(redis_key)
         except Exception as e:
-            # Not critical - title will be correct on next full cache refresh
-            logger.warning(
-                f"Failed to update title in cache for session {session_id}: {e}"
-            )
+            logger.warning(f"Failed to invalidate cache for session {session_id}: {e}")
 
         return True
     except Exception as e:

autogpt_platform/backend/backend/api/features/chat/model_test.py

@@ -1,16 +1,4 @@
-from typing import cast
-
 import pytest
-from openai.types.chat import (
-    ChatCompletionAssistantMessageParam,
-    ChatCompletionMessageParam,
-    ChatCompletionToolMessageParam,
-    ChatCompletionUserMessageParam,
-)
-from openai.types.chat.chat_completion_message_tool_call_param import (
-    ChatCompletionMessageToolCallParam,
-    Function,
-)
 
 from .model import (
     ChatMessage,
@@ -129,205 +117,3 @@ async def test_chatsession_db_storage(setup_test_user, test_user_id):
                 loaded.tool_calls is not None
             ), f"Tool calls missing for {orig.role} message"
             assert len(orig.tool_calls) == len(loaded.tool_calls)
-
-
-# --------------------------------------------------------------------------- #
-#  _merge_consecutive_assistant_messages                                       #
-# --------------------------------------------------------------------------- #
-
-_tc = ChatCompletionMessageToolCallParam(
-    id="tc1", type="function", function=Function(name="do_stuff", arguments="{}")
-)
-_tc2 = ChatCompletionMessageToolCallParam(
-    id="tc2", type="function", function=Function(name="other", arguments="{}")
-)
-
-
-def test_merge_noop_when_no_consecutive_assistants():
-    """Messages without consecutive assistants are returned unchanged."""
-    msgs = [
-        ChatCompletionUserMessageParam(role="user", content="hi"),
-        ChatCompletionAssistantMessageParam(role="assistant", content="hello"),
-        ChatCompletionUserMessageParam(role="user", content="bye"),
-    ]
-    merged = ChatSession._merge_consecutive_assistant_messages(msgs)
-    assert len(merged) == 3
-    assert [m["role"] for m in merged] == ["user", "assistant", "user"]
-
-
-def test_merge_splits_text_and_tool_calls():
-    """The exact bug scenario: text-only assistant followed by tool_calls-only assistant."""
-    msgs = [
-        ChatCompletionUserMessageParam(role="user", content="build agent"),
-        ChatCompletionAssistantMessageParam(
-            role="assistant", content="Let me build that"
-        ),
-        ChatCompletionAssistantMessageParam(
-            role="assistant", content="", tool_calls=[_tc]
-        ),
-        ChatCompletionToolMessageParam(role="tool", content="ok", tool_call_id="tc1"),
-    ]
-    merged = ChatSession._merge_consecutive_assistant_messages(msgs)
-
-    assert len(merged) == 3
-    assert merged[0]["role"] == "user"
-    assert merged[2]["role"] == "tool"
-    a = cast(ChatCompletionAssistantMessageParam, merged[1])
-    assert a["role"] == "assistant"
-    assert a.get("content") == "Let me build that"
-    assert a.get("tool_calls") == [_tc]
-
-
-def test_merge_combines_tool_calls_from_both():
-    """Both consecutive assistants have tool_calls — they get merged."""
-    msgs: list[ChatCompletionAssistantMessageParam] = [
-        ChatCompletionAssistantMessageParam(
-            role="assistant", content="text", tool_calls=[_tc]
-        ),
-        ChatCompletionAssistantMessageParam(
-            role="assistant", content="", tool_calls=[_tc2]
-        ),
-    ]
-    merged = ChatSession._merge_consecutive_assistant_messages(msgs)  # type: ignore[arg-type]
-
-    assert len(merged) == 1
-    a = cast(ChatCompletionAssistantMessageParam, merged[0])
-    assert a.get("tool_calls") == [_tc, _tc2]
-    assert a.get("content") == "text"
-
-
-def test_merge_three_consecutive_assistants():
-    """Three consecutive assistants collapse into one."""
-    msgs: list[ChatCompletionAssistantMessageParam] = [
-        ChatCompletionAssistantMessageParam(role="assistant", content="a"),
-        ChatCompletionAssistantMessageParam(role="assistant", content="b"),
-        ChatCompletionAssistantMessageParam(
-            role="assistant", content="", tool_calls=[_tc]
-        ),
-    ]
-    merged = ChatSession._merge_consecutive_assistant_messages(msgs)  # type: ignore[arg-type]
-
-    assert len(merged) == 1
-    a = cast(ChatCompletionAssistantMessageParam, merged[0])
-    assert a.get("content") == "a\nb"
-    assert a.get("tool_calls") == [_tc]
-
-
-def test_merge_empty_and_single_message():
-    """Edge cases: empty list and single message."""
-    assert ChatSession._merge_consecutive_assistant_messages([]) == []
-
-    single: list[ChatCompletionMessageParam] = [
-        ChatCompletionUserMessageParam(role="user", content="hi")
-    ]
-    assert ChatSession._merge_consecutive_assistant_messages(single) == single
-
-
-# --------------------------------------------------------------------------- #
-#  add_tool_call_to_current_turn                                               #
-# --------------------------------------------------------------------------- #
-
-_raw_tc = {
-    "id": "tc1",
-    "type": "function",
-    "function": {"name": "f", "arguments": "{}"},
-}
-_raw_tc2 = {
-    "id": "tc2",
-    "type": "function",
-    "function": {"name": "g", "arguments": "{}"},
-}
-
-
-def test_add_tool_call_appends_to_existing_assistant():
-    """When the last assistant is from the current turn, tool_call is added to it."""
-    session = ChatSession.new(user_id="u")
-    session.messages = [
-        ChatMessage(role="user", content="hi"),
-        ChatMessage(role="assistant", content="working on it"),
-    ]
-    session.add_tool_call_to_current_turn(_raw_tc)
-
-    assert len(session.messages) == 2  # no new message created
-    assert session.messages[1].tool_calls == [_raw_tc]
-
-
-def test_add_tool_call_creates_assistant_when_none_exists():
-    """When there's no current-turn assistant, a new one is created."""
-    session = ChatSession.new(user_id="u")
-    session.messages = [
-        ChatMessage(role="user", content="hi"),
-    ]
-    session.add_tool_call_to_current_turn(_raw_tc)
-
-    assert len(session.messages) == 2
-    assert session.messages[1].role == "assistant"
-    assert session.messages[1].tool_calls == [_raw_tc]
-
-
-def test_add_tool_call_does_not_cross_user_boundary():
-    """A user message acts as a boundary — previous assistant is not modified."""
-    session = ChatSession.new(user_id="u")
-    session.messages = [
-        ChatMessage(role="assistant", content="old turn"),
-        ChatMessage(role="user", content="new message"),
-    ]
-    session.add_tool_call_to_current_turn(_raw_tc)
-
-    assert len(session.messages) == 3  # new assistant was created
-    assert session.messages[0].tool_calls is None  # old assistant untouched
-    assert session.messages[2].role == "assistant"
-    assert session.messages[2].tool_calls == [_raw_tc]
-
-
-def test_add_tool_call_multiple_times():
-    """Multiple long-running tool calls accumulate on the same assistant."""
-    session = ChatSession.new(user_id="u")
-    session.messages = [
-        ChatMessage(role="user", content="hi"),
-        ChatMessage(role="assistant", content="doing stuff"),
-    ]
-    session.add_tool_call_to_current_turn(_raw_tc)
-    # Simulate a pending tool result in between (like _yield_tool_call does)
-    session.messages.append(
-        ChatMessage(role="tool", content="pending", tool_call_id="tc1")
-    )
-    session.add_tool_call_to_current_turn(_raw_tc2)
-
-    assert len(session.messages) == 3  # user, assistant, tool — no extra assistant
-    assert session.messages[1].tool_calls == [_raw_tc, _raw_tc2]
-
-
-def test_to_openai_messages_merges_split_assistants():
-    """End-to-end: session with split assistants produces valid OpenAI messages."""
-    session = ChatSession.new(user_id="u")
-    session.messages = [
-        ChatMessage(role="user", content="build agent"),
-        ChatMessage(role="assistant", content="Let me build that"),
-        ChatMessage(
-            role="assistant",
-            content="",
-            tool_calls=[
-                {
-                    "id": "tc1",
-                    "type": "function",
-                    "function": {"name": "create_agent", "arguments": "{}"},
-                }
-            ],
-        ),
-        ChatMessage(role="tool", content="done", tool_call_id="tc1"),
-        ChatMessage(role="assistant", content="Saved!"),
-        ChatMessage(role="user", content="show me an example run"),
-    ]
-    openai_msgs = session.to_openai_messages()
-
-    # The two consecutive assistants at index 1,2 should be merged
-    roles = [m["role"] for m in openai_msgs]
-    assert roles == ["user", "assistant", "tool", "assistant", "user"]
-
-    # The merged assistant should have both content and tool_calls
-    merged = cast(ChatCompletionAssistantMessageParam, openai_msgs[1])
-    assert merged.get("content") == "Let me build that"
-    tc_list = merged.get("tool_calls")
-    assert tc_list is not None and len(list(tc_list)) == 1
-    assert list(tc_list)[0]["id"] == "tc1"

autogpt_platform/backend/backend/api/features/chat/routes.py

@@ -1,41 +1,29 @@
 """Chat API routes for chat session management and streaming via SSE."""
 
-import asyncio
 import logging
 import uuid as uuid_module
 from collections.abc import AsyncGenerator
 from typing import Annotated
 
-from autogpt_libs import auth
 from fastapi import APIRouter, Depends, Header, HTTPException, Query, Response, Security
 from fastapi.responses import StreamingResponse
 from pydantic import BaseModel
 
+from backend.api import auth
 from backend.util.exceptions import NotFoundError
-from backend.util.feature_flag import Flag, is_feature_enabled
 
 from . import service as chat_service
 from . import stream_registry
 from .completion_handler import process_operation_failure, process_operation_success
 from .config import ChatConfig
-from .model import (
-    ChatMessage,
-    ChatSession,
-    append_and_save_message,
-    create_chat_session,
-    delete_chat_session,
-    get_chat_session,
-    get_user_sessions,
-)
-from .response_model import StreamError, StreamFinish, StreamHeartbeat, StreamStart
-from .sdk import service as sdk_service
+from .model import ChatSession, create_chat_session, get_chat_session, get_user_sessions
+from .response_model import StreamFinish, StreamHeartbeat
 from .tools.models import (
     AgentDetailsResponse,
     AgentOutputResponse,
     AgentPreviewResponse,
     AgentSavedResponse,
     AgentsFoundResponse,
-    BlockDetailsResponse,
     BlockListResponse,
     BlockOutputResponse,
     ClarificationNeededResponse,
@@ -52,7 +40,6 @@ from .tools.models import (
     SetupRequirementsResponse,
     UnderstandingUpdatedResponse,
 )
-from .tracking import track_user_message
 
 config = ChatConfig()
 
@@ -212,43 +199,6 @@ async def create_session(
     )
 
 
-@router.delete(
-    "/sessions/{session_id}",
-    dependencies=[Security(auth.requires_user)],
-    status_code=204,
-    responses={404: {"description": "Session not found or access denied"}},
-)
-async def delete_session(
-    session_id: str,
-    user_id: Annotated[str, Security(auth.get_user_id)],
-) -> Response:
-    """
-    Delete a chat session.
-
-    Permanently removes a chat session and all its messages.
-    Only the owner can delete their sessions.
-
-    Args:
-        session_id: The session ID to delete.
-        user_id: The authenticated user's ID.
-
-    Returns:
-        204 No Content on success.
-
-    Raises:
-        HTTPException: 404 if session not found or not owned by user.
-    """
-    deleted = await delete_chat_session(session_id, user_id)
-
-    if not deleted:
-        raise HTTPException(
-            status_code=404,
-            detail=f"Session {session_id} not found or access denied",
-        )
-
-    return Response(status_code=204)
-
-
 @router.get(
     "/sessions/{session_id}",
 )
@@ -281,10 +231,6 @@ async def get_session(
     active_task, last_message_id = await stream_registry.get_active_task_for_session(
         session_id, user_id
     )
-    logger.info(
-        f"[GET_SESSION] session={session_id}, active_task={active_task is not None}, "
-        f"msg_count={len(messages)}, last_role={messages[-1].get('role') if messages else 'none'}"
-    )
     if active_task:
         # Filter out the in-progress assistant message from the session response.
         # The client will receive the complete assistant response through the SSE
@@ -354,6 +300,7 @@ async def stream_chat_post(
         f"user={user_id}, message_len={len(request.message)}",
         extra={"json_fields": log_meta},
     )
+
     session = await _validate_and_get_session(session_id, user_id)
     logger.info(
         f"[TIMING] session validated in {(time.perf_counter() - stream_start_time) * 1000:.1f}ms",
@@ -365,25 +312,6 @@ async def stream_chat_post(
         },
     )
 
-    # Atomically append user message to session BEFORE creating task to avoid
-    # race condition where GET_SESSION sees task as "running" but message isn't
-    # saved yet.  append_and_save_message re-fetches inside a lock to prevent
-    # message loss from concurrent requests.
-    if request.message:
-        message = ChatMessage(
-            role="user" if request.is_user_message else "assistant",
-            content=request.message,
-        )
-        if request.is_user_message:
-            track_user_message(
-                user_id=user_id,
-                session_id=session_id,
-                message_length=len(request.message),
-            )
-        logger.info(f"[STREAM] Saving user message to session {session_id}")
-        session = await append_and_save_message(session_id, message)
-        logger.info(f"[STREAM] User message saved for session {session_id}")
-
     # Create a task in the stream registry for reconnection support
     task_id = str(uuid_module.uuid4())
     operation_id = str(uuid_module.uuid4())
@@ -420,47 +348,15 @@ async def stream_chat_post(
         first_chunk_time, ttfc = None, None
         chunk_count = 0
         try:
-            # Emit a start event with task_id for reconnection
-            start_chunk = StreamStart(messageId=task_id, taskId=task_id)
-            await stream_registry.publish_chunk(task_id, start_chunk)
-            logger.info(
-                f"[TIMING] StreamStart published at {(time_module.perf_counter() - gen_start_time) * 1000:.1f}ms",
-                extra={
-                    "json_fields": {
-                        **log_meta,
-                        "elapsed_ms": (time_module.perf_counter() - gen_start_time)
-                        * 1000,
-                    }
-                },
-            )
-
-            # Choose service based on LaunchDarkly flag (falls back to config default)
-            use_sdk = await is_feature_enabled(
-                Flag.COPILOT_SDK,
-                user_id or "anonymous",
-                default=config.use_claude_agent_sdk,
-            )
-            stream_fn = (
-                sdk_service.stream_chat_completion_sdk
-                if use_sdk
-                else chat_service.stream_chat_completion
-            )
-            logger.info(
-                f"[TIMING] Calling {'sdk' if use_sdk else 'standard'} stream_chat_completion",
-                extra={"json_fields": log_meta},
-            )
-            # Pass message=None since we already added it to the session above
-            async for chunk in stream_fn(
+            async for chunk in chat_service.stream_chat_completion(
                 session_id,
-                None,  # Message already in session
+                request.message,
                 is_user_message=request.is_user_message,
                 user_id=user_id,
-                session=session,  # Pass session with message already added
+                session=session,  # Pass pre-fetched session to avoid double-fetch
                 context=request.context,
+                _task_id=task_id,  # Pass task_id so service emits start with taskId for reconnection
             ):
-                # Skip duplicate StreamStart — we already published one above
-                if isinstance(chunk, StreamStart):
-                    continue
                 chunk_count += 1
                 if first_chunk_time is None:
                     first_chunk_time = time_module.perf_counter()
@@ -508,17 +404,6 @@ async def stream_chat_post(
                     }
                 },
             )
-            # Publish a StreamError so the frontend can display an error message
-            try:
-                await stream_registry.publish_chunk(
-                    task_id,
-                    StreamError(
-                        errorText="An error occurred. Please try again.",
-                        code="stream_error",
-                    ),
-                )
-            except Exception:
-                pass  # Best-effort; mark_task_completed will publish StreamFinish
             await stream_registry.mark_task_completed(task_id, "failed")
 
     # Start the AI generation in a background task
@@ -621,14 +506,8 @@ async def stream_chat_post(
                     "json_fields": {**log_meta, "elapsed_ms": elapsed, "error": str(e)}
                 },
             )
-            # Surface error to frontend so it doesn't appear stuck
-            yield StreamError(
-                errorText="An error occurred. Please try again.",
-                code="stream_error",
-            ).to_sse()
-            yield StreamFinish().to_sse()
         finally:
-            # Unsubscribe when client disconnects or stream ends
+            # Unsubscribe when client disconnects or stream ends to prevent resource leak
             if subscriber_queue is not None:
                 try:
                     await stream_registry.unsubscribe_from_task(
@@ -872,6 +751,8 @@ async def stream_task(
         )
 
     async def event_generator() -> AsyncGenerator[str, None]:
+        import asyncio
+
         heartbeat_interval = 15.0  # Send heartbeat every 15 seconds
         try:
             while True:
@@ -1090,7 +971,6 @@ ToolResponseUnion = (
     | AgentSavedResponse
     | ClarificationNeededResponse
     | BlockListResponse
-    | BlockDetailsResponse
     | BlockOutputResponse
     | DocSearchResultsResponse
     | DocPageResponse

autogpt_platform/backend/backend/api/features/chat/sdk/__init__.py

@@ -1,14 +0,0 @@
-"""Claude Agent SDK integration for CoPilot.
-
-This module provides the integration layer between the Claude Agent SDK
-and the existing CoPilot tool system, enabling drop-in replacement of
-the current LLM orchestration with the battle-tested Claude Agent SDK.
-"""
-
-from .service import stream_chat_completion_sdk
-from .tool_adapter import create_copilot_mcp_server
-
-__all__ = [
-    "stream_chat_completion_sdk",
-    "create_copilot_mcp_server",
-]

autogpt_platform/backend/backend/api/features/chat/sdk/response_adapter.py

@@ -1,203 +0,0 @@
-"""Response adapter for converting Claude Agent SDK messages to Vercel AI SDK format.
-
-This module provides the adapter layer that converts streaming messages from
-the Claude Agent SDK into the Vercel AI SDK UI Stream Protocol format that
-the frontend expects.
-"""
-
-import json
-import logging
-import uuid
-
-from claude_agent_sdk import (
-    AssistantMessage,
-    Message,
-    ResultMessage,
-    SystemMessage,
-    TextBlock,
-    ToolResultBlock,
-    ToolUseBlock,
-    UserMessage,
-)
-
-from backend.api.features.chat.response_model import (
-    StreamBaseResponse,
-    StreamError,
-    StreamFinish,
-    StreamFinishStep,
-    StreamStart,
-    StreamStartStep,
-    StreamTextDelta,
-    StreamTextEnd,
-    StreamTextStart,
-    StreamToolInputAvailable,
-    StreamToolInputStart,
-    StreamToolOutputAvailable,
-)
-from backend.api.features.chat.sdk.tool_adapter import (
-    MCP_TOOL_PREFIX,
-    pop_pending_tool_output,
-)
-
-logger = logging.getLogger(__name__)
-
-
-class SDKResponseAdapter:
-    """Adapter for converting Claude Agent SDK messages to Vercel AI SDK format.
-
-    This class maintains state during a streaming session to properly track
-    text blocks, tool calls, and message lifecycle.
-    """
-
-    def __init__(self, message_id: str | None = None):
-        self.message_id = message_id or str(uuid.uuid4())
-        self.text_block_id = str(uuid.uuid4())
-        self.has_started_text = False
-        self.has_ended_text = False
-        self.current_tool_calls: dict[str, dict[str, str]] = {}
-        self.task_id: str | None = None
-        self.step_open = False
-
-    def set_task_id(self, task_id: str) -> None:
-        """Set the task ID for reconnection support."""
-        self.task_id = task_id
-
-    def convert_message(self, sdk_message: Message) -> list[StreamBaseResponse]:
-        """Convert a single SDK message to Vercel AI SDK format."""
-        responses: list[StreamBaseResponse] = []
-
-        if isinstance(sdk_message, SystemMessage):
-            if sdk_message.subtype == "init":
-                responses.append(
-                    StreamStart(messageId=self.message_id, taskId=self.task_id)
-                )
-                # Open the first step (matches non-SDK: StreamStart then StreamStartStep)
-                responses.append(StreamStartStep())
-                self.step_open = True
-
-        elif isinstance(sdk_message, AssistantMessage):
-            # After tool results, the SDK sends a new AssistantMessage for the
-            # next LLM turn. Open a new step if the previous one was closed.
-            if not self.step_open:
-                responses.append(StreamStartStep())
-                self.step_open = True
-
-            for block in sdk_message.content:
-                if isinstance(block, TextBlock):
-                    if block.text:
-                        self._ensure_text_started(responses)
-                        responses.append(
-                            StreamTextDelta(id=self.text_block_id, delta=block.text)
-                        )
-
-                elif isinstance(block, ToolUseBlock):
-                    self._end_text_if_open(responses)
-
-                    # Strip MCP prefix so frontend sees "find_block"
-                    # instead of "mcp__copilot__find_block".
-                    tool_name = block.name.removeprefix(MCP_TOOL_PREFIX)
-
-                    responses.append(
-                        StreamToolInputStart(toolCallId=block.id, toolName=tool_name)
-                    )
-                    responses.append(
-                        StreamToolInputAvailable(
-                            toolCallId=block.id,
-                            toolName=tool_name,
-                            input=block.input,
-                        )
-                    )
-                    self.current_tool_calls[block.id] = {"name": tool_name}
-
-        elif isinstance(sdk_message, UserMessage):
-            # UserMessage carries tool results back from tool execution.
-            content = sdk_message.content
-            blocks = content if isinstance(content, list) else []
-            for block in blocks:
-                if isinstance(block, ToolResultBlock) and block.tool_use_id:
-                    tool_info = self.current_tool_calls.get(block.tool_use_id, {})
-                    tool_name = tool_info.get("name", "unknown")
-
-                    # Prefer the stashed full output over the SDK's
-                    # (potentially truncated) ToolResultBlock content.
-                    # The SDK truncates large results, writing them to disk,
-                    # which breaks frontend widget parsing.
-                    output = pop_pending_tool_output(tool_name) or (
-                        _extract_tool_output(block.content)
-                    )
-
-                    responses.append(
-                        StreamToolOutputAvailable(
-                            toolCallId=block.tool_use_id,
-                            toolName=tool_name,
-                            output=output,
-                            success=not (block.is_error or False),
-                        )
-                    )
-
-            # Close the current step after tool results — the next
-            # AssistantMessage will open a new step for the continuation.
-            if self.step_open:
-                responses.append(StreamFinishStep())
-                self.step_open = False
-
-        elif isinstance(sdk_message, ResultMessage):
-            self._end_text_if_open(responses)
-            # Close the step before finishing.
-            if self.step_open:
-                responses.append(StreamFinishStep())
-                self.step_open = False
-
-            if sdk_message.subtype == "success":
-                responses.append(StreamFinish())
-            elif sdk_message.subtype in ("error", "error_during_execution"):
-                error_msg = getattr(sdk_message, "result", None) or "Unknown error"
-                responses.append(
-                    StreamError(errorText=str(error_msg), code="sdk_error")
-                )
-                responses.append(StreamFinish())
-            else:
-                logger.warning(
-                    f"Unexpected ResultMessage subtype: {sdk_message.subtype}"
-                )
-                responses.append(StreamFinish())
-
-        else:
-            logger.debug(f"Unhandled SDK message type: {type(sdk_message).__name__}")
-
-        return responses
-
-    def _ensure_text_started(self, responses: list[StreamBaseResponse]) -> None:
-        """Start (or restart) a text block if needed."""
-        if not self.has_started_text or self.has_ended_text:
-            if self.has_ended_text:
-                self.text_block_id = str(uuid.uuid4())
-                self.has_ended_text = False
-            responses.append(StreamTextStart(id=self.text_block_id))
-            self.has_started_text = True
-
-    def _end_text_if_open(self, responses: list[StreamBaseResponse]) -> None:
-        """End the current text block if one is open."""
-        if self.has_started_text and not self.has_ended_text:
-            responses.append(StreamTextEnd(id=self.text_block_id))
-            self.has_ended_text = True
-
-
-def _extract_tool_output(content: str | list[dict[str, str]] | None) -> str:
-    """Extract a string output from a ToolResultBlock's content field."""
-    if isinstance(content, str):
-        return content
-    if isinstance(content, list):
-        parts = [item.get("text", "") for item in content if item.get("type") == "text"]
-        if parts:
-            return "".join(parts)
-        try:
-            return json.dumps(content)
-        except (TypeError, ValueError):
-            return str(content)
-    if content is None:
-        return ""
-    try:
-        return json.dumps(content)
-    except (TypeError, ValueError):
-        return str(content)

autogpt_platform/backend/backend/api/features/chat/sdk/response_adapter_test.py

@@ -1,366 +0,0 @@
-"""Unit tests for the SDK response adapter."""
-
-from claude_agent_sdk import (
-    AssistantMessage,
-    ResultMessage,
-    SystemMessage,
-    TextBlock,
-    ToolResultBlock,
-    ToolUseBlock,
-    UserMessage,
-)
-
-from backend.api.features.chat.response_model import (
-    StreamBaseResponse,
-    StreamError,
-    StreamFinish,
-    StreamFinishStep,
-    StreamStart,
-    StreamStartStep,
-    StreamTextDelta,
-    StreamTextEnd,
-    StreamTextStart,
-    StreamToolInputAvailable,
-    StreamToolInputStart,
-    StreamToolOutputAvailable,
-)
-
-from .response_adapter import SDKResponseAdapter
-from .tool_adapter import MCP_TOOL_PREFIX
-
-
-def _adapter() -> SDKResponseAdapter:
-    a = SDKResponseAdapter(message_id="msg-1")
-    a.set_task_id("task-1")
-    return a
-
-
-# -- SystemMessage -----------------------------------------------------------
-
-
-def test_system_init_emits_start_and_step():
-    adapter = _adapter()
-    results = adapter.convert_message(SystemMessage(subtype="init", data={}))
-    assert len(results) == 2
-    assert isinstance(results[0], StreamStart)
-    assert results[0].messageId == "msg-1"
-    assert results[0].taskId == "task-1"
-    assert isinstance(results[1], StreamStartStep)
-
-
-def test_system_non_init_emits_nothing():
-    adapter = _adapter()
-    results = adapter.convert_message(SystemMessage(subtype="other", data={}))
-    assert results == []
-
-
-# -- AssistantMessage with TextBlock -----------------------------------------
-
-
-def test_text_block_emits_step_start_and_delta():
-    adapter = _adapter()
-    msg = AssistantMessage(content=[TextBlock(text="hello")], model="test")
-    results = adapter.convert_message(msg)
-    assert len(results) == 3
-    assert isinstance(results[0], StreamStartStep)
-    assert isinstance(results[1], StreamTextStart)
-    assert isinstance(results[2], StreamTextDelta)
-    assert results[2].delta == "hello"
-
-
-def test_empty_text_block_emits_only_step():
-    adapter = _adapter()
-    msg = AssistantMessage(content=[TextBlock(text="")], model="test")
-    results = adapter.convert_message(msg)
-    # Empty text skipped, but step still opens
-    assert len(results) == 1
-    assert isinstance(results[0], StreamStartStep)
-
-
-def test_multiple_text_deltas_reuse_block_id():
-    adapter = _adapter()
-    msg1 = AssistantMessage(content=[TextBlock(text="a")], model="test")
-    msg2 = AssistantMessage(content=[TextBlock(text="b")], model="test")
-    r1 = adapter.convert_message(msg1)
-    r2 = adapter.convert_message(msg2)
-    # First gets step+start+delta, second only delta (block & step already started)
-    assert len(r1) == 3
-    assert isinstance(r1[0], StreamStartStep)
-    assert isinstance(r1[1], StreamTextStart)
-    assert len(r2) == 1
-    assert isinstance(r2[0], StreamTextDelta)
-    assert r1[1].id == r2[0].id  # same block ID
-
-
-# -- AssistantMessage with ToolUseBlock --------------------------------------
-
-
-def test_tool_use_emits_input_start_and_available():
-    """Tool names arrive with MCP prefix and should be stripped for the frontend."""
-    adapter = _adapter()
-    msg = AssistantMessage(
-        content=[
-            ToolUseBlock(
-                id="tool-1",
-                name=f"{MCP_TOOL_PREFIX}find_agent",
-                input={"q": "x"},
-            )
-        ],
-        model="test",
-    )
-    results = adapter.convert_message(msg)
-    assert len(results) == 3
-    assert isinstance(results[0], StreamStartStep)
-    assert isinstance(results[1], StreamToolInputStart)
-    assert results[1].toolCallId == "tool-1"
-    assert results[1].toolName == "find_agent"  # prefix stripped
-    assert isinstance(results[2], StreamToolInputAvailable)
-    assert results[2].toolName == "find_agent"  # prefix stripped
-    assert results[2].input == {"q": "x"}
-
-
-def test_text_then_tool_ends_text_block():
-    adapter = _adapter()
-    text_msg = AssistantMessage(content=[TextBlock(text="thinking...")], model="test")
-    tool_msg = AssistantMessage(
-        content=[ToolUseBlock(id="t1", name=f"{MCP_TOOL_PREFIX}tool", input={})],
-        model="test",
-    )
-    adapter.convert_message(text_msg)  # opens step + text
-    results = adapter.convert_message(tool_msg)
-    # Step already open, so: TextEnd, ToolInputStart, ToolInputAvailable
-    assert len(results) == 3
-    assert isinstance(results[0], StreamTextEnd)
-    assert isinstance(results[1], StreamToolInputStart)
-
-
-# -- UserMessage with ToolResultBlock ----------------------------------------
-
-
-def test_tool_result_emits_output_and_finish_step():
-    adapter = _adapter()
-    # First register the tool call (opens step) — SDK sends prefixed name
-    tool_msg = AssistantMessage(
-        content=[ToolUseBlock(id="t1", name=f"{MCP_TOOL_PREFIX}find_agent", input={})],
-        model="test",
-    )
-    adapter.convert_message(tool_msg)
-
-    # Now send tool result
-    result_msg = UserMessage(
-        content=[ToolResultBlock(tool_use_id="t1", content="found 3 agents")]
-    )
-    results = adapter.convert_message(result_msg)
-    assert len(results) == 2
-    assert isinstance(results[0], StreamToolOutputAvailable)
-    assert results[0].toolCallId == "t1"
-    assert results[0].toolName == "find_agent"  # prefix stripped
-    assert results[0].output == "found 3 agents"
-    assert results[0].success is True
-    assert isinstance(results[1], StreamFinishStep)
-
-
-def test_tool_result_error():
-    adapter = _adapter()
-    adapter.convert_message(
-        AssistantMessage(
-            content=[
-                ToolUseBlock(id="t1", name=f"{MCP_TOOL_PREFIX}run_agent", input={})
-            ],
-            model="test",
-        )
-    )
-    result_msg = UserMessage(
-        content=[ToolResultBlock(tool_use_id="t1", content="timeout", is_error=True)]
-    )
-    results = adapter.convert_message(result_msg)
-    assert isinstance(results[0], StreamToolOutputAvailable)
-    assert results[0].success is False
-    assert isinstance(results[1], StreamFinishStep)
-
-
-def test_tool_result_list_content():
-    adapter = _adapter()
-    adapter.convert_message(
-        AssistantMessage(
-            content=[ToolUseBlock(id="t1", name=f"{MCP_TOOL_PREFIX}tool", input={})],
-            model="test",
-        )
-    )
-    result_msg = UserMessage(
-        content=[
-            ToolResultBlock(
-                tool_use_id="t1",
-                content=[
-                    {"type": "text", "text": "line1"},
-                    {"type": "text", "text": "line2"},
-                ],
-            )
-        ]
-    )
-    results = adapter.convert_message(result_msg)
-    assert isinstance(results[0], StreamToolOutputAvailable)
-    assert results[0].output == "line1line2"
-    assert isinstance(results[1], StreamFinishStep)
-
-
-def test_string_user_message_ignored():
-    """A plain string UserMessage (not tool results) produces no output."""
-    adapter = _adapter()
-    results = adapter.convert_message(UserMessage(content="hello"))
-    assert results == []
-
-
-# -- ResultMessage -----------------------------------------------------------
-
-
-def test_result_success_emits_finish_step_and_finish():
-    adapter = _adapter()
-    # Start some text first (opens step)
-    adapter.convert_message(
-        AssistantMessage(content=[TextBlock(text="done")], model="test")
-    )
-    msg = ResultMessage(
-        subtype="success",
-        duration_ms=100,
-        duration_api_ms=50,
-        is_error=False,
-        num_turns=1,
-        session_id="s1",
-    )
-    results = adapter.convert_message(msg)
-    # TextEnd + FinishStep + StreamFinish
-    assert len(results) == 3
-    assert isinstance(results[0], StreamTextEnd)
-    assert isinstance(results[1], StreamFinishStep)
-    assert isinstance(results[2], StreamFinish)
-
-
-def test_result_error_emits_error_and_finish():
-    adapter = _adapter()
-    msg = ResultMessage(
-        subtype="error",
-        duration_ms=100,
-        duration_api_ms=50,
-        is_error=True,
-        num_turns=0,
-        session_id="s1",
-        result="API rate limited",
-    )
-    results = adapter.convert_message(msg)
-    # No step was open, so no FinishStep — just Error + Finish
-    assert len(results) == 2
-    assert isinstance(results[0], StreamError)
-    assert "API rate limited" in results[0].errorText
-    assert isinstance(results[1], StreamFinish)
-
-
-# -- Text after tools (new block ID) ----------------------------------------
-
-
-def test_text_after_tool_gets_new_block_id():
-    adapter = _adapter()
-    # Text -> Tool -> ToolResult -> Text should get a new text block ID and step
-    adapter.convert_message(
-        AssistantMessage(content=[TextBlock(text="before")], model="test")
-    )
-    adapter.convert_message(
-        AssistantMessage(
-            content=[ToolUseBlock(id="t1", name=f"{MCP_TOOL_PREFIX}tool", input={})],
-            model="test",
-        )
-    )
-    # Send tool result (closes step)
-    adapter.convert_message(
-        UserMessage(content=[ToolResultBlock(tool_use_id="t1", content="ok")])
-    )
-    results = adapter.convert_message(
-        AssistantMessage(content=[TextBlock(text="after")], model="test")
-    )
-    # Should get StreamStartStep (new step) + StreamTextStart (new block) + StreamTextDelta
-    assert len(results) == 3
-    assert isinstance(results[0], StreamStartStep)
-    assert isinstance(results[1], StreamTextStart)
-    assert isinstance(results[2], StreamTextDelta)
-    assert results[2].delta == "after"
-
-
-# -- Full conversation flow --------------------------------------------------
-
-
-def test_full_conversation_flow():
-    """Simulate a complete conversation: init -> text -> tool -> result -> text -> finish."""
-    adapter = _adapter()
-    all_responses: list[StreamBaseResponse] = []
-
-    # 1. Init
-    all_responses.extend(
-        adapter.convert_message(SystemMessage(subtype="init", data={}))
-    )
-    # 2. Assistant text
-    all_responses.extend(
-        adapter.convert_message(
-            AssistantMessage(content=[TextBlock(text="Let me search")], model="test")
-        )
-    )
-    # 3. Tool use
-    all_responses.extend(
-        adapter.convert_message(
-            AssistantMessage(
-                content=[
-                    ToolUseBlock(
-                        id="t1",
-                        name=f"{MCP_TOOL_PREFIX}find_agent",
-                        input={"query": "email"},
-                    )
-                ],
-                model="test",
-            )
-        )
-    )
-    # 4. Tool result
-    all_responses.extend(
-        adapter.convert_message(
-            UserMessage(
-                content=[ToolResultBlock(tool_use_id="t1", content="Found 2 agents")]
-            )
-        )
-    )
-    # 5. More text
-    all_responses.extend(
-        adapter.convert_message(
-            AssistantMessage(content=[TextBlock(text="I found 2")], model="test")
-        )
-    )
-    # 6. Result
-    all_responses.extend(
-        adapter.convert_message(
-            ResultMessage(
-                subtype="success",
-                duration_ms=500,
-                duration_api_ms=400,
-                is_error=False,
-                num_turns=2,
-                session_id="s1",
-            )
-        )
-    )
-
-    types = [type(r).__name__ for r in all_responses]
-    assert types == [
-        "StreamStart",
-        "StreamStartStep",  # step 1: text + tool call
-        "StreamTextStart",
-        "StreamTextDelta",  # "Let me search"
-        "StreamTextEnd",  # closed before tool
-        "StreamToolInputStart",
-        "StreamToolInputAvailable",
-        "StreamToolOutputAvailable",  # tool result
-        "StreamFinishStep",  # step 1 closed after tool result
-        "StreamStartStep",  # step 2: continuation text
-        "StreamTextStart",  # new block after tool
-        "StreamTextDelta",  # "I found 2"
-        "StreamTextEnd",  # closed by result
-        "StreamFinishStep",  # step 2 closed
-        "StreamFinish",
-    ]

autogpt_platform/backend/backend/api/features/chat/sdk/security_hooks.py

@@ -1,305 +0,0 @@
-"""Security hooks for Claude Agent SDK integration.
-
-This module provides security hooks that validate tool calls before execution,
-ensuring multi-user isolation and preventing unauthorized operations.
-"""
-
-import json
-import logging
-import os
-import re
-from collections.abc import Callable
-from typing import Any, cast
-
-from backend.api.features.chat.sdk.tool_adapter import (
-    BLOCKED_TOOLS,
-    DANGEROUS_PATTERNS,
-    MCP_TOOL_PREFIX,
-    WORKSPACE_SCOPED_TOOLS,
-)
-
-logger = logging.getLogger(__name__)
-
-
-def _deny(reason: str) -> dict[str, Any]:
-    """Return a hook denial response."""
-    return {
-        "hookSpecificOutput": {
-            "hookEventName": "PreToolUse",
-            "permissionDecision": "deny",
-            "permissionDecisionReason": reason,
-        }
-    }
-
-
-def _validate_workspace_path(
-    tool_name: str, tool_input: dict[str, Any], sdk_cwd: str | None
-) -> dict[str, Any]:
-    """Validate that a workspace-scoped tool only accesses allowed paths.
-
-    Allowed directories:
-    - The SDK working directory (``/tmp/copilot-<session>/``)
-    - The SDK tool-results directory (``~/.claude/projects/…/tool-results/``)
-    """
-    path = tool_input.get("file_path") or tool_input.get("path") or ""
-    if not path:
-        # Glob/Grep without a path default to cwd which is already sandboxed
-        return {}
-
-    # Resolve relative paths against sdk_cwd (the SDK sets cwd so the LLM
-    # naturally uses relative paths like "test.txt" instead of absolute ones).
-    # Tilde paths (~/) are home-dir references, not relative — expand first.
-    if path.startswith("~"):
-        resolved = os.path.realpath(os.path.expanduser(path))
-    elif not os.path.isabs(path) and sdk_cwd:
-        resolved = os.path.realpath(os.path.join(sdk_cwd, path))
-    else:
-        resolved = os.path.realpath(path)
-
-    # Allow access within the SDK working directory
-    if sdk_cwd:
-        norm_cwd = os.path.realpath(sdk_cwd)
-        if resolved.startswith(norm_cwd + os.sep) or resolved == norm_cwd:
-            return {}
-
-    # Allow access to ~/.claude/projects/*/tool-results/ (big tool results)
-    claude_dir = os.path.realpath(os.path.expanduser("~/.claude/projects"))
-    tool_results_seg = os.sep + "tool-results" + os.sep
-    if resolved.startswith(claude_dir + os.sep) and tool_results_seg in resolved:
-        return {}
-
-    logger.warning(
-        f"Blocked {tool_name} outside workspace: {path} (resolved={resolved})"
-    )
-    workspace_hint = f" Allowed workspace: {sdk_cwd}" if sdk_cwd else ""
-    return _deny(
-        f"[SECURITY] Tool '{tool_name}' can only access files within the workspace "
-        f"directory.{workspace_hint} "
-        "This is enforced by the platform and cannot be bypassed."
-    )
-
-
-def _validate_tool_access(
-    tool_name: str, tool_input: dict[str, Any], sdk_cwd: str | None = None
-) -> dict[str, Any]:
-    """Validate that a tool call is allowed.
-
-    Returns:
-        Empty dict to allow, or dict with hookSpecificOutput to deny
-    """
-    # Block forbidden tools
-    if tool_name in BLOCKED_TOOLS:
-        logger.warning(f"Blocked tool access attempt: {tool_name}")
-        return _deny(
-            f"[SECURITY] Tool '{tool_name}' is blocked for security. "
-            "This is enforced by the platform and cannot be bypassed. "
-            "Use the CoPilot-specific MCP tools instead."
-        )
-
-    # Workspace-scoped tools: allowed only within the SDK workspace directory
-    if tool_name in WORKSPACE_SCOPED_TOOLS:
-        return _validate_workspace_path(tool_name, tool_input, sdk_cwd)
-
-    # Check for dangerous patterns in tool input
-    # Use json.dumps for predictable format (str() produces Python repr)
-    input_str = json.dumps(tool_input) if tool_input else ""
-
-    for pattern in DANGEROUS_PATTERNS:
-        if re.search(pattern, input_str, re.IGNORECASE):
-            logger.warning(
-                f"Blocked dangerous pattern in tool input: {pattern} in {tool_name}"
-            )
-            return _deny(
-                "[SECURITY] Input contains a blocked pattern. "
-                "This is enforced by the platform and cannot be bypassed."
-            )
-
-    return {}
-
-
-def _validate_user_isolation(
-    tool_name: str, tool_input: dict[str, Any], user_id: str | None
-) -> dict[str, Any]:
-    """Validate that tool calls respect user isolation."""
-    # For workspace file tools, ensure path doesn't escape
-    if "workspace" in tool_name.lower():
-        path = tool_input.get("path", "") or tool_input.get("file_path", "")
-        if path:
-            # Check for path traversal
-            if ".." in path or path.startswith("/"):
-                logger.warning(
-                    f"Blocked path traversal attempt: {path} by user {user_id}"
-                )
-                return {
-                    "hookSpecificOutput": {
-                        "hookEventName": "PreToolUse",
-                        "permissionDecision": "deny",
-                        "permissionDecisionReason": "Path traversal not allowed",
-                    }
-                }
-
-    return {}
-
-
-def create_security_hooks(
-    user_id: str | None,
-    sdk_cwd: str | None = None,
-    max_subtasks: int = 3,
-    on_stop: Callable[[str, str], None] | None = None,
-) -> dict[str, Any]:
-    """Create the security hooks configuration for Claude Agent SDK.
-
-    Includes security validation and observability hooks:
-    - PreToolUse: Security validation before tool execution
-    - PostToolUse: Log successful tool executions
-    - PostToolUseFailure: Log and handle failed tool executions
-    - PreCompact: Log context compaction events (SDK handles compaction automatically)
-    - Stop: Capture transcript path for stateless resume (when *on_stop* is provided)
-
-    Args:
-        user_id: Current user ID for isolation validation
-        sdk_cwd: SDK working directory for workspace-scoped tool validation
-        max_subtasks: Maximum Task (sub-agent) spawns allowed per session
-        on_stop: Callback ``(transcript_path, sdk_session_id)`` invoked when
-            the SDK finishes processing — used to read the JSONL transcript
-            before the CLI process exits.
-
-    Returns:
-        Hooks configuration dict for ClaudeAgentOptions
-    """
-    try:
-        from claude_agent_sdk import HookMatcher
-        from claude_agent_sdk.types import HookContext, HookInput, SyncHookJSONOutput
-
-        # Per-session counter for Task sub-agent spawns
-        task_spawn_count = 0
-
-        async def pre_tool_use_hook(
-            input_data: HookInput,
-            tool_use_id: str | None,
-            context: HookContext,
-        ) -> SyncHookJSONOutput:
-            """Combined pre-tool-use validation hook."""
-            nonlocal task_spawn_count
-            _ = context  # unused but required by signature
-            tool_name = cast(str, input_data.get("tool_name", ""))
-            tool_input = cast(dict[str, Any], input_data.get("tool_input", {}))
-
-            # Rate-limit Task (sub-agent) spawns per session
-            if tool_name == "Task":
-                task_spawn_count += 1
-                if task_spawn_count > max_subtasks:
-                    logger.warning(
-                        f"[SDK] Task limit reached ({max_subtasks}), user={user_id}"
-                    )
-                    return cast(
-                        SyncHookJSONOutput,
-                        _deny(
-                            f"Maximum {max_subtasks} sub-tasks per session. "
-                            "Please continue in the main conversation."
-                        ),
-                    )
-
-            # Strip MCP prefix for consistent validation
-            is_copilot_tool = tool_name.startswith(MCP_TOOL_PREFIX)
-            clean_name = tool_name.removeprefix(MCP_TOOL_PREFIX)
-
-            # Only block non-CoPilot tools; our MCP-registered tools
-            # (including Read for oversized results) are already sandboxed.
-            if not is_copilot_tool:
-                result = _validate_tool_access(clean_name, tool_input, sdk_cwd)
-                if result:
-                    return cast(SyncHookJSONOutput, result)
-
-            # Validate user isolation
-            result = _validate_user_isolation(clean_name, tool_input, user_id)
-            if result:
-                return cast(SyncHookJSONOutput, result)
-
-            logger.debug(f"[SDK] Tool start: {tool_name}, user={user_id}")
-            return cast(SyncHookJSONOutput, {})
-
-        async def post_tool_use_hook(
-            input_data: HookInput,
-            tool_use_id: str | None,
-            context: HookContext,
-        ) -> SyncHookJSONOutput:
-            """Log successful tool executions for observability."""
-            _ = context
-            tool_name = cast(str, input_data.get("tool_name", ""))
-            logger.debug(f"[SDK] Tool success: {tool_name}, tool_use_id={tool_use_id}")
-            return cast(SyncHookJSONOutput, {})
-
-        async def post_tool_failure_hook(
-            input_data: HookInput,
-            tool_use_id: str | None,
-            context: HookContext,
-        ) -> SyncHookJSONOutput:
-            """Log failed tool executions for debugging."""
-            _ = context
-            tool_name = cast(str, input_data.get("tool_name", ""))
-            error = input_data.get("error", "Unknown error")
-            logger.warning(
-                f"[SDK] Tool failed: {tool_name}, error={error}, "
-                f"user={user_id}, tool_use_id={tool_use_id}"
-            )
-            return cast(SyncHookJSONOutput, {})
-
-        async def pre_compact_hook(
-            input_data: HookInput,
-            tool_use_id: str | None,
-            context: HookContext,
-        ) -> SyncHookJSONOutput:
-            """Log when SDK triggers context compaction.
-
-            The SDK automatically compacts conversation history when it grows too large.
-            This hook provides visibility into when compaction happens.
-            """
-            _ = context, tool_use_id
-            trigger = input_data.get("trigger", "auto")
-            logger.info(
-                f"[SDK] Context compaction triggered: {trigger}, user={user_id}"
-            )
-            return cast(SyncHookJSONOutput, {})
-
-        # --- Stop hook: capture transcript path for stateless resume ---
-        async def stop_hook(
-            input_data: HookInput,
-            tool_use_id: str | None,
-            context: HookContext,
-        ) -> SyncHookJSONOutput:
-            """Capture transcript path when SDK finishes processing.
-
-            The Stop hook fires while the CLI process is still alive, giving us
-            a reliable window to read the JSONL transcript before SIGTERM.
-            """
-            _ = context, tool_use_id
-            transcript_path = cast(str, input_data.get("transcript_path", ""))
-            sdk_session_id = cast(str, input_data.get("session_id", ""))
-
-            if transcript_path and on_stop:
-                logger.info(
-                    f"[SDK] Stop hook: transcript_path={transcript_path}, "
-                    f"sdk_session_id={sdk_session_id[:12]}..."
-                )
-                on_stop(transcript_path, sdk_session_id)
-
-            return cast(SyncHookJSONOutput, {})
-
-        hooks: dict[str, Any] = {
-            "PreToolUse": [HookMatcher(matcher="*", hooks=[pre_tool_use_hook])],
-            "PostToolUse": [HookMatcher(matcher="*", hooks=[post_tool_use_hook])],
-            "PostToolUseFailure": [
-                HookMatcher(matcher="*", hooks=[post_tool_failure_hook])
-            ],
-            "PreCompact": [HookMatcher(matcher="*", hooks=[pre_compact_hook])],
-        }
-
-        if on_stop is not None:
-            hooks["Stop"] = [HookMatcher(matcher=None, hooks=[stop_hook])]
-
-        return hooks
-    except ImportError:
-        # Fallback for when SDK isn't available - return empty hooks
-        logger.warning("claude-agent-sdk not available, security hooks disabled")
-        return {}

autogpt_platform/backend/backend/api/features/chat/sdk/security_hooks_test.py

@@ -1,165 +0,0 @@
-"""Unit tests for SDK security hooks."""
-
-import os
-
-from .security_hooks import _validate_tool_access, _validate_user_isolation
-
-SDK_CWD = "/tmp/copilot-abc123"
-
-
-def _is_denied(result: dict) -> bool:
-    hook = result.get("hookSpecificOutput", {})
-    return hook.get("permissionDecision") == "deny"
-
-
-# -- Blocked tools -----------------------------------------------------------
-
-
-def test_blocked_tools_denied():
-    for tool in ("bash", "shell", "exec", "terminal", "command"):
-        result = _validate_tool_access(tool, {})
-        assert _is_denied(result), f"{tool} should be blocked"
-
-
-def test_unknown_tool_allowed():
-    result = _validate_tool_access("SomeCustomTool", {})
-    assert result == {}
-
-
-# -- Workspace-scoped tools --------------------------------------------------
-
-
-def test_read_within_workspace_allowed():
-    result = _validate_tool_access(
-        "Read", {"file_path": f"{SDK_CWD}/file.txt"}, sdk_cwd=SDK_CWD
-    )
-    assert result == {}
-
-
-def test_write_within_workspace_allowed():
-    result = _validate_tool_access(
-        "Write", {"file_path": f"{SDK_CWD}/output.json"}, sdk_cwd=SDK_CWD
-    )
-    assert result == {}
-
-
-def test_edit_within_workspace_allowed():
-    result = _validate_tool_access(
-        "Edit", {"file_path": f"{SDK_CWD}/src/main.py"}, sdk_cwd=SDK_CWD
-    )
-    assert result == {}
-
-
-def test_glob_within_workspace_allowed():
-    result = _validate_tool_access("Glob", {"path": f"{SDK_CWD}/src"}, sdk_cwd=SDK_CWD)
-    assert result == {}
-
-
-def test_grep_within_workspace_allowed():
-    result = _validate_tool_access("Grep", {"path": f"{SDK_CWD}/src"}, sdk_cwd=SDK_CWD)
-    assert result == {}
-
-
-def test_read_outside_workspace_denied():
-    result = _validate_tool_access(
-        "Read", {"file_path": "/etc/passwd"}, sdk_cwd=SDK_CWD
-    )
-    assert _is_denied(result)
-
-
-def test_write_outside_workspace_denied():
-    result = _validate_tool_access(
-        "Write", {"file_path": "/home/user/secrets.txt"}, sdk_cwd=SDK_CWD
-    )
-    assert _is_denied(result)
-
-
-def test_traversal_attack_denied():
-    result = _validate_tool_access(
-        "Read",
-        {"file_path": f"{SDK_CWD}/../../etc/passwd"},
-        sdk_cwd=SDK_CWD,
-    )
-    assert _is_denied(result)
-
-
-def test_no_path_allowed():
-    """Glob/Grep without a path argument defaults to cwd — should pass."""
-    result = _validate_tool_access("Glob", {}, sdk_cwd=SDK_CWD)
-    assert result == {}
-
-
-def test_read_no_cwd_denies_absolute():
-    """If no sdk_cwd is set, absolute paths are denied."""
-    result = _validate_tool_access("Read", {"file_path": "/tmp/anything"})
-    assert _is_denied(result)
-
-
-# -- Tool-results directory --------------------------------------------------
-
-
-def test_read_tool_results_allowed():
-    home = os.path.expanduser("~")
-    path = f"{home}/.claude/projects/-tmp-copilot-abc123/tool-results/12345.txt"
-    result = _validate_tool_access("Read", {"file_path": path}, sdk_cwd=SDK_CWD)
-    assert result == {}
-
-
-def test_read_claude_projects_without_tool_results_denied():
-    home = os.path.expanduser("~")
-    path = f"{home}/.claude/projects/-tmp-copilot-abc123/settings.json"
-    result = _validate_tool_access("Read", {"file_path": path}, sdk_cwd=SDK_CWD)
-    assert _is_denied(result)
-
-
-# -- Built-in Bash is blocked (use bash_exec MCP tool instead) ---------------
-
-
-def test_bash_builtin_always_blocked():
-    """SDK built-in Bash is blocked — bash_exec MCP tool with bubblewrap is used instead."""
-    result = _validate_tool_access("Bash", {"command": "echo hello"}, sdk_cwd=SDK_CWD)
-    assert _is_denied(result)
-
-
-# -- Dangerous patterns ------------------------------------------------------
-
-
-def test_dangerous_pattern_blocked():
-    result = _validate_tool_access("SomeTool", {"cmd": "sudo rm -rf /"})
-    assert _is_denied(result)
-
-
-def test_subprocess_pattern_blocked():
-    result = _validate_tool_access("SomeTool", {"code": "subprocess.run(...)"})
-    assert _is_denied(result)
-
-
-# -- User isolation ----------------------------------------------------------
-
-
-def test_workspace_path_traversal_blocked():
-    result = _validate_user_isolation(
-        "workspace_read", {"path": "../../../etc/shadow"}, user_id="user-1"
-    )
-    assert _is_denied(result)
-
-
-def test_workspace_absolute_path_blocked():
-    result = _validate_user_isolation(
-        "workspace_read", {"path": "/etc/passwd"}, user_id="user-1"
-    )
-    assert _is_denied(result)
-
-
-def test_workspace_normal_path_allowed():
-    result = _validate_user_isolation(
-        "workspace_read", {"path": "src/main.py"}, user_id="user-1"
-    )
-    assert result == {}
-
-
-def test_non_workspace_tool_passes_isolation():
-    result = _validate_user_isolation(
-        "find_agent", {"query": "email"}, user_id="user-1"
-    )
-    assert result == {}

autogpt_platform/backend/backend/api/features/chat/sdk/service.py

@@ -1,752 +0,0 @@
-"""Claude Agent SDK service layer for CoPilot chat completions."""
-
-import asyncio
-import json
-import logging
-import os
-import uuid
-from collections.abc import AsyncGenerator
-from dataclasses import dataclass
-from typing import Any
-
-from backend.util.exceptions import NotFoundError
-
-from .. import stream_registry
-from ..config import ChatConfig
-from ..model import (
-    ChatMessage,
-    ChatSession,
-    get_chat_session,
-    update_session_title,
-    upsert_chat_session,
-)
-from ..response_model import (
-    StreamBaseResponse,
-    StreamError,
-    StreamFinish,
-    StreamStart,
-    StreamTextDelta,
-    StreamToolInputAvailable,
-    StreamToolOutputAvailable,
-)
-from ..service import (
-    _build_system_prompt,
-    _execute_long_running_tool_with_streaming,
-    _generate_session_title,
-)
-from ..tools.models import OperationPendingResponse, OperationStartedResponse
-from ..tools.sandbox import WORKSPACE_PREFIX, make_session_path
-from ..tracking import track_user_message
-from .response_adapter import SDKResponseAdapter
-from .security_hooks import create_security_hooks
-from .tool_adapter import (
-    COPILOT_TOOL_NAMES,
-    SDK_DISALLOWED_TOOLS,
-    LongRunningCallback,
-    create_copilot_mcp_server,
-    set_execution_context,
-)
-from .transcript import (
-    download_transcript,
-    read_transcript_file,
-    upload_transcript,
-    validate_transcript,
-    write_transcript_to_tempfile,
-)
-
-logger = logging.getLogger(__name__)
-config = ChatConfig()
-
-# Set to hold background tasks to prevent garbage collection
-_background_tasks: set[asyncio.Task[Any]] = set()
-
-
-@dataclass
-class CapturedTranscript:
-    """Info captured by the SDK Stop hook for stateless --resume."""
-
-    path: str = ""
-    sdk_session_id: str = ""
-
-    @property
-    def available(self) -> bool:
-        return bool(self.path)
-
-
-_SDK_CWD_PREFIX = WORKSPACE_PREFIX
-
-# Appended to the system prompt to inform the agent about available tools.
-# The SDK built-in Bash is NOT available — use mcp__copilot__bash_exec instead,
-# which has kernel-level network isolation (unshare --net).
-_SDK_TOOL_SUPPLEMENT = """
-
-## Tool notes
-
-- The SDK built-in Bash tool is NOT available.  Use the `bash_exec` MCP tool
-  for shell commands — it runs in a network-isolated sandbox.
-- **Shared workspace**: The SDK Read/Write tools and `bash_exec` share the
-  same working directory. Files created by one are readable by the other.
-  These files are **ephemeral** — they exist only for the current session.
-- **Persistent storage**: Use `write_workspace_file` / `read_workspace_file`
-  for files that should persist across sessions (stored in cloud storage).
-- Long-running tools (create_agent, edit_agent, etc.) are handled
-  asynchronously.  You will receive an immediate response; the actual result
-  is delivered to the user via a background stream.
-"""
-
-
-def _build_long_running_callback(user_id: str | None) -> LongRunningCallback:
-    """Build a callback that delegates long-running tools to the non-SDK infrastructure.
-
-    Long-running tools (create_agent, edit_agent, etc.) are delegated to the
-    existing background infrastructure: stream_registry (Redis Streams),
-    database persistence, and SSE reconnection.  This means results survive
-    page refreshes / pod restarts, and the frontend shows the proper loading
-    widget with progress updates.
-
-    The returned callback matches the ``LongRunningCallback`` signature:
-    ``(tool_name, args, session) -> MCP response dict``.
-    """
-
-    async def _callback(
-        tool_name: str, args: dict[str, Any], session: ChatSession
-    ) -> dict[str, Any]:
-        operation_id = str(uuid.uuid4())
-        task_id = str(uuid.uuid4())
-        tool_call_id = f"sdk-{uuid.uuid4().hex[:12]}"
-        session_id = session.session_id
-
-        # --- Build user-friendly messages (matches non-SDK service) ---
-        if tool_name == "create_agent":
-            desc = args.get("description", "")
-            desc_preview = (desc[:100] + "...") if len(desc) > 100 else desc
-            pending_msg = (
-                f"Creating your agent: {desc_preview}"
-                if desc_preview
-                else "Creating agent... This may take a few minutes."
-            )
-            started_msg = (
-                "Agent creation started. You can close this tab - "
-                "check your library in a few minutes."
-            )
-        elif tool_name == "edit_agent":
-            changes = args.get("changes", "")
-            changes_preview = (changes[:100] + "...") if len(changes) > 100 else changes
-            pending_msg = (
-                f"Editing agent: {changes_preview}"
-                if changes_preview
-                else "Editing agent... This may take a few minutes."
-            )
-            started_msg = (
-                "Agent edit started. You can close this tab - "
-                "check your library in a few minutes."
-            )
-        else:
-            pending_msg = f"Running {tool_name}... This may take a few minutes."
-            started_msg = (
-                f"{tool_name} started. You can close this tab - "
-                "check back in a few minutes."
-            )
-
-        # --- Register task in Redis for SSE reconnection ---
-        await stream_registry.create_task(
-            task_id=task_id,
-            session_id=session_id,
-            user_id=user_id,
-            tool_call_id=tool_call_id,
-            tool_name=tool_name,
-            operation_id=operation_id,
-        )
-
-        # --- Save OperationPendingResponse to chat history ---
-        pending_message = ChatMessage(
-            role="tool",
-            content=OperationPendingResponse(
-                message=pending_msg,
-                operation_id=operation_id,
-                tool_name=tool_name,
-            ).model_dump_json(),
-            tool_call_id=tool_call_id,
-        )
-        session.messages.append(pending_message)
-        await upsert_chat_session(session)
-
-        # --- Spawn background task (reuses non-SDK infrastructure) ---
-        bg_task = asyncio.create_task(
-            _execute_long_running_tool_with_streaming(
-                tool_name=tool_name,
-                parameters=args,
-                tool_call_id=tool_call_id,
-                operation_id=operation_id,
-                task_id=task_id,
-                session_id=session_id,
-                user_id=user_id,
-            )
-        )
-        _background_tasks.add(bg_task)
-        bg_task.add_done_callback(_background_tasks.discard)
-        await stream_registry.set_task_asyncio_task(task_id, bg_task)
-
-        logger.info(
-            f"[SDK] Long-running tool {tool_name} delegated to background "
-            f"(operation_id={operation_id}, task_id={task_id})"
-        )
-
-        # --- Return OperationStartedResponse as MCP tool result ---
-        # This flows through SDK → response adapter → frontend, triggering
-        # the loading widget with SSE reconnection support.
-        started_json = OperationStartedResponse(
-            message=started_msg,
-            operation_id=operation_id,
-            tool_name=tool_name,
-            task_id=task_id,
-        ).model_dump_json()
-
-        return {
-            "content": [{"type": "text", "text": started_json}],
-            "isError": False,
-        }
-
-    return _callback
-
-
-def _resolve_sdk_model() -> str | None:
-    """Resolve the model name for the Claude Agent SDK CLI.
-
-    Uses ``config.claude_agent_model`` if set, otherwise derives from
-    ``config.model`` by stripping the OpenRouter provider prefix (e.g.,
-    ``"anthropic/claude-opus-4.6"`` → ``"claude-opus-4.6"``).
-    """
-    if config.claude_agent_model:
-        return config.claude_agent_model
-    model = config.model
-    if "/" in model:
-        return model.split("/", 1)[1]
-    return model
-
-
-def _build_sdk_env() -> dict[str, str]:
-    """Build env vars for the SDK CLI process.
-
-    Routes API calls through OpenRouter (or a custom base_url) using
-    the same ``config.api_key`` / ``config.base_url`` as the non-SDK path.
-    This gives per-call token and cost tracking on the OpenRouter dashboard.
-
-    Only overrides ``ANTHROPIC_API_KEY`` when a valid proxy URL and auth
-    token are both present — otherwise returns an empty dict so the SDK
-    falls back to its default credentials.
-    """
-    env: dict[str, str] = {}
-    if config.api_key and config.base_url:
-        # Strip /v1 suffix — SDK expects the base URL without a version path
-        base = config.base_url.rstrip("/")
-        if base.endswith("/v1"):
-            base = base[:-3]
-        if not base or not base.startswith("http"):
-            # Invalid base_url — don't override SDK defaults
-            return env
-        env["ANTHROPIC_BASE_URL"] = base
-        env["ANTHROPIC_AUTH_TOKEN"] = config.api_key
-        # Must be explicitly empty so the CLI uses AUTH_TOKEN instead
-        env["ANTHROPIC_API_KEY"] = ""
-    return env
-
-
-def _make_sdk_cwd(session_id: str) -> str:
-    """Create a safe, session-specific working directory path.
-
-    Delegates to :func:`~backend.api.features.chat.tools.sandbox.make_session_path`
-    (single source of truth for path sanitization) and adds a defence-in-depth
-    assertion.
-    """
-    cwd = make_session_path(session_id)
-    # Defence-in-depth: normpath + startswith is a CodeQL-recognised sanitizer
-    cwd = os.path.normpath(cwd)
-    if not cwd.startswith(_SDK_CWD_PREFIX):
-        raise ValueError(f"SDK cwd escaped prefix: {cwd}")
-    return cwd
-
-
-def _cleanup_sdk_tool_results(cwd: str) -> None:
-    """Remove SDK tool-result files for a specific session working directory.
-
-    The SDK creates tool-result files under ~/.claude/projects/<encoded-cwd>/tool-results/.
-    We clean only the specific cwd's results to avoid race conditions between
-    concurrent sessions.
-
-    Security: cwd MUST be created by _make_sdk_cwd() which sanitizes session_id.
-    """
-    import shutil
-
-    # Validate cwd is under the expected prefix
-    normalized = os.path.normpath(cwd)
-    if not normalized.startswith(_SDK_CWD_PREFIX):
-        logger.warning(f"[SDK] Rejecting cleanup for path outside workspace: {cwd}")
-        return
-
-    # SDK encodes the cwd path by replacing '/' with '-'
-    encoded_cwd = normalized.replace("/", "-")
-
-    # Construct the project directory path (known-safe home expansion)
-    claude_projects = os.path.expanduser("~/.claude/projects")
-    project_dir = os.path.join(claude_projects, encoded_cwd)
-
-    # Security check 3: Validate project_dir is under ~/.claude/projects
-    project_dir = os.path.normpath(project_dir)
-    if not project_dir.startswith(claude_projects):
-        logger.warning(
-            f"[SDK] Rejecting cleanup for escaped project path: {project_dir}"
-        )
-        return
-
-    results_dir = os.path.join(project_dir, "tool-results")
-    if os.path.isdir(results_dir):
-        for filename in os.listdir(results_dir):
-            file_path = os.path.join(results_dir, filename)
-            try:
-                if os.path.isfile(file_path):
-                    os.remove(file_path)
-            except OSError:
-                pass
-
-    # Also clean up the temp cwd directory itself
-    try:
-        shutil.rmtree(normalized, ignore_errors=True)
-    except OSError:
-        pass
-
-
-async def _compress_conversation_history(
-    session: ChatSession,
-) -> list[ChatMessage]:
-    """Compress prior conversation messages if they exceed the token threshold.
-
-    Uses the shared compress_context() from prompt.py which supports:
-    - LLM summarization of old messages (keeps recent ones intact)
-    - Progressive content truncation as fallback
-    - Middle-out deletion as last resort
-
-    Returns the compressed prior messages (everything except the current message).
-    """
-    prior = session.messages[:-1]
-    if len(prior) < 2:
-        return prior
-
-    from backend.util.prompt import compress_context
-
-    # Convert ChatMessages to dicts for compress_context
-    messages_dict = []
-    for msg in prior:
-        msg_dict: dict[str, Any] = {"role": msg.role}
-        if msg.content:
-            msg_dict["content"] = msg.content
-        if msg.tool_calls:
-            msg_dict["tool_calls"] = msg.tool_calls
-        if msg.tool_call_id:
-            msg_dict["tool_call_id"] = msg.tool_call_id
-        messages_dict.append(msg_dict)
-
-    try:
-        import openai
-
-        async with openai.AsyncOpenAI(
-            api_key=config.api_key, base_url=config.base_url, timeout=30.0
-        ) as client:
-            result = await compress_context(
-                messages=messages_dict,
-                model=config.model,
-                client=client,
-            )
-    except Exception as e:
-        logger.warning(f"[SDK] Context compression with LLM failed: {e}")
-        # Fall back to truncation-only (no LLM summarization)
-        result = await compress_context(
-            messages=messages_dict,
-            model=config.model,
-            client=None,
-        )
-
-    if result.was_compacted:
-        logger.info(
-            f"[SDK] Context compacted: {result.original_token_count} -> "
-            f"{result.token_count} tokens "
-            f"({result.messages_summarized} summarized, "
-            f"{result.messages_dropped} dropped)"
-        )
-        # Convert compressed dicts back to ChatMessages
-        return [
-            ChatMessage(
-                role=m["role"],
-                content=m.get("content"),
-                tool_calls=m.get("tool_calls"),
-                tool_call_id=m.get("tool_call_id"),
-            )
-            for m in result.messages
-        ]
-
-    return prior
-
-
-def _format_conversation_context(messages: list[ChatMessage]) -> str | None:
-    """Format conversation messages into a context prefix for the user message.
-
-    Returns a string like:
-        <conversation_history>
-        User: hello
-        You responded: Hi! How can I help?
-        </conversation_history>
-
-    Returns None if there are no messages to format.
-    """
-    if not messages:
-        return None
-
-    lines: list[str] = []
-    for msg in messages:
-        if not msg.content:
-            continue
-        if msg.role == "user":
-            lines.append(f"User: {msg.content}")
-        elif msg.role == "assistant":
-            lines.append(f"You responded: {msg.content}")
-        # Skip tool messages — they're internal details
-
-    if not lines:
-        return None
-
-    return "<conversation_history>\n" + "\n".join(lines) + "\n</conversation_history>"
-
-
-async def stream_chat_completion_sdk(
-    session_id: str,
-    message: str | None = None,
-    tool_call_response: str | None = None,  # noqa: ARG001
-    is_user_message: bool = True,
-    user_id: str | None = None,
-    retry_count: int = 0,  # noqa: ARG001
-    session: ChatSession | None = None,
-    context: dict[str, str] | None = None,  # noqa: ARG001
-) -> AsyncGenerator[StreamBaseResponse, None]:
-    """Stream chat completion using Claude Agent SDK.
-
-    Drop-in replacement for stream_chat_completion with improved reliability.
-    """
-
-    if session is None:
-        session = await get_chat_session(session_id, user_id)
-
-    if not session:
-        raise NotFoundError(
-            f"Session {session_id} not found. Please create a new session first."
-        )
-
-    if message:
-        session.messages.append(
-            ChatMessage(
-                role="user" if is_user_message else "assistant", content=message
-            )
-        )
-        if is_user_message:
-            track_user_message(
-                user_id=user_id, session_id=session_id, message_length=len(message)
-            )
-
-    session = await upsert_chat_session(session)
-
-    # Generate title for new sessions (first user message)
-    if is_user_message and not session.title:
-        user_messages = [m for m in session.messages if m.role == "user"]
-        if len(user_messages) == 1:
-            first_message = user_messages[0].content or message or ""
-            if first_message:
-                task = asyncio.create_task(
-                    _update_title_async(session_id, first_message, user_id)
-                )
-                _background_tasks.add(task)
-                task.add_done_callback(_background_tasks.discard)
-
-    # Build system prompt (reuses non-SDK path with Langfuse support)
-    has_history = len(session.messages) > 1
-    system_prompt, _ = await _build_system_prompt(
-        user_id, has_conversation_history=has_history
-    )
-    system_prompt += _SDK_TOOL_SUPPLEMENT
-    message_id = str(uuid.uuid4())
-    task_id = str(uuid.uuid4())
-
-    yield StreamStart(messageId=message_id, taskId=task_id)
-
-    stream_completed = False
-    # Initialise sdk_cwd before the try so the finally can reference it
-    # even if _make_sdk_cwd raises (in that case it stays as "").
-    sdk_cwd = ""
-    use_resume = False
-
-    try:
-        # Use a session-specific temp dir to avoid cleanup race conditions
-        # between concurrent sessions.
-        sdk_cwd = _make_sdk_cwd(session_id)
-        os.makedirs(sdk_cwd, exist_ok=True)
-
-        set_execution_context(
-            user_id,
-            session,
-            long_running_callback=_build_long_running_callback(user_id),
-        )
-        try:
-            from claude_agent_sdk import ClaudeAgentOptions, ClaudeSDKClient
-
-            # Fail fast when no API credentials are available at all
-            sdk_env = _build_sdk_env()
-            if not sdk_env and not os.environ.get("ANTHROPIC_API_KEY"):
-                raise RuntimeError(
-                    "No API key configured. Set OPEN_ROUTER_API_KEY "
-                    "(or CHAT_API_KEY) for OpenRouter routing, "
-                    "or ANTHROPIC_API_KEY for direct Anthropic access."
-                )
-
-            mcp_server = create_copilot_mcp_server()
-
-            sdk_model = _resolve_sdk_model()
-
-            # --- Transcript capture via Stop hook ---
-            captured_transcript = CapturedTranscript()
-
-            def _on_stop(transcript_path: str, sdk_session_id: str) -> None:
-                captured_transcript.path = transcript_path
-                captured_transcript.sdk_session_id = sdk_session_id
-
-            security_hooks = create_security_hooks(
-                user_id,
-                sdk_cwd=sdk_cwd,
-                max_subtasks=config.claude_agent_max_subtasks,
-                on_stop=_on_stop if config.claude_agent_use_resume else None,
-            )
-
-            # --- Resume strategy: download transcript from bucket ---
-            resume_file: str | None = None
-            use_resume = False
-
-            if config.claude_agent_use_resume and user_id and len(session.messages) > 1:
-                transcript_content = await download_transcript(user_id, session_id)
-                if transcript_content and validate_transcript(transcript_content):
-                    resume_file = write_transcript_to_tempfile(
-                        transcript_content, session_id, sdk_cwd
-                    )
-                    if resume_file:
-                        use_resume = True
-                        logger.info(
-                            f"[SDK] Using --resume with transcript "
-                            f"({len(transcript_content)} bytes)"
-                        )
-
-            sdk_options_kwargs: dict[str, Any] = {
-                "system_prompt": system_prompt,
-                "mcp_servers": {"copilot": mcp_server},
-                "allowed_tools": COPILOT_TOOL_NAMES,
-                "disallowed_tools": SDK_DISALLOWED_TOOLS,
-                "hooks": security_hooks,
-                "cwd": sdk_cwd,
-                "max_buffer_size": config.claude_agent_max_buffer_size,
-            }
-            if sdk_env:
-                sdk_options_kwargs["model"] = sdk_model
-                sdk_options_kwargs["env"] = sdk_env
-            if use_resume and resume_file:
-                sdk_options_kwargs["resume"] = resume_file
-
-            options = ClaudeAgentOptions(**sdk_options_kwargs)  # type: ignore[arg-type]
-
-            adapter = SDKResponseAdapter(message_id=message_id)
-            adapter.set_task_id(task_id)
-
-            async with ClaudeSDKClient(options=options) as client:
-                current_message = message or ""
-                if not current_message and session.messages:
-                    last_user = [m for m in session.messages if m.role == "user"]
-                    if last_user:
-                        current_message = last_user[-1].content or ""
-
-                if not current_message.strip():
-                    yield StreamError(
-                        errorText="Message cannot be empty.",
-                        code="empty_prompt",
-                    )
-                    yield StreamFinish()
-                    return
-
-                # Build query: with --resume the CLI already has full
-                # context, so we only send the new message.  Without
-                # resume, compress history into a context prefix.
-                query_message = current_message
-                if not use_resume and len(session.messages) > 1:
-                    logger.warning(
-                        f"[SDK] Using compression fallback for session "
-                        f"{session_id} ({len(session.messages)} messages) — "
-                        f"no transcript available for --resume"
-                    )
-                    compressed = await _compress_conversation_history(session)
-                    history_context = _format_conversation_context(compressed)
-                    if history_context:
-                        query_message = (
-                            f"{history_context}\n\n"
-                            f"Now, the user says:\n{current_message}"
-                        )
-
-                logger.info(
-                    f"[SDK] Sending query ({len(session.messages)} msgs in session)"
-                )
-                logger.debug(f"[SDK] Query preview: {current_message[:80]!r}")
-                await client.query(query_message, session_id=session_id)
-
-                assistant_response = ChatMessage(role="assistant", content="")
-                accumulated_tool_calls: list[dict[str, Any]] = []
-                has_appended_assistant = False
-                has_tool_results = False
-
-                async for sdk_msg in client.receive_messages():
-                    logger.debug(
-                        f"[SDK] Received: {type(sdk_msg).__name__} "
-                        f"{getattr(sdk_msg, 'subtype', '')}"
-                    )
-                    for response in adapter.convert_message(sdk_msg):
-                        if isinstance(response, StreamStart):
-                            continue
-
-                        yield response
-
-                        if isinstance(response, StreamTextDelta):
-                            delta = response.delta or ""
-                            # After tool results, start a new assistant
-                            # message for the post-tool text.
-                            if has_tool_results and has_appended_assistant:
-                                assistant_response = ChatMessage(
-                                    role="assistant", content=delta
-                                )
-                                accumulated_tool_calls = []
-                                has_appended_assistant = False
-                                has_tool_results = False
-                                session.messages.append(assistant_response)
-                                has_appended_assistant = True
-                            else:
-                                assistant_response.content = (
-                                    assistant_response.content or ""
-                                ) + delta
-                                if not has_appended_assistant:
-                                    session.messages.append(assistant_response)
-                                    has_appended_assistant = True
-
-                        elif isinstance(response, StreamToolInputAvailable):
-                            accumulated_tool_calls.append(
-                                {
-                                    "id": response.toolCallId,
-                                    "type": "function",
-                                    "function": {
-                                        "name": response.toolName,
-                                        "arguments": json.dumps(response.input or {}),
-                                    },
-                                }
-                            )
-                            assistant_response.tool_calls = accumulated_tool_calls
-                            if not has_appended_assistant:
-                                session.messages.append(assistant_response)
-                                has_appended_assistant = True
-
-                        elif isinstance(response, StreamToolOutputAvailable):
-                            session.messages.append(
-                                ChatMessage(
-                                    role="tool",
-                                    content=(
-                                        response.output
-                                        if isinstance(response.output, str)
-                                        else str(response.output)
-                                    ),
-                                    tool_call_id=response.toolCallId,
-                                )
-                            )
-                            has_tool_results = True
-
-                        elif isinstance(response, StreamFinish):
-                            stream_completed = True
-
-                    if stream_completed:
-                        break
-
-                if (
-                    assistant_response.content or assistant_response.tool_calls
-                ) and not has_appended_assistant:
-                    session.messages.append(assistant_response)
-
-                # --- Capture transcript while CLI is still alive ---
-                # Must happen INSIDE async with: close() sends SIGTERM
-                # which kills the CLI before it can flush the JSONL.
-                if (
-                    config.claude_agent_use_resume
-                    and user_id
-                    and captured_transcript.available
-                ):
-                    # Give CLI time to flush JSONL writes before we read
-                    await asyncio.sleep(0.5)
-                    raw_transcript = read_transcript_file(captured_transcript.path)
-                    if raw_transcript:
-                        task = asyncio.create_task(
-                            _upload_transcript_bg(user_id, session_id, raw_transcript)
-                        )
-                        _background_tasks.add(task)
-                        task.add_done_callback(_background_tasks.discard)
-                    else:
-                        logger.debug("[SDK] Stop hook fired but transcript not usable")
-
-        except ImportError:
-            raise RuntimeError(
-                "claude-agent-sdk is not installed. "
-                "Disable SDK mode (CHAT_USE_CLAUDE_AGENT_SDK=false) "
-                "to use the OpenAI-compatible fallback."
-            )
-
-        await upsert_chat_session(session)
-        logger.debug(
-            f"[SDK] Session {session_id} saved with {len(session.messages)} messages"
-        )
-        if not stream_completed:
-            yield StreamFinish()
-
-    except Exception as e:
-        logger.error(f"[SDK] Error: {e}", exc_info=True)
-        try:
-            await upsert_chat_session(session)
-        except Exception as save_err:
-            logger.error(f"[SDK] Failed to save session on error: {save_err}")
-        yield StreamError(
-            errorText="An error occurred. Please try again.",
-            code="sdk_error",
-        )
-        yield StreamFinish()
-    finally:
-        if sdk_cwd:
-            _cleanup_sdk_tool_results(sdk_cwd)
-
-
-async def _upload_transcript_bg(
-    user_id: str, session_id: str, raw_content: str
-) -> None:
-    """Background task to strip progress entries and upload transcript."""
-    try:
-        await upload_transcript(user_id, session_id, raw_content)
-    except Exception as e:
-        logger.error(f"[SDK] Failed to upload transcript for {session_id}: {e}")
-
-
-async def _update_title_async(
-    session_id: str, message: str, user_id: str | None = None
-) -> None:
-    """Background task to update session title."""
-    try:
-        title = await _generate_session_title(
-            message, user_id=user_id, session_id=session_id
-        )
-        if title:
-            await update_session_title(session_id, title)
-            logger.debug(f"[SDK] Generated title for {session_id}: {title}")
-    except Exception as e:
-        logger.warning(f"[SDK] Failed to update session title: {e}")

autogpt_platform/backend/backend/api/features/chat/sdk/tool_adapter.py

@@ -1,363 +0,0 @@
-"""Tool adapter for wrapping existing CoPilot tools as Claude Agent SDK MCP tools.
-
-This module provides the adapter layer that converts existing BaseTool implementations
-into in-process MCP tools that can be used with the Claude Agent SDK.
-
-Long-running tools (``is_long_running=True``) are delegated to the non-SDK
-background infrastructure (stream_registry, Redis persistence, SSE reconnection)
-via a callback provided by the service layer.  This avoids wasteful SDK polling
-and makes results survive page refreshes.
-"""
-
-import itertools
-import json
-import logging
-import os
-import uuid
-from collections.abc import Awaitable, Callable
-from contextvars import ContextVar
-from typing import Any
-
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools import TOOL_REGISTRY
-from backend.api.features.chat.tools.base import BaseTool
-
-logger = logging.getLogger(__name__)
-
-# Allowed base directory for the Read tool (SDK saves oversized tool results here).
-# Restricted to ~/.claude/projects/ and further validated to require "tool-results"
-# in the path — prevents reading settings, credentials, or other sensitive files.
-_SDK_PROJECTS_DIR = os.path.expanduser("~/.claude/projects/")
-
-# MCP server naming - the SDK prefixes tool names as "mcp__{server_name}__{tool}"
-MCP_SERVER_NAME = "copilot"
-MCP_TOOL_PREFIX = f"mcp__{MCP_SERVER_NAME}__"
-
-# Context variables to pass user/session info to tool execution
-_current_user_id: ContextVar[str | None] = ContextVar("current_user_id", default=None)
-_current_session: ContextVar[ChatSession | None] = ContextVar(
-    "current_session", default=None
-)
-# Stash for MCP tool outputs before the SDK potentially truncates them.
-# Keyed by tool_name → full output string. Consumed (popped) by the
-# response adapter when it builds StreamToolOutputAvailable.
-_pending_tool_outputs: ContextVar[dict[str, str]] = ContextVar(
-    "pending_tool_outputs", default=None  # type: ignore[arg-type]
-)
-
-# Callback type for delegating long-running tools to the non-SDK infrastructure.
-# Args: (tool_name, arguments, session) → MCP-formatted response dict.
-LongRunningCallback = Callable[
-    [str, dict[str, Any], ChatSession], Awaitable[dict[str, Any]]
-]
-
-# ContextVar so the service layer can inject the callback per-request.
-_long_running_callback: ContextVar[LongRunningCallback | None] = ContextVar(
-    "long_running_callback", default=None
-)
-
-
-def set_execution_context(
-    user_id: str | None,
-    session: ChatSession,
-    long_running_callback: LongRunningCallback | None = None,
-) -> None:
-    """Set the execution context for tool calls.
-
-    This must be called before streaming begins to ensure tools have access
-    to user_id and session information.
-
-    Args:
-        user_id: Current user's ID.
-        session: Current chat session.
-        long_running_callback: Optional callback to delegate long-running tools
-            to the non-SDK background infrastructure (stream_registry + Redis).
-    """
-    _current_user_id.set(user_id)
-    _current_session.set(session)
-    _pending_tool_outputs.set({})
-    _long_running_callback.set(long_running_callback)
-
-
-def get_execution_context() -> tuple[str | None, ChatSession | None]:
-    """Get the current execution context."""
-    return (
-        _current_user_id.get(),
-        _current_session.get(),
-    )
-
-
-def pop_pending_tool_output(tool_name: str) -> str | None:
-    """Pop and return the stashed full output for *tool_name*.
-
-    The SDK CLI may truncate large tool results (writing them to disk and
-    replacing the content with a file reference). This stash keeps the
-    original MCP output so the response adapter can forward it to the
-    frontend for proper widget rendering.
-
-    Returns ``None`` if nothing was stashed for *tool_name*.
-    """
-    pending = _pending_tool_outputs.get(None)
-    if pending is None:
-        return None
-    return pending.pop(tool_name, None)
-
-
-async def _execute_tool_sync(
-    base_tool: BaseTool,
-    user_id: str | None,
-    session: ChatSession,
-    args: dict[str, Any],
-) -> dict[str, Any]:
-    """Execute a tool synchronously and return MCP-formatted response."""
-    effective_id = f"sdk-{uuid.uuid4().hex[:12]}"
-    result = await base_tool.execute(
-        user_id=user_id,
-        session=session,
-        tool_call_id=effective_id,
-        **args,
-    )
-
-    text = (
-        result.output if isinstance(result.output, str) else json.dumps(result.output)
-    )
-
-    # Stash the full output before the SDK potentially truncates it.
-    pending = _pending_tool_outputs.get(None)
-    if pending is not None:
-        pending[base_tool.name] = text
-
-    return {
-        "content": [{"type": "text", "text": text}],
-        "isError": not result.success,
-    }
-
-
-def _mcp_error(message: str) -> dict[str, Any]:
-    return {
-        "content": [
-            {"type": "text", "text": json.dumps({"error": message, "type": "error"})}
-        ],
-        "isError": True,
-    }
-
-
-def create_tool_handler(base_tool: BaseTool):
-    """Create an async handler function for a BaseTool.
-
-    This wraps the existing BaseTool._execute method to be compatible
-    with the Claude Agent SDK MCP tool format.
-
-    Long-running tools (``is_long_running=True``) are delegated to the
-    non-SDK background infrastructure via a callback set in the execution
-    context.  The callback persists the operation in Redis (stream_registry)
-    so results survive page refreshes and pod restarts.
-    """
-
-    async def tool_handler(args: dict[str, Any]) -> dict[str, Any]:
-        """Execute the wrapped tool and return MCP-formatted response."""
-        user_id, session = get_execution_context()
-
-        if session is None:
-            return _mcp_error("No session context available")
-
-        # --- Long-running: delegate to non-SDK background infrastructure ---
-        if base_tool.is_long_running:
-            callback = _long_running_callback.get(None)
-            if callback:
-                try:
-                    return await callback(base_tool.name, args, session)
-                except Exception as e:
-                    logger.error(
-                        f"Long-running callback failed for {base_tool.name}: {e}",
-                        exc_info=True,
-                    )
-                    return _mcp_error(f"Failed to start {base_tool.name}: {e}")
-            # No callback — fall through to synchronous execution
-            logger.warning(
-                f"[SDK] No long-running callback for {base_tool.name}, "
-                f"executing synchronously (may block)"
-            )
-
-        # --- Normal (fast) tool: execute synchronously ---
-        try:
-            return await _execute_tool_sync(base_tool, user_id, session, args)
-        except Exception as e:
-            logger.error(f"Error executing tool {base_tool.name}: {e}", exc_info=True)
-            return _mcp_error(f"Failed to execute {base_tool.name}: {e}")
-
-    return tool_handler
-
-
-def _build_input_schema(base_tool: BaseTool) -> dict[str, Any]:
-    """Build a JSON Schema input schema for a tool."""
-    return {
-        "type": "object",
-        "properties": base_tool.parameters.get("properties", {}),
-        "required": base_tool.parameters.get("required", []),
-    }
-
-
-async def _read_file_handler(args: dict[str, Any]) -> dict[str, Any]:
-    """Read a file with optional offset/limit. Restricted to SDK working directory.
-
-    After reading, the file is deleted to prevent accumulation in long-running pods.
-    """
-    file_path = args.get("file_path", "")
-    offset = args.get("offset", 0)
-    limit = args.get("limit", 2000)
-
-    # Security: only allow reads under ~/.claude/projects/**/tool-results/
-    real_path = os.path.realpath(file_path)
-    if not real_path.startswith(_SDK_PROJECTS_DIR) or "tool-results" not in real_path:
-        return {
-            "content": [{"type": "text", "text": f"Access denied: {file_path}"}],
-            "isError": True,
-        }
-
-    try:
-        with open(real_path) as f:
-            selected = list(itertools.islice(f, offset, offset + limit))
-        content = "".join(selected)
-        # Cleanup happens in _cleanup_sdk_tool_results after session ends;
-        # don't delete here — the SDK may read in multiple chunks.
-        return {"content": [{"type": "text", "text": content}], "isError": False}
-    except FileNotFoundError:
-        return {
-            "content": [{"type": "text", "text": f"File not found: {file_path}"}],
-            "isError": True,
-        }
-    except Exception as e:
-        return {
-            "content": [{"type": "text", "text": f"Error reading file: {e}"}],
-            "isError": True,
-        }
-
-
-_READ_TOOL_NAME = "Read"
-_READ_TOOL_DESCRIPTION = (
-    "Read a file from the local filesystem. "
-    "Use offset and limit to read specific line ranges for large files."
-)
-_READ_TOOL_SCHEMA = {
-    "type": "object",
-    "properties": {
-        "file_path": {
-            "type": "string",
-            "description": "The absolute path to the file to read",
-        },
-        "offset": {
-            "type": "integer",
-            "description": "Line number to start reading from (0-indexed). Default: 0",
-        },
-        "limit": {
-            "type": "integer",
-            "description": "Number of lines to read. Default: 2000",
-        },
-    },
-    "required": ["file_path"],
-}
-
-
-# Create the MCP server configuration
-def create_copilot_mcp_server():
-    """Create an in-process MCP server configuration for CoPilot tools.
-
-    This can be passed to ClaudeAgentOptions.mcp_servers.
-
-    Note: The actual SDK MCP server creation depends on the claude-agent-sdk
-    package being available. This function returns the configuration that
-    can be used with the SDK.
-    """
-    try:
-        from claude_agent_sdk import create_sdk_mcp_server, tool
-
-        # Create decorated tool functions
-        sdk_tools = []
-
-        for tool_name, base_tool in TOOL_REGISTRY.items():
-            handler = create_tool_handler(base_tool)
-            decorated = tool(
-                tool_name,
-                base_tool.description,
-                _build_input_schema(base_tool),
-            )(handler)
-            sdk_tools.append(decorated)
-
-        # Add the Read tool so the SDK can read back oversized tool results
-        read_tool = tool(
-            _READ_TOOL_NAME,
-            _READ_TOOL_DESCRIPTION,
-            _READ_TOOL_SCHEMA,
-        )(_read_file_handler)
-        sdk_tools.append(read_tool)
-
-        server = create_sdk_mcp_server(
-            name=MCP_SERVER_NAME,
-            version="1.0.0",
-            tools=sdk_tools,
-        )
-
-        return server
-
-    except ImportError:
-        # Let ImportError propagate so service.py handles the fallback
-        raise
-
-
-# SDK built-in tools allowed within the workspace directory.
-# Security hooks validate that file paths stay within sdk_cwd.
-# Bash is NOT included — use the sandboxed MCP bash_exec tool instead,
-# which provides kernel-level network isolation via unshare --net.
-# Task allows spawning sub-agents (rate-limited by security hooks).
-# WebSearch uses Brave Search via Anthropic's API — safe, no SSRF risk.
-_SDK_BUILTIN_TOOLS = ["Read", "Write", "Edit", "Glob", "Grep", "Task", "WebSearch"]
-
-# SDK built-in tools that must be explicitly blocked.
-# Bash: dangerous — agent uses mcp__copilot__bash_exec with kernel-level
-#   network isolation (unshare --net) instead.
-# WebFetch: SSRF risk — can reach internal network (localhost, 10.x, etc.).
-#   Agent uses the SSRF-protected mcp__copilot__web_fetch tool instead.
-SDK_DISALLOWED_TOOLS = ["Bash", "WebFetch"]
-
-# Tools that are blocked entirely in security hooks (defence-in-depth).
-# Includes SDK_DISALLOWED_TOOLS plus common aliases/synonyms.
-BLOCKED_TOOLS = {
-    *SDK_DISALLOWED_TOOLS,
-    "bash",
-    "shell",
-    "exec",
-    "terminal",
-    "command",
-}
-
-# Tools allowed only when their path argument stays within the SDK workspace.
-# The SDK uses these to handle oversized tool results (writes to tool-results/
-# files, then reads them back) and for workspace file operations.
-WORKSPACE_SCOPED_TOOLS = {"Read", "Write", "Edit", "Glob", "Grep"}
-
-# Dangerous patterns in tool inputs
-DANGEROUS_PATTERNS = [
-    r"sudo",
-    r"rm\s+-rf",
-    r"dd\s+if=",
-    r"/etc/passwd",
-    r"/etc/shadow",
-    r"chmod\s+777",
-    r"curl\s+.*\|.*sh",
-    r"wget\s+.*\|.*sh",
-    r"eval\s*\(",
-    r"exec\s*\(",
-    r"__import__",
-    r"os\.system",
-    r"subprocess",
-]
-
-# List of tool names for allowed_tools configuration
-# Include MCP tools, the MCP Read tool for oversized results,
-# and SDK built-in file tools for workspace operations.
-COPILOT_TOOL_NAMES = [
-    *[f"{MCP_TOOL_PREFIX}{name}" for name in TOOL_REGISTRY.keys()],
-    f"{MCP_TOOL_PREFIX}{_READ_TOOL_NAME}",
-    *_SDK_BUILTIN_TOOLS,
-]

autogpt_platform/backend/backend/api/features/chat/sdk/transcript.py

@@ -1,356 +0,0 @@
-"""JSONL transcript management for stateless multi-turn resume.
-
-The Claude Code CLI persists conversations as JSONL files (one JSON object per
-line).  When the SDK's ``Stop`` hook fires we read this file, strip bloat
-(progress entries, metadata), and upload the result to bucket storage.  On the
-next turn we download the transcript, write it to a temp file, and pass
-``--resume`` so the CLI can reconstruct the full conversation.
-
-Storage is handled via ``WorkspaceStorageBackend`` (GCS in prod, local
-filesystem for self-hosted) — no DB column needed.
-"""
-
-import json
-import logging
-import os
-import re
-
-logger = logging.getLogger(__name__)
-
-# UUIDs are hex + hyphens; strip everything else to prevent path injection.
-_SAFE_ID_RE = re.compile(r"[^0-9a-fA-F-]")
-
-# Entry types that can be safely removed from the transcript without breaking
-# the parentUuid conversation tree that ``--resume`` relies on.
-# - progress: UI progress ticks, no message content (avg 97KB for agent_progress)
-# - file-history-snapshot: undo tracking metadata
-# - queue-operation: internal queue bookkeeping
-# - summary: session summaries
-# - pr-link: PR link metadata
-STRIPPABLE_TYPES = frozenset(
-    {"progress", "file-history-snapshot", "queue-operation", "summary", "pr-link"}
-)
-
-# Workspace storage constants — deterministic path from session_id.
-TRANSCRIPT_STORAGE_PREFIX = "chat-transcripts"
-
-
-# ---------------------------------------------------------------------------
-# Progress stripping
-# ---------------------------------------------------------------------------
-
-
-def strip_progress_entries(content: str) -> str:
-    """Remove progress/metadata entries from a JSONL transcript.
-
-    Removes entries whose ``type`` is in ``STRIPPABLE_TYPES`` and reparents
-    any remaining child entries so the ``parentUuid`` chain stays intact.
-    Typically reduces transcript size by ~30%.
-    """
-    lines = content.strip().split("\n")
-
-    entries: list[dict] = []
-    for line in lines:
-        try:
-            entries.append(json.loads(line))
-        except json.JSONDecodeError:
-            # Keep unparseable lines as-is (safety)
-            entries.append({"_raw": line})
-
-    stripped_uuids: set[str] = set()
-    uuid_to_parent: dict[str, str] = {}
-    kept: list[dict] = []
-
-    for entry in entries:
-        if "_raw" in entry:
-            kept.append(entry)
-            continue
-        uid = entry.get("uuid", "")
-        parent = entry.get("parentUuid", "")
-        entry_type = entry.get("type", "")
-
-        if uid:
-            uuid_to_parent[uid] = parent
-
-        if entry_type in STRIPPABLE_TYPES:
-            if uid:
-                stripped_uuids.add(uid)
-        else:
-            kept.append(entry)
-
-    # Reparent: walk up chain through stripped entries to find surviving ancestor
-    for entry in kept:
-        if "_raw" in entry:
-            continue
-        parent = entry.get("parentUuid", "")
-        original_parent = parent
-        while parent in stripped_uuids:
-            parent = uuid_to_parent.get(parent, "")
-        if parent != original_parent:
-            entry["parentUuid"] = parent
-
-    result_lines: list[str] = []
-    for entry in kept:
-        if "_raw" in entry:
-            result_lines.append(entry["_raw"])
-        else:
-            result_lines.append(json.dumps(entry, separators=(",", ":")))
-
-    return "\n".join(result_lines) + "\n"
-
-
-# ---------------------------------------------------------------------------
-# Local file I/O (read from CLI's JSONL, write temp file for --resume)
-# ---------------------------------------------------------------------------
-
-
-def read_transcript_file(transcript_path: str) -> str | None:
-    """Read a JSONL transcript file from disk.
-
-    Returns the raw JSONL content, or ``None`` if the file is missing, empty,
-    or only contains metadata (≤2 lines with no conversation messages).
-    """
-    if not transcript_path or not os.path.isfile(transcript_path):
-        logger.debug(f"[Transcript] File not found: {transcript_path}")
-        return None
-
-    try:
-        with open(transcript_path) as f:
-            content = f.read()
-
-        if not content.strip():
-            logger.debug(f"[Transcript] Empty file: {transcript_path}")
-            return None
-
-        lines = content.strip().split("\n")
-        if len(lines) < 3:
-            # Raw files with ≤2 lines are metadata-only
-            # (queue-operation + file-history-snapshot, no conversation).
-            logger.debug(
-                f"[Transcript] Too few lines ({len(lines)}): {transcript_path}"
-            )
-            return None
-
-        # Quick structural validation — parse first and last lines.
-        json.loads(lines[0])
-        json.loads(lines[-1])
-
-        logger.info(
-            f"[Transcript] Read {len(lines)} lines, "
-            f"{len(content)} bytes from {transcript_path}"
-        )
-        return content
-
-    except (json.JSONDecodeError, OSError) as e:
-        logger.warning(f"[Transcript] Failed to read {transcript_path}: {e}")
-        return None
-
-
-def _sanitize_id(raw_id: str, max_len: int = 36) -> str:
-    """Sanitize an ID for safe use in file paths.
-
-    Session/user IDs are expected to be UUIDs (hex + hyphens).  Strip
-    everything else and truncate to *max_len* so the result cannot introduce
-    path separators or other special characters.
-    """
-    cleaned = _SAFE_ID_RE.sub("", raw_id or "")[:max_len]
-    return cleaned or "unknown"
-
-
-_SAFE_CWD_PREFIX = os.path.realpath("/tmp/copilot-")
-
-
-def write_transcript_to_tempfile(
-    transcript_content: str,
-    session_id: str,
-    cwd: str,
-) -> str | None:
-    """Write JSONL transcript to a temp file inside *cwd* for ``--resume``.
-
-    The file lives in the session working directory so it is cleaned up
-    automatically when the session ends.
-
-    Returns the absolute path to the file, or ``None`` on failure.
-    """
-    # Validate cwd is under the expected sandbox prefix (CodeQL sanitizer).
-    real_cwd = os.path.realpath(cwd)
-    if not real_cwd.startswith(_SAFE_CWD_PREFIX):
-        logger.warning(f"[Transcript] cwd outside sandbox: {cwd}")
-        return None
-
-    try:
-        os.makedirs(real_cwd, exist_ok=True)
-        safe_id = _sanitize_id(session_id, max_len=8)
-        jsonl_path = os.path.realpath(
-            os.path.join(real_cwd, f"transcript-{safe_id}.jsonl")
-        )
-        if not jsonl_path.startswith(real_cwd):
-            logger.warning(f"[Transcript] Path escaped cwd: {jsonl_path}")
-            return None
-
-        with open(jsonl_path, "w") as f:
-            f.write(transcript_content)
-
-        logger.info(f"[Transcript] Wrote resume file: {jsonl_path}")
-        return jsonl_path
-
-    except OSError as e:
-        logger.warning(f"[Transcript] Failed to write resume file: {e}")
-        return None
-
-
-def validate_transcript(content: str | None) -> bool:
-    """Check that a transcript has actual conversation messages.
-
-    A valid transcript for resume needs at least one user message and one
-    assistant message (not just queue-operation / file-history-snapshot
-    metadata).
-    """
-    if not content or not content.strip():
-        return False
-
-    lines = content.strip().split("\n")
-    if len(lines) < 2:
-        return False
-
-    has_user = False
-    has_assistant = False
-
-    for line in lines:
-        try:
-            entry = json.loads(line)
-            msg_type = entry.get("type")
-            if msg_type == "user":
-                has_user = True
-            elif msg_type == "assistant":
-                has_assistant = True
-        except json.JSONDecodeError:
-            return False
-
-    return has_user and has_assistant
-
-
-# ---------------------------------------------------------------------------
-# Bucket storage (GCS / local via WorkspaceStorageBackend)
-# ---------------------------------------------------------------------------
-
-
-def _storage_path_parts(user_id: str, session_id: str) -> tuple[str, str, str]:
-    """Return (workspace_id, file_id, filename) for a session's transcript.
-
-    Path structure: ``chat-transcripts/{user_id}/{session_id}.jsonl``
-    IDs are sanitized to hex+hyphen to prevent path traversal.
-    """
-    return (
-        TRANSCRIPT_STORAGE_PREFIX,
-        _sanitize_id(user_id),
-        f"{_sanitize_id(session_id)}.jsonl",
-    )
-
-
-def _build_storage_path(user_id: str, session_id: str, backend: object) -> str:
-    """Build the full storage path string that ``retrieve()`` expects.
-
-    ``store()`` returns a path like ``gcs://bucket/workspaces/...`` or
-    ``local://workspace_id/file_id/filename``.  Since we use deterministic
-    arguments we can reconstruct the same path for download/delete without
-    having stored the return value.
-    """
-    from backend.util.workspace_storage import GCSWorkspaceStorage
-
-    wid, fid, fname = _storage_path_parts(user_id, session_id)
-
-    if isinstance(backend, GCSWorkspaceStorage):
-        blob = f"workspaces/{wid}/{fid}/{fname}"
-        return f"gcs://{backend.bucket_name}/{blob}"
-    else:
-        # LocalWorkspaceStorage returns local://{relative_path}
-        return f"local://{wid}/{fid}/{fname}"
-
-
-async def upload_transcript(user_id: str, session_id: str, content: str) -> None:
-    """Strip progress entries and upload transcript to bucket storage.
-
-    Safety: only overwrites when the new (stripped) transcript is larger than
-    what is already stored.  Since JSONL is append-only, the latest transcript
-    is always the longest.  This prevents a slow/stale background task from
-    clobbering a newer upload from a concurrent turn.
-    """
-    from backend.util.workspace_storage import get_workspace_storage
-
-    stripped = strip_progress_entries(content)
-    if not validate_transcript(stripped):
-        logger.warning(
-            f"[Transcript] Skipping upload — stripped content is not a valid "
-            f"transcript for session {session_id}"
-        )
-        return
-
-    storage = await get_workspace_storage()
-    wid, fid, fname = _storage_path_parts(user_id, session_id)
-    encoded = stripped.encode("utf-8")
-    new_size = len(encoded)
-
-    # Check existing transcript size to avoid overwriting newer with older
-    path = _build_storage_path(user_id, session_id, storage)
-    try:
-        existing = await storage.retrieve(path)
-        if len(existing) >= new_size:
-            logger.info(
-                f"[Transcript] Skipping upload — existing transcript "
-                f"({len(existing)}B) >= new ({new_size}B) for session "
-                f"{session_id}"
-            )
-            return
-    except (FileNotFoundError, Exception):
-        pass  # No existing transcript or retrieval error — proceed with upload
-
-    await storage.store(
-        workspace_id=wid,
-        file_id=fid,
-        filename=fname,
-        content=encoded,
-    )
-    logger.info(
-        f"[Transcript] Uploaded {new_size} bytes "
-        f"(stripped from {len(content)}) for session {session_id}"
-    )
-
-
-async def download_transcript(user_id: str, session_id: str) -> str | None:
-    """Download transcript from bucket storage.
-
-    Returns the JSONL content string, or ``None`` if not found.
-    """
-    from backend.util.workspace_storage import get_workspace_storage
-
-    storage = await get_workspace_storage()
-    path = _build_storage_path(user_id, session_id, storage)
-
-    try:
-        data = await storage.retrieve(path)
-        content = data.decode("utf-8")
-        logger.info(
-            f"[Transcript] Downloaded {len(content)} bytes for session {session_id}"
-        )
-        return content
-    except FileNotFoundError:
-        logger.debug(f"[Transcript] No transcript in storage for {session_id}")
-        return None
-    except Exception as e:
-        logger.warning(f"[Transcript] Failed to download transcript: {e}")
-        return None
-
-
-async def delete_transcript(user_id: str, session_id: str) -> None:
-    """Delete transcript from bucket storage (e.g. after resume failure)."""
-    from backend.util.workspace_storage import get_workspace_storage
-
-    storage = await get_workspace_storage()
-    path = _build_storage_path(user_id, session_id, storage)
-
-    try:
-        await storage.delete(path)
-        logger.info(f"[Transcript] Deleted transcript for session {session_id}")
-    except Exception as e:
-        logger.warning(f"[Transcript] Failed to delete transcript: {e}")

autogpt_platform/backend/backend/api/features/chat/service.py

@@ -245,16 +245,12 @@ async def _get_system_prompt_template(context: str) -> str:
     return DEFAULT_SYSTEM_PROMPT.format(users_information=context)
 
 
-async def _build_system_prompt(
-    user_id: str | None, has_conversation_history: bool = False
-) -> tuple[str, Any]:
+async def _build_system_prompt(user_id: str | None) -> tuple[str, Any]:
     """Build the full system prompt including business understanding if available.
 
     Args:
-        user_id: The user ID for fetching business understanding.
-        has_conversation_history: Whether there's existing conversation history.
-            If True, we don't tell the model to greet/introduce (since they're
-            already in a conversation).
+        user_id: The user ID for fetching business understanding
+                     If "default" and this is the user's first session, will use "onboarding" instead.
 
     Returns:
         Tuple of (compiled prompt string, business understanding object)
@@ -270,8 +266,6 @@ async def _build_system_prompt(
 
     if understanding:
         context = format_understanding_for_prompt(understanding)
-    elif has_conversation_history:
-        context = "No prior understanding saved yet. Continue the existing conversation naturally."
     else:
         context = "This is the first time you are meeting the user. Greet them and introduce them to the platform"
 
@@ -380,6 +374,7 @@ async def stream_chat_completion(
 
     Raises:
         NotFoundError: If session_id is invalid
+        ValueError: If max_context_messages is exceeded
 
     """
     completion_start = time.monotonic()
@@ -464,9 +459,8 @@ async def stream_chat_completion(
 
     # Generate title for new sessions on first user message (non-blocking)
     # Check: is_user_message, no title yet, and this is the first user message
-    user_messages = [m for m in session.messages if m.role == "user"]
-    first_user_msg = message or (user_messages[0].content if user_messages else None)
-    if is_user_message and first_user_msg and not session.title:
+    if is_user_message and message and not session.title:
+        user_messages = [m for m in session.messages if m.role == "user"]
         if len(user_messages) == 1:
             # First user message - generate title in background
             import asyncio
@@ -474,7 +468,7 @@ async def stream_chat_completion(
             # Capture only the values we need (not the session object) to avoid
             # stale data issues when the main flow modifies the session
             captured_session_id = session_id
-            captured_message = first_user_msg
+            captured_message = message
             captured_user_id = user_id
 
             async def _update_title():
@@ -806,13 +800,9 @@ async def stream_chat_completion(
         # Build the messages list in the correct order
         messages_to_save: list[ChatMessage] = []
 
-        # Add assistant message with tool_calls if any.
-        # Use extend (not assign) to preserve tool_calls already added by
-        # _yield_tool_call for long-running tools.
+        # Add assistant message with tool_calls if any
         if accumulated_tool_calls:
-            if not assistant_response.tool_calls:
-                assistant_response.tool_calls = []
-            assistant_response.tool_calls.extend(accumulated_tool_calls)
+            assistant_response.tool_calls = accumulated_tool_calls
             logger.info(
                 f"Added {len(accumulated_tool_calls)} tool calls to assistant message"
             )
@@ -1251,7 +1241,6 @@ async def _stream_chat_chunks(
                 return
             except Exception as e:
                 last_error = e
-
                 if _is_retryable_error(e) and retry_count < MAX_RETRIES:
                     retry_count += 1
                     # Calculate delay with exponential backoff
@@ -1267,27 +1256,12 @@ async def _stream_chat_chunks(
                     continue  # Retry the stream
                 else:
                     # Non-retryable error or max retries exceeded
-                    _log_api_error(
-                        error=e,
-                        context="stream (not retrying)",
-                        session_id=session.session_id if session else None,
-                        message_count=len(messages) if messages else None,
-                        model=model,
-                        retry_count=retry_count,
+                    logger.error(
+                        f"Error in stream (not retrying): {e!s}",
+                        exc_info=True,
                     )
                     error_code = None
                     error_text = str(e)
-
-                    error_details = _extract_api_error_details(e)
-                    if error_details.get("response_body"):
-                        body = error_details["response_body"]
-                        if isinstance(body, dict):
-                            err = body.get("error")
-                            if isinstance(err, dict) and err.get("message"):
-                                error_text = err["message"]
-                            elif body.get("message"):
-                                error_text = body["message"]
-
                     if _is_region_blocked_error(e):
                         error_code = "MODEL_NOT_AVAILABLE_REGION"
                         error_text = (
@@ -1304,13 +1278,9 @@ async def _stream_chat_chunks(
 
         # If we exit the retry loop without returning, it means we exhausted retries
         if last_error:
-            _log_api_error(
-                error=last_error,
-                context=f"stream (max retries {MAX_RETRIES} exceeded)",
-                session_id=session.session_id if session else None,
-                message_count=len(messages) if messages else None,
-                model=model,
-                retry_count=MAX_RETRIES,
+            logger.error(
+                f"Max retries ({MAX_RETRIES}) exceeded. Last error: {last_error!s}",
+                exc_info=True,
             )
             yield StreamError(errorText=f"Max retries exceeded: {last_error!s}")
             yield StreamFinish()
@@ -1434,9 +1404,13 @@ async def _yield_tool_call(
                 operation_id=operation_id,
             )
 
-            # Attach the tool_call to the current turn's assistant message
-            # (or create one if this is a tool-only response with no text).
-            session.add_tool_call_to_current_turn(tool_calls[yield_idx])
+            # Save assistant message with tool_call FIRST (required by LLM)
+            assistant_message = ChatMessage(
+                role="assistant",
+                content="",
+                tool_calls=[tool_calls[yield_idx]],
+            )
+            session.messages.append(assistant_message)
 
             # Then save pending tool result
             pending_message = ChatMessage(
@@ -1883,7 +1857,6 @@ async def _generate_llm_continuation(
                 break  # Success, exit retry loop
             except Exception as e:
                 last_error = e
-
                 if _is_retryable_error(e) and retry_count < MAX_RETRIES:
                     retry_count += 1
                     delay = min(
@@ -1897,25 +1870,17 @@ async def _generate_llm_continuation(
                     await asyncio.sleep(delay)
                     continue
                 else:
-                    # Non-retryable error - log details and exit gracefully
-                    _log_api_error(
-                        error=e,
-                        context="LLM continuation (not retrying)",
-                        session_id=session_id,
-                        message_count=len(messages) if messages else None,
-                        model=config.model,
-                        retry_count=retry_count,
+                    # Non-retryable error - log and exit gracefully
+                    logger.error(
+                        f"Non-retryable error in LLM continuation: {e!s}",
+                        exc_info=True,
                     )
                     return
 
         if last_error:
-            _log_api_error(
-                error=last_error,
-                context=f"LLM continuation (max retries {MAX_RETRIES} exceeded)",
-                session_id=session_id,
-                message_count=len(messages) if messages else None,
-                model=config.model,
-                retry_count=MAX_RETRIES,
+            logger.error(
+                f"Max retries ({MAX_RETRIES}) exceeded for LLM continuation. "
+                f"Last error: {last_error!s}"
             )
             return
 
@@ -1955,91 +1920,6 @@ async def _generate_llm_continuation(
         logger.error(f"Failed to generate LLM continuation: {e}", exc_info=True)
 
 
-def _log_api_error(
-    error: Exception,
-    context: str,
-    session_id: str | None = None,
-    message_count: int | None = None,
-    model: str | None = None,
-    retry_count: int = 0,
-) -> None:
-    """Log detailed API error information for debugging."""
-    details = _extract_api_error_details(error)
-    details["context"] = context
-    details["session_id"] = session_id
-    details["message_count"] = message_count
-    details["model"] = model
-    details["retry_count"] = retry_count
-
-    if isinstance(error, RateLimitError):
-        logger.warning(f"Rate limit error in {context}: {details}", exc_info=error)
-    elif isinstance(error, APIConnectionError):
-        logger.warning(f"API connection error in {context}: {details}", exc_info=error)
-    elif isinstance(error, APIStatusError) and error.status_code >= 500:
-        logger.error(f"API server error (5xx) in {context}: {details}", exc_info=error)
-    else:
-        logger.error(f"API error in {context}: {details}", exc_info=error)
-
-
-def _extract_api_error_details(error: Exception) -> dict[str, Any]:
-    """Extract detailed information from OpenAI/OpenRouter API errors."""
-    error_msg = str(error)
-    details: dict[str, Any] = {
-        "error_type": type(error).__name__,
-        "error_message": error_msg[:500] + "..." if len(error_msg) > 500 else error_msg,
-    }
-
-    if hasattr(error, "code"):
-        details["code"] = getattr(error, "code", None)
-    if hasattr(error, "param"):
-        details["param"] = getattr(error, "param", None)
-
-    if isinstance(error, APIStatusError):
-        details["status_code"] = error.status_code
-        details["request_id"] = getattr(error, "request_id", None)
-
-        if hasattr(error, "body") and error.body:
-            details["response_body"] = _sanitize_error_body(error.body)
-
-        if hasattr(error, "response") and error.response:
-            headers = error.response.headers
-            details["openrouter_provider"] = headers.get("x-openrouter-provider")
-            details["openrouter_model"] = headers.get("x-openrouter-model")
-            details["retry_after"] = headers.get("retry-after")
-            details["rate_limit_remaining"] = headers.get("x-ratelimit-remaining")
-
-    return details
-
-
-def _sanitize_error_body(
-    body: Any, max_length: int = 2000
-) -> dict[str, Any] | str | None:
-    """Extract only safe fields from error response body to avoid logging sensitive data."""
-    if not isinstance(body, dict):
-        # Non-dict bodies (e.g., HTML error pages) - return truncated string
-        if body is not None:
-            body_str = str(body)
-            if len(body_str) > max_length:
-                return body_str[:max_length] + "...[truncated]"
-            return body_str
-        return None
-
-    safe_fields = ("message", "type", "code", "param", "error")
-    sanitized: dict[str, Any] = {}
-
-    for field in safe_fields:
-        if field in body:
-            value = body[field]
-            if field == "error" and isinstance(value, dict):
-                sanitized[field] = _sanitize_error_body(value, max_length)
-            elif isinstance(value, str) and len(value) > max_length:
-                sanitized[field] = value[:max_length] + "...[truncated]"
-            else:
-                sanitized[field] = value
-
-    return sanitized if sanitized else None
-
-
 async def _generate_llm_continuation_with_streaming(
     session_id: str,
     user_id: str | None,

autogpt_platform/backend/backend/api/features/chat/service_test.py

@@ -1,4 +1,3 @@
-import asyncio
 import logging
 from os import getenv
 
@@ -12,8 +11,6 @@ from .response_model import (
     StreamTextDelta,
     StreamToolOutputAvailable,
 )
-from .sdk import service as sdk_service
-from .sdk.transcript import download_transcript
 
 logger = logging.getLogger(__name__)
 
@@ -83,96 +80,3 @@ async def test_stream_chat_completion_with_tool_calls(setup_test_user, test_user
     session = await get_chat_session(session.session_id)
     assert session, "Session not found"
     assert session.usage, "Usage is empty"
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_sdk_resume_multi_turn(setup_test_user, test_user_id):
-    """Test that the SDK --resume path captures and uses transcripts across turns.
-
-    Turn 1: Send a message containing a unique keyword.
-    Turn 2: Ask the model to recall that keyword — proving the transcript was
-    persisted and restored via --resume.
-    """
-    api_key: str | None = getenv("OPEN_ROUTER_API_KEY")
-    if not api_key:
-        return pytest.skip("OPEN_ROUTER_API_KEY is not set, skipping test")
-
-    from .config import ChatConfig
-
-    cfg = ChatConfig()
-    if not cfg.claude_agent_use_resume:
-        return pytest.skip("CLAUDE_AGENT_USE_RESUME is not enabled, skipping test")
-
-    session = await create_chat_session(test_user_id)
-    session = await upsert_chat_session(session)
-
-    # --- Turn 1: send a message with a unique keyword ---
-    keyword = "ZEPHYR42"
-    turn1_msg = (
-        f"Please remember this special keyword: {keyword}. "
-        "Just confirm you've noted it, keep your response brief."
-    )
-    turn1_text = ""
-    turn1_errors: list[str] = []
-    turn1_ended = False
-
-    async for chunk in sdk_service.stream_chat_completion_sdk(
-        session.session_id,
-        turn1_msg,
-        user_id=test_user_id,
-    ):
-        if isinstance(chunk, StreamTextDelta):
-            turn1_text += chunk.delta
-        elif isinstance(chunk, StreamError):
-            turn1_errors.append(chunk.errorText)
-        elif isinstance(chunk, StreamFinish):
-            turn1_ended = True
-
-    assert turn1_ended, "Turn 1 did not finish"
-    assert not turn1_errors, f"Turn 1 errors: {turn1_errors}"
-    assert turn1_text, "Turn 1 produced no text"
-
-    # Wait for background upload task to complete (retry up to 5s)
-    transcript = None
-    for _ in range(10):
-        await asyncio.sleep(0.5)
-        transcript = await download_transcript(test_user_id, session.session_id)
-        if transcript:
-            break
-    assert transcript, (
-        "Transcript was not uploaded to bucket after turn 1 — "
-        "Stop hook may not have fired or transcript was too small"
-    )
-    logger.info(f"Turn 1 transcript uploaded: {len(transcript)} bytes")
-
-    # Reload session for turn 2
-    session = await get_chat_session(session.session_id, test_user_id)
-    assert session, "Session not found after turn 1"
-
-    # --- Turn 2: ask model to recall the keyword ---
-    turn2_msg = "What was the special keyword I asked you to remember?"
-    turn2_text = ""
-    turn2_errors: list[str] = []
-    turn2_ended = False
-
-    async for chunk in sdk_service.stream_chat_completion_sdk(
-        session.session_id,
-        turn2_msg,
-        user_id=test_user_id,
-        session=session,
-    ):
-        if isinstance(chunk, StreamTextDelta):
-            turn2_text += chunk.delta
-        elif isinstance(chunk, StreamError):
-            turn2_errors.append(chunk.errorText)
-        elif isinstance(chunk, StreamFinish):
-            turn2_ended = True
-
-    assert turn2_ended, "Turn 2 did not finish"
-    assert not turn2_errors, f"Turn 2 errors: {turn2_errors}"
-    assert turn2_text, "Turn 2 produced no text"
-    assert keyword in turn2_text, (
-        f"Model did not recall keyword '{keyword}' in turn 2. "
-        f"Response: {turn2_text[:200]}"
-    )
-    logger.info(f"Turn 2 recalled keyword successfully: {turn2_text[:100]}")

autogpt_platform/backend/backend/api/features/chat/stream_registry.py

@@ -569,7 +569,7 @@ async def _stream_listener(
                             if isinstance(chunk, StreamFinish):
                                 total_time = (time.perf_counter() - start_time) * 1000
                                 logger.info(
-                                    f"[TIMING] StreamFinish received in {total_time/1000:.1f}s; delivered={messages_delivered}",
+                                    f"[TIMING] StreamFinish received in {total_time / 1000:.1f}s; delivered={messages_delivered}",
                                     extra={
                                         "json_fields": {
                                             **log_meta,
@@ -620,7 +620,7 @@ async def _stream_listener(
         # Clean up listener task mapping on exit
         total_time = (time.perf_counter() - start_time) * 1000
         logger.info(
-            f"[TIMING] _stream_listener FINISHED in {total_time/1000:.1f}s; task={task_id}, "
+            f"[TIMING] _stream_listener FINISHED in {total_time / 1000:.1f}s; task={task_id}, "
             f"delivered={messages_delivered}, xread_count={xread_count}",
             extra={
                 "json_fields": {
@@ -814,28 +814,6 @@ async def get_active_task_for_session(
                 if task_user_id and user_id != task_user_id:
                     continue
 
-                # Auto-expire stale tasks that exceeded stream_timeout
-                created_at_str = meta.get("created_at", "")
-                if created_at_str:
-                    try:
-                        created_at = datetime.fromisoformat(created_at_str)
-                        age_seconds = (
-                            datetime.now(timezone.utc) - created_at
-                        ).total_seconds()
-                        if age_seconds > config.stream_timeout:
-                            logger.warning(
-                                f"[TASK_LOOKUP] Auto-expiring stale task {task_id[:8]}... "
-                                f"(age={age_seconds:.0f}s > timeout={config.stream_timeout}s)"
-                            )
-                            await mark_task_completed(task_id, "failed")
-                            continue
-                    except (ValueError, TypeError):
-                        pass
-
-                logger.info(
-                    f"[TASK_LOOKUP] Found running task {task_id[:8]}... for session {session_id[:8]}..."
-                )
-
                 # Get the last message ID from Redis Stream
                 stream_key = _get_task_stream_key(task_id)
                 last_id = "0-0"

autogpt_platform/backend/backend/api/features/chat/tools/__init__.py

@@ -9,12 +9,9 @@ from backend.api.features.chat.tracking import track_tool_called
 from .add_understanding import AddUnderstandingTool
 from .agent_output import AgentOutputTool
 from .base import BaseTool
-from .bash_exec import BashExecTool
-from .check_operation_status import CheckOperationStatusTool
 from .create_agent import CreateAgentTool
 from .customize_agent import CustomizeAgentTool
 from .edit_agent import EditAgentTool
-from .feature_requests import CreateFeatureRequestTool, SearchFeatureRequestsTool
 from .find_agent import FindAgentTool
 from .find_block import FindBlockTool
 from .find_library_agent import FindLibraryAgentTool
@@ -22,7 +19,6 @@ from .get_doc_page import GetDocPageTool
 from .run_agent import RunAgentTool
 from .run_block import RunBlockTool
 from .search_docs import SearchDocsTool
-from .web_fetch import WebFetchTool
 from .workspace_files import (
     DeleteWorkspaceFileTool,
     ListWorkspaceFilesTool,
@@ -47,17 +43,8 @@ TOOL_REGISTRY: dict[str, BaseTool] = {
     "run_agent": RunAgentTool(),
     "run_block": RunBlockTool(),
     "view_agent_output": AgentOutputTool(),
-    "check_operation_status": CheckOperationStatusTool(),
     "search_docs": SearchDocsTool(),
     "get_doc_page": GetDocPageTool(),
-    # Web fetch for safe URL retrieval
-    "web_fetch": WebFetchTool(),
-    # Sandboxed code execution (bubblewrap)
-    "bash_exec": BashExecTool(),
-    # Persistent workspace tools (cloud storage, survives across sessions)
-    # Feature request tools
-    "search_feature_requests": SearchFeatureRequestsTool(),
-    "create_feature_request": CreateFeatureRequestTool(),
     # Workspace tools for CoPilot file operations
     "list_workspace_files": ListWorkspaceFilesTool(),
     "read_workspace_file": ReadWorkspaceFileTool(),

autogpt_platform/backend/backend/api/features/chat/tools/agent_generator/dummy.py

@@ -1,154 +0,0 @@
-"""Dummy Agent Generator for testing.
-
-Returns mock responses matching the format expected from the external service.
-Enable via AGENTGENERATOR_USE_DUMMY=true in settings.
-
-WARNING: This is for testing only. Do not use in production.
-"""
-
-import asyncio
-import logging
-import uuid
-from typing import Any
-
-logger = logging.getLogger(__name__)
-
-# Dummy decomposition result (instructions type)
-DUMMY_DECOMPOSITION_RESULT: dict[str, Any] = {
-    "type": "instructions",
-    "steps": [
-        {
-            "description": "Get input from user",
-            "action": "input",
-            "block_name": "AgentInputBlock",
-        },
-        {
-            "description": "Process the input",
-            "action": "process",
-            "block_name": "TextFormatterBlock",
-        },
-        {
-            "description": "Return output to user",
-            "action": "output",
-            "block_name": "AgentOutputBlock",
-        },
-    ],
-}
-
-# Block IDs from backend/blocks/io.py
-AGENT_INPUT_BLOCK_ID = "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b"
-AGENT_OUTPUT_BLOCK_ID = "363ae599-353e-4804-937e-b2ee3cef3da4"
-
-
-def _generate_dummy_agent_json() -> dict[str, Any]:
-    """Generate a minimal valid agent JSON for testing."""
-    input_node_id = str(uuid.uuid4())
-    output_node_id = str(uuid.uuid4())
-
-    return {
-        "id": str(uuid.uuid4()),
-        "version": 1,
-        "is_active": True,
-        "name": "Dummy Test Agent",
-        "description": "A dummy agent generated for testing purposes",
-        "nodes": [
-            {
-                "id": input_node_id,
-                "block_id": AGENT_INPUT_BLOCK_ID,
-                "input_default": {
-                    "name": "input",
-                    "title": "Input",
-                    "description": "Enter your input",
-                    "placeholder_values": [],
-                },
-                "metadata": {"position": {"x": 0, "y": 0}},
-            },
-            {
-                "id": output_node_id,
-                "block_id": AGENT_OUTPUT_BLOCK_ID,
-                "input_default": {
-                    "name": "output",
-                    "title": "Output",
-                    "description": "Agent output",
-                    "format": "{output}",
-                },
-                "metadata": {"position": {"x": 400, "y": 0}},
-            },
-        ],
-        "links": [
-            {
-                "id": str(uuid.uuid4()),
-                "source_id": input_node_id,
-                "sink_id": output_node_id,
-                "source_name": "result",
-                "sink_name": "value",
-                "is_static": False,
-            },
-        ],
-    }
-
-
-async def decompose_goal_dummy(
-    description: str,
-    context: str = "",
-    library_agents: list[dict[str, Any]] | None = None,
-) -> dict[str, Any]:
-    """Return dummy decomposition result."""
-    logger.info("Using dummy agent generator for decompose_goal")
-    return DUMMY_DECOMPOSITION_RESULT.copy()
-
-
-async def generate_agent_dummy(
-    instructions: dict[str, Any],
-    library_agents: list[dict[str, Any]] | None = None,
-    operation_id: str | None = None,
-    task_id: str | None = None,
-) -> dict[str, Any]:
-    """Return dummy agent JSON after a simulated delay."""
-    logger.info("Using dummy agent generator for generate_agent (30s delay)")
-    await asyncio.sleep(30)
-    return _generate_dummy_agent_json()
-
-
-async def generate_agent_patch_dummy(
-    update_request: str,
-    current_agent: dict[str, Any],
-    library_agents: list[dict[str, Any]] | None = None,
-    operation_id: str | None = None,
-    task_id: str | None = None,
-) -> dict[str, Any]:
-    """Return dummy patched agent (returns the current agent with updated description)."""
-    logger.info("Using dummy agent generator for generate_agent_patch")
-    patched = current_agent.copy()
-    patched["description"] = (
-        f"{current_agent.get('description', '')} (updated: {update_request})"
-    )
-    return patched
-
-
-async def customize_template_dummy(
-    template_agent: dict[str, Any],
-    modification_request: str,
-    context: str = "",
-) -> dict[str, Any]:
-    """Return dummy customized template (returns template with updated description)."""
-    logger.info("Using dummy agent generator for customize_template")
-    customized = template_agent.copy()
-    customized["description"] = (
-        f"{template_agent.get('description', '')} (customized: {modification_request})"
-    )
-    return customized
-
-
-async def get_blocks_dummy() -> list[dict[str, Any]]:
-    """Return dummy blocks list."""
-    logger.info("Using dummy agent generator for get_blocks")
-    return [
-        {"id": AGENT_INPUT_BLOCK_ID, "name": "AgentInputBlock"},
-        {"id": AGENT_OUTPUT_BLOCK_ID, "name": "AgentOutputBlock"},
-    ]
-
-
-async def health_check_dummy() -> bool:
-    """Always returns healthy for dummy service."""
-    return True

autogpt_platform/backend/backend/api/features/chat/tools/agent_generator/service.py

@@ -12,19 +12,8 @@ import httpx
 
 from backend.util.settings import Settings
 
-from .dummy import (
-    customize_template_dummy,
-    decompose_goal_dummy,
-    generate_agent_dummy,
-    generate_agent_patch_dummy,
-    get_blocks_dummy,
-    health_check_dummy,
-)
-
 logger = logging.getLogger(__name__)
 
-_dummy_mode_warned = False
-
 
 def _create_error_response(
     error_message: str,
@@ -101,26 +90,10 @@ def _get_settings() -> Settings:
     return _settings
 
 
-def _is_dummy_mode() -> bool:
-    """Check if dummy mode is enabled for testing."""
-    global _dummy_mode_warned
-    settings = _get_settings()
-    is_dummy = bool(settings.config.agentgenerator_use_dummy)
-    if is_dummy and not _dummy_mode_warned:
-        logger.warning(
-            "Agent Generator running in DUMMY MODE - returning mock responses. "
-            "Do not use in production!"
-        )
-        _dummy_mode_warned = True
-    return is_dummy
-
-
 def is_external_service_configured() -> bool:
-    """Check if external Agent Generator service is configured (or dummy mode)."""
+    """Check if external Agent Generator service is configured."""
     settings = _get_settings()
-    return bool(settings.config.agentgenerator_host) or bool(
-        settings.config.agentgenerator_use_dummy
-    )
+    return bool(settings.config.agentgenerator_host)
 
 
 def _get_base_url() -> str:
@@ -164,9 +137,6 @@ async def decompose_goal_external(
         - {"type": "error", "error": "...", "error_type": "..."} on error
         Or None on unexpected error
     """
-    if _is_dummy_mode():
-        return await decompose_goal_dummy(description, context, library_agents)
-
     client = _get_client()
 
     if context:
@@ -256,11 +226,6 @@ async def generate_agent_external(
     Returns:
         Agent JSON dict, {"status": "accepted"} for async, or error dict {"type": "error", ...} on error
     """
-    if _is_dummy_mode():
-        return await generate_agent_dummy(
-            instructions, library_agents, operation_id, task_id
-        )
-
     client = _get_client()
 
     # Build request payload
@@ -332,11 +297,6 @@ async def generate_agent_patch_external(
     Returns:
         Updated agent JSON, clarifying questions dict, {"status": "accepted"} for async, or error dict on error
     """
-    if _is_dummy_mode():
-        return await generate_agent_patch_dummy(
-            update_request, current_agent, library_agents, operation_id, task_id
-        )
-
     client = _get_client()
 
     # Build request payload
@@ -423,11 +383,6 @@ async def customize_template_external(
     Returns:
         Customized agent JSON, clarifying questions dict, or error dict on error
     """
-    if _is_dummy_mode():
-        return await customize_template_dummy(
-            template_agent, modification_request, context
-        )
-
     client = _get_client()
 
     request = modification_request
@@ -490,9 +445,6 @@ async def get_blocks_external() -> list[dict[str, Any]] | None:
     Returns:
         List of block info dicts or None on error
     """
-    if _is_dummy_mode():
-        return await get_blocks_dummy()
-
     client = _get_client()
 
     try:
@@ -526,9 +478,6 @@ async def health_check() -> bool:
     if not is_external_service_configured():
         return False
 
-    if _is_dummy_mode():
-        return await health_check_dummy()
-
     client = _get_client()
 
     try:

autogpt_platform/backend/backend/api/features/chat/tools/bash_exec.py

@@ -1,131 +0,0 @@
-"""Bash execution tool — run shell commands in a bubblewrap sandbox.
-
-Full Bash scripting is allowed (loops, conditionals, pipes, functions, etc.).
-Safety comes from OS-level isolation (bubblewrap): only system dirs visible
-read-only, writable workspace only, clean env, no network.
-
-Requires bubblewrap (``bwrap``) — the tool is disabled when bwrap is not
-available (e.g. macOS development).
-"""
-
-import logging
-from typing import Any
-
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools.base import BaseTool
-from backend.api.features.chat.tools.models import (
-    BashExecResponse,
-    ErrorResponse,
-    ToolResponseBase,
-)
-from backend.api.features.chat.tools.sandbox import (
-    get_workspace_dir,
-    has_full_sandbox,
-    run_sandboxed,
-)
-
-logger = logging.getLogger(__name__)
-
-
-class BashExecTool(BaseTool):
-    """Execute Bash commands in a bubblewrap sandbox."""
-
-    @property
-    def name(self) -> str:
-        return "bash_exec"
-
-    @property
-    def description(self) -> str:
-        if not has_full_sandbox():
-            return (
-                "Bash execution is DISABLED — bubblewrap sandbox is not "
-                "available on this platform. Do not call this tool."
-            )
-        return (
-            "Execute a Bash command or script in a bubblewrap sandbox. "
-            "Full Bash scripting is supported (loops, conditionals, pipes, "
-            "functions, etc.). "
-            "The sandbox shares the same working directory as the SDK Read/Write "
-            "tools — files created by either are accessible to both. "
-            "SECURITY: Only system directories (/usr, /bin, /lib, /etc) are "
-            "visible read-only, the per-session workspace is the only writable "
-            "path, environment variables are wiped (no secrets), all network "
-            "access is blocked at the kernel level, and resource limits are "
-            "enforced (max 64 processes, 512MB memory, 50MB file size). "
-            "Application code, configs, and other directories are NOT accessible. "
-            "To fetch web content, use the web_fetch tool instead. "
-            "Execution is killed after the timeout (default 30s, max 120s). "
-            "Returns stdout and stderr. "
-            "Useful for file manipulation, data processing with Unix tools "
-            "(grep, awk, sed, jq, etc.), and running shell scripts."
-        )
-
-    @property
-    def parameters(self) -> dict[str, Any]:
-        return {
-            "type": "object",
-            "properties": {
-                "command": {
-                    "type": "string",
-                    "description": "Bash command or script to execute.",
-                },
-                "timeout": {
-                    "type": "integer",
-                    "description": (
-                        "Max execution time in seconds (default 30, max 120)."
-                    ),
-                    "default": 30,
-                },
-            },
-            "required": ["command"],
-        }
-
-    @property
-    def requires_auth(self) -> bool:
-        return False
-
-    async def _execute(
-        self,
-        user_id: str | None,
-        session: ChatSession,
-        **kwargs: Any,
-    ) -> ToolResponseBase:
-        session_id = session.session_id if session else None
-
-        if not has_full_sandbox():
-            return ErrorResponse(
-                message="bash_exec requires bubblewrap sandbox (Linux only).",
-                error="sandbox_unavailable",
-                session_id=session_id,
-            )
-
-        command: str = (kwargs.get("command") or "").strip()
-        timeout: int = kwargs.get("timeout", 30)
-
-        if not command:
-            return ErrorResponse(
-                message="No command provided.",
-                error="empty_command",
-                session_id=session_id,
-            )
-
-        workspace = get_workspace_dir(session_id or "default")
-
-        stdout, stderr, exit_code, timed_out = await run_sandboxed(
-            command=["bash", "-c", command],
-            cwd=workspace,
-            timeout=timeout,
-        )
-
-        return BashExecResponse(
-            message=(
-                "Execution timed out"
-                if timed_out
-                else f"Command executed (exit {exit_code})"
-            ),
-            stdout=stdout,
-            stderr=stderr,
-            exit_code=exit_code,
-            timed_out=timed_out,
-            session_id=session_id,
-        )

autogpt_platform/backend/backend/api/features/chat/tools/check_operation_status.py

@@ -1,127 +0,0 @@
-"""CheckOperationStatusTool — query the status of a long-running operation."""
-
-import logging
-from typing import Any
-
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools.base import BaseTool
-from backend.api.features.chat.tools.models import (
-    ErrorResponse,
-    ResponseType,
-    ToolResponseBase,
-)
-
-logger = logging.getLogger(__name__)
-
-
-class OperationStatusResponse(ToolResponseBase):
-    """Response for check_operation_status tool."""
-
-    type: ResponseType = ResponseType.OPERATION_STATUS
-    task_id: str
-    operation_id: str
-    status: str  # "running", "completed", "failed"
-    tool_name: str | None = None
-    message: str = ""
-
-
-class CheckOperationStatusTool(BaseTool):
-    """Check the status of a long-running operation (create_agent, edit_agent, etc.).
-
-    The CoPilot uses this tool to report back to the user whether an
-    operation that was started earlier has completed, failed, or is still
-    running.
-    """
-
-    @property
-    def name(self) -> str:
-        return "check_operation_status"
-
-    @property
-    def description(self) -> str:
-        return (
-            "Check the current status of a long-running operation such as "
-            "create_agent or edit_agent. Accepts either an operation_id or "
-            "task_id from a previous operation_started response. "
-            "Returns the current status: running, completed, or failed."
-        )
-
-    @property
-    def parameters(self) -> dict[str, Any]:
-        return {
-            "type": "object",
-            "properties": {
-                "operation_id": {
-                    "type": "string",
-                    "description": (
-                        "The operation_id from an operation_started response."
-                    ),
-                },
-                "task_id": {
-                    "type": "string",
-                    "description": (
-                        "The task_id from an operation_started response. "
-                        "Used as fallback if operation_id is not provided."
-                    ),
-                },
-            },
-            "required": [],
-        }
-
-    @property
-    def requires_auth(self) -> bool:
-        return False
-
-    async def _execute(
-        self,
-        user_id: str | None,
-        session: ChatSession,
-        **kwargs,
-    ) -> ToolResponseBase:
-        from backend.api.features.chat import stream_registry
-
-        operation_id = (kwargs.get("operation_id") or "").strip()
-        task_id = (kwargs.get("task_id") or "").strip()
-
-        if not operation_id and not task_id:
-            return ErrorResponse(
-                message="Please provide an operation_id or task_id.",
-                error="missing_parameter",
-            )
-
-        task = None
-        if operation_id:
-            task = await stream_registry.find_task_by_operation_id(operation_id)
-        if task is None and task_id:
-            task = await stream_registry.get_task(task_id)
-
-        if task is None:
-            # Task not in Redis — it may have already expired (TTL).
-            # Check conversation history for the result instead.
-            return ErrorResponse(
-                message=(
-                    "Operation not found — it may have already completed and "
-                    "expired from the status tracker. Check the conversation "
-                    "history for the result."
-                ),
-                error="not_found",
-            )
-
-        status_messages = {
-            "running": (
-                f"The {task.tool_name or 'operation'} is still running. "
-                "Please wait for it to complete."
-            ),
-            "completed": (
-                f"The {task.tool_name or 'operation'} has completed successfully."
-            ),
-            "failed": f"The {task.tool_name or 'operation'} has failed.",
-        }
-
-        return OperationStatusResponse(
-            task_id=task.task_id,
-            operation_id=task.operation_id,
-            status=task.status,
-            tool_name=task.tool_name,
-            message=status_messages.get(task.status, f"Status: {task.status}"),
-        )

autogpt_platform/backend/backend/api/features/chat/tools/feature_requests.py

@@ -1,448 +0,0 @@
-"""Feature request tools - search and create feature requests via Linear."""
-
-import logging
-from typing import Any
-
-from pydantic import SecretStr
-
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools.base import BaseTool
-from backend.api.features.chat.tools.models import (
-    ErrorResponse,
-    FeatureRequestCreatedResponse,
-    FeatureRequestInfo,
-    FeatureRequestSearchResponse,
-    NoResultsResponse,
-    ToolResponseBase,
-)
-from backend.blocks.linear._api import LinearClient
-from backend.data.model import APIKeyCredentials
-from backend.data.user import get_user_email_by_id
-from backend.util.settings import Settings
-
-logger = logging.getLogger(__name__)
-
-MAX_SEARCH_RESULTS = 10
-
-# GraphQL queries/mutations
-SEARCH_ISSUES_QUERY = """
-query SearchFeatureRequests($term: String!, $filter: IssueFilter, $first: Int) {
-  searchIssues(term: $term, filter: $filter, first: $first) {
-    nodes {
-      id
-      identifier
-      title
-      description
-    }
-  }
-}
-"""
-
-CUSTOMER_UPSERT_MUTATION = """
-mutation CustomerUpsert($input: CustomerUpsertInput!) {
-  customerUpsert(input: $input) {
-    success
-    customer {
-      id
-      name
-      externalIds
-    }
-  }
-}
-"""
-
-ISSUE_CREATE_MUTATION = """
-mutation IssueCreate($input: IssueCreateInput!) {
-  issueCreate(input: $input) {
-    success
-    issue {
-      id
-      identifier
-      title
-      url
-    }
-  }
-}
-"""
-
-CUSTOMER_NEED_CREATE_MUTATION = """
-mutation CustomerNeedCreate($input: CustomerNeedCreateInput!) {
-  customerNeedCreate(input: $input) {
-    success
-    need {
-      id
-      body
-      customer {
-        id
-        name
-      }
-      issue {
-        id
-        identifier
-        title
-        url
-      }
-    }
-  }
-}
-"""
-
-
-_settings: Settings | None = None
-
-
-def _get_settings() -> Settings:
-    global _settings
-    if _settings is None:
-        _settings = Settings()
-    return _settings
-
-
-def _get_linear_config() -> tuple[LinearClient, str, str]:
-    """Return a configured Linear client, project ID, and team ID.
-
-    Raises RuntimeError if any required setting is missing.
-    """
-    secrets = _get_settings().secrets
-    if not secrets.linear_api_key:
-        raise RuntimeError("LINEAR_API_KEY is not configured")
-    if not secrets.linear_feature_request_project_id:
-        raise RuntimeError("LINEAR_FEATURE_REQUEST_PROJECT_ID is not configured")
-    if not secrets.linear_feature_request_team_id:
-        raise RuntimeError("LINEAR_FEATURE_REQUEST_TEAM_ID is not configured")
-
-    credentials = APIKeyCredentials(
-        id="system-linear",
-        provider="linear",
-        api_key=SecretStr(secrets.linear_api_key),
-        title="System Linear API Key",
-    )
-    client = LinearClient(credentials=credentials)
-    return (
-        client,
-        secrets.linear_feature_request_project_id,
-        secrets.linear_feature_request_team_id,
-    )
-
-
-class SearchFeatureRequestsTool(BaseTool):
-    """Tool for searching existing feature requests in Linear."""
-
-    @property
-    def name(self) -> str:
-        return "search_feature_requests"
-
-    @property
-    def description(self) -> str:
-        return (
-            "Search existing feature requests to check if a similar request "
-            "already exists before creating a new one. Returns matching feature "
-            "requests with their ID, title, and description."
-        )
-
-    @property
-    def parameters(self) -> dict[str, Any]:
-        return {
-            "type": "object",
-            "properties": {
-                "query": {
-                    "type": "string",
-                    "description": "Search term to find matching feature requests.",
-                },
-            },
-            "required": ["query"],
-        }
-
-    @property
-    def requires_auth(self) -> bool:
-        return True
-
-    async def _execute(
-        self,
-        user_id: str | None,
-        session: ChatSession,
-        **kwargs,
-    ) -> ToolResponseBase:
-        query = kwargs.get("query", "").strip()
-        session_id = session.session_id if session else None
-
-        if not query:
-            return ErrorResponse(
-                message="Please provide a search query.",
-                error="Missing query parameter",
-                session_id=session_id,
-            )
-
-        try:
-            client, project_id, _team_id = _get_linear_config()
-            data = await client.query(
-                SEARCH_ISSUES_QUERY,
-                {
-                    "term": query,
-                    "filter": {
-                        "project": {"id": {"eq": project_id}},
-                    },
-                    "first": MAX_SEARCH_RESULTS,
-                },
-            )
-
-            nodes = data.get("searchIssues", {}).get("nodes", [])
-
-            if not nodes:
-                return NoResultsResponse(
-                    message=f"No feature requests found matching '{query}'.",
-                    suggestions=[
-                        "Try different keywords",
-                        "Use broader search terms",
-                        "You can create a new feature request if none exists",
-                    ],
-                    session_id=session_id,
-                )
-
-            results = [
-                FeatureRequestInfo(
-                    id=node["id"],
-                    identifier=node["identifier"],
-                    title=node["title"],
-                    description=node.get("description"),
-                )
-                for node in nodes
-            ]
-
-            return FeatureRequestSearchResponse(
-                message=f"Found {len(results)} feature request(s) matching '{query}'.",
-                results=results,
-                count=len(results),
-                query=query,
-                session_id=session_id,
-            )
-        except Exception as e:
-            logger.exception("Failed to search feature requests")
-            return ErrorResponse(
-                message="Failed to search feature requests.",
-                error=str(e),
-                session_id=session_id,
-            )
-
-
-class CreateFeatureRequestTool(BaseTool):
-    """Tool for creating feature requests (or adding needs to existing ones)."""
-
-    @property
-    def name(self) -> str:
-        return "create_feature_request"
-
-    @property
-    def description(self) -> str:
-        return (
-            "Create a new feature request or add a customer need to an existing one. "
-            "Always search first with search_feature_requests to avoid duplicates. "
-            "If a matching request exists, pass its ID as existing_issue_id to add "
-            "the user's need to it instead of creating a duplicate."
-        )
-
-    @property
-    def parameters(self) -> dict[str, Any]:
-        return {
-            "type": "object",
-            "properties": {
-                "title": {
-                    "type": "string",
-                    "description": "Title for the feature request.",
-                },
-                "description": {
-                    "type": "string",
-                    "description": "Detailed description of what the user wants and why.",
-                },
-                "existing_issue_id": {
-                    "type": "string",
-                    "description": (
-                        "If adding a need to an existing feature request, "
-                        "provide its Linear issue ID (from search results). "
-                        "Omit to create a new feature request."
-                    ),
-                },
-            },
-            "required": ["title", "description"],
-        }
-
-    @property
-    def requires_auth(self) -> bool:
-        return True
-
-    async def _find_or_create_customer(
-        self, client: LinearClient, user_id: str, name: str
-    ) -> dict:
-        """Find existing customer by user_id or create a new one via upsert.
-
-        Args:
-            client: Linear API client.
-            user_id: Stable external ID used to deduplicate customers.
-            name: Human-readable display name (e.g. the user's email).
-        """
-        data = await client.mutate(
-            CUSTOMER_UPSERT_MUTATION,
-            {
-                "input": {
-                    "name": name,
-                    "externalId": user_id,
-                },
-            },
-        )
-        result = data.get("customerUpsert", {})
-        if not result.get("success"):
-            raise RuntimeError(f"Failed to upsert customer: {data}")
-        return result["customer"]
-
-    async def _execute(
-        self,
-        user_id: str | None,
-        session: ChatSession,
-        **kwargs,
-    ) -> ToolResponseBase:
-        title = kwargs.get("title", "").strip()
-        description = kwargs.get("description", "").strip()
-        existing_issue_id = kwargs.get("existing_issue_id")
-        session_id = session.session_id if session else None
-
-        if not title or not description:
-            return ErrorResponse(
-                message="Both title and description are required.",
-                error="Missing required parameters",
-                session_id=session_id,
-            )
-
-        if not user_id:
-            return ErrorResponse(
-                message="Authentication required to create feature requests.",
-                error="Missing user_id",
-                session_id=session_id,
-            )
-
-        try:
-            client, project_id, team_id = _get_linear_config()
-        except Exception as e:
-            logger.exception("Failed to initialize Linear client")
-            return ErrorResponse(
-                message="Failed to create feature request.",
-                error=str(e),
-                session_id=session_id,
-            )
-
-        # Resolve a human-readable name (email) for the Linear customer record.
-        # Fall back to user_id if the lookup fails or returns None.
-        try:
-            customer_display_name = await get_user_email_by_id(user_id) or user_id
-        except Exception:
-            customer_display_name = user_id
-
-        # Step 1: Find or create customer for this user
-        try:
-            customer = await self._find_or_create_customer(
-                client, user_id, customer_display_name
-            )
-            customer_id = customer["id"]
-            customer_name = customer["name"]
-        except Exception as e:
-            logger.exception("Failed to upsert customer in Linear")
-            return ErrorResponse(
-                message="Failed to create feature request.",
-                error=str(e),
-                session_id=session_id,
-            )
-
-        # Step 2: Create or reuse issue
-        issue_id: str | None = None
-        issue_identifier: str | None = None
-        if existing_issue_id:
-            # Add need to existing issue - we still need the issue details for response
-            is_new_issue = False
-            issue_id = existing_issue_id
-        else:
-            # Create new issue in the feature requests project
-            try:
-                data = await client.mutate(
-                    ISSUE_CREATE_MUTATION,
-                    {
-                        "input": {
-                            "title": title,
-                            "description": description,
-                            "teamId": team_id,
-                            "projectId": project_id,
-                        },
-                    },
-                )
-                result = data.get("issueCreate", {})
-                if not result.get("success"):
-                    return ErrorResponse(
-                        message="Failed to create feature request issue.",
-                        error=str(data),
-                        session_id=session_id,
-                    )
-                issue = result["issue"]
-                issue_id = issue["id"]
-                issue_identifier = issue.get("identifier")
-            except Exception as e:
-                logger.exception("Failed to create feature request issue")
-                return ErrorResponse(
-                    message="Failed to create feature request.",
-                    error=str(e),
-                    session_id=session_id,
-                )
-            is_new_issue = True
-
-        # Step 3: Create customer need on the issue
-        try:
-            data = await client.mutate(
-                CUSTOMER_NEED_CREATE_MUTATION,
-                {
-                    "input": {
-                        "customerId": customer_id,
-                        "issueId": issue_id,
-                        "body": description,
-                        "priority": 0,
-                    },
-                },
-            )
-            need_result = data.get("customerNeedCreate", {})
-            if not need_result.get("success"):
-                orphaned = (
-                    {"issue_id": issue_id, "issue_identifier": issue_identifier}
-                    if is_new_issue
-                    else None
-                )
-                return ErrorResponse(
-                    message="Failed to attach customer need to the feature request.",
-                    error=str(data),
-                    details=orphaned,
-                    session_id=session_id,
-                )
-            need = need_result["need"]
-            issue_info = need["issue"]
-        except Exception as e:
-            logger.exception("Failed to create customer need")
-            orphaned = (
-                {"issue_id": issue_id, "issue_identifier": issue_identifier}
-                if is_new_issue
-                else None
-            )
-            return ErrorResponse(
-                message="Failed to attach customer need to the feature request.",
-                error=str(e),
-                details=orphaned,
-                session_id=session_id,
-            )
-
-        return FeatureRequestCreatedResponse(
-            message=(
-                f"{'Created new feature request' if is_new_issue else 'Added your request to existing feature request'}: "
-                f"{issue_info['title']}."
-            ),
-            issue_id=issue_info["id"],
-            issue_identifier=issue_info["identifier"],
-            issue_title=issue_info["title"],
-            issue_url=issue_info.get("url", ""),
-            is_new_issue=is_new_issue,
-            customer_name=customer_name,
-            session_id=session_id,
-        )

autogpt_platform/backend/backend/api/features/chat/tools/feature_requests_test.py

@@ -1,615 +0,0 @@
-"""Tests for SearchFeatureRequestsTool and CreateFeatureRequestTool."""
-
-from unittest.mock import AsyncMock, patch
-
-import pytest
-
-from backend.api.features.chat.tools.feature_requests import (
-    CreateFeatureRequestTool,
-    SearchFeatureRequestsTool,
-)
-from backend.api.features.chat.tools.models import (
-    ErrorResponse,
-    FeatureRequestCreatedResponse,
-    FeatureRequestSearchResponse,
-    NoResultsResponse,
-)
-
-from ._test_data import make_session
-
-_TEST_USER_ID = "test-user-feature-requests"
-_TEST_USER_EMAIL = "testuser@example.com"
-
-
-# ---------------------------------------------------------------------------
-# Helpers
-# ---------------------------------------------------------------------------
-
-
-_FAKE_PROJECT_ID = "test-project-id"
-_FAKE_TEAM_ID = "test-team-id"
-
-
-def _mock_linear_config(*, query_return=None, mutate_return=None):
-    """Return a patched _get_linear_config that yields a mock LinearClient."""
-    client = AsyncMock()
-    if query_return is not None:
-        client.query.return_value = query_return
-    if mutate_return is not None:
-        client.mutate.return_value = mutate_return
-    return (
-        patch(
-            "backend.api.features.chat.tools.feature_requests._get_linear_config",
-            return_value=(client, _FAKE_PROJECT_ID, _FAKE_TEAM_ID),
-        ),
-        client,
-    )
-
-
-def _search_response(nodes: list[dict]) -> dict:
-    return {"searchIssues": {"nodes": nodes}}
-
-
-def _customer_upsert_response(
-    customer_id: str = "cust-1", name: str = _TEST_USER_EMAIL, success: bool = True
-) -> dict:
-    return {
-        "customerUpsert": {
-            "success": success,
-            "customer": {"id": customer_id, "name": name, "externalIds": [name]},
-        }
-    }
-
-
-def _issue_create_response(
-    issue_id: str = "issue-1",
-    identifier: str = "FR-1",
-    title: str = "New Feature",
-    success: bool = True,
-) -> dict:
-    return {
-        "issueCreate": {
-            "success": success,
-            "issue": {
-                "id": issue_id,
-                "identifier": identifier,
-                "title": title,
-                "url": f"https://linear.app/issue/{identifier}",
-            },
-        }
-    }
-
-
-def _need_create_response(
-    need_id: str = "need-1",
-    issue_id: str = "issue-1",
-    identifier: str = "FR-1",
-    title: str = "New Feature",
-    success: bool = True,
-) -> dict:
-    return {
-        "customerNeedCreate": {
-            "success": success,
-            "need": {
-                "id": need_id,
-                "body": "description",
-                "customer": {"id": "cust-1", "name": _TEST_USER_EMAIL},
-                "issue": {
-                    "id": issue_id,
-                    "identifier": identifier,
-                    "title": title,
-                    "url": f"https://linear.app/issue/{identifier}",
-                },
-            },
-        }
-    }
-
-
-# ===========================================================================
-# SearchFeatureRequestsTool
-# ===========================================================================
-
-
-class TestSearchFeatureRequestsTool:
-    """Tests for SearchFeatureRequestsTool._execute."""
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_successful_search(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        nodes = [
-            {
-                "id": "id-1",
-                "identifier": "FR-1",
-                "title": "Dark mode",
-                "description": "Add dark mode support",
-            },
-            {
-                "id": "id-2",
-                "identifier": "FR-2",
-                "title": "Dark theme",
-                "description": None,
-            },
-        ]
-        patcher, _ = _mock_linear_config(query_return=_search_response(nodes))
-        with patcher:
-            tool = SearchFeatureRequestsTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="dark mode"
-            )
-
-        assert isinstance(resp, FeatureRequestSearchResponse)
-        assert resp.count == 2
-        assert resp.results[0].id == "id-1"
-        assert resp.results[1].identifier == "FR-2"
-        assert resp.query == "dark mode"
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_no_results(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, _ = _mock_linear_config(query_return=_search_response([]))
-        with patcher:
-            tool = SearchFeatureRequestsTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="nonexistent"
-            )
-
-        assert isinstance(resp, NoResultsResponse)
-        assert "nonexistent" in resp.message
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_empty_query_returns_error(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        tool = SearchFeatureRequestsTool()
-        resp = await tool._execute(user_id=_TEST_USER_ID, session=session, query="   ")
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "query" in resp.error.lower()
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_missing_query_returns_error(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        tool = SearchFeatureRequestsTool()
-        resp = await tool._execute(user_id=_TEST_USER_ID, session=session)
-
-        assert isinstance(resp, ErrorResponse)
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_api_failure(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.query.side_effect = RuntimeError("Linear API down")
-        with patcher:
-            tool = SearchFeatureRequestsTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="test"
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "Linear API down" in resp.error
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_malformed_node_returns_error(self):
-        """A node missing required keys should be caught by the try/except."""
-        session = make_session(user_id=_TEST_USER_ID)
-        # Node missing 'identifier' key
-        bad_nodes = [{"id": "id-1", "title": "Missing identifier"}]
-        patcher, _ = _mock_linear_config(query_return=_search_response(bad_nodes))
-        with patcher:
-            tool = SearchFeatureRequestsTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="test"
-            )
-
-        assert isinstance(resp, ErrorResponse)
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_linear_client_init_failure(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        with patch(
-            "backend.api.features.chat.tools.feature_requests._get_linear_config",
-            side_effect=RuntimeError("No API key"),
-        ):
-            tool = SearchFeatureRequestsTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="test"
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "No API key" in resp.error
-
-
-# ===========================================================================
-# CreateFeatureRequestTool
-# ===========================================================================
-
-
-class TestCreateFeatureRequestTool:
-    """Tests for CreateFeatureRequestTool._execute."""
-
-    @pytest.fixture(autouse=True)
-    def _patch_email_lookup(self):
-        with patch(
-            "backend.api.features.chat.tools.feature_requests.get_user_email_by_id",
-            new_callable=AsyncMock,
-            return_value=_TEST_USER_EMAIL,
-        ):
-            yield
-
-    # ---- Happy paths -------------------------------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_create_new_issue(self):
-        """Full happy path: upsert customer -> create issue -> attach need."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _issue_create_response(),
-            _need_create_response(),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="New Feature",
-                description="Please add this",
-            )
-
-        assert isinstance(resp, FeatureRequestCreatedResponse)
-        assert resp.is_new_issue is True
-        assert resp.issue_identifier == "FR-1"
-        assert resp.customer_name == _TEST_USER_EMAIL
-        assert client.mutate.call_count == 3
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_add_need_to_existing_issue(self):
-        """When existing_issue_id is provided, skip issue creation."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _need_create_response(issue_id="existing-1", identifier="FR-99"),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Existing Feature",
-                description="Me too",
-                existing_issue_id="existing-1",
-            )
-
-        assert isinstance(resp, FeatureRequestCreatedResponse)
-        assert resp.is_new_issue is False
-        assert resp.issue_id == "existing-1"
-        # Only 2 mutations: customer upsert + need create (no issue create)
-        assert client.mutate.call_count == 2
-
-    # ---- Validation errors -------------------------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_missing_title(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        tool = CreateFeatureRequestTool()
-        resp = await tool._execute(
-            user_id=_TEST_USER_ID,
-            session=session,
-            title="",
-            description="some desc",
-        )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "required" in resp.error.lower()
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_missing_description(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        tool = CreateFeatureRequestTool()
-        resp = await tool._execute(
-            user_id=_TEST_USER_ID,
-            session=session,
-            title="Some title",
-            description="",
-        )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "required" in resp.error.lower()
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_missing_user_id(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        tool = CreateFeatureRequestTool()
-        resp = await tool._execute(
-            user_id=None,
-            session=session,
-            title="Some title",
-            description="Some desc",
-        )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "user_id" in resp.error.lower()
-
-    # ---- Linear client init failure ----------------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_linear_client_init_failure(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        with patch(
-            "backend.api.features.chat.tools.feature_requests._get_linear_config",
-            side_effect=RuntimeError("No API key"),
-        ):
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "No API key" in resp.error
-
-    # ---- Customer upsert failures ------------------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_customer_upsert_api_error(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = RuntimeError("Customer API error")
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "Customer API error" in resp.error
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_customer_upsert_not_success(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.return_value = _customer_upsert_response(success=False)
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_customer_malformed_response(self):
-        """Customer dict missing 'id' key should be caught."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        # success=True but customer has no 'id'
-        client.mutate.return_value = {
-            "customerUpsert": {
-                "success": True,
-                "customer": {"name": _TEST_USER_ID},
-            }
-        }
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-
-    # ---- Issue creation failures -------------------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_issue_create_api_error(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            RuntimeError("Issue create failed"),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "Issue create failed" in resp.error
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_issue_create_not_success(self):
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _issue_create_response(success=False),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert "Failed to create feature request issue" in resp.message
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_issue_create_malformed_response(self):
-        """issueCreate success=True but missing 'issue' key."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            {"issueCreate": {"success": True}},  # no 'issue' key
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-
-    # ---- Customer need attachment failures ---------------------------------
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_need_create_api_error_new_issue(self):
-        """Need creation fails after new issue was created -> orphaned issue info."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _issue_create_response(issue_id="orphan-1", identifier="FR-10"),
-            RuntimeError("Need attach failed"),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.error is not None
-        assert "Need attach failed" in resp.error
-        assert resp.details is not None
-        assert resp.details["issue_id"] == "orphan-1"
-        assert resp.details["issue_identifier"] == "FR-10"
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_need_create_api_error_existing_issue(self):
-        """Need creation fails on existing issue -> no orphaned info."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            RuntimeError("Need attach failed"),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-                existing_issue_id="existing-1",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.details is None
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_need_create_not_success_includes_orphaned_info(self):
-        """customerNeedCreate returns success=False -> includes orphaned issue."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _issue_create_response(issue_id="orphan-2", identifier="FR-20"),
-            _need_create_response(success=False),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.details is not None
-        assert resp.details["issue_id"] == "orphan-2"
-        assert resp.details["issue_identifier"] == "FR-20"
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_need_create_not_success_existing_issue_no_details(self):
-        """customerNeedCreate fails on existing issue -> no orphaned info."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _need_create_response(success=False),
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-                existing_issue_id="existing-1",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.details is None
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_need_create_malformed_response(self):
-        """need_result missing 'need' key after success=True."""
-        session = make_session(user_id=_TEST_USER_ID)
-        patcher, client = _mock_linear_config()
-        client.mutate.side_effect = [
-            _customer_upsert_response(),
-            _issue_create_response(),
-            {"customerNeedCreate": {"success": True}},  # no 'need' key
-        ]
-
-        with patcher:
-            tool = CreateFeatureRequestTool()
-            resp = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                title="Title",
-                description="Desc",
-            )
-
-        assert isinstance(resp, ErrorResponse)
-        assert resp.details is not None
-        assert resp.details["issue_id"] == "issue-1"

autogpt_platform/backend/backend/api/features/chat/tools/find_block.py

@@ -7,13 +7,13 @@ from backend.api.features.chat.model import ChatSession
 from backend.api.features.chat.tools.base import BaseTool, ToolResponseBase
 from backend.api.features.chat.tools.models import (
     BlockInfoSummary,
+    BlockInputFieldInfo,
     BlockListResponse,
     ErrorResponse,
     NoResultsResponse,
 )
 from backend.api.features.store.hybrid_search import unified_hybrid_search
-from backend.blocks import get_block
-from backend.blocks._base import BlockType
+from backend.data.block import BlockType, get_block
 
 logger = logging.getLogger(__name__)
 
@@ -54,8 +54,7 @@ class FindBlockTool(BaseTool):
             "Blocks are reusable components that perform specific tasks like "
             "sending emails, making API calls, processing text, etc. "
             "IMPORTANT: Use this tool FIRST to get the block's 'id' before calling run_block. "
-            "The response includes each block's id, name, and description. "
-            "Call run_block with the block's id **with no inputs** to see detailed inputs/outputs and execute it."
+            "The response includes each block's id, required_inputs, and input_schema."
         )
 
     @property
@@ -124,7 +123,7 @@ class FindBlockTool(BaseTool):
                     session_id=session_id,
                 )
 
-            # Enrich results with block information
+            # Enrich results with full block information
             blocks: list[BlockInfoSummary] = []
             for result in results:
                 block_id = result["content_id"]
@@ -141,12 +140,65 @@ class FindBlockTool(BaseTool):
                 ):
                     continue
 
+                # Get input/output schemas
+                input_schema = {}
+                output_schema = {}
+                try:
+                    input_schema = block.input_schema.jsonschema()
+                except Exception as e:
+                    logger.debug(
+                        "Failed to generate input schema for block %s: %s",
+                        block_id,
+                        e,
+                    )
+                try:
+                    output_schema = block.output_schema.jsonschema()
+                except Exception as e:
+                    logger.debug(
+                        "Failed to generate output schema for block %s: %s",
+                        block_id,
+                        e,
+                    )
+
+                # Get categories from block instance
+                categories = []
+                if hasattr(block, "categories") and block.categories:
+                    categories = [cat.value for cat in block.categories]
+
+                # Extract required inputs for easier use
+                required_inputs: list[BlockInputFieldInfo] = []
+                if input_schema:
+                    properties = input_schema.get("properties", {})
+                    required_fields = set(input_schema.get("required", []))
+                    # Get credential field names to exclude from required inputs
+                    credentials_fields = set(
+                        block.input_schema.get_credentials_fields().keys()
+                    )
+
+                    for field_name, field_schema in properties.items():
+                        # Skip credential fields - they're handled separately
+                        if field_name in credentials_fields:
+                            continue
+
+                        required_inputs.append(
+                            BlockInputFieldInfo(
+                                name=field_name,
+                                type=field_schema.get("type", "string"),
+                                description=field_schema.get("description", ""),
+                                required=field_name in required_fields,
+                                default=field_schema.get("default"),
+                            )
+                        )
+
                 blocks.append(
                     BlockInfoSummary(
                         id=block_id,
                         name=block.name,
                         description=block.description or "",
-                        categories=[c.value for c in block.categories],
+                        categories=categories,
+                        input_schema=input_schema,
+                        output_schema=output_schema,
+                        required_inputs=required_inputs,
                     )
                 )
 
@@ -175,7 +227,8 @@ class FindBlockTool(BaseTool):
             return BlockListResponse(
                 message=(
                     f"Found {len(blocks)} block(s) matching '{query}'. "
-                    "To see a block's inputs/outputs and execute it, use run_block with the block's 'id' - providing no inputs."
+                    "To execute a block, use run_block with the block's 'id' field "
+                    "and provide 'input_data' matching the block's input_schema."
                 ),
                 blocks=blocks,
                 count=len(blocks),

autogpt_platform/backend/backend/api/features/chat/tools/find_block_test.py

@@ -10,7 +10,7 @@ from backend.api.features.chat.tools.find_block import (
     FindBlockTool,
 )
 from backend.api.features.chat.tools.models import BlockListResponse
-from backend.blocks._base import BlockType
+from backend.data.block import BlockType
 
 from ._test_data import make_session
 
@@ -18,13 +18,7 @@ _TEST_USER_ID = "test-user-find-block"
 
 
 def make_mock_block(
-    block_id: str,
-    name: str,
-    block_type: BlockType,
-    disabled: bool = False,
-    input_schema: dict | None = None,
-    output_schema: dict | None = None,
-    credentials_fields: dict | None = None,
+    block_id: str, name: str, block_type: BlockType, disabled: bool = False
 ):
     """Create a mock block for testing."""
     mock = MagicMock()
@@ -34,13 +28,10 @@ def make_mock_block(
     mock.block_type = block_type
     mock.disabled = disabled
     mock.input_schema = MagicMock()
-    mock.input_schema.jsonschema.return_value = input_schema or {
-        "properties": {},
-        "required": [],
-    }
-    mock.input_schema.get_credentials_fields.return_value = credentials_fields or {}
+    mock.input_schema.jsonschema.return_value = {"properties": {}, "required": []}
+    mock.input_schema.get_credentials_fields.return_value = {}
     mock.output_schema = MagicMock()
-    mock.output_schema.jsonschema.return_value = output_schema or {}
+    mock.output_schema.jsonschema.return_value = {}
     mock.categories = []
     return mock
 
@@ -146,241 +137,3 @@ class TestFindBlockFiltering:
         assert isinstance(response, BlockListResponse)
         assert len(response.blocks) == 1
         assert response.blocks[0].id == "normal-block-id"
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_response_size_average_chars_per_block(self):
-        """Measure average chars per block in the serialized response."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        # Realistic block definitions modeled after real blocks
-        block_defs = [
-            {
-                "id": "http-block-id",
-                "name": "Send Web Request",
-                "input_schema": {
-                    "properties": {
-                        "url": {
-                            "type": "string",
-                            "description": "The URL to send the request to",
-                        },
-                        "method": {
-                            "type": "string",
-                            "description": "The HTTP method to use",
-                        },
-                        "headers": {
-                            "type": "object",
-                            "description": "Headers to include in the request",
-                        },
-                        "json_format": {
-                            "type": "boolean",
-                            "description": "If true, send the body as JSON",
-                        },
-                        "body": {
-                            "type": "object",
-                            "description": "Form/JSON body payload",
-                        },
-                        "credentials": {
-                            "type": "object",
-                            "description": "HTTP credentials",
-                        },
-                    },
-                    "required": ["url", "method"],
-                },
-                "output_schema": {
-                    "properties": {
-                        "response": {
-                            "type": "object",
-                            "description": "The response from the server",
-                        },
-                        "client_error": {
-                            "type": "object",
-                            "description": "Errors on 4xx status codes",
-                        },
-                        "server_error": {
-                            "type": "object",
-                            "description": "Errors on 5xx status codes",
-                        },
-                        "error": {
-                            "type": "string",
-                            "description": "Errors for all other exceptions",
-                        },
-                    },
-                },
-                "credentials_fields": {"credentials": True},
-            },
-            {
-                "id": "email-block-id",
-                "name": "Send Email",
-                "input_schema": {
-                    "properties": {
-                        "to_email": {
-                            "type": "string",
-                            "description": "Recipient email address",
-                        },
-                        "subject": {
-                            "type": "string",
-                            "description": "Subject of the email",
-                        },
-                        "body": {
-                            "type": "string",
-                            "description": "Body of the email",
-                        },
-                        "config": {
-                            "type": "object",
-                            "description": "SMTP Config",
-                        },
-                        "credentials": {
-                            "type": "object",
-                            "description": "SMTP credentials",
-                        },
-                    },
-                    "required": ["to_email", "subject", "body", "credentials"],
-                },
-                "output_schema": {
-                    "properties": {
-                        "status": {
-                            "type": "string",
-                            "description": "Status of the email sending operation",
-                        },
-                        "error": {
-                            "type": "string",
-                            "description": "Error message if sending failed",
-                        },
-                    },
-                },
-                "credentials_fields": {"credentials": True},
-            },
-            {
-                "id": "claude-code-block-id",
-                "name": "Claude Code",
-                "input_schema": {
-                    "properties": {
-                        "e2b_credentials": {
-                            "type": "object",
-                            "description": "API key for E2B platform",
-                        },
-                        "anthropic_credentials": {
-                            "type": "object",
-                            "description": "API key for Anthropic",
-                        },
-                        "prompt": {
-                            "type": "string",
-                            "description": "Task or instruction for Claude Code",
-                        },
-                        "timeout": {
-                            "type": "integer",
-                            "description": "Sandbox timeout in seconds",
-                        },
-                        "setup_commands": {
-                            "type": "array",
-                            "description": "Shell commands to run before execution",
-                        },
-                        "working_directory": {
-                            "type": "string",
-                            "description": "Working directory for Claude Code",
-                        },
-                        "session_id": {
-                            "type": "string",
-                            "description": "Session ID to resume a conversation",
-                        },
-                        "sandbox_id": {
-                            "type": "string",
-                            "description": "Sandbox ID to reconnect to",
-                        },
-                        "conversation_history": {
-                            "type": "string",
-                            "description": "Previous conversation history",
-                        },
-                        "dispose_sandbox": {
-                            "type": "boolean",
-                            "description": "Whether to dispose sandbox after execution",
-                        },
-                    },
-                    "required": [
-                        "e2b_credentials",
-                        "anthropic_credentials",
-                        "prompt",
-                    ],
-                },
-                "output_schema": {
-                    "properties": {
-                        "response": {
-                            "type": "string",
-                            "description": "Output from Claude Code execution",
-                        },
-                        "files": {
-                            "type": "array",
-                            "description": "Files created/modified by Claude Code",
-                        },
-                        "conversation_history": {
-                            "type": "string",
-                            "description": "Full conversation history",
-                        },
-                        "session_id": {
-                            "type": "string",
-                            "description": "Session ID for this conversation",
-                        },
-                        "sandbox_id": {
-                            "type": "string",
-                            "description": "ID of the sandbox instance",
-                        },
-                        "error": {
-                            "type": "string",
-                            "description": "Error message if execution failed",
-                        },
-                    },
-                },
-                "credentials_fields": {
-                    "e2b_credentials": True,
-                    "anthropic_credentials": True,
-                },
-            },
-        ]
-
-        search_results = [
-            {"content_id": d["id"], "score": 0.9 - i * 0.1}
-            for i, d in enumerate(block_defs)
-        ]
-        mock_blocks = {
-            d["id"]: make_mock_block(
-                block_id=d["id"],
-                name=d["name"],
-                block_type=BlockType.STANDARD,
-                input_schema=d["input_schema"],
-                output_schema=d["output_schema"],
-                credentials_fields=d["credentials_fields"],
-            )
-            for d in block_defs
-        }
-
-        with patch(
-            "backend.api.features.chat.tools.find_block.unified_hybrid_search",
-            new_callable=AsyncMock,
-            return_value=(search_results, len(search_results)),
-        ), patch(
-            "backend.api.features.chat.tools.find_block.get_block",
-            side_effect=lambda bid: mock_blocks.get(bid),
-        ):
-            tool = FindBlockTool()
-            response = await tool._execute(
-                user_id=_TEST_USER_ID, session=session, query="test"
-            )
-
-        assert isinstance(response, BlockListResponse)
-        assert response.count == len(block_defs)
-
-        total_chars = len(response.model_dump_json())
-        avg_chars = total_chars // response.count
-
-        # Print for visibility in test output
-        print(f"\nTotal response size: {total_chars} chars")
-        print(f"Number of blocks: {response.count}")
-        print(f"Average chars per block: {avg_chars}")
-
-        # The old response was ~90K for 10 blocks (~9K per block).
-        # Previous optimization reduced it to ~1.5K per block (no raw JSON schemas).
-        # Now with only id/name/description, we expect ~300 chars per block.
-        assert avg_chars < 500, (
-            f"Average chars per block ({avg_chars}) exceeds 500. "
-            f"Total response: {total_chars} chars for {response.count} blocks."
-        )

autogpt_platform/backend/backend/api/features/chat/tools/models.py

@@ -25,7 +25,6 @@ class ResponseType(str, Enum):
     AGENT_SAVED = "agent_saved"
     CLARIFICATION_NEEDED = "clarification_needed"
     BLOCK_LIST = "block_list"
-    BLOCK_DETAILS = "block_details"
     BLOCK_OUTPUT = "block_output"
     DOC_SEARCH_RESULTS = "doc_search_results"
     DOC_PAGE = "doc_page"
@@ -41,15 +40,6 @@ class ResponseType(str, Enum):
     OPERATION_IN_PROGRESS = "operation_in_progress"
     # Input validation
     INPUT_VALIDATION_ERROR = "input_validation_error"
-    # Web fetch
-    WEB_FETCH = "web_fetch"
-    # Code execution
-    BASH_EXEC = "bash_exec"
-    # Operation status check
-    OPERATION_STATUS = "operation_status"
-    # Feature request types
-    FEATURE_REQUEST_SEARCH = "feature_request_search"
-    FEATURE_REQUEST_CREATED = "feature_request_created"
 
 
 # Base response model
@@ -345,17 +335,11 @@ class BlockInfoSummary(BaseModel):
     name: str
     description: str
     categories: list[str]
-    input_schema: dict[str, Any] = Field(
-        default_factory=dict,
-        description="Full JSON schema for block inputs",
-    )
-    output_schema: dict[str, Any] = Field(
-        default_factory=dict,
-        description="Full JSON schema for block outputs",
-    )
+    input_schema: dict[str, Any]
+    output_schema: dict[str, Any]
     required_inputs: list[BlockInputFieldInfo] = Field(
         default_factory=list,
-        description="List of input fields for this block",
+        description="List of required input fields for this block",
     )
 
 
@@ -368,29 +352,10 @@ class BlockListResponse(ToolResponseBase):
     query: str
     usage_hint: str = Field(
         default="To execute a block, call run_block with block_id set to the block's "
-        "'id' field and input_data containing the fields listed in required_inputs."
+        "'id' field and input_data containing the required fields from input_schema."
     )
 
 
-class BlockDetails(BaseModel):
-    """Detailed block information."""
-
-    id: str
-    name: str
-    description: str
-    inputs: dict[str, Any] = {}
-    outputs: dict[str, Any] = {}
-    credentials: list[CredentialsMetaInput] = []
-
-
-class BlockDetailsResponse(ToolResponseBase):
-    """Response for block details (first run_block attempt)."""
-
-    type: ResponseType = ResponseType.BLOCK_DETAILS
-    block: BlockDetails
-    user_authenticated: bool = False
-
-
 class BlockOutputResponse(ToolResponseBase):
     """Response for run_block tool."""
 
@@ -456,55 +421,3 @@ class AsyncProcessingResponse(ToolResponseBase):
     status: str = "accepted"  # Must be "accepted" for detection
     operation_id: str | None = None
     task_id: str | None = None
-
-
-class WebFetchResponse(ToolResponseBase):
-    """Response for web_fetch tool."""
-
-    type: ResponseType = ResponseType.WEB_FETCH
-    url: str
-    status_code: int
-    content_type: str
-    content: str
-    truncated: bool = False
-
-
-class BashExecResponse(ToolResponseBase):
-    """Response for bash_exec tool."""
-
-    type: ResponseType = ResponseType.BASH_EXEC
-    stdout: str
-    stderr: str
-    exit_code: int
-    timed_out: bool = False
-
-
-# Feature request models
-class FeatureRequestInfo(BaseModel):
-    """Information about a feature request issue."""
-
-    id: str
-    identifier: str
-    title: str
-    description: str | None = None
-
-
-class FeatureRequestSearchResponse(ToolResponseBase):
-    """Response for search_feature_requests tool."""
-
-    type: ResponseType = ResponseType.FEATURE_REQUEST_SEARCH
-    results: list[FeatureRequestInfo]
-    count: int
-    query: str
-
-
-class FeatureRequestCreatedResponse(ToolResponseBase):
-    """Response for create_feature_request tool."""
-
-    type: ResponseType = ResponseType.FEATURE_REQUEST_CREATED
-    issue_id: str
-    issue_identifier: str
-    issue_title: str
-    issue_url: str
-    is_new_issue: bool  # False if added to existing
-    customer_name: str

autogpt_platform/backend/backend/api/features/chat/tools/run_block.py

@@ -12,8 +12,7 @@ from backend.api.features.chat.tools.find_block import (
     COPILOT_EXCLUDED_BLOCK_IDS,
     COPILOT_EXCLUDED_BLOCK_TYPES,
 )
-from backend.blocks import get_block
-from backend.blocks._base import AnyBlockSchema
+from backend.data.block import AnyBlockSchema, get_block
 from backend.data.execution import ExecutionContext
 from backend.data.model import CredentialsFieldInfo, CredentialsMetaInput
 from backend.data.workspace import get_or_create_workspace
@@ -23,11 +22,8 @@ from backend.util.exceptions import BlockError
 from .base import BaseTool
 from .helpers import get_inputs_from_schema
 from .models import (
-    BlockDetails,
-    BlockDetailsResponse,
     BlockOutputResponse,
     ErrorResponse,
-    InputValidationErrorResponse,
     SetupInfo,
     SetupRequirementsResponse,
     ToolResponseBase,
@@ -54,8 +50,8 @@ class RunBlockTool(BaseTool):
             "Execute a specific block with the provided input data. "
             "IMPORTANT: You MUST call find_block first to get the block's 'id' - "
             "do NOT guess or make up block IDs. "
-            "On first attempt (without input_data), returns detailed schema showing "
-            "required inputs and outputs. Then call again with proper input_data to execute."
+            "Use the 'id' from find_block results and provide input_data "
+            "matching the block's required_inputs."
         )
 
     @property
@@ -70,19 +66,11 @@ class RunBlockTool(BaseTool):
                         "NEVER guess this - always get it from find_block first."
                     ),
                 },
-                "block_name": {
-                    "type": "string",
-                    "description": (
-                        "The block's human-readable name from find_block results. "
-                        "Used for display purposes in the UI."
-                    ),
-                },
                 "input_data": {
                     "type": "object",
                     "description": (
-                        "Input values for the block. "
-                        "First call with empty {} to see the block's schema, "
-                        "then call again with proper values to execute."
+                        "Input values for the block. Use the 'required_inputs' field "
+                        "from find_block to see what fields are needed."
                     ),
                 },
             },
@@ -163,37 +151,10 @@ class RunBlockTool(BaseTool):
         logger.info(f"Executing block {block.name} ({block_id}) for user {user_id}")
 
         creds_manager = IntegrationCredentialsManager()
-        matched_credentials, missing_credentials = (
-            await self._resolve_block_credentials(user_id, block, input_data)
-        )
-
-        # Get block schemas for details/validation
-        try:
-            input_schema: dict[str, Any] = block.input_schema.jsonschema()
-        except Exception as e:
-            logger.warning(
-                "Failed to generate input schema for block %s: %s",
-                block_id,
-                e,
-            )
-            return ErrorResponse(
-                message=f"Block '{block.name}' has an invalid input schema",
-                error=str(e),
-                session_id=session_id,
-            )
-        try:
-            output_schema: dict[str, Any] = block.output_schema.jsonschema()
-        except Exception as e:
-            logger.warning(
-                "Failed to generate output schema for block %s: %s",
-                block_id,
-                e,
-            )
-            return ErrorResponse(
-                message=f"Block '{block.name}' has an invalid output schema",
-                error=str(e),
-                session_id=session_id,
-            )
+        (
+            matched_credentials,
+            missing_credentials,
+        ) = await self._resolve_block_credentials(user_id, block, input_data)
 
         if missing_credentials:
             # Return setup requirements response with missing credentials
@@ -227,53 +188,6 @@ class RunBlockTool(BaseTool):
                 graph_version=None,
             )
 
-        # Check if this is a first attempt (required inputs missing)
-        # Return block details so user can see what inputs are needed
-        credentials_fields = set(block.input_schema.get_credentials_fields().keys())
-        required_keys = set(input_schema.get("required", []))
-        required_non_credential_keys = required_keys - credentials_fields
-        provided_input_keys = set(input_data.keys()) - credentials_fields
-
-        # Check for unknown input fields
-        valid_fields = (
-            set(input_schema.get("properties", {}).keys()) - credentials_fields
-        )
-        unrecognized_fields = provided_input_keys - valid_fields
-        if unrecognized_fields:
-            return InputValidationErrorResponse(
-                message=(
-                    f"Unknown input field(s) provided: {', '.join(sorted(unrecognized_fields))}. "
-                    f"Block was not executed. Please use the correct field names from the schema."
-                ),
-                session_id=session_id,
-                unrecognized_fields=sorted(unrecognized_fields),
-                inputs=input_schema,
-            )
-
-        # Show details when not all required non-credential inputs are provided
-        if not (required_non_credential_keys <= provided_input_keys):
-            # Get credentials info for the response
-            credentials_meta = []
-            for field_name, cred_meta in matched_credentials.items():
-                credentials_meta.append(cred_meta)
-
-            return BlockDetailsResponse(
-                message=(
-                    f"Block '{block.name}' details. "
-                    "Provide input_data matching the inputs schema to execute the block."
-                ),
-                session_id=session_id,
-                block=BlockDetails(
-                    id=block_id,
-                    name=block.name,
-                    description=block.description or "",
-                    inputs=input_schema,
-                    outputs=output_schema,
-                    credentials=credentials_meta,
-                ),
-                user_authenticated=True,
-            )
-
         try:
             # Get or create user's workspace for CoPilot file operations
             workspace = await get_or_create_workspace(user_id)

autogpt_platform/backend/backend/api/features/chat/tools/run_block_test.py

@@ -1,17 +1,12 @@
-"""Tests for block execution guards and input validation in RunBlockTool."""
+"""Tests for block execution guards in RunBlockTool."""
 
-from unittest.mock import AsyncMock, MagicMock, patch
+from unittest.mock import MagicMock, patch
 
 import pytest
 
-from backend.api.features.chat.tools.models import (
-    BlockDetailsResponse,
-    BlockOutputResponse,
-    ErrorResponse,
-    InputValidationErrorResponse,
-)
+from backend.api.features.chat.tools.models import ErrorResponse
 from backend.api.features.chat.tools.run_block import RunBlockTool
-from backend.blocks._base import BlockType
+from backend.data.block import BlockType
 
 from ._test_data import make_session
 
@@ -33,39 +28,6 @@ def make_mock_block(
     return mock
 
 
-def make_mock_block_with_schema(
-    block_id: str,
-    name: str,
-    input_properties: dict,
-    required_fields: list[str],
-    output_properties: dict | None = None,
-):
-    """Create a mock block with a defined input/output schema for validation tests."""
-    mock = MagicMock()
-    mock.id = block_id
-    mock.name = name
-    mock.block_type = BlockType.STANDARD
-    mock.disabled = False
-    mock.description = f"Test block: {name}"
-
-    input_schema = {
-        "properties": input_properties,
-        "required": required_fields,
-    }
-    mock.input_schema = MagicMock()
-    mock.input_schema.jsonschema.return_value = input_schema
-    mock.input_schema.get_credentials_fields_info.return_value = {}
-    mock.input_schema.get_credentials_fields.return_value = {}
-
-    output_schema = {
-        "properties": output_properties or {"result": {"type": "string"}},
-    }
-    mock.output_schema = MagicMock()
-    mock.output_schema.jsonschema.return_value = output_schema
-
-    return mock
-
-
 class TestRunBlockFiltering:
     """Tests for block execution guards in RunBlockTool."""
 
@@ -142,221 +104,3 @@ class TestRunBlockFiltering:
         # (may be other errors like missing credentials, but not the exclusion guard)
         if isinstance(response, ErrorResponse):
             assert "cannot be run directly in CoPilot" not in response.message
-
-
-class TestRunBlockInputValidation:
-    """Tests for input field validation in RunBlockTool.
-
-    run_block rejects unknown input field names with InputValidationErrorResponse,
-    preventing silent failures where incorrect keys would be ignored and the block
-    would execute with default values instead of the caller's intended values.
-    """
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_unknown_input_fields_are_rejected(self):
-        """run_block rejects unknown input fields instead of silently ignoring them.
-
-        Scenario: The AI Text Generator block has a field called 'model' (for LLM model
-        selection), but the LLM calling the tool guesses wrong and sends 'LLM_Model'
-        instead. The block should reject the request and return the valid schema.
-        """
-        session = make_session(user_id=_TEST_USER_ID)
-
-        mock_block = make_mock_block_with_schema(
-            block_id="ai-text-gen-id",
-            name="AI Text Generator",
-            input_properties={
-                "prompt": {"type": "string", "description": "The prompt to send"},
-                "model": {
-                    "type": "string",
-                    "description": "The LLM model to use",
-                    "default": "gpt-4o-mini",
-                },
-                "sys_prompt": {
-                    "type": "string",
-                    "description": "System prompt",
-                    "default": "",
-                },
-            },
-            required_fields=["prompt"],
-            output_properties={"response": {"type": "string"}},
-        )
-
-        with patch(
-            "backend.api.features.chat.tools.run_block.get_block",
-            return_value=mock_block,
-        ):
-            tool = RunBlockTool()
-
-            # Provide 'prompt' (correct) but 'LLM_Model' instead of 'model' (wrong key)
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="ai-text-gen-id",
-                input_data={
-                    "prompt": "Write a haiku about coding",
-                    "LLM_Model": "claude-opus-4-6",  # WRONG KEY - should be 'model'
-                },
-            )
-
-        assert isinstance(response, InputValidationErrorResponse)
-        assert "LLM_Model" in response.unrecognized_fields
-        assert "Block was not executed" in response.message
-        assert "inputs" in response.model_dump()  # valid schema included
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_multiple_wrong_keys_are_all_reported(self):
-        """All unrecognized field names are reported in a single error response."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        mock_block = make_mock_block_with_schema(
-            block_id="ai-text-gen-id",
-            name="AI Text Generator",
-            input_properties={
-                "prompt": {"type": "string"},
-                "model": {"type": "string", "default": "gpt-4o-mini"},
-                "sys_prompt": {"type": "string", "default": ""},
-                "retry": {"type": "integer", "default": 3},
-            },
-            required_fields=["prompt"],
-        )
-
-        with patch(
-            "backend.api.features.chat.tools.run_block.get_block",
-            return_value=mock_block,
-        ):
-            tool = RunBlockTool()
-
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="ai-text-gen-id",
-                input_data={
-                    "prompt": "Hello",  # correct
-                    "llm_model": "claude-opus-4-6",  # WRONG - should be 'model'
-                    "system_prompt": "Be helpful",  # WRONG - should be 'sys_prompt'
-                    "retries": 5,  # WRONG - should be 'retry'
-                },
-            )
-
-        assert isinstance(response, InputValidationErrorResponse)
-        assert set(response.unrecognized_fields) == {
-            "llm_model",
-            "system_prompt",
-            "retries",
-        }
-        assert "Block was not executed" in response.message
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_unknown_fields_rejected_even_with_missing_required(self):
-        """Unknown fields are caught before the missing-required-fields check."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        mock_block = make_mock_block_with_schema(
-            block_id="ai-text-gen-id",
-            name="AI Text Generator",
-            input_properties={
-                "prompt": {"type": "string"},
-                "model": {"type": "string", "default": "gpt-4o-mini"},
-            },
-            required_fields=["prompt"],
-        )
-
-        with patch(
-            "backend.api.features.chat.tools.run_block.get_block",
-            return_value=mock_block,
-        ):
-            tool = RunBlockTool()
-
-            # 'prompt' is missing AND 'LLM_Model' is an unknown field
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="ai-text-gen-id",
-                input_data={
-                    "LLM_Model": "claude-opus-4-6",  # wrong key, and 'prompt' is missing
-                },
-            )
-
-        # Unknown fields are caught first
-        assert isinstance(response, InputValidationErrorResponse)
-        assert "LLM_Model" in response.unrecognized_fields
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_correct_inputs_still_execute(self):
-        """Correct input field names pass validation and the block executes."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        mock_block = make_mock_block_with_schema(
-            block_id="ai-text-gen-id",
-            name="AI Text Generator",
-            input_properties={
-                "prompt": {"type": "string"},
-                "model": {"type": "string", "default": "gpt-4o-mini"},
-            },
-            required_fields=["prompt"],
-        )
-
-        async def mock_execute(input_data, **kwargs):
-            yield "response", "Generated text"
-
-        mock_block.execute = mock_execute
-
-        with (
-            patch(
-                "backend.api.features.chat.tools.run_block.get_block",
-                return_value=mock_block,
-            ),
-            patch(
-                "backend.api.features.chat.tools.run_block.get_or_create_workspace",
-                new_callable=AsyncMock,
-                return_value=MagicMock(id="test-workspace-id"),
-            ),
-        ):
-            tool = RunBlockTool()
-
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="ai-text-gen-id",
-                input_data={
-                    "prompt": "Write a haiku",
-                    "model": "gpt-4o-mini",  # correct field name
-                },
-            )
-
-        assert isinstance(response, BlockOutputResponse)
-        assert response.success is True
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_missing_required_fields_returns_details(self):
-        """Missing required fields returns BlockDetailsResponse with schema."""
-        session = make_session(user_id=_TEST_USER_ID)
-
-        mock_block = make_mock_block_with_schema(
-            block_id="ai-text-gen-id",
-            name="AI Text Generator",
-            input_properties={
-                "prompt": {"type": "string"},
-                "model": {"type": "string", "default": "gpt-4o-mini"},
-            },
-            required_fields=["prompt"],
-        )
-
-        with patch(
-            "backend.api.features.chat.tools.run_block.get_block",
-            return_value=mock_block,
-        ):
-            tool = RunBlockTool()
-
-            # Only provide valid optional field, missing required 'prompt'
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="ai-text-gen-id",
-                input_data={
-                    "model": "gpt-4o-mini",  # valid but optional
-                },
-            )
-
-        assert isinstance(response, BlockDetailsResponse)

autogpt_platform/backend/backend/api/features/chat/tools/sandbox.py

@@ -1,265 +0,0 @@
-"""Sandbox execution utilities for code execution tools.
-
-Provides filesystem + network isolated command execution using **bubblewrap**
-(``bwrap``): whitelist-only filesystem (only system dirs visible read-only),
-writable workspace only, clean environment, network blocked.
-
-Tools that call :func:`run_sandboxed` must first check :func:`has_full_sandbox`
-and refuse to run if bubblewrap is not available.
-"""
-
-import asyncio
-import logging
-import os
-import platform
-import shutil
-
-logger = logging.getLogger(__name__)
-
-_DEFAULT_TIMEOUT = 30
-_MAX_TIMEOUT = 120
-
-
-# ---------------------------------------------------------------------------
-# Sandbox capability detection (cached at first call)
-# ---------------------------------------------------------------------------
-
-_BWRAP_AVAILABLE: bool | None = None
-
-
-def has_full_sandbox() -> bool:
-    """Return True if bubblewrap is available (filesystem + network isolation).
-
-    On non-Linux platforms (macOS), always returns False.
-    """
-    global _BWRAP_AVAILABLE
-    if _BWRAP_AVAILABLE is None:
-        _BWRAP_AVAILABLE = (
-            platform.system() == "Linux" and shutil.which("bwrap") is not None
-        )
-    return _BWRAP_AVAILABLE
-
-
-WORKSPACE_PREFIX = "/tmp/copilot-"
-
-
-def make_session_path(session_id: str) -> str:
-    """Build a sanitized, session-specific path under :data:`WORKSPACE_PREFIX`.
-
-    Shared by both the SDK working-directory setup and the sandbox tools so
-    they always resolve to the same directory for a given session.
-
-    Steps:
-        1. Strip all characters except ``[A-Za-z0-9-]``.
-        2. Construct ``/tmp/copilot-<safe_id>``.
-        3. Validate via ``os.path.normpath`` + ``startswith`` (CodeQL-recognised
-           sanitizer) to prevent path traversal.
-
-    Raises:
-        ValueError: If the resulting path escapes the prefix.
-    """
-    import re
-
-    safe_id = re.sub(r"[^A-Za-z0-9-]", "", session_id)
-    if not safe_id:
-        safe_id = "default"
-    path = os.path.normpath(f"{WORKSPACE_PREFIX}{safe_id}")
-    if not path.startswith(WORKSPACE_PREFIX):
-        raise ValueError(f"Session path escaped prefix: {path}")
-    return path
-
-
-def get_workspace_dir(session_id: str) -> str:
-    """Get or create the workspace directory for a session.
-
-    Uses :func:`make_session_path` — the same path the SDK uses — so that
-    bash_exec shares the workspace with the SDK file tools.
-    """
-    workspace = make_session_path(session_id)
-    os.makedirs(workspace, exist_ok=True)
-    return workspace
-
-
-# ---------------------------------------------------------------------------
-# Bubblewrap command builder
-# ---------------------------------------------------------------------------
-
-# System directories mounted read-only inside the sandbox.
-# ONLY these are visible — /app, /root, /home, /opt, /var etc. are NOT accessible.
-_SYSTEM_RO_BINDS = [
-    "/usr",  # binaries, libraries, Python interpreter
-    "/etc",  # system config: ld.so, locale, passwd, alternatives
-]
-
-# Compat paths: symlinks to /usr/* on modern Debian, real dirs on older systems.
-# On Debian 13 these are symlinks (e.g. /bin -> usr/bin).  bwrap --ro-bind
-# can't create a symlink target, so we detect and use --symlink instead.
-# /lib64 is critical: the ELF dynamic linker lives at /lib64/ld-linux-x86-64.so.2.
-_COMPAT_PATHS = [
-    ("/bin", "usr/bin"),  # -> /usr/bin on Debian 13
-    ("/sbin", "usr/sbin"),  # -> /usr/sbin on Debian 13
-    ("/lib", "usr/lib"),  # -> /usr/lib on Debian 13
-    ("/lib64", "usr/lib64"),  # 64-bit libraries / ELF interpreter
-]
-
-# Resource limits to prevent fork bombs, memory exhaustion, and disk abuse.
-# Applied via ulimit inside the sandbox before exec'ing the user command.
-_RESOURCE_LIMITS = (
-    "ulimit -u 64"  # max 64 processes  (prevents fork bombs)
-    " -v 524288"  # 512 MB virtual memory
-    " -f 51200"  # 50 MB max file size  (1024-byte blocks)
-    " -n 256"  # 256 open file descriptors
-    " 2>/dev/null"
-)
-
-
-def _build_bwrap_command(
-    command: list[str], cwd: str, env: dict[str, str]
-) -> list[str]:
-    """Build a bubblewrap command with strict filesystem + network isolation.
-
-    Security model:
-    - **Whitelist-only filesystem**: only system directories (``/usr``, ``/etc``,
-      ``/bin``, ``/lib``) are mounted read-only.  Application code (``/app``),
-      home directories, ``/var``, ``/opt``, etc. are NOT accessible at all.
-    - **Writable workspace only**: the per-session workspace is the sole
-      writable path.
-    - **Clean environment**: ``--clearenv`` wipes all inherited env vars.
-      Only the explicitly-passed safe env vars are set inside the sandbox.
-    - **Network isolation**: ``--unshare-net`` blocks all network access.
-    - **Resource limits**: ulimit caps on processes (64), memory (512MB),
-      file size (50MB), and open FDs (256) to prevent fork bombs and abuse.
-    - **New session**: prevents terminal control escape.
-    - **Die with parent**: prevents orphaned sandbox processes.
-    """
-    cmd = [
-        "bwrap",
-        # Create a new user namespace so bwrap can set up sandboxing
-        # inside unprivileged Docker containers (no CAP_SYS_ADMIN needed).
-        "--unshare-user",
-        # Wipe all inherited environment variables (API keys, secrets, etc.)
-        "--clearenv",
-    ]
-
-    # Set only the safe env vars inside the sandbox
-    for key, value in env.items():
-        cmd.extend(["--setenv", key, value])
-
-    # System directories: read-only
-    for path in _SYSTEM_RO_BINDS:
-        cmd.extend(["--ro-bind", path, path])
-
-    # Compat paths: use --symlink when host path is a symlink (Debian 13),
-    # --ro-bind when it's a real directory (older distros).
-    for path, symlink_target in _COMPAT_PATHS:
-        if os.path.islink(path):
-            cmd.extend(["--symlink", symlink_target, path])
-        elif os.path.exists(path):
-            cmd.extend(["--ro-bind", path, path])
-
-    # Wrap the user command with resource limits:
-    #   sh -c 'ulimit ...; exec "$@"' -- <original command>
-    # `exec "$@"` replaces the shell so there's no extra process overhead,
-    # and properly handles arguments with spaces.
-    limited_command = [
-        "sh",
-        "-c",
-        f'{_RESOURCE_LIMITS}; exec "$@"',
-        "--",
-        *command,
-    ]
-
-    cmd.extend(
-        [
-            # Fresh virtual filesystems
-            "--dev",
-            "/dev",
-            "--proc",
-            "/proc",
-            "--tmpfs",
-            "/tmp",
-            # Workspace bind AFTER --tmpfs /tmp so it's visible through the tmpfs.
-            # (workspace lives under /tmp/copilot-<session>)
-            "--bind",
-            cwd,
-            cwd,
-            # Isolation
-            "--unshare-net",
-            "--die-with-parent",
-            "--new-session",
-            "--chdir",
-            cwd,
-            "--",
-            *limited_command,
-        ]
-    )
-
-    return cmd
-
-
-# ---------------------------------------------------------------------------
-# Public API
-# ---------------------------------------------------------------------------
-
-
-async def run_sandboxed(
-    command: list[str],
-    cwd: str,
-    timeout: int = _DEFAULT_TIMEOUT,
-    env: dict[str, str] | None = None,
-) -> tuple[str, str, int, bool]:
-    """Run a command inside a bubblewrap sandbox.
-
-    Callers **must** check :func:`has_full_sandbox` before calling this
-    function.  If bubblewrap is not available, this function raises
-    :class:`RuntimeError` rather than running unsandboxed.
-
-    Returns:
-        (stdout, stderr, exit_code, timed_out)
-    """
-    if not has_full_sandbox():
-        raise RuntimeError(
-            "run_sandboxed() requires bubblewrap but bwrap is not available. "
-            "Callers must check has_full_sandbox() before calling this function."
-        )
-
-    timeout = min(max(timeout, 1), _MAX_TIMEOUT)
-
-    safe_env = {
-        "PATH": "/usr/local/bin:/usr/bin:/bin",
-        "HOME": cwd,
-        "TMPDIR": cwd,
-        "LANG": "en_US.UTF-8",
-        "PYTHONDONTWRITEBYTECODE": "1",
-        "PYTHONIOENCODING": "utf-8",
-    }
-    if env:
-        safe_env.update(env)
-
-    full_command = _build_bwrap_command(command, cwd, safe_env)
-
-    try:
-        proc = await asyncio.create_subprocess_exec(
-            *full_command,
-            stdout=asyncio.subprocess.PIPE,
-            stderr=asyncio.subprocess.PIPE,
-            cwd=cwd,
-            env=safe_env,
-        )
-
-        try:
-            stdout_bytes, stderr_bytes = await asyncio.wait_for(
-                proc.communicate(), timeout=timeout
-            )
-            stdout = stdout_bytes.decode("utf-8", errors="replace")
-            stderr = stderr_bytes.decode("utf-8", errors="replace")
-            return stdout, stderr, proc.returncode or 0, False
-        except asyncio.TimeoutError:
-            proc.kill()
-            await proc.communicate()
-            return "", f"Execution timed out after {timeout}s", -1, True
-
-    except RuntimeError:
-        raise
-    except Exception as e:
-        return "", f"Sandbox error: {e}", -1, False

autogpt_platform/backend/backend/api/features/chat/tools/test_run_block_details.py

@@ -1,153 +0,0 @@
-"""Tests for BlockDetailsResponse in RunBlockTool."""
-
-from unittest.mock import AsyncMock, MagicMock, patch
-
-import pytest
-
-from backend.api.features.chat.tools.models import BlockDetailsResponse
-from backend.api.features.chat.tools.run_block import RunBlockTool
-from backend.blocks._base import BlockType
-from backend.data.model import CredentialsMetaInput
-from backend.integrations.providers import ProviderName
-
-from ._test_data import make_session
-
-_TEST_USER_ID = "test-user-run-block-details"
-
-
-def make_mock_block_with_inputs(
-    block_id: str, name: str, description: str = "Test description"
-):
-    """Create a mock block with input/output schemas for testing."""
-    mock = MagicMock()
-    mock.id = block_id
-    mock.name = name
-    mock.description = description
-    mock.block_type = BlockType.STANDARD
-    mock.disabled = False
-
-    # Input schema with non-credential fields
-    mock.input_schema = MagicMock()
-    mock.input_schema.jsonschema.return_value = {
-        "properties": {
-            "url": {"type": "string", "description": "URL to fetch"},
-            "method": {"type": "string", "description": "HTTP method"},
-        },
-        "required": ["url"],
-    }
-    mock.input_schema.get_credentials_fields.return_value = {}
-    mock.input_schema.get_credentials_fields_info.return_value = {}
-
-    # Output schema
-    mock.output_schema = MagicMock()
-    mock.output_schema.jsonschema.return_value = {
-        "properties": {
-            "response": {"type": "object", "description": "HTTP response"},
-            "error": {"type": "string", "description": "Error message"},
-        }
-    }
-
-    return mock
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_run_block_returns_details_when_no_input_provided():
-    """When run_block is called without input_data, it should return BlockDetailsResponse."""
-    session = make_session(user_id=_TEST_USER_ID)
-
-    # Create a block with inputs
-    http_block = make_mock_block_with_inputs(
-        "http-block-id", "HTTP Request", "Send HTTP requests"
-    )
-
-    with patch(
-        "backend.api.features.chat.tools.run_block.get_block",
-        return_value=http_block,
-    ):
-        # Mock credentials check to return no missing credentials
-        with patch.object(
-            RunBlockTool,
-            "_resolve_block_credentials",
-            new_callable=AsyncMock,
-            return_value=({}, []),  # (matched_credentials, missing_credentials)
-        ):
-            tool = RunBlockTool()
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="http-block-id",
-                input_data={},  # Empty input data
-            )
-
-    # Should return BlockDetailsResponse showing the schema
-    assert isinstance(response, BlockDetailsResponse)
-    assert response.block.id == "http-block-id"
-    assert response.block.name == "HTTP Request"
-    assert response.block.description == "Send HTTP requests"
-    assert "url" in response.block.inputs["properties"]
-    assert "method" in response.block.inputs["properties"]
-    assert "response" in response.block.outputs["properties"]
-    assert response.user_authenticated is True
-
-
-@pytest.mark.asyncio(loop_scope="session")
-async def test_run_block_returns_details_when_only_credentials_provided():
-    """When only credentials are provided (no actual input), should return details."""
-    session = make_session(user_id=_TEST_USER_ID)
-
-    # Create a block with both credential and non-credential inputs
-    mock = MagicMock()
-    mock.id = "api-block-id"
-    mock.name = "API Call"
-    mock.description = "Make API calls"
-    mock.block_type = BlockType.STANDARD
-    mock.disabled = False
-
-    mock.input_schema = MagicMock()
-    mock.input_schema.jsonschema.return_value = {
-        "properties": {
-            "credentials": {"type": "object", "description": "API credentials"},
-            "endpoint": {"type": "string", "description": "API endpoint"},
-        },
-        "required": ["credentials", "endpoint"],
-    }
-    mock.input_schema.get_credentials_fields.return_value = {"credentials": True}
-    mock.input_schema.get_credentials_fields_info.return_value = {}
-
-    mock.output_schema = MagicMock()
-    mock.output_schema.jsonschema.return_value = {
-        "properties": {"result": {"type": "object"}}
-    }
-
-    with patch(
-        "backend.api.features.chat.tools.run_block.get_block",
-        return_value=mock,
-    ):
-        with patch.object(
-            RunBlockTool,
-            "_resolve_block_credentials",
-            new_callable=AsyncMock,
-            return_value=(
-                {
-                    "credentials": CredentialsMetaInput(
-                        id="cred-id",
-                        provider=ProviderName("test_provider"),
-                        type="api_key",
-                        title="Test Credential",
-                    )
-                },
-                [],
-            ),
-        ):
-            tool = RunBlockTool()
-            response = await tool._execute(
-                user_id=_TEST_USER_ID,
-                session=session,
-                block_id="api-block-id",
-                input_data={"credentials": {"some": "cred"}},  # Only credential
-            )
-
-    # Should return details because no non-credential inputs provided
-    assert isinstance(response, BlockDetailsResponse)
-    assert response.block.id == "api-block-id"
-    assert response.block.name == "API Call"

autogpt_platform/backend/backend/api/features/chat/tools/utils.py

@@ -15,7 +15,6 @@ from backend.data.model import (
     OAuth2Credentials,
 )
 from backend.integrations.creds_manager import IntegrationCredentialsManager
-from backend.integrations.providers import ProviderName
 from backend.util.exceptions import NotFoundError
 
 logger = logging.getLogger(__name__)
@@ -360,7 +359,7 @@ async def match_user_credentials_to_graph(
         _,
         _,
     ) in aggregated_creds.items():
-        # Find first matching credential by provider, type, scopes, and host/URL
+        # Find first matching credential by provider, type, and scopes
         matching_cred = next(
             (
                 cred
@@ -375,10 +374,6 @@ async def match_user_credentials_to_graph(
                     cred.type != "host_scoped"
                     or _credential_is_for_host(cred, credential_requirements)
                 )
-                and (
-                    cred.provider != ProviderName.MCP
-                    or _credential_is_for_mcp_server(cred, credential_requirements)
-                )
             ),
             None,
         )
@@ -449,22 +444,6 @@ def _credential_is_for_host(
     return credential.matches_url(list(requirements.discriminator_values)[0])
 
 
-def _credential_is_for_mcp_server(
-    credential: Credentials,
-    requirements: CredentialsFieldInfo,
-) -> bool:
-    """Check if an MCP OAuth credential matches the required server URL."""
-    if not requirements.discriminator_values:
-        return True
-
-    server_url = (
-        credential.metadata.get("mcp_server_url")
-        if isinstance(credential, OAuth2Credentials)
-        else None
-    )
-    return server_url in requirements.discriminator_values if server_url else False
-
-
 async def check_user_has_required_credentials(
     user_id: str,
     required_credentials: list[CredentialsMetaInput],

autogpt_platform/backend/backend/api/features/chat/tools/web_fetch.py

@@ -1,151 +0,0 @@
-"""Web fetch tool — safely retrieve public web page content."""
-
-import logging
-from typing import Any
-
-import aiohttp
-import html2text
-
-from backend.api.features.chat.model import ChatSession
-from backend.api.features.chat.tools.base import BaseTool
-from backend.api.features.chat.tools.models import (
-    ErrorResponse,
-    ToolResponseBase,
-    WebFetchResponse,
-)
-from backend.util.request import Requests
-
-logger = logging.getLogger(__name__)
-
-# Limits
-_MAX_CONTENT_BYTES = 102_400  # 100 KB download cap
-_REQUEST_TIMEOUT = aiohttp.ClientTimeout(total=15)
-
-# Content types we'll read as text
-_TEXT_CONTENT_TYPES = {
-    "text/html",
-    "text/plain",
-    "text/xml",
-    "text/csv",
-    "text/markdown",
-    "application/json",
-    "application/xml",
-    "application/xhtml+xml",
-    "application/rss+xml",
-    "application/atom+xml",
-}
-
-
-def _is_text_content(content_type: str) -> bool:
-    base = content_type.split(";")[0].strip().lower()
-    return base in _TEXT_CONTENT_TYPES or base.startswith("text/")
-
-
-def _html_to_text(html: str) -> str:
-    h = html2text.HTML2Text()
-    h.ignore_links = False
-    h.ignore_images = True
-    h.body_width = 0
-    return h.handle(html)
-
-
-class WebFetchTool(BaseTool):
-    """Safely fetch content from a public URL using SSRF-protected HTTP."""
-
-    @property
-    def name(self) -> str:
-        return "web_fetch"
-
-    @property
-    def description(self) -> str:
-        return (
-            "Fetch the content of a public web page by URL. "
-            "Returns readable text extracted from HTML by default. "
-            "Useful for reading documentation, articles, and API responses. "
-            "Only supports HTTP/HTTPS GET requests to public URLs "
-            "(private/internal network addresses are blocked)."
-        )
-
-    @property
-    def parameters(self) -> dict[str, Any]:
-        return {
-            "type": "object",
-            "properties": {
-                "url": {
-                    "type": "string",
-                    "description": "The public HTTP/HTTPS URL to fetch.",
-                },
-                "extract_text": {
-                    "type": "boolean",
-                    "description": (
-                        "If true (default), extract readable text from HTML. "
-                        "If false, return raw content."
-                    ),
-                    "default": True,
-                },
-            },
-            "required": ["url"],
-        }
-
-    @property
-    def requires_auth(self) -> bool:
-        return False
-
-    async def _execute(
-        self,
-        user_id: str | None,
-        session: ChatSession,
-        **kwargs: Any,
-    ) -> ToolResponseBase:
-        url: str = (kwargs.get("url") or "").strip()
-        extract_text: bool = kwargs.get("extract_text", True)
-        session_id = session.session_id if session else None
-
-        if not url:
-            return ErrorResponse(
-                message="Please provide a URL to fetch.",
-                error="missing_url",
-                session_id=session_id,
-            )
-
-        try:
-            client = Requests(raise_for_status=False, retry_max_attempts=1)
-            response = await client.get(url, timeout=_REQUEST_TIMEOUT)
-        except ValueError as e:
-            # validate_url raises ValueError for SSRF / blocked IPs
-            return ErrorResponse(
-                message=f"URL blocked: {e}",
-                error="url_blocked",
-                session_id=session_id,
-            )
-        except Exception as e:
-            logger.warning(f"[web_fetch] Request failed for {url}: {e}")
-            return ErrorResponse(
-                message=f"Failed to fetch URL: {e}",
-                error="fetch_failed",
-                session_id=session_id,
-            )
-
-        content_type = response.headers.get("content-type", "")
-        if not _is_text_content(content_type):
-            return ErrorResponse(
-                message=f"Non-text content type: {content_type.split(';')[0]}",
-                error="unsupported_content_type",
-                session_id=session_id,
-            )
-
-        raw = response.content[:_MAX_CONTENT_BYTES]
-        text = raw.decode("utf-8", errors="replace")
-
-        if extract_text and "html" in content_type.lower():
-            text = _html_to_text(text)
-
-        return WebFetchResponse(
-            message=f"Fetched {url}",
-            url=response.url,
-            status_code=response.status,
-            content_type=content_type.split(";")[0].strip(),
-            content=text,
-            truncated=False,
-            session_id=session_id,
-        )

autogpt_platform/backend/backend/api/features/chat/tools/workspace_files.py

@@ -88,9 +88,7 @@ class ListWorkspaceFilesTool(BaseTool):
     @property
     def description(self) -> str:
         return (
-            "List files in the user's persistent workspace (cloud storage). "
-            "These files survive across sessions. "
-            "For ephemeral session files, use the SDK Read/Glob tools instead. "
+            "List files in the user's workspace. "
             "Returns file names, paths, sizes, and metadata. "
             "Optionally filter by path prefix."
         )
@@ -206,9 +204,7 @@ class ReadWorkspaceFileTool(BaseTool):
     @property
     def description(self) -> str:
         return (
-            "Read a file from the user's persistent workspace (cloud storage). "
-            "These files survive across sessions. "
-            "For ephemeral session files, use the SDK Read tool instead. "
+            "Read a file from the user's workspace. "
             "Specify either file_id or path to identify the file. "
             "For small text files, returns content directly. "
             "For large or binary files, returns metadata and a download URL. "
@@ -382,9 +378,7 @@ class WriteWorkspaceFileTool(BaseTool):
     @property
     def description(self) -> str:
         return (
-            "Write or create a file in the user's persistent workspace (cloud storage). "
-            "These files survive across sessions. "
-            "For ephemeral session files, use the SDK Write tool instead. "
+            "Write or create a file in the user's workspace. "
             "Provide the content as a base64-encoded string. "
             f"Maximum file size is {Config().max_file_size_mb}MB. "
             "Files are saved to the current session's folder by default. "
@@ -529,7 +523,7 @@ class DeleteWorkspaceFileTool(BaseTool):
     @property
     def description(self) -> str:
         return (
-            "Delete a file from the user's persistent workspace (cloud storage). "
+            "Delete a file from the user's workspace. "
             "Specify either file_id or path to identify the file. "
             "Paths are scoped to the current session by default. "
             "Use /sessions/<session_id>/... for cross-session access."

autogpt_platform/backend/backend/api/features/executions/review/review_routes_test.py

@@ -25,7 +25,7 @@ FIXED_NOW = datetime.datetime(2023, 1, 1, 0, 0, 0, tzinfo=datetime.timezone.utc)
 @pytest_asyncio.fixture(loop_scope="session")
 async def client(server, mock_jwt_user) -> AsyncGenerator[httpx.AsyncClient, None]:
     """Create async HTTP client with auth overrides"""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     # Override get_jwt_payload dependency to return our test user
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]

autogpt_platform/backend/backend/api/features/executions/review/routes.py

@@ -2,10 +2,10 @@ import asyncio
 import logging
 from typing import Any, List
 
-import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, HTTPException, Query, Security, status
 from prisma.enums import ReviewStatus
 
+import backend.api.auth as autogpt_auth_lib
 from backend.data.execution import (
     ExecutionContext,
     ExecutionStatus,

autogpt_platform/backend/backend/api/features/integrations/router.py

@@ -1,9 +1,8 @@
 import asyncio
 import logging
 from datetime import datetime, timedelta, timezone
-from typing import TYPE_CHECKING, Annotated, Any, List, Literal
+from typing import TYPE_CHECKING, Annotated, List, Literal
 
-from autogpt_libs.auth import get_user_id
 from fastapi import (
     APIRouter,
     Body,
@@ -14,9 +13,10 @@ from fastapi import (
     Security,
     status,
 )
-from pydantic import BaseModel, Field, SecretStr, model_validator
+from pydantic import BaseModel, Field, SecretStr
 from starlette.status import HTTP_500_INTERNAL_SERVER_ERROR, HTTP_502_BAD_GATEWAY
 
+from backend.api.auth import get_user_id
 from backend.api.features.library.db import set_preset_webhook, update_preset
 from backend.api.features.library.model import LibraryAgentPreset
 from backend.data.graph import NodeModel, get_graph, set_node_webhook
@@ -39,11 +39,7 @@ from backend.data.onboarding import OnboardingStep, complete_onboarding_step
 from backend.data.user import get_user_integrations
 from backend.executor.utils import add_graph_execution
 from backend.integrations.ayrshare import AyrshareClient, SocialPlatform
-from backend.integrations.credentials_store import provider_matches
-from backend.integrations.creds_manager import (
-    IntegrationCredentialsManager,
-    create_mcp_oauth_handler,
-)
+from backend.integrations.creds_manager import IntegrationCredentialsManager
 from backend.integrations.oauth import CREDENTIALS_BY_PROVIDER, HANDLERS_BY_NAME
 from backend.integrations.providers import ProviderName
 from backend.integrations.webhooks import get_webhook_manager
@@ -106,37 +102,9 @@ class CredentialsMetaResponse(BaseModel):
     scopes: list[str] | None
     username: str | None
     host: str | None = Field(
-        default=None,
-        description="Host pattern for host-scoped or MCP server URL for MCP credentials",
+        default=None, description="Host pattern for host-scoped credentials"
     )
 
-    @model_validator(mode="before")
-    @classmethod
-    def _normalize_provider(cls, data: Any) -> Any:
-        """Fix ``ProviderName.X`` format from Python 3.13 ``str(Enum)`` bug."""
-        if isinstance(data, dict):
-            prov = data.get("provider", "")
-            if isinstance(prov, str) and prov.startswith("ProviderName."):
-                member = prov.removeprefix("ProviderName.")
-                try:
-                    data = {**data, "provider": ProviderName[member].value}
-                except KeyError:
-                    pass
-        return data
-
-    @staticmethod
-    def get_host(cred: Credentials) -> str | None:
-        """Extract host from credential: HostScoped host or MCP server URL."""
-        if isinstance(cred, HostScopedCredentials):
-            return cred.host
-        if isinstance(cred, OAuth2Credentials) and cred.provider in (
-            ProviderName.MCP,
-            ProviderName.MCP.value,
-            "ProviderName.MCP",
-        ):
-            return (cred.metadata or {}).get("mcp_server_url")
-        return None
-
 
 @router.post("/{provider}/callback", summary="Exchange OAuth code for tokens")
 async def callback(
@@ -211,7 +179,9 @@ async def callback(
         title=credentials.title,
         scopes=credentials.scopes,
         username=credentials.username,
-        host=(CredentialsMetaResponse.get_host(credentials)),
+        host=(
+            credentials.host if isinstance(credentials, HostScopedCredentials) else None
+        ),
     )
 
 
@@ -229,7 +199,7 @@ async def list_credentials(
             title=cred.title,
             scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
             username=cred.username if isinstance(cred, OAuth2Credentials) else None,
-            host=CredentialsMetaResponse.get_host(cred),
+            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
         )
         for cred in credentials
     ]
@@ -252,7 +222,7 @@ async def list_credentials_by_provider(
             title=cred.title,
             scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
             username=cred.username if isinstance(cred, OAuth2Credentials) else None,
-            host=CredentialsMetaResponse.get_host(cred),
+            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
         )
         for cred in credentials
     ]
@@ -352,11 +322,7 @@ async def delete_credentials(
 
     tokens_revoked = None
     if isinstance(creds, OAuth2Credentials):
-        if provider_matches(provider.value, ProviderName.MCP.value):
-            # MCP uses dynamic per-server OAuth — create handler from metadata
-            handler = create_mcp_oauth_handler(creds)
-        else:
-            handler = _get_provider_oauth_handler(request, provider)
+        handler = _get_provider_oauth_handler(request, provider)
         tokens_revoked = await handler.revoke_tokens(creds)
 
     return CredentialsDeletionResponse(revoked=tokens_revoked)

autogpt_platform/backend/backend/api/features/library/db.py

@@ -12,11 +12,12 @@ import backend.api.features.store.image_gen as store_image_gen
 import backend.api.features.store.media as store_media
 import backend.data.graph as graph_db
 import backend.data.integrations as integrations_db
+from backend.data.block import BlockInput
 from backend.data.db import transaction
 from backend.data.execution import get_graph_execution
 from backend.data.graph import GraphSettings
 from backend.data.includes import AGENT_PRESET_INCLUDE, library_agent_include
-from backend.data.model import CredentialsMetaInput, GraphInput
+from backend.data.model import CredentialsMetaInput
 from backend.integrations.creds_manager import IntegrationCredentialsManager
 from backend.integrations.webhooks.graph_lifecycle_hooks import (
     on_graph_activate,
@@ -1129,7 +1130,7 @@ async def create_preset_from_graph_execution(
 async def update_preset(
     user_id: str,
     preset_id: str,
-    inputs: Optional[GraphInput] = None,
+    inputs: Optional[BlockInput] = None,
     credentials: Optional[dict[str, CredentialsMetaInput]] = None,
     name: Optional[str] = None,
     description: Optional[str] = None,

autogpt_platform/backend/backend/api/features/library/model.py

@@ -6,12 +6,9 @@ import prisma.enums
 import prisma.models
 import pydantic
 
+from backend.data.block import BlockInput
 from backend.data.graph import GraphModel, GraphSettings, GraphTriggerInfo
-from backend.data.model import (
-    CredentialsMetaInput,
-    GraphInput,
-    is_credentials_field_name,
-)
+from backend.data.model import CredentialsMetaInput, is_credentials_field_name
 from backend.util.json import loads as json_loads
 from backend.util.models import Pagination
 
@@ -326,7 +323,7 @@ class LibraryAgentPresetCreatable(pydantic.BaseModel):
     graph_id: str
     graph_version: int
 
-    inputs: GraphInput
+    inputs: BlockInput
     credentials: dict[str, CredentialsMetaInput]
 
     name: str
@@ -355,7 +352,7 @@ class LibraryAgentPresetUpdatable(pydantic.BaseModel):
     Request model used when updating a preset for a library agent.
     """
 
-    inputs: Optional[GraphInput] = None
+    inputs: Optional[BlockInput] = None
     credentials: Optional[dict[str, CredentialsMetaInput]] = None
 
     name: Optional[str] = None
@@ -398,7 +395,7 @@ class LibraryAgentPreset(LibraryAgentPresetCreatable):
                 "Webhook must be included in AgentPreset query when webhookId is set"
             )
 
-        input_data: GraphInput = {}
+        input_data: BlockInput = {}
         input_credentials: dict[str, CredentialsMetaInput] = {}
 
         for preset_input in preset.InputPresets:

autogpt_platform/backend/backend/api/features/library/routes/agents.py

@@ -1,10 +1,10 @@
 from typing import Literal, Optional
 
-import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, Body, HTTPException, Query, Security, status
 from fastapi.responses import Response
 from prisma.enums import OnboardingStep
 
+import backend.api.auth as autogpt_auth_lib
 from backend.data.onboarding import complete_onboarding_step
 
 from .. import db as library_db

autogpt_platform/backend/backend/api/features/library/routes/presets.py

@@ -1,9 +1,9 @@
 import logging
 from typing import Any, Optional
 
-import autogpt_libs.auth as autogpt_auth_lib
 from fastapi import APIRouter, Body, HTTPException, Query, Security, status
 
+import backend.api.auth as autogpt_auth_lib
 from backend.data.execution import GraphExecutionMeta
 from backend.data.graph import get_graph
 from backend.data.integrations import get_webhook

autogpt_platform/backend/backend/api/features/library/routes_test.py

@@ -23,7 +23,7 @@ FIXED_NOW = datetime.datetime(2023, 1, 1, 0, 0, 0)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/mcp/routes.py

@@ -1,404 +0,0 @@
-"""
-MCP (Model Context Protocol) API routes.
-
-Provides endpoints for MCP tool discovery and OAuth authentication so the
-frontend can list available tools on an MCP server before placing a block.
-"""
-
-import logging
-from typing import Annotated, Any
-from urllib.parse import urlparse
-
-import fastapi
-from autogpt_libs.auth import get_user_id
-from fastapi import Security
-from pydantic import BaseModel, Field
-
-from backend.api.features.integrations.router import CredentialsMetaResponse
-from backend.blocks.mcp.client import MCPClient, MCPClientError
-from backend.blocks.mcp.oauth import MCPOAuthHandler
-from backend.data.model import OAuth2Credentials
-from backend.integrations.creds_manager import IntegrationCredentialsManager
-from backend.integrations.providers import ProviderName
-from backend.util.request import HTTPClientError, Requests
-from backend.util.settings import Settings
-
-logger = logging.getLogger(__name__)
-
-settings = Settings()
-router = fastapi.APIRouter(tags=["mcp"])
-creds_manager = IntegrationCredentialsManager()
-
-
-# ====================== Tool Discovery ====================== #
-
-
-class DiscoverToolsRequest(BaseModel):
-    """Request to discover tools on an MCP server."""
-
-    server_url: str = Field(description="URL of the MCP server")
-    auth_token: str | None = Field(
-        default=None,
-        description="Optional Bearer token for authenticated MCP servers",
-    )
-
-
-class MCPToolResponse(BaseModel):
-    """A single MCP tool returned by discovery."""
-
-    name: str
-    description: str
-    input_schema: dict[str, Any]
-
-
-class DiscoverToolsResponse(BaseModel):
-    """Response containing the list of tools available on an MCP server."""
-
-    tools: list[MCPToolResponse]
-    server_name: str | None = None
-    protocol_version: str | None = None
-
-
-@router.post(
-    "/discover-tools",
-    summary="Discover available tools on an MCP server",
-    response_model=DiscoverToolsResponse,
-)
-async def discover_tools(
-    request: DiscoverToolsRequest,
-    user_id: Annotated[str, Security(get_user_id)],
-) -> DiscoverToolsResponse:
-    """
-    Connect to an MCP server and return its available tools.
-
-    If the user has a stored MCP credential for this server URL, it will be
-    used automatically — no need to pass an explicit auth token.
-    """
-    auth_token = request.auth_token
-
-    # Auto-use stored MCP credential when no explicit token is provided.
-    if not auth_token:
-        mcp_creds = await creds_manager.store.get_creds_by_provider(
-            user_id, ProviderName.MCP.value
-        )
-        # Find the freshest credential for this server URL
-        best_cred: OAuth2Credentials | None = None
-        for cred in mcp_creds:
-            if (
-                isinstance(cred, OAuth2Credentials)
-                and (cred.metadata or {}).get("mcp_server_url") == request.server_url
-            ):
-                if best_cred is None or (
-                    (cred.access_token_expires_at or 0)
-                    > (best_cred.access_token_expires_at or 0)
-                ):
-                    best_cred = cred
-        if best_cred:
-            # Refresh the token if expired before using it
-            best_cred = await creds_manager.refresh_if_needed(user_id, best_cred)
-            logger.info(
-                f"Using MCP credential {best_cred.id} for {request.server_url}, "
-                f"expires_at={best_cred.access_token_expires_at}"
-            )
-            auth_token = best_cred.access_token.get_secret_value()
-
-    client = MCPClient(request.server_url, auth_token=auth_token)
-
-    try:
-        init_result = await client.initialize()
-        tools = await client.list_tools()
-    except HTTPClientError as e:
-        if e.status_code in (401, 403):
-            raise fastapi.HTTPException(
-                status_code=401,
-                detail="This MCP server requires authentication. "
-                "Please provide a valid auth token.",
-            )
-        raise fastapi.HTTPException(status_code=502, detail=str(e))
-    except MCPClientError as e:
-        raise fastapi.HTTPException(status_code=502, detail=str(e))
-    except Exception as e:
-        raise fastapi.HTTPException(
-            status_code=502,
-            detail=f"Failed to connect to MCP server: {e}",
-        )
-
-    return DiscoverToolsResponse(
-        tools=[
-            MCPToolResponse(
-                name=t.name,
-                description=t.description,
-                input_schema=t.input_schema,
-            )
-            for t in tools
-        ],
-        server_name=(
-            init_result.get("serverInfo", {}).get("name")
-            or urlparse(request.server_url).hostname
-            or "MCP"
-        ),
-        protocol_version=init_result.get("protocolVersion"),
-    )
-
-
-# ======================== OAuth Flow ======================== #
-
-
-class MCPOAuthLoginRequest(BaseModel):
-    """Request to start an OAuth flow for an MCP server."""
-
-    server_url: str = Field(description="URL of the MCP server that requires OAuth")
-
-
-class MCPOAuthLoginResponse(BaseModel):
-    """Response with the OAuth login URL for the user to authenticate."""
-
-    login_url: str
-    state_token: str
-
-
-@router.post(
-    "/oauth/login",
-    summary="Initiate OAuth login for an MCP server",
-)
-async def mcp_oauth_login(
-    request: MCPOAuthLoginRequest,
-    user_id: Annotated[str, Security(get_user_id)],
-) -> MCPOAuthLoginResponse:
-    """
-    Discover OAuth metadata from the MCP server and return a login URL.
-
-    1. Discovers the protected-resource metadata (RFC 9728)
-    2. Fetches the authorization server metadata (RFC 8414)
-    3. Performs Dynamic Client Registration (RFC 7591) if available
-    4. Returns the authorization URL for the frontend to open in a popup
-    """
-    client = MCPClient(request.server_url)
-
-    # Step 1: Discover protected-resource metadata (RFC 9728)
-    protected_resource = await client.discover_auth()
-
-    metadata: dict[str, Any] | None = None
-
-    if protected_resource and protected_resource.get("authorization_servers"):
-        auth_server_url = protected_resource["authorization_servers"][0]
-        resource_url = protected_resource.get("resource", request.server_url)
-
-        # Step 2a: Discover auth-server metadata (RFC 8414)
-        metadata = await client.discover_auth_server_metadata(auth_server_url)
-    else:
-        # Fallback: Some MCP servers (e.g. Linear) are their own auth server
-        # and serve OAuth metadata directly without protected-resource metadata.
-        # Don't assume a resource_url — omitting it lets the auth server choose
-        # the correct audience for the token (RFC 8707 resource is optional).
-        resource_url = None
-        metadata = await client.discover_auth_server_metadata(request.server_url)
-
-    if (
-        not metadata
-        or "authorization_endpoint" not in metadata
-        or "token_endpoint" not in metadata
-    ):
-        raise fastapi.HTTPException(
-            status_code=400,
-            detail="This MCP server does not advertise OAuth support. "
-            "You may need to provide an auth token manually.",
-        )
-
-    authorize_url = metadata["authorization_endpoint"]
-    token_url = metadata["token_endpoint"]
-    registration_endpoint = metadata.get("registration_endpoint")
-    revoke_url = metadata.get("revocation_endpoint")
-
-    # Step 3: Dynamic Client Registration (RFC 7591) if available
-    frontend_base_url = settings.config.frontend_base_url
-    if not frontend_base_url:
-        raise fastapi.HTTPException(
-            status_code=500,
-            detail="Frontend base URL is not configured.",
-        )
-    redirect_uri = f"{frontend_base_url}/auth/integrations/mcp_callback"
-
-    client_id = ""
-    client_secret = ""
-    if registration_endpoint:
-        reg_result = await _register_mcp_client(
-            registration_endpoint, redirect_uri, request.server_url
-        )
-        if reg_result:
-            client_id = reg_result.get("client_id", "")
-            client_secret = reg_result.get("client_secret", "")
-
-    if not client_id:
-        client_id = "autogpt-platform"
-
-    # Step 4: Store state token with OAuth metadata for the callback
-    scopes = (protected_resource or {}).get("scopes_supported") or metadata.get(
-        "scopes_supported", []
-    )
-    state_token, code_challenge = await creds_manager.store.store_state_token(
-        user_id,
-        ProviderName.MCP.value,
-        scopes,
-        state_metadata={
-            "authorize_url": authorize_url,
-            "token_url": token_url,
-            "revoke_url": revoke_url,
-            "resource_url": resource_url,
-            "server_url": request.server_url,
-            "client_id": client_id,
-            "client_secret": client_secret,
-        },
-    )
-
-    # Step 5: Build and return the login URL
-    handler = MCPOAuthHandler(
-        client_id=client_id,
-        client_secret=client_secret,
-        redirect_uri=redirect_uri,
-        authorize_url=authorize_url,
-        token_url=token_url,
-        resource_url=resource_url,
-    )
-    login_url = handler.get_login_url(
-        scopes, state_token, code_challenge=code_challenge
-    )
-
-    return MCPOAuthLoginResponse(login_url=login_url, state_token=state_token)
-
-
-class MCPOAuthCallbackRequest(BaseModel):
-    """Request to exchange an OAuth code for tokens."""
-
-    code: str = Field(description="Authorization code from OAuth callback")
-    state_token: str = Field(description="State token for CSRF verification")
-
-
-class MCPOAuthCallbackResponse(BaseModel):
-    """Response after successfully storing OAuth credentials."""
-
-    credential_id: str
-
-
-@router.post(
-    "/oauth/callback",
-    summary="Exchange OAuth code for MCP tokens",
-)
-async def mcp_oauth_callback(
-    request: MCPOAuthCallbackRequest,
-    user_id: Annotated[str, Security(get_user_id)],
-) -> CredentialsMetaResponse:
-    """
-    Exchange the authorization code for tokens and store the credential.
-
-    The frontend calls this after receiving the OAuth code from the popup.
-    On success, subsequent ``/discover-tools`` calls for the same server URL
-    will automatically use the stored credential.
-    """
-    valid_state = await creds_manager.store.verify_state_token(
-        user_id, request.state_token, ProviderName.MCP.value
-    )
-    if not valid_state:
-        raise fastapi.HTTPException(
-            status_code=400,
-            detail="Invalid or expired state token.",
-        )
-
-    meta = valid_state.state_metadata
-    frontend_base_url = settings.config.frontend_base_url
-    if not frontend_base_url:
-        raise fastapi.HTTPException(
-            status_code=500,
-            detail="Frontend base URL is not configured.",
-        )
-    redirect_uri = f"{frontend_base_url}/auth/integrations/mcp_callback"
-
-    handler = MCPOAuthHandler(
-        client_id=meta["client_id"],
-        client_secret=meta.get("client_secret", ""),
-        redirect_uri=redirect_uri,
-        authorize_url=meta["authorize_url"],
-        token_url=meta["token_url"],
-        revoke_url=meta.get("revoke_url"),
-        resource_url=meta.get("resource_url"),
-    )
-
-    try:
-        credentials = await handler.exchange_code_for_tokens(
-            request.code, valid_state.scopes, valid_state.code_verifier
-        )
-    except Exception as e:
-        raise fastapi.HTTPException(
-            status_code=400,
-            detail=f"OAuth token exchange failed: {e}",
-        )
-
-    # Enrich credential metadata for future lookup and token refresh
-    if credentials.metadata is None:
-        credentials.metadata = {}
-    credentials.metadata["mcp_server_url"] = meta["server_url"]
-    credentials.metadata["mcp_client_id"] = meta["client_id"]
-    credentials.metadata["mcp_client_secret"] = meta.get("client_secret", "")
-    credentials.metadata["mcp_token_url"] = meta["token_url"]
-    credentials.metadata["mcp_resource_url"] = meta.get("resource_url", "")
-
-    hostname = urlparse(meta["server_url"]).hostname or meta["server_url"]
-    credentials.title = f"MCP: {hostname}"
-
-    # Remove old MCP credentials for the same server to prevent stale token buildup.
-    try:
-        old_creds = await creds_manager.store.get_creds_by_provider(
-            user_id, ProviderName.MCP.value
-        )
-        for old in old_creds:
-            if (
-                isinstance(old, OAuth2Credentials)
-                and (old.metadata or {}).get("mcp_server_url") == meta["server_url"]
-            ):
-                await creds_manager.store.delete_creds_by_id(user_id, old.id)
-                logger.info(
-                    f"Removed old MCP credential {old.id} for {meta['server_url']}"
-                )
-    except Exception:
-        logger.debug("Could not clean up old MCP credentials", exc_info=True)
-
-    await creds_manager.create(user_id, credentials)
-
-    return CredentialsMetaResponse(
-        id=credentials.id,
-        provider=credentials.provider,
-        type=credentials.type,
-        title=credentials.title,
-        scopes=credentials.scopes,
-        username=credentials.username,
-        host=credentials.metadata.get("mcp_server_url"),
-    )
-
-
-# ======================== Helpers ======================== #
-
-
-async def _register_mcp_client(
-    registration_endpoint: str,
-    redirect_uri: str,
-    server_url: str,
-) -> dict[str, Any] | None:
-    """Attempt Dynamic Client Registration (RFC 7591) with an MCP auth server."""
-    try:
-        response = await Requests(raise_for_status=True).post(
-            registration_endpoint,
-            json={
-                "client_name": "AutoGPT Platform",
-                "redirect_uris": [redirect_uri],
-                "grant_types": ["authorization_code"],
-                "response_types": ["code"],
-                "token_endpoint_auth_method": "client_secret_post",
-            },
-        )
-        data = response.json()
-        if isinstance(data, dict) and "client_id" in data:
-            return data
-        return None
-    except Exception as e:
-        logger.warning(f"Dynamic client registration failed for {server_url}: {e}")
-        return None

autogpt_platform/backend/backend/api/features/mcp/test_routes.py

@@ -1,436 +0,0 @@
-"""Tests for MCP API routes.
-
-Uses httpx.AsyncClient with ASGITransport instead of fastapi.testclient.TestClient
-to avoid creating blocking portals that can corrupt pytest-asyncio's session event loop.
-"""
-
-from unittest.mock import AsyncMock, patch
-
-import fastapi
-import httpx
-import pytest
-import pytest_asyncio
-from autogpt_libs.auth import get_user_id
-
-from backend.api.features.mcp.routes import router
-from backend.blocks.mcp.client import MCPClientError, MCPTool
-from backend.util.request import HTTPClientError
-
-app = fastapi.FastAPI()
-app.include_router(router)
-app.dependency_overrides[get_user_id] = lambda: "test-user-id"
-
-
-@pytest_asyncio.fixture(scope="module")
-async def client():
-    transport = httpx.ASGITransport(app=app)
-    async with httpx.AsyncClient(transport=transport, base_url="http://test") as c:
-        yield c
-
-
-class TestDiscoverTools:
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_success(self, client):
-        mock_tools = [
-            MCPTool(
-                name="get_weather",
-                description="Get weather for a city",
-                input_schema={
-                    "type": "object",
-                    "properties": {"city": {"type": "string"}},
-                    "required": ["city"],
-                },
-            ),
-            MCPTool(
-                name="add_numbers",
-                description="Add two numbers",
-                input_schema={
-                    "type": "object",
-                    "properties": {
-                        "a": {"type": "number"},
-                        "b": {"type": "number"},
-                    },
-                },
-            ),
-        ]
-
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                return_value={
-                    "protocolVersion": "2025-03-26",
-                    "serverInfo": {"name": "test-server"},
-                }
-            )
-            instance.list_tools = AsyncMock(return_value=mock_tools)
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://mcp.example.com/mcp"},
-            )
-
-        assert response.status_code == 200
-        data = response.json()
-        assert len(data["tools"]) == 2
-        assert data["tools"][0]["name"] == "get_weather"
-        assert data["tools"][1]["name"] == "add_numbers"
-        assert data["server_name"] == "test-server"
-        assert data["protocol_version"] == "2025-03-26"
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_with_auth_token(self, client):
-        with patch("backend.api.features.mcp.routes.MCPClient") as MockClient:
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                return_value={"serverInfo": {}, "protocolVersion": "2025-03-26"}
-            )
-            instance.list_tools = AsyncMock(return_value=[])
-
-            response = await client.post(
-                "/discover-tools",
-                json={
-                    "server_url": "https://mcp.example.com/mcp",
-                    "auth_token": "my-secret-token",
-                },
-            )
-
-        assert response.status_code == 200
-        MockClient.assert_called_once_with(
-            "https://mcp.example.com/mcp",
-            auth_token="my-secret-token",
-        )
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_auto_uses_stored_credential(self, client):
-        """When no explicit token is given, stored MCP credentials are used."""
-        from pydantic import SecretStr
-
-        from backend.data.model import OAuth2Credentials
-
-        stored_cred = OAuth2Credentials(
-            provider="mcp",
-            title="MCP: example.com",
-            access_token=SecretStr("stored-token-123"),
-            refresh_token=None,
-            access_token_expires_at=None,
-            refresh_token_expires_at=None,
-            scopes=[],
-            metadata={"mcp_server_url": "https://mcp.example.com/mcp"},
-        )
-
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[stored_cred])
-            mock_cm.refresh_if_needed = AsyncMock(return_value=stored_cred)
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                return_value={"serverInfo": {}, "protocolVersion": "2025-03-26"}
-            )
-            instance.list_tools = AsyncMock(return_value=[])
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://mcp.example.com/mcp"},
-            )
-
-        assert response.status_code == 200
-        MockClient.assert_called_once_with(
-            "https://mcp.example.com/mcp",
-            auth_token="stored-token-123",
-        )
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_mcp_error(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                side_effect=MCPClientError("Connection refused")
-            )
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://bad-server.example.com/mcp"},
-            )
-
-        assert response.status_code == 502
-        assert "Connection refused" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_generic_error(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(side_effect=Exception("Network timeout"))
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://timeout.example.com/mcp"},
-            )
-
-        assert response.status_code == 502
-        assert "Failed to connect" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_auth_required(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                side_effect=HTTPClientError("HTTP 401 Error: Unauthorized", 401)
-            )
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://auth-server.example.com/mcp"},
-            )
-
-        assert response.status_code == 401
-        assert "requires authentication" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_forbidden(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-        ):
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-            instance = MockClient.return_value
-            instance.initialize = AsyncMock(
-                side_effect=HTTPClientError("HTTP 403 Error: Forbidden", 403)
-            )
-
-            response = await client.post(
-                "/discover-tools",
-                json={"server_url": "https://auth-server.example.com/mcp"},
-            )
-
-        assert response.status_code == 401
-        assert "requires authentication" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_discover_tools_missing_url(self, client):
-        response = await client.post("/discover-tools", json={})
-        assert response.status_code == 422
-
-
-class TestOAuthLogin:
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_login_success(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-            patch("backend.api.features.mcp.routes.settings") as mock_settings,
-            patch(
-                "backend.api.features.mcp.routes._register_mcp_client"
-            ) as mock_register,
-        ):
-            instance = MockClient.return_value
-            instance.discover_auth = AsyncMock(
-                return_value={
-                    "authorization_servers": ["https://auth.sentry.io"],
-                    "resource": "https://mcp.sentry.dev/mcp",
-                    "scopes_supported": ["openid"],
-                }
-            )
-            instance.discover_auth_server_metadata = AsyncMock(
-                return_value={
-                    "authorization_endpoint": "https://auth.sentry.io/authorize",
-                    "token_endpoint": "https://auth.sentry.io/token",
-                    "registration_endpoint": "https://auth.sentry.io/register",
-                }
-            )
-            mock_register.return_value = {
-                "client_id": "registered-client-id",
-                "client_secret": "registered-secret",
-            }
-            mock_cm.store.store_state_token = AsyncMock(
-                return_value=("state-token-123", "code-challenge-abc")
-            )
-            mock_settings.config.frontend_base_url = "http://localhost:3000"
-
-            response = await client.post(
-                "/oauth/login",
-                json={"server_url": "https://mcp.sentry.dev/mcp"},
-            )
-
-        assert response.status_code == 200
-        data = response.json()
-        assert "login_url" in data
-        assert data["state_token"] == "state-token-123"
-        assert "auth.sentry.io/authorize" in data["login_url"]
-        assert "registered-client-id" in data["login_url"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_login_no_oauth_support(self, client):
-        with patch("backend.api.features.mcp.routes.MCPClient") as MockClient:
-            instance = MockClient.return_value
-            instance.discover_auth = AsyncMock(return_value=None)
-            instance.discover_auth_server_metadata = AsyncMock(return_value=None)
-
-            response = await client.post(
-                "/oauth/login",
-                json={"server_url": "https://simple-server.example.com/mcp"},
-            )
-
-        assert response.status_code == 400
-        assert "does not advertise OAuth" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_login_fallback_to_public_client(self, client):
-        """When DCR is unavailable, falls back to default public client ID."""
-        with (
-            patch("backend.api.features.mcp.routes.MCPClient") as MockClient,
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-            patch("backend.api.features.mcp.routes.settings") as mock_settings,
-        ):
-            instance = MockClient.return_value
-            instance.discover_auth = AsyncMock(
-                return_value={
-                    "authorization_servers": ["https://auth.example.com"],
-                    "resource": "https://mcp.example.com/mcp",
-                }
-            )
-            instance.discover_auth_server_metadata = AsyncMock(
-                return_value={
-                    "authorization_endpoint": "https://auth.example.com/authorize",
-                    "token_endpoint": "https://auth.example.com/token",
-                    # No registration_endpoint
-                }
-            )
-            mock_cm.store.store_state_token = AsyncMock(
-                return_value=("state-abc", "challenge-xyz")
-            )
-            mock_settings.config.frontend_base_url = "http://localhost:3000"
-
-            response = await client.post(
-                "/oauth/login",
-                json={"server_url": "https://mcp.example.com/mcp"},
-            )
-
-        assert response.status_code == 200
-        data = response.json()
-        assert "autogpt-platform" in data["login_url"]
-
-
-class TestOAuthCallback:
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_callback_success(self, client):
-        from pydantic import SecretStr
-
-        from backend.data.model import OAuth2Credentials
-
-        mock_creds = OAuth2Credentials(
-            provider="mcp",
-            title=None,
-            access_token=SecretStr("access-token-xyz"),
-            refresh_token=None,
-            access_token_expires_at=None,
-            refresh_token_expires_at=None,
-            scopes=[],
-            metadata={
-                "mcp_token_url": "https://auth.sentry.io/token",
-                "mcp_resource_url": "https://mcp.sentry.dev/mcp",
-            },
-        )
-
-        with (
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-            patch("backend.api.features.mcp.routes.settings") as mock_settings,
-            patch("backend.api.features.mcp.routes.MCPOAuthHandler") as MockHandler,
-        ):
-            mock_settings.config.frontend_base_url = "http://localhost:3000"
-
-            # Mock state verification
-            mock_state = AsyncMock()
-            mock_state.state_metadata = {
-                "authorize_url": "https://auth.sentry.io/authorize",
-                "token_url": "https://auth.sentry.io/token",
-                "client_id": "test-client-id",
-                "client_secret": "test-secret",
-                "server_url": "https://mcp.sentry.dev/mcp",
-            }
-            mock_state.scopes = ["openid"]
-            mock_state.code_verifier = "verifier-123"
-            mock_cm.store.verify_state_token = AsyncMock(return_value=mock_state)
-            mock_cm.create = AsyncMock()
-
-            handler_instance = MockHandler.return_value
-            handler_instance.exchange_code_for_tokens = AsyncMock(
-                return_value=mock_creds
-            )
-
-            # Mock old credential cleanup
-            mock_cm.store.get_creds_by_provider = AsyncMock(return_value=[])
-
-            response = await client.post(
-                "/oauth/callback",
-                json={"code": "auth-code-abc", "state_token": "state-token-123"},
-            )
-
-        assert response.status_code == 200
-        data = response.json()
-        assert "id" in data
-        assert data["provider"] == "mcp"
-        assert data["type"] == "oauth2"
-        mock_cm.create.assert_called_once()
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_callback_invalid_state(self, client):
-        with patch("backend.api.features.mcp.routes.creds_manager") as mock_cm:
-            mock_cm.store.verify_state_token = AsyncMock(return_value=None)
-
-            response = await client.post(
-                "/oauth/callback",
-                json={"code": "auth-code", "state_token": "bad-state"},
-            )
-
-        assert response.status_code == 400
-        assert "Invalid or expired" in response.json()["detail"]
-
-    @pytest.mark.asyncio(loop_scope="session")
-    async def test_oauth_callback_token_exchange_fails(self, client):
-        with (
-            patch("backend.api.features.mcp.routes.creds_manager") as mock_cm,
-            patch("backend.api.features.mcp.routes.settings") as mock_settings,
-            patch("backend.api.features.mcp.routes.MCPOAuthHandler") as MockHandler,
-        ):
-            mock_settings.config.frontend_base_url = "http://localhost:3000"
-            mock_state = AsyncMock()
-            mock_state.state_metadata = {
-                "authorize_url": "https://auth.example.com/authorize",
-                "token_url": "https://auth.example.com/token",
-                "client_id": "cid",
-                "server_url": "https://mcp.example.com/mcp",
-            }
-            mock_state.scopes = []
-            mock_state.code_verifier = "v"
-            mock_cm.store.verify_state_token = AsyncMock(return_value=mock_state)
-
-            handler_instance = MockHandler.return_value
-            handler_instance.exchange_code_for_tokens = AsyncMock(
-                side_effect=RuntimeError("Token exchange failed")
-            )
-
-            response = await client.post(
-                "/oauth/callback",
-                json={"code": "bad-code", "state_token": "state"},
-            )
-
-        assert response.status_code == 400
-        assert "token exchange failed" in response.json()["detail"].lower()

autogpt_platform/backend/backend/api/features/oauth.py

@@ -21,13 +21,13 @@ from datetime import datetime
 from typing import Literal, Optional
 from urllib.parse import urlencode
 
-from autogpt_libs.auth import get_user_id
 from fastapi import APIRouter, Body, HTTPException, Security, UploadFile, status
 from gcloud.aio import storage as async_storage
 from PIL import Image
 from prisma.enums import APIKeyPermission
 from pydantic import BaseModel, Field
 
+from backend.api.auth import get_user_id
 from backend.data.auth.oauth import (
     InvalidClientError,
     InvalidGrantError,

autogpt_platform/backend/backend/api/features/oauth_test.py

@@ -21,7 +21,6 @@ from typing import AsyncGenerator
 import httpx
 import pytest
 import pytest_asyncio
-from autogpt_libs.api_key.keysmith import APIKeySmith
 from prisma.enums import APIKeyPermission
 from prisma.models import OAuthAccessToken as PrismaOAuthAccessToken
 from prisma.models import OAuthApplication as PrismaOAuthApplication
@@ -29,6 +28,7 @@ from prisma.models import OAuthAuthorizationCode as PrismaOAuthAuthorizationCode
 from prisma.models import OAuthRefreshToken as PrismaOAuthRefreshToken
 from prisma.models import User as PrismaUser
 
+from backend.api.auth.api_key.keysmith import APIKeySmith
 from backend.api.rest_api import app
 
 keysmith = APIKeySmith()
@@ -134,7 +134,7 @@ async def client(server, test_user: str) -> AsyncGenerator[httpx.AsyncClient, No
     Depends on `server` to ensure the DB is connected and `test_user` to ensure
     the user exists in the database before running tests.
     """
-    from autogpt_libs.auth import get_user_id
+    from backend.api.auth import get_user_id
 
     # Override get_user_id dependency to return our test user
     def override_get_user_id():

autogpt_platform/backend/backend/api/features/otto/routes.py

@@ -1,8 +1,9 @@
 import logging
 
-from autogpt_libs.auth import get_user_id, requires_user
 from fastapi import APIRouter, HTTPException, Security
 
+from backend.api.auth import get_user_id, requires_user
+
 from .models import ApiResponse, ChatRequest
 from .service import OttoService
 

autogpt_platform/backend/backend/api/features/otto/routes_test.py

@@ -19,7 +19,7 @@ client = fastapi.testclient.TestClient(app)
 @pytest.fixture(autouse=True)
 def setup_app_auth(mock_jwt_user):
     """Setup auth overrides for all tests in this module"""
-    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+    from backend.api.auth.jwt_utils import get_jwt_payload
 
     app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
     yield

autogpt_platform/backend/backend/api/features/otto/service.py

@@ -5,8 +5,8 @@ from typing import Optional
 import aiohttp
 from fastapi import HTTPException
 
-from backend.blocks import get_block
 from backend.data import graph as graph_db
+from backend.data.block import get_block
 from backend.util.settings import Settings
 
 from .models import ApiResponse, ChatRequest, GraphData

autogpt_platform/backend/backend/api/features/postmark/postmark.py

@@ -57,7 +57,7 @@ async def postmark_webhook_handler(
     webhook: Annotated[
         PostmarkWebhook,
         Body(discriminator="RecordType"),
-    ]
+    ],
 ):
     logger.info(f"Received webhook from Postmark: {webhook}")
     match webhook:

autogpt_platform/backend/backend/api/features/store/content_handlers.py

@@ -152,7 +152,7 @@ class BlockHandler(ContentHandler):
 
     async def get_missing_items(self, batch_size: int) -> list[ContentItem]:
         """Fetch blocks without embeddings."""
-        from backend.blocks import get_blocks
+        from backend.data.block import get_blocks
 
         # Get all available blocks
         all_blocks = get_blocks()
@@ -164,7 +164,7 @@ class BlockHandler(ContentHandler):
         block_ids = list(all_blocks.keys())
 
         # Query for existing embeddings
-        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
+        placeholders = ",".join([f"${i + 1}" for i in range(len(block_ids))])
         existing_result = await query_raw_with_schema(
             f"""
             SELECT "contentId"
@@ -249,7 +249,7 @@ class BlockHandler(ContentHandler):
 
     async def get_stats(self) -> dict[str, int]:
         """Get statistics about block embedding coverage."""
-        from backend.blocks import get_blocks
+        from backend.data.block import get_blocks
 
         all_blocks = get_blocks()
 
@@ -265,7 +265,7 @@ class BlockHandler(ContentHandler):
             return {"total": 0, "with_embeddings": 0, "without_embeddings": 0}
 
         block_ids = enabled_block_ids
-        placeholders = ",".join([f"${i+1}" for i in range(len(block_ids))])
+        placeholders = ",".join([f"${i + 1}" for i in range(len(block_ids))])
 
         embedded_result = await query_raw_with_schema(
             f"""
@@ -508,7 +508,7 @@ class DocumentationHandler(ContentHandler):
         ]
 
         # Check which ones have embeddings
-        placeholders = ",".join([f"${i+1}" for i in range(len(section_content_ids))])
+        placeholders = ",".join([f"${i + 1}" for i in range(len(section_content_ids))])
         existing_result = await query_raw_with_schema(
             f"""
             SELECT "contentId"

autogpt_platform/backend/backend/api/features/store/content_handlers_test.py

@@ -93,7 +93,7 @@ async def test_block_handler_get_missing_items(mocker):
     mock_existing = []
 
     with patch(
-        "backend.blocks.get_blocks",
+        "backend.data.block.get_blocks",
         return_value=mock_blocks,
     ):
         with patch(
@@ -135,7 +135,7 @@ async def test_block_handler_get_stats(mocker):
     mock_embedded = [{"count": 2}]
 
     with patch(
-        "backend.blocks.get_blocks",
+        "backend.data.block.get_blocks",
         return_value=mock_blocks,
     ):
         with patch(
@@ -327,7 +327,7 @@ async def test_block_handler_handles_missing_attributes():
     mock_blocks = {"block-minimal": mock_block_class}
 
     with patch(
-        "backend.blocks.get_blocks",
+        "backend.data.block.get_blocks",
         return_value=mock_blocks,
     ):
         with patch(
@@ -360,7 +360,7 @@ async def test_block_handler_skips_failed_blocks():
     mock_blocks = {"good-block": good_block, "bad-block": bad_block}
 
     with patch(
-        "backend.blocks.get_blocks",
+        "backend.data.block.get_blocks",
         return_value=mock_blocks,
     ):
         with patch(

autogpt_platform/backend/backend/api/features/store/embeddings.py

@@ -662,7 +662,7 @@ async def cleanup_orphaned_embeddings() -> dict[str, Any]:
                 )
                 current_ids = {row["id"] for row in valid_agents}
             elif content_type == ContentType.BLOCK:
-                from backend.blocks import get_blocks
+                from backend.data.block import get_blocks
 
                 current_ids = set(get_blocks().keys())
             elif content_type == ContentType.DOCUMENTATION: