fix(backend): add missing metadata attribute to mock nodes in SmartDecisionMaker tests (#11750)

This PR fixes failing SmartDecisionMaker tests by adding missing
`metadata` attribute to mock nodes.

### Changes 🏗️

Mock nodes in SmartDecisionMaker tests were missing the `metadata = {}`
attribute, which was introduced in commit 4a52b7eca for the
customized_name feature. This caused tests to fail with:

```
TypeError: expected string or bytes-like object, got 'Mock'
```

**Files fixed**:
- `backend/blocks/test/test_smart_decision_maker_dict.py`: Added
`metadata = {}` to mock nodes in all 3 tests
- `backend/blocks/test/test_smart_decision_maker_dynamic_fields.py`:
Added `metadata = {}` to mock nodes in all 8 tests

**Root cause**: The `_create_block_function_signature` method calls
`sink_node.metadata.get("customized_name")`, but mock nodes in tests
didn't have the metadata attribute initialized.

### Checklist 📋

#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
- [x] Run `poetry run pytest
backend/blocks/test/test_smart_decision_maker_dict.py -xvs` - 3 passed
- [x] Run `poetry run pytest
backend/blocks/test/test_smart_decision_maker_dynamic_fields.py -xvs` -
8 passed
  - [x] All tests pass successfully

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **Tests**
* Updated test infrastructure to enhance mock object configuration for
improved test reliability and consistency across test suites.

<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

.branchlet.json

@@ -0,0 +1,37 @@
+{
+  "worktreeCopyPatterns": [
+    ".env*",
+    ".vscode/**",
+    ".auth/**",
+    ".claude/**",
+    "autogpt_platform/.env*",
+    "autogpt_platform/backend/.env*",
+    "autogpt_platform/frontend/.env*",
+    "autogpt_platform/frontend/.auth/**",
+    "autogpt_platform/db/docker/.env*"
+  ],
+  "worktreeCopyIgnores": [
+    "**/node_modules/**",
+    "**/dist/**",
+    "**/.git/**",
+    "**/Thumbs.db",
+    "**/.DS_Store",
+    "**/.next/**",
+    "**/__pycache__/**",
+    "**/.ruff_cache/**",
+    "**/.pytest_cache/**",
+    "**/*.pyc",
+    "**/playwright-report/**",
+    "**/logs/**",
+    "**/site/**"
+  ],
+  "worktreePathTemplate": "$BASE_PATH.worktree",
+  "postCreateCmd": [
+    "cd autogpt_platform/autogpt_libs && poetry install",
+    "cd autogpt_platform/backend && poetry install && poetry run prisma generate",
+    "cd autogpt_platform/frontend && pnpm install",
+    "cd docs && pip install -r requirements.txt"
+  ],
+  "terminalCommand": "code .",
+  "deleteBranchWithWorktree": false
+}

.dockerignore

@@ -9,11 +9,14 @@
 
 # Platform - Backend
 !autogpt_platform/backend/backend/
+!autogpt_platform/backend/test/e2e_test_data.py
 !autogpt_platform/backend/migrations/
 !autogpt_platform/backend/schema.prisma
 !autogpt_platform/backend/pyproject.toml
 !autogpt_platform/backend/poetry.lock
 !autogpt_platform/backend/README.md
+!autogpt_platform/backend/.env
+!autogpt_platform/backend/gen_prisma_types_stub.py
 
 # Platform - Market
 !autogpt_platform/market/market/
@@ -26,6 +29,7 @@
 # Platform - Frontend
 !autogpt_platform/frontend/src/
 !autogpt_platform/frontend/public/
+!autogpt_platform/frontend/scripts/
 !autogpt_platform/frontend/package.json
 !autogpt_platform/frontend/pnpm-lock.yaml
 !autogpt_platform/frontend/tsconfig.json
@@ -33,6 +37,7 @@
 ## config
 !autogpt_platform/frontend/*.config.*
 !autogpt_platform/frontend/.env.*
+!autogpt_platform/frontend/.env
 
 # Classic - AutoGPT
 !classic/original_autogpt/autogpt/

.github/PULL_REQUEST_TEMPLATE.md

@@ -24,7 +24,8 @@
 </details>
 
 #### For configuration changes:
-- [ ] `.env.example` is updated or already compatible with my changes
+
+- [ ] `.env.default` is updated or already compatible with my changes
 - [ ] `docker-compose.yml` is updated or already compatible with my changes
 - [ ] I have included a list of my configuration changes in the PR description (under **Changes**)
 

.github/copilot-instructions.md

@@ -0,0 +1,322 @@
+# GitHub Copilot Instructions for AutoGPT
+
+This file provides comprehensive onboarding information for GitHub Copilot coding agent to work efficiently with the AutoGPT repository.
+
+## Repository Overview
+
+**AutoGPT** is a powerful platform for creating, deploying, and managing continuous AI agents that automate complex workflows. This is a large monorepo (~150MB) containing multiple components:
+
+- **AutoGPT Platform** (`autogpt_platform/`) - Main focus: Modern AI agent platform (Polyform Shield License)
+- **Classic AutoGPT** (`classic/`) - Legacy agent system (MIT License)
+- **Documentation** (`docs/`) - MkDocs-based documentation site
+- **Infrastructure** - Docker configurations, CI/CD, and development tools
+
+**Primary Languages & Frameworks:**
+
+- **Backend**: Python 3.10-3.13, FastAPI, Prisma ORM, PostgreSQL, RabbitMQ
+- **Frontend**: TypeScript, Next.js 15, React, Tailwind CSS, Radix UI
+- **Development**: Docker, Poetry, pnpm, Playwright, Storybook
+
+## Build and Validation Instructions
+
+### Essential Setup Commands
+
+**Always run these commands in the correct directory and in this order:**
+
+1. **Initial Setup** (required once):
+
+   ```bash
+   # Clone and enter repository
+   git clone <repo> && cd AutoGPT
+
+   # Start all services (database, redis, rabbitmq, clamav)
+   cd autogpt_platform && docker compose --profile local up deps --build --detach
+   ```
+
+2. **Backend Setup** (always run before backend development):
+
+   ```bash
+   cd autogpt_platform/backend
+   poetry install                    # Install dependencies
+   poetry run prisma migrate dev     # Run database migrations
+   poetry run prisma generate        # Generate Prisma client
+   ```
+
+3. **Frontend Setup** (always run before frontend development):
+   ```bash
+   cd autogpt_platform/frontend
+   pnpm install                      # Install dependencies
+   ```
+
+### Runtime Requirements
+
+**Critical:** Always ensure Docker services are running before starting development:
+
+```bash
+cd autogpt_platform && docker compose --profile local up deps --build --detach
+```
+
+**Python Version:** Use Python 3.11 (required; managed by Poetry via pyproject.toml)
+**Node.js Version:** Use Node.js 21+ with pnpm package manager
+
+### Development Commands
+
+**Backend Development:**
+
+```bash
+cd autogpt_platform/backend
+poetry run serve                     # Start development server (port 8000)
+poetry run test                      # Run all tests (requires ~5 minutes)
+poetry run pytest path/to/test.py    # Run specific test
+poetry run format                    # Format code (Black + isort) - always run first
+poetry run lint                      # Lint code (ruff) - run after format
+```
+
+**Frontend Development:**
+
+```bash
+cd autogpt_platform/frontend
+pnpm dev                            # Start development server (port 3000) - use for active development
+pnpm build                          # Build for production (only needed for E2E tests or deployment)
+pnpm test                           # Run Playwright E2E tests (requires build first)
+pnpm test-ui                        # Run tests with UI
+pnpm format                         # Format and lint code
+pnpm storybook                      # Start component development server
+```
+
+### Testing Strategy
+
+**Backend Tests:**
+
+- **Block Tests**: `poetry run pytest backend/blocks/test/test_block.py -xvs` (validates all blocks)
+- **Specific Block**: `poetry run pytest 'backend/blocks/test/test_block.py::test_available_blocks[BlockName]' -xvs`
+- **Snapshot Tests**: Use `--snapshot-update` when output changes, always review with `git diff`
+
+**Frontend Tests:**
+
+- **E2E Tests**: Always run `pnpm dev` before `pnpm test` (Playwright requires running instance)
+- **Component Tests**: Use Storybook for isolated component development
+
+### Critical Validation Steps
+
+**Before committing changes:**
+
+1. Run `poetry run format` (backend) and `pnpm format` (frontend)
+2. Ensure all tests pass in modified areas
+3. Verify Docker services are still running
+4. Check that database migrations apply cleanly
+
+**Common Issues & Workarounds:**
+
+- **Prisma issues**: Run `poetry run prisma generate` after schema changes
+- **Permission errors**: Ensure Docker has proper permissions
+- **Port conflicts**: Check the `docker-compose.yml` file for the current list of exposed ports. You can list all mapped ports with:
+- **Test timeouts**: Backend tests can take 5+ minutes, use `-x` flag to stop on first failure
+
+## Project Layout & Architecture
+
+### Core Architecture
+
+**AutoGPT Platform** (`autogpt_platform/`):
+
+- `backend/` - FastAPI server with async support
+  - `backend/backend/` - Core API logic
+  - `backend/blocks/` - Agent execution blocks
+  - `backend/data/` - Database models and schemas
+  - `schema.prisma` - Database schema definition
+- `frontend/` - Next.js application
+  - `src/app/` - App Router pages and layouts
+  - `src/components/` - Reusable React components
+  - `src/lib/` - Utilities and configurations
+- `autogpt_libs/` - Shared Python utilities
+- `docker-compose.yml` - Development stack orchestration
+
+**Key Configuration Files:**
+
+- `pyproject.toml` - Python dependencies and tooling
+- `package.json` - Node.js dependencies and scripts
+- `schema.prisma` - Database schema and migrations
+- `next.config.mjs` - Next.js configuration
+- `tailwind.config.ts` - Styling configuration
+
+### Security & Middleware
+
+**Cache Protection**: Backend includes middleware preventing sensitive data caching in browsers/proxies
+**Authentication**: JWT-based with Supabase integration
+**User ID Validation**: All data access requires user ID checks - verify this for any `data/*.py` changes
+
+### Development Workflow
+
+**GitHub Actions**: Multiple CI/CD workflows in `.github/workflows/`
+
+- `platform-backend-ci.yml` - Backend testing and validation
+- `platform-frontend-ci.yml` - Frontend testing and validation
+- `platform-fullstack-ci.yml` - End-to-end integration tests
+
+**Pre-commit Hooks**: Run linting and formatting checks
+**Conventional Commits**: Use format `type(scope): description` (e.g., `feat(backend): add API`)
+
+### Key Source Files
+
+**Backend Entry Points:**
+
+- `backend/backend/server/server.py` - FastAPI application setup
+- `backend/backend/data/` - Database models and user management
+- `backend/blocks/` - Agent execution blocks and logic
+
+**Frontend Entry Points:**
+
+- `frontend/src/app/layout.tsx` - Root application layout
+- `frontend/src/app/page.tsx` - Home page
+- `frontend/src/lib/supabase/` - Authentication and database client
+
+**Protected Routes**: Update `frontend/lib/supabase/middleware.ts` when adding protected routes
+
+### Agent Block System
+
+Agents are built using a visual block-based system where each block performs a single action. Blocks are defined in `backend/blocks/` and must include:
+
+- Block definition with input/output schemas
+- Execution logic with proper error handling
+- Tests validating functionality
+
+### Database & ORM
+
+**Prisma ORM** with PostgreSQL backend including pgvector for embeddings:
+
+- Schema in `schema.prisma`
+- Migrations in `backend/migrations/`
+- Always run `prisma migrate dev` and `prisma generate` after schema changes
+
+## Environment Configuration
+
+### Configuration Files Priority Order
+
+1. **Backend**: `/backend/.env.default` → `/backend/.env` (user overrides)
+2. **Frontend**: `/frontend/.env.default` → `/frontend/.env` (user overrides)
+3. **Platform**: `/.env.default` (Supabase/shared) → `/.env` (user overrides)
+4. Docker Compose `environment:` sections override file-based config
+5. Shell environment variables have highest precedence
+
+### Docker Environment Setup
+
+- All services use hardcoded defaults (no `${VARIABLE}` substitutions)
+- The `env_file` directive loads variables INTO containers at runtime
+- Backend/Frontend services use YAML anchors for consistent configuration
+- Copy `.env.default` files to `.env` for local development customization
+
+## Advanced Development Patterns
+
+### Adding New Blocks
+
+1. Create file in `/backend/backend/blocks/`
+2. Inherit from `Block` base class with input/output schemas
+3. Implement `run` method with proper error handling
+4. Generate block UUID using `uuid.uuid4()`
+5. Register in block registry
+6. Write tests alongside block implementation
+7. Consider how inputs/outputs connect with other blocks in graph editor
+
+### API Development
+
+1. Update routes in `/backend/backend/server/routers/`
+2. Add/update Pydantic models in same directory
+3. Write tests alongside route files
+4. For `data/*.py` changes, validate user ID checks
+5. Run `poetry run test` to verify changes
+
+### Frontend Development
+
+**📖 Complete Frontend Guide**: See `autogpt_platform/frontend/CONTRIBUTING.md` and `autogpt_platform/frontend/.cursorrules` for comprehensive patterns and conventions.
+
+**Quick Reference:**
+
+**Component Structure:**
+
+- Separate render logic from data/behavior
+- Structure: `ComponentName/ComponentName.tsx` + `useComponentName.ts` + `helpers.ts`
+- Exception: Small components (3-4 lines of logic) can be inline
+- Render-only components can be direct files without folders
+
+**Data Fetching:**
+
+- Use generated API hooks from `@/app/api/__generated__/endpoints/`
+- Generated via Orval from backend OpenAPI spec
+- Pattern: `use{Method}{Version}{OperationName}`
+- Example: `useGetV2ListLibraryAgents`
+- Regenerate with: `pnpm generate:api`
+- **Never** use deprecated `BackendAPI` or `src/lib/autogpt-server-api/*`
+
+**Code Conventions:**
+
+- Use function declarations for components and handlers (not arrow functions)
+- Only arrow functions for small inline lambdas (map, filter, etc.)
+- Components: `PascalCase`, Hooks: `camelCase` with `use` prefix
+- No barrel files or `index.ts` re-exports
+- Minimal comments (code should be self-documenting)
+
+**Styling:**
+
+- Use Tailwind CSS utilities only
+- Use design system components from `src/components/` (atoms, molecules, organisms)
+- Never use `src/components/__legacy__/*`
+- Only use Phosphor Icons (`@phosphor-icons/react`)
+- Prefer design tokens over hardcoded values
+
+**Error Handling:**
+
+- Render errors: Use `<ErrorCard />` component
+- Mutation errors: Display with toast notifications
+- Manual exceptions: Use `Sentry.captureException()`
+- Global error boundaries already configured
+
+**Testing:**
+
+- Add/update Storybook stories for UI components (`pnpm storybook`)
+- Run Playwright E2E tests with `pnpm test`
+- Verify in Chromatic after PR
+
+**Architecture:**
+
+- Default to client components ("use client")
+- Server components only for SEO or extreme TTFB needs
+- Use React Query for server state (via generated hooks)
+- Co-locate UI state in components/hooks
+
+### Security Guidelines
+
+**Cache Protection Middleware** (`/backend/backend/server/middleware/security.py`):
+
+- Default: Disables caching for ALL endpoints with `Cache-Control: no-store, no-cache, must-revalidate, private`
+- Uses allow list approach for cacheable paths (static assets, health checks, public pages)
+- Prevents sensitive data caching in browsers/proxies
+- Add new cacheable endpoints to `CACHEABLE_PATHS`
+
+### CI/CD Alignment
+
+The repository has comprehensive CI workflows that test:
+
+- **Backend**: Python 3.11-3.13, services (Redis/RabbitMQ/ClamAV), Prisma migrations, Poetry lock validation
+- **Frontend**: Node.js 21, pnpm, Playwright with Docker Compose stack, API schema validation
+- **Integration**: Full-stack type checking and E2E testing
+
+Match these patterns when developing locally - the copilot setup environment mirrors these CI configurations.
+
+## Collaboration with Other AI Assistants
+
+This repository is actively developed with assistance from Claude (via CLAUDE.md files). When working on this codebase:
+
+- Check for existing CLAUDE.md files that provide additional context
+- Follow established patterns and conventions already in the codebase
+- Maintain consistency with existing code style and architecture
+- Consider that changes may be reviewed and extended by both human developers and AI assistants
+
+## Trust These Instructions
+
+These instructions are comprehensive and tested. Only perform additional searches if:
+
+1. Information here is incomplete for your specific task
+2. You encounter errors not covered by the workarounds
+3. You need to understand implementation details not covered above
+
+For detailed platform development patterns, refer to `autogpt_platform/CLAUDE.md` and `AGENTS.md` in the repository root.

.github/workflows/claude-ci-failure-auto-fix.yml

@@ -0,0 +1,97 @@
+name: Auto Fix CI Failures
+
+on:
+  workflow_run:
+    workflows: ["CI"]
+    types:
+      - completed
+
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  issues: write
+  id-token: write # Required for OIDC token exchange
+
+jobs:
+  auto-fix:
+    if: |
+      github.event.workflow_run.conclusion == 'failure' &&
+      github.event.workflow_run.pull_requests[0] &&
+      !startsWith(github.event.workflow_run.head_branch, 'claude-auto-fix-ci-')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.workflow_run.head_branch }}
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Setup git identity
+        run: |
+          git config --global user.email "claude[bot]@users.noreply.github.com"
+          git config --global user.name "claude[bot]"
+
+      - name: Create fix branch
+        id: branch
+        run: |
+          BRANCH_NAME="claude-auto-fix-ci-${{ github.event.workflow_run.head_branch }}-${{ github.run_id }}"
+          git checkout -b "$BRANCH_NAME"
+          echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
+
+      - name: Get CI failure details
+        id: failure_details
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const run = await github.rest.actions.getWorkflowRun({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              run_id: ${{ github.event.workflow_run.id }}
+            });
+
+            const jobs = await github.rest.actions.listJobsForWorkflowRun({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              run_id: ${{ github.event.workflow_run.id }}
+            });
+
+            const failedJobs = jobs.data.jobs.filter(job => job.conclusion === 'failure');
+
+            let errorLogs = [];
+            for (const job of failedJobs) {
+              const logs = await github.rest.actions.downloadJobLogsForWorkflowRun({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                job_id: job.id
+              });
+              errorLogs.push({
+                jobName: job.name,
+                logs: logs.data
+              });
+            }
+
+            return {
+              runUrl: run.data.html_url,
+              failedJobs: failedJobs.map(j => j.name),
+              errorLogs: errorLogs
+            };
+
+      - name: Fix CI failures with Claude
+        id: claude
+        uses: anthropics/claude-code-action@v1
+        with:
+          prompt: |
+            /fix-ci 
+            Failed CI Run: ${{ fromJSON(steps.failure_details.outputs.result).runUrl }}
+            Failed Jobs: ${{ join(fromJSON(steps.failure_details.outputs.result).failedJobs, ', ') }}
+            PR Number: ${{ github.event.workflow_run.pull_requests[0].number }}
+            Branch Name: ${{ steps.branch.outputs.branch_name }}
+            Base Branch: ${{ github.event.workflow_run.head_branch }}
+            Repository: ${{ github.repository }}
+
+            Error logs:
+            ${{ toJSON(fromJSON(steps.failure_details.outputs.result).errorLogs) }}
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: "--allowedTools 'Edit,MultiEdit,Write,Read,Glob,Grep,LS,Bash(git:*),Bash(bun:*),Bash(npm:*),Bash(npx:*),Bash(gh:*)'"

.github/workflows/claude-dependabot.yml

@@ -0,0 +1,379 @@
+# Claude Dependabot PR Review Workflow
+# 
+# This workflow automatically runs Claude analysis on Dependabot PRs to:
+# - Identify dependency changes and their versions
+# - Look up changelogs for updated packages  
+# - Assess breaking changes and security impacts
+# - Provide actionable recommendations for the development team
+#
+# Triggered on: Dependabot PRs (opened, synchronize)
+# Requirements: ANTHROPIC_API_KEY secret must be configured
+
+name: Claude Dependabot PR Review
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+
+jobs:
+  dependabot-review:
+    # Only run on Dependabot PRs
+    if: github.actor == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    permissions:
+      contents: write
+      pull-requests: read
+      issues: read
+      id-token: write
+      actions: read # Required for CI access
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"  # Use standard version matching CI
+
+      - name: Set up Python dependency cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pypoetry
+          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
+
+      - name: Install Poetry
+        run: |
+          # Extract Poetry version from backend/poetry.lock (matches CI)
+          cd autogpt_platform/backend
+          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
+          echo "Found Poetry version ${HEAD_POETRY_VERSION} in backend/poetry.lock"
+          
+          # Install Poetry
+          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
+          
+          # Add Poetry to PATH
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Check poetry.lock
+        working-directory: autogpt_platform/backend
+        run: |
+          poetry lock
+          if ! git diff --quiet --ignore-matching-lines="^# " poetry.lock; then
+            echo "Warning: poetry.lock not up to date, but continuing for setup"
+            git checkout poetry.lock  # Reset for clean setup
+          fi
+
+      - name: Install Python dependencies
+        working-directory: autogpt_platform/backend
+        run: poetry install
+
+      - name: Generate Prisma Client
+        working-directory: autogpt_platform/backend
+        run: poetry run prisma generate && poetry run gen-prisma-stub
+
+      # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Set pnpm store directory
+        run: |
+          pnpm config set store-dir ~/.pnpm-store
+          echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
+
+      - name: Cache frontend dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install JavaScript dependencies
+        working-directory: autogpt_platform/frontend
+        run: pnpm install --frozen-lockfile
+
+      # Install Playwright browsers for frontend testing
+      # NOTE: Disabled to save ~1 minute of setup time. Re-enable if Copilot needs browser automation (e.g., for MCP)
+      # - name: Install Playwright browsers
+      #   working-directory: autogpt_platform/frontend
+      #   run: pnpm playwright install --with-deps chromium
+
+      # Docker setup for development environment
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Copy default environment files
+        working-directory: autogpt_platform
+        run: |
+          # Copy default environment files for development
+          cp .env.default .env
+          cp backend/.env.default backend/.env
+          cp frontend/.env.default frontend/.env
+
+      # Phase 1: Cache and load Docker images for faster setup
+      - name: Set up Docker image cache
+        id: docker-cache
+        uses: actions/cache@v4
+        with:
+          path: ~/docker-cache
+          # Use a versioned key for cache invalidation when image list changes
+          key: docker-images-v2-${{ runner.os }}-${{ hashFiles('.github/workflows/copilot-setup-steps.yml') }}
+          restore-keys: |
+            docker-images-v2-${{ runner.os }}-
+            docker-images-v1-${{ runner.os }}-
+
+      - name: Load or pull Docker images
+        working-directory: autogpt_platform
+        run: |
+          mkdir -p ~/docker-cache
+          
+          # Define image list for easy maintenance
+          IMAGES=(
+            "redis:latest"
+            "rabbitmq:management"
+            "clamav/clamav-debian:latest"
+            "busybox:latest"
+            "kong:2.8.1"
+            "supabase/gotrue:v2.170.0"
+            "supabase/postgres:15.8.1.049"
+            "supabase/postgres-meta:v0.86.1"
+            "supabase/studio:20250224-d10db0f"
+          )
+          
+          # Check if any cached tar files exist (more reliable than cache-hit)
+          if ls ~/docker-cache/*.tar 1> /dev/null 2>&1; then
+            echo "Docker cache found, loading images in parallel..."
+            for image in "${IMAGES[@]}"; do
+              # Convert image name to filename (replace : and / with -)
+              filename=$(echo "$image" | tr ':/' '--')
+              if [ -f ~/docker-cache/${filename}.tar ]; then
+                echo "Loading $image..."
+                docker load -i ~/docker-cache/${filename}.tar || echo "Warning: Failed to load $image from cache" &
+              fi
+            done
+            wait
+            echo "All cached images loaded"
+          else
+            echo "No Docker cache found, pulling images in parallel..."
+            # Pull all images in parallel
+            for image in "${IMAGES[@]}"; do
+              docker pull "$image" &
+            done
+            wait
+            
+            # Only save cache on main branches (not PRs) to avoid cache pollution
+            if [[ "${{ github.ref }}" == "refs/heads/master" ]] || [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then
+              echo "Saving Docker images to cache in parallel..."
+              for image in "${IMAGES[@]}"; do
+                # Convert image name to filename (replace : and / with -)
+                filename=$(echo "$image" | tr ':/' '--')
+                echo "Saving $image..."
+                docker save -o ~/docker-cache/${filename}.tar "$image" || echo "Warning: Failed to save $image" &
+              done
+              wait
+              echo "Docker image cache saved"
+            else
+              echo "Skipping cache save for PR/feature branch"
+            fi
+          fi
+          
+          echo "Docker images ready for use"
+
+      # Phase 2: Build migrate service with GitHub Actions cache
+      - name: Build migrate Docker image with cache
+        working-directory: autogpt_platform
+        run: |
+          # Build the migrate image with buildx for GHA caching
+          docker buildx build \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max \
+            --target migrate \
+            --tag autogpt_platform-migrate:latest \
+            --load \
+            -f backend/Dockerfile \
+            ..
+
+      # Start services using pre-built images
+      - name: Start Docker services for development
+        working-directory: autogpt_platform
+        run: |
+          # Start essential services (migrate image already built with correct tag)
+          docker compose --profile local up deps --no-build --detach
+          echo "Waiting for services to be ready..."
+          
+          # Wait for database to be ready
+          echo "Checking database readiness..."
+          timeout 30 sh -c 'until docker compose exec -T db pg_isready -U postgres 2>/dev/null; do 
+            echo "  Waiting for database..."
+            sleep 2
+          done' && echo "✅ Database is ready" || echo "⚠️ Database ready check timeout after 30s, continuing..."
+          
+          # Check migrate service status
+          echo "Checking migration status..."
+          docker compose ps migrate || echo "  Migrate service not visible in ps output"
+          
+          # Wait for migrate service to complete
+          echo "Waiting for migrations to complete..."
+          timeout 30 bash -c '
+            ATTEMPTS=0
+            while [ $ATTEMPTS -lt 15 ]; do
+              ATTEMPTS=$((ATTEMPTS + 1))
+              
+              # Check using docker directly (more reliable than docker compose ps)
+              CONTAINER_STATUS=$(docker ps -a --filter "label=com.docker.compose.service=migrate" --format "{{.Status}}" | head -1)
+              
+              if [ -z "$CONTAINER_STATUS" ]; then
+                echo "  Attempt $ATTEMPTS: Migrate container not found yet..."
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited (0)"; then
+                echo "✅ Migrations completed successfully"
+                docker compose logs migrate --tail=5 2>/dev/null || true
+                exit 0
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited ([1-9]"; then
+                EXIT_CODE=$(echo "$CONTAINER_STATUS" | grep -oE "Exited \([0-9]+\)" | grep -oE "[0-9]+")
+                echo "❌ Migrations failed with exit code: $EXIT_CODE"
+                echo "Migration logs:"
+                docker compose logs migrate --tail=20 2>/dev/null || true
+                exit 1
+              elif echo "$CONTAINER_STATUS" | grep -q "Up"; then
+                echo "  Attempt $ATTEMPTS: Migrate container is running... ($CONTAINER_STATUS)"
+              else
+                echo "  Attempt $ATTEMPTS: Migrate container status: $CONTAINER_STATUS"
+              fi
+              
+              sleep 2
+            done
+            
+            echo "⚠️ Timeout: Could not determine migration status after 30 seconds"
+            echo "Final container check:"
+            docker ps -a --filter "label=com.docker.compose.service=migrate" || true
+            echo "Migration logs (if available):"
+            docker compose logs migrate --tail=10 2>/dev/null || echo "  No logs available"
+          ' || echo "⚠️ Migration check completed with warnings, continuing..."
+          
+          # Brief wait for other services to stabilize
+          echo "Waiting 5 seconds for other services to stabilize..."
+          sleep 5
+
+      # Verify installations and provide environment info
+      - name: Verify setup and show environment info
+        run: |
+          echo "=== Python Setup ==="
+          python --version
+          poetry --version
+          
+          echo "=== Node.js Setup ==="
+          node --version
+          pnpm --version
+          
+          echo "=== Additional Tools ==="
+          docker --version
+          docker compose version
+          gh --version || true
+          
+          echo "=== Services Status ==="
+          cd autogpt_platform
+          docker compose ps || true
+          
+          echo "=== Backend Dependencies ==="
+          cd backend
+          poetry show | head -10 || true
+          
+          echo "=== Frontend Dependencies ==="
+          cd ../frontend
+          pnpm list --depth=0 | head -10 || true
+          
+          echo "=== Environment Files ==="
+          ls -la ../.env* || true
+          ls -la .env* || true
+          ls -la ../backend/.env* || true
+          
+          echo "✅ AutoGPT Platform development environment setup complete!"
+          echo "🚀 Ready for development with Docker services running"
+          echo "📝 Backend server: poetry run serve (port 8000)"
+          echo "🌐 Frontend server: pnpm dev (port 3000)"
+
+
+      - name: Run Claude Dependabot Analysis
+        id: claude_review
+        uses: anthropics/claude-code-action@v1
+        with:
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: |
+            --allowedTools "Bash(npm:*),Bash(pnpm:*),Bash(poetry:*),Bash(git:*),Edit,Replace,NotebookEditCell,mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*)"
+          prompt: |
+            You are Claude, an AI assistant specialized in reviewing Dependabot dependency update PRs. 
+            
+            Your primary tasks are:
+            1. **Analyze the dependency changes** in this Dependabot PR
+            2. **Look up changelogs** for all updated dependencies to understand what changed
+            3. **Identify breaking changes** and assess potential impact on the AutoGPT codebase
+            4. **Provide actionable recommendations** for the development team
+            
+            ## Analysis Process:
+            
+            1. **Identify Changed Dependencies**: 
+               - Use git diff to see what dependencies were updated
+               - Parse package.json, poetry.lock, requirements files, etc.
+               - List all package versions: old → new
+            
+            2. **Changelog Research**:
+               - For each updated dependency, look up its changelog/release notes
+               - Use WebFetch to access GitHub releases, NPM package pages, PyPI project pages. The pr should also have some details
+               - Focus on versions between the old and new versions
+               - Identify: breaking changes, deprecations, security fixes, new features
+            
+            3. **Breaking Change Assessment**:
+               - Categorize changes: BREAKING, MAJOR, MINOR, PATCH, SECURITY
+               - Assess impact on AutoGPT's usage patterns
+               - Check if AutoGPT uses affected APIs/features
+               - Look for migration guides or upgrade instructions
+            
+            4. **Codebase Impact Analysis**:
+               - Search the AutoGPT codebase for usage of changed APIs
+               - Identify files that might be affected by breaking changes
+               - Check test files for deprecated usage patterns
+               - Look for configuration changes needed
+            
+            ## Output Format:
+            
+            Provide a comprehensive review comment with:
+            
+            ### 🔍 Dependency Analysis Summary
+            - List of updated packages with version changes
+            - Overall risk assessment (LOW/MEDIUM/HIGH)
+            
+            ### 📋 Detailed Changelog Review
+            For each updated dependency:
+            - **Package**: name (old_version → new_version)
+            - **Changes**: Summary of key changes
+            - **Breaking Changes**: List any breaking changes
+            - **Security Fixes**: Note security improvements
+            - **Migration Notes**: Any upgrade steps needed
+            
+            ### ⚠️ Impact Assessment
+            - **Breaking Changes Found**: Yes/No with details
+            - **Affected Files**: List AutoGPT files that may need updates
+            - **Test Impact**: Any tests that may need updating
+            - **Configuration Changes**: Required config updates
+            
+            ### 🛠️ Recommendations
+            - **Action Required**: What the team should do
+            - **Testing Focus**: Areas to test thoroughly
+            - **Follow-up Tasks**: Any additional work needed
+            - **Merge Recommendation**: APPROVE/REVIEW_NEEDED/HOLD
+            
+            ### 📚 Useful Links
+            - Links to relevant changelogs, migration guides, documentation
+            
+            Be thorough but concise. Focus on actionable insights that help the development team make informed decisions about the dependency updates.

.github/workflows/claude.yml

@@ -30,18 +30,302 @@ jobs:
         github.event.issue.author_association == 'COLLABORATOR'
       )
     runs-on: ubuntu-latest
+    timeout-minutes: 45
+
     permissions:
-      contents: read
+      contents: write
       pull-requests: read
       issues: read
       id-token: write
+      actions: read # Required for CI access
     steps:
-      - name: Checkout repository
+      - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 1
+
+      - name: Free Disk Space (Ubuntu)
+        uses: jlumbroso/free-disk-space@v1.3.1
+        with:
+          large-packages: false  # slow
+          docker-images: false  # limited benefit
+
+      # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"  # Use standard version matching CI
+
+      - name: Set up Python dependency cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pypoetry
+          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
+
+      - name: Install Poetry
+        run: |
+          # Extract Poetry version from backend/poetry.lock (matches CI)
+          cd autogpt_platform/backend
+          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
+          echo "Found Poetry version ${HEAD_POETRY_VERSION} in backend/poetry.lock"
+          
+          # Install Poetry
+          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
+          
+          # Add Poetry to PATH
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Check poetry.lock
+        working-directory: autogpt_platform/backend
+        run: |
+          poetry lock
+          if ! git diff --quiet --ignore-matching-lines="^# " poetry.lock; then
+            echo "Warning: poetry.lock not up to date, but continuing for setup"
+            git checkout poetry.lock  # Reset for clean setup
+          fi
+
+      - name: Install Python dependencies
+        working-directory: autogpt_platform/backend
+        run: poetry install
+
+      - name: Generate Prisma Client
+        working-directory: autogpt_platform/backend
+        run: poetry run prisma generate && poetry run gen-prisma-stub
+
+      # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Set pnpm store directory
+        run: |
+          pnpm config set store-dir ~/.pnpm-store
+          echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
+
+      - name: Cache frontend dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install JavaScript dependencies
+        working-directory: autogpt_platform/frontend
+        run: pnpm install --frozen-lockfile
+
+      # Install Playwright browsers for frontend testing
+      # NOTE: Disabled to save ~1 minute of setup time. Re-enable if Copilot needs browser automation (e.g., for MCP)
+      # - name: Install Playwright browsers
+      #   working-directory: autogpt_platform/frontend
+      #   run: pnpm playwright install --with-deps chromium
+
+      # Docker setup for development environment
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Copy default environment files
+        working-directory: autogpt_platform
+        run: |
+          # Copy default environment files for development
+          cp .env.default .env
+          cp backend/.env.default backend/.env
+          cp frontend/.env.default frontend/.env
+
+      # Phase 1: Cache and load Docker images for faster setup
+      - name: Set up Docker image cache
+        id: docker-cache
+        uses: actions/cache@v4
+        with:
+          path: ~/docker-cache
+          # Use a versioned key for cache invalidation when image list changes
+          key: docker-images-v2-${{ runner.os }}-${{ hashFiles('.github/workflows/copilot-setup-steps.yml') }}
+          restore-keys: |
+            docker-images-v2-${{ runner.os }}-
+            docker-images-v1-${{ runner.os }}-
+
+      - name: Load or pull Docker images
+        working-directory: autogpt_platform
+        run: |
+          mkdir -p ~/docker-cache
+          
+          # Define image list for easy maintenance
+          IMAGES=(
+            "redis:latest"
+            "rabbitmq:management"
+            "clamav/clamav-debian:latest"
+            "busybox:latest"
+            "kong:2.8.1"
+            "supabase/gotrue:v2.170.0"
+            "supabase/postgres:15.8.1.049"
+            "supabase/postgres-meta:v0.86.1"
+            "supabase/studio:20250224-d10db0f"
+          )
+          
+          # Check if any cached tar files exist (more reliable than cache-hit)
+          if ls ~/docker-cache/*.tar 1> /dev/null 2>&1; then
+            echo "Docker cache found, loading images in parallel..."
+            for image in "${IMAGES[@]}"; do
+              # Convert image name to filename (replace : and / with -)
+              filename=$(echo "$image" | tr ':/' '--')
+              if [ -f ~/docker-cache/${filename}.tar ]; then
+                echo "Loading $image..."
+                docker load -i ~/docker-cache/${filename}.tar || echo "Warning: Failed to load $image from cache" &
+              fi
+            done
+            wait
+            echo "All cached images loaded"
+          else
+            echo "No Docker cache found, pulling images in parallel..."
+            # Pull all images in parallel
+            for image in "${IMAGES[@]}"; do
+              docker pull "$image" &
+            done
+            wait
+            
+            # Only save cache on main branches (not PRs) to avoid cache pollution
+            if [[ "${{ github.ref }}" == "refs/heads/master" ]] || [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then
+              echo "Saving Docker images to cache in parallel..."
+              for image in "${IMAGES[@]}"; do
+                # Convert image name to filename (replace : and / with -)
+                filename=$(echo "$image" | tr ':/' '--')
+                echo "Saving $image..."
+                docker save -o ~/docker-cache/${filename}.tar "$image" || echo "Warning: Failed to save $image" &
+              done
+              wait
+              echo "Docker image cache saved"
+            else
+              echo "Skipping cache save for PR/feature branch"
+            fi
+          fi
+          
+          echo "Docker images ready for use"
+
+      # Phase 2: Build migrate service with GitHub Actions cache
+      - name: Build migrate Docker image with cache
+        working-directory: autogpt_platform
+        run: |
+          # Build the migrate image with buildx for GHA caching
+          docker buildx build \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max \
+            --target migrate \
+            --tag autogpt_platform-migrate:latest \
+            --load \
+            -f backend/Dockerfile \
+            ..
+
+      # Start services using pre-built images
+      - name: Start Docker services for development
+        working-directory: autogpt_platform
+        run: |
+          # Start essential services (migrate image already built with correct tag)
+          docker compose --profile local up deps --no-build --detach
+          echo "Waiting for services to be ready..."
+          
+          # Wait for database to be ready
+          echo "Checking database readiness..."
+          timeout 30 sh -c 'until docker compose exec -T db pg_isready -U postgres 2>/dev/null; do 
+            echo "  Waiting for database..."
+            sleep 2
+          done' && echo "✅ Database is ready" || echo "⚠️ Database ready check timeout after 30s, continuing..."
+          
+          # Check migrate service status
+          echo "Checking migration status..."
+          docker compose ps migrate || echo "  Migrate service not visible in ps output"
+          
+          # Wait for migrate service to complete
+          echo "Waiting for migrations to complete..."
+          timeout 30 bash -c '
+            ATTEMPTS=0
+            while [ $ATTEMPTS -lt 15 ]; do
+              ATTEMPTS=$((ATTEMPTS + 1))
+              
+              # Check using docker directly (more reliable than docker compose ps)
+              CONTAINER_STATUS=$(docker ps -a --filter "label=com.docker.compose.service=migrate" --format "{{.Status}}" | head -1)
+              
+              if [ -z "$CONTAINER_STATUS" ]; then
+                echo "  Attempt $ATTEMPTS: Migrate container not found yet..."
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited (0)"; then
+                echo "✅ Migrations completed successfully"
+                docker compose logs migrate --tail=5 2>/dev/null || true
+                exit 0
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited ([1-9]"; then
+                EXIT_CODE=$(echo "$CONTAINER_STATUS" | grep -oE "Exited \([0-9]+\)" | grep -oE "[0-9]+")
+                echo "❌ Migrations failed with exit code: $EXIT_CODE"
+                echo "Migration logs:"
+                docker compose logs migrate --tail=20 2>/dev/null || true
+                exit 1
+              elif echo "$CONTAINER_STATUS" | grep -q "Up"; then
+                echo "  Attempt $ATTEMPTS: Migrate container is running... ($CONTAINER_STATUS)"
+              else
+                echo "  Attempt $ATTEMPTS: Migrate container status: $CONTAINER_STATUS"
+              fi
+              
+              sleep 2
+            done
+            
+            echo "⚠️ Timeout: Could not determine migration status after 30 seconds"
+            echo "Final container check:"
+            docker ps -a --filter "label=com.docker.compose.service=migrate" || true
+            echo "Migration logs (if available):"
+            docker compose logs migrate --tail=10 2>/dev/null || echo "  No logs available"
+          ' || echo "⚠️ Migration check completed with warnings, continuing..."
+          
+          # Brief wait for other services to stabilize
+          echo "Waiting 5 seconds for other services to stabilize..."
+          sleep 5
+
+      # Verify installations and provide environment info
+      - name: Verify setup and show environment info
+        run: |
+          echo "=== Python Setup ==="
+          python --version
+          poetry --version
+          
+          echo "=== Node.js Setup ==="
+          node --version
+          pnpm --version
+          
+          echo "=== Additional Tools ==="
+          docker --version
+          docker compose version
+          gh --version || true
+          
+          echo "=== Services Status ==="
+          cd autogpt_platform
+          docker compose ps || true
+          
+          echo "=== Backend Dependencies ==="
+          cd backend
+          poetry show | head -10 || true
+          
+          echo "=== Frontend Dependencies ==="
+          cd ../frontend
+          pnpm list --depth=0 | head -10 || true
+          
+          echo "=== Environment Files ==="
+          ls -la ../.env* || true
+          ls -la .env* || true
+          ls -la ../backend/.env* || true
+          
+          echo "✅ AutoGPT Platform development environment setup complete!"
+          echo "🚀 Ready for development with Docker services running"
+          echo "📝 Backend server: poetry run serve (port 8000)"
+          echo "🌐 Frontend server: pnpm dev (port 3000)"
+
       - name: Run Claude Code
         id: claude
-        uses: anthropics/claude-code-action@beta
+        uses: anthropics/claude-code-action@v1
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+          claude_args: |
+            --allowedTools "Bash(npm:*),Bash(pnpm:*),Bash(poetry:*),Bash(git:*),Edit,Replace,NotebookEditCell,mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*), Bash(gh pr edit:*)"
+            --model opus
+          additional_permissions: |
+            actions: read

.github/workflows/copilot-setup-steps.yml

@@ -0,0 +1,312 @@
+name: "Copilot Setup Steps"
+
+# Automatically run the setup steps when they are changed to allow for easy validation, and
+# allow manual testing through the repository's "Actions" tab
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+  pull_request:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+
+jobs:
+  # The job MUST be called `copilot-setup-steps` or it will not be picked up by Copilot.
+  copilot-setup-steps:
+    runs-on: ubuntu-latest
+    timeout-minutes: 45
+
+    # Set the permissions to the lowest permissions possible needed for your steps.
+    # Copilot will be given its own token for its operations.
+    permissions:
+      # If you want to clone the repository as part of your setup steps, for example to install dependencies, you'll need the `contents: read` permission. If you don't clone the repository in your setup steps, Copilot will do this for you automatically after the steps complete.
+      contents: read
+
+    # You can define any steps you want, and they will run before the agent starts.
+    # If you do not check out your code, Copilot will do this for you.
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          submodules: true
+
+      # Backend Python/Poetry setup (mirrors platform-backend-ci.yml)
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"  # Use standard version matching CI
+
+      - name: Set up Python dependency cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pypoetry
+          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
+
+      - name: Install Poetry
+        run: |
+          # Extract Poetry version from backend/poetry.lock (matches CI)
+          cd autogpt_platform/backend
+          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
+          echo "Found Poetry version ${HEAD_POETRY_VERSION} in backend/poetry.lock"
+          
+          # Install Poetry
+          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
+          
+          # Add Poetry to PATH
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Check poetry.lock
+        working-directory: autogpt_platform/backend
+        run: |
+          poetry lock
+          if ! git diff --quiet --ignore-matching-lines="^# " poetry.lock; then
+            echo "Warning: poetry.lock not up to date, but continuing for setup"
+            git checkout poetry.lock  # Reset for clean setup
+          fi
+
+      - name: Install Python dependencies
+        working-directory: autogpt_platform/backend
+        run: poetry install
+
+      - name: Generate Prisma Client
+        working-directory: autogpt_platform/backend
+        run: poetry run prisma generate && poetry run gen-prisma-stub
+
+      # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Set pnpm store directory
+        run: |
+          pnpm config set store-dir ~/.pnpm-store
+          echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
+
+      - name: Cache frontend dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install JavaScript dependencies
+        working-directory: autogpt_platform/frontend
+        run: pnpm install --frozen-lockfile
+
+      # Install Playwright browsers for frontend testing
+      # NOTE: Disabled to save ~1 minute of setup time. Re-enable if Copilot needs browser automation (e.g., for MCP)
+      # - name: Install Playwright browsers
+      #   working-directory: autogpt_platform/frontend
+      #   run: pnpm playwright install --with-deps chromium
+
+      # Docker setup for development environment
+      - name: Free up disk space
+        run: |
+          # Remove large unused tools to free disk space for Docker builds
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo docker system prune -af
+          df -h
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Copy default environment files
+        working-directory: autogpt_platform
+        run: |
+          # Copy default environment files for development
+          cp .env.default .env
+          cp backend/.env.default backend/.env
+          cp frontend/.env.default frontend/.env
+
+      # Phase 1: Cache and load Docker images for faster setup
+      - name: Set up Docker image cache
+        id: docker-cache
+        uses: actions/cache@v4
+        with:
+          path: ~/docker-cache
+          # Use a versioned key for cache invalidation when image list changes
+          key: docker-images-v2-${{ runner.os }}-${{ hashFiles('.github/workflows/copilot-setup-steps.yml') }}
+          restore-keys: |
+            docker-images-v2-${{ runner.os }}-
+            docker-images-v1-${{ runner.os }}-
+
+      - name: Load or pull Docker images
+        working-directory: autogpt_platform
+        run: |
+          mkdir -p ~/docker-cache
+          
+          # Define image list for easy maintenance
+          IMAGES=(
+            "redis:latest"
+            "rabbitmq:management"
+            "clamav/clamav-debian:latest"
+            "busybox:latest"
+            "kong:2.8.1"
+            "supabase/gotrue:v2.170.0"
+            "supabase/postgres:15.8.1.049"
+            "supabase/postgres-meta:v0.86.1"
+            "supabase/studio:20250224-d10db0f"
+          )
+          
+          # Check if any cached tar files exist (more reliable than cache-hit)
+          if ls ~/docker-cache/*.tar 1> /dev/null 2>&1; then
+            echo "Docker cache found, loading images in parallel..."
+            for image in "${IMAGES[@]}"; do
+              # Convert image name to filename (replace : and / with -)
+              filename=$(echo "$image" | tr ':/' '--')
+              if [ -f ~/docker-cache/${filename}.tar ]; then
+                echo "Loading $image..."
+                docker load -i ~/docker-cache/${filename}.tar || echo "Warning: Failed to load $image from cache" &
+              fi
+            done
+            wait
+            echo "All cached images loaded"
+          else
+            echo "No Docker cache found, pulling images in parallel..."
+            # Pull all images in parallel
+            for image in "${IMAGES[@]}"; do
+              docker pull "$image" &
+            done
+            wait
+            
+            # Only save cache on main branches (not PRs) to avoid cache pollution
+            if [[ "${{ github.ref }}" == "refs/heads/master" ]] || [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then
+              echo "Saving Docker images to cache in parallel..."
+              for image in "${IMAGES[@]}"; do
+                # Convert image name to filename (replace : and / with -)
+                filename=$(echo "$image" | tr ':/' '--')
+                echo "Saving $image..."
+                docker save -o ~/docker-cache/${filename}.tar "$image" || echo "Warning: Failed to save $image" &
+              done
+              wait
+              echo "Docker image cache saved"
+            else
+              echo "Skipping cache save for PR/feature branch"
+            fi
+          fi
+          
+          echo "Docker images ready for use"
+
+      # Phase 2: Build migrate service with GitHub Actions cache
+      - name: Build migrate Docker image with cache
+        working-directory: autogpt_platform
+        run: |
+          # Build the migrate image with buildx for GHA caching
+          docker buildx build \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max \
+            --target migrate \
+            --tag autogpt_platform-migrate:latest \
+            --load \
+            -f backend/Dockerfile \
+            ..
+
+      # Start services using pre-built images
+      - name: Start Docker services for development
+        working-directory: autogpt_platform
+        run: |
+          # Start essential services (migrate image already built with correct tag)
+          docker compose --profile local up deps --no-build --detach
+          echo "Waiting for services to be ready..."
+          
+          # Wait for database to be ready
+          echo "Checking database readiness..."
+          timeout 30 sh -c 'until docker compose exec -T db pg_isready -U postgres 2>/dev/null; do 
+            echo "  Waiting for database..."
+            sleep 2
+          done' && echo "✅ Database is ready" || echo "⚠️ Database ready check timeout after 30s, continuing..."
+          
+          # Check migrate service status
+          echo "Checking migration status..."
+          docker compose ps migrate || echo "  Migrate service not visible in ps output"
+          
+          # Wait for migrate service to complete
+          echo "Waiting for migrations to complete..."
+          timeout 30 bash -c '
+            ATTEMPTS=0
+            while [ $ATTEMPTS -lt 15 ]; do
+              ATTEMPTS=$((ATTEMPTS + 1))
+              
+              # Check using docker directly (more reliable than docker compose ps)
+              CONTAINER_STATUS=$(docker ps -a --filter "label=com.docker.compose.service=migrate" --format "{{.Status}}" | head -1)
+              
+              if [ -z "$CONTAINER_STATUS" ]; then
+                echo "  Attempt $ATTEMPTS: Migrate container not found yet..."
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited (0)"; then
+                echo "✅ Migrations completed successfully"
+                docker compose logs migrate --tail=5 2>/dev/null || true
+                exit 0
+              elif echo "$CONTAINER_STATUS" | grep -q "Exited ([1-9]"; then
+                EXIT_CODE=$(echo "$CONTAINER_STATUS" | grep -oE "Exited \([0-9]+\)" | grep -oE "[0-9]+")
+                echo "❌ Migrations failed with exit code: $EXIT_CODE"
+                echo "Migration logs:"
+                docker compose logs migrate --tail=20 2>/dev/null || true
+                exit 1
+              elif echo "$CONTAINER_STATUS" | grep -q "Up"; then
+                echo "  Attempt $ATTEMPTS: Migrate container is running... ($CONTAINER_STATUS)"
+              else
+                echo "  Attempt $ATTEMPTS: Migrate container status: $CONTAINER_STATUS"
+              fi
+              
+              sleep 2
+            done
+            
+            echo "⚠️ Timeout: Could not determine migration status after 30 seconds"
+            echo "Final container check:"
+            docker ps -a --filter "label=com.docker.compose.service=migrate" || true
+            echo "Migration logs (if available):"
+            docker compose logs migrate --tail=10 2>/dev/null || echo "  No logs available"
+          ' || echo "⚠️ Migration check completed with warnings, continuing..."
+          
+          # Brief wait for other services to stabilize
+          echo "Waiting 5 seconds for other services to stabilize..."
+          sleep 5
+
+      # Verify installations and provide environment info
+      - name: Verify setup and show environment info
+        run: |
+          echo "=== Python Setup ==="
+          python --version
+          poetry --version
+          
+          echo "=== Node.js Setup ==="
+          node --version
+          pnpm --version
+          
+          echo "=== Additional Tools ==="
+          docker --version
+          docker compose version
+          gh --version || true
+          
+          echo "=== Services Status ==="
+          cd autogpt_platform
+          docker compose ps || true
+          
+          echo "=== Backend Dependencies ==="
+          cd backend
+          poetry show | head -10 || true
+          
+          echo "=== Frontend Dependencies ==="
+          cd ../frontend
+          pnpm list --depth=0 | head -10 || true
+          
+          echo "=== Environment Files ==="
+          ls -la ../.env* || true
+          ls -la .env* || true
+          ls -la ../backend/.env* || true
+          
+          echo "✅ AutoGPT Platform development environment setup complete!"
+          echo "🚀 Ready for development with Docker services running"
+          echo "📝 Backend server: poetry run serve (port 8000)"
+          echo "🌐 Frontend server: pnpm dev (port 3000)"

.github/workflows/platform-autogpt-deploy-dev.yaml

@@ -5,6 +5,13 @@ on:
     branches: [ dev ]
     paths:
       - 'autogpt_platform/**'
+  workflow_dispatch:
+    inputs:
+      git_ref:
+        description: 'Git ref (branch/tag) of AutoGPT to deploy'
+        required: true
+        default: 'master'
+        type: string
 
 permissions:
   contents: 'read'
@@ -19,6 +26,8 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.git_ref || github.ref_name }}
 
       - name: Set up Python
         uses: actions/setup-python@v5
@@ -48,4 +57,4 @@ jobs:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
           event-type: build_deploy_dev
-          client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}", "repository": "${{ github.repository }}"}'
+          client-payload: '{"ref": "${{ github.event.inputs.git_ref || github.ref }}", "repository": "${{ github.repository }}"}'

.github/workflows/platform-autogpt-deploy-prod.yml

@@ -3,6 +3,7 @@ name: AutoGPT Platform - Deploy Prod Environment
 on:
   release:
     types: [published]
+  workflow_dispatch:
 
 permissions:
   contents: 'read'
@@ -17,6 +18,8 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+        with:
+          ref: ${{ github.ref_name || 'master' }}
 
       - name: Set up Python
         uses: actions/setup-python@v5
@@ -36,7 +39,7 @@ jobs:
           DATABASE_URL: ${{ secrets.BACKEND_DATABASE_URL }}
           DIRECT_URL: ${{ secrets.BACKEND_DATABASE_URL }}
 
-          
+
   trigger:
     needs: migrate
     runs-on: ubuntu-latest
@@ -47,4 +50,5 @@ jobs:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
           event-type: build_deploy_prod
-          client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}", "repository": "${{ github.repository }}"}'
+          client-payload: |
+            {"ref": "${{ github.ref_name || 'master' }}", "repository": "${{ github.repository }}"}

.github/workflows/platform-backend-ci.yml

@@ -32,14 +32,12 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.11"]
+        python-version: ["3.11", "3.12", "3.13"]
     runs-on: ubuntu-latest
 
     services:
       redis:
-        image: bitnami/redis:6.2
-        env:
-          REDIS_PASSWORD: testpassword
+        image: redis:latest
         ports:
           - 6379:6379
       rabbitmq:
@@ -50,6 +48,23 @@ jobs:
         env:
           RABBITMQ_DEFAULT_USER: ${{ env.RABBITMQ_DEFAULT_USER }}
           RABBITMQ_DEFAULT_PASS: ${{ env.RABBITMQ_DEFAULT_PASS }}
+      clamav:
+        image: clamav/clamav-debian:latest
+        ports:
+          - 3310:3310
+        env:
+          CLAMAV_NO_FRESHCLAMD: false
+          CLAMD_CONF_StreamMaxLength: 50M
+          CLAMD_CONF_MaxFileSize: 100M
+          CLAMD_CONF_MaxScanSize: 100M
+          CLAMD_CONF_MaxThreads: 4
+          CLAMD_CONF_ReadTimeout: 300
+        options: >-
+          --health-cmd "clamdscan --version || exit 1"
+          --health-interval 30s
+          --health-timeout 10s
+          --health-retries 5
+          --health-start-period 180s
 
     steps:
       - name: Checkout repository
@@ -119,7 +134,7 @@ jobs:
         run: poetry install
 
       - name: Generate Prisma Client
-        run: poetry run prisma generate
+        run: poetry run prisma generate && poetry run gen-prisma-stub
 
       - id: supabase
         name: Start Supabase
@@ -131,6 +146,35 @@ jobs:
         # outputs:
         # DB_URL, API_URL, GRAPHQL_URL, ANON_KEY, SERVICE_ROLE_KEY, JWT_SECRET
 
+      - name: Wait for ClamAV to be ready
+        run: |
+          echo "Waiting for ClamAV daemon to start..."
+          max_attempts=60
+          attempt=0
+          
+          until nc -z localhost 3310 || [ $attempt -eq $max_attempts ]; do
+            echo "ClamAV is unavailable - sleeping (attempt $((attempt+1))/$max_attempts)"
+            sleep 5
+            attempt=$((attempt+1))
+          done
+          
+          if [ $attempt -eq $max_attempts ]; then
+            echo "ClamAV failed to start after $((max_attempts*5)) seconds"
+            echo "Checking ClamAV service logs..."
+            docker logs $(docker ps -q --filter "ancestor=clamav/clamav-debian:latest") 2>&1 | tail -50 || echo "No ClamAV container found"
+            exit 1
+          fi
+          
+          echo "ClamAV is ready!"
+          
+          # Verify ClamAV is responsive
+          echo "Testing ClamAV connection..."
+          timeout 10 bash -c 'echo "PING" | nc localhost 3310' || {
+            echo "ClamAV is not responding to PING"
+            docker logs $(docker ps -q --filter "ancestor=clamav/clamav-debian:latest") 2>&1 | tail -50 || echo "No ClamAV container found"
+            exit 1
+          }
+
       - name: Run Database Migrations
         run: poetry run prisma migrate dev --name updates
         env:
@@ -144,9 +188,9 @@ jobs:
       - name: Run pytest with coverage
         run: |
           if [[ "${{ runner.debug }}" == "1" ]]; then
-            poetry run pytest -s -vv -o log_cli=true -o log_cli_level=DEBUG test
+            poetry run pytest -s -vv -o log_cli=true -o log_cli_level=DEBUG
           else
-            poetry run pytest -s -vv test
+            poetry run pytest -s -vv
           fi
         if: success() || (failure() && steps.lint.outcome == 'failure')
         env:
@@ -155,10 +199,10 @@ jobs:
           DIRECT_URL: ${{ steps.supabase.outputs.DB_URL }}
           SUPABASE_URL: ${{ steps.supabase.outputs.API_URL }}
           SUPABASE_SERVICE_ROLE_KEY: ${{ steps.supabase.outputs.SERVICE_ROLE_KEY }}
-          SUPABASE_JWT_SECRET: ${{ steps.supabase.outputs.JWT_SECRET }}
+          JWT_VERIFY_KEY: ${{ steps.supabase.outputs.JWT_SECRET }}
           REDIS_HOST: "localhost"
           REDIS_PORT: "6379"
-          REDIS_PASSWORD: "testpassword"
+          ENCRYPTION_KEY: "dvziYgz0KSK8FENhju0ZYi8-fRTfAdlz6YLhdB_jhNw=" # DO NOT USE IN PRODUCTION!!
 
     env:
       CI: true

.github/workflows/platform-frontend-ci.yml

@@ -12,58 +12,126 @@ on:
       - "autogpt_platform/frontend/**"
   merge_group:
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'merge_group' && format('merge-queue-{0}', github.ref) || format('{0}-{1}', github.ref, github.event.pull_request.number || github.sha) }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 defaults:
   run:
     shell: bash
     working-directory: autogpt_platform/frontend
 
 jobs:
-  lint:
+  setup:
     runs-on: ubuntu-latest
+    outputs:
+      cache-key: ${{ steps.cache-key.outputs.key }}
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: "21"
+          node-version: "22.18.0"
 
       - name: Enable corepack
         run: corepack enable
 
+      - name: Generate cache key
+        id: cache-key
+        run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT
+
+      - name: Cache dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ steps.cache-key.outputs.key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+  lint:
+    runs-on: ubuntu-latest
+    needs: setup
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22.18.0"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
       - name: Run lint
         run: pnpm lint
 
-  type-check:
+  chromatic:
     runs-on: ubuntu-latest
+    needs: setup
+    # Only run on dev branch pushes or PRs targeting dev
+    if: github.ref == 'refs/heads/dev' || github.base_ref == 'dev'
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: "21"
+          node-version: "22.18.0"
 
       - name: Enable corepack
         run: corepack enable
 
+      - name: Restore dependencies cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
-      - name: Run tsc check
-        run: pnpm type-check
+      - name: Run Chromatic
+        uses: chromaui/action@latest
+        with:
+          projectToken: chpt_9e7c1a76478c9c8
+          onlyChanged: true
+          workingDir: autogpt_platform/frontend
+          token: ${{ secrets.GITHUB_TOKEN }}
+          exitOnceUploaded: true
 
   test:
-    runs-on: ubuntu-latest
+    runs-on: big-boi
+    needs: setup
     strategy:
       fail-fast: false
-      matrix:
-        browser: [chromium, webkit]
 
     steps:
       - name: Checkout repository
@@ -74,52 +142,98 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: "21"
+          node-version: "22.18.0"
 
       - name: Enable corepack
         run: corepack enable
 
-      - name: Free Disk Space (Ubuntu)
-        uses: jlumbroso/free-disk-space@main
-        with:
-          large-packages: false # slow
-          docker-images: false # limited benefit
-
       - name: Copy default supabase .env
         run: |
-          cp ../.env.example ../.env
+          cp ../.env.default ../.env
 
-      - name: Copy backend .env
-        run: |
-          cp ../backend/.env.example ../backend/.env
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Cache Docker layers
+        uses: actions/cache@v4
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-frontend-test-${{ hashFiles('autogpt_platform/docker-compose.yml', 'autogpt_platform/backend/Dockerfile', 'autogpt_platform/backend/pyproject.toml', 'autogpt_platform/backend/poetry.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-frontend-test-
 
       - name: Run docker compose
         run: |
-          docker compose -f ../docker-compose.yml up -d
+          NEXT_PUBLIC_PW_TEST=true docker compose -f ../docker-compose.yml up -d
+        env:
+          DOCKER_BUILDKIT: 1
+          BUILDX_CACHE_FROM: type=local,src=/tmp/.buildx-cache
+          BUILDX_CACHE_TO: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          if [ -d "/tmp/.buildx-cache-new" ]; then
+            mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+          fi
+
+      - name: Wait for services to be ready
+        run: |
+          echo "Waiting for rest_server to be ready..."
+          timeout 60 sh -c 'until curl -f http://localhost:8006/health 2>/dev/null; do sleep 2; done' || echo "Rest server health check timeout, continuing..."
+          echo "Waiting for database to be ready..."
+          timeout 60 sh -c 'until docker compose -f ../docker-compose.yml exec -T db pg_isready -U postgres 2>/dev/null; do sleep 2; done' || echo "Database ready check timeout, continuing..."
+
+      - name: Create E2E test data
+        run: |
+          echo "Creating E2E test data..."
+          # First try to run the script from inside the container
+          if docker compose -f ../docker-compose.yml exec -T rest_server test -f /app/autogpt_platform/backend/test/e2e_test_data.py; then
+            echo "✅ Found e2e_test_data.py in container, running it..."
+            docker compose -f ../docker-compose.yml exec -T rest_server sh -c "cd /app/autogpt_platform && python backend/test/e2e_test_data.py" || {
+              echo "❌ E2E test data creation failed!"
+              docker compose -f ../docker-compose.yml logs --tail=50 rest_server
+              exit 1
+            }
+          else
+            echo "⚠️ e2e_test_data.py not found in container, copying and running..."
+            # Copy the script into the container and run it
+            docker cp ../backend/test/e2e_test_data.py $(docker compose -f ../docker-compose.yml ps -q rest_server):/tmp/e2e_test_data.py || {
+              echo "❌ Failed to copy script to container"
+              exit 1
+            }
+            docker compose -f ../docker-compose.yml exec -T rest_server sh -c "cd /app/autogpt_platform && python /tmp/e2e_test_data.py" || {
+              echo "❌ E2E test data creation failed!"
+              docker compose -f ../docker-compose.yml logs --tail=50 rest_server
+              exit 1
+            }
+          fi
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
 
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
 
-      - name: Setup .env
-        run: cp .env.example .env
-
-      - name: Build frontend
-        run: pnpm build --turbo
-        # uses Turbopack, much faster and safe enough for a test pipeline
-
-      - name: Install Browser '${{ matrix.browser }}'
-        run: pnpm playwright install --with-deps ${{ matrix.browser }}
+      - name: Install Browser 'chromium'
+        run: pnpm playwright install --with-deps chromium
 
       - name: Run Playwright tests
-        run: pnpm test:no-build --project=${{ matrix.browser }}
+        run: pnpm test:no-build
+
+      - name: Upload Playwright artifacts
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-report
+          path: playwright-report
 
       - name: Print Final Docker Compose logs
         if: always()
         run: docker compose -f ../docker-compose.yml logs
-
-      - uses: actions/upload-artifact@v4
-        if: ${{ !cancelled() }}
-        with:
-          name: playwright-report-${{ matrix.browser }}
-          path: playwright-report/
-          retention-days: 30

.github/workflows/platform-fullstack-ci.yml

@@ -0,0 +1,136 @@
+name: AutoGPT Platform - Frontend CI
+
+on:
+  push:
+    branches: [master, dev]
+    paths:
+      - ".github/workflows/platform-fullstack-ci.yml"
+      - "autogpt_platform/**"
+  pull_request:
+    paths:
+      - ".github/workflows/platform-fullstack-ci.yml"
+      - "autogpt_platform/**"
+  merge_group:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'merge_group' && format('merge-queue-{0}', github.ref) || github.head_ref && format('pr-{0}', github.event.pull_request.number) || github.sha }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+defaults:
+  run:
+    shell: bash
+    working-directory: autogpt_platform/frontend
+
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    outputs:
+      cache-key: ${{ steps.cache-key.outputs.key }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22.18.0"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Generate cache key
+        id: cache-key
+        run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT
+
+      - name: Cache dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ steps.cache-key.outputs.key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
+            ${{ runner.os }}-pnpm-
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+  types:
+    runs-on: ubuntu-latest
+    needs: setup
+    strategy:
+      fail-fast: false
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22.18.0"
+
+      - name: Enable corepack
+        run: corepack enable
+
+      - name: Copy default supabase .env
+        run: |
+          cp ../.env.default ../.env
+
+      - name: Copy backend .env
+        run: |
+          cp ../backend/.env.default ../backend/.env
+
+      - name: Run docker compose
+        run: |
+          docker compose -f ../docker-compose.yml --profile local --profile deps_backend up -d
+
+      - name: Restore dependencies cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.pnpm-store
+          key: ${{ needs.setup.outputs.cache-key }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Setup .env
+        run: cp .env.default .env
+
+      - name: Wait for services to be ready
+        run: |
+          echo "Waiting for rest_server to be ready..."
+          timeout 60 sh -c 'until curl -f http://localhost:8006/health 2>/dev/null; do sleep 2; done' || echo "Rest server health check timeout, continuing..."
+          echo "Waiting for database to be ready..."
+          timeout 60 sh -c 'until docker compose -f ../docker-compose.yml exec -T db pg_isready -U postgres 2>/dev/null; do sleep 2; done' || echo "Database ready check timeout, continuing..."
+
+      - name: Generate API queries
+        run: pnpm generate:api:force
+
+      - name: Check for API schema changes
+        run: |
+          if ! git diff --exit-code src/app/api/openapi.json; then
+            echo "❌ API schema changes detected in src/app/api/openapi.json"
+            echo ""
+            echo "The openapi.json file has been modified after running 'pnpm generate:api-all'."
+            echo "This usually means changes have been made in the BE endpoints without updating the Frontend."
+            echo "The API schema is now out of sync with the Front-end queries."
+            echo ""
+            echo "To fix this:"
+            echo "1. Pull the backend 'docker compose pull && docker compose up -d --build --force-recreate'"
+            echo "2. Run 'pnpm generate:api' locally"
+            echo "3. Run 'pnpm types' locally"
+            echo "4. Fix any TypeScript errors that may have been introduced"
+            echo "5. Commit and push your changes"
+            echo ""
+            exit 1
+          else
+            echo "✅ No API schema changes detected"
+          fi
+
+      - name: Run Typescript checks
+        run: pnpm types

.github/workflows/repo-close-stale-issues.yml

@@ -11,7 +11,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v10
         with:
           # operations-per-run: 5000
           stale-issue-message: >

.github/workflows/repo-pr-label.yml

@@ -61,6 +61,6 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/labeler@v5
+      - uses: actions/labeler@v6
         with:
           sync-labels: true

.gitignore

@@ -5,6 +5,8 @@ classic/original_autogpt/*.json
 auto_gpt_workspace/*
 *.mpeg
 .env
+# Root .env files
+/.env
 azure.yaml
 .vscode
 .idea/*
@@ -121,7 +123,6 @@ celerybeat.pid
 
 # Environments
 .direnv/
-.env
 .venv
 env/
 venv*/
@@ -165,7 +166,7 @@ package-lock.json
 
 # Allow for locally private items
 # private
-pri* 
+pri*
 # ignore
 ig*
 .github_access_token
@@ -177,3 +178,4 @@ autogpt_platform/backend/settings.py
 *.ign.*
 .test-contents
 .claude/settings.local.json
+/autogpt_platform/backend/logs

.pr_agent.toml

@@ -1,6 +1,3 @@
-[pr_reviewer]
-num_code_suggestions=0
-
 [pr_code_suggestions]
 commitable_code_suggestions=false
 num_code_suggestions=0

.pre-commit-config.yaml

@@ -235,7 +235,7 @@ repos:
     hooks:
       - id: tsc
         name: Typecheck - AutoGPT Platform - Frontend
-        entry: bash -c 'cd autogpt_platform/frontend && pnpm type-check'
+        entry: bash -c 'cd autogpt_platform/frontend && pnpm types'
         files: ^autogpt_platform/frontend/
         types: [file]
         language: system

.vscode/launch.json

@@ -6,7 +6,7 @@
       "type": "node-terminal",
       "request": "launch",
       "cwd": "${workspaceFolder}/autogpt_platform/frontend",
-      "command": "yarn dev"
+      "command": "pnpm dev"
     },
     {
       "name": "Frontend: Client Side",
@@ -19,12 +19,12 @@
       "type": "node-terminal",
 
       "request": "launch",
-      "command": "yarn dev",
+      "command": "pnpm dev",
       "cwd": "${workspaceFolder}/autogpt_platform/frontend",
       "serverReadyAction": {
         "pattern": "- Local:.+(https?://.+)",
         "uriFormat": "%s",
-        "action": "debugWithEdge"
+        "action": "debugWithChrome"
       }
     },
     {

LICENSE

@@ -1,6 +1,197 @@
-All portions of this repository are under one of two licenses. The majority of the AutoGPT repository is under the MIT License below. The autogpt_platform folder is under the
-Polyform Shield License. 
+All portions of this repository are under one of two licenses. 
 
+- Everything inside the autogpt_platform folder is under the Polyform Shield License.
+- Everything outside the autogpt_platform folder is under the MIT License. 
+
+More info:
+
+**Polyform Shield License:**
+Code and content within the `autogpt_platform` folder is licensed under the Polyform Shield License. This new project is our in-developlemt platform for building, deploying and managing agents.
+Read more about this effort here: https://agpt.co/blog/introducing-the-autogpt-platform
+
+**MIT License:**
+All other portions of the AutoGPT repository (i.e., everything outside the `autogpt_platform` folder) are licensed under the MIT License. This includes:
+- The Original, stand-alone AutoGPT Agent
+- Forge: https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/forge
+- AG Benchmark: https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/benchmark
+- AutoGPT Classic GUI: https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/frontend.
+
+We also publish additional work under the MIT Licence in other repositories, such as GravitasML (https://github.com/Significant-Gravitas/gravitasml) which is developed for and used in the AutoGPT Platform, and our [Code Ability](https://github.com/Significant-Gravitas/AutoGPT-Code-Ability) project.
+
+Both licences are available to read below:
+
+=====================================================
+-----------------------------------------------------
+=====================================================
+
+# PolyForm Shield License 1.0.0
+
+<https://polyformproject.org/licenses/shield/1.0.0>
+
+## Acceptance
+
+In order to get any license under these terms, you must agree
+to them as both strict obligations and conditions to all
+your licenses.
+
+## Copyright License
+
+The licensor grants you a copyright license for the
+software to do everything you might do with the software
+that would otherwise infringe the licensor's copyright
+in it for any permitted purpose.  However, you may
+only distribute the software according to [Distribution
+License](#distribution-license) and make changes or new works
+based on the software according to [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Distribution License
+
+The licensor grants you an additional copyright license
+to distribute copies of the software.  Your license
+to distribute covers distributing the software with
+changes and new works permitted by [Changes and New Works
+License](#changes-and-new-works-license).
+
+## Notices
+
+You must ensure that anyone who gets a copy of any part of
+the software from you also gets a copy of these terms or the
+URL for them above, as well as copies of any plain-text lines
+beginning with `Required Notice:` that the licensor provided
+with the software.  For example:
+
+> Required Notice: Copyright Yoyodyne, Inc. (http://example.com)
+
+## Changes and New Works License
+
+The licensor grants you an additional copyright license to
+make changes and new works based on the software for any
+permitted purpose.
+
+## Patent License
+
+The licensor grants you a patent license for the software that
+covers patent claims the licensor can license, or becomes able
+to license, that you would infringe by using the software.
+
+## Noncompete
+
+Any purpose is a permitted purpose, except for providing any
+product that competes with the software or any product the
+licensor or any of its affiliates provides using the software.
+
+## Competition
+
+Goods and services compete even when they provide functionality
+through different kinds of interfaces or for different technical
+platforms.  Applications can compete with services, libraries
+with plugins, frameworks with development tools, and so on,
+even if they're written in different programming languages
+or for different computer architectures.  Goods and services
+compete even when provided free of charge.  If you market a
+product as a practical substitute for the software or another
+product, it definitely competes.
+
+## New Products
+
+If you are using the software to provide a product that does
+not compete, but the licensor or any of its affiliates brings
+your product into competition by providing a new version of
+the software or another product using the software, you may
+continue using versions of the software available under these
+terms beforehand to provide your competing product, but not
+any later versions.
+
+## Discontinued Products
+
+You may begin using the software to compete with a product
+or service that the licensor or any of its affiliates has
+stopped providing, unless the licensor includes a plain-text
+line beginning with `Licensor Line of Business:` with the
+software that mentions that line of business.  For example:
+
+> Licensor Line of Business: YoyodyneCMS Content Management
+System (http://example.com/cms)
+
+## Sales of Business
+
+If the licensor or any of its affiliates sells a line of
+business developing the software or using the software
+to provide a product, the buyer can also enforce
+[Noncompete](#noncompete) for that product.
+
+## Fair Use
+
+You may have "fair use" rights for the software under the
+law. These terms do not limit them.
+
+## No Other Rights
+
+These terms do not allow you to sublicense or transfer any of
+your licenses to anyone else, or prevent the licensor from
+granting licenses to anyone else.  These terms do not imply
+any other licenses.
+
+## Patent Defense
+
+If you make any written claim that the software infringes or
+contributes to infringement of any patent, your patent license
+for the software granted under these terms ends immediately. If
+your company makes such a claim, your patent license ends
+immediately for work on behalf of your company.
+
+## Violations
+
+The first time you are notified in writing that you have
+violated any of these terms, or done anything with the software
+not covered by your licenses, your licenses can nonetheless
+continue if you come into full compliance with these terms,
+and take practical steps to correct past violations, within
+32 days of receiving notice.  Otherwise, all your licenses
+end immediately.
+
+## No Liability
+
+***As far as the law allows, the software comes as is, without
+any warranty or condition, and the licensor will not be liable
+to you for any damages arising out of these terms or the use
+or nature of the software, under any kind of legal claim.***
+
+## Definitions
+
+The **licensor** is the individual or entity offering these
+terms, and the **software** is the software the licensor makes
+available under these terms.
+
+A **product** can be a good or service, or a combination
+of them.
+
+**You** refers to the individual or entity agreeing to these
+terms.
+
+**Your company** is any legal entity, sole proprietorship,
+or other kind of organization that you work for, plus all
+its affiliates.
+
+**Affiliates** means the other organizations than an
+organization has control over, is under the control of, or is
+under common control with.
+
+**Control** means ownership of substantially all the assets of
+an entity, or the power to direct its management and policies
+by vote, contract, or otherwise.  Control can be direct or
+indirect.
+
+**Your licenses** are all the licenses granted to you for the
+software under these terms.
+
+**Use** means anything you do with the software requiring one
+of your licenses.
+
+=====================================================
+-----------------------------------------------------
+=====================================================
 
 MIT License
 

README.md

@@ -1,16 +1,25 @@
 # AutoGPT: Build, Deploy, and Run AI Agents
 
-[![Discord Follow](https://dcbadge.vercel.app/api/server/autogpt?style=flat)](https://discord.gg/autogpt)  
+[![Discord Follow](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fdiscord.com%2Fapi%2Finvites%2Fautogpt%3Fwith_counts%3Dtrue&query=%24.approximate_member_count&label=total%20members&logo=discord&logoColor=white&color=7289da)](https://discord.gg/autogpt)  
 [![Twitter Follow](https://img.shields.io/twitter/follow/Auto_GPT?style=social)](https://twitter.com/Auto_GPT)  
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+<!-- Keep these links. Translations will automatically update with the README. -->
+[Deutsch](https://zdoc.app/de/Significant-Gravitas/AutoGPT) | 
+[Español](https://zdoc.app/es/Significant-Gravitas/AutoGPT) | 
+[français](https://zdoc.app/fr/Significant-Gravitas/AutoGPT) | 
+[日本語](https://zdoc.app/ja/Significant-Gravitas/AutoGPT) | 
+[한국어](https://zdoc.app/ko/Significant-Gravitas/AutoGPT) | 
+[Português](https://zdoc.app/pt/Significant-Gravitas/AutoGPT) | 
+[Русский](https://zdoc.app/ru/Significant-Gravitas/AutoGPT) | 
+[中文](https://zdoc.app/zh/Significant-Gravitas/AutoGPT)
 
 **AutoGPT** is a powerful platform that allows you to create, deploy, and manage continuous AI agents that automate complex workflows. 
 
 ## Hosting Options 
-   - Download to self-host
-   - [Join the Waitlist](https://bit.ly/3ZDijAI) for the cloud-hosted beta  
+   - Download to self-host (Free!)
+   - [Join the Waitlist](https://bit.ly/3ZDijAI) for the cloud-hosted beta (Closed Beta - Public release Coming Soon!)
 
-## How to Setup for Self-Hosting
+## How to Self-Host the AutoGPT Platform
 > [!NOTE]
 > Setting up and hosting the AutoGPT Platform yourself is a technical process. 
 > If you'd rather something that just works, we recommend [joining the waitlist](https://bit.ly/3ZDijAI) for the cloud-hosted beta.
@@ -50,6 +59,24 @@ We've moved to a fully maintained and regularly updated documentation site.
 
 This tutorial assumes you have Docker, VSCode, git and npm installed.
 
+---
+
+#### ⚡ Quick Setup with One-Line Script (Recommended for Local Hosting)
+
+Skip the manual steps and get started in minutes using our automatic setup script.
+
+For macOS/Linux:
+```
+curl -fsSL https://setup.agpt.co/install.sh -o install.sh && bash install.sh
+```
+
+For Windows (PowerShell):
+```
+powershell -c "iwr https://setup.agpt.co/install.bat -o install.bat; ./install.bat"
+```
+
+This will install dependencies, configure Docker, and launch your local instance — all in one go.
+
 ### 🧱 AutoGPT Frontend
 
 The AutoGPT frontend is where users interact with our powerful AI automation platform. It offers multiple ways to engage with and leverage our AI agents. This is the interface where you'll bring your AI automation ideas to life:
@@ -96,7 +123,17 @@ Here are two examples of what you can do with AutoGPT:
 These examples show just a glimpse of what you can achieve with AutoGPT! You can create customized workflows to build agents for any use case.
 
 ---
-### Mission and Licencing
+
+### **License Overview:**
+
+🛡️ **Polyform Shield License:**
+All code and content within the `autogpt_platform` folder is licensed under the Polyform Shield License. This new project is our in-developlemt platform for building, deploying and managing agents.</br>_[Read more about this effort](https://agpt.co/blog/introducing-the-autogpt-platform)_
+
+🦉 **MIT License:**
+All other portions of the AutoGPT repository (i.e., everything outside the `autogpt_platform` folder) are licensed under the MIT License. This includes the original stand-alone AutoGPT Agent, along with projects such as [Forge](https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/forge), [agbenchmark](https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/benchmark) and the [AutoGPT Classic GUI](https://github.com/Significant-Gravitas/AutoGPT/tree/master/classic/frontend).</br>We also publish additional work under the MIT Licence in other repositories, such as [GravitasML](https://github.com/Significant-Gravitas/gravitasml) which is developed for and used in the AutoGPT Platform. See also our MIT Licenced [Code Ability](https://github.com/Significant-Gravitas/AutoGPT-Code-Ability) project.
+
+---
+### Mission
 Our mission is to provide the tools, so that you can focus on what matters:
 
 - 🏗️ **Building** - Lay the foundation for something amazing.
@@ -109,14 +146,6 @@ Be part of the revolution! **AutoGPT** is here to stay, at the forefront of AI i
 &ensp;|&ensp;
 **🚀 [Contributing](CONTRIBUTING.md)**
 
-**Licensing:**
-
-MIT License: The majority of the AutoGPT repository is under the MIT License.
-
-Polyform Shield License: This license applies to the autogpt_platform folder. 
-
-For more information, see https://agpt.co/blog/introducing-the-autogpt-platform
-
 ---
 ## 🤖 AutoGPT Classic
 > Below is information about the classic version of AutoGPT.

autogpt_platform/CLAUDE.md

@@ -5,6 +5,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 ## Repository Overview
 
 AutoGPT Platform is a monorepo containing:
+
 - **Backend** (`/backend`): Python FastAPI server with async support
 - **Frontend** (`/frontend`): Next.js React application
 - **Shared Libraries** (`/autogpt_libs`): Common Python utilities
@@ -12,6 +13,7 @@ AutoGPT Platform is a monorepo containing:
 ## Essential Commands
 
 ### Backend Development
+
 ```bash
 # Install dependencies
 cd backend && poetry install
@@ -19,7 +21,7 @@ cd backend && poetry install
 # Run database migrations
 poetry run prisma migrate dev
 
-# Start all services (database, redis, rabbitmq)
+# Start all services (database, redis, rabbitmq, clamav)
 docker compose up -d
 
 # Run the backend server
@@ -31,10 +33,18 @@ poetry run test
 # Run specific test
 poetry run pytest path/to/test_file.py::test_function_name
 
+# Run block tests (tests that validate all blocks work correctly)
+poetry run pytest backend/blocks/test/test_block.py -xvs
+
+# Run tests for a specific block (e.g., GetCurrentTimeBlock)
+poetry run pytest 'backend/blocks/test/test_block.py::test_available_blocks[GetCurrentTimeBlock]' -xvs
+
 # Lint and format
+# prefer format if you want to just "fix" it and only get the errors that can't be autofixed
 poetry run format  # Black + isort
 poetry run lint    # ruff
 ```
+
 More details can be found in TESTING.md
 
 #### Creating/Updating Snapshots
@@ -47,58 +57,88 @@ poetry run pytest path/to/test.py --snapshot-update
 
 ⚠️ **Important**: Always review snapshot changes before committing! Use `git diff` to verify the changes are expected.
 
-
 ### Frontend Development
+
 ```bash
 # Install dependencies
-cd frontend && npm install
+cd frontend && pnpm i
+
+# Generate API client from OpenAPI spec
+pnpm generate:api
 
 # Start development server
-npm run dev
+pnpm dev
 
 # Run E2E tests
-npm run test
+pnpm test
 
 # Run Storybook for component development
-npm run storybook
+pnpm storybook
 
 # Build production
-npm run build
+pnpm build
+
+# Format and lint
+pnpm format
 
 # Type checking
-npm run type-check
+pnpm types
 ```
 
+**📖 Complete Guide**: See `/frontend/CONTRIBUTING.md` and `/frontend/.cursorrules` for comprehensive frontend patterns.
+
+**Key Frontend Conventions:**
+
+- Separate render logic from data/behavior in components
+- Use generated API hooks from `@/app/api/__generated__/endpoints/`
+- Use function declarations (not arrow functions) for components/handlers
+- Use design system components from `src/components/` (atoms, molecules, organisms)
+- Only use Phosphor Icons
+- Never use `src/components/__legacy__/*` or deprecated `BackendAPI`
+
 ## Architecture Overview
 
 ### Backend Architecture
+
 - **API Layer**: FastAPI with REST and WebSocket endpoints
 - **Database**: PostgreSQL with Prisma ORM, includes pgvector for embeddings
 - **Queue System**: RabbitMQ for async task processing
 - **Execution Engine**: Separate executor service processes agent workflows
 - **Authentication**: JWT-based with Supabase integration
+- **Security**: Cache protection middleware prevents sensitive data caching in browsers/proxies
 
 ### Frontend Architecture
-- **Framework**: Next.js App Router with React Server Components
-- **State Management**: React hooks + Supabase client for real-time updates
+
+- **Framework**: Next.js 15 App Router (client-first approach)
+- **Data Fetching**: Type-safe generated API hooks via Orval + React Query
+- **State Management**: React Query for server state, co-located UI state in components/hooks
+- **Component Structure**: Separate render logic (`.tsx`) from business logic (`use*.ts` hooks)
 - **Workflow Builder**: Visual graph editor using @xyflow/react
-- **UI Components**: Radix UI primitives with Tailwind CSS styling
+- **UI Components**: shadcn/ui (Radix UI primitives) with Tailwind CSS styling
+- **Icons**: Phosphor Icons only
 - **Feature Flags**: LaunchDarkly integration
+- **Error Handling**: ErrorCard for render errors, toast for mutations, Sentry for exceptions
+- **Testing**: Playwright for E2E, Storybook for component development
 
 ### Key Concepts
+
 1. **Agent Graphs**: Workflow definitions stored as JSON, executed by the backend
 2. **Blocks**: Reusable components in `/backend/blocks/` that perform specific tasks
 3. **Integrations**: OAuth and API connections stored per user
 4. **Store**: Marketplace for sharing agent templates
+5. **Virus Scanning**: ClamAV integration for file upload security
 
 ### Testing Approach
+
 - Backend uses pytest with snapshot testing for API responses
 - Test files are colocated with source files (`*_test.py`)
 - Frontend uses Playwright for E2E tests
 - Component testing via Storybook
 
 ### Database Schema
+
 Key models (defined in `/backend/schema.prisma`):
+
 - `User`: Authentication and profile data
 - `AgentGraph`: Workflow definitions with version control
 - `AgentGraphExecution`: Execution history and results
@@ -106,27 +146,130 @@ Key models (defined in `/backend/schema.prisma`):
 - `StoreListing`: Marketplace listings for sharing agents
 
 ### Environment Configuration
-- Backend: `.env` file in `/backend`
-- Frontend: `.env.local` file in `/frontend`
-- Both require Supabase credentials and API keys for various services
+
+#### Configuration Files
+
+- **Backend**: `/backend/.env.default` (defaults) → `/backend/.env` (user overrides)
+- **Frontend**: `/frontend/.env.default` (defaults) → `/frontend/.env` (user overrides)
+- **Platform**: `/.env.default` (Supabase/shared defaults) → `/.env` (user overrides)
+
+#### Docker Environment Loading Order
+
+1. `.env.default` files provide base configuration (tracked in git)
+2. `.env` files provide user-specific overrides (gitignored)
+3. Docker Compose `environment:` sections provide service-specific overrides
+4. Shell environment variables have highest precedence
+
+#### Key Points
+
+- All services use hardcoded defaults in docker-compose files (no `${VARIABLE}` substitutions)
+- The `env_file` directive loads variables INTO containers at runtime
+- Backend/Frontend services use YAML anchors for consistent configuration
+- Supabase services (`db/docker/docker-compose.yml`) follow the same pattern
 
 ### Common Development Tasks
 
 **Adding a new block:**
+
+Follow the comprehensive [Block SDK Guide](../../../docs/content/platform/block-sdk-guide.md) which covers:
+
+- Provider configuration with `ProviderBuilder`
+- Block schema definition
+- Authentication (API keys, OAuth, webhooks)
+- Testing and validation
+- File organization
+
+Quick steps:
+
 1. Create new file in `/backend/backend/blocks/`
-2. Inherit from `Block` base class
-3. Define input/output schemas
-4. Implement `run` method
-5. Register in block registry
+2. Configure provider using `ProviderBuilder` in `_config.py`
+3. Inherit from `Block` base class
+4. Define input/output schemas using `BlockSchema`
+5. Implement async `run` method
+6. Generate unique block ID using `uuid.uuid4()`
+7. Test with `poetry run pytest backend/blocks/test/test_block.py`
+
+Note: when making many new blocks analyze the interfaces for each of these blocks and picture if they would go well together in a graph based editor or would they struggle to connect productively?
+ex: do the inputs and outputs tie well together?
+
+If you get any pushback or hit complex block conditions check the new_blocks guide in the docs.
 
 **Modifying the API:**
+
 1. Update route in `/backend/backend/server/routers/`
 2. Add/update Pydantic models in same directory
 3. Write tests alongside the route file
 4. Run `poetry run test` to verify
 
 **Frontend feature development:**
-1. Components go in `/frontend/src/components/`
-2. Use existing UI components from `/frontend/src/components/ui/`
-3. Add Storybook stories for new components
-4. Test with Playwright if user-facing
+
+See `/frontend/CONTRIBUTING.md` for complete patterns. Quick reference:
+
+1. **Pages**: Create in `src/app/(platform)/feature-name/page.tsx`
+   - Add `usePageName.ts` hook for logic
+   - Put sub-components in local `components/` folder
+2. **Components**: Structure as `ComponentName/ComponentName.tsx` + `useComponentName.ts` + `helpers.ts`
+   - Use design system components from `src/components/` (atoms, molecules, organisms)
+   - Never use `src/components/__legacy__/*`
+3. **Data fetching**: Use generated API hooks from `@/app/api/__generated__/endpoints/`
+   - Regenerate with `pnpm generate:api`
+   - Pattern: `use{Method}{Version}{OperationName}`
+4. **Styling**: Tailwind CSS only, use design tokens, Phosphor Icons only
+5. **Testing**: Add Storybook stories for new components, Playwright for E2E
+6. **Code conventions**: Function declarations (not arrow functions) for components/handlers
+
+### Security Implementation
+
+**Cache Protection Middleware:**
+
+- Located in `/backend/backend/server/middleware/security.py`
+- Default behavior: Disables caching for ALL endpoints with `Cache-Control: no-store, no-cache, must-revalidate, private`
+- Uses an allow list approach - only explicitly permitted paths can be cached
+- Cacheable paths include: static assets (`/static/*`, `/_next/static/*`), health checks, public store pages, documentation
+- Prevents sensitive data (auth tokens, API keys, user data) from being cached by browsers/proxies
+- To allow caching for a new endpoint, add it to `CACHEABLE_PATHS` in the middleware
+- Applied to both main API server and external API applications
+
+### Creating Pull Requests
+
+- Create the PR aginst the `dev` branch of the repository.
+- Ensure the branch name is descriptive (e.g., `feature/add-new-block`)/
+- Use conventional commit messages (see below)/
+- Fill out the .github/PULL_REQUEST_TEMPLATE.md template as the PR description/
+- Run the github pre-commit hooks to ensure code quality.
+
+### Reviewing/Revising Pull Requests
+
+- When the user runs /pr-comments or tries to fetch them, also run gh api /repos/Significant-Gravitas/AutoGPT/pulls/[issuenum]/reviews to get the reviews
+- Use gh api /repos/Significant-Gravitas/AutoGPT/pulls/[issuenum]/reviews/[review_id]/comments to get the review contents
+- Use gh api /repos/Significant-Gravitas/AutoGPT/issues/9924/comments to get the pr specific comments
+
+### Conventional Commits
+
+Use this format for commit messages and Pull Request titles:
+
+**Conventional Commit Types:**
+
+- `feat`: Introduces a new feature to the codebase
+- `fix`: Patches a bug in the codebase
+- `refactor`: Code change that neither fixes a bug nor adds a feature; also applies to removing features
+- `ci`: Changes to CI configuration
+- `docs`: Documentation-only changes
+- `dx`: Improvements to the developer experience
+
+**Recommended Base Scopes:**
+
+- `platform`: Changes affecting both frontend and backend
+- `frontend`
+- `backend`
+- `infra`
+- `blocks`: Modifications/additions of individual blocks
+
+**Subscope Examples:**
+
+- `backend/executor`
+- `backend/db`
+- `frontend/builder` (includes changes to the block UI component)
+- `infra/prod`
+
+Use these scopes and subscopes for clarity and consistency in commit messages.

autogpt_platform/Makefile

@@ -0,0 +1,63 @@
+.PHONY: start-core stop-core logs-core format lint migrate run-backend run-frontend load-store-agents
+
+# Run just Supabase + Redis + RabbitMQ
+start-core:
+	docker compose up -d deps
+
+# Stop core services
+stop-core:
+	docker compose stop deps
+
+reset-db:
+	rm -rf db/docker/volumes/db/data
+	cd backend && poetry run prisma migrate deploy
+	cd backend && poetry run prisma generate
+	cd backend && poetry run gen-prisma-stub
+	
+# View logs for core services
+logs-core:
+	docker compose logs -f deps
+
+# Run formatting and linting for backend and frontend
+format:
+	cd backend && poetry run format
+	cd frontend && pnpm format
+	cd frontend && pnpm lint
+
+init-env:
+	cp -n .env.default .env || true
+	cd backend && cp -n .env.default .env || true
+	cd frontend && cp -n .env.default .env || true
+
+
+# Run migrations for backend
+migrate:
+	cd backend && poetry run prisma migrate deploy
+	cd backend && poetry run prisma generate
+	cd backend && poetry run gen-prisma-stub
+
+run-backend:
+	cd backend && poetry run app
+
+run-frontend:
+	cd frontend && pnpm dev
+
+test-data:
+	cd backend && poetry run python test/test_data_creator.py
+
+load-store-agents:
+	cd backend && poetry run load-store-agents
+
+help:
+	@echo "Usage: make <target>"
+	@echo "Targets:"
+	@echo "  start-core - Start just the core services (Supabase, Redis, RabbitMQ) in background"
+	@echo "  stop-core - Stop the core services"
+	@echo "  reset-db - Reset the database by deleting the volume"
+	@echo "  logs-core - Tail the logs for core services"
+	@echo "  format - Format & lint backend (Python) and frontend (TypeScript) code"
+	@echo "  migrate - Run backend database migrations"
+	@echo "  run-backend - Run the backend FastAPI server"
+	@echo "  run-frontend - Run the frontend Next.js development server"
+	@echo "  test-data - Run the test data creator"
+	@echo "  load-store-agents - Load store agents from agents/ folder into test database"

autogpt_platform/README.md

@@ -8,7 +8,6 @@ Welcome to the AutoGPT Platform - a powerful system for creating and running AI
 
 - Docker
 - Docker Compose V2 (comes with Docker Desktop, or can be installed separately)
-- Node.js & NPM (for running the frontend application)
 
 ### Running the System
 
@@ -24,10 +23,10 @@ To run the AutoGPT Platform, follow these steps:
 2. Run the following command:
 
    ```
-   cp .env.example .env
+   cp .env.default .env
    ```
 
-   This command will copy the `.env.example` file to `.env`. You can modify the `.env` file to add your own environment variables.
+   This command will copy the `.env.default` file to `.env`. You can modify the `.env` file to add your own environment variables.
 
 3. Run the following command:
 
@@ -37,38 +36,38 @@ To run the AutoGPT Platform, follow these steps:
 
    This command will start all the necessary backend services defined in the `docker-compose.yml` file in detached mode.
 
-4. Navigate to `frontend` within the `autogpt_platform` directory:
+4. After all the services are in ready state, open your browser and navigate to `http://localhost:3000` to access the AutoGPT Platform frontend.
 
-   ```
-   cd frontend
-   ```
+### Running Just Core services
 
-   You will need to run your frontend application separately on your local machine.
+You can now run the following to enable just the core services.
 
-5. Run the following command:
+```
+# For help
+make help
 
-   ```
-   cp .env.example .env.local
-   ```
+# Run just Supabase + Redis + RabbitMQ
+make start-core
 
-   This command will copy the `.env.example` file to `.env.local` in the `frontend` directory. You can modify the `.env.local` within this folder to add your own environment variables for the frontend application.
+# Stop core services
+make stop-core
 
-6. Run the following command:
+# View logs from core services 
+make logs-core
 
-   Enable corepack and install dependencies by running:
+# Run formatting and linting for backend and frontend
+make format
 
-   ```
-   corepack enable
-   pnpm i
-   ```
+# Run migrations for backend database
+make migrate
 
-   Then start the frontend application in development mode:
+# Run backend server
+make run-backend
 
-   ```
-   pnpm dev
-   ```
+# Run frontend development server
+make run-frontend
 
-7. Open your browser and navigate to `http://localhost:3000` to access the AutoGPT Platform frontend.
+```
 
 ### Docker Compose Commands
 
@@ -164,3 +163,28 @@ To persist data for PostgreSQL and Redis, you can modify the `docker-compose.yml
 3. Save the file and run `docker compose up -d` to apply the changes.
 
 This configuration will create named volumes for PostgreSQL and Redis, ensuring that your data persists across container restarts.
+
+### API Client Generation
+
+The platform includes scripts for generating and managing the API client:
+
+- `pnpm fetch:openapi`: Fetches the OpenAPI specification from the backend service (requires backend to be running on port 8006)
+- `pnpm generate:api-client`: Generates the TypeScript API client from the OpenAPI specification using Orval
+- `pnpm generate:api`: Runs both fetch and generate commands in sequence
+
+#### Manual API Client Updates
+
+If you need to update the API client after making changes to the backend API:
+
+1. Ensure the backend services are running:
+
+   ```
+   docker compose up -d
+   ```
+
+2. Generate the updated API client:
+   ```
+   pnpm generate:api
+   ```
+
+This will fetch the latest OpenAPI specification and regenerate the TypeScript client code.

autogpt_platform/autogpt_libs/autogpt_libs/api_key/key_manager.py

@@ -1,35 +0,0 @@
-import hashlib
-import secrets
-from typing import NamedTuple
-
-
-class APIKeyContainer(NamedTuple):
-    """Container for API key parts."""
-
-    raw: str
-    prefix: str
-    postfix: str
-    hash: str
-
-
-class APIKeyManager:
-    PREFIX: str = "agpt_"
-    PREFIX_LENGTH: int = 8
-    POSTFIX_LENGTH: int = 8
-
-    def generate_api_key(self) -> APIKeyContainer:
-        """Generate a new API key with all its parts."""
-        raw_key = f"{self.PREFIX}{secrets.token_urlsafe(32)}"
-        return APIKeyContainer(
-            raw=raw_key,
-            prefix=raw_key[: self.PREFIX_LENGTH],
-            postfix=raw_key[-self.POSTFIX_LENGTH :],
-            hash=hashlib.sha256(raw_key.encode()).hexdigest(),
-        )
-
-    def verify_api_key(self, provided_key: str, stored_hash: str) -> bool:
-        """Verify if a provided API key matches the stored hash."""
-        if not provided_key.startswith(self.PREFIX):
-            return False
-        provided_hash = hashlib.sha256(provided_key.encode()).hexdigest()
-        return secrets.compare_digest(provided_hash, stored_hash)

autogpt_platform/autogpt_libs/autogpt_libs/api_key/keysmith.py

@@ -0,0 +1,81 @@
+import hashlib
+import secrets
+from typing import NamedTuple
+
+from cryptography.hazmat.primitives.kdf.scrypt import Scrypt
+
+
+class APIKeyContainer(NamedTuple):
+    """Container for API key parts."""
+
+    key: str
+    head: str
+    tail: str
+    hash: str
+    salt: str
+
+
+class APIKeySmith:
+    PREFIX: str = "agpt_"
+    HEAD_LENGTH: int = 8
+    TAIL_LENGTH: int = 8
+
+    def generate_key(self) -> APIKeyContainer:
+        """Generate a new API key with secure hashing."""
+        raw_key = f"{self.PREFIX}{secrets.token_urlsafe(32)}"
+        hash, salt = self.hash_key(raw_key)
+
+        return APIKeyContainer(
+            key=raw_key,
+            head=raw_key[: self.HEAD_LENGTH],
+            tail=raw_key[-self.TAIL_LENGTH :],
+            hash=hash,
+            salt=salt,
+        )
+
+    def verify_key(
+        self, provided_key: str, known_hash: str, known_salt: str | None = None
+    ) -> bool:
+        """
+        Verify an API key against a known hash (+ salt).
+        Supports verifying both legacy SHA256 and secure Scrypt hashes.
+        """
+        if not provided_key.startswith(self.PREFIX):
+            return False
+
+        # Handle legacy SHA256 hashes (migration support)
+        if known_salt is None:
+            legacy_hash = hashlib.sha256(provided_key.encode()).hexdigest()
+            return secrets.compare_digest(legacy_hash, known_hash)
+
+        try:
+            salt_bytes = bytes.fromhex(known_salt)
+            provided_hash = self._hash_key_with_salt(provided_key, salt_bytes)
+            return secrets.compare_digest(provided_hash, known_hash)
+        except (ValueError, TypeError):
+            return False
+
+    def hash_key(self, raw_key: str) -> tuple[str, str]:
+        """Migrate a legacy hash to secure hash format."""
+        if not raw_key.startswith(self.PREFIX):
+            raise ValueError("Key without 'agpt_' prefix would fail validation")
+
+        salt = self._generate_salt()
+        hash = self._hash_key_with_salt(raw_key, salt)
+        return hash, salt.hex()
+
+    def _generate_salt(self) -> bytes:
+        """Generate a random salt for hashing."""
+        return secrets.token_bytes(32)
+
+    def _hash_key_with_salt(self, raw_key: str, salt: bytes) -> str:
+        """Hash API key using Scrypt with salt."""
+        kdf = Scrypt(
+            length=32,
+            salt=salt,
+            n=2**14,  # CPU/memory cost parameter
+            r=8,  # Block size parameter
+            p=1,  # Parallelization parameter
+        )
+        key_hash = kdf.derive(raw_key.encode())
+        return key_hash.hex()

autogpt_platform/autogpt_libs/autogpt_libs/api_key/test_keysmith.py

@@ -0,0 +1,79 @@
+import hashlib
+
+from autogpt_libs.api_key.keysmith import APIKeySmith
+
+
+def test_generate_api_key():
+    keysmith = APIKeySmith()
+    key = keysmith.generate_key()
+
+    assert key.key.startswith(keysmith.PREFIX)
+    assert key.head == key.key[: keysmith.HEAD_LENGTH]
+    assert key.tail == key.key[-keysmith.TAIL_LENGTH :]
+    assert len(key.hash) == 64  # 32 bytes hex encoded
+    assert len(key.salt) == 64  # 32 bytes hex encoded
+
+
+def test_verify_new_secure_key():
+    keysmith = APIKeySmith()
+    key = keysmith.generate_key()
+
+    # Test correct key validates
+    assert keysmith.verify_key(key.key, key.hash, key.salt) is True
+
+    # Test wrong key fails
+    wrong_key = f"{keysmith.PREFIX}wrongkey123"
+    assert keysmith.verify_key(wrong_key, key.hash, key.salt) is False
+
+
+def test_verify_legacy_key():
+    keysmith = APIKeySmith()
+    legacy_key = f"{keysmith.PREFIX}legacykey123"
+    legacy_hash = hashlib.sha256(legacy_key.encode()).hexdigest()
+
+    # Test legacy key validates without salt
+    assert keysmith.verify_key(legacy_key, legacy_hash) is True
+
+    # Test wrong legacy key fails
+    wrong_key = f"{keysmith.PREFIX}wronglegacy"
+    assert keysmith.verify_key(wrong_key, legacy_hash) is False
+
+
+def test_rehash_existing_key():
+    keysmith = APIKeySmith()
+    legacy_key = f"{keysmith.PREFIX}migratekey123"
+
+    # Migrate the legacy key
+    new_hash, new_salt = keysmith.hash_key(legacy_key)
+
+    # Verify migrated key works
+    assert keysmith.verify_key(legacy_key, new_hash, new_salt) is True
+
+    # Verify different key fails with migrated hash
+    wrong_key = f"{keysmith.PREFIX}wrongkey"
+    assert keysmith.verify_key(wrong_key, new_hash, new_salt) is False
+
+
+def test_invalid_key_prefix():
+    keysmith = APIKeySmith()
+    key = keysmith.generate_key()
+
+    # Test key without proper prefix fails
+    invalid_key = "invalid_prefix_key"
+    assert keysmith.verify_key(invalid_key, key.hash, key.salt) is False
+
+
+def test_secure_hash_requires_salt():
+    keysmith = APIKeySmith()
+    key = keysmith.generate_key()
+
+    # Secure hash without salt should fail
+    assert keysmith.verify_key(key.key, key.hash) is False
+
+
+def test_invalid_salt_format():
+    keysmith = APIKeySmith()
+    key = keysmith.generate_key()
+
+    # Invalid salt format should fail gracefully
+    assert keysmith.verify_key(key.key, key.hash, "invalid_hex") is False

autogpt_platform/autogpt_libs/autogpt_libs/auth/__init__.py

@@ -1,13 +1,19 @@
-from .depends import requires_admin_user, requires_user
-from .jwt_utils import parse_jwt_token
-from .middleware import APIKeyValidator, auth_middleware
+from .config import verify_settings
+from .dependencies import (
+    get_optional_user_id,
+    get_user_id,
+    requires_admin_user,
+    requires_user,
+)
+from .helpers import add_auth_responses_to_openapi
 from .models import User
 
 __all__ = [
-    "parse_jwt_token",
-    "requires_user",
+    "verify_settings",
+    "get_user_id",
     "requires_admin_user",
-    "APIKeyValidator",
-    "auth_middleware",
+    "requires_user",
+    "get_optional_user_id",
+    "add_auth_responses_to_openapi",
     "User",
 ]

autogpt_platform/autogpt_libs/autogpt_libs/auth/config.py

@@ -1,15 +1,90 @@
+import logging
 import os
 
+from jwt.algorithms import get_default_algorithms, has_crypto
+
+logger = logging.getLogger(__name__)
+
+
+class AuthConfigError(ValueError):
+    """Raised when authentication configuration is invalid."""
+
+    pass
+
+
+ALGO_RECOMMENDATION = (
+    "We highly recommend using an asymmetric algorithm such as ES256, "
+    "because when leaked, a shared secret would allow anyone to "
+    "forge valid tokens and impersonate users. "
+    "More info: https://supabase.com/docs/guides/auth/signing-keys#choosing-the-right-signing-algorithm"  # noqa
+)
+
 
 class Settings:
     def __init__(self):
-        self.JWT_SECRET_KEY: str = os.getenv("SUPABASE_JWT_SECRET", "")
-        self.ENABLE_AUTH: bool = os.getenv("ENABLE_AUTH", "false").lower() == "true"
-        self.JWT_ALGORITHM: str = "HS256"
+        self.JWT_VERIFY_KEY: str = os.getenv(
+            "JWT_VERIFY_KEY", os.getenv("SUPABASE_JWT_SECRET", "")
+        ).strip()
+        self.JWT_ALGORITHM: str = os.getenv("JWT_SIGN_ALGORITHM", "HS256").strip()
 
-    @property
-    def is_configured(self) -> bool:
-        return bool(self.JWT_SECRET_KEY)
+        self.validate()
+
+    def validate(self):
+        if not self.JWT_VERIFY_KEY:
+            raise AuthConfigError(
+                "JWT_VERIFY_KEY must be set. "
+                "An empty JWT secret would allow anyone to forge valid tokens."
+            )
+
+        if len(self.JWT_VERIFY_KEY) < 32:
+            logger.warning(
+                "⚠️ JWT_VERIFY_KEY appears weak (less than 32 characters). "
+                "Consider using a longer, cryptographically secure secret."
+            )
+
+        supported_algorithms = get_default_algorithms().keys()
+
+        if not has_crypto:
+            logger.warning(
+                "⚠️ Asymmetric JWT verification is not available "
+                "because the 'cryptography' package is not installed. "
+                + ALGO_RECOMMENDATION
+            )
+
+        if (
+            self.JWT_ALGORITHM not in supported_algorithms
+            or self.JWT_ALGORITHM == "none"
+        ):
+            raise AuthConfigError(
+                f"Invalid JWT_SIGN_ALGORITHM: '{self.JWT_ALGORITHM}'. "
+                "Supported algorithms are listed on "
+                "https://pyjwt.readthedocs.io/en/stable/algorithms.html"
+            )
+
+        if self.JWT_ALGORITHM.startswith("HS"):
+            logger.warning(
+                f"⚠️ JWT_SIGN_ALGORITHM is set to '{self.JWT_ALGORITHM}', "
+                "a symmetric shared-key signature algorithm. " + ALGO_RECOMMENDATION
+            )
 
 
-settings = Settings()
+_settings: Settings = None  # type: ignore
+
+
+def get_settings() -> Settings:
+    global _settings
+
+    if not _settings:
+        _settings = Settings()
+
+    return _settings
+
+
+def verify_settings() -> None:
+    global _settings
+
+    if not _settings:
+        _settings = Settings()  # calls validation indirectly
+        return
+
+    _settings.validate()

autogpt_platform/autogpt_libs/autogpt_libs/auth/config_test.py

@@ -0,0 +1,306 @@
+"""
+Comprehensive tests for auth configuration to ensure 100% line and branch coverage.
+These tests verify critical security checks preventing JWT token forgery.
+"""
+
+import logging
+import os
+
+import pytest
+from pytest_mock import MockerFixture
+
+from autogpt_libs.auth.config import AuthConfigError, Settings
+
+
+def test_environment_variable_precedence(mocker: MockerFixture):
+    """Test that environment variables take precedence over defaults."""
+    secret = "environment-secret-key-with-proper-length-123456"
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == secret
+
+
+def test_environment_variable_backwards_compatible(mocker: MockerFixture):
+    """Test that SUPABASE_JWT_SECRET is read if JWT_VERIFY_KEY is not set."""
+    secret = "environment-secret-key-with-proper-length-123456"
+    mocker.patch.dict(os.environ, {"SUPABASE_JWT_SECRET": secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == secret
+
+
+def test_auth_config_error_inheritance():
+    """Test that AuthConfigError is properly defined as an Exception."""
+    assert issubclass(AuthConfigError, Exception)
+    error = AuthConfigError("test message")
+    assert str(error) == "test message"
+
+
+def test_settings_static_after_creation(mocker: MockerFixture):
+    """Test that settings maintain their values after creation."""
+    secret = "immutable-secret-key-with-proper-length-12345"
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
+
+    settings = Settings()
+    original_secret = settings.JWT_VERIFY_KEY
+
+    # Changing environment after creation shouldn't affect settings
+    os.environ["JWT_VERIFY_KEY"] = "different-secret"
+
+    assert settings.JWT_VERIFY_KEY == original_secret
+
+
+def test_settings_load_with_valid_secret(mocker: MockerFixture):
+    """Test auth enabled with a valid JWT secret."""
+    valid_secret = "a" * 32  # 32 character secret
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": valid_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == valid_secret
+
+
+def test_settings_load_with_strong_secret(mocker: MockerFixture):
+    """Test auth enabled with a cryptographically strong secret."""
+    strong_secret = "super-secret-jwt-token-with-at-least-32-characters-long"
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": strong_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == strong_secret
+    assert len(settings.JWT_VERIFY_KEY) >= 32
+
+
+def test_secret_empty_raises_error(mocker: MockerFixture):
+    """Test that auth enabled with empty secret raises AuthConfigError."""
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": ""}, clear=True)
+
+    with pytest.raises(Exception) as exc_info:
+        Settings()
+    assert "JWT_VERIFY_KEY" in str(exc_info.value)
+
+
+def test_secret_missing_raises_error(mocker: MockerFixture):
+    """Test that auth enabled without secret env var raises AuthConfigError."""
+    mocker.patch.dict(os.environ, {}, clear=True)
+
+    with pytest.raises(Exception) as exc_info:
+        Settings()
+    assert "JWT_VERIFY_KEY" in str(exc_info.value)
+
+
+@pytest.mark.parametrize("secret", [" ", "  ", "\t", "\n", " \t\n "])
+def test_secret_only_whitespace_raises_error(mocker: MockerFixture, secret: str):
+    """Test that auth enabled with whitespace-only secret raises error."""
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
+
+    with pytest.raises(ValueError):
+        Settings()
+
+
+def test_secret_weak_logs_warning(
+    mocker: MockerFixture, caplog: pytest.LogCaptureFixture
+):
+    """Test that weak JWT secret triggers warning log."""
+    weak_secret = "short"  # Less than 32 characters
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": weak_secret}, clear=True)
+
+    with caplog.at_level(logging.WARNING):
+        settings = Settings()
+        assert settings.JWT_VERIFY_KEY == weak_secret
+        assert "key appears weak" in caplog.text.lower()
+        assert "less than 32 characters" in caplog.text
+
+
+def test_secret_31_char_logs_warning(
+    mocker: MockerFixture, caplog: pytest.LogCaptureFixture
+):
+    """Test that 31-character secret triggers warning (boundary test)."""
+    secret_31 = "a" * 31  # Exactly 31 characters
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret_31}, clear=True)
+
+    with caplog.at_level(logging.WARNING):
+        settings = Settings()
+        assert len(settings.JWT_VERIFY_KEY) == 31
+        assert "key appears weak" in caplog.text.lower()
+
+
+def test_secret_32_char_no_warning(
+    mocker: MockerFixture, caplog: pytest.LogCaptureFixture
+):
+    """Test that 32-character secret does not trigger warning (boundary test)."""
+    secret_32 = "a" * 32  # Exactly 32 characters
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret_32}, clear=True)
+
+    with caplog.at_level(logging.WARNING):
+        settings = Settings()
+        assert len(settings.JWT_VERIFY_KEY) == 32
+        assert "JWT secret appears weak" not in caplog.text
+
+
+def test_secret_whitespace_stripped(mocker: MockerFixture):
+    """Test that JWT secret whitespace is stripped."""
+    secret = "a" * 32
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": f"  {secret}  "}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == secret
+
+
+def test_secret_with_special_characters(mocker: MockerFixture):
+    """Test JWT secret with special characters."""
+    special_secret = "!@#$%^&*()_+-=[]{}|;:,.<>?`~" + "a" * 10  # 40 chars total
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": special_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == special_secret
+
+
+def test_secret_with_unicode(mocker: MockerFixture):
+    """Test JWT secret with unicode characters."""
+    unicode_secret = "秘密🔐キー" + "a" * 25  # Ensure >32 bytes
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": unicode_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == unicode_secret
+
+
+def test_secret_very_long(mocker: MockerFixture):
+    """Test JWT secret with excessive length."""
+    long_secret = "a" * 1000  # 1000 character secret
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": long_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == long_secret
+    assert len(settings.JWT_VERIFY_KEY) == 1000
+
+
+def test_secret_with_newline(mocker: MockerFixture):
+    """Test JWT secret containing newlines."""
+    multiline_secret = "secret\nwith\nnewlines" + "a" * 20
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": multiline_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == multiline_secret
+
+
+def test_secret_base64_encoded(mocker: MockerFixture):
+    """Test JWT secret that looks like base64."""
+    base64_secret = "dGhpc19pc19hX3NlY3JldF9rZXlfd2l0aF9wcm9wZXJfbGVuZ3Ro"
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": base64_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == base64_secret
+
+
+def test_secret_numeric_only(mocker: MockerFixture):
+    """Test JWT secret with only numbers."""
+    numeric_secret = "1234567890" * 4  # 40 character numeric secret
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": numeric_secret}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_VERIFY_KEY == numeric_secret
+
+
+def test_algorithm_default_hs256(mocker: MockerFixture):
+    """Test that JWT algorithm defaults to HS256."""
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": "a" * 32}, clear=True)
+
+    settings = Settings()
+    assert settings.JWT_ALGORITHM == "HS256"
+
+
+def test_algorithm_whitespace_stripped(mocker: MockerFixture):
+    """Test that JWT algorithm whitespace is stripped."""
+    secret = "a" * 32
+    mocker.patch.dict(
+        os.environ,
+        {"JWT_VERIFY_KEY": secret, "JWT_SIGN_ALGORITHM": "  HS256  "},
+        clear=True,
+    )
+
+    settings = Settings()
+    assert settings.JWT_ALGORITHM == "HS256"
+
+
+def test_no_crypto_warning(mocker: MockerFixture, caplog: pytest.LogCaptureFixture):
+    """Test warning when crypto package is not available."""
+    secret = "a" * 32
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": secret}, clear=True)
+
+    # Mock has_crypto to return False
+    mocker.patch("autogpt_libs.auth.config.has_crypto", False)
+
+    with caplog.at_level(logging.WARNING):
+        Settings()
+        assert "Asymmetric JWT verification is not available" in caplog.text
+        assert "cryptography" in caplog.text
+
+
+def test_algorithm_invalid_raises_error(mocker: MockerFixture):
+    """Test that invalid JWT algorithm raises AuthConfigError."""
+    secret = "a" * 32
+    mocker.patch.dict(
+        os.environ,
+        {"JWT_VERIFY_KEY": secret, "JWT_SIGN_ALGORITHM": "INVALID_ALG"},
+        clear=True,
+    )
+
+    with pytest.raises(AuthConfigError) as exc_info:
+        Settings()
+    assert "Invalid JWT_SIGN_ALGORITHM" in str(exc_info.value)
+    assert "INVALID_ALG" in str(exc_info.value)
+
+
+def test_algorithm_none_raises_error(mocker: MockerFixture):
+    """Test that 'none' algorithm raises AuthConfigError."""
+    secret = "a" * 32
+    mocker.patch.dict(
+        os.environ,
+        {"JWT_VERIFY_KEY": secret, "JWT_SIGN_ALGORITHM": "none"},
+        clear=True,
+    )
+
+    with pytest.raises(AuthConfigError) as exc_info:
+        Settings()
+    assert "Invalid JWT_SIGN_ALGORITHM" in str(exc_info.value)
+
+
+@pytest.mark.parametrize("algorithm", ["HS256", "HS384", "HS512"])
+def test_algorithm_symmetric_warning(
+    mocker: MockerFixture, caplog: pytest.LogCaptureFixture, algorithm: str
+):
+    """Test warning for symmetric algorithms (HS256, HS384, HS512)."""
+    secret = "a" * 32
+    mocker.patch.dict(
+        os.environ,
+        {"JWT_VERIFY_KEY": secret, "JWT_SIGN_ALGORITHM": algorithm},
+        clear=True,
+    )
+
+    with caplog.at_level(logging.WARNING):
+        settings = Settings()
+        assert algorithm in caplog.text
+        assert "symmetric shared-key signature algorithm" in caplog.text
+        assert settings.JWT_ALGORITHM == algorithm
+
+
+@pytest.mark.parametrize(
+    "algorithm",
+    ["ES256", "ES384", "ES512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512"],
+)
+def test_algorithm_asymmetric_no_warning(
+    mocker: MockerFixture, caplog: pytest.LogCaptureFixture, algorithm: str
+):
+    """Test that asymmetric algorithms do not trigger warning."""
+    secret = "a" * 32
+    mocker.patch.dict(
+        os.environ,
+        {"JWT_VERIFY_KEY": secret, "JWT_SIGN_ALGORITHM": algorithm},
+        clear=True,
+    )
+
+    with caplog.at_level(logging.WARNING):
+        settings = Settings()
+        # Should not contain the symmetric algorithm warning
+        assert "symmetric shared-key signature algorithm" not in caplog.text
+        assert settings.JWT_ALGORITHM == algorithm

autogpt_platform/autogpt_libs/autogpt_libs/auth/dependencies.py

@@ -0,0 +1,117 @@
+"""
+FastAPI dependency functions for JWT-based authentication and authorization.
+
+These are the high-level dependency functions used in route definitions.
+"""
+
+import logging
+
+import fastapi
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+
+from .jwt_utils import get_jwt_payload, verify_user
+from .models import User
+
+optional_bearer = HTTPBearer(auto_error=False)
+
+# Header name for admin impersonation
+IMPERSONATION_HEADER_NAME = "X-Act-As-User-Id"
+
+logger = logging.getLogger(__name__)
+
+
+def get_optional_user_id(
+    credentials: HTTPAuthorizationCredentials | None = fastapi.Security(
+        optional_bearer
+    ),
+) -> str | None:
+    """
+    Attempts to extract the user ID ("sub" claim) from a Bearer JWT if provided.
+
+    This dependency allows for both authenticated and anonymous access. If a valid bearer token is
+    supplied, it parses the JWT and extracts the user ID. If the token is missing or invalid, it returns None,
+    treating the request as anonymous.
+
+    Args:
+        credentials: Optional HTTPAuthorizationCredentials object from FastAPI Security dependency.
+
+    Returns:
+        The user ID (str) extracted from the JWT "sub" claim, or None if no valid token is present.
+    """
+    if not credentials:
+        return None
+
+    try:
+        # Parse JWT token to get user ID
+        from autogpt_libs.auth.jwt_utils import parse_jwt_token
+
+        payload = parse_jwt_token(credentials.credentials)
+        return payload.get("sub")
+    except Exception as e:
+        logger.debug(f"Auth token validation failed (anonymous access): {e}")
+        return None
+
+
+async def requires_user(jwt_payload: dict = fastapi.Security(get_jwt_payload)) -> User:
+    """
+    FastAPI dependency that requires a valid authenticated user.
+
+    Raises:
+        HTTPException: 401 for authentication failures
+    """
+    return verify_user(jwt_payload, admin_only=False)
+
+
+async def requires_admin_user(
+    jwt_payload: dict = fastapi.Security(get_jwt_payload),
+) -> User:
+    """
+    FastAPI dependency that requires a valid admin user.
+
+    Raises:
+        HTTPException: 401 for authentication failures, 403 for insufficient permissions
+    """
+    return verify_user(jwt_payload, admin_only=True)
+
+
+async def get_user_id(
+    request: fastapi.Request, jwt_payload: dict = fastapi.Security(get_jwt_payload)
+) -> str:
+    """
+    FastAPI dependency that returns the ID of the authenticated user.
+
+    Supports admin impersonation via X-Act-As-User-Id header:
+    - If the header is present and user is admin, returns the impersonated user ID
+    - Otherwise returns the authenticated user's own ID
+    - Logs all impersonation actions for audit trail
+
+    Raises:
+        HTTPException: 401 for authentication failures or missing user ID
+        HTTPException: 403 if non-admin tries to use impersonation
+    """
+    # Get the authenticated user's ID from JWT
+    user_id = jwt_payload.get("sub")
+    if not user_id:
+        raise fastapi.HTTPException(
+            status_code=401, detail="User ID not found in token"
+        )
+
+    # Check for admin impersonation header
+    impersonate_header = request.headers.get(IMPERSONATION_HEADER_NAME, "").strip()
+    if impersonate_header:
+        # Verify the authenticated user is an admin
+        authenticated_user = verify_user(jwt_payload, admin_only=False)
+        if authenticated_user.role != "admin":
+            raise fastapi.HTTPException(
+                status_code=403, detail="Only admin users can impersonate other users"
+            )
+
+        # Log the impersonation for audit trail
+        logger.info(
+            f"Admin impersonation: {authenticated_user.user_id} ({authenticated_user.email}) "
+            f"acting as user {impersonate_header} for requesting {request.method} {request.url}"
+        )
+
+        return impersonate_header
+
+    return user_id

autogpt_platform/autogpt_libs/autogpt_libs/auth/dependencies_test.py

@@ -0,0 +1,554 @@
+"""
+Comprehensive integration tests for authentication dependencies.
+Tests the full authentication flow from HTTP requests to user validation.
+"""
+
+import os
+from unittest.mock import Mock
+
+import pytest
+from fastapi import FastAPI, HTTPException, Request, Security
+from fastapi.testclient import TestClient
+from pytest_mock import MockerFixture
+
+from autogpt_libs.auth.dependencies import (
+    get_user_id,
+    requires_admin_user,
+    requires_user,
+)
+from autogpt_libs.auth.models import User
+
+
+class TestAuthDependencies:
+    """Test suite for authentication dependency functions."""
+
+    @pytest.fixture
+    def app(self):
+        """Create a test FastAPI application."""
+        app = FastAPI()
+
+        @app.get("/user")
+        def get_user_endpoint(user: User = Security(requires_user)):
+            return {"user_id": user.user_id, "role": user.role}
+
+        @app.get("/admin")
+        def get_admin_endpoint(user: User = Security(requires_admin_user)):
+            return {"user_id": user.user_id, "role": user.role}
+
+        @app.get("/user-id")
+        def get_user_id_endpoint(user_id: str = Security(get_user_id)):
+            return {"user_id": user_id}
+
+        return app
+
+    @pytest.fixture
+    def client(self, app):
+        """Create a test client."""
+        return TestClient(app)
+
+    @pytest.mark.asyncio
+    async def test_requires_user_with_valid_jwt_payload(self, mocker: MockerFixture):
+        """Test requires_user with valid JWT payload."""
+        jwt_payload = {"sub": "user-123", "role": "user", "email": "user@example.com"}
+
+        # Mock get_jwt_payload to return our test payload
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+        user = await requires_user(jwt_payload)
+        assert isinstance(user, User)
+        assert user.user_id == "user-123"
+        assert user.role == "user"
+
+    @pytest.mark.asyncio
+    async def test_requires_user_with_admin_jwt_payload(self, mocker: MockerFixture):
+        """Test requires_user accepts admin users."""
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+        user = await requires_user(jwt_payload)
+        assert user.user_id == "admin-456"
+        assert user.role == "admin"
+
+    @pytest.mark.asyncio
+    async def test_requires_user_missing_sub(self):
+        """Test requires_user with missing user ID."""
+        jwt_payload = {"role": "user", "email": "user@example.com"}
+
+        with pytest.raises(HTTPException) as exc_info:
+            await requires_user(jwt_payload)
+        assert exc_info.value.status_code == 401
+        assert "User ID not found" in exc_info.value.detail
+
+    @pytest.mark.asyncio
+    async def test_requires_user_empty_sub(self):
+        """Test requires_user with empty user ID."""
+        jwt_payload = {"sub": "", "role": "user"}
+
+        with pytest.raises(HTTPException) as exc_info:
+            await requires_user(jwt_payload)
+        assert exc_info.value.status_code == 401
+
+    @pytest.mark.asyncio
+    async def test_requires_admin_user_with_admin(self, mocker: MockerFixture):
+        """Test requires_admin_user with admin role."""
+        jwt_payload = {
+            "sub": "admin-789",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+        user = await requires_admin_user(jwt_payload)
+        assert user.user_id == "admin-789"
+        assert user.role == "admin"
+
+    @pytest.mark.asyncio
+    async def test_requires_admin_user_with_regular_user(self):
+        """Test requires_admin_user rejects regular users."""
+        jwt_payload = {"sub": "user-123", "role": "user", "email": "user@example.com"}
+
+        with pytest.raises(HTTPException) as exc_info:
+            await requires_admin_user(jwt_payload)
+        assert exc_info.value.status_code == 403
+        assert "Admin access required" in exc_info.value.detail
+
+    @pytest.mark.asyncio
+    async def test_requires_admin_user_missing_role(self):
+        """Test requires_admin_user with missing role."""
+        jwt_payload = {"sub": "user-123", "email": "user@example.com"}
+
+        with pytest.raises(KeyError):
+            await requires_admin_user(jwt_payload)
+
+    @pytest.mark.asyncio
+    async def test_get_user_id_with_valid_payload(self, mocker: MockerFixture):
+        """Test get_user_id extracts user ID correctly."""
+        request = Mock(spec=Request)
+        request.headers = {}
+        jwt_payload = {"sub": "user-id-xyz", "role": "user"}
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+        user_id = await get_user_id(request, jwt_payload)
+        assert user_id == "user-id-xyz"
+
+    @pytest.mark.asyncio
+    async def test_get_user_id_missing_sub(self):
+        """Test get_user_id with missing user ID."""
+        request = Mock(spec=Request)
+        request.headers = {}
+        jwt_payload = {"role": "user"}
+
+        with pytest.raises(HTTPException) as exc_info:
+            await get_user_id(request, jwt_payload)
+        assert exc_info.value.status_code == 401
+        assert "User ID not found" in exc_info.value.detail
+
+    @pytest.mark.asyncio
+    async def test_get_user_id_none_sub(self):
+        """Test get_user_id with None user ID."""
+        request = Mock(spec=Request)
+        request.headers = {}
+        jwt_payload = {"sub": None, "role": "user"}
+
+        with pytest.raises(HTTPException) as exc_info:
+            await get_user_id(request, jwt_payload)
+        assert exc_info.value.status_code == 401
+
+
+class TestAuthDependenciesIntegration:
+    """Integration tests for auth dependencies with FastAPI."""
+
+    acceptable_jwt_secret = "test-secret-with-proper-length-123456"
+
+    @pytest.fixture
+    def create_token(self, mocker: MockerFixture):
+        """Helper to create JWT tokens."""
+        import jwt
+
+        mocker.patch.dict(
+            os.environ,
+            {"JWT_VERIFY_KEY": self.acceptable_jwt_secret},
+            clear=True,
+        )
+
+        def _create_token(payload, secret=self.acceptable_jwt_secret):
+            return jwt.encode(payload, secret, algorithm="HS256")
+
+        return _create_token
+
+    @pytest.mark.asyncio
+    async def test_endpoint_auth_enabled_no_token(self):
+        """Test endpoints require token when auth is enabled."""
+        app = FastAPI()
+
+        @app.get("/test")
+        def test_endpoint(user: User = Security(requires_user)):
+            return {"user_id": user.user_id}
+
+        client = TestClient(app)
+
+        # Should fail without auth header
+        response = client.get("/test")
+        assert response.status_code == 401
+
+    @pytest.mark.asyncio
+    async def test_endpoint_with_valid_token(self, create_token):
+        """Test endpoint with valid JWT token."""
+        app = FastAPI()
+
+        @app.get("/test")
+        def test_endpoint(user: User = Security(requires_user)):
+            return {"user_id": user.user_id, "role": user.role}
+
+        client = TestClient(app)
+
+        token = create_token(
+            {"sub": "test-user", "role": "user", "aud": "authenticated"},
+            secret=self.acceptable_jwt_secret,
+        )
+
+        response = client.get("/test", headers={"Authorization": f"Bearer {token}"})
+        assert response.status_code == 200
+        assert response.json()["user_id"] == "test-user"
+
+    @pytest.mark.asyncio
+    async def test_admin_endpoint_requires_admin_role(self, create_token):
+        """Test admin endpoint rejects non-admin users."""
+        app = FastAPI()
+
+        @app.get("/admin")
+        def admin_endpoint(user: User = Security(requires_admin_user)):
+            return {"user_id": user.user_id}
+
+        client = TestClient(app)
+
+        # Regular user token
+        user_token = create_token(
+            {"sub": "regular-user", "role": "user", "aud": "authenticated"},
+            secret=self.acceptable_jwt_secret,
+        )
+
+        response = client.get(
+            "/admin", headers={"Authorization": f"Bearer {user_token}"}
+        )
+        assert response.status_code == 403
+
+        # Admin token
+        admin_token = create_token(
+            {"sub": "admin-user", "role": "admin", "aud": "authenticated"},
+            secret=self.acceptable_jwt_secret,
+        )
+
+        response = client.get(
+            "/admin", headers={"Authorization": f"Bearer {admin_token}"}
+        )
+        assert response.status_code == 200
+        assert response.json()["user_id"] == "admin-user"
+
+
+class TestAuthDependenciesEdgeCases:
+    """Edge case tests for authentication dependencies."""
+
+    @pytest.mark.asyncio
+    async def test_dependency_with_complex_payload(self):
+        """Test dependencies handle complex JWT payloads."""
+        complex_payload = {
+            "sub": "user-123",
+            "role": "admin",
+            "email": "test@example.com",
+            "app_metadata": {"provider": "email", "providers": ["email"]},
+            "user_metadata": {
+                "full_name": "Test User",
+                "avatar_url": "https://example.com/avatar.jpg",
+            },
+            "aud": "authenticated",
+            "iat": 1234567890,
+            "exp": 9999999999,
+        }
+
+        user = await requires_user(complex_payload)
+        assert user.user_id == "user-123"
+        assert user.email == "test@example.com"
+
+        admin = await requires_admin_user(complex_payload)
+        assert admin.role == "admin"
+
+    @pytest.mark.asyncio
+    async def test_dependency_with_unicode_in_payload(self):
+        """Test dependencies handle unicode in JWT payloads."""
+        unicode_payload = {
+            "sub": "user-😀-123",
+            "role": "user",
+            "email": "测试@example.com",
+            "name": "日本語",
+        }
+
+        user = await requires_user(unicode_payload)
+        assert "😀" in user.user_id
+        assert user.email == "测试@example.com"
+
+    @pytest.mark.asyncio
+    async def test_dependency_with_null_values(self):
+        """Test dependencies handle null values in payload."""
+        null_payload = {
+            "sub": "user-123",
+            "role": "user",
+            "email": None,
+            "phone": None,
+            "metadata": None,
+        }
+
+        user = await requires_user(null_payload)
+        assert user.user_id == "user-123"
+        assert user.email is None
+
+    @pytest.mark.asyncio
+    async def test_concurrent_requests_isolation(self):
+        """Test that concurrent requests don't interfere with each other."""
+        payload1 = {"sub": "user-1", "role": "user"}
+        payload2 = {"sub": "user-2", "role": "admin"}
+
+        # Simulate concurrent processing
+        user1 = await requires_user(payload1)
+        user2 = await requires_admin_user(payload2)
+
+        assert user1.user_id == "user-1"
+        assert user2.user_id == "user-2"
+        assert user1.role == "user"
+        assert user2.role == "admin"
+
+    @pytest.mark.parametrize(
+        "payload,expected_error,admin_only",
+        [
+            (None, "Authorization header is missing", False),
+            ({}, "User ID not found", False),
+            ({"sub": ""}, "User ID not found", False),
+            ({"role": "user"}, "User ID not found", False),
+            ({"sub": "user", "role": "user"}, "Admin access required", True),
+        ],
+    )
+    @pytest.mark.asyncio
+    async def test_dependency_error_cases(
+        self, payload, expected_error: str, admin_only: bool
+    ):
+        """Test that errors propagate correctly through dependencies."""
+        # Import verify_user to test it directly since dependencies use FastAPI Security
+        from autogpt_libs.auth.jwt_utils import verify_user
+
+        with pytest.raises(HTTPException) as exc_info:
+            verify_user(payload, admin_only=admin_only)
+        assert expected_error in exc_info.value.detail
+
+    @pytest.mark.asyncio
+    async def test_dependency_valid_user(self):
+        """Test valid user case for dependency."""
+        # Import verify_user to test it directly since dependencies use FastAPI Security
+        from autogpt_libs.auth.jwt_utils import verify_user
+
+        # Valid case
+        user = verify_user({"sub": "user", "role": "user"}, admin_only=False)
+        assert user.user_id == "user"
+
+
+class TestAdminImpersonation:
+    """Test suite for admin user impersonation functionality."""
+
+    @pytest.mark.asyncio
+    async def test_admin_impersonation_success(self, mocker: MockerFixture):
+        """Test admin successfully impersonating another user."""
+        request = Mock(spec=Request)
+        request.headers = {"X-Act-As-User-Id": "target-user-123"}
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        # Mock verify_user to return admin user data
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user.return_value = Mock(
+            user_id="admin-456", email="admin@example.com", role="admin"
+        )
+
+        # Mock logger to verify audit logging
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Should return the impersonated user ID
+        assert user_id == "target-user-123"
+
+        # Should log the impersonation attempt
+        mock_logger.info.assert_called_once()
+        log_call = mock_logger.info.call_args[0][0]
+        assert "Admin impersonation:" in log_call
+        assert "admin@example.com" in log_call
+        assert "target-user-123" in log_call
+
+    @pytest.mark.asyncio
+    async def test_non_admin_impersonation_attempt(self, mocker: MockerFixture):
+        """Test non-admin user attempting impersonation returns 403."""
+        request = Mock(spec=Request)
+        request.headers = {"X-Act-As-User-Id": "target-user-123"}
+        jwt_payload = {
+            "sub": "regular-user",
+            "role": "user",
+            "email": "user@example.com",
+        }
+
+        # Mock verify_user to return regular user data
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user.return_value = Mock(
+            user_id="regular-user", email="user@example.com", role="user"
+        )
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        with pytest.raises(HTTPException) as exc_info:
+            await get_user_id(request, jwt_payload)
+
+        assert exc_info.value.status_code == 403
+        assert "Only admin users can impersonate other users" in exc_info.value.detail
+
+    @pytest.mark.asyncio
+    async def test_impersonation_empty_header(self, mocker: MockerFixture):
+        """Test impersonation with empty header falls back to regular user ID."""
+        request = Mock(spec=Request)
+        request.headers = {"X-Act-As-User-Id": ""}
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Should fall back to the admin's own user ID
+        assert user_id == "admin-456"
+
+    @pytest.mark.asyncio
+    async def test_impersonation_missing_header(self, mocker: MockerFixture):
+        """Test normal behavior when impersonation header is missing."""
+        request = Mock(spec=Request)
+        request.headers = {}  # No impersonation header
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Should return the admin's own user ID
+        assert user_id == "admin-456"
+
+    @pytest.mark.asyncio
+    async def test_impersonation_audit_logging_details(self, mocker: MockerFixture):
+        """Test that impersonation audit logging includes all required details."""
+        request = Mock(spec=Request)
+        request.headers = {"X-Act-As-User-Id": "victim-user-789"}
+        jwt_payload = {
+            "sub": "admin-999",
+            "role": "admin",
+            "email": "superadmin@company.com",
+        }
+
+        # Mock verify_user to return admin user data
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user.return_value = Mock(
+            user_id="admin-999", email="superadmin@company.com", role="admin"
+        )
+
+        # Mock logger to capture audit trail
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Verify all audit details are logged
+        assert user_id == "victim-user-789"
+        mock_logger.info.assert_called_once()
+
+        log_message = mock_logger.info.call_args[0][0]
+        assert "Admin impersonation:" in log_message
+        assert "superadmin@company.com" in log_message
+        assert "victim-user-789" in log_message
+
+    @pytest.mark.asyncio
+    async def test_impersonation_header_case_sensitivity(self, mocker: MockerFixture):
+        """Test that impersonation header is case-sensitive."""
+        request = Mock(spec=Request)
+        # Use wrong case - should not trigger impersonation
+        request.headers = {"x-act-as-user-id": "target-user-123"}
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Should fall back to admin's own ID (header case mismatch)
+        assert user_id == "admin-456"
+
+    @pytest.mark.asyncio
+    async def test_impersonation_with_whitespace_header(self, mocker: MockerFixture):
+        """Test impersonation with whitespace in header value."""
+        request = Mock(spec=Request)
+        request.headers = {"X-Act-As-User-Id": "  target-user-123  "}
+        jwt_payload = {
+            "sub": "admin-456",
+            "role": "admin",
+            "email": "admin@example.com",
+        }
+
+        # Mock verify_user to return admin user data
+        mock_verify_user = mocker.patch("autogpt_libs.auth.dependencies.verify_user")
+        mock_verify_user.return_value = Mock(
+            user_id="admin-456", email="admin@example.com", role="admin"
+        )
+
+        # Mock logger
+        mock_logger = mocker.patch("autogpt_libs.auth.dependencies.logger")
+
+        mocker.patch(
+            "autogpt_libs.auth.dependencies.get_jwt_payload", return_value=jwt_payload
+        )
+
+        user_id = await get_user_id(request, jwt_payload)
+
+        # Should strip whitespace and impersonate successfully
+        assert user_id == "target-user-123"
+        mock_logger.info.assert_called_once()

autogpt_platform/autogpt_libs/autogpt_libs/auth/depends.py

@@ -1,46 +0,0 @@
-import fastapi
-
-from .config import settings
-from .middleware import auth_middleware
-from .models import DEFAULT_USER_ID, User
-
-
-def requires_user(payload: dict = fastapi.Depends(auth_middleware)) -> User:
-    return verify_user(payload, admin_only=False)
-
-
-def requires_admin_user(
-    payload: dict = fastapi.Depends(auth_middleware),
-) -> User:
-    return verify_user(payload, admin_only=True)
-
-
-def verify_user(payload: dict | None, admin_only: bool) -> User:
-    if not payload:
-        if settings.ENABLE_AUTH:
-            raise fastapi.HTTPException(
-                status_code=401, detail="Authorization header is missing"
-            )
-        # This handles the case when authentication is disabled
-        payload = {"sub": DEFAULT_USER_ID, "role": "admin"}
-
-    user_id = payload.get("sub")
-
-    if not user_id:
-        raise fastapi.HTTPException(
-            status_code=401, detail="User ID not found in token"
-        )
-
-    if admin_only and payload["role"] != "admin":
-        raise fastapi.HTTPException(status_code=403, detail="Admin access required")
-
-    return User.from_payload(payload)
-
-
-def get_user_id(payload: dict = fastapi.Depends(auth_middleware)) -> str:
-    user_id = payload.get("sub")
-    if not user_id:
-        raise fastapi.HTTPException(
-            status_code=401, detail="User ID not found in token"
-        )
-    return user_id

autogpt_platform/autogpt_libs/autogpt_libs/auth/depends_tests.py

@@ -1,68 +0,0 @@
-import pytest
-
-from .depends import requires_admin_user, requires_user, verify_user
-
-
-def test_verify_user_no_payload():
-    user = verify_user(None, admin_only=False)
-    assert user.user_id == "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
-    assert user.role == "admin"
-
-
-def test_verify_user_no_user_id():
-    with pytest.raises(Exception):
-        verify_user({"role": "admin"}, admin_only=False)
-
-
-def test_verify_user_not_admin():
-    with pytest.raises(Exception):
-        verify_user(
-            {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "user"},
-            admin_only=True,
-        )
-
-
-def test_verify_user_with_admin_role():
-    user = verify_user(
-        {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "admin"},
-        admin_only=True,
-    )
-    assert user.user_id == "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
-    assert user.role == "admin"
-
-
-def test_verify_user_with_user_role():
-    user = verify_user(
-        {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "user"},
-        admin_only=False,
-    )
-    assert user.user_id == "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
-    assert user.role == "user"
-
-
-def test_requires_user():
-    user = requires_user(
-        {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "user"}
-    )
-    assert user.user_id == "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
-    assert user.role == "user"
-
-
-def test_requires_user_no_user_id():
-    with pytest.raises(Exception):
-        requires_user({"role": "user"})
-
-
-def test_requires_admin_user():
-    user = requires_admin_user(
-        {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "admin"}
-    )
-    assert user.user_id == "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
-    assert user.role == "admin"
-
-
-def test_requires_admin_user_not_admin():
-    with pytest.raises(Exception):
-        requires_admin_user(
-            {"sub": "3e53486c-cf57-477e-ba2a-cb02dc828e1a", "role": "user"}
-        )

autogpt_platform/autogpt_libs/autogpt_libs/auth/helpers.py

@@ -0,0 +1,64 @@
+from fastapi import FastAPI
+
+from .jwt_utils import bearer_jwt_auth
+
+
+def add_auth_responses_to_openapi(app: FastAPI) -> None:
+    """
+    Patch a FastAPI instance's `openapi()` method to add 401 responses
+    to all authenticated endpoints.
+
+    This is needed when using HTTPBearer with auto_error=False to get proper
+    401 responses instead of 403, but FastAPI only automatically adds security
+    responses when auto_error=True.
+    """
+    # Wrap current method to allow stacking OpenAPI schema modifiers like this
+    wrapped_openapi = app.openapi
+
+    def custom_openapi():
+        if app.openapi_schema:
+            return app.openapi_schema
+
+        openapi_schema = wrapped_openapi()
+
+        # Add 401 response to all endpoints that have security requirements
+        for path, methods in openapi_schema["paths"].items():
+            for method, details in methods.items():
+                security_schemas = [
+                    schema
+                    for auth_option in details.get("security", [])
+                    for schema in auth_option.keys()
+                ]
+                if bearer_jwt_auth.scheme_name not in security_schemas:
+                    continue
+
+                if "responses" not in details:
+                    details["responses"] = {}
+
+                details["responses"]["401"] = {
+                    "$ref": "#/components/responses/HTTP401NotAuthenticatedError"
+                }
+
+        # Ensure #/components/responses exists
+        if "components" not in openapi_schema:
+            openapi_schema["components"] = {}
+        if "responses" not in openapi_schema["components"]:
+            openapi_schema["components"]["responses"] = {}
+
+        # Define 401 response
+        openapi_schema["components"]["responses"]["HTTP401NotAuthenticatedError"] = {
+            "description": "Authentication required",
+            "content": {
+                "application/json": {
+                    "schema": {
+                        "type": "object",
+                        "properties": {"detail": {"type": "string"}},
+                    }
+                }
+            },
+        }
+
+        app.openapi_schema = openapi_schema
+        return app.openapi_schema
+
+    app.openapi = custom_openapi

autogpt_platform/autogpt_libs/autogpt_libs/auth/helpers_test.py

@@ -0,0 +1,435 @@
+"""
+Comprehensive tests for auth helpers module to achieve 100% coverage.
+Tests OpenAPI schema generation and authentication response handling.
+"""
+
+from unittest import mock
+
+from fastapi import FastAPI
+from fastapi.openapi.utils import get_openapi
+
+from autogpt_libs.auth.helpers import add_auth_responses_to_openapi
+from autogpt_libs.auth.jwt_utils import bearer_jwt_auth
+
+
+def test_add_auth_responses_to_openapi_basic():
+    """Test adding 401 responses to OpenAPI schema."""
+    app = FastAPI(title="Test App", version="1.0.0")
+
+    # Add some test endpoints with authentication
+    from fastapi import Depends
+
+    from autogpt_libs.auth.dependencies import requires_user
+
+    @app.get("/protected", dependencies=[Depends(requires_user)])
+    def protected_endpoint():
+        return {"message": "Protected"}
+
+    @app.get("/public")
+    def public_endpoint():
+        return {"message": "Public"}
+
+    # Apply the OpenAPI customization
+    add_auth_responses_to_openapi(app)
+
+    # Get the OpenAPI schema
+    schema = app.openapi()
+
+    # Verify basic schema properties
+    assert schema["info"]["title"] == "Test App"
+    assert schema["info"]["version"] == "1.0.0"
+
+    # Verify 401 response component is added
+    assert "components" in schema
+    assert "responses" in schema["components"]
+    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+    # Verify 401 response structure
+    error_response = schema["components"]["responses"]["HTTP401NotAuthenticatedError"]
+    assert error_response["description"] == "Authentication required"
+    assert "application/json" in error_response["content"]
+    assert "schema" in error_response["content"]["application/json"]
+
+    # Verify schema properties
+    response_schema = error_response["content"]["application/json"]["schema"]
+    assert response_schema["type"] == "object"
+    assert "detail" in response_schema["properties"]
+    assert response_schema["properties"]["detail"]["type"] == "string"
+
+
+def test_add_auth_responses_to_openapi_with_security():
+    """Test that 401 responses are added only to secured endpoints."""
+    app = FastAPI()
+
+    # Mock endpoint with security
+    from fastapi import Security
+
+    from autogpt_libs.auth.dependencies import get_user_id
+
+    @app.get("/secured")
+    def secured_endpoint(user_id: str = Security(get_user_id)):
+        return {"user_id": user_id}
+
+    @app.post("/also-secured")
+    def another_secured(user_id: str = Security(get_user_id)):
+        return {"status": "ok"}
+
+    @app.get("/unsecured")
+    def unsecured_endpoint():
+        return {"public": True}
+
+    # Apply OpenAPI customization
+    add_auth_responses_to_openapi(app)
+
+    # Get schema
+    schema = app.openapi()
+
+    # Check that secured endpoints have 401 responses
+    if "/secured" in schema["paths"]:
+        if "get" in schema["paths"]["/secured"]:
+            secured_get = schema["paths"]["/secured"]["get"]
+            if "responses" in secured_get:
+                assert "401" in secured_get["responses"]
+                assert (
+                    secured_get["responses"]["401"]["$ref"]
+                    == "#/components/responses/HTTP401NotAuthenticatedError"
+                )
+
+    if "/also-secured" in schema["paths"]:
+        if "post" in schema["paths"]["/also-secured"]:
+            secured_post = schema["paths"]["/also-secured"]["post"]
+            if "responses" in secured_post:
+                assert "401" in secured_post["responses"]
+
+    # Check that unsecured endpoint does not have 401 response
+    if "/unsecured" in schema["paths"]:
+        if "get" in schema["paths"]["/unsecured"]:
+            unsecured_get = schema["paths"]["/unsecured"]["get"]
+            if "responses" in unsecured_get:
+                assert "401" not in unsecured_get.get("responses", {})
+
+
+def test_add_auth_responses_to_openapi_cached_schema():
+    """Test that OpenAPI schema is cached after first generation."""
+    app = FastAPI()
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    # Get schema twice
+    schema1 = app.openapi()
+    schema2 = app.openapi()
+
+    # Should return the same cached object
+    assert schema1 is schema2
+
+
+def test_add_auth_responses_to_openapi_existing_responses():
+    """Test handling endpoints that already have responses defined."""
+    app = FastAPI()
+
+    from fastapi import Security
+
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    @app.get(
+        "/with-responses",
+        responses={
+            200: {"description": "Success"},
+            404: {"description": "Not found"},
+        },
+    )
+    def endpoint_with_responses(jwt: dict = Security(get_jwt_payload)):
+        return {"data": "test"}
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    schema = app.openapi()
+
+    # Check that existing responses are preserved and 401 is added
+    if "/with-responses" in schema["paths"]:
+        if "get" in schema["paths"]["/with-responses"]:
+            responses = schema["paths"]["/with-responses"]["get"].get("responses", {})
+            # Original responses should be preserved
+            if "200" in responses:
+                assert responses["200"]["description"] == "Success"
+            if "404" in responses:
+                assert responses["404"]["description"] == "Not found"
+            # 401 should be added
+            if "401" in responses:
+                assert (
+                    responses["401"]["$ref"]
+                    == "#/components/responses/HTTP401NotAuthenticatedError"
+                )
+
+
+def test_add_auth_responses_to_openapi_no_security_endpoints():
+    """Test with app that has no secured endpoints."""
+    app = FastAPI()
+
+    @app.get("/public1")
+    def public1():
+        return {"message": "public1"}
+
+    @app.post("/public2")
+    def public2():
+        return {"message": "public2"}
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    schema = app.openapi()
+
+    # Component should still be added for consistency
+    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+    # But no endpoints should have 401 responses
+    for path in schema["paths"].values():
+        for method in path.values():
+            if isinstance(method, dict) and "responses" in method:
+                assert "401" not in method["responses"]
+
+
+def test_add_auth_responses_to_openapi_multiple_security_schemes():
+    """Test endpoints with multiple security requirements."""
+    app = FastAPI()
+
+    from fastapi import Security
+
+    from autogpt_libs.auth.dependencies import requires_admin_user, requires_user
+    from autogpt_libs.auth.models import User
+
+    @app.get("/multi-auth")
+    def multi_auth(
+        user: User = Security(requires_user),
+        admin: User = Security(requires_admin_user),
+    ):
+        return {"status": "super secure"}
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    schema = app.openapi()
+
+    # Should have 401 response
+    if "/multi-auth" in schema["paths"]:
+        if "get" in schema["paths"]["/multi-auth"]:
+            responses = schema["paths"]["/multi-auth"]["get"].get("responses", {})
+            if "401" in responses:
+                assert (
+                    responses["401"]["$ref"]
+                    == "#/components/responses/HTTP401NotAuthenticatedError"
+                )
+
+
+def test_add_auth_responses_to_openapi_empty_components():
+    """Test when OpenAPI schema has no components section initially."""
+    app = FastAPI()
+
+    # Mock get_openapi to return schema without components
+    original_get_openapi = get_openapi
+
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
+        # Remove components if it exists
+        if "components" in schema:
+            del schema["components"]
+        return schema
+
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
+
+        schema = app.openapi()
+
+        # Components should be created
+        assert "components" in schema
+        assert "responses" in schema["components"]
+        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+
+def test_add_auth_responses_to_openapi_all_http_methods():
+    """Test that all HTTP methods are handled correctly."""
+    app = FastAPI()
+
+    from fastapi import Security
+
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    @app.get("/resource")
+    def get_resource(jwt: dict = Security(get_jwt_payload)):
+        return {"method": "GET"}
+
+    @app.post("/resource")
+    def post_resource(jwt: dict = Security(get_jwt_payload)):
+        return {"method": "POST"}
+
+    @app.put("/resource")
+    def put_resource(jwt: dict = Security(get_jwt_payload)):
+        return {"method": "PUT"}
+
+    @app.patch("/resource")
+    def patch_resource(jwt: dict = Security(get_jwt_payload)):
+        return {"method": "PATCH"}
+
+    @app.delete("/resource")
+    def delete_resource(jwt: dict = Security(get_jwt_payload)):
+        return {"method": "DELETE"}
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    schema = app.openapi()
+
+    # All methods should have 401 response
+    if "/resource" in schema["paths"]:
+        for method in ["get", "post", "put", "patch", "delete"]:
+            if method in schema["paths"]["/resource"]:
+                method_spec = schema["paths"]["/resource"][method]
+                if "responses" in method_spec:
+                    assert "401" in method_spec["responses"]
+
+
+def test_bearer_jwt_auth_scheme_config():
+    """Test that bearer_jwt_auth is configured correctly."""
+    assert bearer_jwt_auth.scheme_name == "HTTPBearerJWT"
+    assert bearer_jwt_auth.auto_error is False
+
+
+def test_add_auth_responses_with_no_routes():
+    """Test OpenAPI generation with app that has no routes."""
+    app = FastAPI(title="Empty App")
+
+    # Apply customization to empty app
+    add_auth_responses_to_openapi(app)
+
+    schema = app.openapi()
+
+    # Should still have basic structure
+    assert schema["info"]["title"] == "Empty App"
+    assert "components" in schema
+    assert "responses" in schema["components"]
+    assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+
+def test_custom_openapi_function_replacement():
+    """Test that the custom openapi function properly replaces the default."""
+    app = FastAPI()
+
+    # Store original function
+    original_openapi = app.openapi
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    # Function should be replaced
+    assert app.openapi != original_openapi
+    assert callable(app.openapi)
+
+
+def test_endpoint_without_responses_section():
+    """Test endpoint that has security but no responses section initially."""
+    app = FastAPI()
+
+    from fastapi import Security
+    from fastapi.openapi.utils import get_openapi as original_get_openapi
+
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    # Create endpoint
+    @app.get("/no-responses")
+    def endpoint_without_responses(jwt: dict = Security(get_jwt_payload)):
+        return {"data": "test"}
+
+    # Mock get_openapi to remove responses from the endpoint
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
+        # Remove responses from our endpoint to trigger line 40
+        if "/no-responses" in schema.get("paths", {}):
+            if "get" in schema["paths"]["/no-responses"]:
+                # Delete responses to force the code to create it
+                if "responses" in schema["paths"]["/no-responses"]["get"]:
+                    del schema["paths"]["/no-responses"]["get"]["responses"]
+        return schema
+
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
+
+        # Get schema and verify 401 was added
+        schema = app.openapi()
+
+        # The endpoint should now have 401 response
+        if "/no-responses" in schema["paths"]:
+            if "get" in schema["paths"]["/no-responses"]:
+                responses = schema["paths"]["/no-responses"]["get"].get("responses", {})
+                assert "401" in responses
+                assert (
+                    responses["401"]["$ref"]
+                    == "#/components/responses/HTTP401NotAuthenticatedError"
+                )
+
+
+def test_components_with_existing_responses():
+    """Test when components already has a responses section."""
+    app = FastAPI()
+
+    # Mock get_openapi to return schema with existing components/responses
+    from fastapi.openapi.utils import get_openapi as original_get_openapi
+
+    def mock_get_openapi(*args, **kwargs):
+        schema = original_get_openapi(*args, **kwargs)
+        # Add existing components/responses
+        if "components" not in schema:
+            schema["components"] = {}
+        schema["components"]["responses"] = {
+            "ExistingResponse": {"description": "An existing response"}
+        }
+        return schema
+
+    with mock.patch("autogpt_libs.auth.helpers.get_openapi", mock_get_openapi):
+        # Apply customization
+        add_auth_responses_to_openapi(app)
+
+        schema = app.openapi()
+
+        # Both responses should exist
+        assert "ExistingResponse" in schema["components"]["responses"]
+        assert "HTTP401NotAuthenticatedError" in schema["components"]["responses"]
+
+        # Verify our 401 response structure
+        error_response = schema["components"]["responses"][
+            "HTTP401NotAuthenticatedError"
+        ]
+        assert error_response["description"] == "Authentication required"
+
+
+def test_openapi_schema_persistence():
+    """Test that modifications to OpenAPI schema persist correctly."""
+    app = FastAPI()
+
+    from fastapi import Security
+
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    @app.get("/test")
+    def test_endpoint(jwt: dict = Security(get_jwt_payload)):
+        return {"test": True}
+
+    # Apply customization
+    add_auth_responses_to_openapi(app)
+
+    # Get schema multiple times
+    schema1 = app.openapi()
+
+    # Modify the cached schema (shouldn't affect future calls)
+    schema1["info"]["title"] = "Modified Title"
+
+    # Clear cache and get again
+    app.openapi_schema = None
+    schema2 = app.openapi()
+
+    # Should regenerate with original title
+    assert schema2["info"]["title"] == app.title
+    assert schema2["info"]["title"] != "Modified Title"

autogpt_platform/autogpt_libs/autogpt_libs/auth/jwt_utils.py

@@ -1,11 +1,48 @@
-from typing import Any, Dict
+import logging
+from typing import Any
 
 import jwt
+from fastapi import HTTPException, Security
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
 
-from .config import settings
+from .config import get_settings
+from .models import User
+
+logger = logging.getLogger(__name__)
+
+# Bearer token authentication scheme
+bearer_jwt_auth = HTTPBearer(
+    bearerFormat="jwt", scheme_name="HTTPBearerJWT", auto_error=False
+)
 
 
-def parse_jwt_token(token: str) -> Dict[str, Any]:
+async def get_jwt_payload(
+    credentials: HTTPAuthorizationCredentials | None = Security(bearer_jwt_auth),
+) -> dict[str, Any]:
+    """
+    Extract and validate JWT payload from HTTP Authorization header.
+
+    This is the core authentication function that handles:
+    - Reading the `Authorization` header to obtain the JWT token
+    - Verifying the JWT token's signature
+    - Decoding the JWT token's payload
+
+    :param credentials: HTTP Authorization credentials from bearer token
+    :return: JWT payload dictionary
+    :raises HTTPException: 401 if authentication fails
+    """
+    if not credentials:
+        raise HTTPException(status_code=401, detail="Authorization header is missing")
+
+    try:
+        payload = parse_jwt_token(credentials.credentials)
+        logger.debug("Token decoded successfully")
+        return payload
+    except ValueError as e:
+        raise HTTPException(status_code=401, detail=str(e))
+
+
+def parse_jwt_token(token: str) -> dict[str, Any]:
     """
     Parse and validate a JWT token.
 
@@ -13,10 +50,11 @@ def parse_jwt_token(token: str) -> Dict[str, Any]:
     :return: The decoded payload
     :raises ValueError: If the token is invalid or expired
     """
+    settings = get_settings()
     try:
         payload = jwt.decode(
             token,
-            settings.JWT_SECRET_KEY,
+            settings.JWT_VERIFY_KEY,
             algorithms=[settings.JWT_ALGORITHM],
             audience="authenticated",
         )
@@ -25,3 +63,18 @@ def parse_jwt_token(token: str) -> Dict[str, Any]:
         raise ValueError("Token has expired")
     except jwt.InvalidTokenError as e:
         raise ValueError(f"Invalid token: {str(e)}")
+
+
+def verify_user(jwt_payload: dict | None, admin_only: bool) -> User:
+    if jwt_payload is None:
+        raise HTTPException(status_code=401, detail="Authorization header is missing")
+
+    user_id = jwt_payload.get("sub")
+
+    if not user_id:
+        raise HTTPException(status_code=401, detail="User ID not found in token")
+
+    if admin_only and jwt_payload["role"] != "admin":
+        raise HTTPException(status_code=403, detail="Admin access required")
+
+    return User.from_payload(jwt_payload)

autogpt_platform/autogpt_libs/autogpt_libs/auth/jwt_utils_test.py

@@ -0,0 +1,308 @@
+"""
+Comprehensive tests for JWT token parsing and validation.
+Ensures 100% line and branch coverage for JWT security functions.
+"""
+
+import os
+from datetime import datetime, timedelta, timezone
+
+import jwt
+import pytest
+from fastapi import HTTPException
+from fastapi.security import HTTPAuthorizationCredentials
+from pytest_mock import MockerFixture
+
+from autogpt_libs.auth import config, jwt_utils
+from autogpt_libs.auth.config import Settings
+from autogpt_libs.auth.models import User
+
+MOCK_JWT_SECRET = "test-secret-key-with-at-least-32-characters"
+TEST_USER_PAYLOAD = {
+    "sub": "test-user-id",
+    "role": "user",
+    "aud": "authenticated",
+    "email": "test@example.com",
+}
+TEST_ADMIN_PAYLOAD = {
+    "sub": "admin-user-id",
+    "role": "admin",
+    "aud": "authenticated",
+    "email": "admin@example.com",
+}
+
+
+@pytest.fixture(autouse=True)
+def mock_config(mocker: MockerFixture):
+    mocker.patch.dict(os.environ, {"JWT_VERIFY_KEY": MOCK_JWT_SECRET}, clear=True)
+    mocker.patch.object(config, "_settings", Settings())
+    yield
+
+
+def create_token(payload, secret=None, algorithm="HS256"):
+    """Helper to create JWT tokens."""
+    if secret is None:
+        secret = MOCK_JWT_SECRET
+    return jwt.encode(payload, secret, algorithm=algorithm)
+
+
+def test_parse_jwt_token_valid():
+    """Test parsing a valid JWT token."""
+    token = create_token(TEST_USER_PAYLOAD)
+    result = jwt_utils.parse_jwt_token(token)
+
+    assert result["sub"] == "test-user-id"
+    assert result["role"] == "user"
+    assert result["aud"] == "authenticated"
+
+
+def test_parse_jwt_token_expired():
+    """Test parsing an expired JWT token."""
+    expired_payload = {
+        **TEST_USER_PAYLOAD,
+        "exp": datetime.now(timezone.utc) - timedelta(hours=1),
+    }
+    token = create_token(expired_payload)
+
+    with pytest.raises(ValueError) as exc_info:
+        jwt_utils.parse_jwt_token(token)
+    assert "Token has expired" in str(exc_info.value)
+
+
+def test_parse_jwt_token_invalid_signature():
+    """Test parsing a token with invalid signature."""
+    # Create token with different secret
+    token = create_token(TEST_USER_PAYLOAD, secret="wrong-secret")
+
+    with pytest.raises(ValueError) as exc_info:
+        jwt_utils.parse_jwt_token(token)
+    assert "Invalid token" in str(exc_info.value)
+
+
+def test_parse_jwt_token_malformed():
+    """Test parsing a malformed token."""
+    malformed_tokens = [
+        "not.a.token",
+        "invalid",
+        "",
+        # Header only
+        "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9",
+        # No signature
+        "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0In0",
+    ]
+
+    for token in malformed_tokens:
+        with pytest.raises(ValueError) as exc_info:
+            jwt_utils.parse_jwt_token(token)
+        assert "Invalid token" in str(exc_info.value)
+
+
+def test_parse_jwt_token_wrong_audience():
+    """Test parsing a token with wrong audience."""
+    wrong_aud_payload = {**TEST_USER_PAYLOAD, "aud": "wrong-audience"}
+    token = create_token(wrong_aud_payload)
+
+    with pytest.raises(ValueError) as exc_info:
+        jwt_utils.parse_jwt_token(token)
+    assert "Invalid token" in str(exc_info.value)
+
+
+def test_parse_jwt_token_missing_audience():
+    """Test parsing a token without audience claim."""
+    no_aud_payload = {k: v for k, v in TEST_USER_PAYLOAD.items() if k != "aud"}
+    token = create_token(no_aud_payload)
+
+    with pytest.raises(ValueError) as exc_info:
+        jwt_utils.parse_jwt_token(token)
+    assert "Invalid token" in str(exc_info.value)
+
+
+async def test_get_jwt_payload_with_valid_token():
+    """Test extracting JWT payload with valid bearer token."""
+    token = create_token(TEST_USER_PAYLOAD)
+    credentials = HTTPAuthorizationCredentials(scheme="Bearer", credentials=token)
+
+    result = await jwt_utils.get_jwt_payload(credentials)
+    assert result["sub"] == "test-user-id"
+    assert result["role"] == "user"
+
+
+async def test_get_jwt_payload_no_credentials():
+    """Test JWT payload when no credentials provided."""
+    with pytest.raises(HTTPException) as exc_info:
+        await jwt_utils.get_jwt_payload(None)
+    assert exc_info.value.status_code == 401
+    assert "Authorization header is missing" in exc_info.value.detail
+
+
+async def test_get_jwt_payload_invalid_token():
+    """Test JWT payload extraction with invalid token."""
+    credentials = HTTPAuthorizationCredentials(
+        scheme="Bearer", credentials="invalid.token.here"
+    )
+
+    with pytest.raises(HTTPException) as exc_info:
+        await jwt_utils.get_jwt_payload(credentials)
+    assert exc_info.value.status_code == 401
+    assert "Invalid token" in exc_info.value.detail
+
+
+def test_verify_user_with_valid_user():
+    """Test verifying a valid user."""
+    user = jwt_utils.verify_user(TEST_USER_PAYLOAD, admin_only=False)
+    assert isinstance(user, User)
+    assert user.user_id == "test-user-id"
+    assert user.role == "user"
+    assert user.email == "test@example.com"
+
+
+def test_verify_user_with_admin():
+    """Test verifying an admin user."""
+    user = jwt_utils.verify_user(TEST_ADMIN_PAYLOAD, admin_only=True)
+    assert isinstance(user, User)
+    assert user.user_id == "admin-user-id"
+    assert user.role == "admin"
+
+
+def test_verify_user_admin_only_with_regular_user():
+    """Test verifying regular user when admin is required."""
+    with pytest.raises(HTTPException) as exc_info:
+        jwt_utils.verify_user(TEST_USER_PAYLOAD, admin_only=True)
+    assert exc_info.value.status_code == 403
+    assert "Admin access required" in exc_info.value.detail
+
+
+def test_verify_user_no_payload():
+    """Test verifying user with no payload."""
+    with pytest.raises(HTTPException) as exc_info:
+        jwt_utils.verify_user(None, admin_only=False)
+    assert exc_info.value.status_code == 401
+    assert "Authorization header is missing" in exc_info.value.detail
+
+
+def test_verify_user_missing_sub():
+    """Test verifying user with payload missing 'sub' field."""
+    invalid_payload = {"role": "user", "email": "test@example.com"}
+    with pytest.raises(HTTPException) as exc_info:
+        jwt_utils.verify_user(invalid_payload, admin_only=False)
+    assert exc_info.value.status_code == 401
+    assert "User ID not found in token" in exc_info.value.detail
+
+
+def test_verify_user_empty_sub():
+    """Test verifying user with empty 'sub' field."""
+    invalid_payload = {"sub": "", "role": "user"}
+    with pytest.raises(HTTPException) as exc_info:
+        jwt_utils.verify_user(invalid_payload, admin_only=False)
+    assert exc_info.value.status_code == 401
+    assert "User ID not found in token" in exc_info.value.detail
+
+
+def test_verify_user_none_sub():
+    """Test verifying user with None 'sub' field."""
+    invalid_payload = {"sub": None, "role": "user"}
+    with pytest.raises(HTTPException) as exc_info:
+        jwt_utils.verify_user(invalid_payload, admin_only=False)
+    assert exc_info.value.status_code == 401
+    assert "User ID not found in token" in exc_info.value.detail
+
+
+def test_verify_user_missing_role_admin_check():
+    """Test verifying admin when role field is missing."""
+    no_role_payload = {"sub": "user-id"}
+    with pytest.raises(KeyError):
+        # This will raise KeyError when checking payload["role"]
+        jwt_utils.verify_user(no_role_payload, admin_only=True)
+
+
+# ======================== EDGE CASES ======================== #
+
+
+def test_jwt_with_additional_claims():
+    """Test JWT token with additional custom claims."""
+    extra_claims_payload = {
+        "sub": "user-id",
+        "role": "user",
+        "aud": "authenticated",
+        "custom_claim": "custom_value",
+        "permissions": ["read", "write"],
+        "metadata": {"key": "value"},
+    }
+    token = create_token(extra_claims_payload)
+
+    result = jwt_utils.parse_jwt_token(token)
+    assert result["sub"] == "user-id"
+    assert result["custom_claim"] == "custom_value"
+    assert result["permissions"] == ["read", "write"]
+
+
+def test_jwt_with_numeric_sub():
+    """Test JWT token with numeric user ID."""
+    payload = {
+        "sub": 12345,  # Numeric ID
+        "role": "user",
+        "aud": "authenticated",
+    }
+    # Should convert to string internally
+    user = jwt_utils.verify_user(payload, admin_only=False)
+    assert user.user_id == 12345
+
+
+def test_jwt_with_very_long_sub():
+    """Test JWT token with very long user ID."""
+    long_id = "a" * 1000
+    payload = {
+        "sub": long_id,
+        "role": "user",
+        "aud": "authenticated",
+    }
+    user = jwt_utils.verify_user(payload, admin_only=False)
+    assert user.user_id == long_id
+
+
+def test_jwt_with_special_characters_in_claims():
+    """Test JWT token with special characters in claims."""
+    payload = {
+        "sub": "user@example.com/special-chars!@#$%",
+        "role": "admin",
+        "aud": "authenticated",
+        "email": "test+special@example.com",
+    }
+    user = jwt_utils.verify_user(payload, admin_only=True)
+    assert "special-chars!@#$%" in user.user_id
+
+
+def test_jwt_with_future_iat():
+    """Test JWT token with issued-at time in future."""
+    future_payload = {
+        "sub": "user-id",
+        "role": "user",
+        "aud": "authenticated",
+        "iat": datetime.now(timezone.utc) + timedelta(hours=1),
+    }
+    token = create_token(future_payload)
+
+    # PyJWT validates iat claim and should reject future tokens
+    with pytest.raises(ValueError, match="not yet valid"):
+        jwt_utils.parse_jwt_token(token)
+
+
+def test_jwt_with_different_algorithms():
+    """Test that only HS256 algorithm is accepted."""
+    payload = {
+        "sub": "user-id",
+        "role": "user",
+        "aud": "authenticated",
+    }
+
+    # Try different algorithms
+    algorithms = ["HS384", "HS512", "none"]
+    for algo in algorithms:
+        if algo == "none":
+            # Special case for 'none' algorithm (security vulnerability if accepted)
+            token = create_token(payload, "", algorithm="none")
+        else:
+            token = create_token(payload, algorithm=algo)
+
+        with pytest.raises(ValueError) as exc_info:
+            jwt_utils.parse_jwt_token(token)
+        assert "Invalid token" in str(exc_info.value)

autogpt_platform/autogpt_libs/autogpt_libs/auth/middleware.py

@@ -1,140 +0,0 @@
-import inspect
-import logging
-import secrets
-from typing import Any, Callable, Optional
-
-from fastapi import HTTPException, Request, Security
-from fastapi.security import APIKeyHeader, HTTPBearer
-from starlette.status import HTTP_401_UNAUTHORIZED
-
-from .config import settings
-from .jwt_utils import parse_jwt_token
-
-security = HTTPBearer()
-logger = logging.getLogger(__name__)
-
-
-async def auth_middleware(request: Request):
-    if not settings.ENABLE_AUTH:
-        # If authentication is disabled, allow the request to proceed
-        logger.warning("Auth disabled")
-        return {}
-
-    security = HTTPBearer()
-    credentials = await security(request)
-
-    if not credentials:
-        raise HTTPException(status_code=401, detail="Authorization header is missing")
-
-    try:
-        payload = parse_jwt_token(credentials.credentials)
-        request.state.user = payload
-        logger.debug("Token decoded successfully")
-    except ValueError as e:
-        raise HTTPException(status_code=401, detail=str(e))
-    return payload
-
-
-class APIKeyValidator:
-    """
-    Configurable API key validator that supports custom validation functions
-    for FastAPI applications.
-
-    This class provides a flexible way to implement API key authentication with optional
-    custom validation logic. It can be used for simple token matching
-    or more complex validation scenarios like database lookups.
-
-    Examples:
-        Simple token validation:
-        ```python
-        validator = APIKeyValidator(
-            header_name="X-API-Key",
-            expected_token="your-secret-token"
-        )
-
-        @app.get("/protected", dependencies=[Depends(validator.get_dependency())])
-        def protected_endpoint():
-            return {"message": "Access granted"}
-        ```
-
-        Custom validation with database lookup:
-        ```python
-        async def validate_with_db(api_key: str):
-            api_key_obj = await db.get_api_key(api_key)
-            return api_key_obj if api_key_obj and api_key_obj.is_active else None
-
-        validator = APIKeyValidator(
-            header_name="X-API-Key",
-            validate_fn=validate_with_db
-        )
-        ```
-
-    Args:
-        header_name (str): The name of the header containing the API key
-        expected_token (Optional[str]): The expected API key value for simple token matching
-        validate_fn (Optional[Callable]): Custom validation function that takes an API key
-            string and returns a boolean or object. Can be async.
-        error_status (int): HTTP status code to use for validation errors
-        error_message (str): Error message to return when validation fails
-    """
-
-    def __init__(
-        self,
-        header_name: str,
-        expected_token: Optional[str] = None,
-        validate_fn: Optional[Callable[[str], bool]] = None,
-        error_status: int = HTTP_401_UNAUTHORIZED,
-        error_message: str = "Invalid API key",
-    ):
-        # Create the APIKeyHeader as a class property
-        self.security_scheme = APIKeyHeader(name=header_name)
-        self.expected_token = expected_token
-        self.custom_validate_fn = validate_fn
-        self.error_status = error_status
-        self.error_message = error_message
-
-    async def default_validator(self, api_key: str) -> bool:
-        if not self.expected_token:
-            raise ValueError(
-                "Expected Token Required to be set when uisng API Key Validator default validation"
-            )
-        return secrets.compare_digest(api_key, self.expected_token)
-
-    async def __call__(
-        self, request: Request, api_key: str = Security(APIKeyHeader)
-    ) -> Any:
-        if api_key is None:
-            raise HTTPException(status_code=self.error_status, detail="Missing API key")
-
-        # Use custom validation if provided, otherwise use default equality check
-        validator = self.custom_validate_fn or self.default_validator
-        result = (
-            await validator(api_key)
-            if inspect.iscoroutinefunction(validator)
-            else validator(api_key)
-        )
-
-        if not result:
-            raise HTTPException(
-                status_code=self.error_status, detail=self.error_message
-            )
-
-        # Store validation result in request state if it's not just a boolean
-        if result is not True:
-            request.state.api_key = result
-
-        return result
-
-    def get_dependency(self):
-        """
-        Returns a callable dependency that FastAPI will recognize as a security scheme
-        """
-
-        async def validate_api_key(
-            request: Request, api_key: str = Security(self.security_scheme)
-        ) -> Any:
-            return await self(request, api_key)
-
-        # This helps FastAPI recognize it as a security dependency
-        validate_api_key.__name__ = f"validate_{self.security_scheme.model.name}"
-        return validate_api_key

autogpt_platform/autogpt_libs/autogpt_libs/feature_flag/client.py

@@ -1,166 +0,0 @@
-import asyncio
-import contextlib
-import logging
-from functools import wraps
-from typing import Any, Awaitable, Callable, Dict, Optional, TypeVar, Union, cast
-
-import ldclient
-from fastapi import HTTPException
-from ldclient import Context, LDClient
-from ldclient.config import Config
-from typing_extensions import ParamSpec
-
-from .config import SETTINGS
-
-logger = logging.getLogger(__name__)
-
-P = ParamSpec("P")
-T = TypeVar("T")
-
-
-def get_client() -> LDClient:
-    """Get the LaunchDarkly client singleton."""
-    return ldclient.get()
-
-
-def initialize_launchdarkly() -> None:
-    sdk_key = SETTINGS.launch_darkly_sdk_key
-    logger.debug(
-        f"Initializing LaunchDarkly with SDK key: {'present' if sdk_key else 'missing'}"
-    )
-
-    if not sdk_key:
-        logger.warning("LaunchDarkly SDK key not configured")
-        return
-
-    config = Config(sdk_key)
-    ldclient.set_config(config)
-
-    if ldclient.get().is_initialized():
-        logger.info("LaunchDarkly client initialized successfully")
-    else:
-        logger.error("LaunchDarkly client failed to initialize")
-
-
-def shutdown_launchdarkly() -> None:
-    """Shutdown the LaunchDarkly client."""
-    if ldclient.get().is_initialized():
-        ldclient.get().close()
-        logger.info("LaunchDarkly client closed successfully")
-
-
-def create_context(
-    user_id: str, additional_attributes: Optional[Dict[str, Any]] = None
-) -> Context:
-    """Create LaunchDarkly context with optional additional attributes."""
-    builder = Context.builder(str(user_id)).kind("user")
-    if additional_attributes:
-        for key, value in additional_attributes.items():
-            builder.set(key, value)
-    return builder.build()
-
-
-def feature_flag(
-    flag_key: str,
-    default: bool = False,
-) -> Callable[
-    [Callable[P, Union[T, Awaitable[T]]]], Callable[P, Union[T, Awaitable[T]]]
-]:
-    """
-    Decorator for feature flag protected endpoints.
-    """
-
-    def decorator(
-        func: Callable[P, Union[T, Awaitable[T]]],
-    ) -> Callable[P, Union[T, Awaitable[T]]]:
-        @wraps(func)
-        async def async_wrapper(*args: P.args, **kwargs: P.kwargs) -> T:
-            try:
-                user_id = kwargs.get("user_id")
-                if not user_id:
-                    raise ValueError("user_id is required")
-
-                if not get_client().is_initialized():
-                    logger.warning(
-                        f"LaunchDarkly not initialized, using default={default}"
-                    )
-                    is_enabled = default
-                else:
-                    context = create_context(str(user_id))
-                    is_enabled = get_client().variation(flag_key, context, default)
-
-                if not is_enabled:
-                    raise HTTPException(status_code=404, detail="Feature not available")
-
-                result = func(*args, **kwargs)
-                if asyncio.iscoroutine(result):
-                    return await result
-                return cast(T, result)
-            except Exception as e:
-                logger.error(f"Error evaluating feature flag {flag_key}: {e}")
-                raise
-
-        @wraps(func)
-        def sync_wrapper(*args: P.args, **kwargs: P.kwargs) -> T:
-            try:
-                user_id = kwargs.get("user_id")
-                if not user_id:
-                    raise ValueError("user_id is required")
-
-                if not get_client().is_initialized():
-                    logger.warning(
-                        f"LaunchDarkly not initialized, using default={default}"
-                    )
-                    is_enabled = default
-                else:
-                    context = create_context(str(user_id))
-                    is_enabled = get_client().variation(flag_key, context, default)
-
-                if not is_enabled:
-                    raise HTTPException(status_code=404, detail="Feature not available")
-
-                return cast(T, func(*args, **kwargs))
-            except Exception as e:
-                logger.error(f"Error evaluating feature flag {flag_key}: {e}")
-                raise
-
-        return cast(
-            Callable[P, Union[T, Awaitable[T]]],
-            async_wrapper if asyncio.iscoroutinefunction(func) else sync_wrapper,
-        )
-
-    return decorator
-
-
-def percentage_rollout(
-    flag_key: str,
-    default: bool = False,
-) -> Callable[
-    [Callable[P, Union[T, Awaitable[T]]]], Callable[P, Union[T, Awaitable[T]]]
-]:
-    """Decorator for percentage-based rollouts."""
-    return feature_flag(flag_key, default)
-
-
-def beta_feature(
-    flag_key: Optional[str] = None,
-    unauthorized_response: Any = {"message": "Not available in beta"},
-) -> Callable[
-    [Callable[P, Union[T, Awaitable[T]]]], Callable[P, Union[T, Awaitable[T]]]
-]:
-    """Decorator for beta features."""
-    actual_key = f"beta-{flag_key}" if flag_key else "beta"
-    return feature_flag(actual_key, False)
-
-
-@contextlib.contextmanager
-def mock_flag_variation(flag_key: str, return_value: Any):
-    """Context manager for testing feature flags."""
-    original_variation = get_client().variation
-    get_client().variation = lambda key, context, default: (
-        return_value if key == flag_key else original_variation(key, context, default)
-    )
-    try:
-        yield
-    finally:
-        get_client().variation = original_variation

autogpt_platform/autogpt_libs/autogpt_libs/feature_flag/client_test.py

@@ -1,45 +0,0 @@
-import pytest
-from ldclient import LDClient
-
-from autogpt_libs.feature_flag.client import feature_flag, mock_flag_variation
-
-
-@pytest.fixture
-def ld_client(mocker):
-    client = mocker.Mock(spec=LDClient)
-    mocker.patch("ldclient.get", return_value=client)
-    client.is_initialized.return_value = True
-    return client
-
-
-@pytest.mark.asyncio
-async def test_feature_flag_enabled(ld_client):
-    ld_client.variation.return_value = True
-
-    @feature_flag("test-flag")
-    async def test_function(user_id: str):
-        return "success"
-
-    result = test_function(user_id="test-user")
-    assert result == "success"
-    ld_client.variation.assert_called_once()
-
-
-@pytest.mark.asyncio
-async def test_feature_flag_unauthorized_response(ld_client):
-    ld_client.variation.return_value = False
-
-    @feature_flag("test-flag")
-    async def test_function(user_id: str):
-        return "success"
-
-    result = test_function(user_id="test-user")
-    assert result == {"error": "disabled"}
-
-
-def test_mock_flag_variation(ld_client):
-    with mock_flag_variation("test-flag", True):
-        assert ld_client.variation("test-flag", None, False)
-
-    with mock_flag_variation("test-flag", False):
-        assert ld_client.variation("test-flag", None, False)

autogpt_platform/autogpt_libs/autogpt_libs/feature_flag/config.py

@@ -1,15 +0,0 @@
-from pydantic import Field
-from pydantic_settings import BaseSettings, SettingsConfigDict
-
-
-class Settings(BaseSettings):
-    launch_darkly_sdk_key: str = Field(
-        default="",
-        description="The Launch Darkly SDK key",
-        validation_alias="LAUNCH_DARKLY_SDK_KEY",
-    )
-
-    model_config = SettingsConfigDict(case_sensitive=True, extra="ignore")
-
-
-SETTINGS = Settings()

autogpt_platform/autogpt_libs/autogpt_libs/logging/config.py

@@ -1,7 +1,10 @@
 """Logging module for Auto-GPT."""
 
 import logging
+import os
+import socket
 import sys
+from logging.handlers import RotatingFileHandler
 from pathlib import Path
 
 from pydantic import Field, field_validator
@@ -10,6 +13,15 @@ from pydantic_settings import BaseSettings, SettingsConfigDict
 from .filters import BelowLevelFilter
 from .formatters import AGPTFormatter
 
+# Configure global socket timeout and gRPC keepalive to prevent deadlocks
+# This must be done at import time before any gRPC connections are established
+socket.setdefaulttimeout(30)  # 30-second socket timeout
+
+# Enable gRPC keepalive to detect dead connections faster
+os.environ.setdefault("GRPC_KEEPALIVE_TIME_MS", "30000")  # 30 seconds
+os.environ.setdefault("GRPC_KEEPALIVE_TIMEOUT_MS", "5000")  # 5 seconds
+os.environ.setdefault("GRPC_KEEPALIVE_PERMIT_WITHOUT_CALLS", "true")
+
 LOG_DIR = Path(__file__).parent.parent.parent.parent / "logs"
 LOG_FILE = "activity.log"
 DEBUG_LOG_FILE = "debug.log"
@@ -79,42 +91,39 @@ def configure_logging(force_cloud_logging: bool = False) -> None:
     Note: This function is typically called at the start of the application
     to set up the logging infrastructure.
     """
-
     config = LoggingConfig()
     log_handlers: list[logging.Handler] = []
 
+    structured_logging = config.enable_cloud_logging or force_cloud_logging
+
     # Console output handlers
-    stdout = logging.StreamHandler(stream=sys.stdout)
-    stdout.setLevel(config.level)
-    stdout.addFilter(BelowLevelFilter(logging.WARNING))
-    if config.level == logging.DEBUG:
-        stdout.setFormatter(AGPTFormatter(DEBUG_LOG_FORMAT))
-    else:
-        stdout.setFormatter(AGPTFormatter(SIMPLE_LOG_FORMAT))
+    if not structured_logging:
+        stdout = logging.StreamHandler(stream=sys.stdout)
+        stdout.setLevel(config.level)
+        stdout.addFilter(BelowLevelFilter(logging.WARNING))
+        if config.level == logging.DEBUG:
+            stdout.setFormatter(AGPTFormatter(DEBUG_LOG_FORMAT))
+        else:
+            stdout.setFormatter(AGPTFormatter(SIMPLE_LOG_FORMAT))
 
-    stderr = logging.StreamHandler()
-    stderr.setLevel(logging.WARNING)
-    if config.level == logging.DEBUG:
-        stderr.setFormatter(AGPTFormatter(DEBUG_LOG_FORMAT))
-    else:
-        stderr.setFormatter(AGPTFormatter(SIMPLE_LOG_FORMAT))
+        stderr = logging.StreamHandler()
+        stderr.setLevel(logging.WARNING)
+        if config.level == logging.DEBUG:
+            stderr.setFormatter(AGPTFormatter(DEBUG_LOG_FORMAT))
+        else:
+            stderr.setFormatter(AGPTFormatter(SIMPLE_LOG_FORMAT))
 
-    log_handlers += [stdout, stderr]
+        log_handlers += [stdout, stderr]
 
     # Cloud logging setup
-    if config.enable_cloud_logging or force_cloud_logging:
-        import google.cloud.logging
-        from google.cloud.logging.handlers import CloudLoggingHandler
-        from google.cloud.logging_v2.handlers.transports.sync import SyncTransport
+    else:
+        # Use Google Cloud Structured Log Handler. Log entries are printed to stdout
+        # in a JSON format which is automatically picked up by Google Cloud Logging.
+        from google.cloud.logging.handlers import StructuredLogHandler
 
-        client = google.cloud.logging.Client()
-        cloud_handler = CloudLoggingHandler(
-            client,
-            name="autogpt_logs",
-            transport=SyncTransport,
-        )
-        cloud_handler.setLevel(config.level)
-        log_handlers.append(cloud_handler)
+        structured_log_handler = StructuredLogHandler(stream=sys.stdout)
+        structured_log_handler.setLevel(config.level)
+        log_handlers.append(structured_log_handler)
 
     # File logging setup
     if config.enable_file_logging:
@@ -125,8 +134,13 @@ def configure_logging(force_cloud_logging: bool = False) -> None:
         print(f"Log directory: {config.log_dir}")
 
         # Activity log handler (INFO and above)
-        activity_log_handler = logging.FileHandler(
-            config.log_dir / LOG_FILE, "a", "utf-8"
+        # Security fix: Use RotatingFileHandler with size limits to prevent disk exhaustion
+        activity_log_handler = RotatingFileHandler(
+            config.log_dir / LOG_FILE,
+            mode="a",
+            encoding="utf-8",
+            maxBytes=10 * 1024 * 1024,  # 10MB per file
+            backupCount=3,  # Keep 3 backup files (40MB total)
         )
         activity_log_handler.setLevel(config.level)
         activity_log_handler.setFormatter(
@@ -136,8 +150,13 @@ def configure_logging(force_cloud_logging: bool = False) -> None:
 
         if config.level == logging.DEBUG:
             # Debug log handler (all levels)
-            debug_log_handler = logging.FileHandler(
-                config.log_dir / DEBUG_LOG_FILE, "a", "utf-8"
+            # Security fix: Use RotatingFileHandler with size limits
+            debug_log_handler = RotatingFileHandler(
+                config.log_dir / DEBUG_LOG_FILE,
+                mode="a",
+                encoding="utf-8",
+                maxBytes=10 * 1024 * 1024,  # 10MB per file
+                backupCount=3,  # Keep 3 backup files (40MB total)
             )
             debug_log_handler.setLevel(logging.DEBUG)
             debug_log_handler.setFormatter(
@@ -146,8 +165,13 @@ def configure_logging(force_cloud_logging: bool = False) -> None:
             log_handlers.append(debug_log_handler)
 
         # Error log handler (ERROR and above)
-        error_log_handler = logging.FileHandler(
-            config.log_dir / ERROR_LOG_FILE, "a", "utf-8"
+        # Security fix: Use RotatingFileHandler with size limits
+        error_log_handler = RotatingFileHandler(
+            config.log_dir / ERROR_LOG_FILE,
+            mode="a",
+            encoding="utf-8",
+            maxBytes=10 * 1024 * 1024,  # 10MB per file
+            backupCount=3,  # Keep 3 backup files (40MB total)
         )
         error_log_handler.setLevel(logging.ERROR)
         error_log_handler.setFormatter(AGPTFormatter(DEBUG_LOG_FORMAT, no_color=True))
@@ -155,7 +179,13 @@ def configure_logging(force_cloud_logging: bool = False) -> None:
 
     # Configure the root logger
     logging.basicConfig(
-        format=DEBUG_LOG_FORMAT if config.level == logging.DEBUG else SIMPLE_LOG_FORMAT,
+        format=(
+            "%(levelname)s  %(message)s"
+            if structured_logging
+            else (
+                DEBUG_LOG_FORMAT if config.level == logging.DEBUG else SIMPLE_LOG_FORMAT
+            )
+        ),
         level=config.level,
         handlers=log_handlers,
     )

autogpt_platform/autogpt_libs/autogpt_libs/logging/utils.py

@@ -1,39 +1,5 @@
-import logging
 import re
-from typing import Any
-
-import uvicorn.config
-from colorama import Fore
 
 
 def remove_color_codes(s: str) -> str:
     return re.sub(r"\x1B(?:[@-Z\\-_]|\[[0-?]*[ -/]*[@-~])", "", s)
-
-
-def fmt_kwargs(kwargs: dict) -> str:
-    return ", ".join(f"{n}={repr(v)}" for n, v in kwargs.items())
-
-
-def print_attribute(
-    title: str, value: Any, title_color: str = Fore.GREEN, value_color: str = ""
-) -> None:
-    logger = logging.getLogger()
-    logger.info(
-        str(value),
-        extra={
-            "title": f"{title.rstrip(':')}:",
-            "title_color": title_color,
-            "color": value_color,
-        },
-    )
-
-
-def generate_uvicorn_config():
-    """
-    Generates a uvicorn logging config that silences uvicorn's default logging and tells it to use the native logging module.
-    """
-    log_config = dict(uvicorn.config.LOGGING_CONFIG)
-    log_config["loggers"]["uvicorn"] = {"handlers": []}
-    log_config["loggers"]["uvicorn.error"] = {"handlers": []}
-    log_config["loggers"]["uvicorn.access"] = {"handlers": []}
-    return log_config

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/config.py

@@ -1,3 +1,5 @@
+from typing import Optional
+
 from pydantic import Field
 from pydantic_settings import BaseSettings, SettingsConfigDict
 
@@ -13,8 +15,8 @@ class RateLimitSettings(BaseSettings):
         default="6379", description="Redis port", validation_alias="REDIS_PORT"
     )
 
-    redis_password: str = Field(
-        default="password",
+    redis_password: Optional[str] = Field(
+        default=None,
         description="Redis password",
         validation_alias="REDIS_PASSWORD",
     )

autogpt_platform/autogpt_libs/autogpt_libs/rate_limit/limiter.py

@@ -11,7 +11,7 @@ class RateLimiter:
         self,
         redis_host: str = RATE_LIMIT_SETTINGS.redis_host,
         redis_port: str = RATE_LIMIT_SETTINGS.redis_port,
-        redis_password: str = RATE_LIMIT_SETTINGS.redis_password,
+        redis_password: str | None = RATE_LIMIT_SETTINGS.redis_password,
         requests_per_minute: int = RATE_LIMIT_SETTINGS.requests_per_minute,
     ):
         self.redis = Redis(

autogpt_platform/autogpt_libs/autogpt_libs/utils/cache.py

@@ -1,59 +0,0 @@
-import inspect
-import threading
-from typing import Awaitable, Callable, ParamSpec, TypeVar, cast, overload
-
-P = ParamSpec("P")
-R = TypeVar("R")
-
-
-@overload
-def thread_cached(func: Callable[P, Awaitable[R]]) -> Callable[P, Awaitable[R]]: ...
-
-
-@overload
-def thread_cached(func: Callable[P, R]) -> Callable[P, R]: ...
-
-
-def thread_cached(
-    func: Callable[P, R] | Callable[P, Awaitable[R]],
-) -> Callable[P, R] | Callable[P, Awaitable[R]]:
-    thread_local = threading.local()
-
-    def _clear():
-        if hasattr(thread_local, "cache"):
-            del thread_local.cache
-
-    if inspect.iscoroutinefunction(func):
-
-        async def async_wrapper(*args: P.args, **kwargs: P.kwargs) -> R:
-            cache = getattr(thread_local, "cache", None)
-            if cache is None:
-                cache = thread_local.cache = {}
-            key = (args, tuple(sorted(kwargs.items())))
-            if key not in cache:
-                cache[key] = await cast(Callable[P, Awaitable[R]], func)(
-                    *args, **kwargs
-                )
-            return cache[key]
-
-        setattr(async_wrapper, "clear_cache", _clear)
-        return async_wrapper
-
-    else:
-
-        def sync_wrapper(*args: P.args, **kwargs: P.kwargs) -> R:
-            cache = getattr(thread_local, "cache", None)
-            if cache is None:
-                cache = thread_local.cache = {}
-            key = (args, tuple(sorted(kwargs.items())))
-            if key not in cache:
-                cache[key] = func(*args, **kwargs)
-            return cache[key]
-
-        setattr(sync_wrapper, "clear_cache", _clear)
-        return sync_wrapper
-
-
-def clear_thread_cache(func: Callable) -> None:
-    if clear := getattr(func, "clear_cache", None):
-        clear()

autogpt_platform/autogpt_libs/pyproject.toml

@@ -1,29 +1,33 @@
 [tool.poetry]
 name = "autogpt-libs"
 version = "0.2.0"
-description = "Shared libraries across NextGen AutoGPT"
-authors = ["Aarushi <aarushik93@gmail.com>"]
+description = "Shared libraries across AutoGPT Platform"
+authors = ["AutoGPT team <info@agpt.co>"]
 readme = "README.md"
 packages = [{ include = "autogpt_libs" }]
 
 [tool.poetry.dependencies]
 python = ">=3.10,<4.0"
 colorama = "^0.4.6"
+cryptography = "^45.0"
 expiringdict = "^1.2.2"
+fastapi = "^0.116.1"
 google-cloud-logging = "^3.12.1"
-pydantic = "^2.11.4"
-pydantic-settings = "^2.9.1"
-pyjwt = "^2.10.1"
-pytest-asyncio = "^0.26.0"
-pytest-mock = "^3.14.0"
-supabase = "^2.15.1"
-launchdarkly-server-sdk = "^9.11.1"
-fastapi = "^0.115.12"
-uvicorn = "^0.34.3"
+launchdarkly-server-sdk = "^9.12.0"
+pydantic = "^2.11.7"
+pydantic-settings = "^2.10.1"
+pyjwt = { version = "^2.10.1", extras = ["crypto"] }
+redis = "^6.2.0"
+supabase = "^2.16.0"
+uvicorn = "^0.35.0"
 
 [tool.poetry.group.dev.dependencies]
-redis = "^5.2.1"
-ruff = "^0.11.10"
+pyright = "^1.1.404"
+pytest = "^8.4.1"
+pytest-asyncio = "^1.1.0"
+pytest-mock = "^3.14.1"
+pytest-cov = "^6.2.1"
+ruff = "^0.12.11"
 
 [build-system]
 requires = ["poetry-core"]

autogpt_platform/backend/.dockerignore

@@ -0,0 +1,52 @@
+# Development and testing files
+**/__pycache__
+**/*.pyc
+**/*.pyo
+**/*.pyd
+**/.Python
+**/env/
+**/venv/
+**/.venv/
+**/pip-log.txt
+**/.pytest_cache/
+**/test-results/
+**/snapshots/
+**/test/
+
+# IDE and editor files
+**/.vscode/
+**/.idea/
+**/*.swp
+**/*.swo
+*~
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Logs
+**/*.log
+**/logs/
+
+# Git
+.git/
+.gitignore
+
+# Documentation
+**/*.md
+!README.md
+
+# Local development files
+.env
+.env.local
+**/.env.test
+
+# Build artifacts
+**/dist/
+**/build/
+**/target/
+
+# Docker files (avoid recursion)
+Dockerfile*
+docker-compose*
+.dockerignore

autogpt_platform/backend/.env.default

@@ -1,3 +1,9 @@
+# Backend Configuration
+# This file contains environment variables that MUST be set for the AutoGPT platform
+# Variables with working defaults in settings.py are not included here
+
+## ===== REQUIRED DATABASE CONFIGURATION ===== ##
+# PostgreSQL Database Connection
 DB_USER=postgres
 DB_PASS=your-super-secret-and-long-postgres-password
 DB_NAME=postgres
@@ -11,71 +17,48 @@ DATABASE_URL="postgresql://${DB_USER}:${DB_PASS}@${DB_HOST}:${DB_PORT}/${DB_NAME
 DIRECT_URL="postgresql://${DB_USER}:${DB_PASS}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=${DB_SCHEMA}&connect_timeout=${DB_CONNECT_TIMEOUT}"
 PRISMA_SCHEMA="postgres/schema.prisma"
 
-# EXECUTOR
-NUM_GRAPH_WORKERS=10
-
-BACKEND_CORS_ALLOW_ORIGINS=["http://localhost:3000"]
-
-# generate using `from cryptography.fernet import Fernet;Fernet.generate_key().decode()`
-ENCRYPTION_KEY='dvziYgz0KSK8FENhju0ZYi8-fRTfAdlz6YLhdB_jhNw='
-UNSUBSCRIBE_SECRET_KEY = 'HlP8ivStJjmbf6NKi78m_3FnOogut0t5ckzjsIqeaio='
-
+## ===== REQUIRED SERVICE CREDENTIALS ===== ##
+# Redis Configuration
 REDIS_HOST=localhost
 REDIS_PORT=6379
-REDIS_PASSWORD=password
+# REDIS_PASSWORD=
 
-ENABLE_CREDIT=false
-STRIPE_API_KEY=
-STRIPE_WEBHOOK_SECRET=
-
-# What environment things should be logged under: local dev or prod
-APP_ENV=local
-# What environment to behave as: "local" or "cloud"
-BEHAVE_AS=local
-PYRO_HOST=localhost
-SENTRY_DSN=
-
-# Email For Postmark so we can send emails
-POSTMARK_SERVER_API_TOKEN=
-POSTMARK_SENDER_EMAIL=invalid@invalid.com
-POSTMARK_WEBHOOK_TOKEN=
-
-## User auth with Supabase is required for any of the 3rd party integrations with auth to work.
-ENABLE_AUTH=true
-SUPABASE_URL=http://localhost:8000
-SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJzZXJ2aWNlX3JvbGUiLAogICAgImlzcyI6ICJzdXBhYmFzZS1kZW1vIiwKICAgICJpYXQiOiAxNjQxNzY5MjAwLAogICAgImV4cCI6IDE3OTk1MzU2MDAKfQ.DaYlNEoUrrEn2Ig7tqibS-PHK5vgusbcbo7X36XVt4Q
-SUPABASE_JWT_SECRET=your-super-secret-jwt-token-with-at-least-32-characters-long
-
-# RabbitMQ credentials -- Used for communication between services
-RABBITMQ_HOST=localhost
-RABBITMQ_PORT=5672
+# RabbitMQ Credentials
 RABBITMQ_DEFAULT_USER=rabbitmq_user_default
 RABBITMQ_DEFAULT_PASS=k0VMxyIJF9S35f3x2uaw5IWAl6Y536O7
 
-## GCS bucket is required for marketplace and library functionality
+# Supabase Authentication
+SUPABASE_URL=http://localhost:8000
+SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyAgCiAgICAicm9sZSI6ICJzZXJ2aWNlX3JvbGUiLAogICAgImlzcyI6ICJzdXBhYmFzZS1kZW1vIiwKICAgICJpYXQiOiAxNjQxNzY5MjAwLAogICAgImV4cCI6IDE3OTk1MzU2MDAKfQ.DaYlNEoUrrEn2Ig7tqibS-PHK5vgusbcbo7X36XVt4Q
+JWT_VERIFY_KEY=your-super-secret-jwt-token-with-at-least-32-characters-long
+
+## ===== REQUIRED SECURITY KEYS ===== ##
+# Generate using: from cryptography.fernet import Fernet;Fernet.generate_key().decode()
+ENCRYPTION_KEY=dvziYgz0KSK8FENhju0ZYi8-fRTfAdlz6YLhdB_jhNw=
+UNSUBSCRIBE_SECRET_KEY=HlP8ivStJjmbf6NKi78m_3FnOogut0t5ckzjsIqeaio=
+
+## ===== IMPORTANT OPTIONAL CONFIGURATION ===== ##
+# Platform URLs (set these for webhooks and OAuth to work)
+PLATFORM_BASE_URL=http://localhost:8000
+FRONTEND_BASE_URL=http://localhost:3000
+
+# Media Storage (required for marketplace and library functionality)
 MEDIA_GCS_BUCKET_NAME=
 
-## For local development, you may need to set FRONTEND_BASE_URL for the OAuth flow
-## for integrations to work. Defaults to the value of PLATFORM_BASE_URL if not set.
-# FRONTEND_BASE_URL=http://localhost:3000
+## ===== API KEYS AND OAUTH CREDENTIALS ===== ##
+# All API keys below are optional - only add what you need
 
-## PLATFORM_BASE_URL must be set to a *publicly accessible* URL pointing to your backend
-## to use the platform's webhook-related functionality.
-## If you are developing locally, you can use something like ngrok to get a publc URL
-## and tunnel it to your locally running backend.
-PLATFORM_BASE_URL=http://localhost:3000
-
-## Cloudflare Turnstile (CAPTCHA) Configuration
-## Get these from the Cloudflare Turnstile dashboard: https://dash.cloudflare.com/?to=/:account/turnstile
-## This is the backend secret key
-TURNSTILE_SECRET_KEY=
-## This is the verify URL
-TURNSTILE_VERIFY_URL=https://challenges.cloudflare.com/turnstile/v0/siteverify
-
-## == INTEGRATION CREDENTIALS == ##
-# Each set of server side credentials is required for the corresponding 3rd party
-# integration to work.
+# AI/LLM Services
+OPENAI_API_KEY=
+ANTHROPIC_API_KEY=
+GROQ_API_KEY=
+LLAMA_API_KEY=
+AIML_API_KEY=
+V0_API_KEY=
+OPEN_ROUTER_API_KEY=
+NVIDIA_API_KEY=
 
+# OAuth Credentials
 # For the OAuth callback URL, use <your_frontend_url>/auth/integrations/oauth_callback,
 # e.g. http://localhost:3000/auth/integrations/oauth_callback
 
@@ -83,9 +66,13 @@ TURNSTILE_VERIFY_URL=https://challenges.cloudflare.com/turnstile/v0/siteverify
 GITHUB_CLIENT_ID=
 GITHUB_CLIENT_SECRET=
 
+# Notion OAuth App server credentials - https://developers.notion.com/docs/authorization
+# Configure a public integration
+NOTION_CLIENT_ID=
+NOTION_CLIENT_SECRET=
+
 # Google OAuth App server credentials - https://console.cloud.google.com/apis/credentials, and enable gmail api and set scopes
 # https://console.cloud.google.com/apis/credentials/consent ?project=<your_project_id>
-
 # You'll need to add/enable the following scopes (minimum):
 # https://console.developers.google.com/apis/api/gmail.googleapis.com/overview ?project=<your_project_id>
 # https://console.cloud.google.com/apis/library/sheets.googleapis.com/ ?project=<your_project_id>
@@ -121,87 +108,68 @@ LINEAR_CLIENT_SECRET=
 TODOIST_CLIENT_ID=
 TODOIST_CLIENT_SECRET=
 
-## ===== OPTIONAL API KEYS ===== ##
+NOTION_CLIENT_ID=
+NOTION_CLIENT_SECRET=
 
-# LLM
-OPENAI_API_KEY=
-ANTHROPIC_API_KEY=
-AIML_API_KEY=
-GROQ_API_KEY=
-OPEN_ROUTER_API_KEY=
-LLAMA_API_KEY=
+# Discord OAuth App credentials
+# 1. Go to https://discord.com/developers/applications
+# 2. Create a new application
+# 3. Go to OAuth2 section and add redirect URI: http://localhost:3000/auth/integrations/oauth_callback
+# 4. Copy Client ID and Client Secret below
+DISCORD_CLIENT_ID=
+DISCORD_CLIENT_SECRET=
 
-# Reddit
-# Go to https://www.reddit.com/prefs/apps and create a new app
-# Choose "script" for the type
-# Fill in the redirect uri as <your_frontend_url>/auth/integrations/oauth_callback, e.g. http://localhost:3000/auth/integrations/oauth_callback
 REDDIT_CLIENT_ID=
 REDDIT_CLIENT_SECRET=
-REDDIT_USER_AGENT="AutoGPT:1.0 (by /u/autogpt)"
 
-# Discord
-DISCORD_BOT_TOKEN=
+# Payment Processing
+STRIPE_API_KEY=
+STRIPE_WEBHOOK_SECRET=
 
-# SMTP/Email
-SMTP_SERVER=
-SMTP_PORT=
-SMTP_USERNAME=
-SMTP_PASSWORD=
+# Email Service (for sending notifications and confirmations)
+POSTMARK_SERVER_API_TOKEN=
+POSTMARK_SENDER_EMAIL=invalid@invalid.com
+POSTMARK_WEBHOOK_TOKEN=
 
-# D-ID
+# Error Tracking
+SENTRY_DSN=
+
+# Feature Flags
+LAUNCH_DARKLY_SDK_KEY=
+
+# Content Generation & Media
 DID_API_KEY=
+FAL_API_KEY=
+IDEOGRAM_API_KEY=
+REPLICATE_API_KEY=
+REVID_API_KEY=
+SCREENSHOTONE_API_KEY=
+UNREAL_SPEECH_API_KEY=
 
-# Open Weather Map
+# Data & Search Services
+E2B_API_KEY=
+EXA_API_KEY=
+JINA_API_KEY=
+MEM0_API_KEY=
 OPENWEATHERMAP_API_KEY=
-
-# SMTP
-SMTP_SERVER=
-SMTP_PORT=
-SMTP_USERNAME=
-SMTP_PASSWORD=
-
-# Medium
-MEDIUM_API_KEY=
-MEDIUM_AUTHOR_ID=
-
-# Google Maps
 GOOGLE_MAPS_API_KEY=
 
-# Replicate
-REPLICATE_API_KEY=
+# Communication Services
+DISCORD_BOT_TOKEN=
+MEDIUM_API_KEY=
+MEDIUM_AUTHOR_ID=
+SMTP_SERVER=
+SMTP_PORT=
+SMTP_USERNAME=
+SMTP_PASSWORD=
 
-# Ideogram
-IDEOGRAM_API_KEY=
-
-# Fal
-FAL_API_KEY=
-
-# Exa
-EXA_API_KEY=
-
-# E2B
-E2B_API_KEY=
-
-# Mem0
-MEM0_API_KEY=
-
-# Nvidia
-NVIDIA_API_KEY=
-
-# Apollo
+# Business & Marketing Tools
 APOLLO_API_KEY=
-
-# SmartLead
+ENRICHLAYER_API_KEY=
+AYRSHARE_API_KEY=
+AYRSHARE_JWT_KEY=
 SMARTLEAD_API_KEY=
-
-# ZeroBounce
 ZEROBOUNCE_API_KEY=
 
-## ===== OPTIONAL API KEYS END ===== ##
-
-# Logging Configuration
-LOG_LEVEL=INFO
-ENABLE_CLOUD_LOGGING=false
-ENABLE_FILE_LOGGING=false
-# Use to manually set the log directory
-# LOG_DIR=./logs
+# Other Services
+AUTOMOD_API_KEY=

autogpt_platform/backend/.gitignore

@@ -1,3 +1,4 @@
+.env
 database.db
 database.db-journal
 dev.db
@@ -8,4 +9,12 @@ secrets/*
 !secrets/.gitkeep
 
 *.ignore.*
-*.ign.*
+*.ign.*
+
+# Load test results and reports
+load-tests/*_RESULTS.md
+load-tests/*_REPORT.md
+load-tests/results/
+load-tests/*.json
+load-tests/*.log
+load-tests/node_modules/*

autogpt_platform/backend/Dockerfile

@@ -1,31 +1,43 @@
-FROM python:3.11.10-slim-bookworm AS builder
+FROM debian:13-slim AS builder
 
 # Set environment variables
-ENV PYTHONDONTWRITEBYTECODE 1
-ENV PYTHONUNBUFFERED 1
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PYTHONUNBUFFERED=1
+ENV DEBIAN_FRONTEND=noninteractive
 
 WORKDIR /app
 
 RUN echo 'Acquire::http::Pipeline-Depth 0;\nAcquire::http::No-Cache true;\nAcquire::BrokenProxy true;\n' > /etc/apt/apt.conf.d/99fixbadproxy
 
-RUN apt-get update --allow-releaseinfo-change --fix-missing
+# Install Node.js repository key and setup
+RUN apt-get update --allow-releaseinfo-change --fix-missing \
+    && apt-get install -y curl ca-certificates gnupg \
+    && mkdir -p /etc/apt/keyrings \
+    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
+    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
 
-# Install build dependencies
-RUN apt-get install -y build-essential 
-RUN apt-get install -y libpq5
-RUN apt-get install -y libz-dev
-RUN apt-get install -y libssl-dev
-RUN apt-get install -y postgresql-client
+# Update package list and install Python, Node.js, and build dependencies
+RUN apt-get update \
+    && apt-get install -y \
+    python3.13 \
+    python3.13-dev \
+    python3.13-venv \
+    python3-pip \
+    build-essential \
+    libpq5 \
+    libz-dev \
+    libssl-dev \
+    postgresql-client \
+    nodejs \
+    && rm -rf /var/lib/apt/lists/*
 
 ENV POETRY_HOME=/opt/poetry
 ENV POETRY_NO_INTERACTION=1
-ENV POETRY_VIRTUALENVS_CREATE=false
+ENV POETRY_VIRTUALENVS_CREATE=true
+ENV POETRY_VIRTUALENVS_IN_PROJECT=true
 ENV PATH=/opt/poetry/bin:$PATH
 
-# Upgrade pip and setuptools to fix security vulnerabilities
-RUN pip3 install --upgrade pip setuptools
-
-RUN pip3 install poetry
+RUN pip3 install poetry --break-system-packages
 
 # Copy and install dependencies
 COPY autogpt_platform/autogpt_libs /app/autogpt_platform/autogpt_libs
@@ -35,29 +47,39 @@ RUN poetry install --no-ansi --no-root
 
 # Generate Prisma client
 COPY autogpt_platform/backend/schema.prisma ./
-RUN poetry run prisma generate
+COPY autogpt_platform/backend/backend/data/partial_types.py ./backend/data/partial_types.py
+COPY autogpt_platform/backend/gen_prisma_types_stub.py ./
+RUN poetry run prisma generate && poetry run gen-prisma-stub
 
-FROM python:3.11.10-slim-bookworm AS server_dependencies
+FROM debian:13-slim AS server_dependencies
 
 WORKDIR /app
 
 ENV POETRY_HOME=/opt/poetry \
     POETRY_NO_INTERACTION=1 \
-    POETRY_VIRTUALENVS_CREATE=false
+    POETRY_VIRTUALENVS_CREATE=true \
+    POETRY_VIRTUALENVS_IN_PROJECT=true \
+    DEBIAN_FRONTEND=noninteractive
 ENV PATH=/opt/poetry/bin:$PATH
 
-# Upgrade pip and setuptools to fix security vulnerabilities
-RUN pip3 install --upgrade pip setuptools
+# Install Python without upgrading system-managed packages
+RUN apt-get update && apt-get install -y \
+    python3.13 \
+    python3-pip \
+    && rm -rf /var/lib/apt/lists/*
 
 # Copy only necessary files from builder
 COPY --from=builder /app /app
-COPY --from=builder /usr/local/lib/python3.11 /usr/local/lib/python3.11
-COPY --from=builder /usr/local/bin /usr/local/bin
-# Copy Prisma binaries
+COPY --from=builder /usr/local/lib/python3* /usr/local/lib/python3*
+COPY --from=builder /usr/local/bin/poetry /usr/local/bin/poetry
+# Copy Node.js installation for Prisma
+COPY --from=builder /usr/bin/node /usr/bin/node
+COPY --from=builder /usr/lib/node_modules /usr/lib/node_modules
+COPY --from=builder /usr/bin/npm /usr/bin/npm
+COPY --from=builder /usr/bin/npx /usr/bin/npx
 COPY --from=builder /root/.cache/prisma-python/binaries /root/.cache/prisma-python/binaries
 
-
-ENV PATH="/app/.venv/bin:$PATH"
+ENV PATH="/app/autogpt_platform/backend/.venv/bin:$PATH"
 
 RUN mkdir -p /app/autogpt_platform/autogpt_libs
 RUN mkdir -p /app/autogpt_platform/backend
@@ -68,6 +90,13 @@ COPY autogpt_platform/backend/poetry.lock autogpt_platform/backend/pyproject.tom
 
 WORKDIR /app/autogpt_platform/backend
 
+FROM server_dependencies AS migrate
+
+# Migration stage only needs schema and migrations - much lighter than full backend
+COPY autogpt_platform/backend/schema.prisma /app/autogpt_platform/backend/
+COPY autogpt_platform/backend/backend/data/partial_types.py /app/autogpt_platform/backend/backend/data/partial_types.py
+COPY autogpt_platform/backend/migrations /app/autogpt_platform/backend/migrations
+
 FROM server_dependencies AS server
 
 COPY autogpt_platform/backend /app/autogpt_platform/backend

autogpt_platform/backend/TESTING.md

@@ -108,7 +108,7 @@ import fastapi.testclient
 import pytest
 from pytest_snapshot.plugin import Snapshot
 
-from backend.server.v2.myroute import router
+from backend.api.features.myroute import router
 
 app = fastapi.FastAPI()
 app.include_router(router)
@@ -132,17 +132,58 @@ def test_endpoint_success(snapshot: Snapshot):
 
 ### Testing with Authentication
 
+For the main API routes that use JWT authentication, auth is provided by the `autogpt_libs.auth` module. If the test actually uses the `user_id`, the recommended approach for testing is to mock the `get_jwt_payload` function, which underpins all higher-level auth functions used in the API (`requires_user`, `requires_admin_user`, `get_user_id`).
+
+If the test doesn't need the `user_id` specifically, mocking is not necessary as during tests auth is disabled anyway (see `conftest.py`).
+
+#### Using Global Auth Fixtures
+
+Two global auth fixtures are provided by `backend/server/conftest.py`:
+
+- `mock_jwt_user` - Regular user with `test_user_id` ("test-user-id")
+- `mock_jwt_admin` - Admin user with `admin_user_id` ("admin-user-id")
+
+These provide the easiest way to set up authentication mocking in test modules:
+
 ```python
-def override_auth_middleware():
-    return {"sub": "test-user-id"}
+import fastapi
+import fastapi.testclient
+import pytest
+from backend.api.features.myroute import router
 
-def override_get_user_id():
-    return "test-user-id"
+app = fastapi.FastAPI()
+app.include_router(router)
+client = fastapi.testclient.TestClient(app)
 
-app.dependency_overrides[auth_middleware] = override_auth_middleware
-app.dependency_overrides[get_user_id] = override_get_user_id
+@pytest.fixture(autouse=True)
+def setup_app_auth(mock_jwt_user):
+    """Setup auth overrides for all tests in this module"""
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    app.dependency_overrides[get_jwt_payload] = mock_jwt_user['get_jwt_payload']
+    yield
+    app.dependency_overrides.clear()
 ```
 
+For admin-only endpoints, use `mock_jwt_admin` instead:
+
+```python
+@pytest.fixture(autouse=True)
+def setup_app_auth(mock_jwt_admin):
+    """Setup auth overrides for admin tests"""
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    app.dependency_overrides[get_jwt_payload] = mock_jwt_admin['get_jwt_payload']
+    yield
+    app.dependency_overrides.clear()
+```
+
+The IDs are also available separately as fixtures:
+
+- `test_user_id`
+- `admin_user_id`
+- `target_user_id` (for admin <-> user operations)
+
 ### Mocking External Services
 
 ```python
@@ -153,10 +194,10 @@ def test_external_api_call(mocker, snapshot):
         "backend.services.external_api.call",
         return_value=mock_response
     )
-    
+
     response = client.post("/api/process")
     assert response.status_code == 200
-    
+
     snapshot.snapshot_dir = "snapshots"
     snapshot.assert_match(
         json.dumps(response.json(), indent=2, sort_keys=True),
@@ -187,6 +228,17 @@ def test_external_api_call(mocker, snapshot):
 - Use `async def` with `@pytest.mark.asyncio` for testing async functions directly
 
 ### 5. Fixtures
+
+#### Global Fixtures (conftest.py)
+
+Authentication fixtures are available globally from `conftest.py`:
+
+- `mock_jwt_user` - Standard user authentication
+- `mock_jwt_admin` - Admin user authentication
+- `configured_snapshot` - Pre-configured snapshot fixture
+
+#### Custom Fixtures
+
 Create reusable fixtures for common test data:
 
 ```python
@@ -202,9 +254,18 @@ def test_create_user(sample_user, snapshot):
     # ... test implementation
 ```
 
+#### Test Isolation
+
+All tests must use fixtures that ensure proper isolation:
+
+- Authentication overrides are automatically cleaned up after each test
+- Database connections are properly managed with cleanup
+- Mock objects are reset between tests
+
 ## CI/CD Integration
 
 The GitHub Actions workflow automatically runs tests on:
+
 - Pull requests
 - Pushes to main branch
 
@@ -216,16 +277,19 @@ Snapshot tests work in CI by:
 ## Troubleshooting
 
 ### Snapshot Mismatches
+
 - Review the diff carefully
 - If changes are expected: `poetry run pytest --snapshot-update`
 - If changes are unexpected: Fix the code causing the difference
 
 ### Async Test Issues
+
 - Ensure async functions use `@pytest.mark.asyncio`
 - Use `AsyncMock` for mocking async functions
 - FastAPI TestClient handles async automatically
 
 ### Import Errors
+
 - Check that all dependencies are in `pyproject.toml`
 - Run `poetry install` to ensure dependencies are installed
 - Verify import paths are correct
@@ -234,4 +298,4 @@ Snapshot tests work in CI by:
 
 Snapshot testing provides a powerful way to ensure API responses remain consistent. Combined with traditional assertions, it creates a robust test suite that catches regressions while remaining maintainable.
 
-Remember: Good tests are as important as good code!
+Remember: Good tests are as important as good code!

autogpt_platform/backend/agents/StoreAgent_rows.csv

@@ -0,0 +1,242 @@
+listing_id,storeListingVersionId,slug,agent_name,agent_video,agent_image,featured,sub_heading,description,categories,useForOnboarding,is_available
+6e60a900-9d7d-490e-9af2-a194827ed632,d85882b8-633f-44ce-a315-c20a8c123d19,flux-ai-image-generator,Flux AI Image Generator,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/ca154dd1-140e-454c-91bd-2d8a00de3f08.jpg"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/577d995d-bc38-40a9-a23f-1f30f5774bdb.jpg"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/415db1b7-115c-43ab-bd6c-4e9f7ef95be1.jpg""]",false,Transform ideas into breathtaking images,"Transform ideas into breathtaking images with this AI-powered Image Generator. Using cutting-edge Flux AI technology, the tool crafts highly detailed, photorealistic visuals from simple text prompts. Perfect for artists, marketers, and content creators, this generator produces unique images tailored to user specifications. From fantastical scenes to lifelike portraits, users can unleash creativity with professional-quality results in seconds. Easy to use and endlessly versatile, bring imagination to life with the AI Image Generator today!","[""creative""]",false,true
+f11fc6e9-6166-4676-ac5d-f07127b270c1,c775f60d-b99f-418b-8fe0-53172258c3ce,youtube-transcription-scraper,YouTube Transcription Scraper,https://youtu.be/H8S3pU68lGE,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/65bce54b-0124-4b0d-9e3e-f9b89d0dc99e.jpg""]",false,Fetch the transcriptions from the most popular YouTube videos in your chosen topic,"Effortlessly gather transcriptions from multiple YouTube videos with this agent. It scrapes and compiles video transcripts into a clean, organized list, making it easy to extract insights, quotes, or content from various sources in one go. Ideal for researchers, content creators, and marketers looking to quickly analyze or repurpose video content.","[""writing""]",false,true
+17908889-b599-4010-8e4f-bed19b8f3446,6e16e65a-ad34-4108-b4fd-4a23fced5ea2,business-ownerceo-finder,Decision Maker Lead Finder,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/1020d94e-b6a2-4fa7-bbdf-2c218b0de563.jpg""]",false,Contact CEOs today,"Find the key decision-makers you need, fast.
+
+This agent identifies business owners or CEOs of local companies in any area you choose. Simply enter what kind of businesses you’re looking for and where, and it will:
+
+* Search the area and gather public information
+* Return names, roles, and contact details when available
+* Provide smart Google search suggestions if details aren’t found
+
+Perfect for:
+
+* B2B sales teams seeking verified leads
+* Recruiters sourcing local talent
+* Researchers looking to connect with business leaders
+
+Save hours of manual searching and get straight to the people who matter most.","[""business""]",true,true
+72beca1d-45ea-4403-a7ce-e2af168ee428,415b7352-0dc6-4214-9d87-0ad3751b711d,smart-meeting-brief,Smart Meeting Prep,https://youtu.be/9ydZR2hkxaY,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/2f116ce1-63ae-4d39-a5cd-f514defc2b97.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/0a71a60a-2263-4f12-9836-9c76ab49f155.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/95327695-9184-403c-907a-a9d3bdafa6a5.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/2bc77788-790b-47d4-8a61-ce97b695e9f5.png""]",true,Business meeting briefings delivered daily,"Never walk into a meeting unprepared again. Every day at 4 pm, the Smart Meeting Prep Agent scans your calendar for tomorrow's external meetings. It reviews your past email exchanges, researches each participant's background and role, and compiles the insights into a concise briefing, so you can close your workday ready for tomorrow's calls.
+
+How It Works
+1. At 4 pm, the agent scans your calendar and identifies external meetings scheduled for the next day.
+2. It reviews recent email threads with each participant to surface key relationship history and communication context.
+3. It conducts online research to gather publicly available information on roles, company backgrounds, and relevant professional data.
+4. It produces a unified briefing for each participant, including past exchange highlights, profile notes, and strategic conversation points.","[""personal""]",true,true
+9fa5697a-617b-4fae-aea0-7dbbed279976,b8ceb480-a7a2-4c90-8513-181a49f7071f,automated-support-ai,Automated Support Agent,https://youtu.be/nBMfu_5sgDA,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/ed56febc-2205-4179-9e7e-505d8500b66c.png""]",true,Automate up to 80 percent of inbound support emails,"Overview:
+Support teams spend countless hours on basic tickets. This agent automates repetitive customer support tasks. It reads incoming requests, researches your knowledge base, and responds automatically when confident. When unsure, it escalates to a human for final resolution.
+
+How it Works:
+New support emails are routed to the agent.
+The agent checks internal documentation for answers.
+It measures confidence in the answer found and either replies directly or escalates to a human.
+
+Business Value:
+Automating the easy 80 percent of support tickets allows your team to focus on high-value, complex customer issues, improving efficiency and response times.","[""business""]",false,true
+2bdac92b-a12c-4131-bb46-0e3b89f61413,31daf49d-31d3-476b-aa4c-099abc59b458,unspirational-poster-maker,Unspirational Poster Maker,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/6a490dac-27e5-405f-a4c4-8d1c55b85060.jpg"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/d343fbb5-478c-4e38-94df-4337293b61f1.jpg""]",false,Because adulting is hard,"This witty AI agent generates hilariously relatable ""motivational"" posters that tackle the everyday struggles of procrastination, overthinking, and workplace chaos with a blend of absurdity and sarcasm. From goldfish facing impossible tasks to cats in existential crises, The Unspirational Poster Maker designs tongue-in-cheek graphics and captions that mock productivity clichés and embrace our collective struggles to ""get it together."" Perfect for adding a touch of humour to the workday, these posters remind us that sometimes, all we can do is laugh at the chaos.","[""creative""]",false,true
+9adf005e-2854-4cc7-98cf-f7103b92a7b7,a03b0d8c-4751-43d6-a54e-c3b7856ba4e3,ai-shortform-video-generator-create-viral-ready-content,AI Video Generator,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/8d2670b9-fea5-4966-a597-0a4511bffdc3.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/aabe8aec-0110-4ce7-a259-4f86fe8fe07d.png""]",false,Create Viral-Ready Shorts Content in Seconds,"OVERVIEW
+Transform any trending headline or broad topic into a polished, vertical short-form video in a single run.  
+The agent automates research, scriptwriting, metadata creation, and Revid.ai rendering, returning one ready-to-publish MP4 plus its title, script and hashtags.
+
+HOW IT WORKS
+1. Input a topic or an exact news headline.  
+2. The agent fetches live search results and selects the most engaging related story.  
+3. Key facts are summarised into concise research notes.  
+4. Claude writes a 30–35 second script with visual cues, a three-second hook, tension loops, and a call-to-action.  
+5. GPT-4o generates an eye-catching title and one or two discoverability hashtags.  
+6. The script is sent to a state-of-the-art AI video generator to render a single 9:16 MP4 (default: 720 p, 30 fps, voice “Brian”, style “movingImage”, music “Bladerunner 2049”).  
+   – All voice, style and resolution settings can be adjusted in the Builder before you press ""Run"".  
+7. Output delivered: Title, Script, Hashtags, Video URL.
+
+KEY USE CASES
+- Broad-topic explainers (e.g. “Artificial Intelligence” or “Climate Tech”).  
+- Real-time newsjacking with a specific breaking headline.  
+- Product-launch spotlights and quick event recaps while interest is high.  
+
+BUSINESS VALUE
+- One-click speed: from idea to finished video in minutes.  
+- Consistent brand look: Revid presets keep voice, style and aspect ratio on spec.  
+- No-code workflow: marketers create social video without design or development queues.  
+- Cloud convenience: Auto-GPT Cloud users are pre-configured with all required keys.  
+  Self-hosted users simply add OpenAI, Anthropic, Perplexity (OpenRouter/Jina) and Revid keys once.
+
+IMPORTANT NOTES
+- The agent outputs exactly one video per execution. Run it again for additional shorts.  
+- Video rendering time varies; AI-generated footage may take several minutes.","[""writing""]",false,true
+864e48ef-fee5-42c1-b6a4-2ae139db9fc1,55d40473-0f31-4ada-9e40-d3a7139fcbd4,automated-blog-writer,Automated SEO Blog Writer,https://youtu.be/nKcDCbDVobs,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/2dd5f95b-5b30-4bf8-a11b-bac776c5141a.jpg""]",true,"Automate research, writing, and publishing for high-ranking blog posts","Scale your blog with a fully automated content engine. The Automated SEO Blog Writer learns your brand voice, finds high-demand keywords, and creates SEO-optimized articles that attract organic traffic and boost visibility.
+
+How it works:
+
+1. Share your pitch, website, and values.
+2. The agent studies your site and uncovers proven SEO opportunities.
+3. It spends two hours researching and drafting each post.
+4. You set the cadence—publishing runs on autopilot.
+
+Business value: Consistently publish research-backed, optimized posts that build domain authority, rankings, and thought leadership while you focus on what matters most.
+
+Use cases:
+• Founders: Keep your blog active with no time drain.
+• Agencies: Deliver scalable SEO content for clients.
+• Strategists: Automate execution, focus on strategy.
+• Marketers: Drive steady organic growth.
+• Local businesses: Capture nearby search traffic.","[""writing""]",false,true
+6046f42e-eb84-406f-bae0-8e052064a4fa,a548e507-09a7-4b30-909c-f63fcda10fff,lead-finder-local-businesses,Lead Finder,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/abd6605f-d5f8-426b-af36-052e8ba5044f.webp""]",false,Auto-Prospect Like a Pro,"Turbo-charge your local lead generation with the AutoGPT Marketplace’s top Google Maps prospecting agent. “Lead Finder: Local Businesses” delivers verified, ready-to-contact prospects in any niche and city—so you can focus on closing, not searching.
+
+**WHAT IT DOES**
+• Searches Google Maps via the official API (no scraping)
+• Prompts like “dentists in Chicago” or “coffee shops near me”
+• Returns: Name, Website, Rating, Reviews, **Phone & Address**
+• Exports instantly to your CRM, sheet, or outreach workflow
+
+**WHY YOU’LL LOVE IT**
+✓ Hyper-targeted leads in minutes
+✓ Unlimited searches & locations
+✓ Zero CAPTCHAs or IP blocks
+✓ Works on AutoGPT Cloud or self-hosted (with your API key)
+✓ Cut prospecting time by 90%
+
+**PERFECT FOR**
+— Marketers & PPC agencies
+— SEO consultants & designers
+— SaaS founders & sales teams
+
+Stop scrolling directories—start filling your pipeline. Start now and let AI prospect while you profit.
+
+→ Click *Add to Library* and own your market today.","[""business""]",true,true
+f623c862-24e9-44fc-8ce8-d8282bb51ad2,eafa21d3-bf14-4f63-a97f-a5ee41df83b3,linkedin-post-generator,LinkedIn Post Generator,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/297f6a8e-81a8-43e2-b106-c7ad4a5662df.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/fceebdc1-aef6-4000-97fc-4ef587f56bda.png""]",false,Auto‑craft LinkedIn gold,"Create research‑driven, high‑impact LinkedIn posts in minutes. This agent searches YouTube for the best videos on your chosen topic, pulls their transcripts, and distils the most valuable insights into a polished post ready for your company page or personal feed.  
+
+FEATURES  
+• Automated YouTube research – discovers and analyses top‑ranked videos so you don’t have to  
+• AI‑curated synthesis – combines multiple transcripts into one authoritative narrative  
+• Full creative control – adjust style, tone, objective, opinion, clarity, target word count and number of videos  
+• LinkedIn‑optimised output – hook, 2‑3 key points, CTA, strategic line breaks, 3‑5 hashtags, no markdown  
+• One‑click publish – returns a ready‑to‑post text block (≤1 300 characters)  
+
+HOW IT WORKS  
+1. Enter a topic and your preferred writing parameters.  
+2. The agent builds a YouTube search, fetches the page, and extracts the top N video URLs.  
+3. It pulls each transcript, then feeds them—plus your settings—into Claude 3.5 Sonnet.  
+4. The model writes a concise, engaging post designed for maximum LinkedIn engagement.  
+
+USE CASES  
+• Thought‑leadership updates backed by fresh video research  
+• Rapid industry summaries after major events, webinars, or conferences  
+• Consistent LinkedIn content for busy founders, marketers, and creators  
+
+WHY YOU’LL LOVE IT  
+Save hours of manual research, avoid surface‑level hot‑takes, and publish posts that showcase real expertise—without the heavy lift.","[""writing""]",true,true
+7d4120ad-b6b3-4419-8bdb-7dd7d350ef32,e7bb29a1-23c7-4fee-aa3b-5426174b8c52,youtube-to-linkedin-post-converter,YouTube to LinkedIn Post Converter,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/f084b326-a708-4396-be51-7ba59ad2ef32.png""]",false,Transform Your YouTube Videos into Engaging LinkedIn Posts with AI,"WHAT IT DOES: 
+This agent converts YouTube video content into a LinkedIn post by analyzing the video's transcript. It provides you with a tailored post that reflects the core ideas, key takeaways, and tone of the original video, optimizing it for engagement on LinkedIn.
+
+HOW IT WORKS:
+- You provide the URL to the YouTube video (required)
+- You can choose the structure for the LinkedIn post (e.g., Personal Achievement Story, Lesson Learned, Thought Leadership, etc.)
+- You can also select the tone (e.g., Inspirational, Analytical, Conversational, etc.)
+- The transcript of the video is analyzed by the GPT-4 model and the Claude 3.5 Sonnet model
+- The models extract key insights, memorable quotes, and the main points from the video
+- You’ll receive a LinkedIn post, formatted according to your chosen structure and tone, optimized for professional engagement
+
+INPUTS:
+- Source YouTube Video – Provide the URL to the YouTube video
+- Structure – Choose the post format (e.g., Personal Achievement Story, Thought Leadership, etc.)
+- Content – Specify the main message or idea of the post (e.g., Hot Take, Key Takeaways, etc.)
+- Tone – Select the tone for the post (e.g., Conversational, Inspirational, etc.)
+
+OUTPUT:
+- LinkedIn Post – A well-crafted, AI-generated LinkedIn post with a professional tone, based on the video content and your specified preferences
+
+Perfect for content creators, marketers, and professionals who want to repurpose YouTube videos for LinkedIn and boost their professional branding.","[""writing""]",false,true
+c61d6a83-ea48-4df8-b447-3da2d9fe5814,00fdd42c-a14c-4d19-a567-65374ea0e87f,personalized-morning-coffee-newsletter,Personal Newsletter,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/f4b38e4c-8166-4caf-9411-96c9c4c82d4c.png""]",false,Start your day with personalized AI newsletters that deliver credibility and context for every interest or mood.,"This Personal Newsletter Agent provides a bespoke daily digest on your favorite topics and tone. Whether you prefer industry insights, lighthearted reads, or breaking news, this agent crafts your own unique newsletter to keep you informed and entertained.
+
+
+How It Works
+1. Enter your favorite topics, industries, or areas of interest.
+2. Choose your tone—professional, casual, or humorous.
+3. Set your preferred delivery cadence: daily or weekly.
+4. The agent scans top sources and compiles 3–5 engaging stories, insights, and fun facts into a conversational newsletter.
+
+Skip the morning scroll and enjoy a thoughtfully curated newsletter designed just for you. Stay ahead of trends, spark creative ideas, and enjoy an effortless, informed start to your day.
+
+
+Use Cases
+• Executives: Get a daily digest of market updates and leadership insights.
+• Marketers: Receive curated creative trends and campaign inspiration.
+• Entrepreneurs: Stay updated on your industry without information overload.","[""research""]",true,true
+e2e49cfc-4a39-4d62-a6b3-c095f6d025ff,fc2c9976-0962-4625-a27b-d316573a9e7f,email-address-finder,Email Scout - Contact Finder Assistant,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/da8a690a-7a8b-4c1d-b6f8-e2f840c0205d.jpg"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/6a2ac25c-1609-4881-8140-e6da2421afb3.jpg"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/26179263-fe06-45bd-b6a0-0754660a0a46.jpg""]",false,Find contact details from name and location using AI search,"Finding someone's professional email address can be time-consuming and frustrating. Manual searching across multiple websites, social profiles, and business directories often leads to dead ends or outdated information.
+
+Email Scout automates this process by intelligently searching across publicly available sources when you provide a person's name and location. Simply input basic information like ""Tim Cook, USA"" or ""Sarah Smith, London"" and let the AI assistant do the work of finding potential contact details.
+
+Key Features:
+- Quick search from just name and location
+- Scans multiple public sources
+- Automated AI-powered search process
+- Easy to use with simple inputs
+
+Perfect for recruiters, business development professionals, researchers, and anyone needing to establish professional contact.
+
+Note: This tool searches only publicly available information. Search results depend on what contact information people have made public. Some searches may not yield results if the information isn't publicly accessible.","[""""]",false,true
+81bcc372-0922-4a36-bc35-f7b1e51d6939,e437cc95-e671-489d-b915-76561fba8c7f,ai-youtube-to-blog-converter,YouTube Video to SEO Blog Writer,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/239e5a41-2515-4e1c-96ef-31d0d37ecbeb.webp"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/c7d96966-786f-4be6-ad7d-3a51c84efc0e.png"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/0275a74c-e2c2-4e29-a6e4-3a616c3c35dd.png""]",false,One link. One click. One powerful blog post.,"Effortlessly transform your YouTube videos into high-quality, SEO-optimized blog posts.
+
+Your videos deserve a second life—in writing.  
+Make your content work twice as hard by repurposing it into engaging, searchable articles.
+
+Perfect for content creators, marketers, and bloggers, this tool analyzes video content and generates well-structured blog posts tailored to your tone, audience, and word count. Just paste a YouTube URL and let the AI handle the rest.
+
+FEATURES
+
+• CONTENT ANALYSIS  
+  Extracts key points from the video while preserving your message and intent.
+
+• CUSTOMIZABLE OUTPUT  
+  Select a tone that fits your audience: casual, professional, educational, or formal.
+
+• SEO OPTIMIZATION  
+  Automatically creates engaging titles and structured subheadings for better search visibility.
+
+• USER-FRIENDLY  
+  Repurpose your videos into written content to expand your reach and improve accessibility.
+
+Whether you're looking to grow your blog, boost SEO, or simply get more out of your content, the AI YouTube-to-Blog Converter makes it effortless.
+","[""writing""]",true,true
+5c3510d2-fc8b-4053-8e19-67f53c86eb1a,f2cc74bb-f43f-4395-9c35-ecb30b5b4fc9,ai-webpage-copy-improver,AI Webpage Copy Improver,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/d562d26f-5891-4b09-8859-fbb205972313.jpg""]",false,Boost Your Website's Search Engine Performance,"Elevate your web content with this powerful AI Webpage Copy Improver. Designed for marketers, SEO specialists, and web developers, this tool analyses and enhances website copy for maximum impact. Using advanced language models, it optimizes text for better clarity, SEO performance, and increased conversion rates. The AI examines your existing content, identifies areas for improvement, and generates refined copy that maintains your brand voice while boosting engagement. From homepage headlines to product descriptions, transform your web presence with AI-driven insights. Improve readability, incorporate targeted keywords, and craft compelling calls-to-action - all with the click of a button. Take your digital marketing to the next level with the AI Webpage Copy Improver.","[""marketing""]",true,true
+94d03bd3-7d44-4d47-b60c-edb2f89508d6,b6f6f0d3-49f4-4e3b-8155-ffe9141b32c0,domain-name-finder,Domain Name Finder,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/28545e09-b2b8-4916-b4c6-67f982510a78.jpeg""]",false,Instantly generate brand-ready domain names that are actually available,"Overview:
+Finding a domain name that fits your brand shouldn’t take hours of searching and failed checks. The Domain Name Finder Agent turns your pitch into hundreds of creative, brand-ready domain ideas—filtered by live availability so every result is actionable.
+
+How It Works
+1. Input your product pitch, company name, or core keywords.
+2. The agent analyzes brand tone, audience, and industry context.
+3. It generates a list of unique, memorable domains that match your criteria.
+4. All names are pre-filtered for real-time availability, so you can register immediately.
+
+
+Business Value
+Save hours of guesswork and eliminate dead ends. Accelerate brand launches, startup naming, and campaign creation with ready-to-claim domains.
+
+
+Key Use Cases
+• Startup Founders: Quickly find brand-ready domains for MVP launches or rebrands.
+• Marketers: Test name options across campaigns with instant availability data.
+• Entrepreneurs: Validate ideas faster with instant domain options.","[""business""]",false,true
+7a831906-daab-426f-9d66-bcf98d869426,516d813b-d1bc-470f-add7-c63a4b2c2bad,ai-function,AI Function,,"[""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/620e8117-2ee1-4384-89e6-c2ef4ec3d9c9.webp"",""https://storage.googleapis.com/agpt-prod-website-artifacts/users/b3e41ea4-2f4c-4964-927c-fe682d857bad/images/476259e2-5a79-4a7b-8e70-deeebfca70d7.png""]",false,Never Code Again,"AI FUNCTION MAGIC  
+Your AI‑powered assistant for turning plain‑English descriptions into working Python functions.  
+
+HOW IT WORKS  
+1. Describe what the function should do.  
+2. Specify the inputs it needs.  
+3. Receive the generated Python code.  
+
+FEATURES  
+- Effortless Function Generation: convert natural‑language specs into complete functions.  
+- Customizable Inputs: define the parameters that matter to you.  
+- Versatile Use Cases: simulate data, automate tasks, prototype ideas.  
+- Seamless Integration: add the generated function directly to your codebase.  
+
+EXAMPLE  
+Request: “Create a function that generates 20 examples of fake people, each with a name, date of birth, job title, and age.”  
+Input parameter: number_of_people (default 20)  
+Result: a list of dictionaries such as  
+[  
+  { ""name"": ""Emma Martinez"",  ""date_of_birth"": ""1992‑11‑03"", ""job_title"": ""Data Analyst"",        ""age"": 32 },  
+  { ""name"": ""Liam O’Connor"",  ""date_of_birth"": ""1985‑07‑19"", ""job_title"": ""Marketing Manager"",  ""age"": 39 },  
+  …18 more entries…  
+]","[""development""]",false,true

autogpt_platform/backend/agents/agent_31daf49d-31d3-476b-aa4c-099abc59b458.json

@@ -0,0 +1,590 @@
+{
+  "id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+  "version": 29,
+  "is_active": false,
+  "name": "Unspirational Poster Maker",
+  "description": "This witty AI agent generates hilariously relatable \"motivational\" posters that tackle the everyday struggles of procrastination, overthinking, and workplace chaos with a blend of absurdity and sarcasm. From goldfish facing impossible tasks to cats in existential crises, The Unspirational Poster Maker designs tongue-in-cheek graphics and captions that mock productivity clich\u00e9s and embrace our collective struggles to \"get it together.\" Perfect for adding a touch of humour to the workday, these posters remind us that sometimes, all we can do is laugh at the chaos.",
+  "instructions": null,
+  "recommended_schedule_cron": null,
+  "nodes": [
+    {
+      "id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "Generated Image",
+        "description": "The resulting generated image ready for you to review and post."
+      },
+      "metadata": {
+        "position": {
+          "x": 2329.937006807125,
+          "y": 80.49068076698347
+        }
+      },
+      "input_links": [
+        {
+          "id": "c6c511e8-e6a4-4969-9bc8-f67d60c1e229",
+          "source_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        },
+        {
+          "id": "20845dda-91de-4508-8077-0504b1a5ae03",
+          "source_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        },
+        {
+          "id": "6524c611-774b-45e9-899d-9a6aa80c549c",
+          "source_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        },
+        {
+          "id": "714a0821-e5ba-4af7-9432-50491adda7b1",
+          "source_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "7e026d19-f9a6-412f-8082-610f9ba0c410",
+      "block_id": "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b",
+      "input_default": {
+        "name": "Theme",
+        "value": "Cooking"
+      },
+      "metadata": {
+        "position": {
+          "x": -1219.5966324967521,
+          "y": 80.50339731789956
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "8c2bd1f7-b17b-4835-81b6-bb336097aa7a",
+          "source_id": "7e026d19-f9a6-412f-8082-610f9ba0c410",
+          "sink_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_THEME",
+          "is_static": true
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+      "block_id": "6ab085e2-20b3-4055-bc3e-08036e01eca6",
+      "input_default": {
+        "upscale": "No Upscale"
+      },
+      "metadata": {
+        "position": {
+          "x": 1132.373897280427,
+          "y": 88.44610377514573
+        }
+      },
+      "input_links": [
+        {
+          "id": "54588c74-e090-4e49-89e4-844b9952a585",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "20845dda-91de-4508-8077-0504b1a5ae03",
+          "source_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+      "block_id": "6ab085e2-20b3-4055-bc3e-08036e01eca6",
+      "input_default": {
+        "upscale": "No Upscale"
+      },
+      "metadata": {
+        "position": {
+          "x": 590.7543882245375,
+          "y": 85.69546832466654
+        }
+      },
+      "input_links": [
+        {
+          "id": "66646786-3006-4417-a6b7-0158f2603d1d",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "6524c611-774b-45e9-899d-9a6aa80c549c",
+          "source_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+      "block_id": "6ab085e2-20b3-4055-bc3e-08036e01eca6",
+      "input_default": {
+        "upscale": "No Upscale"
+      },
+      "metadata": {
+        "position": {
+          "x": 60.48904654237981,
+          "y": 86.06183359510214
+        }
+      },
+      "input_links": [
+        {
+          "id": "201d3e03-bc06-4cee-846d-4c3c804d8857",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "714a0821-e5ba-4af7-9432-50491adda7b1",
+          "source_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+      "block_id": "6ab085e2-20b3-4055-bc3e-08036e01eca6",
+      "input_default": {
+        "prompt": "A cat sprawled dramatically across an important-looking document during a work-from-home meeting, making direct eye contact with the camera while knocking over a coffee mug in slow motion. Text Overlay: \"Chaos is a career path. Be the obstacle everyone has to work around.\"",
+        "upscale": "No Upscale"
+      },
+      "metadata": {
+        "position": {
+          "x": 1668.3572666956795,
+          "y": 89.69665262457966
+        }
+      },
+      "input_links": [
+        {
+          "id": "509b7587-1940-4a06-808d-edde9a74f400",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "c6c511e8-e6a4-4969-9bc8-f67d60c1e229",
+          "source_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+          "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "gpt-4o",
+        "prompt": "<example_output>\nA photo of a sloth lounging on a desk, with its head resting on a keyboard. The keyboard is on top of a laptop with a blank spreadsheet open. A to-do list is placed beside the laptop, with the top item written as \"Do literally anything\". There is a text overlay that says \"If you can't outwork them, outnap them.\".\n</example_output>\n\nCreate a relatable satirical, snarky, user-deprecating motivational style image based on the theme: \"{{THEME}}\".\n\nOutput only the image description and caption, without any additional commentary or formatting.",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": -561.1139207164056,
+          "y": 78.60434452403524
+        }
+      },
+      "input_links": [
+        {
+          "id": "8c2bd1f7-b17b-4835-81b6-bb336097aa7a",
+          "source_id": "7e026d19-f9a6-412f-8082-610f9ba0c410",
+          "sink_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_THEME",
+          "is_static": true
+        }
+      ],
+      "output_links": [
+        {
+          "id": "54588c74-e090-4e49-89e4-844b9952a585",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        },
+        {
+          "id": "201d3e03-bc06-4cee-846d-4c3c804d8857",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        },
+        {
+          "id": "509b7587-1940-4a06-808d-edde9a74f400",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        },
+        {
+          "id": "66646786-3006-4417-a6b7-0158f2603d1d",
+          "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+          "sink_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "graph_id": "7b2e2095-782a-4f8d-adda-e62b661bccf5",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    }
+  ],
+  "links": [
+    {
+      "id": "66646786-3006-4417-a6b7-0158f2603d1d",
+      "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "sink_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+      "source_name": "response",
+      "sink_name": "prompt",
+      "is_static": false
+    },
+    {
+      "id": "c6c511e8-e6a4-4969-9bc8-f67d60c1e229",
+      "source_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+      "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+      "source_name": "result",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "6524c611-774b-45e9-899d-9a6aa80c549c",
+      "source_id": "e7cdc1a2-4427-4a8a-a31b-63c8e74842f8",
+      "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+      "source_name": "result",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "20845dda-91de-4508-8077-0504b1a5ae03",
+      "source_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+      "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+      "source_name": "result",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "8c2bd1f7-b17b-4835-81b6-bb336097aa7a",
+      "source_id": "7e026d19-f9a6-412f-8082-610f9ba0c410",
+      "sink_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_THEME",
+      "is_static": true
+    },
+    {
+      "id": "201d3e03-bc06-4cee-846d-4c3c804d8857",
+      "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "sink_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+      "source_name": "response",
+      "sink_name": "prompt",
+      "is_static": false
+    },
+    {
+      "id": "714a0821-e5ba-4af7-9432-50491adda7b1",
+      "source_id": "576c5677-9050-4d1c-aad4-36b820c04fef",
+      "sink_id": "5ac3727a-1ea7-436b-a902-ef1bfd883a30",
+      "source_name": "result",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "54588c74-e090-4e49-89e4-844b9952a585",
+      "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "sink_id": "28bda769-b88b-44c9-be5c-52c2667f137e",
+      "source_name": "response",
+      "sink_name": "prompt",
+      "is_static": false
+    },
+    {
+      "id": "509b7587-1940-4a06-808d-edde9a74f400",
+      "source_id": "7543b9b0-0409-4cf8-bc4e-e0336273e2c4",
+      "sink_id": "86665e90-ffbf-48fb-ad3f-e5d31fd50c51",
+      "source_name": "response",
+      "sink_name": "prompt",
+      "is_static": false
+    }
+  ],
+  "forked_from_id": null,
+  "forked_from_version": null,
+  "sub_graphs": [],
+  "user_id": "",
+  "created_at": "2024-12-20T19:58:34.390Z",
+  "input_schema": {
+    "type": "object",
+    "properties": {
+      "Theme": {
+        "advanced": false,
+        "secret": false,
+        "title": "Theme",
+        "default": "Cooking"
+      }
+    },
+    "required": []
+  },
+  "output_schema": {
+    "type": "object",
+    "properties": {
+      "Generated Image": {
+        "advanced": false,
+        "secret": false,
+        "title": "Generated Image",
+        "description": "The resulting generated image ready for you to review and post."
+      }
+    },
+    "required": [
+      "Generated Image"
+    ]
+  },
+  "has_external_trigger": false,
+  "has_human_in_the_loop": false,
+  "trigger_setup_info": null,
+  "credentials_input_schema": {
+    "properties": {
+      "ideogram_api_key_credentials": {
+        "credentials_provider": [
+          "ideogram"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "ideogram",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.IDEOGRAM: 'ideogram'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator_values": []
+      },
+      "openai_api_key_credentials": {
+        "credentials_provider": [
+          "openai"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "openai",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.OPENAI: 'openai'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator": "model",
+        "discriminator_mapping": {
+          "Llama-3.3-70B-Instruct": "llama_api",
+          "Llama-3.3-8B-Instruct": "llama_api",
+          "Llama-4-Maverick-17B-128E-Instruct-FP8": "llama_api",
+          "Llama-4-Scout-17B-16E-Instruct-FP8": "llama_api",
+          "Qwen/Qwen2.5-72B-Instruct-Turbo": "aiml_api",
+          "amazon/nova-lite-v1": "open_router",
+          "amazon/nova-micro-v1": "open_router",
+          "amazon/nova-pro-v1": "open_router",
+          "claude-3-7-sonnet-20250219": "anthropic",
+          "claude-3-haiku-20240307": "anthropic",
+          "claude-haiku-4-5-20251001": "anthropic",
+          "claude-opus-4-1-20250805": "anthropic",
+          "claude-opus-4-20250514": "anthropic",
+          "claude-opus-4-5-20251101": "anthropic",
+          "claude-sonnet-4-20250514": "anthropic",
+          "claude-sonnet-4-5-20250929": "anthropic",
+          "cohere/command-r-08-2024": "open_router",
+          "cohere/command-r-plus-08-2024": "open_router",
+          "deepseek/deepseek-chat": "open_router",
+          "deepseek/deepseek-r1-0528": "open_router",
+          "dolphin-mistral:latest": "ollama",
+          "google/gemini-2.0-flash-001": "open_router",
+          "google/gemini-2.0-flash-lite-001": "open_router",
+          "google/gemini-2.5-flash": "open_router",
+          "google/gemini-2.5-flash-lite-preview-06-17": "open_router",
+          "google/gemini-2.5-pro-preview-03-25": "open_router",
+          "google/gemini-3-pro-preview": "open_router",
+          "gpt-3.5-turbo": "openai",
+          "gpt-4-turbo": "openai",
+          "gpt-4.1-2025-04-14": "openai",
+          "gpt-4.1-mini-2025-04-14": "openai",
+          "gpt-4o": "openai",
+          "gpt-4o-mini": "openai",
+          "gpt-5-2025-08-07": "openai",
+          "gpt-5-chat-latest": "openai",
+          "gpt-5-mini-2025-08-07": "openai",
+          "gpt-5-nano-2025-08-07": "openai",
+          "gpt-5.1-2025-11-13": "openai",
+          "gryphe/mythomax-l2-13b": "open_router",
+          "llama-3.1-8b-instant": "groq",
+          "llama-3.3-70b-versatile": "groq",
+          "llama3": "ollama",
+          "llama3.1:405b": "ollama",
+          "llama3.2": "ollama",
+          "llama3.3": "ollama",
+          "meta-llama/Llama-3.2-3B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Llama-3.3-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Meta-Llama-3.1-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/llama-4-maverick": "open_router",
+          "meta-llama/llama-4-scout": "open_router",
+          "microsoft/wizardlm-2-8x22b": "open_router",
+          "mistralai/mistral-nemo": "open_router",
+          "moonshotai/kimi-k2": "open_router",
+          "nousresearch/hermes-3-llama-3.1-405b": "open_router",
+          "nousresearch/hermes-3-llama-3.1-70b": "open_router",
+          "nvidia/llama-3.1-nemotron-70b-instruct": "aiml_api",
+          "o1": "openai",
+          "o1-mini": "openai",
+          "o3-2025-04-16": "openai",
+          "o3-mini": "openai",
+          "openai/gpt-oss-120b": "open_router",
+          "openai/gpt-oss-20b": "open_router",
+          "perplexity/sonar": "open_router",
+          "perplexity/sonar-deep-research": "open_router",
+          "perplexity/sonar-pro": "open_router",
+          "qwen/qwen3-235b-a22b-thinking-2507": "open_router",
+          "qwen/qwen3-coder": "open_router",
+          "v0-1.0-md": "v0",
+          "v0-1.5-lg": "v0",
+          "v0-1.5-md": "v0",
+          "x-ai/grok-4": "open_router",
+          "x-ai/grok-4-fast": "open_router",
+          "x-ai/grok-4.1-fast": "open_router",
+          "x-ai/grok-code-fast-1": "open_router"
+        },
+        "discriminator_values": [
+          "gpt-4o"
+        ]
+      }
+    },
+    "required": [
+      "ideogram_api_key_credentials",
+      "openai_api_key_credentials"
+    ],
+    "title": "UnspirationalPosterMakerCredentialsInputSchema",
+    "type": "object"
+  }
+}

autogpt_platform/backend/agents/agent_516d813b-d1bc-470f-add7-c63a4b2c2bad.json

@@ -0,0 +1,447 @@
+{
+  "id": "622849a7-5848-4838-894d-01f8f07e3fad",
+  "version": 18,
+  "is_active": true,
+  "name": "AI Function",
+  "description": "## AI-Powered Function Magic: Never code again!\nProvide a description of a python function and your inputs and AI will provide the results.",
+  "instructions": null,
+  "recommended_schedule_cron": null,
+  "nodes": [
+    {
+      "id": "26ff2973-3f9a-451d-b902-d45e5da0a7fe",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "return",
+        "title": null,
+        "value": null,
+        "format": "",
+        "secret": false,
+        "advanced": false,
+        "description": "The value returned by the function"
+      },
+      "metadata": {
+        "position": {
+          "x": 1598.8622921127233,
+          "y": 291.59140862204725
+        }
+      },
+      "input_links": [
+        {
+          "id": "caecc1de-fdbc-4fd9-9570-074057bb15f9",
+          "source_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "sink_id": "26ff2973-3f9a-451d-b902-d45e5da0a7fe",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "622849a7-5848-4838-894d-01f8f07e3fad",
+      "graph_version": 18,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "o3-mini",
+        "retry": 3,
+        "prompt": "{{ARGS}}",
+        "sys_prompt": "You are now the following python function:\n\n```\n# {{DESCRIPTION}}\n{{FUNCTION}}\n```\n\nThe user will provide your input arguments.\nOnly respond with your `return` value.\nDo not include any commentary or additional text in your response. \nDo not include ``` backticks or any other decorators.",
+        "ollama_host": "localhost:11434",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 995,
+          "y": 290.50000000000006
+        }
+      },
+      "input_links": [
+        {
+          "id": "dc7cb15f-76cc-4533-b96c-dd9e3f7f75ed",
+          "source_id": "4eab3a55-20f2-4c1d-804c-7377ba8202d2",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_FUNCTION",
+          "is_static": true
+        },
+        {
+          "id": "093bdca5-9f44-42f9-8e1c-276dd2971675",
+          "source_id": "844530de-2354-46d8-b748-67306b7bbca1",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_ARGS",
+          "is_static": true
+        },
+        {
+          "id": "6c63d8ee-b63d-4ff6-bae0-7db8f99bb7af",
+          "source_id": "0fd6ef54-c1cd-478d-b764-17e40f882b99",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_DESCRIPTION",
+          "is_static": true
+        }
+      ],
+      "output_links": [
+        {
+          "id": "caecc1de-fdbc-4fd9-9570-074057bb15f9",
+          "source_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "sink_id": "26ff2973-3f9a-451d-b902-d45e5da0a7fe",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "622849a7-5848-4838-894d-01f8f07e3fad",
+      "graph_version": 18,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "4eab3a55-20f2-4c1d-804c-7377ba8202d2",
+      "block_id": "7fcd3bcb-8e1b-4e69-903d-32d3d4a92158",
+      "input_default": {
+        "name": "Function Definition",
+        "title": null,
+        "value": "def fake_people(n: int) -> list[dict]:",
+        "secret": false,
+        "advanced": false,
+        "description": "The function definition (text). This is what you would type on the first line of the function when programming.\n\ne.g \"def fake_people(n: int) -> list[dict]:\"",
+        "placeholder_values": []
+      },
+      "metadata": {
+        "position": {
+          "x": -672.6908629664215,
+          "y": 302.42044359789116
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "dc7cb15f-76cc-4533-b96c-dd9e3f7f75ed",
+          "source_id": "4eab3a55-20f2-4c1d-804c-7377ba8202d2",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_FUNCTION",
+          "is_static": true
+        }
+      ],
+      "graph_id": "622849a7-5848-4838-894d-01f8f07e3fad",
+      "graph_version": 18,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "844530de-2354-46d8-b748-67306b7bbca1",
+      "block_id": "7fcd3bcb-8e1b-4e69-903d-32d3d4a92158",
+      "input_default": {
+        "name": "Arguments",
+        "title": null,
+        "value": "20",
+        "secret": false,
+        "advanced": false,
+        "description": "The function's inputs\n\ne.g \"20\"",
+        "placeholder_values": []
+      },
+      "metadata": {
+        "position": {
+          "x": -158.1623599617334,
+          "y": 295.410856928333
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "093bdca5-9f44-42f9-8e1c-276dd2971675",
+          "source_id": "844530de-2354-46d8-b748-67306b7bbca1",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_ARGS",
+          "is_static": true
+        }
+      ],
+      "graph_id": "622849a7-5848-4838-894d-01f8f07e3fad",
+      "graph_version": 18,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "0fd6ef54-c1cd-478d-b764-17e40f882b99",
+      "block_id": "90a56ffb-7024-4b2b-ab50-e26c5e5ab8ba",
+      "input_default": {
+        "name": "Description",
+        "title": null,
+        "value": "Generates n examples of fake data representing people, each with a name, DoB, Job title, and an age.",
+        "secret": false,
+        "advanced": false,
+        "description": "Describe what the function does.\n\ne.g \"Generates n examples of fake data representing people, each with a name, DoB, Job title, and an age.\"",
+        "placeholder_values": []
+      },
+      "metadata": {
+        "position": {
+          "x": 374.4548658057796,
+          "y": 290.3779121974126
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "6c63d8ee-b63d-4ff6-bae0-7db8f99bb7af",
+          "source_id": "0fd6ef54-c1cd-478d-b764-17e40f882b99",
+          "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_DESCRIPTION",
+          "is_static": true
+        }
+      ],
+      "graph_id": "622849a7-5848-4838-894d-01f8f07e3fad",
+      "graph_version": 18,
+      "webhook_id": null,
+      "webhook": null
+    }
+  ],
+  "links": [
+    {
+      "id": "caecc1de-fdbc-4fd9-9570-074057bb15f9",
+      "source_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+      "sink_id": "26ff2973-3f9a-451d-b902-d45e5da0a7fe",
+      "source_name": "response",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "6c63d8ee-b63d-4ff6-bae0-7db8f99bb7af",
+      "source_id": "0fd6ef54-c1cd-478d-b764-17e40f882b99",
+      "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_DESCRIPTION",
+      "is_static": true
+    },
+    {
+      "id": "093bdca5-9f44-42f9-8e1c-276dd2971675",
+      "source_id": "844530de-2354-46d8-b748-67306b7bbca1",
+      "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_ARGS",
+      "is_static": true
+    },
+    {
+      "id": "dc7cb15f-76cc-4533-b96c-dd9e3f7f75ed",
+      "source_id": "4eab3a55-20f2-4c1d-804c-7377ba8202d2",
+      "sink_id": "c5d16ee4-de9e-4d93-bf32-ac2d15760d5b",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_FUNCTION",
+      "is_static": true
+    }
+  ],
+  "forked_from_id": null,
+  "forked_from_version": null,
+  "sub_graphs": [],
+  "user_id": "",
+  "created_at": "2025-04-19T17:10:48.857Z",
+  "input_schema": {
+    "type": "object",
+    "properties": {
+      "Function Definition": {
+        "advanced": false,
+        "anyOf": [
+          {
+            "format": "short-text",
+            "type": "string"
+          },
+          {
+            "type": "null"
+          }
+        ],
+        "secret": false,
+        "title": "Function Definition",
+        "description": "The function definition (text). This is what you would type on the first line of the function when programming.\n\ne.g \"def fake_people(n: int) -> list[dict]:\"",
+        "default": "def fake_people(n: int) -> list[dict]:"
+      },
+      "Arguments": {
+        "advanced": false,
+        "anyOf": [
+          {
+            "format": "short-text",
+            "type": "string"
+          },
+          {
+            "type": "null"
+          }
+        ],
+        "secret": false,
+        "title": "Arguments",
+        "description": "The function's inputs\n\ne.g \"20\"",
+        "default": "20"
+      },
+      "Description": {
+        "advanced": false,
+        "anyOf": [
+          {
+            "format": "long-text",
+            "type": "string"
+          },
+          {
+            "type": "null"
+          }
+        ],
+        "secret": false,
+        "title": "Description",
+        "description": "Describe what the function does.\n\ne.g \"Generates n examples of fake data representing people, each with a name, DoB, Job title, and an age.\"",
+        "default": "Generates n examples of fake data representing people, each with a name, DoB, Job title, and an age."
+      }
+    },
+    "required": []
+  },
+  "output_schema": {
+    "type": "object",
+    "properties": {
+      "return": {
+        "advanced": false,
+        "secret": false,
+        "title": "return",
+        "description": "The value returned by the function"
+      }
+    },
+    "required": [
+      "return"
+    ]
+  },
+  "has_external_trigger": false,
+  "has_human_in_the_loop": false,
+  "trigger_setup_info": null,
+  "credentials_input_schema": {
+    "properties": {
+      "openai_api_key_credentials": {
+        "credentials_provider": [
+          "openai"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "openai",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.OPENAI: 'openai'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator": "model",
+        "discriminator_mapping": {
+          "Llama-3.3-70B-Instruct": "llama_api",
+          "Llama-3.3-8B-Instruct": "llama_api",
+          "Llama-4-Maverick-17B-128E-Instruct-FP8": "llama_api",
+          "Llama-4-Scout-17B-16E-Instruct-FP8": "llama_api",
+          "Qwen/Qwen2.5-72B-Instruct-Turbo": "aiml_api",
+          "amazon/nova-lite-v1": "open_router",
+          "amazon/nova-micro-v1": "open_router",
+          "amazon/nova-pro-v1": "open_router",
+          "claude-3-7-sonnet-20250219": "anthropic",
+          "claude-3-haiku-20240307": "anthropic",
+          "claude-haiku-4-5-20251001": "anthropic",
+          "claude-opus-4-1-20250805": "anthropic",
+          "claude-opus-4-20250514": "anthropic",
+          "claude-opus-4-5-20251101": "anthropic",
+          "claude-sonnet-4-20250514": "anthropic",
+          "claude-sonnet-4-5-20250929": "anthropic",
+          "cohere/command-r-08-2024": "open_router",
+          "cohere/command-r-plus-08-2024": "open_router",
+          "deepseek/deepseek-chat": "open_router",
+          "deepseek/deepseek-r1-0528": "open_router",
+          "dolphin-mistral:latest": "ollama",
+          "google/gemini-2.0-flash-001": "open_router",
+          "google/gemini-2.0-flash-lite-001": "open_router",
+          "google/gemini-2.5-flash": "open_router",
+          "google/gemini-2.5-flash-lite-preview-06-17": "open_router",
+          "google/gemini-2.5-pro-preview-03-25": "open_router",
+          "google/gemini-3-pro-preview": "open_router",
+          "gpt-3.5-turbo": "openai",
+          "gpt-4-turbo": "openai",
+          "gpt-4.1-2025-04-14": "openai",
+          "gpt-4.1-mini-2025-04-14": "openai",
+          "gpt-4o": "openai",
+          "gpt-4o-mini": "openai",
+          "gpt-5-2025-08-07": "openai",
+          "gpt-5-chat-latest": "openai",
+          "gpt-5-mini-2025-08-07": "openai",
+          "gpt-5-nano-2025-08-07": "openai",
+          "gpt-5.1-2025-11-13": "openai",
+          "gryphe/mythomax-l2-13b": "open_router",
+          "llama-3.1-8b-instant": "groq",
+          "llama-3.3-70b-versatile": "groq",
+          "llama3": "ollama",
+          "llama3.1:405b": "ollama",
+          "llama3.2": "ollama",
+          "llama3.3": "ollama",
+          "meta-llama/Llama-3.2-3B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Llama-3.3-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Meta-Llama-3.1-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/llama-4-maverick": "open_router",
+          "meta-llama/llama-4-scout": "open_router",
+          "microsoft/wizardlm-2-8x22b": "open_router",
+          "mistralai/mistral-nemo": "open_router",
+          "moonshotai/kimi-k2": "open_router",
+          "nousresearch/hermes-3-llama-3.1-405b": "open_router",
+          "nousresearch/hermes-3-llama-3.1-70b": "open_router",
+          "nvidia/llama-3.1-nemotron-70b-instruct": "aiml_api",
+          "o1": "openai",
+          "o1-mini": "openai",
+          "o3-2025-04-16": "openai",
+          "o3-mini": "openai",
+          "openai/gpt-oss-120b": "open_router",
+          "openai/gpt-oss-20b": "open_router",
+          "perplexity/sonar": "open_router",
+          "perplexity/sonar-deep-research": "open_router",
+          "perplexity/sonar-pro": "open_router",
+          "qwen/qwen3-235b-a22b-thinking-2507": "open_router",
+          "qwen/qwen3-coder": "open_router",
+          "v0-1.0-md": "v0",
+          "v0-1.5-lg": "v0",
+          "v0-1.5-md": "v0",
+          "x-ai/grok-4": "open_router",
+          "x-ai/grok-4-fast": "open_router",
+          "x-ai/grok-4.1-fast": "open_router",
+          "x-ai/grok-code-fast-1": "open_router"
+        },
+        "discriminator_values": [
+          "o3-mini"
+        ]
+      }
+    },
+    "required": [
+      "openai_api_key_credentials"
+    ],
+    "title": "AIFunctionCredentialsInputSchema",
+    "type": "object"
+  }
+}

autogpt_platform/backend/agents/agent_d85882b8-633f-44ce-a315-c20a8c123d19.json

@@ -0,0 +1,403 @@
+{
+  "id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+  "version": 12,
+  "is_active": true,
+  "name": "Flux AI Image Generator",
+  "description": "Transform ideas into breathtaking images with this AI-powered Image Generator. Using cutting-edge Flux AI technology, the tool crafts highly detailed, photorealistic visuals from simple text prompts. Perfect for artists, marketers, and content creators, this generator produces unique images tailored to user specifications. From fantastical scenes to lifelike portraits, users can unleash creativity with professional-quality results in seconds. Easy to use and endlessly versatile, bring imagination to life with the AI Image Generator today!",
+  "instructions": null,
+  "recommended_schedule_cron": null,
+  "nodes": [
+    {
+      "id": "7482c59d-725f-4686-82b9-0dfdc4e92316",
+      "block_id": "cc10ff7b-7753-4ff2-9af6-9399b1a7eddc",
+      "input_default": {
+        "text": "Press the \"Advanced\" toggle and input your replicate API key.\n\nYou can get one here:\nhttps://replicate.com/account/api-tokens\n"
+      },
+      "metadata": {
+        "position": {
+          "x": 872.8268131538296,
+          "y": 614.9436919065381
+        }
+      },
+      "input_links": [],
+      "output_links": [],
+      "graph_id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "0d1dec1a-e4ee-4349-9673-449a01bbf14e",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "Generated Image"
+      },
+      "metadata": {
+        "position": {
+          "x": 1453.6844137728922,
+          "y": 963.2466395125115
+        }
+      },
+      "input_links": [
+        {
+          "id": "06665d23-2f3d-4445-8f22-573446fcff5b",
+          "source_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+          "sink_id": "0d1dec1a-e4ee-4349-9673-449a01bbf14e",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "6f24c45f-1548-4eda-9784-da06ce0abef8",
+      "block_id": "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b",
+      "input_default": {
+        "name": "Image Subject",
+        "value": "Otto the friendly, purple \"Chief Automation Octopus\" helping people automate their tedious tasks.",
+        "description": "The subject of the image"
+      },
+      "metadata": {
+        "position": {
+          "x": -314.43009631839783,
+          "y": 962.935949165938
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "1077c61a-a32a-4ed7-becf-11bcf835b914",
+          "source_id": "6f24c45f-1548-4eda-9784-da06ce0abef8",
+          "sink_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_TOPIC",
+          "is_static": true
+        }
+      ],
+      "graph_id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+      "block_id": "90f8c45e-e983-4644-aa0b-b4ebe2f531bc",
+      "input_default": {
+        "prompt": "dog",
+        "output_format": "png",
+        "replicate_model_name": "Flux Pro 1.1"
+      },
+      "metadata": {
+        "position": {
+          "x": 873.0119949791526,
+          "y": 966.1604399052493
+        }
+      },
+      "input_links": [
+        {
+          "id": "a17ec505-9377-4700-8fe0-124ca81d43a9",
+          "source_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+          "sink_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "06665d23-2f3d-4445-8f22-573446fcff5b",
+          "source_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+          "sink_id": "0d1dec1a-e4ee-4349-9673-449a01bbf14e",
+          "source_name": "result",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "gpt-4o-mini",
+        "prompt": "Generate an incredibly detailed, photorealistic image prompt about {{TOPIC}}, describing the camera it's taken with and prompting the diffusion model to use all the best quality techniques.\n\nOutput only the prompt with no additional commentary.",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 277.3057034159709,
+          "y": 962.8382498113764
+        }
+      },
+      "input_links": [
+        {
+          "id": "1077c61a-a32a-4ed7-becf-11bcf835b914",
+          "source_id": "6f24c45f-1548-4eda-9784-da06ce0abef8",
+          "sink_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_TOPIC",
+          "is_static": true
+        }
+      ],
+      "output_links": [
+        {
+          "id": "a17ec505-9377-4700-8fe0-124ca81d43a9",
+          "source_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+          "sink_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+          "source_name": "response",
+          "sink_name": "prompt",
+          "is_static": false
+        }
+      ],
+      "graph_id": "ed2091cf-5b27-45a9-b3ea-42396f95b256",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    }
+  ],
+  "links": [
+    {
+      "id": "1077c61a-a32a-4ed7-becf-11bcf835b914",
+      "source_id": "6f24c45f-1548-4eda-9784-da06ce0abef8",
+      "sink_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_TOPIC",
+      "is_static": true
+    },
+    {
+      "id": "06665d23-2f3d-4445-8f22-573446fcff5b",
+      "source_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+      "sink_id": "0d1dec1a-e4ee-4349-9673-449a01bbf14e",
+      "source_name": "result",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "a17ec505-9377-4700-8fe0-124ca81d43a9",
+      "source_id": "0d1bca9a-d9b8-4bfd-a19c-fe50b54f4b12",
+      "sink_id": "50bc23e9-f2b7-4959-8710-99679ed9eeea",
+      "source_name": "response",
+      "sink_name": "prompt",
+      "is_static": false
+    }
+  ],
+  "forked_from_id": null,
+  "forked_from_version": null,
+  "sub_graphs": [],
+  "user_id": "",
+  "created_at": "2024-12-20T18:46:11.492Z",
+  "input_schema": {
+    "type": "object",
+    "properties": {
+      "Image Subject": {
+        "advanced": false,
+        "secret": false,
+        "title": "Image Subject",
+        "description": "The subject of the image",
+        "default": "Otto the friendly, purple \"Chief Automation Octopus\" helping people automate their tedious tasks."
+      }
+    },
+    "required": []
+  },
+  "output_schema": {
+    "type": "object",
+    "properties": {
+      "Generated Image": {
+        "advanced": false,
+        "secret": false,
+        "title": "Generated Image"
+      }
+    },
+    "required": [
+      "Generated Image"
+    ]
+  },
+  "has_external_trigger": false,
+  "has_human_in_the_loop": false,
+  "trigger_setup_info": null,
+  "credentials_input_schema": {
+    "properties": {
+      "replicate_api_key_credentials": {
+        "credentials_provider": [
+          "replicate"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "replicate",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.REPLICATE: 'replicate'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator_values": []
+      },
+      "openai_api_key_credentials": {
+        "credentials_provider": [
+          "openai"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "openai",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.OPENAI: 'openai'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator": "model",
+        "discriminator_mapping": {
+          "Llama-3.3-70B-Instruct": "llama_api",
+          "Llama-3.3-8B-Instruct": "llama_api",
+          "Llama-4-Maverick-17B-128E-Instruct-FP8": "llama_api",
+          "Llama-4-Scout-17B-16E-Instruct-FP8": "llama_api",
+          "Qwen/Qwen2.5-72B-Instruct-Turbo": "aiml_api",
+          "amazon/nova-lite-v1": "open_router",
+          "amazon/nova-micro-v1": "open_router",
+          "amazon/nova-pro-v1": "open_router",
+          "claude-3-7-sonnet-20250219": "anthropic",
+          "claude-3-haiku-20240307": "anthropic",
+          "claude-haiku-4-5-20251001": "anthropic",
+          "claude-opus-4-1-20250805": "anthropic",
+          "claude-opus-4-20250514": "anthropic",
+          "claude-opus-4-5-20251101": "anthropic",
+          "claude-sonnet-4-20250514": "anthropic",
+          "claude-sonnet-4-5-20250929": "anthropic",
+          "cohere/command-r-08-2024": "open_router",
+          "cohere/command-r-plus-08-2024": "open_router",
+          "deepseek/deepseek-chat": "open_router",
+          "deepseek/deepseek-r1-0528": "open_router",
+          "dolphin-mistral:latest": "ollama",
+          "google/gemini-2.0-flash-001": "open_router",
+          "google/gemini-2.0-flash-lite-001": "open_router",
+          "google/gemini-2.5-flash": "open_router",
+          "google/gemini-2.5-flash-lite-preview-06-17": "open_router",
+          "google/gemini-2.5-pro-preview-03-25": "open_router",
+          "google/gemini-3-pro-preview": "open_router",
+          "gpt-3.5-turbo": "openai",
+          "gpt-4-turbo": "openai",
+          "gpt-4.1-2025-04-14": "openai",
+          "gpt-4.1-mini-2025-04-14": "openai",
+          "gpt-4o": "openai",
+          "gpt-4o-mini": "openai",
+          "gpt-5-2025-08-07": "openai",
+          "gpt-5-chat-latest": "openai",
+          "gpt-5-mini-2025-08-07": "openai",
+          "gpt-5-nano-2025-08-07": "openai",
+          "gpt-5.1-2025-11-13": "openai",
+          "gryphe/mythomax-l2-13b": "open_router",
+          "llama-3.1-8b-instant": "groq",
+          "llama-3.3-70b-versatile": "groq",
+          "llama3": "ollama",
+          "llama3.1:405b": "ollama",
+          "llama3.2": "ollama",
+          "llama3.3": "ollama",
+          "meta-llama/Llama-3.2-3B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Llama-3.3-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Meta-Llama-3.1-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/llama-4-maverick": "open_router",
+          "meta-llama/llama-4-scout": "open_router",
+          "microsoft/wizardlm-2-8x22b": "open_router",
+          "mistralai/mistral-nemo": "open_router",
+          "moonshotai/kimi-k2": "open_router",
+          "nousresearch/hermes-3-llama-3.1-405b": "open_router",
+          "nousresearch/hermes-3-llama-3.1-70b": "open_router",
+          "nvidia/llama-3.1-nemotron-70b-instruct": "aiml_api",
+          "o1": "openai",
+          "o1-mini": "openai",
+          "o3-2025-04-16": "openai",
+          "o3-mini": "openai",
+          "openai/gpt-oss-120b": "open_router",
+          "openai/gpt-oss-20b": "open_router",
+          "perplexity/sonar": "open_router",
+          "perplexity/sonar-deep-research": "open_router",
+          "perplexity/sonar-pro": "open_router",
+          "qwen/qwen3-235b-a22b-thinking-2507": "open_router",
+          "qwen/qwen3-coder": "open_router",
+          "v0-1.0-md": "v0",
+          "v0-1.5-lg": "v0",
+          "v0-1.5-md": "v0",
+          "x-ai/grok-4": "open_router",
+          "x-ai/grok-4-fast": "open_router",
+          "x-ai/grok-4.1-fast": "open_router",
+          "x-ai/grok-code-fast-1": "open_router"
+        },
+        "discriminator_values": [
+          "gpt-4o-mini"
+        ]
+      }
+    },
+    "required": [
+      "replicate_api_key_credentials",
+      "openai_api_key_credentials"
+    ],
+    "title": "FluxAIImageGeneratorCredentialsInputSchema",
+    "type": "object"
+  }
+}

autogpt_platform/backend/agents/agent_f2cc74bb-f43f-4395-9c35-ecb30b5b4fc9.json

@@ -0,0 +1,505 @@
+{
+  "id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+  "version": 12,
+  "is_active": true,
+  "name": "AI Webpage Copy Improver",
+  "description": "Elevate your web content with this powerful AI Webpage Copy Improver. Designed for marketers, SEO specialists, and web developers, this tool analyses and enhances website copy for maximum impact. Using advanced language models, it optimizes text for better clarity, SEO performance, and increased conversion rates. The AI examines your existing content, identifies areas for improvement, and generates refined copy that maintains your brand voice while boosting engagement. From homepage headlines to product descriptions, transform your web presence with AI-driven insights. Improve readability, incorporate targeted keywords, and craft compelling calls-to-action - all with the click of a button. Take your digital marketing to the next level with the AI Webpage Copy Improver.",
+  "instructions": null,
+  "recommended_schedule_cron": null,
+  "nodes": [
+    {
+      "id": "130ec496-f75d-4fe2-9cd6-8c00d08ea4a7",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "Improved Webpage Copy"
+      },
+      "metadata": {
+        "position": {
+          "x": 1039.5884372540172,
+          "y": -0.8359099621230968
+        }
+      },
+      "input_links": [
+        {
+          "id": "d4334477-3616-454f-a430-614ca27f5b36",
+          "source_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "sink_id": "130ec496-f75d-4fe2-9cd6-8c00d08ea4a7",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "cefccd07-fe70-4feb-bf76-46b20aaa5d35",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "Original Page Analysis",
+        "description": "Analysis of the webpage as it currently stands."
+      },
+      "metadata": {
+        "position": {
+          "x": 1037.7724103954706,
+          "y": -606.5934325506903
+        }
+      },
+      "input_links": [
+        {
+          "id": "f979ab78-0903-4f19-a7c2-a419d5d81aef",
+          "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "sink_id": "cefccd07-fe70-4feb-bf76-46b20aaa5d35",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "375f8bc3-afd9-4025-ad8e-9aeb329af7ce",
+      "block_id": "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b",
+      "input_default": {
+        "name": "Homepage URL",
+        "value": "https://agpt.co",
+        "description": "Enter the URL of the homepage you want to improve"
+      },
+      "metadata": {
+        "position": {
+          "x": -1195.1455674454749,
+          "y": 0
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "cbb12335-fefd-4560-9fff-98675130fbad",
+          "source_id": "375f8bc3-afd9-4025-ad8e-9aeb329af7ce",
+          "sink_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "source_name": "result",
+          "sink_name": "url",
+          "is_static": true
+        }
+      ],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+      "block_id": "436c3984-57fd-4b85-8e9a-459b356883bd",
+      "input_default": {
+        "raw_content": false
+      },
+      "metadata": {
+        "position": {
+          "x": -631.7330786555249,
+          "y": 1.9638396496230826
+        }
+      },
+      "input_links": [
+        {
+          "id": "cbb12335-fefd-4560-9fff-98675130fbad",
+          "source_id": "375f8bc3-afd9-4025-ad8e-9aeb329af7ce",
+          "sink_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "source_name": "result",
+          "sink_name": "url",
+          "is_static": true
+        }
+      ],
+      "output_links": [
+        {
+          "id": "adfa6113-77b3-4e32-b136-3e694b87553e",
+          "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "source_name": "content",
+          "sink_name": "prompt_values_#_CONTENT",
+          "is_static": false
+        },
+        {
+          "id": "5d5656fd-4208-4296-bc70-e39cc31caada",
+          "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "sink_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "source_name": "content",
+          "sink_name": "prompt_values_#_CONTENT",
+          "is_static": false
+        }
+      ],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "gpt-4o",
+        "prompt": "Current Webpage Content:\n```\n{{CONTENT}}\n```\n\nBased on the following analysis of the webpage content:\n\n```\n{{ANALYSIS}}\n```\n\nRewrite and improve the content to address the identified issues. Focus on:\n1. Enhancing clarity and readability\n2. Optimizing for SEO (suggest and incorporate relevant keywords)\n3. Improving calls-to-action for better conversion rates\n4. Refining the structure and organization\n5. Maintaining brand consistency while improving the overall tone\n\nProvide the improved content in HTML format inside a code-block with \"```\" backticks, preserving the original structure where appropriate. Also, include a brief summary of the changes made and their potential impact.",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 488.37278423303917,
+          "y": 0
+        }
+      },
+      "input_links": [
+        {
+          "id": "adfa6113-77b3-4e32-b136-3e694b87553e",
+          "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "source_name": "content",
+          "sink_name": "prompt_values_#_CONTENT",
+          "is_static": false
+        },
+        {
+          "id": "6bcca45d-c9d5-439e-ac43-e4a1264d8f57",
+          "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "source_name": "response",
+          "sink_name": "prompt_values_#_ANALYSIS",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "d4334477-3616-454f-a430-614ca27f5b36",
+          "source_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "sink_id": "130ec496-f75d-4fe2-9cd6-8c00d08ea4a7",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "08612ce2-625b-4c17-accd-3acace7b6477",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "gpt-4o",
+        "prompt": "Analyze the following webpage content and provide a detailed report on its current state, including strengths and weaknesses in terms of clarity, SEO optimization, and potential for conversion:\n\n{{CONTENT}}\n\nInclude observations on:\n1. Overall readability and clarity\n2. Use of keywords and SEO-friendly language\n3. Effectiveness of calls-to-action\n4. Structure and organization of content\n5. Tone and brand consistency",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": -72.66206703605442,
+          "y": -0.58403945075381
+        }
+      },
+      "input_links": [
+        {
+          "id": "5d5656fd-4208-4296-bc70-e39cc31caada",
+          "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+          "sink_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "source_name": "content",
+          "sink_name": "prompt_values_#_CONTENT",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "f979ab78-0903-4f19-a7c2-a419d5d81aef",
+          "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "sink_id": "cefccd07-fe70-4feb-bf76-46b20aaa5d35",
+          "source_name": "response",
+          "sink_name": "value",
+          "is_static": false
+        },
+        {
+          "id": "6bcca45d-c9d5-439e-ac43-e4a1264d8f57",
+          "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+          "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+          "source_name": "response",
+          "sink_name": "prompt_values_#_ANALYSIS",
+          "is_static": false
+        }
+      ],
+      "graph_id": "0d440799-44ba-4d6c-85b3-b3739f1e1287",
+      "graph_version": 12,
+      "webhook_id": null,
+      "webhook": null
+    }
+  ],
+  "links": [
+    {
+      "id": "adfa6113-77b3-4e32-b136-3e694b87553e",
+      "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+      "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+      "source_name": "content",
+      "sink_name": "prompt_values_#_CONTENT",
+      "is_static": false
+    },
+    {
+      "id": "d4334477-3616-454f-a430-614ca27f5b36",
+      "source_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+      "sink_id": "130ec496-f75d-4fe2-9cd6-8c00d08ea4a7",
+      "source_name": "response",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "5d5656fd-4208-4296-bc70-e39cc31caada",
+      "source_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+      "sink_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+      "source_name": "content",
+      "sink_name": "prompt_values_#_CONTENT",
+      "is_static": false
+    },
+    {
+      "id": "f979ab78-0903-4f19-a7c2-a419d5d81aef",
+      "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+      "sink_id": "cefccd07-fe70-4feb-bf76-46b20aaa5d35",
+      "source_name": "response",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "6bcca45d-c9d5-439e-ac43-e4a1264d8f57",
+      "source_id": "08612ce2-625b-4c17-accd-3acace7b6477",
+      "sink_id": "c9924577-70d8-4ccb-9106-6f796df09ef9",
+      "source_name": "response",
+      "sink_name": "prompt_values_#_ANALYSIS",
+      "is_static": false
+    },
+    {
+      "id": "cbb12335-fefd-4560-9fff-98675130fbad",
+      "source_id": "375f8bc3-afd9-4025-ad8e-9aeb329af7ce",
+      "sink_id": "b40595c6-dba3-4779-a129-cd4f01fff103",
+      "source_name": "result",
+      "sink_name": "url",
+      "is_static": true
+    }
+  ],
+  "forked_from_id": null,
+  "forked_from_version": null,
+  "sub_graphs": [],
+  "user_id": "",
+  "created_at": "2024-12-20T19:47:22.036Z",
+  "input_schema": {
+    "type": "object",
+    "properties": {
+      "Homepage URL": {
+        "advanced": false,
+        "secret": false,
+        "title": "Homepage URL",
+        "description": "Enter the URL of the homepage you want to improve",
+        "default": "https://agpt.co"
+      }
+    },
+    "required": []
+  },
+  "output_schema": {
+    "type": "object",
+    "properties": {
+      "Improved Webpage Copy": {
+        "advanced": false,
+        "secret": false,
+        "title": "Improved Webpage Copy"
+      },
+      "Original Page Analysis": {
+        "advanced": false,
+        "secret": false,
+        "title": "Original Page Analysis",
+        "description": "Analysis of the webpage as it currently stands."
+      }
+    },
+    "required": [
+      "Improved Webpage Copy",
+      "Original Page Analysis"
+    ]
+  },
+  "has_external_trigger": false,
+  "has_human_in_the_loop": false,
+  "trigger_setup_info": null,
+  "credentials_input_schema": {
+    "properties": {
+      "jina_api_key_credentials": {
+        "credentials_provider": [
+          "jina"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "jina",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.JINA: 'jina'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator_values": []
+      },
+      "openai_api_key_credentials": {
+        "credentials_provider": [
+          "openai"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "openai",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.OPENAI: 'openai'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator": "model",
+        "discriminator_mapping": {
+          "Llama-3.3-70B-Instruct": "llama_api",
+          "Llama-3.3-8B-Instruct": "llama_api",
+          "Llama-4-Maverick-17B-128E-Instruct-FP8": "llama_api",
+          "Llama-4-Scout-17B-16E-Instruct-FP8": "llama_api",
+          "Qwen/Qwen2.5-72B-Instruct-Turbo": "aiml_api",
+          "amazon/nova-lite-v1": "open_router",
+          "amazon/nova-micro-v1": "open_router",
+          "amazon/nova-pro-v1": "open_router",
+          "claude-3-7-sonnet-20250219": "anthropic",
+          "claude-3-haiku-20240307": "anthropic",
+          "claude-haiku-4-5-20251001": "anthropic",
+          "claude-opus-4-1-20250805": "anthropic",
+          "claude-opus-4-20250514": "anthropic",
+          "claude-opus-4-5-20251101": "anthropic",
+          "claude-sonnet-4-20250514": "anthropic",
+          "claude-sonnet-4-5-20250929": "anthropic",
+          "cohere/command-r-08-2024": "open_router",
+          "cohere/command-r-plus-08-2024": "open_router",
+          "deepseek/deepseek-chat": "open_router",
+          "deepseek/deepseek-r1-0528": "open_router",
+          "dolphin-mistral:latest": "ollama",
+          "google/gemini-2.0-flash-001": "open_router",
+          "google/gemini-2.0-flash-lite-001": "open_router",
+          "google/gemini-2.5-flash": "open_router",
+          "google/gemini-2.5-flash-lite-preview-06-17": "open_router",
+          "google/gemini-2.5-pro-preview-03-25": "open_router",
+          "google/gemini-3-pro-preview": "open_router",
+          "gpt-3.5-turbo": "openai",
+          "gpt-4-turbo": "openai",
+          "gpt-4.1-2025-04-14": "openai",
+          "gpt-4.1-mini-2025-04-14": "openai",
+          "gpt-4o": "openai",
+          "gpt-4o-mini": "openai",
+          "gpt-5-2025-08-07": "openai",
+          "gpt-5-chat-latest": "openai",
+          "gpt-5-mini-2025-08-07": "openai",
+          "gpt-5-nano-2025-08-07": "openai",
+          "gpt-5.1-2025-11-13": "openai",
+          "gryphe/mythomax-l2-13b": "open_router",
+          "llama-3.1-8b-instant": "groq",
+          "llama-3.3-70b-versatile": "groq",
+          "llama3": "ollama",
+          "llama3.1:405b": "ollama",
+          "llama3.2": "ollama",
+          "llama3.3": "ollama",
+          "meta-llama/Llama-3.2-3B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Llama-3.3-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Meta-Llama-3.1-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/llama-4-maverick": "open_router",
+          "meta-llama/llama-4-scout": "open_router",
+          "microsoft/wizardlm-2-8x22b": "open_router",
+          "mistralai/mistral-nemo": "open_router",
+          "moonshotai/kimi-k2": "open_router",
+          "nousresearch/hermes-3-llama-3.1-405b": "open_router",
+          "nousresearch/hermes-3-llama-3.1-70b": "open_router",
+          "nvidia/llama-3.1-nemotron-70b-instruct": "aiml_api",
+          "o1": "openai",
+          "o1-mini": "openai",
+          "o3-2025-04-16": "openai",
+          "o3-mini": "openai",
+          "openai/gpt-oss-120b": "open_router",
+          "openai/gpt-oss-20b": "open_router",
+          "perplexity/sonar": "open_router",
+          "perplexity/sonar-deep-research": "open_router",
+          "perplexity/sonar-pro": "open_router",
+          "qwen/qwen3-235b-a22b-thinking-2507": "open_router",
+          "qwen/qwen3-coder": "open_router",
+          "v0-1.0-md": "v0",
+          "v0-1.5-lg": "v0",
+          "v0-1.5-md": "v0",
+          "x-ai/grok-4": "open_router",
+          "x-ai/grok-4-fast": "open_router",
+          "x-ai/grok-4.1-fast": "open_router",
+          "x-ai/grok-code-fast-1": "open_router"
+        },
+        "discriminator_values": [
+          "gpt-4o"
+        ]
+      }
+    },
+    "required": [
+      "jina_api_key_credentials",
+      "openai_api_key_credentials"
+    ],
+    "title": "AIWebpageCopyImproverCredentialsInputSchema",
+    "type": "object"
+  }
+}

autogpt_platform/backend/agents/agent_fc2c9976-0962-4625-a27b-d316573a9e7f.json

@@ -0,0 +1,615 @@
+{
+  "id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+  "version": 29,
+  "is_active": true,
+  "name": "Email Address Finder",
+  "description": "Input information of a business and find their email address",
+  "instructions": null,
+  "recommended_schedule_cron": null,
+  "nodes": [
+    {
+      "id": "04cad535-9f1a-4876-8b07-af5897d8c282",
+      "block_id": "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b",
+      "input_default": {
+        "name": "Address",
+        "value": "USA"
+      },
+      "metadata": {
+        "position": {
+          "x": 1047.9357219838776,
+          "y": 1067.9123910370954
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "aac29f7b-3cd1-4c91-9a2a-72a8301c0957",
+          "source_id": "04cad535-9f1a-4876-8b07-af5897d8c282",
+          "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "source_name": "result",
+          "sink_name": "values_#_ADDRESS",
+          "is_static": true
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+      "block_id": "3146e4fe-2cdd-4f29-bd12-0c9d5bb4deb0",
+      "input_default": {
+        "group": 1,
+        "pattern": "<email>(.*?)<\\/email>"
+      },
+      "metadata": {
+        "position": {
+          "x": 3381.2821481740634,
+          "y": 246.091098184158
+        }
+      },
+      "input_links": [
+        {
+          "id": "9f8188ce-1f3d-46fb-acda-b2a57c0e5da6",
+          "source_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "sink_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "source_name": "response",
+          "sink_name": "text",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "b15b5143-27b7-486e-a166-4095e72e5235",
+          "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "sink_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+          "source_name": "negative",
+          "sink_name": "values_#_Result",
+          "is_static": false
+        },
+        {
+          "id": "23591872-3c6b-4562-87d3-5b6ade698e48",
+          "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+          "source_name": "positive",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+      "block_id": "363ae599-353e-4804-937e-b2ee3cef3da4",
+      "input_default": {
+        "name": "Email"
+      },
+      "metadata": {
+        "position": {
+          "x": 4525.4246310882,
+          "y": 246.36913665010354
+        }
+      },
+      "input_links": [
+        {
+          "id": "d87b07ea-dcec-4d38-a644-2c1d741ea3cb",
+          "source_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+          "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+          "source_name": "output",
+          "sink_name": "value",
+          "is_static": false
+        },
+        {
+          "id": "23591872-3c6b-4562-87d3-5b6ade698e48",
+          "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+          "source_name": "positive",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "output_links": [],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+      "block_id": "87840993-2053-44b7-8da4-187ad4ee518c",
+      "input_default": {},
+      "metadata": {
+        "position": {
+          "x": 2182.7499999999995,
+          "y": 242.00001144409185
+        }
+      },
+      "input_links": [
+        {
+          "id": "2e411d3d-79ba-4958-9c1c-b76a45a2e649",
+          "source_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "sink_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+          "source_name": "output",
+          "sink_name": "query",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "899cc7d8-a96b-4107-b3c6-4c78edcf0c6b",
+          "source_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+          "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "source_name": "results",
+          "sink_name": "prompt_values_#_WEBSITE_CONTENT",
+          "is_static": false
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+      "block_id": "c0a8e994-ebf1-4a9c-a4d8-89d09c86741b",
+      "input_default": {
+        "name": "Business Name",
+        "value": "Tim Cook"
+      },
+      "metadata": {
+        "position": {
+          "x": 1049.9704155272595,
+          "y": 244.49931152418344
+        }
+      },
+      "input_links": [],
+      "output_links": [
+        {
+          "id": "946b522c-365f-4ee0-96f9-28863d9882ea",
+          "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+          "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "source_name": "result",
+          "sink_name": "values_#_NAME",
+          "is_static": true
+        },
+        {
+          "id": "43e920a7-0bb4-4fae-9a22-91df95c7342a",
+          "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+          "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_BUSINESS_NAME",
+          "is_static": true
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+      "block_id": "db7d8f02-2f44-4c55-ab7a-eae0941f0c30",
+      "input_default": {
+        "format": "Email Address of {{NAME}}, {{ADDRESS}}",
+        "values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 1625.25,
+          "y": 243.25001144409185
+        }
+      },
+      "input_links": [
+        {
+          "id": "946b522c-365f-4ee0-96f9-28863d9882ea",
+          "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+          "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "source_name": "result",
+          "sink_name": "values_#_NAME",
+          "is_static": true
+        },
+        {
+          "id": "aac29f7b-3cd1-4c91-9a2a-72a8301c0957",
+          "source_id": "04cad535-9f1a-4876-8b07-af5897d8c282",
+          "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "source_name": "result",
+          "sink_name": "values_#_ADDRESS",
+          "is_static": true
+        }
+      ],
+      "output_links": [
+        {
+          "id": "2e411d3d-79ba-4958-9c1c-b76a45a2e649",
+          "source_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+          "sink_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+          "source_name": "output",
+          "sink_name": "query",
+          "is_static": false
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+      "block_id": "db7d8f02-2f44-4c55-ab7a-eae0941f0c30",
+      "input_default": {
+        "format": "Failed to find email. \nResult:\n{{RESULT}}",
+        "values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 3949.7493830805934,
+          "y": 705.209819698647
+        }
+      },
+      "input_links": [
+        {
+          "id": "b15b5143-27b7-486e-a166-4095e72e5235",
+          "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "sink_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+          "source_name": "negative",
+          "sink_name": "values_#_Result",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "d87b07ea-dcec-4d38-a644-2c1d741ea3cb",
+          "source_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+          "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+          "source_name": "output",
+          "sink_name": "value",
+          "is_static": false
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    },
+    {
+      "id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+      "block_id": "1f292d4a-41a4-4977-9684-7c8d560b9f91",
+      "input_default": {
+        "model": "claude-sonnet-4-5-20250929",
+        "prompt": "<business_website>\n{{WEBSITE_CONTENT}}\n</business_website>\n\nExtract the Contact Email of {{BUSINESS_NAME}}.\n\nIf no email that can be used to contact {{BUSINESS_NAME}} is present, output `N/A`.\nDo not share any emails other than the email for this specific entity.\n\nIf multiple present pick the likely best one.\n\nRespond with the email (or N/A) inside <email></email> tags.\n\nExample Response:\n\n<thoughts_or_comments>\nThere were many emails present, but luckily one was for {{BUSINESS_NAME}} which I have included below.\n</thoughts_or_comments>\n<email>\nexample@email.com\n</email>",
+        "prompt_values": {}
+      },
+      "metadata": {
+        "position": {
+          "x": 2774.879259081777,
+          "y": 243.3102035752969
+        }
+      },
+      "input_links": [
+        {
+          "id": "43e920a7-0bb4-4fae-9a22-91df95c7342a",
+          "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+          "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "source_name": "result",
+          "sink_name": "prompt_values_#_BUSINESS_NAME",
+          "is_static": true
+        },
+        {
+          "id": "899cc7d8-a96b-4107-b3c6-4c78edcf0c6b",
+          "source_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+          "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "source_name": "results",
+          "sink_name": "prompt_values_#_WEBSITE_CONTENT",
+          "is_static": false
+        }
+      ],
+      "output_links": [
+        {
+          "id": "9f8188ce-1f3d-46fb-acda-b2a57c0e5da6",
+          "source_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+          "sink_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+          "source_name": "response",
+          "sink_name": "text",
+          "is_static": false
+        }
+      ],
+      "graph_id": "4c6b68cb-bb75-4044-b1cb-2cee3fd39b26",
+      "graph_version": 29,
+      "webhook_id": null,
+      "webhook": null
+    }
+  ],
+  "links": [
+    {
+      "id": "9f8188ce-1f3d-46fb-acda-b2a57c0e5da6",
+      "source_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+      "sink_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+      "source_name": "response",
+      "sink_name": "text",
+      "is_static": false
+    },
+    {
+      "id": "b15b5143-27b7-486e-a166-4095e72e5235",
+      "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+      "sink_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+      "source_name": "negative",
+      "sink_name": "values_#_Result",
+      "is_static": false
+    },
+    {
+      "id": "d87b07ea-dcec-4d38-a644-2c1d741ea3cb",
+      "source_id": "266b7255-11c4-4b88-99e2-85db31a2e865",
+      "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+      "source_name": "output",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "946b522c-365f-4ee0-96f9-28863d9882ea",
+      "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+      "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+      "source_name": "result",
+      "sink_name": "values_#_NAME",
+      "is_static": true
+    },
+    {
+      "id": "23591872-3c6b-4562-87d3-5b6ade698e48",
+      "source_id": "a6e7355e-5bf8-4b09-b11c-a5e140389981",
+      "sink_id": "310c8fab-2ae6-4158-bd48-01dbdc434130",
+      "source_name": "positive",
+      "sink_name": "value",
+      "is_static": false
+    },
+    {
+      "id": "43e920a7-0bb4-4fae-9a22-91df95c7342a",
+      "source_id": "9708a10a-8be0-4c44-abb3-bd0f7c594794",
+      "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+      "source_name": "result",
+      "sink_name": "prompt_values_#_BUSINESS_NAME",
+      "is_static": true
+    },
+    {
+      "id": "2e411d3d-79ba-4958-9c1c-b76a45a2e649",
+      "source_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+      "sink_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+      "source_name": "output",
+      "sink_name": "query",
+      "is_static": false
+    },
+    {
+      "id": "aac29f7b-3cd1-4c91-9a2a-72a8301c0957",
+      "source_id": "04cad535-9f1a-4876-8b07-af5897d8c282",
+      "sink_id": "28b5ddcc-dc20-41cc-ad21-c54ff459f694",
+      "source_name": "result",
+      "sink_name": "values_#_ADDRESS",
+      "is_static": true
+    },
+    {
+      "id": "899cc7d8-a96b-4107-b3c6-4c78edcf0c6b",
+      "source_id": "4a41df99-ffe2-4c12-b528-632979c9c030",
+      "sink_id": "510937b3-0134-4e45-b2ba-05a447bbaf50",
+      "source_name": "results",
+      "sink_name": "prompt_values_#_WEBSITE_CONTENT",
+      "is_static": false
+    }
+  ],
+  "forked_from_id": null,
+  "forked_from_version": null,
+  "sub_graphs": [],
+  "user_id": "",
+  "created_at": "2025-01-03T00:46:30.244Z",
+  "input_schema": {
+    "type": "object",
+    "properties": {
+      "Address": {
+        "advanced": false,
+        "secret": false,
+        "title": "Address",
+        "default": "USA"
+      },
+      "Business Name": {
+        "advanced": false,
+        "secret": false,
+        "title": "Business Name",
+        "default": "Tim Cook"
+      }
+    },
+    "required": []
+  },
+  "output_schema": {
+    "type": "object",
+    "properties": {
+      "Email": {
+        "advanced": false,
+        "secret": false,
+        "title": "Email"
+      }
+    },
+    "required": [
+      "Email"
+    ]
+  },
+  "has_external_trigger": false,
+  "has_human_in_the_loop": false,
+  "trigger_setup_info": null,
+  "credentials_input_schema": {
+    "properties": {
+      "jina_api_key_credentials": {
+        "credentials_provider": [
+          "jina"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "jina",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.JINA: 'jina'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator_values": []
+      },
+      "anthropic_api_key_credentials": {
+        "credentials_provider": [
+          "anthropic"
+        ],
+        "credentials_types": [
+          "api_key"
+        ],
+        "properties": {
+          "id": {
+            "title": "Id",
+            "type": "string"
+          },
+          "title": {
+            "anyOf": [
+              {
+                "type": "string"
+              },
+              {
+                "type": "null"
+              }
+            ],
+            "default": null,
+            "title": "Title"
+          },
+          "provider": {
+            "const": "anthropic",
+            "title": "Provider",
+            "type": "string"
+          },
+          "type": {
+            "const": "api_key",
+            "title": "Type",
+            "type": "string"
+          }
+        },
+        "required": [
+          "id",
+          "provider",
+          "type"
+        ],
+        "title": "CredentialsMetaInput[Literal[<ProviderName.ANTHROPIC: 'anthropic'>], Literal['api_key']]",
+        "type": "object",
+        "discriminator": "model",
+        "discriminator_mapping": {
+          "Llama-3.3-70B-Instruct": "llama_api",
+          "Llama-3.3-8B-Instruct": "llama_api",
+          "Llama-4-Maverick-17B-128E-Instruct-FP8": "llama_api",
+          "Llama-4-Scout-17B-16E-Instruct-FP8": "llama_api",
+          "Qwen/Qwen2.5-72B-Instruct-Turbo": "aiml_api",
+          "amazon/nova-lite-v1": "open_router",
+          "amazon/nova-micro-v1": "open_router",
+          "amazon/nova-pro-v1": "open_router",
+          "claude-3-7-sonnet-20250219": "anthropic",
+          "claude-3-haiku-20240307": "anthropic",
+          "claude-haiku-4-5-20251001": "anthropic",
+          "claude-opus-4-1-20250805": "anthropic",
+          "claude-opus-4-20250514": "anthropic",
+          "claude-opus-4-5-20251101": "anthropic",
+          "claude-sonnet-4-20250514": "anthropic",
+          "claude-sonnet-4-5-20250929": "anthropic",
+          "cohere/command-r-08-2024": "open_router",
+          "cohere/command-r-plus-08-2024": "open_router",
+          "deepseek/deepseek-chat": "open_router",
+          "deepseek/deepseek-r1-0528": "open_router",
+          "dolphin-mistral:latest": "ollama",
+          "google/gemini-2.0-flash-001": "open_router",
+          "google/gemini-2.0-flash-lite-001": "open_router",
+          "google/gemini-2.5-flash": "open_router",
+          "google/gemini-2.5-flash-lite-preview-06-17": "open_router",
+          "google/gemini-2.5-pro-preview-03-25": "open_router",
+          "google/gemini-3-pro-preview": "open_router",
+          "gpt-3.5-turbo": "openai",
+          "gpt-4-turbo": "openai",
+          "gpt-4.1-2025-04-14": "openai",
+          "gpt-4.1-mini-2025-04-14": "openai",
+          "gpt-4o": "openai",
+          "gpt-4o-mini": "openai",
+          "gpt-5-2025-08-07": "openai",
+          "gpt-5-chat-latest": "openai",
+          "gpt-5-mini-2025-08-07": "openai",
+          "gpt-5-nano-2025-08-07": "openai",
+          "gpt-5.1-2025-11-13": "openai",
+          "gryphe/mythomax-l2-13b": "open_router",
+          "llama-3.1-8b-instant": "groq",
+          "llama-3.3-70b-versatile": "groq",
+          "llama3": "ollama",
+          "llama3.1:405b": "ollama",
+          "llama3.2": "ollama",
+          "llama3.3": "ollama",
+          "meta-llama/Llama-3.2-3B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Llama-3.3-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/Meta-Llama-3.1-70B-Instruct-Turbo": "aiml_api",
+          "meta-llama/llama-4-maverick": "open_router",
+          "meta-llama/llama-4-scout": "open_router",
+          "microsoft/wizardlm-2-8x22b": "open_router",
+          "mistralai/mistral-nemo": "open_router",
+          "moonshotai/kimi-k2": "open_router",
+          "nousresearch/hermes-3-llama-3.1-405b": "open_router",
+          "nousresearch/hermes-3-llama-3.1-70b": "open_router",
+          "nvidia/llama-3.1-nemotron-70b-instruct": "aiml_api",
+          "o1": "openai",
+          "o1-mini": "openai",
+          "o3-2025-04-16": "openai",
+          "o3-mini": "openai",
+          "openai/gpt-oss-120b": "open_router",
+          "openai/gpt-oss-20b": "open_router",
+          "perplexity/sonar": "open_router",
+          "perplexity/sonar-deep-research": "open_router",
+          "perplexity/sonar-pro": "open_router",
+          "qwen/qwen3-235b-a22b-thinking-2507": "open_router",
+          "qwen/qwen3-coder": "open_router",
+          "v0-1.0-md": "v0",
+          "v0-1.5-lg": "v0",
+          "v0-1.5-md": "v0",
+          "x-ai/grok-4": "open_router",
+          "x-ai/grok-4-fast": "open_router",
+          "x-ai/grok-4.1-fast": "open_router",
+          "x-ai/grok-code-fast-1": "open_router"
+        },
+        "discriminator_values": [
+          "claude-sonnet-4-5-20250929"
+        ]
+      }
+    },
+    "required": [
+      "jina_api_key_credentials",
+      "anthropic_api_key_credentials"
+    ],
+    "title": "EmailAddressFinderCredentialsInputSchema",
+    "type": "object"
+  }
+}

autogpt_platform/backend/backend/TEST_DATA_README.md

@@ -0,0 +1,150 @@
+# Test Data Scripts
+
+This directory contains scripts for creating and updating test data in the AutoGPT Platform database, specifically designed to test the materialized views for the store functionality.
+
+## Scripts
+
+### test_data_creator.py
+Creates a comprehensive set of test data including:
+- Users with profiles
+- Agent graphs, nodes, and executions
+- Store listings with multiple versions
+- Reviews and ratings
+- Library agents
+- Integration webhooks
+- Onboarding data
+- Credit transactions
+
+**Image/Video Domains Used:**
+- Images: `picsum.photos` (for all image URLs)
+- Videos: `youtube.com` (for store listing videos)
+
+### test_data_updater.py
+Updates existing test data to simulate real-world changes:
+- Adds new agent graph executions
+- Creates new store listing reviews
+- Updates store listing versions
+- Adds credit transactions
+- Refreshes materialized views
+
+### check_db.py
+Tests and verifies materialized views functionality:
+- Checks pg_cron job status (for automatic refresh)
+- Displays current materialized view counts
+- Adds test data (executions and reviews)
+- Creates store listings if none exist
+- Manually refreshes materialized views
+- Compares before/after counts to verify updates
+- Provides a summary of test results
+
+## Materialized Views
+
+The scripts test three key database views:
+
+1. **mv_agent_run_counts**: Tracks execution counts by agent
+2. **mv_review_stats**: Tracks review statistics (count, average rating) by store listing
+3. **StoreAgent**: A view that combines store listing data with execution counts and ratings for display
+
+The materialized views (mv_agent_run_counts and mv_review_stats) are automatically refreshed every 15 minutes via pg_cron, or can be manually refreshed using the `refresh_store_materialized_views()` function.
+
+## Usage
+
+### Prerequisites
+
+1. Ensure the database is running:
+```bash
+docker compose up -d
+# or for test database:
+docker compose -f docker-compose.test.yaml --env-file ../.env up -d
+```
+
+2. Run database migrations:
+```bash
+poetry run prisma migrate deploy
+```
+
+### Running the Scripts
+
+#### Option 1: Use the helper script (from backend directory)
+```bash
+poetry run python run_test_data.py
+```
+
+#### Option 2: Run individually
+```bash
+# From backend/test directory:
+# Create initial test data
+poetry run python test_data_creator.py
+
+# Update data to test materialized view changes
+poetry run python test_data_updater.py
+
+# From backend directory:
+# Test materialized views functionality
+poetry run python check_db.py
+
+# Check store data status
+poetry run python check_store_data.py
+```
+
+#### Option 3: Use the shell script (from backend directory)
+```bash
+./run_test_data_scripts.sh
+```
+
+### Manual Materialized View Refresh
+
+To manually refresh the materialized views:
+```sql
+SELECT refresh_store_materialized_views();
+```
+
+## Configuration
+
+The scripts use the database configuration from your `.env` file:
+- `DATABASE_URL`: PostgreSQL connection string
+- Database should have the platform schema
+
+## Data Generation Limits
+
+Configured in `test_data_creator.py`:
+- 100 users
+- 100 agent blocks
+- 1-5 graphs per user
+- 2-5 nodes per graph
+- 1-5 presets per user
+- 1-10 library agents per user
+- 1-20 executions per graph
+- 1-5 reviews per store listing version
+
+## Notes
+
+- All image URLs use `picsum.photos` for consistency with Next.js image configuration
+- The scripts create realistic relationships between entities
+- Materialized views are refreshed at the end of each script
+- Data is designed to test both happy paths and edge cases
+
+## Troubleshooting
+
+### Reviews and StoreAgent view showing 0
+
+If `check_db.py` shows that reviews remain at 0 and StoreAgent view shows 0 store agents:
+
+1. **No store listings exist**: The script will automatically create test store listings if none exist
+2. **No approved versions**: Store listings need approved versions to appear in the StoreAgent view
+3. **Check with `check_store_data.py`**: This script provides detailed information about:
+   - Total store listings
+   - Store listing versions by status
+   - Existing reviews
+   - StoreAgent view contents
+   - Agent graph executions
+
+### pg_cron not installed
+
+The warning "pg_cron extension is not installed" is normal in local development environments. The materialized views can still be refreshed manually using the `refresh_store_materialized_views()` function, which all scripts do automatically.
+
+### Common Issues
+
+- **Type errors with None values**: Fixed in the latest version of check_db.py by using `or 0` for nullable numeric fields
+- **Missing relations**: Ensure you're using the correct field names (e.g., `StoreListing` not `storeListing` in includes)
+- **Column name mismatches**: The database uses camelCase for column names (e.g., `agentGraphId` not `agent_graph_id`)

autogpt_platform/backend/backend/api/conftest.py

@@ -0,0 +1,85 @@
+"""Common test fixtures for server tests."""
+
+import pytest
+from pytest_snapshot.plugin import Snapshot
+
+
+@pytest.fixture
+def configured_snapshot(snapshot: Snapshot) -> Snapshot:
+    """Pre-configured snapshot fixture with standard settings."""
+    snapshot.snapshot_dir = "snapshots"
+    return snapshot
+
+
+@pytest.fixture
+def test_user_id() -> str:
+    """Test user ID fixture."""
+    return "3e53486c-cf57-477e-ba2a-cb02dc828e1a"
+
+
+@pytest.fixture
+def admin_user_id() -> str:
+    """Admin user ID fixture."""
+    return "4e53486c-cf57-477e-ba2a-cb02dc828e1b"
+
+
+@pytest.fixture
+def target_user_id() -> str:
+    """Target user ID fixture."""
+    return "5e53486c-cf57-477e-ba2a-cb02dc828e1c"
+
+
+@pytest.fixture
+async def setup_test_user(test_user_id):
+    """Create test user in database before tests."""
+    from backend.data.user import get_or_create_user
+
+    # Create the test user in the database using JWT token format
+    user_data = {
+        "sub": test_user_id,
+        "email": "test@example.com",
+        "user_metadata": {"name": "Test User"},
+    }
+    await get_or_create_user(user_data)
+    return test_user_id
+
+
+@pytest.fixture
+async def setup_admin_user(admin_user_id):
+    """Create admin user in database before tests."""
+    from backend.data.user import get_or_create_user
+
+    # Create the admin user in the database using JWT token format
+    user_data = {
+        "sub": admin_user_id,
+        "email": "test-admin@example.com",
+        "user_metadata": {"name": "Test Admin"},
+    }
+    await get_or_create_user(user_data)
+    return admin_user_id
+
+
+@pytest.fixture
+def mock_jwt_user(test_user_id):
+    """Provide mock JWT payload for regular user testing."""
+    import fastapi
+
+    def override_get_jwt_payload(request: fastapi.Request) -> dict[str, str]:
+        return {"sub": test_user_id, "role": "user", "email": "test@example.com"}
+
+    return {"get_jwt_payload": override_get_jwt_payload, "user_id": test_user_id}
+
+
+@pytest.fixture
+def mock_jwt_admin(admin_user_id):
+    """Provide mock JWT payload for admin user testing."""
+    import fastapi
+
+    def override_get_jwt_payload(request: fastapi.Request) -> dict[str, str]:
+        return {
+            "sub": admin_user_id,
+            "role": "admin",
+            "email": "test-admin@example.com",
+        }
+
+    return {"get_jwt_payload": override_get_jwt_payload, "user_id": admin_user_id}

autogpt_platform/backend/backend/api/conn_manager.py

@@ -1,13 +1,14 @@
+import asyncio
 from typing import Dict, Set
 
 from fastapi import WebSocket
 
+from backend.api.model import NotificationPayload, WSMessage, WSMethod
 from backend.data.execution import (
     ExecutionEventType,
     GraphExecutionEvent,
     NodeExecutionEvent,
 )
-from backend.server.model import WSMessage, WSMethod
 
 _EVENT_TYPE_TO_METHOD_MAP: dict[ExecutionEventType, WSMethod] = {
     ExecutionEventType.GRAPH_EXEC_UPDATE: WSMethod.GRAPH_EXECUTION_EVENT,
@@ -19,15 +20,24 @@ class ConnectionManager:
     def __init__(self):
         self.active_connections: Set[WebSocket] = set()
         self.subscriptions: Dict[str, Set[WebSocket]] = {}
+        self.user_connections: Dict[str, Set[WebSocket]] = {}
 
-    async def connect_socket(self, websocket: WebSocket):
+    async def connect_socket(self, websocket: WebSocket, *, user_id: str):
         await websocket.accept()
         self.active_connections.add(websocket)
+        if user_id not in self.user_connections:
+            self.user_connections[user_id] = set()
+        self.user_connections[user_id].add(websocket)
 
-    def disconnect_socket(self, websocket: WebSocket):
-        self.active_connections.remove(websocket)
+    def disconnect_socket(self, websocket: WebSocket, *, user_id: str):
+        self.active_connections.discard(websocket)
         for subscribers in self.subscriptions.values():
             subscribers.discard(websocket)
+        user_conns = self.user_connections.get(user_id)
+        if user_conns is not None:
+            user_conns.discard(websocket)
+            if not user_conns:
+                self.user_connections.pop(user_id, None)
 
     async def subscribe_graph_exec(
         self, *, user_id: str, graph_exec_id: str, websocket: WebSocket
@@ -92,6 +102,26 @@ class ConnectionManager:
 
         return n_sent
 
+    async def send_notification(
+        self, *, user_id: str, payload: NotificationPayload
+    ) -> int:
+        """Send a notification to all websocket connections belonging to a user."""
+        message = WSMessage(
+            method=WSMethod.NOTIFICATION,
+            data=payload.model_dump(),
+        ).model_dump_json()
+
+        connections = tuple(self.user_connections.get(user_id, set()))
+        if not connections:
+            return 0
+
+        await asyncio.gather(
+            *(connection.send_text(message) for connection in connections),
+            return_exceptions=True,
+        )
+
+        return len(connections)
+
     async def _subscribe(self, channel_key: str, websocket: WebSocket) -> str:
         if channel_key not in self.subscriptions:
             self.subscriptions[channel_key] = set()

autogpt_platform/backend/backend/api/conn_manager_test.py

@@ -4,13 +4,13 @@ from unittest.mock import AsyncMock
 import pytest
 from fastapi import WebSocket
 
+from backend.api.conn_manager import ConnectionManager
+from backend.api.model import NotificationPayload, WSMessage, WSMethod
 from backend.data.execution import (
     ExecutionStatus,
     GraphExecutionEvent,
     NodeExecutionEvent,
 )
-from backend.server.conn_manager import ConnectionManager
-from backend.server.model import WSMessage, WSMethod
 
 
 @pytest.fixture
@@ -29,8 +29,9 @@ def mock_websocket() -> AsyncMock:
 async def test_connect(
     connection_manager: ConnectionManager, mock_websocket: AsyncMock
 ) -> None:
-    await connection_manager.connect_socket(mock_websocket)
+    await connection_manager.connect_socket(mock_websocket, user_id="user-1")
     assert mock_websocket in connection_manager.active_connections
+    assert mock_websocket in connection_manager.user_connections["user-1"]
     mock_websocket.accept.assert_called_once()
 
 
@@ -39,11 +40,13 @@ def test_disconnect(
 ) -> None:
     connection_manager.active_connections.add(mock_websocket)
     connection_manager.subscriptions["test_channel_42"] = {mock_websocket}
+    connection_manager.user_connections["user-1"] = {mock_websocket}
 
-    connection_manager.disconnect_socket(mock_websocket)
+    connection_manager.disconnect_socket(mock_websocket, user_id="user-1")
 
     assert mock_websocket not in connection_manager.active_connections
     assert mock_websocket not in connection_manager.subscriptions["test_channel_42"]
+    assert "user-1" not in connection_manager.user_connections
 
 
 @pytest.mark.asyncio
@@ -88,6 +91,7 @@ async def test_send_graph_execution_result(
         user_id="user-1",
         graph_id="test_graph",
         graph_version=1,
+        preset_id=None,
         status=ExecutionStatus.COMPLETED,
         started_at=datetime.now(tz=timezone.utc),
         ended_at=datetime.now(tz=timezone.utc),
@@ -101,6 +105,8 @@ async def test_send_graph_execution_result(
             "input_1": "some input value :)",
             "input_2": "some *other* input value",
         },
+        credential_inputs=None,
+        nodes_input_masks=None,
         outputs={
             "the_output": ["some output value"],
             "other_output": ["sike there was another output"],
@@ -204,3 +210,22 @@ async def test_send_execution_result_no_subscribers(
     await connection_manager.send_execution_update(result)
 
     mock_websocket.send_text.assert_not_called()
+
+
+@pytest.mark.asyncio
+async def test_send_notification(
+    connection_manager: ConnectionManager, mock_websocket: AsyncMock
+) -> None:
+    connection_manager.user_connections["user-1"] = {mock_websocket}
+
+    await connection_manager.send_notification(
+        user_id="user-1", payload=NotificationPayload(type="info", event="hey")
+    )
+
+    mock_websocket.send_text.assert_called_once()
+    sent_message = mock_websocket.send_text.call_args[0][0]
+    expected_message = WSMessage(
+        method=WSMethod.NOTIFICATION,
+        data={"type": "info", "event": "hey"},
+    ).model_dump_json()
+    assert sent_message == expected_message

autogpt_platform/backend/backend/api/external/fastapi_app.py

@@ -0,0 +1,25 @@
+from fastapi import FastAPI
+
+from backend.api.middleware.security import SecurityHeadersMiddleware
+from backend.monitoring.instrumentation import instrument_fastapi
+
+from .v1.routes import v1_router
+
+external_api = FastAPI(
+    title="AutoGPT External API",
+    description="External API for AutoGPT integrations",
+    docs_url="/docs",
+    version="1.0",
+)
+
+external_api.add_middleware(SecurityHeadersMiddleware)
+external_api.include_router(v1_router, prefix="/v1")
+
+# Add Prometheus instrumentation
+instrument_fastapi(
+    external_api,
+    service_name="external-api",
+    expose_endpoint=True,
+    endpoint="/metrics",
+    include_in_schema=True,
+)

autogpt_platform/backend/backend/api/external/middleware.py

@@ -0,0 +1,107 @@
+from fastapi import HTTPException, Security, status
+from fastapi.security import APIKeyHeader, HTTPAuthorizationCredentials, HTTPBearer
+from prisma.enums import APIKeyPermission
+
+from backend.data.auth.api_key import APIKeyInfo, validate_api_key
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.auth.oauth import (
+    InvalidClientError,
+    InvalidTokenError,
+    OAuthAccessTokenInfo,
+    validate_access_token,
+)
+
+api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
+bearer_auth = HTTPBearer(auto_error=False)
+
+
+async def require_api_key(api_key: str | None = Security(api_key_header)) -> APIKeyInfo:
+    """Middleware for API key authentication only"""
+    if api_key is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Missing API key"
+        )
+
+    api_key_obj = await validate_api_key(api_key)
+
+    if not api_key_obj:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid API key"
+        )
+
+    return api_key_obj
+
+
+async def require_access_token(
+    bearer: HTTPAuthorizationCredentials | None = Security(bearer_auth),
+) -> OAuthAccessTokenInfo:
+    """Middleware for OAuth access token authentication only"""
+    if bearer is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Missing Authorization header",
+        )
+
+    try:
+        token_info, _ = await validate_access_token(bearer.credentials)
+    except (InvalidClientError, InvalidTokenError) as e:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
+
+    return token_info
+
+
+async def require_auth(
+    api_key: str | None = Security(api_key_header),
+    bearer: HTTPAuthorizationCredentials | None = Security(bearer_auth),
+) -> APIAuthorizationInfo:
+    """
+    Unified authentication middleware supporting both API keys and OAuth tokens.
+
+    Supports two authentication methods, which are checked in order:
+    1. X-API-Key header (existing API key authentication)
+    2. Authorization: Bearer <token> header (OAuth access token)
+
+    Returns:
+        APIAuthorizationInfo: base class of both APIKeyInfo and OAuthAccessTokenInfo.
+    """
+    # Try API key first
+    if api_key is not None:
+        api_key_info = await validate_api_key(api_key)
+        if api_key_info:
+            return api_key_info
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid API key"
+        )
+
+    # Try OAuth bearer token
+    if bearer is not None:
+        try:
+            token_info, _ = await validate_access_token(bearer.credentials)
+            return token_info
+        except (InvalidClientError, InvalidTokenError) as e:
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=str(e))
+
+    # No credentials provided
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Missing authentication. Provide API key or access token.",
+    )
+
+
+def require_permission(permission: APIKeyPermission):
+    """
+    Dependency function for checking specific permissions
+    (works with API keys and OAuth tokens)
+    """
+
+    async def check_permission(
+        auth: APIAuthorizationInfo = Security(require_auth),
+    ) -> APIAuthorizationInfo:
+        if permission not in auth.scopes:
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail=f"Missing required permission: {permission.value}",
+            )
+        return auth
+
+    return check_permission

autogpt_platform/backend/backend/api/external/v1/integrations.py

@@ -0,0 +1,655 @@
+"""
+External API endpoints for integrations and credentials.
+
+This module provides endpoints for external applications (like Autopilot) to:
+- Initiate OAuth flows with custom callback URLs
+- Complete OAuth flows by exchanging authorization codes
+- Create API key, user/password, and host-scoped credentials
+- List and manage user credentials
+"""
+
+import logging
+from typing import TYPE_CHECKING, Annotated, Any, Literal, Optional, Union
+from urllib.parse import urlparse
+
+from fastapi import APIRouter, Body, HTTPException, Path, Security, status
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field, SecretStr
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.integrations.models import get_all_provider_names
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.model import (
+    APIKeyCredentials,
+    Credentials,
+    CredentialsType,
+    HostScopedCredentials,
+    OAuth2Credentials,
+    UserPasswordCredentials,
+)
+from backend.integrations.creds_manager import IntegrationCredentialsManager
+from backend.integrations.oauth import CREDENTIALS_BY_PROVIDER, HANDLERS_BY_NAME
+from backend.integrations.providers import ProviderName
+from backend.util.settings import Settings
+
+if TYPE_CHECKING:
+    from backend.integrations.oauth import BaseOAuthHandler
+
+logger = logging.getLogger(__name__)
+settings = Settings()
+creds_manager = IntegrationCredentialsManager()
+
+integrations_router = APIRouter(prefix="/integrations", tags=["integrations"])
+
+
+# ==================== Request/Response Models ==================== #
+
+
+class OAuthInitiateRequest(BaseModel):
+    """Request model for initiating an OAuth flow."""
+
+    callback_url: str = Field(
+        ..., description="The external app's callback URL for OAuth redirect"
+    )
+    scopes: list[str] = Field(
+        default_factory=list, description="OAuth scopes to request"
+    )
+    state_metadata: dict[str, Any] = Field(
+        default_factory=dict,
+        description="Arbitrary metadata to echo back on completion",
+    )
+
+
+class OAuthInitiateResponse(BaseModel):
+    """Response model for OAuth initiation."""
+
+    login_url: str = Field(..., description="URL to redirect user for OAuth consent")
+    state_token: str = Field(..., description="State token for CSRF protection")
+    expires_at: int = Field(
+        ..., description="Unix timestamp when the state token expires"
+    )
+
+
+class OAuthCompleteRequest(BaseModel):
+    """Request model for completing an OAuth flow."""
+
+    code: str = Field(..., description="Authorization code from OAuth provider")
+    state_token: str = Field(..., description="State token from initiate request")
+
+
+class OAuthCompleteResponse(BaseModel):
+    """Response model for OAuth completion."""
+
+    credentials_id: str = Field(..., description="ID of the stored credentials")
+    provider: str = Field(..., description="Provider name")
+    type: str = Field(..., description="Credential type (oauth2)")
+    title: Optional[str] = Field(None, description="Credential title")
+    scopes: list[str] = Field(default_factory=list, description="Granted scopes")
+    username: Optional[str] = Field(None, description="Username from provider")
+    state_metadata: dict[str, Any] = Field(
+        default_factory=dict, description="Echoed metadata from initiate request"
+    )
+
+
+class CredentialSummary(BaseModel):
+    """Summary of a credential without sensitive data."""
+
+    id: str
+    provider: str
+    type: CredentialsType
+    title: Optional[str] = None
+    scopes: Optional[list[str]] = None
+    username: Optional[str] = None
+    host: Optional[str] = None
+
+
+class ProviderInfo(BaseModel):
+    """Information about an integration provider."""
+
+    name: str
+    supports_oauth: bool = False
+    supports_api_key: bool = False
+    supports_user_password: bool = False
+    supports_host_scoped: bool = False
+    default_scopes: list[str] = Field(default_factory=list)
+
+
+# ==================== Credential Creation Models ==================== #
+
+
+class CreateAPIKeyCredentialRequest(BaseModel):
+    """Request model for creating API key credentials."""
+
+    type: Literal["api_key"] = "api_key"
+    api_key: str = Field(..., description="The API key")
+    title: str = Field(..., description="A name for this credential")
+    expires_at: Optional[int] = Field(
+        None, description="Unix timestamp when the API key expires"
+    )
+
+
+class CreateUserPasswordCredentialRequest(BaseModel):
+    """Request model for creating username/password credentials."""
+
+    type: Literal["user_password"] = "user_password"
+    username: str = Field(..., description="Username")
+    password: str = Field(..., description="Password")
+    title: str = Field(..., description="A name for this credential")
+
+
+class CreateHostScopedCredentialRequest(BaseModel):
+    """Request model for creating host-scoped credentials."""
+
+    type: Literal["host_scoped"] = "host_scoped"
+    host: str = Field(..., description="Host/domain pattern to match")
+    headers: dict[str, str] = Field(..., description="Headers to include in requests")
+    title: str = Field(..., description="A name for this credential")
+
+
+# Union type for credential creation
+CreateCredentialRequest = Annotated[
+    CreateAPIKeyCredentialRequest
+    | CreateUserPasswordCredentialRequest
+    | CreateHostScopedCredentialRequest,
+    Field(discriminator="type"),
+]
+
+
+class CreateCredentialResponse(BaseModel):
+    """Response model for credential creation."""
+
+    id: str
+    provider: str
+    type: CredentialsType
+    title: Optional[str] = None
+
+
+# ==================== Helper Functions ==================== #
+
+
+def validate_callback_url(callback_url: str) -> bool:
+    """Validate that the callback URL is from an allowed origin."""
+    allowed_origins = settings.config.external_oauth_callback_origins
+
+    try:
+        parsed = urlparse(callback_url)
+        callback_origin = f"{parsed.scheme}://{parsed.netloc}"
+
+        for allowed in allowed_origins:
+            # Simple origin matching
+            if callback_origin == allowed:
+                return True
+
+        # Allow localhost with any port in development (proper hostname check)
+        if parsed.hostname == "localhost":
+            for allowed in allowed_origins:
+                allowed_parsed = urlparse(allowed)
+                if allowed_parsed.hostname == "localhost":
+                    return True
+
+        return False
+    except Exception:
+        return False
+
+
+def _get_oauth_handler_for_external(
+    provider_name: str, redirect_uri: str
+) -> "BaseOAuthHandler":
+    """Get an OAuth handler configured with an external redirect URI."""
+    # Ensure blocks are loaded so SDK providers are available
+    try:
+        from backend.blocks import load_all_blocks
+
+        load_all_blocks()
+    except Exception as e:
+        logger.warning(f"Failed to load blocks: {e}")
+
+    if provider_name not in HANDLERS_BY_NAME:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Provider '{provider_name}' does not support OAuth",
+        )
+
+    # Check if this provider has custom OAuth credentials
+    oauth_credentials = CREDENTIALS_BY_PROVIDER.get(provider_name)
+
+    if oauth_credentials and not oauth_credentials.use_secrets:
+        import os
+
+        client_id = (
+            os.getenv(oauth_credentials.client_id_env_var)
+            if oauth_credentials.client_id_env_var
+            else None
+        )
+        client_secret = (
+            os.getenv(oauth_credentials.client_secret_env_var)
+            if oauth_credentials.client_secret_env_var
+            else None
+        )
+    else:
+        client_id = getattr(settings.secrets, f"{provider_name}_client_id", None)
+        client_secret = getattr(
+            settings.secrets, f"{provider_name}_client_secret", None
+        )
+
+    if not (client_id and client_secret):
+        logger.error(f"Attempt to use unconfigured {provider_name} OAuth integration")
+        raise HTTPException(
+            status_code=status.HTTP_501_NOT_IMPLEMENTED,
+            detail={
+                "message": f"Integration with provider '{provider_name}' is not configured.",
+                "hint": "Set client ID and secret in the application's deployment environment",
+            },
+        )
+
+    handler_class = HANDLERS_BY_NAME[provider_name]
+    return handler_class(
+        client_id=client_id,
+        client_secret=client_secret,
+        redirect_uri=redirect_uri,
+    )
+
+
+# ==================== Endpoints ==================== #
+
+
+@integrations_router.get("/providers", response_model=list[ProviderInfo])
+async def list_providers(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> list[ProviderInfo]:
+    """
+    List all available integration providers.
+
+    Returns a list of all providers with their supported credential types.
+    Most providers support API key credentials, and some also support OAuth.
+    """
+    # Ensure blocks are loaded
+    try:
+        from backend.blocks import load_all_blocks
+
+        load_all_blocks()
+    except Exception as e:
+        logger.warning(f"Failed to load blocks: {e}")
+
+    from backend.sdk.registry import AutoRegistry
+
+    providers = []
+    for name in get_all_provider_names():
+        supports_oauth = name in HANDLERS_BY_NAME
+        handler_class = HANDLERS_BY_NAME.get(name)
+        default_scopes = (
+            getattr(handler_class, "DEFAULT_SCOPES", []) if handler_class else []
+        )
+
+        # Check if provider has specific auth types from SDK registration
+        sdk_provider = AutoRegistry.get_provider(name)
+        if sdk_provider and sdk_provider.supported_auth_types:
+            supports_api_key = "api_key" in sdk_provider.supported_auth_types
+            supports_user_password = (
+                "user_password" in sdk_provider.supported_auth_types
+            )
+            supports_host_scoped = "host_scoped" in sdk_provider.supported_auth_types
+        else:
+            # Fallback for legacy providers
+            supports_api_key = True  # All providers can accept API keys
+            supports_user_password = name in ("smtp",)
+            supports_host_scoped = name == "http"
+
+        providers.append(
+            ProviderInfo(
+                name=name,
+                supports_oauth=supports_oauth,
+                supports_api_key=supports_api_key,
+                supports_user_password=supports_user_password,
+                supports_host_scoped=supports_host_scoped,
+                default_scopes=default_scopes,
+            )
+        )
+
+    return providers
+
+
+@integrations_router.post(
+    "/{provider}/oauth/initiate",
+    response_model=OAuthInitiateResponse,
+    summary="Initiate OAuth flow",
+)
+async def initiate_oauth(
+    provider: Annotated[str, Path(title="The OAuth provider")],
+    request: OAuthInitiateRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
+    ),
+) -> OAuthInitiateResponse:
+    """
+    Initiate an OAuth flow for an external application.
+
+    This endpoint allows external apps to start an OAuth flow with a custom
+    callback URL. The callback URL must be from an allowed origin configured
+    in the platform settings.
+
+    Returns a login URL to redirect the user to, along with a state token
+    for CSRF protection.
+    """
+    # Validate callback URL
+    if not validate_callback_url(request.callback_url):
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=(
+                f"Callback URL origin is not allowed. "
+                f"Allowed origins: {settings.config.external_oauth_callback_origins}",
+            ),
+        )
+
+    # Validate provider
+    try:
+        provider_name = ProviderName(provider)
+    except ValueError:
+        # Check if it's a dynamically registered provider
+        if provider not in HANDLERS_BY_NAME:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail=f"Provider '{provider}' not found",
+            )
+        provider_name = provider
+
+    # Get OAuth handler with external callback URL
+    handler = _get_oauth_handler_for_external(
+        provider if isinstance(provider_name, str) else provider_name.value,
+        request.callback_url,
+    )
+
+    # Store state token with external flow metadata
+    # Note: initiated_by_api_key_id is only available for API key auth, not OAuth
+    api_key_id = getattr(auth, "id", None) if auth.type == "api_key" else None
+    state_token, code_challenge = await creds_manager.store.store_state_token(
+        user_id=auth.user_id,
+        provider=provider if isinstance(provider_name, str) else provider_name.value,
+        scopes=request.scopes,
+        callback_url=request.callback_url,
+        state_metadata=request.state_metadata,
+        initiated_by_api_key_id=api_key_id,
+    )
+
+    # Build login URL
+    login_url = handler.get_login_url(
+        request.scopes, state_token, code_challenge=code_challenge
+    )
+
+    # Calculate expiration (10 minutes from now)
+    from datetime import datetime, timedelta, timezone
+
+    expires_at = int((datetime.now(timezone.utc) + timedelta(minutes=10)).timestamp())
+
+    return OAuthInitiateResponse(
+        login_url=login_url,
+        state_token=state_token,
+        expires_at=expires_at,
+    )
+
+
+@integrations_router.post(
+    "/{provider}/oauth/complete",
+    response_model=OAuthCompleteResponse,
+    summary="Complete OAuth flow",
+)
+async def complete_oauth(
+    provider: Annotated[str, Path(title="The OAuth provider")],
+    request: OAuthCompleteRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
+    ),
+) -> OAuthCompleteResponse:
+    """
+    Complete an OAuth flow by exchanging the authorization code for tokens.
+
+    This endpoint should be called after the user has authorized the application
+    and been redirected back to the external app's callback URL with an
+    authorization code.
+    """
+    # Verify state token
+    valid_state = await creds_manager.store.verify_state_token(
+        auth.user_id, request.state_token, provider
+    )
+
+    if not valid_state:
+        logger.warning(f"Invalid or expired state token for provider {provider}")
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Invalid or expired state token",
+        )
+
+    # Verify this is an external flow (callback_url must be set)
+    if not valid_state.callback_url:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="State token was not created for external OAuth flow",
+        )
+
+    # Get OAuth handler with the original callback URL
+    handler = _get_oauth_handler_for_external(provider, valid_state.callback_url)
+
+    try:
+        scopes = valid_state.scopes
+        scopes = handler.handle_default_scopes(scopes)
+
+        credentials = await handler.exchange_code_for_tokens(
+            request.code, scopes, valid_state.code_verifier
+        )
+
+        # Handle Linear's space-separated scopes
+        if len(credentials.scopes) == 1 and " " in credentials.scopes[0]:
+            credentials.scopes = credentials.scopes[0].split(" ")
+
+        # Check scope mismatch
+        if not set(scopes).issubset(set(credentials.scopes)):
+            logger.warning(
+                f"Granted scopes {credentials.scopes} for provider {provider} "
+                f"do not include all requested scopes {scopes}"
+            )
+
+    except Exception as e:
+        logger.error(f"OAuth2 Code->Token exchange failed for provider {provider}: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=f"OAuth2 callback failed to exchange code for tokens: {str(e)}",
+        )
+
+    # Store credentials
+    await creds_manager.create(auth.user_id, credentials)
+
+    logger.info(f"Successfully completed external OAuth for provider {provider}")
+
+    return OAuthCompleteResponse(
+        credentials_id=credentials.id,
+        provider=credentials.provider,
+        type=credentials.type,
+        title=credentials.title,
+        scopes=credentials.scopes,
+        username=credentials.username,
+        state_metadata=valid_state.state_metadata,
+    )
+
+
+@integrations_router.get("/credentials", response_model=list[CredentialSummary])
+async def list_credentials(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> list[CredentialSummary]:
+    """
+    List all credentials for the authenticated user.
+
+    Returns metadata about each credential without exposing sensitive tokens.
+    """
+    credentials = await creds_manager.store.get_all_creds(auth.user_id)
+    return [
+        CredentialSummary(
+            id=cred.id,
+            provider=cred.provider,
+            type=cred.type,
+            title=cred.title,
+            scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
+            username=cred.username if isinstance(cred, OAuth2Credentials) else None,
+            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
+        )
+        for cred in credentials
+    ]
+
+
+@integrations_router.get(
+    "/{provider}/credentials", response_model=list[CredentialSummary]
+)
+async def list_credentials_by_provider(
+    provider: Annotated[str, Path(title="The provider to list credentials for")],
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> list[CredentialSummary]:
+    """
+    List credentials for a specific provider.
+    """
+    credentials = await creds_manager.store.get_creds_by_provider(
+        auth.user_id, provider
+    )
+    return [
+        CredentialSummary(
+            id=cred.id,
+            provider=cred.provider,
+            type=cred.type,
+            title=cred.title,
+            scopes=cred.scopes if isinstance(cred, OAuth2Credentials) else None,
+            username=cred.username if isinstance(cred, OAuth2Credentials) else None,
+            host=cred.host if isinstance(cred, HostScopedCredentials) else None,
+        )
+        for cred in credentials
+    ]
+
+
+@integrations_router.post(
+    "/{provider}/credentials",
+    response_model=CreateCredentialResponse,
+    status_code=status.HTTP_201_CREATED,
+    summary="Create credentials",
+)
+async def create_credential(
+    provider: Annotated[str, Path(title="The provider to create credentials for")],
+    request: Union[
+        CreateAPIKeyCredentialRequest,
+        CreateUserPasswordCredentialRequest,
+        CreateHostScopedCredentialRequest,
+    ] = Body(..., discriminator="type"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.MANAGE_INTEGRATIONS)
+    ),
+) -> CreateCredentialResponse:
+    """
+    Create non-OAuth credentials for a provider.
+
+    Supports creating:
+    - API key credentials (type: "api_key")
+    - Username/password credentials (type: "user_password")
+    - Host-scoped credentials (type: "host_scoped")
+
+    For OAuth credentials, use the OAuth initiate/complete flow instead.
+    """
+    # Validate provider exists
+    all_providers = get_all_provider_names()
+    if provider not in all_providers:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Provider '{provider}' not found",
+        )
+
+    # Create the appropriate credential type
+    credentials: Credentials
+    if request.type == "api_key":
+        credentials = APIKeyCredentials(
+            provider=provider,
+            api_key=SecretStr(request.api_key),
+            title=request.title,
+            expires_at=request.expires_at,
+        )
+    elif request.type == "user_password":
+        credentials = UserPasswordCredentials(
+            provider=provider,
+            username=SecretStr(request.username),
+            password=SecretStr(request.password),
+            title=request.title,
+        )
+    elif request.type == "host_scoped":
+        # Convert string headers to SecretStr
+        secret_headers = {k: SecretStr(v) for k, v in request.headers.items()}
+        credentials = HostScopedCredentials(
+            provider=provider,
+            host=request.host,
+            headers=secret_headers,
+            title=request.title,
+        )
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=f"Unsupported credential type: {request.type}",
+        )
+
+    # Store credentials
+    try:
+        await creds_manager.create(auth.user_id, credentials)
+    except Exception as e:
+        logger.error(f"Failed to store credentials: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to store credentials: {str(e)}",
+        )
+
+    logger.info(f"Created {request.type} credentials for provider {provider}")
+
+    return CreateCredentialResponse(
+        id=credentials.id,
+        provider=provider,
+        type=credentials.type,
+        title=credentials.title,
+    )
+
+
+class DeleteCredentialResponse(BaseModel):
+    """Response model for deleting a credential."""
+
+    deleted: bool = Field(..., description="Whether the credential was deleted")
+    credentials_id: str = Field(..., description="ID of the deleted credential")
+
+
+@integrations_router.delete(
+    "/{provider}/credentials/{cred_id}",
+    response_model=DeleteCredentialResponse,
+)
+async def delete_credential(
+    provider: Annotated[str, Path(title="The provider")],
+    cred_id: Annotated[str, Path(title="The credential ID to delete")],
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.DELETE_INTEGRATIONS)
+    ),
+) -> DeleteCredentialResponse:
+    """
+    Delete a credential.
+
+    Note: This does not revoke the tokens with the provider. For full cleanup,
+    use the main API's delete endpoint which handles webhook cleanup and
+    token revocation.
+    """
+    creds = await creds_manager.store.get_creds_by_id(auth.user_id, cred_id)
+    if not creds:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail="Credentials not found"
+        )
+    if creds.provider != provider:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="Credentials do not match the specified provider",
+        )
+
+    await creds_manager.delete(auth.user_id, cred_id)
+
+    return DeleteCredentialResponse(deleted=True, credentials_id=cred_id)

autogpt_platform/backend/backend/api/external/v1/routes.py

@@ -0,0 +1,328 @@
+import logging
+import urllib.parse
+from collections import defaultdict
+from typing import Annotated, Any, Literal, Optional, Sequence
+
+from fastapi import APIRouter, Body, HTTPException, Security
+from prisma.enums import AgentExecutionStatus, APIKeyPermission
+from pydantic import BaseModel, Field
+from typing_extensions import TypedDict
+
+import backend.api.features.store.cache as store_cache
+import backend.api.features.store.model as store_model
+import backend.data.block
+from backend.api.external.middleware import require_permission
+from backend.data import execution as execution_db
+from backend.data import graph as graph_db
+from backend.data import user as user_db
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.block import BlockInput, CompletedBlockOutput
+from backend.executor.utils import add_graph_execution
+from backend.util.settings import Settings
+
+from .integrations import integrations_router
+from .tools import tools_router
+
+settings = Settings()
+logger = logging.getLogger(__name__)
+
+v1_router = APIRouter()
+
+v1_router.include_router(integrations_router)
+v1_router.include_router(tools_router)
+
+
+class UserInfoResponse(BaseModel):
+    id: str
+    name: Optional[str]
+    email: str
+    timezone: str = Field(
+        description="The user's last known timezone (e.g. 'Europe/Amsterdam'), "
+        "or 'not-set' if not set"
+    )
+
+
+@v1_router.get(
+    path="/me",
+    tags=["user", "meta"],
+)
+async def get_user_info(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.IDENTITY)
+    ),
+) -> UserInfoResponse:
+    user = await user_db.get_user_by_id(auth.user_id)
+
+    return UserInfoResponse(
+        id=user.id,
+        name=user.name,
+        email=user.email,
+        timezone=user.timezone,
+    )
+
+
+@v1_router.get(
+    path="/blocks",
+    tags=["blocks"],
+    dependencies=[Security(require_permission(APIKeyPermission.READ_BLOCK))],
+)
+async def get_graph_blocks() -> Sequence[dict[Any, Any]]:
+    blocks = [block() for block in backend.data.block.get_blocks().values()]
+    return [b.to_dict() for b in blocks if not b.disabled]
+
+
+@v1_router.post(
+    path="/blocks/{block_id}/execute",
+    tags=["blocks"],
+    dependencies=[Security(require_permission(APIKeyPermission.EXECUTE_BLOCK))],
+)
+async def execute_graph_block(
+    block_id: str,
+    data: BlockInput,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.EXECUTE_BLOCK)
+    ),
+) -> CompletedBlockOutput:
+    obj = backend.data.block.get_block(block_id)
+    if not obj:
+        raise HTTPException(status_code=404, detail=f"Block #{block_id} not found.")
+
+    output = defaultdict(list)
+    async for name, data in obj.execute(data):
+        output[name].append(data)
+    return output
+
+
+@v1_router.post(
+    path="/graphs/{graph_id}/execute/{graph_version}",
+    tags=["graphs"],
+)
+async def execute_graph(
+    graph_id: str,
+    graph_version: int,
+    node_input: Annotated[dict[str, Any], Body(..., embed=True, default_factory=dict)],
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.EXECUTE_GRAPH)
+    ),
+) -> dict[str, Any]:
+    try:
+        graph_exec = await add_graph_execution(
+            graph_id=graph_id,
+            user_id=auth.user_id,
+            inputs=node_input,
+            graph_version=graph_version,
+        )
+        return {"id": graph_exec.id}
+    except Exception as e:
+        msg = str(e).encode().decode("unicode_escape")
+        raise HTTPException(status_code=400, detail=msg)
+
+
+class ExecutionNode(TypedDict):
+    node_id: str
+    input: Any
+    output: dict[str, Any]
+
+
+class GraphExecutionResult(TypedDict):
+    execution_id: str
+    status: str
+    nodes: list[ExecutionNode]
+    output: Optional[list[dict[str, str]]]
+
+
+@v1_router.get(
+    path="/graphs/{graph_id}/executions/{graph_exec_id}/results",
+    tags=["graphs"],
+)
+async def get_graph_execution_results(
+    graph_id: str,
+    graph_exec_id: str,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_GRAPH)
+    ),
+) -> GraphExecutionResult:
+    graph_exec = await execution_db.get_graph_execution(
+        user_id=auth.user_id,
+        execution_id=graph_exec_id,
+        include_node_executions=True,
+    )
+    if not graph_exec:
+        raise HTTPException(
+            status_code=404, detail=f"Graph execution #{graph_exec_id} not found."
+        )
+
+    if not await graph_db.get_graph(
+        graph_id=graph_exec.graph_id,
+        version=graph_exec.graph_version,
+        user_id=auth.user_id,
+    ):
+        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found.")
+
+    return GraphExecutionResult(
+        execution_id=graph_exec_id,
+        status=graph_exec.status.value,
+        nodes=[
+            ExecutionNode(
+                node_id=node_exec.node_id,
+                input=node_exec.input_data.get("value", node_exec.input_data),
+                output={k: v for k, v in node_exec.output_data.items()},
+            )
+            for node_exec in graph_exec.node_executions
+        ],
+        output=(
+            [
+                {name: value}
+                for name, values in graph_exec.outputs.items()
+                for value in values
+            ]
+            if graph_exec.status == AgentExecutionStatus.COMPLETED
+            else None
+        ),
+    )
+
+
+##############################################
+############### Store Endpoints ##############
+##############################################
+
+
+@v1_router.get(
+    path="/store/agents",
+    tags=["store"],
+    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
+    response_model=store_model.StoreAgentsResponse,
+)
+async def get_store_agents(
+    featured: bool = False,
+    creator: str | None = None,
+    sorted_by: Literal["rating", "runs", "name", "updated_at"] | None = None,
+    search_query: str | None = None,
+    category: str | None = None,
+    page: int = 1,
+    page_size: int = 20,
+) -> store_model.StoreAgentsResponse:
+    """
+    Get a paginated list of agents from the store with optional filtering and sorting.
+
+    Args:
+        featured: Filter to only show featured agents
+        creator: Filter agents by creator username
+        sorted_by: Sort agents by "runs", "rating", "name", or "updated_at"
+        search_query: Search agents by name, subheading and description
+        category: Filter agents by category
+        page: Page number for pagination (default 1)
+        page_size: Number of agents per page (default 20)
+
+    Returns:
+        StoreAgentsResponse: Paginated list of agents matching the filters
+    """
+    if page < 1:
+        raise HTTPException(status_code=422, detail="Page must be greater than 0")
+
+    if page_size < 1:
+        raise HTTPException(status_code=422, detail="Page size must be greater than 0")
+
+    agents = await store_cache._get_cached_store_agents(
+        featured=featured,
+        creator=creator,
+        sorted_by=sorted_by,
+        search_query=search_query,
+        category=category,
+        page=page,
+        page_size=page_size,
+    )
+    return agents
+
+
+@v1_router.get(
+    path="/store/agents/{username}/{agent_name}",
+    tags=["store"],
+    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
+    response_model=store_model.StoreAgentDetails,
+)
+async def get_store_agent(
+    username: str,
+    agent_name: str,
+) -> store_model.StoreAgentDetails:
+    """
+    Get details of a specific store agent by username and agent name.
+
+    Args:
+        username: Creator's username
+        agent_name: Name/slug of the agent
+
+    Returns:
+        StoreAgentDetails: Detailed information about the agent
+    """
+    username = urllib.parse.unquote(username).lower()
+    agent_name = urllib.parse.unquote(agent_name).lower()
+    agent = await store_cache._get_cached_agent_details(
+        username=username, agent_name=agent_name
+    )
+    return agent
+
+
+@v1_router.get(
+    path="/store/creators",
+    tags=["store"],
+    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
+    response_model=store_model.CreatorsResponse,
+)
+async def get_store_creators(
+    featured: bool = False,
+    search_query: str | None = None,
+    sorted_by: Literal["agent_rating", "agent_runs", "num_agents"] | None = None,
+    page: int = 1,
+    page_size: int = 20,
+) -> store_model.CreatorsResponse:
+    """
+    Get a paginated list of store creators with optional filtering and sorting.
+
+    Args:
+        featured: Filter to only show featured creators
+        search_query: Search creators by profile description
+        sorted_by: Sort by "agent_rating", "agent_runs", or "num_agents"
+        page: Page number for pagination (default 1)
+        page_size: Number of creators per page (default 20)
+
+    Returns:
+        CreatorsResponse: Paginated list of creators matching the filters
+    """
+    if page < 1:
+        raise HTTPException(status_code=422, detail="Page must be greater than 0")
+
+    if page_size < 1:
+        raise HTTPException(status_code=422, detail="Page size must be greater than 0")
+
+    creators = await store_cache._get_cached_store_creators(
+        featured=featured,
+        search_query=search_query,
+        sorted_by=sorted_by,
+        page=page,
+        page_size=page_size,
+    )
+    return creators
+
+
+@v1_router.get(
+    path="/store/creators/{username}",
+    tags=["store"],
+    dependencies=[Security(require_permission(APIKeyPermission.READ_STORE))],
+    response_model=store_model.CreatorDetails,
+)
+async def get_store_creator(
+    username: str,
+) -> store_model.CreatorDetails:
+    """
+    Get details of a specific store creator by username.
+
+    Args:
+        username: Creator's username
+
+    Returns:
+        CreatorDetails: Detailed information about the creator
+    """
+    username = urllib.parse.unquote(username).lower()
+    creator = await store_cache._get_cached_creator_details(username=username)
+    return creator

autogpt_platform/backend/backend/api/external/v1/tools.py

@@ -0,0 +1,152 @@
+"""External API routes for chat tools - stateless HTTP endpoints.
+
+Note: These endpoints use ephemeral sessions that are not persisted to Redis.
+As a result, session-based rate limiting (max_agent_runs, max_agent_schedules)
+is not enforced for external API calls. Each request creates a fresh session
+with zeroed counters. Rate limiting for external API consumers should be
+handled separately (e.g., via API key quotas).
+"""
+
+import logging
+from typing import Any
+
+from fastapi import APIRouter, Security
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.chat.model import ChatSession
+from backend.api.features.chat.tools import find_agent_tool, run_agent_tool
+from backend.api.features.chat.tools.models import ToolResponseBase
+from backend.data.auth.base import APIAuthorizationInfo
+
+logger = logging.getLogger(__name__)
+
+tools_router = APIRouter(prefix="/tools", tags=["tools"])
+
+# Note: We use Security() as a function parameter dependency (auth: APIAuthorizationInfo = Security(...))
+# rather than in the decorator's dependencies= list. This avoids duplicate permission checks
+# while still enforcing auth AND giving us access to auth for extracting user_id.
+
+
+# Request models
+class FindAgentRequest(BaseModel):
+    query: str = Field(..., description="Search query for finding agents")
+
+
+class RunAgentRequest(BaseModel):
+    """Request to run or schedule an agent.
+
+    The tool automatically handles the setup flow:
+    - First call returns available inputs so user can decide what values to use
+    - Returns missing credentials if user needs to configure them
+    - Executes when inputs are provided OR use_defaults=true
+    - Schedules execution if schedule_name and cron are provided
+    """
+
+    username_agent_slug: str = Field(
+        ...,
+        description="The marketplace agent slug (e.g., 'username/agent-name')",
+    )
+    inputs: dict[str, Any] = Field(
+        default_factory=dict,
+        description="Dictionary of input values for the agent",
+    )
+    use_defaults: bool = Field(
+        default=False,
+        description="Set to true to run with default values (user must confirm)",
+    )
+    schedule_name: str | None = Field(
+        None,
+        description="Name for scheduled execution (triggers scheduling mode)",
+    )
+    cron: str | None = Field(
+        None,
+        description="Cron expression (5 fields: minute hour day month weekday)",
+    )
+    timezone: str = Field(
+        default="UTC",
+        description="IANA timezone (e.g., 'America/New_York', 'UTC')",
+    )
+
+
+def _create_ephemeral_session(user_id: str | None) -> ChatSession:
+    """Create an ephemeral session for stateless API requests."""
+    return ChatSession.new(user_id)
+
+
+@tools_router.post(
+    path="/find-agent",
+)
+async def find_agent(
+    request: FindAgentRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.USE_TOOLS)
+    ),
+) -> dict[str, Any]:
+    """
+    Search for agents in the marketplace based on capabilities and user needs.
+
+    Args:
+        request: Search query for finding agents
+
+    Returns:
+        List of matching agents or no results response
+    """
+    session = _create_ephemeral_session(auth.user_id)
+    result = await find_agent_tool._execute(
+        user_id=auth.user_id,
+        session=session,
+        query=request.query,
+    )
+    return _response_to_dict(result)
+
+
+@tools_router.post(
+    path="/run-agent",
+)
+async def run_agent(
+    request: RunAgentRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.USE_TOOLS)
+    ),
+) -> dict[str, Any]:
+    """
+    Run or schedule an agent from the marketplace.
+
+    The endpoint automatically handles the setup flow:
+    - Returns missing inputs if required fields are not provided
+    - Returns missing credentials if user needs to configure them
+    - Executes immediately if all requirements are met
+    - Schedules execution if schedule_name and cron are provided
+
+    For scheduled execution:
+    - Cron format: "minute hour day month weekday"
+    - Examples: "0 9 * * 1-5" (9am weekdays), "0 0 * * *" (daily at midnight)
+    - Timezone: Use IANA timezone names like "America/New_York"
+
+    Args:
+        request: Agent slug, inputs, and optional schedule config
+
+    Returns:
+        - setup_requirements: If inputs or credentials are missing
+        - execution_started: If agent was run or scheduled successfully
+        - error: If something went wrong
+    """
+    session = _create_ephemeral_session(auth.user_id)
+    result = await run_agent_tool._execute(
+        user_id=auth.user_id,
+        session=session,
+        username_agent_slug=request.username_agent_slug,
+        inputs=request.inputs,
+        use_defaults=request.use_defaults,
+        schedule_name=request.schedule_name or "",
+        cron=request.cron or "",
+        timezone=request.timezone,
+    )
+    return _response_to_dict(result)
+
+
+def _response_to_dict(result: ToolResponseBase) -> dict[str, Any]:
+    """Convert a tool response to a dictionary for JSON serialization."""
+    return result.model_dump()

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes.py

@@ -1,44 +1,43 @@
 import logging
 import typing
 
-from autogpt_libs.auth import requires_admin_user
-from autogpt_libs.auth.depends import get_user_id
-from fastapi import APIRouter, Body, Depends
-from prisma import Json
+from autogpt_libs.auth import get_user_id, requires_admin_user
+from fastapi import APIRouter, Body, Security
 from prisma.enums import CreditTransactionType
 
 from backend.data.credit import admin_get_user_history, get_user_credit_model
-from backend.server.v2.admin.model import AddUserCreditsResponse, UserHistoryResponse
+from backend.util.json import SafeJson
+
+from .model import AddUserCreditsResponse, UserHistoryResponse
 
 logger = logging.getLogger(__name__)
 
-_user_credit_model = get_user_credit_model()
-
 
 router = APIRouter(
     prefix="/admin",
     tags=["credits", "admin"],
-    dependencies=[Depends(requires_admin_user)],
+    dependencies=[Security(requires_admin_user)],
 )
 
 
-@router.post("/add_credits", response_model=AddUserCreditsResponse)
+@router.post(
+    "/add_credits", response_model=AddUserCreditsResponse, summary="Add Credits to User"
+)
 async def add_user_credits(
     user_id: typing.Annotated[str, Body()],
     amount: typing.Annotated[int, Body()],
     comments: typing.Annotated[str, Body()],
-    admin_user: typing.Annotated[
-        str,
-        Depends(get_user_id),
-    ],
+    admin_user_id: str = Security(get_user_id),
 ):
-    """ """
-    logger.info(f"Admin user {admin_user} is adding {amount} credits to user {user_id}")
-    new_balance, transaction_key = await _user_credit_model._add_transaction(
+    logger.info(
+        f"Admin user {admin_user_id} is adding {amount} credits to user {user_id}"
+    )
+    user_credit_model = await get_user_credit_model(user_id)
+    new_balance, transaction_key = await user_credit_model._add_transaction(
         user_id,
         amount,
         transaction_type=CreditTransactionType.GRANT,
-        metadata=Json({"admin_id": admin_user, "reason": comments}),
+        metadata=SafeJson({"admin_id": admin_user_id, "reason": comments}),
     )
     return {
         "new_balance": new_balance,
@@ -49,19 +48,17 @@ async def add_user_credits(
 @router.get(
     "/users_history",
     response_model=UserHistoryResponse,
+    summary="Get All Users History",
 )
 async def admin_get_all_user_history(
-    admin_user: typing.Annotated[
-        str,
-        Depends(get_user_id),
-    ],
+    admin_user_id: str = Security(get_user_id),
     search: typing.Optional[str] = None,
     page: int = 1,
     page_size: int = 20,
     transaction_filter: typing.Optional[CreditTransactionType] = None,
 ):
     """ """
-    logger.info(f"Admin user {admin_user} is getting grant history")
+    logger.info(f"Admin user {admin_user_id} is getting grant history")
 
     try:
         resp = await admin_get_user_history(
@@ -70,7 +67,7 @@ async def admin_get_all_user_history(
             search=search,
             transaction_filter=transaction_filter,
         )
-        logger.info(f"Admin user {admin_user} got {len(resp.history)} grant history")
+        logger.info(f"Admin user {admin_user_id} got {len(resp.history)} grant history")
         return resp
     except Exception as e:
         logger.exception(f"Error getting grant history: {e}")

autogpt_platform/backend/backend/api/features/admin/credit_admin_routes_test.py

@@ -1,58 +1,54 @@
 import json
-from unittest.mock import AsyncMock
+from unittest.mock import AsyncMock, Mock
 
-import autogpt_libs.auth
-import autogpt_libs.auth.depends
 import fastapi
 import fastapi.testclient
 import prisma.enums
+import pytest
 import pytest_mock
-from prisma import Json
+from autogpt_libs.auth.jwt_utils import get_jwt_payload
 from pytest_snapshot.plugin import Snapshot
 
-import backend.server.v2.admin.credit_admin_routes as credit_admin_routes
-import backend.server.v2.admin.model as admin_model
 from backend.data.model import UserTransaction
-from backend.server.conftest import ADMIN_USER_ID, TARGET_USER_ID
-from backend.server.model import Pagination
+from backend.util.json import SafeJson
+from backend.util.models import Pagination
+
+from .credit_admin_routes import router as credit_admin_router
+from .model import UserHistoryResponse
 
 app = fastapi.FastAPI()
-app.include_router(credit_admin_routes.router)
+app.include_router(credit_admin_router)
 
 client = fastapi.testclient.TestClient(app)
 
 
-def override_requires_admin_user() -> dict[str, str]:
-    """Override admin user check for testing"""
-    return {"sub": ADMIN_USER_ID, "role": "admin"}
-
-
-def override_get_user_id() -> str:
-    """Override get_user_id for testing"""
-    return ADMIN_USER_ID
-
-
-app.dependency_overrides[autogpt_libs.auth.requires_admin_user] = (
-    override_requires_admin_user
-)
-app.dependency_overrides[autogpt_libs.auth.depends.get_user_id] = override_get_user_id
+@pytest.fixture(autouse=True)
+def setup_app_admin_auth(mock_jwt_admin):
+    """Setup admin auth overrides for all tests in this module"""
+    app.dependency_overrides[get_jwt_payload] = mock_jwt_admin["get_jwt_payload"]
+    yield
+    app.dependency_overrides.clear()
 
 
 def test_add_user_credits_success(
-    mocker: pytest_mock.MockFixture,
+    mocker: pytest_mock.MockerFixture,
     configured_snapshot: Snapshot,
+    admin_user_id: str,
+    target_user_id: str,
 ) -> None:
     """Test successful credit addition by admin"""
     # Mock the credit model
-    mock_credit_model = mocker.patch(
-        "backend.server.v2.admin.credit_admin_routes._user_credit_model"
-    )
+    mock_credit_model = Mock()
     mock_credit_model._add_transaction = AsyncMock(
         return_value=(1500, "transaction-123-uuid")
     )
+    mocker.patch(
+        "backend.api.features.admin.credit_admin_routes.get_user_credit_model",
+        return_value=mock_credit_model,
+    )
 
     request_data = {
-        "user_id": TARGET_USER_ID,
+        "user_id": target_user_id,
         "amount": 500,
         "comments": "Test credit grant for debugging",
     }
@@ -67,13 +63,19 @@ def test_add_user_credits_success(
     # Verify the function was called with correct parameters
     mock_credit_model._add_transaction.assert_called_once()
     call_args = mock_credit_model._add_transaction.call_args
-    assert call_args[0] == (TARGET_USER_ID, 500)
+    assert call_args[0] == (target_user_id, 500)
     assert call_args[1]["transaction_type"] == prisma.enums.CreditTransactionType.GRANT
-    # Check that metadata is a Json object with the expected content
-    assert isinstance(call_args[1]["metadata"], Json)
-    assert call_args[1]["metadata"] == Json(
-        {"admin_id": ADMIN_USER_ID, "reason": "Test credit grant for debugging"}
-    )
+    # Check that metadata is a SafeJson object with the expected content
+    assert isinstance(call_args[1]["metadata"], SafeJson)
+    actual_metadata = call_args[1]["metadata"]
+    expected_data = {
+        "admin_id": admin_user_id,
+        "reason": "Test credit grant for debugging",
+    }
+
+    # SafeJson inherits from Json which stores parsed data in the .data attribute
+    assert actual_metadata.data["admin_id"] == expected_data["admin_id"]
+    assert actual_metadata.data["reason"] == expected_data["reason"]
 
     # Snapshot test the response
     configured_snapshot.assert_match(
@@ -83,17 +85,19 @@ def test_add_user_credits_success(
 
 
 def test_add_user_credits_negative_amount(
-    mocker: pytest_mock.MockFixture,
+    mocker: pytest_mock.MockerFixture,
     snapshot: Snapshot,
 ) -> None:
     """Test credit deduction by admin (negative amount)"""
     # Mock the credit model
-    mock_credit_model = mocker.patch(
-        "backend.server.v2.admin.credit_admin_routes._user_credit_model"
-    )
+    mock_credit_model = Mock()
     mock_credit_model._add_transaction = AsyncMock(
         return_value=(200, "transaction-456-uuid")
     )
+    mocker.patch(
+        "backend.api.features.admin.credit_admin_routes.get_user_credit_model",
+        return_value=mock_credit_model,
+    )
 
     request_data = {
         "user_id": "target-user-id",
@@ -116,12 +120,12 @@ def test_add_user_credits_negative_amount(
 
 
 def test_get_user_history_success(
-    mocker: pytest_mock.MockFixture,
+    mocker: pytest_mock.MockerFixture,
     snapshot: Snapshot,
 ) -> None:
     """Test successful retrieval of user credit history"""
     # Mock the admin_get_user_history function
-    mock_history_response = admin_model.UserHistoryResponse(
+    mock_history_response = UserHistoryResponse(
         history=[
             UserTransaction(
                 user_id="user-1",
@@ -147,7 +151,7 @@ def test_get_user_history_success(
     )
 
     mocker.patch(
-        "backend.server.v2.admin.credit_admin_routes.admin_get_user_history",
+        "backend.api.features.admin.credit_admin_routes.admin_get_user_history",
         return_value=mock_history_response,
     )
 
@@ -167,12 +171,12 @@ def test_get_user_history_success(
 
 
 def test_get_user_history_with_filters(
-    mocker: pytest_mock.MockFixture,
+    mocker: pytest_mock.MockerFixture,
     snapshot: Snapshot,
 ) -> None:
     """Test user credit history with search and filter parameters"""
     # Mock the admin_get_user_history function
-    mock_history_response = admin_model.UserHistoryResponse(
+    mock_history_response = UserHistoryResponse(
         history=[
             UserTransaction(
                 user_id="user-3",
@@ -191,7 +195,7 @@ def test_get_user_history_with_filters(
     )
 
     mock_get_history = mocker.patch(
-        "backend.server.v2.admin.credit_admin_routes.admin_get_user_history",
+        "backend.api.features.admin.credit_admin_routes.admin_get_user_history",
         return_value=mock_history_response,
     )
 
@@ -227,12 +231,12 @@ def test_get_user_history_with_filters(
 
 
 def test_get_user_history_empty_results(
-    mocker: pytest_mock.MockFixture,
+    mocker: pytest_mock.MockerFixture,
     snapshot: Snapshot,
 ) -> None:
     """Test user credit history with no results"""
     # Mock empty history response
-    mock_history_response = admin_model.UserHistoryResponse(
+    mock_history_response = UserHistoryResponse(
         history=[],
         pagination=Pagination(
             total_items=0,
@@ -243,7 +247,7 @@ def test_get_user_history_empty_results(
     )
 
     mocker.patch(
-        "backend.server.v2.admin.credit_admin_routes.admin_get_user_history",
+        "backend.api.features.admin.credit_admin_routes.admin_get_user_history",
         return_value=mock_history_response,
     )
 
@@ -290,18 +294,10 @@ def test_add_credits_invalid_request() -> None:
     assert response.status_code == 422
 
 
-def test_admin_endpoints_require_admin_role(mocker: pytest_mock.MockFixture) -> None:
+def test_admin_endpoints_require_admin_role(mock_jwt_user) -> None:
     """Test that admin endpoints require admin role"""
-    # Clear the admin override to test authorization
-    app.dependency_overrides.clear()
-
-    # Mock requires_admin_user to raise an exception
-    mocker.patch(
-        "autogpt_libs.auth.requires_admin_user",
-        side_effect=fastapi.HTTPException(
-            status_code=403, detail="Admin access required"
-        ),
-    )
+    # Simulate regular non-admin user
+    app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
 
     # Test add_credits endpoint
     response = client.post(
@@ -312,20 +308,8 @@ def test_admin_endpoints_require_admin_role(mocker: pytest_mock.MockFixture) ->
             "comments": "test",
         },
     )
-    assert (
-        response.status_code == 401
-    )  # Auth middleware returns 401 when auth is disabled
+    assert response.status_code == 403
 
     # Test users_history endpoint
     response = client.get("/admin/users_history")
-    assert (
-        response.status_code == 401
-    )  # Auth middleware returns 401 when auth is disabled
-
-    # Restore the override
-    app.dependency_overrides[autogpt_libs.auth.requires_admin_user] = (
-        override_requires_admin_user
-    )
-    app.dependency_overrides[autogpt_libs.auth.depends.get_user_id] = (
-        override_get_user_id
-    )
+    assert response.status_code == 403

autogpt_platform/backend/backend/api/features/admin/execution_analytics_routes.py

@@ -0,0 +1,474 @@
+import asyncio
+import logging
+from datetime import datetime
+from typing import Optional
+
+from autogpt_libs.auth import get_user_id, requires_admin_user
+from fastapi import APIRouter, HTTPException, Security
+from pydantic import BaseModel, Field
+
+from backend.blocks.llm import LlmModel
+from backend.data.analytics import (
+    AccuracyTrendsResponse,
+    get_accuracy_trends_and_alerts,
+)
+from backend.data.execution import (
+    ExecutionStatus,
+    GraphExecutionMeta,
+    get_graph_executions,
+    update_graph_execution_stats,
+)
+from backend.data.model import GraphExecutionStats
+from backend.executor.activity_status_generator import (
+    DEFAULT_SYSTEM_PROMPT,
+    DEFAULT_USER_PROMPT,
+    generate_activity_status_for_execution,
+)
+from backend.executor.manager import get_db_async_client
+from backend.util.settings import Settings
+
+logger = logging.getLogger(__name__)
+
+
+class ExecutionAnalyticsRequest(BaseModel):
+    graph_id: str = Field(..., description="Graph ID to analyze")
+    graph_version: Optional[int] = Field(None, description="Optional graph version")
+    user_id: Optional[str] = Field(None, description="Optional user ID filter")
+    created_after: Optional[datetime] = Field(
+        None, description="Optional created date lower bound"
+    )
+    model_name: str = Field("gpt-4o-mini", description="Model to use for generation")
+    batch_size: int = Field(
+        10, description="Batch size for concurrent processing", le=25, ge=1
+    )
+    system_prompt: Optional[str] = Field(
+        None, description="Custom system prompt (default: built-in prompt)"
+    )
+    user_prompt: Optional[str] = Field(
+        None,
+        description="Custom user prompt with {{GRAPH_NAME}} and {{EXECUTION_DATA}} placeholders (default: built-in prompt)",
+    )
+    skip_existing: bool = Field(
+        True,
+        description="Whether to skip executions that already have activity status and correctness score",
+    )
+
+
+class ExecutionAnalyticsResult(BaseModel):
+    agent_id: str
+    version_id: int
+    user_id: str
+    exec_id: str
+    summary_text: Optional[str]
+    score: Optional[float]
+    status: str  # "success", "failed", "skipped"
+    error_message: Optional[str] = None
+
+
+class ExecutionAnalyticsResponse(BaseModel):
+    total_executions: int
+    processed_executions: int
+    successful_analytics: int
+    failed_analytics: int
+    skipped_executions: int
+    results: list[ExecutionAnalyticsResult]
+
+
+class ModelInfo(BaseModel):
+    value: str
+    label: str
+    provider: str
+
+
+class ExecutionAnalyticsConfig(BaseModel):
+    available_models: list[ModelInfo]
+    default_system_prompt: str
+    default_user_prompt: str
+    recommended_model: str
+
+
+class AccuracyTrendsRequest(BaseModel):
+    graph_id: str = Field(..., description="Graph ID to analyze", min_length=1)
+    user_id: Optional[str] = Field(None, description="Optional user ID filter")
+    days_back: int = Field(30, description="Number of days to look back", ge=7, le=90)
+    drop_threshold: float = Field(
+        10.0, description="Alert threshold percentage", ge=1.0, le=50.0
+    )
+    include_historical: bool = Field(
+        False, description="Include historical data for charts"
+    )
+
+
+router = APIRouter(
+    prefix="/admin",
+    tags=["admin", "execution_analytics"],
+    dependencies=[Security(requires_admin_user)],
+)
+
+
+@router.get(
+    "/execution_analytics/config",
+    response_model=ExecutionAnalyticsConfig,
+    summary="Get Execution Analytics Configuration",
+)
+async def get_execution_analytics_config(
+    admin_user_id: str = Security(get_user_id),
+):
+    """
+    Get the configuration for execution analytics including:
+    - Available AI models with metadata
+    - Default system and user prompts
+    - Recommended model selection
+    """
+    logger.info(f"Admin user {admin_user_id} requesting execution analytics config")
+
+    # Generate model list from LlmModel enum with provider information
+    available_models = []
+
+    # Function to generate friendly display names from model values
+    def generate_model_label(model: LlmModel) -> str:
+        """Generate a user-friendly label from the model enum value."""
+        value = model.value
+
+        # For all models, convert underscores/hyphens to spaces and title case
+        # e.g., "gpt-4-turbo" -> "GPT 4 Turbo", "claude-3-haiku-20240307" -> "Claude 3 Haiku"
+        parts = value.replace("_", "-").split("-")
+
+        # Handle provider prefixes (e.g., "google/", "x-ai/")
+        if "/" in value:
+            _, model_name = value.split("/", 1)
+            parts = model_name.replace("_", "-").split("-")
+
+        # Capitalize and format parts
+        formatted_parts = []
+        for part in parts:
+            # Skip date-like patterns - check for various date formats:
+            # - Long dates like "20240307" (8 digits)
+            # - Year components like "2024", "2025" (4 digit years >= 2020)
+            # - Month/day components like "04", "16" when they appear to be dates
+            if part.isdigit():
+                if len(part) >= 8:  # Long date format like "20240307"
+                    continue
+                elif len(part) == 4 and int(part) >= 2020:  # Year like "2024", "2025"
+                    continue
+                elif len(part) <= 2 and int(part) <= 31:  # Month/day like "04", "16"
+                    # Skip if this looks like a date component (basic heuristic)
+                    continue
+            # Keep version numbers as-is
+            if part.replace(".", "").isdigit():
+                formatted_parts.append(part)
+            # Capitalize normal words
+            else:
+                formatted_parts.append(
+                    part.upper()
+                    if part.upper() in ["GPT", "LLM", "API", "V0"]
+                    else part.capitalize()
+                )
+
+        model_name = " ".join(formatted_parts)
+
+        # Format provider name for better display
+        provider_name = model.provider.replace("_", " ").title()
+
+        # Return with provider prefix for clarity
+        return f"{provider_name}: {model_name}"
+
+    # Include all LlmModel values (no more filtering by hardcoded list)
+    recommended_model = LlmModel.GPT4O_MINI.value
+    for model in LlmModel:
+        label = generate_model_label(model)
+        # Add "(Recommended)" suffix to the recommended model
+        if model.value == recommended_model:
+            label += " (Recommended)"
+
+        available_models.append(
+            ModelInfo(
+                value=model.value,
+                label=label,
+                provider=model.provider,
+            )
+        )
+
+    # Sort models by provider and name for better UX
+    available_models.sort(key=lambda x: (x.provider, x.label))
+
+    return ExecutionAnalyticsConfig(
+        available_models=available_models,
+        default_system_prompt=DEFAULT_SYSTEM_PROMPT,
+        default_user_prompt=DEFAULT_USER_PROMPT,
+        recommended_model=recommended_model,
+    )
+
+
+@router.post(
+    "/execution_analytics",
+    response_model=ExecutionAnalyticsResponse,
+    summary="Generate Execution Analytics",
+)
+async def generate_execution_analytics(
+    request: ExecutionAnalyticsRequest,
+    admin_user_id: str = Security(get_user_id),
+):
+    """
+    Generate activity summaries and correctness scores for graph executions.
+
+    This endpoint:
+    1. Fetches all completed executions matching the criteria
+    2. Identifies executions missing activity_status or correctness_score
+    3. Generates missing data using AI in batches
+    4. Updates the database with new stats
+    5. Returns a detailed report of the analytics operation
+    """
+    logger.info(
+        f"Admin user {admin_user_id} starting execution analytics generation for graph {request.graph_id}"
+    )
+
+    try:
+        # Validate model configuration
+        settings = Settings()
+        if not settings.secrets.openai_internal_api_key:
+            raise HTTPException(status_code=500, detail="OpenAI API key not configured")
+
+        # Get database client
+        db_client = get_db_async_client()
+
+        # Fetch executions to process
+        executions = await get_graph_executions(
+            graph_id=request.graph_id,
+            graph_version=request.graph_version,
+            user_id=request.user_id,
+            created_time_gte=request.created_after,
+            statuses=[
+                ExecutionStatus.COMPLETED,
+                ExecutionStatus.FAILED,
+                ExecutionStatus.TERMINATED,
+            ],  # Only process finished executions
+        )
+
+        logger.info(
+            f"Found {len(executions)} total executions for graph {request.graph_id}"
+        )
+
+        # Filter executions that need analytics generation
+        executions_to_process = []
+        for execution in executions:
+            # Skip if we should skip existing analytics and both activity_status and correctness_score exist
+            if (
+                request.skip_existing
+                and execution.stats
+                and execution.stats.activity_status
+                and execution.stats.correctness_score is not None
+            ):
+                continue
+
+            # Add execution to processing list
+            executions_to_process.append(execution)
+
+        logger.info(
+            f"Found {len(executions_to_process)} executions needing analytics generation"
+        )
+
+        # Create results for ALL executions - processed and skipped
+        results = []
+        successful_count = 0
+        failed_count = 0
+
+        # Process executions that need analytics generation
+        if executions_to_process:
+            total_batches = len(
+                range(0, len(executions_to_process), request.batch_size)
+            )
+
+            for batch_idx, i in enumerate(
+                range(0, len(executions_to_process), request.batch_size)
+            ):
+                batch = executions_to_process[i : i + request.batch_size]
+                logger.info(
+                    f"Processing batch {batch_idx + 1}/{total_batches} with {len(batch)} executions"
+                )
+
+                batch_results = await _process_batch(batch, request, db_client)
+
+                for result in batch_results:
+                    results.append(result)
+                    if result.status == "success":
+                        successful_count += 1
+                    elif result.status == "failed":
+                        failed_count += 1
+
+                # Small delay between batches to avoid overwhelming the LLM API
+                if batch_idx < total_batches - 1:  # Don't delay after the last batch
+                    await asyncio.sleep(2)
+
+        # Add ALL executions to results (both processed and skipped)
+        for execution in executions:
+            # Skip if already processed (added to results above)
+            if execution in executions_to_process:
+                continue
+
+            results.append(
+                ExecutionAnalyticsResult(
+                    agent_id=execution.graph_id,
+                    version_id=execution.graph_version,
+                    user_id=execution.user_id,
+                    exec_id=execution.id,
+                    summary_text=(
+                        execution.stats.activity_status if execution.stats else None
+                    ),
+                    score=(
+                        execution.stats.correctness_score if execution.stats else None
+                    ),
+                    status="skipped",
+                    error_message=None,  # Not an error - just already processed
+                )
+            )
+
+        response = ExecutionAnalyticsResponse(
+            total_executions=len(executions),
+            processed_executions=len(executions_to_process),
+            successful_analytics=successful_count,
+            failed_analytics=failed_count,
+            skipped_executions=len(executions) - len(executions_to_process),
+            results=results,
+        )
+
+        logger.info(
+            f"Analytics generation completed: {successful_count} successful, {failed_count} failed, "
+            f"{response.skipped_executions} skipped"
+        )
+
+        return response
+
+    except Exception as e:
+        logger.exception(f"Error during execution analytics generation: {e}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+async def _process_batch(
+    executions, request: ExecutionAnalyticsRequest, db_client
+) -> list[ExecutionAnalyticsResult]:
+    """Process a batch of executions concurrently."""
+
+    async def process_single_execution(execution) -> ExecutionAnalyticsResult:
+        try:
+            # Generate activity status and score using the specified model
+            # Convert stats to GraphExecutionStats if needed
+            if execution.stats:
+                if isinstance(execution.stats, GraphExecutionMeta.Stats):
+                    stats_for_generation = execution.stats.to_db()
+                else:
+                    # Already GraphExecutionStats
+                    stats_for_generation = execution.stats
+            else:
+                stats_for_generation = GraphExecutionStats()
+
+            activity_response = await generate_activity_status_for_execution(
+                graph_exec_id=execution.id,
+                graph_id=execution.graph_id,
+                graph_version=execution.graph_version,
+                execution_stats=stats_for_generation,
+                db_client=db_client,
+                user_id=execution.user_id,
+                execution_status=execution.status,
+                model_name=request.model_name,
+                skip_feature_flag=True,  # Admin endpoint bypasses feature flags
+                system_prompt=request.system_prompt or DEFAULT_SYSTEM_PROMPT,
+                user_prompt=request.user_prompt or DEFAULT_USER_PROMPT,
+                skip_existing=request.skip_existing,
+            )
+
+            if not activity_response:
+                return ExecutionAnalyticsResult(
+                    agent_id=execution.graph_id,
+                    version_id=execution.graph_version,
+                    user_id=execution.user_id,
+                    exec_id=execution.id,
+                    summary_text=None,
+                    score=None,
+                    status="skipped",
+                    error_message="Activity generation returned None",
+                )
+
+            # Update the execution stats
+            # Convert GraphExecutionMeta.Stats to GraphExecutionStats for DB compatibility
+            if execution.stats:
+                if isinstance(execution.stats, GraphExecutionMeta.Stats):
+                    updated_stats = execution.stats.to_db()
+                else:
+                    # Already GraphExecutionStats
+                    updated_stats = execution.stats
+            else:
+                updated_stats = GraphExecutionStats()
+
+            updated_stats.activity_status = activity_response["activity_status"]
+            updated_stats.correctness_score = activity_response["correctness_score"]
+
+            # Save to database with correct stats type
+            await update_graph_execution_stats(
+                graph_exec_id=execution.id, stats=updated_stats
+            )
+
+            return ExecutionAnalyticsResult(
+                agent_id=execution.graph_id,
+                version_id=execution.graph_version,
+                user_id=execution.user_id,
+                exec_id=execution.id,
+                summary_text=activity_response["activity_status"],
+                score=activity_response["correctness_score"],
+                status="success",
+            )
+
+        except Exception as e:
+            logger.exception(f"Error processing execution {execution.id}: {e}")
+            return ExecutionAnalyticsResult(
+                agent_id=execution.graph_id,
+                version_id=execution.graph_version,
+                user_id=execution.user_id,
+                exec_id=execution.id,
+                summary_text=None,
+                score=None,
+                status="failed",
+                error_message=str(e),
+            )
+
+    # Process all executions in the batch concurrently
+    return await asyncio.gather(
+        *[process_single_execution(execution) for execution in executions]
+    )
+
+
+@router.get(
+    "/execution_accuracy_trends",
+    response_model=AccuracyTrendsResponse,
+    summary="Get Execution Accuracy Trends and Alerts",
+)
+async def get_execution_accuracy_trends(
+    graph_id: str,
+    user_id: Optional[str] = None,
+    days_back: int = 30,
+    drop_threshold: float = 10.0,
+    include_historical: bool = False,
+    admin_user_id: str = Security(get_user_id),
+) -> AccuracyTrendsResponse:
+    """
+    Get execution accuracy trends with moving averages and alert detection.
+    Simple single-query approach.
+    """
+    logger.info(
+        f"Admin user {admin_user_id} requesting accuracy trends for graph {graph_id}"
+    )
+
+    try:
+        result = await get_accuracy_trends_and_alerts(
+            graph_id=graph_id,
+            days_back=days_back,
+            user_id=user_id,
+            drop_threshold=drop_threshold,
+            include_historical=include_historical,
+        )
+
+        return result
+
+    except Exception as e:
+        logger.exception(f"Error getting accuracy trends for graph {graph_id}: {e}")
+        raise HTTPException(status_code=500, detail=str(e))

autogpt_platform/backend/backend/api/features/admin/model.py

@@ -1,7 +1,7 @@
 from pydantic import BaseModel
 
 from backend.data.model import UserTransaction
-from backend.server.model import Pagination
+from backend.util.models import Pagination
 
 
 class UserHistoryResponse(BaseModel):

autogpt_platform/backend/backend/api/features/admin/store_admin_routes.py

@@ -2,25 +2,29 @@ import logging
 import tempfile
 import typing
 
-import autogpt_libs.auth.depends
+import autogpt_libs.auth
 import fastapi
 import fastapi.responses
 import prisma.enums
 
-import backend.server.v2.store.db
-import backend.server.v2.store.exceptions
-import backend.server.v2.store.model
+import backend.api.features.store.cache as store_cache
+import backend.api.features.store.db as store_db
+import backend.api.features.store.model as store_model
 import backend.util.json
 
 logger = logging.getLogger(__name__)
 
-router = fastapi.APIRouter(prefix="/admin", tags=["store", "admin"])
+router = fastapi.APIRouter(
+    prefix="/admin",
+    tags=["store", "admin"],
+    dependencies=[fastapi.Security(autogpt_libs.auth.requires_admin_user)],
+)
 
 
 @router.get(
     "/listings",
-    response_model=backend.server.v2.store.model.StoreListingsWithVersionsResponse,
-    dependencies=[fastapi.Depends(autogpt_libs.auth.depends.requires_admin_user)],
+    summary="Get Admin Listings History",
+    response_model=store_model.StoreListingsWithVersionsResponse,
 )
 async def get_admin_listings_with_versions(
     status: typing.Optional[prisma.enums.SubmissionStatus] = None,
@@ -44,7 +48,7 @@ async def get_admin_listings_with_versions(
         StoreListingsWithVersionsResponse with listings and their versions
     """
     try:
-        listings = await backend.server.v2.store.db.get_admin_listings_with_versions(
+        listings = await store_db.get_admin_listings_with_versions(
             status=status,
             search_query=search,
             page=page,
@@ -63,16 +67,13 @@ async def get_admin_listings_with_versions(
 
 @router.post(
     "/submissions/{store_listing_version_id}/review",
-    response_model=backend.server.v2.store.model.StoreSubmission,
-    dependencies=[fastapi.Depends(autogpt_libs.auth.depends.requires_admin_user)],
+    summary="Review Store Submission",
+    response_model=store_model.StoreSubmission,
 )
 async def review_submission(
     store_listing_version_id: str,
-    request: backend.server.v2.store.model.ReviewSubmissionRequest,
-    user: typing.Annotated[
-        autogpt_libs.auth.models.User,
-        fastapi.Depends(autogpt_libs.auth.depends.requires_admin_user),
-    ],
+    request: store_model.ReviewSubmissionRequest,
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
 ):
     """
     Review a store listing submission.
@@ -80,19 +81,27 @@ async def review_submission(
     Args:
         store_listing_version_id: ID of the submission to review
         request: Review details including approval status and comments
-        user: Authenticated admin user performing the review
+        user_id: Authenticated admin user performing the review
 
     Returns:
         StoreSubmission with updated review information
     """
     try:
-        submission = await backend.server.v2.store.db.review_store_submission(
+        already_approved = await store_db.check_submission_already_approved(
+            store_listing_version_id=store_listing_version_id,
+        )
+        submission = await store_db.review_store_submission(
             store_listing_version_id=store_listing_version_id,
             is_approved=request.is_approved,
             external_comments=request.comments,
             internal_comments=request.internal_comments or "",
-            reviewer_id=user.user_id,
+            reviewer_id=user_id,
         )
+
+        state_changed = already_approved != request.is_approved
+        # Clear caches when the request is approved as it updates what is shown on the store
+        if state_changed:
+            store_cache.clear_all_caches()
         return submission
     except Exception as e:
         logger.exception("Error reviewing submission: %s", e)
@@ -104,14 +113,11 @@ async def review_submission(
 
 @router.get(
     "/submissions/download/{store_listing_version_id}",
+    summary="Admin Download Agent File",
     tags=["store", "admin"],
-    dependencies=[fastapi.Depends(autogpt_libs.auth.depends.requires_admin_user)],
 )
 async def admin_download_agent_file(
-    user: typing.Annotated[
-        autogpt_libs.auth.models.User,
-        fastapi.Depends(autogpt_libs.auth.depends.requires_admin_user),
-    ],
+    user_id: str = fastapi.Security(autogpt_libs.auth.get_user_id),
     store_listing_version_id: str = fastapi.Path(
         ..., description="The ID of the agent to download"
     ),
@@ -128,8 +134,8 @@ async def admin_download_agent_file(
     Raises:
         HTTPException: If the agent is not found or an unexpected error occurs.
     """
-    graph_data = await backend.server.v2.store.db.get_agent(
-        user_id=user.user_id,
+    graph_data = await store_db.get_agent_as_admin(
+        user_id=user_id,
         store_listing_version_id=store_listing_version_id,
     )
     file_name = f"agent_{graph_data.id}_v{graph_data.version or 'latest'}.json"

autogpt_platform/backend/backend/api/features/analytics.py

@@ -4,32 +4,38 @@ import logging
 from typing import Annotated
 
 import fastapi
+import pydantic
+from autogpt_libs.auth import get_user_id
+from autogpt_libs.auth.dependencies import requires_user
 
 import backend.data.analytics
-from backend.server.utils import get_user_id
 
-router = fastapi.APIRouter()
+router = fastapi.APIRouter(dependencies=[fastapi.Security(requires_user)])
 logger = logging.getLogger(__name__)
 
 
+class LogRawMetricRequest(pydantic.BaseModel):
+    metric_name: str = pydantic.Field(..., min_length=1)
+    metric_value: float = pydantic.Field(..., allow_inf_nan=False)
+    data_string: str = pydantic.Field(..., min_length=1)
+
+
 @router.post(path="/log_raw_metric")
 async def log_raw_metric(
-    user_id: Annotated[str, fastapi.Depends(get_user_id)],
-    metric_name: Annotated[str, fastapi.Body(..., embed=True)],
-    metric_value: Annotated[float, fastapi.Body(..., embed=True)],
-    data_string: Annotated[str, fastapi.Body(..., embed=True)],
+    user_id: Annotated[str, fastapi.Security(get_user_id)],
+    request: LogRawMetricRequest,
 ):
     try:
         result = await backend.data.analytics.log_raw_metric(
             user_id=user_id,
-            metric_name=metric_name,
-            metric_value=metric_value,
-            data_string=data_string,
+            metric_name=request.metric_name,
+            metric_value=request.metric_value,
+            data_string=request.data_string,
         )
         return result.id
     except Exception as e:
         logger.exception(
-            "Failed to log metric %s for user %s: %s", metric_name, user_id, e
+            "Failed to log metric %s for user %s: %s", request.metric_name, user_id, e
         )
         raise fastapi.HTTPException(
             status_code=500,
@@ -42,7 +48,7 @@ async def log_raw_metric(
 
 @router.post("/log_raw_analytics")
 async def log_raw_analytics(
-    user_id: Annotated[str, fastapi.Depends(get_user_id)],
+    user_id: Annotated[str, fastapi.Security(get_user_id)],
     type: Annotated[str, fastapi.Body(..., embed=True)],
     data: Annotated[
         dict,

autogpt_platform/backend/backend/api/features/analytics_test.py

@@ -0,0 +1,340 @@
+"""Tests for analytics API endpoints."""
+
+import json
+from unittest.mock import AsyncMock, Mock
+
+import fastapi
+import fastapi.testclient
+import pytest
+import pytest_mock
+from pytest_snapshot.plugin import Snapshot
+
+from .analytics import router as analytics_router
+
+app = fastapi.FastAPI()
+app.include_router(analytics_router)
+
+client = fastapi.testclient.TestClient(app)
+
+
+@pytest.fixture(autouse=True)
+def setup_app_auth(mock_jwt_user):
+    """Setup auth overrides for all tests in this module."""
+    from autogpt_libs.auth.jwt_utils import get_jwt_payload
+
+    app.dependency_overrides[get_jwt_payload] = mock_jwt_user["get_jwt_payload"]
+    yield
+    app.dependency_overrides.clear()
+
+
+# =============================================================================
+# /log_raw_metric endpoint tests
+# =============================================================================
+
+
+def test_log_raw_metric_success(
+    mocker: pytest_mock.MockFixture,
+    configured_snapshot: Snapshot,
+    test_user_id: str,
+) -> None:
+    """Test successful raw metric logging."""
+    mock_result = Mock(id="metric-123-uuid")
+    mock_log_metric = mocker.patch(
+        "backend.data.analytics.log_raw_metric",
+        new_callable=AsyncMock,
+        return_value=mock_result,
+    )
+
+    request_data = {
+        "metric_name": "page_load_time",
+        "metric_value": 2.5,
+        "data_string": "/dashboard",
+    }
+
+    response = client.post("/log_raw_metric", json=request_data)
+
+    assert response.status_code == 200, f"Unexpected response: {response.text}"
+    assert response.json() == "metric-123-uuid"
+
+    mock_log_metric.assert_called_once_with(
+        user_id=test_user_id,
+        metric_name="page_load_time",
+        metric_value=2.5,
+        data_string="/dashboard",
+    )
+
+    configured_snapshot.assert_match(
+        json.dumps({"metric_id": response.json()}, indent=2, sort_keys=True),
+        "analytics_log_metric_success",
+    )
+
+
+@pytest.mark.parametrize(
+    "metric_value,metric_name,data_string,test_id",
+    [
+        (100, "api_calls_count", "external_api", "integer_value"),
+        (0, "error_count", "no_errors", "zero_value"),
+        (-5.2, "temperature_delta", "cooling", "negative_value"),
+        (1.23456789, "precision_test", "float_precision", "float_precision"),
+        (999999999, "large_number", "max_value", "large_number"),
+        (0.0000001, "tiny_number", "min_value", "tiny_number"),
+    ],
+)
+def test_log_raw_metric_various_values(
+    mocker: pytest_mock.MockFixture,
+    configured_snapshot: Snapshot,
+    metric_value: float,
+    metric_name: str,
+    data_string: str,
+    test_id: str,
+) -> None:
+    """Test raw metric logging with various metric values."""
+    mock_result = Mock(id=f"metric-{test_id}-uuid")
+    mocker.patch(
+        "backend.data.analytics.log_raw_metric",
+        new_callable=AsyncMock,
+        return_value=mock_result,
+    )
+
+    request_data = {
+        "metric_name": metric_name,
+        "metric_value": metric_value,
+        "data_string": data_string,
+    }
+
+    response = client.post("/log_raw_metric", json=request_data)
+
+    assert response.status_code == 200, f"Failed for {test_id}: {response.text}"
+
+    configured_snapshot.assert_match(
+        json.dumps(
+            {"metric_id": response.json(), "test_case": test_id},
+            indent=2,
+            sort_keys=True,
+        ),
+        f"analytics_metric_{test_id}",
+    )
+
+
+@pytest.mark.parametrize(
+    "invalid_data,expected_error",
+    [
+        ({}, "Field required"),
+        ({"metric_name": "test"}, "Field required"),
+        (
+            {"metric_name": "test", "metric_value": "not_a_number", "data_string": "x"},
+            "Input should be a valid number",
+        ),
+        (
+            {"metric_name": "", "metric_value": 1.0, "data_string": "test"},
+            "String should have at least 1 character",
+        ),
+        (
+            {"metric_name": "test", "metric_value": 1.0, "data_string": ""},
+            "String should have at least 1 character",
+        ),
+    ],
+    ids=[
+        "empty_request",
+        "missing_metric_value_and_data_string",
+        "invalid_metric_value_type",
+        "empty_metric_name",
+        "empty_data_string",
+    ],
+)
+def test_log_raw_metric_validation_errors(
+    invalid_data: dict,
+    expected_error: str,
+) -> None:
+    """Test validation errors for invalid metric requests."""
+    response = client.post("/log_raw_metric", json=invalid_data)
+
+    assert response.status_code == 422
+    error_detail = response.json()
+    assert "detail" in error_detail, f"Missing 'detail' in error: {error_detail}"
+
+    error_text = json.dumps(error_detail)
+    assert (
+        expected_error in error_text
+    ), f"Expected '{expected_error}' in error response: {error_text}"
+
+
+def test_log_raw_metric_service_error(
+    mocker: pytest_mock.MockFixture,
+    test_user_id: str,
+) -> None:
+    """Test error handling when analytics service fails."""
+    mocker.patch(
+        "backend.data.analytics.log_raw_metric",
+        new_callable=AsyncMock,
+        side_effect=Exception("Database connection failed"),
+    )
+
+    request_data = {
+        "metric_name": "test_metric",
+        "metric_value": 1.0,
+        "data_string": "test",
+    }
+
+    response = client.post("/log_raw_metric", json=request_data)
+
+    assert response.status_code == 500
+    error_detail = response.json()["detail"]
+    assert "Database connection failed" in error_detail["message"]
+    assert "hint" in error_detail
+
+
+# =============================================================================
+# /log_raw_analytics endpoint tests
+# =============================================================================
+
+
+def test_log_raw_analytics_success(
+    mocker: pytest_mock.MockFixture,
+    configured_snapshot: Snapshot,
+    test_user_id: str,
+) -> None:
+    """Test successful raw analytics logging."""
+    mock_result = Mock(id="analytics-789-uuid")
+    mock_log_analytics = mocker.patch(
+        "backend.data.analytics.log_raw_analytics",
+        new_callable=AsyncMock,
+        return_value=mock_result,
+    )
+
+    request_data = {
+        "type": "user_action",
+        "data": {
+            "action": "button_click",
+            "button_id": "submit_form",
+            "timestamp": "2023-01-01T00:00:00Z",
+            "metadata": {"form_type": "registration", "fields_filled": 5},
+        },
+        "data_index": "button_click_submit_form",
+    }
+
+    response = client.post("/log_raw_analytics", json=request_data)
+
+    assert response.status_code == 200, f"Unexpected response: {response.text}"
+    assert response.json() == "analytics-789-uuid"
+
+    mock_log_analytics.assert_called_once_with(
+        test_user_id,
+        "user_action",
+        request_data["data"],
+        "button_click_submit_form",
+    )
+
+    configured_snapshot.assert_match(
+        json.dumps({"analytics_id": response.json()}, indent=2, sort_keys=True),
+        "analytics_log_analytics_success",
+    )
+
+
+def test_log_raw_analytics_complex_data(
+    mocker: pytest_mock.MockFixture,
+    configured_snapshot: Snapshot,
+) -> None:
+    """Test raw analytics logging with complex nested data structures."""
+    mock_result = Mock(id="analytics-complex-uuid")
+    mocker.patch(
+        "backend.data.analytics.log_raw_analytics",
+        new_callable=AsyncMock,
+        return_value=mock_result,
+    )
+
+    request_data = {
+        "type": "agent_execution",
+        "data": {
+            "agent_id": "agent_123",
+            "execution_id": "exec_456",
+            "status": "completed",
+            "duration_ms": 3500,
+            "nodes_executed": 15,
+            "blocks_used": [
+                {"block_id": "llm_block", "count": 3},
+                {"block_id": "http_block", "count": 5},
+                {"block_id": "code_block", "count": 2},
+            ],
+            "errors": [],
+            "metadata": {
+                "trigger": "manual",
+                "user_tier": "premium",
+                "environment": "production",
+            },
+        },
+        "data_index": "agent_123_exec_456",
+    }
+
+    response = client.post("/log_raw_analytics", json=request_data)
+
+    assert response.status_code == 200
+
+    configured_snapshot.assert_match(
+        json.dumps(
+            {"analytics_id": response.json(), "logged_data": request_data["data"]},
+            indent=2,
+            sort_keys=True,
+        ),
+        "analytics_log_analytics_complex_data",
+    )
+
+
+@pytest.mark.parametrize(
+    "invalid_data,expected_error",
+    [
+        ({}, "Field required"),
+        ({"type": "test"}, "Field required"),
+        (
+            {"type": "test", "data": "not_a_dict", "data_index": "test"},
+            "Input should be a valid dictionary",
+        ),
+        ({"type": "test", "data": {"key": "value"}}, "Field required"),
+    ],
+    ids=[
+        "empty_request",
+        "missing_data_and_data_index",
+        "invalid_data_type",
+        "missing_data_index",
+    ],
+)
+def test_log_raw_analytics_validation_errors(
+    invalid_data: dict,
+    expected_error: str,
+) -> None:
+    """Test validation errors for invalid analytics requests."""
+    response = client.post("/log_raw_analytics", json=invalid_data)
+
+    assert response.status_code == 422
+    error_detail = response.json()
+    assert "detail" in error_detail, f"Missing 'detail' in error: {error_detail}"
+
+    error_text = json.dumps(error_detail)
+    assert (
+        expected_error in error_text
+    ), f"Expected '{expected_error}' in error response: {error_text}"
+
+
+def test_log_raw_analytics_service_error(
+    mocker: pytest_mock.MockFixture,
+    test_user_id: str,
+) -> None:
+    """Test error handling when analytics service fails."""
+    mocker.patch(
+        "backend.data.analytics.log_raw_analytics",
+        new_callable=AsyncMock,
+        side_effect=Exception("Analytics DB unreachable"),
+    )
+
+    request_data = {
+        "type": "test_event",
+        "data": {"key": "value"},
+        "data_index": "test_index",
+    }
+
+    response = client.post("/log_raw_analytics", json=request_data)
+
+    assert response.status_code == 500
+    error_detail = response.json()["detail"]
+    assert "Analytics DB unreachable" in error_detail["message"]
+    assert "hint" in error_detail

autogpt_platform/backend/backend/api/features/builder/db.py

@@ -0,0 +1,689 @@
+import logging
+from dataclasses import dataclass
+from datetime import datetime, timedelta, timezone
+from difflib import SequenceMatcher
+from typing import Sequence
+
+import prisma
+
+import backend.api.features.library.db as library_db
+import backend.api.features.library.model as library_model
+import backend.api.features.store.db as store_db
+import backend.api.features.store.model as store_model
+import backend.data.block
+from backend.blocks import load_all_blocks
+from backend.blocks.llm import LlmModel
+from backend.data.block import AnyBlockSchema, BlockCategory, BlockInfo, BlockSchema
+from backend.data.db import query_raw_with_schema
+from backend.integrations.providers import ProviderName
+from backend.util.cache import cached
+from backend.util.models import Pagination
+
+from .model import (
+    BlockCategoryResponse,
+    BlockResponse,
+    BlockType,
+    CountResponse,
+    FilterType,
+    Provider,
+    ProviderResponse,
+    SearchEntry,
+)
+
+logger = logging.getLogger(__name__)
+llm_models = [name.name.lower().replace("_", " ") for name in LlmModel]
+
+MAX_LIBRARY_AGENT_RESULTS = 100
+MAX_MARKETPLACE_AGENT_RESULTS = 100
+MIN_SCORE_FOR_FILTERED_RESULTS = 10.0
+
+SearchResultItem = BlockInfo | library_model.LibraryAgent | store_model.StoreAgent
+
+
+@dataclass
+class _ScoredItem:
+    item: SearchResultItem
+    filter_type: FilterType
+    score: float
+    sort_key: str
+
+
+@dataclass
+class _SearchCacheEntry:
+    items: list[SearchResultItem]
+    total_items: dict[FilterType, int]
+
+
+def get_block_categories(category_blocks: int = 3) -> list[BlockCategoryResponse]:
+    categories: dict[BlockCategory, BlockCategoryResponse] = {}
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        # Skip disabled blocks
+        if block.disabled:
+            continue
+        # Skip blocks that don't have categories (all should have at least one)
+        if not block.categories:
+            continue
+
+        # Add block to the categories
+        for category in block.categories:
+            if category not in categories:
+                categories[category] = BlockCategoryResponse(
+                    name=category.name.lower(),
+                    total_blocks=0,
+                    blocks=[],
+                )
+
+            categories[category].total_blocks += 1
+
+            # Append if the category has less than the specified number of blocks
+            if len(categories[category].blocks) < category_blocks:
+                categories[category].blocks.append(block.get_info())
+
+    # Sort categories by name
+    return sorted(categories.values(), key=lambda x: x.name)
+
+
+def get_blocks(
+    *,
+    category: str | None = None,
+    type: BlockType | None = None,
+    provider: ProviderName | None = None,
+    page: int = 1,
+    page_size: int = 50,
+) -> BlockResponse:
+    """
+    Get blocks based on either category, type or provider.
+    Providing nothing fetches all block types.
+    """
+    # Only one of category, type, or provider can be specified
+    if (category and type) or (category and provider) or (type and provider):
+        raise ValueError("Only one of category, type, or provider can be specified")
+
+    blocks: list[AnyBlockSchema] = []
+    skip = (page - 1) * page_size
+    take = page_size
+    total = 0
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        # Skip disabled blocks
+        if block.disabled:
+            continue
+        # Skip blocks that don't match the category
+        if category and category not in {c.name.lower() for c in block.categories}:
+            continue
+        # Skip blocks that don't match the type
+        if (
+            (type == "input" and block.block_type.value != "Input")
+            or (type == "output" and block.block_type.value != "Output")
+            or (type == "action" and block.block_type.value in ("Input", "Output"))
+        ):
+            continue
+        # Skip blocks that don't match the provider
+        if provider:
+            credentials_info = block.input_schema.get_credentials_fields_info().values()
+            if not any(provider in info.provider for info in credentials_info):
+                continue
+
+        total += 1
+        if skip > 0:
+            skip -= 1
+            continue
+        if take > 0:
+            take -= 1
+            blocks.append(block)
+
+    return BlockResponse(
+        blocks=[b.get_info() for b in blocks],
+        pagination=Pagination(
+            total_items=total,
+            total_pages=(total + page_size - 1) // page_size,
+            current_page=page,
+            page_size=page_size,
+        ),
+    )
+
+
+def get_block_by_id(block_id: str) -> BlockInfo | None:
+    """
+    Get a specific block by its ID.
+    """
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        if block.id == block_id:
+            return block.get_info()
+    return None
+
+
+async def update_search(user_id: str, search: SearchEntry) -> str:
+    """
+    Upsert a search request for the user and return the search ID.
+    """
+    if search.search_id:
+        # Update existing search
+        await prisma.models.BuilderSearchHistory.prisma().update(
+            where={
+                "id": search.search_id,
+            },
+            data={
+                "searchQuery": search.search_query or "",
+                "filter": search.filter or [],  # type: ignore
+                "byCreator": search.by_creator or [],
+            },
+        )
+        return search.search_id
+    else:
+        # Create new search
+        new_search = await prisma.models.BuilderSearchHistory.prisma().create(
+            data={
+                "userId": user_id,
+                "searchQuery": search.search_query or "",
+                "filter": search.filter or [],  # type: ignore
+                "byCreator": search.by_creator or [],
+            }
+        )
+        return new_search.id
+
+
+async def get_recent_searches(user_id: str, limit: int = 5) -> list[SearchEntry]:
+    """
+    Get the user's most recent search requests.
+    """
+    searches = await prisma.models.BuilderSearchHistory.prisma().find_many(
+        where={
+            "userId": user_id,
+        },
+        order={
+            "updatedAt": "desc",
+        },
+        take=limit,
+    )
+    return [
+        SearchEntry(
+            search_query=s.searchQuery,
+            filter=s.filter,  # type: ignore
+            by_creator=s.byCreator,
+            search_id=s.id,
+        )
+        for s in searches
+    ]
+
+
+async def get_sorted_search_results(
+    *,
+    user_id: str,
+    search_query: str | None,
+    filters: Sequence[FilterType],
+    by_creator: Sequence[str] | None = None,
+) -> _SearchCacheEntry:
+    normalized_filters: tuple[FilterType, ...] = tuple(sorted(set(filters or [])))
+    normalized_creators: tuple[str, ...] = tuple(sorted(set(by_creator or [])))
+    return await _build_cached_search_results(
+        user_id=user_id,
+        search_query=search_query or "",
+        filters=normalized_filters,
+        by_creator=normalized_creators,
+    )
+
+
+@cached(ttl_seconds=300, shared_cache=True)
+async def _build_cached_search_results(
+    user_id: str,
+    search_query: str,
+    filters: tuple[FilterType, ...],
+    by_creator: tuple[str, ...],
+) -> _SearchCacheEntry:
+    normalized_query = (search_query or "").strip().lower()
+
+    include_blocks = "blocks" in filters
+    include_integrations = "integrations" in filters
+    include_library_agents = "my_agents" in filters
+    include_marketplace_agents = "marketplace_agents" in filters
+
+    scored_items: list[_ScoredItem] = []
+    total_items: dict[FilterType, int] = {
+        "blocks": 0,
+        "integrations": 0,
+        "marketplace_agents": 0,
+        "my_agents": 0,
+    }
+
+    block_results, block_total, integration_total = _collect_block_results(
+        normalized_query=normalized_query,
+        include_blocks=include_blocks,
+        include_integrations=include_integrations,
+    )
+    scored_items.extend(block_results)
+    total_items["blocks"] = block_total
+    total_items["integrations"] = integration_total
+
+    if include_library_agents:
+        library_response = await library_db.list_library_agents(
+            user_id=user_id,
+            search_term=search_query or None,
+            page=1,
+            page_size=MAX_LIBRARY_AGENT_RESULTS,
+        )
+        total_items["my_agents"] = library_response.pagination.total_items
+        scored_items.extend(
+            _build_library_items(
+                agents=library_response.agents,
+                normalized_query=normalized_query,
+            )
+        )
+
+    if include_marketplace_agents:
+        marketplace_response = await store_db.get_store_agents(
+            creators=list(by_creator) or None,
+            search_query=search_query or None,
+            page=1,
+            page_size=MAX_MARKETPLACE_AGENT_RESULTS,
+        )
+        total_items["marketplace_agents"] = marketplace_response.pagination.total_items
+        scored_items.extend(
+            _build_marketplace_items(
+                agents=marketplace_response.agents,
+                normalized_query=normalized_query,
+            )
+        )
+
+    sorted_items = sorted(
+        scored_items,
+        key=lambda entry: (-entry.score, entry.sort_key, entry.filter_type),
+    )
+
+    return _SearchCacheEntry(
+        items=[entry.item for entry in sorted_items],
+        total_items=total_items,
+    )
+
+
+def _collect_block_results(
+    *,
+    normalized_query: str,
+    include_blocks: bool,
+    include_integrations: bool,
+) -> tuple[list[_ScoredItem], int, int]:
+    results: list[_ScoredItem] = []
+    block_count = 0
+    integration_count = 0
+
+    if not include_blocks and not include_integrations:
+        return results, block_count, integration_count
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        if block.disabled:
+            continue
+
+        block_info = block.get_info()
+        credentials = list(block.input_schema.get_credentials_fields().values())
+        is_integration = len(credentials) > 0
+
+        if is_integration and not include_integrations:
+            continue
+        if not is_integration and not include_blocks:
+            continue
+
+        score = _score_block(block, block_info, normalized_query)
+        if not _should_include_item(score, normalized_query):
+            continue
+
+        filter_type: FilterType = "integrations" if is_integration else "blocks"
+        if is_integration:
+            integration_count += 1
+        else:
+            block_count += 1
+
+        results.append(
+            _ScoredItem(
+                item=block_info,
+                filter_type=filter_type,
+                score=score,
+                sort_key=_get_item_name(block_info),
+            )
+        )
+
+    return results, block_count, integration_count
+
+
+def _build_library_items(
+    *,
+    agents: list[library_model.LibraryAgent],
+    normalized_query: str,
+) -> list[_ScoredItem]:
+    results: list[_ScoredItem] = []
+
+    for agent in agents:
+        score = _score_library_agent(agent, normalized_query)
+        if not _should_include_item(score, normalized_query):
+            continue
+
+        results.append(
+            _ScoredItem(
+                item=agent,
+                filter_type="my_agents",
+                score=score,
+                sort_key=_get_item_name(agent),
+            )
+        )
+
+    return results
+
+
+def _build_marketplace_items(
+    *,
+    agents: list[store_model.StoreAgent],
+    normalized_query: str,
+) -> list[_ScoredItem]:
+    results: list[_ScoredItem] = []
+
+    for agent in agents:
+        score = _score_store_agent(agent, normalized_query)
+        if not _should_include_item(score, normalized_query):
+            continue
+
+        results.append(
+            _ScoredItem(
+                item=agent,
+                filter_type="marketplace_agents",
+                score=score,
+                sort_key=_get_item_name(agent),
+            )
+        )
+
+    return results
+
+
+def get_providers(
+    query: str = "",
+    page: int = 1,
+    page_size: int = 50,
+) -> ProviderResponse:
+    providers = []
+    query = query.lower()
+
+    skip = (page - 1) * page_size
+    take = page_size
+
+    all_providers = _get_all_providers()
+
+    for provider in all_providers.values():
+        if (
+            query not in provider.name.value.lower()
+            and query not in provider.description.lower()
+        ):
+            continue
+        if skip > 0:
+            skip -= 1
+            continue
+        if take > 0:
+            take -= 1
+            providers.append(provider)
+
+    total = len(all_providers)
+
+    return ProviderResponse(
+        providers=providers,
+        pagination=Pagination(
+            total_items=total,
+            total_pages=(total + page_size - 1) // page_size,
+            current_page=page,
+            page_size=page_size,
+        ),
+    )
+
+
+async def get_counts(user_id: str) -> CountResponse:
+    my_agents = await prisma.models.LibraryAgent.prisma().count(
+        where={
+            "userId": user_id,
+            "isDeleted": False,
+            "isArchived": False,
+        }
+    )
+    counts = await _get_static_counts()
+    return CountResponse(
+        my_agents=my_agents,
+        **counts,
+    )
+
+
+@cached(ttl_seconds=3600)
+async def _get_static_counts():
+    """
+    Get counts of blocks, integrations, and marketplace agents.
+    This is cached to avoid unnecessary database queries and calculations.
+    """
+    all_blocks = 0
+    input_blocks = 0
+    action_blocks = 0
+    output_blocks = 0
+    integrations = 0
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        if block.disabled:
+            continue
+
+        all_blocks += 1
+
+        if block.block_type.value == "Input":
+            input_blocks += 1
+        elif block.block_type.value == "Output":
+            output_blocks += 1
+        else:
+            action_blocks += 1
+
+        credentials = list(block.input_schema.get_credentials_fields().values())
+        if len(credentials) > 0:
+            integrations += 1
+
+    marketplace_agents = await prisma.models.StoreAgent.prisma().count()
+
+    return {
+        "all_blocks": all_blocks,
+        "input_blocks": input_blocks,
+        "action_blocks": action_blocks,
+        "output_blocks": output_blocks,
+        "integrations": integrations,
+        "marketplace_agents": marketplace_agents,
+    }
+
+
+def _matches_llm_model(schema_cls: type[BlockSchema], query: str) -> bool:
+    for field in schema_cls.model_fields.values():
+        if field.annotation == LlmModel:
+            # Check if query matches any value in llm_models
+            if any(query in name for name in llm_models):
+                return True
+    return False
+
+
+def _score_block(
+    block: AnyBlockSchema,
+    block_info: BlockInfo,
+    normalized_query: str,
+) -> float:
+    if not normalized_query:
+        return 0.0
+
+    name = block_info.name.lower()
+    description = block_info.description.lower()
+    score = _score_primary_fields(name, description, normalized_query)
+
+    category_text = " ".join(
+        category.get("category", "").lower() for category in block_info.categories
+    )
+    score += _score_additional_field(category_text, normalized_query, 12, 6)
+
+    credentials_info = block.input_schema.get_credentials_fields_info().values()
+    provider_names = [
+        provider.value.lower()
+        for info in credentials_info
+        for provider in info.provider
+    ]
+    provider_text = " ".join(provider_names)
+    score += _score_additional_field(provider_text, normalized_query, 15, 6)
+
+    if _matches_llm_model(block.input_schema, normalized_query):
+        score += 20
+
+    return score
+
+
+def _score_library_agent(
+    agent: library_model.LibraryAgent,
+    normalized_query: str,
+) -> float:
+    if not normalized_query:
+        return 0.0
+
+    name = agent.name.lower()
+    description = (agent.description or "").lower()
+    instructions = (agent.instructions or "").lower()
+
+    score = _score_primary_fields(name, description, normalized_query)
+    score += _score_additional_field(instructions, normalized_query, 15, 6)
+    score += _score_additional_field(
+        agent.creator_name.lower(), normalized_query, 10, 5
+    )
+
+    return score
+
+
+def _score_store_agent(
+    agent: store_model.StoreAgent,
+    normalized_query: str,
+) -> float:
+    if not normalized_query:
+        return 0.0
+
+    name = agent.agent_name.lower()
+    description = agent.description.lower()
+    sub_heading = agent.sub_heading.lower()
+
+    score = _score_primary_fields(name, description, normalized_query)
+    score += _score_additional_field(sub_heading, normalized_query, 12, 6)
+    score += _score_additional_field(agent.creator.lower(), normalized_query, 10, 5)
+
+    return score
+
+
+def _score_primary_fields(name: str, description: str, query: str) -> float:
+    score = 0.0
+    if name == query:
+        score += 120
+    elif name.startswith(query):
+        score += 90
+    elif query in name:
+        score += 60
+
+    score += SequenceMatcher(None, name, query).ratio() * 50
+    if description:
+        if query in description:
+            score += 30
+        score += SequenceMatcher(None, description, query).ratio() * 25
+    return score
+
+
+def _score_additional_field(
+    value: str,
+    query: str,
+    contains_weight: float,
+    similarity_weight: float,
+) -> float:
+    if not value or not query:
+        return 0.0
+
+    score = 0.0
+    if query in value:
+        score += contains_weight
+    score += SequenceMatcher(None, value, query).ratio() * similarity_weight
+    return score
+
+
+def _should_include_item(score: float, normalized_query: str) -> bool:
+    if not normalized_query:
+        return True
+    return score >= MIN_SCORE_FOR_FILTERED_RESULTS
+
+
+def _get_item_name(item: SearchResultItem) -> str:
+    if isinstance(item, BlockInfo):
+        return item.name.lower()
+    if isinstance(item, library_model.LibraryAgent):
+        return item.name.lower()
+    return item.agent_name.lower()
+
+
+@cached(ttl_seconds=3600)
+def _get_all_providers() -> dict[ProviderName, Provider]:
+    providers: dict[ProviderName, Provider] = {}
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        if block.disabled:
+            continue
+
+        credentials_info = block.input_schema.get_credentials_fields_info().values()
+        for info in credentials_info:
+            for provider in info.provider:  # provider is a ProviderName enum member
+                if provider in providers:
+                    providers[provider].integration_count += 1
+                else:
+                    providers[provider] = Provider(
+                        name=provider, description="", integration_count=1
+                    )
+    return providers
+
+
+@cached(ttl_seconds=3600)
+async def get_suggested_blocks(count: int = 5) -> list[BlockInfo]:
+    suggested_blocks = []
+    # Sum the number of executions for each block type
+    # Prisma cannot group by nested relations, so we do a raw query
+    # Calculate the cutoff timestamp
+    timestamp_threshold = datetime.now(timezone.utc) - timedelta(days=30)
+
+    results = await query_raw_with_schema(
+        """
+        SELECT
+            agent_node."agentBlockId" AS block_id,
+            COUNT(execution.id) AS execution_count
+        FROM {schema_prefix}"AgentNodeExecution" execution
+        JOIN {schema_prefix}"AgentNode" agent_node ON execution."agentNodeId" = agent_node.id
+        WHERE execution."endedTime" >= $1::timestamp
+        GROUP BY agent_node."agentBlockId"
+        ORDER BY execution_count DESC;
+        """,
+        timestamp_threshold,
+    )
+
+    # Get the top blocks based on execution count
+    # But ignore Input and Output blocks
+    blocks: list[tuple[BlockInfo, int]] = []
+
+    for block_type in load_all_blocks().values():
+        block: AnyBlockSchema = block_type()
+        if block.disabled or block.block_type in (
+            backend.data.block.BlockType.INPUT,
+            backend.data.block.BlockType.OUTPUT,
+            backend.data.block.BlockType.AGENT,
+        ):
+            continue
+        # Find the execution count for this block
+        execution_count = next(
+            (row["execution_count"] for row in results if row["block_id"] == block.id),
+            0,
+        )
+        blocks.append((block.get_info(), execution_count))
+    # Sort blocks by execution count
+    blocks.sort(key=lambda x: x[1], reverse=True)
+
+    suggested_blocks = [block[0] for block in blocks]
+
+    # Return the top blocks
+    return suggested_blocks[:count]

autogpt_platform/backend/backend/api/features/builder/model.py

@@ -0,0 +1,77 @@
+from typing import Literal
+
+from pydantic import BaseModel
+
+import backend.api.features.library.model as library_model
+import backend.api.features.store.model as store_model
+from backend.data.block import BlockInfo
+from backend.integrations.providers import ProviderName
+from backend.util.models import Pagination
+
+FilterType = Literal[
+    "blocks",
+    "integrations",
+    "marketplace_agents",
+    "my_agents",
+]
+
+BlockType = Literal["all", "input", "action", "output"]
+
+
+class SearchEntry(BaseModel):
+    search_query: str | None = None
+    filter: list[FilterType] | None = None
+    by_creator: list[str] | None = None
+    search_id: str | None = None
+
+
+# Suggestions
+class SuggestionsResponse(BaseModel):
+    otto_suggestions: list[str]
+    recent_searches: list[SearchEntry]
+    providers: list[ProviderName]
+    top_blocks: list[BlockInfo]
+
+
+# All blocks
+class BlockCategoryResponse(BaseModel):
+    name: str
+    total_blocks: int
+    blocks: list[BlockInfo]
+
+    model_config = {"use_enum_values": False}  # Use enum names like "AI"
+
+
+# Input/Action/Output and see all for block categories
+class BlockResponse(BaseModel):
+    blocks: list[BlockInfo]
+    pagination: Pagination
+
+
+# Providers
+class Provider(BaseModel):
+    name: ProviderName
+    description: str
+    integration_count: int
+
+
+class ProviderResponse(BaseModel):
+    providers: list[Provider]
+    pagination: Pagination
+
+
+class SearchResponse(BaseModel):
+    items: list[BlockInfo | library_model.LibraryAgent | store_model.StoreAgent]
+    search_id: str
+    total_items: dict[FilterType, int]
+    pagination: Pagination
+
+
+class CountResponse(BaseModel):
+    all_blocks: int
+    input_blocks: int
+    action_blocks: int
+    output_blocks: int
+    integrations: int
+    marketplace_agents: int
+    my_agents: int

autogpt_platform/backend/backend/api/features/builder/routes.py

@@ -0,0 +1,224 @@
+import logging
+from typing import Annotated, Sequence
+
+import fastapi
+from autogpt_libs.auth.dependencies import get_user_id, requires_user
+
+from backend.integrations.providers import ProviderName
+from backend.util.models import Pagination
+
+from . import db as builder_db
+from . import model as builder_model
+
+logger = logging.getLogger(__name__)
+
+router = fastapi.APIRouter(
+    dependencies=[fastapi.Security(requires_user)],
+)
+
+
+# Taken from backend/server/v2/store/db.py
+def sanitize_query(query: str | None) -> str | None:
+    if query is None:
+        return query
+    query = query.strip()[:100]
+    return (
+        query.replace("\\", "\\\\")
+        .replace("%", "\\%")
+        .replace("_", "\\_")
+        .replace("[", "\\[")
+        .replace("]", "\\]")
+        .replace("'", "\\'")
+        .replace('"', '\\"')
+        .replace(";", "\\;")
+        .replace("--", "\\--")
+        .replace("/*", "\\/*")
+        .replace("*/", "\\*/")
+    )
+
+
+@router.get(
+    "/suggestions",
+    summary="Get Builder suggestions",
+    response_model=builder_model.SuggestionsResponse,
+)
+async def get_suggestions(
+    user_id: Annotated[str, fastapi.Security(get_user_id)],
+) -> builder_model.SuggestionsResponse:
+    """
+    Get all suggestions for the Blocks Menu.
+    """
+    return builder_model.SuggestionsResponse(
+        otto_suggestions=[
+            "What blocks do I need to get started?",
+            "Help me create a list",
+            "Help me feed my data to Google Maps",
+        ],
+        recent_searches=await builder_db.get_recent_searches(user_id),
+        providers=[
+            ProviderName.TWITTER,
+            ProviderName.GITHUB,
+            ProviderName.NOTION,
+            ProviderName.GOOGLE,
+            ProviderName.DISCORD,
+            ProviderName.GOOGLE_MAPS,
+        ],
+        top_blocks=await builder_db.get_suggested_blocks(),
+    )
+
+
+@router.get(
+    "/categories",
+    summary="Get Builder block categories",
+    response_model=Sequence[builder_model.BlockCategoryResponse],
+)
+async def get_block_categories(
+    blocks_per_category: Annotated[int, fastapi.Query()] = 3,
+) -> Sequence[builder_model.BlockCategoryResponse]:
+    """
+    Get all block categories with a specified number of blocks per category.
+    """
+    return builder_db.get_block_categories(blocks_per_category)
+
+
+@router.get(
+    "/blocks",
+    summary="Get Builder blocks",
+    response_model=builder_model.BlockResponse,
+)
+async def get_blocks(
+    category: Annotated[str | None, fastapi.Query()] = None,
+    type: Annotated[builder_model.BlockType | None, fastapi.Query()] = None,
+    provider: Annotated[ProviderName | None, fastapi.Query()] = None,
+    page: Annotated[int, fastapi.Query()] = 1,
+    page_size: Annotated[int, fastapi.Query()] = 50,
+) -> builder_model.BlockResponse:
+    """
+    Get blocks based on either category, type, or provider.
+    """
+    return builder_db.get_blocks(
+        category=category,
+        type=type,
+        provider=provider,
+        page=page,
+        page_size=page_size,
+    )
+
+
+@router.get(
+    "/blocks/batch",
+    summary="Get specific blocks",
+    response_model=list[builder_model.BlockInfo],
+)
+async def get_specific_blocks(
+    block_ids: Annotated[list[str], fastapi.Query()],
+) -> list[builder_model.BlockInfo]:
+    """
+    Get specific blocks by their IDs.
+    """
+    blocks = []
+    for block_id in block_ids:
+        block = builder_db.get_block_by_id(block_id)
+        if block:
+            blocks.append(block)
+    return blocks
+
+
+@router.get(
+    "/providers",
+    summary="Get Builder integration providers",
+    response_model=builder_model.ProviderResponse,
+)
+async def get_providers(
+    page: Annotated[int, fastapi.Query()] = 1,
+    page_size: Annotated[int, fastapi.Query()] = 50,
+) -> builder_model.ProviderResponse:
+    """
+    Get all integration providers with their block counts.
+    """
+    return builder_db.get_providers(
+        page=page,
+        page_size=page_size,
+    )
+
+
+@router.get(
+    "/search",
+    summary="Builder search",
+    tags=["store", "private"],
+    response_model=builder_model.SearchResponse,
+)
+async def search(
+    user_id: Annotated[str, fastapi.Security(get_user_id)],
+    search_query: Annotated[str | None, fastapi.Query()] = None,
+    filter: Annotated[list[builder_model.FilterType] | None, fastapi.Query()] = None,
+    search_id: Annotated[str | None, fastapi.Query()] = None,
+    by_creator: Annotated[list[str] | None, fastapi.Query()] = None,
+    page: Annotated[int, fastapi.Query()] = 1,
+    page_size: Annotated[int, fastapi.Query()] = 50,
+) -> builder_model.SearchResponse:
+    """
+    Search for blocks (including integrations), marketplace agents, and user library agents.
+    """
+    # If no filters are provided, then we will return all types
+    if not filter:
+        filter = [
+            "blocks",
+            "integrations",
+            "marketplace_agents",
+            "my_agents",
+        ]
+    search_query = sanitize_query(search_query)
+
+    # Get all possible results
+    cached_results = await builder_db.get_sorted_search_results(
+        user_id=user_id,
+        search_query=search_query,
+        filters=filter,
+        by_creator=by_creator,
+    )
+
+    # Paginate results
+    total_combined_items = len(cached_results.items)
+    pagination = Pagination(
+        total_items=total_combined_items,
+        total_pages=(total_combined_items + page_size - 1) // page_size,
+        current_page=page,
+        page_size=page_size,
+    )
+
+    start_idx = (page - 1) * page_size
+    end_idx = start_idx + page_size
+    paginated_items = cached_results.items[start_idx:end_idx]
+
+    # Update the search entry by id
+    search_id = await builder_db.update_search(
+        user_id,
+        builder_model.SearchEntry(
+            search_query=search_query,
+            filter=filter,
+            by_creator=by_creator,
+            search_id=search_id,
+        ),
+    )
+
+    return builder_model.SearchResponse(
+        items=paginated_items,
+        search_id=search_id,
+        total_items=cached_results.total_items,
+        pagination=pagination,
+    )
+
+
+@router.get(
+    "/counts",
+    summary="Get Builder item counts",
+    response_model=builder_model.CountResponse,
+)
+async def get_counts(
+    user_id: Annotated[str, fastapi.Security(get_user_id)],
+) -> builder_model.CountResponse:
+    """
+    Get item counts for the menu categories in the Blocks Menu.
+    """
+    return await builder_db.get_counts(user_id)

autogpt_platform/backend/backend/api/features/chat/config.py

@@ -0,0 +1,118 @@
+"""Configuration management for chat system."""
+
+import os
+from pathlib import Path
+
+from pydantic import Field, field_validator
+from pydantic_settings import BaseSettings
+
+
+class ChatConfig(BaseSettings):
+    """Configuration for the chat system."""
+
+    # OpenAI API Configuration
+    model: str = Field(
+        default="qwen/qwen3-235b-a22b-2507", description="Default model to use"
+    )
+    api_key: str | None = Field(default=None, description="OpenAI API key")
+    base_url: str | None = Field(
+        default="https://openrouter.ai/api/v1",
+        description="Base URL for API (e.g., for OpenRouter)",
+    )
+
+    # Session TTL Configuration - 12 hours
+    session_ttl: int = Field(default=43200, description="Session TTL in seconds")
+
+    # System Prompt Configuration
+    system_prompt_path: str = Field(
+        default="prompts/chat_system.md",
+        description="Path to system prompt file relative to chat module",
+    )
+
+    # Streaming Configuration
+    max_context_messages: int = Field(
+        default=50, ge=1, le=200, description="Maximum context messages"
+    )
+
+    stream_timeout: int = Field(default=300, description="Stream timeout in seconds")
+    max_retries: int = Field(default=3, description="Maximum number of retries")
+    max_agent_runs: int = Field(default=3, description="Maximum number of agent runs")
+    max_agent_schedules: int = Field(
+        default=3, description="Maximum number of agent schedules"
+    )
+
+    @field_validator("api_key", mode="before")
+    @classmethod
+    def get_api_key(cls, v):
+        """Get API key from environment if not provided."""
+        if v is None:
+            # Try to get from environment variables
+            # First check for CHAT_API_KEY (Pydantic prefix)
+            v = os.getenv("CHAT_API_KEY")
+            if not v:
+                # Fall back to OPEN_ROUTER_API_KEY
+                v = os.getenv("OPEN_ROUTER_API_KEY")
+            if not v:
+                # Fall back to OPENAI_API_KEY
+                v = os.getenv("OPENAI_API_KEY")
+        return v
+
+    @field_validator("base_url", mode="before")
+    @classmethod
+    def get_base_url(cls, v):
+        """Get base URL from environment if not provided."""
+        if v is None:
+            # Check for OpenRouter or custom base URL
+            v = os.getenv("CHAT_BASE_URL")
+            if not v:
+                v = os.getenv("OPENROUTER_BASE_URL")
+            if not v:
+                v = os.getenv("OPENAI_BASE_URL")
+            if not v:
+                v = "https://openrouter.ai/api/v1"
+        return v
+
+    def get_system_prompt(self, **template_vars) -> str:
+        """Load and render the system prompt from file.
+
+        Args:
+            **template_vars: Variables to substitute in the template
+
+        Returns:
+            Rendered system prompt string
+
+        """
+        # Get the path relative to this module
+        module_dir = Path(__file__).parent
+        prompt_path = module_dir / self.system_prompt_path
+
+        # Check for .j2 extension first (Jinja2 template)
+        j2_path = Path(str(prompt_path) + ".j2")
+        if j2_path.exists():
+            try:
+                from jinja2 import Template
+
+                template = Template(j2_path.read_text())
+                return template.render(**template_vars)
+            except ImportError:
+                # Jinja2 not installed, fall back to reading as plain text
+                return j2_path.read_text()
+
+        # Check for markdown file
+        if prompt_path.exists():
+            content = prompt_path.read_text()
+
+            # Simple variable substitution if Jinja2 is not available
+            for key, value in template_vars.items():
+                placeholder = f"{{{key}}}"
+                content = content.replace(placeholder, str(value))
+
+            return content
+        raise FileNotFoundError(f"System prompt file not found: {prompt_path}")
+
+    class Config:
+        """Pydantic config."""
+
+        env_file = ".env"
+        env_file_encoding = "utf-8"
+        extra = "ignore"  # Ignore extra environment variables

autogpt_platform/backend/backend/api/features/chat/model.py

@@ -0,0 +1,204 @@
+import logging
+import uuid
+from datetime import UTC, datetime
+
+from openai.types.chat import (
+    ChatCompletionAssistantMessageParam,
+    ChatCompletionDeveloperMessageParam,
+    ChatCompletionFunctionMessageParam,
+    ChatCompletionMessageParam,
+    ChatCompletionSystemMessageParam,
+    ChatCompletionToolMessageParam,
+    ChatCompletionUserMessageParam,
+)
+from openai.types.chat.chat_completion_assistant_message_param import FunctionCall
+from openai.types.chat.chat_completion_message_tool_call_param import (
+    ChatCompletionMessageToolCallParam,
+    Function,
+)
+from pydantic import BaseModel
+
+from backend.data.redis_client import get_redis_async
+from backend.util.exceptions import RedisError
+
+from .config import ChatConfig
+
+logger = logging.getLogger(__name__)
+config = ChatConfig()
+
+
+class ChatMessage(BaseModel):
+    role: str
+    content: str | None = None
+    name: str | None = None
+    tool_call_id: str | None = None
+    refusal: str | None = None
+    tool_calls: list[dict] | None = None
+    function_call: dict | None = None
+
+
+class Usage(BaseModel):
+    prompt_tokens: int
+    completion_tokens: int
+    total_tokens: int
+
+
+class ChatSession(BaseModel):
+    session_id: str
+    user_id: str | None
+    messages: list[ChatMessage]
+    usage: list[Usage]
+    credentials: dict[str, dict] = {}  # Map of provider -> credential metadata
+    started_at: datetime
+    updated_at: datetime
+    successful_agent_runs: dict[str, int] = {}
+    successful_agent_schedules: dict[str, int] = {}
+
+    @staticmethod
+    def new(user_id: str | None) -> "ChatSession":
+        return ChatSession(
+            session_id=str(uuid.uuid4()),
+            user_id=user_id,
+            messages=[],
+            usage=[],
+            credentials={},
+            started_at=datetime.now(UTC),
+            updated_at=datetime.now(UTC),
+        )
+
+    def to_openai_messages(self) -> list[ChatCompletionMessageParam]:
+        messages = []
+        for message in self.messages:
+            if message.role == "developer":
+                m = ChatCompletionDeveloperMessageParam(
+                    role="developer",
+                    content=message.content or "",
+                )
+                if message.name:
+                    m["name"] = message.name
+                messages.append(m)
+            elif message.role == "system":
+                m = ChatCompletionSystemMessageParam(
+                    role="system",
+                    content=message.content or "",
+                )
+                if message.name:
+                    m["name"] = message.name
+                messages.append(m)
+            elif message.role == "user":
+                m = ChatCompletionUserMessageParam(
+                    role="user",
+                    content=message.content or "",
+                )
+                if message.name:
+                    m["name"] = message.name
+                messages.append(m)
+            elif message.role == "assistant":
+                m = ChatCompletionAssistantMessageParam(
+                    role="assistant",
+                    content=message.content or "",
+                )
+                if message.function_call:
+                    m["function_call"] = FunctionCall(
+                        arguments=message.function_call["arguments"],
+                        name=message.function_call["name"],
+                    )
+                if message.refusal:
+                    m["refusal"] = message.refusal
+                if message.tool_calls:
+                    t: list[ChatCompletionMessageToolCallParam] = []
+                    for tool_call in message.tool_calls:
+                        # Tool calls are stored with nested structure: {id, type, function: {name, arguments}}
+                        function_data = tool_call.get("function", {})
+
+                        # Skip tool calls that are missing required fields
+                        if "id" not in tool_call or "name" not in function_data:
+                            logger.warning(
+                                f"Skipping invalid tool call: missing required fields. "
+                                f"Got: {tool_call.keys()}, function keys: {function_data.keys()}"
+                            )
+                            continue
+
+                        # Arguments are stored as a JSON string
+                        arguments_str = function_data.get("arguments", "{}")
+
+                        t.append(
+                            ChatCompletionMessageToolCallParam(
+                                id=tool_call["id"],
+                                type="function",
+                                function=Function(
+                                    arguments=arguments_str,
+                                    name=function_data["name"],
+                                ),
+                            )
+                        )
+                    m["tool_calls"] = t
+                if message.name:
+                    m["name"] = message.name
+                messages.append(m)
+            elif message.role == "tool":
+                messages.append(
+                    ChatCompletionToolMessageParam(
+                        role="tool",
+                        content=message.content or "",
+                        tool_call_id=message.tool_call_id or "",
+                    )
+                )
+            elif message.role == "function":
+                messages.append(
+                    ChatCompletionFunctionMessageParam(
+                        role="function",
+                        content=message.content,
+                        name=message.name or "",
+                    )
+                )
+        return messages
+
+
+async def get_chat_session(
+    session_id: str,
+    user_id: str | None,
+) -> ChatSession | None:
+    """Get a chat session by ID."""
+    redis_key = f"chat:session:{session_id}"
+    async_redis = await get_redis_async()
+
+    raw_session: bytes | None = await async_redis.get(redis_key)
+
+    if raw_session is None:
+        logger.warning(f"Session {session_id} not found in Redis")
+        return None
+
+    try:
+        session = ChatSession.model_validate_json(raw_session)
+    except Exception as e:
+        logger.error(f"Failed to deserialize session {session_id}: {e}", exc_info=True)
+        raise RedisError(f"Corrupted session data for {session_id}") from e
+
+    if session.user_id is not None and session.user_id != user_id:
+        logger.warning(
+            f"Session {session_id} user id mismatch: {session.user_id} != {user_id}"
+        )
+        return None
+
+    return session
+
+
+async def upsert_chat_session(
+    session: ChatSession,
+) -> ChatSession:
+    """Update a chat session with the given messages."""
+
+    redis_key = f"chat:session:{session.session_id}"
+
+    async_redis = await get_redis_async()
+    resp = await async_redis.setex(
+        redis_key, config.session_ttl, session.model_dump_json()
+    )
+
+    if not resp:
+        raise RedisError(
+            f"Failed to persist chat session {session.session_id} to Redis: {resp}"
+        )
+
+    return session