Merge branch 'dev' into pwuts/open-2923-v2-external-api

.branchlet.json

@@ -29,7 +29,8 @@
   "postCreateCmd": [
     "cd autogpt_platform/autogpt_libs && poetry install",
     "cd autogpt_platform/backend && poetry install && poetry run prisma generate",
-    "cd autogpt_platform/frontend && pnpm install"
+    "cd autogpt_platform/frontend && pnpm install",
+    "cd docs && pip install -r requirements.txt"
   ],
   "terminalCommand": "code .",
   "deleteBranchWithWorktree": false

.claude/skills/vercel-react-best-practices/SKILL.md

@@ -1,125 +0,0 @@
----
-name: vercel-react-best-practices
-description: React and Next.js performance optimization guidelines from Vercel Engineering. This skill should be used when writing, reviewing, or refactoring React/Next.js code to ensure optimal performance patterns. Triggers on tasks involving React components, Next.js pages, data fetching, bundle optimization, or performance improvements.
-license: MIT
-metadata:
-  author: vercel
-  version: "1.0.0"
----
-
-# Vercel React Best Practices
-
-Comprehensive performance optimization guide for React and Next.js applications, maintained by Vercel. Contains 45 rules across 8 categories, prioritized by impact to guide automated refactoring and code generation.
-
-## When to Apply
-
-Reference these guidelines when:
-- Writing new React components or Next.js pages
-- Implementing data fetching (client or server-side)
-- Reviewing code for performance issues
-- Refactoring existing React/Next.js code
-- Optimizing bundle size or load times
-
-## Rule Categories by Priority
-
-| Priority | Category | Impact | Prefix |
-|----------|----------|--------|--------|
-| 1 | Eliminating Waterfalls | CRITICAL | `async-` |
-| 2 | Bundle Size Optimization | CRITICAL | `bundle-` |
-| 3 | Server-Side Performance | HIGH | `server-` |
-| 4 | Client-Side Data Fetching | MEDIUM-HIGH | `client-` |
-| 5 | Re-render Optimization | MEDIUM | `rerender-` |
-| 6 | Rendering Performance | MEDIUM | `rendering-` |
-| 7 | JavaScript Performance | LOW-MEDIUM | `js-` |
-| 8 | Advanced Patterns | LOW | `advanced-` |
-
-## Quick Reference
-
-### 1. Eliminating Waterfalls (CRITICAL)
-
-- `async-defer-await` - Move await into branches where actually used
-- `async-parallel` - Use Promise.all() for independent operations
-- `async-dependencies` - Use better-all for partial dependencies
-- `async-api-routes` - Start promises early, await late in API routes
-- `async-suspense-boundaries` - Use Suspense to stream content
-
-### 2. Bundle Size Optimization (CRITICAL)
-
-- `bundle-barrel-imports` - Import directly, avoid barrel files
-- `bundle-dynamic-imports` - Use next/dynamic for heavy components
-- `bundle-defer-third-party` - Load analytics/logging after hydration
-- `bundle-conditional` - Load modules only when feature is activated
-- `bundle-preload` - Preload on hover/focus for perceived speed
-
-### 3. Server-Side Performance (HIGH)
-
-- `server-cache-react` - Use React.cache() for per-request deduplication
-- `server-cache-lru` - Use LRU cache for cross-request caching
-- `server-serialization` - Minimize data passed to client components
-- `server-parallel-fetching` - Restructure components to parallelize fetches
-- `server-after-nonblocking` - Use after() for non-blocking operations
-
-### 4. Client-Side Data Fetching (MEDIUM-HIGH)
-
-- `client-swr-dedup` - Use SWR for automatic request deduplication
-- `client-event-listeners` - Deduplicate global event listeners
-
-### 5. Re-render Optimization (MEDIUM)
-
-- `rerender-defer-reads` - Don't subscribe to state only used in callbacks
-- `rerender-memo` - Extract expensive work into memoized components
-- `rerender-dependencies` - Use primitive dependencies in effects
-- `rerender-derived-state` - Subscribe to derived booleans, not raw values
-- `rerender-functional-setstate` - Use functional setState for stable callbacks
-- `rerender-lazy-state-init` - Pass function to useState for expensive values
-- `rerender-transitions` - Use startTransition for non-urgent updates
-
-### 6. Rendering Performance (MEDIUM)
-
-- `rendering-animate-svg-wrapper` - Animate div wrapper, not SVG element
-- `rendering-content-visibility` - Use content-visibility for long lists
-- `rendering-hoist-jsx` - Extract static JSX outside components
-- `rendering-svg-precision` - Reduce SVG coordinate precision
-- `rendering-hydration-no-flicker` - Use inline script for client-only data
-- `rendering-activity` - Use Activity component for show/hide
-- `rendering-conditional-render` - Use ternary, not && for conditionals
-
-### 7. JavaScript Performance (LOW-MEDIUM)
-
-- `js-batch-dom-css` - Group CSS changes via classes or cssText
-- `js-index-maps` - Build Map for repeated lookups
-- `js-cache-property-access` - Cache object properties in loops
-- `js-cache-function-results` - Cache function results in module-level Map
-- `js-cache-storage` - Cache localStorage/sessionStorage reads
-- `js-combine-iterations` - Combine multiple filter/map into one loop
-- `js-length-check-first` - Check array length before expensive comparison
-- `js-early-exit` - Return early from functions
-- `js-hoist-regexp` - Hoist RegExp creation outside loops
-- `js-min-max-loop` - Use loop for min/max instead of sort
-- `js-set-map-lookups` - Use Set/Map for O(1) lookups
-- `js-tosorted-immutable` - Use toSorted() for immutability
-
-### 8. Advanced Patterns (LOW)
-
-- `advanced-event-handler-refs` - Store event handlers in refs
-- `advanced-use-latest` - useLatest for stable callback refs
-
-## How to Use
-
-Read individual rule files for detailed explanations and code examples:
-
-```
-rules/async-parallel.md
-rules/bundle-barrel-imports.md
-rules/_sections.md
-```
-
-Each rule file contains:
-- Brief explanation of why it matters
-- Incorrect code example with explanation
-- Correct code example with explanation
-- Additional context and references
-
-## Full Compiled Document
-
-For the complete guide with all rules expanded: `AGENTS.md`

.claude/skills/vercel-react-best-practices/rules/advanced-event-handler-refs.md

@@ -1,55 +0,0 @@
----
-title: Store Event Handlers in Refs
-impact: LOW
-impactDescription: stable subscriptions
-tags: advanced, hooks, refs, event-handlers, optimization
----
-
-## Store Event Handlers in Refs
-
-Store callbacks in refs when used in effects that shouldn't re-subscribe on callback changes.
-
-**Incorrect (re-subscribes on every render):**
-
-```tsx
-function useWindowEvent(event: string, handler: () => void) {
-  useEffect(() => {
-    window.addEventListener(event, handler)
-    return () => window.removeEventListener(event, handler)
-  }, [event, handler])
-}
-```
-
-**Correct (stable subscription):**
-
-```tsx
-function useWindowEvent(event: string, handler: () => void) {
-  const handlerRef = useRef(handler)
-  useEffect(() => {
-    handlerRef.current = handler
-  }, [handler])
-
-  useEffect(() => {
-    const listener = () => handlerRef.current()
-    window.addEventListener(event, listener)
-    return () => window.removeEventListener(event, listener)
-  }, [event])
-}
-```
-
-**Alternative: use `useEffectEvent` if you're on latest React:**
-
-```tsx
-import { useEffectEvent } from 'react'
-
-function useWindowEvent(event: string, handler: () => void) {
-  const onEvent = useEffectEvent(handler)
-
-  useEffect(() => {
-    window.addEventListener(event, onEvent)
-    return () => window.removeEventListener(event, onEvent)
-  }, [event])
-}
-```
-
-`useEffectEvent` provides a cleaner API for the same pattern: it creates a stable function reference that always calls the latest version of the handler.

.claude/skills/vercel-react-best-practices/rules/advanced-use-latest.md

@@ -1,49 +0,0 @@
----
-title: useLatest for Stable Callback Refs
-impact: LOW
-impactDescription: prevents effect re-runs
-tags: advanced, hooks, useLatest, refs, optimization
----
-
-## useLatest for Stable Callback Refs
-
-Access latest values in callbacks without adding them to dependency arrays. Prevents effect re-runs while avoiding stale closures.
-
-**Implementation:**
-
-```typescript
-function useLatest<T>(value: T) {
-  const ref = useRef(value)
-  useEffect(() => {
-    ref.current = value
-  }, [value])
-  return ref
-}
-```
-
-**Incorrect (effect re-runs on every callback change):**
-
-```tsx
-function SearchInput({ onSearch }: { onSearch: (q: string) => void }) {
-  const [query, setQuery] = useState('')
-
-  useEffect(() => {
-    const timeout = setTimeout(() => onSearch(query), 300)
-    return () => clearTimeout(timeout)
-  }, [query, onSearch])
-}
-```
-
-**Correct (stable effect, fresh callback):**
-
-```tsx
-function SearchInput({ onSearch }: { onSearch: (q: string) => void }) {
-  const [query, setQuery] = useState('')
-  const onSearchRef = useLatest(onSearch)
-
-  useEffect(() => {
-    const timeout = setTimeout(() => onSearchRef.current(query), 300)
-    return () => clearTimeout(timeout)
-  }, [query])
-}
-```

.claude/skills/vercel-react-best-practices/rules/async-api-routes.md

@@ -1,38 +0,0 @@
----
-title: Prevent Waterfall Chains in API Routes
-impact: CRITICAL
-impactDescription: 2-10× improvement
-tags: api-routes, server-actions, waterfalls, parallelization
----
-
-## Prevent Waterfall Chains in API Routes
-
-In API routes and Server Actions, start independent operations immediately, even if you don't await them yet.
-
-**Incorrect (config waits for auth, data waits for both):**
-
-```typescript
-export async function GET(request: Request) {
-  const session = await auth()
-  const config = await fetchConfig()
-  const data = await fetchData(session.user.id)
-  return Response.json({ data, config })
-}
-```
-
-**Correct (auth and config start immediately):**
-
-```typescript
-export async function GET(request: Request) {
-  const sessionPromise = auth()
-  const configPromise = fetchConfig()
-  const session = await sessionPromise
-  const [config, data] = await Promise.all([
-    configPromise,
-    fetchData(session.user.id)
-  ])
-  return Response.json({ data, config })
-}
-```
-
-For operations with more complex dependency chains, use `better-all` to automatically maximize parallelism (see Dependency-Based Parallelization).

.claude/skills/vercel-react-best-practices/rules/async-defer-await.md

@@ -1,80 +0,0 @@
----
-title: Defer Await Until Needed
-impact: HIGH
-impactDescription: avoids blocking unused code paths
-tags: async, await, conditional, optimization
----
-
-## Defer Await Until Needed
-
-Move `await` operations into the branches where they're actually used to avoid blocking code paths that don't need them.
-
-**Incorrect (blocks both branches):**
-
-```typescript
-async function handleRequest(userId: string, skipProcessing: boolean) {
-  const userData = await fetchUserData(userId)
-  
-  if (skipProcessing) {
-    // Returns immediately but still waited for userData
-    return { skipped: true }
-  }
-  
-  // Only this branch uses userData
-  return processUserData(userData)
-}
-```
-
-**Correct (only blocks when needed):**
-
-```typescript
-async function handleRequest(userId: string, skipProcessing: boolean) {
-  if (skipProcessing) {
-    // Returns immediately without waiting
-    return { skipped: true }
-  }
-  
-  // Fetch only when needed
-  const userData = await fetchUserData(userId)
-  return processUserData(userData)
-}
-```
-
-**Another example (early return optimization):**
-
-```typescript
-// Incorrect: always fetches permissions
-async function updateResource(resourceId: string, userId: string) {
-  const permissions = await fetchPermissions(userId)
-  const resource = await getResource(resourceId)
-  
-  if (!resource) {
-    return { error: 'Not found' }
-  }
-  
-  if (!permissions.canEdit) {
-    return { error: 'Forbidden' }
-  }
-  
-  return await updateResourceData(resource, permissions)
-}
-
-// Correct: fetches only when needed
-async function updateResource(resourceId: string, userId: string) {
-  const resource = await getResource(resourceId)
-  
-  if (!resource) {
-    return { error: 'Not found' }
-  }
-  
-  const permissions = await fetchPermissions(userId)
-  
-  if (!permissions.canEdit) {
-    return { error: 'Forbidden' }
-  }
-  
-  return await updateResourceData(resource, permissions)
-}
-```
-
-This optimization is especially valuable when the skipped branch is frequently taken, or when the deferred operation is expensive.

.claude/skills/vercel-react-best-practices/rules/async-dependencies.md

@@ -1,36 +0,0 @@
----
-title: Dependency-Based Parallelization
-impact: CRITICAL
-impactDescription: 2-10× improvement
-tags: async, parallelization, dependencies, better-all
----
-
-## Dependency-Based Parallelization
-
-For operations with partial dependencies, use `better-all` to maximize parallelism. It automatically starts each task at the earliest possible moment.
-
-**Incorrect (profile waits for config unnecessarily):**
-
-```typescript
-const [user, config] = await Promise.all([
-  fetchUser(),
-  fetchConfig()
-])
-const profile = await fetchProfile(user.id)
-```
-
-**Correct (config and profile run in parallel):**
-
-```typescript
-import { all } from 'better-all'
-
-const { user, config, profile } = await all({
-  async user() { return fetchUser() },
-  async config() { return fetchConfig() },
-  async profile() {
-    return fetchProfile((await this.$.user).id)
-  }
-})
-```
-
-Reference: [https://github.com/shuding/better-all](https://github.com/shuding/better-all)

.claude/skills/vercel-react-best-practices/rules/async-parallel.md

@@ -1,28 +0,0 @@
----
-title: Promise.all() for Independent Operations
-impact: CRITICAL
-impactDescription: 2-10× improvement
-tags: async, parallelization, promises, waterfalls
----
-
-## Promise.all() for Independent Operations
-
-When async operations have no interdependencies, execute them concurrently using `Promise.all()`.
-
-**Incorrect (sequential execution, 3 round trips):**
-
-```typescript
-const user = await fetchUser()
-const posts = await fetchPosts()
-const comments = await fetchComments()
-```
-
-**Correct (parallel execution, 1 round trip):**
-
-```typescript
-const [user, posts, comments] = await Promise.all([
-  fetchUser(),
-  fetchPosts(),
-  fetchComments()
-])
-```

.claude/skills/vercel-react-best-practices/rules/async-suspense-boundaries.md

@@ -1,99 +0,0 @@
----
-title: Strategic Suspense Boundaries
-impact: HIGH
-impactDescription: faster initial paint
-tags: async, suspense, streaming, layout-shift
----
-
-## Strategic Suspense Boundaries
-
-Instead of awaiting data in async components before returning JSX, use Suspense boundaries to show the wrapper UI faster while data loads.
-
-**Incorrect (wrapper blocked by data fetching):**
-
-```tsx
-async function Page() {
-  const data = await fetchData() // Blocks entire page
-  
-  return (
-    <div>
-      <div>Sidebar</div>
-      <div>Header</div>
-      <div>
-        <DataDisplay data={data} />
-      </div>
-      <div>Footer</div>
-    </div>
-  )
-}
-```
-
-The entire layout waits for data even though only the middle section needs it.
-
-**Correct (wrapper shows immediately, data streams in):**
-
-```tsx
-function Page() {
-  return (
-    <div>
-      <div>Sidebar</div>
-      <div>Header</div>
-      <div>
-        <Suspense fallback={<Skeleton />}>
-          <DataDisplay />
-        </Suspense>
-      </div>
-      <div>Footer</div>
-    </div>
-  )
-}
-
-async function DataDisplay() {
-  const data = await fetchData() // Only blocks this component
-  return <div>{data.content}</div>
-}
-```
-
-Sidebar, Header, and Footer render immediately. Only DataDisplay waits for data.
-
-**Alternative (share promise across components):**
-
-```tsx
-function Page() {
-  // Start fetch immediately, but don't await
-  const dataPromise = fetchData()
-  
-  return (
-    <div>
-      <div>Sidebar</div>
-      <div>Header</div>
-      <Suspense fallback={<Skeleton />}>
-        <DataDisplay dataPromise={dataPromise} />
-        <DataSummary dataPromise={dataPromise} />
-      </Suspense>
-      <div>Footer</div>
-    </div>
-  )
-}
-
-function DataDisplay({ dataPromise }: { dataPromise: Promise<Data> }) {
-  const data = use(dataPromise) // Unwraps the promise
-  return <div>{data.content}</div>
-}
-
-function DataSummary({ dataPromise }: { dataPromise: Promise<Data> }) {
-  const data = use(dataPromise) // Reuses the same promise
-  return <div>{data.summary}</div>
-}
-```
-
-Both components share the same promise, so only one fetch occurs. Layout renders immediately while both components wait together.
-
-**When NOT to use this pattern:**
-
-- Critical data needed for layout decisions (affects positioning)
-- SEO-critical content above the fold
-- Small, fast queries where suspense overhead isn't worth it
-- When you want to avoid layout shift (loading → content jump)
-
-**Trade-off:** Faster initial paint vs potential layout shift. Choose based on your UX priorities.

.claude/skills/vercel-react-best-practices/rules/bundle-barrel-imports.md

@@ -1,59 +0,0 @@
----
-title: Avoid Barrel File Imports
-impact: CRITICAL
-impactDescription: 200-800ms import cost, slow builds
-tags: bundle, imports, tree-shaking, barrel-files, performance
----
-
-## Avoid Barrel File Imports
-
-Import directly from source files instead of barrel files to avoid loading thousands of unused modules. **Barrel files** are entry points that re-export multiple modules (e.g., `index.js` that does `export * from './module'`).
-
-Popular icon and component libraries can have **up to 10,000 re-exports** in their entry file. For many React packages, **it takes 200-800ms just to import them**, affecting both development speed and production cold starts.
-
-**Why tree-shaking doesn't help:** When a library is marked as external (not bundled), the bundler can't optimize it. If you bundle it to enable tree-shaking, builds become substantially slower analyzing the entire module graph.
-
-**Incorrect (imports entire library):**
-
-```tsx
-import { Check, X, Menu } from 'lucide-react'
-// Loads 1,583 modules, takes ~2.8s extra in dev
-// Runtime cost: 200-800ms on every cold start
-
-import { Button, TextField } from '@mui/material'
-// Loads 2,225 modules, takes ~4.2s extra in dev
-```
-
-**Correct (imports only what you need):**
-
-```tsx
-import Check from 'lucide-react/dist/esm/icons/check'
-import X from 'lucide-react/dist/esm/icons/x'
-import Menu from 'lucide-react/dist/esm/icons/menu'
-// Loads only 3 modules (~2KB vs ~1MB)
-
-import Button from '@mui/material/Button'
-import TextField from '@mui/material/TextField'
-// Loads only what you use
-```
-
-**Alternative (Next.js 13.5+):**
-
-```js
-// next.config.js - use optimizePackageImports
-module.exports = {
-  experimental: {
-    optimizePackageImports: ['lucide-react', '@mui/material']
-  }
-}
-
-// Then you can keep the ergonomic barrel imports:
-import { Check, X, Menu } from 'lucide-react'
-// Automatically transformed to direct imports at build time
-```
-
-Direct imports provide 15-70% faster dev boot, 28% faster builds, 40% faster cold starts, and significantly faster HMR.
-
-Libraries commonly affected: `lucide-react`, `@mui/material`, `@mui/icons-material`, `@tabler/icons-react`, `react-icons`, `@headlessui/react`, `@radix-ui/react-*`, `lodash`, `ramda`, `date-fns`, `rxjs`, `react-use`.
-
-Reference: [How we optimized package imports in Next.js](https://vercel.com/blog/how-we-optimized-package-imports-in-next-js)

.claude/skills/vercel-react-best-practices/rules/bundle-conditional.md

@@ -1,31 +0,0 @@
----
-title: Conditional Module Loading
-impact: HIGH
-impactDescription: loads large data only when needed
-tags: bundle, conditional-loading, lazy-loading
----
-
-## Conditional Module Loading
-
-Load large data or modules only when a feature is activated.
-
-**Example (lazy-load animation frames):**
-
-```tsx
-function AnimationPlayer({ enabled }: { enabled: boolean }) {
-  const [frames, setFrames] = useState<Frame[] | null>(null)
-
-  useEffect(() => {
-    if (enabled && !frames && typeof window !== 'undefined') {
-      import('./animation-frames.js')
-        .then(mod => setFrames(mod.frames))
-        .catch(() => setEnabled(false))
-    }
-  }, [enabled, frames])
-
-  if (!frames) return <Skeleton />
-  return <Canvas frames={frames} />
-}
-```
-
-The `typeof window !== 'undefined'` check prevents bundling this module for SSR, optimizing server bundle size and build speed.

.claude/skills/vercel-react-best-practices/rules/bundle-defer-third-party.md

@@ -1,49 +0,0 @@
----
-title: Defer Non-Critical Third-Party Libraries
-impact: MEDIUM
-impactDescription: loads after hydration
-tags: bundle, third-party, analytics, defer
----
-
-## Defer Non-Critical Third-Party Libraries
-
-Analytics, logging, and error tracking don't block user interaction. Load them after hydration.
-
-**Incorrect (blocks initial bundle):**
-
-```tsx
-import { Analytics } from '@vercel/analytics/react'
-
-export default function RootLayout({ children }) {
-  return (
-    <html>
-      <body>
-        {children}
-        <Analytics />
-      </body>
-    </html>
-  )
-}
-```
-
-**Correct (loads after hydration):**
-
-```tsx
-import dynamic from 'next/dynamic'
-
-const Analytics = dynamic(
-  () => import('@vercel/analytics/react').then(m => m.Analytics),
-  { ssr: false }
-)
-
-export default function RootLayout({ children }) {
-  return (
-    <html>
-      <body>
-        {children}
-        <Analytics />
-      </body>
-    </html>
-  )
-}
-```

.claude/skills/vercel-react-best-practices/rules/bundle-dynamic-imports.md

@@ -1,35 +0,0 @@
----
-title: Dynamic Imports for Heavy Components
-impact: CRITICAL
-impactDescription: directly affects TTI and LCP
-tags: bundle, dynamic-import, code-splitting, next-dynamic
----
-
-## Dynamic Imports for Heavy Components
-
-Use `next/dynamic` to lazy-load large components not needed on initial render.
-
-**Incorrect (Monaco bundles with main chunk ~300KB):**
-
-```tsx
-import { MonacoEditor } from './monaco-editor'
-
-function CodePanel({ code }: { code: string }) {
-  return <MonacoEditor value={code} />
-}
-```
-
-**Correct (Monaco loads on demand):**
-
-```tsx
-import dynamic from 'next/dynamic'
-
-const MonacoEditor = dynamic(
-  () => import('./monaco-editor').then(m => m.MonacoEditor),
-  { ssr: false }
-)
-
-function CodePanel({ code }: { code: string }) {
-  return <MonacoEditor value={code} />
-}
-```

.claude/skills/vercel-react-best-practices/rules/bundle-preload.md

@@ -1,50 +0,0 @@
----
-title: Preload Based on User Intent
-impact: MEDIUM
-impactDescription: reduces perceived latency
-tags: bundle, preload, user-intent, hover
----
-
-## Preload Based on User Intent
-
-Preload heavy bundles before they're needed to reduce perceived latency.
-
-**Example (preload on hover/focus):**
-
-```tsx
-function EditorButton({ onClick }: { onClick: () => void }) {
-  const preload = () => {
-    if (typeof window !== 'undefined') {
-      void import('./monaco-editor')
-    }
-  }
-
-  return (
-    <button
-      onMouseEnter={preload}
-      onFocus={preload}
-      onClick={onClick}
-    >
-      Open Editor
-    </button>
-  )
-}
-```
-
-**Example (preload when feature flag is enabled):**
-
-```tsx
-function FlagsProvider({ children, flags }: Props) {
-  useEffect(() => {
-    if (flags.editorEnabled && typeof window !== 'undefined') {
-      void import('./monaco-editor').then(mod => mod.init())
-    }
-  }, [flags.editorEnabled])
-
-  return <FlagsContext.Provider value={flags}>
-    {children}
-  </FlagsContext.Provider>
-}
-```
-
-The `typeof window !== 'undefined'` check prevents bundling preloaded modules for SSR, optimizing server bundle size and build speed.

.claude/skills/vercel-react-best-practices/rules/client-event-listeners.md

@@ -1,74 +0,0 @@
----
-title: Deduplicate Global Event Listeners
-impact: LOW
-impactDescription: single listener for N components
-tags: client, swr, event-listeners, subscription
----
-
-## Deduplicate Global Event Listeners
-
-Use `useSWRSubscription()` to share global event listeners across component instances.
-
-**Incorrect (N instances = N listeners):**
-
-```tsx
-function useKeyboardShortcut(key: string, callback: () => void) {
-  useEffect(() => {
-    const handler = (e: KeyboardEvent) => {
-      if (e.metaKey && e.key === key) {
-        callback()
-      }
-    }
-    window.addEventListener('keydown', handler)
-    return () => window.removeEventListener('keydown', handler)
-  }, [key, callback])
-}
-```
-
-When using the `useKeyboardShortcut` hook multiple times, each instance will register a new listener.
-
-**Correct (N instances = 1 listener):**
-
-```tsx
-import useSWRSubscription from 'swr/subscription'
-
-// Module-level Map to track callbacks per key
-const keyCallbacks = new Map<string, Set<() => void>>()
-
-function useKeyboardShortcut(key: string, callback: () => void) {
-  // Register this callback in the Map
-  useEffect(() => {
-    if (!keyCallbacks.has(key)) {
-      keyCallbacks.set(key, new Set())
-    }
-    keyCallbacks.get(key)!.add(callback)
-
-    return () => {
-      const set = keyCallbacks.get(key)
-      if (set) {
-        set.delete(callback)
-        if (set.size === 0) {
-          keyCallbacks.delete(key)
-        }
-      }
-    }
-  }, [key, callback])
-
-  useSWRSubscription('global-keydown', () => {
-    const handler = (e: KeyboardEvent) => {
-      if (e.metaKey && keyCallbacks.has(e.key)) {
-        keyCallbacks.get(e.key)!.forEach(cb => cb())
-      }
-    }
-    window.addEventListener('keydown', handler)
-    return () => window.removeEventListener('keydown', handler)
-  })
-}
-
-function Profile() {
-  // Multiple shortcuts will share the same listener
-  useKeyboardShortcut('p', () => { /* ... */ }) 
-  useKeyboardShortcut('k', () => { /* ... */ })
-  // ...
-}
-```

.claude/skills/vercel-react-best-practices/rules/client-swr-dedup.md

@@ -1,56 +0,0 @@
----
-title: Use SWR for Automatic Deduplication
-impact: MEDIUM-HIGH
-impactDescription: automatic deduplication
-tags: client, swr, deduplication, data-fetching
----
-
-## Use SWR for Automatic Deduplication
-
-SWR enables request deduplication, caching, and revalidation across component instances.
-
-**Incorrect (no deduplication, each instance fetches):**
-
-```tsx
-function UserList() {
-  const [users, setUsers] = useState([])
-  useEffect(() => {
-    fetch('/api/users')
-      .then(r => r.json())
-      .then(setUsers)
-  }, [])
-}
-```
-
-**Correct (multiple instances share one request):**
-
-```tsx
-import useSWR from 'swr'
-
-function UserList() {
-  const { data: users } = useSWR('/api/users', fetcher)
-}
-```
-
-**For immutable data:**
-
-```tsx
-import { useImmutableSWR } from '@/lib/swr'
-
-function StaticContent() {
-  const { data } = useImmutableSWR('/api/config', fetcher)
-}
-```
-
-**For mutations:**
-
-```tsx
-import { useSWRMutation } from 'swr/mutation'
-
-function UpdateButton() {
-  const { trigger } = useSWRMutation('/api/user', updateUser)
-  return <button onClick={() => trigger()}>Update</button>
-}
-```
-
-Reference: [https://swr.vercel.app](https://swr.vercel.app)

.claude/skills/vercel-react-best-practices/rules/js-batch-dom-css.md

@@ -1,82 +0,0 @@
----
-title: Batch DOM CSS Changes
-impact: MEDIUM
-impactDescription: reduces reflows/repaints
-tags: javascript, dom, css, performance, reflow
----
-
-## Batch DOM CSS Changes
-
-Avoid changing styles one property at a time. Group multiple CSS changes together via classes or `cssText` to minimize browser reflows.
-
-**Incorrect (multiple reflows):**
-
-```typescript
-function updateElementStyles(element: HTMLElement) {
-  // Each line triggers a reflow
-  element.style.width = '100px'
-  element.style.height = '200px'
-  element.style.backgroundColor = 'blue'
-  element.style.border = '1px solid black'
-}
-```
-
-**Correct (add class - single reflow):**
-
-```typescript
-// CSS file
-.highlighted-box {
-  width: 100px;
-  height: 200px;
-  background-color: blue;
-  border: 1px solid black;
-}
-
-// JavaScript
-function updateElementStyles(element: HTMLElement) {
-  element.classList.add('highlighted-box')
-}
-```
-
-**Correct (change cssText - single reflow):**
-
-```typescript
-function updateElementStyles(element: HTMLElement) {
-  element.style.cssText = `
-    width: 100px;
-    height: 200px;
-    background-color: blue;
-    border: 1px solid black;
-  `
-}
-```
-
-**React example:**
-
-```tsx
-// Incorrect: changing styles one by one
-function Box({ isHighlighted }: { isHighlighted: boolean }) {
-  const ref = useRef<HTMLDivElement>(null)
-  
-  useEffect(() => {
-    if (ref.current && isHighlighted) {
-      ref.current.style.width = '100px'
-      ref.current.style.height = '200px'
-      ref.current.style.backgroundColor = 'blue'
-    }
-  }, [isHighlighted])
-  
-  return <div ref={ref}>Content</div>
-}
-
-// Correct: toggle class
-function Box({ isHighlighted }: { isHighlighted: boolean }) {
-  return (
-    <div className={isHighlighted ? 'highlighted-box' : ''}>
-      Content
-    </div>
-  )
-}
-```
-
-Prefer CSS classes over inline styles when possible. Classes are cached by the browser and provide better separation of concerns.

.claude/skills/vercel-react-best-practices/rules/js-cache-function-results.md

@@ -1,80 +0,0 @@
----
-title: Cache Repeated Function Calls
-impact: MEDIUM
-impactDescription: avoid redundant computation
-tags: javascript, cache, memoization, performance
----
-
-## Cache Repeated Function Calls
-
-Use a module-level Map to cache function results when the same function is called repeatedly with the same inputs during render.
-
-**Incorrect (redundant computation):**
-
-```typescript
-function ProjectList({ projects }: { projects: Project[] }) {
-  return (
-    <div>
-      {projects.map(project => {
-        // slugify() called 100+ times for same project names
-        const slug = slugify(project.name)
-        
-        return <ProjectCard key={project.id} slug={slug} />
-      })}
-    </div>
-  )
-}
-```
-
-**Correct (cached results):**
-
-```typescript
-// Module-level cache
-const slugifyCache = new Map<string, string>()
-
-function cachedSlugify(text: string): string {
-  if (slugifyCache.has(text)) {
-    return slugifyCache.get(text)!
-  }
-  const result = slugify(text)
-  slugifyCache.set(text, result)
-  return result
-}
-
-function ProjectList({ projects }: { projects: Project[] }) {
-  return (
-    <div>
-      {projects.map(project => {
-        // Computed only once per unique project name
-        const slug = cachedSlugify(project.name)
-        
-        return <ProjectCard key={project.id} slug={slug} />
-      })}
-    </div>
-  )
-}
-```
-
-**Simpler pattern for single-value functions:**
-
-```typescript
-let isLoggedInCache: boolean | null = null
-
-function isLoggedIn(): boolean {
-  if (isLoggedInCache !== null) {
-    return isLoggedInCache
-  }
-  
-  isLoggedInCache = document.cookie.includes('auth=')
-  return isLoggedInCache
-}
-
-// Clear cache when auth changes
-function onAuthChange() {
-  isLoggedInCache = null
-}
-```
-
-Use a Map (not a hook) so it works everywhere: utilities, event handlers, not just React components.
-
-Reference: [How we made the Vercel Dashboard twice as fast](https://vercel.com/blog/how-we-made-the-vercel-dashboard-twice-as-fast)

.claude/skills/vercel-react-best-practices/rules/js-cache-property-access.md

@@ -1,28 +0,0 @@
----
-title: Cache Property Access in Loops
-impact: LOW-MEDIUM
-impactDescription: reduces lookups
-tags: javascript, loops, optimization, caching
----
-
-## Cache Property Access in Loops
-
-Cache object property lookups in hot paths.
-
-**Incorrect (3 lookups × N iterations):**
-
-```typescript
-for (let i = 0; i < arr.length; i++) {
-  process(obj.config.settings.value)
-}
-```
-
-**Correct (1 lookup total):**
-
-```typescript
-const value = obj.config.settings.value
-const len = arr.length
-for (let i = 0; i < len; i++) {
-  process(value)
-}
-```

.claude/skills/vercel-react-best-practices/rules/js-cache-storage.md

@@ -1,70 +0,0 @@
----
-title: Cache Storage API Calls
-impact: LOW-MEDIUM
-impactDescription: reduces expensive I/O
-tags: javascript, localStorage, storage, caching, performance
----
-
-## Cache Storage API Calls
-
-`localStorage`, `sessionStorage`, and `document.cookie` are synchronous and expensive. Cache reads in memory.
-
-**Incorrect (reads storage on every call):**
-
-```typescript
-function getTheme() {
-  return localStorage.getItem('theme') ?? 'light'
-}
-// Called 10 times = 10 storage reads
-```
-
-**Correct (Map cache):**
-
-```typescript
-const storageCache = new Map<string, string | null>()
-
-function getLocalStorage(key: string) {
-  if (!storageCache.has(key)) {
-    storageCache.set(key, localStorage.getItem(key))
-  }
-  return storageCache.get(key)
-}
-
-function setLocalStorage(key: string, value: string) {
-  localStorage.setItem(key, value)
-  storageCache.set(key, value)  // keep cache in sync
-}
-```
-
-Use a Map (not a hook) so it works everywhere: utilities, event handlers, not just React components.
-
-**Cookie caching:**
-
-```typescript
-let cookieCache: Record<string, string> | null = null
-
-function getCookie(name: string) {
-  if (!cookieCache) {
-    cookieCache = Object.fromEntries(
-      document.cookie.split('; ').map(c => c.split('='))
-    )
-  }
-  return cookieCache[name]
-}
-```
-
-**Important (invalidate on external changes):**
-
-If storage can change externally (another tab, server-set cookies), invalidate cache:
-
-```typescript
-window.addEventListener('storage', (e) => {
-  if (e.key) storageCache.delete(e.key)
-})
-
-document.addEventListener('visibilitychange', () => {
-  if (document.visibilityState === 'visible') {
-    storageCache.clear()
-  }
-})
-```

.claude/skills/vercel-react-best-practices/rules/js-combine-iterations.md

@@ -1,32 +0,0 @@
----
-title: Combine Multiple Array Iterations
-impact: LOW-MEDIUM
-impactDescription: reduces iterations
-tags: javascript, arrays, loops, performance
----
-
-## Combine Multiple Array Iterations
-
-Multiple `.filter()` or `.map()` calls iterate the array multiple times. Combine into one loop.
-
-**Incorrect (3 iterations):**
-
-```typescript
-const admins = users.filter(u => u.isAdmin)
-const testers = users.filter(u => u.isTester)
-const inactive = users.filter(u => !u.isActive)
-```
-
-**Correct (1 iteration):**
-
-```typescript
-const admins: User[] = []
-const testers: User[] = []
-const inactive: User[] = []
-
-for (const user of users) {
-  if (user.isAdmin) admins.push(user)
-  if (user.isTester) testers.push(user)
-  if (!user.isActive) inactive.push(user)
-}
-```

.claude/skills/vercel-react-best-practices/rules/js-early-exit.md

@@ -1,50 +0,0 @@
----
-title: Early Return from Functions
-impact: LOW-MEDIUM
-impactDescription: avoids unnecessary computation
-tags: javascript, functions, optimization, early-return
----
-
-## Early Return from Functions
-
-Return early when result is determined to skip unnecessary processing.
-
-**Incorrect (processes all items even after finding answer):**
-
-```typescript
-function validateUsers(users: User[]) {
-  let hasError = false
-  let errorMessage = ''
-  
-  for (const user of users) {
-    if (!user.email) {
-      hasError = true
-      errorMessage = 'Email required'
-    }
-    if (!user.name) {
-      hasError = true
-      errorMessage = 'Name required'
-    }
-    // Continues checking all users even after error found
-  }
-  
-  return hasError ? { valid: false, error: errorMessage } : { valid: true }
-}
-```
-
-**Correct (returns immediately on first error):**
-
-```typescript
-function validateUsers(users: User[]) {
-  for (const user of users) {
-    if (!user.email) {
-      return { valid: false, error: 'Email required' }
-    }
-    if (!user.name) {
-      return { valid: false, error: 'Name required' }
-    }
-  }
-
-  return { valid: true }
-}
-```

.claude/skills/vercel-react-best-practices/rules/js-hoist-regexp.md

@@ -1,45 +0,0 @@
----
-title: Hoist RegExp Creation
-impact: LOW-MEDIUM
-impactDescription: avoids recreation
-tags: javascript, regexp, optimization, memoization
----
-
-## Hoist RegExp Creation
-
-Don't create RegExp inside render. Hoist to module scope or memoize with `useMemo()`.
-
-**Incorrect (new RegExp every render):**
-
-```tsx
-function Highlighter({ text, query }: Props) {
-  const regex = new RegExp(`(${query})`, 'gi')
-  const parts = text.split(regex)
-  return <>{parts.map((part, i) => ...)}</>
-}
-```
-
-**Correct (memoize or hoist):**
-
-```tsx
-const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/
-
-function Highlighter({ text, query }: Props) {
-  const regex = useMemo(
-    () => new RegExp(`(${escapeRegex(query)})`, 'gi'),
-    [query]
-  )
-  const parts = text.split(regex)
-  return <>{parts.map((part, i) => ...)}</>
-}
-```
-
-**Warning (global regex has mutable state):**
-
-Global regex (`/g`) has mutable `lastIndex` state:
-
-```typescript
-const regex = /foo/g
-regex.test('foo')  // true, lastIndex = 3
-regex.test('foo')  // false, lastIndex = 0
-```

.claude/skills/vercel-react-best-practices/rules/js-index-maps.md

@@ -1,37 +0,0 @@
----
-title: Build Index Maps for Repeated Lookups
-impact: LOW-MEDIUM
-impactDescription: 1M ops to 2K ops
-tags: javascript, map, indexing, optimization, performance
----
-
-## Build Index Maps for Repeated Lookups
-
-Multiple `.find()` calls by the same key should use a Map.
-
-**Incorrect (O(n) per lookup):**
-
-```typescript
-function processOrders(orders: Order[], users: User[]) {
-  return orders.map(order => ({
-    ...order,
-    user: users.find(u => u.id === order.userId)
-  }))
-}
-```
-
-**Correct (O(1) per lookup):**
-
-```typescript
-function processOrders(orders: Order[], users: User[]) {
-  const userById = new Map(users.map(u => [u.id, u]))
-
-  return orders.map(order => ({
-    ...order,
-    user: userById.get(order.userId)
-  }))
-}
-```
-
-Build map once (O(n)), then all lookups are O(1).
-For 1000 orders × 1000 users: 1M ops → 2K ops.

.claude/skills/vercel-react-best-practices/rules/js-length-check-first.md

@@ -1,49 +0,0 @@
----
-title: Early Length Check for Array Comparisons
-impact: MEDIUM-HIGH
-impactDescription: avoids expensive operations when lengths differ
-tags: javascript, arrays, performance, optimization, comparison
----
-
-## Early Length Check for Array Comparisons
-
-When comparing arrays with expensive operations (sorting, deep equality, serialization), check lengths first. If lengths differ, the arrays cannot be equal.
-
-In real-world applications, this optimization is especially valuable when the comparison runs in hot paths (event handlers, render loops).
-
-**Incorrect (always runs expensive comparison):**
-
-```typescript
-function hasChanges(current: string[], original: string[]) {
-  // Always sorts and joins, even when lengths differ
-  return current.sort().join() !== original.sort().join()
-}
-```
-
-Two O(n log n) sorts run even when `current.length` is 5 and `original.length` is 100. There is also overhead of joining the arrays and comparing the strings.
-
-**Correct (O(1) length check first):**
-
-```typescript
-function hasChanges(current: string[], original: string[]) {
-  // Early return if lengths differ
-  if (current.length !== original.length) {
-    return true
-  }
-  // Only sort/join when lengths match
-  const currentSorted = current.toSorted()
-  const originalSorted = original.toSorted()
-  for (let i = 0; i < currentSorted.length; i++) {
-    if (currentSorted[i] !== originalSorted[i]) {
-      return true
-    }
-  }
-  return false
-}
-```
-
-This new approach is more efficient because:
-- It avoids the overhead of sorting and joining the arrays when lengths differ
-- It avoids consuming memory for the joined strings (especially important for large arrays)
-- It avoids mutating the original arrays
-- It returns early when a difference is found

.claude/skills/vercel-react-best-practices/rules/js-min-max-loop.md

@@ -1,82 +0,0 @@
----
-title: Use Loop for Min/Max Instead of Sort
-impact: LOW
-impactDescription: O(n) instead of O(n log n)
-tags: javascript, arrays, performance, sorting, algorithms
----
-
-## Use Loop for Min/Max Instead of Sort
-
-Finding the smallest or largest element only requires a single pass through the array. Sorting is wasteful and slower.
-
-**Incorrect (O(n log n) - sort to find latest):**
-
-```typescript
-interface Project {
-  id: string
-  name: string
-  updatedAt: number
-}
-
-function getLatestProject(projects: Project[]) {
-  const sorted = [...projects].sort((a, b) => b.updatedAt - a.updatedAt)
-  return sorted[0]
-}
-```
-
-Sorts the entire array just to find the maximum value.
-
-**Incorrect (O(n log n) - sort for oldest and newest):**
-
-```typescript
-function getOldestAndNewest(projects: Project[]) {
-  const sorted = [...projects].sort((a, b) => a.updatedAt - b.updatedAt)
-  return { oldest: sorted[0], newest: sorted[sorted.length - 1] }
-}
-```
-
-Still sorts unnecessarily when only min/max are needed.
-
-**Correct (O(n) - single loop):**
-
-```typescript
-function getLatestProject(projects: Project[]) {
-  if (projects.length === 0) return null
-  
-  let latest = projects[0]
-  
-  for (let i = 1; i < projects.length; i++) {
-    if (projects[i].updatedAt > latest.updatedAt) {
-      latest = projects[i]
-    }
-  }
-  
-  return latest
-}
-
-function getOldestAndNewest(projects: Project[]) {
-  if (projects.length === 0) return { oldest: null, newest: null }
-  
-  let oldest = projects[0]
-  let newest = projects[0]
-  
-  for (let i = 1; i < projects.length; i++) {
-    if (projects[i].updatedAt < oldest.updatedAt) oldest = projects[i]
-    if (projects[i].updatedAt > newest.updatedAt) newest = projects[i]
-  }
-  
-  return { oldest, newest }
-}
-```
-
-Single pass through the array, no copying, no sorting.
-
-**Alternative (Math.min/Math.max for small arrays):**
-
-```typescript
-const numbers = [5, 2, 8, 1, 9]
-const min = Math.min(...numbers)
-const max = Math.max(...numbers)
-```
-
-This works for small arrays but can be slower for very large arrays due to spread operator limitations. Use the loop approach for reliability.

.claude/skills/vercel-react-best-practices/rules/js-set-map-lookups.md

@@ -1,24 +0,0 @@
----
-title: Use Set/Map for O(1) Lookups
-impact: LOW-MEDIUM
-impactDescription: O(n) to O(1)
-tags: javascript, set, map, data-structures, performance
----
-
-## Use Set/Map for O(1) Lookups
-
-Convert arrays to Set/Map for repeated membership checks.
-
-**Incorrect (O(n) per check):**
-
-```typescript
-const allowedIds = ['a', 'b', 'c', ...]
-items.filter(item => allowedIds.includes(item.id))
-```
-
-**Correct (O(1) per check):**
-
-```typescript
-const allowedIds = new Set(['a', 'b', 'c', ...])
-items.filter(item => allowedIds.has(item.id))
-```

.claude/skills/vercel-react-best-practices/rules/js-tosorted-immutable.md

@@ -1,57 +0,0 @@
----
-title: Use toSorted() Instead of sort() for Immutability
-impact: MEDIUM-HIGH
-impactDescription: prevents mutation bugs in React state
-tags: javascript, arrays, immutability, react, state, mutation
----
-
-## Use toSorted() Instead of sort() for Immutability
-
-`.sort()` mutates the array in place, which can cause bugs with React state and props. Use `.toSorted()` to create a new sorted array without mutation.
-
-**Incorrect (mutates original array):**
-
-```typescript
-function UserList({ users }: { users: User[] }) {
-  // Mutates the users prop array!
-  const sorted = useMemo(
-    () => users.sort((a, b) => a.name.localeCompare(b.name)),
-    [users]
-  )
-  return <div>{sorted.map(renderUser)}</div>
-}
-```
-
-**Correct (creates new array):**
-
-```typescript
-function UserList({ users }: { users: User[] }) {
-  // Creates new sorted array, original unchanged
-  const sorted = useMemo(
-    () => users.toSorted((a, b) => a.name.localeCompare(b.name)),
-    [users]
-  )
-  return <div>{sorted.map(renderUser)}</div>
-}
-```
-
-**Why this matters in React:**
-
-1. Props/state mutations break React's immutability model - React expects props and state to be treated as read-only
-2. Causes stale closure bugs - Mutating arrays inside closures (callbacks, effects) can lead to unexpected behavior
-
-**Browser support (fallback for older browsers):**
-
-`.toSorted()` is available in all modern browsers (Chrome 110+, Safari 16+, Firefox 115+, Node.js 20+). For older environments, use spread operator:
-
-```typescript
-// Fallback for older browsers
-const sorted = [...items].sort((a, b) => a.value - b.value)
-```
-
-**Other immutable array methods:**
-
-- `.toSorted()` - immutable sort
-- `.toReversed()` - immutable reverse
-- `.toSpliced()` - immutable splice
-- `.with()` - immutable element replacement

.claude/skills/vercel-react-best-practices/rules/rendering-activity.md

@@ -1,26 +0,0 @@
----
-title: Use Activity Component for Show/Hide
-impact: MEDIUM
-impactDescription: preserves state/DOM
-tags: rendering, activity, visibility, state-preservation
----
-
-## Use Activity Component for Show/Hide
-
-Use React's `<Activity>` to preserve state/DOM for expensive components that frequently toggle visibility.
-
-**Usage:**
-
-```tsx
-import { Activity } from 'react'
-
-function Dropdown({ isOpen }: Props) {
-  return (
-    <Activity mode={isOpen ? 'visible' : 'hidden'}>
-      <ExpensiveMenu />
-    </Activity>
-  )
-}
-```
-
-Avoids expensive re-renders and state loss.

.claude/skills/vercel-react-best-practices/rules/rendering-animate-svg-wrapper.md

@@ -1,47 +0,0 @@
----
-title: Animate SVG Wrapper Instead of SVG Element
-impact: LOW
-impactDescription: enables hardware acceleration
-tags: rendering, svg, css, animation, performance
----
-
-## Animate SVG Wrapper Instead of SVG Element
-
-Many browsers don't have hardware acceleration for CSS3 animations on SVG elements. Wrap SVG in a `<div>` and animate the wrapper instead.
-
-**Incorrect (animating SVG directly - no hardware acceleration):**
-
-```tsx
-function LoadingSpinner() {
-  return (
-    <svg 
-      className="animate-spin"
-      width="24" 
-      height="24" 
-      viewBox="0 0 24 24"
-    >
-      <circle cx="12" cy="12" r="10" stroke="currentColor" />
-    </svg>
-  )
-}
-```
-
-**Correct (animating wrapper div - hardware accelerated):**
-
-```tsx
-function LoadingSpinner() {
-  return (
-    <div className="animate-spin">
-      <svg 
-        width="24" 
-        height="24" 
-        viewBox="0 0 24 24"
-      >
-        <circle cx="12" cy="12" r="10" stroke="currentColor" />
-      </svg>
-    </div>
-  )
-}
-```
-
-This applies to all CSS transforms and transitions (`transform`, `opacity`, `translate`, `scale`, `rotate`). The wrapper div allows browsers to use GPU acceleration for smoother animations.

.claude/skills/vercel-react-best-practices/rules/rendering-conditional-render.md

@@ -1,40 +0,0 @@
----
-title: Use Explicit Conditional Rendering
-impact: LOW
-impactDescription: prevents rendering 0 or NaN
-tags: rendering, conditional, jsx, falsy-values
----
-
-## Use Explicit Conditional Rendering
-
-Use explicit ternary operators (`? :`) instead of `&&` for conditional rendering when the condition can be `0`, `NaN`, or other falsy values that render.
-
-**Incorrect (renders "0" when count is 0):**
-
-```tsx
-function Badge({ count }: { count: number }) {
-  return (
-    <div>
-      {count && <span className="badge">{count}</span>}
-    </div>
-  )
-}
-
-// When count = 0, renders: <div>0</div>
-// When count = 5, renders: <div><span class="badge">5</span></div>
-```
-
-**Correct (renders nothing when count is 0):**
-
-```tsx
-function Badge({ count }: { count: number }) {
-  return (
-    <div>
-      {count > 0 ? <span className="badge">{count}</span> : null}
-    </div>
-  )
-}
-
-// When count = 0, renders: <div></div>
-// When count = 5, renders: <div><span class="badge">5</span></div>
-```

.claude/skills/vercel-react-best-practices/rules/rendering-content-visibility.md

@@ -1,38 +0,0 @@
----
-title: CSS content-visibility for Long Lists
-impact: HIGH
-impactDescription: faster initial render
-tags: rendering, css, content-visibility, long-lists
----
-
-## CSS content-visibility for Long Lists
-
-Apply `content-visibility: auto` to defer off-screen rendering.
-
-**CSS:**
-
-```css
-.message-item {
-  content-visibility: auto;
-  contain-intrinsic-size: 0 80px;
-}
-```
-
-**Example:**
-
-```tsx
-function MessageList({ messages }: { messages: Message[] }) {
-  return (
-    <div className="overflow-y-auto h-screen">
-      {messages.map(msg => (
-        <div key={msg.id} className="message-item">
-          <Avatar user={msg.author} />
-          <div>{msg.content}</div>
-        </div>
-      ))}
-    </div>
-  )
-}
-```
-
-For 1000 messages, browser skips layout/paint for ~990 off-screen items (10× faster initial render).

.claude/skills/vercel-react-best-practices/rules/rendering-hoist-jsx.md

@@ -1,46 +0,0 @@
----
-title: Hoist Static JSX Elements
-impact: LOW
-impactDescription: avoids re-creation
-tags: rendering, jsx, static, optimization
----
-
-## Hoist Static JSX Elements
-
-Extract static JSX outside components to avoid re-creation.
-
-**Incorrect (recreates element every render):**
-
-```tsx
-function LoadingSkeleton() {
-  return <div className="animate-pulse h-20 bg-gray-200" />
-}
-
-function Container() {
-  return (
-    <div>
-      {loading && <LoadingSkeleton />}
-    </div>
-  )
-}
-```
-
-**Correct (reuses same element):**
-
-```tsx
-const loadingSkeleton = (
-  <div className="animate-pulse h-20 bg-gray-200" />
-)
-
-function Container() {
-  return (
-    <div>
-      {loading && loadingSkeleton}
-    </div>
-  )
-}
-```
-
-This is especially helpful for large and static SVG nodes, which can be expensive to recreate on every render.
-
-**Note:** If your project has [React Compiler](https://react.dev/learn/react-compiler) enabled, the compiler automatically hoists static JSX elements and optimizes component re-renders, making manual hoisting unnecessary.

.claude/skills/vercel-react-best-practices/rules/rendering-hydration-no-flicker.md

@@ -1,82 +0,0 @@
----
-title: Prevent Hydration Mismatch Without Flickering
-impact: MEDIUM
-impactDescription: avoids visual flicker and hydration errors
-tags: rendering, ssr, hydration, localStorage, flicker
----
-
-## Prevent Hydration Mismatch Without Flickering
-
-When rendering content that depends on client-side storage (localStorage, cookies), avoid both SSR breakage and post-hydration flickering by injecting a synchronous script that updates the DOM before React hydrates.
-
-**Incorrect (breaks SSR):**
-
-```tsx
-function ThemeWrapper({ children }: { children: ReactNode }) {
-  // localStorage is not available on server - throws error
-  const theme = localStorage.getItem('theme') || 'light'
-  
-  return (
-    <div className={theme}>
-      {children}
-    </div>
-  )
-}
-```
-
-Server-side rendering will fail because `localStorage` is undefined.
-
-**Incorrect (visual flickering):**
-
-```tsx
-function ThemeWrapper({ children }: { children: ReactNode }) {
-  const [theme, setTheme] = useState('light')
-  
-  useEffect(() => {
-    // Runs after hydration - causes visible flash
-    const stored = localStorage.getItem('theme')
-    if (stored) {
-      setTheme(stored)
-    }
-  }, [])
-  
-  return (
-    <div className={theme}>
-      {children}
-    </div>
-  )
-}
-```
-
-Component first renders with default value (`light`), then updates after hydration, causing a visible flash of incorrect content.
-
-**Correct (no flicker, no hydration mismatch):**
-
-```tsx
-function ThemeWrapper({ children }: { children: ReactNode }) {
-  return (
-    <>
-      <div id="theme-wrapper">
-        {children}
-      </div>
-      <script
-        dangerouslySetInnerHTML={{
-          __html: `
-            (function() {
-              try {
-                var theme = localStorage.getItem('theme') || 'light';
-                var el = document.getElementById('theme-wrapper');
-                if (el) el.className = theme;
-              } catch (e) {}
-            })();
-          `,
-        }}
-      />
-    </>
-  )
-}
-```
-
-The inline script executes synchronously before showing the element, ensuring the DOM already has the correct value. No flickering, no hydration mismatch.
-
-This pattern is especially useful for theme toggles, user preferences, authentication states, and any client-only data that should render immediately without flashing default values.

.claude/skills/vercel-react-best-practices/rules/rendering-svg-precision.md

@@ -1,28 +0,0 @@
----
-title: Optimize SVG Precision
-impact: LOW
-impactDescription: reduces file size
-tags: rendering, svg, optimization, svgo
----
-
-## Optimize SVG Precision
-
-Reduce SVG coordinate precision to decrease file size. The optimal precision depends on the viewBox size, but in general reducing precision should be considered.
-
-**Incorrect (excessive precision):**
-
-```svg
-<path d="M 10.293847 20.847362 L 30.938472 40.192837" />
-```
-
-**Correct (1 decimal place):**
-
-```svg
-<path d="M 10.3 20.8 L 30.9 40.2" />
-```
-
-**Automate with SVGO:**
-
-```bash
-npx svgo --precision=1 --multipass icon.svg
-```

.claude/skills/vercel-react-best-practices/rules/rerender-defer-reads.md

@@ -1,39 +0,0 @@
----
-title: Defer State Reads to Usage Point
-impact: MEDIUM
-impactDescription: avoids unnecessary subscriptions
-tags: rerender, searchParams, localStorage, optimization
----
-
-## Defer State Reads to Usage Point
-
-Don't subscribe to dynamic state (searchParams, localStorage) if you only read it inside callbacks.
-
-**Incorrect (subscribes to all searchParams changes):**
-
-```tsx
-function ShareButton({ chatId }: { chatId: string }) {
-  const searchParams = useSearchParams()
-
-  const handleShare = () => {
-    const ref = searchParams.get('ref')
-    shareChat(chatId, { ref })
-  }
-
-  return <button onClick={handleShare}>Share</button>
-}
-```
-
-**Correct (reads on demand, no subscription):**
-
-```tsx
-function ShareButton({ chatId }: { chatId: string }) {
-  const handleShare = () => {
-    const params = new URLSearchParams(window.location.search)
-    const ref = params.get('ref')
-    shareChat(chatId, { ref })
-  }
-
-  return <button onClick={handleShare}>Share</button>
-}
-```

.claude/skills/vercel-react-best-practices/rules/rerender-dependencies.md

@@ -1,45 +0,0 @@
----
-title: Narrow Effect Dependencies
-impact: LOW
-impactDescription: minimizes effect re-runs
-tags: rerender, useEffect, dependencies, optimization
----
-
-## Narrow Effect Dependencies
-
-Specify primitive dependencies instead of objects to minimize effect re-runs.
-
-**Incorrect (re-runs on any user field change):**
-
-```tsx
-useEffect(() => {
-  console.log(user.id)
-}, [user])
-```
-
-**Correct (re-runs only when id changes):**
-
-```tsx
-useEffect(() => {
-  console.log(user.id)
-}, [user.id])
-```
-
-**For derived state, compute outside effect:**
-
-```tsx
-// Incorrect: runs on width=767, 766, 765...
-useEffect(() => {
-  if (width < 768) {
-    enableMobileMode()
-  }
-}, [width])
-
-// Correct: runs only on boolean transition
-const isMobile = width < 768
-useEffect(() => {
-  if (isMobile) {
-    enableMobileMode()
-  }
-}, [isMobile])
-```

.claude/skills/vercel-react-best-practices/rules/rerender-derived-state.md

@@ -1,29 +0,0 @@
----
-title: Subscribe to Derived State
-impact: MEDIUM
-impactDescription: reduces re-render frequency
-tags: rerender, derived-state, media-query, optimization
----
-
-## Subscribe to Derived State
-
-Subscribe to derived boolean state instead of continuous values to reduce re-render frequency.
-
-**Incorrect (re-renders on every pixel change):**
-
-```tsx
-function Sidebar() {
-  const width = useWindowWidth()  // updates continuously
-  const isMobile = width < 768
-  return <nav className={isMobile ? 'mobile' : 'desktop'}>
-}
-```
-
-**Correct (re-renders only when boolean changes):**
-
-```tsx
-function Sidebar() {
-  const isMobile = useMediaQuery('(max-width: 767px)')
-  return <nav className={isMobile ? 'mobile' : 'desktop'}>
-}
-```

.claude/skills/vercel-react-best-practices/rules/rerender-functional-setstate.md

@@ -1,74 +0,0 @@
----
-title: Use Functional setState Updates
-impact: MEDIUM
-impactDescription: prevents stale closures and unnecessary callback recreations
-tags: react, hooks, useState, useCallback, callbacks, closures
----
-
-## Use Functional setState Updates
-
-When updating state based on the current state value, use the functional update form of setState instead of directly referencing the state variable. This prevents stale closures, eliminates unnecessary dependencies, and creates stable callback references.
-
-**Incorrect (requires state as dependency):**
-
-```tsx
-function TodoList() {
-  const [items, setItems] = useState(initialItems)
-  
-  // Callback must depend on items, recreated on every items change
-  const addItems = useCallback((newItems: Item[]) => {
-    setItems([...items, ...newItems])
-  }, [items])  // ❌ items dependency causes recreations
-  
-  // Risk of stale closure if dependency is forgotten
-  const removeItem = useCallback((id: string) => {
-    setItems(items.filter(item => item.id !== id))
-  }, [])  // ❌ Missing items dependency - will use stale items!
-  
-  return <ItemsEditor items={items} onAdd={addItems} onRemove={removeItem} />
-}
-```
-
-The first callback is recreated every time `items` changes, which can cause child components to re-render unnecessarily. The second callback has a stale closure bug—it will always reference the initial `items` value.
-
-**Correct (stable callbacks, no stale closures):**
-
-```tsx
-function TodoList() {
-  const [items, setItems] = useState(initialItems)
-  
-  // Stable callback, never recreated
-  const addItems = useCallback((newItems: Item[]) => {
-    setItems(curr => [...curr, ...newItems])
-  }, [])  // ✅ No dependencies needed
-  
-  // Always uses latest state, no stale closure risk
-  const removeItem = useCallback((id: string) => {
-    setItems(curr => curr.filter(item => item.id !== id))
-  }, [])  // ✅ Safe and stable
-  
-  return <ItemsEditor items={items} onAdd={addItems} onRemove={removeItem} />
-}
-```
-
-**Benefits:**
-
-1. **Stable callback references** - Callbacks don't need to be recreated when state changes
-2. **No stale closures** - Always operates on the latest state value
-3. **Fewer dependencies** - Simplifies dependency arrays and reduces memory leaks
-4. **Prevents bugs** - Eliminates the most common source of React closure bugs
-
-**When to use functional updates:**
-
-- Any setState that depends on the current state value
-- Inside useCallback/useMemo when state is needed
-- Event handlers that reference state
-- Async operations that update state
-
-**When direct updates are fine:**
-
-- Setting state to a static value: `setCount(0)`
-- Setting state from props/arguments only: `setName(newName)`
-- State doesn't depend on previous value
-
-**Note:** If your project has [React Compiler](https://react.dev/learn/react-compiler) enabled, the compiler can automatically optimize some cases, but functional updates are still recommended for correctness and to prevent stale closure bugs.

.claude/skills/vercel-react-best-practices/rules/rerender-lazy-state-init.md

@@ -1,58 +0,0 @@
----
-title: Use Lazy State Initialization
-impact: MEDIUM
-impactDescription: wasted computation on every render
-tags: react, hooks, useState, performance, initialization
----
-
-## Use Lazy State Initialization
-
-Pass a function to `useState` for expensive initial values. Without the function form, the initializer runs on every render even though the value is only used once.
-
-**Incorrect (runs on every render):**
-
-```tsx
-function FilteredList({ items }: { items: Item[] }) {
-  // buildSearchIndex() runs on EVERY render, even after initialization
-  const [searchIndex, setSearchIndex] = useState(buildSearchIndex(items))
-  const [query, setQuery] = useState('')
-  
-  // When query changes, buildSearchIndex runs again unnecessarily
-  return <SearchResults index={searchIndex} query={query} />
-}
-
-function UserProfile() {
-  // JSON.parse runs on every render
-  const [settings, setSettings] = useState(
-    JSON.parse(localStorage.getItem('settings') || '{}')
-  )
-  
-  return <SettingsForm settings={settings} onChange={setSettings} />
-}
-```
-
-**Correct (runs only once):**
-
-```tsx
-function FilteredList({ items }: { items: Item[] }) {
-  // buildSearchIndex() runs ONLY on initial render
-  const [searchIndex, setSearchIndex] = useState(() => buildSearchIndex(items))
-  const [query, setQuery] = useState('')
-  
-  return <SearchResults index={searchIndex} query={query} />
-}
-
-function UserProfile() {
-  // JSON.parse runs only on initial render
-  const [settings, setSettings] = useState(() => {
-    const stored = localStorage.getItem('settings')
-    return stored ? JSON.parse(stored) : {}
-  })
-  
-  return <SettingsForm settings={settings} onChange={setSettings} />
-}
-```
-
-Use lazy initialization when computing initial values from localStorage/sessionStorage, building data structures (indexes, maps), reading from the DOM, or performing heavy transformations.
-
-For simple primitives (`useState(0)`), direct references (`useState(props.value)`), or cheap literals (`useState({})`), the function form is unnecessary.

.claude/skills/vercel-react-best-practices/rules/rerender-memo.md

@@ -1,44 +0,0 @@
----
-title: Extract to Memoized Components
-impact: MEDIUM
-impactDescription: enables early returns
-tags: rerender, memo, useMemo, optimization
----
-
-## Extract to Memoized Components
-
-Extract expensive work into memoized components to enable early returns before computation.
-
-**Incorrect (computes avatar even when loading):**
-
-```tsx
-function Profile({ user, loading }: Props) {
-  const avatar = useMemo(() => {
-    const id = computeAvatarId(user)
-    return <Avatar id={id} />
-  }, [user])
-
-  if (loading) return <Skeleton />
-  return <div>{avatar}</div>
-}
-```
-
-**Correct (skips computation when loading):**
-
-```tsx
-const UserAvatar = memo(function UserAvatar({ user }: { user: User }) {
-  const id = useMemo(() => computeAvatarId(user), [user])
-  return <Avatar id={id} />
-})
-
-function Profile({ user, loading }: Props) {
-  if (loading) return <Skeleton />
-  return (
-    <div>
-      <UserAvatar user={user} />
-    </div>
-  )
-}
-```
-
-**Note:** If your project has [React Compiler](https://react.dev/learn/react-compiler) enabled, manual memoization with `memo()` and `useMemo()` is not necessary. The compiler automatically optimizes re-renders.

.claude/skills/vercel-react-best-practices/rules/rerender-transitions.md

@@ -1,40 +0,0 @@
----
-title: Use Transitions for Non-Urgent Updates
-impact: MEDIUM
-impactDescription: maintains UI responsiveness
-tags: rerender, transitions, startTransition, performance
----
-
-## Use Transitions for Non-Urgent Updates
-
-Mark frequent, non-urgent state updates as transitions to maintain UI responsiveness.
-
-**Incorrect (blocks UI on every scroll):**
-
-```tsx
-function ScrollTracker() {
-  const [scrollY, setScrollY] = useState(0)
-  useEffect(() => {
-    const handler = () => setScrollY(window.scrollY)
-    window.addEventListener('scroll', handler, { passive: true })
-    return () => window.removeEventListener('scroll', handler)
-  }, [])
-}
-```
-
-**Correct (non-blocking updates):**
-
-```tsx
-import { startTransition } from 'react'
-
-function ScrollTracker() {
-  const [scrollY, setScrollY] = useState(0)
-  useEffect(() => {
-    const handler = () => {
-      startTransition(() => setScrollY(window.scrollY))
-    }
-    window.addEventListener('scroll', handler, { passive: true })
-    return () => window.removeEventListener('scroll', handler)
-  }, [])
-}
-```

.claude/skills/vercel-react-best-practices/rules/server-after-nonblocking.md

@@ -1,73 +0,0 @@
----
-title: Use after() for Non-Blocking Operations
-impact: MEDIUM
-impactDescription: faster response times
-tags: server, async, logging, analytics, side-effects
----
-
-## Use after() for Non-Blocking Operations
-
-Use Next.js's `after()` to schedule work that should execute after a response is sent. This prevents logging, analytics, and other side effects from blocking the response.
-
-**Incorrect (blocks response):**
-
-```tsx
-import { logUserAction } from '@/app/utils'
-
-export async function POST(request: Request) {
-  // Perform mutation
-  await updateDatabase(request)
-  
-  // Logging blocks the response
-  const userAgent = request.headers.get('user-agent') || 'unknown'
-  await logUserAction({ userAgent })
-  
-  return new Response(JSON.stringify({ status: 'success' }), {
-    status: 200,
-    headers: { 'Content-Type': 'application/json' }
-  })
-}
-```
-
-**Correct (non-blocking):**
-
-```tsx
-import { after } from 'next/server'
-import { headers, cookies } from 'next/headers'
-import { logUserAction } from '@/app/utils'
-
-export async function POST(request: Request) {
-  // Perform mutation
-  await updateDatabase(request)
-  
-  // Log after response is sent
-  after(async () => {
-    const userAgent = (await headers()).get('user-agent') || 'unknown'
-    const sessionCookie = (await cookies()).get('session-id')?.value || 'anonymous'
-    
-    logUserAction({ sessionCookie, userAgent })
-  })
-  
-  return new Response(JSON.stringify({ status: 'success' }), {
-    status: 200,
-    headers: { 'Content-Type': 'application/json' }
-  })
-}
-```
-
-The response is sent immediately while logging happens in the background.
-
-**Common use cases:**
-
-- Analytics tracking
-- Audit logging
-- Sending notifications
-- Cache invalidation
-- Cleanup tasks
-
-**Important notes:**
-
-- `after()` runs even if the response fails or redirects
-- Works in Server Actions, Route Handlers, and Server Components
-
-Reference: [https://nextjs.org/docs/app/api-reference/functions/after](https://nextjs.org/docs/app/api-reference/functions/after)

.claude/skills/vercel-react-best-practices/rules/server-cache-lru.md

@@ -1,41 +0,0 @@
----
-title: Cross-Request LRU Caching
-impact: HIGH
-impactDescription: caches across requests
-tags: server, cache, lru, cross-request
----
-
-## Cross-Request LRU Caching
-
-`React.cache()` only works within one request. For data shared across sequential requests (user clicks button A then button B), use an LRU cache.
-
-**Implementation:**
-
-```typescript
-import { LRUCache } from 'lru-cache'
-
-const cache = new LRUCache<string, any>({
-  max: 1000,
-  ttl: 5 * 60 * 1000  // 5 minutes
-})
-
-export async function getUser(id: string) {
-  const cached = cache.get(id)
-  if (cached) return cached
-
-  const user = await db.user.findUnique({ where: { id } })
-  cache.set(id, user)
-  return user
-}
-
-// Request 1: DB query, result cached
-// Request 2: cache hit, no DB query
-```
-
-Use when sequential user actions hit multiple endpoints needing the same data within seconds.
-
-**With Vercel's [Fluid Compute](https://vercel.com/docs/fluid-compute):** LRU caching is especially effective because multiple concurrent requests can share the same function instance and cache. This means the cache persists across requests without needing external storage like Redis.
-
-**In traditional serverless:** Each invocation runs in isolation, so consider Redis for cross-process caching.
-
-Reference: [https://github.com/isaacs/node-lru-cache](https://github.com/isaacs/node-lru-cache)

.claude/skills/vercel-react-best-practices/rules/server-cache-react.md

@@ -1,26 +0,0 @@
----
-title: Per-Request Deduplication with React.cache()
-impact: MEDIUM
-impactDescription: deduplicates within request
-tags: server, cache, react-cache, deduplication
----
-
-## Per-Request Deduplication with React.cache()
-
-Use `React.cache()` for server-side request deduplication. Authentication and database queries benefit most.
-
-**Usage:**
-
-```typescript
-import { cache } from 'react'
-
-export const getCurrentUser = cache(async () => {
-  const session = await auth()
-  if (!session?.user?.id) return null
-  return await db.user.findUnique({
-    where: { id: session.user.id }
-  })
-})
-```
-
-Within a single request, multiple calls to `getCurrentUser()` execute the query only once.

.claude/skills/vercel-react-best-practices/rules/server-parallel-fetching.md

@@ -1,79 +0,0 @@
----
-title: Parallel Data Fetching with Component Composition
-impact: CRITICAL
-impactDescription: eliminates server-side waterfalls
-tags: server, rsc, parallel-fetching, composition
----
-
-## Parallel Data Fetching with Component Composition
-
-React Server Components execute sequentially within a tree. Restructure with composition to parallelize data fetching.
-
-**Incorrect (Sidebar waits for Page's fetch to complete):**
-
-```tsx
-export default async function Page() {
-  const header = await fetchHeader()
-  return (
-    <div>
-      <div>{header}</div>
-      <Sidebar />
-    </div>
-  )
-}
-
-async function Sidebar() {
-  const items = await fetchSidebarItems()
-  return <nav>{items.map(renderItem)}</nav>
-}
-```
-
-**Correct (both fetch simultaneously):**
-
-```tsx
-async function Header() {
-  const data = await fetchHeader()
-  return <div>{data}</div>
-}
-
-async function Sidebar() {
-  const items = await fetchSidebarItems()
-  return <nav>{items.map(renderItem)}</nav>
-}
-
-export default function Page() {
-  return (
-    <div>
-      <Header />
-      <Sidebar />
-    </div>
-  )
-}
-```
-
-**Alternative with children prop:**
-
-```tsx
-async function Layout({ children }: { children: ReactNode }) {
-  const header = await fetchHeader()
-  return (
-    <div>
-      <div>{header}</div>
-      {children}
-    </div>
-  )
-}
-
-async function Sidebar() {
-  const items = await fetchSidebarItems()
-  return <nav>{items.map(renderItem)}</nav>
-}
-
-export default function Page() {
-  return (
-    <Layout>
-      <Sidebar />
-    </Layout>
-  )
-}
-```

.claude/skills/vercel-react-best-practices/rules/server-serialization.md

@@ -1,38 +0,0 @@
----
-title: Minimize Serialization at RSC Boundaries
-impact: HIGH
-impactDescription: reduces data transfer size
-tags: server, rsc, serialization, props
----
-
-## Minimize Serialization at RSC Boundaries
-
-The React Server/Client boundary serializes all object properties into strings and embeds them in the HTML response and subsequent RSC requests. This serialized data directly impacts page weight and load time, so **size matters a lot**. Only pass fields that the client actually uses.
-
-**Incorrect (serializes all 50 fields):**
-
-```tsx
-async function Page() {
-  const user = await fetchUser()  // 50 fields
-  return <Profile user={user} />
-}
-
-'use client'
-function Profile({ user }: { user: User }) {
-  return <div>{user.name}</div>  // uses 1 field
-}
-```
-
-**Correct (serializes only 1 field):**
-
-```tsx
-async function Page() {
-  const user = await fetchUser()
-  return <Profile name={user.name} />
-}
-
-'use client'
-function Profile({ name }: { name: string }) {
-  return <div>{name}</div>
-}
-```

.devcontainer/platform/README.md

@@ -1,206 +0,0 @@
-# GitHub Codespaces for AutoGPT Platform
-
-This dev container provides a complete development environment for the AutoGPT Platform, optimized for PR reviews.
-
-## 🚀 Quick Start
-
-1. **Open in Codespaces:**
-   - Go to the repository on GitHub
-   - Click **Code** → **Codespaces** → **Create codespace on dev**
-   - Or click the badge: [![Open in GitHub Codespaces](https://github.com/codespaces/badge.svg)](https://codespaces.new/Significant-Gravitas/AutoGPT?quickstart=1)
-
-2. **Wait for setup** (~60 seconds with prebuild, ~5-10 min without)
-
-3. **Start the servers:**
-   ```bash
-   # Terminal 1
-   make run-backend
-
-   # Terminal 2  
-   make run-frontend
-   ```
-
-4. **Start developing!**
-   - Frontend: `http://localhost:3000`
-   - Login with: `test123@gmail.com` / `testpassword123`
-
-## 🏗️ Architecture
-
-**Dependencies run in Docker** (cached by prebuild):
-- PostgreSQL, Redis, RabbitMQ, Supabase Auth
-
-**Backend & Frontend run natively** (not cached):
-- This ensures you're always running the current branch's code
-- Enables hot-reload during development
-- VS Code debugger can attach directly
-
-## 📍 Available Services
-
-| Service | URL | Notes |
-|---------|-----|-------|
-| Frontend | http://localhost:3000 | Next.js app |
-| REST API | http://localhost:8006 | FastAPI backend |
-| WebSocket | ws://localhost:8001 | Real-time updates |
-| Supabase | http://localhost:8000 | Auth & API gateway |
-| Supabase Studio | http://localhost:5555 | Database admin |
-| RabbitMQ | http://localhost:15672 | Queue management |
-
-## 🔑 Test Accounts
-
-| Email | Password | Role |
-|-------|----------|------|
-| test123@gmail.com | testpassword123 | Featured Creator |
-
-The test account has:
-- Pre-created agents and workflows
-- Published store listings
-- Active agent executions
-- Reviews and ratings
-
-## 🛠️ Development Commands
-
-```bash
-# Navigate to platform directory (terminal starts here by default)
-cd autogpt_platform
-
-# Start all services
-docker compose up -d
-
-# Or just core services (DB, Redis, RabbitMQ)
-make start-core
-
-# Run backend in dev mode (hot reload)
-make run-backend
-
-# Run frontend in dev mode (hot reload)
-make run-frontend
-
-# Run both backend and frontend
-# (Use VS Code's "Full Stack" launch config for debugging)
-
-# Format code
-make format
-
-# Run tests
-make test-data        # Regenerate test data
-poetry run test       # Backend tests (from backend/)
-pnpm test:e2e         # E2E tests (from frontend/)
-```
-
-## 🐛 Debugging
-
-### VS Code Launch Configs
-
-> **Note:** Launch and task configs are in `.devcontainer/vscode-templates/`. 
-> To use them locally, copy to `.vscode/`:
-> ```bash
-> cp .devcontainer/vscode-templates/*.json .vscode/
-> ```
-> In Codespaces, core settings are auto-applied via devcontainer.json.
-
-Press `F5` or use the Run and Debug panel:
-
-- **Backend: Debug FastAPI** - Debug the REST API server
-- **Backend: Debug Executor** - Debug the agent executor
-- **Frontend: Debug Next.js** - Debug with browser DevTools
-- **Full Stack: Backend + Frontend** - Debug both simultaneously
-- **Tests: Run E2E Tests** - Run Playwright tests
-
-### VS Code Tasks
-
-Press `Ctrl+Shift+P` → "Tasks: Run Task":
-
-- Start/Stop All Services
-- Run Migrations
-- Seed Test Data
-- View Docker Logs
-- Reset Database
-
-## 📁 Project Structure
-
-```text
-autogpt_platform/           # This folder
-├── .devcontainer/          # Codespaces/devcontainer config
-├── .vscode/                # VS Code settings
-├── backend/                # Python FastAPI backend
-│   ├── backend/            # Application code
-│   ├── test/               # Test files + data seeders
-│   └── migrations/         # Prisma migrations
-├── frontend/               # Next.js frontend
-│   ├── src/                # Application code
-│   └── e2e/                # Playwright E2E tests
-├── db/                     # Supabase configuration
-├── docker-compose.yml      # Service orchestration
-└── Makefile                # Common commands
-```
-
-## 🔧 Troubleshooting
-
-### Services not starting?
-```bash
-# Check service status
-docker compose ps
-
-# View logs
-docker compose logs -f
-
-# Restart everything
-docker compose down && docker compose up -d
-```
-
-### Database issues?
-```bash
-# Reset database (destroys all data)
-make reset-db
-
-# Re-run migrations
-make migrate
-
-# Re-seed test data
-make test-data
-```
-
-### Port already in use?
-```bash
-# Check what's using the port
-lsof -i :3000
-
-# Kill process (if safe)
-kill -9 <PID>
-```
-
-### Can't login?
-- Ensure all services are running: `docker compose ps`
-- Check auth service: `docker compose logs auth`
-- Try seeding data again: `make test-data`
-
-## 📝 Making Changes
-
-### Backend Changes
-1. Edit files in `backend/backend/`
-2. If using `make run-backend`, changes auto-reload
-3. Run `poetry run format` before committing
-
-### Frontend Changes
-1. Edit files in `frontend/src/`
-2. If using `make run-frontend`, changes auto-reload
-3. Run `pnpm format` before committing
-
-### Database Schema Changes
-1. Edit `backend/schema.prisma`
-2. Run `poetry run prisma migrate dev --name your_migration`
-3. Run `poetry run prisma generate`
-
-## 🔒 Environment Variables
-
-Default environment variables are configured for local development. For production secrets, use GitHub Codespaces Secrets:
-
-1. Go to GitHub Settings → Codespaces → Secrets
-2. Add secrets with names matching `.env` variables
-3. They'll be automatically available in your codespace
-
-## 📚 More Resources
-
-- [AutoGPT Platform Docs](https://docs.agpt.co)
-- [Codespaces Documentation](https://docs.github.com/en/codespaces)
-- [Dev Containers Spec](https://containers.dev)

.devcontainer/platform/devcontainer.json

@@ -1,152 +0,0 @@
-{
-  "name": "AutoGPT Platform",
-  "dockerComposeFile": "docker-compose.devcontainer.yml",
-  "service": "devcontainer",
-  "workspaceFolder": "/workspaces/AutoGPT/autogpt_platform",
-  "shutdownAction": "stopCompose",
-
-  // Features - Docker-in-Docker for full compose support
-  "features": {
-    "ghcr.io/devcontainers/features/docker-in-docker:2": {
-      "dockerDashComposeVersion": "v2"
-    },
-    "ghcr.io/devcontainers/features/github-cli:1": {},
-    "ghcr.io/devcontainers/features/node:1": {
-      "version": "22",
-      "nodeGypDependencies": true
-    },
-    "ghcr.io/devcontainers/features/python:1": {
-      "version": "3.13",
-      "installTools": true,
-      "toolsToInstall": "flake8,autopep8,black,mypy,pytest,poetry"
-    }
-  },
-
-  // Lifecycle scripts - paths relative to repo root
-  "onCreateCommand": "bash .devcontainer/platform/scripts/oncreate.sh",
-  "postCreateCommand": "bash .devcontainer/platform/scripts/postcreate.sh",
-  "postStartCommand": "bash .devcontainer/platform/scripts/poststart.sh",
-
-  // Port forwarding
-  "forwardPorts": [
-    3000,   // Frontend
-    8006,   // REST API
-    8001,   // WebSocket
-    8000,   // Supabase Kong
-    5432,   // PostgreSQL
-    6379,   // Redis
-    15672,  // RabbitMQ Management
-    5555    // Supabase Studio
-  ],
-
-  "portsAttributes": {
-    "3000": { "label": "Frontend", "onAutoForward": "openBrowser" },
-    "8006": { "label": "REST API", "onAutoForward": "notify" },
-    "8001": { "label": "WebSocket", "onAutoForward": "silent" },
-    "8000": { "label": "Supabase", "onAutoForward": "silent" },
-    "5432": { "label": "PostgreSQL", "onAutoForward": "silent" },
-    "6379": { "label": "Redis", "onAutoForward": "silent" },
-    "15672": { "label": "RabbitMQ", "onAutoForward": "silent" },
-    "5555": { "label": "Supabase Studio", "onAutoForward": "silent" }
-  },
-
-  // VS Code customizations
-  "customizations": {
-    "vscode": {
-      "settings": {
-        // Python
-        "python.defaultInterpreterPath": "${workspaceFolder}/backend/.venv/bin/python",
-        "python.analysis.typeCheckingMode": "basic",
-        "python.testing.pytestEnabled": true,
-        "python.testing.pytestArgs": ["backend"],
-        
-        // Formatting
-        "[python]": {
-          "editor.defaultFormatter": "ms-python.black-formatter",
-          "editor.formatOnSave": true
-        },
-        "[typescript]": {
-          "editor.defaultFormatter": "esbenp.prettier-vscode",
-          "editor.formatOnSave": true
-        },
-        "[typescriptreact]": {
-          "editor.defaultFormatter": "esbenp.prettier-vscode",
-          "editor.formatOnSave": true
-        },
-        "[javascript]": {
-          "editor.defaultFormatter": "esbenp.prettier-vscode",
-          "editor.formatOnSave": true
-        },
-        
-        // Editor
-        "editor.rulers": [88, 120],
-        "editor.tabSize": 2,
-        "files.trimTrailingWhitespace": true,
-        
-        // Terminal
-        "terminal.integrated.defaultProfile.linux": "bash",
-        "terminal.integrated.cwd": "${workspaceFolder}",
-        
-        // Git
-        "git.autofetch": true,
-        "git.enableSmartCommit": true,
-        "git.openRepositoryInParentFolders": "always",
-        
-        // Prisma
-        "prisma.showPrismaDataPlatformNotification": false
-      },
-      
-      "extensions": [
-        // Python
-        "ms-python.python",
-        "ms-python.vscode-pylance",
-        "ms-python.black-formatter",
-        "ms-python.isort",
-        
-        // JavaScript/TypeScript
-        "dbaeumer.vscode-eslint",
-        "esbenp.prettier-vscode",
-        "bradlc.vscode-tailwindcss",
-        
-        // Database
-        "Prisma.prisma",
-        
-        // Testing
-        "ms-playwright.playwright",
-        
-        // GitHub
-        "GitHub.vscode-pull-request-github",
-        "GitHub.copilot",
-        "github.vscode-github-actions",
-        
-        // Utilities
-        "eamodio.gitlens",
-        "usernamehw.errorlens",
-        "christian-kohler.path-intellisense",
-        "mikestead.dotenv"
-      ]
-    },
-    
-    "codespaces": {
-      "openFiles": [
-        "README.md"
-      ]
-    }
-  },
-
-  // Environment variables
-  "containerEnv": {
-    "CODESPACES": "true",
-    "POETRY_VIRTUALENVS_IN_PROJECT": "true"
-  },
-
-  // Run as non-root for security
-  "remoteUser": "vscode",
-  
-  // Host requirements for performance
-  "hostRequirements": {
-    "cpus": 4,
-    "memory": "8gb",
-    "storage": "32gb"
-  }
-}

.devcontainer/platform/docker-compose.devcontainer.yml

@@ -1,21 +0,0 @@
-# Standalone devcontainer service
-# The platform services (db, redis, etc.) are started from within
-# the container using docker compose commands in the lifecycle scripts.
-
-services:
-  devcontainer:
-    image: mcr.microsoft.com/devcontainers/base:ubuntu-24.04
-    volumes:
-      # Mount the entire AutoGPT repo
-      - ../..:/workspaces/AutoGPT:cached
-    
-    # Keep container running
-    command: sleep infinity
-    
-    # Environment for development
-    environment:
-      - CODESPACES=true
-      - POETRY_VIRTUALENVS_IN_PROJECT=true
-      - POETRY_NO_INTERACTION=1
-      - NEXT_TELEMETRY_DISABLED=1
-      - DO_NOT_TRACK=1

.devcontainer/platform/scripts/oncreate.sh

@@ -1,142 +0,0 @@
-#!/bin/bash
-# =============================================================================
-# ONCREATE SCRIPT - Runs during prebuild
-# =============================================================================
-# This script runs during the prebuild phase (GitHub Actions).
-# It caches everything that's safe to cache:
-#   ✅ Dependency Docker images (postgres, redis, rabbitmq, etc.)
-#   ✅ Python packages (poetry install)
-#   ✅ Node packages (pnpm install)
-#
-# It does NOT build backend/frontend Docker images because those would
-# contain stale code from the prebuild branch, not the PR being reviewed.
-# =============================================================================
-
-set -e  # Exit on error
-set -x  # Print commands for debugging
-
-echo "🚀 Starting prebuild setup..."
-
-# =============================================================================
-# Setup PATH for tools installed by devcontainer features
-# =============================================================================
-# Python feature installs pipx at /usr/local/py-utils/bin
-# Node feature installs nvm, node, pnpm at various locations
-export PATH="/usr/local/py-utils/bin:$PATH"
-
-# Source nvm if available (Node feature uses nvm)
-export NVM_DIR="${NVM_DIR:-/usr/local/share/nvm}"
-if [ -s "$NVM_DIR/nvm.sh" ]; then
-    . "$NVM_DIR/nvm.sh"
-fi
-
-# =============================================================================
-# Verify and Install Poetry
-# =============================================================================
-echo "📦 Setting up Poetry..."
-
-if command -v poetry &> /dev/null; then
-    echo "  Poetry already installed: $(poetry --version)"
-else
-    echo "  Installing Poetry via pipx..."
-    if command -v pipx &> /dev/null; then
-        pipx install poetry
-    else
-        echo "  pipx not found, installing poetry via pip..."
-        pip install --user poetry
-        export PATH="$HOME/.local/bin:$PATH"
-    fi
-fi
-
-poetry --version || { echo "❌ Poetry installation failed"; exit 1; }
-
-# =============================================================================
-# Verify and Install pnpm
-# =============================================================================
-echo "📦 Setting up pnpm..."
-
-if command -v pnpm &> /dev/null; then
-    echo "  pnpm already installed: $(pnpm --version)"
-else
-    echo "  Installing pnpm via npm..."
-    npm install -g pnpm
-fi
-
-pnpm --version || { echo "❌ pnpm installation failed"; exit 1; }
-
-# =============================================================================
-# Navigate to workspace
-# =============================================================================
-cd /workspaces/AutoGPT/autogpt_platform
-
-# =============================================================================
-# Install Backend Dependencies
-# =============================================================================
-echo "📦 Installing backend dependencies..."
-
-cd backend
-poetry install --no-interaction --no-ansi
-
-# Generate Prisma client (schema only, no DB needed)
-echo "🔧 Generating Prisma client..."
-poetry run prisma generate || true
-poetry run gen-prisma-stub || true
-
-cd ..
-
-# =============================================================================
-# Install Frontend Dependencies
-# =============================================================================
-echo "📦 Installing frontend dependencies..."
-
-cd frontend
-pnpm install --frozen-lockfile
-cd ..
-
-# =============================================================================
-# Pull Dependency Docker Images
-# =============================================================================
-# Use docker compose pull to get exact versions from compose files
-# (single source of truth, no version drift)
-# =============================================================================
-echo "🐳 Pulling dependency Docker images..."
-
-# Start Docker daemon if using docker-in-docker
-if [ -e /var/run/docker-host.sock ]; then
-    sudo ln -sf /var/run/docker-host.sock /var/run/docker.sock || true
-fi
-
-# Check if Docker is available
-if command -v docker &> /dev/null && docker info &> /dev/null; then
-    # Pull images defined in docker-compose.yml (single source of truth)
-    docker compose pull db redis rabbitmq kong auth || echo "⚠️ Some images may not have pulled"
-    echo "✅ Dependency images pulled"
-else
-    echo "⚠️ Docker not available during prebuild, images will be pulled on first start"
-fi
-
-# =============================================================================
-# Copy environment files
-# =============================================================================
-echo "📄 Setting up environment files..."
-
-cd /workspaces/AutoGPT/autogpt_platform
-
-[ ! -f backend/.env ] && cp backend/.env.default backend/.env
-[ ! -f frontend/.env ] && cp frontend/.env.default frontend/.env
-[ ! -f .env ] && cp .env.default .env
-
-# =============================================================================
-# Done!
-# =============================================================================
-echo ""
-echo "=============================================="
-echo "✅ PREBUILD COMPLETE"
-echo "=============================================="
-echo ""
-echo "Cached:"
-echo "  ✅ Poetry $(poetry --version 2>/dev/null || echo '(check path)')"
-echo "  ✅ pnpm $(pnpm --version 2>/dev/null || echo '(check path)')"
-echo "  ✅ Python packages"
-echo "  ✅ Node packages"
-echo ""

.devcontainer/platform/scripts/postcreate.sh

@@ -1,131 +0,0 @@
-#!/bin/bash
-# =============================================================================
-# POSTCREATE SCRIPT - Runs after container creation
-# =============================================================================
-# This script runs once when a codespace is first created. It starts the
-# dependency services and prepares the environment for development.
-#
-# NOTE: Backend and Frontend run NATIVELY (not in Docker) to ensure you're
-# always running the current branch's code, not stale prebuild code.
-# =============================================================================
-
-set -e  # Exit on error
-
-echo "🚀 Setting up your development environment..."
-
-# Ensure PATH includes pipx binaries (where poetry is installed)
-export PATH="/usr/local/py-utils/bin:$PATH"
-
-cd /workspaces/AutoGPT/autogpt_platform
-
-# =============================================================================
-# Ensure Docker is available
-# =============================================================================
-if [ -e /var/run/docker-host.sock ]; then
-    sudo ln -sf /var/run/docker-host.sock /var/run/docker.sock 2>/dev/null || true
-fi
-
-# Wait for Docker to be ready
-echo "⏳ Waiting for Docker..."
-timeout 60 bash -c 'until docker info &>/dev/null; do sleep 1; done'
-echo "✅ Docker is ready"
-
-# =============================================================================
-# Start Dependency Services ONLY
-# =============================================================================
-# We only start infrastructure deps in Docker.
-# Backend/Frontend run natively to use the current branch's code.
-# =============================================================================
-echo "🐳 Starting dependency services..."
-
-# Start core dependencies (DB, Auth, Redis, RabbitMQ)
-docker compose up -d db redis rabbitmq kong auth
-
-# Wait for PostgreSQL to be healthy
-echo "⏳ Waiting for PostgreSQL..."
-timeout 120 bash -c '
-until docker compose exec -T db pg_isready -U postgres &>/dev/null; do
-    sleep 2
-    echo "  Waiting for database..."
-done
-'
-echo "✅ PostgreSQL is ready"
-
-# Wait for Redis
-echo "⏳ Waiting for Redis..."
-timeout 60 bash -c 'until docker compose exec -T redis redis-cli ping &>/dev/null; do sleep 1; done'
-echo "✅ Redis is ready"
-
-# Wait for RabbitMQ
-echo "⏳ Waiting for RabbitMQ..."
-timeout 90 bash -c 'until docker compose exec -T rabbitmq rabbitmq-diagnostics -q ping &>/dev/null; do sleep 2; done'
-echo "✅ RabbitMQ is ready"
-
-# =============================================================================
-# Run Database Migrations
-# =============================================================================
-echo "🔄 Running database migrations..."
-
-cd backend
-
-# Run migrations
-poetry run prisma migrate deploy
-poetry run prisma generate
-poetry run gen-prisma-stub || true
-
-cd ..
-
-# =============================================================================
-# Seed Test Data (Minimal)
-# =============================================================================
-echo "🌱 Checking test data..."
-
-cd backend
-
-# Check if test data already exists (idempotent)
-if poetry run python -c "
-import asyncio
-from backend.data.db import prisma
-
-async def check():
-    await prisma.connect()
-    count = await prisma.user.count()
-    await prisma.disconnect()
-    return count > 0
-
-print('exists' if asyncio.run(check()) else 'empty')
-" 2>/dev/null | grep -q "exists"; then
-    echo "  Test data already exists, skipping seed"
-else
-    echo "  Running E2E test data creator..."
-    poetry run python test/e2e_test_data.py || echo "⚠️ Test data seeding had issues (may be partial)"
-fi
-
-cd ..
-
-# =============================================================================
-# Print Welcome Message
-# =============================================================================
-echo ""
-echo "=============================================="
-echo "🎉 CODESPACE READY!"
-echo "=============================================="
-echo ""
-echo "📍 Services Running (Docker):"
-echo "   PostgreSQL:  localhost:5432"
-echo "   Redis:       localhost:6379"
-echo "   RabbitMQ:    localhost:5672 (mgmt: 15672)"
-echo "   Supabase:    localhost:8000"
-echo ""
-echo "🚀 Start Development:"
-echo "   make run-backend   # Start backend (localhost:8006)"
-echo "   make run-frontend  # Start frontend (localhost:3000)"
-echo ""
-echo "   Or run both in separate terminals!"
-echo ""
-echo "🔑 Test Account:"
-echo "   Email:    test123@gmail.com"
-echo "   Password: testpassword123"
-echo ""
-echo "📚 Full docs: .devcontainer/platform/README.md"
-echo ""

.devcontainer/platform/scripts/poststart.sh

@@ -1,44 +0,0 @@
-#!/bin/bash
-# =============================================================================
-# POSTSTART SCRIPT - Runs every time the codespace starts
-# =============================================================================
-# This script runs when:
-# 1. Codespace is first created (after postcreate)
-# 2. Codespace resumes from stopped state
-# 3. Codespace rebuilds
-#
-# It ensures dependency services are running. Backend/Frontend are run
-# manually by the developer for hot-reload during development.
-# =============================================================================
-
-echo "🔄 Starting dependency services..."
-
-cd /workspaces/AutoGPT/autogpt_platform || { echo "❌ Failed to cd to workspace"; exit 1; }
-
-# Ensure Docker socket is available
-if [ -e /var/run/docker-host.sock ]; then
-    sudo ln -sf /var/run/docker-host.sock /var/run/docker.sock 2>/dev/null || true
-fi
-
-# Wait for Docker
-timeout 30 bash -c 'until docker info &>/dev/null; do sleep 1; done' || {
-    echo "⚠️ Docker not available, services may need manual start"
-    exit 0
-}
-
-# Start only dependency services (not backend/frontend)
-docker compose up -d db redis rabbitmq kong auth
-
-# Quick health check
-echo "⏳ Waiting for services..."
-sleep 5
-
-if docker compose ps | grep -q "running"; then
-    echo "✅ Dependency services are running"
-    echo ""
-    echo "🚀 Start development with:"
-    echo "   make run-backend   # Terminal 1"
-    echo "   make run-frontend  # Terminal 2"
-else
-    echo "⚠️ Some services may not be running. Try: docker compose up -d"
-fi

.devcontainer/platform/vscode-templates/launch.json

@@ -1,110 +0,0 @@
-{
-  "version": "0.2.0",
-  "configurations": [
-    {
-      "name": "Backend: Debug FastAPI",
-      "type": "debugpy",
-      "request": "launch",
-      "module": "uvicorn",
-      "args": [
-        "backend.rest:app",
-        "--reload",
-        "--host", "0.0.0.0",
-        "--port", "8006"
-      ],
-      "cwd": "${workspaceFolder}/backend",
-      "env": {
-        "PYTHONPATH": "${workspaceFolder}/backend"
-      },
-      "console": "integratedTerminal",
-      "justMyCode": false
-    },
-    {
-      "name": "Backend: Debug Executor",
-      "type": "debugpy",
-      "request": "launch",
-      "module": "backend.exec",
-      "cwd": "${workspaceFolder}/backend",
-      "env": {
-        "PYTHONPATH": "${workspaceFolder}/backend"
-      },
-      "console": "integratedTerminal",
-      "justMyCode": false
-    },
-    {
-      "name": "Backend: Debug WebSocket",
-      "type": "debugpy",
-      "request": "launch",
-      "module": "backend.ws",
-      "cwd": "${workspaceFolder}/backend",
-      "env": {
-        "PYTHONPATH": "${workspaceFolder}/backend"
-      },
-      "console": "integratedTerminal",
-      "justMyCode": false
-    },
-    {
-      "name": "Frontend: Debug Next.js",
-      "type": "node",
-      "request": "launch",
-      "runtimeExecutable": "pnpm",
-      "runtimeArgs": ["dev"],
-      "cwd": "${workspaceFolder}/frontend",
-      "console": "integratedTerminal",
-      "serverReadyAction": {
-        "pattern": "- Local:.+(https?://\\S+)",
-        "uriFormat": "%s",
-        "action": "openExternally"
-      }
-    },
-    {
-      "name": "Frontend: Debug Next.js (Server-side)",
-      "type": "node",
-      "request": "launch",
-      "runtimeExecutable": "pnpm",
-      "runtimeArgs": ["dev"],
-      "cwd": "${workspaceFolder}/frontend",
-      "env": {
-        "NODE_OPTIONS": "--inspect"
-      },
-      "console": "integratedTerminal"
-    },
-    {
-      "name": "Tests: Run Backend Tests",
-      "type": "debugpy",
-      "request": "launch",
-      "module": "pytest",
-      "args": ["-v", "--tb=short"],
-      "cwd": "${workspaceFolder}/backend",
-      "console": "integratedTerminal",
-      "justMyCode": false
-    },
-    {
-      "name": "Tests: Run E2E Tests (Playwright)",
-      "type": "node",
-      "request": "launch",
-      "runtimeExecutable": "pnpm",
-      "runtimeArgs": ["test:e2e"],
-      "cwd": "${workspaceFolder}/frontend",
-      "console": "integratedTerminal"
-    },
-    {
-      "name": "Scripts: Seed Test Data",
-      "type": "debugpy",
-      "request": "launch",
-      "program": "${workspaceFolder}/backend/test/e2e_test_data.py",
-      "cwd": "${workspaceFolder}/backend",
-      "env": {
-        "PYTHONPATH": "${workspaceFolder}/backend"
-      },
-      "console": "integratedTerminal"
-    }
-  ],
-  "compounds": [
-    {
-      "name": "Full Stack: Backend + Frontend",
-      "configurations": ["Backend: Debug FastAPI", "Frontend: Debug Next.js"],
-      "stopAll": true
-    }
-  ]
-}

.devcontainer/platform/vscode-templates/tasks.json

@@ -1,147 +0,0 @@
-{
-  "version": "2.0.0",
-  "tasks": [
-    {
-      "label": "Start All Services",
-      "type": "shell",
-      "command": "docker compose up -d",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": [],
-      "group": "build"
-    },
-    {
-      "label": "Stop All Services",
-      "type": "shell",
-      "command": "docker compose stop",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Start Core Services",
-      "type": "shell",
-      "command": "make start-core",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": [],
-      "group": "build"
-    },
-    {
-      "label": "Run Backend (Dev Mode)",
-      "type": "shell",
-      "command": "poetry run app",
-      "options": {
-        "cwd": "${workspaceFolder}/backend"
-      },
-      "problemMatcher": [],
-      "isBackground": true,
-      "group": {
-        "kind": "build",
-        "isDefault": false
-      }
-    },
-    {
-      "label": "Run Frontend (Dev Mode)",
-      "type": "shell",
-      "command": "pnpm dev",
-      "options": {
-        "cwd": "${workspaceFolder}/frontend"
-      },
-      "problemMatcher": [],
-      "isBackground": true,
-      "group": {
-        "kind": "build",
-        "isDefault": true
-      }
-    },
-    {
-      "label": "Run Migrations",
-      "type": "shell",
-      "command": "make migrate",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Seed Test Data",
-      "type": "shell",
-      "command": "make test-data",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Format Code",
-      "type": "shell",
-      "command": "make format",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Backend: Run Tests",
-      "type": "shell",
-      "command": "poetry run test",
-      "options": {
-        "cwd": "${workspaceFolder}/backend"
-      },
-      "problemMatcher": [],
-      "group": "test"
-    },
-    {
-      "label": "Frontend: Run Tests",
-      "type": "shell",
-      "command": "pnpm test",
-      "options": {
-        "cwd": "${workspaceFolder}/frontend"
-      },
-      "problemMatcher": [],
-      "group": "test"
-    },
-    {
-      "label": "Frontend: Run E2E Tests",
-      "type": "shell",
-      "command": "pnpm test:e2e",
-      "options": {
-        "cwd": "${workspaceFolder}/frontend"
-      },
-      "problemMatcher": [],
-      "group": "test"
-    },
-    {
-      "label": "Generate API Client",
-      "type": "shell",
-      "command": "pnpm generate:api",
-      "options": {
-        "cwd": "${workspaceFolder}/frontend"
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "View Docker Logs",
-      "type": "shell",
-      "command": "docker compose logs -f",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": [],
-      "isBackground": true
-    },
-    {
-      "label": "Reset Database",
-      "type": "shell",
-      "command": "make reset-db",
-      "options": {
-        "cwd": "${workspaceFolder}"
-      },
-      "problemMatcher": []
-    }
-  ]
-}

.github/copilot-instructions.md

@@ -160,7 +160,7 @@ pnpm storybook                      # Start component development server
 
 **Backend Entry Points:**
 
-- `backend/backend/api/rest_api.py` - FastAPI application setup
+- `backend/backend/server/server.py` - FastAPI application setup
 - `backend/backend/data/` - Database models and user management
 - `backend/blocks/` - Agent execution blocks and logic
 
@@ -219,7 +219,7 @@ Agents are built using a visual block-based system where each block performs a s
 
 ### API Development
 
-1. Update routes in `/backend/backend/api/features/`
+1. Update routes in `/backend/backend/server/routers/`
 2. Add/update Pydantic models in same directory
 3. Write tests alongside route files
 4. For `data/*.py` changes, validate user ID checks
@@ -285,7 +285,7 @@ Agents are built using a visual block-based system where each block performs a s
 
 ### Security Guidelines
 
-**Cache Protection Middleware** (`/backend/backend/api/middleware/security.py`):
+**Cache Protection Middleware** (`/backend/backend/server/middleware/security.py`):
 
 - Default: Disables caching for ALL endpoints with `Cache-Control: no-store, no-cache, must-revalidate, private`
 - Uses allow list approach for cacheable paths (static assets, health checks, public pages)

.github/workflows/classic-frontend-ci.yml

@@ -49,7 +49,7 @@ jobs:
 
       - name: Create PR ${{ env.BUILD_BRANCH }} -> ${{ github.ref_name }}
         if: github.event_name == 'push'
-        uses: peter-evans/create-pull-request@v8
+        uses: peter-evans/create-pull-request@v7
         with:
           add-paths: classic/frontend/build/web
           base: ${{ github.ref_name }}

.github/workflows/claude-ci-failure-auto-fix.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.workflow_run.head_branch }}
           fetch-depth: 0
@@ -42,7 +42,7 @@ jobs:
 
       - name: Get CI failure details
         id: failure_details
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const run = await github.rest.actions.getWorkflowRun({
@@ -93,5 +93,5 @@ jobs:
 
             Error logs:
             ${{ toJSON(fromJSON(steps.failure_details.outputs.result).errorLogs) }}
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           claude_args: "--allowedTools 'Edit,MultiEdit,Write,Read,Glob,Grep,LS,Bash(git:*),Bash(bun:*),Bash(npm:*),Bash(npx:*),Bash(gh:*)'"

.github/workflows/claude-dependabot.yml

@@ -7,7 +7,7 @@
 # - Provide actionable recommendations for the development team
 #
 # Triggered on: Dependabot PRs (opened, synchronize)
-# Requirements: CLAUDE_CODE_OAUTH_TOKEN secret must be configured
+# Requirements: ANTHROPIC_API_KEY secret must be configured
 
 name: Claude Dependabot PR Review
 
@@ -30,7 +30,7 @@ jobs:
       actions: read # Required for CI access
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
@@ -41,7 +41,7 @@ jobs:
           python-version: "3.11"  # Use standard version matching CI
 
       - name: Set up Python dependency cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.cache/pypoetry
           key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
@@ -78,7 +78,7 @@ jobs:
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22"
 
@@ -91,7 +91,7 @@ jobs:
           echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
 
       - name: Cache frontend dependencies
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
@@ -124,7 +124,7 @@ jobs:
       # Phase 1: Cache and load Docker images for faster setup
       - name: Set up Docker image cache
         id: docker-cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/docker-cache
           # Use a versioned key for cache invalidation when image list changes
@@ -308,8 +308,7 @@ jobs:
         id: claude_review
         uses: anthropics/claude-code-action@v1
         with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          allowed_bots: "dependabot[bot]"
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           claude_args: |
             --allowedTools "Bash(npm:*),Bash(pnpm:*),Bash(poetry:*),Bash(git:*),Edit,Replace,NotebookEditCell,mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*)"
           prompt: |

.github/workflows/claude.yml

@@ -40,7 +40,7 @@ jobs:
       actions: read # Required for CI access
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 1
 
@@ -57,7 +57,7 @@ jobs:
           python-version: "3.11"  # Use standard version matching CI
 
       - name: Set up Python dependency cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.cache/pypoetry
           key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
@@ -94,7 +94,7 @@ jobs:
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22"
 
@@ -107,7 +107,7 @@ jobs:
           echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
 
       - name: Cache frontend dependencies
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
@@ -140,7 +140,7 @@ jobs:
       # Phase 1: Cache and load Docker images for faster setup
       - name: Set up Docker image cache
         id: docker-cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/docker-cache
           # Use a versioned key for cache invalidation when image list changes
@@ -323,7 +323,7 @@ jobs:
         id: claude
         uses: anthropics/claude-code-action@v1
         with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           claude_args: |
             --allowedTools "Bash(npm:*),Bash(pnpm:*),Bash(poetry:*),Bash(git:*),Edit,Replace,NotebookEditCell,mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*), Bash(gh pr diff:*), Bash(gh pr view:*), Bash(gh pr edit:*)"
             --model opus

.github/workflows/codeql.yml

@@ -58,7 +58,7 @@ jobs:
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v6
+      uses: actions/checkout@v4
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/copilot-setup-steps.yml

@@ -27,7 +27,7 @@ jobs:
     # If you do not check out your code, Copilot will do this for you.
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
           submodules: true
@@ -39,7 +39,7 @@ jobs:
           python-version: "3.11"  # Use standard version matching CI
 
       - name: Set up Python dependency cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.cache/pypoetry
           key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
@@ -76,7 +76,7 @@ jobs:
 
       # Frontend Node.js/pnpm setup (mirrors platform-frontend-ci.yml)
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22"
 
@@ -89,7 +89,7 @@ jobs:
           echo "PNPM_HOME=$HOME/.pnpm-store" >> $GITHUB_ENV
 
       - name: Cache frontend dependencies
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}
@@ -132,7 +132,7 @@ jobs:
       # Phase 1: Cache and load Docker images for faster setup
       - name: Set up Docker image cache
         id: docker-cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/docker-cache
           # Use a versioned key for cache invalidation when image list changes

.github/workflows/docs-block-sync.yml

@@ -1,78 +0,0 @@
-name: Block Documentation Sync Check
-
-on:
-  push:
-    branches: [master, dev]
-    paths:
-      - "autogpt_platform/backend/backend/blocks/**"
-      - "docs/integrations/**"
-      - "autogpt_platform/backend/scripts/generate_block_docs.py"
-      - ".github/workflows/docs-block-sync.yml"
-  pull_request:
-    branches: [master, dev]
-    paths:
-      - "autogpt_platform/backend/backend/blocks/**"
-      - "docs/integrations/**"
-      - "autogpt_platform/backend/scripts/generate_block_docs.py"
-      - ".github/workflows/docs-block-sync.yml"
-
-jobs:
-  check-docs-sync:
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 1
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Set up Python dependency cache
-        uses: actions/cache@v5
-        with:
-          path: ~/.cache/pypoetry
-          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
-          restore-keys: |
-            poetry-${{ runner.os }}-
-
-      - name: Install Poetry
-        run: |
-          cd autogpt_platform/backend
-          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
-          echo "Found Poetry version ${HEAD_POETRY_VERSION} in backend/poetry.lock"
-          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install dependencies
-        working-directory: autogpt_platform/backend
-        run: |
-          poetry install --only main
-          poetry run prisma generate
-
-      - name: Check block documentation is in sync
-        working-directory: autogpt_platform/backend
-        run: |
-          echo "Checking if block documentation is in sync with code..."
-          poetry run python scripts/generate_block_docs.py --check
-
-      - name: Show diff if out of sync
-        if: failure()
-        working-directory: autogpt_platform/backend
-        run: |
-          echo "::error::Block documentation is out of sync with code!"
-          echo ""
-          echo "To fix this, run the following command locally:"
-          echo "  cd autogpt_platform/backend && poetry run python scripts/generate_block_docs.py"
-          echo ""
-          echo "Then commit the updated documentation files."
-          echo ""
-          echo "Regenerating docs to show diff..."
-          poetry run python scripts/generate_block_docs.py
-          echo ""
-          echo "Changes detected:"
-          git diff ../../docs/integrations/ || true

.github/workflows/docs-claude-review.yml

@@ -1,95 +0,0 @@
-name: Claude Block Docs Review
-
-on:
-  pull_request:
-    types: [opened, synchronize]
-    paths:
-      - "docs/integrations/**"
-      - "autogpt_platform/backend/backend/blocks/**"
-
-jobs:
-  claude-review:
-    # Only run for PRs from members/collaborators
-    if: |
-      github.event.pull_request.author_association == 'OWNER' ||
-      github.event.pull_request.author_association == 'MEMBER' ||
-      github.event.pull_request.author_association == 'COLLABORATOR'
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-    permissions:
-      contents: read
-      pull-requests: write
-      id-token: write
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 0
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Set up Python dependency cache
-        uses: actions/cache@v5
-        with:
-          path: ~/.cache/pypoetry
-          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
-          restore-keys: |
-            poetry-${{ runner.os }}-
-
-      - name: Install Poetry
-        run: |
-          cd autogpt_platform/backend
-          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
-          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install dependencies
-        working-directory: autogpt_platform/backend
-        run: |
-          poetry install --only main
-          poetry run prisma generate
-
-      - name: Run Claude Code Review
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          claude_args: |
-            --allowedTools "Read,Glob,Grep,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"
-          prompt: |
-            You are reviewing a PR that modifies block documentation or block code for AutoGPT.
-
-            ## Your Task
-            Review the changes in this PR and provide constructive feedback. Focus on:
-
-            1. **Documentation Accuracy**: For any block code changes, verify that:
-               - Input/output tables in docs match the actual block schemas
-               - Description text accurately reflects what the block does
-               - Any new blocks have corresponding documentation
-
-            2. **Manual Content Quality**: Check manual sections (marked with `<!-- MANUAL: -->` markers):
-               - "How it works" sections should have clear technical explanations
-               - "Possible use case" sections should have practical, real-world examples
-               - Content should be helpful for users trying to understand the blocks
-
-            3. **Template Compliance**: Ensure docs follow the standard template:
-               - What it is (brief intro)
-               - What it does (description)
-               - How it works (technical explanation)
-               - Inputs table
-               - Outputs table
-               - Possible use case
-
-            4. **Cross-references**: Check that links and anchors are correct
-
-            ## Review Process
-            1. First, get the PR diff to see what changed: `gh pr diff ${{ github.event.pull_request.number }}`
-            2. Read any modified block files to understand the implementation
-            3. Read corresponding documentation files to verify accuracy
-            4. Provide your feedback as a PR comment
-
-            Be constructive and specific. If everything looks good, say so!
-            If there are issues, explain what's wrong and suggest how to fix it.

.github/workflows/docs-enhance.yml

@@ -1,194 +0,0 @@
-name: Enhance Block Documentation
-
-on:
-  workflow_dispatch:
-    inputs:
-      block_pattern:
-        description: 'Block file pattern to enhance (e.g., "google/*.md" or "*" for all blocks)'
-        required: true
-        default: '*'
-        type: string
-      dry_run:
-        description: 'Dry run mode - show proposed changes without committing'
-        type: boolean
-        default: true
-      max_blocks:
-        description: 'Maximum number of blocks to process (0 for unlimited)'
-        type: number
-        default: 10
-
-jobs:
-  enhance-docs:
-    runs-on: ubuntu-latest
-    timeout-minutes: 45
-    permissions:
-      contents: write
-      pull-requests: write
-      id-token: write
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 1
-
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-
-      - name: Set up Python dependency cache
-        uses: actions/cache@v5
-        with:
-          path: ~/.cache/pypoetry
-          key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}
-          restore-keys: |
-            poetry-${{ runner.os }}-
-
-      - name: Install Poetry
-        run: |
-          cd autogpt_platform/backend
-          HEAD_POETRY_VERSION=$(python3 ../../.github/workflows/scripts/get_package_version_from_lockfile.py poetry)
-          curl -sSL https://install.python-poetry.org | POETRY_VERSION=$HEAD_POETRY_VERSION python3 -
-          echo "$HOME/.local/bin" >> $GITHUB_PATH
-
-      - name: Install dependencies
-        working-directory: autogpt_platform/backend
-        run: |
-          poetry install --only main
-          poetry run prisma generate
-
-      - name: Run Claude Enhancement
-        uses: anthropics/claude-code-action@v1
-        with:
-          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
-          claude_args: |
-            --allowedTools "Read,Edit,Glob,Grep,Write,Bash(git:*),Bash(gh:*),Bash(find:*),Bash(ls:*)"
-          prompt: |
-            You are enhancing block documentation for AutoGPT. Your task is to improve the MANUAL sections
-            of block documentation files by reading the actual block implementations and writing helpful content.
-
-            ## Configuration
-            - Block pattern: ${{ inputs.block_pattern }}
-            - Dry run: ${{ inputs.dry_run }}
-            - Max blocks to process: ${{ inputs.max_blocks }}
-
-            ## Your Task
-
-            1. **Find Documentation Files**
-               Find block documentation files matching the pattern in `docs/integrations/`
-               Pattern: ${{ inputs.block_pattern }}
-
-               Use: `find docs/integrations -name "*.md" -type f`
-
-            2. **For Each Documentation File** (up to ${{ inputs.max_blocks }} files):
-
-               a. Read the documentation file
-
-               b. Identify which block(s) it documents (look for the block class name)
-
-               c. Find and read the corresponding block implementation in `autogpt_platform/backend/backend/blocks/`
-
-               d. Improve the MANUAL sections:
-
-                  **"How it works" section** (within `<!-- MANUAL: how_it_works -->` markers):
-                  - Explain the technical flow of the block
-                  - Describe what APIs or services it connects to
-                  - Note any important configuration or prerequisites
-                  - Keep it concise but informative (2-4 paragraphs)
-
-                  **"Possible use case" section** (within `<!-- MANUAL: use_case -->` markers):
-                  - Provide 2-3 practical, real-world examples
-                  - Make them specific and actionable
-                  - Show how this block could be used in an automation workflow
-
-            3. **Important Rules**
-               - ONLY modify content within `<!-- MANUAL: -->` and `<!-- END MANUAL -->` markers
-               - Do NOT modify auto-generated sections (inputs/outputs tables, descriptions)
-               - Keep content accurate based on the actual block implementation
-               - Write for users who may not be technical experts
-
-            4. **Output**
-               ${{ inputs.dry_run == true && 'DRY RUN MODE: Show proposed changes for each file but do NOT actually edit the files. Describe what you would change.' || 'LIVE MODE: Actually edit the files to improve the documentation.' }}
-
-            ## Example Improvements
-
-            **Before (How it works):**
-            ```
-            _Add technical explanation here._
-            ```
-
-            **After (How it works):**
-            ```
-            This block connects to the GitHub API to retrieve issue information. When executed,
-            it authenticates using your GitHub credentials and fetches issue details including
-            title, body, labels, and assignees.
-
-            The block requires a valid GitHub OAuth connection with repository access permissions.
-            It supports both public and private repositories you have access to.
-            ```
-
-            **Before (Possible use case):**
-            ```
-            _Add practical use case examples here._
-            ```
-
-            **After (Possible use case):**
-            ```
-            **Customer Support Automation**: Monitor a GitHub repository for new issues with
-            the "bug" label, then automatically create a ticket in your support system and
-            notify the on-call engineer via Slack.
-
-            **Release Notes Generation**: When a new release is published, gather all closed
-            issues since the last release and generate a summary for your changelog.
-            ```
-
-            Begin by finding and listing the documentation files to process.
-
-      - name: Create PR with enhanced documentation
-        if: ${{ inputs.dry_run == false }}
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          # Check if there are changes
-          if git diff --quiet docs/integrations/; then
-            echo "No changes to commit"
-            exit 0
-          fi
-
-          # Configure git
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-
-          # Create branch and commit
-          BRANCH_NAME="docs/enhance-blocks-$(date +%Y%m%d-%H%M%S)"
-          git checkout -b "$BRANCH_NAME"
-          git add docs/integrations/
-          git commit -m "docs: enhance block documentation with LLM-generated content
-
-          Pattern: ${{ inputs.block_pattern }}
-          Max blocks: ${{ inputs.max_blocks }}
-
-          🤖 Generated with [Claude Code](https://claude.com/claude-code)
-
-          Co-Authored-By: Claude <noreply@anthropic.com>"
-
-          # Push and create PR
-          git push -u origin "$BRANCH_NAME"
-          gh pr create \
-            --title "docs: LLM-enhanced block documentation" \
-            --body "## Summary
-          This PR contains LLM-enhanced documentation for block files matching pattern: \`${{ inputs.block_pattern }}\`
-
-          The following manual sections were improved:
-          - **How it works**: Technical explanations based on block implementations
-          - **Possible use case**: Practical, real-world examples
-
-          ## Review Checklist
-          - [ ] Content is accurate based on block implementations
-          - [ ] Examples are practical and helpful
-          - [ ] No auto-generated sections were modified
-
-          ---
-          🤖 Generated with [Claude Code](https://claude.com/claude-code)" \
-            --base dev

.github/workflows/platform-autogpt-deploy-dev.yaml

@@ -25,7 +25,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.inputs.git_ref || github.ref_name }}
 
@@ -52,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger deploy workflow
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure

.github/workflows/platform-autogpt-deploy-prod.yml

@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.ref_name || 'master' }}
 
@@ -45,7 +45,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Trigger deploy workflow
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DEPLOY_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure

.github/workflows/platform-backend-ci.yml

@@ -68,7 +68,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
           submodules: true
@@ -88,7 +88,7 @@ jobs:
         run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
 
       - name: Set up Python dependency cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.cache/pypoetry
           key: poetry-${{ runner.os }}-${{ hashFiles('autogpt_platform/backend/poetry.lock') }}

.github/workflows/platform-dev-deploy-event-dispatcher.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Check comment permissions and deployment status
         id: check_status
         if: github.event_name == 'issue_comment' && github.event.issue.pull_request
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const commentBody = context.payload.comment.body.trim();
@@ -55,7 +55,7 @@ jobs:
 
       - name: Post permission denied comment
         if: steps.check_status.outputs.permission_denied == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             await github.rest.issues.createComment({
@@ -68,7 +68,7 @@ jobs:
       - name: Get PR details for deployment
         id: pr_details
         if: steps.check_status.outputs.should_deploy == 'true' || steps.check_status.outputs.should_undeploy == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const pr = await github.rest.pulls.get({
@@ -82,7 +82,7 @@ jobs:
           
       - name: Dispatch Deploy Event
         if: steps.check_status.outputs.should_deploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
@@ -98,7 +98,7 @@ jobs:
 
       - name: Post deploy success comment
         if: steps.check_status.outputs.should_deploy == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             await github.rest.issues.createComment({
@@ -110,7 +110,7 @@ jobs:
 
       - name: Dispatch Undeploy Event (from comment)
         if: steps.check_status.outputs.should_undeploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
@@ -126,7 +126,7 @@ jobs:
 
       - name: Post undeploy success comment
         if: steps.check_status.outputs.should_undeploy == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             await github.rest.issues.createComment({
@@ -139,7 +139,7 @@ jobs:
       - name: Check deployment status on PR close
         id: check_pr_close
         if: github.event_name == 'pull_request' && github.event.action == 'closed'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             const comments = await github.rest.issues.listComments({
@@ -168,7 +168,7 @@ jobs:
           github.event_name == 'pull_request' &&
           github.event.action == 'closed' &&
           steps.check_pr_close.outputs.should_undeploy == 'true'
-        uses: peter-evans/repository-dispatch@v4
+        uses: peter-evans/repository-dispatch@v3
         with:
           token: ${{ secrets.DISPATCH_TOKEN }}
           repository: Significant-Gravitas/AutoGPT_cloud_infrastructure
@@ -187,7 +187,7 @@ jobs:
           github.event_name == 'pull_request' &&
           github.event.action == 'closed' &&
           steps.check_pr_close.outputs.should_undeploy == 'true'
-        uses: actions/github-script@v8
+        uses: actions/github-script@v7
         with:
           script: |
             await github.rest.issues.createComment({

.github/workflows/platform-frontend-ci.yml

@@ -27,22 +27,13 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       cache-key: ${{ steps.cache-key.outputs.key }}
-      components-changed: ${{ steps.filter.outputs.components }}
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
-
-      - name: Check for component changes
-        uses: dorny/paths-filter@v3
-        id: filter
-        with:
-          filters: |
-            components:
-              - 'autogpt_platform/frontend/src/components/**'
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -54,7 +45,7 @@ jobs:
         run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT
 
       - name: Cache dependencies
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ steps.cache-key.outputs.key }}
@@ -71,10 +62,10 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -82,7 +73,7 @@ jobs:
         run: corepack enable
 
       - name: Restore dependencies cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ needs.setup.outputs.cache-key }}
@@ -99,20 +90,17 @@ jobs:
   chromatic:
     runs-on: ubuntu-latest
     needs: setup
-    # Disabled: to re-enable, remove 'false &&' from the condition below
-    if: >-
-      false
-      && (github.ref == 'refs/heads/dev' || github.base_ref == 'dev')
-      && needs.setup.outputs.components-changed == 'true'
+    # Only run on dev branch pushes or PRs targeting dev
+    if: github.ref == 'refs/heads/dev' || github.base_ref == 'dev'
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -120,7 +108,7 @@ jobs:
         run: corepack enable
 
       - name: Restore dependencies cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ needs.setup.outputs.cache-key }}
@@ -140,7 +128,7 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           exitOnceUploaded: true
 
-  e2e_test:
+  test:
     runs-on: big-boi
     needs: setup
     strategy:
@@ -148,12 +136,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           submodules: recursive
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -176,7 +164,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: Cache Docker layers
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: /tmp/.buildx-cache
           key: ${{ runner.os }}-buildx-frontend-test-${{ hashFiles('autogpt_platform/docker-compose.yml', 'autogpt_platform/backend/Dockerfile', 'autogpt_platform/backend/pyproject.toml', 'autogpt_platform/backend/poetry.lock') }}
@@ -231,7 +219,7 @@ jobs:
           fi
 
       - name: Restore dependencies cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ needs.setup.outputs.cache-key }}
@@ -270,39 +258,3 @@ jobs:
       - name: Print Final Docker Compose logs
         if: always()
         run: docker compose -f ../docker-compose.yml logs
-
-  integration_test:
-    runs-on: ubuntu-latest
-    needs: setup
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v6
-        with:
-          submodules: recursive
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v6
-        with:
-          node-version: "22.18.0"
-
-      - name: Enable corepack
-        run: corepack enable
-
-      - name: Restore dependencies cache
-        uses: actions/cache@v5
-        with:
-          path: ~/.pnpm-store
-          key: ${{ needs.setup.outputs.cache-key }}
-          restore-keys: |
-            ${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml') }}
-            ${{ runner.os }}-pnpm-
-
-      - name: Install dependencies
-        run: pnpm install --frozen-lockfile
-
-      - name: Generate API client
-        run: pnpm generate:api
-
-      - name: Run Integration Tests
-        run: pnpm test:unit

.github/workflows/platform-fullstack-ci.yml

@@ -29,10 +29,10 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -44,7 +44,7 @@ jobs:
         run: echo "key=${{ runner.os }}-pnpm-${{ hashFiles('autogpt_platform/frontend/pnpm-lock.yaml', 'autogpt_platform/frontend/package.json') }}" >> $GITHUB_OUTPUT
 
       - name: Cache dependencies
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ steps.cache-key.outputs.key }}
@@ -56,19 +56,19 @@ jobs:
         run: pnpm install --frozen-lockfile
 
   types:
-    runs-on: big-boi
+    runs-on: ubuntu-latest
     needs: setup
     strategy:
       fail-fast: false
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v6
+        uses: actions/checkout@v4
         with:
           submodules: recursive
 
       - name: Set up Node.js
-        uses: actions/setup-node@v6
+        uses: actions/setup-node@v4
         with:
           node-version: "22.18.0"
 
@@ -85,10 +85,10 @@ jobs:
 
       - name: Run docker compose
         run: |
-          docker compose -f ../docker-compose.yml --profile local up -d deps_backend
+          docker compose -f ../docker-compose.yml --profile local --profile deps_backend up -d
 
       - name: Restore dependencies cache
-        uses: actions/cache@v5
+        uses: actions/cache@v4
         with:
           path: ~/.pnpm-store
           key: ${{ needs.setup.outputs.cache-key }}

.github/workflows/repo-workflow-checker.yml

@@ -11,7 +11,7 @@ jobs:
     steps:
       # - name: Wait some time for all actions to start
       #   run: sleep 30
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v4
         # with:
           # fetch-depth: 0
       - name: Set up Python

.gitignore

@@ -178,6 +178,4 @@ autogpt_platform/backend/settings.py
 *.ign.*
 .test-contents
 .claude/settings.local.json
-CLAUDE.local.md
 /autogpt_platform/backend/logs
-.next

AGENTS.md

@@ -16,34 +16,6 @@ See `docs/content/platform/getting-started.md` for setup instructions.
 - Format Python code with `poetry run format`.
 - Format frontend code using `pnpm format`.
 
-## Frontend guidelines:
-
-See `/frontend/CONTRIBUTING.md` for complete patterns. Quick reference:
-
-1. **Pages**: Create in `src/app/(platform)/feature-name/page.tsx`
-   - Add `usePageName.ts` hook for logic
-   - Put sub-components in local `components/` folder
-2. **Components**: Structure as `ComponentName/ComponentName.tsx` + `useComponentName.ts` + `helpers.ts`
-   - Use design system components from `src/components/` (atoms, molecules, organisms)
-   - Never use `src/components/__legacy__/*`
-3. **Data fetching**: Use generated API hooks from `@/app/api/__generated__/endpoints/`
-   - Regenerate with `pnpm generate:api`
-   - Pattern: `use{Method}{Version}{OperationName}`
-4. **Styling**: Tailwind CSS only, use design tokens, Phosphor Icons only
-5. **Testing**: Add Storybook stories for new components, Playwright for E2E
-6. **Code conventions**: Function declarations (not arrow functions) for components/handlers
-
-- Component props should be `interface Props { ... }` (not exported) unless the interface needs to be used outside the component
-- Separate render logic from business logic (component.tsx + useComponent.ts + helpers.ts)
-- Colocate state when possible and avoid creating large components, use sub-components ( local `/components` folder next to the parent component ) when sensible
-- Avoid large hooks, abstract logic into `helpers.ts` files when sensible
-- Use function declarations for components, arrow functions only for callbacks
-- No barrel files or `index.ts` re-exports
-- Avoid comments at all times unless the code is very complex
-- Do not use `useCallback` or `useMemo` unless asked to optimise a given function
-- Do not type hook returns, let Typescript infer as much as possible
-- Never type with `any`, if not types available use `unknown`
-
 ## Testing
 
 - Backend: `poetry run test` (runs pytest with a docker based postgres + prisma).
@@ -51,8 +23,22 @@ See `/frontend/CONTRIBUTING.md` for complete patterns. Quick reference:
 
 Always run the relevant linters and tests before committing.
 Use conventional commit messages for all commits (e.g. `feat(backend): add API`).
-Types: - feat - fix - refactor - ci - dx (developer experience)
-Scopes: - platform - platform/library - platform/marketplace - backend - backend/executor - frontend - frontend/library - frontend/marketplace - blocks
+  Types:
+    - feat
+    - fix
+    - refactor
+    - ci
+    - dx (developer experience)
+  Scopes:
+    - platform
+      - platform/library
+      - platform/marketplace
+      - backend
+        - backend/executor
+      - frontend
+        - frontend/library
+        - frontend/marketplace
+      - blocks
 
 ## Pull requests
 

README.md

@@ -54,7 +54,7 @@ Before proceeding with the installation, ensure your system meets the following
 ### Updated Setup Instructions:
 We've moved to a fully maintained and regularly updated documentation site.
 
-👉 [Follow the official self-hosting guide here](https://agpt.co/docs/platform/getting-started/getting-started)
+👉 [Follow the official self-hosting guide here](https://docs.agpt.co/platform/getting-started/)
 
 
 This tutorial assumes you have Docker, VSCode, git and npm installed.

autogpt_platform/CLAUDE.md

@@ -6,30 +6,152 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 AutoGPT Platform is a monorepo containing:
 
-- **Backend** (`backend`): Python FastAPI server with async support
-- **Frontend** (`frontend`): Next.js React application
-- **Shared Libraries** (`autogpt_libs`): Common Python utilities
+- **Backend** (`/backend`): Python FastAPI server with async support
+- **Frontend** (`/frontend`): Next.js React application
+- **Shared Libraries** (`/autogpt_libs`): Common Python utilities
 
-## Component Documentation
+## Essential Commands
 
-- **Backend**: See @backend/CLAUDE.md for backend-specific commands, architecture, and development tasks
-- **Frontend**: See @frontend/CLAUDE.md for frontend-specific commands, architecture, and development patterns
+### Backend Development
 
-## Key Concepts
+```bash
+# Install dependencies
+cd backend && poetry install
+
+# Run database migrations
+poetry run prisma migrate dev
+
+# Start all services (database, redis, rabbitmq, clamav)
+docker compose up -d
+
+# Run the backend server
+poetry run serve
+
+# Run tests
+poetry run test
+
+# Run specific test
+poetry run pytest path/to/test_file.py::test_function_name
+
+# Run block tests (tests that validate all blocks work correctly)
+poetry run pytest backend/blocks/test/test_block.py -xvs
+
+# Run tests for a specific block (e.g., GetCurrentTimeBlock)
+poetry run pytest 'backend/blocks/test/test_block.py::test_available_blocks[GetCurrentTimeBlock]' -xvs
+
+# Lint and format
+# prefer format if you want to just "fix" it and only get the errors that can't be autofixed
+poetry run format  # Black + isort
+poetry run lint    # ruff
+```
+
+More details can be found in TESTING.md
+
+#### Creating/Updating Snapshots
+
+When you first write a test or when the expected output changes:
+
+```bash
+poetry run pytest path/to/test.py --snapshot-update
+```
+
+⚠️ **Important**: Always review snapshot changes before committing! Use `git diff` to verify the changes are expected.
+
+### Frontend Development
+
+```bash
+# Install dependencies
+cd frontend && pnpm i
+
+# Generate API client from OpenAPI spec
+pnpm generate:api
+
+# Start development server
+pnpm dev
+
+# Run E2E tests
+pnpm test
+
+# Run Storybook for component development
+pnpm storybook
+
+# Build production
+pnpm build
+
+# Format and lint
+pnpm format
+
+# Type checking
+pnpm types
+```
+
+**📖 Complete Guide**: See `/frontend/CONTRIBUTING.md` and `/frontend/.cursorrules` for comprehensive frontend patterns.
+
+**Key Frontend Conventions:**
+
+- Separate render logic from data/behavior in components
+- Use generated API hooks from `@/app/api/__generated__/endpoints/`
+- Use function declarations (not arrow functions) for components/handlers
+- Use design system components from `src/components/` (atoms, molecules, organisms)
+- Only use Phosphor Icons
+- Never use `src/components/__legacy__/*` or deprecated `BackendAPI`
+
+## Architecture Overview
+
+### Backend Architecture
+
+- **API Layer**: FastAPI with REST and WebSocket endpoints
+- **Database**: PostgreSQL with Prisma ORM, includes pgvector for embeddings
+- **Queue System**: RabbitMQ for async task processing
+- **Execution Engine**: Separate executor service processes agent workflows
+- **Authentication**: JWT-based with Supabase integration
+- **Security**: Cache protection middleware prevents sensitive data caching in browsers/proxies
+
+### Frontend Architecture
+
+- **Framework**: Next.js 15 App Router (client-first approach)
+- **Data Fetching**: Type-safe generated API hooks via Orval + React Query
+- **State Management**: React Query for server state, co-located UI state in components/hooks
+- **Component Structure**: Separate render logic (`.tsx`) from business logic (`use*.ts` hooks)
+- **Workflow Builder**: Visual graph editor using @xyflow/react
+- **UI Components**: shadcn/ui (Radix UI primitives) with Tailwind CSS styling
+- **Icons**: Phosphor Icons only
+- **Feature Flags**: LaunchDarkly integration
+- **Error Handling**: ErrorCard for render errors, toast for mutations, Sentry for exceptions
+- **Testing**: Playwright for E2E, Storybook for component development
+
+### Key Concepts
 
 1. **Agent Graphs**: Workflow definitions stored as JSON, executed by the backend
-2. **Blocks**: Reusable components in `backend/backend/blocks/` that perform specific tasks
+2. **Blocks**: Reusable components in `/backend/blocks/` that perform specific tasks
 3. **Integrations**: OAuth and API connections stored per user
 4. **Store**: Marketplace for sharing agent templates
 5. **Virus Scanning**: ClamAV integration for file upload security
 
+### Testing Approach
+
+- Backend uses pytest with snapshot testing for API responses
+- Test files are colocated with source files (`*_test.py`)
+- Frontend uses Playwright for E2E tests
+- Component testing via Storybook
+
+### Database Schema
+
+Key models (defined in `/backend/schema.prisma`):
+
+- `User`: Authentication and profile data
+- `AgentGraph`: Workflow definitions with version control
+- `AgentGraphExecution`: Execution history and results
+- `AgentNode`: Individual nodes in a workflow
+- `StoreListing`: Marketplace listings for sharing agents
+
 ### Environment Configuration
 
 #### Configuration Files
 
-- **Backend**: `backend/.env.default` (defaults) → `backend/.env` (user overrides)
-- **Frontend**: `frontend/.env.default` (defaults) → `frontend/.env` (user overrides)
-- **Platform**: `.env.default` (Supabase/shared defaults) → `.env` (user overrides)
+- **Backend**: `/backend/.env.default` (defaults) → `/backend/.env` (user overrides)
+- **Frontend**: `/frontend/.env.default` (defaults) → `/frontend/.env` (user overrides)
+- **Platform**: `/.env.default` (Supabase/shared defaults) → `/.env` (user overrides)
 
 #### Docker Environment Loading Order
 
@@ -45,12 +167,75 @@ AutoGPT Platform is a monorepo containing:
 - Backend/Frontend services use YAML anchors for consistent configuration
 - Supabase services (`db/docker/docker-compose.yml`) follow the same pattern
 
+### Common Development Tasks
+
+**Adding a new block:**
+
+Follow the comprehensive [Block SDK Guide](../../../docs/content/platform/block-sdk-guide.md) which covers:
+
+- Provider configuration with `ProviderBuilder`
+- Block schema definition
+- Authentication (API keys, OAuth, webhooks)
+- Testing and validation
+- File organization
+
+Quick steps:
+
+1. Create new file in `/backend/backend/blocks/`
+2. Configure provider using `ProviderBuilder` in `_config.py`
+3. Inherit from `Block` base class
+4. Define input/output schemas using `BlockSchema`
+5. Implement async `run` method
+6. Generate unique block ID using `uuid.uuid4()`
+7. Test with `poetry run pytest backend/blocks/test/test_block.py`
+
+Note: when making many new blocks analyze the interfaces for each of these blocks and picture if they would go well together in a graph based editor or would they struggle to connect productively?
+ex: do the inputs and outputs tie well together?
+
+If you get any pushback or hit complex block conditions check the new_blocks guide in the docs.
+
+**Modifying the API:**
+
+1. Update route in `/backend/backend/server/routers/`
+2. Add/update Pydantic models in same directory
+3. Write tests alongside the route file
+4. Run `poetry run test` to verify
+
+**Frontend feature development:**
+
+See `/frontend/CONTRIBUTING.md` for complete patterns. Quick reference:
+
+1. **Pages**: Create in `src/app/(platform)/feature-name/page.tsx`
+   - Add `usePageName.ts` hook for logic
+   - Put sub-components in local `components/` folder
+2. **Components**: Structure as `ComponentName/ComponentName.tsx` + `useComponentName.ts` + `helpers.ts`
+   - Use design system components from `src/components/` (atoms, molecules, organisms)
+   - Never use `src/components/__legacy__/*`
+3. **Data fetching**: Use generated API hooks from `@/app/api/__generated__/endpoints/`
+   - Regenerate with `pnpm generate:api`
+   - Pattern: `use{Method}{Version}{OperationName}`
+4. **Styling**: Tailwind CSS only, use design tokens, Phosphor Icons only
+5. **Testing**: Add Storybook stories for new components, Playwright for E2E
+6. **Code conventions**: Function declarations (not arrow functions) for components/handlers
+
+### Security Implementation
+
+**Cache Protection Middleware:**
+
+- Located in `/backend/backend/server/middleware/security.py`
+- Default behavior: Disables caching for ALL endpoints with `Cache-Control: no-store, no-cache, must-revalidate, private`
+- Uses an allow list approach - only explicitly permitted paths can be cached
+- Cacheable paths include: static assets (`/static/*`, `/_next/static/*`), health checks, public store pages, documentation
+- Prevents sensitive data (auth tokens, API keys, user data) from being cached by browsers/proxies
+- To allow caching for a new endpoint, add it to `CACHEABLE_PATHS` in the middleware
+- Applied to both main API server and external API applications
+
 ### Creating Pull Requests
 
-- Create the PR against the `dev` branch of the repository.
-- Ensure the branch name is descriptive (e.g., `feature/add-new-block`)
-- Use conventional commit messages (see below)
-- Fill out the .github/PULL_REQUEST_TEMPLATE.md template as the PR description
+- Create the PR aginst the `dev` branch of the repository.
+- Ensure the branch name is descriptive (e.g., `feature/add-new-block`)/
+- Use conventional commit messages (see below)/
+- Fill out the .github/PULL_REQUEST_TEMPLATE.md template as the PR description/
 - Run the github pre-commit hooks to ensure code quality.
 
 ### Reviewing/Revising Pull Requests

autogpt_platform/autogpt_libs/pyproject.toml

@@ -9,25 +9,25 @@ packages = [{ include = "autogpt_libs" }]
 [tool.poetry.dependencies]
 python = ">=3.10,<4.0"
 colorama = "^0.4.6"
-cryptography = "^46.0"
+cryptography = "^45.0"
 expiringdict = "^1.2.2"
-fastapi = "^0.128.0"
-google-cloud-logging = "^3.13.0"
-launchdarkly-server-sdk = "^9.14.1"
-pydantic = "^2.12.5"
-pydantic-settings = "^2.12.0"
-pyjwt = { version = "^2.11.0", extras = ["crypto"] }
+fastapi = "^0.116.1"
+google-cloud-logging = "^3.12.1"
+launchdarkly-server-sdk = "^9.12.0"
+pydantic = "^2.11.7"
+pydantic-settings = "^2.10.1"
+pyjwt = { version = "^2.10.1", extras = ["crypto"] }
 redis = "^6.2.0"
-supabase = "^2.27.2"
-uvicorn = "^0.40.0"
+supabase = "^2.16.0"
+uvicorn = "^0.35.0"
 
 [tool.poetry.group.dev.dependencies]
-pyright = "^1.1.408"
+pyright = "^1.1.404"
 pytest = "^8.4.1"
-pytest-asyncio = "^1.3.0"
-pytest-mock = "^3.15.1"
-pytest-cov = "^7.0.0"
-ruff = "^0.15.0"
+pytest-asyncio = "^1.1.0"
+pytest-mock = "^3.14.1"
+pytest-cov = "^6.2.1"
+ruff = "^0.12.11"
 
 [build-system]
 requires = ["poetry-core"]

autogpt_platform/backend/.env.default

@@ -152,7 +152,6 @@ REPLICATE_API_KEY=
 REVID_API_KEY=
 SCREENSHOTONE_API_KEY=
 UNREAL_SPEECH_API_KEY=
-ELEVENLABS_API_KEY=
 
 # Data & Search Services
 E2B_API_KEY=
@@ -179,10 +178,5 @@ AYRSHARE_JWT_KEY=
 SMARTLEAD_API_KEY=
 ZEROBOUNCE_API_KEY=
 
-# PostHog Analytics
-# Get API key from https://posthog.com - Project Settings > Project API Key
-POSTHOG_API_KEY=
-POSTHOG_HOST=https://eu.i.posthog.com
-
 # Other Services
 AUTOMOD_API_KEY=

autogpt_platform/backend/.gitignore

@@ -19,6 +19,3 @@ load-tests/*.json
 load-tests/*.log
 load-tests/node_modules/*
 migrations/*/rollback*.sql
-
-# Workspace files
-workspaces/

autogpt_platform/backend/CLAUDE.md

@@ -1,170 +0,0 @@
-# CLAUDE.md - Backend
-
-This file provides guidance to Claude Code when working with the backend.
-
-## Essential Commands
-
-To run something with Python package dependencies you MUST use `poetry run ...`.
-
-```bash
-# Install dependencies
-poetry install
-
-# Run database migrations
-poetry run prisma migrate dev
-
-# Start all services (database, redis, rabbitmq, clamav)
-docker compose up -d
-
-# Run the backend as a whole
-poetry run app
-
-# Run tests
-poetry run test
-
-# Run specific test
-poetry run pytest path/to/test_file.py::test_function_name
-
-# Run block tests (tests that validate all blocks work correctly)
-poetry run pytest backend/blocks/test/test_block.py -xvs
-
-# Run tests for a specific block (e.g., GetCurrentTimeBlock)
-poetry run pytest 'backend/blocks/test/test_block.py::test_available_blocks[GetCurrentTimeBlock]' -xvs
-
-# Lint and format
-# prefer format if you want to just "fix" it and only get the errors that can't be autofixed
-poetry run format  # Black + isort
-poetry run lint    # ruff
-```
-
-More details can be found in @TESTING.md
-
-### Creating/Updating Snapshots
-
-When you first write a test or when the expected output changes:
-
-```bash
-poetry run pytest path/to/test.py --snapshot-update
-```
-
-⚠️ **Important**: Always review snapshot changes before committing! Use `git diff` to verify the changes are expected.
-
-## Architecture
-
-- **API Layer**: FastAPI with REST and WebSocket endpoints
-- **Database**: PostgreSQL with Prisma ORM, includes pgvector for embeddings
-- **Queue System**: RabbitMQ for async task processing
-- **Execution Engine**: Separate executor service processes agent workflows
-- **Authentication**: JWT-based with Supabase integration
-- **Security**: Cache protection middleware prevents sensitive data caching in browsers/proxies
-
-## Testing Approach
-
-- Uses pytest with snapshot testing for API responses
-- Test files are colocated with source files (`*_test.py`)
-
-## Database Schema
-
-Key models (defined in `schema.prisma`):
-
-- `User`: Authentication and profile data
-- `AgentGraph`: Workflow definitions with version control
-- `AgentGraphExecution`: Execution history and results
-- `AgentNode`: Individual nodes in a workflow
-- `StoreListing`: Marketplace listings for sharing agents
-
-## Environment Configuration
-
-- **Backend**: `.env.default` (defaults) → `.env` (user overrides)
-
-## Common Development Tasks
-
-### Adding a new block
-
-Follow the comprehensive [Block SDK Guide](@../../docs/content/platform/block-sdk-guide.md) which covers:
-
-- Provider configuration with `ProviderBuilder`
-- Block schema definition
-- Authentication (API keys, OAuth, webhooks)
-- Testing and validation
-- File organization
-
-Quick steps:
-
-1. Create new file in `backend/blocks/`
-2. Configure provider using `ProviderBuilder` in `_config.py`
-3. Inherit from `Block` base class
-4. Define input/output schemas using `BlockSchema`
-5. Implement async `run` method
-6. Generate unique block ID using `uuid.uuid4()`
-7. Test with `poetry run pytest backend/blocks/test/test_block.py`
-
-Note: when making many new blocks analyze the interfaces for each of these blocks and picture if they would go well together in a graph-based editor or would they struggle to connect productively?
-ex: do the inputs and outputs tie well together?
-
-If you get any pushback or hit complex block conditions check the new_blocks guide in the docs.
-
-#### Handling files in blocks with `store_media_file()`
-
-When blocks need to work with files (images, videos, documents), use `store_media_file()` from `backend.util.file`. The `return_format` parameter determines what you get back:
-
-| Format | Use When | Returns |
-|--------|----------|---------|
-| `"for_local_processing"` | Processing with local tools (ffmpeg, MoviePy, PIL) | Local file path (e.g., `"image.png"`) |
-| `"for_external_api"` | Sending content to external APIs (Replicate, OpenAI) | Data URI (e.g., `"data:image/png;base64,..."`) |
-| `"for_block_output"` | Returning output from your block | Smart: `workspace://` in CoPilot, data URI in graphs |
-
-**Examples:**
-
-```python
-# INPUT: Need to process file locally with ffmpeg
-local_path = await store_media_file(
-    file=input_data.video,
-    execution_context=execution_context,
-    return_format="for_local_processing",
-)
-# local_path = "video.mp4" - use with Path/ffmpeg/etc
-
-# INPUT: Need to send to external API like Replicate
-image_b64 = await store_media_file(
-    file=input_data.image,
-    execution_context=execution_context,
-    return_format="for_external_api",
-)
-# image_b64 = "data:image/png;base64,iVBORw0..." - send to API
-
-# OUTPUT: Returning result from block
-result_url = await store_media_file(
-    file=generated_image_url,
-    execution_context=execution_context,
-    return_format="for_block_output",
-)
-yield "image_url", result_url
-# In CoPilot: result_url = "workspace://abc123"
-# In graphs:  result_url = "data:image/png;base64,..."
-```
-
-**Key points:**
-
-- `for_block_output` is the ONLY format that auto-adapts to execution context
-- Always use `for_block_output` for block outputs unless you have a specific reason not to
-- Never hardcode workspace checks - let `for_block_output` handle it
-
-### Modifying the API
-
-1. Update route in `backend/api/features/`
-2. Add/update Pydantic models in same directory
-3. Write tests alongside the route file
-4. Run `poetry run test` to verify
-
-## Security Implementation
-
-### Cache Protection Middleware
-
-- Located in `backend/api/middleware/security.py`
-- Default behavior: Disables caching for ALL endpoints with `Cache-Control: no-store, no-cache, must-revalidate, private`
-- Uses an allow list approach - only explicitly permitted paths can be cached
-- Cacheable paths include: static assets (`static/*`, `_next/static/*`), health checks, public store pages, documentation
-- Prevents sensitive data (auth tokens, API keys, user data) from being cached by browsers/proxies
-- To allow caching for a new endpoint, add it to `CACHEABLE_PATHS` in the middleware
-- Applied to both main API server and external API applications

autogpt_platform/backend/Dockerfile

@@ -62,12 +62,10 @@ ENV POETRY_HOME=/opt/poetry \
     DEBIAN_FRONTEND=noninteractive
 ENV PATH=/opt/poetry/bin:$PATH
 
-# Install Python, FFmpeg, and ImageMagick (required for video processing blocks)
+# Install Python without upgrading system-managed packages
 RUN apt-get update && apt-get install -y \
     python3.13 \
     python3-pip \
-    ffmpeg \
-    imagemagick \
     && rm -rf /var/lib/apt/lists/*
 
 # Copy only necessary files from builder

autogpt_platform/backend/TESTING.md

@@ -138,7 +138,7 @@ If the test doesn't need the `user_id` specifically, mocking is not necessary as
 
 #### Using Global Auth Fixtures
 
-Two global auth fixtures are provided by `backend/api/conftest.py`:
+Two global auth fixtures are provided by `backend/server/conftest.py`:
 
 - `mock_jwt_user` - Regular user with `test_user_id` ("test-user-id")
 - `mock_jwt_admin` - Admin user with `admin_user_id` ("admin-user-id")

autogpt_platform/backend/backend/api/external/fastapi_app.py

@@ -1,21 +1,57 @@
-from fastapi import FastAPI
+"""
+External API Application
+
+This module defines the main FastAPI application for the external API,
+which mounts the v1 and v2 sub-applications.
+"""
+
+from fastapi import FastAPI
+from fastapi.responses import RedirectResponse
 
-from backend.api.middleware.security import SecurityHeadersMiddleware
 from backend.monitoring.instrumentation import instrument_fastapi
 
-from .v1.routes import v1_router
+from .v1.app import v1_app
+from .v2.app import v2_app
+
+DESCRIPTION = """
+The external API provides programmatic access to the AutoGPT Platform for building
+integrations, automations, and custom applications.
+
+### API Versions
+
+| Version             | End of Life | Path                   | Documentation |
+|---------------------|-------------|------------------------|---------------|
+| **v2**              |             | `/external-api/v2/...` | [v2 docs](v2/docs) |
+| **v1** (deprecated) | 2025-05-01  | `/external-api/v1/...` | [v1 docs](v1/docs) |
+
+**Recommendation**: New integrations should use v2.
+
+For authentication details and usage examples, see the
+[API Integration Guide](https://docs.agpt.co/platform/integrating/api-guide/).
+"""
 
 external_api = FastAPI(
-    title="AutoGPT External API",
-    description="External API for AutoGPT integrations",
+    title="AutoGPT Platform API",
+    summary="External API for AutoGPT Platform integrations",
+    description=DESCRIPTION,
+    version="2.0.0",
     docs_url="/docs",
-    version="1.0",
+    redoc_url="/redoc",
 )
 
-external_api.add_middleware(SecurityHeadersMiddleware)
-external_api.include_router(v1_router, prefix="/v1")
 
-# Add Prometheus instrumentation
+@external_api.get("/", include_in_schema=False)
+async def root_redirect() -> RedirectResponse:
+    """Redirect root to API documentation."""
+    return RedirectResponse(url="/docs")
+
+
+# Mount versioned sub-applications
+# Each sub-app has its own /docs page at /v1/docs and /v2/docs
+external_api.mount("/v1", v1_app)
+external_api.mount("/v2", v2_app)
+
+# Add Prometheus instrumentation to the main app
 instrument_fastapi(
     external_api,
     service_name="external-api",

autogpt_platform/backend/backend/api/external/v1/app.py

@@ -0,0 +1,39 @@
+"""
+V1 External API Application
+
+This module defines the FastAPI application for the v1 external API.
+"""
+
+from fastapi import FastAPI
+
+from backend.api.middleware.security import SecurityHeadersMiddleware
+
+from .routes import v1_router
+
+DESCRIPTION = """
+The v1 API provides access to core AutoGPT functionality for external integrations.
+
+For authentication details and usage examples, see the
+[API Integration Guide](https://docs.agpt.co/platform/integrating/api-guide/).
+"""
+
+v1_app = FastAPI(
+    title="AutoGPT Platform API",
+    summary="External API for AutoGPT Platform integrations (v1)",
+    description=DESCRIPTION,
+    version="1.0.0",
+    docs_url="/docs",
+    redoc_url="/redoc",
+    openapi_url="/openapi.json",
+    openapi_tags=[
+        {"name": "user", "description": "User information"},
+        {"name": "blocks", "description": "Block operations"},
+        {"name": "graphs", "description": "Graph execution"},
+        {"name": "store", "description": "Marketplace agents and creators"},
+        {"name": "integrations", "description": "OAuth credential management"},
+        {"name": "tools", "description": "AI assistant tools"},
+    ],
+)
+
+v1_app.add_middleware(SecurityHeadersMiddleware)
+v1_app.include_router(v1_router)

autogpt_platform/backend/backend/api/external/v1/routes.py

@@ -86,8 +86,6 @@ async def execute_graph_block(
     obj = backend.data.block.get_block(block_id)
     if not obj:
         raise HTTPException(status_code=404, detail=f"Block #{block_id} not found.")
-    if obj.disabled:
-        raise HTTPException(status_code=403, detail=f"Block #{block_id} is disabled.")
 
     output = defaultdict(list)
     async for name, data in obj.execute(data):

autogpt_platform/backend/backend/api/external/v2/__init__.py

@@ -0,0 +1,9 @@
+"""
+V2 External API
+
+This module provides the v2 external API for programmatic access to the AutoGPT Platform.
+"""
+
+from .routes import v2_router
+
+__all__ = ["v2_router"]

autogpt_platform/backend/backend/api/external/v2/app.py

@@ -0,0 +1,82 @@
+"""
+V2 External API Application
+
+This module defines the FastAPI application for the v2 external API.
+"""
+
+from fastapi import FastAPI
+
+from backend.api.middleware.security import SecurityHeadersMiddleware
+
+from .routes import v2_router
+
+DESCRIPTION = """
+The v2 API provides comprehensive access to the AutoGPT Platform for building
+integrations, automations, and custom applications.
+
+### Key Improvements over v1
+
+- **Consistent naming**: Uses `graph_id`/`graph_version` consistently
+- **Better pagination**: All list endpoints support pagination
+- **Comprehensive coverage**: Access to library, runs, schedules, credits, and more
+- **Human-in-the-loop**: Review and approve agent decisions via the API
+
+For authentication details and usage examples, see the
+[API Integration Guide](https://docs.agpt.co/platform/integrating/api-guide/).
+
+### Pagination
+
+List endpoints return paginated responses. Use `page` and `page_size` query
+parameters to navigate results. Maximum page size is 100 items.
+"""
+
+v2_app = FastAPI(
+    title="AutoGPT Platform External API",
+    summary="External API for AutoGPT Platform integrations (v2)",
+    description=DESCRIPTION,
+    version="2.0.0",
+    docs_url="/docs",
+    redoc_url="/redoc",
+    openapi_url="/openapi.json",
+    openapi_tags=[
+        {
+            "name": "graphs",
+            "description": "Create, update, and manage agent graphs",
+        },
+        {
+            "name": "schedules",
+            "description": "Manage scheduled graph executions",
+        },
+        {
+            "name": "blocks",
+            "description": "Discover available building blocks",
+        },
+        {
+            "name": "marketplace",
+            "description": "Browse agents and creators, manage submissions",
+        },
+        {
+            "name": "library",
+            "description": "Access your agent library and execute agents",
+        },
+        {
+            "name": "runs",
+            "description": "Monitor execution runs and human-in-the-loop reviews",
+        },
+        {
+            "name": "credits",
+            "description": "Check balance and view transaction history",
+        },
+        {
+            "name": "integrations",
+            "description": "Manage OAuth credentials for external services",
+        },
+        {
+            "name": "files",
+            "description": "Upload files for agent input",
+        },
+    ],
+)
+
+v2_app.add_middleware(SecurityHeadersMiddleware)
+v2_app.include_router(v2_router)

autogpt_platform/backend/backend/api/external/v2/blocks.py

@@ -0,0 +1,140 @@
+"""
+V2 External API - Blocks Endpoints
+
+Provides read-only access to available building blocks.
+"""
+
+import logging
+from typing import Any
+
+from fastapi import APIRouter, Response, Security
+from fastapi.concurrency import run_in_threadpool
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.block import get_blocks
+from backend.util.cache import cached
+from backend.util.json import dumps
+
+logger = logging.getLogger(__name__)
+
+blocks_router = APIRouter()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class BlockCost(BaseModel):
+    """Cost information for a block."""
+
+    cost_type: str = Field(description="Type of cost (e.g., 'per_call', 'per_token')")
+    cost_filter: dict[str, Any] = Field(
+        default_factory=dict, description="Conditions for this cost"
+    )
+    cost_amount: int = Field(description="Cost amount in credits")
+
+
+class Block(BaseModel):
+    """A building block that can be used in graphs."""
+
+    id: str
+    name: str
+    description: str
+    categories: list[str] = Field(default_factory=list)
+    input_schema: dict[str, Any]
+    output_schema: dict[str, Any]
+    costs: list[BlockCost] = Field(default_factory=list)
+    disabled: bool = Field(default=False)
+
+
+class BlocksListResponse(BaseModel):
+    """Response for listing blocks."""
+
+    blocks: list[Block]
+    total_count: int
+
+
+# ============================================================================
+# Internal Functions
+# ============================================================================
+
+
+def _compute_blocks_sync() -> str:
+    """
+    Synchronous function to compute blocks data.
+    This does the heavy lifting: instantiate 226+ blocks, compute costs, serialize.
+    """
+    from backend.data.credit import get_block_cost
+
+    block_classes = get_blocks()
+    result = []
+
+    for block_class in block_classes.values():
+        block_instance = block_class()
+        if not block_instance.disabled:
+            costs = get_block_cost(block_instance)
+            # Convert BlockCost BaseModel objects to dictionaries
+            costs_dict = [
+                cost.model_dump() if isinstance(cost, BaseModel) else cost
+                for cost in costs
+            ]
+            result.append({**block_instance.to_dict(), "costs": costs_dict})
+
+    return dumps(result)
+
+
+@cached(ttl_seconds=3600)
+async def _get_cached_blocks() -> str:
+    """
+    Async cached function with thundering herd protection.
+    On cache miss: runs heavy work in thread pool
+    On cache hit: returns cached string immediately
+    """
+    return await run_in_threadpool(_compute_blocks_sync)
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+@blocks_router.get(
+    path="",
+    summary="List available blocks",
+    responses={
+        200: {
+            "description": "List of available building blocks",
+            "content": {
+                "application/json": {
+                    "schema": {
+                        "items": {"additionalProperties": True, "type": "object"},
+                        "type": "array",
+                    }
+                }
+            },
+        }
+    },
+)
+async def list_blocks(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_BLOCK)
+    ),
+) -> Response:
+    """
+    List all available building blocks that can be used in graphs.
+
+    Each block represents a specific capability (e.g., HTTP request, text processing,
+    AI completion, etc.) that can be connected in a graph to create an agent.
+
+    The response includes input/output schemas for each block, as well as
+    cost information for blocks that consume credits.
+    """
+    content = await _get_cached_blocks()
+    return Response(
+        content=content,
+        media_type="application/json",
+    )

autogpt_platform/backend/backend/api/external/v2/common.py

@@ -0,0 +1,36 @@
+"""
+Common utilities for V2 External API
+"""
+
+from typing import TypeVar
+
+from pydantic import BaseModel, Field
+
+# Constants for pagination
+MAX_PAGE_SIZE = 100
+DEFAULT_PAGE_SIZE = 20
+
+
+class PaginationParams(BaseModel):
+    """Common pagination parameters."""
+
+    page: int = Field(default=1, ge=1, description="Page number (1-indexed)")
+    page_size: int = Field(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Number of items per page (max {MAX_PAGE_SIZE})",
+    )
+
+
+T = TypeVar("T")
+
+
+class PaginatedResponse(BaseModel):
+    """Generic paginated response wrapper."""
+
+    items: list
+    total_count: int = Field(description="Total number of items across all pages")
+    page: int = Field(description="Current page number (1-indexed)")
+    page_size: int = Field(description="Number of items per page")
+    total_pages: int = Field(description="Total number of pages")

autogpt_platform/backend/backend/api/external/v2/credits.py

@@ -0,0 +1,141 @@
+"""
+V2 External API - Credits Endpoints
+
+Provides access to credit balance and transaction history.
+"""
+
+import logging
+from datetime import datetime
+from typing import Optional
+
+from fastapi import APIRouter, Query, Security
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.credit import get_user_credit_model
+
+from .common import DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE
+
+logger = logging.getLogger(__name__)
+
+credits_router = APIRouter()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class CreditBalance(BaseModel):
+    """User's credit balance."""
+
+    balance: int = Field(description="Current credit balance")
+
+
+class CreditTransaction(BaseModel):
+    """A credit transaction."""
+
+    transaction_key: str
+    amount: int = Field(description="Transaction amount (positive or negative)")
+    type: str = Field(description="One of: TOP_UP, USAGE, GRANT, REFUND")
+    transaction_time: datetime
+    running_balance: Optional[int] = Field(
+        default=None, description="Balance after this transaction"
+    )
+    description: Optional[str] = None
+
+
+class CreditTransactionsResponse(BaseModel):
+    """Response for listing credit transactions."""
+
+    transactions: list[CreditTransaction]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+@credits_router.get(
+    path="",
+    summary="Get credit balance",
+    response_model=CreditBalance,
+)
+async def get_balance(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_CREDITS)
+    ),
+) -> CreditBalance:
+    """
+    Get the current credit balance for the authenticated user.
+    """
+    user_credit_model = await get_user_credit_model(auth.user_id)
+    balance = await user_credit_model.get_credits(auth.user_id)
+
+    return CreditBalance(balance=balance)
+
+
+@credits_router.get(
+    path="/transactions",
+    summary="Get transaction history",
+    response_model=CreditTransactionsResponse,
+)
+async def get_transactions(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_CREDITS)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+    transaction_type: Optional[str] = Query(
+        default=None,
+        description="Filter by transaction type (TOP_UP, USAGE, GRANT, REFUND)",
+    ),
+) -> CreditTransactionsResponse:
+    """
+    Get credit transaction history for the authenticated user.
+
+    Returns transactions sorted by most recent first.
+    """
+    user_credit_model = await get_user_credit_model(auth.user_id)
+
+    history = await user_credit_model.get_transaction_history(
+        user_id=auth.user_id,
+        transaction_count_limit=page_size,
+        transaction_type=transaction_type,
+    )
+
+    transactions = [
+        CreditTransaction(
+            transaction_key=t.transaction_key,
+            amount=t.amount,
+            type=t.transaction_type.value,
+            transaction_time=t.transaction_time,
+            running_balance=t.running_balance,
+            description=t.description,
+        )
+        for t in history.transactions
+    ]
+
+    # Note: The current credit module doesn't support true pagination,
+    # so we're returning what we have
+    total_count = len(transactions)
+    total_pages = 1  # Without true pagination support
+
+    return CreditTransactionsResponse(
+        transactions=transactions,
+        total_count=total_count,
+        page=page,
+        page_size=page_size,
+        total_pages=total_pages,
+    )

autogpt_platform/backend/backend/api/external/v2/files.py

@@ -0,0 +1,132 @@
+"""
+V2 External API - Files Endpoints
+
+Provides file upload functionality for agent inputs.
+"""
+
+import base64
+import logging
+
+from fastapi import APIRouter, File, HTTPException, Query, Security, UploadFile
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.util.cloud_storage import get_cloud_storage_handler
+from backend.util.settings import Settings
+from backend.util.virus_scanner import scan_content_safe
+
+logger = logging.getLogger(__name__)
+settings = Settings()
+
+files_router = APIRouter()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class UploadFileResponse(BaseModel):
+    """Response after uploading a file."""
+
+    file_uri: str = Field(description="URI to reference the uploaded file in agents")
+    file_name: str
+    size: int = Field(description="File size in bytes")
+    content_type: str
+    expires_in_hours: int
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+def _create_file_size_error(size_bytes: int, max_size_mb: int) -> HTTPException:
+    """Create standardized file size error response."""
+    return HTTPException(
+        status_code=400,
+        detail=f"File size ({size_bytes} bytes) exceeds the maximum allowed size of {max_size_mb}MB",
+    )
+
+
+@files_router.post(
+    path="/upload",
+    summary="Upload a file",
+    response_model=UploadFileResponse,
+)
+async def upload_file(
+    file: UploadFile = File(...),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.UPLOAD_FILES)
+    ),
+    provider: str = Query(
+        default="gcs", description="Storage provider (gcs, s3, azure)"
+    ),
+    expiration_hours: int = Query(
+        default=24, ge=1, le=48, description="Hours until file expires (1-48)"
+    ),
+) -> UploadFileResponse:
+    """
+    Upload a file to cloud storage for use with agents.
+
+    The returned `file_uri` can be used as input to agents that accept file inputs
+    (e.g., FileStoreBlock, AgentFileInputBlock).
+
+    Files are automatically scanned for viruses before storage.
+    """
+    # Check file size limit
+    max_size_mb = settings.config.upload_file_size_limit_mb
+    max_size_bytes = max_size_mb * 1024 * 1024
+
+    # Try to get file size from headers first
+    if hasattr(file, "size") and file.size is not None and file.size > max_size_bytes:
+        raise _create_file_size_error(file.size, max_size_mb)
+
+    # Read file content
+    content = await file.read()
+    content_size = len(content)
+
+    # Double-check file size after reading
+    if content_size > max_size_bytes:
+        raise _create_file_size_error(content_size, max_size_mb)
+
+    # Extract file info
+    file_name = file.filename or "uploaded_file"
+    content_type = file.content_type or "application/octet-stream"
+
+    # Virus scan the content
+    await scan_content_safe(content, filename=file_name)
+
+    # Check if cloud storage is configured
+    cloud_storage = await get_cloud_storage_handler()
+    if not cloud_storage.config.gcs_bucket_name:
+        # Fallback to base64 data URI when GCS is not configured
+        base64_content = base64.b64encode(content).decode("utf-8")
+        data_uri = f"data:{content_type};base64,{base64_content}"
+
+        return UploadFileResponse(
+            file_uri=data_uri,
+            file_name=file_name,
+            size=content_size,
+            content_type=content_type,
+            expires_in_hours=expiration_hours,
+        )
+
+    # Store in cloud storage
+    storage_path = await cloud_storage.store_file(
+        content=content,
+        filename=file_name,
+        provider=provider,
+        expiration_hours=expiration_hours,
+        user_id=auth.user_id,
+    )
+
+    return UploadFileResponse(
+        file_uri=storage_path,
+        file_name=file_name,
+        size=content_size,
+        content_type=content_type,
+        expires_in_hours=expiration_hours,
+    )

autogpt_platform/backend/backend/api/external/v2/graphs.py

@@ -0,0 +1,445 @@
+"""
+V2 External API - Graphs Endpoints
+
+Provides endpoints for managing agent graphs (CRUD operations).
+"""
+
+import logging
+
+from fastapi import APIRouter, HTTPException, Query, Security
+from prisma.enums import APIKeyPermission
+
+from backend.api.external.middleware import require_permission
+from backend.data import graph as graph_db
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.integrations.webhooks.graph_lifecycle_hooks import (
+    on_graph_activate,
+    on_graph_deactivate,
+)
+
+from .common import DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE
+from .models import (
+    CreateGraphRequest,
+    DeleteGraphResponse,
+    GraphDetails,
+    GraphLink,
+    GraphMeta,
+    GraphNode,
+    GraphSettings,
+    GraphsListResponse,
+    SetActiveVersionRequest,
+)
+
+logger = logging.getLogger(__name__)
+
+graphs_router = APIRouter()
+
+
+def _convert_graph_meta(graph: graph_db.GraphMeta) -> GraphMeta:
+    """Convert internal GraphMeta to v2 API model."""
+    return GraphMeta(
+        id=graph.id,
+        version=graph.version,
+        is_active=graph.is_active,
+        name=graph.name,
+        description=graph.description,
+        created_at=graph.created_at,
+        input_schema=graph.input_schema,
+        output_schema=graph.output_schema,
+    )
+
+
+def _convert_graph_details(graph: graph_db.GraphModel) -> GraphDetails:
+    """Convert internal GraphModel to v2 API GraphDetails model."""
+    return GraphDetails(
+        id=graph.id,
+        version=graph.version,
+        is_active=graph.is_active,
+        name=graph.name,
+        description=graph.description,
+        created_at=graph.created_at,
+        input_schema=graph.input_schema,
+        output_schema=graph.output_schema,
+        nodes=[
+            GraphNode(
+                id=node.id,
+                block_id=node.block_id,
+                input_default=node.input_default,
+                metadata=node.metadata,
+            )
+            for node in graph.nodes
+        ],
+        links=[
+            GraphLink(
+                id=link.id,
+                source_id=link.source_id,
+                sink_id=link.sink_id,
+                source_name=link.source_name,
+                sink_name=link.sink_name,
+                is_static=link.is_static,
+            )
+            for link in graph.links
+        ],
+        credentials_input_schema=graph.credentials_input_schema,
+    )
+
+
+@graphs_router.get(
+    path="",
+    summary="List user's graphs",
+    response_model=GraphsListResponse,
+)
+async def list_graphs(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_GRAPH)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> GraphsListResponse:
+    """
+    List all graphs owned by the authenticated user.
+
+    Returns a paginated list of graph metadata (not full graph details).
+    """
+    graphs, pagination_info = await graph_db.list_graphs_paginated(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+        filter_by="active",
+    )
+    return GraphsListResponse(
+        graphs=[_convert_graph_meta(g) for g in graphs],
+        total_count=pagination_info.total_items,
+        page=pagination_info.current_page,
+        page_size=pagination_info.page_size,
+        total_pages=pagination_info.total_pages,
+    )
+
+
+@graphs_router.post(
+    path="",
+    summary="Create a new graph",
+    response_model=GraphDetails,
+)
+async def create_graph(
+    create_graph_request: CreateGraphRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_GRAPH)
+    ),
+) -> GraphDetails:
+    """
+    Create a new agent graph.
+
+    The graph will be validated and assigned a new ID. It will automatically
+    be added to the user's library.
+    """
+    # Import here to avoid circular imports
+    from backend.api.features.library import db as library_db
+
+    # Convert v2 API Graph model to internal Graph model
+    internal_graph = graph_db.Graph(
+        id=create_graph_request.graph.id or "",
+        version=create_graph_request.graph.version,
+        is_active=create_graph_request.graph.is_active,
+        name=create_graph_request.graph.name,
+        description=create_graph_request.graph.description,
+        nodes=[
+            graph_db.Node(
+                id=node.id,
+                block_id=node.block_id,
+                input_default=node.input_default,
+                metadata=node.metadata,
+            )
+            for node in create_graph_request.graph.nodes
+        ],
+        links=[
+            graph_db.Link(
+                id=link.id,
+                source_id=link.source_id,
+                sink_id=link.sink_id,
+                source_name=link.source_name,
+                sink_name=link.sink_name,
+                is_static=link.is_static,
+            )
+            for link in create_graph_request.graph.links
+        ],
+    )
+
+    graph = graph_db.make_graph_model(internal_graph, auth.user_id)
+    graph.reassign_ids(user_id=auth.user_id, reassign_graph_id=True)
+    graph.validate_graph(for_run=False)
+
+    await graph_db.create_graph(graph, user_id=auth.user_id)
+    await library_db.create_library_agent(graph, user_id=auth.user_id)
+    activated_graph = await on_graph_activate(graph, user_id=auth.user_id)
+
+    return _convert_graph_details(activated_graph)
+
+
+@graphs_router.get(
+    path="/{graph_id}",
+    summary="Get graph details",
+    response_model=GraphDetails,
+)
+async def get_graph(
+    graph_id: str,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_GRAPH)
+    ),
+    version: int | None = Query(
+        default=None,
+        description="Specific version to retrieve (default: active version)",
+    ),
+) -> GraphDetails:
+    """
+    Get detailed information about a specific graph.
+
+    By default returns the active version. Use the `version` query parameter
+    to retrieve a specific version.
+    """
+    graph = await graph_db.get_graph(
+        graph_id,
+        version,
+        user_id=auth.user_id,
+        include_subgraphs=True,
+    )
+    if not graph:
+        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found.")
+    return _convert_graph_details(graph)
+
+
+@graphs_router.put(
+    path="/{graph_id}",
+    summary="Update graph (creates new version)",
+    response_model=GraphDetails,
+)
+async def update_graph(
+    graph_id: str,
+    graph_request: CreateGraphRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_GRAPH)
+    ),
+) -> GraphDetails:
+    """
+    Update a graph by creating a new version.
+
+    This does not modify existing versions - it creates a new version with
+    the provided content. The new version becomes the active version.
+    """
+    # Import here to avoid circular imports
+    from backend.api.features.library import db as library_db
+
+    graph_data = graph_request.graph
+    if graph_data.id and graph_data.id != graph_id:
+        raise HTTPException(400, detail="Graph ID does not match ID in URI")
+
+    existing_versions = await graph_db.get_graph_all_versions(
+        graph_id, user_id=auth.user_id
+    )
+    if not existing_versions:
+        raise HTTPException(404, detail=f"Graph #{graph_id} not found")
+
+    latest_version_number = max(g.version for g in existing_versions)
+
+    # Convert v2 API Graph model to internal Graph model
+    internal_graph = graph_db.Graph(
+        id=graph_id,
+        version=latest_version_number + 1,
+        is_active=graph_data.is_active,
+        name=graph_data.name,
+        description=graph_data.description,
+        nodes=[
+            graph_db.Node(
+                id=node.id,
+                block_id=node.block_id,
+                input_default=node.input_default,
+                metadata=node.metadata,
+            )
+            for node in graph_data.nodes
+        ],
+        links=[
+            graph_db.Link(
+                id=link.id,
+                source_id=link.source_id,
+                sink_id=link.sink_id,
+                source_name=link.source_name,
+                sink_name=link.sink_name,
+                is_static=link.is_static,
+            )
+            for link in graph_data.links
+        ],
+    )
+
+    current_active_version = next((v for v in existing_versions if v.is_active), None)
+    graph = graph_db.make_graph_model(internal_graph, auth.user_id)
+    graph.reassign_ids(user_id=auth.user_id, reassign_graph_id=False)
+    graph.validate_graph(for_run=False)
+
+    new_graph_version = await graph_db.create_graph(graph, user_id=auth.user_id)
+
+    if new_graph_version.is_active:
+        await library_db.update_agent_version_in_library(
+            auth.user_id, new_graph_version.id, new_graph_version.version
+        )
+        new_graph_version = await on_graph_activate(
+            new_graph_version, user_id=auth.user_id
+        )
+        await graph_db.set_graph_active_version(
+            graph_id=graph_id, version=new_graph_version.version, user_id=auth.user_id
+        )
+        if current_active_version:
+            await on_graph_deactivate(current_active_version, user_id=auth.user_id)
+
+    new_graph_version_with_subgraphs = await graph_db.get_graph(
+        graph_id,
+        new_graph_version.version,
+        user_id=auth.user_id,
+        include_subgraphs=True,
+    )
+    assert new_graph_version_with_subgraphs
+    return _convert_graph_details(new_graph_version_with_subgraphs)
+
+
+@graphs_router.delete(
+    path="/{graph_id}",
+    summary="Delete graph permanently",
+    response_model=DeleteGraphResponse,
+)
+async def delete_graph(
+    graph_id: str,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_GRAPH)
+    ),
+) -> DeleteGraphResponse:
+    """
+    Permanently delete a graph and all its versions.
+
+    This action cannot be undone. All associated executions will remain
+    but will reference a deleted graph.
+    """
+    if active_version := await graph_db.get_graph(
+        graph_id=graph_id, version=None, user_id=auth.user_id
+    ):
+        await on_graph_deactivate(active_version, user_id=auth.user_id)
+
+    version_count = await graph_db.delete_graph(graph_id, user_id=auth.user_id)
+    return DeleteGraphResponse(version_count=version_count)
+
+
+@graphs_router.get(
+    path="/{graph_id}/versions",
+    summary="List all graph versions",
+    response_model=list[GraphDetails],
+)
+async def list_graph_versions(
+    graph_id: str,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_GRAPH)
+    ),
+) -> list[GraphDetails]:
+    """
+    Get all versions of a specific graph.
+
+    Returns a list of all versions, with the active version marked.
+    """
+    graphs = await graph_db.get_graph_all_versions(graph_id, user_id=auth.user_id)
+    if not graphs:
+        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found.")
+    return [_convert_graph_details(g) for g in graphs]
+
+
+@graphs_router.put(
+    path="/{graph_id}/versions/active",
+    summary="Set active graph version",
+)
+async def set_active_version(
+    graph_id: str,
+    request_body: SetActiveVersionRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_GRAPH)
+    ),
+) -> None:
+    """
+    Set which version of a graph is the active version.
+
+    The active version is used when executing the graph without specifying
+    a version number.
+    """
+    # Import here to avoid circular imports
+    from backend.api.features.library import db as library_db
+
+    new_active_version = request_body.active_graph_version
+    new_active_graph = await graph_db.get_graph(
+        graph_id, new_active_version, user_id=auth.user_id
+    )
+    if not new_active_graph:
+        raise HTTPException(404, f"Graph #{graph_id} v{new_active_version} not found")
+
+    current_active_graph = await graph_db.get_graph(
+        graph_id=graph_id,
+        version=None,
+        user_id=auth.user_id,
+    )
+
+    await on_graph_activate(new_active_graph, user_id=auth.user_id)
+    await graph_db.set_graph_active_version(
+        graph_id=graph_id,
+        version=new_active_version,
+        user_id=auth.user_id,
+    )
+
+    await library_db.update_agent_version_in_library(
+        auth.user_id, new_active_graph.id, new_active_graph.version
+    )
+
+    if current_active_graph and current_active_graph.version != new_active_version:
+        await on_graph_deactivate(current_active_graph, user_id=auth.user_id)
+
+
+@graphs_router.patch(
+    path="/{graph_id}/settings",
+    summary="Update graph settings",
+    response_model=GraphSettings,
+)
+async def update_graph_settings(
+    graph_id: str,
+    settings: GraphSettings,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_GRAPH)
+    ),
+) -> GraphSettings:
+    """
+    Update settings for a graph.
+
+    Currently supports:
+    - human_in_the_loop_safe_mode: Enable/disable safe mode for human-in-the-loop blocks
+    """
+    # Import here to avoid circular imports
+    from backend.api.features.library import db as library_db
+    from backend.data.graph import GraphSettings as InternalGraphSettings
+
+    library_agent = await library_db.get_library_agent_by_graph_id(
+        graph_id=graph_id, user_id=auth.user_id
+    )
+    if not library_agent:
+        raise HTTPException(404, f"Graph #{graph_id} not found in user's library")
+
+    # Convert to internal model
+    internal_settings = InternalGraphSettings(
+        human_in_the_loop_safe_mode=settings.human_in_the_loop_safe_mode
+    )
+
+    updated_agent = await library_db.update_library_agent_settings(
+        user_id=auth.user_id,
+        agent_id=library_agent.id,
+        settings=internal_settings,
+    )
+
+    return GraphSettings(
+        human_in_the_loop_safe_mode=updated_agent.settings.human_in_the_loop_safe_mode
+    )

autogpt_platform/backend/backend/api/external/v2/integrations.py

@@ -0,0 +1,271 @@
+"""
+V2 External API - Integrations Endpoints
+
+Provides access to user's integration credentials.
+"""
+
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, HTTPException, Path, Security
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.library import db as library_db
+from backend.data import graph as graph_db
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.model import Credentials, OAuth2Credentials
+from backend.integrations.creds_manager import IntegrationCredentialsManager
+
+logger = logging.getLogger(__name__)
+
+integrations_router = APIRouter()
+creds_manager = IntegrationCredentialsManager()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class Credential(BaseModel):
+    """A user's credential for an integration."""
+
+    id: str
+    provider: str = Field(description="Integration provider name")
+    title: Optional[str] = Field(
+        default=None, description="User-assigned title for this credential"
+    )
+    scopes: list[str] = Field(default_factory=list, description="Granted scopes")
+
+
+class CredentialsListResponse(BaseModel):
+    """Response for listing credentials."""
+
+    credentials: list[Credential]
+
+
+class CredentialRequirement(BaseModel):
+    """A credential requirement for a graph or agent."""
+
+    provider: str = Field(description="Required provider name")
+    required_scopes: list[str] = Field(
+        default_factory=list, description="Required scopes"
+    )
+    matching_credentials: list[Credential] = Field(
+        default_factory=list,
+        description="User's credentials that match this requirement",
+    )
+
+
+class CredentialRequirementsResponse(BaseModel):
+    """Response for listing credential requirements."""
+
+    requirements: list[CredentialRequirement]
+
+
+# ============================================================================
+# Conversion Functions
+# ============================================================================
+
+
+def _convert_credential(cred: Credentials) -> Credential:
+    """Convert internal credential to v2 API model."""
+    scopes: list[str] = []
+    if isinstance(cred, OAuth2Credentials):
+        scopes = cred.scopes or []
+
+    return Credential(
+        id=cred.id,
+        provider=cred.provider,
+        title=cred.title,
+        scopes=scopes,
+    )
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+@integrations_router.get(
+    path="/credentials",
+    summary="List all credentials",
+    response_model=CredentialsListResponse,
+)
+async def list_credentials(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> CredentialsListResponse:
+    """
+    List all integration credentials for the authenticated user.
+
+    This returns all OAuth credentials the user has connected, across
+    all integration providers.
+    """
+    credentials = await creds_manager.store.get_all_creds(auth.user_id)
+
+    return CredentialsListResponse(
+        credentials=[_convert_credential(c) for c in credentials]
+    )
+
+
+@integrations_router.get(
+    path="/credentials/{provider}",
+    summary="List credentials by provider",
+    response_model=CredentialsListResponse,
+)
+async def list_credentials_by_provider(
+    provider: str = Path(description="Provider name (e.g., 'github', 'google')"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> CredentialsListResponse:
+    """
+    List integration credentials for a specific provider.
+    """
+    all_credentials = await creds_manager.store.get_all_creds(auth.user_id)
+
+    # Filter by provider
+    filtered = [c for c in all_credentials if c.provider.lower() == provider.lower()]
+
+    return CredentialsListResponse(
+        credentials=[_convert_credential(c) for c in filtered]
+    )
+
+
+@integrations_router.get(
+    path="/graphs/{graph_id}/credentials",
+    summary="List credentials matching graph requirements",
+    response_model=CredentialRequirementsResponse,
+)
+async def list_graph_credential_requirements(
+    graph_id: str = Path(description="Graph ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> CredentialRequirementsResponse:
+    """
+    List credential requirements for a graph and matching user credentials.
+
+    This helps identify which credentials the user needs to provide
+    when executing a graph.
+    """
+    # Get the graph
+    graph = await graph_db.get_graph(
+        graph_id=graph_id,
+        version=None,  # Active version
+        user_id=auth.user_id,
+        include_subgraphs=True,
+    )
+    if not graph:
+        raise HTTPException(status_code=404, detail=f"Graph #{graph_id} not found")
+
+    # Get the credentials input schema which contains provider requirements
+    creds_schema = graph.credentials_input_schema
+    all_credentials = await creds_manager.store.get_all_creds(auth.user_id)
+
+    requirements = []
+    for field_name, field_schema in creds_schema.get("properties", {}).items():
+        # Extract provider from schema
+        # The schema structure varies, but typically has provider info
+        providers = []
+        if "anyOf" in field_schema:
+            for option in field_schema["anyOf"]:
+                if "provider" in option:
+                    providers.append(option["provider"])
+        elif "provider" in field_schema:
+            providers.append(field_schema["provider"])
+
+        for provider in providers:
+            # Find matching credentials
+            matching = [
+                _convert_credential(c)
+                for c in all_credentials
+                if c.provider.lower() == provider.lower()
+            ]
+
+            requirements.append(
+                CredentialRequirement(
+                    provider=provider,
+                    required_scopes=[],  # Would need to extract from schema
+                    matching_credentials=matching,
+                )
+            )
+
+    return CredentialRequirementsResponse(requirements=requirements)
+
+
+@integrations_router.get(
+    path="/library/{agent_id}/credentials",
+    summary="List credentials matching library agent requirements",
+    response_model=CredentialRequirementsResponse,
+)
+async def list_library_agent_credential_requirements(
+    agent_id: str = Path(description="Library agent ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_INTEGRATIONS)
+    ),
+) -> CredentialRequirementsResponse:
+    """
+    List credential requirements for a library agent and matching user credentials.
+
+    This helps identify which credentials the user needs to provide
+    when executing an agent from their library.
+    """
+    # Get the library agent
+    try:
+        library_agent = await library_db.get_library_agent(
+            id=agent_id,
+            user_id=auth.user_id,
+        )
+    except Exception:
+        raise HTTPException(status_code=404, detail=f"Agent #{agent_id} not found")
+
+    # Get the underlying graph
+    graph = await graph_db.get_graph(
+        graph_id=library_agent.graph_id,
+        version=library_agent.graph_version,
+        user_id=auth.user_id,
+        include_subgraphs=True,
+    )
+    if not graph:
+        raise HTTPException(
+            status_code=404,
+            detail=f"Graph for agent #{agent_id} not found",
+        )
+
+    # Get the credentials input schema
+    creds_schema = graph.credentials_input_schema
+    all_credentials = await creds_manager.store.get_all_creds(auth.user_id)
+
+    requirements = []
+    for field_name, field_schema in creds_schema.get("properties", {}).items():
+        # Extract provider from schema
+        providers = []
+        if "anyOf" in field_schema:
+            for option in field_schema["anyOf"]:
+                if "provider" in option:
+                    providers.append(option["provider"])
+        elif "provider" in field_schema:
+            providers.append(field_schema["provider"])
+
+        for provider in providers:
+            # Find matching credentials
+            matching = [
+                _convert_credential(c)
+                for c in all_credentials
+                if c.provider.lower() == provider.lower()
+            ]
+
+            requirements.append(
+                CredentialRequirement(
+                    provider=provider,
+                    required_scopes=[],
+                    matching_credentials=matching,
+                )
+            )
+
+    return CredentialRequirementsResponse(requirements=requirements)

autogpt_platform/backend/backend/api/external/v2/library.py

@@ -0,0 +1,247 @@
+"""
+V2 External API - Library Endpoints
+
+Provides access to the user's agent library and agent execution.
+"""
+
+import logging
+
+from fastapi import APIRouter, HTTPException, Path, Query, Security
+from prisma.enums import APIKeyPermission
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.library import db as library_db
+from backend.api.features.library import model as library_model
+from backend.data import execution as execution_db
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.data.credit import get_user_credit_model
+from backend.executor import utils as execution_utils
+
+from .common import DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE
+from .models import (
+    ExecuteAgentRequest,
+    LibraryAgent,
+    LibraryAgentsResponse,
+    Run,
+    RunsListResponse,
+)
+
+logger = logging.getLogger(__name__)
+
+library_router = APIRouter()
+
+
+# ============================================================================
+# Conversion Functions
+# ============================================================================
+
+
+def _convert_library_agent(agent: library_model.LibraryAgent) -> LibraryAgent:
+    """Convert internal LibraryAgent to v2 API model."""
+    return LibraryAgent(
+        id=agent.id,
+        graph_id=agent.graph_id,
+        graph_version=agent.graph_version,
+        name=agent.name,
+        description=agent.description,
+        is_favorite=agent.is_favorite,
+        can_access_graph=agent.can_access_graph,
+        is_latest_version=agent.is_latest_version,
+        image_url=agent.image_url,
+        creator_name=agent.creator_name,
+        input_schema=agent.input_schema,
+        output_schema=agent.output_schema,
+        created_at=agent.created_at,
+        updated_at=agent.updated_at,
+    )
+
+
+def _convert_execution_to_run(exec: execution_db.GraphExecutionMeta) -> Run:
+    """Convert internal execution to v2 API Run model."""
+    return Run(
+        id=exec.id,
+        graph_id=exec.graph_id,
+        graph_version=exec.graph_version,
+        status=exec.status.value,
+        started_at=exec.started_at,
+        ended_at=exec.ended_at,
+        inputs=exec.inputs,
+        cost=exec.stats.cost if exec.stats else 0,
+        duration=exec.stats.duration if exec.stats else 0,
+        node_count=exec.stats.node_exec_count if exec.stats else 0,
+    )
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+@library_router.get(
+    path="/agents",
+    summary="List library agents",
+    response_model=LibraryAgentsResponse,
+)
+async def list_library_agents(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_LIBRARY)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> LibraryAgentsResponse:
+    """
+    List agents in the user's library.
+
+    The library contains agents the user has created or added from the marketplace.
+    """
+    result = await library_db.list_library_agents(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    return LibraryAgentsResponse(
+        agents=[_convert_library_agent(a) for a in result.agents],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@library_router.get(
+    path="/agents/favorites",
+    summary="List favorite agents",
+    response_model=LibraryAgentsResponse,
+)
+async def list_favorite_agents(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_LIBRARY)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> LibraryAgentsResponse:
+    """
+    List favorite agents in the user's library.
+    """
+    result = await library_db.list_favorite_library_agents(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    return LibraryAgentsResponse(
+        agents=[_convert_library_agent(a) for a in result.agents],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@library_router.post(
+    path="/agents/{agent_id}/runs",
+    summary="Execute an agent",
+    response_model=Run,
+)
+async def execute_agent(
+    request: ExecuteAgentRequest,
+    agent_id: str = Path(description="Library agent ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.RUN_AGENT)
+    ),
+) -> Run:
+    """
+    Execute an agent from the library.
+
+    This creates a new run with the provided inputs. The run executes
+    asynchronously and you can poll the run status using GET /runs/{run_id}.
+    """
+    # Check credit balance
+    user_credit_model = await get_user_credit_model(auth.user_id)
+    current_balance = await user_credit_model.get_credits(auth.user_id)
+    if current_balance <= 0:
+        raise HTTPException(
+            status_code=402,
+            detail="Insufficient balance to execute the agent. Please top up your account.",
+        )
+
+    # Get the library agent to find the graph ID and version
+    try:
+        library_agent = await library_db.get_library_agent(
+            id=agent_id,
+            user_id=auth.user_id,
+        )
+    except Exception:
+        raise HTTPException(status_code=404, detail=f"Agent #{agent_id} not found")
+
+    try:
+        result = await execution_utils.add_graph_execution(
+            graph_id=library_agent.graph_id,
+            user_id=auth.user_id,
+            inputs=request.inputs,
+            graph_version=library_agent.graph_version,
+            graph_credentials_inputs=request.credentials_inputs,
+        )
+
+        return _convert_execution_to_run(result)
+
+    except Exception as e:
+        logger.error(f"Failed to execute agent: {e}")
+        raise HTTPException(status_code=400, detail=str(e))
+
+
+@library_router.get(
+    path="/agents/{agent_id}/runs",
+    summary="List runs for an agent",
+    response_model=RunsListResponse,
+)
+async def list_agent_runs(
+    agent_id: str = Path(description="Library agent ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_LIBRARY)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> RunsListResponse:
+    """
+    List execution runs for a specific agent.
+    """
+    # Get the library agent to find the graph ID
+    try:
+        library_agent = await library_db.get_library_agent(
+            id=agent_id,
+            user_id=auth.user_id,
+        )
+    except Exception:
+        raise HTTPException(status_code=404, detail=f"Agent #{agent_id} not found")
+
+    result = await execution_db.get_graph_executions_paginated(
+        graph_id=library_agent.graph_id,
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    return RunsListResponse(
+        runs=[_convert_execution_to_run(e) for e in result.executions],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )

autogpt_platform/backend/backend/api/external/v2/marketplace.py

@@ -0,0 +1,510 @@
+"""
+V2 External API - Marketplace Endpoints
+
+Provides access to the agent marketplace (store).
+"""
+
+import logging
+import urllib.parse
+from datetime import datetime
+from typing import Literal, Optional
+
+from fastapi import APIRouter, HTTPException, Path, Query, Security
+from prisma.enums import APIKeyPermission
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.store import cache as store_cache
+from backend.api.features.store import db as store_db
+from backend.api.features.store import model as store_model
+from backend.data.auth.base import APIAuthorizationInfo
+
+from .common import DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE
+
+logger = logging.getLogger(__name__)
+
+marketplace_router = APIRouter()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class MarketplaceAgent(BaseModel):
+    """An agent available in the marketplace."""
+
+    slug: str
+    name: str
+    description: str
+    sub_heading: str
+    creator: str
+    creator_avatar: str
+    runs: int = Field(default=0, description="Number of times this agent has been run")
+    rating: float = Field(default=0.0, description="Average rating")
+    image_url: str = Field(default="")
+
+
+class MarketplaceAgentDetails(BaseModel):
+    """Detailed information about a marketplace agent."""
+
+    store_listing_version_id: str
+    slug: str
+    name: str
+    description: str
+    sub_heading: str
+    instructions: Optional[str] = None
+    creator: str
+    creator_avatar: str
+    categories: list[str] = Field(default_factory=list)
+    runs: int = Field(default=0)
+    rating: float = Field(default=0.0)
+    image_urls: list[str] = Field(default_factory=list)
+    video_url: str = Field(default="")
+    versions: list[str] = Field(default_factory=list, description="Available versions")
+    agent_graph_versions: list[str] = Field(default_factory=list)
+    agent_graph_id: str
+    last_updated: datetime
+
+
+class MarketplaceAgentsResponse(BaseModel):
+    """Response for listing marketplace agents."""
+
+    agents: list[MarketplaceAgent]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+class MarketplaceCreator(BaseModel):
+    """A creator on the marketplace."""
+
+    name: str
+    username: str
+    description: str
+    avatar_url: str
+    num_agents: int
+    agent_rating: float
+    agent_runs: int
+    is_featured: bool = False
+
+
+class MarketplaceCreatorDetails(BaseModel):
+    """Detailed information about a marketplace creator."""
+
+    name: str
+    username: str
+    description: str
+    avatar_url: str
+    agent_rating: float
+    agent_runs: int
+    top_categories: list[str] = Field(default_factory=list)
+    links: list[str] = Field(default_factory=list)
+
+
+class MarketplaceCreatorsResponse(BaseModel):
+    """Response for listing marketplace creators."""
+
+    creators: list[MarketplaceCreator]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+class MarketplaceSubmission(BaseModel):
+    """A marketplace submission."""
+
+    graph_id: str
+    graph_version: int
+    name: str
+    sub_heading: str
+    slug: str
+    description: str
+    instructions: Optional[str] = None
+    image_urls: list[str] = Field(default_factory=list)
+    date_submitted: datetime
+    status: str = Field(description="One of: DRAFT, PENDING, APPROVED, REJECTED")
+    runs: int = Field(default=0)
+    rating: float = Field(default=0.0)
+    store_listing_version_id: Optional[str] = None
+    version: Optional[int] = None
+    review_comments: Optional[str] = None
+    reviewed_at: Optional[datetime] = None
+    video_url: Optional[str] = None
+    categories: list[str] = Field(default_factory=list)
+
+
+class SubmissionsListResponse(BaseModel):
+    """Response for listing submissions."""
+
+    submissions: list[MarketplaceSubmission]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+class CreateSubmissionRequest(BaseModel):
+    """Request to create a marketplace submission."""
+
+    graph_id: str = Field(description="ID of the graph to submit")
+    graph_version: int = Field(description="Version of the graph to submit")
+    name: str = Field(description="Display name for the agent")
+    slug: str = Field(description="URL-friendly identifier")
+    description: str = Field(description="Full description")
+    sub_heading: str = Field(description="Short tagline")
+    image_urls: list[str] = Field(default_factory=list)
+    video_url: Optional[str] = None
+    categories: list[str] = Field(default_factory=list)
+
+
+# ============================================================================
+# Conversion Functions
+# ============================================================================
+
+
+def _convert_store_agent(agent: store_model.StoreAgent) -> MarketplaceAgent:
+    """Convert internal StoreAgent to v2 API model."""
+    return MarketplaceAgent(
+        slug=agent.slug,
+        name=agent.agent_name,
+        description=agent.description,
+        sub_heading=agent.sub_heading,
+        creator=agent.creator,
+        creator_avatar=agent.creator_avatar,
+        runs=agent.runs,
+        rating=agent.rating,
+        image_url=agent.agent_image,
+    )
+
+
+def _convert_store_agent_details(
+    agent: store_model.StoreAgentDetails,
+) -> MarketplaceAgentDetails:
+    """Convert internal StoreAgentDetails to v2 API model."""
+    return MarketplaceAgentDetails(
+        store_listing_version_id=agent.store_listing_version_id,
+        slug=agent.slug,
+        name=agent.agent_name,
+        description=agent.description,
+        sub_heading=agent.sub_heading,
+        instructions=agent.instructions,
+        creator=agent.creator,
+        creator_avatar=agent.creator_avatar,
+        categories=agent.categories,
+        runs=agent.runs,
+        rating=agent.rating,
+        image_urls=agent.agent_image,
+        video_url=agent.agent_video,
+        versions=agent.versions,
+        agent_graph_versions=agent.agentGraphVersions,
+        agent_graph_id=agent.agentGraphId,
+        last_updated=agent.last_updated,
+    )
+
+
+def _convert_creator(creator: store_model.Creator) -> MarketplaceCreator:
+    """Convert internal Creator to v2 API model."""
+    return MarketplaceCreator(
+        name=creator.name,
+        username=creator.username,
+        description=creator.description,
+        avatar_url=creator.avatar_url,
+        num_agents=creator.num_agents,
+        agent_rating=creator.agent_rating,
+        agent_runs=creator.agent_runs,
+        is_featured=creator.is_featured,
+    )
+
+
+def _convert_creator_details(
+    creator: store_model.CreatorDetails,
+) -> MarketplaceCreatorDetails:
+    """Convert internal CreatorDetails to v2 API model."""
+    return MarketplaceCreatorDetails(
+        name=creator.name,
+        username=creator.username,
+        description=creator.description,
+        avatar_url=creator.avatar_url,
+        agent_rating=creator.agent_rating,
+        agent_runs=creator.agent_runs,
+        top_categories=creator.top_categories,
+        links=creator.links,
+    )
+
+
+def _convert_submission(sub: store_model.StoreSubmission) -> MarketplaceSubmission:
+    """Convert internal StoreSubmission to v2 API model."""
+    return MarketplaceSubmission(
+        graph_id=sub.agent_id,
+        graph_version=sub.agent_version,
+        name=sub.name,
+        sub_heading=sub.sub_heading,
+        slug=sub.slug,
+        description=sub.description,
+        instructions=sub.instructions,
+        image_urls=sub.image_urls,
+        date_submitted=sub.date_submitted,
+        status=sub.status.value,
+        runs=sub.runs,
+        rating=sub.rating,
+        store_listing_version_id=sub.store_listing_version_id,
+        version=sub.version,
+        review_comments=sub.review_comments,
+        reviewed_at=sub.reviewed_at,
+        video_url=sub.video_url,
+        categories=sub.categories,
+    )
+
+
+# ============================================================================
+# Endpoints - Read (authenticated)
+# ============================================================================
+
+
+@marketplace_router.get(
+    path="/agents",
+    summary="List marketplace agents",
+    response_model=MarketplaceAgentsResponse,
+)
+async def list_agents(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_STORE)
+    ),
+    featured: bool = Query(default=False, description="Filter to featured agents only"),
+    creator: Optional[str] = Query(
+        default=None, description="Filter by creator username"
+    ),
+    sorted_by: Optional[Literal["rating", "runs", "name", "updated_at"]] = Query(
+        default=None, description="Sort field"
+    ),
+    search_query: Optional[str] = Query(default=None, description="Search query"),
+    category: Optional[str] = Query(default=None, description="Filter by category"),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> MarketplaceAgentsResponse:
+    """
+    List agents available in the marketplace.
+
+    Supports filtering by featured status, creator, category, and search query.
+    Results can be sorted by rating, runs, name, or update time.
+    """
+    result = await store_cache._get_cached_store_agents(
+        featured=featured,
+        creator=creator,
+        sorted_by=sorted_by,
+        search_query=search_query,
+        category=category,
+        page=page,
+        page_size=page_size,
+    )
+
+    return MarketplaceAgentsResponse(
+        agents=[_convert_store_agent(a) for a in result.agents],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@marketplace_router.get(
+    path="/agents/{username}/{agent_name}",
+    summary="Get agent details",
+    response_model=MarketplaceAgentDetails,
+)
+async def get_agent_details(
+    username: str = Path(description="Creator username"),
+    agent_name: str = Path(description="Agent slug/name"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_STORE)
+    ),
+) -> MarketplaceAgentDetails:
+    """
+    Get detailed information about a specific marketplace agent.
+    """
+    username = urllib.parse.unquote(username).lower()
+    agent_name = urllib.parse.unquote(agent_name).lower()
+
+    agent = await store_cache._get_cached_agent_details(
+        username=username, agent_name=agent_name
+    )
+
+    return _convert_store_agent_details(agent)
+
+
+@marketplace_router.get(
+    path="/creators",
+    summary="List marketplace creators",
+    response_model=MarketplaceCreatorsResponse,
+)
+async def list_creators(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_STORE)
+    ),
+    featured: bool = Query(
+        default=False, description="Filter to featured creators only"
+    ),
+    search_query: Optional[str] = Query(default=None, description="Search query"),
+    sorted_by: Optional[Literal["agent_rating", "agent_runs", "num_agents"]] = Query(
+        default=None, description="Sort field"
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> MarketplaceCreatorsResponse:
+    """
+    List creators on the marketplace.
+
+    Supports filtering by featured status and search query.
+    Results can be sorted by rating, runs, or number of agents.
+    """
+    result = await store_cache._get_cached_store_creators(
+        featured=featured,
+        search_query=search_query,
+        sorted_by=sorted_by,
+        page=page,
+        page_size=page_size,
+    )
+
+    return MarketplaceCreatorsResponse(
+        creators=[_convert_creator(c) for c in result.creators],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@marketplace_router.get(
+    path="/creators/{username}",
+    summary="Get creator details",
+    response_model=MarketplaceCreatorDetails,
+)
+async def get_creator_details(
+    username: str = Path(description="Creator username"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_STORE)
+    ),
+) -> MarketplaceCreatorDetails:
+    """
+    Get detailed information about a specific marketplace creator.
+    """
+    username = urllib.parse.unquote(username).lower()
+
+    creator = await store_cache._get_cached_creator_details(username=username)
+
+    return _convert_creator_details(creator)
+
+
+# ============================================================================
+# Endpoints - Submissions (CRUD)
+# ============================================================================
+
+
+@marketplace_router.get(
+    path="/submissions",
+    summary="List my submissions",
+    response_model=SubmissionsListResponse,
+)
+async def list_submissions(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_STORE)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> SubmissionsListResponse:
+    """
+    List your marketplace submissions.
+
+    Returns all submissions you've created, including drafts, pending,
+    approved, and rejected submissions.
+    """
+    result = await store_db.get_store_submissions(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    return SubmissionsListResponse(
+        submissions=[_convert_submission(s) for s in result.submissions],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@marketplace_router.post(
+    path="/submissions",
+    summary="Create a submission",
+    response_model=MarketplaceSubmission,
+)
+async def create_submission(
+    request: CreateSubmissionRequest,
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_STORE)
+    ),
+) -> MarketplaceSubmission:
+    """
+    Create a new marketplace submission.
+
+    This submits an agent for review to be published in the marketplace.
+    The submission will be in PENDING status until reviewed by the team.
+    """
+    submission = await store_db.create_store_submission(
+        user_id=auth.user_id,
+        agent_id=request.graph_id,
+        agent_version=request.graph_version,
+        slug=request.slug,
+        name=request.name,
+        sub_heading=request.sub_heading,
+        description=request.description,
+        image_urls=request.image_urls,
+        video_url=request.video_url,
+        categories=request.categories,
+    )
+
+    return _convert_submission(submission)
+
+
+@marketplace_router.delete(
+    path="/submissions/{submission_id}",
+    summary="Delete a submission",
+)
+async def delete_submission(
+    submission_id: str = Path(description="Submission ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_STORE)
+    ),
+) -> None:
+    """
+    Delete a marketplace submission.
+
+    Only submissions in DRAFT status can be deleted.
+    """
+    success = await store_db.delete_store_submission(
+        user_id=auth.user_id,
+        submission_id=submission_id,
+    )
+
+    if not success:
+        raise HTTPException(
+            status_code=404, detail=f"Submission #{submission_id} not found"
+        )

autogpt_platform/backend/backend/api/external/v2/models.py

@@ -0,0 +1,552 @@
+"""
+V2 External API - Request and Response Models
+
+This module defines all request and response models for the v2 external API.
+All models are self-contained and specific to the external API contract.
+"""
+
+from datetime import datetime
+from typing import Any, Optional
+
+from pydantic import BaseModel, Field
+
+# ============================================================================
+# Common/Shared Models
+# ============================================================================
+
+
+class PaginatedResponse(BaseModel):
+    """Base class for paginated responses."""
+
+    total_count: int = Field(description="Total number of items across all pages")
+    page: int = Field(description="Current page number (1-indexed)")
+    page_size: int = Field(description="Number of items per page")
+    total_pages: int = Field(description="Total number of pages")
+
+
+# ============================================================================
+# Graph Models
+# ============================================================================
+
+
+class GraphLink(BaseModel):
+    """A link between two nodes in a graph."""
+
+    id: str
+    source_id: str = Field(description="ID of the source node")
+    sink_id: str = Field(description="ID of the target node")
+    source_name: str = Field(description="Output pin name on source node")
+    sink_name: str = Field(description="Input pin name on target node")
+    is_static: bool = Field(
+        default=False, description="Whether this link provides static data"
+    )
+
+
+class GraphNode(BaseModel):
+    """A node in an agent graph."""
+
+    id: str
+    block_id: str = Field(description="ID of the block type")
+    input_default: dict[str, Any] = Field(
+        default_factory=dict, description="Default input values"
+    )
+    metadata: dict[str, Any] = Field(
+        default_factory=dict, description="Node metadata (e.g., position)"
+    )
+
+
+class Graph(BaseModel):
+    """Graph definition for creating or updating an agent."""
+
+    id: Optional[str] = Field(default=None, description="Graph ID (assigned by server)")
+    version: int = Field(default=1, description="Graph version")
+    is_active: bool = Field(default=True, description="Whether this version is active")
+    name: str = Field(description="Graph name")
+    description: str = Field(default="", description="Graph description")
+    nodes: list[GraphNode] = Field(default_factory=list, description="List of nodes")
+    links: list[GraphLink] = Field(
+        default_factory=list, description="Links between nodes"
+    )
+
+
+class GraphMeta(BaseModel):
+    """Graph metadata (summary information)."""
+
+    id: str
+    version: int
+    is_active: bool
+    name: str
+    description: str
+    created_at: datetime
+    input_schema: dict[str, Any] = Field(description="Input schema for the graph")
+    output_schema: dict[str, Any] = Field(description="Output schema for the graph")
+
+
+class GraphDetails(GraphMeta):
+    """Full graph details including nodes and links."""
+
+    nodes: list[GraphNode]
+    links: list[GraphLink]
+    credentials_input_schema: dict[str, Any] = Field(
+        description="Schema for required credentials"
+    )
+
+
+class GraphSettings(BaseModel):
+    """Settings for a graph."""
+
+    human_in_the_loop_safe_mode: Optional[bool] = Field(
+        default=None, description="Enable safe mode for human-in-the-loop blocks"
+    )
+
+
+class CreateGraphRequest(BaseModel):
+    """Request to create a new graph."""
+
+    graph: Graph = Field(description="The graph definition")
+
+
+class SetActiveVersionRequest(BaseModel):
+    """Request to set the active graph version."""
+
+    active_graph_version: int = Field(description="Version number to set as active")
+
+
+class GraphsListResponse(PaginatedResponse):
+    """Response for listing graphs."""
+
+    graphs: list[GraphMeta]
+
+
+class DeleteGraphResponse(BaseModel):
+    """Response for deleting a graph."""
+
+    version_count: int = Field(description="Number of versions deleted")
+
+
+# ============================================================================
+# Schedule Models
+# ============================================================================
+
+
+class Schedule(BaseModel):
+    """An execution schedule for a graph."""
+
+    id: str
+    name: str
+    graph_id: str
+    graph_version: int
+    cron: str = Field(description="Cron expression for the schedule")
+    input_data: dict[str, Any] = Field(
+        default_factory=dict, description="Input data for scheduled executions"
+    )
+    is_enabled: bool = Field(default=True, description="Whether schedule is enabled")
+    next_run_time: Optional[datetime] = Field(
+        default=None, description="Next scheduled run time"
+    )
+
+
+class CreateScheduleRequest(BaseModel):
+    """Request to create a schedule."""
+
+    name: str = Field(description="Display name for the schedule")
+    cron: str = Field(description="Cron expression (e.g., '0 9 * * *' for 9am daily)")
+    input_data: dict[str, Any] = Field(
+        default_factory=dict, description="Input data for scheduled executions"
+    )
+    credentials_inputs: dict[str, Any] = Field(
+        default_factory=dict, description="Credentials for the schedule"
+    )
+    graph_version: Optional[int] = Field(
+        default=None, description="Graph version (default: active version)"
+    )
+    timezone: Optional[str] = Field(
+        default=None,
+        description="Timezone for schedule (e.g., 'America/New_York')",
+    )
+
+
+class SchedulesListResponse(PaginatedResponse):
+    """Response for listing schedules."""
+
+    schedules: list[Schedule]
+
+
+# ============================================================================
+# Block Models
+# ============================================================================
+
+
+class BlockCost(BaseModel):
+    """Cost information for a block."""
+
+    cost_type: str = Field(description="Type of cost (e.g., 'per_call', 'per_token')")
+    cost_filter: dict[str, Any] = Field(
+        default_factory=dict, description="Conditions for this cost"
+    )
+    cost_amount: int = Field(description="Cost amount in credits")
+
+
+class Block(BaseModel):
+    """A building block that can be used in graphs."""
+
+    id: str
+    name: str
+    description: str
+    categories: list[str] = Field(default_factory=list)
+    input_schema: dict[str, Any]
+    output_schema: dict[str, Any]
+    costs: list[BlockCost] = Field(default_factory=list)
+
+
+class BlocksListResponse(BaseModel):
+    """Response for listing blocks."""
+
+    blocks: list[Block]
+
+
+# ============================================================================
+# Marketplace Models
+# ============================================================================
+
+
+class MarketplaceAgent(BaseModel):
+    """An agent available in the marketplace."""
+
+    slug: str
+    agent_name: str
+    agent_image: str
+    creator: str
+    creator_avatar: str
+    sub_heading: str
+    description: str
+    runs: int = Field(default=0, description="Number of times this agent has been run")
+    rating: float = Field(default=0.0, description="Average rating")
+
+
+class MarketplaceAgentDetails(BaseModel):
+    """Detailed information about a marketplace agent."""
+
+    store_listing_version_id: str
+    slug: str
+    agent_name: str
+    agent_video: str
+    agent_output_demo: str
+    agent_image: list[str]
+    creator: str
+    creator_avatar: str
+    sub_heading: str
+    description: str
+    instructions: Optional[str] = None
+    categories: list[str]
+    runs: int
+    rating: float
+    versions: list[str]
+    agent_graph_versions: list[str]
+    agent_graph_id: str
+    last_updated: datetime
+    recommended_schedule_cron: Optional[str] = None
+
+
+class MarketplaceCreator(BaseModel):
+    """A creator on the marketplace."""
+
+    name: str
+    username: str
+    description: str
+    avatar_url: str
+    num_agents: int
+    agent_rating: float
+    agent_runs: int
+    is_featured: bool = False
+
+
+class MarketplaceAgentsResponse(PaginatedResponse):
+    """Response for listing marketplace agents."""
+
+    agents: list[MarketplaceAgent]
+
+
+class MarketplaceCreatorsResponse(PaginatedResponse):
+    """Response for listing marketplace creators."""
+
+    creators: list[MarketplaceCreator]
+
+
+# Submission models
+class MarketplaceSubmission(BaseModel):
+    """A marketplace submission."""
+
+    agent_id: str
+    agent_version: int
+    name: str
+    sub_heading: str
+    slug: str
+    description: str
+    instructions: Optional[str] = None
+    image_urls: list[str] = Field(default_factory=list)
+    date_submitted: datetime
+    status: str = Field(description="One of: DRAFT, PENDING, APPROVED, REJECTED")
+    runs: int
+    rating: float
+    store_listing_version_id: Optional[str] = None
+    version: Optional[int] = None
+
+    # Review fields
+    review_comments: Optional[str] = None
+    reviewed_at: Optional[datetime] = None
+
+    # Additional optional fields
+    video_url: Optional[str] = None
+    categories: list[str] = Field(default_factory=list)
+
+
+class CreateSubmissionRequest(BaseModel):
+    """Request to create a marketplace submission."""
+
+    agent_id: str = Field(description="ID of the graph to submit")
+    agent_version: int = Field(description="Version of the graph to submit")
+    name: str = Field(description="Display name for the agent")
+    slug: str = Field(description="URL-friendly identifier")
+    description: str = Field(description="Full description")
+    sub_heading: str = Field(description="Short tagline")
+    image_urls: list[str] = Field(default_factory=list)
+    video_url: Optional[str] = None
+    categories: list[str] = Field(default_factory=list)
+
+
+class UpdateSubmissionRequest(BaseModel):
+    """Request to update a marketplace submission."""
+
+    name: Optional[str] = None
+    description: Optional[str] = None
+    sub_heading: Optional[str] = None
+    image_urls: Optional[list[str]] = None
+    video_url: Optional[str] = None
+    categories: Optional[list[str]] = None
+
+
+class SubmissionsListResponse(PaginatedResponse):
+    """Response for listing submissions."""
+
+    submissions: list[MarketplaceSubmission]
+
+
+# ============================================================================
+# Library Models
+# ============================================================================
+
+
+class LibraryAgent(BaseModel):
+    """An agent in the user's library."""
+
+    id: str
+    graph_id: str
+    graph_version: int
+    name: str
+    description: str
+    is_favorite: bool = False
+    can_access_graph: bool = False
+    is_latest_version: bool = False
+    image_url: Optional[str] = None
+    creator_name: str
+    input_schema: dict[str, Any] = Field(description="Input schema for the agent")
+    output_schema: dict[str, Any] = Field(description="Output schema for the agent")
+    created_at: datetime
+    updated_at: datetime
+
+
+class LibraryAgentsResponse(PaginatedResponse):
+    """Response for listing library agents."""
+
+    agents: list[LibraryAgent]
+
+
+class ExecuteAgentRequest(BaseModel):
+    """Request to execute an agent."""
+
+    inputs: dict[str, Any] = Field(
+        default_factory=dict, description="Input values for the agent"
+    )
+    credentials_inputs: dict[str, Any] = Field(
+        default_factory=dict, description="Credentials for the agent"
+    )
+
+
+# ============================================================================
+# Run Models
+# ============================================================================
+
+
+class Run(BaseModel):
+    """An execution run."""
+
+    id: str
+    graph_id: str
+    graph_version: int
+    status: str = Field(
+        description="One of: INCOMPLETE, QUEUED, RUNNING, COMPLETED, TERMINATED, FAILED, REVIEW"
+    )
+    started_at: datetime
+    ended_at: Optional[datetime] = None
+    inputs: Optional[dict[str, Any]] = None
+    cost: int = Field(default=0, description="Cost in credits")
+    duration: float = Field(default=0, description="Duration in seconds")
+    node_count: int = Field(default=0, description="Number of nodes executed")
+
+
+class RunDetails(Run):
+    """Detailed information about a run including node executions."""
+
+    outputs: Optional[dict[str, list[Any]]] = None
+    node_executions: list[dict[str, Any]] = Field(
+        default_factory=list, description="Individual node execution results"
+    )
+
+
+class RunsListResponse(PaginatedResponse):
+    """Response for listing runs."""
+
+    runs: list[Run]
+
+
+# ============================================================================
+# Run Review Models (Human-in-the-loop)
+# ============================================================================
+
+
+class PendingReview(BaseModel):
+    """A pending human-in-the-loop review."""
+
+    id: str  # node_exec_id
+    run_id: str
+    graph_id: str
+    graph_version: int
+    payload: Any = Field(description="Data to be reviewed")
+    instructions: Optional[str] = Field(
+        default=None, description="Instructions for the reviewer"
+    )
+    editable: bool = Field(
+        default=True, description="Whether the reviewer can edit the data"
+    )
+    status: str = Field(description="One of: WAITING, APPROVED, REJECTED")
+    created_at: datetime
+
+
+class PendingReviewsResponse(PaginatedResponse):
+    """Response for listing pending reviews."""
+
+    reviews: list[PendingReview]
+
+
+class ReviewDecision(BaseModel):
+    """Decision for a single review item."""
+
+    node_exec_id: str = Field(description="Node execution ID (review ID)")
+    approved: bool = Field(description="Whether to approve the data")
+    edited_payload: Optional[Any] = Field(
+        default=None, description="Modified payload data (if editing)"
+    )
+    message: Optional[str] = Field(
+        default=None, description="Optional message from reviewer", max_length=2000
+    )
+
+
+class SubmitReviewsRequest(BaseModel):
+    """Request to submit review responses for all pending reviews of an execution."""
+
+    reviews: list[ReviewDecision] = Field(
+        description="All review decisions for the execution"
+    )
+
+
+class SubmitReviewsResponse(BaseModel):
+    """Response after submitting reviews."""
+
+    run_id: str
+    approved_count: int = Field(description="Number of reviews approved")
+    rejected_count: int = Field(description="Number of reviews rejected")
+
+
+# ============================================================================
+# Credit Models
+# ============================================================================
+
+
+class CreditBalance(BaseModel):
+    """User's credit balance."""
+
+    balance: int = Field(description="Current credit balance")
+
+
+class CreditTransaction(BaseModel):
+    """A credit transaction."""
+
+    transaction_key: str
+    amount: int
+    transaction_type: str = Field(description="Transaction type")
+    transaction_time: datetime
+    running_balance: int
+    description: Optional[str] = None
+
+
+class CreditTransactionsResponse(PaginatedResponse):
+    """Response for listing credit transactions."""
+
+    transactions: list[CreditTransaction]
+
+
+# ============================================================================
+# Integration Models
+# ============================================================================
+
+
+class Credential(BaseModel):
+    """A user's credential for an integration."""
+
+    id: str
+    provider: str = Field(description="Integration provider name")
+    title: Optional[str] = Field(
+        default=None, description="User-assigned title for this credential"
+    )
+    scopes: list[str] = Field(default_factory=list, description="Granted scopes")
+
+
+class CredentialsListResponse(BaseModel):
+    """Response for listing credentials."""
+
+    credentials: list[Credential]
+
+
+class CredentialRequirement(BaseModel):
+    """A credential requirement for a graph or agent."""
+
+    provider: str = Field(description="Required provider name")
+    required_scopes: list[str] = Field(
+        default_factory=list, description="Required scopes"
+    )
+    matching_credentials: list[Credential] = Field(
+        default_factory=list,
+        description="User's credentials that match this requirement",
+    )
+
+
+class CredentialRequirementsResponse(BaseModel):
+    """Response for listing credential requirements."""
+
+    requirements: list[CredentialRequirement]
+
+
+# ============================================================================
+# File Models
+# ============================================================================
+
+
+class UploadFileResponse(BaseModel):
+    """Response after uploading a file."""
+
+    file_uri: str = Field(description="URI to reference the uploaded file")
+    file_name: str
+    size: int = Field(description="File size in bytes")
+    content_type: str
+    expires_in_hours: int

autogpt_platform/backend/backend/api/external/v2/routes.py

@@ -0,0 +1,35 @@
+"""
+V2 External API Routes
+
+This module defines the main v2 router that aggregates all v2 API endpoints.
+"""
+
+from fastapi import APIRouter
+
+from .blocks import blocks_router
+from .credits import credits_router
+from .files import files_router
+from .graphs import graphs_router
+from .integrations import integrations_router
+from .library import library_router
+from .marketplace import marketplace_router
+from .runs import runs_router
+from .schedules import graph_schedules_router, schedules_router
+
+v2_router = APIRouter()
+
+# Include all sub-routers
+v2_router.include_router(graphs_router, prefix="/graphs", tags=["graphs"])
+v2_router.include_router(graph_schedules_router, prefix="/graphs", tags=["schedules"])
+v2_router.include_router(schedules_router, prefix="/schedules", tags=["schedules"])
+v2_router.include_router(blocks_router, prefix="/blocks", tags=["blocks"])
+v2_router.include_router(
+    marketplace_router, prefix="/marketplace", tags=["marketplace"]
+)
+v2_router.include_router(library_router, prefix="/library", tags=["library"])
+v2_router.include_router(runs_router, prefix="/runs", tags=["runs"])
+v2_router.include_router(credits_router, prefix="/credits", tags=["credits"])
+v2_router.include_router(
+    integrations_router, prefix="/integrations", tags=["integrations"]
+)
+v2_router.include_router(files_router, prefix="/files", tags=["files"])

autogpt_platform/backend/backend/api/external/v2/runs.py

@@ -0,0 +1,451 @@
+"""
+V2 External API - Runs Endpoints
+
+Provides access to execution runs and human-in-the-loop reviews.
+"""
+
+import logging
+from datetime import datetime
+from typing import Any, Optional
+
+from fastapi import APIRouter, HTTPException, Path, Query, Security
+from prisma.enums import APIKeyPermission, ReviewStatus
+from pydantic import BaseModel, Field
+
+from backend.api.external.middleware import require_permission
+from backend.api.features.executions.review.model import (
+    PendingHumanReviewModel,
+    SafeJsonData,
+)
+from backend.data import execution as execution_db
+from backend.data import human_review as review_db
+from backend.data.auth.base import APIAuthorizationInfo
+from backend.executor import utils as execution_utils
+
+from .common import DEFAULT_PAGE_SIZE, MAX_PAGE_SIZE
+
+logger = logging.getLogger(__name__)
+
+runs_router = APIRouter()
+
+
+# ============================================================================
+# Models
+# ============================================================================
+
+
+class Run(BaseModel):
+    """An execution run."""
+
+    id: str
+    graph_id: str
+    graph_version: int
+    status: str = Field(
+        description="One of: INCOMPLETE, QUEUED, RUNNING, COMPLETED, TERMINATED, FAILED, REVIEW"
+    )
+    started_at: datetime
+    ended_at: Optional[datetime] = None
+    inputs: Optional[dict[str, Any]] = None
+    cost: int = Field(default=0, description="Cost in credits")
+    duration: float = Field(default=0, description="Duration in seconds")
+    node_count: int = Field(default=0, description="Number of nodes executed")
+
+
+class RunDetails(Run):
+    """Detailed information about a run including outputs and node executions."""
+
+    outputs: Optional[dict[str, list[Any]]] = None
+    node_executions: list[dict[str, Any]] = Field(
+        default_factory=list, description="Individual node execution results"
+    )
+
+
+class RunsListResponse(BaseModel):
+    """Response for listing runs."""
+
+    runs: list[Run]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+class PendingReview(BaseModel):
+    """A pending human-in-the-loop review."""
+
+    id: str  # node_exec_id
+    run_id: str
+    graph_id: str
+    graph_version: int
+    payload: SafeJsonData = Field(description="Data to be reviewed")
+    instructions: Optional[str] = Field(
+        default=None, description="Instructions for the reviewer"
+    )
+    editable: bool = Field(
+        default=True, description="Whether the reviewer can edit the data"
+    )
+    status: str = Field(description="One of: WAITING, APPROVED, REJECTED")
+    created_at: datetime
+
+
+class PendingReviewsResponse(BaseModel):
+    """Response for listing pending reviews."""
+
+    reviews: list[PendingReview]
+    total_count: int
+    page: int
+    page_size: int
+    total_pages: int
+
+
+class ReviewDecision(BaseModel):
+    """Decision for a single review item."""
+
+    node_exec_id: str = Field(description="Node execution ID (review ID)")
+    approved: bool = Field(description="Whether to approve the data")
+    edited_payload: Optional[SafeJsonData] = Field(
+        default=None, description="Modified payload data (if editing)"
+    )
+    message: Optional[str] = Field(
+        default=None, description="Optional message from reviewer", max_length=2000
+    )
+
+
+class SubmitReviewsRequest(BaseModel):
+    """Request to submit review responses for all pending reviews of an execution."""
+
+    reviews: list[ReviewDecision] = Field(
+        description="All review decisions for the execution"
+    )
+
+
+class SubmitReviewsResponse(BaseModel):
+    """Response after submitting reviews."""
+
+    run_id: str
+    approved_count: int = Field(description="Number of reviews approved")
+    rejected_count: int = Field(description="Number of reviews rejected")
+
+
+# ============================================================================
+# Conversion Functions
+# ============================================================================
+
+
+def _convert_execution_to_run(exec: execution_db.GraphExecutionMeta) -> Run:
+    """Convert internal execution to v2 API Run model."""
+    return Run(
+        id=exec.id,
+        graph_id=exec.graph_id,
+        graph_version=exec.graph_version,
+        status=exec.status.value,
+        started_at=exec.started_at,
+        ended_at=exec.ended_at,
+        inputs=exec.inputs,
+        cost=exec.stats.cost if exec.stats else 0,
+        duration=exec.stats.duration if exec.stats else 0,
+        node_count=exec.stats.node_exec_count if exec.stats else 0,
+    )
+
+
+def _convert_execution_to_run_details(
+    exec: execution_db.GraphExecutionWithNodes,
+) -> RunDetails:
+    """Convert internal execution with nodes to v2 API RunDetails model."""
+    return RunDetails(
+        id=exec.id,
+        graph_id=exec.graph_id,
+        graph_version=exec.graph_version,
+        status=exec.status.value,
+        started_at=exec.started_at,
+        ended_at=exec.ended_at,
+        inputs=exec.inputs,
+        outputs=exec.outputs,
+        cost=exec.stats.cost if exec.stats else 0,
+        duration=exec.stats.duration if exec.stats else 0,
+        node_count=exec.stats.node_exec_count if exec.stats else 0,
+        node_executions=[
+            {
+                "node_id": node.node_id,
+                "status": node.status.value,
+                "input_data": node.input_data,
+                "output_data": node.output_data,
+                "started_at": node.start_time,
+                "ended_at": node.end_time,
+            }
+            for node in exec.node_executions
+        ],
+    )
+
+
+def _convert_pending_review(review: PendingHumanReviewModel) -> PendingReview:
+    """Convert internal PendingHumanReviewModel to v2 API PendingReview model."""
+    return PendingReview(
+        id=review.node_exec_id,
+        run_id=review.graph_exec_id,
+        graph_id=review.graph_id,
+        graph_version=review.graph_version,
+        payload=review.payload,
+        instructions=review.instructions,
+        editable=review.editable,
+        status=review.status.value,
+        created_at=review.created_at,
+    )
+
+
+# ============================================================================
+# Endpoints - Runs
+# ============================================================================
+
+
+@runs_router.get(
+    path="",
+    summary="List all runs",
+    response_model=RunsListResponse,
+)
+async def list_runs(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_RUN)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> RunsListResponse:
+    """
+    List all execution runs for the authenticated user.
+
+    Returns runs across all agents, sorted by most recent first.
+    """
+    result = await execution_db.get_graph_executions_paginated(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    return RunsListResponse(
+        runs=[_convert_execution_to_run(e) for e in result.executions],
+        total_count=result.pagination.total_items,
+        page=result.pagination.current_page,
+        page_size=result.pagination.page_size,
+        total_pages=result.pagination.total_pages,
+    )
+
+
+@runs_router.get(
+    path="/{run_id}",
+    summary="Get run details",
+    response_model=RunDetails,
+)
+async def get_run(
+    run_id: str = Path(description="Run ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_RUN)
+    ),
+) -> RunDetails:
+    """
+    Get detailed information about a specific run.
+
+    Includes outputs and individual node execution results.
+    """
+    result = await execution_db.get_graph_execution(
+        user_id=auth.user_id,
+        execution_id=run_id,
+        include_node_executions=True,
+    )
+
+    if not result:
+        raise HTTPException(status_code=404, detail=f"Run #{run_id} not found")
+
+    return _convert_execution_to_run_details(result)
+
+
+@runs_router.post(
+    path="/{run_id}/stop",
+    summary="Stop a run",
+)
+async def stop_run(
+    run_id: str = Path(description="Run ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_RUN)
+    ),
+) -> Run:
+    """
+    Stop a running execution.
+
+    Only runs in QUEUED or RUNNING status can be stopped.
+    """
+    # Verify the run exists and belongs to the user
+    exec = await execution_db.get_graph_execution(
+        user_id=auth.user_id,
+        execution_id=run_id,
+    )
+    if not exec:
+        raise HTTPException(status_code=404, detail=f"Run #{run_id} not found")
+
+    # Stop the execution
+    await execution_utils.stop_graph_execution(
+        graph_exec_id=run_id,
+        user_id=auth.user_id,
+    )
+
+    # Fetch updated execution
+    updated_exec = await execution_db.get_graph_execution(
+        user_id=auth.user_id,
+        execution_id=run_id,
+    )
+
+    if not updated_exec:
+        raise HTTPException(status_code=404, detail=f"Run #{run_id} not found")
+
+    return _convert_execution_to_run(updated_exec)
+
+
+@runs_router.delete(
+    path="/{run_id}",
+    summary="Delete a run",
+)
+async def delete_run(
+    run_id: str = Path(description="Run ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_RUN)
+    ),
+) -> None:
+    """
+    Delete an execution run.
+
+    This marks the run as deleted. The data may still be retained for
+    some time for recovery purposes.
+    """
+    await execution_db.delete_graph_execution(
+        graph_exec_id=run_id,
+        user_id=auth.user_id,
+    )
+
+
+# ============================================================================
+# Endpoints - Reviews (Human-in-the-loop)
+# ============================================================================
+
+
+@runs_router.get(
+    path="/reviews",
+    summary="List all pending reviews",
+    response_model=PendingReviewsResponse,
+)
+async def list_pending_reviews(
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_RUN_REVIEW)
+    ),
+    page: int = Query(default=1, ge=1, description="Page number (1-indexed)"),
+    page_size: int = Query(
+        default=DEFAULT_PAGE_SIZE,
+        ge=1,
+        le=MAX_PAGE_SIZE,
+        description=f"Items per page (max {MAX_PAGE_SIZE})",
+    ),
+) -> PendingReviewsResponse:
+    """
+    List all pending human-in-the-loop reviews.
+
+    These are blocks that require human approval or input before the
+    agent can continue execution.
+    """
+    reviews = await review_db.get_pending_reviews_for_user(
+        user_id=auth.user_id,
+        page=page,
+        page_size=page_size,
+    )
+
+    # Note: get_pending_reviews_for_user returns list directly, not a paginated result
+    # We compute pagination info based on results
+    total_count = len(reviews)
+    total_pages = max(1, (total_count + page_size - 1) // page_size)
+
+    return PendingReviewsResponse(
+        reviews=[_convert_pending_review(r) for r in reviews],
+        total_count=total_count,
+        page=page,
+        page_size=page_size,
+        total_pages=total_pages,
+    )
+
+
+@runs_router.get(
+    path="/{run_id}/reviews",
+    summary="List reviews for a run",
+    response_model=list[PendingReview],
+)
+async def list_run_reviews(
+    run_id: str = Path(description="Run ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.READ_RUN_REVIEW)
+    ),
+) -> list[PendingReview]:
+    """
+    List all human-in-the-loop reviews for a specific run.
+    """
+    reviews = await review_db.get_pending_reviews_for_execution(
+        graph_exec_id=run_id,
+        user_id=auth.user_id,
+    )
+
+    return [_convert_pending_review(r) for r in reviews]
+
+
+@runs_router.post(
+    path="/{run_id}/reviews",
+    summary="Submit review responses for a run",
+    response_model=SubmitReviewsResponse,
+)
+async def submit_reviews(
+    request: SubmitReviewsRequest,
+    run_id: str = Path(description="Run ID"),
+    auth: APIAuthorizationInfo = Security(
+        require_permission(APIKeyPermission.WRITE_RUN_REVIEW)
+    ),
+) -> SubmitReviewsResponse:
+    """
+    Submit responses to all pending human-in-the-loop reviews for a run.
+
+    All pending reviews for the execution must be included. Approving
+    a review will allow the agent to continue; rejecting will terminate
+    execution at that point.
+    """
+    # Build review decisions dict for process_all_reviews_for_execution
+    review_decisions: dict[
+        str, tuple[ReviewStatus, SafeJsonData | None, str | None]
+    ] = {}
+
+    for decision in request.reviews:
+        status = ReviewStatus.APPROVED if decision.approved else ReviewStatus.REJECTED
+        review_decisions[decision.node_exec_id] = (
+            status,
+            decision.edited_payload,
+            decision.message,
+        )
+
+    try:
+        results = await review_db.process_all_reviews_for_execution(
+            user_id=auth.user_id,
+            review_decisions=review_decisions,
+        )
+
+        approved_count = sum(
+            1 for r in results.values() if r.status == ReviewStatus.APPROVED
+        )
+        rejected_count = sum(
+            1 for r in results.values() if r.status == ReviewStatus.REJECTED
+        )
+
+        return SubmitReviewsResponse(
+            run_id=run_id,
+            approved_count=approved_count,
+            rejected_count=rejected_count,
+        )
+
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail=str(e))