v0.5.81: traces fix, additional confluence tools, azure anthropic support, opus 4.6

v0.5.80: lock feature, enterprise modules, time formatting consolidation, files, UX and UI improvements, longer timeouts
v0.5.79: longer MCP tools timeout, optimize loop/parallel regeneration, enrich.so integration
2026-02-07 05:05:15 -05:00 · 2026-02-05 11:28:54 -08:00 · 2026-02-04 18:27:05 -08:00 · 2026-01-31 21:57:56 -08:00 · 2026-01-31 13:48:22 -08:00 · 2026-01-30 14:57:17 -08:00
148 changed files with 680 additions and 15745 deletions
--- a/apps/docs/components/icons.tsx
+++ b/apps/docs/components/icons.tsx
@@ -1131,32 +1131,6 @@ export function AirtableIcon(props: SVGProps<SVGSVGElement>) {
  )
 }

-export function AirweaveIcon(props: SVGProps<SVGSVGElement>) {
-  return (
-    <svg
-      {...props}
-      width='143'
-      height='143'
-      viewBox='0 0 143 143'
-      fill='none'
-      xmlns='http://www.w3.org/2000/svg'
-    >
-      <path
-        d='M89.8854 128.872C79.9165 123.339 66.7502 115.146 60.5707 107.642L60.0432 107.018C58.7836 105.5 57.481 104.014 56.1676 102.593C51.9152 97.9641 47.3614 93.7978 42.646 90.2021C40.7405 88.7487 38.7704 87.3492 36.8111 86.0789C35.7991 85.4222 34.8302 84.8193 33.9151 84.2703C31.6221 82.903 28.8338 82.5263 26.2716 83.2476C23.8385 83.9366 21.89 85.5406 20.7596 87.7476C18.5634 92.0323 20.0814 97.3289 24.2046 99.805C27.5204 101.786 30.7608 104.111 33.8398 106.717C34.2381 107.05 34.3996 107.578 34.2596 108.062C33.1292 112.185 31.9989 118.957 31.5682 121.67C30.6424 127.429 33.4737 133.081 38.5982 135.751L38.7812 135.848C41.0204 137 43.6472 136.946 45.8219 135.697C47.9858 134.459 49.353 132.231 49.4822 129.733C49.536 128.657 49.6006 127.58 49.676 126.59C49.719 126.062 50.042 125.632 50.5264 125.459C50.6772 125.406 50.8494 125.373 51.0001 125.373C51.3554 125.373 51.6784 125.513 51.9475 125.782C56.243 130.185 60.8829 134.169 65.7167 137.625C70.3674 140.951 75.8686 142.706 81.639 142.706C83.7383 142.706 85.8376 142.469 87.8938 141.995L88.1199 141.942C90.9943 141.274 93.029 139.024 93.4488 136.085C93.8687 133.146 92.4476 130.315 89.8747 128.883H89.8639L89.8854 128.872Z'
-        fill='currentColor'
-      />
-      <path
-        d='M142.551 58.1747L142.529 58.0563C142.045 55.591 140.118 53.7069 137.598 53.2548C135.112 52.8134 132.754 53.8577 131.484 55.9893L131.408 56.1077C126.704 64.1604 120.061 71.6101 111.653 78.2956C109.446 80.0504 107.293 81.902 105.226 83.8075C103.644 85.2717 101.265 85.53 99.4452 84.4212C97.6474 83.3339 95.8495 82.1389 94.1055 80.8686C90.3268 78.1233 86.6772 74.9475 83.2753 71.4271C81.4989 69.597 79.798 67.6915 78.1939 65.7321C76.0408 63.1161 73.7477 60.5539 71.3685 58.1316C66.3195 52.9857 56.6089 45.9127 53.7453 43.878C53.3792 43.6304 53.1639 43.2428 53.0993 42.8014C53.0455 42.3601 53.1639 41.9509 53.4546 41.6064C55.274 39.4318 56.9965 37.1818 58.5683 34.921C60.2369 32.5311 60.786 29.6028 60.0862 26.8899C59.408 24.2523 57.6424 22.11 55.134 20.8827C50.9139 18.7942 45.8972 20.0968 43.2273 23.9293C40.8373 27.3636 38.0167 30.7332 34.8732 33.9306C34.5718 34.232 34.1304 34.3397 33.7213 34.1889C30.5239 33.1447 27.2296 32.2942 23.9461 31.659C23.7093 31.616 23.354 31.5514 22.9126 31.4975C16.4102 30.5286 10.1123 33.7798 7.21639 39.5717L7.1195 39.7548C6.18289 41.628 6.26902 43.8349 7.32405 45.6651C8.40061 47.5167 10.3277 48.701 12.4592 48.8194C13.4604 48.8732 14.4401 48.9378 15.3659 49.0024C15.7966 49.0347 16.1411 49.2823 16.3025 49.6914C16.4533 50.1112 16.3671 50.5419 16.0657 50.8541C12.147 54.8804 8.60515 59.1974 5.5262 63.6867C1.1446 70.0814 -0.481008 78.2095 1.08 85.9822L1.10154 86.1006C1.70441 89.0719 4.05131 91.2035 7.07644 91.5264C9.98315 91.8386 12.6099 90.3208 13.7619 87.6724L13.8265 87.5109C18.6925 75.8625 26.7559 65.5168 37.7907 56.7536C38.3182 56.3445 39.0072 56.28 39.567 56.5922C45.3373 59.768 50.8601 63.902 55.9738 68.8864C56.5982 69.4893 56.6089 70.5013 56.0168 71.1257C53.4761 73.8063 51.0862 76.6054 48.9115 79.469C47.2106 81.7083 47.5335 84.8949 49.6221 86.7358L53.3254 89.9977L53.2824 90.0409C53.8637 90.5576 54.445 91.0744 55.0264 91.5911L55.8123 92.194C56.9319 93.1844 58.3529 93.6365 59.8386 93.4858C61.3027 93.3351 62.67 92.56 63.5635 91.3758C65.1353 89.2873 66.8578 87.2525 68.6556 85.304C68.957 84.9702 69.3661 84.798 69.8075 84.7872C70.2705 84.7872 70.6257 84.9379 70.9164 85.2286C75.8147 90.0624 81.1114 94.3686 86.6772 97.9966C88.8626 99.4176 89.4978 102.26 88.1306 104.477C86.9248 106.448 85.7729 108.493 84.7179 110.539C83.5014 112.918 83.2968 115.738 84.1688 118.257C84.9978 120.68 86.7095 122.585 88.981 123.64C90.2514 124.232 91.5971 124.534 92.9859 124.534C96.5062 124.534 99.682 122.596 101.286 119.452C102.729 116.61 104.419 113.8 106.281 111.131C107.369 109.559 109.36 108.838 111.255 109.322C115.26 110.355 120.643 111.421 124.454 112.143C128.308 112.864 132.119 111.023 133.96 107.578L134.143 107.233C135.521 104.628 135.531 101.506 134.164 98.8901C132.786 96.2526 130.181 94.4655 127.21 94.121C126.478 94.0349 125.778 93.9488 125.11 93.8626C124.97 93.8411 124.852 93.8196 124.744 93.798L123.356 93.4751L124.357 92.4523C124.432 92.377 124.529 92.2801 124.658 92.194C128.771 88.8028 132.571 85.1963 135.962 81.4714C141.668 75.1951 144.122 66.4965 142.518 58.1747H142.529H142.551Z'
-        fill='currentColor'
-      />
-      <path
-        d='M56.6506 14.3371C65.5861 19.6338 77.4067 27.3743 82.9833 34.1674C83.64 34.9532 84.2967 35.7391 84.9534 36.4927C86.1591 37.8815 86.2991 39.8731 85.2979 41.4233C83.4892 44.2116 81.4115 46.9569 79.1399 49.5945C77.4713 51.5107 77.4067 54.3098 78.9785 56.2476L79.0431 56.323C79.2261 56.5598 79.4306 56.8074 79.6136 57.0442C81.2931 59.1758 83.0801 61.2213 84.9211 63.1375C85.9007 64.1603 87.2249 64.7309 88.6352 64.7309L88.7644 65.5275L88.7429 64.7309C90.207 64.6986 91.6173 64.0526 92.5969 62.933C94.8362 60.4031 96.9247 57.744 98.8302 55.0633C100.133 53.2224 102.63 52.8026 104.525 54.1052C106.463 55.4402 108.465 56.7105 110.457 57.8839C112.793 59.2511 115.614 59.5095 118.165 58.5621C120.749 57.604 122.762 55.5694 123.656 52.9533C125.055 48.9055 123.257 44.2547 119.382 41.9078C116.755 40.3145 114.15 38.5166 111.674 36.5788C110.382 35.5561 109.833 33.8767 110.296 32.2941C111.437 28.3001 112.481 23.1218 113.148 19.4831C113.837 15.7259 112.147 11.8826 108.939 9.94477L108.562 9.72944C105.871 8.12537 102.587 8.00696 99.7668 9.40649C96.9247 10.8168 95.03 13.5405 94.6855 16.6733L94.6639 16.867C94.6209 17.2546 94.384 17.5453 94.018 17.6637C93.652 17.7821 93.2859 17.6852 93.0168 17.4269C89.0012 13.1422 84.738 9.25576 80.3134 5.8646C74.3708 1.31075 66.7811 -0.583999 59.4928 0.675575L59.1805 0.729423C56.1124 1.2677 53.7547 3.60383 53.1949 6.68279C52.6351 9.72946 53.9915 12.7223 56.6722 14.3048H56.6614L56.6506 14.3371Z'
-        fill='currentColor'
-      />
-    </svg>
-  )
-}
-
 export function GoogleDocsIcon(props: SVGProps<SVGSVGElement>) {
  return (
    <svg
@@ -5462,24 +5436,3 @@ export function EnrichSoIcon(props: SVGProps<SVGSVGElement>) {
    </svg>
  )
 }
-
-export function AgentSkillsIcon(props: SVGProps<SVGSVGElement>) {
-  return (
-    <svg
-      {...props}
-      xmlns='http://www.w3.org/2000/svg'
-      width='16'
-      height='16'
-      viewBox='0 0 16 16'
-      fill='none'
-    >
-      <path
-        d='M8 1L14.0622 4.5V11.5L8 15L1.93782 11.5V4.5L8 1Z'
-        stroke='currentColor'
-        strokeWidth='1.5'
-        fill='none'
-      />
-      <path d='M8 4.5L11 6.25V9.75L8 11.5L5 9.75V6.25L8 4.5Z' fill='currentColor' />
-    </svg>
-  )
-}
--- a/apps/docs/components/ui/icon-mapping.ts
+++ b/apps/docs/components/ui/icon-mapping.ts
@@ -7,7 +7,6 @@ import {
  A2AIcon,
  AhrefsIcon,
  AirtableIcon,
-  AirweaveIcon,
  ApifyIcon,
  ApolloIcon,
  ArxivIcon,
@@ -142,7 +141,6 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
  a2a: A2AIcon,
  ahrefs: AhrefsIcon,
  airtable: AirtableIcon,
-  airweave: AirweaveIcon,
  apify: ApifyIcon,
  apollo: ApolloIcon,
  arxiv: ArxivIcon,
--- a/apps/docs/content/docs/en/meta.json
+++ b/apps/docs/content/docs/en/meta.json
@@ -10,7 +10,6 @@
    "connections",
    "mcp",
    "copilot",
-    "skills",
    "knowledgebase",
    "variables",
    "execution",
--- a/apps/docs/content/docs/en/skills/index.mdx
+++ b/apps/docs/content/docs/en/skills/index.mdx
@@ -1,134 +0,0 @@
---
-title: Agent Skills
---
-
-import { Callout } from 'fumadocs-ui/components/callout'
-
-Agent Skills are reusable packages of instructions that give your AI agents specialized capabilities. Based on the open [Agent Skills](https://agentskills.io) format, skills let you capture domain expertise, workflows, and best practices that agents can load on demand.
-
-## How Skills Work
-
-Skills use **progressive disclosure** to keep agent context lean:
-
-1. **Discovery** — Only skill names and descriptions are included in the agent's system prompt (~50-100 tokens each)
-2. **Activation** — When the agent decides a skill is relevant, it calls the `load_skill` tool to load the full instructions into context
-3. **Execution** — The agent follows the loaded instructions to complete the task
-
-This means you can attach many skills to an agent without bloating its context window. The agent only loads what it needs.
-
-## Creating Skills
-
-Go to **Settings** and select **Skills** under the Tools section.
-
-![Manage Skills](/static/skills/manage-skills.png)
-
-Click **Add** to create a new skill with three fields:
-
-| Field | Description |
-|-------|-------------|
-| **Name** | A kebab-case identifier (e.g. `sql-expert`, `code-reviewer`). Max 64 characters. |
-| **Description** | A short explanation of what the skill does and when to use it. This is what the agent reads to decide whether to activate the skill. Max 1024 characters. |
-| **Content** | The full skill instructions in markdown. This is loaded when the agent activates the skill. |
-
-<Callout type="info">
-  The description is critical — it's the only thing the agent sees before deciding to load a skill. Be specific about when and why the skill should be used.
-</Callout>
-
-### Writing Good Skill Content
-
-Skill content follows the same conventions as [SKILL.md files](https://agentskills.io/specification):
-
-```markdown
-# SQL Expert
-
-## When to use this skill
-Use when the user asks you to write, optimize, or debug SQL queries.
-
-## Instructions
-1. Always ask which database engine (PostgreSQL, MySQL, SQLite)
-2. Use CTEs over subqueries for readability
-3. Add index recommendations when relevant
-4. Explain query plans for optimization requests
-
-## Common Patterns
-...
-```
-
-**Recommended structure:**
- **When to use** — Specific triggers and scenarios
- **Instructions** — Step-by-step guidance with numbered lists
- **Examples** — Input/output samples showing expected behavior
- **Common Patterns** — Reusable approaches for frequent tasks
- **Edge Cases** — Gotchas and special considerations
-
-Keep skills focused and under 500 lines. If a skill grows too large, split it into multiple specialized skills.
-
-## Adding Skills to an Agent
-
-Open any **Agent** block and find the **Skills** dropdown below the tools section. Select the skills you want the agent to have access to.
-
-![Add Skill](/static/skills/add-skill.png)
-
-Selected skills appear as cards that you can click to edit or remove.
-
-### What Happens at Runtime
-
-When the workflow runs:
-
-1. The agent's system prompt includes an `<available_skills>` section listing each skill's name and description
-2. A `load_skill` tool is automatically added to the agent's available tools
-3. When the agent determines a skill is relevant to the current task, it calls `load_skill` with the skill name
-4. The full skill content is returned as a tool response, giving the agent detailed instructions
-
-This works across all supported LLM providers — the `load_skill` tool uses standard tool-calling, so no provider-specific configuration is needed.
-
-## Common Use Cases
-
-Skills are most valuable when agents need specialized knowledge or multi-step workflows:
-
-**Domain Expertise**
- `api-integration-expert` — Best practices for calling specific APIs (authentication, rate limiting, error handling)
- `data-transformation` — ETL patterns, data cleaning, and validation rules
- `code-reviewer` — Code review guidelines specific to your team's standards
-
-**Workflow Templates**
- `bug-investigation` — Step-by-step debugging methodology (reproduce → isolate → test → fix)
- `feature-implementation` — Development workflow from requirements to deployment
- `document-generator` — Templates and formatting rules for technical documentation
-
-**Company-Specific Knowledge**
- `our-architecture` — System architecture diagrams, service dependencies, and deployment processes
- `style-guide` — Brand guidelines, writing tone, UI/UX patterns
- `customer-onboarding` — Standard procedures and common customer questions
-
-**When to use skills vs. agent instructions:**
- Use **skills** for knowledge that applies across multiple workflows or changes frequently
- Use **agent instructions** for task-specific context that's unique to a single agent
-
-## Best Practices
-
-**Writing Effective Descriptions**
- **Be specific and keyword-rich** — Instead of "Helps with SQL", write "Write optimized SQL queries for PostgreSQL, MySQL, and SQLite, including index recommendations and query plan analysis"
- **Include activation triggers** — Mention specific words or phrases that should prompt the skill (e.g., "Use when the user mentions PDFs, forms, or document extraction")
- **Keep it under 200 words** — Agents scan descriptions quickly; make every word count
-
-**Skill Scope and Organization**
- **One skill per domain** — A focused `sql-expert` skill works better than a broad `database-everything` skill
- **Limit to 5-10 skills per agent** — More skills = more decision overhead; start small and add as needed
- **Split large skills** — If a skill exceeds 500 lines, break it into focused sub-skills
-
-**Content Structure**
- **Use markdown formatting** — Headers, lists, and code blocks help agents parse and follow instructions
- **Provide examples** — Show input/output pairs so agents understand expected behavior
- **Be explicit about edge cases** — Don't assume agents will infer special handling
-
-**Testing and Iteration**
- **Test activation** — Run your workflow and verify the agent loads the skill when expected
- **Check for false positives** — Make sure skills aren't activating when they shouldn't
- **Refine descriptions** — If a skill isn't loading when needed, add more keywords to the description
-
-## Learn More
-
- [Agent Skills specification](https://agentskills.io) — The open format for portable agent skills
- [Example skills](https://github.com/anthropics/skills) — Browse community skill examples
- [Best practices](https://agentskills.io/what-are-skills) — Writing effective skills
--- a/apps/docs/content/docs/en/tools/airweave.mdx
+++ b/apps/docs/content/docs/en/tools/airweave.mdx
@@ -1,67 +0,0 @@
---
-title: Airweave
-description: Search your synced data collections
---
-
-import { BlockInfoCard } from "@/components/ui/block-info-card"
-
-<BlockInfoCard 
-  type="airweave"
-  color="#6366F1"
-/>
-
-{/* MANUAL-CONTENT-START:intro */}
-[Airweave](https://airweave.ai/) is an AI-powered semantic search platform that helps you discover and retrieve knowledge across all your synced data sources. Built for modern teams, Airweave enables fast, relevant search results using neural, hybrid, or keyword-based strategies tailored to your needs.
-
-With Airweave, you can:
-
- **Search smarter**: Use natural language queries to uncover information stored across your connected tools and databases
- **Unify your data**: Seamlessly access content from sources like code, docs, chat, emails, cloud files, and more
- **Customize retrieval**: Select between hybrid (semantic + keyword), neural, or keyword search strategies for optimal results
- **Boost recall**: Expand search queries with AI to find more comprehensive answers
- **Rerank results using AI**: Prioritize the most relevant answers with powerful language models
- **Get instant answers**: Generate clear, AI-powered responses synthesized from your data
-
-In Sim, the Airweave integration empowers your agents to search, summarize, and extract insights from all your organization’s data via a single tool. Use Airweave to drive rich, contextual knowledge retrieval within your workflows—whether answering questions, generating summaries, or supporting dynamic decision-making.
-{/* MANUAL-CONTENT-END */}
-
-## Usage Instructions
-
-Search across your synced data sources using Airweave. Supports semantic search with hybrid, neural, or keyword retrieval strategies. Optionally generate AI-powered answers from search results.
-
-
-
-## Tools
-
-### `airweave_search`
-
-Search your synced data collections using Airweave. Supports semantic search with hybrid, neural, or keyword retrieval strategies. Optionally generate AI-powered answers from search results.
-
-#### Input
-
-| Parameter | Type | Required | Description |
-| --------- | ---- | -------- | ----------- |
-| `apiKey` | string | Yes | Airweave API Key for authentication |
-| `collectionId` | string | Yes | The readable ID of the collection to search |
-| `query` | string | Yes | The search query text |
-| `limit` | number | No | Maximum number of results to return \(default: 100\) |
-| `retrievalStrategy` | string | No | Retrieval strategy: hybrid \(default\), neural, or keyword |
-| `expandQuery` | boolean | No | Generate query variations to improve recall |
-| `rerank` | boolean | No | Reorder results for improved relevance using LLM |
-| `generateAnswer` | boolean | No | Generate a natural-language answer to the query |
-
-#### Output
-
-| Parameter | Type | Description |
-| --------- | ---- | ----------- |
-| `results` | array | Search results with content, scores, and metadata from your synced data |
-|   ↳ `entity_id` | string | Unique identifier for the search result entity |
-|   ↳ `source_name` | string | Name of the data source \(e.g., "GitHub", "Slack"\) |
-|   ↳ `md_content` | string | Markdown-formatted content of the result |
-|   ↳ `score` | number | Relevance score from the search |
-|   ↳ `metadata` | object | Additional metadata associated with the result |
-|   ↳ `breadcrumbs` | array | Navigation path to the result within its source |
-|   ↳ `url` | string | URL to the original content |
-| `completion` | string | AI-generated answer to the query \(when generateAnswer is enabled\) |
-
-
--- a/apps/docs/content/docs/en/tools/linear.mdx
+++ b/apps/docs/content/docs/en/tools/linear.mdx
@@ -320,7 +320,6 @@ Search for issues in Linear using full-text search
 | `teamId` | string | No | Filter by team ID |
 | `includeArchived` | boolean | No | Include archived issues in search results |
 | `first` | number | No | Number of results to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

@@ -755,10 +754,6 @@ List all labels in Linear workspace or team
 |   ↳ `name` | string | Label name |
 |   ↳ `color` | string | Label color \(hex\) |
 |   ↳ `description` | string | Label description |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -785,10 +780,6 @@ Create a new label in Linear
 |   ↳ `name` | string | Label name |
 |   ↳ `color` | string | Label color \(hex\) |
 |   ↳ `description` | string | Label description |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -815,10 +806,6 @@ Update an existing label in Linear
 |   ↳ `name` | string | Label name |
 |   ↳ `color` | string | Label color \(hex\) |
 |   ↳ `description` | string | Label description |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -862,13 +849,9 @@ List all workflow states (statuses) in Linear
 | `states` | array | Array of workflow states |
 |   ↳ `id` | string | State ID |
 |   ↳ `name` | string | State name \(e.g., "Todo", "In Progress"\) |
-|   ↳ `description` | string | State description |
-|   ↳ `type` | string | State type \(triage, backlog, unstarted, started, completed, canceled\) |
+|   ↳ `type` | string | State type \(unstarted, started, completed, canceled\) |
 |   ↳ `color` | string | State color \(hex\) |
 |   ↳ `position` | number | State position in workflow |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -894,17 +877,11 @@ Create a new workflow state (status) in Linear
 | --------- | ---- | ----------- |
 | `state` | object | The created workflow state |
 |   ↳ `id` | string | State ID |
-|   ↳ `name` | string | State name \(e.g., "Todo", "In Progress"\) |
-|   ↳ `description` | string | State description |
-|   ↳ `type` | string | State type \(triage, backlog, unstarted, started, completed, canceled\) |
-|   ↳ `color` | string | State color \(hex\) |
-|   ↳ `position` | number | State position in workflow |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
-|   ↳ `team` | object | Team object |
-|     ↳ `id` | string | Team ID |
-|     ↳ `name` | string | Team name |
+|   ↳ `name` | string | State name |
+|   ↳ `type` | string | State type |
+|   ↳ `color` | string | State color |
+|   ↳ `position` | number | State position |
+|   ↳ `team` | object | Team this state belongs to |

 ### `linear_update_workflow_state`

@@ -926,17 +903,10 @@ Update an existing workflow state in Linear
 | --------- | ---- | ----------- |
 | `state` | object | The updated workflow state |
 |   ↳ `id` | string | State ID |
-|   ↳ `name` | string | State name \(e.g., "Todo", "In Progress"\) |
-|   ↳ `description` | string | State description |
-|   ↳ `type` | string | State type \(triage, backlog, unstarted, started, completed, canceled\) |
-|   ↳ `color` | string | State color \(hex\) |
-|   ↳ `position` | number | State position in workflow |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |
-|   ↳ `team` | object | Team object |
-|     ↳ `id` | string | Team ID |
-|     ↳ `name` | string | Team name |
+|   ↳ `name` | string | State name |
+|   ↳ `type` | string | State type |
+|   ↳ `color` | string | State color |
+|   ↳ `position` | number | State position |

 ### `linear_list_cycles`

@@ -965,7 +935,6 @@ List cycles (sprints/iterations) in Linear
 |   ↳ `endsAt` | string | End date \(ISO 8601\) |
 |   ↳ `completedAt` | string | Completion date \(ISO 8601\) |
 |   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -992,7 +961,6 @@ Get a single cycle by ID from Linear
 |   ↳ `endsAt` | string | End date \(ISO 8601\) |
 |   ↳ `completedAt` | string | Completion date \(ISO 8601\) |
 |   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
 |   ↳ `team` | object | Team object |
 |     ↳ `id` | string | Team ID |
 |     ↳ `name` | string | Team name |
@@ -1018,14 +986,9 @@ Create a new cycle (sprint/iteration) in Linear
 |   ↳ `id` | string | Cycle ID |
 |   ↳ `number` | number | Cycle number |
 |   ↳ `name` | string | Cycle name |
-|   ↳ `startsAt` | string | Start date \(ISO 8601\) |
-|   ↳ `endsAt` | string | End date \(ISO 8601\) |
-|   ↳ `completedAt` | string | Completion date \(ISO 8601\) |
-|   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `team` | object | Team object |
-|     ↳ `id` | string | Team ID |
-|     ↳ `name` | string | Team name |
+|   ↳ `startsAt` | string | Start date |
+|   ↳ `endsAt` | string | End date |
+|   ↳ `team` | object | Team this cycle belongs to |

 ### `linear_get_active_cycle`

@@ -1045,14 +1008,10 @@ Get the currently active cycle for a team
 |   ↳ `id` | string | Cycle ID |
 |   ↳ `number` | number | Cycle number |
 |   ↳ `name` | string | Cycle name |
-|   ↳ `startsAt` | string | Start date \(ISO 8601\) |
-|   ↳ `endsAt` | string | End date \(ISO 8601\) |
-|   ↳ `completedAt` | string | Completion date \(ISO 8601\) |
-|   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `team` | object | Team object |
-|     ↳ `id` | string | Team ID |
-|     ↳ `name` | string | Team name |
+|   ↳ `startsAt` | string | Start date |
+|   ↳ `endsAt` | string | End date |
+|   ↳ `progress` | number | Progress percentage |
+|   ↳ `team` | object | Team this cycle belongs to |

 ### `linear_create_attachment`

@@ -1375,12 +1334,8 @@ Create a new customer in Linear
 |   ↳ `domains` | array | Associated domains |
 |   ↳ `externalIds` | array | External IDs from other systems |
 |   ↳ `logoUrl` | string | Logo URL |
-|   ↳ `slugId` | string | Unique URL slug |
 |   ↳ `approximateNeedCount` | number | Number of customer needs |
-|   ↳ `revenue` | number | Annual revenue |
-|   ↳ `size` | number | Organization size |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_list_customers`
@@ -1408,12 +1363,8 @@ List all customers in Linear
 |   ↳ `domains` | array | Associated domains |
 |   ↳ `externalIds` | array | External IDs from other systems |
 |   ↳ `logoUrl` | string | Logo URL |
-|   ↳ `slugId` | string | Unique URL slug |
 |   ↳ `approximateNeedCount` | number | Number of customer needs |
-|   ↳ `revenue` | number | Annual revenue |
-|   ↳ `size` | number | Organization size |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_create_customer_request`
@@ -1529,12 +1480,8 @@ Get a single customer by ID in Linear
 |   ↳ `domains` | array | Associated domains |
 |   ↳ `externalIds` | array | External IDs from other systems |
 |   ↳ `logoUrl` | string | Logo URL |
-|   ↳ `slugId` | string | Unique URL slug |
 |   ↳ `approximateNeedCount` | number | Number of customer needs |
-|   ↳ `revenue` | number | Annual revenue |
-|   ↳ `size` | number | Organization size |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_update_customer`
@@ -1566,12 +1513,8 @@ Update a customer in Linear
 |   ↳ `domains` | array | Associated domains |
 |   ↳ `externalIds` | array | External IDs from other systems |
 |   ↳ `logoUrl` | string | Logo URL |
-|   ↳ `slugId` | string | Unique URL slug |
 |   ↳ `approximateNeedCount` | number | Number of customer needs |
-|   ↳ `revenue` | number | Annual revenue |
-|   ↳ `size` | number | Organization size |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_delete_customer`
@@ -1617,8 +1560,8 @@ Create a new customer status in Linear
 | --------- | ---- | -------- | ----------- |
 | `name` | string | Yes | Customer status name |
 | `color` | string | Yes | Status color \(hex code\) |
-| `description` | string | No | Status description |
 | `displayName` | string | No | Display name for the status |
+| `description` | string | No | Status description |
 | `position` | number | No | Position in status list |

 #### Output
@@ -1628,12 +1571,11 @@ Create a new customer status in Linear
 | `customerStatus` | object | The created customer status |
 |   ↳ `id` | string | Customer status ID |
 |   ↳ `name` | string | Status name |
+|   ↳ `displayName` | string | Display name |
 |   ↳ `description` | string | Status description |
 |   ↳ `color` | string | Status color \(hex\) |
 |   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(active, inactive\) |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_update_customer_status`
@@ -1647,8 +1589,8 @@ Update a customer status in Linear
 | `statusId` | string | Yes | Customer status ID to update |
 | `name` | string | No | Updated status name |
 | `color` | string | No | Updated status color |
-| `description` | string | No | Updated description |
 | `displayName` | string | No | Updated display name |
+| `description` | string | No | Updated description |
 | `position` | number | No | Updated position |

 #### Output
@@ -1656,15 +1598,6 @@ Update a customer status in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `customerStatus` | object | The updated customer status |
-|   ↳ `id` | string | Customer status ID |
-|   ↳ `name` | string | Status name |
-|   ↳ `description` | string | Status description |
-|   ↳ `color` | string | Status color \(hex\) |
-|   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(active, inactive\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_delete_customer_status`

@@ -1690,25 +1623,19 @@ List all customer statuses in Linear

 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `first` | number | No | Number of statuses to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `pageInfo` | object | Pagination information |
-|   ↳ `hasNextPage` | boolean | Whether there are more results |
-|   ↳ `endCursor` | string | Cursor for the next page |
 | `customerStatuses` | array | List of customer statuses |
 |   ↳ `id` | string | Customer status ID |
 |   ↳ `name` | string | Status name |
+|   ↳ `displayName` | string | Display name |
 |   ↳ `description` | string | Status description |
 |   ↳ `color` | string | Status color \(hex\) |
 |   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(active, inactive\) |
 |   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
 |   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_create_customer_tier`
@@ -1784,16 +1711,11 @@ List all customer tiers in Linear

 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `first` | number | No | Number of tiers to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `pageInfo` | object | Pagination information |
-|   ↳ `hasNextPage` | boolean | Whether there are more results |
-|   ↳ `endCursor` | string | Cursor for the next page |
 | `customerTiers` | array | List of customer tiers |
 |   ↳ `id` | string | Customer tier ID |
 |   ↳ `name` | string | Tier name |
@@ -1839,14 +1761,6 @@ Create a new project label in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectLabel` | object | The created project label |
-|   ↳ `id` | string | Project label ID |
-|   ↳ `name` | string | Label name |
-|   ↳ `description` | string | Label description |
-|   ↳ `color` | string | Label color \(hex\) |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_update_project_label`

@@ -1866,14 +1780,6 @@ Update a project label in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectLabel` | object | The updated project label |
-|   ↳ `id` | string | Project label ID |
-|   ↳ `name` | string | Label name |
-|   ↳ `description` | string | Label description |
-|   ↳ `color` | string | Label color \(hex\) |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_delete_project_label`

@@ -1900,25 +1806,12 @@ List all project labels in Linear
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `projectId` | string | No | Optional project ID to filter labels for a specific project |
-| `first` | number | No | Number of labels to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `pageInfo` | object | Pagination information |
-|   ↳ `hasNextPage` | boolean | Whether there are more results |
-|   ↳ `endCursor` | string | Cursor for the next page |
 | `projectLabels` | array | List of project labels |
-|   ↳ `id` | string | Project label ID |
-|   ↳ `name` | string | Label name |
-|   ↳ `description` | string | Label description |
-|   ↳ `color` | string | Label color \(hex\) |
-|   ↳ `isGroup` | boolean | Whether this label is a group |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last update timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_add_label_to_project`

@@ -1974,16 +1867,6 @@ Create a new project milestone in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectMilestone` | object | The created project milestone |
-|   ↳ `id` | string | Project milestone ID |
-|   ↳ `name` | string | Milestone name |
-|   ↳ `description` | string | Milestone description |
-|   ↳ `projectId` | string | Project ID |
-|   ↳ `targetDate` | string | Target date \(YYYY-MM-DD\) |
-|   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `sortOrder` | number | Sort order within the project |
-|   ↳ `status` | string | Milestone status \(done, next, overdue, unstarted\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_update_project_milestone`

@@ -2003,16 +1886,6 @@ Update a project milestone in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectMilestone` | object | The updated project milestone |
-|   ↳ `id` | string | Project milestone ID |
-|   ↳ `name` | string | Milestone name |
-|   ↳ `description` | string | Milestone description |
-|   ↳ `projectId` | string | Project ID |
-|   ↳ `targetDate` | string | Target date \(YYYY-MM-DD\) |
-|   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `sortOrder` | number | Sort order within the project |
-|   ↳ `status` | string | Milestone status \(done, next, overdue, unstarted\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_delete_project_milestone`

@@ -2039,27 +1912,12 @@ List all milestones for a project in Linear
 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `projectId` | string | Yes | Project ID to list milestones for |
-| `first` | number | No | Number of milestones to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `pageInfo` | object | Pagination information |
-|   ↳ `hasNextPage` | boolean | Whether there are more results |
-|   ↳ `endCursor` | string | Cursor for the next page |
 | `projectMilestones` | array | List of project milestones |
-|   ↳ `id` | string | Project milestone ID |
-|   ↳ `name` | string | Milestone name |
-|   ↳ `description` | string | Milestone description |
-|   ↳ `projectId` | string | Project ID |
-|   ↳ `targetDate` | string | Target date \(YYYY-MM-DD\) |
-|   ↳ `progress` | number | Progress percentage \(0-1\) |
-|   ↳ `sortOrder` | number | Sort order within the project |
-|   ↳ `status` | string | Milestone status \(done, next, overdue, unstarted\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_create_project_status`

@@ -2081,16 +1939,6 @@ Create a new project status in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectStatus` | object | The created project status |
-|   ↳ `id` | string | Project status ID |
-|   ↳ `name` | string | Status name |
-|   ↳ `description` | string | Status description |
-|   ↳ `color` | string | Status color \(hex\) |
-|   ↳ `indefinite` | boolean | Whether this status is indefinite |
-|   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(backlog, planned, started, paused, completed, canceled\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_update_project_status`

@@ -2112,16 +1960,6 @@ Update a project status in Linear
 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
 | `projectStatus` | object | The updated project status |
-|   ↳ `id` | string | Project status ID |
-|   ↳ `name` | string | Status name |
-|   ↳ `description` | string | Status description |
-|   ↳ `color` | string | Status color \(hex\) |
-|   ↳ `indefinite` | boolean | Whether this status is indefinite |
-|   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(backlog, planned, started, paused, completed, canceled\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |

 ### `linear_delete_project_status`

@@ -2147,26 +1985,11 @@ List all project statuses in Linear

 | Parameter | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
-| `first` | number | No | Number of statuses to return \(default: 50\) |
-| `after` | string | No | Cursor for pagination |

 #### Output

 | Parameter | Type | Description |
 | --------- | ---- | ----------- |
-| `pageInfo` | object | Pagination information |
-|   ↳ `hasNextPage` | boolean | Whether there are more results |
-|   ↳ `endCursor` | string | Cursor for the next page |
 | `projectStatuses` | array | List of project statuses |
-|   ↳ `id` | string | Project status ID |
-|   ↳ `name` | string | Status name |
-|   ↳ `description` | string | Status description |
-|   ↳ `color` | string | Status color \(hex\) |
-|   ↳ `indefinite` | boolean | Whether this status is indefinite |
-|   ↳ `position` | number | Position in list |
-|   ↳ `type` | string | Status type \(backlog, planned, started, paused, completed, canceled\) |
-|   ↳ `createdAt` | string | Creation timestamp \(ISO 8601\) |
-|   ↳ `updatedAt` | string | Last updated timestamp \(ISO 8601\) |
-|   ↳ `archivedAt` | string | Archive timestamp \(ISO 8601\) |


--- a/apps/docs/content/docs/en/tools/meta.json
+++ b/apps/docs/content/docs/en/tools/meta.json
@@ -4,7 +4,6 @@
    "a2a",
    "ahrefs",
    "airtable",
-    "airweave",
    "apify",
    "apollo",
    "arxiv",
--- a/apps/docs/public/static/skills/add-skill.png
+++ b/apps/docs/public/static/skills/add-skill.png
--- a/apps/docs/public/static/skills/manage-skills.png
+++ b/apps/docs/public/static/skills/manage-skills.png
--- a/apps/sim/app/api/a2a/agents/[agentId]/route.ts
+++ b/apps/sim/app/api/a2a/agents/[agentId]/route.ts
@@ -5,7 +5,7 @@ import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { generateAgentCard, generateSkillsFromWorkflow } from '@/lib/a2a/agent-card'
 import type { AgentCapabilities, AgentSkill } from '@/lib/a2a/types'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getRedisClient } from '@/lib/core/config/redis'
 import { loadWorkflowFromNormalizedTables } from '@/lib/workflows/persistence/utils'
 import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
@@ -40,7 +40,7 @@ export async function GET(request: NextRequest, { params }: { params: Promise<Ro
    }

    if (!agent.agent.isPublished) {
-      const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+      const auth = await checkHybridAuth(request, { requireWorkflowId: false })
      if (!auth.success) {
        return NextResponse.json({ error: 'Agent not published' }, { status: 404 })
      }
@@ -81,7 +81,7 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<Ro
  const { agentId } = await params

  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }
@@ -151,7 +151,7 @@ export async function DELETE(request: NextRequest, { params }: { params: Promise
  const { agentId } = await params

  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }
@@ -189,7 +189,7 @@ export async function POST(request: NextRequest, { params }: { params: Promise<R
  const { agentId } = await params

  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      logger.warn('A2A agent publish auth failed:', { error: auth.error, hasUserId: !!auth.userId })
      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
--- a/apps/sim/app/api/a2a/agents/route.ts
+++ b/apps/sim/app/api/a2a/agents/route.ts
@@ -13,7 +13,7 @@ import { v4 as uuidv4 } from 'uuid'
 import { generateSkillsFromWorkflow } from '@/lib/a2a/agent-card'
 import { A2A_DEFAULT_CAPABILITIES } from '@/lib/a2a/constants'
 import { sanitizeAgentName } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { loadWorkflowFromNormalizedTables } from '@/lib/workflows/persistence/utils'
 import { hasValidStartBlockInState } from '@/lib/workflows/triggers/trigger-utils'
 import { getWorkspaceById } from '@/lib/workspaces/permissions/utils'
@@ -27,7 +27,7 @@ export const dynamic = 'force-dynamic'
 */
 export async function GET(request: NextRequest) {
  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }
@@ -87,7 +87,7 @@ export async function GET(request: NextRequest) {
 */
 export async function POST(request: NextRequest) {
  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
    }
--- a/apps/sim/app/api/auth/oauth/credentials/route.ts
+++ b/apps/sim/app/api/auth/oauth/credentials/route.ts
@@ -5,7 +5,7 @@ import { and, eq } from 'drizzle-orm'
 import { jwtDecode } from 'jwt-decode'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { evaluateScopeCoverage, type OAuthProvider, parseProvider } from '@/lib/oauth'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -81,7 +81,7 @@ export async function GET(request: NextRequest) {
    const { provider: providerParam, workflowId, credentialId } = parseResult.data

    // Authenticate requester (supports session, API key, internal JWT)
-    const authResult = await checkSessionOrInternalAuth(request)
+    const authResult = await checkHybridAuth(request)
    if (!authResult.success || !authResult.userId) {
      logger.warn(`[${requestId}] Unauthenticated credentials request rejected`)
      return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
--- a/apps/sim/app/api/auth/oauth/token/route.test.ts
+++ b/apps/sim/app/api/auth/oauth/token/route.test.ts
@@ -12,7 +12,7 @@ describe('OAuth Token API Routes', () => {
  const mockRefreshTokenIfNeeded = vi.fn()
  const mockGetOAuthToken = vi.fn()
  const mockAuthorizeCredentialUse = vi.fn()
-  const mockCheckSessionOrInternalAuth = vi.fn()
+  const mockCheckHybridAuth = vi.fn()

  const mockLogger = createMockLogger()

@@ -42,7 +42,7 @@ describe('OAuth Token API Routes', () => {
    }))

    vi.doMock('@/lib/auth/hybrid', () => ({
-      checkSessionOrInternalAuth: mockCheckSessionOrInternalAuth,
+      checkHybridAuth: mockCheckHybridAuth,
    }))
  })

@@ -235,7 +235,7 @@ describe('OAuth Token API Routes', () => {

    describe('credentialAccountUserId + providerId path', () => {
      it('should reject unauthenticated requests', async () => {
-        mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+        mockCheckHybridAuth.mockResolvedValueOnce({
          success: false,
          error: 'Authentication required',
        })
@@ -255,8 +255,30 @@ describe('OAuth Token API Routes', () => {
        expect(mockGetOAuthToken).not.toHaveBeenCalled()
      })

+      it('should reject API key authentication', async () => {
+        mockCheckHybridAuth.mockResolvedValueOnce({
+          success: true,
+          authType: 'api_key',
+          userId: 'test-user-id',
+        })
+
+        const req = createMockRequest('POST', {
+          credentialAccountUserId: 'test-user-id',
+          providerId: 'google',
+        })
+
+        const { POST } = await import('@/app/api/auth/oauth/token/route')
+
+        const response = await POST(req)
+        const data = await response.json()
+
+        expect(response.status).toBe(401)
+        expect(data).toHaveProperty('error', 'User not authenticated')
+        expect(mockGetOAuthToken).not.toHaveBeenCalled()
+      })
+
      it('should reject internal JWT authentication', async () => {
-        mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+        mockCheckHybridAuth.mockResolvedValueOnce({
          success: true,
          authType: 'internal_jwt',
          userId: 'test-user-id',
@@ -278,7 +300,7 @@ describe('OAuth Token API Routes', () => {
      })

      it('should reject requests for other users credentials', async () => {
-        mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+        mockCheckHybridAuth.mockResolvedValueOnce({
          success: true,
          authType: 'session',
          userId: 'attacker-user-id',
@@ -300,7 +322,7 @@ describe('OAuth Token API Routes', () => {
      })

      it('should allow session-authenticated users to access their own credentials', async () => {
-        mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+        mockCheckHybridAuth.mockResolvedValueOnce({
          success: true,
          authType: 'session',
          userId: 'test-user-id',
@@ -323,7 +345,7 @@ describe('OAuth Token API Routes', () => {
      })

      it('should return 404 when credential not found for user', async () => {
-        mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+        mockCheckHybridAuth.mockResolvedValueOnce({
          success: true,
          authType: 'session',
          userId: 'test-user-id',
@@ -351,7 +373,7 @@ describe('OAuth Token API Routes', () => {
   */
  describe('GET handler', () => {
    it('should return access token successfully', async () => {
-      mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+      mockCheckHybridAuth.mockResolvedValueOnce({
        success: true,
        authType: 'session',
        userId: 'test-user-id',
@@ -380,7 +402,7 @@ describe('OAuth Token API Routes', () => {
      expect(response.status).toBe(200)
      expect(data).toHaveProperty('accessToken', 'fresh-token')

-      expect(mockCheckSessionOrInternalAuth).toHaveBeenCalled()
+      expect(mockCheckHybridAuth).toHaveBeenCalled()
      expect(mockGetCredential).toHaveBeenCalledWith(mockRequestId, 'credential-id', 'test-user-id')
      expect(mockRefreshTokenIfNeeded).toHaveBeenCalled()
    })
@@ -399,7 +421,7 @@ describe('OAuth Token API Routes', () => {
    })

    it('should handle authentication failure', async () => {
-      mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+      mockCheckHybridAuth.mockResolvedValueOnce({
        success: false,
        error: 'Authentication required',
      })
@@ -418,7 +440,7 @@ describe('OAuth Token API Routes', () => {
    })

    it('should handle credential not found', async () => {
-      mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+      mockCheckHybridAuth.mockResolvedValueOnce({
        success: true,
        authType: 'session',
        userId: 'test-user-id',
@@ -439,7 +461,7 @@ describe('OAuth Token API Routes', () => {
    })

    it('should handle missing access token', async () => {
-      mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+      mockCheckHybridAuth.mockResolvedValueOnce({
        success: true,
        authType: 'session',
        userId: 'test-user-id',
@@ -465,7 +487,7 @@ describe('OAuth Token API Routes', () => {
    })

    it('should handle token refresh failure', async () => {
-      mockCheckSessionOrInternalAuth.mockResolvedValueOnce({
+      mockCheckHybridAuth.mockResolvedValueOnce({
        success: true,
        authType: 'session',
        userId: 'test-user-id',
--- a/apps/sim/app/api/auth/oauth/token/route.ts
+++ b/apps/sim/app/api/auth/oauth/token/route.ts
@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { authorizeCredentialUse } from '@/lib/auth/credential-access'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { getCredential, getOAuthToken, refreshTokenIfNeeded } from '@/app/api/auth/oauth/utils'

@@ -71,7 +71,7 @@ export async function POST(request: NextRequest) {
        providerId,
      })

-      const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+      const auth = await checkHybridAuth(request, { requireWorkflowId: false })
      if (!auth.success || auth.authType !== 'session' || !auth.userId) {
        logger.warn(`[${requestId}] Unauthorized request for credentialAccountUserId path`, {
          success: auth.success,
@@ -187,7 +187,7 @@ export async function GET(request: NextRequest) {
    const { credentialId } = parseResult.data

    // For GET requests, we only support session-based authentication
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || auth.authType !== 'session' || !auth.userId) {
      return NextResponse.json({ error: 'User not authenticated' }, { status: 401 })
    }
--- a/apps/sim/app/api/copilot/chat/route.ts
+++ b/apps/sim/app/api/copilot/chat/route.ts
@@ -285,14 +285,6 @@ export async function POST(req: NextRequest) {
          apiVersion: 'preview',
          endpoint: env.AZURE_OPENAI_ENDPOINT,
        }
-      } else if (providerEnv === 'azure-anthropic') {
-        providerConfig = {
-          provider: 'azure-anthropic',
-          model: envModel,
-          apiKey: env.AZURE_ANTHROPIC_API_KEY,
-          apiVersion: env.AZURE_ANTHROPIC_API_VERSION,
-          endpoint: env.AZURE_ANTHROPIC_ENDPOINT,
-        }
      } else if (providerEnv === 'vertex') {
        providerConfig = {
          provider: 'vertex',
--- a/apps/sim/app/api/files/delete/route.test.ts
+++ b/apps/sim/app/api/files/delete/route.test.ts
@@ -29,7 +29,7 @@ function setupFileApiMocks(
  }

  vi.doMock('@/lib/auth/hybrid', () => ({
-    checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+    checkHybridAuth: vi.fn().mockResolvedValue({
      success: authenticated,
      userId: authenticated ? 'test-user-id' : undefined,
      error: authenticated ? undefined : 'Unauthorized',
--- a/apps/sim/app/api/files/delete/route.ts
+++ b/apps/sim/app/api/files/delete/route.ts
@@ -1,7 +1,7 @@
 import { createLogger } from '@sim/logger'
 import type { NextRequest } from 'next/server'
 import { NextResponse } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import type { StorageContext } from '@/lib/uploads/config'
 import { deleteFile, hasCloudStorage } from '@/lib/uploads/core/storage-service'
 import { extractStorageKey, inferContextFromKey } from '@/lib/uploads/utils/file-utils'
@@ -24,7 +24,7 @@ const logger = createLogger('FilesDeleteAPI')
 */
 export async function POST(request: NextRequest) {
  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success || !authResult.userId) {
      logger.warn('Unauthorized file delete request', {
--- a/apps/sim/app/api/files/download/route.ts
+++ b/apps/sim/app/api/files/download/route.ts
@@ -1,6 +1,6 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import type { StorageContext } from '@/lib/uploads/config'
 import { hasCloudStorage } from '@/lib/uploads/core/storage-service'
 import { verifyFileAccess } from '@/app/api/files/authorization'
@@ -12,7 +12,7 @@ export const dynamic = 'force-dynamic'

 export async function POST(request: NextRequest) {
  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success || !authResult.userId) {
      logger.warn('Unauthorized download URL request', {
--- a/apps/sim/app/api/files/parse/route.test.ts
+++ b/apps/sim/app/api/files/parse/route.test.ts
@@ -35,7 +35,7 @@ function setupFileApiMocks(
  }

  vi.doMock('@/lib/auth/hybrid', () => ({
-    checkInternalAuth: vi.fn().mockResolvedValue({
+    checkHybridAuth: vi.fn().mockResolvedValue({
      success: authenticated,
      userId: authenticated ? 'test-user-id' : undefined,
      error: authenticated ? undefined : 'Unauthorized',
--- a/apps/sim/app/api/files/parse/route.ts
+++ b/apps/sim/app/api/files/parse/route.ts
@@ -5,7 +5,7 @@ import path from 'path'
 import { createLogger } from '@sim/logger'
 import binaryExtensionsList from 'binary-extensions'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
  secureFetchWithPinnedIP,
  validateUrlWithDNS,
@@ -66,7 +66,7 @@ export async function POST(request: NextRequest) {
  const startTime = Date.now()

  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: true })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: true })

    if (!authResult.success) {
      logger.warn('Unauthorized file parse request', {
--- a/apps/sim/app/api/files/serve/[...path]/route.test.ts
+++ b/apps/sim/app/api/files/serve/[...path]/route.test.ts
@@ -55,7 +55,7 @@ describe('File Serve API Route', () => {
    })

    vi.doMock('@/lib/auth/hybrid', () => ({
-      checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+      checkHybridAuth: vi.fn().mockResolvedValue({
        success: true,
        userId: 'test-user-id',
      }),
@@ -165,7 +165,7 @@ describe('File Serve API Route', () => {
    }))

    vi.doMock('@/lib/auth/hybrid', () => ({
-      checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+      checkHybridAuth: vi.fn().mockResolvedValue({
        success: true,
        userId: 'test-user-id',
      }),
@@ -226,7 +226,7 @@ describe('File Serve API Route', () => {
    }))

    vi.doMock('@/lib/auth/hybrid', () => ({
-      checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+      checkHybridAuth: vi.fn().mockResolvedValue({
        success: true,
        userId: 'test-user-id',
      }),
@@ -291,7 +291,7 @@ describe('File Serve API Route', () => {
    }))

    vi.doMock('@/lib/auth/hybrid', () => ({
-      checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+      checkHybridAuth: vi.fn().mockResolvedValue({
        success: true,
        userId: 'test-user-id',
      }),
@@ -350,7 +350,7 @@ describe('File Serve API Route', () => {
    for (const test of contentTypeTests) {
      it(`should serve ${test.ext} file with correct content type`, async () => {
        vi.doMock('@/lib/auth/hybrid', () => ({
-          checkSessionOrInternalAuth: vi.fn().mockResolvedValue({
+          checkHybridAuth: vi.fn().mockResolvedValue({
            success: true,
            userId: 'test-user-id',
          }),
--- a/apps/sim/app/api/files/serve/[...path]/route.ts
+++ b/apps/sim/app/api/files/serve/[...path]/route.ts
@@ -2,7 +2,7 @@ import { readFile } from 'fs/promises'
 import { createLogger } from '@sim/logger'
 import type { NextRequest } from 'next/server'
 import { NextResponse } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { CopilotFiles, isUsingCloudStorage } from '@/lib/uploads'
 import type { StorageContext } from '@/lib/uploads/config'
 import { downloadFile } from '@/lib/uploads/core/storage-service'
@@ -49,7 +49,7 @@ export async function GET(
      return await handleLocalFilePublic(fullPath)
    }

-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success || !authResult.userId) {
      logger.warn('Unauthorized file access attempt', {
--- a/apps/sim/app/api/function/execute/route.ts
+++ b/apps/sim/app/api/function/execute/route.ts
@@ -845,8 +845,6 @@ export async function POST(req: NextRequest) {
      contextVariables,
      timeoutMs: timeout,
      requestId,
-      ownerKey: `user:${auth.userId}`,
-      ownerWeight: 1,
    })

    const executionTime = Date.now() - startTime
--- a/apps/sim/app/api/guardrails/validate/route.ts
+++ b/apps/sim/app/api/guardrails/validate/route.ts
@@ -23,16 +23,7 @@ export async function POST(request: NextRequest) {
      topK,
      model,
      apiKey,
-      azureEndpoint,
-      azureApiVersion,
-      vertexProject,
-      vertexLocation,
-      vertexCredential,
-      bedrockAccessKeyId,
-      bedrockSecretKey,
-      bedrockRegion,
      workflowId,
-      workspaceId,
      piiEntityTypes,
      piiMode,
      piiLanguage,
@@ -119,18 +110,7 @@ export async function POST(request: NextRequest) {
      topK,
      model,
      apiKey,
-      {
-        azureEndpoint,
-        azureApiVersion,
-        vertexProject,
-        vertexLocation,
-        vertexCredential,
-        bedrockAccessKeyId,
-        bedrockSecretKey,
-        bedrockRegion,
-      },
      workflowId,
-      workspaceId,
      piiEntityTypes,
      piiMode,
      piiLanguage,
@@ -198,18 +178,7 @@ async function executeValidation(
  topK: string | undefined,
  model: string,
  apiKey: string | undefined,
-  providerCredentials: {
-    azureEndpoint?: string
-    azureApiVersion?: string
-    vertexProject?: string
-    vertexLocation?: string
-    vertexCredential?: string
-    bedrockAccessKeyId?: string
-    bedrockSecretKey?: string
-    bedrockRegion?: string
-  },
  workflowId: string | undefined,
-  workspaceId: string | undefined,
  piiEntityTypes: string[] | undefined,
  piiMode: string | undefined,
  piiLanguage: string | undefined,
@@ -250,9 +219,7 @@ async function executeValidation(
      topK: topK ? Number.parseInt(topK) : 10, // Default topK is 10
      model: model,
      apiKey,
-      providerCredentials,
      workflowId,
-      workspaceId,
      requestId,
    })
  }
--- a/apps/sim/app/api/knowledge/[id]/tag-definitions/route.ts
+++ b/apps/sim/app/api/knowledge/[id]/tag-definitions/route.ts
@@ -2,7 +2,7 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { SUPPORTED_FIELD_TYPES } from '@/lib/knowledge/constants'
 import { createTagDefinition, getTagDefinitions } from '@/lib/knowledge/tags/service'
 import { checkKnowledgeBaseAccess } from '@/app/api/knowledge/utils'
@@ -19,11 +19,19 @@ export async function GET(req: NextRequest, { params }: { params: Promise<{ id:
  try {
    logger.info(`[${requestId}] Getting tag definitions for knowledge base ${knowledgeBaseId}`)

-    const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(req, { requireWorkflowId: false })
    if (!auth.success) {
      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
    }

+    // Only allow session and internal JWT auth (not API key)
+    if (auth.authType === 'api_key') {
+      return NextResponse.json(
+        { error: 'API key auth not supported for this endpoint' },
+        { status: 401 }
+      )
+    }
+
    // For session auth, verify KB access. Internal JWT is trusted.
    if (auth.authType === 'session' && auth.userId) {
      const accessCheck = await checkKnowledgeBaseAccess(knowledgeBaseId, auth.userId)
@@ -56,11 +64,19 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
  try {
    logger.info(`[${requestId}] Creating tag definition for knowledge base ${knowledgeBaseId}`)

-    const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(req, { requireWorkflowId: false })
    if (!auth.success) {
      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
    }

+    // Only allow session and internal JWT auth (not API key)
+    if (auth.authType === 'api_key') {
+      return NextResponse.json(
+        { error: 'API key auth not supported for this endpoint' },
+        { status: 401 }
+      )
+    }
+
    // For session auth, verify KB access. Internal JWT is trusted.
    if (auth.authType === 'session' && auth.userId) {
      const accessCheck = await checkKnowledgeBaseAccess(knowledgeBaseId, auth.userId)
--- a/apps/sim/app/api/logs/execution/[executionId]/route.ts
+++ b/apps/sim/app/api/logs/execution/[executionId]/route.ts
@@ -8,7 +8,7 @@ import {
 import { createLogger } from '@sim/logger'
 import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import type { TraceSpan, WorkflowExecutionLog } from '@/lib/logs/types'

@@ -23,7 +23,7 @@ export async function GET(
  try {
    const { executionId } = await params

-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!authResult.success || !authResult.userId) {
      logger.warn(`[${requestId}] Unauthorized execution data access attempt for: ${executionId}`)
      return NextResponse.json(
--- a/apps/sim/app/api/memory/[id]/route.ts
+++ b/apps/sim/app/api/memory/[id]/route.ts
@@ -4,7 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'

@@ -36,7 +36,7 @@ async function validateMemoryAccess(
  requestId: string,
  action: 'read' | 'write'
 ): Promise<{ userId: string } | { error: NextResponse }> {
-  const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
+  const authResult = await checkHybridAuth(request, { requireWorkflowId: false })
  if (!authResult.success || !authResult.userId) {
    logger.warn(`[${requestId}] Unauthorized memory ${action} attempt`)
    return {
--- a/apps/sim/app/api/memory/route.ts
+++ b/apps/sim/app/api/memory/route.ts
@@ -3,7 +3,7 @@ import { memory } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq, isNull, like } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'

@@ -16,7 +16,7 @@ export async function GET(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkInternalAuth(request)
+    const authResult = await checkHybridAuth(request)
    if (!authResult.success || !authResult.userId) {
      logger.warn(`[${requestId}] Unauthorized memory access attempt`)
      return NextResponse.json(
@@ -89,7 +89,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkInternalAuth(request)
+    const authResult = await checkHybridAuth(request)
    if (!authResult.success || !authResult.userId) {
      logger.warn(`[${requestId}] Unauthorized memory creation attempt`)
      return NextResponse.json(
@@ -228,7 +228,7 @@ export async function DELETE(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkInternalAuth(request)
+    const authResult = await checkHybridAuth(request)
    if (!authResult.success || !authResult.userId) {
      logger.warn(`[${requestId}] Unauthorized memory deletion attempt`)
      return NextResponse.json(
--- a/apps/sim/app/api/permission-groups/[id]/route.ts
+++ b/apps/sim/app/api/permission-groups/[id]/route.ts
@@ -24,7 +24,6 @@ const configSchema = z.object({
  hideFilesTab: z.boolean().optional(),
  disableMcpTools: z.boolean().optional(),
  disableCustomTools: z.boolean().optional(),
-  disableSkills: z.boolean().optional(),
  hideTemplates: z.boolean().optional(),
  disableInvitations: z.boolean().optional(),
  hideDeployApi: z.boolean().optional(),
--- a/apps/sim/app/api/permission-groups/route.ts
+++ b/apps/sim/app/api/permission-groups/route.ts
@@ -25,7 +25,6 @@ const configSchema = z.object({
  hideFilesTab: z.boolean().optional(),
  disableMcpTools: z.boolean().optional(),
  disableCustomTools: z.boolean().optional(),
-  disableSkills: z.boolean().optional(),
  hideTemplates: z.boolean().optional(),
  disableInvitations: z.boolean().optional(),
  hideDeployApi: z.boolean().optional(),
--- a/apps/sim/app/api/skills/route.ts
+++ b/apps/sim/app/api/skills/route.ts
@@ -1,182 +0,0 @@
-import { db } from '@sim/db'
-import { skill } from '@sim/db/schema'
-import { createLogger } from '@sim/logger'
-import { and, desc, eq } from 'drizzle-orm'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { upsertSkills } from '@/lib/workflows/skills/operations'
-import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
-
-const logger = createLogger('SkillsAPI')
-
-const SkillSchema = z.object({
-  skills: z.array(
-    z.object({
-      id: z.string().optional(),
-      name: z
-        .string()
-        .min(1, 'Skill name is required')
-        .max(64)
-        .regex(/^[a-z0-9]+(-[a-z0-9]+)*$/, 'Name must be kebab-case (e.g. my-skill)'),
-      description: z.string().min(1, 'Description is required').max(1024),
-      content: z.string().min(1, 'Content is required').max(50000, 'Content is too large'),
-    })
-  ),
-  workspaceId: z.string().optional(),
-})
-
-/** GET - Fetch all skills for a workspace */
-export async function GET(request: NextRequest) {
-  const requestId = generateRequestId()
-  const searchParams = request.nextUrl.searchParams
-  const workspaceId = searchParams.get('workspaceId')
-
-  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
-    if (!authResult.success || !authResult.userId) {
-      logger.warn(`[${requestId}] Unauthorized skills access attempt`)
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
-    }
-
-    const userId = authResult.userId
-
-    if (!workspaceId) {
-      logger.warn(`[${requestId}] Missing workspaceId`)
-      return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
-    }
-
-    const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
-    if (!userPermission) {
-      logger.warn(`[${requestId}] User ${userId} does not have access to workspace ${workspaceId}`)
-      return NextResponse.json({ error: 'Access denied' }, { status: 403 })
-    }
-
-    const result = await db
-      .select()
-      .from(skill)
-      .where(eq(skill.workspaceId, workspaceId))
-      .orderBy(desc(skill.createdAt))
-
-    return NextResponse.json({ data: result }, { status: 200 })
-  } catch (error) {
-    logger.error(`[${requestId}] Error fetching skills:`, error)
-    return NextResponse.json({ error: 'Failed to fetch skills' }, { status: 500 })
-  }
-}
-
-/** POST - Create or update skills */
-export async function POST(req: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
-    if (!authResult.success || !authResult.userId) {
-      logger.warn(`[${requestId}] Unauthorized skills update attempt`)
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
-    }
-
-    const userId = authResult.userId
-    const body = await req.json()
-
-    try {
-      const { skills, workspaceId } = SkillSchema.parse(body)
-
-      if (!workspaceId) {
-        logger.warn(`[${requestId}] Missing workspaceId in request body`)
-        return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
-      }
-
-      const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
-      if (!userPermission || (userPermission !== 'admin' && userPermission !== 'write')) {
-        logger.warn(
-          `[${requestId}] User ${userId} does not have write permission for workspace ${workspaceId}`
-        )
-        return NextResponse.json({ error: 'Write permission required' }, { status: 403 })
-      }
-
-      const resultSkills = await upsertSkills({
-        skills,
-        workspaceId,
-        userId,
-        requestId,
-      })
-
-      return NextResponse.json({ success: true, data: resultSkills })
-    } catch (validationError) {
-      if (validationError instanceof z.ZodError) {
-        logger.warn(`[${requestId}] Invalid skills data`, {
-          errors: validationError.errors,
-        })
-        return NextResponse.json(
-          { error: 'Invalid request data', details: validationError.errors },
-          { status: 400 }
-        )
-      }
-      if (validationError instanceof Error && validationError.message.includes('already exists')) {
-        return NextResponse.json({ error: validationError.message }, { status: 409 })
-      }
-      throw validationError
-    }
-  } catch (error) {
-    logger.error(`[${requestId}] Error updating skills`, error)
-    return NextResponse.json({ error: 'Failed to update skills' }, { status: 500 })
-  }
-}
-
-/** DELETE - Delete a skill by ID */
-export async function DELETE(request: NextRequest) {
-  const requestId = generateRequestId()
-  const searchParams = request.nextUrl.searchParams
-  const skillId = searchParams.get('id')
-  const workspaceId = searchParams.get('workspaceId')
-
-  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
-    if (!authResult.success || !authResult.userId) {
-      logger.warn(`[${requestId}] Unauthorized skill deletion attempt`)
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
-    }
-
-    const userId = authResult.userId
-
-    if (!skillId) {
-      logger.warn(`[${requestId}] Missing skill ID for deletion`)
-      return NextResponse.json({ error: 'Skill ID is required' }, { status: 400 })
-    }
-
-    if (!workspaceId) {
-      logger.warn(`[${requestId}] Missing workspaceId for deletion`)
-      return NextResponse.json({ error: 'workspaceId is required' }, { status: 400 })
-    }
-
-    const userPermission = await getUserEntityPermissions(userId, 'workspace', workspaceId)
-    if (!userPermission || (userPermission !== 'admin' && userPermission !== 'write')) {
-      logger.warn(
-        `[${requestId}] User ${userId} does not have write permission for workspace ${workspaceId}`
-      )
-      return NextResponse.json({ error: 'Write permission required' }, { status: 403 })
-    }
-
-    const existingSkill = await db.select().from(skill).where(eq(skill.id, skillId)).limit(1)
-
-    if (existingSkill.length === 0) {
-      logger.warn(`[${requestId}] Skill not found: ${skillId}`)
-      return NextResponse.json({ error: 'Skill not found' }, { status: 404 })
-    }
-
-    if (existingSkill[0].workspaceId !== workspaceId) {
-      logger.warn(`[${requestId}] Skill ${skillId} does not belong to workspace ${workspaceId}`)
-      return NextResponse.json({ error: 'Skill not found' }, { status: 404 })
-    }
-
-    await db.delete(skill).where(and(eq(skill.id, skillId), eq(skill.workspaceId, workspaceId)))
-
-    logger.info(`[${requestId}] Deleted skill: ${skillId}`)
-    return NextResponse.json({ success: true })
-  } catch (error) {
-    logger.error(`[${requestId}] Error deleting skill:`, error)
-    return NextResponse.json({ error: 'Failed to delete skill' }, { status: 500 })
-  }
-}
--- a/apps/sim/app/api/tools/a2a/cancel-task/route.ts
+++ b/apps/sim/app/api/tools/a2a/cancel-task/route.ts
@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 const logger = createLogger('A2ACancelTaskAPI')
@@ -20,7 +20,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A cancel task attempt`)
--- a/apps/sim/app/api/tools/a2a/delete-push-notification/route.ts
+++ b/apps/sim/app/api/tools/a2a/delete-push-notification/route.ts
@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 export const dynamic = 'force-dynamic'
@@ -20,7 +20,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(
--- a/apps/sim/app/api/tools/a2a/get-agent-card/route.ts
+++ b/apps/sim/app/api/tools/a2a/get-agent-card/route.ts
@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 export const dynamic = 'force-dynamic'
@@ -18,7 +18,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A get agent card attempt: ${authResult.error}`)
--- a/apps/sim/app/api/tools/a2a/get-push-notification/route.ts
+++ b/apps/sim/app/api/tools/a2a/get-push-notification/route.ts
@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 export const dynamic = 'force-dynamic'
@@ -19,7 +19,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(
--- a/apps/sim/app/api/tools/a2a/get-task/route.ts
+++ b/apps/sim/app/api/tools/a2a/get-task/route.ts
@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 export const dynamic = 'force-dynamic'
@@ -21,7 +21,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A get task attempt: ${authResult.error}`)
--- a/apps/sim/app/api/tools/a2a/resubscribe/route.ts
+++ b/apps/sim/app/api/tools/a2a/resubscribe/route.ts
@@ -10,7 +10,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient, extractTextContent, isTerminalState } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'

 const logger = createLogger('A2AResubscribeAPI')
@@ -27,7 +27,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A resubscribe attempt`)
--- a/apps/sim/app/api/tools/a2a/send-message/route.ts
+++ b/apps/sim/app/api/tools/a2a/send-message/route.ts
@@ -3,7 +3,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient, extractTextContent, isTerminalState } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'

@@ -32,7 +32,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A send message attempt: ${authResult.error}`)
--- a/apps/sim/app/api/tools/a2a/set-push-notification/route.ts
+++ b/apps/sim/app/api/tools/a2a/set-push-notification/route.ts
@@ -2,7 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'

@@ -22,7 +22,7 @@ export async function POST(request: NextRequest) {
  const requestId = generateRequestId()

  try {
-    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const authResult = await checkHybridAuth(request, { requireWorkflowId: false })

    if (!authResult.success) {
      logger.warn(`[${requestId}] Unauthorized A2A set push notification attempt`, {
--- a/apps/sim/app/api/users/me/usage-logs/route.ts
+++ b/apps/sim/app/api/users/me/usage-logs/route.ts
@@ -1,7 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getUserUsageLogs, type UsageLogSource } from '@/lib/billing/core/usage-log'

 const logger = createLogger('UsageLogsAPI')
@@ -20,7 +20,7 @@ const QuerySchema = z.object({
 */
 export async function GET(req: NextRequest) {
  try {
-    const auth = await checkSessionOrInternalAuth(req, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(req, { requireWorkflowId: false })

    if (!auth.success || !auth.userId) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
--- a/apps/sim/app/api/workflows/[id]/execute/route.ts
+++ b/apps/sim/app/api/workflows/[id]/execute/route.ts
@@ -325,11 +325,6 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      requestId
    )

-    // Client-side sessions and personal API keys bill/permission-check the
-    // authenticated user, not the workspace billed account.
-    const useAuthenticatedUserAsActor =
-      isClientSession || (auth.authType === 'api_key' && auth.apiKeyType === 'personal')
-
    const preprocessResult = await preprocessExecution({
      workflowId,
      userId,
@@ -339,7 +334,6 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      checkDeployment: !shouldUseDraftState,
      loggingSession,
      useDraftState: shouldUseDraftState,
-      useAuthenticatedUserAsActor,
    })

    if (!preprocessResult.success) {
--- a/apps/sim/app/workspace/[workspaceId]/logs/components/log-details/components/file-download/file-download.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/logs/components/log-details/components/file-download/file-download.tsx
@@ -74,7 +74,8 @@ function FileCard({ file, isExecutionFile = false, workspaceId }: FileCardProps)
      }

      if (isExecutionFile) {
-        const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
+        const serveUrl =
+          file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
        window.open(serveUrl, '_blank')
        logger.info(`Opened execution file serve URL: ${serveUrl}`)
      } else {
@@ -87,12 +88,16 @@ function FileCard({ file, isExecutionFile = false, workspaceId }: FileCardProps)
          logger.warn(
            `Could not construct viewer URL for file: ${file.name}, falling back to serve URL`
          )
-          const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
+          const serveUrl =
+            file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
          window.open(serveUrl, '_blank')
        }
      }
    } catch (error) {
      logger.error(`Failed to download file ${file.name}:`, error)
+      if (file.url) {
+        window.open(file.url, '_blank')
+      }
    } finally {
      setIsDownloading(false)
    }
@@ -193,7 +198,8 @@ export function FileDownload({
      }

      if (isExecutionFile) {
-        const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
+        const serveUrl =
+          file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=execution`
        window.open(serveUrl, '_blank')
        logger.info(`Opened execution file serve URL: ${serveUrl}`)
      } else {
@@ -206,12 +212,16 @@ export function FileDownload({
          logger.warn(
            `Could not construct viewer URL for file: ${file.name}, falling back to serve URL`
          )
-          const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
+          const serveUrl =
+            file.url || `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace`
          window.open(serveUrl, '_blank')
        }
      }
    } catch (error) {
      logger.error(`Failed to download file ${file.name}:`, error)
+      if (file.url) {
+        window.open(file.url, '_blank')
+      }
    } finally {
      setIsDownloading(false)
    }
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/index.ts
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/index.ts
@@ -24,7 +24,6 @@ export { ResponseFormat } from './response/response-format'
 export { ScheduleInfo } from './schedule-info/schedule-info'
 export { SheetSelectorInput } from './sheet-selector/sheet-selector-input'
 export { ShortInput } from './short-input/short-input'
-export { SkillInput } from './skill-input/skill-input'
 export { SlackSelectorInput } from './slack-selector/slack-selector-input'
 export { SliderInput } from './slider-input/slider-input'
 export { InputFormat } from './starter/input-format'
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/skill-input/skill-input.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/skill-input/skill-input.tsx
@@ -1,194 +0,0 @@
-'use client'
-
-import { useCallback, useMemo, useState } from 'react'
-import { Plus, XIcon } from 'lucide-react'
-import { useParams } from 'next/navigation'
-import { Combobox, type ComboboxOptionGroup } from '@/components/emcn'
-import { AgentSkillsIcon } from '@/components/icons'
-import { useSubBlockValue } from '@/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/hooks/use-sub-block-value'
-import { SkillModal } from '@/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/components/skill-modal'
-import type { SkillDefinition } from '@/hooks/queries/skills'
-import { useSkills } from '@/hooks/queries/skills'
-import { usePermissionConfig } from '@/hooks/use-permission-config'
-
-interface StoredSkill {
-  skillId: string
-  name?: string
-}
-
-interface SkillInputProps {
-  blockId: string
-  subBlockId: string
-  isPreview?: boolean
-  previewValue?: unknown
-  disabled?: boolean
-}
-
-export function SkillInput({
-  blockId,
-  subBlockId,
-  isPreview,
-  previewValue,
-  disabled,
-}: SkillInputProps) {
-  const params = useParams()
-  const workspaceId = params.workspaceId as string
-
-  const { config: permissionConfig } = usePermissionConfig()
-  const { data: workspaceSkills = [] } = useSkills(workspaceId)
-  const [value, setValue] = useSubBlockValue<StoredSkill[]>(blockId, subBlockId)
-  const [showCreateModal, setShowCreateModal] = useState(false)
-  const [editingSkill, setEditingSkill] = useState<SkillDefinition | null>(null)
-  const [open, setOpen] = useState(false)
-
-  const selectedSkills: StoredSkill[] = useMemo(() => {
-    if (isPreview && previewValue) {
-      return Array.isArray(previewValue) ? previewValue : []
-    }
-    return Array.isArray(value) ? value : []
-  }, [isPreview, previewValue, value])
-
-  const selectedIds = useMemo(() => new Set(selectedSkills.map((s) => s.skillId)), [selectedSkills])
-
-  const skillsDisabled = permissionConfig.disableSkills
-
-  const skillGroups = useMemo((): ComboboxOptionGroup[] => {
-    const groups: ComboboxOptionGroup[] = []
-
-    if (!skillsDisabled) {
-      groups.push({
-        items: [
-          {
-            label: 'Create Skill',
-            value: 'action-create-skill',
-            icon: Plus,
-            onSelect: () => {
-              setShowCreateModal(true)
-              setOpen(false)
-            },
-            disabled: isPreview,
-          },
-        ],
-      })
-    }
-
-    const availableSkills = workspaceSkills.filter((s) => !selectedIds.has(s.id))
-    if (!skillsDisabled && availableSkills.length > 0) {
-      groups.push({
-        section: 'Skills',
-        items: availableSkills.map((s) => {
-          return {
-            label: s.name,
-            value: `skill-${s.id}`,
-            icon: AgentSkillsIcon,
-            onSelect: () => {
-              const newSkills: StoredSkill[] = [...selectedSkills, { skillId: s.id, name: s.name }]
-              setValue(newSkills)
-              setOpen(false)
-            },
-          }
-        }),
-      })
-    }
-
-    return groups
-  }, [workspaceSkills, selectedIds, selectedSkills, setValue, isPreview, skillsDisabled])
-
-  const handleRemove = useCallback(
-    (skillId: string) => {
-      const newSkills = selectedSkills.filter((s) => s.skillId !== skillId)
-      setValue(newSkills)
-    },
-    [selectedSkills, setValue]
-  )
-
-  const handleSkillSaved = useCallback(() => {
-    setShowCreateModal(false)
-    setEditingSkill(null)
-  }, [])
-
-  const resolveSkillName = useCallback(
-    (stored: StoredSkill): string => {
-      const found = workspaceSkills.find((s) => s.id === stored.skillId)
-      return found?.name ?? stored.name ?? stored.skillId
-    },
-    [workspaceSkills]
-  )
-
-  return (
-    <>
-      <div className='w-full space-y-[8px]'>
-        <Combobox
-          options={[]}
-          groups={skillGroups}
-          placeholder='Add skill...'
-          disabled={disabled}
-          searchable
-          searchPlaceholder='Search skills...'
-          maxHeight={240}
-          emptyMessage='No skills found'
-          onOpenChange={setOpen}
-        />
-
-        {selectedSkills.length > 0 &&
-          selectedSkills.map((stored) => {
-            const fullSkill = workspaceSkills.find((s) => s.id === stored.skillId)
-            return (
-              <div
-                key={stored.skillId}
-                className='group relative flex flex-col overflow-hidden rounded-[4px] border border-[var(--border-1)] transition-all duration-200 ease-in-out'
-              >
-                <div
-                  className='flex cursor-pointer items-center justify-between gap-[8px] rounded-t-[4px] bg-[var(--surface-4)] px-[8px] py-[6.5px]'
-                  onClick={() => {
-                    if (fullSkill && !disabled && !isPreview) {
-                      setEditingSkill(fullSkill)
-                    }
-                  }}
-                >
-                  <div className='flex min-w-0 flex-1 items-center gap-[8px]'>
-                    <div
-                      className='flex h-[16px] w-[16px] flex-shrink-0 items-center justify-center rounded-[4px]'
-                      style={{ backgroundColor: '#e0e0e0' }}
-                    >
-                      <AgentSkillsIcon className='h-[10px] w-[10px] text-[#333]' />
-                    </div>
-                    <span className='truncate font-medium text-[13px] text-[var(--text-primary)]'>
-                      {resolveSkillName(stored)}
-                    </span>
-                  </div>
-                  <div className='flex flex-shrink-0 items-center gap-[8px]'>
-                    {!disabled && !isPreview && (
-                      <button
-                        type='button'
-                        onClick={(e) => {
-                          e.stopPropagation()
-                          handleRemove(stored.skillId)
-                        }}
-                        className='flex items-center justify-center text-[var(--text-tertiary)] transition-colors hover:text-[var(--text-primary)]'
-                        aria-label='Remove skill'
-                      >
-                        <XIcon className='h-[13px] w-[13px]' />
-                      </button>
-                    )}
-                  </div>
-                </div>
-              </div>
-            )
-          })}
-      </div>
-
-      <SkillModal
-        open={showCreateModal || !!editingSkill}
-        onOpenChange={(isOpen) => {
-          if (!isOpen) {
-            setShowCreateModal(false)
-            setEditingSkill(null)
-          }
-        }}
-        onSave={handleSkillSaved}
-        initialValues={editingSkill ?? undefined}
-      />
-    </>
-  )
-}
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/sub-block.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/sub-block.tsx
@@ -32,7 +32,6 @@ import {
  ScheduleInfo,
  SheetSelectorInput,
  ShortInput,
-  SkillInput,
  SlackSelectorInput,
  SliderInput,
  Switch,
@@ -688,17 +687,6 @@ function SubBlockComponent({
          />
        )

-      case 'skill-input':
-        return (
-          <SkillInput
-            blockId={blockId}
-            subBlockId={config.id}
-            isPreview={isPreview}
-            previewValue={previewValue}
-            disabled={isDisabled}
-          />
-        )
-
      case 'checkbox-list':
        return (
          <CheckboxList
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/hooks/use-editor-subblock-layout.ts
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/hooks/use-editor-subblock-layout.ts
@@ -6,7 +6,6 @@ import {
  isSubBlockVisibleForMode,
 } from '@/lib/workflows/subblocks/visibility'
 import type { BlockConfig, SubBlockConfig, SubBlockType } from '@/blocks/types'
-import { usePermissionConfig } from '@/hooks/use-permission-config'
 import { useWorkflowDiffStore } from '@/stores/workflow-diff'
 import { mergeSubblockState } from '@/stores/workflows/utils'
 import { useWorkflowStore } from '@/stores/workflows/workflow/store'
@@ -36,7 +35,6 @@ export function useEditorSubblockLayout(
  const blockDataFromStore = useWorkflowStore(
    useCallback((state) => state.blocks?.[blockId]?.data, [blockId])
  )
-  const { config: permissionConfig } = usePermissionConfig()

  return useMemo(() => {
    // Guard against missing config or block selection
@@ -102,9 +100,6 @@ export function useEditorSubblockLayout(
    const visibleSubBlocks = (config.subBlocks || []).filter((block) => {
      if (block.hidden) return false

-      // Hide skill-input subblock when skills are disabled via permissions
-      if (block.type === 'skill-input' && permissionConfig.disableSkills) return false
-
      // Check required feature if specified - declarative feature gating
      if (!isSubBlockFeatureEnabled(block)) return false

@@ -154,6 +149,5 @@ export function useEditorSubblockLayout(
    activeWorkflowId,
    isSnapshotView,
    blockDataFromStore,
-    permissionConfig.disableSkills,
  ])
 }
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/workflow-block/workflow-block.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/workflow-block/workflow-block.tsx
@@ -40,7 +40,6 @@ import { useCustomTools } from '@/hooks/queries/custom-tools'
 import { useMcpServers, useMcpToolsQuery } from '@/hooks/queries/mcp'
 import { useCredentialName } from '@/hooks/queries/oauth-credentials'
 import { useReactivateSchedule, useScheduleInfo } from '@/hooks/queries/schedules'
-import { useSkills } from '@/hooks/queries/skills'
 import { useDeployChildWorkflow } from '@/hooks/queries/workflows'
 import { useSelectorDisplayName } from '@/hooks/use-selector-display-name'
 import { useVariablesStore } from '@/stores/panel'
@@ -619,48 +618,6 @@ const SubBlockRow = memo(function SubBlockRow({
    return `${toolNames[0]}, ${toolNames[1]} +${toolNames.length - 2}`
  }, [subBlock?.type, rawValue, customTools, workspaceId])

-  /**
-   * Hydrates skill references to display names.
-   * Resolves skill IDs to their current names from the skills query.
-   */
-  const { data: workspaceSkills = [] } = useSkills(workspaceId || '')
-
-  const skillsDisplayValue = useMemo(() => {
-    if (subBlock?.type !== 'skill-input' || !Array.isArray(rawValue) || rawValue.length === 0) {
-      return null
-    }
-
-    interface StoredSkill {
-      skillId: string
-      name?: string
-    }
-
-    const skillNames = rawValue
-      .map((skill: StoredSkill) => {
-        if (!skill || typeof skill !== 'object') return null
-
-        // Priority 1: Resolve skill name from the skills query (fresh data)
-        if (skill.skillId) {
-          const foundSkill = workspaceSkills.find((s) => s.id === skill.skillId)
-          if (foundSkill?.name) return foundSkill.name
-        }
-
-        // Priority 2: Fall back to stored name (for deleted skills)
-        if (skill.name && typeof skill.name === 'string') return skill.name
-
-        // Priority 3: Use skillId as last resort
-        if (skill.skillId) return skill.skillId
-
-        return null
-      })
-      .filter((name): name is string => !!name)
-
-    if (skillNames.length === 0) return null
-    if (skillNames.length === 1) return skillNames[0]
-    if (skillNames.length === 2) return `${skillNames[0]}, ${skillNames[1]}`
-    return `${skillNames[0]}, ${skillNames[1]} +${skillNames.length - 2}`
-  }, [subBlock?.type, rawValue, workspaceSkills])
-
  const isPasswordField = subBlock?.password === true
  const maskedValue = isPasswordField && value && value !== '-' ? '•••' : null

@@ -670,7 +627,6 @@ const SubBlockRow = memo(function SubBlockRow({
    dropdownLabel ||
    variablesDisplayValue ||
    toolsDisplayValue ||
-    skillsDisplayValue ||
    knowledgeBaseDisplayName ||
    workflowSelectionName ||
    mcpServerDisplayName ||
--- a/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-workflow-execution.ts
+++ b/apps/sim/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-workflow-execution.ts
@@ -491,13 +491,6 @@ export function useWorkflowExecution() {
        updateActiveBlocks(data.blockId, false)
        setBlockRunStatus(data.blockId, 'error')

-        executedBlockIds.add(data.blockId)
-        accumulatedBlockStates.set(data.blockId, {
-          output: { error: data.error },
-          executed: true,
-          executionTime: data.durationMs || 0,
-        })
-
        accumulatedBlockLogs.push(
          createBlockLogEntry(data, { success: false, output: {}, error: data.error })
        )
--- a/apps/sim/app/workspace/[workspaceId]/w/components/preview/components/preview-workflow/preview-workflow.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/preview/components/preview-workflow/preview-workflow.tsx
@@ -349,15 +349,7 @@ export function PreviewWorkflow({
      if (block.type === 'loop' || block.type === 'parallel') {
        const isSelected = selectedBlockId === blockId
        const dimensions = calculateContainerDimensions(blockId, workflowState.blocks)
-
-        // Check for direct error on the subflow block itself (e.g., loop resolution errors)
-        // before falling back to children-derived status
-        const directExecution = blockExecutionMap.get(blockId)
-        const subflowExecutionStatus: ExecutionStatus | undefined =
-          directExecution?.status === 'error'
-            ? 'error'
-            : (getSubflowExecutionStatus(blockId) ??
-              (directExecution ? (directExecution.status as ExecutionStatus) : undefined))
+        const subflowExecutionStatus = getSubflowExecutionStatus(blockId)

        nodeArray.push({
          id: blockId,
--- a/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/index.ts
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/index.ts
@@ -9,7 +9,6 @@ export { Files as FileUploads } from './files/files'
 export { General } from './general/general'
 export { Integrations } from './integrations/integrations'
 export { MCP } from './mcp/mcp'
-export { Skills } from './skills/skills'
 export { Subscription } from './subscription/subscription'
 export { TeamManagement } from './team-management/team-management'
 export { WorkflowMcpServers } from './workflow-mcp-servers/workflow-mcp-servers'
--- a/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/components/skill-modal.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/components/skill-modal.tsx
@@ -1,225 +0,0 @@
-'use client'
-
-import type { ChangeEvent } from 'react'
-import { useEffect, useMemo, useState } from 'react'
-import { useParams } from 'next/navigation'
-import {
-  Button,
-  Input,
-  Label,
-  Modal,
-  ModalBody,
-  ModalContent,
-  ModalFooter,
-  ModalHeader,
-  Textarea,
-} from '@/components/emcn'
-import type { SkillDefinition } from '@/hooks/queries/skills'
-import { useCreateSkill, useUpdateSkill } from '@/hooks/queries/skills'
-
-interface SkillModalProps {
-  open: boolean
-  onOpenChange: (open: boolean) => void
-  onSave: () => void
-  onDelete?: (skillId: string) => void
-  initialValues?: SkillDefinition
-}
-
-const KEBAB_CASE_REGEX = /^[a-z0-9]+(-[a-z0-9]+)*$/
-
-interface FieldErrors {
-  name?: string
-  description?: string
-  content?: string
-  general?: string
-}
-
-export function SkillModal({
-  open,
-  onOpenChange,
-  onSave,
-  onDelete,
-  initialValues,
-}: SkillModalProps) {
-  const params = useParams()
-  const workspaceId = params.workspaceId as string
-
-  const createSkill = useCreateSkill()
-  const updateSkill = useUpdateSkill()
-
-  const [name, setName] = useState('')
-  const [description, setDescription] = useState('')
-  const [content, setContent] = useState('')
-  const [errors, setErrors] = useState<FieldErrors>({})
-  const [saving, setSaving] = useState(false)
-
-  useEffect(() => {
-    if (open) {
-      if (initialValues) {
-        setName(initialValues.name)
-        setDescription(initialValues.description)
-        setContent(initialValues.content)
-      } else {
-        setName('')
-        setDescription('')
-        setContent('')
-      }
-      setErrors({})
-    }
-  }, [open, initialValues])
-
-  const hasChanges = useMemo(() => {
-    if (!initialValues) return true
-    return (
-      name !== initialValues.name ||
-      description !== initialValues.description ||
-      content !== initialValues.content
-    )
-  }, [name, description, content, initialValues])
-
-  const handleSave = async () => {
-    const newErrors: FieldErrors = {}
-
-    if (!name.trim()) {
-      newErrors.name = 'Name is required'
-    } else if (name.length > 64) {
-      newErrors.name = 'Name must be 64 characters or less'
-    } else if (!KEBAB_CASE_REGEX.test(name)) {
-      newErrors.name = 'Name must be kebab-case (e.g. my-skill)'
-    }
-
-    if (!description.trim()) {
-      newErrors.description = 'Description is required'
-    }
-
-    if (!content.trim()) {
-      newErrors.content = 'Content is required'
-    }
-
-    if (Object.keys(newErrors).length > 0) {
-      setErrors(newErrors)
-      return
-    }
-
-    setSaving(true)
-
-    try {
-      if (initialValues) {
-        await updateSkill.mutateAsync({
-          workspaceId,
-          skillId: initialValues.id,
-          updates: { name, description, content },
-        })
-      } else {
-        await createSkill.mutateAsync({
-          workspaceId,
-          skill: { name, description, content },
-        })
-      }
-      onSave()
-    } catch (error) {
-      const message =
-        error instanceof Error && error.message.includes('already exists')
-          ? error.message
-          : 'Failed to save skill. Please try again.'
-      setErrors({ general: message })
-    } finally {
-      setSaving(false)
-    }
-  }
-
-  return (
-    <Modal open={open} onOpenChange={onOpenChange}>
-      <ModalContent size='xl'>
-        <ModalHeader>{initialValues ? 'Edit Skill' : 'Create Skill'}</ModalHeader>
-        <ModalBody>
-          <div className='flex flex-col gap-[16px]'>
-            <div className='flex flex-col gap-[4px]'>
-              <Label htmlFor='skill-name' className='font-medium text-[13px]'>
-                Name
-              </Label>
-              <Input
-                id='skill-name'
-                placeholder='my-skill-name'
-                value={name}
-                onChange={(e) => {
-                  setName(e.target.value)
-                  if (errors.name || errors.general)
-                    setErrors((prev) => ({ ...prev, name: undefined, general: undefined }))
-                }}
-              />
-              {errors.name ? (
-                <p className='text-[12px] text-[var(--text-error)]'>{errors.name}</p>
-              ) : (
-                <span className='text-[11px] text-[var(--text-muted)]'>
-                  Lowercase letters, numbers, and hyphens (e.g. my-skill)
-                </span>
-              )}
-            </div>
-
-            <div className='flex flex-col gap-[4px]'>
-              <Label htmlFor='skill-description' className='font-medium text-[13px]'>
-                Description
-              </Label>
-              <Input
-                id='skill-description'
-                placeholder='What this skill does and when to use it...'
-                value={description}
-                onChange={(e) => {
-                  setDescription(e.target.value)
-                  if (errors.description || errors.general)
-                    setErrors((prev) => ({ ...prev, description: undefined, general: undefined }))
-                }}
-                maxLength={1024}
-              />
-              {errors.description && (
-                <p className='text-[12px] text-[var(--text-error)]'>{errors.description}</p>
-              )}
-            </div>
-
-            <div className='flex flex-col gap-[4px]'>
-              <Label htmlFor='skill-content' className='font-medium text-[13px]'>
-                Content
-              </Label>
-              <Textarea
-                id='skill-content'
-                placeholder='Skill instructions in markdown...'
-                value={content}
-                onChange={(e: ChangeEvent<HTMLTextAreaElement>) => {
-                  setContent(e.target.value)
-                  if (errors.content || errors.general)
-                    setErrors((prev) => ({ ...prev, content: undefined, general: undefined }))
-                }}
-                className='min-h-[200px] resize-y font-mono text-[13px]'
-              />
-              {errors.content && (
-                <p className='text-[12px] text-[var(--text-error)]'>{errors.content}</p>
-              )}
-            </div>
-
-            {errors.general && (
-              <p className='text-[12px] text-[var(--text-error)]'>{errors.general}</p>
-            )}
-          </div>
-        </ModalBody>
-        <ModalFooter className='items-center justify-between'>
-          {initialValues && onDelete ? (
-            <Button variant='destructive' onClick={() => onDelete(initialValues.id)}>
-              Delete
-            </Button>
-          ) : (
-            <div />
-          )}
-          <div className='flex gap-2'>
-            <Button variant='default' onClick={() => onOpenChange(false)}>
-              Cancel
-            </Button>
-            <Button variant='tertiary' onClick={handleSave} disabled={saving || !hasChanges}>
-              {saving ? 'Saving...' : initialValues ? 'Update' : 'Create'}
-            </Button>
-          </div>
-        </ModalFooter>
-      </ModalContent>
-    </Modal>
-  )
-}
--- a/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/skills.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/skills.tsx
@@ -1,219 +0,0 @@
-'use client'
-
-import { useState } from 'react'
-import { createLogger } from '@sim/logger'
-import { Plus, Search } from 'lucide-react'
-import { useParams } from 'next/navigation'
-import {
-  Button,
-  Input,
-  Modal,
-  ModalBody,
-  ModalContent,
-  ModalFooter,
-  ModalHeader,
-} from '@/components/emcn'
-import { Skeleton } from '@/components/ui'
-import { cn } from '@/lib/core/utils/cn'
-import { SkillModal } from '@/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/skills/components/skill-modal'
-import type { SkillDefinition } from '@/hooks/queries/skills'
-import { useDeleteSkill, useSkills } from '@/hooks/queries/skills'
-
-const logger = createLogger('SkillsSettings')
-
-function SkillSkeleton() {
-  return (
-    <div className='flex items-center justify-between gap-[12px]'>
-      <div className='flex min-w-0 flex-col justify-center gap-[1px]'>
-        <Skeleton className='h-[14px] w-[100px]' />
-        <Skeleton className='h-[13px] w-[200px]' />
-      </div>
-      <div className='flex flex-shrink-0 items-center gap-[8px]'>
-        <Skeleton className='h-[30px] w-[40px] rounded-[4px]' />
-        <Skeleton className='h-[30px] w-[54px] rounded-[4px]' />
-      </div>
-    </div>
-  )
-}
-
-export function Skills() {
-  const params = useParams()
-  const workspaceId = params.workspaceId as string
-
-  const { data: skills = [], isLoading, error, refetch: refetchSkills } = useSkills(workspaceId)
-  const deleteSkillMutation = useDeleteSkill()
-
-  const [searchTerm, setSearchTerm] = useState('')
-  const [deletingSkills, setDeletingSkills] = useState<Set<string>>(new Set())
-  const [editingSkill, setEditingSkill] = useState<SkillDefinition | null>(null)
-  const [showAddForm, setShowAddForm] = useState(false)
-  const [skillToDelete, setSkillToDelete] = useState<{ id: string; name: string } | null>(null)
-  const [showDeleteDialog, setShowDeleteDialog] = useState(false)
-
-  const filteredSkills = skills.filter((s) => {
-    if (!searchTerm.trim()) return true
-    const searchLower = searchTerm.toLowerCase()
-    return (
-      s.name.toLowerCase().includes(searchLower) ||
-      s.description.toLowerCase().includes(searchLower)
-    )
-  })
-
-  const handleDeleteClick = (skillId: string) => {
-    const s = skills.find((sk) => sk.id === skillId)
-    if (!s) return
-
-    setSkillToDelete({ id: skillId, name: s.name })
-    setShowDeleteDialog(true)
-  }
-
-  const handleDeleteSkill = async () => {
-    if (!skillToDelete) return
-
-    setDeletingSkills((prev) => new Set(prev).add(skillToDelete.id))
-    setShowDeleteDialog(false)
-
-    try {
-      await deleteSkillMutation.mutateAsync({
-        workspaceId,
-        skillId: skillToDelete.id,
-      })
-      logger.info(`Deleted skill: ${skillToDelete.id}`)
-    } catch (error) {
-      logger.error('Error deleting skill:', error)
-    } finally {
-      setDeletingSkills((prev) => {
-        const next = new Set(prev)
-        next.delete(skillToDelete.id)
-        return next
-      })
-      setSkillToDelete(null)
-    }
-  }
-
-  const handleSkillSaved = () => {
-    setShowAddForm(false)
-    setEditingSkill(null)
-    refetchSkills()
-  }
-
-  const hasSkills = skills && skills.length > 0
-  const showEmptyState = !hasSkills && !showAddForm && !editingSkill
-  const showNoResults = searchTerm.trim() && filteredSkills.length === 0 && skills.length > 0
-
-  return (
-    <>
-      <div className='flex h-full flex-col gap-[16px]'>
-        <div className='flex items-center gap-[8px]'>
-          <div
-            className={cn(
-              'flex flex-1 items-center gap-[8px] rounded-[8px] border border-[var(--border)] bg-transparent px-[8px] py-[5px] transition-colors duration-100 dark:bg-[var(--surface-4)] dark:hover:border-[var(--border-1)] dark:hover:bg-[var(--surface-5)]',
-              isLoading && 'opacity-50'
-            )}
-          >
-            <Search
-              className='h-[14px] w-[14px] flex-shrink-0 text-[var(--text-tertiary)]'
-              strokeWidth={2}
-            />
-            <Input
-              placeholder='Search skills...'
-              value={searchTerm}
-              onChange={(e) => setSearchTerm(e.target.value)}
-              disabled={isLoading}
-              className='h-auto flex-1 border-0 bg-transparent p-0 font-base leading-none placeholder:text-[var(--text-tertiary)] focus-visible:ring-0 focus-visible:ring-offset-0 disabled:cursor-not-allowed disabled:opacity-100'
-            />
-          </div>
-          <Button onClick={() => setShowAddForm(true)} disabled={isLoading} variant='tertiary'>
-            <Plus className='mr-[6px] h-[13px] w-[13px]' />
-            Add
-          </Button>
-        </div>
-
-        <div className='min-h-0 flex-1 overflow-y-auto'>
-          {error ? (
-            <div className='flex h-full flex-col items-center justify-center gap-[8px]'>
-              <p className='text-[#DC2626] text-[11px] leading-tight dark:text-[#F87171]'>
-                {error instanceof Error ? error.message : 'Failed to load skills'}
-              </p>
-            </div>
-          ) : isLoading ? (
-            <div className='flex flex-col gap-[8px]'>
-              <SkillSkeleton />
-              <SkillSkeleton />
-              <SkillSkeleton />
-            </div>
-          ) : showEmptyState ? (
-            <div className='flex h-full items-center justify-center text-[13px] text-[var(--text-muted)]'>
-              Click "Add" above to get started
-            </div>
-          ) : (
-            <div className='flex flex-col gap-[8px]'>
-              {filteredSkills.map((s) => (
-                <div key={s.id} className='flex items-center justify-between gap-[12px]'>
-                  <div className='flex min-w-0 flex-col justify-center gap-[1px]'>
-                    <span className='truncate font-medium text-[14px]'>{s.name}</span>
-                    <p className='truncate text-[13px] text-[var(--text-muted)]'>{s.description}</p>
-                  </div>
-                  <div className='flex flex-shrink-0 items-center gap-[8px]'>
-                    <Button variant='default' onClick={() => setEditingSkill(s)}>
-                      Edit
-                    </Button>
-                    <Button
-                      variant='ghost'
-                      onClick={() => handleDeleteClick(s.id)}
-                      disabled={deletingSkills.has(s.id)}
-                    >
-                      {deletingSkills.has(s.id) ? 'Deleting...' : 'Delete'}
-                    </Button>
-                  </div>
-                </div>
-              ))}
-              {showNoResults && (
-                <div className='py-[16px] text-center text-[13px] text-[var(--text-muted)]'>
-                  No skills found matching "{searchTerm}"
-                </div>
-              )}
-            </div>
-          )}
-        </div>
-      </div>
-
-      <SkillModal
-        open={showAddForm || !!editingSkill}
-        onOpenChange={(open) => {
-          if (!open) {
-            setShowAddForm(false)
-            setEditingSkill(null)
-          }
-        }}
-        onSave={handleSkillSaved}
-        onDelete={(skillId) => {
-          setEditingSkill(null)
-          handleDeleteClick(skillId)
-        }}
-        initialValues={editingSkill ?? undefined}
-      />
-
-      <Modal open={showDeleteDialog} onOpenChange={setShowDeleteDialog}>
-        <ModalContent size='sm'>
-          <ModalHeader>Delete Skill</ModalHeader>
-          <ModalBody>
-            <p className='text-[12px] text-[var(--text-secondary)]'>
-              Are you sure you want to delete{' '}
-              <span className='font-medium text-[var(--text-primary)]'>{skillToDelete?.name}</span>?{' '}
-              <span className='text-[var(--text-error)]'>This action cannot be undone.</span>
-            </p>
-          </ModalBody>
-          <ModalFooter>
-            <Button variant='default' onClick={() => setShowDeleteDialog(false)}>
-              Cancel
-            </Button>
-            <Button variant='destructive' onClick={handleDeleteSkill}>
-              Delete
-            </Button>
-          </ModalFooter>
-        </ModalContent>
-      </Modal>
-    </>
-  )
-}
--- a/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/settings-modal.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/settings-modal.tsx
@@ -34,7 +34,7 @@ import {
  SModalSidebarSection,
  SModalSidebarSectionTitle,
 } from '@/components/emcn'
-import { AgentSkillsIcon, McpIcon } from '@/components/icons'
+import { McpIcon } from '@/components/icons'
 import { useSession } from '@/lib/auth/auth-client'
 import { getSubscriptionStatus } from '@/lib/billing/client'
 import { getEnv, isTruthy } from '@/lib/core/config/env'
@@ -52,7 +52,6 @@ import {
  General,
  Integrations,
  MCP,
-  Skills,
  Subscription,
  TeamManagement,
  WorkflowMcpServers,
@@ -94,7 +93,6 @@ type SettingsSection =
  | 'copilot'
  | 'mcp'
  | 'custom-tools'
-  | 'skills'
  | 'workflow-mcp-servers'
  | 'debug'

@@ -158,7 +156,6 @@ const allNavigationItems: NavigationItem[] = [
  },
  { id: 'integrations', label: 'Integrations', icon: Connections, section: 'tools' },
  { id: 'custom-tools', label: 'Custom Tools', icon: Wrench, section: 'tools' },
-  { id: 'skills', label: 'Skills', icon: AgentSkillsIcon, section: 'tools' },
  { id: 'mcp', label: 'MCP Tools', icon: McpIcon, section: 'tools' },
  { id: 'environment', label: 'Environment', icon: FolderCode, section: 'system' },
  { id: 'apikeys', label: 'API Keys', icon: Key, section: 'system' },
@@ -268,9 +265,6 @@ export function SettingsModal({ open, onOpenChange }: SettingsModalProps) {
      if (item.id === 'custom-tools' && permissionConfig.disableCustomTools) {
        return false
      }
-      if (item.id === 'skills' && permissionConfig.disableSkills) {
-        return false
-      }

      // Self-hosted override allows showing the item when not on hosted
      if (item.selfHostedOverride && !isHosted) {
@@ -562,7 +556,6 @@ export function SettingsModal({ open, onOpenChange }: SettingsModalProps) {
            {effectiveActiveSection === 'copilot' && <Copilot />}
            {effectiveActiveSection === 'mcp' && <MCP initialServerId={pendingMcpServerId} />}
            {effectiveActiveSection === 'custom-tools' && <CustomTools />}
-            {effectiveActiveSection === 'skills' && <Skills />}
            {effectiveActiveSection === 'workflow-mcp-servers' && <WorkflowMcpServers />}
            {effectiveActiveSection === 'debug' && <Debug />}
          </SModalMainBody>
--- a/apps/sim/background/webhook-execution.ts
+++ b/apps/sim/background/webhook-execution.ts
@@ -21,7 +21,6 @@ import { executeWorkflowCore } from '@/lib/workflows/executor/execution-core'
 import { PauseResumeManager } from '@/lib/workflows/executor/human-in-the-loop-manager'
 import { loadDeployedWorkflowState } from '@/lib/workflows/persistence/utils'
 import { getWorkflowById } from '@/lib/workflows/utils'
-import { getBlock } from '@/blocks'
 import { ExecutionSnapshot } from '@/executor/execution/snapshot'
 import type { ExecutionMetadata } from '@/executor/execution/types'
 import { hasExecutionResult } from '@/executor/utils/errors'
@@ -75,21 +74,8 @@ async function processTriggerFileOutputs(
        logger.error(`[${context.requestId}] Error processing ${currentPath}:`, error)
        processed[key] = val
      }
-    } else if (
-      outputDef &&
-      typeof outputDef === 'object' &&
-      (outputDef.type === 'object' || outputDef.type === 'json') &&
-      outputDef.properties
-    ) {
-      // Explicit object schema with properties - recurse into properties
-      processed[key] = await processTriggerFileOutputs(
-        val,
-        outputDef.properties,
-        context,
-        currentPath
-      )
    } else if (outputDef && typeof outputDef === 'object' && !outputDef.type) {
-      // Nested object in schema (flat pattern) - recurse with the nested schema
+      // Nested object in schema - recurse with the nested schema
      processed[key] = await processTriggerFileOutputs(val, outputDef, context, currentPath)
    } else {
      // Not a file output - keep as is
@@ -419,23 +405,11 @@ async function executeWebhookJobInternal(
        const rawSelectedTriggerId = triggerBlock?.subBlocks?.selectedTriggerId?.value
        const rawTriggerId = triggerBlock?.subBlocks?.triggerId?.value

-        let resolvedTriggerId = [rawSelectedTriggerId, rawTriggerId].find(
+        const resolvedTriggerId = [rawSelectedTriggerId, rawTriggerId].find(
          (candidate): candidate is string =>
            typeof candidate === 'string' && isTriggerValid(candidate)
        )

-        if (!resolvedTriggerId) {
-          const blockConfig = getBlock(triggerBlock.type)
-          if (blockConfig?.category === 'triggers' && isTriggerValid(triggerBlock.type)) {
-            resolvedTriggerId = triggerBlock.type
-          } else if (triggerBlock.triggerMode && blockConfig?.triggers?.enabled) {
-            const available = blockConfig.triggers?.available?.[0]
-            if (available && isTriggerValid(available)) {
-              resolvedTriggerId = available
-            }
-          }
-        }
-
        if (resolvedTriggerId) {
          const triggerConfig = getTrigger(resolvedTriggerId)

--- a/apps/sim/blocks/blocks.test.ts
+++ b/apps/sim/blocks/blocks.test.ts
@@ -1,5 +1,6 @@
 import { describe, expect, it, vi } from 'vitest'

+// Use the real registry module, not the global mock from vitest.setup.ts
 vi.unmock('@/blocks/registry')

 import { generateRouterPrompt } from '@/blocks/blocks/router'
@@ -14,7 +15,7 @@ import {
 } from '@/blocks/registry'
 import { AuthMode } from '@/blocks/types'

-describe.concurrent('Blocks Module', () => {
+describe('Blocks Module', () => {
  describe('Registry', () => {
    it('should have a non-empty registry of blocks', () => {
      expect(Object.keys(registry).length).toBeGreaterThan(0)
@@ -408,7 +409,6 @@ describe.concurrent('Blocks Module', () => {
        'workflow-input-mapper',
        'text',
        'router-input',
-        'skill-input',
      ]

      const blocks = getAllBlocks()
--- a/apps/sim/blocks/blocks/agent.ts
+++ b/apps/sim/blocks/blocks/agent.ts
@@ -1,10 +1,11 @@
 import { createLogger } from '@sim/logger'
 import { AgentIcon } from '@/components/icons'
+import { isHosted } from '@/lib/core/config/feature-flags'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
-import { getApiKeyCondition } from '@/blocks/utils'
 import {
  getBaseModelProviders,
+  getHostedModels,
  getMaxTemperature,
  getProviderIcon,
  getReasoningEffortValuesForModel,
@@ -16,6 +17,15 @@ import {
  providers,
  supportsTemperature,
 } from '@/providers/utils'
+
+const getCurrentOllamaModels = () => {
+  return useProvidersStore.getState().providers.ollama.models
+}
+
+const getCurrentVLLMModels = () => {
+  return useProvidersStore.getState().providers.vllm.models
+}
+
 import { useProvidersStore } from '@/stores/providers'
 import type { ToolResponse } from '@/tools/types'

@@ -323,11 +333,11 @@ Return ONLY the JSON array.`,
      id: 'azureApiVersion',
      title: 'Azure API Version',
      type: 'short-input',
-      placeholder: 'Enter API version',
+      placeholder: '2024-07-01-preview',
      connectionDroppable: false,
      condition: {
        field: 'model',
-        value: [...providers['azure-openai'].models, ...providers['azure-anthropic'].models],
+        value: providers['azure-openai'].models,
      },
    },
    {
@@ -397,12 +407,6 @@ Return ONLY the JSON array.`,
      type: 'tool-input',
      defaultValue: [],
    },
-    {
-      id: 'skills',
-      title: 'Skills',
-      type: 'skill-input',
-      defaultValue: [],
-    },
    {
      id: 'apiKey',
      title: 'API Key',
@@ -411,7 +415,23 @@ Return ONLY the JSON array.`,
      password: true,
      connectionDroppable: false,
      required: true,
-      condition: getApiKeyCondition(),
+      // Hide API key for hosted models, Ollama models, vLLM models, Vertex models (uses OAuth), and Bedrock (uses AWS credentials)
+      condition: isHosted
+        ? {
+            field: 'model',
+            value: [...getHostedModels(), ...providers.vertex.models, ...providers.bedrock.models],
+            not: true, // Show for all models EXCEPT those listed
+          }
+        : () => ({
+            field: 'model',
+            value: [
+              ...getCurrentOllamaModels(),
+              ...getCurrentVLLMModels(),
+              ...providers.vertex.models,
+              ...providers.bedrock.models,
+            ],
+            not: true, // Show for all models EXCEPT Ollama, vLLM, Vertex, and Bedrock models
+          }),
    },
    {
      id: 'memoryType',
@@ -689,7 +709,7 @@ Example 3 (Array Input):
    },
    model: { type: 'string', description: 'AI model to use' },
    apiKey: { type: 'string', description: 'Provider API key' },
-    azureEndpoint: { type: 'string', description: 'Azure endpoint URL' },
+    azureEndpoint: { type: 'string', description: 'Azure OpenAI endpoint URL' },
    azureApiVersion: { type: 'string', description: 'Azure API version' },
    vertexProject: { type: 'string', description: 'Google Cloud project ID for Vertex AI' },
    vertexLocation: { type: 'string', description: 'Google Cloud location for Vertex AI' },
@@ -749,7 +769,6 @@ Example 3 (Array Input):
      description: 'Thinking level for models with extended thinking (Anthropic Claude, Gemini 3)',
    },
    tools: { type: 'json', description: 'Available tools configuration' },
-    skills: { type: 'json', description: 'Selected skills configuration' },
  },
  outputs: {
    content: { type: 'string', description: 'Generated response content' },
--- a/apps/sim/blocks/blocks/airweave.ts
+++ b/apps/sim/blocks/blocks/airweave.ts
@@ -1,102 +0,0 @@
-import { AirweaveIcon } from '@/components/icons'
-import type { BlockConfig } from '@/blocks/types'
-import { AuthMode } from '@/blocks/types'
-import type { AirweaveSearchResponse } from '@/tools/airweave/types'
-
-export const AirweaveBlock: BlockConfig<AirweaveSearchResponse> = {
-  type: 'airweave',
-  name: 'Airweave',
-  description: 'Search your synced data collections',
-  authMode: AuthMode.ApiKey,
-  longDescription:
-    'Search across your synced data sources using Airweave. Supports semantic search with hybrid, neural, or keyword retrieval strategies. Optionally generate AI-powered answers from search results.',
-  docsLink: 'https://docs.airweave.ai',
-  category: 'tools',
-  bgColor: '#6366F1',
-  icon: AirweaveIcon,
-  subBlocks: [
-    {
-      id: 'collectionId',
-      title: 'Collection ID',
-      type: 'short-input',
-      placeholder: 'Enter your collection readable ID...',
-      required: true,
-    },
-    {
-      id: 'query',
-      title: 'Search Query',
-      type: 'long-input',
-      placeholder: 'Enter your search query...',
-      required: true,
-    },
-    {
-      id: 'limit',
-      title: 'Max Results',
-      type: 'dropdown',
-      options: [
-        { label: '10', id: '10' },
-        { label: '25', id: '25' },
-        { label: '50', id: '50' },
-        { label: '100', id: '100' },
-      ],
-      value: () => '25',
-    },
-    {
-      id: 'retrievalStrategy',
-      title: 'Retrieval Strategy',
-      type: 'dropdown',
-      options: [
-        { label: 'Hybrid (Default)', id: 'hybrid' },
-        { label: 'Neural', id: 'neural' },
-        { label: 'Keyword', id: 'keyword' },
-      ],
-      value: () => 'hybrid',
-    },
-    {
-      id: 'expandQuery',
-      title: 'Expand Query',
-      type: 'switch',
-      description: 'Generate query variations to improve recall',
-    },
-    {
-      id: 'rerank',
-      title: 'Rerank Results',
-      type: 'switch',
-      description: 'Reorder results for improved relevance using LLM',
-    },
-    {
-      id: 'generateAnswer',
-      title: 'Generate Answer',
-      type: 'switch',
-      description: 'Generate a natural-language answer from results',
-    },
-    {
-      id: 'apiKey',
-      title: 'API Key',
-      type: 'short-input',
-      placeholder: 'Enter your Airweave API key',
-      password: true,
-      required: true,
-    },
-  ],
-  tools: {
-    access: ['airweave_search'],
-  },
-  inputs: {
-    collectionId: { type: 'string', description: 'Airweave collection readable ID' },
-    query: { type: 'string', description: 'Search query text' },
-    apiKey: { type: 'string', description: 'Airweave API key' },
-    limit: { type: 'number', description: 'Maximum number of results' },
-    retrievalStrategy: {
-      type: 'string',
-      description: 'Retrieval strategy (hybrid/neural/keyword)',
-    },
-    expandQuery: { type: 'boolean', description: 'Generate query variations' },
-    rerank: { type: 'boolean', description: 'Rerank results with LLM' },
-    generateAnswer: { type: 'boolean', description: 'Generate AI answer' },
-  },
-  outputs: {
-    results: { type: 'json', description: 'Search results with content and metadata' },
-    completion: { type: 'string', description: 'AI-generated answer (when enabled)' },
-  },
-}
--- a/apps/sim/blocks/blocks/linear.ts
+++ b/apps/sim/blocks/blocks/linear.ts
@@ -810,29 +810,7 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
      placeholder: 'Number of items to return (default: 50)',
      condition: {
        field: 'operation',
-        value: [
-          'linear_read_issues',
-          'linear_search_issues',
-          'linear_list_comments',
-          'linear_list_projects',
-          'linear_list_users',
-          'linear_list_teams',
-          'linear_list_labels',
-          'linear_list_workflow_states',
-          'linear_list_cycles',
-          'linear_list_attachments',
-          'linear_list_issue_relations',
-          'linear_list_favorites',
-          'linear_list_project_updates',
-          'linear_list_notifications',
-          'linear_list_customer_statuses',
-          'linear_list_customer_tiers',
-          'linear_list_customers',
-          'linear_list_customer_requests',
-          'linear_list_project_labels',
-          'linear_list_project_milestones',
-          'linear_list_project_statuses',
-        ],
+        value: ['linear_list_favorites'],
      },
    },
    // Pagination - After (for list operations)
@@ -843,29 +821,7 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
      placeholder: 'Cursor for pagination',
      condition: {
        field: 'operation',
-        value: [
-          'linear_read_issues',
-          'linear_search_issues',
-          'linear_list_comments',
-          'linear_list_projects',
-          'linear_list_users',
-          'linear_list_teams',
-          'linear_list_labels',
-          'linear_list_workflow_states',
-          'linear_list_cycles',
-          'linear_list_attachments',
-          'linear_list_issue_relations',
-          'linear_list_favorites',
-          'linear_list_project_updates',
-          'linear_list_notifications',
-          'linear_list_customers',
-          'linear_list_customer_requests',
-          'linear_list_customer_statuses',
-          'linear_list_customer_tiers',
-          'linear_list_project_labels',
-          'linear_list_project_milestones',
-          'linear_list_project_statuses',
-        ],
+        value: ['linear_list_favorites'],
      },
    },
    // Project health (for project updates)
@@ -1097,6 +1053,28 @@ Return ONLY the description text - no explanations.`,
        value: ['linear_create_customer_request', 'linear_update_customer_request'],
      },
    },
+    // Pagination - first
+    {
+      id: 'first',
+      title: 'Limit',
+      type: 'short-input',
+      placeholder: 'Number of items (default: 50)',
+      condition: {
+        field: 'operation',
+        value: ['linear_list_customers', 'linear_list_customer_requests'],
+      },
+    },
+    // Pagination - after
+    {
+      id: 'after',
+      title: 'After Cursor',
+      type: 'short-input',
+      placeholder: 'Cursor for pagination',
+      condition: {
+        field: 'operation',
+        value: ['linear_list_customers', 'linear_list_customer_requests'],
+      },
+    },
    // Customer ID for get/update/delete/merge operations
    {
      id: 'customerIdTarget',
@@ -1515,8 +1493,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
              teamId: effectiveTeamId || undefined,
              projectId: effectiveProjectId || undefined,
              includeArchived: params.includeArchived,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_get_issue':
@@ -1582,8 +1558,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
              query: params.query.trim(),
              teamId: effectiveTeamId,
              includeArchived: params.includeArchived,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_add_label_to_issue':
@@ -1633,8 +1607,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              issueId: params.issueId.trim(),
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_list_projects':
@@ -1642,8 +1614,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
              ...baseParams,
              teamId: effectiveTeamId,
              includeArchived: params.includeArchived,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_get_project':
@@ -1695,12 +1665,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n

          case 'linear_list_users':
          case 'linear_list_teams':
-            return {
-              ...baseParams,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
-            }
-
          case 'linear_get_viewer':
            return baseParams

@@ -1708,8 +1672,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              teamId: effectiveTeamId,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_create_label':
@@ -1747,8 +1709,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              teamId: effectiveTeamId,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_create_workflow_state':
@@ -1778,8 +1738,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              teamId: effectiveTeamId,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_get_cycle':
@@ -1843,8 +1801,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              issueId: params.issueId.trim(),
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_update_attachment':
@@ -1884,8 +1840,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              issueId: params.issueId.trim(),
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_delete_issue_relation':
@@ -1932,16 +1886,10 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              projectId: effectiveProjectId,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_list_notifications':
-            return {
-              ...baseParams,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
-            }
+            return baseParams

          case 'linear_update_notification':
            if (!params.notificationId?.trim()) {
@@ -2070,9 +2018,9 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              name: params.statusName.trim(),
+              displayName: params.statusDisplayName?.trim() || params.statusName.trim(),
              color: params.statusColor.trim(),
              description: params.statusDescription?.trim() || undefined,
-              displayName: params.statusDisplayName?.trim() || undefined,
            }

          case 'linear_update_customer_status':
@@ -2083,9 +2031,9 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
              ...baseParams,
              statusId: params.statusId.trim(),
              name: params.statusName?.trim() || undefined,
+              displayName: params.statusDisplayName?.trim() || undefined,
              color: params.statusColor?.trim() || undefined,
              description: params.statusDescription?.trim() || undefined,
-              displayName: params.statusDisplayName?.trim() || undefined,
            }

          case 'linear_delete_customer_status':
@@ -2098,11 +2046,7 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            }

          case 'linear_list_customer_statuses':
-            return {
-              ...baseParams,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
-            }
+            return baseParams

          // Customer Tier Operations
          case 'linear_create_customer_tier':
@@ -2140,11 +2084,7 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            }

          case 'linear_list_customer_tiers':
-            return {
-              ...baseParams,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
-            }
+            return baseParams

          // Project Management Operations
          case 'linear_delete_project':
@@ -2195,8 +2135,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              projectId: effectiveProjectId || undefined,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          case 'linear_add_label_to_project':
@@ -2260,8 +2198,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            return {
              ...baseParams,
              projectId: params.projectIdForMilestone.trim(),
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
            }

          // Project Status Operations
@@ -2309,11 +2245,7 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
            }

          case 'linear_list_project_statuses':
-            return {
-              ...baseParams,
-              first: params.first ? Number(params.first) : undefined,
-              after: params.after,
-            }
+            return baseParams

          default:
            return baseParams
@@ -2389,9 +2321,9 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
    // Customer status and tier inputs
    statusId: { type: 'string', description: 'Status identifier' },
    statusName: { type: 'string', description: 'Status name' },
+    statusDisplayName: { type: 'string', description: 'Status display name' },
    statusColor: { type: 'string', description: 'Status color in hex format' },
    statusDescription: { type: 'string', description: 'Status description' },
-    statusDisplayName: { type: 'string', description: 'Status display name' },
    tierId: { type: 'string', description: 'Tier identifier' },
    tierName: { type: 'string', description: 'Tier name' },
    tierDisplayName: { type: 'string', description: 'Tier display name' },
--- a/apps/sim/blocks/blocks/translate.ts
+++ b/apps/sim/blocks/blocks/translate.ts
@@ -76,9 +76,8 @@ export const TranslateBlock: BlockConfig = {
        vertexProject: params.vertexProject,
        vertexLocation: params.vertexLocation,
        vertexCredential: params.vertexCredential,
-        bedrockAccessKeyId: params.bedrockAccessKeyId,
-        bedrockSecretKey: params.bedrockSecretKey,
        bedrockRegion: params.bedrockRegion,
+        bedrockSecretKey: params.bedrockSecretKey,
      }),
    },
  },
--- a/apps/sim/blocks/blocks/workflow.ts
+++ b/apps/sim/blocks/blocks/workflow.ts
@@ -42,7 +42,6 @@ export const WorkflowBlock: BlockConfig = {
  outputs: {
    success: { type: 'boolean', description: 'Execution success status' },
    childWorkflowName: { type: 'string', description: 'Child workflow name' },
-    childWorkflowId: { type: 'string', description: 'Child workflow ID' },
    result: { type: 'json', description: 'Workflow execution result' },
    error: { type: 'string', description: 'Error message' },
    childTraceSpans: {
--- a/apps/sim/blocks/blocks/workflow_input.ts
+++ b/apps/sim/blocks/blocks/workflow_input.ts
@@ -41,7 +41,6 @@ export const WorkflowInputBlock: BlockConfig = {
  outputs: {
    success: { type: 'boolean', description: 'Execution success status' },
    childWorkflowName: { type: 'string', description: 'Child workflow name' },
-    childWorkflowId: { type: 'string', description: 'Child workflow ID' },
    result: { type: 'json', description: 'Workflow execution result' },
    error: { type: 'string', description: 'Error message' },
    childTraceSpans: {
--- a/apps/sim/blocks/registry.ts
+++ b/apps/sim/blocks/registry.ts
@@ -2,7 +2,6 @@ import { A2ABlock } from '@/blocks/blocks/a2a'
 import { AgentBlock } from '@/blocks/blocks/agent'
 import { AhrefsBlock } from '@/blocks/blocks/ahrefs'
 import { AirtableBlock } from '@/blocks/blocks/airtable'
-import { AirweaveBlock } from '@/blocks/blocks/airweave'
 import { ApiBlock } from '@/blocks/blocks/api'
 import { ApiTriggerBlock } from '@/blocks/blocks/api_trigger'
 import { ApifyBlock } from '@/blocks/blocks/apify'
@@ -168,7 +167,6 @@ export const registry: Record<string, BlockConfig> = {
  agent: AgentBlock,
  ahrefs: AhrefsBlock,
  airtable: AirtableBlock,
-  airweave: AirweaveBlock,
  api: ApiBlock,
  api_trigger: ApiTriggerBlock,
  apify: ApifyBlock,
--- a/apps/sim/blocks/types.ts
+++ b/apps/sim/blocks/types.ts
@@ -51,7 +51,6 @@ export type SubBlockType =
  | 'code' // Code editor
  | 'switch' // Toggle button
  | 'tool-input' // Tool configuration
-  | 'skill-input' // Skill selection for agent blocks
  | 'checkbox-list' // Multiple selection
  | 'grouped-checkbox-list' // Grouped, scrollable checkbox list with select all
  | 'condition-input' // Conditional logic
@@ -208,7 +207,7 @@ export interface SubBlockConfig {
          not?: boolean
        }
      }
-    | ((values?: Record<string, unknown>) => {
+    | (() => {
        field: string
        value: string | number | boolean | Array<string | number | boolean>
        not?: boolean
@@ -261,7 +260,7 @@ export interface SubBlockConfig {
          not?: boolean
        }
      }
-    | ((values?: Record<string, unknown>) => {
+    | (() => {
        field: string
        value: string | number | boolean | Array<string | number | boolean>
        not?: boolean
--- a/apps/sim/blocks/utils.ts
+++ b/apps/sim/blocks/utils.ts
@@ -1,6 +1,6 @@
 import { isHosted } from '@/lib/core/config/feature-flags'
 import type { BlockOutput, OutputFieldDefinition, SubBlockConfig } from '@/blocks/types'
-import { getHostedModels, getProviderFromModel, providers } from '@/providers/utils'
+import { getHostedModels, providers } from '@/providers/utils'
 import { useProvidersStore } from '@/stores/providers/store'

 /**
@@ -48,54 +48,11 @@ const getCurrentOllamaModels = () => {
  return useProvidersStore.getState().providers.ollama.models
 }

-function buildModelVisibilityCondition(model: string, shouldShow: boolean) {
-  if (!model) {
-    return { field: 'model', value: '__no_model_selected__' }
-  }
-
-  return shouldShow ? { field: 'model', value: model } : { field: 'model', value: model, not: true }
-}
-
-function shouldRequireApiKeyForModel(model: string): boolean {
-  const normalizedModel = model.trim().toLowerCase()
-  if (!normalizedModel) return false
-
-  const hostedModels = getHostedModels()
-  const isHostedModel = hostedModels.some(
-    (hostedModel) => hostedModel.toLowerCase() === normalizedModel
-  )
-  if (isHosted && isHostedModel) return false
-
-  if (normalizedModel.startsWith('vertex/') || normalizedModel.startsWith('bedrock/')) {
-    return false
-  }
-
-  if (normalizedModel.startsWith('vllm/')) {
-    return false
-  }
-
-  const currentOllamaModels = getCurrentOllamaModels()
-  if (currentOllamaModels.some((ollamaModel) => ollamaModel.toLowerCase() === normalizedModel)) {
-    return false
-  }
-
-  if (!isHosted) {
-    try {
-      const providerId = getProviderFromModel(model)
-      if (
-        providerId === 'ollama' ||
-        providerId === 'vllm' ||
-        providerId === 'vertex' ||
-        providerId === 'bedrock'
-      ) {
-        return false
-      }
-    } catch {
-      // If model resolution fails, fall through and require an API key.
-    }
-  }
-
-  return true
+/**
+ * Helper to get current vLLM models from store
+ */
+const getCurrentVLLMModels = () => {
+  return useProvidersStore.getState().providers.vllm.models
 }

 /**
@@ -103,16 +60,27 @@ function shouldRequireApiKeyForModel(model: string): boolean {
 * Handles hosted vs self-hosted environments and excludes providers that don't need API key.
 */
 export function getApiKeyCondition() {
-  return (values?: Record<string, unknown>) => {
-    const model = typeof values?.model === 'string' ? values.model : ''
-    const shouldShow = shouldRequireApiKeyForModel(model)
-    return buildModelVisibilityCondition(model, shouldShow)
-  }
+  return isHosted
+    ? {
+        field: 'model',
+        value: [...getHostedModels(), ...providers.vertex.models, ...providers.bedrock.models],
+        not: true,
+      }
+    : () => ({
+        field: 'model',
+        value: [
+          ...getCurrentOllamaModels(),
+          ...getCurrentVLLMModels(),
+          ...providers.vertex.models,
+          ...providers.bedrock.models,
+        ],
+        not: true,
+      })
 }

 /**
 * Returns the standard provider credential subblocks used by LLM-based blocks.
- * This includes: Vertex AI OAuth, API Key, Azure (OpenAI + Anthropic), Vertex AI config, and Bedrock config.
+ * This includes: Vertex AI OAuth, API Key, Azure OpenAI, Vertex AI config, and Bedrock config.
 *
 * Usage: Spread into your block's subBlocks array after block-specific fields
 */
@@ -143,25 +111,25 @@ export function getProviderCredentialSubBlocks(): SubBlockConfig[] {
    },
    {
      id: 'azureEndpoint',
-      title: 'Azure Endpoint',
+      title: 'Azure OpenAI Endpoint',
      type: 'short-input',
      password: true,
-      placeholder: 'https://your-resource.services.ai.azure.com',
+      placeholder: 'https://your-resource.openai.azure.com',
      connectionDroppable: false,
      condition: {
        field: 'model',
-        value: [...providers['azure-openai'].models, ...providers['azure-anthropic'].models],
+        value: providers['azure-openai'].models,
      },
    },
    {
      id: 'azureApiVersion',
      title: 'Azure API Version',
      type: 'short-input',
-      placeholder: 'Enter API version',
+      placeholder: '2024-07-01-preview',
      connectionDroppable: false,
      condition: {
        field: 'model',
-        value: [...providers['azure-openai'].models, ...providers['azure-anthropic'].models],
+        value: providers['azure-openai'].models,
      },
    },
    {
@@ -234,7 +202,7 @@ export function getProviderCredentialSubBlocks(): SubBlockConfig[] {
 */
 export const PROVIDER_CREDENTIAL_INPUTS = {
  apiKey: { type: 'string', description: 'Provider API key' },
-  azureEndpoint: { type: 'string', description: 'Azure endpoint URL' },
+  azureEndpoint: { type: 'string', description: 'Azure OpenAI endpoint URL' },
  azureApiVersion: { type: 'string', description: 'Azure API version' },
  vertexProject: { type: 'string', description: 'Google Cloud project ID for Vertex AI' },
  vertexLocation: { type: 'string', description: 'Google Cloud location for Vertex AI' },
--- a/apps/sim/components/icons.tsx
+++ b/apps/sim/components/icons.tsx
@@ -1131,32 +1131,6 @@ export function AirtableIcon(props: SVGProps<SVGSVGElement>) {
  )
 }

-export function AirweaveIcon(props: SVGProps<SVGSVGElement>) {
-  return (
-    <svg
-      {...props}
-      width='143'
-      height='143'
-      viewBox='0 0 143 143'
-      fill='none'
-      xmlns='http://www.w3.org/2000/svg'
-    >
-      <path
-        d='M89.8854 128.872C79.9165 123.339 66.7502 115.146 60.5707 107.642L60.0432 107.018C58.7836 105.5 57.481 104.014 56.1676 102.593C51.9152 97.9641 47.3614 93.7978 42.646 90.2021C40.7405 88.7487 38.7704 87.3492 36.8111 86.0789C35.7991 85.4222 34.8302 84.8193 33.9151 84.2703C31.6221 82.903 28.8338 82.5263 26.2716 83.2476C23.8385 83.9366 21.89 85.5406 20.7596 87.7476C18.5634 92.0323 20.0814 97.3289 24.2046 99.805C27.5204 101.786 30.7608 104.111 33.8398 106.717C34.2381 107.05 34.3996 107.578 34.2596 108.062C33.1292 112.185 31.9989 118.957 31.5682 121.67C30.6424 127.429 33.4737 133.081 38.5982 135.751L38.7812 135.848C41.0204 137 43.6472 136.946 45.8219 135.697C47.9858 134.459 49.353 132.231 49.4822 129.733C49.536 128.657 49.6006 127.58 49.676 126.59C49.719 126.062 50.042 125.632 50.5264 125.459C50.6772 125.406 50.8494 125.373 51.0001 125.373C51.3554 125.373 51.6784 125.513 51.9475 125.782C56.243 130.185 60.8829 134.169 65.7167 137.625C70.3674 140.951 75.8686 142.706 81.639 142.706C83.7383 142.706 85.8376 142.469 87.8938 141.995L88.1199 141.942C90.9943 141.274 93.029 139.024 93.4488 136.085C93.8687 133.146 92.4476 130.315 89.8747 128.883H89.8639L89.8854 128.872Z'
-        fill='currentColor'
-      />
-      <path
-        d='M142.551 58.1747L142.529 58.0563C142.045 55.591 140.118 53.7069 137.598 53.2548C135.112 52.8134 132.754 53.8577 131.484 55.9893L131.408 56.1077C126.704 64.1604 120.061 71.6101 111.653 78.2956C109.446 80.0504 107.293 81.902 105.226 83.8075C103.644 85.2717 101.265 85.53 99.4452 84.4212C97.6474 83.3339 95.8495 82.1389 94.1055 80.8686C90.3268 78.1233 86.6772 74.9475 83.2753 71.4271C81.4989 69.597 79.798 67.6915 78.1939 65.7321C76.0408 63.1161 73.7477 60.5539 71.3685 58.1316C66.3195 52.9857 56.6089 45.9127 53.7453 43.878C53.3792 43.6304 53.1639 43.2428 53.0993 42.8014C53.0455 42.3601 53.1639 41.9509 53.4546 41.6064C55.274 39.4318 56.9965 37.1818 58.5683 34.921C60.2369 32.5311 60.786 29.6028 60.0862 26.8899C59.408 24.2523 57.6424 22.11 55.134 20.8827C50.9139 18.7942 45.8972 20.0968 43.2273 23.9293C40.8373 27.3636 38.0167 30.7332 34.8732 33.9306C34.5718 34.232 34.1304 34.3397 33.7213 34.1889C30.5239 33.1447 27.2296 32.2942 23.9461 31.659C23.7093 31.616 23.354 31.5514 22.9126 31.4975C16.4102 30.5286 10.1123 33.7798 7.21639 39.5717L7.1195 39.7548C6.18289 41.628 6.26902 43.8349 7.32405 45.6651C8.40061 47.5167 10.3277 48.701 12.4592 48.8194C13.4604 48.8732 14.4401 48.9378 15.3659 49.0024C15.7966 49.0347 16.1411 49.2823 16.3025 49.6914C16.4533 50.1112 16.3671 50.5419 16.0657 50.8541C12.147 54.8804 8.60515 59.1974 5.5262 63.6867C1.1446 70.0814 -0.481008 78.2095 1.08 85.9822L1.10154 86.1006C1.70441 89.0719 4.05131 91.2035 7.07644 91.5264C9.98315 91.8386 12.6099 90.3208 13.7619 87.6724L13.8265 87.5109C18.6925 75.8625 26.7559 65.5168 37.7907 56.7536C38.3182 56.3445 39.0072 56.28 39.567 56.5922C45.3373 59.768 50.8601 63.902 55.9738 68.8864C56.5982 69.4893 56.6089 70.5013 56.0168 71.1257C53.4761 73.8063 51.0862 76.6054 48.9115 79.469C47.2106 81.7083 47.5335 84.8949 49.6221 86.7358L53.3254 89.9977L53.2824 90.0409C53.8637 90.5576 54.445 91.0744 55.0264 91.5911L55.8123 92.194C56.9319 93.1844 58.3529 93.6365 59.8386 93.4858C61.3027 93.3351 62.67 92.56 63.5635 91.3758C65.1353 89.2873 66.8578 87.2525 68.6556 85.304C68.957 84.9702 69.3661 84.798 69.8075 84.7872C70.2705 84.7872 70.6257 84.9379 70.9164 85.2286C75.8147 90.0624 81.1114 94.3686 86.6772 97.9966C88.8626 99.4176 89.4978 102.26 88.1306 104.477C86.9248 106.448 85.7729 108.493 84.7179 110.539C83.5014 112.918 83.2968 115.738 84.1688 118.257C84.9978 120.68 86.7095 122.585 88.981 123.64C90.2514 124.232 91.5971 124.534 92.9859 124.534C96.5062 124.534 99.682 122.596 101.286 119.452C102.729 116.61 104.419 113.8 106.281 111.131C107.369 109.559 109.36 108.838 111.255 109.322C115.26 110.355 120.643 111.421 124.454 112.143C128.308 112.864 132.119 111.023 133.96 107.578L134.143 107.233C135.521 104.628 135.531 101.506 134.164 98.8901C132.786 96.2526 130.181 94.4655 127.21 94.121C126.478 94.0349 125.778 93.9488 125.11 93.8626C124.97 93.8411 124.852 93.8196 124.744 93.798L123.356 93.4751L124.357 92.4523C124.432 92.377 124.529 92.2801 124.658 92.194C128.771 88.8028 132.571 85.1963 135.962 81.4714C141.668 75.1951 144.122 66.4965 142.518 58.1747H142.529H142.551Z'
-        fill='currentColor'
-      />
-      <path
-        d='M56.6506 14.3371C65.5861 19.6338 77.4067 27.3743 82.9833 34.1674C83.64 34.9532 84.2967 35.7391 84.9534 36.4927C86.1591 37.8815 86.2991 39.8731 85.2979 41.4233C83.4892 44.2116 81.4115 46.9569 79.1399 49.5945C77.4713 51.5107 77.4067 54.3098 78.9785 56.2476L79.0431 56.323C79.2261 56.5598 79.4306 56.8074 79.6136 57.0442C81.2931 59.1758 83.0801 61.2213 84.9211 63.1375C85.9007 64.1603 87.2249 64.7309 88.6352 64.7309L88.7644 65.5275L88.7429 64.7309C90.207 64.6986 91.6173 64.0526 92.5969 62.933C94.8362 60.4031 96.9247 57.744 98.8302 55.0633C100.133 53.2224 102.63 52.8026 104.525 54.1052C106.463 55.4402 108.465 56.7105 110.457 57.8839C112.793 59.2511 115.614 59.5095 118.165 58.5621C120.749 57.604 122.762 55.5694 123.656 52.9533C125.055 48.9055 123.257 44.2547 119.382 41.9078C116.755 40.3145 114.15 38.5166 111.674 36.5788C110.382 35.5561 109.833 33.8767 110.296 32.2941C111.437 28.3001 112.481 23.1218 113.148 19.4831C113.837 15.7259 112.147 11.8826 108.939 9.94477L108.562 9.72944C105.871 8.12537 102.587 8.00696 99.7668 9.40649C96.9247 10.8168 95.03 13.5405 94.6855 16.6733L94.6639 16.867C94.6209 17.2546 94.384 17.5453 94.018 17.6637C93.652 17.7821 93.2859 17.6852 93.0168 17.4269C89.0012 13.1422 84.738 9.25576 80.3134 5.8646C74.3708 1.31075 66.7811 -0.583999 59.4928 0.675575L59.1805 0.729423C56.1124 1.2677 53.7547 3.60383 53.1949 6.68279C52.6351 9.72946 53.9915 12.7223 56.6722 14.3048H56.6614L56.6506 14.3371Z'
-        fill='currentColor'
-      />
-    </svg>
-  )
-}
-
 export function GoogleDocsIcon(props: SVGProps<SVGSVGElement>) {
  return (
    <svg
@@ -5462,24 +5436,3 @@ export function EnrichSoIcon(props: SVGProps<SVGSVGElement>) {
    </svg>
  )
 }
-
-export function AgentSkillsIcon(props: SVGProps<SVGSVGElement>) {
-  return (
-    <svg
-      {...props}
-      xmlns='http://www.w3.org/2000/svg'
-      width='16'
-      height='16'
-      viewBox='0 0 16 16'
-      fill='none'
-    >
-      <path
-        d='M8 1L14.0622 4.5V11.5L8 15L1.93782 11.5V4.5L8 1Z'
-        stroke='currentColor'
-        strokeWidth='1.5'
-        fill='none'
-      />
-      <path d='M8 4.5L11 6.25V9.75L8 11.5L5 9.75V6.25L8 4.5Z' fill='currentColor' />
-    </svg>
-  )
-}
--- a/apps/sim/ee/access-control/components/access-control.tsx
+++ b/apps/sim/ee/access-control/components/access-control.tsx
@@ -367,12 +367,6 @@ export function AccessControl() {
        category: 'Tools',
        configKey: 'disableCustomTools' as const,
      },
-      {
-        id: 'disable-skills',
-        label: 'Skills',
-        category: 'Tools',
-        configKey: 'disableSkills' as const,
-      },
      {
        id: 'hide-trace-spans',
        label: 'Trace Spans',
@@ -956,7 +950,6 @@ export function AccessControl() {
                            !editingConfig?.hideFilesTab &&
                            !editingConfig?.disableMcpTools &&
                            !editingConfig?.disableCustomTools &&
-                            !editingConfig?.disableSkills &&
                            !editingConfig?.hideTraceSpans &&
                            !editingConfig?.disableInvitations &&
                            !editingConfig?.hideDeployApi &&
@@ -976,7 +969,6 @@ export function AccessControl() {
                                  hideFilesTab: allVisible,
                                  disableMcpTools: allVisible,
                                  disableCustomTools: allVisible,
-                                  disableSkills: allVisible,
                                  hideTraceSpans: allVisible,
                                  disableInvitations: allVisible,
                                  hideDeployApi: allVisible,
@@ -997,7 +989,6 @@ export function AccessControl() {
                        !editingConfig?.hideFilesTab &&
                        !editingConfig?.disableMcpTools &&
                        !editingConfig?.disableCustomTools &&
-                        !editingConfig?.disableSkills &&
                        !editingConfig?.hideTraceSpans &&
                        !editingConfig?.disableInvitations &&
                        !editingConfig?.hideDeployApi &&
--- a/apps/sim/ee/access-control/utils/permission-check.ts
+++ b/apps/sim/ee/access-control/utils/permission-check.ts
@@ -43,13 +43,6 @@ export class CustomToolsNotAllowedError extends Error {
  }
 }

-export class SkillsNotAllowedError extends Error {
-  constructor() {
-    super('Skills are not allowed based on your permission group settings')
-    this.name = 'SkillsNotAllowedError'
-  }
-}
-
 export class InvitationsNotAllowedError extends Error {
  constructor() {
    super('Invitations are not allowed based on your permission group settings')
@@ -208,26 +201,6 @@ export async function validateCustomToolsAllowed(
  }
 }

-export async function validateSkillsAllowed(
-  userId: string | undefined,
-  ctx?: ExecutionContext
-): Promise<void> {
-  if (!userId) {
-    return
-  }
-
-  const config = await getPermissionConfig(userId, ctx)
-
-  if (!config) {
-    return
-  }
-
-  if (config.disableSkills) {
-    logger.warn('Skills blocked by permission group', { userId })
-    throw new SkillsNotAllowedError()
-  }
-}
-
 /**
 * Validates if the user is allowed to send invitations.
 * Also checks the global feature flag.
--- a/apps/sim/executor/execution/edge-manager.test.ts
+++ b/apps/sim/executor/execution/edge-manager.test.ts
@@ -2478,9 +2478,6 @@ describe('EdgeManager', () => {
      expect(readyNodes).toContain(otherBranchId)
      expect(readyNodes).not.toContain(sentinelStartId)

-      // sentinel_end should NOT be ready - it's on a fully deactivated path
-      expect(readyNodes).not.toContain(sentinelEndId)
-
      // afterLoop should NOT be ready - its incoming edge from sentinel_end should be deactivated
      expect(readyNodes).not.toContain(afterLoopId)

@@ -2548,84 +2545,6 @@ describe('EdgeManager', () => {
      expect(edgeManager.isNodeReady(afterParallelNode)).toBe(true)
    })

-    it('should not queue loop sentinel-end when upstream condition deactivates entire loop branch', () => {
-      // Regression test for: upstream condition → (if) → ... many blocks ... → sentinel_start → body → sentinel_end
-      //                                        → (else) → exit_block
-      // When condition takes "else", the deep cascade deactivation should NOT queue sentinel_end.
-      // Previously, sentinel_end was flagged as a cascadeTarget (terminal control node) and
-      // spuriously queued, causing it to attempt loop scope initialization and fail.
-
-      const conditionId = 'condition'
-      const intermediateId = 'intermediate'
-      const sentinelStartId = 'sentinel-start'
-      const loopBodyId = 'loop-body'
-      const sentinelEndId = 'sentinel-end'
-      const afterLoopId = 'after-loop'
-      const exitBlockId = 'exit-block'
-
-      const conditionNode = createMockNode(conditionId, [
-        { target: intermediateId, sourceHandle: 'condition-if' },
-        { target: exitBlockId, sourceHandle: 'condition-else' },
-      ])
-
-      const intermediateNode = createMockNode(
-        intermediateId,
-        [{ target: sentinelStartId }],
-        [conditionId]
-      )
-
-      const sentinelStartNode = createMockNode(
-        sentinelStartId,
-        [{ target: loopBodyId }],
-        [intermediateId]
-      )
-
-      const loopBodyNode = createMockNode(
-        loopBodyId,
-        [{ target: sentinelEndId }],
-        [sentinelStartId]
-      )
-
-      const sentinelEndNode = createMockNode(
-        sentinelEndId,
-        [
-          { target: sentinelStartId, sourceHandle: 'loop_continue' },
-          { target: afterLoopId, sourceHandle: 'loop_exit' },
-        ],
-        [loopBodyId]
-      )
-
-      const afterLoopNode = createMockNode(afterLoopId, [], [sentinelEndId])
-      const exitBlockNode = createMockNode(exitBlockId, [], [conditionId])
-
-      const nodes = new Map<string, DAGNode>([
-        [conditionId, conditionNode],
-        [intermediateId, intermediateNode],
-        [sentinelStartId, sentinelStartNode],
-        [loopBodyId, loopBodyNode],
-        [sentinelEndId, sentinelEndNode],
-        [afterLoopId, afterLoopNode],
-        [exitBlockId, exitBlockNode],
-      ])
-
-      const dag = createMockDAG(nodes)
-      const edgeManager = new EdgeManager(dag)
-
-      const readyNodes = edgeManager.processOutgoingEdges(conditionNode, {
-        selectedOption: 'else',
-      })
-
-      // Only exitBlock should be ready
-      expect(readyNodes).toContain(exitBlockId)
-
-      // Nothing on the deactivated path should be queued
-      expect(readyNodes).not.toContain(intermediateId)
-      expect(readyNodes).not.toContain(sentinelStartId)
-      expect(readyNodes).not.toContain(loopBodyId)
-      expect(readyNodes).not.toContain(sentinelEndId)
-      expect(readyNodes).not.toContain(afterLoopId)
-    })
-
    it('should still correctly handle normal loop exit (not deactivate when loop runs)', () => {
      // When a loop actually executes and exits normally, after_loop should become ready
      const sentinelStartId = 'sentinel-start'
--- a/apps/sim/executor/execution/edge-manager.ts
+++ b/apps/sim/executor/execution/edge-manager.ts
@@ -71,13 +71,7 @@ export class EdgeManager {

    for (const targetId of cascadeTargets) {
      if (!readyNodes.includes(targetId) && !activatedTargets.includes(targetId)) {
-        // Only queue cascade terminal control nodes when ALL outgoing edges from the
-        // current node were deactivated (dead-end scenario). When some edges are
-        // activated, terminal control nodes on deactivated branches should NOT be
-        // queued - they will be reached through the normal activated path's completion.
-        // This prevents loop/parallel sentinels on fully deactivated paths (e.g., an
-        // upstream condition took a different branch) from being spuriously executed.
-        if (activatedTargets.length === 0 && this.isTargetReady(targetId)) {
+        if (this.isTargetReady(targetId)) {
          readyNodes.push(targetId)
        }
      }
--- a/apps/sim/executor/handlers/agent/agent-handler.ts
+++ b/apps/sim/executor/handlers/agent/agent-handler.ts
@@ -11,15 +11,9 @@ import {
  validateCustomToolsAllowed,
  validateMcpToolsAllowed,
  validateModelProvider,
-  validateSkillsAllowed,
 } from '@/ee/access-control/utils/permission-check'
 import { AGENT, BlockType, DEFAULTS, REFERENCE, stripCustomToolPrefix } from '@/executor/constants'
 import { memoryService } from '@/executor/handlers/agent/memory'
-import {
-  buildLoadSkillTool,
-  buildSkillsSystemPromptSection,
-  resolveSkillMetadata,
-} from '@/executor/handlers/agent/skills-resolver'
 import type {
  AgentInputs,
  Message,
@@ -63,21 +57,8 @@ export class AgentBlockHandler implements BlockHandler {

    const providerId = getProviderFromModel(model)
    const formattedTools = await this.formatTools(ctx, filteredInputs.tools || [])
-
-    // Resolve skill metadata for progressive disclosure
-    const skillInputs = filteredInputs.skills ?? []
-    let skillMetadata: Array<{ name: string; description: string }> = []
-    if (skillInputs.length > 0 && ctx.workspaceId) {
-      await validateSkillsAllowed(ctx.userId, ctx)
-      skillMetadata = await resolveSkillMetadata(skillInputs, ctx.workspaceId)
-      if (skillMetadata.length > 0) {
-        const skillNames = skillMetadata.map((s) => s.name)
-        formattedTools.push(buildLoadSkillTool(skillNames))
-      }
-    }
-
    const streamingConfig = this.getStreamingConfig(ctx, block)
-    const messages = await this.buildMessages(ctx, filteredInputs, skillMetadata)
+    const messages = await this.buildMessages(ctx, filteredInputs)

    const providerRequest = this.buildProviderRequest({
      ctx,
@@ -326,7 +307,6 @@ export class AgentBlockHandler implements BlockHandler {
            _context: {
              workflowId: ctx.workflowId,
              workspaceId: ctx.workspaceId,
-              userId: ctx.userId,
              isDeployedContext: ctx.isDeployedContext,
            },
          },
@@ -378,9 +358,6 @@ export class AgentBlockHandler implements BlockHandler {
      if (ctx.workflowId) {
        params.workflowId = ctx.workflowId
      }
-      if (ctx.userId) {
-        params.userId = ctx.userId
-      }

      const url = buildAPIUrl('/api/tools/custom', params)
      const response = await fetch(url.toString(), {
@@ -491,9 +468,7 @@ export class AgentBlockHandler implements BlockHandler {
      usageControl: tool.usageControl || 'auto',
      executeFunction: async (callParams: Record<string, any>) => {
        const headers = await buildAuthHeaders()
-        const execParams: Record<string, string> = {}
-        if (ctx.userId) execParams.userId = ctx.userId
-        const execUrl = buildAPIUrl('/api/mcp/tools/execute', execParams)
+        const execUrl = buildAPIUrl('/api/mcp/tools/execute')

        const execResponse = await fetch(execUrl.toString(), {
          method: 'POST',
@@ -602,7 +577,6 @@ export class AgentBlockHandler implements BlockHandler {
      serverId,
      workspaceId: ctx.workspaceId,
      workflowId: ctx.workflowId,
-      ...(ctx.userId ? { userId: ctx.userId } : {}),
    })

    const maxAttempts = 2
@@ -677,9 +651,7 @@ export class AgentBlockHandler implements BlockHandler {
      usageControl: tool.usageControl || 'auto',
      executeFunction: async (callParams: Record<string, any>) => {
        const headers = await buildAuthHeaders()
-        const discoverExecParams: Record<string, string> = {}
-        if (ctx.userId) discoverExecParams.userId = ctx.userId
-        const execUrl = buildAPIUrl('/api/mcp/tools/execute', discoverExecParams)
+        const execUrl = buildAPIUrl('/api/mcp/tools/execute')

        const execResponse = await fetch(execUrl.toString(), {
          method: 'POST',
@@ -751,8 +723,7 @@ export class AgentBlockHandler implements BlockHandler {

  private async buildMessages(
    ctx: ExecutionContext,
-    inputs: AgentInputs,
-    skillMetadata: Array<{ name: string; description: string }> = []
+    inputs: AgentInputs
  ): Promise<Message[] | undefined> {
    const messages: Message[] = []
    const memoryEnabled = inputs.memoryType && inputs.memoryType !== 'none'
@@ -832,20 +803,6 @@ export class AgentBlockHandler implements BlockHandler {
      messages.unshift(...systemMessages)
    }

-    // 8. Inject skill metadata into the system message (progressive disclosure)
-    if (skillMetadata.length > 0) {
-      const skillSection = buildSkillsSystemPromptSection(skillMetadata)
-      const systemIdx = messages.findIndex((m) => m.role === 'system')
-      if (systemIdx >= 0) {
-        messages[systemIdx] = {
-          ...messages[systemIdx],
-          content: messages[systemIdx].content + skillSection,
-        }
-      } else {
-        messages.unshift({ role: 'system', content: skillSection.trim() })
-      }
-    }
-
    return messages.length > 0 ? messages : undefined
  }

@@ -1064,7 +1021,6 @@ export class AgentBlockHandler implements BlockHandler {
        responseFormat: providerRequest.responseFormat,
        workflowId: providerRequest.workflowId,
        workspaceId: ctx.workspaceId,
-        userId: ctx.userId,
        stream: providerRequest.stream,
        messages: 'messages' in providerRequest ? providerRequest.messages : undefined,
        environmentVariables: ctx.environmentVariables || {},
--- a/apps/sim/executor/handlers/agent/skills-resolver.ts
+++ b/apps/sim/executor/handlers/agent/skills-resolver.ts
@@ -1,122 +0,0 @@
-import { db } from '@sim/db'
-import { skill } from '@sim/db/schema'
-import { createLogger } from '@sim/logger'
-import { and, eq, inArray } from 'drizzle-orm'
-import type { SkillInput } from '@/executor/handlers/agent/types'
-
-const logger = createLogger('SkillsResolver')
-
-function escapeXml(str: string): string {
-  return str
-    .replace(/&/g, '&amp;')
-    .replace(/</g, '&lt;')
-    .replace(/>/g, '&gt;')
-    .replace(/"/g, '&quot;')
-}
-
-interface SkillMetadata {
-  name: string
-  description: string
-}
-
-/**
- * Fetch skill metadata (name + description) for system prompt injection.
- * Only returns lightweight data so the LLM knows what skills are available.
- */
-export async function resolveSkillMetadata(
-  skillInputs: SkillInput[],
-  workspaceId: string
-): Promise<SkillMetadata[]> {
-  if (!skillInputs.length || !workspaceId) return []
-
-  const skillIds = skillInputs.map((s) => s.skillId)
-
-  try {
-    const rows = await db
-      .select({ name: skill.name, description: skill.description })
-      .from(skill)
-      .where(and(eq(skill.workspaceId, workspaceId), inArray(skill.id, skillIds)))
-
-    return rows
-  } catch (error) {
-    logger.error('Failed to resolve skill metadata', { error, skillIds, workspaceId })
-    return []
-  }
-}
-
-/**
- * Fetch full skill content for a load_skill tool response.
- * Called when the LLM decides a skill is relevant and invokes load_skill.
- */
-export async function resolveSkillContent(
-  skillName: string,
-  workspaceId: string
-): Promise<string | null> {
-  if (!skillName || !workspaceId) return null
-
-  try {
-    const rows = await db
-      .select({ content: skill.content, name: skill.name })
-      .from(skill)
-      .where(and(eq(skill.workspaceId, workspaceId), eq(skill.name, skillName)))
-      .limit(1)
-
-    if (rows.length === 0) {
-      logger.warn('Skill not found', { skillName, workspaceId })
-      return null
-    }
-
-    return rows[0].content
-  } catch (error) {
-    logger.error('Failed to resolve skill content', { error, skillName, workspaceId })
-    return null
-  }
-}
-
-/**
- * Build the system prompt section that lists available skills.
- * Uses XML format per the agentskills.io integration guide.
- */
-export function buildSkillsSystemPromptSection(skills: SkillMetadata[]): string {
-  if (!skills.length) return ''
-
-  const skillEntries = skills
-    .map(
-      (s) =>
-        `  <skill name="${escapeXml(s.name)}">\n    <description>${escapeXml(s.description)}</description>\n  </skill>`
-    )
-    .join('\n')
-
-  return [
-    '',
-    'You have access to the following skills. Use the load_skill tool to activate a skill when relevant.',
-    '',
-    '<available_skills>',
-    skillEntries,
-    '</available_skills>',
-  ].join('\n')
-}
-
-/**
- * Build the load_skill tool definition for injection into the tools array.
- * Returns a ProviderToolConfig-compatible object so all providers can process it.
- */
-export function buildLoadSkillTool(skillNames: string[]) {
-  return {
-    id: 'load_skill',
-    name: 'load_skill',
-    description: `Load a skill to get specialized instructions. Available skills: ${skillNames.join(', ')}`,
-    params: {},
-    parameters: {
-      type: 'object',
-      properties: {
-        skill_name: {
-          type: 'string',
-          description: 'Name of the skill to load',
-          enum: skillNames,
-        },
-      },
-      required: ['skill_name'],
-    },
-  }
-}
--- a/apps/sim/executor/handlers/agent/types.ts
+++ b/apps/sim/executor/handlers/agent/types.ts
@@ -1,14 +1,7 @@
-export interface SkillInput {
-  skillId: string
-  name?: string
-  description?: string
-}
-
 export interface AgentInputs {
  model?: string
  responseFormat?: string | object
  tools?: ToolInput[]
-  skills?: SkillInput[]
  // Legacy inputs (backward compatible)
  systemPrompt?: string
  userPrompt?: string | object
--- a/apps/sim/executor/handlers/api/api-handler.ts
+++ b/apps/sim/executor/handlers/api/api-handler.ts
@@ -72,7 +72,6 @@ export class ApiBlockHandler implements BlockHandler {
            workflowId: ctx.workflowId,
            workspaceId: ctx.workspaceId,
            executionId: ctx.executionId,
-            userId: ctx.userId,
            isDeployedContext: ctx.isDeployedContext,
          },
        },
--- a/apps/sim/executor/handlers/condition/condition-handler.ts
+++ b/apps/sim/executor/handlers/condition/condition-handler.ts
@@ -48,7 +48,6 @@ export async function evaluateConditionExpression(
        _context: {
          workflowId: ctx.workflowId,
          workspaceId: ctx.workspaceId,
-          userId: ctx.userId,
          isDeployedContext: ctx.isDeployedContext,
        },
      },
--- a/apps/sim/executor/handlers/evaluator/evaluator-handler.ts
+++ b/apps/sim/executor/handlers/evaluator/evaluator-handler.ts
@@ -104,7 +104,7 @@ export class EvaluatorBlockHandler implements BlockHandler {
    }

    try {
-      const url = buildAPIUrl('/api/providers', ctx.userId ? { userId: ctx.userId } : {})
+      const url = buildAPIUrl('/api/providers')

      const providerRequest: Record<string, any> = {
        provider: providerId,
@@ -121,17 +121,26 @@ export class EvaluatorBlockHandler implements BlockHandler {

        temperature: EVALUATOR.DEFAULT_TEMPERATURE,
        apiKey: finalApiKey,
-        azureEndpoint: inputs.azureEndpoint,
-        azureApiVersion: inputs.azureApiVersion,
-        vertexProject: evaluatorConfig.vertexProject,
-        vertexLocation: evaluatorConfig.vertexLocation,
-        bedrockAccessKeyId: evaluatorConfig.bedrockAccessKeyId,
-        bedrockSecretKey: evaluatorConfig.bedrockSecretKey,
-        bedrockRegion: evaluatorConfig.bedrockRegion,
        workflowId: ctx.workflowId,
        workspaceId: ctx.workspaceId,
      }

+      if (providerId === 'vertex') {
+        providerRequest.vertexProject = evaluatorConfig.vertexProject
+        providerRequest.vertexLocation = evaluatorConfig.vertexLocation
+      }
+
+      if (providerId === 'azure-openai') {
+        providerRequest.azureEndpoint = inputs.azureEndpoint
+        providerRequest.azureApiVersion = inputs.azureApiVersion
+      }
+
+      if (providerId === 'bedrock') {
+        providerRequest.bedrockAccessKeyId = evaluatorConfig.bedrockAccessKeyId
+        providerRequest.bedrockSecretKey = evaluatorConfig.bedrockSecretKey
+        providerRequest.bedrockRegion = evaluatorConfig.bedrockRegion
+      }
+
      const response = await fetch(url.toString(), {
        method: 'POST',
        headers: await buildAuthHeaders(),
--- a/apps/sim/executor/handlers/function/function-handler.ts
+++ b/apps/sim/executor/handlers/function/function-handler.ts
@@ -39,7 +39,6 @@ export class FunctionBlockHandler implements BlockHandler {
        _context: {
          workflowId: ctx.workflowId,
          workspaceId: ctx.workspaceId,
-          userId: ctx.userId,
          isDeployedContext: ctx.isDeployedContext,
        },
      },
--- a/apps/sim/executor/handlers/generic/generic-handler.ts
+++ b/apps/sim/executor/handlers/generic/generic-handler.ts
@@ -66,7 +66,6 @@ export class GenericBlockHandler implements BlockHandler {
            workflowId: ctx.workflowId,
            workspaceId: ctx.workspaceId,
            executionId: ctx.executionId,
-            userId: ctx.userId,
            isDeployedContext: ctx.isDeployedContext,
          },
        },
--- a/apps/sim/executor/handlers/human-in-the-loop/human-in-the-loop-handler.ts
+++ b/apps/sim/executor/handlers/human-in-the-loop/human-in-the-loop-handler.ts
@@ -605,7 +605,6 @@ export class HumanInTheLoopBlockHandler implements BlockHandler {
          _context: {
            workflowId: ctx.workflowId,
            workspaceId: ctx.workspaceId,
-            userId: ctx.userId,
            isDeployedContext: ctx.isDeployedContext,
          },
          blockData: blockDataWithPause,
--- a/apps/sim/executor/handlers/router/router-handler.ts
+++ b/apps/sim/executor/handlers/router/router-handler.ts
@@ -80,7 +80,6 @@ export class RouterBlockHandler implements BlockHandler {

    try {
      const url = new URL('/api/providers', getBaseUrl())
-      if (ctx.userId) url.searchParams.set('userId', ctx.userId)

      const messages = [{ role: 'user', content: routerConfig.prompt }]
      const systemPrompt = generateRouterPrompt(routerConfig.prompt, targetBlocks)
@@ -97,17 +96,26 @@ export class RouterBlockHandler implements BlockHandler {
        context: JSON.stringify(messages),
        temperature: ROUTER.INFERENCE_TEMPERATURE,
        apiKey: finalApiKey,
-        azureEndpoint: inputs.azureEndpoint,
-        azureApiVersion: inputs.azureApiVersion,
-        vertexProject: routerConfig.vertexProject,
-        vertexLocation: routerConfig.vertexLocation,
-        bedrockAccessKeyId: routerConfig.bedrockAccessKeyId,
-        bedrockSecretKey: routerConfig.bedrockSecretKey,
-        bedrockRegion: routerConfig.bedrockRegion,
        workflowId: ctx.workflowId,
        workspaceId: ctx.workspaceId,
      }

+      if (providerId === 'vertex') {
+        providerRequest.vertexProject = routerConfig.vertexProject
+        providerRequest.vertexLocation = routerConfig.vertexLocation
+      }
+
+      if (providerId === 'azure-openai') {
+        providerRequest.azureEndpoint = inputs.azureEndpoint
+        providerRequest.azureApiVersion = inputs.azureApiVersion
+      }
+
+      if (providerId === 'bedrock') {
+        providerRequest.bedrockAccessKeyId = routerConfig.bedrockAccessKeyId
+        providerRequest.bedrockSecretKey = routerConfig.bedrockSecretKey
+        providerRequest.bedrockRegion = routerConfig.bedrockRegion
+      }
+
      const response = await fetch(url.toString(), {
        method: 'POST',
        headers: await buildAuthHeaders(),
@@ -210,7 +218,6 @@ export class RouterBlockHandler implements BlockHandler {

    try {
      const url = new URL('/api/providers', getBaseUrl())
-      if (ctx.userId) url.searchParams.set('userId', ctx.userId)

      const messages = [{ role: 'user', content: routerConfig.context }]
      const systemPrompt = generateRouterV2Prompt(routerConfig.context, routes)
@@ -227,13 +234,6 @@ export class RouterBlockHandler implements BlockHandler {
        context: JSON.stringify(messages),
        temperature: ROUTER.INFERENCE_TEMPERATURE,
        apiKey: finalApiKey,
-        azureEndpoint: inputs.azureEndpoint,
-        azureApiVersion: inputs.azureApiVersion,
-        vertexProject: routerConfig.vertexProject,
-        vertexLocation: routerConfig.vertexLocation,
-        bedrockAccessKeyId: routerConfig.bedrockAccessKeyId,
-        bedrockSecretKey: routerConfig.bedrockSecretKey,
-        bedrockRegion: routerConfig.bedrockRegion,
        workflowId: ctx.workflowId,
        workspaceId: ctx.workspaceId,
        responseFormat: {
@@ -257,6 +257,22 @@ export class RouterBlockHandler implements BlockHandler {
        },
      }

+      if (providerId === 'vertex') {
+        providerRequest.vertexProject = routerConfig.vertexProject
+        providerRequest.vertexLocation = routerConfig.vertexLocation
+      }
+
+      if (providerId === 'azure-openai') {
+        providerRequest.azureEndpoint = inputs.azureEndpoint
+        providerRequest.azureApiVersion = inputs.azureApiVersion
+      }
+
+      if (providerId === 'bedrock') {
+        providerRequest.bedrockAccessKeyId = routerConfig.bedrockAccessKeyId
+        providerRequest.bedrockSecretKey = routerConfig.bedrockSecretKey
+        providerRequest.bedrockRegion = routerConfig.bedrockRegion
+      }
+
      const response = await fetch(url.toString(), {
        method: 'POST',
        headers: await buildAuthHeaders(),
--- a/apps/sim/executor/orchestrators/loop.ts
+++ b/apps/sim/executor/orchestrators/loop.ts
@@ -511,8 +511,6 @@ export class LoopOrchestrator {
        contextVariables: {},
        timeoutMs: LOOP_CONDITION_TIMEOUT_MS,
        requestId,
-        ownerKey: `user:${ctx.userId}`,
-        ownerWeight: 1,
      })

      if (vmResult.error) {
--- a/apps/sim/executor/utils/block-data.ts
+++ b/apps/sim/executor/utils/block-data.ts
@@ -1,7 +1,3 @@
-import {
-  extractFieldsFromSchema,
-  parseResponseFormatSafely,
-} from '@/lib/core/utils/response-format'
 import { normalizeInputFormatValue } from '@/lib/workflows/input-format'
 import { isTriggerBehavior, normalizeName } from '@/executor/constants'
 import type { ExecutionContext } from '@/executor/types'
@@ -47,53 +43,23 @@ function getInputFormatFields(block: SerializedBlock): OutputSchema {
  const schema: OutputSchema = {}
  for (const field of inputFormat) {
    if (!field.name) continue
-    schema[field.name] = { type: field.type || 'any' }
+    schema[field.name] = {
+      type: (field.type || 'any') as 'string' | 'number' | 'boolean' | 'object' | 'array' | 'any',
+    }
  }

  return schema
 }

-function getEvaluatorMetricsSchema(block: SerializedBlock): OutputSchema | undefined {
-  if (block.metadata?.id !== 'evaluator') return undefined
-
-  const metrics = block.config?.params?.metrics
-  if (!Array.isArray(metrics) || metrics.length === 0) return undefined
-
-  const validMetrics = metrics.filter(
-    (m: { name?: string }) => m?.name && typeof m.name === 'string'
-  )
-  if (validMetrics.length === 0) return undefined
-
-  const schema: OutputSchema = { ...(block.outputs as OutputSchema) }
-  for (const metric of validMetrics) {
-    schema[metric.name.toLowerCase()] = { type: 'number' }
-  }
-  return schema
-}
-
-function getResponseFormatSchema(block: SerializedBlock): OutputSchema | undefined {
-  const responseFormatValue = block.config?.params?.responseFormat
-  if (!responseFormatValue) return undefined
-
-  const parsed = parseResponseFormatSafely(responseFormatValue, block.id)
-  if (!parsed) return undefined
-
-  const fields = extractFieldsFromSchema(parsed)
-  if (fields.length === 0) return undefined
-
-  const schema: OutputSchema = {}
-  for (const field of fields) {
-    schema[field.name] = { type: field.type || 'any' }
-  }
-  return schema
-}
-
 export function getBlockSchema(
  block: SerializedBlock,
  toolConfig?: ToolConfig
 ): OutputSchema | undefined {
  const blockType = block.metadata?.id

+  // For blocks that expose inputFormat as outputs, always merge them
+  // This includes both triggers (start_trigger, generic_webhook) and
+  // non-triggers (starter, human_in_the_loop) that have inputFormat
  if (
    blockType &&
    BLOCKS_WITH_INPUT_FORMAT_OUTPUTS.includes(
@@ -108,16 +74,6 @@ export function getBlockSchema(
    }
  }

-  const evaluatorSchema = getEvaluatorMetricsSchema(block)
-  if (evaluatorSchema) {
-    return evaluatorSchema
-  }
-
-  const responseFormatSchema = getResponseFormatSchema(block)
-  if (responseFormatSchema) {
-    return responseFormatSchema
-  }
-
  const isTrigger = isTriggerBehavior(block)

  if (isTrigger && block.outputs && Object.keys(block.outputs).length > 0) {
--- a/apps/sim/hooks/queries/skills.ts
+++ b/apps/sim/hooks/queries/skills.ts
@@ -1,263 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { keepPreviousData, useMutation, useQuery, useQueryClient } from '@tanstack/react-query'
-
-const logger = createLogger('SkillsQueries')
-const API_ENDPOINT = '/api/skills'
-
-export interface SkillDefinition {
-  id: string
-  workspaceId: string | null
-  userId: string | null
-  name: string
-  description: string
-  content: string
-  createdAt: string
-  updatedAt?: string
-}
-
-/**
- * Query key factories for skills queries
- */
-export const skillsKeys = {
-  all: ['skills'] as const,
-  lists: () => [...skillsKeys.all, 'list'] as const,
-  list: (workspaceId: string) => [...skillsKeys.lists(), workspaceId] as const,
-}
-
-/**
- * Fetch skills for a workspace
- */
-async function fetchSkills(workspaceId: string): Promise<SkillDefinition[]> {
-  const response = await fetch(`${API_ENDPOINT}?workspaceId=${workspaceId}`)
-
-  if (!response.ok) {
-    const errorData = await response.json().catch(() => ({}))
-    throw new Error(errorData.error || `Failed to fetch skills: ${response.statusText}`)
-  }
-
-  const { data } = await response.json()
-
-  if (!Array.isArray(data)) {
-    throw new Error('Invalid response format')
-  }
-
-  return data.map((s: Record<string, unknown>) => ({
-    id: s.id as string,
-    workspaceId: (s.workspaceId as string) ?? null,
-    userId: (s.userId as string) ?? null,
-    name: s.name as string,
-    description: s.description as string,
-    content: s.content as string,
-    createdAt: (s.createdAt as string) ?? new Date().toISOString(),
-    updatedAt: s.updatedAt as string | undefined,
-  }))
-}
-
-/**
- * Hook to fetch skills for a workspace
- */
-export function useSkills(workspaceId: string) {
-  return useQuery<SkillDefinition[]>({
-    queryKey: skillsKeys.list(workspaceId),
-    queryFn: () => fetchSkills(workspaceId),
-    enabled: !!workspaceId,
-    staleTime: 60 * 1000,
-    placeholderData: keepPreviousData,
-  })
-}
-
-/**
- * Create skill mutation
- */
-interface CreateSkillParams {
-  workspaceId: string
-  skill: {
-    name: string
-    description: string
-    content: string
-  }
-}
-
-export function useCreateSkill() {
-  const queryClient = useQueryClient()
-
-  return useMutation({
-    mutationFn: async ({ workspaceId, skill: s }: CreateSkillParams) => {
-      logger.info(`Creating skill: ${s.name} in workspace ${workspaceId}`)
-
-      const response = await fetch(API_ENDPOINT, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({
-          skills: [{ name: s.name, description: s.description, content: s.content }],
-          workspaceId,
-        }),
-      })
-
-      const data = await response.json()
-
-      if (!response.ok) {
-        throw new Error(data.error || 'Failed to create skill')
-      }
-
-      if (!data.data || !Array.isArray(data.data)) {
-        throw new Error('Invalid API response: missing skills data')
-      }
-
-      logger.info(`Created skill: ${s.name}`)
-      return data.data
-    },
-    onSuccess: (_data, variables) => {
-      queryClient.invalidateQueries({ queryKey: skillsKeys.list(variables.workspaceId) })
-    },
-  })
-}
-
-/**
- * Update skill mutation
- */
-interface UpdateSkillParams {
-  workspaceId: string
-  skillId: string
-  updates: {
-    name?: string
-    description?: string
-    content?: string
-  }
-}
-
-export function useUpdateSkill() {
-  const queryClient = useQueryClient()
-
-  return useMutation({
-    mutationFn: async ({ workspaceId, skillId, updates }: UpdateSkillParams) => {
-      logger.info(`Updating skill: ${skillId} in workspace ${workspaceId}`)
-
-      const currentSkills = queryClient.getQueryData<SkillDefinition[]>(
-        skillsKeys.list(workspaceId)
-      )
-      const currentSkill = currentSkills?.find((s) => s.id === skillId)
-
-      if (!currentSkill) {
-        throw new Error('Skill not found')
-      }
-
-      const response = await fetch(API_ENDPOINT, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({
-          skills: [
-            {
-              id: skillId,
-              name: updates.name ?? currentSkill.name,
-              description: updates.description ?? currentSkill.description,
-              content: updates.content ?? currentSkill.content,
-            },
-          ],
-          workspaceId,
-        }),
-      })
-
-      const data = await response.json()
-
-      if (!response.ok) {
-        throw new Error(data.error || 'Failed to update skill')
-      }
-
-      if (!data.data || !Array.isArray(data.data)) {
-        throw new Error('Invalid API response: missing skills data')
-      }
-
-      logger.info(`Updated skill: ${skillId}`)
-      return data.data
-    },
-    onMutate: async ({ workspaceId, skillId, updates }) => {
-      await queryClient.cancelQueries({ queryKey: skillsKeys.list(workspaceId) })
-
-      const previousSkills = queryClient.getQueryData<SkillDefinition[]>(
-        skillsKeys.list(workspaceId)
-      )
-
-      if (previousSkills) {
-        queryClient.setQueryData<SkillDefinition[]>(
-          skillsKeys.list(workspaceId),
-          previousSkills.map((s) =>
-            s.id === skillId
-              ? {
-                  ...s,
-                  name: updates.name ?? s.name,
-                  description: updates.description ?? s.description,
-                  content: updates.content ?? s.content,
-                }
-              : s
-          )
-        )
-      }
-
-      return { previousSkills }
-    },
-    onError: (_err, variables, context) => {
-      if (context?.previousSkills) {
-        queryClient.setQueryData(skillsKeys.list(variables.workspaceId), context.previousSkills)
-      }
-    },
-    onSettled: (_data, _error, variables) => {
-      queryClient.invalidateQueries({ queryKey: skillsKeys.list(variables.workspaceId) })
-    },
-  })
-}
-
-/**
- * Delete skill mutation
- */
-interface DeleteSkillParams {
-  workspaceId: string
-  skillId: string
-}
-
-export function useDeleteSkill() {
-  const queryClient = useQueryClient()
-
-  return useMutation({
-    mutationFn: async ({ workspaceId, skillId }: DeleteSkillParams) => {
-      logger.info(`Deleting skill: ${skillId}`)
-
-      const response = await fetch(`${API_ENDPOINT}?id=${skillId}&workspaceId=${workspaceId}`, {
-        method: 'DELETE',
-      })
-
-      const data = await response.json()
-
-      if (!response.ok) {
-        throw new Error(data.error || 'Failed to delete skill')
-      }
-
-      logger.info(`Deleted skill: ${skillId}`)
-      return data
-    },
-    onMutate: async ({ workspaceId, skillId }) => {
-      await queryClient.cancelQueries({ queryKey: skillsKeys.list(workspaceId) })
-
-      const previousSkills = queryClient.getQueryData<SkillDefinition[]>(
-        skillsKeys.list(workspaceId)
-      )
-
-      if (previousSkills) {
-        queryClient.setQueryData<SkillDefinition[]>(
-          skillsKeys.list(workspaceId),
-          previousSkills.filter((s) => s.id !== skillId)
-        )
-      }
-
-      return { previousSkills }
-    },
-    onError: (_err, variables, context) => {
-      if (context?.previousSkills) {
-        queryClient.setQueryData(skillsKeys.list(variables.workspaceId), context.previousSkills)
-      }
-    },
-    onSettled: (_data, _error, variables) => {
-      queryClient.invalidateQueries({ queryKey: skillsKeys.list(variables.workspaceId) })
-    },
-  })
-}
--- a/apps/sim/lib/auth/credential-access.ts
+++ b/apps/sim/lib/auth/credential-access.ts
@@ -2,13 +2,13 @@ import { db } from '@sim/db'
 import { account, workflow as workflowTable } from '@sim/db/schema'
 import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'

 export interface CredentialAccessResult {
  ok: boolean
  error?: string
-  authType?: 'session' | 'internal_jwt'
+  authType?: 'session' | 'api_key' | 'internal_jwt'
  requesterUserId?: string
  credentialOwnerUserId?: string
  workspaceId?: string
@@ -16,10 +16,10 @@ export interface CredentialAccessResult {

 /**
 * Centralizes auth + collaboration rules for credential use.
- * - Uses checkSessionOrInternalAuth to authenticate the caller
+ * - Uses checkHybridAuth to authenticate the caller
 * - Fetches credential owner
 * - Authorization rules:
- *   - session: allow if requester owns the credential; otherwise require workflowId and
+ *   - session/api_key: allow if requester owns the credential; otherwise require workflowId and
 *     verify BOTH requester and owner have access to the workflow's workspace
 *   - internal_jwt: require workflowId (by default) and verify credential owner has access to the
 *     workflow's workspace (requester identity is the system/workflow)
@@ -30,9 +30,7 @@ export async function authorizeCredentialUse(
 ): Promise<CredentialAccessResult> {
  const { credentialId, workflowId, requireWorkflowIdForInternal = true } = params

-  const auth = await checkSessionOrInternalAuth(request, {
-    requireWorkflowId: requireWorkflowIdForInternal,
-  })
+  const auth = await checkHybridAuth(request, { requireWorkflowId: requireWorkflowIdForInternal })
  if (!auth.success || !auth.userId) {
    return { ok: false, error: auth.error || 'Authentication required' }
  }
@@ -54,7 +52,7 @@ export async function authorizeCredentialUse(
  if (auth.authType !== 'internal_jwt' && auth.userId === credentialOwnerUserId) {
    return {
      ok: true,
-      authType: auth.authType as CredentialAccessResult['authType'],
+      authType: auth.authType,
      requesterUserId: auth.userId,
      credentialOwnerUserId,
    }
@@ -87,14 +85,14 @@ export async function authorizeCredentialUse(
    }
    return {
      ok: true,
-      authType: auth.authType as CredentialAccessResult['authType'],
+      authType: auth.authType,
      requesterUserId: auth.userId,
      credentialOwnerUserId,
      workspaceId: wf.workspaceId,
    }
  }

-  // Session: verify BOTH requester and owner belong to the workflow's workspace
+  // Session/API key: verify BOTH requester and owner belong to the workflow's workspace
  const requesterPerm = await getUserEntityPermissions(auth.userId, 'workspace', wf.workspaceId)
  const ownerPerm = await getUserEntityPermissions(
    credentialOwnerUserId,
@@ -107,7 +105,7 @@ export async function authorizeCredentialUse(

  return {
    ok: true,
-    authType: auth.authType as CredentialAccessResult['authType'],
+    authType: auth.authType,
    requesterUserId: auth.userId,
    credentialOwnerUserId,
    workspaceId: wf.workspaceId,
--- a/apps/sim/lib/auth/hybrid.ts
+++ b/apps/sim/lib/auth/hybrid.ts
@@ -1,4 +1,7 @@
+import { db } from '@sim/db'
+import { workflow } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
+import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { authenticateApiKeyFromHeader, updateApiKeyLastUsed } from '@/lib/api-key/service'
 import { getSession } from '@/lib/auth'
@@ -10,33 +13,35 @@ export interface AuthResult {
  success: boolean
  userId?: string
  authType?: 'session' | 'api_key' | 'internal_jwt'
-  apiKeyType?: 'personal' | 'workspace'
  error?: string
 }

 /**
 * Resolves userId from a verified internal JWT token.
- * Extracts userId from the JWT payload, URL search params, or POST body.
+ * Extracts workflowId/userId from URL params or POST body, then looks up userId if needed.
 */
 async function resolveUserFromJwt(
  request: NextRequest,
  verificationUserId: string | null,
  options: { requireWorkflowId?: boolean }
 ): Promise<AuthResult> {
+  let workflowId: string | null = null
  let userId: string | null = verificationUserId

+  const { searchParams } = new URL(request.url)
+  workflowId = searchParams.get('workflowId')
  if (!userId) {
-    const { searchParams } = new URL(request.url)
    userId = searchParams.get('userId')
  }

-  if (!userId && request.method === 'POST') {
+  if (!workflowId && !userId && request.method === 'POST') {
    try {
      const clonedRequest = request.clone()
      const bodyText = await clonedRequest.text()
      if (bodyText) {
        const body = JSON.parse(bodyText)
-        userId = body.userId || body._context?.userId || null
+        workflowId = body.workflowId || body._context?.workflowId
+        userId = userId || body.userId || body._context?.userId
      }
    } catch {
      // Ignore JSON parse errors
@@ -47,8 +52,22 @@ async function resolveUserFromJwt(
    return { success: true, userId, authType: 'internal_jwt' }
  }

+  if (workflowId) {
+    const [workflowData] = await db
+      .select({ userId: workflow.userId })
+      .from(workflow)
+      .where(eq(workflow.id, workflowId))
+      .limit(1)
+
+    if (!workflowData) {
+      return { success: false, error: 'Workflow not found' }
+    }
+
+    return { success: true, userId: workflowData.userId, authType: 'internal_jwt' }
+  }
+
  if (options.requireWorkflowId !== false) {
-    return { success: false, error: 'userId required for internal JWT calls' }
+    return { success: false, error: 'workflowId or userId required for internal JWT calls' }
  }

  return { success: true, authType: 'internal_jwt' }
@@ -203,7 +222,6 @@ export async function checkHybridAuth(
          success: true,
          userId: result.userId!,
          authType: 'api_key',
-          apiKeyType: result.keyType,
        }
      }

--- a/apps/sim/lib/copilot/config.ts
+++ b/apps/sim/lib/copilot/config.ts
@@ -12,7 +12,6 @@ const VALID_PROVIDER_IDS: readonly ProviderId[] = [
  'openai',
  'azure-openai',
  'anthropic',
-  'azure-anthropic',
  'google',
  'deepseek',
  'xai',
--- a/apps/sim/lib/copilot/types.ts
+++ b/apps/sim/lib/copilot/types.ts
@@ -147,13 +147,6 @@ export type CopilotProviderConfig =
      apiVersion?: string
      endpoint?: string
    }
-  | {
-      provider: 'azure-anthropic'
-      model: string
-      apiKey?: string
-      apiVersion?: string
-      endpoint?: string
-    }
  | {
      provider: 'vertex'
      model: string
@@ -162,7 +155,7 @@ export type CopilotProviderConfig =
      vertexLocation?: string
    }
  | {
-      provider: Exclude<ProviderId, 'azure-openai' | 'azure-anthropic' | 'vertex'>
+      provider: Exclude<ProviderId, 'azure-openai' | 'vertex'>
      model?: string
      apiKey?: string
    }
--- a/apps/sim/lib/core/config/env.ts
+++ b/apps/sim/lib/core/config/env.ts
@@ -95,9 +95,6 @@ export const env = createEnv({
    AZURE_OPENAI_ENDPOINT:                 z.string().url().optional(),            // Shared Azure OpenAI service endpoint
    AZURE_OPENAI_API_VERSION:              z.string().optional(),                  // Shared Azure OpenAI API version
    AZURE_OPENAI_API_KEY:                  z.string().min(1).optional(),           // Shared Azure OpenAI API key
-    AZURE_ANTHROPIC_ENDPOINT:              z.string().url().optional(),            // Azure Anthropic service endpoint
-    AZURE_ANTHROPIC_API_KEY:               z.string().min(1).optional(),           // Azure Anthropic API key
-    AZURE_ANTHROPIC_API_VERSION:           z.string().min(1).optional(),           // Azure Anthropic API version (e.g. 2023-06-01)
    KB_OPENAI_MODEL_NAME:                  z.string().optional(),                  // Knowledge base OpenAI model name (works with both regular OpenAI and Azure OpenAI)
    WAND_OPENAI_MODEL_NAME:                z.string().optional(),                  // Wand generation OpenAI model name (works with both regular OpenAI and Azure OpenAI)
    OCR_AZURE_ENDPOINT:                    z.string().url().optional(),            // Azure Mistral OCR service endpoint
@@ -183,24 +180,6 @@ export const env = createEnv({
    EXECUTION_TIMEOUT_ASYNC_TEAM:          z.string().optional().default('5400'),  // 90 minutes
    EXECUTION_TIMEOUT_ASYNC_ENTERPRISE:    z.string().optional().default('5400'),  // 90 minutes

-    // Isolated-VM Worker Pool Configuration
-    IVM_POOL_SIZE:                         z.string().optional().default('4'),      // Max worker processes in pool
-    IVM_MAX_CONCURRENT:                    z.string().optional().default('10000'),  // Max concurrent executions globally
-    IVM_MAX_PER_WORKER:                    z.string().optional().default('2500'),   // Max concurrent executions per worker
-    IVM_WORKER_IDLE_TIMEOUT_MS:            z.string().optional().default('60000'),  // Worker idle cleanup timeout (ms)
-    IVM_MAX_QUEUE_SIZE:                    z.string().optional().default('10000'),  // Max pending queued executions in memory
-    IVM_MAX_FETCH_RESPONSE_BYTES:          z.string().optional().default('8388608'),// Max bytes read from sandbox fetch responses
-    IVM_MAX_FETCH_RESPONSE_CHARS:          z.string().optional().default('4000000'),// Max chars returned to sandbox from fetch body
-    IVM_MAX_FETCH_OPTIONS_JSON_CHARS:      z.string().optional().default('262144'), // Max JSON payload size for sandbox fetch options
-    IVM_MAX_FETCH_URL_LENGTH:              z.string().optional().default('8192'),   // Max URL length accepted by sandbox fetch
-    IVM_MAX_STDOUT_CHARS:                  z.string().optional().default('200000'), // Max captured stdout characters per execution
-    IVM_MAX_ACTIVE_PER_OWNER:              z.string().optional().default('200'),    // Max active executions per owner (per process)
-    IVM_MAX_QUEUED_PER_OWNER:              z.string().optional().default('2000'),   // Max queued executions per owner (per process)
-    IVM_MAX_OWNER_WEIGHT:                  z.string().optional().default('5'),      // Max accepted weight for weighted owner scheduling
-    IVM_DISTRIBUTED_MAX_INFLIGHT_PER_OWNER:z.string().optional().default('2200'),   // Max owner in-flight leases across replicas
-    IVM_DISTRIBUTED_LEASE_MIN_TTL_MS:      z.string().optional().default('120000'), // Min TTL for distributed in-flight leases (ms)
-    IVM_QUEUE_TIMEOUT_MS:                  z.string().optional().default('300000'), // Max queue wait before rejection (ms)
-
    // Knowledge Base Processing Configuration - Shared across all processing methods
    KB_CONFIG_MAX_DURATION:                z.number().optional().default(600),     // Max processing duration in seconds (10 minutes)
    KB_CONFIG_MAX_ATTEMPTS:                z.number().optional().default(3),       // Max retry attempts
--- a/apps/sim/lib/core/security/input-validation.server.ts
+++ b/apps/sim/lib/core/security/input-validation.server.ts
@@ -103,7 +103,6 @@ export interface SecureFetchOptions {
  body?: string | Buffer | Uint8Array
  timeout?: number
  maxRedirects?: number
-  maxResponseBytes?: number
 }

 export class SecureFetchHeaders {
@@ -166,7 +165,6 @@ export async function secureFetchWithPinnedIP(
  redirectCount = 0
 ): Promise<SecureFetchResponse> {
  const maxRedirects = options.maxRedirects ?? DEFAULT_MAX_REDIRECTS
-  const maxResponseBytes = options.maxResponseBytes

  return new Promise((resolve, reject) => {
    const parsed = new URL(url)
@@ -239,32 +237,14 @@ export async function secureFetchWithPinnedIP(
      }

      const chunks: Buffer[] = []
-      let totalBytes = 0
-      let responseTerminated = false

-      res.on('data', (chunk: Buffer) => {
-        if (responseTerminated) return
-
-        totalBytes += chunk.length
-        if (
-          typeof maxResponseBytes === 'number' &&
-          maxResponseBytes > 0 &&
-          totalBytes > maxResponseBytes
-        ) {
-          responseTerminated = true
-          res.destroy(new Error(`Response exceeded maximum size of ${maxResponseBytes} bytes`))
-          return
-        }
-
-        chunks.push(chunk)
-      })
+      res.on('data', (chunk: Buffer) => chunks.push(chunk))

      res.on('error', (error) => {
        reject(error)
      })

      res.on('end', () => {
-        if (responseTerminated) return
        const bodyBuffer = Buffer.concat(chunks)
        const body = bodyBuffer.toString('utf-8')
        const headersRecord: Record<string, string> = {}
--- a/apps/sim/lib/execution/isolated-vm-worker.cjs
+++ b/apps/sim/lib/execution/isolated-vm-worker.cjs
@@ -9,21 +9,6 @@ const USER_CODE_START_LINE = 4
 const pendingFetches = new Map()
 let fetchIdCounter = 0
 const FETCH_TIMEOUT_MS = 300000 // 5 minutes
-const MAX_STDOUT_CHARS = Number.parseInt(process.env.IVM_MAX_STDOUT_CHARS || '', 10) || 200000
-const MAX_FETCH_OPTIONS_JSON_CHARS =
-  Number.parseInt(process.env.IVM_MAX_FETCH_OPTIONS_JSON_CHARS || '', 10) || 256 * 1024
-
-function stringifyLogValue(value) {
-  if (typeof value !== 'object' || value === null) {
-    return String(value)
-  }
-
-  try {
-    return JSON.stringify(value)
-  } catch {
-    return '[unserializable]'
-  }
-}

 /**
 * Extract line and column from error stack or message
@@ -116,32 +101,8 @@ function convertToCompatibleError(errorInfo, userCode) {
 async function executeCode(request) {
  const { code, params, envVars, contextVariables, timeoutMs, requestId } = request
  const stdoutChunks = []
-  let stdoutLength = 0
-  let stdoutTruncated = false
  let isolate = null

-  const appendStdout = (line) => {
-    if (stdoutTruncated || !line) return
-
-    const remaining = MAX_STDOUT_CHARS - stdoutLength
-    if (remaining <= 0) {
-      stdoutTruncated = true
-      stdoutChunks.push('[stdout truncated]\n')
-      return
-    }
-
-    if (line.length <= remaining) {
-      stdoutChunks.push(line)
-      stdoutLength += line.length
-      return
-    }
-
-    stdoutChunks.push(line.slice(0, remaining))
-    stdoutChunks.push('\n[stdout truncated]\n')
-    stdoutLength = MAX_STDOUT_CHARS
-    stdoutTruncated = true
-  }
-
  try {
    isolate = new ivm.Isolate({ memoryLimit: 128 })
    const context = await isolate.createContext()
@@ -150,14 +111,18 @@ async function executeCode(request) {
    await jail.set('global', jail.derefInto())

    const logCallback = new ivm.Callback((...args) => {
-      const message = args.map((arg) => stringifyLogValue(arg)).join(' ')
-      appendStdout(`${message}\n`)
+      const message = args
+        .map((arg) => (typeof arg === 'object' ? JSON.stringify(arg) : String(arg)))
+        .join(' ')
+      stdoutChunks.push(`${message}\n`)
    })
    await jail.set('__log', logCallback)

    const errorCallback = new ivm.Callback((...args) => {
-      const message = args.map((arg) => stringifyLogValue(arg)).join(' ')
-      appendStdout(`ERROR: ${message}\n`)
+      const message = args
+        .map((arg) => (typeof arg === 'object' ? JSON.stringify(arg) : String(arg)))
+        .join(' ')
+      stdoutChunks.push(`ERROR: ${message}\n`)
    })
    await jail.set('__error', errorCallback)

@@ -213,9 +178,6 @@ async function executeCode(request) {
          } catch {
            throw new Error('fetch options must be JSON-serializable');
          }
-          if (optionsJson.length > ${MAX_FETCH_OPTIONS_JSON_CHARS}) {
-            throw new Error('fetch options exceed maximum payload size');
-          }
        }
        const resultJson = await __fetchRef.apply(undefined, [url, optionsJson], { result: { promise: true } });
        let result;
--- a/apps/sim/lib/execution/isolated-vm.test.ts
+++ b/apps/sim/lib/execution/isolated-vm.test.ts
@@ -1,500 +0,0 @@
-import { EventEmitter } from 'node:events'
-import { afterEach, describe, expect, it, vi } from 'vitest'
-
-type MockProc = EventEmitter & {
-  connected: boolean
-  stderr: EventEmitter
-  send: (message: unknown) => boolean
-  kill: () => boolean
-}
-
-type SpawnFactory = () => MockProc
-type RedisEval = (...args: any[]) => unknown | Promise<unknown>
-type SecureFetchImpl = (...args: any[]) => unknown | Promise<unknown>
-
-function createBaseProc(): MockProc {
-  const proc = new EventEmitter() as MockProc
-  proc.connected = true
-  proc.stderr = new EventEmitter()
-  proc.send = () => true
-  proc.kill = () => {
-    if (!proc.connected) return true
-    proc.connected = false
-    setImmediate(() => proc.emit('exit', 0))
-    return true
-  }
-  return proc
-}
-
-function createStartupFailureProc(): MockProc {
-  const proc = createBaseProc()
-  setImmediate(() => {
-    proc.connected = false
-    proc.emit('exit', 1)
-  })
-  return proc
-}
-
-function createReadyProc(result: unknown): MockProc {
-  const proc = createBaseProc()
-  proc.send = (message: unknown) => {
-    const msg = message as { type?: string; executionId?: number }
-    if (msg.type === 'execute') {
-      setImmediate(() => {
-        proc.emit('message', {
-          type: 'result',
-          executionId: msg.executionId,
-          result: { result, stdout: '' },
-        })
-      })
-    }
-    return true
-  }
-  setImmediate(() => proc.emit('message', { type: 'ready' }))
-  return proc
-}
-
-function createReadyProcWithDelay(delayMs: number): MockProc {
-  const proc = createBaseProc()
-  proc.send = (message: unknown) => {
-    const msg = message as { type?: string; executionId?: number; request?: { requestId?: string } }
-    if (msg.type === 'execute') {
-      setTimeout(() => {
-        proc.emit('message', {
-          type: 'result',
-          executionId: msg.executionId,
-          result: { result: msg.request?.requestId ?? 'unknown', stdout: '' },
-        })
-      }, delayMs)
-    }
-    return true
-  }
-  setImmediate(() => proc.emit('message', { type: 'ready' }))
-  return proc
-}
-
-function createReadyFetchProxyProc(fetchMessage: { url: string; optionsJson?: string }): MockProc {
-  const proc = createBaseProc()
-  let currentExecutionId = 0
-
-  proc.send = (message: unknown) => {
-    const msg = message as { type?: string; executionId?: number; request?: { requestId?: string } }
-
-    if (msg.type === 'execute') {
-      currentExecutionId = msg.executionId ?? 0
-      setImmediate(() => {
-        proc.emit('message', {
-          type: 'fetch',
-          fetchId: 1,
-          requestId: msg.request?.requestId ?? 'fetch-test',
-          url: fetchMessage.url,
-          optionsJson: fetchMessage.optionsJson,
-        })
-      })
-      return true
-    }
-
-    if (msg.type === 'fetchResponse') {
-      const fetchResponse = message as { response?: string }
-      setImmediate(() => {
-        proc.emit('message', {
-          type: 'result',
-          executionId: currentExecutionId,
-          result: { result: fetchResponse.response ?? '', stdout: '' },
-        })
-      })
-      return true
-    }
-
-    return true
-  }
-
-  setImmediate(() => proc.emit('message', { type: 'ready' }))
-  return proc
-}
-
-async function loadExecutionModule(options: {
-  envOverrides?: Record<string, string>
-  spawns: SpawnFactory[]
-  redisEvalImpl?: RedisEval
-  secureFetchImpl?: SecureFetchImpl
-}) {
-  vi.resetModules()
-
-  const spawnQueue = [...options.spawns]
-  const spawnMock = vi.fn(() => {
-    const next = spawnQueue.shift()
-    if (!next) {
-      throw new Error('No mock spawn factory configured')
-    }
-    return next() as any
-  })
-
-  vi.doMock('@sim/logger', () => ({
-    createLogger: () => ({
-      info: vi.fn(),
-      warn: vi.fn(),
-      error: vi.fn(),
-    }),
-  }))
-
-  const secureFetchMock = vi.fn(
-    options.secureFetchImpl ??
-      (async () => ({
-        ok: true,
-        status: 200,
-        statusText: 'OK',
-        headers: new Map<string, string>(),
-        text: async () => '',
-        json: async () => ({}),
-        arrayBuffer: async () => new ArrayBuffer(0),
-      }))
-  )
-  vi.doMock('@/lib/core/security/input-validation.server', () => ({
-    secureFetchWithValidation: secureFetchMock,
-  }))
-
-  vi.doMock('@/lib/core/config/env', () => ({
-    env: {
-      IVM_POOL_SIZE: '1',
-      IVM_MAX_CONCURRENT: '100',
-      IVM_MAX_PER_WORKER: '100',
-      IVM_WORKER_IDLE_TIMEOUT_MS: '60000',
-      IVM_MAX_QUEUE_SIZE: '10',
-      IVM_MAX_ACTIVE_PER_OWNER: '100',
-      IVM_MAX_QUEUED_PER_OWNER: '10',
-      IVM_MAX_OWNER_WEIGHT: '5',
-      IVM_DISTRIBUTED_MAX_INFLIGHT_PER_OWNER: '100',
-      IVM_DISTRIBUTED_LEASE_MIN_TTL_MS: '1000',
-      IVM_QUEUE_TIMEOUT_MS: '1000',
-      ...(options.envOverrides ?? {}),
-    },
-  }))
-
-  const redisEval = options.redisEvalImpl ? vi.fn(options.redisEvalImpl) : undefined
-  vi.doMock('@/lib/core/config/redis', () => ({
-    getRedisClient: vi.fn(() =>
-      redisEval
-        ? ({
-            eval: redisEval,
-          } as any)
-        : null
-    ),
-  }))
-
-  vi.doMock('node:child_process', () => ({
-    execSync: vi.fn(() => Buffer.from('v23.11.0')),
-    spawn: spawnMock,
-  }))
-
-  const mod = await import('./isolated-vm')
-  return { ...mod, spawnMock, secureFetchMock }
-}
-
-describe('isolated-vm scheduler', () => {
-  afterEach(() => {
-    vi.restoreAllMocks()
-    vi.resetModules()
-  })
-
-  it('recovers from an initial spawn failure and drains queued work', async () => {
-    const { executeInIsolatedVM, spawnMock } = await loadExecutionModule({
-      spawns: [createStartupFailureProc, () => createReadyProc('ok')],
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "ok"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-1',
-    })
-
-    expect(result.error).toBeUndefined()
-    expect(result.result).toBe('ok')
-    expect(spawnMock).toHaveBeenCalledTimes(2)
-  })
-
-  it('rejects new requests when the queue is full', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        IVM_MAX_QUEUE_SIZE: '1',
-        IVM_QUEUE_TIMEOUT_MS: '200',
-      },
-      spawns: [createStartupFailureProc, createStartupFailureProc, createStartupFailureProc],
-    })
-
-    const firstPromise = executeInIsolatedVM({
-      code: 'return 1',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-2',
-      ownerKey: 'user:a',
-    })
-
-    await new Promise((resolve) => setTimeout(resolve, 25))
-
-    const second = await executeInIsolatedVM({
-      code: 'return 2',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-3',
-      ownerKey: 'user:b',
-    })
-
-    expect(second.error?.message).toContain('at capacity')
-
-    const first = await firstPromise
-    expect(first.error?.message).toContain('timed out waiting')
-  })
-
-  it('enforces per-owner queued limit', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        IVM_MAX_QUEUED_PER_OWNER: '1',
-        IVM_QUEUE_TIMEOUT_MS: '200',
-      },
-      spawns: [createStartupFailureProc, createStartupFailureProc, createStartupFailureProc],
-    })
-
-    const firstPromise = executeInIsolatedVM({
-      code: 'return 1',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-4',
-      ownerKey: 'user:hog',
-    })
-
-    await new Promise((resolve) => setTimeout(resolve, 25))
-
-    const second = await executeInIsolatedVM({
-      code: 'return 2',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-5',
-      ownerKey: 'user:hog',
-    })
-
-    expect(second.error?.message).toContain('Too many concurrent')
-
-    const first = await firstPromise
-    expect(first.error?.message).toContain('timed out waiting')
-  })
-
-  it('enforces distributed owner in-flight lease limit when Redis is configured', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        IVM_DISTRIBUTED_MAX_INFLIGHT_PER_OWNER: '1',
-        REDIS_URL: 'redis://localhost:6379',
-      },
-      spawns: [() => createReadyProc('ok')],
-      redisEvalImpl: (...args: any[]) => {
-        const script = String(args[0] ?? '')
-        if (script.includes('ZREMRANGEBYSCORE')) {
-          return 0
-        }
-        return 1
-      },
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "blocked"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-6',
-      ownerKey: 'user:distributed',
-    })
-
-    expect(result.error?.message).toContain('Too many concurrent')
-  })
-
-  it('fails closed when Redis is configured but unavailable', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        REDIS_URL: 'redis://localhost:6379',
-      },
-      spawns: [() => createReadyProc('ok')],
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "blocked"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-7',
-      ownerKey: 'user:redis-down',
-    })
-
-    expect(result.error?.message).toContain('temporarily unavailable')
-  })
-
-  it('fails closed when Redis lease evaluation errors', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        REDIS_URL: 'redis://localhost:6379',
-      },
-      spawns: [() => createReadyProc('ok')],
-      redisEvalImpl: (...args: any[]) => {
-        const script = String(args[0] ?? '')
-        if (script.includes('ZREMRANGEBYSCORE')) {
-          throw new Error('redis timeout')
-        }
-        return 1
-      },
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "blocked"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-8',
-      ownerKey: 'user:redis-error',
-    })
-
-    expect(result.error?.message).toContain('temporarily unavailable')
-  })
-
-  it('applies weighted owner scheduling when draining queued executions', async () => {
-    const { executeInIsolatedVM } = await loadExecutionModule({
-      envOverrides: {
-        IVM_MAX_PER_WORKER: '1',
-      },
-      spawns: [() => createReadyProcWithDelay(10)],
-    })
-
-    const completionOrder: string[] = []
-    const pushCompletion = (label: string) => (res: { result: unknown }) => {
-      completionOrder.push(String(res.result ?? label))
-      return res
-    }
-
-    const p1 = executeInIsolatedVM({
-      code: 'return 1',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 500,
-      requestId: 'a-1',
-      ownerKey: 'user:a',
-      ownerWeight: 2,
-    }).then(pushCompletion('a-1'))
-
-    const p2 = executeInIsolatedVM({
-      code: 'return 2',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 500,
-      requestId: 'a-2',
-      ownerKey: 'user:a',
-      ownerWeight: 2,
-    }).then(pushCompletion('a-2'))
-
-    const p3 = executeInIsolatedVM({
-      code: 'return 3',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 500,
-      requestId: 'b-1',
-      ownerKey: 'user:b',
-      ownerWeight: 1,
-    }).then(pushCompletion('b-1'))
-
-    const p4 = executeInIsolatedVM({
-      code: 'return 4',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 500,
-      requestId: 'b-2',
-      ownerKey: 'user:b',
-      ownerWeight: 1,
-    }).then(pushCompletion('b-2'))
-
-    const p5 = executeInIsolatedVM({
-      code: 'return 5',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 500,
-      requestId: 'a-3',
-      ownerKey: 'user:a',
-      ownerWeight: 2,
-    }).then(pushCompletion('a-3'))
-
-    await Promise.all([p1, p2, p3, p4, p5])
-
-    expect(completionOrder.slice(0, 3)).toEqual(['a-1', 'a-2', 'a-3'])
-    expect(completionOrder).toEqual(['a-1', 'a-2', 'a-3', 'b-1', 'b-2'])
-  })
-
-  it('rejects oversized fetch options payloads before outbound call', async () => {
-    const { executeInIsolatedVM, secureFetchMock } = await loadExecutionModule({
-      envOverrides: {
-        IVM_MAX_FETCH_OPTIONS_JSON_CHARS: '50',
-      },
-      spawns: [
-        () =>
-          createReadyFetchProxyProc({
-            url: 'https://example.com',
-            optionsJson: 'x'.repeat(100),
-          }),
-      ],
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "fetch-options"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-fetch-options',
-    })
-
-    const payload = JSON.parse(String(result.result))
-    expect(payload.error).toContain('Fetch options exceed maximum payload size')
-    expect(secureFetchMock).not.toHaveBeenCalled()
-  })
-
-  it('rejects overly long fetch URLs before outbound call', async () => {
-    const { executeInIsolatedVM, secureFetchMock } = await loadExecutionModule({
-      envOverrides: {
-        IVM_MAX_FETCH_URL_LENGTH: '30',
-      },
-      spawns: [
-        () =>
-          createReadyFetchProxyProc({
-            url: 'https://example.com/path/to/a/very/long/resource',
-          }),
-      ],
-    })
-
-    const result = await executeInIsolatedVM({
-      code: 'return "fetch-url"',
-      params: {},
-      envVars: {},
-      contextVariables: {},
-      timeoutMs: 100,
-      requestId: 'req-fetch-url',
-    })
-
-    const payload = JSON.parse(String(result.result))
-    expect(payload.error).toContain('fetch URL exceeds maximum length')
-    expect(secureFetchMock).not.toHaveBeenCalled()
-  })
-})
--- a/apps/sim/lib/execution/isolated-vm.ts
+++ b/apps/sim/lib/execution/isolated-vm.ts
--- a/apps/sim/lib/execution/preprocessing.ts
+++ b/apps/sim/lib/execution/preprocessing.ts
@@ -124,7 +124,6 @@ export interface PreprocessExecutionOptions {
  workspaceId?: string // If known, used for billing resolution
  loggingSession?: LoggingSession // If provided, will be used for error logging
  isResumeContext?: boolean // If true, allows fallback billing on resolution failure (for paused workflow resumes)
-  useAuthenticatedUserAsActor?: boolean // If true, use the authenticated userId as actorUserId (for client-side executions and personal API keys)
  /** @deprecated No longer used - background/async executions always use deployed state */
  useDraftState?: boolean
 }
@@ -171,7 +170,6 @@ export async function preprocessExecution(
    workspaceId: providedWorkspaceId,
    loggingSession: providedLoggingSession,
    isResumeContext = false,
-    useAuthenticatedUserAsActor = false,
  } = options

  logger.info(`[${requestId}] Starting execution preprocessing`, {
@@ -259,14 +257,7 @@ export async function preprocessExecution(
  let actorUserId: string | null = null

  try {
-    // For client-side executions and personal API keys, the authenticated
-    // user is the billing and permission actor — not the workspace owner.
-    if (useAuthenticatedUserAsActor && userId) {
-      actorUserId = userId
-      logger.info(`[${requestId}] Using authenticated user as actor: ${actorUserId}`)
-    }
-
-    if (!actorUserId && workspaceId) {
+    if (workspaceId) {
      actorUserId = await getWorkspaceBilledAccountUserId(workspaceId)
      if (actorUserId) {
        logger.info(`[${requestId}] Using workspace billed account: ${actorUserId}`)
--- a/apps/sim/lib/guardrails/validate_hallucination.ts
+++ b/apps/sim/lib/guardrails/validate_hallucination.ts
@@ -1,11 +1,7 @@
-import { db } from '@sim/db'
-import { account } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
-import { eq } from 'drizzle-orm'
 import { getBaseUrl } from '@/lib/core/utils/urls'
-import { refreshTokenIfNeeded } from '@/app/api/auth/oauth/utils'
 import { executeProviderRequest } from '@/providers'
-import { getProviderFromModel } from '@/providers/utils'
+import { getApiKey, getProviderFromModel } from '@/providers/utils'

 const logger = createLogger('HallucinationValidator')

@@ -23,18 +19,7 @@ export interface HallucinationValidationInput {
  topK: number // Number of chunks to retrieve, default 10
  model: string
  apiKey?: string
-  providerCredentials?: {
-    azureEndpoint?: string
-    azureApiVersion?: string
-    vertexProject?: string
-    vertexLocation?: string
-    vertexCredential?: string
-    bedrockAccessKeyId?: string
-    bedrockSecretKey?: string
-    bedrockRegion?: string
-  }
  workflowId?: string
-  workspaceId?: string
  requestId: string
 }

@@ -104,9 +89,7 @@ async function scoreHallucinationWithLLM(
  userInput: string,
  ragContext: string[],
  model: string,
-  apiKey: string | undefined,
-  providerCredentials: HallucinationValidationInput['providerCredentials'],
-  workspaceId: string | undefined,
+  apiKey: string,
  requestId: string
 ): Promise<{ score: number; reasoning: string }> {
  try {
@@ -144,23 +127,6 @@ Evaluate the consistency and provide your score and reasoning in JSON format.`

    const providerId = getProviderFromModel(model)

-    let finalApiKey: string | undefined = apiKey
-    if (providerId === 'vertex' && providerCredentials?.vertexCredential) {
-      const credential = await db.query.account.findFirst({
-        where: eq(account.id, providerCredentials.vertexCredential),
-      })
-      if (credential) {
-        const { accessToken } = await refreshTokenIfNeeded(
-          requestId,
-          credential,
-          providerCredentials.vertexCredential
-        )
-        if (accessToken) {
-          finalApiKey = accessToken
-        }
-      }
-    }
-
    const response = await executeProviderRequest(providerId, {
      model,
      systemPrompt,
@@ -171,15 +137,7 @@ Evaluate the consistency and provide your score and reasoning in JSON format.`
        },
      ],
      temperature: 0.1, // Low temperature for consistent scoring
-      apiKey: finalApiKey,
-      azureEndpoint: providerCredentials?.azureEndpoint,
-      azureApiVersion: providerCredentials?.azureApiVersion,
-      vertexProject: providerCredentials?.vertexProject,
-      vertexLocation: providerCredentials?.vertexLocation,
-      bedrockAccessKeyId: providerCredentials?.bedrockAccessKeyId,
-      bedrockSecretKey: providerCredentials?.bedrockSecretKey,
-      bedrockRegion: providerCredentials?.bedrockRegion,
-      workspaceId,
+      apiKey,
    })

    if (response instanceof ReadableStream || ('stream' in response && 'execution' in response)) {
@@ -226,18 +184,8 @@ Evaluate the consistency and provide your score and reasoning in JSON format.`
 export async function validateHallucination(
  input: HallucinationValidationInput
 ): Promise<HallucinationValidationResult> {
-  const {
-    userInput,
-    knowledgeBaseId,
-    threshold,
-    topK,
-    model,
-    apiKey,
-    providerCredentials,
-    workflowId,
-    workspaceId,
-    requestId,
-  } = input
+  const { userInput, knowledgeBaseId, threshold, topK, model, apiKey, workflowId, requestId } =
+    input

  try {
    if (!userInput || userInput.trim().length === 0) {
@@ -254,6 +202,17 @@ export async function validateHallucination(
      }
    }

+    let finalApiKey: string
+    try {
+      const providerId = getProviderFromModel(model)
+      finalApiKey = getApiKey(providerId, model, apiKey)
+    } catch (error: any) {
+      return {
+        passed: false,
+        error: `API key error: ${error.message}`,
+      }
+    }
+
    // Step 1: Query knowledge base with RAG
    const ragContext = await queryKnowledgeBase(
      knowledgeBaseId,
@@ -275,9 +234,7 @@ export async function validateHallucination(
      userInput,
      ragContext,
      model,
-      apiKey,
-      providerCredentials,
-      workspaceId,
+      finalApiKey,
      requestId
    )

--- a/apps/sim/lib/mcp/middleware.ts
+++ b/apps/sim/lib/mcp/middleware.ts
@@ -1,6 +1,6 @@
 import { createLogger } from '@sim/logger'
 import type { NextRequest, NextResponse } from 'next/server'
-import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { createMcpErrorResponse } from '@/lib/mcp/utils'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -43,7 +43,7 @@ async function validateMcpAuth(
  const requestId = generateRequestId()

  try {
-    const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
    if (!auth.success || !auth.userId) {
      logger.warn(`[${requestId}] Authentication failed: ${auth.error}`)
      return {
--- a/apps/sim/lib/permission-groups/types.ts
+++ b/apps/sim/lib/permission-groups/types.ts
@@ -10,7 +10,6 @@ export interface PermissionGroupConfig {
  hideFilesTab: boolean
  disableMcpTools: boolean
  disableCustomTools: boolean
-  disableSkills: boolean
  hideTemplates: boolean
  disableInvitations: boolean
  // Deploy Modal Tabs
@@ -32,7 +31,6 @@ export const DEFAULT_PERMISSION_GROUP_CONFIG: PermissionGroupConfig = {
  hideFilesTab: false,
  disableMcpTools: false,
  disableCustomTools: false,
-  disableSkills: false,
  hideTemplates: false,
  disableInvitations: false,
  hideDeployApi: false,
@@ -61,7 +59,6 @@ export function parsePermissionGroupConfig(config: unknown): PermissionGroupConf
    hideFilesTab: typeof c.hideFilesTab === 'boolean' ? c.hideFilesTab : false,
    disableMcpTools: typeof c.disableMcpTools === 'boolean' ? c.disableMcpTools : false,
    disableCustomTools: typeof c.disableCustomTools === 'boolean' ? c.disableCustomTools : false,
-    disableSkills: typeof c.disableSkills === 'boolean' ? c.disableSkills : false,
    hideTemplates: typeof c.hideTemplates === 'boolean' ? c.hideTemplates : false,
    disableInvitations: typeof c.disableInvitations === 'boolean' ? c.disableInvitations : false,
    hideDeployApi: typeof c.hideDeployApi === 'boolean' ? c.hideDeployApi : false,
--- a/apps/sim/lib/tokenization/constants.ts
+++ b/apps/sim/lib/tokenization/constants.ts
@@ -21,11 +21,6 @@ export const TOKENIZATION_CONFIG = {
      confidence: 'high',
      supportedMethods: ['heuristic', 'fallback'],
    },
-    'azure-anthropic': {
-      avgCharsPerToken: 4.5,
-      confidence: 'high',
-      supportedMethods: ['heuristic', 'fallback'],
-    },
    google: {
      avgCharsPerToken: 5,
      confidence: 'medium',
--- a/apps/sim/lib/tokenization/estimators.ts
+++ b/apps/sim/lib/tokenization/estimators.ts
@@ -204,7 +204,6 @@ export function estimateTokenCount(text: string, providerId?: string): TokenEsti
      estimatedTokens = estimateOpenAITokens(text)
      break
    case 'anthropic':
-    case 'azure-anthropic':
      estimatedTokens = estimateAnthropicTokens(text)
      break
    case 'google':
--- a/apps/sim/lib/webhooks/processor.ts
+++ b/apps/sim/lib/webhooks/processor.ts
@@ -24,7 +24,6 @@ import {
  validateTypeformSignature,
  verifyProviderWebhook,
 } from '@/lib/webhooks/utils.server'
-import { getWorkspaceBilledAccountUserId } from '@/lib/workspaces/utils'
 import { executeWebhookJob } from '@/background/webhook-execution'
 import { resolveEnvVarReferences } from '@/executor/utils/reference-validation'
 import { isGitHubEventMatch } from '@/triggers/github/utils'
@@ -1004,23 +1003,10 @@ export async function queueWebhookExecution(
      }
    }

-    if (!foundWorkflow.workspaceId) {
-      logger.error(`[${options.requestId}] Workflow ${foundWorkflow.id} has no workspaceId`)
-      return NextResponse.json({ error: 'Workflow has no associated workspace' }, { status: 500 })
-    }
-
-    const actorUserId = await getWorkspaceBilledAccountUserId(foundWorkflow.workspaceId)
-    if (!actorUserId) {
-      logger.error(
-        `[${options.requestId}] No billing account for workspace ${foundWorkflow.workspaceId}`
-      )
-      return NextResponse.json({ error: 'Unable to resolve billing account' }, { status: 500 })
-    }
-
    const payload = {
      webhookId: foundWebhook.id,
      workflowId: foundWorkflow.id,
-      userId: actorUserId,
+      userId: foundWorkflow.userId,
      provider: foundWebhook.provider,
      body,
      headers,
@@ -1031,7 +1017,7 @@ export async function queueWebhookExecution(

    const jobQueue = await getJobQueue()
    const jobId = await jobQueue.enqueue('webhook-execution', payload, {
-      metadata: { workflowId: foundWorkflow.id, userId: actorUserId },
+      metadata: { workflowId: foundWorkflow.id, userId: foundWorkflow.userId },
    })
    logger.info(
      `[${options.requestId}] Queued webhook execution task ${jobId} for ${foundWebhook.provider} webhook`
--- a/apps/sim/lib/webhooks/utils.server.ts
+++ b/apps/sim/lib/webhooks/utils.server.ts
@@ -527,113 +527,6 @@ export async function validateTwilioSignature(
  }
 }

-const SLACK_FILE_HOSTS = new Set(['files.slack.com', 'files-pri.slack.com'])
-const SLACK_MAX_FILE_SIZE = 50 * 1024 * 1024 // 50 MB
-const SLACK_MAX_FILES = 10
-
-/**
- * Downloads file attachments from Slack using the bot token.
- * Returns files in the format expected by WebhookAttachmentProcessor:
- * { name, data (base64 string), mimeType, size }
- *
- * Security:
- * - Validates each url_private against allowlisted Slack file hosts
- * - Uses validateUrlWithDNS + secureFetchWithPinnedIP to prevent SSRF
- * - Enforces per-file size limit and max file count
- */
-async function downloadSlackFiles(
-  rawFiles: any[],
-  botToken: string
-): Promise<Array<{ name: string; data: string; mimeType: string; size: number }>> {
-  const filesToProcess = rawFiles.slice(0, SLACK_MAX_FILES)
-  const downloaded: Array<{ name: string; data: string; mimeType: string; size: number }> = []
-
-  for (const file of filesToProcess) {
-    const urlPrivate = file.url_private as string | undefined
-    if (!urlPrivate) {
-      continue
-    }
-
-    // Validate the URL points to a known Slack file host
-    let parsedUrl: URL
-    try {
-      parsedUrl = new URL(urlPrivate)
-    } catch {
-      logger.warn('Slack file has invalid url_private, skipping', { fileId: file.id })
-      continue
-    }
-
-    if (!SLACK_FILE_HOSTS.has(parsedUrl.hostname)) {
-      logger.warn('Slack file url_private points to unexpected host, skipping', {
-        fileId: file.id,
-        hostname: sanitizeUrlForLog(urlPrivate),
-      })
-      continue
-    }
-
-    // Skip files that exceed the size limit
-    const reportedSize = Number(file.size) || 0
-    if (reportedSize > SLACK_MAX_FILE_SIZE) {
-      logger.warn('Slack file exceeds size limit, skipping', {
-        fileId: file.id,
-        size: reportedSize,
-        limit: SLACK_MAX_FILE_SIZE,
-      })
-      continue
-    }
-
-    try {
-      const urlValidation = await validateUrlWithDNS(urlPrivate, 'url_private')
-      if (!urlValidation.isValid) {
-        logger.warn('Slack file url_private failed DNS validation, skipping', {
-          fileId: file.id,
-          error: urlValidation.error,
-        })
-        continue
-      }
-
-      const response = await secureFetchWithPinnedIP(urlPrivate, urlValidation.resolvedIP!, {
-        headers: { Authorization: `Bearer ${botToken}` },
-      })
-
-      if (!response.ok) {
-        logger.warn('Failed to download Slack file, skipping', {
-          fileId: file.id,
-          status: response.status,
-        })
-        continue
-      }
-
-      const arrayBuffer = await response.arrayBuffer()
-      const buffer = Buffer.from(arrayBuffer)
-
-      // Verify the actual downloaded size doesn't exceed our limit
-      if (buffer.length > SLACK_MAX_FILE_SIZE) {
-        logger.warn('Downloaded Slack file exceeds size limit, skipping', {
-          fileId: file.id,
-          actualSize: buffer.length,
-          limit: SLACK_MAX_FILE_SIZE,
-        })
-        continue
-      }
-
-      downloaded.push({
-        name: file.name || 'download',
-        data: buffer.toString('base64'),
-        mimeType: file.mimetype || 'application/octet-stream',
-        size: buffer.length,
-      })
-    } catch (error) {
-      logger.error('Error downloading Slack file, skipping', {
-        fileId: file.id,
-        error: error instanceof Error ? error.message : String(error),
-      })
-    }
-  }
-
-  return downloaded
-}
-
 /**
 * Format webhook input based on provider
 */
@@ -894,44 +787,43 @@ export async function formatWebhookInput(
  }

  if (foundWebhook.provider === 'slack') {
-    const providerConfig = (foundWebhook.providerConfig as Record<string, any>) || {}
-    const botToken = providerConfig.botToken as string | undefined
-    const includeFiles = Boolean(providerConfig.includeFiles)
+    const event = body?.event

-    const rawEvent = body?.event
-
-    if (!rawEvent) {
-      logger.warn('Unknown Slack event type', {
-        type: body?.type,
-        hasEvent: false,
-        bodyKeys: Object.keys(body || {}),
-      })
+    if (event && body?.type === 'event_callback') {
+      return {
+        event: {
+          event_type: event.type || '',
+          channel: event.channel || '',
+          channel_name: '',
+          user: event.user || '',
+          user_name: '',
+          text: event.text || '',
+          timestamp: event.ts || event.event_ts || '',
+          thread_ts: event.thread_ts || '',
+          team_id: body.team_id || event.team || '',
+          event_id: body.event_id || '',
+        },
+      }
    }

-    const rawFiles: any[] = rawEvent?.files ?? []
-    const hasFiles = rawFiles.length > 0
-
-    let files: any[] = []
-    if (hasFiles && includeFiles && botToken) {
-      files = await downloadSlackFiles(rawFiles, botToken)
-    } else if (hasFiles && includeFiles && !botToken) {
-      logger.warn('Slack message has files and includeFiles is enabled, but no bot token provided')
-    }
+    logger.warn('Unknown Slack event type', {
+      type: body?.type,
+      hasEvent: !!body?.event,
+      bodyKeys: Object.keys(body || {}),
+    })

    return {
      event: {
-        event_type: rawEvent?.type || body?.type || 'unknown',
-        channel: rawEvent?.channel || '',
+        event_type: body?.event?.type || body?.type || 'unknown',
+        channel: body?.event?.channel || '',
        channel_name: '',
-        user: rawEvent?.user || '',
+        user: body?.event?.user || '',
        user_name: '',
-        text: rawEvent?.text || '',
-        timestamp: rawEvent?.ts || rawEvent?.event_ts || '',
-        thread_ts: rawEvent?.thread_ts || '',
-        team_id: body?.team_id || rawEvent?.team || '',
+        text: body?.event?.text || '',
+        timestamp: body?.event?.ts || '',
+        thread_ts: body?.event?.thread_ts || '',
+        team_id: body?.team_id || '',
        event_id: body?.event_id || '',
-        hasFiles,
-        files,
      },
    }
  }
--- a/apps/sim/lib/workflows/skills/operations.ts
+++ b/apps/sim/lib/workflows/skills/operations.ts
@@ -1,100 +0,0 @@
-import { db } from '@sim/db'
-import { skill } from '@sim/db/schema'
-import { createLogger } from '@sim/logger'
-import { and, desc, eq, ne } from 'drizzle-orm'
-import { nanoid } from 'nanoid'
-import { generateRequestId } from '@/lib/core/utils/request'
-
-const logger = createLogger('SkillsOperations')
-
-/**
- * Internal function to create/update skills.
- * Can be called from API routes or internal services.
- */
-export async function upsertSkills(params: {
-  skills: Array<{
-    id?: string
-    name: string
-    description: string
-    content: string
-  }>
-  workspaceId: string
-  userId: string
-  requestId?: string
-}) {
-  const { skills, workspaceId, userId, requestId = generateRequestId() } = params
-
-  return await db.transaction(async (tx) => {
-    for (const s of skills) {
-      const nowTime = new Date()
-
-      if (s.id) {
-        const existingSkill = await tx
-          .select()
-          .from(skill)
-          .where(and(eq(skill.id, s.id), eq(skill.workspaceId, workspaceId)))
-          .limit(1)
-
-        if (existingSkill.length > 0) {
-          if (s.name !== existingSkill[0].name) {
-            const nameConflict = await tx
-              .select({ id: skill.id })
-              .from(skill)
-              .where(
-                and(eq(skill.workspaceId, workspaceId), eq(skill.name, s.name), ne(skill.id, s.id))
-              )
-              .limit(1)
-
-            if (nameConflict.length > 0) {
-              throw new Error(`A skill with the name "${s.name}" already exists in this workspace`)
-            }
-          }
-
-          await tx
-            .update(skill)
-            .set({
-              name: s.name,
-              description: s.description,
-              content: s.content,
-              updatedAt: nowTime,
-            })
-            .where(and(eq(skill.id, s.id), eq(skill.workspaceId, workspaceId)))
-
-          logger.info(`[${requestId}] Updated skill ${s.id}`)
-          continue
-        }
-      }
-
-      const duplicateName = await tx
-        .select()
-        .from(skill)
-        .where(and(eq(skill.workspaceId, workspaceId), eq(skill.name, s.name)))
-        .limit(1)
-
-      if (duplicateName.length > 0) {
-        throw new Error(`A skill with the name "${s.name}" already exists in this workspace`)
-      }
-
-      await tx.insert(skill).values({
-        id: nanoid(),
-        workspaceId,
-        userId,
-        name: s.name,
-        description: s.description,
-        content: s.content,
-        createdAt: nowTime,
-        updatedAt: nowTime,
-      })
-
-      logger.info(`[${requestId}] Created skill "${s.name}"`)
-    }
-
-    const resultSkills = await tx
-      .select()
-      .from(skill)
-      .where(eq(skill.workspaceId, workspaceId))
-      .orderBy(desc(skill.createdAt))
-
-    return resultSkills
-  })
-}
--- a/Show More
+++ b/Show More