v0.5.68: router block reasoning, executor improvements, variable resolution consolidation, helm updates (#2946)

* improvement(workflow-item): stabilize avatar layout and fix name truncation (#2939)

* improvement(workflow-item): stabilize avatar layout and fix name truncation

* fix(avatars): revert overflow bg to hardcoded color for contrast

* fix(executor): stop parallel execution when block errors (#2940)

* improvement(helm): add per-deployment extraVolumes support (#2942)

* fix(gmail): expose messageId field in read email block (#2943)

* fix(resolver): consolidate reference resolution  (#2941)

* fix(resolver): consolidate code to resolve references

* fix edge cases

* use already formatted error

* fix multi index

* fix backwards compat reachability

* handle backwards compatibility accurately

* use shared constant correctly

* feat(router): expose reasoning output in router v2 block (#2945)

* fix(copilot): always allow, credential masking (#2947)

* Fix always allow, credential validation

* Credential masking

* Autoload

* fix(executor): handle condition dead-end branches in loops (#2944)

---------

Co-authored-by: Vikhyath Mondreti <vikhyathvikku@gmail.com>
Co-authored-by: Siddharth Ganesan <33737564+Sg312@users.noreply.github.com>

apps/sim/app/(landing)/components/footer/components/status-indicator.tsx

@@ -59,7 +59,7 @@ export default function StatusIndicator() {
       href={statusUrl}
       target='_blank'
       rel='noopener noreferrer'
-      className={`flex min-w-[165px] items-center gap-[6px] whitespace-nowrap text-[12px] transition-colors ${STATUS_COLORS[status]}`}
+      className={`flex items-center gap-[6px] whitespace-nowrap text-[12px] transition-colors ${STATUS_COLORS[status]}`}
       aria-label={`System status: ${message}`}
     >
       <StatusDotIcon status={status} className='h-[6px] w-[6px]' aria-hidden='true' />

apps/sim/app/(landing)/studio/[slug]/back-link.tsx

@@ -1,27 +0,0 @@
-'use client'
-
-import { useState } from 'react'
-import { ArrowLeft, ChevronLeft } from 'lucide-react'
-import Link from 'next/link'
-
-export function BackLink() {
-  const [isHovered, setIsHovered] = useState(false)
-
-  return (
-    <Link
-      href='/studio'
-      className='group flex items-center gap-1 text-gray-600 text-sm hover:text-gray-900'
-      onMouseEnter={() => setIsHovered(true)}
-      onMouseLeave={() => setIsHovered(false)}
-    >
-      <span className='group-hover:-translate-x-0.5 inline-flex transition-transform duration-200'>
-        {isHovered ? (
-          <ArrowLeft className='h-4 w-4' aria-hidden='true' />
-        ) : (
-          <ChevronLeft className='h-4 w-4' aria-hidden='true' />
-        )}
-      </span>
-      Back to Sim Studio
-    </Link>
-  )
-}

apps/sim/app/(landing)/studio/[slug]/page.tsx

@@ -5,10 +5,7 @@ import { Avatar, AvatarFallback, AvatarImage } from '@/components/emcn'
 import { FAQ } from '@/lib/blog/faq'
 import { getAllPostMeta, getPostBySlug, getRelatedPosts } from '@/lib/blog/registry'
 import { buildArticleJsonLd, buildBreadcrumbJsonLd, buildPostMetadata } from '@/lib/blog/seo'
-import { getBaseUrl } from '@/lib/core/utils/urls'
 import { soehne } from '@/app/_styles/fonts/soehne/soehne'
-import { BackLink } from '@/app/(landing)/studio/[slug]/back-link'
-import { ShareButton } from '@/app/(landing)/studio/[slug]/share-button'
 
 export async function generateStaticParams() {
   const posts = await getAllPostMeta()
@@ -51,7 +48,9 @@ export default async function Page({ params }: { params: Promise<{ slug: string
       />
       <header className='mx-auto max-w-[1450px] px-6 pt-8 sm:px-8 sm:pt-12 md:px-12 md:pt-16'>
         <div className='mb-6'>
-          <BackLink />
+          <Link href='/studio' className='text-gray-600 text-sm hover:text-gray-900'>
+            ← Back to Sim Studio
+          </Link>
         </div>
         <div className='flex flex-col gap-8 md:flex-row md:gap-12'>
           <div className='w-full flex-shrink-0 md:w-[450px]'>
@@ -76,8 +75,7 @@ export default async function Page({ params }: { params: Promise<{ slug: string
             >
               {post.title}
             </h1>
-            <div className='mt-4 flex items-center justify-between'>
+            <div className='mt-4 flex items-center gap-3'>
-              <div className='flex items-center gap-3'>
               {(post.authors || [post.author]).map((a, idx) => (
                 <div key={idx} className='flex items-center gap-2'>
                   {a?.avatarUrl ? (
@@ -100,8 +98,6 @@ export default async function Page({ params }: { params: Promise<{ slug: string
                 </div>
               ))}
             </div>
-              <ShareButton url={`${getBaseUrl()}/studio/${slug}`} title={post.title} />
-            </div>
           </div>
         </div>
         <hr className='mt-8 border-gray-200 border-t sm:mt-12' />

apps/sim/app/(landing)/studio/[slug]/share-button.tsx

@@ -1,65 +0,0 @@
-'use client'
-
-import { useState } from 'react'
-import { Share2 } from 'lucide-react'
-import { Popover, PopoverContent, PopoverItem, PopoverTrigger } from '@/components/emcn'
-
-interface ShareButtonProps {
-  url: string
-  title: string
-}
-
-export function ShareButton({ url, title }: ShareButtonProps) {
-  const [open, setOpen] = useState(false)
-  const [copied, setCopied] = useState(false)
-
-  const handleCopyLink = async () => {
-    try {
-      await navigator.clipboard.writeText(url)
-      setCopied(true)
-      setTimeout(() => {
-        setCopied(false)
-        setOpen(false)
-      }, 1000)
-    } catch {
-      setOpen(false)
-    }
-  }
-
-  const handleShareTwitter = () => {
-    const tweetUrl = `https://twitter.com/intent/tweet?url=${encodeURIComponent(url)}&text=${encodeURIComponent(title)}`
-    window.open(tweetUrl, '_blank', 'noopener,noreferrer')
-    setOpen(false)
-  }
-
-  const handleShareLinkedIn = () => {
-    const linkedInUrl = `https://www.linkedin.com/sharing/share-offsite/?url=${encodeURIComponent(url)}`
-    window.open(linkedInUrl, '_blank', 'noopener,noreferrer')
-    setOpen(false)
-  }
-
-  return (
-    <Popover
-      open={open}
-      onOpenChange={setOpen}
-      variant='secondary'
-      size='sm'
-      colorScheme='inverted'
-    >
-      <PopoverTrigger asChild>
-        <button
-          className='flex items-center gap-1.5 text-gray-600 text-sm hover:text-gray-900'
-          aria-label='Share this post'
-        >
-          <Share2 className='h-4 w-4' />
-          <span>Share</span>
-        </button>
-      </PopoverTrigger>
-      <PopoverContent align='end' minWidth={140}>
-        <PopoverItem onClick={handleCopyLink}>{copied ? 'Copied!' : 'Copy link'}</PopoverItem>
-        <PopoverItem onClick={handleShareTwitter}>Share on X</PopoverItem>
-        <PopoverItem onClick={handleShareLinkedIn}>Share on LinkedIn</PopoverItem>
-      </PopoverContent>
-    </Popover>
-  )
-}

apps/sim/app/(landing)/studio/page.tsx

@@ -22,7 +22,7 @@ export default async function StudioIndex({
       ? filtered.sort((a, b) => {
           if (a.featured && !b.featured) return -1
           if (!a.featured && b.featured) return 1
-          return new Date(b.date).getTime() - new Date(a.date).getTime()
+          return 0
         })
       : filtered
 

apps/sim/app/api/a2a/agents/[agentId]/route.ts

@@ -8,7 +8,6 @@ import type { AgentCapabilities, AgentSkill } from '@/lib/a2a/types'
 import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getRedisClient } from '@/lib/core/config/redis'
 import { loadWorkflowFromNormalizedTables } from '@/lib/workflows/persistence/utils'
-import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
 
 const logger = createLogger('A2AAgentCardAPI')
 
@@ -96,11 +95,6 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<Ro
       return NextResponse.json({ error: 'Agent not found' }, { status: 404 })
     }
 
-    const workspaceAccess = await checkWorkspaceAccess(existingAgent.workspaceId, auth.userId)
-    if (!workspaceAccess.canWrite) {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-    }
-
     const body = await request.json()
 
     if (
@@ -166,11 +160,6 @@ export async function DELETE(request: NextRequest, { params }: { params: Promise
       return NextResponse.json({ error: 'Agent not found' }, { status: 404 })
     }
 
-    const workspaceAccess = await checkWorkspaceAccess(existingAgent.workspaceId, auth.userId)
-    if (!workspaceAccess.canWrite) {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-    }
-
     await db.delete(a2aAgent).where(eq(a2aAgent.id, agentId))
 
     logger.info(`Deleted A2A agent: ${agentId}`)
@@ -205,11 +194,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<R
       return NextResponse.json({ error: 'Agent not found' }, { status: 404 })
     }
 
-    const workspaceAccess = await checkWorkspaceAccess(existingAgent.workspaceId, auth.userId)
-    if (!workspaceAccess.canWrite) {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-    }
-
     const body = await request.json()
     const action = body.action as 'publish' | 'unpublish' | 'refresh'
 

apps/sim/app/api/a2a/serve/[agentId]/route.ts

@@ -16,7 +16,6 @@ import {
 import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getBrandConfig } from '@/lib/branding/branding'
 import { acquireLock, getRedisClient, releaseLock } from '@/lib/core/config/redis'
-import { validateExternalUrl } from '@/lib/core/security/input-validation'
 import { SSE_HEADERS } from '@/lib/core/utils/sse'
 import { getBaseUrl } from '@/lib/core/utils/urls'
 import { markExecutionCancelled } from '@/lib/execution/cancellation'
@@ -1119,13 +1118,17 @@ async function handlePushNotificationSet(
     )
   }
 
-  const urlValidation = validateExternalUrl(
+  try {
-    params.pushNotificationConfig.url,
+    const url = new URL(params.pushNotificationConfig.url)
-    'Push notification URL'
+    if (url.protocol !== 'https:') {
-  )
-  if (!urlValidation.isValid) {
       return NextResponse.json(
-      createError(id, A2A_ERROR_CODES.INVALID_PARAMS, urlValidation.error || 'Invalid URL'),
+        createError(id, A2A_ERROR_CODES.INVALID_PARAMS, 'Push notification URL must use HTTPS'),
+        { status: 400 }
+      )
+    }
+  } catch {
+    return NextResponse.json(
+      createError(id, A2A_ERROR_CODES.INVALID_PARAMS, 'Invalid push notification URL'),
       { status: 400 }
     )
   }

apps/sim/app/api/copilot/execute-tool/route.ts

@@ -104,11 +104,17 @@ export async function POST(req: NextRequest) {
     })
 
     // Build execution params starting with LLM-provided arguments
-    // Resolve all {{ENV_VAR}} references in the arguments (deep for nested objects)
+    // Resolve all {{ENV_VAR}} references in the arguments
     const executionParams: Record<string, any> = resolveEnvVarReferences(
       toolArgs,
       decryptedEnvVars,
-      { deep: true }
+      {
+        resolveExactMatch: true,
+        allowEmbedded: true,
+        trimKeys: true,
+        onMissing: 'keep',
+        deep: true,
+      }
     ) as Record<string, any>
 
     logger.info(`[${tracker.requestId}] Resolved env var references in arguments`, {

apps/sim/app/api/function/execute/route.test.ts

@@ -84,14 +84,6 @@ vi.mock('@/lib/execution/isolated-vm', () => ({
 
 vi.mock('@sim/logger', () => loggerMock)
 
-vi.mock('@/lib/auth/hybrid', () => ({
-  checkHybridAuth: vi.fn().mockResolvedValue({
-    success: true,
-    userId: 'user-123',
-    authType: 'session',
-  }),
-}))
-
 vi.mock('@/lib/execution/e2b', () => ({
   executeInE2B: vi.fn(),
 }))
@@ -118,24 +110,6 @@ describe('Function Execute API Route', () => {
   })
 
   describe('Security Tests', () => {
-    it('should reject unauthorized requests', async () => {
-      const { checkHybridAuth } = await import('@/lib/auth/hybrid')
-      vi.mocked(checkHybridAuth).mockResolvedValueOnce({
-        success: false,
-        error: 'Unauthorized',
-      })
-
-      const req = createMockRequest('POST', {
-        code: 'return "test"',
-      })
-
-      const response = await POST(req)
-      const data = await response.json()
-
-      expect(response.status).toBe(401)
-      expect(data).toHaveProperty('error', 'Unauthorized')
-    })
-
     it.concurrent('should use isolated-vm for secure sandboxed execution', async () => {
       const req = createMockRequest('POST', {
         code: 'return "test"',

apps/sim/app/api/function/execute/route.ts

@@ -1,6 +1,5 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { isE2bEnabled } from '@/lib/core/config/feature-flags'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { executeInE2B } from '@/lib/execution/e2b'
@@ -582,12 +581,6 @@ export async function POST(req: NextRequest) {
   let resolvedCode = '' // Store resolved code for error reporting
 
   try {
-    const auth = await checkHybridAuth(req)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized function execution attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await req.json()
 
     const { DEFAULT_EXECUTION_TIMEOUT_MS } = await import('@/lib/execution/constants')

apps/sim/app/api/knowledge/[id]/documents/route.test.ts

@@ -157,7 +157,7 @@ describe('Knowledge Base Documents API Route', () => {
       expect(vi.mocked(getDocuments)).toHaveBeenCalledWith(
         'kb-123',
         {
-          enabledFilter: undefined,
+          includeDisabled: false,
           search: undefined,
           limit: 50,
           offset: 0,
@@ -166,7 +166,7 @@ describe('Knowledge Base Documents API Route', () => {
       )
     })
 
-    it('should return documents with default filter', async () => {
+    it('should filter disabled documents by default', async () => {
       const { checkKnowledgeBaseAccess } = await import('@/app/api/knowledge/utils')
       const { getDocuments } = await import('@/lib/knowledge/documents/service')
 
@@ -194,7 +194,7 @@ describe('Knowledge Base Documents API Route', () => {
       expect(vi.mocked(getDocuments)).toHaveBeenCalledWith(
         'kb-123',
         {
-          enabledFilter: undefined,
+          includeDisabled: false,
           search: undefined,
           limit: 50,
           offset: 0,
@@ -203,7 +203,7 @@ describe('Knowledge Base Documents API Route', () => {
       )
     })
 
-    it('should filter documents by enabled status when requested', async () => {
+    it('should include disabled documents when requested', async () => {
       const { checkKnowledgeBaseAccess } = await import('@/app/api/knowledge/utils')
       const { getDocuments } = await import('@/lib/knowledge/documents/service')
 
@@ -223,7 +223,7 @@ describe('Knowledge Base Documents API Route', () => {
         },
       })
 
-      const url = 'http://localhost:3000/api/knowledge/kb-123/documents?enabledFilter=disabled'
+      const url = 'http://localhost:3000/api/knowledge/kb-123/documents?includeDisabled=true'
       const req = new Request(url, { method: 'GET' }) as any
 
       const { GET } = await import('@/app/api/knowledge/[id]/documents/route')
@@ -233,7 +233,7 @@ describe('Knowledge Base Documents API Route', () => {
       expect(vi.mocked(getDocuments)).toHaveBeenCalledWith(
         'kb-123',
         {
-          enabledFilter: 'disabled',
+          includeDisabled: true,
           search: undefined,
           limit: 50,
           offset: 0,
@@ -361,7 +361,8 @@ describe('Knowledge Base Documents API Route', () => {
       expect(vi.mocked(createSingleDocument)).toHaveBeenCalledWith(
         validDocumentData,
         'kb-123',
-        expect.any(String)
+        expect.any(String),
+        'user-123'
       )
     })
 
@@ -469,7 +470,8 @@ describe('Knowledge Base Documents API Route', () => {
       expect(vi.mocked(createDocumentRecords)).toHaveBeenCalledWith(
         validBulkData.documents,
         'kb-123',
-        expect.any(String)
+        expect.any(String),
+        'user-123'
       )
       expect(vi.mocked(processDocumentsWithQueue)).toHaveBeenCalled()
     })

apps/sim/app/api/knowledge/[id]/documents/route.ts

@@ -5,7 +5,6 @@ import { z } from 'zod'
 import { getSession } from '@/lib/auth'
 import {
   bulkDocumentOperation,
-  bulkDocumentOperationByFilter,
   createDocumentRecords,
   createSingleDocument,
   getDocuments,
@@ -58,19 +57,12 @@ const BulkCreateDocumentsSchema = z.object({
   bulk: z.literal(true),
 })
 
-const BulkUpdateDocumentsSchema = z
+const BulkUpdateDocumentsSchema = z.object({
-  .object({
   operation: z.enum(['enable', 'disable', 'delete']),
   documentIds: z
     .array(z.string())
     .min(1, 'At least one document ID is required')
-      .max(100, 'Cannot operate on more than 100 documents at once')
+    .max(100, 'Cannot operate on more than 100 documents at once'),
-      .optional(),
-    selectAll: z.boolean().optional(),
-    enabledFilter: z.enum(['all', 'enabled', 'disabled']).optional(),
-  })
-  .refine((data) => data.selectAll || (data.documentIds && data.documentIds.length > 0), {
-    message: 'Either selectAll must be true or documentIds must be provided',
 })
 
 export async function GET(req: NextRequest, { params }: { params: Promise<{ id: string }> }) {
@@ -98,17 +90,14 @@ export async function GET(req: NextRequest, { params }: { params: Promise<{ id:
     }
 
     const url = new URL(req.url)
-    const enabledFilter = url.searchParams.get('enabledFilter') as
+    const includeDisabled = url.searchParams.get('includeDisabled') === 'true'
-      | 'all'
-      | 'enabled'
-      | 'disabled'
-      | null
     const search = url.searchParams.get('search') || undefined
     const limit = Number.parseInt(url.searchParams.get('limit') || '50')
     const offset = Number.parseInt(url.searchParams.get('offset') || '0')
     const sortByParam = url.searchParams.get('sortBy')
     const sortOrderParam = url.searchParams.get('sortOrder')
 
+    // Validate sort parameters
     const validSortFields: DocumentSortField[] = [
       'filename',
       'fileSize',
@@ -116,7 +105,6 @@ export async function GET(req: NextRequest, { params }: { params: Promise<{ id:
       'chunkCount',
       'uploadedAt',
       'processingStatus',
-      'enabled',
     ]
     const validSortOrders: SortOrder[] = ['asc', 'desc']
 
@@ -132,7 +120,7 @@ export async function GET(req: NextRequest, { params }: { params: Promise<{ id:
     const result = await getDocuments(
       knowledgeBaseId,
       {
-        enabledFilter: enabledFilter || undefined,
+        includeDisabled,
         search,
         limit,
         offset,
@@ -202,7 +190,8 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
         const createdDocuments = await createDocumentRecords(
           validatedData.documents,
           knowledgeBaseId,
-          requestId
+          requestId,
+          userId
         )
 
         logger.info(
@@ -261,10 +250,16 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
         throw validationError
       }
     } else {
+      // Handle single document creation
       try {
         const validatedData = CreateDocumentSchema.parse(body)
 
-        const newDocument = await createSingleDocument(validatedData, knowledgeBaseId, requestId)
+        const newDocument = await createSingleDocument(
+          validatedData,
+          knowledgeBaseId,
+          requestId,
+          userId
+        )
 
         try {
           const { PlatformEvents } = await import('@/lib/core/telemetry')
@@ -299,6 +294,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
   } catch (error) {
     logger.error(`[${requestId}] Error creating document`, error)
 
+    // Check if it's a storage limit error
     const errorMessage = error instanceof Error ? error.message : 'Failed to create document'
     const isStorageLimitError =
       errorMessage.includes('Storage limit exceeded') || errorMessage.includes('storage limit')
@@ -335,22 +331,16 @@ export async function PATCH(req: NextRequest, { params }: { params: Promise<{ id
 
     try {
       const validatedData = BulkUpdateDocumentsSchema.parse(body)
-      const { operation, documentIds, selectAll, enabledFilter } = validatedData
+      const { operation, documentIds } = validatedData
 
       try {
-        let result
+        const result = await bulkDocumentOperation(
-        if (selectAll) {
-          result = await bulkDocumentOperationByFilter(
           knowledgeBaseId,
           operation,
-            enabledFilter,
+          documentIds,
-            requestId
+          requestId,
+          session.user.id
         )
-        } else if (documentIds && documentIds.length > 0) {
-          result = await bulkDocumentOperation(knowledgeBaseId, operation, documentIds, requestId)
-        } else {
-          return NextResponse.json({ error: 'No documents specified' }, { status: 400 })
-        }
 
         return NextResponse.json({
           success: true,

apps/sim/app/api/mcp/servers/test-connection/route.ts

@@ -1,10 +1,11 @@
 import { createLogger } from '@sim/logger'
 import type { NextRequest } from 'next/server'
+import { getEffectiveDecryptedEnv } from '@/lib/environment/utils'
 import { McpClient } from '@/lib/mcp/client'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
-import { resolveMcpConfigEnvVars } from '@/lib/mcp/resolve-config'
+import type { McpServerConfig, McpTransport } from '@/lib/mcp/types'
-import type { McpTransport } from '@/lib/mcp/types'
 import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
+import { resolveEnvVarReferences } from '@/executor/utils/reference-validation'
 
 const logger = createLogger('McpServerTestAPI')
 
@@ -18,6 +19,30 @@ function isUrlBasedTransport(transport: McpTransport): boolean {
   return transport === 'streamable-http'
 }
 
+/**
+ * Resolve environment variables in strings
+ */
+function resolveEnvVars(value: string, envVars: Record<string, string>): string {
+  const missingVars: string[] = []
+  const resolvedValue = resolveEnvVarReferences(value, envVars, {
+    allowEmbedded: true,
+    resolveExactMatch: true,
+    trimKeys: true,
+    onMissing: 'keep',
+    deep: false,
+    missingKeys: missingVars,
+  }) as string
+
+  if (missingVars.length > 0) {
+    const uniqueMissing = Array.from(new Set(missingVars))
+    uniqueMissing.forEach((envKey) => {
+      logger.warn(`Environment variable "${envKey}" not found in MCP server test`)
+    })
+  }
+
+  return resolvedValue
+}
+
 interface TestConnectionRequest {
   name: string
   transport: McpTransport
@@ -71,30 +96,39 @@ export const POST = withMcpAuth('write')(
         )
       }
 
-      // Build initial config for resolution
+      let resolvedUrl = body.url
-      const initialConfig = {
+      let resolvedHeaders = body.headers || {}
+
+      try {
+        const envVars = await getEffectiveDecryptedEnv(userId, workspaceId)
+
+        if (resolvedUrl) {
+          resolvedUrl = resolveEnvVars(resolvedUrl, envVars)
+        }
+
+        const resolvedHeadersObj: Record<string, string> = {}
+        for (const [key, value] of Object.entries(resolvedHeaders)) {
+          resolvedHeadersObj[key] = resolveEnvVars(value, envVars)
+        }
+        resolvedHeaders = resolvedHeadersObj
+      } catch (envError) {
+        logger.warn(
+          `[${requestId}] Failed to resolve environment variables, using raw values:`,
+          envError
+        )
+      }
+
+      const testConfig: McpServerConfig = {
         id: `test-${requestId}`,
         name: body.name,
         transport: body.transport,
-        url: body.url,
+        url: resolvedUrl,
-        headers: body.headers || {},
+        headers: resolvedHeaders,
         timeout: body.timeout || 10000,
         retries: 1, // Only one retry for tests
         enabled: true,
       }
 
-      // Resolve env vars using shared utility (non-strict mode for testing)
-      const { config: testConfig, missingVars } = await resolveMcpConfigEnvVars(
-        initialConfig,
-        userId,
-        workspaceId,
-        { strict: false }
-      )
-
-      if (missingVars.length > 0) {
-        logger.warn(`[${requestId}] Some environment variables not found:`, { missingVars })
-      }
-
       const testSecurityPolicy = {
         requireConsent: false,
         auditLevel: 'none' as const,

apps/sim/app/api/providers/route.ts

@@ -3,9 +3,7 @@ import { account } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { checkWorkspaceAccess } from '@/lib/workspaces/permissions/utils'
 import { refreshTokenIfNeeded } from '@/app/api/auth/oauth/utils'
 import type { StreamingExecution } from '@/executor/types'
 import { executeProviderRequest } from '@/providers'
@@ -22,11 +20,6 @@ export async function POST(request: NextRequest) {
   const startTime = Date.now()
 
   try {
-    const auth = await checkHybridAuth(request, { requireWorkflowId: false })
-    if (!auth.success || !auth.userId) {
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
-    }
-
     logger.info(`[${requestId}] Provider API request started`, {
       timestamp: new Date().toISOString(),
       userAgent: request.headers.get('User-Agent'),
@@ -92,13 +85,6 @@ export async function POST(request: NextRequest) {
       verbosity,
     })
 
-    if (workspaceId) {
-      const workspaceAccess = await checkWorkspaceAccess(workspaceId, auth.userId)
-      if (!workspaceAccess.hasAccess) {
-        return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
-      }
-    }
-
     let finalApiKey: string | undefined = apiKey
     try {
       if (provider === 'vertex' && vertexCredential) {

apps/sim/app/api/tools/a2a/set-push-notification/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
 import { checkHybridAuth } from '@/lib/auth/hybrid'
-import { validateExternalUrl } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
 
 export const dynamic = 'force-dynamic'
@@ -40,18 +39,6 @@ export async function POST(request: NextRequest) {
     const body = await request.json()
     const validatedData = A2ASetPushNotificationSchema.parse(body)
 
-    const urlValidation = validateExternalUrl(validatedData.webhookUrl, 'Webhook URL')
-    if (!urlValidation.isValid) {
-      logger.warn(`[${requestId}] Invalid webhook URL`, { error: urlValidation.error })
-      return NextResponse.json(
-        {
-          success: false,
-          error: urlValidation.error,
-        },
-        { status: 400 }
-      )
-    }
-
     logger.info(`[${requestId}] A2A set push notification request`, {
       agentUrl: validatedData.agentUrl,
       taskId: validatedData.taskId,

apps/sim/app/api/tools/mysql/delete/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { buildDeleteQuery, createMySQLConnection, executeQuery } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLDeleteAPI')
@@ -22,12 +21,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL delete attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = DeleteSchema.parse(body)
 

apps/sim/app/api/tools/mysql/execute/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createMySQLConnection, executeQuery, validateQuery } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLExecuteAPI')
@@ -21,12 +20,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL execute attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ExecuteSchema.parse(body)
 

apps/sim/app/api/tools/mysql/insert/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { buildInsertQuery, createMySQLConnection, executeQuery } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLInsertAPI')
@@ -43,12 +42,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL insert attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = InsertSchema.parse(body)
 

apps/sim/app/api/tools/mysql/introspect/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createMySQLConnection, executeIntrospect } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLIntrospectAPI')
@@ -20,12 +19,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL introspect attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = IntrospectSchema.parse(body)
 

apps/sim/app/api/tools/mysql/query/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createMySQLConnection, executeQuery, validateQuery } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLQueryAPI')
@@ -21,12 +20,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL query attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = QuerySchema.parse(body)
 

apps/sim/app/api/tools/mysql/update/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { buildUpdateQuery, createMySQLConnection, executeQuery } from '@/app/api/tools/mysql/utils'
 
 const logger = createLogger('MySQLUpdateAPI')
@@ -41,12 +40,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized MySQL update attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = UpdateSchema.parse(body)
 

apps/sim/app/api/tools/postgresql/delete/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createPostgresConnection, executeDelete } from '@/app/api/tools/postgresql/utils'
 
 const logger = createLogger('PostgreSQLDeleteAPI')
@@ -22,12 +21,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL delete attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = DeleteSchema.parse(body)
 

apps/sim/app/api/tools/postgresql/execute/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createPostgresConnection,
   executeQuery,
@@ -25,12 +24,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL execute attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ExecuteSchema.parse(body)
 

apps/sim/app/api/tools/postgresql/insert/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createPostgresConnection, executeInsert } from '@/app/api/tools/postgresql/utils'
 
 const logger = createLogger('PostgreSQLInsertAPI')
@@ -43,12 +42,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL insert attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
 
     const params = InsertSchema.parse(body)

apps/sim/app/api/tools/postgresql/introspect/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createPostgresConnection, executeIntrospect } from '@/app/api/tools/postgresql/utils'
 
 const logger = createLogger('PostgreSQLIntrospectAPI')
@@ -21,12 +20,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL introspect attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = IntrospectSchema.parse(body)
 

apps/sim/app/api/tools/postgresql/query/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createPostgresConnection, executeQuery } from '@/app/api/tools/postgresql/utils'
 
 const logger = createLogger('PostgreSQLQueryAPI')
@@ -21,12 +20,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL query attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = QuerySchema.parse(body)
 

apps/sim/app/api/tools/postgresql/update/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createPostgresConnection, executeUpdate } from '@/app/api/tools/postgresql/utils'
 
 const logger = createLogger('PostgreSQLUpdateAPI')
@@ -41,12 +40,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized PostgreSQL update attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = UpdateSchema.parse(body)
 

apps/sim/app/api/tools/ssh/check-command-exists/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, escapeShellArg, executeSSHCommand } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHCheckCommandExistsAPI')
@@ -21,12 +20,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH check command exists attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = CheckCommandExistsSchema.parse(body)
 

apps/sim/app/api/tools/ssh/check-file-exists/route.ts

@@ -3,7 +3,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper, Stats } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createSSHConnection,
   getFileType,
@@ -40,15 +39,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH check file exists attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = CheckFileExistsSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/tools/ssh/create-directory/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createSSHConnection,
   escapeShellArg,
@@ -28,15 +27,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH create directory attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = CreateDirectorySchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },
@@ -59,6 +53,7 @@ export async function POST(request: NextRequest) {
       const dirPath = sanitizePath(params.path)
       const escapedPath = escapeShellArg(dirPath)
 
+      // Check if directory already exists
       const checkResult = await executeSSHCommand(
         client,
         `test -d '${escapedPath}' && echo "exists"`
@@ -75,6 +70,7 @@ export async function POST(request: NextRequest) {
         })
       }
 
+      // Create directory
       const mkdirFlag = params.recursive ? '-p' : ''
       const command = `mkdir ${mkdirFlag} -m ${params.permissions} '${escapedPath}'`
       const result = await executeSSHCommand(client, command)

apps/sim/app/api/tools/ssh/delete-file/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createSSHConnection,
   escapeShellArg,
@@ -28,15 +27,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH delete file attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = DeleteFileSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },
@@ -59,6 +53,7 @@ export async function POST(request: NextRequest) {
       const filePath = sanitizePath(params.path)
       const escapedPath = escapeShellArg(filePath)
 
+      // Check if path exists
       const checkResult = await executeSSHCommand(
         client,
         `test -e '${escapedPath}' && echo "exists"`
@@ -67,6 +62,7 @@ export async function POST(request: NextRequest) {
         return NextResponse.json({ error: `Path does not exist: ${filePath}` }, { status: 404 })
       }
 
+      // Build delete command
       let command: string
       if (params.recursive) {
         command = params.force ? `rm -rf '${escapedPath}'` : `rm -r '${escapedPath}'`

apps/sim/app/api/tools/ssh/download-file/route.ts

@@ -4,7 +4,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, sanitizePath } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHDownloadFileAPI')
@@ -35,15 +34,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH download file attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = DownloadFileSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/tools/ssh/execute-command/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, executeSSHCommand, sanitizeCommand } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHExecuteCommandAPI')
@@ -22,15 +21,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH execute command attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ExecuteCommandSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },
@@ -50,6 +44,7 @@ export async function POST(request: NextRequest) {
     })
 
     try {
+      // Build command with optional working directory
       let command = sanitizeCommand(params.command)
       if (params.workingDirectory) {
         command = `cd "${params.workingDirectory}" && ${command}`

apps/sim/app/api/tools/ssh/execute-script/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, escapeShellArg, executeSSHCommand } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHExecuteScriptAPI')
@@ -23,15 +22,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH execute script attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ExecuteScriptSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },
@@ -51,10 +45,13 @@ export async function POST(request: NextRequest) {
     })
 
     try {
+      // Create a temporary script file, execute it, and clean up
       const scriptPath = `/tmp/sim_script_${requestId}.sh`
       const escapedScriptPath = escapeShellArg(scriptPath)
       const escapedInterpreter = escapeShellArg(params.interpreter)
 
+      // Build the command to create, execute, and clean up the script
+      // Note: heredoc with quoted delimiter ('SIMEOF') prevents variable expansion
       let command = `cat > '${escapedScriptPath}' << 'SIMEOF'
 ${params.script}
 SIMEOF

apps/sim/app/api/tools/ssh/get-system-info/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, executeSSHCommand } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHGetSystemInfoAPI')
@@ -20,15 +19,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH get system info attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = GetSystemInfoSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/tools/ssh/list-directory/route.ts

@@ -3,7 +3,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, FileEntry, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createSSHConnection,
   getFileType,
@@ -61,15 +60,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH list directory attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ListDirectorySchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/tools/ssh/move-rename/route.ts

@@ -2,7 +2,6 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import {
   createSSHConnection,
   escapeShellArg,
@@ -28,16 +27,9 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH move/rename attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = MoveRenameSchema.parse(body)
 
-    // Validate SSH authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/tools/ssh/read-file-content/route.ts

@@ -3,7 +3,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, sanitizePath } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHReadFileContentAPI')
@@ -36,12 +35,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH read file content attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = ReadFileContentSchema.parse(body)
 

apps/sim/app/api/tools/ssh/upload-file/route.ts

@@ -3,7 +3,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, sanitizePath } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHUploadFileAPI')
@@ -38,12 +37,6 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH upload file attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = UploadFileSchema.parse(body)
 

apps/sim/app/api/tools/ssh/write-file-content/route.ts

@@ -3,7 +3,6 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
-import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { createSSHConnection, sanitizePath } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHWriteFileContentAPI')
@@ -37,15 +36,10 @@ export async function POST(request: NextRequest) {
   const requestId = randomUUID().slice(0, 8)
 
   try {
-    const auth = await checkHybridAuth(request)
-    if (!auth.success || !auth.userId) {
-      logger.warn(`[${requestId}] Unauthorized SSH write file content attempt`)
-      return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
-    }
-
     const body = await request.json()
     const params = WriteFileContentSchema.parse(body)
 
+    // Validate authentication
     if (!params.password && !params.privateKey) {
       return NextResponse.json(
         { error: 'Either password or privateKey must be provided' },

apps/sim/app/api/v1/admin/credits/route.ts

@@ -1,211 +0,0 @@
-/**
- * POST /api/v1/admin/credits
- *
- * Issue credits to a user by user ID or email.
- *
- * Body:
- *   - userId?: string - The user ID to issue credits to
- *   - email?: string - The user email to issue credits to (alternative to userId)
- *   - amount: number - The amount of credits to issue (in dollars)
- *   - reason?: string - Reason for issuing credits (for audit logging)
- *
- * Response: AdminSingleResponse<{
- *   success: true,
- *   entityType: 'user' | 'organization',
- *   entityId: string,
- *   amount: number,
- *   newCreditBalance: number,
- *   newUsageLimit: number,
- * }>
- *
- * For Pro users: credits are added to user_stats.credit_balance
- * For Team users: credits are added to organization.credit_balance
- * Usage limits are updated accordingly to allow spending the credits.
- */
-
-import { db } from '@sim/db'
-import { organization, subscription, user, userStats } from '@sim/db/schema'
-import { createLogger } from '@sim/logger'
-import { and, eq } from 'drizzle-orm'
-import { nanoid } from 'nanoid'
-import { getHighestPrioritySubscription } from '@/lib/billing/core/subscription'
-import { addCredits } from '@/lib/billing/credits/balance'
-import { setUsageLimitForCredits } from '@/lib/billing/credits/purchase'
-import { getEffectiveSeats } from '@/lib/billing/subscriptions/utils'
-import { withAdminAuth } from '@/app/api/v1/admin/middleware'
-import {
-  badRequestResponse,
-  internalErrorResponse,
-  notFoundResponse,
-  singleResponse,
-} from '@/app/api/v1/admin/responses'
-
-const logger = createLogger('AdminCreditsAPI')
-
-export const POST = withAdminAuth(async (request) => {
-  try {
-    const body = await request.json()
-    const { userId, email, amount, reason } = body
-
-    if (!userId && !email) {
-      return badRequestResponse('Either userId or email is required')
-    }
-
-    if (userId && typeof userId !== 'string') {
-      return badRequestResponse('userId must be a string')
-    }
-
-    if (email && typeof email !== 'string') {
-      return badRequestResponse('email must be a string')
-    }
-
-    if (typeof amount !== 'number' || !Number.isFinite(amount) || amount <= 0) {
-      return badRequestResponse('amount must be a positive number')
-    }
-
-    let resolvedUserId: string
-    let userEmail: string | null = null
-
-    if (userId) {
-      const [userData] = await db
-        .select({ id: user.id, email: user.email })
-        .from(user)
-        .where(eq(user.id, userId))
-        .limit(1)
-
-      if (!userData) {
-        return notFoundResponse('User')
-      }
-      resolvedUserId = userData.id
-      userEmail = userData.email
-    } else {
-      const normalizedEmail = email.toLowerCase().trim()
-      const [userData] = await db
-        .select({ id: user.id, email: user.email })
-        .from(user)
-        .where(eq(user.email, normalizedEmail))
-        .limit(1)
-
-      if (!userData) {
-        return notFoundResponse('User with email')
-      }
-      resolvedUserId = userData.id
-      userEmail = userData.email
-    }
-
-    const userSubscription = await getHighestPrioritySubscription(resolvedUserId)
-
-    if (!userSubscription || !['pro', 'team', 'enterprise'].includes(userSubscription.plan)) {
-      return badRequestResponse(
-        'User must have an active Pro, Team, or Enterprise subscription to receive credits'
-      )
-    }
-
-    let entityType: 'user' | 'organization'
-    let entityId: string
-    const plan = userSubscription.plan
-    let seats: number | null = null
-
-    if (plan === 'team' || plan === 'enterprise') {
-      entityType = 'organization'
-      entityId = userSubscription.referenceId
-
-      const [orgExists] = await db
-        .select({ id: organization.id })
-        .from(organization)
-        .where(eq(organization.id, entityId))
-        .limit(1)
-
-      if (!orgExists) {
-        return notFoundResponse('Organization')
-      }
-
-      const [subData] = await db
-        .select()
-        .from(subscription)
-        .where(and(eq(subscription.referenceId, entityId), eq(subscription.status, 'active')))
-        .limit(1)
-
-      seats = getEffectiveSeats(subData)
-    } else {
-      entityType = 'user'
-      entityId = resolvedUserId
-
-      const [existingStats] = await db
-        .select({ id: userStats.id })
-        .from(userStats)
-        .where(eq(userStats.userId, entityId))
-        .limit(1)
-
-      if (!existingStats) {
-        await db.insert(userStats).values({
-          id: nanoid(),
-          userId: entityId,
-        })
-      }
-    }
-
-    await addCredits(entityType, entityId, amount)
-
-    let newCreditBalance: number
-    if (entityType === 'organization') {
-      const [orgData] = await db
-        .select({ creditBalance: organization.creditBalance })
-        .from(organization)
-        .where(eq(organization.id, entityId))
-        .limit(1)
-      newCreditBalance = Number.parseFloat(orgData?.creditBalance || '0')
-    } else {
-      const [stats] = await db
-        .select({ creditBalance: userStats.creditBalance })
-        .from(userStats)
-        .where(eq(userStats.userId, entityId))
-        .limit(1)
-      newCreditBalance = Number.parseFloat(stats?.creditBalance || '0')
-    }
-
-    await setUsageLimitForCredits(entityType, entityId, plan, seats, newCreditBalance)
-
-    let newUsageLimit: number
-    if (entityType === 'organization') {
-      const [orgData] = await db
-        .select({ orgUsageLimit: organization.orgUsageLimit })
-        .from(organization)
-        .where(eq(organization.id, entityId))
-        .limit(1)
-      newUsageLimit = Number.parseFloat(orgData?.orgUsageLimit || '0')
-    } else {
-      const [stats] = await db
-        .select({ currentUsageLimit: userStats.currentUsageLimit })
-        .from(userStats)
-        .where(eq(userStats.userId, entityId))
-        .limit(1)
-      newUsageLimit = Number.parseFloat(stats?.currentUsageLimit || '0')
-    }
-
-    logger.info('Admin API: Issued credits', {
-      resolvedUserId,
-      userEmail,
-      entityType,
-      entityId,
-      amount,
-      newCreditBalance,
-      newUsageLimit,
-      reason: reason || 'No reason provided',
-    })
-
-    return singleResponse({
-      success: true,
-      userId: resolvedUserId,
-      userEmail,
-      entityType,
-      entityId,
-      amount,
-      newCreditBalance,
-      newUsageLimit,
-    })
-  } catch (error) {
-    logger.error('Admin API: Failed to issue credits', { error })
-    return internalErrorResponse('Failed to issue credits')
-  }
-})

apps/sim/app/api/v1/admin/index.ts

@@ -63,9 +63,6 @@
  *   GET    /api/v1/admin/subscriptions/:id                  - Get subscription details
  *   DELETE /api/v1/admin/subscriptions/:id                  - Cancel subscription (?atPeriodEnd=true for scheduled)
  *
- *   Credits:
- *   POST   /api/v1/admin/credits                            - Issue credits to user (by userId or email)
- *
  *   Access Control (Permission Groups):
  *   GET    /api/v1/admin/access-control                     - List permission groups (?organizationId=X)
  *   DELETE /api/v1/admin/access-control                     - Delete permission groups for org (?organizationId=X)

apps/sim/app/api/v1/admin/types.ts

@@ -640,7 +640,6 @@ export interface AdminDeployResult {
   isDeployed: boolean
   version: number
   deployedAt: string
-  warnings?: string[]
 }
 
 export interface AdminUndeployResult {

apps/sim/app/api/v1/admin/workflows/[id]/deploy/route.ts

@@ -1,23 +1,14 @@
-import { db, workflow, workflowDeploymentVersion } from '@sim/db'
+import { db, workflow } from '@sim/db'
 import { createLogger } from '@sim/logger'
-import { and, eq } from 'drizzle-orm'
+import { eq } from 'drizzle-orm'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { removeMcpToolsForWorkflow, syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
+import { cleanupWebhooksForWorkflow } from '@/lib/webhooks/deploy'
-import {
-  cleanupWebhooksForWorkflow,
-  restorePreviousVersionWebhooks,
-  saveTriggerWebhooksForDeploy,
-} from '@/lib/webhooks/deploy'
 import {
   deployWorkflow,
   loadWorkflowFromNormalizedTables,
   undeployWorkflow,
 } from '@/lib/workflows/persistence/utils'
-import {
+import { createSchedulesForDeploy, validateWorkflowSchedules } from '@/lib/workflows/schedules'
-  cleanupDeploymentVersion,
-  createSchedulesForDeploy,
-  validateWorkflowSchedules,
-} from '@/lib/workflows/schedules'
 import { withAdminAuthParams } from '@/app/api/v1/admin/middleware'
 import {
   badRequestResponse,
@@ -37,11 +28,10 @@ interface RouteParams {
 
 export const POST = withAdminAuthParams<RouteParams>(async (request, context) => {
   const { id: workflowId } = await context.params
-  const requestId = generateRequestId()
 
   try {
     const [workflowRecord] = await db
-      .select()
+      .select({ id: workflow.id, name: workflow.name })
       .from(workflow)
       .where(eq(workflow.id, workflowId))
       .limit(1)
@@ -60,18 +50,6 @@ export const POST = withAdminAuthParams<RouteParams>(async (request, context) =>
       return badRequestResponse(`Invalid schedule configuration: ${scheduleValidation.error}`)
     }
 
-    const [currentActiveVersion] = await db
-      .select({ id: workflowDeploymentVersion.id })
-      .from(workflowDeploymentVersion)
-      .where(
-        and(
-          eq(workflowDeploymentVersion.workflowId, workflowId),
-          eq(workflowDeploymentVersion.isActive, true)
-        )
-      )
-      .limit(1)
-    const previousVersionId = currentActiveVersion?.id
-
     const deployResult = await deployWorkflow({
       workflowId,
       deployedBy: ADMIN_ACTOR_ID,
@@ -87,32 +65,6 @@ export const POST = withAdminAuthParams<RouteParams>(async (request, context) =>
       return internalErrorResponse('Failed to resolve deployment version')
     }
 
-    const workflowData = workflowRecord as Record<string, unknown>
-
-    const triggerSaveResult = await saveTriggerWebhooksForDeploy({
-      request,
-      workflowId,
-      workflow: workflowData,
-      userId: workflowRecord.userId,
-      blocks: normalizedData.blocks,
-      requestId,
-      deploymentVersionId: deployResult.deploymentVersionId,
-      previousVersionId,
-    })
-
-    if (!triggerSaveResult.success) {
-      await cleanupDeploymentVersion({
-        workflowId,
-        workflow: workflowData,
-        requestId,
-        deploymentVersionId: deployResult.deploymentVersionId,
-      })
-      await undeployWorkflow({ workflowId })
-      return internalErrorResponse(
-        triggerSaveResult.error?.message || 'Failed to sync trigger configuration'
-      )
-    }
-
     const scheduleResult = await createSchedulesForDeploy(
       workflowId,
       normalizedData.blocks,
@@ -120,58 +72,15 @@ export const POST = withAdminAuthParams<RouteParams>(async (request, context) =>
       deployResult.deploymentVersionId
     )
     if (!scheduleResult.success) {
-      logger.error(
+      logger.warn(`Schedule creation failed for workflow ${workflowId}: ${scheduleResult.error}`)
-        `[${requestId}] Admin API: Schedule creation failed for workflow ${workflowId}: ${scheduleResult.error}`
-      )
-      await cleanupDeploymentVersion({
-        workflowId,
-        workflow: workflowData,
-        requestId,
-        deploymentVersionId: deployResult.deploymentVersionId,
-      })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData,
-          userId: workflowRecord.userId,
-          previousVersionId,
-          requestId,
-        })
-      }
-      await undeployWorkflow({ workflowId })
-      return internalErrorResponse(scheduleResult.error || 'Failed to create schedule')
     }
 
-    if (previousVersionId && previousVersionId !== deployResult.deploymentVersionId) {
+    logger.info(`Admin API: Deployed workflow ${workflowId} as v${deployResult.version}`)
-      try {
-        logger.info(`[${requestId}] Admin API: Cleaning up previous version ${previousVersionId}`)
-        await cleanupDeploymentVersion({
-          workflowId,
-          workflow: workflowData,
-          requestId,
-          deploymentVersionId: previousVersionId,
-          skipExternalCleanup: true,
-        })
-      } catch (cleanupError) {
-        logger.error(
-          `[${requestId}] Admin API: Failed to clean up previous version ${previousVersionId}`,
-          cleanupError
-        )
-      }
-    }
-
-    logger.info(
-      `[${requestId}] Admin API: Deployed workflow ${workflowId} as v${deployResult.version}`
-    )
-
-    // Sync MCP tools with the latest parameter schema
-    await syncMcpToolsForWorkflow({ workflowId, requestId, context: 'deploy' })
 
     const response: AdminDeployResult = {
       isDeployed: true,
       version: deployResult.version!,
       deployedAt: deployResult.deployedAt!.toISOString(),
-      warnings: triggerSaveResult.warnings,
     }
 
     return singleResponse(response)
@@ -196,6 +105,7 @@ export const DELETE = withAdminAuthParams<RouteParams>(async (request, context)
       return notFoundResponse('Workflow')
     }
 
+    // Clean up external webhook subscriptions before undeploying
     await cleanupWebhooksForWorkflow(
       workflowId,
       workflowRecord as Record<string, unknown>,
@@ -207,8 +117,6 @@ export const DELETE = withAdminAuthParams<RouteParams>(async (request, context)
       return internalErrorResponse(result.error || 'Failed to undeploy workflow')
     }
 
-    await removeMcpToolsForWorkflow(workflowId, requestId)
-
     logger.info(`Admin API: Undeployed workflow ${workflowId}`)
 
     const response: AdminUndeployResult = {

apps/sim/app/api/v1/admin/workflows/[id]/versions/[versionId]/activate/route.ts

@@ -1,15 +1,7 @@
-import { db, workflow, workflowDeploymentVersion } from '@sim/db'
+import { db, workflow } from '@sim/db'
 import { createLogger } from '@sim/logger'
-import { and, eq } from 'drizzle-orm'
+import { eq } from 'drizzle-orm'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
-import { restorePreviousVersionWebhooks, saveTriggerWebhooksForDeploy } from '@/lib/webhooks/deploy'
 import { activateWorkflowVersion } from '@/lib/workflows/persistence/utils'
-import {
-  cleanupDeploymentVersion,
-  createSchedulesForDeploy,
-  validateWorkflowSchedules,
-} from '@/lib/workflows/schedules'
 import { withAdminAuthParams } from '@/app/api/v1/admin/middleware'
 import {
   badRequestResponse,
@@ -17,7 +9,6 @@ import {
   notFoundResponse,
   singleResponse,
 } from '@/app/api/v1/admin/responses'
-import type { BlockState } from '@/stores/workflows/workflow/types'
 
 const logger = createLogger('AdminWorkflowActivateVersionAPI')
 
@@ -27,12 +18,11 @@ interface RouteParams {
 }
 
 export const POST = withAdminAuthParams<RouteParams>(async (request, context) => {
-  const requestId = generateRequestId()
   const { id: workflowId, versionId } = await context.params
 
   try {
     const [workflowRecord] = await db
-      .select()
+      .select({ id: workflow.id })
       .from(workflow)
       .where(eq(workflow.id, workflowId))
       .limit(1)
@@ -46,161 +36,23 @@ export const POST = withAdminAuthParams<RouteParams>(async (request, context) =>
       return badRequestResponse('Invalid version number')
     }
 
-    const [versionRow] = await db
-      .select({
-        id: workflowDeploymentVersion.id,
-        state: workflowDeploymentVersion.state,
-      })
-      .from(workflowDeploymentVersion)
-      .where(
-        and(
-          eq(workflowDeploymentVersion.workflowId, workflowId),
-          eq(workflowDeploymentVersion.version, versionNum)
-        )
-      )
-      .limit(1)
-
-    if (!versionRow?.state) {
-      return notFoundResponse('Deployment version')
-    }
-
-    const [currentActiveVersion] = await db
-      .select({ id: workflowDeploymentVersion.id })
-      .from(workflowDeploymentVersion)
-      .where(
-        and(
-          eq(workflowDeploymentVersion.workflowId, workflowId),
-          eq(workflowDeploymentVersion.isActive, true)
-        )
-      )
-      .limit(1)
-
-    const previousVersionId = currentActiveVersion?.id
-
-    const deployedState = versionRow.state as { blocks?: Record<string, BlockState> }
-    const blocks = deployedState.blocks
-    if (!blocks || typeof blocks !== 'object') {
-      return internalErrorResponse('Invalid deployed state structure')
-    }
-
-    const workflowData = workflowRecord as Record<string, unknown>
-
-    const scheduleValidation = validateWorkflowSchedules(blocks)
-    if (!scheduleValidation.isValid) {
-      return badRequestResponse(`Invalid schedule configuration: ${scheduleValidation.error}`)
-    }
-
-    const triggerSaveResult = await saveTriggerWebhooksForDeploy({
-      request,
-      workflowId,
-      workflow: workflowData,
-      userId: workflowRecord.userId,
-      blocks,
-      requestId,
-      deploymentVersionId: versionRow.id,
-      previousVersionId,
-      forceRecreateSubscriptions: true,
-    })
-
-    if (!triggerSaveResult.success) {
-      logger.error(
-        `[${requestId}] Admin API: Failed to sync triggers for workflow ${workflowId}`,
-        triggerSaveResult.error
-      )
-      return internalErrorResponse(
-        triggerSaveResult.error?.message || 'Failed to sync trigger configuration'
-      )
-    }
-
-    const scheduleResult = await createSchedulesForDeploy(workflowId, blocks, db, versionRow.id)
-
-    if (!scheduleResult.success) {
-      await cleanupDeploymentVersion({
-        workflowId,
-        workflow: workflowData,
-        requestId,
-        deploymentVersionId: versionRow.id,
-      })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData,
-          userId: workflowRecord.userId,
-          previousVersionId,
-          requestId,
-        })
-      }
-      return internalErrorResponse(scheduleResult.error || 'Failed to sync schedules')
-    }
-
     const result = await activateWorkflowVersion({ workflowId, version: versionNum })
     if (!result.success) {
-      await cleanupDeploymentVersion({
-        workflowId,
-        workflow: workflowData,
-        requestId,
-        deploymentVersionId: versionRow.id,
-      })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData,
-          userId: workflowRecord.userId,
-          previousVersionId,
-          requestId,
-        })
-      }
       if (result.error === 'Deployment version not found') {
         return notFoundResponse('Deployment version')
       }
       return internalErrorResponse(result.error || 'Failed to activate version')
     }
 
-    if (previousVersionId && previousVersionId !== versionRow.id) {
+    logger.info(`Admin API: Activated version ${versionNum} for workflow ${workflowId}`)
-      try {
-        logger.info(
-          `[${requestId}] Admin API: Cleaning up previous version ${previousVersionId} webhooks/schedules`
-        )
-        await cleanupDeploymentVersion({
-          workflowId,
-          workflow: workflowData,
-          requestId,
-          deploymentVersionId: previousVersionId,
-          skipExternalCleanup: true,
-        })
-        logger.info(`[${requestId}] Admin API: Previous version cleanup completed`)
-      } catch (cleanupError) {
-        logger.error(
-          `[${requestId}] Admin API: Failed to clean up previous version ${previousVersionId}`,
-          cleanupError
-        )
-      }
-    }
-
-    await syncMcpToolsForWorkflow({
-      workflowId,
-      requestId,
-      state: versionRow.state,
-      context: 'activate',
-    })
-
-    logger.info(
-      `[${requestId}] Admin API: Activated version ${versionNum} for workflow ${workflowId}`
-    )
 
     return singleResponse({
       success: true,
       version: versionNum,
       deployedAt: result.deployedAt!.toISOString(),
-      warnings: triggerSaveResult.warnings,
     })
   } catch (error) {
-    logger.error(
+    logger.error(`Admin API: Failed to activate version for workflow ${workflowId}`, { error })
-      `[${requestId}] Admin API: Failed to activate version for workflow ${workflowId}`,
-      {
-        error,
-      }
-    )
     return internalErrorResponse('Failed to activate deployment version')
   }
 })

apps/sim/app/api/webhooks/[id]/route.ts

@@ -7,7 +7,11 @@ import { getSession } from '@/lib/auth'
 import { validateInteger } from '@/lib/core/security/input-validation'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { cleanupExternalWebhook } from '@/lib/webhooks/provider-subscriptions'
+import {
+  cleanupExternalWebhook,
+  createExternalWebhookSubscription,
+  shouldRecreateExternalWebhookSubscription,
+} from '@/lib/webhooks/provider-subscriptions'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
 
 const logger = createLogger('WebhookAPI')
@@ -83,6 +87,7 @@ export async function GET(request: NextRequest, { params }: { params: Promise<{
   }
 }
 
+// Update a webhook
 export async function PATCH(request: NextRequest, { params }: { params: Promise<{ id: string }> }) {
   const requestId = generateRequestId()
 
@@ -97,7 +102,7 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<
     }
 
     const body = await request.json()
-    const { isActive, failedCount } = body
+    const { path, provider, providerConfig, isActive, failedCount } = body
 
     if (failedCount !== undefined) {
       const validation = validateInteger(failedCount, 'failedCount', { min: 0 })
@@ -107,6 +112,28 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<
       }
     }
 
+    let resolvedProviderConfig = providerConfig
+    if (providerConfig) {
+      const { resolveEnvVarsInObject } = await import('@/lib/webhooks/env-resolver')
+      const webhookDataForResolve = await db
+        .select({
+          workspaceId: workflow.workspaceId,
+        })
+        .from(webhook)
+        .innerJoin(workflow, eq(webhook.workflowId, workflow.id))
+        .where(eq(webhook.id, id))
+        .limit(1)
+
+      if (webhookDataForResolve.length > 0) {
+        resolvedProviderConfig = await resolveEnvVarsInObject(
+          providerConfig,
+          session.user.id,
+          webhookDataForResolve[0].workspaceId || undefined
+        )
+      }
+    }
+
+    // Find the webhook and check permissions
     const webhooks = await db
       .select({
         webhook: webhook,
@@ -127,12 +154,16 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<
     }
 
     const webhookData = webhooks[0]
+
+    // Check if user has permission to modify this webhook
     let canModify = false
 
+    // Case 1: User owns the workflow
     if (webhookData.workflow.userId === session.user.id) {
       canModify = true
     }
 
+    // Case 2: Workflow belongs to a workspace and user has write or admin permission
     if (!canModify && webhookData.workflow.workspaceId) {
       const userPermission = await getUserEntityPermissions(
         session.user.id,
@@ -151,14 +182,76 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<
       return NextResponse.json({ error: 'Access denied' }, { status: 403 })
     }
 
+    const existingProviderConfig =
+      (webhookData.webhook.providerConfig as Record<string, unknown>) || {}
+    let nextProviderConfig =
+      providerConfig !== undefined &&
+      resolvedProviderConfig &&
+      typeof resolvedProviderConfig === 'object'
+        ? (resolvedProviderConfig as Record<string, unknown>)
+        : existingProviderConfig
+    const nextProvider = (provider ?? webhookData.webhook.provider) as string
+
+    if (
+      providerConfig !== undefined &&
+      shouldRecreateExternalWebhookSubscription({
+        previousProvider: webhookData.webhook.provider as string,
+        nextProvider,
+        previousConfig: existingProviderConfig,
+        nextConfig: nextProviderConfig,
+      })
+    ) {
+      await cleanupExternalWebhook(
+        { ...webhookData.webhook, providerConfig: existingProviderConfig },
+        webhookData.workflow,
+        requestId
+      )
+
+      const result = await createExternalWebhookSubscription(
+        request,
+        {
+          ...webhookData.webhook,
+          provider: nextProvider,
+          providerConfig: nextProviderConfig,
+        },
+        webhookData.workflow,
+        session.user.id,
+        requestId
+      )
+
+      nextProviderConfig = result.updatedProviderConfig as Record<string, unknown>
+    }
+
     logger.debug(`[${requestId}] Updating webhook properties`, {
+      hasPathUpdate: path !== undefined,
+      hasProviderUpdate: provider !== undefined,
+      hasConfigUpdate: providerConfig !== undefined,
       hasActiveUpdate: isActive !== undefined,
       hasFailedCountUpdate: failedCount !== undefined,
     })
 
+    // Merge providerConfig to preserve credential-related fields
+    let finalProviderConfig = webhooks[0].webhook.providerConfig
+    if (providerConfig !== undefined) {
+      const existingConfig = existingProviderConfig
+      finalProviderConfig = {
+        ...nextProviderConfig,
+        credentialId: existingConfig.credentialId,
+        credentialSetId: existingConfig.credentialSetId,
+        userId: existingConfig.userId,
+        historyId: existingConfig.historyId,
+        lastCheckedTimestamp: existingConfig.lastCheckedTimestamp,
+        setupCompleted: existingConfig.setupCompleted,
+        externalId: nextProviderConfig.externalId ?? existingConfig.externalId,
+      }
+    }
+
     const updatedWebhook = await db
       .update(webhook)
       .set({
+        path: path !== undefined ? path : webhooks[0].webhook.path,
+        provider: provider !== undefined ? provider : webhooks[0].webhook.provider,
+        providerConfig: finalProviderConfig,
         isActive: isActive !== undefined ? isActive : webhooks[0].webhook.isActive,
         failedCount: failedCount !== undefined ? failedCount : webhooks[0].webhook.failedCount,
         updatedAt: new Date(),
@@ -241,8 +334,11 @@ export async function DELETE(
     }
 
     const foundWebhook = webhookData.webhook
-    const credentialSetId = foundWebhook.credentialSetId as string | undefined
+    const { cleanupExternalWebhook } = await import('@/lib/webhooks/provider-subscriptions')
-    const blockId = foundWebhook.blockId as string | undefined
+
+    const providerConfig = foundWebhook.providerConfig as Record<string, unknown> | null
+    const credentialSetId = providerConfig?.credentialSetId as string | undefined
+    const blockId = providerConfig?.blockId as string | undefined
 
     if (credentialSetId && blockId) {
       const allCredentialSetWebhooks = await db
@@ -250,9 +346,10 @@ export async function DELETE(
         .from(webhook)
         .where(and(eq(webhook.workflowId, webhookData.workflow.id), eq(webhook.blockId, blockId)))
 
-      const webhooksToDelete = allCredentialSetWebhooks.filter(
+      const webhooksToDelete = allCredentialSetWebhooks.filter((w) => {
-        (w) => w.credentialSetId === credentialSetId
+        const config = w.providerConfig as Record<string, unknown> | null
-      )
+        return config?.credentialSetId === credentialSetId
+      })
 
       for (const w of webhooksToDelete) {
         await cleanupExternalWebhook(w, webhookData.workflow, requestId)

apps/sim/app/api/webhooks/route.ts

@@ -7,21 +7,8 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { getProviderIdFromServiceId } from '@/lib/oauth'
+import { createExternalWebhookSubscription } from '@/lib/webhooks/provider-subscriptions'
-import { resolveEnvVarsInObject } from '@/lib/webhooks/env-resolver'
-import {
-  cleanupExternalWebhook,
-  createExternalWebhookSubscription,
-} from '@/lib/webhooks/provider-subscriptions'
-import { mergeNonUserFields } from '@/lib/webhooks/utils'
-import {
-  configureGmailPolling,
-  configureOutlookPolling,
-  configureRssPolling,
-  syncWebhooksForCredentialSet,
-} from '@/lib/webhooks/utils.server'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
-import { extractCredentialSetId, isCredentialSetValue } from '@/executor/constants'
 
 const logger = createLogger('WebhooksAPI')
 
@@ -311,10 +298,14 @@ export async function POST(request: NextRequest) {
       }
     }
 
-    let savedWebhook: any = null
+    let savedWebhook: any = null // Variable to hold the result of save/update
-    const originalProviderConfig = providerConfig || {}
+
+    // Use the original provider config - Gmail/Outlook configuration functions will inject userId automatically
+    const finalProviderConfig = providerConfig || {}
+
+    const { resolveEnvVarsInObject } = await import('@/lib/webhooks/env-resolver')
     let resolvedProviderConfig = await resolveEnvVarsInObject(
-      originalProviderConfig,
+      finalProviderConfig,
       userId,
       workflowRecord.workspaceId || undefined
     )
@@ -328,6 +319,8 @@ export async function POST(request: NextRequest) {
     const directCredentialSetId = resolvedProviderConfig?.credentialSetId as string | undefined
 
     if (directCredentialSetId || rawCredentialId) {
+      const { isCredentialSetValue, extractCredentialSetId } = await import('@/executor/constants')
+
       const credentialSetId =
         directCredentialSetId ||
         (rawCredentialId && isCredentialSetValue(rawCredentialId)
@@ -339,6 +332,11 @@ export async function POST(request: NextRequest) {
           `[${requestId}] Credential set detected for ${provider} trigger. Syncing webhooks for set ${credentialSetId}`
         )
 
+        const { getProviderIdFromServiceId } = await import('@/lib/oauth')
+        const { syncWebhooksForCredentialSet, configureGmailPolling, configureOutlookPolling } =
+          await import('@/lib/webhooks/utils.server')
+
+        // Map provider to OAuth provider ID
         const oauthProviderId = getProviderIdFromServiceId(provider)
 
         const {
@@ -471,9 +469,6 @@ export async function POST(request: NextRequest) {
       providerConfig: providerConfigOverride,
     })
 
-    const userProvided = originalProviderConfig as Record<string, unknown>
-    const configToSave: Record<string, unknown> = { ...userProvided }
-
     try {
       const result = await createExternalWebhookSubscription(
         request,
@@ -482,9 +477,7 @@ export async function POST(request: NextRequest) {
         userId,
         requestId
       )
-      const updatedConfig = result.updatedProviderConfig as Record<string, unknown>
+      resolvedProviderConfig = result.updatedProviderConfig as Record<string, unknown>
-      mergeNonUserFields(configToSave, updatedConfig, userProvided)
-      resolvedProviderConfig = updatedConfig
       externalSubscriptionCreated = result.externalSubscriptionCreated
     } catch (err) {
       logger.error(`[${requestId}] Error creating external webhook subscription`, err)
@@ -497,22 +490,25 @@ export async function POST(request: NextRequest) {
       )
     }
 
+    // Now save to database (only if subscription succeeded or provider doesn't need external subscription)
     try {
       if (targetWebhookId) {
         logger.info(`[${requestId}] Updating existing webhook for path: ${finalPath}`, {
           webhookId: targetWebhookId,
           provider,
-          hasCredentialId: !!(configToSave as any)?.credentialId,
+          hasCredentialId: !!(resolvedProviderConfig as any)?.credentialId,
-          credentialId: (configToSave as any)?.credentialId,
+          credentialId: (resolvedProviderConfig as any)?.credentialId,
         })
         const updatedResult = await db
           .update(webhook)
           .set({
             blockId,
             provider,
-            providerConfig: configToSave,
+            providerConfig: resolvedProviderConfig,
             credentialSetId:
-              ((configToSave as Record<string, unknown>)?.credentialSetId as string | null) || null,
+              ((resolvedProviderConfig as Record<string, unknown>)?.credentialSetId as
+                | string
+                | null) || null,
             isActive: true,
             updatedAt: new Date(),
           })
@@ -535,9 +531,11 @@ export async function POST(request: NextRequest) {
             blockId,
             path: finalPath,
             provider,
-            providerConfig: configToSave,
+            providerConfig: resolvedProviderConfig,
             credentialSetId:
-              ((configToSave as Record<string, unknown>)?.credentialSetId as string | null) || null,
+              ((resolvedProviderConfig as Record<string, unknown>)?.credentialSetId as
+                | string
+                | null) || null,
             isActive: true,
             createdAt: new Date(),
             updatedAt: new Date(),
@@ -549,8 +547,9 @@ export async function POST(request: NextRequest) {
       if (externalSubscriptionCreated) {
         logger.error(`[${requestId}] DB save failed, cleaning up external subscription`, dbError)
         try {
+          const { cleanupExternalWebhook } = await import('@/lib/webhooks/provider-subscriptions')
           await cleanupExternalWebhook(
-            createTempWebhookData(configToSave),
+            createTempWebhookData(resolvedProviderConfig),
             workflowRecord,
             requestId
           )
@@ -568,6 +567,7 @@ export async function POST(request: NextRequest) {
     if (savedWebhook && provider === 'gmail') {
       logger.info(`[${requestId}] Gmail provider detected. Setting up Gmail webhook configuration.`)
       try {
+        const { configureGmailPolling } = await import('@/lib/webhooks/utils.server')
         const success = await configureGmailPolling(savedWebhook, requestId)
 
         if (!success) {
@@ -606,6 +606,7 @@ export async function POST(request: NextRequest) {
         `[${requestId}] Outlook provider detected. Setting up Outlook webhook configuration.`
       )
       try {
+        const { configureOutlookPolling } = await import('@/lib/webhooks/utils.server')
         const success = await configureOutlookPolling(savedWebhook, requestId)
 
         if (!success) {
@@ -642,6 +643,7 @@ export async function POST(request: NextRequest) {
     if (savedWebhook && provider === 'rss') {
       logger.info(`[${requestId}] RSS provider detected. Setting up RSS webhook configuration.`)
       try {
+        const { configureRssPolling } = await import('@/lib/webhooks/utils.server')
         const success = await configureRssPolling(savedWebhook, requestId)
 
         if (!success) {

apps/sim/app/api/workflows/[id]/deploy/route.ts

@@ -4,11 +4,7 @@ import { and, desc, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { removeMcpToolsForWorkflow, syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
-import {
+import { cleanupWebhooksForWorkflow, saveTriggerWebhooksForDeploy } from '@/lib/webhooks/deploy'
-  cleanupWebhooksForWorkflow,
-  restorePreviousVersionWebhooks,
-  saveTriggerWebhooksForDeploy,
-} from '@/lib/webhooks/deploy'
 import {
   deployWorkflow,
   loadWorkflowFromNormalizedTables,
@@ -139,18 +135,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
       return createErrorResponse(`Invalid schedule configuration: ${scheduleValidation.error}`, 400)
     }
 
-    const [currentActiveVersion] = await db
-      .select({ id: workflowDeploymentVersion.id })
-      .from(workflowDeploymentVersion)
-      .where(
-        and(
-          eq(workflowDeploymentVersion.workflowId, id),
-          eq(workflowDeploymentVersion.isActive, true)
-        )
-      )
-      .limit(1)
-    const previousVersionId = currentActiveVersion?.id
-
     const deployResult = await deployWorkflow({
       workflowId: id,
       deployedBy: actorUserId,
@@ -177,7 +161,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
       blocks: normalizedData.blocks,
       requestId,
       deploymentVersionId,
-      previousVersionId,
     })
 
     if (!triggerSaveResult.success) {
@@ -211,15 +194,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
         requestId,
         deploymentVersionId,
       })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData as Record<string, unknown>,
-          userId: actorUserId,
-          previousVersionId,
-          requestId,
-        })
-      }
       await undeployWorkflow({ workflowId: id })
       return createErrorResponse(scheduleResult.error || 'Failed to create schedule', 500)
     }
@@ -234,25 +208,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
       )
     }
 
-    if (previousVersionId && previousVersionId !== deploymentVersionId) {
-      try {
-        logger.info(`[${requestId}] Cleaning up previous version ${previousVersionId} DB records`)
-        await cleanupDeploymentVersion({
-          workflowId: id,
-          workflow: workflowData as Record<string, unknown>,
-          requestId,
-          deploymentVersionId: previousVersionId,
-          skipExternalCleanup: true,
-        })
-      } catch (cleanupError) {
-        logger.error(
-          `[${requestId}] Failed to clean up previous version ${previousVersionId}`,
-          cleanupError
-        )
-        // Non-fatal - continue with success response
-      }
-    }
-
     logger.info(`[${requestId}] Workflow deployed successfully: ${id}`)
 
     // Sync MCP tools with the latest parameter schema
@@ -273,7 +228,6 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
             nextRunAt: scheduleInfo.nextRunAt,
           }
         : undefined,
-      warnings: triggerSaveResult.warnings,
     })
   } catch (error: any) {
     logger.error(`[${requestId}] Error deploying workflow: ${id}`, {

apps/sim/app/api/workflows/[id]/deployments/[version]/activate/route.ts

@@ -4,7 +4,7 @@ import { and, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
-import { restorePreviousVersionWebhooks, saveTriggerWebhooksForDeploy } from '@/lib/webhooks/deploy'
+import { saveTriggerWebhooksForDeploy } from '@/lib/webhooks/deploy'
 import { activateWorkflowVersion } from '@/lib/workflows/persistence/utils'
 import {
   cleanupDeploymentVersion,
@@ -85,11 +85,6 @@ export async function POST(
       return createErrorResponse('Invalid deployed state structure', 500)
     }
 
-    const scheduleValidation = validateWorkflowSchedules(blocks)
-    if (!scheduleValidation.isValid) {
-      return createErrorResponse(`Invalid schedule configuration: ${scheduleValidation.error}`, 400)
-    }
-
     const triggerSaveResult = await saveTriggerWebhooksForDeploy({
       request,
       workflowId: id,
@@ -98,8 +93,6 @@ export async function POST(
       blocks,
       requestId,
       deploymentVersionId: versionRow.id,
-      previousVersionId,
-      forceRecreateSubscriptions: true,
     })
 
     if (!triggerSaveResult.success) {
@@ -109,6 +102,11 @@ export async function POST(
       )
     }
 
+    const scheduleValidation = validateWorkflowSchedules(blocks)
+    if (!scheduleValidation.isValid) {
+      return createErrorResponse(`Invalid schedule configuration: ${scheduleValidation.error}`, 400)
+    }
+
     const scheduleResult = await createSchedulesForDeploy(id, blocks, db, versionRow.id)
 
     if (!scheduleResult.success) {
@@ -118,15 +116,6 @@ export async function POST(
         requestId,
         deploymentVersionId: versionRow.id,
       })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData as Record<string, unknown>,
-          userId: actorUserId,
-          previousVersionId,
-          requestId,
-        })
-      }
       return createErrorResponse(scheduleResult.error || 'Failed to sync schedules', 500)
     }
 
@@ -138,15 +127,6 @@ export async function POST(
         requestId,
         deploymentVersionId: versionRow.id,
       })
-      if (previousVersionId) {
-        await restorePreviousVersionWebhooks({
-          request,
-          workflow: workflowData as Record<string, unknown>,
-          userId: actorUserId,
-          previousVersionId,
-          requestId,
-        })
-      }
       return createErrorResponse(result.error || 'Failed to activate deployment', 400)
     }
 
@@ -160,7 +140,6 @@ export async function POST(
           workflow: workflowData as Record<string, unknown>,
           requestId,
           deploymentVersionId: previousVersionId,
-          skipExternalCleanup: true,
         })
         logger.info(`[${requestId}] Previous version cleanup completed`)
       } catch (cleanupError) {
@@ -178,11 +157,7 @@ export async function POST(
       context: 'activate',
     })
 
-    return createSuccessResponse({
+    return createSuccessResponse({ success: true, deployedAt: result.deployedAt })
-      success: true,
-      deployedAt: result.deployedAt,
-      warnings: triggerSaveResult.warnings,
-    })
   } catch (error: any) {
     logger.error(`[${requestId}] Error activating deployment for workflow: ${id}`, error)
     return createErrorResponse(error.message || 'Failed to activate deployment', 500)

apps/sim/app/api/workflows/[id]/execute/route.ts

@@ -30,7 +30,6 @@ import { normalizeName } from '@/executor/constants'
 import { ExecutionSnapshot } from '@/executor/execution/snapshot'
 import type { ExecutionMetadata, IterationContext } from '@/executor/execution/types'
 import type { NormalizedBlockOutput, StreamingExecution } from '@/executor/types'
-import { hasExecutionResult } from '@/executor/utils/errors'
 import { Serializer } from '@/serializer'
 import { CORE_TRIGGER_TYPES, type CoreTriggerType } from '@/stores/logs/filters/types'
 
@@ -117,6 +116,7 @@ type AsyncExecutionParams = {
   userId: string
   input: any
   triggerType: CoreTriggerType
+  preflighted?: boolean
 }
 
 /**
@@ -139,6 +139,7 @@ async function handleAsyncExecution(params: AsyncExecutionParams): Promise<NextR
     userId,
     input,
     triggerType,
+    preflighted: params.preflighted,
   }
 
   try {
@@ -275,6 +276,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
       requestId
     )
 
+    const shouldPreflightEnvVars = isAsyncMode && isTriggerDevEnabled
     const preprocessResult = await preprocessExecution({
       workflowId,
       userId,
@@ -283,7 +285,9 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
       requestId,
       checkDeployment: !shouldUseDraftState,
       loggingSession,
+      preflightEnvVars: shouldPreflightEnvVars,
       useDraftState: shouldUseDraftState,
+      envUserId: isClientSession ? userId : undefined,
     })
 
     if (!preprocessResult.success) {
@@ -315,6 +319,7 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
         userId: actorUserId,
         input,
         triggerType: loggingTriggerType,
+        preflighted: shouldPreflightEnvVars,
       })
     }
 
@@ -468,17 +473,17 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
         }
 
         return NextResponse.json(filteredResult)
-      } catch (error: unknown) {
+      } catch (error: any) {
-        const errorMessage = error instanceof Error ? error.message : 'Unknown error'
+        const errorMessage = error.message || 'Unknown error'
         logger.error(`[${requestId}] Non-SSE execution failed: ${errorMessage}`)
 
-        const executionResult = hasExecutionResult(error) ? error.executionResult : undefined
+        const executionResult = error.executionResult
 
         return NextResponse.json(
           {
             success: false,
             output: executionResult?.output,
-            error: executionResult?.error || errorMessage || 'Execution failed',
+            error: executionResult?.error || error.message || 'Execution failed',
             metadata: executionResult?.metadata
               ? {
                   duration: executionResult.metadata.duration,
@@ -789,11 +794,11 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
 
           // Cleanup base64 cache for this execution
           await cleanupExecutionBase64Cache(executionId)
-        } catch (error: unknown) {
+        } catch (error: any) {
-          const errorMessage = error instanceof Error ? error.message : 'Unknown error'
+          const errorMessage = error.message || 'Unknown error'
           logger.error(`[${requestId}] SSE execution failed: ${errorMessage}`)
 
-          const executionResult = hasExecutionResult(error) ? error.executionResult : undefined
+          const executionResult = error.executionResult
 
           sendEvent({
             type: 'execution:error',

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/[documentId]/components/edit-chunk-modal/edit-chunk-modal.tsx

@@ -61,7 +61,6 @@ export function EditChunkModal({
   const [showUnsavedChangesAlert, setShowUnsavedChangesAlert] = useState(false)
   const [pendingNavigation, setPendingNavigation] = useState<(() => void) | null>(null)
   const [tokenizerOn, setTokenizerOn] = useState(false)
-  const [hoveredTokenIndex, setHoveredTokenIndex] = useState<number | null>(null)
   const textareaRef = useRef<HTMLTextAreaElement>(null)
 
   const error = mutationError?.message ?? null
@@ -255,8 +254,6 @@ export function EditChunkModal({
                         style={{
                           backgroundColor: getTokenBgColor(index),
                         }}
-                        onMouseEnter={() => setHoveredTokenIndex(index)}
-                        onMouseLeave={() => setHoveredTokenIndex(null)}
                       >
                         {token}
                       </span>
@@ -284,11 +281,6 @@ export function EditChunkModal({
                 <div className='flex items-center gap-[8px]'>
                   <span className='text-[12px] text-[var(--text-secondary)]'>Tokenizer</span>
                   <Switch checked={tokenizerOn} onCheckedChange={setTokenizerOn} />
-                  {tokenizerOn && hoveredTokenIndex !== null && (
-                    <span className='text-[12px] text-[var(--text-tertiary)]'>
-                      Token #{hoveredTokenIndex + 1}
-                    </span>
-                  )}
                 </div>
                 <span className='text-[12px] text-[var(--text-secondary)]'>
                   {tokenCount.toLocaleString()}

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/[documentId]/document.tsx

@@ -36,7 +36,6 @@ import {
 import { Input } from '@/components/ui/input'
 import { SearchHighlight } from '@/components/ui/search-highlight'
 import { Skeleton } from '@/components/ui/skeleton'
-import { formatAbsoluteDate, formatRelativeTime } from '@/lib/core/utils/formatting'
 import type { ChunkData } from '@/lib/knowledge/types'
 import {
   ChunkContextMenu,
@@ -59,6 +58,55 @@ import {
 
 const logger = createLogger('Document')
 
+/**
+ * Formats a date string to relative time (e.g., "2h ago", "3d ago")
+ */
+function formatRelativeTime(dateString: string): string {
+  const date = new Date(dateString)
+  const now = new Date()
+  const diffInSeconds = Math.floor((now.getTime() - date.getTime()) / 1000)
+
+  if (diffInSeconds < 60) {
+    return 'just now'
+  }
+  if (diffInSeconds < 3600) {
+    const minutes = Math.floor(diffInSeconds / 60)
+    return `${minutes}m ago`
+  }
+  if (diffInSeconds < 86400) {
+    const hours = Math.floor(diffInSeconds / 3600)
+    return `${hours}h ago`
+  }
+  if (diffInSeconds < 604800) {
+    const days = Math.floor(diffInSeconds / 86400)
+    return `${days}d ago`
+  }
+  if (diffInSeconds < 2592000) {
+    const weeks = Math.floor(diffInSeconds / 604800)
+    return `${weeks}w ago`
+  }
+  if (diffInSeconds < 31536000) {
+    const months = Math.floor(diffInSeconds / 2592000)
+    return `${months}mo ago`
+  }
+  const years = Math.floor(diffInSeconds / 31536000)
+  return `${years}y ago`
+}
+
+/**
+ * Formats a date string to absolute format for tooltip display
+ */
+function formatAbsoluteDate(dateString: string): string {
+  const date = new Date(dateString)
+  return date.toLocaleDateString('en-US', {
+    year: 'numeric',
+    month: 'short',
+    day: 'numeric',
+    hour: '2-digit',
+    minute: '2-digit',
+  })
+}
+
 interface DocumentProps {
   knowledgeBaseId: string
   documentId: string
@@ -256,6 +304,7 @@ export function Document({
 
   const [searchQuery, setSearchQuery] = useState('')
   const [debouncedSearchQuery, setDebouncedSearchQuery] = useState('')
+  const [isSearching, setIsSearching] = useState(false)
 
   const {
     chunks: initialChunks,
@@ -295,6 +344,7 @@ export function Document({
     const handler = setTimeout(() => {
       startTransition(() => {
         setDebouncedSearchQuery(searchQuery)
+        setIsSearching(searchQuery.trim().length > 0)
       })
     }, 200)
 
@@ -303,7 +353,6 @@ export function Document({
     }
   }, [searchQuery])
 
-  const isSearching = debouncedSearchQuery.trim().length > 0
   const showingSearch = isSearching && searchQuery.trim().length > 0 && searchResults.length > 0
   const SEARCH_PAGE_SIZE = 50
   const maxSearchPages = Math.ceil(searchResults.length / SEARCH_PAGE_SIZE)

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/base.tsx

@@ -27,10 +27,6 @@ import {
   ModalContent,
   ModalFooter,
   ModalHeader,
-  Popover,
-  PopoverContent,
-  PopoverItem,
-  PopoverTrigger,
   Table,
   TableBody,
   TableCell,
@@ -44,11 +40,8 @@ import { Input } from '@/components/ui/input'
 import { SearchHighlight } from '@/components/ui/search-highlight'
 import { Skeleton } from '@/components/ui/skeleton'
 import { cn } from '@/lib/core/utils/cn'
-import { formatAbsoluteDate, formatRelativeTime } from '@/lib/core/utils/formatting'
-import { ALL_TAG_SLOTS, type AllTagSlot, getFieldTypeForSlot } from '@/lib/knowledge/constants'
 import type { DocumentSortField, SortOrder } from '@/lib/knowledge/documents/types'
 import type { DocumentData } from '@/lib/knowledge/types'
-import { formatFileSize } from '@/lib/uploads/utils/file-utils'
 import {
   ActionBar,
   AddDocumentsModal,
@@ -196,8 +189,8 @@ function KnowledgeBaseLoading({ knowledgeBaseName }: KnowledgeBaseLoadingProps)
             </div>
           </div>
 
-          <div>
+          <div className='mt-[4px]'>
-            <Skeleton className='mt-[4px] h-[21px] w-[300px] rounded-[4px]' />
+            <Skeleton className='h-[21px] w-[300px] rounded-[4px]' />
           </div>
 
           <div className='mt-[16px] flex items-center gap-[8px]'>
@@ -215,13 +208,10 @@ function KnowledgeBaseLoading({ knowledgeBaseName }: KnowledgeBaseLoadingProps)
                 className='flex-1 border-0 bg-transparent px-0 font-medium text-[var(--text-secondary)] text-small leading-none placeholder:text-[var(--text-subtle)] focus-visible:ring-0 focus-visible:ring-offset-0'
               />
             </div>
-            <div className='flex items-center gap-[8px]'>
-              <Skeleton className='h-[32px] w-[52px] rounded-[6px]' />
             <Button disabled variant='tertiary' className='h-[32px] rounded-[6px]'>
               Add Documents
             </Button>
           </div>
-          </div>
 
           <div className='mt-[12px] flex flex-1 flex-col overflow-hidden'>
             <DocumentTableSkeleton rowCount={8} />
@@ -232,11 +222,73 @@ function KnowledgeBaseLoading({ knowledgeBaseName }: KnowledgeBaseLoadingProps)
   )
 }
 
+/**
+ * Formats a date string to relative time (e.g., "2h ago", "3d ago")
+ */
+function formatRelativeTime(dateString: string): string {
+  const date = new Date(dateString)
+  const now = new Date()
+  const diffInSeconds = Math.floor((now.getTime() - date.getTime()) / 1000)
+
+  if (diffInSeconds < 60) {
+    return 'just now'
+  }
+  if (diffInSeconds < 3600) {
+    const minutes = Math.floor(diffInSeconds / 60)
+    return `${minutes}m ago`
+  }
+  if (diffInSeconds < 86400) {
+    const hours = Math.floor(diffInSeconds / 3600)
+    return `${hours}h ago`
+  }
+  if (diffInSeconds < 604800) {
+    const days = Math.floor(diffInSeconds / 86400)
+    return `${days}d ago`
+  }
+  if (diffInSeconds < 2592000) {
+    const weeks = Math.floor(diffInSeconds / 604800)
+    return `${weeks}w ago`
+  }
+  if (diffInSeconds < 31536000) {
+    const months = Math.floor(diffInSeconds / 2592000)
+    return `${months}mo ago`
+  }
+  const years = Math.floor(diffInSeconds / 31536000)
+  return `${years}y ago`
+}
+
+/**
+ * Formats a date string to absolute format for tooltip display
+ */
+function formatAbsoluteDate(dateString: string): string {
+  const date = new Date(dateString)
+  return date.toLocaleDateString('en-US', {
+    year: 'numeric',
+    month: 'short',
+    day: 'numeric',
+    hour: '2-digit',
+    minute: '2-digit',
+  })
+}
+
 interface KnowledgeBaseProps {
   id: string
   knowledgeBaseName?: string
 }
 
+function getFileIcon(mimeType: string, filename: string) {
+  const IconComponent = getDocumentIcon(mimeType, filename)
+  return <IconComponent className='h-6 w-5 flex-shrink-0' />
+}
+
+function formatFileSize(bytes: number): string {
+  if (bytes === 0) return '0 Bytes'
+  const k = 1024
+  const sizes = ['Bytes', 'KB', 'MB', 'GB']
+  const i = Math.floor(Math.log(bytes) / Math.log(k))
+  return `${Number.parseFloat((bytes / k ** i).toFixed(2))} ${sizes[i]}`
+}
+
 const AnimatedLoader = ({ className }: { className?: string }) => (
   <Loader2 className={cn(className, 'animate-spin')} />
 )
@@ -284,24 +336,53 @@ const getStatusBadge = (doc: DocumentData) => {
   }
 }
 
+const TAG_SLOTS = [
+  'tag1',
+  'tag2',
+  'tag3',
+  'tag4',
+  'tag5',
+  'tag6',
+  'tag7',
+  'number1',
+  'number2',
+  'number3',
+  'number4',
+  'number5',
+  'date1',
+  'date2',
+  'boolean1',
+  'boolean2',
+  'boolean3',
+] as const
+
+type TagSlot = (typeof TAG_SLOTS)[number]
+
 interface TagValue {
-  slot: AllTagSlot
+  slot: TagSlot
   displayName: string
   value: string
 }
 
+const TAG_FIELD_TYPES: Record<string, string> = {
+  tag: 'text',
+  number: 'number',
+  date: 'date',
+  boolean: 'boolean',
+}
+
 /**
  * Computes tag values for a document
  */
 function getDocumentTags(doc: DocumentData, definitions: TagDefinition[]): TagValue[] {
   const result: TagValue[] = []
 
-  for (const slot of ALL_TAG_SLOTS) {
+  for (const slot of TAG_SLOTS) {
     const raw = doc[slot]
     if (raw == null) continue
 
     const def = definitions.find((d) => d.tagSlot === slot)
-    const fieldType = def?.fieldType || getFieldTypeForSlot(slot) || 'text'
+    const fieldType = def?.fieldType || TAG_FIELD_TYPES[slot.replace(/\d+$/, '')] || 'text'
 
     let value: string
     if (fieldType === 'date') {
@@ -343,8 +424,6 @@ export function KnowledgeBase({
 
   const [searchQuery, setSearchQuery] = useState('')
   const [showTagsModal, setShowTagsModal] = useState(false)
-  const [enabledFilter, setEnabledFilter] = useState<'all' | 'enabled' | 'disabled'>('all')
-  const [isFilterPopoverOpen, setIsFilterPopoverOpen] = useState(false)
 
   /**
    * Memoize the search query setter to prevent unnecessary re-renders
@@ -355,7 +434,6 @@ export function KnowledgeBase({
   }, [])
 
   const [selectedDocuments, setSelectedDocuments] = useState<Set<string>>(new Set())
-  const [isSelectAllMode, setIsSelectAllMode] = useState(false)
   const [showDeleteDialog, setShowDeleteDialog] = useState(false)
   const [showAddDocumentsModal, setShowAddDocumentsModal] = useState(false)
   const [showDeleteDocumentModal, setShowDeleteDocumentModal] = useState(false)
@@ -382,6 +460,7 @@ export function KnowledgeBase({
     error: knowledgeBaseError,
     refresh: refreshKnowledgeBase,
   } = useKnowledgeBase(id)
+  const [hasProcessingDocuments, setHasProcessingDocuments] = useState(false)
 
   const {
     documents,
@@ -390,7 +469,6 @@ export function KnowledgeBase({
     isFetching: isFetchingDocuments,
     isPlaceholderData: isPlaceholderDocuments,
     error: documentsError,
-    hasProcessingDocuments,
     updateDocument,
     refreshDocuments,
   } = useKnowledgeBaseDocuments(id, {
@@ -399,14 +477,7 @@ export function KnowledgeBase({
     offset: (currentPage - 1) * DOCUMENTS_PER_PAGE,
     sortBy,
     sortOrder,
-    refetchInterval: (data) => {
+    refetchInterval: hasProcessingDocuments && !isDeleting ? 3000 : false,
-      if (isDeleting) return false
-      const hasPending = data?.documents?.some(
-        (doc) => doc.processingStatus === 'pending' || doc.processingStatus === 'processing'
-      )
-      return hasPending ? 3000 : false
-    },
-    enabledFilter,
   })
 
   const { tagDefinitions } = useKnowledgeBaseTagDefinitions(id)
@@ -472,15 +543,25 @@ export function KnowledgeBase({
     </TableHead>
   )
 
+  useEffect(() => {
+    const processing = documents.some(
+      (doc) => doc.processingStatus === 'pending' || doc.processingStatus === 'processing'
+    )
+    setHasProcessingDocuments(processing)
+
+    if (processing) {
+      checkForDeadProcesses()
+    }
+  }, [documents])
+
   /**
    * Checks for documents with stale processing states and marks them as failed
    */
-  const checkForDeadProcesses = useCallback(
+  const checkForDeadProcesses = () => {
-    (docsToCheck: DocumentData[]) => {
     const now = new Date()
     const DEAD_PROCESS_THRESHOLD_MS = 600 * 1000 // 10 minutes
 
-      const staleDocuments = docsToCheck.filter((doc) => {
+    const staleDocuments = documents.filter((doc) => {
       if (doc.processingStatus !== 'processing' || !doc.processingStartedAt) {
         return false
       }
@@ -502,22 +583,12 @@ export function KnowledgeBase({
         },
         {
           onSuccess: () => {
-              logger.info(
+            logger.info(`Successfully marked dead process as failed for document: ${doc.filename}`)
-                `Successfully marked dead process as failed for document: ${doc.filename}`
-              )
           },
         }
       )
     })
-    },
-    [id, updateDocumentMutation]
-  )
-
-  useEffect(() => {
-    if (hasProcessingDocuments) {
-      checkForDeadProcesses(documents)
   }
-  }, [hasProcessingDocuments, documents, checkForDeadProcesses])
 
   const handleToggleEnabled = (docId: string) => {
     const document = documents.find((doc) => doc.id === docId)
@@ -677,7 +748,6 @@ export function KnowledgeBase({
       setSelectedDocuments(new Set(documents.map((doc) => doc.id)))
     } else {
       setSelectedDocuments(new Set())
-      setIsSelectAllMode(false)
     }
   }
 
@@ -723,26 +793,6 @@ export function KnowledgeBase({
    * Handles bulk enabling of selected documents
    */
   const handleBulkEnable = () => {
-    if (isSelectAllMode) {
-      bulkDocumentMutation(
-        {
-          knowledgeBaseId: id,
-          operation: 'enable',
-          selectAll: true,
-          enabledFilter,
-        },
-        {
-          onSuccess: (result) => {
-            logger.info(`Successfully enabled ${result.successCount} documents`)
-            setSelectedDocuments(new Set())
-            setIsSelectAllMode(false)
-            refreshDocuments()
-          },
-        }
-      )
-      return
-    }
-
     const documentsToEnable = documents.filter(
       (doc) => selectedDocuments.has(doc.id) && !doc.enabled
     )
@@ -771,26 +821,6 @@ export function KnowledgeBase({
    * Handles bulk disabling of selected documents
    */
   const handleBulkDisable = () => {
-    if (isSelectAllMode) {
-      bulkDocumentMutation(
-        {
-          knowledgeBaseId: id,
-          operation: 'disable',
-          selectAll: true,
-          enabledFilter,
-        },
-        {
-          onSuccess: (result) => {
-            logger.info(`Successfully disabled ${result.successCount} documents`)
-            setSelectedDocuments(new Set())
-            setIsSelectAllMode(false)
-            refreshDocuments()
-          },
-        }
-      )
-      return
-    }
-
     const documentsToDisable = documents.filter(
       (doc) => selectedDocuments.has(doc.id) && doc.enabled
     )
@@ -815,35 +845,18 @@ export function KnowledgeBase({
     )
   }
 
+  /**
+   * Opens the bulk delete confirmation modal
+   */
   const handleBulkDelete = () => {
     if (selectedDocuments.size === 0) return
     setShowBulkDeleteModal(true)
   }
 
+  /**
+   * Confirms and executes the bulk deletion of selected documents
+   */
   const confirmBulkDelete = () => {
-    if (isSelectAllMode) {
-      bulkDocumentMutation(
-        {
-          knowledgeBaseId: id,
-          operation: 'delete',
-          selectAll: true,
-          enabledFilter,
-        },
-        {
-          onSuccess: (result) => {
-            logger.info(`Successfully deleted ${result.successCount} documents`)
-            refreshDocuments()
-            setSelectedDocuments(new Set())
-            setIsSelectAllMode(false)
-          },
-          onSettled: () => {
-            setShowBulkDeleteModal(false)
-          },
-        }
-      )
-      return
-    }
-
     const documentsToDelete = documents.filter((doc) => selectedDocuments.has(doc.id))
 
     if (documentsToDelete.length === 0) return
@@ -868,17 +881,14 @@ export function KnowledgeBase({
   }
 
   const selectedDocumentsList = documents.filter((doc) => selectedDocuments.has(doc.id))
-  const enabledCount = isSelectAllMode
+  const enabledCount = selectedDocumentsList.filter((doc) => doc.enabled).length
-    ? enabledFilter === 'disabled'
+  const disabledCount = selectedDocumentsList.filter((doc) => !doc.enabled).length
-      ? 0
-      : pagination.total
-    : selectedDocumentsList.filter((doc) => doc.enabled).length
-  const disabledCount = isSelectAllMode
-    ? enabledFilter === 'enabled'
-      ? 0
-      : pagination.total
-    : selectedDocumentsList.filter((doc) => !doc.enabled).length
 
+  /**
+   * Handle right-click on a document row
+   * If right-clicking on an unselected document, select only that document
+   * If right-clicking on a selected document with multiple selections, keep all selections
+   */
   const handleDocumentContextMenu = useCallback(
     (e: React.MouseEvent, doc: DocumentData) => {
       const isCurrentlySelected = selectedDocuments.has(doc.id)
@@ -995,13 +1005,11 @@ export function KnowledgeBase({
             </div>
           </div>
 
-          <div>
           {knowledgeBase?.description && (
             <p className='mt-[4px] line-clamp-2 max-w-[40vw] font-medium text-[14px] text-[var(--text-tertiary)]'>
               {knowledgeBase.description}
             </p>
           )}
-          </div>
 
           <div className='mt-[16px] flex items-center gap-[8px]'>
             <span className='text-[14px] text-[var(--text-muted)]'>
@@ -1044,60 +1052,6 @@ export function KnowledgeBase({
                 ))}
             </div>
 
-            <div className='flex items-center gap-[8px]'>
-              <Popover open={isFilterPopoverOpen} onOpenChange={setIsFilterPopoverOpen}>
-                <PopoverTrigger asChild>
-                  <Button variant='default' className='h-[32px] rounded-[6px]'>
-                    {enabledFilter === 'all'
-                      ? 'All'
-                      : enabledFilter === 'enabled'
-                        ? 'Enabled'
-                        : 'Disabled'}
-                    <ChevronDown className='ml-2 h-4 w-4 text-muted-foreground' />
-                  </Button>
-                </PopoverTrigger>
-                <PopoverContent align='end' side='bottom' sideOffset={4}>
-                  <div className='flex flex-col gap-[2px]'>
-                    <PopoverItem
-                      active={enabledFilter === 'all'}
-                      onClick={() => {
-                        setEnabledFilter('all')
-                        setIsFilterPopoverOpen(false)
-                        setCurrentPage(1)
-                        setSelectedDocuments(new Set())
-                        setIsSelectAllMode(false)
-                      }}
-                    >
-                      All
-                    </PopoverItem>
-                    <PopoverItem
-                      active={enabledFilter === 'enabled'}
-                      onClick={() => {
-                        setEnabledFilter('enabled')
-                        setIsFilterPopoverOpen(false)
-                        setCurrentPage(1)
-                        setSelectedDocuments(new Set())
-                        setIsSelectAllMode(false)
-                      }}
-                    >
-                      Enabled
-                    </PopoverItem>
-                    <PopoverItem
-                      active={enabledFilter === 'disabled'}
-                      onClick={() => {
-                        setEnabledFilter('disabled')
-                        setIsFilterPopoverOpen(false)
-                        setCurrentPage(1)
-                        setSelectedDocuments(new Set())
-                        setIsSelectAllMode(false)
-                      }}
-                    >
-                      Disabled
-                    </PopoverItem>
-                  </div>
-                </PopoverContent>
-              </Popover>
-
             <Tooltip.Root>
               <Tooltip.Trigger asChild>
                 <Button
@@ -1114,7 +1068,6 @@ export function KnowledgeBase({
               )}
             </Tooltip.Root>
           </div>
-          </div>
 
           {error && !isLoadingKnowledgeBase && (
             <div className='mt-[24px]'>
@@ -1136,17 +1089,11 @@ export function KnowledgeBase({
               <div className='mt-[10px] flex h-64 items-center justify-center rounded-lg border border-muted-foreground/25 bg-muted/20'>
                 <div className='text-center'>
                   <p className='font-medium text-[var(--text-secondary)] text-sm'>
-                    {searchQuery
+                    {searchQuery ? 'No documents found' : 'No documents yet'}
-                      ? 'No documents found'
-                      : enabledFilter !== 'all'
-                        ? 'Nothing matches your filter'
-                        : 'No documents yet'}
                   </p>
                   <p className='mt-1 text-[var(--text-muted)] text-xs'>
                     {searchQuery
                       ? 'Try a different search term'
-                      : enabledFilter !== 'all'
-                        ? 'Try changing the filter'
                       : userPermissions.canEdit === true
                         ? 'Add documents to get started'
                         : 'Documents will appear here once added'}
@@ -1173,7 +1120,7 @@ export function KnowledgeBase({
                     {renderSortableHeader('tokenCount', 'Tokens', 'hidden w-[8%] lg:table-cell')}
                     {renderSortableHeader('chunkCount', 'Chunks', 'w-[8%]')}
                     {renderSortableHeader('uploadedAt', 'Uploaded', 'w-[11%]')}
-                    {renderSortableHeader('enabled', 'Status', 'w-[10%]')}
+                    {renderSortableHeader('processingStatus', 'Status', 'w-[10%]')}
                     <TableHead className='w-[12%] px-[12px] py-[8px] text-[12px] text-[var(--text-secondary)]'>
                       Tags
                     </TableHead>
@@ -1217,10 +1164,7 @@ export function KnowledgeBase({
                         </TableCell>
                         <TableCell className='w-[180px] max-w-[180px] px-[12px] py-[8px]'>
                           <div className='flex min-w-0 items-center gap-[8px]'>
-                            {(() => {
+                            {getFileIcon(doc.mimeType, doc.filename)}
-                              const IconComponent = getDocumentIcon(doc.mimeType, doc.filename)
-                              return <IconComponent className='h-6 w-5 flex-shrink-0' />
-                            })()}
                             <Tooltip.Root>
                               <Tooltip.Trigger asChild>
                                 <span
@@ -1564,14 +1508,6 @@ export function KnowledgeBase({
         enabledCount={enabledCount}
         disabledCount={disabledCount}
         isLoading={isBulkOperating}
-        totalCount={pagination.total}
-        isAllPageSelected={isAllSelected}
-        isAllSelected={isSelectAllMode}
-        onSelectAll={() => setIsSelectAllMode(true)}
-        onClearSelectAll={() => {
-          setIsSelectAllMode(false)
-          setSelectedDocuments(new Set())
-        }}
       />
 
       <DocumentContextMenu

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/components/action-bar/action-bar.tsx

@@ -13,11 +13,6 @@ interface ActionBarProps {
   disabledCount?: number
   isLoading?: boolean
   className?: string
-  totalCount?: number
-  isAllPageSelected?: boolean
-  isAllSelected?: boolean
-  onSelectAll?: () => void
-  onClearSelectAll?: () => void
 }
 
 export function ActionBar({
@@ -29,21 +24,14 @@ export function ActionBar({
   disabledCount = 0,
   isLoading = false,
   className,
-  totalCount = 0,
-  isAllPageSelected = false,
-  isAllSelected = false,
-  onSelectAll,
-  onClearSelectAll,
 }: ActionBarProps) {
   const userPermissions = useUserPermissionsContext()
 
-  if (selectedCount === 0 && !isAllSelected) return null
+  if (selectedCount === 0) return null
 
   const canEdit = userPermissions.canEdit
   const showEnableButton = disabledCount > 0 && onEnable && canEdit
   const showDisableButton = enabledCount > 0 && onDisable && canEdit
-  const showSelectAllOption =
-    isAllPageSelected && !isAllSelected && totalCount > selectedCount && onSelectAll
 
   return (
     <motion.div
@@ -55,31 +43,7 @@ export function ActionBar({
     >
       <div className='flex items-center gap-[8px] rounded-[10px] border border-[var(--border)] bg-[var(--surface-2)] px-[8px] py-[6px]'>
         <span className='px-[4px] text-[13px] text-[var(--text-secondary)]'>
-          {isAllSelected ? totalCount : selectedCount} selected
+          {selectedCount} selected
-          {showSelectAllOption && (
-            <>
-              {' · '}
-              <button
-                type='button'
-                onClick={onSelectAll}
-                className='text-[var(--brand-primary)] hover:underline'
-              >
-                Select all
-              </button>
-            </>
-          )}
-          {isAllSelected && onClearSelectAll && (
-            <>
-              {' · '}
-              <button
-                type='button'
-                onClick={onClearSelectAll}
-                className='text-[var(--brand-primary)] hover:underline'
-              >
-                Clear
-              </button>
-            </>
-          )}
         </span>
 
         <div className='flex items-center gap-[5px]'>

apps/sim/app/workspace/[workspaceId]/knowledge/[id]/components/rename-document-modal/rename-document-modal.tsx

@@ -123,11 +123,7 @@ export function RenameDocumentModal({
                 >
                   Cancel
                 </Button>
-                <Button
+                <Button variant='tertiary' type='submit' disabled={isSubmitting || !name?.trim()}>
-                  variant='tertiary'
-                  type='submit'
-                  disabled={isSubmitting || !name?.trim() || name.trim() === initialName}
-                >
                   {isSubmitting ? 'Renaming...' : 'Rename'}
                 </Button>
               </div>

apps/sim/app/workspace/[workspaceId]/knowledge/components/base-card/base-card.tsx

@@ -3,7 +3,6 @@
 import { useCallback, useState } from 'react'
 import { useParams, useRouter } from 'next/navigation'
 import { Badge, DocumentAttachment, Tooltip } from '@/components/emcn'
-import { formatAbsoluteDate, formatRelativeTime } from '@/lib/core/utils/formatting'
 import { BaseTagsModal } from '@/app/workspace/[workspaceId]/knowledge/[id]/components'
 import { useUserPermissionsContext } from '@/app/workspace/[workspaceId]/providers/workspace-permissions-provider'
 import { useContextMenu } from '@/app/workspace/[workspaceId]/w/components/sidebar/hooks'
@@ -22,6 +21,55 @@ interface BaseCardProps {
   onDelete?: (id: string) => Promise<void>
 }
 
+/**
+ * Formats a date string to relative time (e.g., "2h ago", "3d ago")
+ */
+function formatRelativeTime(dateString: string): string {
+  const date = new Date(dateString)
+  const now = new Date()
+  const diffInSeconds = Math.floor((now.getTime() - date.getTime()) / 1000)
+
+  if (diffInSeconds < 60) {
+    return 'just now'
+  }
+  if (diffInSeconds < 3600) {
+    const minutes = Math.floor(diffInSeconds / 60)
+    return `${minutes}m ago`
+  }
+  if (diffInSeconds < 86400) {
+    const hours = Math.floor(diffInSeconds / 3600)
+    return `${hours}h ago`
+  }
+  if (diffInSeconds < 604800) {
+    const days = Math.floor(diffInSeconds / 86400)
+    return `${days}d ago`
+  }
+  if (diffInSeconds < 2592000) {
+    const weeks = Math.floor(diffInSeconds / 604800)
+    return `${weeks}w ago`
+  }
+  if (diffInSeconds < 31536000) {
+    const months = Math.floor(diffInSeconds / 2592000)
+    return `${months}mo ago`
+  }
+  const years = Math.floor(diffInSeconds / 31536000)
+  return `${years}y ago`
+}
+
+/**
+ * Formats a date string to absolute format for tooltip display
+ */
+function formatAbsoluteDate(dateString: string): string {
+  const date = new Date(dateString)
+  return date.toLocaleDateString('en-US', {
+    year: 'numeric',
+    month: 'short',
+    day: 'numeric',
+    hour: '2-digit',
+    minute: '2-digit',
+  })
+}
+
 /**
  * Skeleton placeholder for a knowledge base card
  */

apps/sim/app/workspace/[workspaceId]/knowledge/components/create-base-modal/create-base-modal.tsx

@@ -344,12 +344,13 @@ export function CreateBaseModal({ open, onOpenChange }: CreateBaseModalProps) {
                   <Textarea
                     id='description'
                     placeholder='Describe this knowledge base (optional)'
-                    rows={4}
+                    rows={3}
                     {...register('description')}
                     className={cn(errors.description && 'border-[var(--text-error)]')}
                   />
                 </div>
 
+                <div className='space-y-[12px] rounded-[6px] bg-[var(--surface-5)] px-[12px] py-[14px]'>
                   <div className='grid grid-cols-2 gap-[12px]'>
                     <div className='flex flex-col gap-[8px]'>
                       <Label htmlFor='minChunkSize'>Min Chunk Size (characters)</Label>
@@ -389,6 +390,7 @@ export function CreateBaseModal({ open, onOpenChange }: CreateBaseModalProps) {
                       data-form-type='other'
                       name='overlap-size'
                     />
+                  </div>
                   <p className='text-[11px] text-[var(--text-muted)]'>
                     1 token ≈ 4 characters. Max chunk size and overlap are in tokens.
                   </p>

apps/sim/app/workspace/[workspaceId]/knowledge/components/edit-knowledge-base-modal/edit-knowledge-base-modal.tsx

@@ -59,7 +59,7 @@ export function EditKnowledgeBaseModal({
     handleSubmit,
     reset,
     watch,
-    formState: { errors, isDirty },
+    formState: { errors },
   } = useForm<FormValues>({
     resolver: zodResolver(FormSchema),
     defaultValues: {
@@ -127,7 +127,7 @@ export function EditKnowledgeBaseModal({
                 <Textarea
                   id='description'
                   placeholder='Describe this knowledge base (optional)'
-                  rows={4}
+                  rows={3}
                   {...register('description')}
                   className={cn(errors.description && 'border-[var(--text-error)]')}
                 />
@@ -161,7 +161,7 @@ export function EditKnowledgeBaseModal({
                 <Button
                   variant='tertiary'
                   type='submit'
-                  disabled={isSubmitting || !nameValue?.trim() || !isDirty}
+                  disabled={isSubmitting || !nameValue?.trim()}
                 >
                   {isSubmitting ? 'Saving...' : 'Save'}
                 </Button>

apps/sim/app/workspace/[workspaceId]/logs/components/log-details/components/trace-spans/trace-spans.tsx

@@ -2,7 +2,8 @@
 
 import type React from 'react'
 import { memo, useCallback, useMemo, useRef, useState } from 'react'
-import { ArrowDown, ArrowUp, Check, Clipboard, Search, X } from 'lucide-react'
+import clsx from 'clsx'
+import { ArrowDown, ArrowUp, X } from 'lucide-react'
 import { createPortal } from 'react-dom'
 import {
   Button,
@@ -14,11 +15,9 @@ import {
   PopoverContent,
   PopoverDivider,
   PopoverItem,
-  Tooltip,
 } from '@/components/emcn'
 import { WorkflowIcon } from '@/components/icons'
 import { cn } from '@/lib/core/utils/cn'
-import { formatDuration } from '@/lib/core/utils/formatting'
 import { LoopTool } from '@/app/workspace/[workspaceId]/w/[workflowId]/components/subflows/loop/loop-config'
 import { ParallelTool } from '@/app/workspace/[workspaceId]/w/[workflowId]/components/subflows/parallel/parallel-config'
 import { getBlock, getBlockByToolName } from '@/blocks'
@@ -27,6 +26,7 @@ import type { TraceSpan } from '@/stores/logs/filters/types'
 
 interface TraceSpansProps {
   traceSpans?: TraceSpan[]
+  totalDuration?: number
 }
 
 /**
@@ -100,20 +100,6 @@ function parseTime(value?: string | number | null): number {
   return Number.isFinite(ms) ? ms : 0
 }
 
-/**
- * Checks if a span or any of its descendants has an error
- */
-function hasErrorInTree(span: TraceSpan): boolean {
-  if (span.status === 'error') return true
-  if (span.children && span.children.length > 0) {
-    return span.children.some((child) => hasErrorInTree(child))
-  }
-  if (span.toolCalls && span.toolCalls.length > 0) {
-    return span.toolCalls.some((tc) => tc.error)
-  }
-  return false
-}
-
 /**
  * Normalizes and sorts trace spans recursively.
  * Merges children from both span.children and span.output.childTraceSpans,
@@ -156,6 +142,14 @@ function normalizeAndSortSpans(spans: TraceSpan[]): TraceSpan[] {
 
 const DEFAULT_BLOCK_COLOR = '#6b7280'
 
+/**
+ * Formats duration in ms
+ */
+function formatDuration(ms: number): string {
+  if (ms < 1000) return `${ms}ms`
+  return `${(ms / 1000).toFixed(2)}s`
+}
+
 /**
  * Gets icon and color for a span type using block config
  */
@@ -236,7 +230,7 @@ function ProgressBar({
   }, [span, childSpans, workflowStartTime, totalDuration])
 
   return (
-    <div className='relative h-[5px] w-full overflow-hidden rounded-[18px] bg-[var(--divider)]'>
+    <div className='relative mb-[8px] h-[5px] w-full overflow-hidden rounded-[18px] bg-[var(--divider)]'>
       {segments.map((segment, index) => (
         <div
           key={index}
@@ -252,6 +246,143 @@ function ProgressBar({
   )
 }
 
+interface ExpandableRowHeaderProps {
+  name: string
+  duration: number
+  isError: boolean
+  isExpanded: boolean
+  hasChildren: boolean
+  showIcon: boolean
+  icon: React.ComponentType<{ className?: string }> | null
+  bgColor: string
+  onToggle: () => void
+}
+
+/**
+ * Reusable expandable row header with chevron, icon, name, and duration
+ */
+function ExpandableRowHeader({
+  name,
+  duration,
+  isError,
+  isExpanded,
+  hasChildren,
+  showIcon,
+  icon: Icon,
+  bgColor,
+  onToggle,
+}: ExpandableRowHeaderProps) {
+  return (
+    <div
+      className={clsx('group flex items-center justify-between', hasChildren && 'cursor-pointer')}
+      onClick={hasChildren ? onToggle : undefined}
+      onKeyDown={
+        hasChildren
+          ? (e) => {
+              if (e.key === 'Enter' || e.key === ' ') {
+                e.preventDefault()
+                onToggle()
+              }
+            }
+          : undefined
+      }
+      role={hasChildren ? 'button' : undefined}
+      tabIndex={hasChildren ? 0 : undefined}
+      aria-expanded={hasChildren ? isExpanded : undefined}
+      aria-label={hasChildren ? (isExpanded ? 'Collapse' : 'Expand') : undefined}
+    >
+      <div className='flex items-center gap-[8px]'>
+        {hasChildren && (
+          <ChevronDown
+            className='h-[10px] w-[10px] flex-shrink-0 text-[var(--text-tertiary)] transition-transform duration-100 group-hover:text-[var(--text-primary)]'
+            style={{ transform: isExpanded ? 'rotate(0deg)' : 'rotate(-90deg)' }}
+          />
+        )}
+        {showIcon && (
+          <div
+            className='relative flex h-[14px] w-[14px] flex-shrink-0 items-center justify-center overflow-hidden rounded-[4px]'
+            style={{ background: bgColor }}
+          >
+            {Icon && <Icon className={clsx('text-white', '!h-[9px] !w-[9px]')} />}
+          </div>
+        )}
+        <span
+          className='font-medium text-[12px]'
+          style={{ color: isError ? 'var(--text-error)' : 'var(--text-secondary)' }}
+        >
+          {name}
+        </span>
+      </div>
+      <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
+        {formatDuration(duration)}
+      </span>
+    </div>
+  )
+}
+
+interface SpanContentProps {
+  span: TraceSpan
+  spanId: string
+  isError: boolean
+  workflowStartTime: number
+  totalDuration: number
+  expandedSections: Set<string>
+  onToggle: (section: string) => void
+}
+
+/**
+ * Reusable component for rendering span content (progress bar + input/output sections)
+ */
+function SpanContent({
+  span,
+  spanId,
+  isError,
+  workflowStartTime,
+  totalDuration,
+  expandedSections,
+  onToggle,
+}: SpanContentProps) {
+  const hasInput = Boolean(span.input)
+  const hasOutput = Boolean(span.output)
+
+  return (
+    <>
+      <ProgressBar
+        span={span}
+        childSpans={span.children}
+        workflowStartTime={workflowStartTime}
+        totalDuration={totalDuration}
+      />
+
+      {hasInput && (
+        <InputOutputSection
+          label='Input'
+          data={span.input}
+          isError={false}
+          spanId={spanId}
+          sectionType='input'
+          expandedSections={expandedSections}
+          onToggle={onToggle}
+        />
+      )}
+
+      {hasInput && hasOutput && <div className='border-[var(--border)] border-t border-dashed' />}
+
+      {hasOutput && (
+        <InputOutputSection
+          label={isError ? 'Error' : 'Output'}
+          data={span.output}
+          isError={isError}
+          spanId={spanId}
+          sectionType='output'
+          expandedSections={expandedSections}
+          onToggle={onToggle}
+        />
+      )}
+    </>
+  )
+}
+
 /**
  * Renders input/output section with collapsible content, context menu, and search
  */
@@ -275,14 +406,16 @@ function InputOutputSection({
   const sectionKey = `${spanId}-${sectionType}`
   const isExpanded = expandedSections.has(sectionKey)
   const contentRef = useRef<HTMLDivElement>(null)
+  const menuRef = useRef<HTMLDivElement>(null)
 
   // Context menu state
   const [isContextMenuOpen, setIsContextMenuOpen] = useState(false)
   const [contextMenuPosition, setContextMenuPosition] = useState({ x: 0, y: 0 })
-  const [copied, setCopied] = useState(false)
 
   // Code viewer features
   const {
+    wrapText,
+    toggleWrapText,
     isSearchActive,
     searchQuery,
     setSearchQuery,
@@ -314,8 +447,6 @@ function InputOutputSection({
 
   const handleCopy = useCallback(() => {
     navigator.clipboard.writeText(jsonString)
-    setCopied(true)
-    setTimeout(() => setCopied(false), 1500)
     closeContextMenu()
   }, [jsonString, closeContextMenu])
 
@@ -324,8 +455,13 @@ function InputOutputSection({
     closeContextMenu()
   }, [activateSearch, closeContextMenu])
 
+  const handleToggleWrap = useCallback(() => {
+    toggleWrapText()
+    closeContextMenu()
+  }, [toggleWrapText, closeContextMenu])
+
   return (
-    <div className='relative flex min-w-0 flex-col gap-[6px] overflow-hidden'>
+    <div className='relative flex min-w-0 flex-col gap-[8px] overflow-hidden'>
       <div
         className='group flex cursor-pointer items-center justify-between'
         onClick={() => onToggle(sectionKey)}
@@ -341,7 +477,7 @@ function InputOutputSection({
         aria-label={`${isExpanded ? 'Collapse' : 'Expand'} ${label.toLowerCase()}`}
       >
         <span
-          className={cn(
+          className={clsx(
             'font-medium text-[12px] transition-colors',
             isError
               ? 'text-[var(--text-error)]'
@@ -351,7 +487,9 @@ function InputOutputSection({
           {label}
         </span>
         <ChevronDown
-          className='h-[8px] w-[8px] text-[var(--text-tertiary)] transition-colors transition-transform group-hover:text-[var(--text-primary)]'
+          className={clsx(
+            'h-[10px] w-[10px] text-[var(--text-tertiary)] transition-colors transition-transform group-hover:text-[var(--text-primary)]'
+          )}
           style={{
             transform: isExpanded ? 'rotate(180deg)' : 'rotate(0deg)',
           }}
@@ -359,57 +497,16 @@ function InputOutputSection({
       </div>
       {isExpanded && (
         <>
-          <div ref={contentRef} onContextMenu={handleContextMenu} className='relative'>
+          <div ref={contentRef} onContextMenu={handleContextMenu}>
             <Code.Viewer
               code={jsonString}
               language='json'
-              className='!bg-[var(--surface-4)] dark:!bg-[var(--surface-3)] max-h-[300px] min-h-0 max-w-full rounded-[6px] border-0 [word-break:break-all]'
+              className='!bg-[var(--surface-3)] max-h-[300px] min-h-0 max-w-full rounded-[6px] border-0 [word-break:break-all]'
-              wrapText
+              wrapText={wrapText}
               searchQuery={isSearchActive ? searchQuery : undefined}
               currentMatchIndex={currentMatchIndex}
               onMatchCountChange={handleMatchCountChange}
             />
-            {/* Glass action buttons overlay */}
-            {!isSearchActive && (
-              <div className='absolute top-[7px] right-[6px] z-10 flex gap-[4px]'>
-                <Tooltip.Root>
-                  <Tooltip.Trigger asChild>
-                    <Button
-                      type='button'
-                      variant='default'
-                      onClick={(e) => {
-                        e.stopPropagation()
-                        handleCopy()
-                      }}
-                      className='h-[20px] w-[20px] cursor-pointer border border-[var(--border-1)] bg-transparent p-0 backdrop-blur-sm hover:bg-[var(--surface-3)]'
-                    >
-                      {copied ? (
-                        <Check className='h-[10px] w-[10px] text-[var(--text-success)]' />
-                      ) : (
-                        <Clipboard className='h-[10px] w-[10px]' />
-                      )}
-                    </Button>
-                  </Tooltip.Trigger>
-                  <Tooltip.Content side='top'>{copied ? 'Copied' : 'Copy'}</Tooltip.Content>
-                </Tooltip.Root>
-                <Tooltip.Root>
-                  <Tooltip.Trigger asChild>
-                    <Button
-                      type='button'
-                      variant='default'
-                      onClick={(e) => {
-                        e.stopPropagation()
-                        activateSearch()
-                      }}
-                      className='h-[20px] w-[20px] cursor-pointer border border-[var(--border-1)] bg-transparent p-0 backdrop-blur-sm hover:bg-[var(--surface-3)]'
-                    >
-                      <Search className='h-[10px] w-[10px]' />
-                    </Button>
-                  </Tooltip.Trigger>
-                  <Tooltip.Content side='top'>Search</Tooltip.Content>
-                </Tooltip.Root>
-              </div>
-            )}
           </div>
 
           {/* Search Overlay */}
@@ -482,10 +579,13 @@ function InputOutputSection({
                     height: '1px',
                   }}
                 />
-                <PopoverContent align='start' side='bottom' sideOffset={4}>
+                <PopoverContent ref={menuRef} align='start' side='bottom' sideOffset={4}>
                   <PopoverItem onClick={handleCopy}>Copy</PopoverItem>
                   <PopoverDivider />
                   <PopoverItem onClick={handleSearch}>Search</PopoverItem>
+                  <PopoverItem showCheck={wrapText} onClick={handleToggleWrap}>
+                    Wrap Text
+                  </PopoverItem>
                 </PopoverContent>
               </Popover>,
               document.body
@@ -496,51 +596,136 @@ function InputOutputSection({
   )
 }
 
-interface TraceSpanNodeProps {
+interface NestedBlockItemProps {
   span: TraceSpan
+  parentId: string
+  index: number
+  expandedSections: Set<string>
+  onToggle: (section: string) => void
   workflowStartTime: number
   totalDuration: number
-  depth: number
+  expandedChildren: Set<string>
-  expandedNodes: Set<string>
+  onToggleChildren: (spanId: string) => void
-  expandedSections: Set<string>
-  onToggleNode: (nodeId: string) => void
-  onToggleSection: (section: string) => void
 }
 
 /**
- * Recursive tree node component for rendering trace spans
+ * Recursive component for rendering nested blocks at any depth
  */
-const TraceSpanNode = memo(function TraceSpanNode({
+function NestedBlockItem({
   span,
+  parentId,
+  index,
+  expandedSections,
+  onToggle,
   workflowStartTime,
   totalDuration,
-  depth,
+  expandedChildren,
-  expandedNodes,
+  onToggleChildren,
-  expandedSections,
+}: NestedBlockItemProps): React.ReactNode {
-  onToggleNode,
+  const spanId = span.id || `${parentId}-nested-${index}`
-  onToggleSection,
+  const isError = span.status === 'error'
-}: TraceSpanNodeProps): React.ReactNode {
+  const { icon: SpanIcon, bgColor } = getBlockIconAndColor(span.type, span.name)
+  const hasChildren = Boolean(span.children && span.children.length > 0)
+  const isChildrenExpanded = expandedChildren.has(spanId)
+
+  return (
+    <div className='flex min-w-0 flex-col gap-[8px] overflow-hidden'>
+      <ExpandableRowHeader
+        name={span.name}
+        duration={span.duration || 0}
+        isError={isError}
+        isExpanded={isChildrenExpanded}
+        hasChildren={hasChildren}
+        showIcon={!isIterationType(span.type)}
+        icon={SpanIcon}
+        bgColor={bgColor}
+        onToggle={() => onToggleChildren(spanId)}
+      />
+
+      <SpanContent
+        span={span}
+        spanId={spanId}
+        isError={isError}
+        workflowStartTime={workflowStartTime}
+        totalDuration={totalDuration}
+        expandedSections={expandedSections}
+        onToggle={onToggle}
+      />
+
+      {/* Nested children */}
+      {hasChildren && isChildrenExpanded && (
+        <div className='mt-[2px] flex min-w-0 flex-col gap-[10px] overflow-hidden border-[var(--border)] border-l pl-[10px]'>
+          {span.children!.map((child, childIndex) => (
+            <NestedBlockItem
+              key={child.id || `${spanId}-child-${childIndex}`}
+              span={child}
+              parentId={spanId}
+              index={childIndex}
+              expandedSections={expandedSections}
+              onToggle={onToggle}
+              workflowStartTime={workflowStartTime}
+              totalDuration={totalDuration}
+              expandedChildren={expandedChildren}
+              onToggleChildren={onToggleChildren}
+            />
+          ))}
+        </div>
+      )}
+    </div>
+  )
+}
+
+interface TraceSpanItemProps {
+  span: TraceSpan
+  totalDuration: number
+  workflowStartTime: number
+  isFirstSpan?: boolean
+}
+
+/**
+ * Individual trace span card component.
+ * Memoized to prevent re-renders when sibling spans change.
+ */
+const TraceSpanItem = memo(function TraceSpanItem({
+  span,
+  totalDuration,
+  workflowStartTime,
+  isFirstSpan = false,
+}: TraceSpanItemProps): React.ReactNode {
+  const [expandedSections, setExpandedSections] = useState<Set<string>>(new Set())
+  const [expandedChildren, setExpandedChildren] = useState<Set<string>>(new Set())
+  const [isCardExpanded, setIsCardExpanded] = useState(false)
+  const toggleSet = useSetToggle()
+
   const spanId = span.id || `span-${span.name}-${span.startTime}`
   const spanStartTime = new Date(span.startTime).getTime()
   const spanEndTime = new Date(span.endTime).getTime()
   const duration = span.duration || spanEndTime - spanStartTime
 
-  const isDirectError = span.status === 'error'
+  const hasChildren = Boolean(span.children && span.children.length > 0)
-  const hasNestedError = hasErrorInTree(span)
+  const hasToolCalls = Boolean(span.toolCalls && span.toolCalls.length > 0)
-  const showErrorStyle = isDirectError || hasNestedError
+  const isError = span.status === 'error'
 
-  const { icon: BlockIcon, bgColor } = getBlockIconAndColor(span.type, span.name)
+  const inlineChildTypes = new Set([
+    'tool',
+    'model',
+    'loop-iteration',
+    'parallel-iteration',
+    'workflow',
+  ])
 
-  // Root workflow execution is always expanded and has no toggle
+  // For workflow-in-workflow blocks, all children should be rendered inline/nested
-  const isRootWorkflow = depth === 0
+  const isWorkflowBlock = span.type?.toLowerCase().includes('workflow')
+  const inlineChildren = isWorkflowBlock
+    ? span.children || []
+    : span.children?.filter((child) => inlineChildTypes.has(child.type?.toLowerCase() || '')) || []
+  const otherChildren = isWorkflowBlock
+    ? []
+    : span.children?.filter((child) => !inlineChildTypes.has(child.type?.toLowerCase() || '')) || []
 
-  // Build all children including tool calls
+  const toolCallSpans = useMemo(() => {
-  const allChildren = useMemo(() => {
+    if (!hasToolCalls) return []
-    const children: TraceSpan[] = []
+    return span.toolCalls!.map((toolCall, index) => {
-
-    // Add tool calls as child spans
-    if (span.toolCalls && span.toolCalls.length > 0) {
-      span.toolCalls.forEach((toolCall, index) => {
       const toolStartTime = toolCall.startTime
         ? new Date(toolCall.startTime).getTime()
         : spanStartTime
@@ -548,7 +733,7 @@ const TraceSpanNode = memo(function TraceSpanNode({
         ? new Date(toolCall.endTime).getTime()
         : toolStartTime + (toolCall.duration || 0)
 
-        children.push({
+      return {
         id: `${spanId}-tool-${index}`,
         name: toolCall.name,
         type: 'tool',
@@ -560,165 +745,206 @@ const TraceSpanNode = memo(function TraceSpanNode({
         output: toolCall.error
           ? { error: toolCall.error, ...(toolCall.output || {}) }
           : toolCall.output,
-        } as TraceSpan)
+      } as TraceSpan
     })
-    }
+  }, [hasToolCalls, span.toolCalls, spanId, spanStartTime])
 
-    // Add regular children
+  const handleSectionToggle = useCallback(
-    if (span.children && span.children.length > 0) {
+    (section: string) => toggleSet(setExpandedSections, section),
-      children.push(...span.children)
+    [toggleSet]
-    }
+  )
 
-    // Sort by start time
+  const handleChildrenToggle = useCallback(
-    return children.sort((a, b) => parseTime(a.startTime) - parseTime(b.startTime))
+    (childSpanId: string) => toggleSet(setExpandedChildren, childSpanId),
-  }, [span, spanId, spanStartTime])
+    [toggleSet]
+  )
 
-  const hasChildren = allChildren.length > 0
+  const { icon: BlockIcon, bgColor } = getBlockIconAndColor(span.type, span.name)
-  const isExpanded = isRootWorkflow || expandedNodes.has(spanId)
-  const isToggleable = !isRootWorkflow
 
-  const hasInput = Boolean(span.input)
+  // Check if this card has expandable inline content
-  const hasOutput = Boolean(span.output)
+  const hasInlineContent =
+    (isWorkflowBlock && inlineChildren.length > 0) ||
+    (!isWorkflowBlock && (toolCallSpans.length > 0 || inlineChildren.length > 0))
 
-  // For progress bar - show child segments for workflow/iteration types
+  const isExpandable = !isFirstSpan && hasInlineContent
-  const lowerType = span.type?.toLowerCase() || ''
-  const showChildrenInProgressBar =
-    isIterationType(lowerType) || lowerType === 'workflow' || lowerType === 'workflow_input'
 
   return (
-    <div className='flex min-w-0 flex-col'>
+    <>
-      {/* Node Header Row */}
+      <div className='flex min-w-0 flex-col gap-[8px] overflow-hidden rounded-[6px] bg-[var(--surface-1)] px-[10px] py-[8px]'>
-      <div
+        <ExpandableRowHeader
-        className={cn(
+          name={span.name}
-          'group flex items-center justify-between gap-[8px] py-[6px]',
+          duration={duration}
-          isToggleable && 'cursor-pointer'
+          isError={isError}
-        )}
+          isExpanded={isCardExpanded}
-        onClick={isToggleable ? () => onToggleNode(spanId) : undefined}
+          hasChildren={isExpandable}
-        onKeyDown={
+          showIcon={!isFirstSpan}
-          isToggleable
+          icon={BlockIcon}
-            ? (e) => {
+          bgColor={bgColor}
-                if (e.key === 'Enter' || e.key === ' ') {
+          onToggle={() => setIsCardExpanded((prev) => !prev)}
-                  e.preventDefault()
-                  onToggleNode(spanId)
-                }
-              }
-            : undefined
-        }
-        role={isToggleable ? 'button' : undefined}
-        tabIndex={isToggleable ? 0 : undefined}
-        aria-expanded={isToggleable ? isExpanded : undefined}
-        aria-label={isToggleable ? (isExpanded ? 'Collapse' : 'Expand') : undefined}
-      >
-        <div className='flex min-w-0 flex-1 items-center gap-[8px]'>
-          {!isIterationType(span.type) && (
-            <div
-              className='relative flex h-[14px] w-[14px] flex-shrink-0 items-center justify-center overflow-hidden rounded-[4px]'
-              style={{ background: bgColor }}
-            >
-              {BlockIcon && <BlockIcon className='h-[9px] w-[9px] text-white' />}
-            </div>
-          )}
-          <span
-            className='min-w-0 max-w-[180px] truncate font-medium text-[12px]'
-            style={{ color: showErrorStyle ? 'var(--text-error)' : 'var(--text-secondary)' }}
-          >
-            {span.name}
-          </span>
-          {isToggleable && (
-            <ChevronDown
-              className='h-[8px] w-[8px] flex-shrink-0 text-[var(--text-tertiary)] transition-colors transition-transform duration-100 group-hover:text-[var(--text-primary)]'
-              style={{
-                transform: `translateY(-0.25px) ${isExpanded ? 'rotate(0deg)' : 'rotate(-90deg)'}`,
-              }}
         />
-          )}
-        </div>
-        <span className='flex-shrink-0 font-medium text-[12px] text-[var(--text-tertiary)]'>
-          {formatDuration(duration, { precision: 2 })}
-        </span>
-      </div>
 
-      {/* Expanded Content */}
+        <SpanContent
-      {isExpanded && (
-        <div className='flex min-w-0 flex-col gap-[10px]'>
-          {/* Progress Bar */}
-          <ProgressBar
           span={span}
-            childSpans={showChildrenInProgressBar ? span.children : undefined}
+          spanId={spanId}
+          isError={isError}
+          workflowStartTime={workflowStartTime}
+          totalDuration={totalDuration}
+          expandedSections={expandedSections}
+          onToggle={handleSectionToggle}
+        />
+
+        {/* For workflow blocks, keep children nested within the card (not as separate cards) */}
+        {!isFirstSpan && isWorkflowBlock && inlineChildren.length > 0 && isCardExpanded && (
+          <div className='mt-[2px] flex min-w-0 flex-col gap-[10px] overflow-hidden border-[var(--border)] border-l pl-[10px]'>
+            {inlineChildren.map((childSpan, index) => (
+              <NestedBlockItem
+                key={childSpan.id || `${spanId}-nested-${index}`}
+                span={childSpan}
+                parentId={spanId}
+                index={index}
+                expandedSections={expandedSections}
+                onToggle={handleSectionToggle}
+                workflowStartTime={workflowStartTime}
+                totalDuration={totalDuration}
+                expandedChildren={expandedChildren}
+                onToggleChildren={handleChildrenToggle}
+              />
+            ))}
+          </div>
+        )}
+
+        {/* For non-workflow blocks, render inline children/tool calls */}
+        {!isFirstSpan && !isWorkflowBlock && isCardExpanded && (
+          <div className='mt-[2px] flex min-w-0 flex-col gap-[10px] overflow-hidden border-[var(--border)] border-l pl-[10px]'>
+            {[...toolCallSpans, ...inlineChildren].map((childSpan, index) => {
+              const childId = childSpan.id || `${spanId}-inline-${index}`
+              const childIsError = childSpan.status === 'error'
+              const childLowerType = childSpan.type?.toLowerCase() || ''
+              const hasNestedChildren = Boolean(childSpan.children && childSpan.children.length > 0)
+              const isNestedExpanded = expandedChildren.has(childId)
+              const showChildrenInProgressBar =
+                isIterationType(childLowerType) || childLowerType === 'workflow'
+              const { icon: ChildIcon, bgColor: childBgColor } = getBlockIconAndColor(
+                childSpan.type,
+                childSpan.name
+              )
+
+              return (
+                <div
+                  key={`inline-${childId}`}
+                  className='flex min-w-0 flex-col gap-[8px] overflow-hidden'
+                >
+                  <ExpandableRowHeader
+                    name={childSpan.name}
+                    duration={childSpan.duration || 0}
+                    isError={childIsError}
+                    isExpanded={isNestedExpanded}
+                    hasChildren={hasNestedChildren}
+                    showIcon={!isIterationType(childSpan.type)}
+                    icon={ChildIcon}
+                    bgColor={childBgColor}
+                    onToggle={() => handleChildrenToggle(childId)}
+                  />
+
+                  <ProgressBar
+                    span={childSpan}
+                    childSpans={showChildrenInProgressBar ? childSpan.children : undefined}
                     workflowStartTime={workflowStartTime}
                     totalDuration={totalDuration}
                   />
 
-          {/* Input/Output Sections */}
+                  {childSpan.input && (
-          {(hasInput || hasOutput) && (
-            <div className='flex min-w-0 flex-col gap-[6px] overflow-hidden py-[2px]'>
-              {hasInput && (
                     <InputOutputSection
                       label='Input'
-                  data={span.input}
+                      data={childSpan.input}
                       isError={false}
-                  spanId={spanId}
+                      spanId={childId}
                       sectionType='input'
                       expandedSections={expandedSections}
-                  onToggle={onToggleSection}
+                      onToggle={handleSectionToggle}
                     />
                   )}
 
-              {hasInput && hasOutput && (
+                  {childSpan.input && childSpan.output && (
                     <div className='border-[var(--border)] border-t border-dashed' />
                   )}
 
-              {hasOutput && (
+                  {childSpan.output && (
                     <InputOutputSection
-                  label={isDirectError ? 'Error' : 'Output'}
+                      label={childIsError ? 'Error' : 'Output'}
-                  data={span.output}
+                      data={childSpan.output}
-                  isError={isDirectError}
+                      isError={childIsError}
-                  spanId={spanId}
+                      spanId={childId}
                       sectionType='output'
                       expandedSections={expandedSections}
-                  onToggle={onToggleSection}
+                      onToggle={handleSectionToggle}
                     />
                   )}
-            </div>
-          )}
 
-          {/* Nested Children */}
+                  {/* Nested children */}
-          {hasChildren && (
+                  {showChildrenInProgressBar && hasNestedChildren && isNestedExpanded && (
-            <div className='flex min-w-0 flex-col gap-[2px] border-[var(--border)] border-l pl-[10px]'>
+                    <div className='mt-[2px] flex min-w-0 flex-col gap-[10px] overflow-hidden border-[var(--border)] border-l pl-[10px]'>
-              {allChildren.map((child, index) => (
+                      {childSpan.children!.map((nestedChild, nestedIndex) => (
-                <div key={child.id || `${spanId}-child-${index}`} className='pl-[6px]'>
+                        <NestedBlockItem
-                  <TraceSpanNode
+                          key={nestedChild.id || `${childId}-nested-${nestedIndex}`}
-                    span={child}
+                          span={nestedChild}
+                          parentId={childId}
+                          index={nestedIndex}
+                          expandedSections={expandedSections}
+                          onToggle={handleSectionToggle}
                           workflowStartTime={workflowStartTime}
                           totalDuration={totalDuration}
-                    depth={depth + 1}
+                          expandedChildren={expandedChildren}
-                    expandedNodes={expandedNodes}
+                          onToggleChildren={handleChildrenToggle}
-                    expandedSections={expandedSections}
-                    onToggleNode={onToggleNode}
-                    onToggleSection={onToggleSection}
                         />
-                </div>
                       ))}
                     </div>
                   )}
                 </div>
+              )
+            })}
+          </div>
         )}
       </div>
+
+      {/* For the first span (workflow execution), render all children as separate top-level cards */}
+      {isFirstSpan &&
+        hasChildren &&
+        span.children!.map((childSpan, index) => (
+          <TraceSpanItem
+            key={childSpan.id || `${spanId}-child-${index}`}
+            span={childSpan}
+            totalDuration={totalDuration}
+            workflowStartTime={workflowStartTime}
+            isFirstSpan={false}
+          />
+        ))}
+
+      {!isFirstSpan &&
+        otherChildren.map((childSpan, index) => (
+          <TraceSpanItem
+            key={childSpan.id || `${spanId}-other-${index}`}
+            span={childSpan}
+            totalDuration={totalDuration}
+            workflowStartTime={workflowStartTime}
+            isFirstSpan={false}
+          />
+        ))}
+    </>
   )
 })
 
 /**
- * Displays workflow execution trace spans with nested tree structure.
+ * Displays workflow execution trace spans with nested structure.
  * Memoized to prevent re-renders when parent LogDetails updates.
  */
-export const TraceSpans = memo(function TraceSpans({ traceSpans }: TraceSpansProps) {
+export const TraceSpans = memo(function TraceSpans({
-  const [expandedNodes, setExpandedNodes] = useState<Set<string>>(() => new Set())
+  traceSpans,
-  const [expandedSections, setExpandedSections] = useState<Set<string>>(new Set())
+  totalDuration = 0,
-  const toggleSet = useSetToggle()
+}: TraceSpansProps) {
-
   const { workflowStartTime, actualTotalDuration, normalizedSpans } = useMemo(() => {
     if (!traceSpans || traceSpans.length === 0) {
-      return { workflowStartTime: 0, actualTotalDuration: 0, normalizedSpans: [] }
+      return { workflowStartTime: 0, actualTotalDuration: totalDuration, normalizedSpans: [] }
     }
 
     let earliest = Number.POSITIVE_INFINITY
@@ -736,37 +962,26 @@ export const TraceSpans = memo(function TraceSpans({ traceSpans }: TraceSpansPro
       actualTotalDuration: latest - earliest,
       normalizedSpans: normalizeAndSortSpans(traceSpans),
     }
-  }, [traceSpans])
+  }, [traceSpans, totalDuration])
-
-  const handleToggleNode = useCallback(
-    (nodeId: string) => toggleSet(setExpandedNodes, nodeId),
-    [toggleSet]
-  )
-
-  const handleToggleSection = useCallback(
-    (section: string) => toggleSet(setExpandedSections, section),
-    [toggleSet]
-  )
 
   if (!traceSpans || traceSpans.length === 0) {
     return <div className='text-[12px] text-[var(--text-secondary)]'>No trace data available</div>
   }
 
   return (
-    <div className='flex w-full min-w-0 flex-col overflow-hidden'>
+    <div className='flex w-full min-w-0 flex-col gap-[6px] overflow-hidden rounded-[6px] bg-[var(--surface-2)] px-[10px] py-[8px]'>
+      <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>Trace Span</span>
+      <div className='flex min-w-0 flex-col gap-[8px] overflow-hidden'>
         {normalizedSpans.map((span, index) => (
-        <TraceSpanNode
+          <TraceSpanItem
             key={span.id || index}
             span={span}
-          workflowStartTime={workflowStartTime}
             totalDuration={actualTotalDuration}
-          depth={0}
+            workflowStartTime={workflowStartTime}
-          expandedNodes={expandedNodes}
+            isFirstSpan={index === 0}
-          expandedSections={expandedSections}
-          onToggleNode={handleToggleNode}
-          onToggleSection={handleToggleSection}
           />
         ))}
       </div>
+    </div>
   )
 })

apps/sim/app/workspace/[workspaceId]/logs/components/log-details/log-details.tsx

@@ -1,23 +1,10 @@
 'use client'
 
-import { memo, useCallback, useEffect, useMemo, useRef, useState } from 'react'
+import { memo, useEffect, useMemo, useRef, useState } from 'react'
-import { ArrowDown, ArrowUp, Check, ChevronUp, Clipboard, Search, X } from 'lucide-react'
+import { ChevronUp, X } from 'lucide-react'
-import { createPortal } from 'react-dom'
+import { Button, Eye } from '@/components/emcn'
-import {
-  Button,
-  Code,
-  Eye,
-  Input,
-  Popover,
-  PopoverAnchor,
-  PopoverContent,
-  PopoverDivider,
-  PopoverItem,
-  Tooltip,
-} from '@/components/emcn'
 import { ScrollArea } from '@/components/ui/scroll-area'
 import { BASE_EXECUTION_CHARGE } from '@/lib/billing/constants'
-import { cn } from '@/lib/core/utils/cn'
 import {
   ExecutionSnapshot,
   FileCards,
@@ -30,194 +17,11 @@ import {
   StatusBadge,
   TriggerBadge,
 } from '@/app/workspace/[workspaceId]/logs/utils'
-import { useCodeViewerFeatures } from '@/hooks/use-code-viewer'
 import { usePermissionConfig } from '@/hooks/use-permission-config'
 import { formatCost } from '@/providers/utils'
 import type { WorkflowLog } from '@/stores/logs/filters/types'
 import { useLogDetailsUIStore } from '@/stores/logs/store'
 
-/**
- * Workflow Output section with code viewer, copy, search, and context menu functionality
- */
-function WorkflowOutputSection({ output }: { output: Record<string, unknown> }) {
-  const contentRef = useRef<HTMLDivElement>(null)
-  const [copied, setCopied] = useState(false)
-
-  // Context menu state
-  const [isContextMenuOpen, setIsContextMenuOpen] = useState(false)
-  const [contextMenuPosition, setContextMenuPosition] = useState({ x: 0, y: 0 })
-
-  const {
-    isSearchActive,
-    searchQuery,
-    setSearchQuery,
-    matchCount,
-    currentMatchIndex,
-    activateSearch,
-    closeSearch,
-    goToNextMatch,
-    goToPreviousMatch,
-    handleMatchCountChange,
-    searchInputRef,
-  } = useCodeViewerFeatures({ contentRef })
-
-  const jsonString = useMemo(() => JSON.stringify(output, null, 2), [output])
-
-  const handleContextMenu = useCallback((e: React.MouseEvent) => {
-    e.preventDefault()
-    e.stopPropagation()
-    setContextMenuPosition({ x: e.clientX, y: e.clientY })
-    setIsContextMenuOpen(true)
-  }, [])
-
-  const closeContextMenu = useCallback(() => {
-    setIsContextMenuOpen(false)
-  }, [])
-
-  const handleCopy = useCallback(() => {
-    navigator.clipboard.writeText(jsonString)
-    setCopied(true)
-    setTimeout(() => setCopied(false), 1500)
-    closeContextMenu()
-  }, [jsonString, closeContextMenu])
-
-  const handleSearch = useCallback(() => {
-    activateSearch()
-    closeContextMenu()
-  }, [activateSearch, closeContextMenu])
-
-  return (
-    <div className='relative flex min-w-0 flex-col overflow-hidden'>
-      <div ref={contentRef} onContextMenu={handleContextMenu} className='relative'>
-        <Code.Viewer
-          code={jsonString}
-          language='json'
-          className='!bg-[var(--surface-4)] dark:!bg-[var(--surface-3)] max-h-[300px] min-h-0 max-w-full rounded-[6px] border-0 [word-break:break-all]'
-          wrapText
-          searchQuery={isSearchActive ? searchQuery : undefined}
-          currentMatchIndex={currentMatchIndex}
-          onMatchCountChange={handleMatchCountChange}
-        />
-        {/* Glass action buttons overlay */}
-        {!isSearchActive && (
-          <div className='absolute top-[7px] right-[6px] z-10 flex gap-[4px]'>
-            <Tooltip.Root>
-              <Tooltip.Trigger asChild>
-                <Button
-                  type='button'
-                  variant='default'
-                  onClick={(e) => {
-                    e.stopPropagation()
-                    handleCopy()
-                  }}
-                  className='h-[20px] w-[20px] cursor-pointer border border-[var(--border-1)] bg-transparent p-0 backdrop-blur-sm hover:bg-[var(--surface-3)]'
-                >
-                  {copied ? (
-                    <Check className='h-[10px] w-[10px] text-[var(--text-success)]' />
-                  ) : (
-                    <Clipboard className='h-[10px] w-[10px]' />
-                  )}
-                </Button>
-              </Tooltip.Trigger>
-              <Tooltip.Content side='top'>{copied ? 'Copied' : 'Copy'}</Tooltip.Content>
-            </Tooltip.Root>
-            <Tooltip.Root>
-              <Tooltip.Trigger asChild>
-                <Button
-                  type='button'
-                  variant='default'
-                  onClick={(e) => {
-                    e.stopPropagation()
-                    activateSearch()
-                  }}
-                  className='h-[20px] w-[20px] cursor-pointer border border-[var(--border-1)] bg-transparent p-0 backdrop-blur-sm hover:bg-[var(--surface-3)]'
-                >
-                  <Search className='h-[10px] w-[10px]' />
-                </Button>
-              </Tooltip.Trigger>
-              <Tooltip.Content side='top'>Search</Tooltip.Content>
-            </Tooltip.Root>
-          </div>
-        )}
-      </div>
-
-      {/* Search Overlay */}
-      {isSearchActive && (
-        <div
-          className='absolute top-0 right-0 z-30 flex h-[34px] items-center gap-[6px] rounded-[4px] border border-[var(--border)] bg-[var(--surface-1)] px-[6px] shadow-sm'
-          onClick={(e) => e.stopPropagation()}
-        >
-          <Input
-            ref={searchInputRef}
-            type='text'
-            value={searchQuery}
-            onChange={(e) => setSearchQuery(e.target.value)}
-            placeholder='Search...'
-            className='mr-[2px] h-[23px] w-[94px] text-[12px]'
-          />
-          <span
-            className={cn(
-              'min-w-[45px] text-center text-[11px]',
-              matchCount > 0 ? 'text-[var(--text-secondary)]' : 'text-[var(--text-tertiary)]'
-            )}
-          >
-            {matchCount > 0 ? `${currentMatchIndex + 1}/${matchCount}` : '0/0'}
-          </span>
-          <Button
-            variant='ghost'
-            className='!p-1'
-            onClick={goToPreviousMatch}
-            disabled={matchCount === 0}
-            aria-label='Previous match'
-          >
-            <ArrowUp className='h-[12px] w-[12px]' />
-          </Button>
-          <Button
-            variant='ghost'
-            className='!p-1'
-            onClick={goToNextMatch}
-            disabled={matchCount === 0}
-            aria-label='Next match'
-          >
-            <ArrowDown className='h-[12px] w-[12px]' />
-          </Button>
-          <Button variant='ghost' className='!p-1' onClick={closeSearch} aria-label='Close search'>
-            <X className='h-[12px] w-[12px]' />
-          </Button>
-        </div>
-      )}
-
-      {/* Context Menu - rendered in portal to avoid transform/overflow clipping */}
-      {typeof document !== 'undefined' &&
-        createPortal(
-          <Popover
-            open={isContextMenuOpen}
-            onOpenChange={closeContextMenu}
-            variant='secondary'
-            size='sm'
-            colorScheme='inverted'
-          >
-            <PopoverAnchor
-              style={{
-                position: 'fixed',
-                left: `${contextMenuPosition.x}px`,
-                top: `${contextMenuPosition.y}px`,
-                width: '1px',
-                height: '1px',
-              }}
-            />
-            <PopoverContent align='start' side='bottom' sideOffset={4}>
-              <PopoverItem onClick={handleCopy}>Copy</PopoverItem>
-              <PopoverDivider />
-              <PopoverItem onClick={handleSearch}>Search</PopoverItem>
-            </PopoverContent>
-          </Popover>,
-          document.body
-        )}
-    </div>
-  )
-}
-
 interface LogDetailsProps {
   /** The log to display details for */
   log: WorkflowLog | null
@@ -274,18 +78,6 @@ export const LogDetails = memo(function LogDetails({
     return isWorkflowExecutionLog && log?.cost
   }, [log, isWorkflowExecutionLog])
 
-  // Extract and clean the workflow final output (remove childTraceSpans for cleaner display)
-  const workflowOutput = useMemo(() => {
-    const executionData = log?.executionData as
-      | { finalOutput?: Record<string, unknown> }
-      | undefined
-    if (!executionData?.finalOutput) return null
-    const { childTraceSpans, ...cleanOutput } = executionData.finalOutput as {
-      childTraceSpans?: unknown
-    } & Record<string, unknown>
-    return cleanOutput
-  }, [log?.executionData])
-
   useEffect(() => {
     const handleKeyDown = (e: KeyboardEvent) => {
       if (e.key === 'Escape' && isOpen) {
@@ -295,12 +87,12 @@ export const LogDetails = memo(function LogDetails({
       if (isOpen) {
         if (e.key === 'ArrowUp' && hasPrev && onNavigatePrev) {
           e.preventDefault()
-          onNavigatePrev()
+          handleNavigate(onNavigatePrev)
         }
 
         if (e.key === 'ArrowDown' && hasNext && onNavigateNext) {
           e.preventDefault()
-          onNavigateNext()
+          handleNavigate(onNavigateNext)
         }
       }
     }
@@ -309,6 +101,10 @@ export const LogDetails = memo(function LogDetails({
     return () => window.removeEventListener('keydown', handleKeyDown)
   }, [isOpen, onClose, hasPrev, hasNext, onNavigatePrev, onNavigateNext])
 
+  const handleNavigate = (navigateFunction: () => void) => {
+    navigateFunction()
+  }
+
   const formattedTimestamp = useMemo(
     () => (log ? formatDate(log.createdAt) : null),
     [log?.createdAt]
@@ -346,7 +142,7 @@ export const LogDetails = memo(function LogDetails({
                 <Button
                   variant='ghost'
                   className='!p-[4px]'
-                  onClick={() => hasPrev && onNavigatePrev?.()}
+                  onClick={() => hasPrev && handleNavigate(onNavigatePrev!)}
                   disabled={!hasPrev}
                   aria-label='Previous log'
                 >
@@ -355,7 +151,7 @@ export const LogDetails = memo(function LogDetails({
                 <Button
                   variant='ghost'
                   className='!p-[4px]'
-                  onClick={() => hasNext && onNavigateNext?.()}
+                  onClick={() => hasNext && handleNavigate(onNavigateNext!)}
                   disabled={!hasNext}
                   aria-label='Next log'
                 >
@@ -408,7 +204,7 @@ export const LogDetails = memo(function LogDetails({
 
                 {/* Execution ID */}
                 {log.executionId && (
-                  <div className='flex flex-col gap-[6px] rounded-[6px] border border-[var(--border)] bg-[var(--surface-2)] px-[10px] py-[8px]'>
+                  <div className='flex flex-col gap-[6px] rounded-[6px] bg-[var(--surface-2)] px-[10px] py-[8px]'>
                     <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
                       Execution ID
                     </span>
@@ -419,7 +215,7 @@ export const LogDetails = memo(function LogDetails({
                 )}
 
                 {/* Details Section */}
-                <div className='-my-[4px] flex min-w-0 flex-col overflow-hidden'>
+                <div className='flex min-w-0 flex-col overflow-hidden'>
                   {/* Level */}
                   <div className='flex h-[48px] items-center justify-between border-[var(--border)] border-b p-[8px]'>
                     <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
@@ -471,35 +267,19 @@ export const LogDetails = memo(function LogDetails({
 
                 {/* Workflow State */}
                 {isWorkflowExecutionLog && log.executionId && !permissionConfig.hideTraceSpans && (
-                  <div className='-mt-[8px] flex flex-col gap-[6px] rounded-[6px] border border-[var(--border)] bg-[var(--surface-2)] px-[10px] py-[8px]'>
+                  <div className='flex flex-col gap-[6px] rounded-[6px] bg-[var(--surface-2)] px-[10px] py-[8px]'>
                     <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
                       Workflow State
                     </span>
-                    <Button
+                    <button
-                      variant='active'
                       onClick={() => setIsExecutionSnapshotOpen(true)}
-                      className='flex w-full items-center justify-between px-[10px] py-[6px]'
+                      className='flex items-center justify-between rounded-[6px] bg-[var(--surface-1)] px-[10px] py-[8px] transition-colors hover:bg-[var(--surface-4)]'
                     >
-                      <span className='font-medium text-[12px]'>View Snapshot</span>
+                      <span className='font-medium text-[12px] text-[var(--text-secondary)]'>
-                      <Eye className='h-[14px] w-[14px]' />
+                        View Snapshot
-                    </Button>
-                  </div>
-                )}
-
-                {/* Workflow Output */}
-                {isWorkflowExecutionLog && workflowOutput && !permissionConfig.hideTraceSpans && (
-                  <div className='mt-[4px] flex flex-col gap-[6px] rounded-[6px] border border-[var(--border)] bg-[var(--surface-2)] px-[10px] py-[8px] dark:bg-transparent'>
-                    <span
-                      className={cn(
-                        'font-medium text-[12px]',
-                        workflowOutput.error
-                          ? 'text-[var(--text-error)]'
-                          : 'text-[var(--text-tertiary)]'
-                      )}
-                    >
-                      Workflow Output
                       </span>
-                    <WorkflowOutputSection output={workflowOutput} />
+                      <Eye className='h-[14px] w-[14px] text-[var(--text-subtle)]' />
+                    </button>
                   </div>
                 )}
 
@@ -507,12 +287,10 @@ export const LogDetails = memo(function LogDetails({
                 {isWorkflowExecutionLog &&
                   log.executionData?.traceSpans &&
                   !permissionConfig.hideTraceSpans && (
-                    <div className='mt-[4px] flex flex-col gap-[6px] rounded-[6px] border border-[var(--border)] bg-[var(--surface-2)] px-[10px] py-[8px] dark:bg-transparent'>
+                    <TraceSpans
-                      <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
+                      traceSpans={log.executionData.traceSpans}
-                        Trace Span
+                      totalDuration={log.executionData.totalDuration}
-                      </span>
+                    />
-                      <TraceSpans traceSpans={log.executionData.traceSpans} />
-                    </div>
                   )}
 
                 {/* Files */}

apps/sim/app/workspace/[workspaceId]/logs/logs.tsx

@@ -94,9 +94,7 @@ export default function Logs() {
   const [previewLogId, setPreviewLogId] = useState<string | null>(null)
 
   const activeLogId = isPreviewOpen ? previewLogId : selectedLogId
-  const activeLogQuery = useLogDetail(activeLogId ?? undefined, {
+  const activeLogQuery = useLogDetail(activeLogId ?? undefined)
-    refetchInterval: isLive ? 3000 : false,
-  })
 
   const logFilters = useMemo(
     () => ({
@@ -115,7 +113,7 @@ export default function Logs() {
 
   const logsQuery = useLogsList(workspaceId, logFilters, {
     enabled: Boolean(workspaceId) && isInitialized.current,
-    refetchInterval: isLive ? 3000 : false,
+    refetchInterval: isLive ? 5000 : false,
   })
 
   const dashboardFilters = useMemo(
@@ -134,7 +132,7 @@ export default function Logs() {
 
   const dashboardStatsQuery = useDashboardStats(workspaceId, dashboardFilters, {
     enabled: Boolean(workspaceId) && isInitialized.current,
-    refetchInterval: isLive ? 3000 : false,
+    refetchInterval: isLive ? 5000 : false,
   })
 
   const logs = useMemo(() => {
@@ -162,6 +160,12 @@ export default function Logs() {
     }
   }, [debouncedSearchQuery, setStoreSearchQuery])
 
+  useEffect(() => {
+    if (!isLive || !selectedLogId) return
+    const interval = setInterval(() => activeLogQuery.refetch(), 5000)
+    return () => clearInterval(interval)
+  }, [isLive, selectedLogId, activeLogQuery])
+
   const handleLogClick = useCallback(
     (log: WorkflowLog) => {
       if (selectedLogId === log.id && isSidebarOpen) {
@@ -275,11 +279,8 @@ export default function Logs() {
       setIsVisuallyRefreshing(true)
       setTimeout(() => setIsVisuallyRefreshing(false), REFRESH_SPINNER_DURATION_MS)
       logsQuery.refetch()
-      if (selectedLogId) {
-        activeLogQuery.refetch()
     }
-    }
+  }, [isLive, logsQuery])
-  }, [isLive, logsQuery, activeLogQuery, selectedLogId])
 
   const prevIsFetchingRef = useRef(logsQuery.isFetching)
   useEffect(() => {

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/action-bar/action-bar.tsx

@@ -128,7 +128,7 @@ export const ActionBar = memo(
           'dark:border-transparent dark:bg-[var(--surface-4)]'
         )}
       >
-        {!isNoteBlock && (
+        {!isNoteBlock && !isSubflowBlock && (
           <Tooltip.Root>
             <Tooltip.Trigger asChild>
               <Button

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/copilot/components/copilot-message/copilot-message.tsx

@@ -78,10 +78,9 @@ const CopilotMessage: FC<CopilotMessageProps> = memo(
       mode,
       setMode,
       isAborting,
+      maskCredentialValue,
     } = useCopilotStore()
 
-    const maskCredentialValue = useCopilotStore((s) => s.maskCredentialValue)
-
     const messageCheckpoints = isUser ? allMessageCheckpoints[message.id] || [] : []
     const hasCheckpoints = messageCheckpoints.length > 0 && messageCheckpoints.some((cp) => cp?.id)
 
@@ -266,7 +265,7 @@ const CopilotMessage: FC<CopilotMessageProps> = memo(
         }
         return null
       })
-    }, [message.contentBlocks, isActivelyStreaming, parsedTags, isLastMessage])
+    }, [message.contentBlocks, isActivelyStreaming, parsedTags, isLastMessage, maskCredentialValue])
 
     if (isUser) {
       return (

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/copilot/components/tool-call/tool-call.tsx

@@ -1425,7 +1425,10 @@ function RunSkipButtons({
     setIsProcessing(true)
     setButtonsHidden(true)
     try {
+      // Add to auto-allowed list - this also executes all pending integration tools of this type
       await addAutoAllowedTool(toolCall.name)
+      // For client tools with interrupts (not integration tools), we still need to call handleRun
+      // since executeIntegrationTool only works for server-side tools
       if (!isIntegrationTool(toolCall.name)) {
         await handleRun(toolCall, setToolCallState, onStateChange, editedParams)
       }
@@ -1523,11 +1526,7 @@ export function ToolCall({
     toolCall.name === 'user_memory' ||
     toolCall.name === 'edit_respond' ||
     toolCall.name === 'debug_respond' ||
-    toolCall.name === 'plan_respond' ||
+    toolCall.name === 'plan_respond'
-    toolCall.name === 'research_respond' ||
-    toolCall.name === 'info_respond' ||
-    toolCall.name === 'deploy_respond' ||
-    toolCall.name === 'superagent_respond'
   )
     return null
 

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/copilot/components/user-input/constants.ts

@@ -209,20 +209,9 @@ export interface SlashCommand {
 export const TOP_LEVEL_COMMANDS: readonly SlashCommand[] = [
   { id: 'fast', label: 'Fast' },
   { id: 'research', label: 'Research' },
-  { id: 'actions', label: 'Actions' },
+  { id: 'superagent', label: 'Actions' },
 ] as const
 
-/**
- * Maps UI command IDs to API command IDs.
- * Some commands have different IDs for display vs API (e.g., "actions" -> "superagent")
- */
-export function getApiCommandId(uiCommandId: string): string {
-  const commandMapping: Record<string, string> = {
-    actions: 'superagent',
-  }
-  return commandMapping[uiCommandId] || uiCommandId
-}
-
 export const WEB_COMMANDS: readonly SlashCommand[] = [
   { id: 'search', label: 'Search' },
   { id: 'read', label: 'Read' },

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/deploy/components/deploy-modal/deploy-modal.tsx

@@ -95,7 +95,6 @@ export function DeployModal({
   const [activeTab, setActiveTab] = useState<TabView>('general')
   const [chatSubmitting, setChatSubmitting] = useState(false)
   const [apiDeployError, setApiDeployError] = useState<string | null>(null)
-  const [apiDeployWarnings, setApiDeployWarnings] = useState<string[]>([])
   const [isChatFormValid, setIsChatFormValid] = useState(false)
   const [selectedStreamingOutputs, setSelectedStreamingOutputs] = useState<string[]>([])
 
@@ -228,7 +227,6 @@ export function DeployModal({
     if (open && workflowId) {
       setActiveTab('general')
       setApiDeployError(null)
-      setApiDeployWarnings([])
     }
   }, [open, workflowId])
 
@@ -284,13 +282,9 @@ export function DeployModal({
     if (!workflowId) return
 
     setApiDeployError(null)
-    setApiDeployWarnings([])
 
     try {
-      const result = await deployMutation.mutateAsync({ workflowId, deployChatEnabled: false })
+      await deployMutation.mutateAsync({ workflowId, deployChatEnabled: false })
-      if (result.warnings && result.warnings.length > 0) {
-        setApiDeployWarnings(result.warnings)
-      }
       await refetchDeployedState()
     } catch (error: unknown) {
       logger.error('Error deploying workflow:', { error })
@@ -303,13 +297,8 @@ export function DeployModal({
     async (version: number) => {
       if (!workflowId) return
 
-      setApiDeployWarnings([])
-
       try {
-        const result = await activateVersionMutation.mutateAsync({ workflowId, version })
+        await activateVersionMutation.mutateAsync({ workflowId, version })
-        if (result.warnings && result.warnings.length > 0) {
-          setApiDeployWarnings(result.warnings)
-        }
         await refetchDeployedState()
       } catch (error) {
         logger.error('Error promoting version:', { error })
@@ -335,13 +324,9 @@ export function DeployModal({
     if (!workflowId) return
 
     setApiDeployError(null)
-    setApiDeployWarnings([])
 
     try {
-      const result = await deployMutation.mutateAsync({ workflowId, deployChatEnabled: false })
+      await deployMutation.mutateAsync({ workflowId, deployChatEnabled: false })
-      if (result.warnings && result.warnings.length > 0) {
-        setApiDeployWarnings(result.warnings)
-      }
       await refetchDeployedState()
     } catch (error: unknown) {
       logger.error('Error redeploying workflow:', { error })
@@ -353,7 +338,6 @@ export function DeployModal({
   const handleCloseModal = useCallback(() => {
     setChatSubmitting(false)
     setApiDeployError(null)
-    setApiDeployWarnings([])
     onOpenChange(false)
   }, [onOpenChange])
 
@@ -495,14 +479,6 @@ export function DeployModal({
                   <div>{apiDeployError}</div>
                 </div>
               )}
-              {apiDeployWarnings.length > 0 && (
-                <div className='mb-3 rounded-[4px] border border-amber-500/30 bg-amber-500/10 p-3 text-amber-700 dark:text-amber-400 text-sm'>
-                  <div className='font-semibold'>Deployment Warning</div>
-                  {apiDeployWarnings.map((warning, index) => (
-                    <div key={index}>{warning}</div>
-                  ))}
-                </div>
-              )}
               <ModalTabsContent value='general'>
                 <GeneralDeploy
                   workflowId={workflowId}

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/code/code.tsx

@@ -38,7 +38,6 @@ import type { GenerationType } from '@/blocks/types'
 import { normalizeName } from '@/executor/constants'
 import { createEnvVarPattern, createReferencePattern } from '@/executor/utils/reference-validation'
 import { useTagSelection } from '@/hooks/kb/use-tag-selection'
-import { createShouldHighlightEnvVar, useAvailableEnvVarKeys } from '@/hooks/use-available-env-vars'
 
 const logger = createLogger('Code')
 
@@ -89,27 +88,21 @@ interface CodePlaceholder {
 /**
  * Creates a syntax highlighter function with custom reference and environment variable highlighting.
  * @param effectiveLanguage - The language to use for syntax highlighting
- * @param shouldHighlightReference - Function to determine if a block reference should be highlighted
+ * @param shouldHighlightReference - Function to determine if a reference should be highlighted
- * @param shouldHighlightEnvVar - Function to determine if an env var should be highlighted
  * @returns A function that highlights code with syntax and custom highlights
  */
 const createHighlightFunction = (
   effectiveLanguage: 'javascript' | 'python' | 'json',
-  shouldHighlightReference: (part: string) => boolean,
+  shouldHighlightReference: (part: string) => boolean
-  shouldHighlightEnvVar: (varName: string) => boolean
 ) => {
   return (codeToHighlight: string): string => {
     const placeholders: CodePlaceholder[] = []
     let processedCode = codeToHighlight
 
     processedCode = processedCode.replace(createEnvVarPattern(), (match) => {
-      const varName = match.slice(2, -2).trim()
-      if (shouldHighlightEnvVar(varName)) {
       const placeholder = `__ENV_VAR_${placeholders.length}__`
       placeholders.push({ placeholder, original: match, type: 'env' })
       return placeholder
-      }
-      return match
     })
 
     processedCode = processedCode.replace(createReferencePattern(), (match) => {
@@ -219,7 +212,6 @@ export const Code = memo(function Code({
   const accessiblePrefixes = useAccessibleReferencePrefixes(blockId)
   const emitTagSelection = useTagSelection(blockId, subBlockId)
   const [languageValue] = useSubBlockValue<string>(blockId, 'language')
-  const availableEnvVars = useAvailableEnvVarKeys(workspaceId)
 
   const effectiveLanguage = (languageValue as 'javascript' | 'python' | 'json') || language
 
@@ -611,15 +603,9 @@ export const Code = memo(function Code({
     [generateCodeStream, isPromptVisible, isAiStreaming]
   )
 
-  const shouldHighlightEnvVar = useMemo(
-    () => createShouldHighlightEnvVar(availableEnvVars),
-    [availableEnvVars]
-  )
-
   const highlightCode = useMemo(
-    () =>
+    () => createHighlightFunction(effectiveLanguage, shouldHighlightReference),
-      createHighlightFunction(effectiveLanguage, shouldHighlightReference, shouldHighlightEnvVar),
+    [effectiveLanguage, shouldHighlightReference]
-    [effectiveLanguage, shouldHighlightReference, shouldHighlightEnvVar]
   )
 
   const handleValueChange = useCallback(

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/condition-input/condition-input.tsx

@@ -1,5 +1,5 @@
 import type { ReactElement } from 'react'
-import { useEffect, useMemo, useRef, useState } from 'react'
+import { useEffect, useRef, useState } from 'react'
 import { createLogger } from '@sim/logger'
 import { ChevronDown, ChevronsUpDown, ChevronUp, Plus } from 'lucide-react'
 import { useParams } from 'next/navigation'
@@ -35,7 +35,6 @@ import { useAccessibleReferencePrefixes } from '@/app/workspace/[workspaceId]/w/
 import { normalizeName } from '@/executor/constants'
 import { createEnvVarPattern, createReferencePattern } from '@/executor/utils/reference-validation'
 import { useTagSelection } from '@/hooks/kb/use-tag-selection'
-import { createShouldHighlightEnvVar, useAvailableEnvVarKeys } from '@/hooks/use-available-env-vars'
 import { useWorkflowStore } from '@/stores/workflows/workflow/store'
 
 const logger = createLogger('ConditionInput')
@@ -124,11 +123,6 @@ export function ConditionInput({
 
   const emitTagSelection = useTagSelection(blockId, subBlockId)
   const accessiblePrefixes = useAccessibleReferencePrefixes(blockId)
-  const availableEnvVars = useAvailableEnvVarKeys(workspaceId)
-  const shouldHighlightEnvVar = useMemo(
-    () => createShouldHighlightEnvVar(availableEnvVars),
-    [availableEnvVars]
-  )
 
   const containerRef = useRef<HTMLDivElement>(null)
   const inputRefs = useRef<Map<string, HTMLTextAreaElement>>(new Map())
@@ -1142,8 +1136,6 @@ export function ConditionInput({
                           let processedCode = codeToHighlight
 
                           processedCode = processedCode.replace(createEnvVarPattern(), (match) => {
-                            const varName = match.slice(2, -2).trim()
-                            if (shouldHighlightEnvVar(varName)) {
                             const placeholder = `__ENV_VAR_${placeholders.length}__`
                             placeholders.push({
                               placeholder,
@@ -1152,8 +1144,6 @@ export function ConditionInput({
                               shouldHighlight: true,
                             })
                             return placeholder
-                            }
-                            return match
                           })
 
                           processedCode = processedCode.replace(

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/formatted-text.tsx

@@ -7,7 +7,6 @@ import { createCombinedPattern } from '@/executor/utils/reference-validation'
 
 export interface HighlightContext {
   accessiblePrefixes?: Set<string>
-  availableEnvVars?: Set<string>
   highlightAll?: boolean
 }
 
@@ -44,17 +43,9 @@ export function formatDisplayText(text: string, context?: HighlightContext): Rea
     return false
   }
 
-  const shouldHighlightEnvVar = (varName: string): boolean => {
-    if (context?.highlightAll) {
-      return true
-    }
-    if (context?.availableEnvVars === undefined) {
-      return true
-    }
-    return context.availableEnvVars.has(varName)
-  }
-
   const nodes: ReactNode[] = []
+  // Match variable references without allowing nested brackets to prevent matching across references
+  // e.g., "<3. text <real.ref>" should match "<3" and "<real.ref>", not the whole string
   const regex = createCombinedPattern()
   let lastIndex = 0
   let key = 0
@@ -74,16 +65,11 @@ export function formatDisplayText(text: string, context?: HighlightContext): Rea
     }
 
     if (matchText.startsWith(REFERENCE.ENV_VAR_START)) {
-      const varName = matchText.slice(2, -2).trim()
-      if (shouldHighlightEnvVar(varName)) {
       nodes.push(
         <span key={key++} className='text-[var(--brand-secondary)]'>
           {matchText}
         </span>
       )
-      } else {
-        nodes.push(<span key={key++}>{matchText}</span>)
-      }
     } else {
       const split = splitReferenceSegment(matchText)
 

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/tag-dropdown/tag-dropdown.tsx

@@ -1312,16 +1312,15 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
     if (currentLoop && isLoopBlock) {
       containingLoopBlockId = blockId
       const loopType = currentLoop.loopType || 'for'
+      const contextualTags: string[] = ['index']
+      if (loopType === 'forEach') {
+        contextualTags.push('currentItem')
+        contextualTags.push('items')
+      }
 
       const loopBlock = blocks[blockId]
       if (loopBlock) {
         const loopBlockName = loopBlock.name || loopBlock.type
-        const normalizedLoopName = normalizeName(loopBlockName)
-        const contextualTags: string[] = [`${normalizedLoopName}.index`]
-        if (loopType === 'forEach') {
-          contextualTags.push(`${normalizedLoopName}.currentItem`)
-          contextualTags.push(`${normalizedLoopName}.items`)
-        }
 
         loopBlockGroup = {
           blockName: loopBlockName,
@@ -1329,23 +1328,21 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
           blockType: 'loop',
           tags: contextualTags,
           distance: 0,
-          isContextual: true,
         }
       }
     } else if (containingLoop) {
       const [loopId, loop] = containingLoop
       containingLoopBlockId = loopId
       const loopType = loop.loopType || 'for'
+      const contextualTags: string[] = ['index']
+      if (loopType === 'forEach') {
+        contextualTags.push('currentItem')
+        contextualTags.push('items')
+      }
 
       const containingLoopBlock = blocks[loopId]
       if (containingLoopBlock) {
         const loopBlockName = containingLoopBlock.name || containingLoopBlock.type
-        const normalizedLoopName = normalizeName(loopBlockName)
-        const contextualTags: string[] = [`${normalizedLoopName}.index`]
-        if (loopType === 'forEach') {
-          contextualTags.push(`${normalizedLoopName}.currentItem`)
-          contextualTags.push(`${normalizedLoopName}.items`)
-        }
 
         loopBlockGroup = {
           blockName: loopBlockName,
@@ -1353,7 +1350,6 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
           blockType: 'loop',
           tags: contextualTags,
           distance: 0,
-          isContextual: true,
         }
       }
     }
@@ -1367,16 +1363,15 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
       const [parallelId, parallel] = containingParallel
       containingParallelBlockId = parallelId
       const parallelType = parallel.parallelType || 'count'
+      const contextualTags: string[] = ['index']
+      if (parallelType === 'collection') {
+        contextualTags.push('currentItem')
+        contextualTags.push('items')
+      }
 
       const containingParallelBlock = blocks[parallelId]
       if (containingParallelBlock) {
         const parallelBlockName = containingParallelBlock.name || containingParallelBlock.type
-        const normalizedParallelName = normalizeName(parallelBlockName)
-        const contextualTags: string[] = [`${normalizedParallelName}.index`]
-        if (parallelType === 'collection') {
-          contextualTags.push(`${normalizedParallelName}.currentItem`)
-          contextualTags.push(`${normalizedParallelName}.items`)
-        }
 
         parallelBlockGroup = {
           blockName: parallelBlockName,
@@ -1384,7 +1379,6 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
           blockType: 'parallel',
           tags: contextualTags,
           distance: 0,
-          isContextual: true,
         }
       }
     }
@@ -1651,29 +1645,38 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
   const nestedBlockTagGroups: NestedBlockTagGroup[] = useMemo(() => {
     return filteredBlockTagGroups.map((group: BlockTagGroup) => {
       const normalizedBlockName = normalizeName(group.blockName)
+
+      // Handle loop/parallel contextual tags (index, currentItem, items)
       const directTags: NestedTag[] = []
       const tagsForTree: string[] = []
 
       group.tags.forEach((tag: string) => {
         const tagParts = tag.split('.')
 
-        if (tagParts.length === 1) {
+        // Loop/parallel contextual tags without block prefix
+        if (
+          (group.blockType === 'loop' || group.blockType === 'parallel') &&
+          tagParts.length === 1
+        ) {
           directTags.push({
             key: tag,
             display: tag,
             fullTag: tag,
           })
         } else if (tagParts.length === 2) {
+          // Direct property like blockname.property
           directTags.push({
             key: tagParts[1],
             display: tagParts[1],
             fullTag: tag,
           })
         } else {
+          // Nested property - add to tree builder
           tagsForTree.push(tag)
         }
       })
 
+      // Build recursive tree from nested tags
       const nestedTags = [...directTags, ...buildNestedTagTree(tagsForTree, normalizedBlockName)]
 
       return {
@@ -1797,21 +1800,15 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
           processedTag = tag
         }
       } else if (
-        blockGroup?.isContextual &&
+        blockGroup &&
         (blockGroup.blockType === 'loop' || blockGroup.blockType === 'parallel')
       ) {
-        const tagParts = tag.split('.')
+        if (!tag.includes('.') && ['index', 'currentItem', 'items'].includes(tag)) {
-        if (tagParts.length === 1) {
+          processedTag = `${blockGroup.blockType}.${tag}`
-          processedTag = blockGroup.blockType
-        } else {
-          const lastPart = tagParts[tagParts.length - 1]
-          if (['index', 'currentItem', 'items'].includes(lastPart)) {
-            processedTag = `${blockGroup.blockType}.${lastPart}`
         } else {
           processedTag = tag
         }
       }
-      }
 
       let newValue: string
 

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/tag-dropdown/types.ts

@@ -7,8 +7,6 @@ export interface BlockTagGroup {
   blockType: string
   tags: string[]
   distance: number
-  /** True if this is a contextual group (loop/parallel iteration context available inside the subflow) */
-  isContextual?: boolean
 }
 
 /**

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/text/text.tsx

@@ -19,9 +19,6 @@ interface TextProps {
  * - Automatically detects and renders HTML content safely
  * - Applies prose styling for HTML content (links, code, lists, etc.)
  * - Falls back to plain text rendering for non-HTML content
- *
- * Note: This component renders trusted, internally-defined content only
- * (e.g., trigger setup instructions). It is NOT used for user-generated content.
  */
 export function Text({ blockId, subBlockId, content, className }: TextProps) {
   const containsHtml = /<[^>]+>/.test(content)

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/hooks/use-subflow-editor.ts

@@ -1,5 +1,4 @@
-import { useCallback, useMemo, useRef, useState } from 'react'
+import { useCallback, useRef, useState } from 'react'
-import { useParams } from 'next/navigation'
 import { highlight, languages } from '@/components/emcn'
 import {
   isLikelyReferenceSegment,
@@ -10,7 +9,6 @@ import { checkTagTrigger } from '@/app/workspace/[workspaceId]/w/[workflowId]/co
 import { useAccessibleReferencePrefixes } from '@/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-accessible-reference-prefixes'
 import { normalizeName, REFERENCE } from '@/executor/constants'
 import { createEnvVarPattern, createReferencePattern } from '@/executor/utils/reference-validation'
-import { createShouldHighlightEnvVar, useAvailableEnvVarKeys } from '@/hooks/use-available-env-vars'
 import { useCollaborativeWorkflow } from '@/hooks/use-collaborative-workflow'
 import { useWorkflowStore } from '@/stores/workflows/workflow/store'
 import type { BlockState } from '@/stores/workflows/workflow/types'
@@ -55,9 +53,6 @@ const SUBFLOW_CONFIG = {
  * @returns Subflow editor state and handlers
  */
 export function useSubflowEditor(currentBlock: BlockState | null, currentBlockId: string | null) {
-  const params = useParams()
-  const workspaceId = params.workspaceId as string
-
   const textareaRef = useRef<HTMLTextAreaElement | null>(null)
   const editorContainerRef = useRef<HTMLDivElement>(null)
 
@@ -86,13 +81,6 @@ export function useSubflowEditor(currentBlock: BlockState | null, currentBlockId
   // Get accessible prefixes for tag dropdown
   const accessiblePrefixes = useAccessibleReferencePrefixes(currentBlockId || '')
 
-  // Get available env vars for highlighting validation
-  const availableEnvVars = useAvailableEnvVarKeys(workspaceId)
-  const shouldHighlightEnvVar = useMemo(
-    () => createShouldHighlightEnvVar(availableEnvVars),
-    [availableEnvVars]
-  )
-
   // Collaborative actions
   const {
     collaborativeUpdateLoopType,
@@ -152,13 +140,9 @@ export function useSubflowEditor(currentBlock: BlockState | null, currentBlockId
       let processedCode = code
 
       processedCode = processedCode.replace(createEnvVarPattern(), (match) => {
-        const varName = match.slice(2, -2).trim()
-        if (shouldHighlightEnvVar(varName)) {
         const placeholder = `__ENV_VAR_${placeholders.length}__`
         placeholders.push({ placeholder, original: match, type: 'env' })
         return placeholder
-        }
-        return match
       })
 
       // Use [^<>]+ to prevent matching across nested brackets (e.g., "<3 <real.ref>" should match separately)
@@ -190,7 +174,7 @@ export function useSubflowEditor(currentBlock: BlockState | null, currentBlockId
 
       return highlightedCode
     },
-    [shouldHighlightReference, shouldHighlightEnvVar]
+    [shouldHighlightReference]
   )
 
   /**

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/workflow-block/workflow-block.tsx

@@ -7,7 +7,7 @@ import { useStoreWithEqualityFn } from 'zustand/traditional'
 import { Badge, Tooltip } from '@/components/emcn'
 import { cn } from '@/lib/core/utils/cn'
 import { getBaseUrl } from '@/lib/core/utils/urls'
-import { createMcpToolId } from '@/lib/mcp/shared'
+import { createMcpToolId } from '@/lib/mcp/utils'
 import { getProviderIdFromServiceId } from '@/lib/oauth'
 import { BLOCK_DIMENSIONS, HANDLE_POSITIONS } from '@/lib/workflows/blocks/block-dimensions'
 import {

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-workflow-execution.ts

@@ -16,7 +16,6 @@ import {
 } from '@/lib/workflows/triggers/triggers'
 import { useCurrentWorkflow } from '@/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-current-workflow'
 import type { BlockLog, ExecutionResult, StreamingExecution } from '@/executor/types'
-import { hasExecutionResult } from '@/executor/utils/errors'
 import { coerceValue } from '@/executor/utils/start-block'
 import { subscriptionKeys } from '@/hooks/queries/subscription'
 import { useExecutionStream } from '@/hooks/use-execution-stream'
@@ -77,6 +76,17 @@ function normalizeErrorMessage(error: unknown): string {
   return WORKFLOW_EXECUTION_FAILURE_MESSAGE
 }
 
+function isExecutionResult(value: unknown): value is ExecutionResult {
+  if (!isRecord(value)) return false
+  return typeof value.success === 'boolean' && isRecord(value.output)
+}
+
+function extractExecutionResult(error: unknown): ExecutionResult | null {
+  if (!isRecord(error)) return null
+  const candidate = error.executionResult
+  return isExecutionResult(candidate) ? candidate : null
+}
+
 export function useWorkflowExecution() {
   const queryClient = useQueryClient()
   const currentWorkflow = useCurrentWorkflow()
@@ -1128,11 +1138,11 @@ export function useWorkflowExecution() {
 
   const handleExecutionError = (error: unknown, options?: { executionId?: string }) => {
     const normalizedMessage = normalizeErrorMessage(error)
+    const executionResultFromError = extractExecutionResult(error)
 
     let errorResult: ExecutionResult
 
-    if (hasExecutionResult(error)) {
+    if (executionResultFromError) {
-      const executionResultFromError = error.executionResult
       const logs = Array.isArray(executionResultFromError.logs) ? executionResultFromError.logs : []
 
       errorResult = {

apps/sim/app/workspace/[workspaceId]/w/components/preview/components/preview-editor.tsx

@@ -13,7 +13,6 @@ import {
 import { ReactFlowProvider } from 'reactflow'
 import { Badge, Button, ChevronDown, Code, Combobox, Input, Label } from '@/components/emcn'
 import { cn } from '@/lib/core/utils/cn'
-import { formatDuration } from '@/lib/core/utils/formatting'
 import { extractReferencePrefixes } from '@/lib/workflows/sanitization/references'
 import {
   buildCanonicalIndex,
@@ -705,6 +704,14 @@ interface PreviewEditorProps {
   onClose?: () => void
 }
 
+/**
+ * Format duration for display
+ */
+function formatDuration(ms: number): string {
+  if (ms < 1000) return `${ms}ms`
+  return `${(ms / 1000).toFixed(2)}s`
+}
+
 /** Minimum height for the connections section (header only) */
 const MIN_CONNECTIONS_HEIGHT = 30
 /** Maximum height for the connections section */
@@ -1173,7 +1180,7 @@ function PreviewEditorContent({
                     )}
                     {executionData.durationMs !== undefined && (
                       <span className='font-medium text-[12px] text-[var(--text-tertiary)]'>
-                        {formatDuration(executionData.durationMs, { precision: 2 })}
+                        {formatDuration(executionData.durationMs)}
                       </span>
                     )}
                   </div>

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/search-modal/search-modal.tsx

@@ -448,7 +448,7 @@ export const SearchModal = memo(function SearchModal({
   }, [workspaces, workflows, pages, blocks, triggers, tools, toolOperations, docs])
 
   const sectionOrder = useMemo<SearchItem['type'][]>(
-    () => ['block', 'tool', 'trigger', 'doc', 'tool-operation', 'workflow', 'workspace', 'page'],
+    () => ['block', 'tool', 'tool-operation', 'trigger', 'workflow', 'workspace', 'page', 'doc'],
     []
   )
 

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/search-modal/search-utils.ts

@@ -102,47 +102,6 @@ function calculateAliasScore(
   return { score: 0, matchType: null }
 }
 
-/**
- * Calculate multi-word match score
- * Each word in the query must appear somewhere in the field
- * Returns a score based on how well the words match
- */
-function calculateMultiWordScore(
-  queryWords: string[],
-  field: string
-): { score: number; matchType: 'word-boundary' | 'substring' | null } {
-  const normalizedField = field.toLowerCase().trim()
-  const fieldWords = normalizedField.split(/[\s\-_/:]+/)
-
-  let allWordsMatch = true
-  let totalScore = 0
-  let hasWordBoundary = false
-
-  for (const queryWord of queryWords) {
-    const wordBoundaryMatch = fieldWords.some((fw) => fw.startsWith(queryWord))
-    const substringMatch = normalizedField.includes(queryWord)
-
-    if (wordBoundaryMatch) {
-      totalScore += SCORE_WORD_BOUNDARY
-      hasWordBoundary = true
-    } else if (substringMatch) {
-      totalScore += SCORE_SUBSTRING_MATCH
-    } else {
-      allWordsMatch = false
-      break
-    }
-  }
-
-  if (!allWordsMatch) {
-    return { score: 0, matchType: null }
-  }
-
-  return {
-    score: totalScore / queryWords.length,
-    matchType: hasWordBoundary ? 'word-boundary' : 'substring',
-  }
-}
-
 /**
  * Search items using tiered matching algorithm
  * Returns items sorted by relevance (highest score first)
@@ -158,8 +117,6 @@ export function searchItems<T extends SearchableItem>(
   }
 
   const results: SearchResult<T>[] = []
-  const queryWords = normalizedQuery.toLowerCase().split(/\s+/).filter(Boolean)
-  const isMultiWord = queryWords.length > 1
 
   for (const item of items) {
     const nameMatch = calculateFieldScore(normalizedQuery, item.name)
@@ -170,35 +127,16 @@ export function searchItems<T extends SearchableItem>(
 
     const aliasMatch = calculateAliasScore(normalizedQuery, item.aliases)
 
-    let nameScore = nameMatch.score
+    const nameScore = nameMatch.score
-    let descScore = descMatch.score * DESCRIPTION_WEIGHT
+    const descScore = descMatch.score * DESCRIPTION_WEIGHT
     const aliasScore = aliasMatch.score
 
-    let bestMatchType = nameMatch.matchType
-
-    // For multi-word queries, also try matching each word independently and take the better score
-    if (isMultiWord) {
-      const multiWordNameMatch = calculateMultiWordScore(queryWords, item.name)
-      if (multiWordNameMatch.score > nameScore) {
-        nameScore = multiWordNameMatch.score
-        bestMatchType = multiWordNameMatch.matchType
-      }
-
-      if (item.description) {
-        const multiWordDescMatch = calculateMultiWordScore(queryWords, item.description)
-        const multiWordDescScore = multiWordDescMatch.score * DESCRIPTION_WEIGHT
-        if (multiWordDescScore > descScore) {
-          descScore = multiWordDescScore
-        }
-      }
-    }
-
     const bestScore = Math.max(nameScore, descScore, aliasScore)
 
     if (bestScore > 0) {
       let matchType: SearchResult<T>['matchType'] = 'substring'
       if (nameScore >= descScore && nameScore >= aliasScore) {
-        matchType = bestMatchType || 'substring'
+        matchType = nameMatch.matchType || 'substring'
       } else if (aliasScore >= descScore) {
         matchType = 'alias'
       } else {

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/access-control/access-control.tsx

@@ -688,7 +688,7 @@ export function AccessControl() {
             )}
           </div>
 
-          <div className='flex items-center justify-between'>
+          <div className='flex items-center justify-between rounded-[8px] border border-[var(--border)] px-[12px] py-[10px]'>
             <div className='flex flex-col gap-[2px]'>
               <span className='font-medium text-[13px] text-[var(--text-primary)]'>
                 Auto-add new members
@@ -705,7 +705,7 @@ export function AccessControl() {
           </div>
 
           <div className='min-h-0 flex-1 overflow-y-auto'>
-            <div className='flex flex-col gap-[8px]'>
+            <div className='flex flex-col gap-[16px]'>
               <div className='flex items-center justify-between'>
                 <span className='font-medium text-[13px] text-[var(--text-secondary)]'>
                   Members

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/api-keys/api-keys.tsx

@@ -16,7 +16,6 @@ import {
 } from '@/components/emcn'
 import { Input, Skeleton } from '@/components/ui'
 import { useSession } from '@/lib/auth/auth-client'
-import { formatDate } from '@/lib/core/utils/formatting'
 import { useUserPermissionsContext } from '@/app/workspace/[workspaceId]/providers/workspace-permissions-provider'
 import {
   type ApiKey,
@@ -134,9 +133,13 @@ export function ApiKeys({ onOpenChange, registerCloseHandler }: ApiKeysProps) {
     }
   }, [shouldScrollToBottom])
 
-  const formatLastUsed = (dateString?: string) => {
+  const formatDate = (dateString?: string) => {
     if (!dateString) return 'Never'
-    return formatDate(new Date(dateString))
+    return new Date(dateString).toLocaleDateString('en-US', {
+      year: 'numeric',
+      month: 'short',
+      day: 'numeric',
+    })
   }
 
   return (
@@ -213,7 +216,7 @@ export function ApiKeys({ onOpenChange, registerCloseHandler }: ApiKeysProps) {
                               {key.name}
                             </span>
                             <span className='text-[13px] text-[var(--text-secondary)]'>
-                              (last used: {formatLastUsed(key.lastUsed).toLowerCase()})
+                              (last used: {formatDate(key.lastUsed).toLowerCase()})
                             </span>
                           </div>
                           <p className='truncate text-[13px] text-[var(--text-muted)]'>
@@ -248,7 +251,7 @@ export function ApiKeys({ onOpenChange, registerCloseHandler }: ApiKeysProps) {
                             {key.name}
                           </span>
                           <span className='text-[13px] text-[var(--text-secondary)]'>
-                            (last used: {formatLastUsed(key.lastUsed).toLowerCase()})
+                            (last used: {formatDate(key.lastUsed).toLowerCase()})
                           </span>
                         </div>
                         <p className='truncate text-[13px] text-[var(--text-muted)]'>
@@ -288,7 +291,7 @@ export function ApiKeys({ onOpenChange, registerCloseHandler }: ApiKeysProps) {
                                 {key.name}
                               </span>
                               <span className='text-[13px] text-[var(--text-secondary)]'>
-                                (last used: {formatLastUsed(key.lastUsed).toLowerCase()})
+                                (last used: {formatDate(key.lastUsed).toLowerCase()})
                               </span>
                             </div>
                             <p className='truncate text-[13px] text-[var(--text-muted)]'>

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/copilot/copilot.tsx

@@ -13,7 +13,6 @@ import {
   ModalHeader,
 } from '@/components/emcn'
 import { Input, Skeleton } from '@/components/ui'
-import { formatDate } from '@/lib/core/utils/formatting'
 import {
   type CopilotKey,
   useCopilotKeys,
@@ -116,9 +115,13 @@ export function Copilot() {
     }
   }
 
-  const formatLastUsed = (dateString?: string | null) => {
+  const formatDate = (dateString?: string | null) => {
     if (!dateString) return 'Never'
-    return formatDate(new Date(dateString))
+    return new Date(dateString).toLocaleDateString('en-US', {
+      year: 'numeric',
+      month: 'short',
+      day: 'numeric',
+    })
   }
 
   const hasKeys = keys.length > 0
@@ -177,7 +180,7 @@ export function Copilot() {
                         {key.name || 'Unnamed Key'}
                       </span>
                       <span className='text-[13px] text-[var(--text-secondary)]'>
-                        (last used: {formatLastUsed(key.lastUsed).toLowerCase()})
+                        (last used: {formatDate(key.lastUsed).toLowerCase()})
                       </span>
                     </div>
                     <p className='truncate text-[13px] text-[var(--text-muted)]'>

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/mcp/mcp.tsx

@@ -39,7 +39,6 @@ import {
   useRefreshMcpServer,
   useStoredMcpTools,
 } from '@/hooks/queries/mcp'
-import { useAvailableEnvVarKeys } from '@/hooks/use-available-env-vars'
 import { useWorkflowRegistry } from '@/stores/workflows/registry/store'
 import { useSubBlockStore } from '@/stores/workflows/subblock/store'
 import { FormField, McpServerSkeleton } from './components'
@@ -158,7 +157,6 @@ interface FormattedInputProps {
   scrollLeft: number
   showEnvVars: boolean
   envVarProps: EnvVarDropdownConfig
-  availableEnvVars?: Set<string>
   className?: string
   onChange: (e: React.ChangeEvent<HTMLInputElement>) => void
   onScroll: (scrollLeft: number) => void
@@ -171,7 +169,6 @@ function FormattedInput({
   scrollLeft,
   showEnvVars,
   envVarProps,
-  availableEnvVars,
   className,
   onChange,
   onScroll,
@@ -193,7 +190,7 @@ function FormattedInput({
       />
       <div className='pointer-events-none absolute inset-0 flex items-center overflow-hidden px-[8px] py-[6px] font-medium font-sans text-sm'>
         <div className='whitespace-nowrap' style={{ transform: `translateX(-${scrollLeft}px)` }}>
-          {formatDisplayText(value, { availableEnvVars })}
+          {formatDisplayText(value)}
         </div>
       </div>
       {showEnvVars && (
@@ -224,7 +221,6 @@ interface HeaderRowProps {
   envSearchTerm: string
   cursorPosition: number
   workspaceId: string
-  availableEnvVars?: Set<string>
   onInputChange: (field: InputFieldType, value: string, index?: number) => void
   onHeaderScroll: (key: string, scrollLeft: number) => void
   onEnvVarSelect: (value: string) => void
@@ -242,7 +238,6 @@ function HeaderRow({
   envSearchTerm,
   cursorPosition,
   workspaceId,
-  availableEnvVars,
   onInputChange,
   onHeaderScroll,
   onEnvVarSelect,
@@ -270,7 +265,6 @@ function HeaderRow({
         scrollLeft={headerScrollLeft[`key-${index}`] || 0}
         showEnvVars={isKeyActive}
         envVarProps={envVarProps}
-        availableEnvVars={availableEnvVars}
         className='flex-1'
         onChange={(e) => onInputChange('header-key', e.target.value, index)}
         onScroll={(scrollLeft) => onHeaderScroll(`key-${index}`, scrollLeft)}
@@ -282,7 +276,6 @@ function HeaderRow({
         scrollLeft={headerScrollLeft[`value-${index}`] || 0}
         showEnvVars={isValueActive}
         envVarProps={envVarProps}
-        availableEnvVars={availableEnvVars}
         className='flex-1'
         onChange={(e) => onInputChange('header-value', e.target.value, index)}
         onScroll={(scrollLeft) => onHeaderScroll(`value-${index}`, scrollLeft)}
@@ -378,7 +371,6 @@ export function MCP({ initialServerId }: MCPProps) {
   const deleteServerMutation = useDeleteMcpServer()
   const refreshServerMutation = useRefreshMcpServer()
   const { testResult, isTestingConnection, testConnection, clearTestResult } = useMcpServerTest()
-  const availableEnvVars = useAvailableEnvVarKeys(workspaceId)
 
   const urlInputRef = useRef<HTMLInputElement>(null)
 
@@ -1069,7 +1061,6 @@ export function MCP({ initialServerId }: MCPProps) {
                     onSelect: handleEnvVarSelect,
                     onClose: resetEnvVarState,
                   }}
-                  availableEnvVars={availableEnvVars}
                   onChange={(e) => handleInputChange('url', e.target.value)}
                   onScroll={(scrollLeft) => handleUrlScroll(scrollLeft)}
                 />
@@ -1103,7 +1094,6 @@ export function MCP({ initialServerId }: MCPProps) {
                       envSearchTerm={envSearchTerm}
                       cursorPosition={cursorPosition}
                       workspaceId={workspaceId}
-                      availableEnvVars={availableEnvVars}
                       onInputChange={handleInputChange}
                       onHeaderScroll={handleHeaderScroll}
                       onEnvVarSelect={handleEnvVarSelect}

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/subscription/subscription.tsx

@@ -6,8 +6,8 @@ import { useParams } from 'next/navigation'
 import { Combobox, Label, Switch, Tooltip } from '@/components/emcn'
 import { Skeleton } from '@/components/ui'
 import { useSession } from '@/lib/auth/auth-client'
-import { USAGE_THRESHOLDS } from '@/lib/billing/client/consts'
 import { useSubscriptionUpgrade } from '@/lib/billing/client/upgrade'
+import { USAGE_THRESHOLDS } from '@/lib/billing/client/usage-visualization'
 import { getEffectiveSeats } from '@/lib/billing/subscriptions/utils'
 import { cn } from '@/lib/core/utils/cn'
 import { getBaseUrl } from '@/lib/core/utils/urls'

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/usage-header/usage-header.tsx

@@ -2,7 +2,11 @@
 
 import type { ReactNode } from 'react'
 import { Badge } from '@/components/emcn'
-import { getFilledPillColor, USAGE_PILL_COLORS, USAGE_THRESHOLDS } from '@/lib/billing/client'
+import {
+  getFilledPillColor,
+  USAGE_PILL_COLORS,
+  USAGE_THRESHOLDS,
+} from '@/lib/billing/client/usage-visualization'
 
 const PILL_COUNT = 5
 

apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/usage-indicator/usage-indicator.tsx

@@ -5,14 +5,13 @@ import { createLogger } from '@sim/logger'
 import { useQueryClient } from '@tanstack/react-query'
 import { Badge } from '@/components/emcn'
 import { Skeleton } from '@/components/ui'
-import { USAGE_PILL_COLORS, USAGE_THRESHOLDS } from '@/lib/billing/client/consts'
 import { useSubscriptionUpgrade } from '@/lib/billing/client/upgrade'
 import {
-  getBillingStatus,
   getFilledPillColor,
-  getSubscriptionStatus,
+  USAGE_PILL_COLORS,
-  getUsage,
+  USAGE_THRESHOLDS,
-} from '@/lib/billing/client/utils'
+} from '@/lib/billing/client/usage-visualization'
+import { getBillingStatus, getSubscriptionStatus, getUsage } from '@/lib/billing/client/utils'
 import { useContextMenu } from '@/app/workspace/[workspaceId]/w/components/sidebar/hooks'
 import { useSocket } from '@/app/workspace/providers/socket-provider'
 import { subscriptionKeys, useSubscriptionData } from '@/hooks/queries/subscription'

apps/sim/background/schedule-execution.ts

@@ -4,6 +4,8 @@ import { task } from '@trigger.dev/sdk'
 import { Cron } from 'croner'
 import { eq } from 'drizzle-orm'
 import { v4 as uuidv4 } from 'uuid'
+import type { ZodRecord, ZodString } from 'zod'
+import { getPersonalAndWorkspaceEnv } from '@/lib/environment/utils'
 import { preprocessExecution } from '@/lib/execution/preprocessing'
 import { LoggingSession } from '@/lib/logs/execution/logging-session'
 import { buildTraceSpans } from '@/lib/logs/execution/trace-spans/trace-spans'
@@ -21,7 +23,7 @@ import {
 } from '@/lib/workflows/schedules/utils'
 import { ExecutionSnapshot } from '@/executor/execution/snapshot'
 import type { ExecutionMetadata } from '@/executor/execution/types'
-import { hasExecutionResult } from '@/executor/utils/errors'
+import type { ExecutionResult } from '@/executor/types'
 import { MAX_CONSECUTIVE_FAILURES } from '@/triggers/constants'
 
 const logger = createLogger('TriggerScheduleExecution')
@@ -120,6 +122,7 @@ async function runWorkflowExecution({
   loggingSession,
   requestId,
   executionId,
+  EnvVarsSchema,
 }: {
   payload: ScheduleExecutionPayload
   workflowRecord: WorkflowRecord
@@ -127,6 +130,7 @@ async function runWorkflowExecution({
   loggingSession: LoggingSession
   requestId: string
   executionId: string
+  EnvVarsSchema: ZodRecord<ZodString, ZodString>
 }): Promise<RunWorkflowResult> {
   try {
     logger.debug(`[${requestId}] Loading deployed workflow ${payload.workflowId}`)
@@ -152,12 +156,31 @@ async function runWorkflowExecution({
       throw new Error(`Workflow ${payload.workflowId} has no associated workspace`)
     }
 
+    const personalEnvUserId = workflowRecord.userId
+
+    const { personalEncrypted, workspaceEncrypted } = await getPersonalAndWorkspaceEnv(
+      personalEnvUserId,
+      workspaceId
+    )
+
+    const variables = EnvVarsSchema.parse({
+      ...personalEncrypted,
+      ...workspaceEncrypted,
+    })
+
     const input = {
       _context: {
         workflowId: payload.workflowId,
       },
     }
 
+    await loggingSession.safeStart({
+      userId: actorUserId,
+      workspaceId,
+      variables: variables || {},
+      deploymentVersionId,
+    })
+
     const metadata: ExecutionMetadata = {
       requestId,
       executionId,
@@ -231,7 +254,8 @@ async function runWorkflowExecution({
   } catch (error: unknown) {
     logger.error(`[${requestId}] Early failure in scheduled workflow ${payload.workflowId}`, error)
 
-    const executionResult = hasExecutionResult(error) ? error.executionResult : undefined
+    const errorWithResult = error as { executionResult?: ExecutionResult }
+    const executionResult = errorWithResult?.executionResult
     const { traceSpans } = executionResult ? buildTraceSpans(executionResult) : { traceSpans: [] }
 
     await loggingSession.safeCompleteWithError({
@@ -255,6 +279,7 @@ export type ScheduleExecutionPayload = {
   failedCount?: number
   now: string
   scheduledFor?: string
+  preflighted?: boolean
 }
 
 function calculateNextRunTime(
@@ -294,6 +319,9 @@ export async function executeScheduleJob(payload: ScheduleExecutionPayload) {
     executionId,
   })
 
+  const zod = await import('zod')
+  const EnvVarsSchema = zod.z.record(zod.z.string())
+
   try {
     const loggingSession = new LoggingSession(
       payload.workflowId,
@@ -311,6 +339,7 @@ export async function executeScheduleJob(payload: ScheduleExecutionPayload) {
       checkRateLimit: true,
       checkDeployment: true,
       loggingSession,
+      preflightEnvVars: !payload.preflighted,
     })
 
     if (!preprocessResult.success) {
@@ -453,6 +482,7 @@ export async function executeScheduleJob(payload: ScheduleExecutionPayload) {
         loggingSession,
         requestId,
         executionId,
+        EnvVarsSchema,
       })
 
       if (executionResult.status === 'skip') {

apps/sim/background/webhook-execution.ts

@@ -16,8 +16,7 @@ import { loadDeployedWorkflowState } from '@/lib/workflows/persistence/utils'
 import { getWorkflowById } from '@/lib/workflows/utils'
 import { ExecutionSnapshot } from '@/executor/execution/snapshot'
 import type { ExecutionMetadata } from '@/executor/execution/types'
-import { hasExecutionResult } from '@/executor/utils/errors'
+import type { ExecutionResult } from '@/executor/types'
-import { safeAssign } from '@/tools/safe-assign'
 import { getTrigger, isTriggerValid } from '@/triggers'
 
 const logger = createLogger('TriggerWebhookExecution')
@@ -398,7 +397,7 @@ async function executeWebhookJobInternal(
               requestId,
               userId: payload.userId,
             })
-            safeAssign(input, processedInput as Record<string, unknown>)
+            Object.assign(input, processedInput)
           }
         } else {
           logger.debug(`[${requestId}] No valid triggerId found for block ${payload.blockId}`)
@@ -578,9 +577,8 @@ async function executeWebhookJobInternal(
         deploymentVersionId,
       })
 
-      const executionResult = hasExecutionResult(error)
+      const errorWithResult = error as { executionResult?: ExecutionResult }
-        ? error.executionResult
+      const executionResult = errorWithResult?.executionResult || {
-        : {
         success: false,
         output: {},
         logs: [],

apps/sim/background/workflow-execution.ts

@@ -9,7 +9,7 @@ import { PauseResumeManager } from '@/lib/workflows/executor/human-in-the-loop-m
 import { getWorkflowById } from '@/lib/workflows/utils'
 import { ExecutionSnapshot } from '@/executor/execution/snapshot'
 import type { ExecutionMetadata } from '@/executor/execution/types'
-import { hasExecutionResult } from '@/executor/utils/errors'
+import type { ExecutionResult } from '@/executor/types'
 import type { CoreTriggerType } from '@/stores/logs/filters/types'
 
 const logger = createLogger('TriggerWorkflowExecution')
@@ -20,6 +20,7 @@ export type WorkflowExecutionPayload = {
   input?: any
   triggerType?: CoreTriggerType
   metadata?: Record<string, any>
+  preflighted?: boolean
 }
 
 /**
@@ -51,6 +52,7 @@ export async function executeWorkflowJob(payload: WorkflowExecutionPayload) {
       checkRateLimit: true,
       checkDeployment: true,
       loggingSession: loggingSession,
+      preflightEnvVars: !payload.preflighted,
     })
 
     if (!preprocessResult.success) {
@@ -160,7 +162,8 @@ export async function executeWorkflowJob(payload: WorkflowExecutionPayload) {
       executionId,
     })
 
-    const executionResult = hasExecutionResult(error) ? error.executionResult : undefined
+    const errorWithResult = error as { executionResult?: ExecutionResult }
+    const executionResult = errorWithResult?.executionResult
     const { traceSpans } = executionResult ? buildTraceSpans(executionResult) : { traceSpans: [] }
 
     await loggingSession.safeCompleteWithError({

apps/sim/blocks/blocks/mcp.ts

@@ -1,5 +1,5 @@
 import { McpIcon } from '@/components/icons'
-import { createMcpToolId } from '@/lib/mcp/shared'
+import { createMcpToolId } from '@/lib/mcp/utils'
 import type { BlockConfig } from '@/blocks/types'
 import type { ToolResponse } from '@/tools/types'
 

apps/sim/components/emcn/components/checkbox/checkbox.tsx

@@ -23,13 +23,7 @@ import { cn } from '@/lib/core/utils/cn'
  * ```
  */
 const checkboxVariants = cva(
-  [
+  'peer shrink-0 rounded-sm border border-[var(--border-1)] bg-[var(--surface-4)] ring-offset-background transition-colors hover:border-[var(--border-muted)] hover:bg-[var(--surface-7)] focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-ring focus-visible:ring-offset-2 data-[disabled]:cursor-not-allowed data-[disabled]:opacity-50 data-[state=checked]:border-[var(--text-muted)] data-[state=checked]:bg-[var(--text-muted)] data-[state=checked]:text-white dark:bg-[var(--surface-5)] dark:data-[state=checked]:border-[var(--surface-7)] dark:data-[state=checked]:bg-[var(--surface-7)] dark:data-[state=checked]:text-[var(--text-primary)] dark:hover:border-[var(--surface-7)] dark:hover:bg-[var(--border-1)]',
-    'peer shrink-0 cursor-pointer rounded-[4px] border transition-colors',
-    'border-[var(--border-1)] bg-transparent',
-    'focus-visible:outline-none',
-    'data-[disabled]:cursor-not-allowed data-[disabled]:opacity-50',
-    'data-[state=checked]:border-[var(--text-primary)] data-[state=checked]:bg-[var(--text-primary)]',
-  ].join(' '),
   {
     variants: {
       size: {
@@ -89,7 +83,7 @@ const Checkbox = React.forwardRef<React.ElementRef<typeof CheckboxPrimitive.Root
       className={cn(checkboxVariants({ size }), className)}
       {...props}
     >
-      <CheckboxPrimitive.Indicator className='flex items-center justify-center text-[var(--white)]'>
+      <CheckboxPrimitive.Indicator className={cn('flex items-center justify-center text-current')}>
         <Check className={cn(checkboxIconVariants({ size }))} />
       </CheckboxPrimitive.Indicator>
     </CheckboxPrimitive.Root>

apps/sim/content/blog/enterprise/components.tsx

@@ -1,51 +0,0 @@
-'use client'
-
-import { useState } from 'react'
-import { ArrowRight, ChevronRight } from 'lucide-react'
-
-interface ContactButtonProps {
-  href: string
-  children: React.ReactNode
-}
-
-export function ContactButton({ href, children }: ContactButtonProps) {
-  const [isHovered, setIsHovered] = useState(false)
-
-  return (
-    <a
-      href={href}
-      target='_blank'
-      rel='noopener noreferrer'
-      onMouseEnter={() => setIsHovered(true)}
-      onMouseLeave={() => setIsHovered(false)}
-      style={{
-        display: 'inline-flex',
-        alignItems: 'center',
-        gap: '4px',
-        borderRadius: '10px',
-        background: 'linear-gradient(to bottom, #8357ff, #6f3dfa)',
-        border: '1px solid #6f3dfa',
-        boxShadow: 'inset 0 2px 4px 0 #9b77ff',
-        paddingTop: '6px',
-        paddingBottom: '6px',
-        paddingLeft: '12px',
-        paddingRight: '10px',
-        fontSize: '15px',
-        fontWeight: 500,
-        color: '#ffffff',
-        textDecoration: 'none',
-        opacity: isHovered ? 0.9 : 1,
-        transition: 'opacity 200ms',
-      }}
-    >
-      {children}
-      <span style={{ display: 'inline-flex' }}>
-        {isHovered ? (
-          <ArrowRight style={{ height: '16px', width: '16px' }} aria-hidden='true' />
-        ) : (
-          <ChevronRight style={{ height: '16px', width: '16px' }} aria-hidden='true' />
-        )}
-      </span>
-    </a>
-  )
-}

apps/sim/content/blog/enterprise/index.mdx

@@ -1,177 +0,0 @@
----
-slug: enterprise
-title: 'Build with Sim for Enterprise'
-description: 'Access control, BYOK, self-hosted deployments, on-prem Copilot, SSO & SAML, whitelabeling, Admin API, and flexible data retention—enterprise features for teams with strict security and compliance requirements.'
-date: 2026-01-23
-updated: 2026-01-23
-authors:
-  - vik
-readingTime: 10
-tags: [Enterprise, Security, Self-Hosted, SSO, SAML, Compliance, BYOK, Access Control, Copilot, Whitelabel, API, Import, Export]
-ogImage: /studio/enterprise/cover.png
-ogAlt: 'Sim Enterprise features overview'
-about: ['Enterprise Software', 'Security', 'Compliance', 'Self-Hosting']
-timeRequired: PT10M
-canonical: https://sim.ai/studio/enterprise
-featured: false
-draft: true
----
-
-We've been working with security teams at larger organizations to bring Sim into environments with strict compliance and data handling requirements. This post covers the enterprise capabilities we've built: granular access control, bring-your-own-keys, self-hosted deployments, on-prem Copilot, SSO & SAML, whitelabeling, compliance, and programmatic management via the Admin API.
-
-## Access Control
-
-![Access Control Settings](/studio/enterprise/access-control.png)
-
-Permission groups let administrators control what features and integrations are available to different teams within an organization. This isn't just UI filtering—restrictions are enforced at the execution layer.
-
-### Model Provider Restrictions
-
-![Model Provider Restrictions](/studio/enterprise/model-providers.png)
-
-Allowlist specific providers while blocking others. Users in a restricted group see only approved providers in the model selector. A workflow that tries to use an unapproved provider won't execute.
-
-This is useful when you've approved certain providers for production use, negotiated enterprise agreements with specific vendors, or need to comply with data residency requirements that only certain providers meet.
-
-### Integration Controls
-
-![Integration Controls](/studio/enterprise/integration-controls.png)
-
-Restrict which workflow blocks appear in the editor. Disable the HTTP block to prevent arbitrary external API calls. Block access to integrations that haven't completed your security review.
-
-### Platform Feature Toggles
-
-![Platform Feature Toggles](/studio/enterprise/platform-controls.png)
-
-Control access to platform capabilities per permission group:
-
-- **[Knowledge Base](https://docs.sim.ai/blocks/knowledge)** — Disable document uploads if RAG workflows aren't approved
-- **[MCP Tools](https://docs.sim.ai/mcp)** — Block deployment of workflows as external tool endpoints
-- **Custom Tools** — Prevent creation of arbitrary HTTP integrations
-- **Invitations** — Disable self-service team invitations to maintain centralized control
-
-Users not assigned to any permission group have full access, so restrictions are opt-in per team rather than requiring you to grant permissions to everyone.
-
----
-
-## Bring Your Own Keys
-
-![BYOK Configuration](/studio/enterprise/byok.png)
-
-When you configure your own API keys for model providers—OpenAI, Anthropic, Google, Azure OpenAI, AWS Bedrock, or any supported provider—your prompts and completions route directly between Sim and that provider. The traffic doesn't pass through our infrastructure.
-
-This matters because LLM requests contain the context you've assembled: customer data, internal documents, proprietary business logic. With your own keys, you maintain a direct relationship with your model provider. Their data handling policies and compliance certifications apply to your usage without an intermediary.
-
-BYOK is available to everyone, not just enterprise plans. Connect your credentials in workspace settings, and all model calls use your keys. For self-hosted deployments, this is the default—there are no Sim-managed keys involved.
-
-A healthcare organization can use Azure OpenAI with their BAA-covered subscription. A financial services firm can route through their approved API gateway with additional logging controls. The workflow builder stays the same; only the underlying data flow changes.
-
----
-
-## Self-Hosted Deployments
-
-![Self-Hosted Architecture](/studio/enterprise/self-hosted.png)
-
-Run Sim entirely on your infrastructure. Deploy with [Docker Compose](https://docs.sim.ai/self-hosting/docker) or [Helm charts](https://docs.sim.ai/self-hosting/kubernetes) for Kubernetes—the application, WebSocket server, and PostgreSQL database all stay within your network.
-
-**Single-node** — Docker Compose setup for smaller teams getting started.
-
-**High availability** — Multi-replica Kubernetes deployments with horizontal pod autoscaling.
-
-**Air-gapped** — No external network access required. Pair with [Ollama](https://docs.sim.ai/self-hosting/ollama) or [vLLM](https://docs.sim.ai/self-hosting/vllm) for local model inference.
-
-Enterprise features like access control, SSO, and organization management are enabled through environment variables—no connection to our billing infrastructure required.
-
----
-
-## On-Prem Copilot
-
-Copilot—our context-aware AI assistant for building and debugging workflows—can run entirely within your self-hosted deployment using your own LLM keys.
-
-When you configure Copilot with your API credentials, all assistant interactions route directly to your chosen provider. The prompts Copilot generates—which include context from your workflows, execution logs, and workspace configuration—never leave your network. You get the same capabilities as the hosted version: natural language workflow generation, error diagnosis, documentation lookup, and iterative editing through diffs.
-
-This is particularly relevant for organizations where the context Copilot needs to be helpful is also the context that can't leave the building. Your workflow definitions, block configurations, and execution traces stay within your infrastructure even when you're asking Copilot for help debugging a failure or generating a new integration.
-
----
-
-## SSO & SAML
-
-![SSO Configuration](/studio/enterprise/sso.png)
-
-Integrate with your existing identity provider through SAML 2.0 or OIDC. We support Okta, Azure AD (Entra ID), Google Workspace, OneLogin, Auth0, JumpCloud, Ping Identity, ADFS, and any compliant identity provider.
-
-Once enabled, users authenticate through your IdP instead of Sim credentials. Your MFA policies apply automatically. Session management ties to your IdP—logout there terminates Sim sessions. Account deprovisioning immediately revokes access.
-
-New users are provisioned on first SSO login based on IdP attributes. No invitation emails, no password setup, no manual account creation required.
-
-This centralizes your authentication and audit trail. Your security team's policies apply to Sim access through the same system that tracks everything else.
-
----
-
-## Whitelabeling
-
-Customize Sim's appearance to match your brand. For self-hosted deployments, whitelabeling is configured through environment variables—no code changes required.
-
-**Brand name & logo** — Replace "Sim" with your company name and logo throughout the interface.
-
-**Theme colors** — Set primary, accent, and background colors to align with your brand palette.
-
-**Support & documentation links** — Point help links to your internal documentation and support channels instead of ours.
-
-**Legal pages** — Redirect terms of service and privacy policy links to your own policies.
-
-This is useful for internal platforms, customer-facing deployments, or any scenario where you want Sim to feel like a native part of your product rather than a third-party tool.
-
----
-
-## Compliance & Data Retention
-
-![Compliance Certifications](/studio/enterprise/compliance.png)
-
-Sim maintains **SOC 2 Type II** certification with annual audits covering security, availability, and confidentiality controls. We share our SOC 2 report directly with prospective customers under NDA.
-
-**HIPAA** — Business Associate Agreements available for healthcare organizations. Requires self-hosted deployment or dedicated infrastructure.
-
-**Data Retention** — Configure how long workflow execution traces, inputs, and outputs are stored before automatic deletion. We work with enterprise customers to set retention policies that match their compliance requirements.
-
-We provide penetration test reports, architecture documentation, and completed security questionnaires (SIG, CAIQ, and custom formats) for your vendor review process.
-
----
-
-## Admin API
-
-Manage Sim programmatically through the Admin API. Every operation available in the UI has a corresponding API endpoint, enabling infrastructure-as-code workflows and integration with your existing tooling.
-
-**User & Organization Management** — Provision users, create organizations, assign roles, and manage team membership. Integrate with your HR systems to automatically onboard and offboard employees.
-
-**Workspace Administration** — Create workspaces, configure settings, and manage access. Useful for setting up isolated environments for different teams or clients.
-
-**Workflow Lifecycle** — Deploy, undeploy, and manage workflow versions programmatically. Build CI/CD pipelines that promote workflows from development to staging to production.
-
-The API uses standard REST conventions with JSON payloads. Authentication is via API keys scoped to your organization.
-
----
-
-## Import & Export
-
-Move workflows between environments, create backups, and maintain version control inside or outside of Sim.
-
-**Workflow Export** — Export individual workflows or entire folders as JSON. The export includes block configurations, connections, environment variable references, and metadata. Use this to back up critical workflows or move them between Sim instances.
-
-**Workspace Export** — Export an entire workspace as a ZIP archive containing all workflows, folder structure, and configuration. Useful for disaster recovery or migrating to a self-hosted deployment.
-
-**Import** — Import workflows into any workspace. Sim handles ID remapping and validates the structure before import. This enables workflow templates, sharing between teams, and restoring from backups.
-
-**Version History** — Each deployment creates a version snapshot. Roll back to previous versions if a deployment causes issues. The Admin API exposes version history for integration with your change management processes.
-
-For teams practicing GitOps, export workflows to your repository and use the Admin API to deploy from CI/CD pipelines.
-
----
-
-## Get Started
-
-Enterprise features are available now. Check out our [self-hosting](https://docs.sim.ai/self-hosting) and [enterprise](https://docs.sim.ai/enterprise) docs to get started.
-
-*Questions about enterprise deployments?*
-
-<ContactButton href="https://form.typeform.com/to/jqCO12pF">Contact Us</ContactButton>

apps/sim/content/blog/v0-5/components.tsx

@@ -1 +0,0 @@
-export { DiffControlsDemo } from './components/diff-controls-demo'

apps/sim/content/blog/v0-5/components/diff-controls-demo.tsx

@@ -1,111 +0,0 @@
-'use client'
-
-import { useState } from 'react'
-
-export function DiffControlsDemo() {
-  const [rejectHover, setRejectHover] = useState(false)
-  const [acceptHover, setAcceptHover] = useState(false)
-
-  return (
-    <div style={{ display: 'flex', justifyContent: 'center', margin: '24px 0' }}>
-      <div
-        style={{
-          position: 'relative',
-          display: 'flex',
-          height: '30px',
-          overflow: 'hidden',
-          borderRadius: '4px',
-          isolation: 'isolate',
-        }}
-      >
-        {/* Reject button */}
-        <button
-          onClick={() => {}}
-          onMouseEnter={() => setRejectHover(true)}
-          onMouseLeave={() => setRejectHover(false)}
-          title='Reject changes'
-          style={{
-            position: 'relative',
-            display: 'flex',
-            height: '100%',
-            alignItems: 'center',
-            border: '1px solid #e0e0e0',
-            backgroundColor: rejectHover ? '#f0f0f0' : '#f5f5f5',
-            paddingRight: '20px',
-            paddingLeft: '12px',
-            fontWeight: 500,
-            fontSize: '13px',
-            color: rejectHover ? '#2d2d2d' : '#404040',
-            clipPath: 'polygon(0 0, calc(100% + 10px) 0, 100% 100%, 0 100%)',
-            borderRadius: '4px 0 0 4px',
-            cursor: 'default',
-            transition: 'color 150ms, background-color 150ms, border-color 150ms',
-          }}
-        >
-          Reject
-        </button>
-        {/* Slanted divider - split gray/green */}
-        <div
-          style={{
-            pointerEvents: 'none',
-            position: 'absolute',
-            top: 0,
-            bottom: 0,
-            left: '66px',
-            width: '2px',
-            transform: 'skewX(-18.4deg)',
-            background: 'linear-gradient(to right, #e0e0e0 50%, #238458 50%)',
-            zIndex: 10,
-          }}
-        />
-        {/* Accept button */}
-        <button
-          onClick={() => {}}
-          onMouseEnter={() => setAcceptHover(true)}
-          onMouseLeave={() => setAcceptHover(false)}
-          title='Accept changes (⇧⌘⏎)'
-          style={{
-            position: 'relative',
-            display: 'flex',
-            height: '100%',
-            alignItems: 'center',
-            border: '1px solid rgba(0, 0, 0, 0.15)',
-            backgroundColor: '#32bd7e',
-            paddingRight: '12px',
-            paddingLeft: '20px',
-            fontWeight: 500,
-            fontSize: '13px',
-            color: '#ffffff',
-            clipPath: 'polygon(10px 0, 100% 0, 100% 100%, 0 100%)',
-            borderRadius: '0 4px 4px 0',
-            marginLeft: '-10px',
-            cursor: 'default',
-            filter: acceptHover ? 'brightness(1.1)' : undefined,
-            transition: 'background-color 150ms, border-color 150ms',
-          }}
-        >
-          Accept
-          <kbd
-            style={{
-              marginLeft: '8px',
-              borderRadius: '4px',
-              border: '1px solid rgba(255, 255, 255, 0.2)',
-              backgroundColor: 'rgba(255, 255, 255, 0.1)',
-              paddingLeft: '6px',
-              paddingRight: '6px',
-              paddingTop: '2px',
-              paddingBottom: '2px',
-              fontWeight: 500,
-              fontFamily:
-                'ui-sans-serif, system-ui, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji"',
-              fontSize: '10px',
-              color: '#ffffff',
-            }}
-          >
-            ⇧⌘<span style={{ display: 'inline-block', transform: 'translateY(-1px)' }}>⏎</span>
-          </kbd>
-        </button>
-      </div>
-    </div>
-  )
-}

apps/sim/content/blog/v0-5/index.mdx

@@ -1,204 +0,0 @@
----
-slug: v0-5
-title: 'Introducing Sim v0.5'
-description: 'This new release brings a state of the art Copilot, seamless MCP server and tool deployment, 100+ integrations with 300+ tools, comprehensive execution logs, and realtime collaboration—built for teams shipping AI agents in production.'
-date: 2026-01-22
-updated: 2026-01-22
-authors:
-  - waleed
-readingTime: 8
-tags: [Release, Copilot, MCP, Observability, Collaboration, Integrations, Sim]
-ogImage: /studio/v0-5/cover.png
-ogAlt: 'Sim v0.5 release announcement'
-about: ['AI Agents', 'Workflow Automation', 'Developer Tools']
-timeRequired: PT8M
-canonical: https://sim.ai/studio/v0-5
-featured: true
-draft: false
----
-
-**Sim v0.5** is the next evolution of our agent workflow platform—built for teams shipping AI agents to production.
-
-## Copilot
-
-![Sim Copilot](/studio/v0-5/copilot.jpg)
-
-Copilot is a context-aware assistant embedded in the Sim editor. Unlike general-purpose AI assistants, Copilot has direct access to your workspace: workflows, block configurations, execution logs, connected credentials, and documentation. It can also search the web to pull in external context when needed.
-
-Your workspace is indexed for hybrid retrieval. When you ask a question, Copilot queries this index to ground its responses in your actual workflow state. Ask "why did my workflow fail at 3am?" and it retrieves the relevant execution trace, identifies the error, and explains what happened.
-
-Copilot supports slash commands that trigger specialized capabilities:
-
-- `/fast` — uses a faster model for quick responses when you need speed over depth
-- `/research` — performs multi-step web research on a topic, synthesizing results from multiple sources
-- `/actions` — enables agentic mode where Copilot can take actions on your behalf, like modifying blocks or creating workflows
-- `/search` — searches the web for relevant information
-- `/read` — reads and extracts content from a URL
-- `/scrape` — scrapes structured data from web pages
-- `/crawl` — crawls multiple pages from a website to gather comprehensive information
-
-Use `@` commands to pull specific context into your conversation. `@block` references a specific block's configuration and recent outputs. `@workflow` includes the full workflow structure. `@logs` pulls in recent execution traces. This lets you ask targeted questions like "why is `@Slack1` returning an error?" and Copilot has the exact context it needs to diagnose the issue.
-
-For complex tasks, Copilot uses subagents—breaking requests into discrete operations and executing them sequentially. Ask it to "add error handling to this workflow" and it will analyze your blocks, determine where failures could occur, add appropriate condition blocks, and wire up notification paths. Each change surfaces as a diff for your review before applying.
-
-<DiffControlsDemo />
-
-## MCP Deployment
-
-![MCP Deployment](/studio/v0-5/mcp.png)
-
-Deploy any workflow as an [MCP](https://modelcontextprotocol.io) server. Once deployed, the workflow becomes a callable tool for any MCP-compatible agent—[Claude Desktop](https://claude.ai/download), [Cursor](https://cursor.com), or your own applications.
-
-Sim generates a tool definition from your workflow: the name and description you specify, plus a JSON schema derived from your Start block's input format. The MCP server uses Streamable HTTP transport, so agents connect via a single URL. Authentication is handled via API key headers or public access, depending on your configuration.
-
-Consider a lead enrichment workflow: it queries Apollo for contact data, checks Salesforce for existing records, formats the output, and posts a summary to Slack. That's 8 blocks in Sim. Deploy it as MCP, and any agent can call `enrich_lead("jane@acme.com")` and receive structured data back. The agent treats it as a single tool call—it doesn't need to know about Apollo, Salesforce, or Slack.
-
-This pattern scales to research pipelines, data processing workflows, approval chains, and internal tooling. Anything you build in Sim becomes a tool any agent can invoke.
-
-## Logs & Dashboard
-
-![Logs & Dashboard](/studio/v0-5/dashboard.jpg)
-
-Every workflow execution generates a full trace. Each block records its start time, end time, inputs, outputs, and any errors. For LLM blocks, we capture prompt tokens, completion tokens, and cost by model.
-
-The dashboard aggregates this data into queryable views:
-
-- **Trace spans**: Hierarchical view of block executions with timing waterfall
-- **Cost attribution**: Token usage and spend broken down by model per execution
-- **Error context**: Full stack traces with the block, input values, and failure reason
-- **Filtering**: Query by time range, trigger type, workflow, or status
-- **Execution snapshots**: Each run captures the workflow state at execution time—restore to see exactly what was running
-
-This level of observability is necessary when workflows handle production traffic—sending customer emails, processing payments, or making API calls on behalf of users.
-
-## Realtime Collaboration
-
-![Realtime Collaboration](/studio/v0-5/collaboration.png)
-
-Multiple users can edit the same workflow simultaneously. Changes propagate in real time—you see teammates' cursors, block additions, and configuration updates as they happen.
-
-The editor now supports full undo/redo history (Cmd+Z / Cmd+Shift+Z), so you can step back through changes without losing work. Copy and paste works for individual blocks, groups of blocks, or entire subflows—select what you need, Cmd+C, and paste into the same workflow or a different one. This makes it easy to duplicate patterns, share components across workflows, or quickly prototype variations.
-
-This is particularly useful during development sessions where engineers, product managers, and domain experts need to iterate together. Everyone works on the same workflow state, and changes sync immediately across all connected clients.
-
-## Versioning
-
-![Versioning](/studio/v0-5/versioning.png)
-
-Every deployment creates a new version. The version history shows who deployed what and when, with a preview of the workflow state at that point in time. Roll back to any previous version with one click—the live deployment updates immediately.
-
-This matters when something breaks in production. You can instantly revert to the last known good version while you debug, rather than scrambling to fix forward. It also provides a clear audit trail: you can see exactly what changed between versions and who made the change.
-
----
-
-## 100+ Integrations
-
-![Integrations](/studio/v0-5/integrations.png)
-
-v0.5 adds **100+ integrations** with **300+ actions**. These cover the specific operations you need—not just generic CRUD, but actions like "send Slack message to channel," "create Jira ticket with custom fields," "query Postgres with parameterized SQL," or "enrich contact via Apollo."
-
-- **CRMs & Sales**: Salesforce, HubSpot, Pipedrive, Apollo, Wealthbox
-- **Communication**: Slack, Discord, Microsoft Teams, Telegram, WhatsApp, Twilio
-- **Productivity**: Notion, Confluence, Google Workspace, Microsoft 365, Airtable, Asana, Trello
-- **Developer Tools**: GitHub, GitLab, Jira, Linear, Sentry, Datadog, Grafana
-- **Databases**: PostgreSQL, MySQL, MongoDB, [Supabase](https://supabase.com), DynamoDB, Elasticsearch, [Pinecone](https://pinecone.io), [Qdrant](https://qdrant.tech), Neo4j
-- **Finance**: Stripe, Kalshi, Polymarket
-- **Web & Search**: [Firecrawl](https://firecrawl.dev), [Exa](https://exa.ai), [Tavily](https://tavily.com), [Jina](https://jina.ai), [Serper](https://serper.dev)
-- **Cloud**: AWS (S3, RDS, SQS, Textract, Bedrock), [Browser Use](https://browser-use.com), [Stagehand](https://github.com/browserbase/stagehand)
-
-Each integration handles OAuth or API key authentication. Connect once, and the credentials are available across all workflows in your workspace.
-
----
-
-## Triggers
-
-Workflows can be triggered through multiple mechanisms:
-
-**Webhooks**: Sim provisions a unique HTTPS endpoint for each workflow. Incoming POST requests are parsed and passed to the first block as input. Supports standard webhook patterns including signature verification for services that provide it.
-
-**Schedules**: Cron-based scheduling with timezone support. Use the visual scheduler or write expressions directly. Execution locks prevent overlapping runs.
-
-**Chat**: Deploy workflows as conversational interfaces. Messages stream to your workflow, responses stream back to the user. Supports multi-turn context.
-
-**API**: REST endpoint with your workflow's input schema. Call it from any system that can make HTTP requests.
-
-**Integration triggers**: Event-driven triggers for specific services—GitHub (PR opened, issue created, push), Stripe (payment succeeded, subscription updated), TypeForm (form submitted), RSS (new item), and more.
-
-**Forms**: Coming soon—build custom input forms that trigger workflows directly.
-
----
-
-## Knowledge Base
-
-![Knowledge Base](/studio/v0-5/kb.png)
-
-Upload documents—PDFs, text files, markdown, HTML—and make them queryable by your agents. This is [RAG](https://en.wikipedia.org/wiki/Retrieval-augmented_generation) (Retrieval Augmented Generation) built directly into Sim.
-
-Documents are chunked, embedded, and indexed using hybrid search ([BM25](https://en.wikipedia.org/wiki/Okapi_BM25) + vector embeddings). Agent blocks can query the knowledge base as a tool, retrieving relevant passages based on semantic similarity and keyword matching. When documents are updated, they re-index automatically.
-
-Use cases:
-
-- **Customer support agents** that reference your help docs and troubleshooting guides to resolve tickets
-- **Sales assistants** that pull from product specs, pricing sheets, and competitive intel
-- **Internal Q&A bots** that answer questions about company policies, HR docs, or engineering runbooks
-- **Research workflows** that synthesize information from uploaded papers, reports, or data exports
-
----
-
-## New Blocks
-
-### Human in the Loop
-
-Pause workflow execution pending human approval. The block sends a notification (email, Slack, or webhook) with approve/reject actions. Execution resumes only on approval—useful for high-stakes operations like customer-facing emails, financial transactions, or content publishing.
-
-### Agent Block
-
-The Agent block now supports three additional tool types:
-
-- **Workflows as tools**: Agents can invoke other Sim workflows, enabling hierarchical architectures where a coordinator agent delegates to specialized sub-workflows
-- **Knowledge base queries**: Agents search your indexed documents directly, retrieving relevant context for their responses
-- **Custom functions**: Execute JavaScript or Python code in isolated sandboxes with configurable timeout and memory limits
-
-### Subflows
-
-Group blocks into collapsible subflows. Use them for loops (iterate over arrays), parallel execution (run branches concurrently), or logical organization. Subflows can be nested and keep complex workflows manageable.
-
-### Router
-
-Conditional branching based on data or LLM classification. Define rules or let the router use an LLM to determine intent and select the appropriate path.
-
-The router now exposes its reasoning in execution logs—when debugging unexpected routing, you can see exactly why a particular branch was selected.
-
----
-
-## Model Providers
-
-Sim supports 14 providers: [OpenAI](https://openai.com), [Anthropic](https://anthropic.com), [Google](https://ai.google.dev), [Azure OpenAI](https://azure.microsoft.com/en-us/products/ai-services/openai-service), [xAI](https://x.ai), [Mistral](https://mistral.ai), [Deepseek](https://deepseek.com), [Groq](https://groq.com), [Cerebras](https://cerebras.ai), [Ollama](https://ollama.com), and [OpenRouter](https://openrouter.ai).
-
-New in v0.5:
-
-- **[AWS Bedrock](https://aws.amazon.com/bedrock)**: Claude, Nova, Llama, Mistral, and Cohere models via your AWS account
-- **[Google Vertex AI](https://cloud.google.com/vertex-ai)**: Gemini models through Google Cloud
-- **[vLLM](https://github.com/vllm-project/vllm)**: Self-hosted models on your own infrastructure
-
-Model selection is per-block, so you can use faster/cheaper models for simple tasks and more capable models where needed.
-
----
-
-## Developer Experience
-
-**Custom Tools**: Define your own integrations with custom HTTP endpoints, authentication (API key, OAuth, Bearer token), and request/response schemas. Custom tools appear in the block palette alongside built-in integrations.
-
-**Environment Variables**: Encrypted key-value storage for secrets and configuration. Variables are decrypted at runtime and can be referenced in any block configuration.
-
-**Import/Export**: Export workflows or entire workspaces as JSON. Imports preserve all blocks, connections, configurations, and variable references.
-
-**File Manager**: Upload files to your workspace for use in workflows—templates, seed data, static assets. Files are accessible via internal references or presigned URLs.
-
----
-
-## Get Started
-
-Available now at [sim.ai](https://sim.ai). Check out the [docs](https://docs.sim.ai) to dive deeper.
-
-*Questions? [help@sim.ai](mailto:help@sim.ai) · [Discord](https://sim.ai/discord)*

apps/sim/executor/constants.ts

@@ -120,12 +120,6 @@ export const SPECIAL_REFERENCE_PREFIXES = [
   REFERENCE.PREFIX.VARIABLE,
 ] as const
 
-export const RESERVED_BLOCK_NAMES = [
-  REFERENCE.PREFIX.LOOP,
-  REFERENCE.PREFIX.PARALLEL,
-  REFERENCE.PREFIX.VARIABLE,
-] as const
-
 export const LOOP_REFERENCE = {
   ITERATION: 'iteration',
   INDEX: 'index',

apps/sim/executor/errors/child-workflow-error.ts

@@ -1,31 +0,0 @@
-import type { TraceSpan } from '@/lib/logs/types'
-import type { ExecutionResult } from '@/executor/types'
-
-interface ChildWorkflowErrorOptions {
-  message: string
-  childWorkflowName: string
-  childTraceSpans?: TraceSpan[]
-  executionResult?: ExecutionResult
-  cause?: Error
-}
-
-/**
- * Error raised when a child workflow execution fails.
- */
-export class ChildWorkflowError extends Error {
-  readonly childTraceSpans: TraceSpan[]
-  readonly childWorkflowName: string
-  readonly executionResult?: ExecutionResult
-
-  constructor(options: ChildWorkflowErrorOptions) {
-    super(options.message, { cause: options.cause })
-    this.name = 'ChildWorkflowError'
-    this.childWorkflowName = options.childWorkflowName
-    this.childTraceSpans = options.childTraceSpans ?? []
-    this.executionResult = options.executionResult
-  }
-
-  static isChildWorkflowError(error: unknown): error is ChildWorkflowError {
-    return error instanceof ChildWorkflowError
-  }
-}

apps/sim/executor/execution/block-executor.ts

@@ -1,4 +1,7 @@
+import { db } from '@sim/db'
+import { mcpServers } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
+import { and, eq, inArray, isNull } from 'drizzle-orm'
 import { getBaseUrl } from '@/lib/core/utils/urls'
 import {
   containsUserFileWithMetadata,
@@ -13,7 +16,6 @@ import {
   isSentinelBlockType,
 } from '@/executor/constants'
 import type { DAGNode } from '@/executor/dag/builder'
-import { ChildWorkflowError } from '@/executor/errors/child-workflow-error'
 import type { BlockStateWriter, ContextExtensions } from '@/executor/execution/types'
 import {
   generatePauseContextId,
@@ -84,6 +86,10 @@ export class BlockExecutor {
 
       resolvedInputs = this.resolver.resolveInputs(ctx, node.id, block.config.params, block)
 
+      if (block.metadata?.id === BlockType.AGENT && resolvedInputs.tools) {
+        resolvedInputs = await this.filterUnavailableMcpToolsForLog(ctx, resolvedInputs)
+      }
+
       if (blockLog) {
         blockLog.input = resolvedInputs
       }
@@ -214,26 +220,24 @@ export class BlockExecutor {
         ? resolvedInputs
         : ((block.config?.params as Record<string, any> | undefined) ?? {})
 
-    const errorOutput: NormalizedBlockOutput = {
-      error: errorMessage,
-    }
-
-    if (ChildWorkflowError.isChildWorkflowError(error)) {
-      errorOutput.childTraceSpans = error.childTraceSpans
-      errorOutput.childWorkflowName = error.childWorkflowName
-    }
-
-    this.state.setBlockOutput(node.id, errorOutput, duration)
-
     if (blockLog) {
       blockLog.endedAt = new Date().toISOString()
       blockLog.durationMs = duration
       blockLog.success = false
       blockLog.error = errorMessage
       blockLog.input = input
-      blockLog.output = this.filterOutputForLog(block, errorOutput)
     }
 
+    const errorOutput: NormalizedBlockOutput = {
+      error: errorMessage,
+    }
+
+    if (error && typeof error === 'object' && 'childTraceSpans' in error) {
+      errorOutput.childTraceSpans = (error as any).childTraceSpans
+    }
+
+    this.state.setBlockOutput(node.id, errorOutput, duration)
+
     logger.error(
       phase === 'input_resolution' ? 'Failed to resolve block inputs' : 'Block execution failed',
       {
@@ -433,6 +437,60 @@ export class BlockExecutor {
     return undefined
   }
 
+  /**
+   * Filters out unavailable MCP tools from agent inputs for logging.
+   * Only includes tools from servers with 'connected' status.
+   */
+  private async filterUnavailableMcpToolsForLog(
+    ctx: ExecutionContext,
+    inputs: Record<string, any>
+  ): Promise<Record<string, any>> {
+    const tools = inputs.tools
+    if (!Array.isArray(tools) || tools.length === 0) return inputs
+
+    const mcpTools = tools.filter((t: any) => t.type === 'mcp')
+    if (mcpTools.length === 0) return inputs
+
+    const serverIds = [
+      ...new Set(mcpTools.map((t: any) => t.params?.serverId).filter(Boolean)),
+    ] as string[]
+    if (serverIds.length === 0) return inputs
+
+    const availableServerIds = new Set<string>()
+    if (ctx.workspaceId && serverIds.length > 0) {
+      try {
+        const servers = await db
+          .select({ id: mcpServers.id, connectionStatus: mcpServers.connectionStatus })
+          .from(mcpServers)
+          .where(
+            and(
+              eq(mcpServers.workspaceId, ctx.workspaceId),
+              inArray(mcpServers.id, serverIds),
+              isNull(mcpServers.deletedAt)
+            )
+          )
+
+        for (const server of servers) {
+          if (server.connectionStatus === 'connected') {
+            availableServerIds.add(server.id)
+          }
+        }
+      } catch (error) {
+        logger.warn('Failed to check MCP server availability for logging:', error)
+        return inputs
+      }
+    }
+
+    const filteredTools = tools.filter((tool: any) => {
+      if (tool.type !== 'mcp') return true
+      const serverId = tool.params?.serverId
+      if (!serverId) return false
+      return availableServerIds.has(serverId)
+    })
+
+    return { ...inputs, tools: filteredTools }
+  }
+
   private preparePauseResumeSelfReference(
     ctx: ExecutionContext,
     node: DAGNode,

apps/sim/executor/execution/engine.ts

@@ -13,7 +13,7 @@ import type {
   PausePoint,
   ResumeStatus,
 } from '@/executor/types'
-import { attachExecutionResult, normalizeError } from '@/executor/utils/errors'
+import { normalizeError } from '@/executor/utils/errors'
 
 const logger = createLogger('ExecutionEngine')
 
@@ -170,8 +170,8 @@ export class ExecutionEngine {
         metadata: this.context.metadata,
       }
 
-      if (error instanceof Error) {
+      if (error && typeof error === 'object') {
-        attachExecutionResult(error, executionResult)
+        ;(error as any).executionResult = executionResult
       }
       throw error
     }

apps/sim/executor/execution/executor.ts

@@ -1,5 +1,6 @@
 import { createLogger } from '@sim/logger'
 import { StartBlockPath } from '@/lib/workflows/triggers/triggers'
+import type { BlockOutput } from '@/blocks/types'
 import { DAGBuilder } from '@/executor/dag/builder'
 import { BlockExecutor } from '@/executor/execution/block-executor'
 import { EdgeManager } from '@/executor/execution/edge-manager'
@@ -23,6 +24,7 @@ const logger = createLogger('DAGExecutor')
 
 export interface DAGExecutorOptions {
   workflow: SerializedWorkflow
+  currentBlockStates?: Record<string, BlockOutput>
   envVarValues?: Record<string, string>
   workflowInput?: WorkflowInput
   workflowVariables?: Record<string, unknown>