v0.5.79: longer MCP tools timeout, optimize loop/parallel regeneration, enrich.so integration

* feat(tools): added enrich so

* updated docs and types

apps/docs/components/icons.tsx

@@ -5421,3 +5421,18 @@ z'
     </svg>
   )
 }
+
+export function EnrichSoIcon(props: SVGProps<SVGSVGElement>) {
+  return (
+    <svg {...props} xmlns='http://www.w3.org/2000/svg' viewBox='0 0 398 394' fill='none'>
+      <path
+        fill='#5A52F4'
+        d='M129.705566,319.705719 C127.553314,322.684906 125.651512,325.414673 123.657059,328.277466 C113.748466,318.440308 105.605003,310.395905 97.510834,302.302216 C93.625801,298.417419 89.990181,294.269318 85.949242,290.558868 C82.857994,287.720428 82.464081,285.757660 85.772888,282.551880 C104.068108,264.826202 122.146088,246.876312 140.285110,228.989670 C141.183945,228.103317 141.957443,227.089844 143.588837,225.218384 C140.691605,225.066116 138.820053,224.882874 136.948410,224.881958 C102.798264,224.865326 68.647453,224.765244 34.498699,224.983612 C29.315699,225.016739 27.990419,223.343155 28.090912,218.397430 C28.381887,204.076935 28.189890,189.746719 28.195684,175.420319 C28.198524,168.398178 28.319166,168.279541 35.590389,168.278687 C69.074188,168.274780 102.557991,168.281174 136.041794,168.266083 C137.968231,168.265213 139.894608,168.107101 141.821030,168.022171 C142.137955,167.513992 142.454895,167.005829 142.771820,166.497650 C122.842415,146.495621 102.913002,126.493591 83.261360,106.770348 C96.563828,93.471756 109.448814,80.590523 122.656265,67.386925 C123.522743,68.161835 124.785545,69.187096 125.930321,70.330513 C144.551819,88.930206 163.103683,107.600082 181.805267,126.118790 C186.713593,130.979126 189.085648,136.448059 189.055374,143.437057 C188.899490,179.418961 188.911179,215.402191 189.046661,251.384262 C189.072296,258.190796 186.742920,263.653717 181.982727,268.323273 C164.624405,285.351227 147.295807,302.409485 129.705566,319.705719z'
+      />
+      <path
+        fill='#5A52F4'
+        d='M276.070923,246.906128 C288.284363,258.985870 300.156097,270.902100 312.235931,282.603485 C315.158752,285.434784 315.417542,287.246246 312.383484,290.248932 C301.143494,301.372498 290.168549,312.763733 279.075592,324.036255 C278.168030,324.958496 277.121307,325.743835 275.898315,326.801086 C274.628357,325.711792 273.460663,324.822968 272.422150,323.802673 C253.888397,305.594757 235.418701,287.321289 216.818268,269.181854 C211.508789,264.003937 208.872726,258.136688 208.914001,250.565842 C209.108337,214.917786 209.084808,179.267715 208.928864,143.619293 C208.898407,136.654907 211.130066,131.122162 216.052216,126.246094 C234.867538,107.606842 253.537521,88.820908 272.274780,70.102730 C273.313202,69.065353 274.468597,68.145027 275.264038,67.440727 C288.353516,80.579514 301.213470,93.487869 314.597534,106.922356 C295.163391,126.421753 275.214752,146.437363 255.266113,166.452972 C255.540176,166.940353 255.814240,167.427734 256.088318,167.915100 C257.983887,168.035736 259.879425,168.260345 261.775085,168.261551 C295.425201,168.282852 329.075287,168.273544 362.725403,168.279831 C369.598907,168.281113 369.776215,168.463593 369.778931,175.252213 C369.784882,189.911667 369.646088,204.573074 369.861206,219.229355 C369.925110,223.585022 368.554596,224.976288 364.148865,224.956406 C329.833130,224.801605 295.516388,224.869598 261.199951,224.868744 C259.297974,224.868698 257.396027,224.868744 254.866638,224.868744 C262.350708,232.658707 269.078217,239.661194 276.070923,246.906128z'
+      />
+    </svg>
+  )
+}

apps/docs/components/ui/icon-mapping.ts

@@ -29,6 +29,7 @@ import {
   DynamoDBIcon,
   ElasticsearchIcon,
   ElevenLabsIcon,
+  EnrichSoIcon,
   ExaAIIcon,
   EyeIcon,
   FirecrawlIcon,
@@ -160,6 +161,7 @@ export const blockTypeToIconMap: Record<string, IconComponent> = {
   dynamodb: DynamoDBIcon,
   elasticsearch: ElasticsearchIcon,
   elevenlabs: ElevenLabsIcon,
+  enrich: EnrichSoIcon,
   exa: ExaAIIcon,
   file_v2: DocumentIcon,
   firecrawl: FirecrawlIcon,

apps/docs/content/docs/en/execution/files.mdx

@@ -1,134 +0,0 @@
----
-title: Passing Files
----
-
-import { Callout } from 'fumadocs-ui/components/callout'
-import { Tab, Tabs } from 'fumadocs-ui/components/tabs'
-
-Sim makes it easy to work with files throughout your workflows. Blocks can receive files, process them, and pass them to other blocks seamlessly.
-
-## File Objects
-
-When blocks output files (like Gmail attachments, generated images, or parsed documents), they return a standardized file object:
-
-```json
-{
-  "name": "report.pdf",
-  "url": "https://...",
-  "base64": "JVBERi0xLjQK...",
-  "type": "application/pdf",
-  "size": 245678
-}
-```
-
-You can access any of these properties when referencing files from previous blocks.
-
-## Passing Files Between Blocks
-
-Reference files from previous blocks using the tag dropdown. Click in any file input field and type `<` to see available outputs.
-
-**Common patterns:**
-
-```
-// Single file from a block
-<gmail.attachments[0]>
-
-// Pass the whole file object
-<file_parser.files[0]>
-
-// Access specific properties
-<gmail.attachments[0].name>
-<gmail.attachments[0].base64>
-```
-
-Most blocks accept the full file object and extract what they need automatically. You don't need to manually extract `base64` or `url` in most cases.
-
-## Triggering Workflows with Files
-
-When calling a workflow via API that expects file input, include files in your request:
-
-<Tabs items={['Base64', 'URL']}>
-  <Tab value="Base64">
-    ```bash
-    curl -X POST "https://sim.ai/api/workflows/YOUR_WORKFLOW_ID/execute" \
-      -H "Content-Type: application/json" \
-      -H "x-api-key: YOUR_API_KEY" \
-      -d '{
-        "document": {
-          "name": "report.pdf",
-          "base64": "JVBERi0xLjQK...",
-          "type": "application/pdf"
-        }
-      }'
-    ```
-  </Tab>
-  <Tab value="URL">
-    ```bash
-    curl -X POST "https://sim.ai/api/workflows/YOUR_WORKFLOW_ID/execute" \
-      -H "Content-Type: application/json" \
-      -H "x-api-key: YOUR_API_KEY" \
-      -d '{
-        "document": {
-          "name": "report.pdf",
-          "url": "https://example.com/report.pdf",
-          "type": "application/pdf"
-        }
-      }'
-    ```
-  </Tab>
-</Tabs>
-
-The workflow's Start block should have an input field configured to receive the file parameter.
-
-## Receiving Files in API Responses
-
-When a workflow outputs files, they're included in the response:
-
-```json
-{
-  "success": true,
-  "output": {
-    "generatedFile": {
-      "name": "output.png",
-      "url": "https://...",
-      "base64": "iVBORw0KGgo...",
-      "type": "image/png",
-      "size": 34567
-    }
-  }
-}
-```
-
-Use `url` for direct downloads or `base64` for inline processing.
-
-## Blocks That Work with Files
-
-**File inputs:**
-- **File** - Parse documents, images, and text files
-- **Vision** - Analyze images with AI models
-- **Mistral Parser** - Extract text from PDFs
-
-**File outputs:**
-- **Gmail** - Email attachments
-- **Slack** - Downloaded files
-- **TTS** - Generated audio files
-- **Video Generator** - Generated videos
-- **Image Generator** - Generated images
-
-**File storage:**
-- **Supabase** - Upload/download from storage
-- **S3** - AWS S3 operations
-- **Google Drive** - Drive file operations
-- **Dropbox** - Dropbox file operations
-
-<Callout type="info">
-  Files are automatically available to downstream blocks. The execution engine handles all file transfer and format conversion.
-</Callout>
-
-## Best Practices
-
-1. **Use file objects directly** - Pass the full file object rather than extracting individual properties. Blocks handle the conversion automatically.
-
-2. **Check file types** - Ensure the file type matches what the receiving block expects. The Vision block needs images, the File block handles documents.
-
-3. **Consider file size** - Large files increase execution time. For very large files, consider using storage blocks (S3, Supabase) for intermediate storage.

apps/docs/content/docs/en/execution/meta.json

@@ -1,3 +1,3 @@
 {
-  "pages": ["index", "basics", "files", "api", "logging", "costs"]
+  "pages": ["index", "basics", "api", "logging", "costs"]
 }

apps/docs/content/docs/en/tools/enrich.mdx

@@ -0,0 +1,930 @@
+---
+title: Enrich
+description: B2B data enrichment and LinkedIn intelligence with Enrich.so
+---
+
+import { BlockInfoCard } from "@/components/ui/block-info-card"
+
+<BlockInfoCard 
+  type="enrich"
+  color="#E5E5E6"
+/>
+
+{/* MANUAL-CONTENT-START:intro */}
+[Enrich.so](https://enrich.so/) delivers real-time, precision B2B data enrichment and LinkedIn intelligence. Its platform provides dynamic access to public and structured company, contact, and professional information, enabling teams to build richer profiles, improve lead quality, and drive more effective outreach.
+
+With Enrich.so, you can:
+
+- **Enrich contact and company profiles**: Instantly discover key data points for leads, prospects, and businesses using just an email or LinkedIn profile.
+- **Verify email deliverability**: Check if emails are valid, deliverable, and safe to contact before sending.
+- **Find work & personal emails**: Identify missing business emails from a LinkedIn profile or personal emails to expand your reach.
+- **Reveal phone numbers and social profiles**: Surface additional communication channels for contacts through enrichment tools.
+- **Analyze LinkedIn posts and engagement**: Extract insights on post reach, reactions, and audience from public LinkedIn content.
+- **Conduct advanced people and company search**: Enable your agents to locate companies and professionals based on deep filters and real-time intelligence.
+
+The Sim integration with Enrich.so empowers your agents and automations to instantly query, enrich, and validate B2B data, boosting productivity in workflows like sales prospecting, recruiting, marketing operations, and more. Combining Sim's orchestration capabilities with Enrich.so unlocks smarter, data-driven automation strategies powered by best-in-class B2B intelligence.
+{/* MANUAL-CONTENT-END */}
+
+
+## Usage Instructions
+
+Access real-time B2B data intelligence with Enrich.so. Enrich profiles from email addresses, find work emails from LinkedIn, verify email deliverability, search for people and companies, and analyze LinkedIn post engagement.
+
+
+
+## Tools
+
+### `enrich_check_credits`
+
+Check your Enrich API credit usage and remaining balance.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `totalCredits` | number | Total credits allocated to the account |
+| `creditsUsed` | number | Credits consumed so far |
+| `creditsRemaining` | number | Available credits remaining |
+
+### `enrich_email_to_profile`
+
+Retrieve detailed LinkedIn profile information using an email address including work history, education, and skills.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to look up \(e.g., john.doe@company.com\) |
+| `inRealtime` | boolean | No | Set to true to retrieve fresh data, bypassing cached information |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `displayName` | string | Full display name |
+| `firstName` | string | First name |
+| `lastName` | string | Last name |
+| `headline` | string | Professional headline |
+| `occupation` | string | Current occupation |
+| `summary` | string | Profile summary |
+| `location` | string | Location |
+| `country` | string | Country |
+| `linkedInUrl` | string | LinkedIn profile URL |
+| `photoUrl` | string | Profile photo URL |
+| `connectionCount` | number | Number of connections |
+| `isConnectionCountObfuscated` | boolean | Whether connection count is obfuscated \(500+\) |
+| `positionHistory` | array | Work experience history |
+|   ↳ `title` | string | Job title |
+|   ↳ `company` | string | Company name |
+|   ↳ `startDate` | string | Start date |
+|   ↳ `endDate` | string | End date |
+|   ↳ `location` | string | Location |
+| `education` | array | Education history |
+|   ↳ `school` | string | School name |
+|   ↳ `degree` | string | Degree |
+|   ↳ `fieldOfStudy` | string | Field of study |
+|   ↳ `startDate` | string | Start date |
+|   ↳ `endDate` | string | End date |
+| `certifications` | array | Professional certifications |
+|   ↳ `name` | string | Certification name |
+|   ↳ `authority` | string | Issuing authority |
+|   ↳ `url` | string | Certification URL |
+| `skills` | array | List of skills |
+| `languages` | array | List of languages |
+| `locale` | string | Profile locale \(e.g., en_US\) |
+| `version` | number | Profile version number |
+
+### `enrich_email_to_person_lite`
+
+Retrieve basic LinkedIn profile information from an email address. A lighter version with essential data only.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to look up \(e.g., john.doe@company.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `name` | string | Full name |
+| `firstName` | string | First name |
+| `lastName` | string | Last name |
+| `email` | string | Email address |
+| `title` | string | Job title |
+| `location` | string | Location |
+| `company` | string | Current company |
+| `companyLocation` | string | Company location |
+| `companyLinkedIn` | string | Company LinkedIn URL |
+| `profileId` | string | LinkedIn profile ID |
+| `schoolName` | string | School name |
+| `schoolUrl` | string | School URL |
+| `linkedInUrl` | string | LinkedIn profile URL |
+| `photoUrl` | string | Profile photo URL |
+| `followerCount` | number | Number of followers |
+| `connectionCount` | number | Number of connections |
+| `languages` | array | Languages spoken |
+| `projects` | array | Projects |
+| `certifications` | array | Certifications |
+| `volunteerExperience` | array | Volunteer experience |
+
+### `enrich_linkedin_profile`
+
+Enrich a LinkedIn profile URL with detailed information including positions, education, and social metrics.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `url` | string | Yes | LinkedIn profile URL \(e.g., linkedin.com/in/williamhgates\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `profileId` | string | LinkedIn profile ID |
+| `firstName` | string | First name |
+| `lastName` | string | Last name |
+| `subTitle` | string | Profile subtitle/headline |
+| `profilePicture` | string | Profile picture URL |
+| `backgroundImage` | string | Background image URL |
+| `industry` | string | Industry |
+| `location` | string | Location |
+| `followersCount` | number | Number of followers |
+| `connectionsCount` | number | Number of connections |
+| `premium` | boolean | Whether the account is premium |
+| `influencer` | boolean | Whether the account is an influencer |
+| `positions` | array | Work positions |
+|   ↳ `title` | string | Job title |
+|   ↳ `company` | string | Company name |
+|   ↳ `companyLogo` | string | Company logo URL |
+|   ↳ `startDate` | string | Start date |
+|   ↳ `endDate` | string | End date |
+|   ↳ `location` | string | Location |
+| `education` | array | Education history |
+|   ↳ `school` | string | School name |
+|   ↳ `degree` | string | Degree |
+|   ↳ `fieldOfStudy` | string | Field of study |
+|   ↳ `startDate` | string | Start date |
+|   ↳ `endDate` | string | End date |
+| `websites` | array | Personal websites |
+
+### `enrich_find_email`
+
+Find a person
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `fullName` | string | Yes | Person's full name \(e.g., John Doe\) |
+| `companyDomain` | string | Yes | Company domain \(e.g., example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Found email address |
+| `firstName` | string | First name |
+| `lastName` | string | Last name |
+| `domain` | string | Company domain |
+| `found` | boolean | Whether an email was found |
+| `acceptAll` | boolean | Whether the domain accepts all emails |
+
+### `enrich_linkedin_to_work_email`
+
+Find a work email address from a LinkedIn profile URL.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `linkedinProfile` | string | Yes | LinkedIn profile URL \(e.g., https://www.linkedin.com/in/williamhgates\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Found work email address |
+| `found` | boolean | Whether an email was found |
+| `status` | string | Request status \(in_progress or completed\) |
+
+### `enrich_linkedin_to_personal_email`
+
+Find personal email address from a LinkedIn profile URL.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `linkedinProfile` | string | Yes | LinkedIn profile URL \(e.g., linkedin.com/in/username\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Personal email address |
+| `found` | boolean | Whether an email was found |
+| `status` | string | Request status |
+
+### `enrich_phone_finder`
+
+Find a phone number from a LinkedIn profile URL.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `linkedinProfile` | string | Yes | LinkedIn profile URL \(e.g., linkedin.com/in/williamhgates\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `profileUrl` | string | LinkedIn profile URL |
+| `mobileNumber` | string | Found mobile phone number |
+| `found` | boolean | Whether a phone number was found |
+| `status` | string | Request status \(in_progress or completed\) |
+
+### `enrich_email_to_phone`
+
+Find a phone number associated with an email address.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to look up \(e.g., john.doe@example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Email address looked up |
+| `mobileNumber` | string | Found mobile phone number |
+| `found` | boolean | Whether a phone number was found |
+| `status` | string | Request status \(in_progress or completed\) |
+
+### `enrich_verify_email`
+
+Verify an email address for deliverability, including catch-all detection and provider identification.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to verify \(e.g., john.doe@example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Email address verified |
+| `status` | string | Verification status |
+| `result` | string | Deliverability result \(deliverable, undeliverable, etc.\) |
+| `confidenceScore` | number | Confidence score \(0-100\) |
+| `smtpProvider` | string | Email service provider \(e.g., Google, Microsoft\) |
+| `mailDisposable` | boolean | Whether the email is from a disposable provider |
+| `mailAcceptAll` | boolean | Whether the domain is a catch-all domain |
+| `free` | boolean | Whether the email uses a free email service |
+
+### `enrich_disposable_email_check`
+
+Check if an email address is from a disposable or temporary email provider. Returns a score and validation details.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to check \(e.g., john.doe@example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Email address checked |
+| `score` | number | Validation score \(0-100\) |
+| `testsPassed` | string | Number of tests passed \(e.g., "3/3"\) |
+| `passed` | boolean | Whether the email passed all validation tests |
+| `reason` | string | Reason for failure if email did not pass |
+| `mailServerIp` | string | Mail server IP address |
+| `mxRecords` | array | MX records for the domain |
+|   ↳ `host` | string | MX record host |
+|   ↳ `pref` | number | MX record preference |
+
+### `enrich_email_to_ip`
+
+Discover an IP address associated with an email address.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `email` | string | Yes | Email address to look up \(e.g., john.doe@example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `email` | string | Email address looked up |
+| `ip` | string | Associated IP address |
+| `found` | boolean | Whether an IP address was found |
+
+### `enrich_ip_to_company`
+
+Identify a company from an IP address with detailed firmographic information.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `ip` | string | Yes | IP address to look up \(e.g., 86.92.60.221\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `name` | string | Company name |
+| `legalName` | string | Legal company name |
+| `domain` | string | Primary domain |
+| `domainAliases` | array | Domain aliases |
+| `sector` | string | Business sector |
+| `industry` | string | Industry |
+| `phone` | string | Phone number |
+| `employees` | number | Number of employees |
+| `revenue` | string | Estimated revenue |
+| `location` | json | Company location |
+|   ↳ `city` | string | City |
+|   ↳ `state` | string | State |
+|   ↳ `country` | string | Country |
+|   ↳ `timezone` | string | Timezone |
+| `linkedInUrl` | string | LinkedIn company URL |
+| `twitterUrl` | string | Twitter URL |
+| `facebookUrl` | string | Facebook URL |
+
+### `enrich_company_lookup`
+
+Look up comprehensive company information by name or domain including funding, location, and social profiles.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `name` | string | No | Company name \(e.g., Google\) |
+| `domain` | string | No | Company domain \(e.g., google.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `name` | string | Company name |
+| `universalName` | string | Universal company name |
+| `companyId` | string | Company ID |
+| `description` | string | Company description |
+| `phone` | string | Phone number |
+| `linkedInUrl` | string | LinkedIn company URL |
+| `websiteUrl` | string | Company website |
+| `followers` | number | Number of LinkedIn followers |
+| `staffCount` | number | Number of employees |
+| `foundedDate` | string | Date founded |
+| `type` | string | Company type |
+| `industries` | array | Industries |
+| `specialties` | array | Company specialties |
+| `headquarters` | json | Headquarters location |
+|   ↳ `city` | string | City |
+|   ↳ `country` | string | Country |
+|   ↳ `postalCode` | string | Postal code |
+|   ↳ `line1` | string | Address line 1 |
+| `logo` | string | Company logo URL |
+| `coverImage` | string | Cover image URL |
+| `fundingRounds` | array | Funding history |
+|   ↳ `roundType` | string | Funding round type |
+|   ↳ `amount` | number | Amount raised |
+|   ↳ `currency` | string | Currency |
+|   ↳ `investors` | array | Investors |
+
+### `enrich_company_funding`
+
+Retrieve company funding history, traffic metrics, and executive information by domain.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `domain` | string | Yes | Company domain \(e.g., example.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `legalName` | string | Legal company name |
+| `employeeCount` | number | Number of employees |
+| `headquarters` | string | Headquarters location |
+| `industry` | string | Industry |
+| `totalFundingRaised` | number | Total funding raised |
+| `fundingRounds` | array | Funding rounds |
+|   ↳ `roundType` | string | Round type |
+|   ↳ `amount` | number | Amount raised |
+|   ↳ `date` | string | Date |
+|   ↳ `investors` | array | Investors |
+| `monthlyVisits` | number | Monthly website visits |
+| `trafficChange` | number | Traffic change percentage |
+| `itSpending` | number | Estimated IT spending in USD |
+| `executives` | array | Executive team |
+|   ↳ `name` | string | Name |
+|   ↳ `title` | string | Title |
+
+### `enrich_company_revenue`
+
+Retrieve company revenue data, CEO information, and competitive analysis by domain.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `domain` | string | Yes | Company domain \(e.g., clay.io\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `companyName` | string | Company name |
+| `shortDescription` | string | Short company description |
+| `fullSummary` | string | Full company summary |
+| `revenue` | string | Company revenue |
+| `revenueMin` | number | Minimum revenue estimate |
+| `revenueMax` | number | Maximum revenue estimate |
+| `employeeCount` | number | Number of employees |
+| `founded` | string | Year founded |
+| `ownership` | string | Ownership type |
+| `status` | string | Company status \(e.g., Active\) |
+| `website` | string | Company website URL |
+| `ceo` | json | CEO information |
+|   ↳ `name` | string | CEO name |
+|   ↳ `designation` | string | CEO designation/title |
+|   ↳ `rating` | number | CEO rating |
+| `socialLinks` | json | Social media links |
+|   ↳ `linkedIn` | string | LinkedIn URL |
+|   ↳ `twitter` | string | Twitter URL |
+|   ↳ `facebook` | string | Facebook URL |
+| `totalFunding` | string | Total funding raised |
+| `fundingRounds` | number | Number of funding rounds |
+| `competitors` | array | Competitors |
+|   ↳ `name` | string | Competitor name |
+|   ↳ `revenue` | string | Revenue |
+|   ↳ `employeeCount` | number | Employee count |
+|   ↳ `headquarters` | string | Headquarters |
+
+### `enrich_search_people`
+
+Search for professionals by various criteria including name, title, skills, education, and company.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `firstName` | string | No | First name |
+| `lastName` | string | No | Last name |
+| `summary` | string | No | Professional summary keywords |
+| `subTitle` | string | No | Job title/subtitle |
+| `locationCountry` | string | No | Country |
+| `locationCity` | string | No | City |
+| `locationState` | string | No | State/province |
+| `influencer` | boolean | No | Filter for influencers only |
+| `premium` | boolean | No | Filter for premium accounts only |
+| `language` | string | No | Primary language |
+| `industry` | string | No | Industry |
+| `currentJobTitles` | json | No | Current job titles \(array\) |
+| `pastJobTitles` | json | No | Past job titles \(array\) |
+| `skills` | json | No | Skills to search for \(array\) |
+| `schoolNames` | json | No | School names \(array\) |
+| `certifications` | json | No | Certifications to filter by \(array\) |
+| `degreeNames` | json | No | Degree names to filter by \(array\) |
+| `studyFields` | json | No | Fields of study to filter by \(array\) |
+| `currentCompanies` | json | No | Current company IDs to filter by \(array of numbers\) |
+| `pastCompanies` | json | No | Past company IDs to filter by \(array of numbers\) |
+| `currentPage` | number | No | Page number \(default: 1\) |
+| `pageSize` | number | No | Results per page \(default: 20\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `currentPage` | number | Current page number |
+| `totalPage` | number | Total number of pages |
+| `pageSize` | number | Results per page |
+| `profiles` | array | Search results |
+|   ↳ `profileIdentifier` | string | Profile ID |
+|   ↳ `givenName` | string | First name |
+|   ↳ `familyName` | string | Last name |
+|   ↳ `currentPosition` | string | Current job title |
+|   ↳ `profileImage` | string | Profile image URL |
+|   ↳ `externalProfileUrl` | string | LinkedIn URL |
+|   ↳ `city` | string | City |
+|   ↳ `country` | string | Country |
+|   ↳ `expertSkills` | array | Skills |
+
+### `enrich_search_company`
+
+Search for companies by various criteria including name, industry, location, and size.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `name` | string | No | Company name |
+| `website` | string | No | Company website URL |
+| `tagline` | string | No | Company tagline |
+| `type` | string | No | Company type \(e.g., Private, Public\) |
+| `description` | string | No | Company description keywords |
+| `industries` | json | No | Industries to filter by \(array\) |
+| `locationCountry` | string | No | Country |
+| `locationCity` | string | No | City |
+| `postalCode` | string | No | Postal code |
+| `locationCountryList` | json | No | Multiple countries to filter by \(array\) |
+| `locationCityList` | json | No | Multiple cities to filter by \(array\) |
+| `specialities` | json | No | Company specialties \(array\) |
+| `followers` | number | No | Minimum number of followers |
+| `staffCount` | number | No | Maximum staff count |
+| `staffCountMin` | number | No | Minimum staff count |
+| `staffCountMax` | number | No | Maximum staff count |
+| `currentPage` | number | No | Page number \(default: 1\) |
+| `pageSize` | number | No | Results per page \(default: 20\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `currentPage` | number | Current page number |
+| `totalPage` | number | Total number of pages |
+| `pageSize` | number | Results per page |
+| `companies` | array | Search results |
+|   ↳ `companyName` | string | Company name |
+|   ↳ `tagline` | string | Company tagline |
+|   ↳ `webAddress` | string | Website URL |
+|   ↳ `industries` | array | Industries |
+|   ↳ `teamSize` | number | Team size |
+|   ↳ `linkedInProfile` | string | LinkedIn URL |
+
+### `enrich_search_company_employees`
+
+Search for employees within specific companies by location and job title.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `companyIds` | json | No | Array of company IDs to search within |
+| `country` | string | No | Country filter \(e.g., United States\) |
+| `city` | string | No | City filter \(e.g., San Francisco\) |
+| `state` | string | No | State filter \(e.g., California\) |
+| `jobTitles` | json | No | Job titles to filter by \(array\) |
+| `page` | number | No | Page number \(default: 1\) |
+| `pageSize` | number | No | Results per page \(default: 10\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `currentPage` | number | Current page number |
+| `totalPage` | number | Total number of pages |
+| `pageSize` | number | Number of results per page |
+| `profiles` | array | Employee profiles |
+|   ↳ `profileIdentifier` | string | Profile ID |
+|   ↳ `givenName` | string | First name |
+|   ↳ `familyName` | string | Last name |
+|   ↳ `currentPosition` | string | Current job title |
+|   ↳ `profileImage` | string | Profile image URL |
+|   ↳ `externalProfileUrl` | string | LinkedIn URL |
+|   ↳ `city` | string | City |
+|   ↳ `country` | string | Country |
+|   ↳ `expertSkills` | array | Skills |
+
+### `enrich_search_similar_companies`
+
+Find companies similar to a given company by LinkedIn URL with filters for location and size.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `url` | string | Yes | LinkedIn company URL \(e.g., linkedin.com/company/google\) |
+| `accountLocation` | json | No | Filter by locations \(array of country names\) |
+| `employeeSizeType` | string | No | Employee size filter type \(e.g., RANGE\) |
+| `employeeSizeRange` | json | No | Employee size ranges \(array of \{start, end\} objects\) |
+| `page` | number | No | Page number \(default: 1\) |
+| `num` | number | No | Number of results per page |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `companies` | array | Similar companies |
+|   ↳ `url` | string | LinkedIn URL |
+|   ↳ `name` | string | Company name |
+|   ↳ `universalName` | string | Universal name |
+|   ↳ `type` | string | Company type |
+|   ↳ `description` | string | Description |
+|   ↳ `phone` | string | Phone number |
+|   ↳ `website` | string | Website URL |
+|   ↳ `logo` | string | Logo URL |
+|   ↳ `foundedYear` | number | Year founded |
+|   ↳ `staffTotal` | number | Total staff |
+|   ↳ `industries` | array | Industries |
+|   ↳ `relevancyScore` | number | Relevancy score |
+|   ↳ `relevancyValue` | string | Relevancy value |
+
+### `enrich_sales_pointer_people`
+
+Advanced people search with complex filters for location, company size, seniority, experience, and more.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `page` | number | Yes | Page number \(starts at 1\) |
+| `filters` | json | Yes | Array of filter objects. Each filter has type \(e.g., POSTAL_CODE, COMPANY_HEADCOUNT\), values \(array with id, text, selectionType: INCLUDED/EXCLUDED\), and optional selectedSubFilter |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `data` | array | People results |
+|   ↳ `name` | string | Full name |
+|   ↳ `summary` | string | Professional summary |
+|   ↳ `location` | string | Location |
+|   ↳ `profilePicture` | string | Profile picture URL |
+|   ↳ `linkedInUrn` | string | LinkedIn URN |
+|   ↳ `positions` | array | Work positions |
+|   ↳ `education` | array | Education |
+| `pagination` | json | Pagination info |
+|   ↳ `totalCount` | number | Total results |
+|   ↳ `returnedCount` | number | Returned count |
+|   ↳ `start` | number | Start position |
+|   ↳ `limit` | number | Limit |
+
+### `enrich_search_posts`
+
+Search LinkedIn posts by keywords with date filtering.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `keywords` | string | Yes | Search keywords \(e.g., "AI automation"\) |
+| `datePosted` | string | No | Time filter \(e.g., past_week, past_month\) |
+| `page` | number | No | Page number \(default: 1\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `count` | number | Total number of results |
+| `posts` | array | Search results |
+|   ↳ `url` | string | Post URL |
+|   ↳ `postId` | string | Post ID |
+|   ↳ `author` | object | Author information |
+|     ↳ `name` | string | Author name |
+|     ↳ `headline` | string | Author headline |
+|     ↳ `linkedInUrl` | string | Author LinkedIn URL |
+|     ↳ `profileImage` | string | Author profile image |
+|   ↳ `timestamp` | string | Post timestamp |
+|   ↳ `textContent` | string | Post text content |
+|   ↳ `hashtags` | array | Hashtags |
+|   ↳ `mediaUrls` | array | Media URLs |
+|   ↳ `reactions` | number | Number of reactions |
+|   ↳ `commentsCount` | number | Number of comments |
+
+### `enrich_get_post_details`
+
+Get detailed information about a LinkedIn post by URL.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `url` | string | Yes | LinkedIn post URL |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `postId` | string | Post ID |
+| `author` | json | Author information |
+|   ↳ `name` | string | Author name |
+|   ↳ `headline` | string | Author headline |
+|   ↳ `linkedInUrl` | string | Author LinkedIn URL |
+|   ↳ `profileImage` | string | Author profile image |
+| `timestamp` | string | Post timestamp |
+| `textContent` | string | Post text content |
+| `hashtags` | array | Hashtags |
+| `mediaUrls` | array | Media URLs |
+| `reactions` | number | Number of reactions |
+| `commentsCount` | number | Number of comments |
+
+### `enrich_search_post_reactions`
+
+Get reactions on a LinkedIn post with filtering by reaction type.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `postUrn` | string | Yes | LinkedIn activity URN \(e.g., urn:li:activity:7231931952839196672\) |
+| `reactionType` | string | Yes | Reaction type filter: all, like, love, celebrate, insightful, or funny \(default: all\) |
+| `page` | number | Yes | Page number \(starts at 1\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `page` | number | Current page number |
+| `totalPage` | number | Total number of pages |
+| `count` | number | Number of reactions returned |
+| `reactions` | array | Reactions |
+|   ↳ `reactionType` | string | Type of reaction |
+|   ↳ `reactor` | object | Person who reacted |
+|     ↳ `name` | string | Name |
+|     ↳ `subTitle` | string | Job title |
+|     ↳ `profileId` | string | Profile ID |
+|     ↳ `profilePicture` | string | Profile picture URL |
+|     ↳ `linkedInUrl` | string | LinkedIn URL |
+
+### `enrich_search_post_comments`
+
+Get comments on a LinkedIn post.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `postUrn` | string | Yes | LinkedIn activity URN \(e.g., urn:li:activity:7191163324208705536\) |
+| `page` | number | No | Page number \(starts at 1, default: 1\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `page` | number | Current page number |
+| `totalPage` | number | Total number of pages |
+| `count` | number | Number of comments returned |
+| `comments` | array | Comments |
+|   ↳ `activityId` | string | Comment activity ID |
+|   ↳ `commentary` | string | Comment text |
+|   ↳ `linkedInUrl` | string | Link to comment |
+|   ↳ `commenter` | object | Commenter info |
+|     ↳ `profileId` | string | Profile ID |
+|     ↳ `firstName` | string | First name |
+|     ↳ `lastName` | string | Last name |
+|     ↳ `subTitle` | string | Subtitle/headline |
+|     ↳ `profilePicture` | string | Profile picture URL |
+|     ↳ `backgroundImage` | string | Background image URL |
+|     ↳ `entityUrn` | string | Entity URN |
+|     ↳ `objectUrn` | string | Object URN |
+|     ↳ `profileType` | string | Profile type |
+|   ↳ `reactionBreakdown` | object | Reactions on the comment |
+|     ↳ `likes` | number | Number of likes |
+|     ↳ `empathy` | number | Number of empathy reactions |
+|     ↳ `other` | number | Number of other reactions |
+
+### `enrich_search_people_activities`
+
+Get a person
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `profileId` | string | Yes | LinkedIn profile ID |
+| `activityType` | string | Yes | Activity type: posts, comments, or articles |
+| `paginationToken` | string | No | Pagination token for next page of results |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `paginationToken` | string | Token for fetching next page |
+| `activityType` | string | Type of activities returned |
+| `activities` | array | Activities |
+|   ↳ `activityId` | string | Activity ID |
+|   ↳ `commentary` | string | Activity text content |
+|   ↳ `linkedInUrl` | string | Link to activity |
+|   ↳ `timeElapsed` | string | Time elapsed since activity |
+|   ↳ `numReactions` | number | Total number of reactions |
+|   ↳ `author` | object | Activity author info |
+|     ↳ `name` | string | Author name |
+|     ↳ `profileId` | string | Profile ID |
+|     ↳ `profilePicture` | string | Profile picture URL |
+|   ↳ `reactionBreakdown` | object | Reactions |
+|     ↳ `likes` | number | Likes |
+|     ↳ `empathy` | number | Empathy reactions |
+|     ↳ `other` | number | Other reactions |
+|   ↳ `attachments` | array | Attachment URLs |
+
+### `enrich_search_company_activities`
+
+Get a company
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `companyId` | string | Yes | LinkedIn company ID |
+| `activityType` | string | Yes | Activity type: posts, comments, or articles |
+| `paginationToken` | string | No | Pagination token for next page of results |
+| `offset` | number | No | Number of records to skip \(default: 0\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `paginationToken` | string | Token for fetching next page |
+| `activityType` | string | Type of activities returned |
+| `activities` | array | Activities |
+|   ↳ `activityId` | string | Activity ID |
+|   ↳ `commentary` | string | Activity text content |
+|   ↳ `linkedInUrl` | string | Link to activity |
+|   ↳ `timeElapsed` | string | Time elapsed since activity |
+|   ↳ `numReactions` | number | Total number of reactions |
+|   ↳ `author` | object | Activity author info |
+|     ↳ `name` | string | Author name |
+|     ↳ `profileId` | string | Profile ID |
+|     ↳ `profilePicture` | string | Profile picture URL |
+|   ↳ `reactionBreakdown` | object | Reactions |
+|     ↳ `likes` | number | Likes |
+|     ↳ `empathy` | number | Empathy reactions |
+|     ↳ `other` | number | Other reactions |
+|   ↳ `attachments` | array | Attachments |
+
+### `enrich_reverse_hash_lookup`
+
+Convert an MD5 email hash back to the original email address and display name.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `hash` | string | Yes | MD5 hash value to look up |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `hash` | string | MD5 hash that was looked up |
+| `email` | string | Original email address |
+| `displayName` | string | Display name associated with the email |
+| `found` | boolean | Whether an email was found for the hash |
+
+### `enrich_search_logo`
+
+Get a company logo image URL by domain.
+
+#### Input
+
+| Parameter | Type | Required | Description |
+| --------- | ---- | -------- | ----------- |
+| `apiKey` | string | Yes | Enrich API key |
+| `url` | string | Yes | Company domain \(e.g., google.com\) |
+
+#### Output
+
+| Parameter | Type | Description |
+| --------- | ---- | ----------- |
+| `logoUrl` | string | URL to fetch the company logo |
+| `domain` | string | Domain that was looked up |
+
+

apps/docs/content/docs/en/tools/github.mdx

@@ -10,6 +10,23 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
   color="#181C1E"
 />
 
+{/* MANUAL-CONTENT-START:intro */}
+[GitHub](https://github.com/) is the world’s leading platform for hosting, collaborating on, and managing source code. GitHub offers powerful tools for version control, code review, branching strategies, and team collaboration within the rich Git ecosystem, underpinning both open source and enterprise development worldwide.
+
+The GitHub integration in Sim allows your agents to seamlessly automate, interact with, and orchestrate workflows across your repositories. Using this integration, agents can perform an extended set of code and collaboration operations, enabling:
+
+- **Fetch pull request details:** Retrieve a full overview of any pull request, including file diffs, branch information, metadata, approvals, and a summary of changes, for automation or review workflows.
+- **Create pull request comments:** Automatically generate or post comments on PRs—such as reviews, suggestions, or status updates—enabling speedy feedback, documentation, or policy enforcement.
+- **Get repository information:** Access comprehensive repository metadata, including descriptions, visibility, topics, default branches, and contributors. This supports intelligent project analysis, dynamic workflow routing, and organizational reporting.
+- **Fetch the latest commit:** Quickly obtain details from the newest commit on any branch, including hashes, messages, authors, and timestamps. This is useful for monitoring development velocity, triggering downstream actions, or enforcing quality checks.
+- **Trigger workflows from GitHub events:** Set up Sim workflows to start automatically from key GitHub events, including pull request creation, review comments, or when new commits are pushed, through easy webhook integration. Automate actions such as deployments, notifications, compliance checks, or documentation updates in real time.
+- **Monitor and manage repository activity:** Programmatically track contributions, manage PR review states, analyze branch histories, and audit code changes. Empower agents to enforce requirements, coordinate releases, and respond dynamically to development patterns.
+- **Support for advanced automations:** Combine these operations—for example, fetch PR data, leave context-aware comments, and kick off multi-step Sim workflows on code pushes or PR merges—to automate your team’s engineering processes from end to end.
+
+By leveraging all of these capabilities, the Sim GitHub integration enables agents to engage deeply in the development lifecycle. Automate code reviews, streamline team feedback, synchronize project artifacts, accelerate CI/CD, and enforce best practices with ease. Bring security, speed, and reliability to your workflows—directly within your Sim-powered automation environment, with full integration into your organization’s GitHub strategy.
+{/* MANUAL-CONTENT-END */}
+
+
 ## Usage Instructions
 
 Integrate Github into the workflow. Can get get PR details, create PR comment, get repository info, and get latest commit. Can be used in trigger mode to trigger a workflow when a PR is created, commented on, or a commit is pushed.

apps/docs/content/docs/en/tools/google_docs.mdx

@@ -11,55 +11,17 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
 />
 
 {/* MANUAL-CONTENT-START:intro */}
-[Google Docs](https://docs.google.com) is a powerful cloud-based document creation and editing service that allows users to create, edit, and collaborate on documents in real-time. As part of Google's productivity suite, Google Docs offers a versatile platform for text documents with robust formatting, commenting, and sharing capabilities.
+[Google Docs](https://docs.google.com) is Google’s collaborative, cloud-based document service, enabling users to create, edit, and share documents in real time. As an integral part of Google Workspace, Docs offers rich formatting tools, commenting, version history, and seamless integration with other Google productivity tools.
 
-Learn how to integrate the Google Docs "Read" tool in Sim to effortlessly fetch data from your docs and to integrate into your workflows. This tutorial walks you through connecting Google Docs, setting up data reads, and using that information to automate processes in real-time. Perfect for syncing live data with your agents.
+Google Docs empowers individuals and teams to:
 
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/f41gy9rBHhE"
-  title="Use the Google Docs Read tool in Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
+- **Create and format documents:** Develop rich text documents with advanced formatting, images, and tables.
+- **Collaborate and comment:** Multiple users can edit and comment with suggestions instantly.
+- **Track changes and version history:** Review, revert, and manage revisions over time.
+- **Access from any device:** Work on documents from web, mobile, or desktop with full cloud synchronization.
+- **Integrate across Google services:** Connect Docs with Drive, Sheets, Slides, and external platforms for powerful workflows.
 
-Learn how to integrate the Google Docs "Update" tool in Sim to effortlessly add content in your docs through your workflows. This tutorial walks you through connecting Google Docs, configuring data writes, and using that information to automate document updates seamlessly. Perfect for maintaining dynamic, real-time documentation with minimal effort.
-
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/L64ROHS2ivA"
-  title="Use the Google Docs Update tool in Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
-
-Learn how to integrate the Google Docs "Create" tool in Sim to effortlessly generate new documents through your workflows. This tutorial walks you through connecting Google Docs, setting up document creation, and using workflow data to populate content automatically. Perfect for streamlining document generation and enhancing productivity.
-
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/lWpHH4qddWk"
-  title="Use the Google Docs Create tool in Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
-
-With Google Docs, you can:
-
-- **Create and edit documents**: Develop text documents with comprehensive formatting options
-- **Collaborate in real-time**: Work simultaneously with multiple users on the same document
-- **Track changes**: View revision history and restore previous versions
-- **Comment and suggest**: Provide feedback and propose edits without changing the original content
-- **Access anywhere**: Use Google Docs across devices with automatic cloud synchronization
-- **Work offline**: Continue working without internet connection with changes syncing when back online
-- **Integrate with other services**: Connect with Google Drive, Sheets, Slides, and third-party applications
-
-In Sim, the Google Docs integration enables your agents to interact directly with document content programmatically. This allows for powerful automation scenarios such as document creation, content extraction, collaborative editing, and document management. Your agents can read existing documents to extract information, write to documents to update content, and create new documents from scratch. This integration bridges the gap between your AI workflows and document management, enabling seamless interaction with one of the world's most widely used document platforms. By connecting Sim with Google Docs, you can automate document workflows, generate reports, extract insights from documents, and maintain documentation - all through your intelligent agents.
+In Sim, the Google Docs integration allows your agents to read document content, write new content, and create documents programmatically as part of automated workflows. This integration unlocks automation such as document generation, report writing, content extraction, and collaborative editing—bridging the gap between AI-driven workflows and document management in your organization.
 {/* MANUAL-CONTENT-END */}
 
 

apps/docs/content/docs/en/tools/google_drive.mdx

@@ -11,30 +11,18 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
 />
 
 {/* MANUAL-CONTENT-START:intro */}
-[Google Drive](https://drive.google.com) is Google's cloud storage and file synchronization service that allows users to store files, synchronize files across devices, and share files with others. As a core component of Google's productivity ecosystem, Google Drive offers robust storage, organization, and collaboration capabilities.
+[Google Drive](https://drive.google.com) is Google’s cloud-based file storage and synchronization service, making it easy to store, manage, share, and access files securely across devices and platforms. As a core element of Google Workspace, Google Drive offers robust tools for file organization, collaboration, and seamless integration with the broader productivity suite.
 
-Learn how to integrate the Google Drive tool in Sim to effortlessly pull information from your Drive through your workflows. This tutorial walks you through connecting Google Drive, setting up data retrieval, and using stored documents and files to enhance automation. Perfect for syncing important data with your agents in real-time.
+Google Drive enables individuals and teams to:
 
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/cRoRr4b-EAs"
-  title="Use the Google Drive tool in Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
+- **Store files in the cloud:** Access documents, images, videos, and more from anywhere with internet connectivity.
+- **Organize and manage content:** Create and arrange folders, use naming conventions, and leverage search for fast retrieval.
+- **Share and collaborate:** Control file and folder permissions, share with individuals or groups, and collaborate in real time.
+- **Leverage powerful search:** Quickly locate files using Google’s search technology.
+- **Access across devices:** Work with your files on desktop, mobile, or web with full synchronization.
+- **Integrate deeply across Google services:** Connect with Google Docs, Sheets, Slides, and partner applications in your workflows.
 
-With Google Drive, you can:
-
-- **Store files in the cloud**: Upload and access your files from anywhere with internet access
-- **Organize content**: Create folders, use color coding, and implement naming conventions
-- **Share and collaborate**: Control access permissions and work simultaneously on files
-- **Search efficiently**: Find files quickly with Google's powerful search technology
-- **Access across devices**: Use Google Drive on desktop, mobile, and web platforms
-- **Integrate with other services**: Connect with Google Docs, Sheets, Slides, and third-party applications
-
-In Sim, the Google Drive integration enables your agents to interact directly with your cloud storage programmatically. This allows for powerful automation scenarios such as file management, content organization, and document workflows. Your agents can upload new files to specific folders, download existing files to process their contents, and list folder contents to navigate your storage structure. This integration bridges the gap between your AI workflows and your document management system, enabling seamless file operations without manual intervention. By connecting Sim with Google Drive, you can automate file-based workflows, manage documents intelligently, and incorporate cloud storage operations into your agent's capabilities.
+In Sim, the Google Drive integration allows your agents to read, upload, download, list, and organize your Drive files programmatically. Agents can automate file management, streamline content workflows, and enable no-code automation around document storage and retrieval. By connecting Sim with Google Drive, you empower your agents to incorporate cloud file operations directly into intelligent business processes.
 {/* MANUAL-CONTENT-END */}
 
 

apps/docs/content/docs/en/tools/google_search.mdx

@@ -11,29 +11,9 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
 />
 
 {/* MANUAL-CONTENT-START:intro */}
-[Google Search](https://www.google.com) is the world's most widely used search engine, providing access to billions of web pages and information sources. Google Search uses sophisticated algorithms to deliver relevant search results based on user queries, making it an essential tool for finding information on the internet.
+[Google Search](https://www.google.com) is the world's most widely used web search engine, making it easy to find information, discover new content, and answer questions in real time. With advanced search algorithms, Google Search helps you quickly locate web pages, images, news, and more using simple or complex queries.
 
-Learn how to integrate the Google Search tool in Sim to effortlessly fetch real-time search results through your workflows. This tutorial walks you through connecting Google Search, configuring search queries, and using live data to enhance automation. Perfect for powering your agents with up-to-date information and smarter decision-making.
-
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/1B7hV9b5UMQ"
-  title="Use the Google Search tool in Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
-
-With Google Search, you can:
-
-- **Find relevant information**: Access billions of web pages with Google's powerful search algorithms
-- **Get specific results**: Use search operators to refine and target your queries
-- **Discover diverse content**: Find text, images, videos, news, and other content types
-- **Access knowledge graphs**: Get structured information about people, places, and things
-- **Utilize search features**: Take advantage of specialized search tools like calculators, unit converters, and more
-
-In Sim, the Google Search integration enables your agents to search the web programmatically and incorporate search results into their workflows. This allows for powerful automation scenarios such as research, fact-checking, data gathering, and information synthesis. Your agents can formulate search queries, retrieve relevant results, and extract information from those results to make decisions or generate insights. This integration bridges the gap between your AI workflows and the vast information available on the web, enabling your agents to access up-to-date information from across the internet. By connecting Sim with Google Search, you can create agents that stay informed with the latest information, verify facts, conduct research, and provide users with relevant web content - all without leaving your workflow.
+In Sim, the Google Search integration allows your agents to search the web and retrieve live information as part of automated workflows. This enables powerful use cases such as automated research, fact-checking, knowledge synthesis, and dynamic content discovery. By connecting Sim with Google Search, your agents can perform queries, process and analyze web results, and incorporate the latest information into their decisions—without manual effort. Enhance your workflows with always up-to-date knowledge from across the internet.
 {/* MANUAL-CONTENT-END */}
 
 

apps/docs/content/docs/en/tools/memory.mdx

@@ -10,6 +10,20 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
   color="#F64F9E"
 />
 
+{/* MANUAL-CONTENT-START:intro */}
+The Memory tool enables your agents to store, retrieve, and manage conversation memories across workflows. It acts as a persistent memory store that agents can access to maintain conversation context, recall facts, or track actions over time.
+
+With the Memory tool, you can:
+
+- **Add new memories**: Store relevant information, events, or conversation history by saving agent or user messages into a structured memory database
+- **Retrieve memories**: Fetch specific memories or all memories tied to a conversation, helping agents recall previous interactions or facts
+- **Delete memories**: Remove outdated or incorrect memories from the database to maintain accurate context
+- **Append to existing conversations**: Update or expand on existing memory threads by appending new messages with the same conversation identifier
+
+Sim’s Memory block is especially useful for building agents that require persistent state—helping them remember what was said earlier in a conversation, persist facts between tasks, or apply long-term history in decision-making. By integrating Memory, you enable richer, more contextual, and more dynamic workflows for your agents.
+{/* MANUAL-CONTENT-END */}
+
+
 ## Usage Instructions
 
 Integrate Memory into the workflow. Can add, get a memory, get all memories, and delete memories.

apps/docs/content/docs/en/tools/meta.json

@@ -24,6 +24,7 @@
     "dynamodb",
     "elasticsearch",
     "elevenlabs",
+    "enrich",
     "exa",
     "file",
     "firecrawl",

apps/docs/content/docs/en/tools/notion.mdx

@@ -10,6 +10,21 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
   color="#181C1E"
 />
 
+{/* MANUAL-CONTENT-START:intro */}
+The Notion tool integration enables your agents to read, create, and manage Notion pages and databases directly within your workflows. This allows you to automate the retrieval and updating of structured content, notes, documents, and more from your Notion workspace.
+
+With the Notion tool, you can:
+
+- **Read pages or databases**: Extract rich content or metadata from specified Notion pages or entire databases
+- **Create new content**: Programmatically create new pages or databases for dynamic content generation
+- **Append content**: Add new blocks or properties to existing pages and databases
+- **Query databases**: Run advanced filters and searches on structured Notion data for custom workflows
+- **Search your workspace**: Locate pages and databases across your Notion workspace automatically
+
+This tool is ideal for scenarios where agents need to synchronize information, generate reports, or maintain structured notes within Notion. By bringing Notion's capabilities into automated workflows, you empower your agents to interface with knowledge, documentation, and project management data programmatically and seamlessly.
+{/* MANUAL-CONTENT-END */}
+
+
 ## Usage Instructions
 
 Integrate with Notion into the workflow. Can read page, read database, create page, create database, append content, query database, and search workspace.

apps/docs/content/docs/en/tools/slack.mdx

@@ -13,16 +13,6 @@ import { BlockInfoCard } from "@/components/ui/block-info-card"
 {/* MANUAL-CONTENT-START:intro */}
 [Slack](https://www.slack.com/) is a business communication platform that offers teams a unified place for messaging, tools, and files.
 
-<iframe
-  width="100%"
-  height="400"
-  src="https://www.youtube.com/embed/J5jz3UaWmE8"
-  title="Slack Integration with Sim"
-  frameBorder="0"
-  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
-  allowFullScreen
-></iframe>
-
 With Slack, you can:
 
 - **Automate agent notifications**: Send real-time updates from your Sim agents to any Slack channel

apps/sim/app/api/a2a/serve/[agentId]/route.ts

@@ -16,7 +16,7 @@ import {
 import { checkHybridAuth } from '@/lib/auth/hybrid'
 import { getBrandConfig } from '@/lib/branding/branding'
 import { acquireLock, getRedisClient, releaseLock } from '@/lib/core/config/redis'
-import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
+import { validateExternalUrl } from '@/lib/core/security/input-validation'
 import { SSE_HEADERS } from '@/lib/core/utils/sse'
 import { getBaseUrl } from '@/lib/core/utils/urls'
 import { markExecutionCancelled } from '@/lib/execution/cancellation'
@@ -1119,7 +1119,7 @@ async function handlePushNotificationSet(
     )
   }
 
-  const urlValidation = await validateUrlWithDNS(
+  const urlValidation = validateExternalUrl(
     params.pushNotificationConfig.url,
     'Push notification URL'
   )

apps/sim/app/api/files/parse/route.ts

@@ -6,11 +6,7 @@ import { createLogger } from '@sim/logger'
 import binaryExtensionsList from 'binary-extensions'
 import { type NextRequest, NextResponse } from 'next/server'
 import { checkHybridAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { sanitizeUrlForLog } from '@/lib/core/utils/logging'
+import { secureFetchWithPinnedIP, validateUrlWithDNS } from '@/lib/core/security/input-validation'
 import { isSupportedFileType, parseFile } from '@/lib/file-parsers'
 import { isUsingCloudStorage, type StorageContext, StorageService } from '@/lib/uploads'
 import { uploadExecutionFile } from '@/lib/uploads/contexts/execution'
@@ -23,7 +19,6 @@ import {
   getMimeTypeFromExtension,
   getViewerUrl,
   inferContextFromKey,
-  isInternalFileUrl,
 } from '@/lib/uploads/utils/file-utils'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
 import { verifyFileAccess } from '@/app/api/files/authorization'
@@ -220,7 +215,7 @@ async function parseFileSingle(
     }
   }
 
-  if (isInternalFileUrl(filePath)) {
+  if (filePath.includes('/api/files/serve/')) {
     return handleCloudFile(filePath, fileType, undefined, userId, executionContext)
   }
 
@@ -251,7 +246,7 @@ function validateFilePath(filePath: string): { isValid: boolean; error?: string
     return { isValid: false, error: 'Invalid path: tilde character not allowed' }
   }
 
-  if (filePath.startsWith('/') && !isInternalFileUrl(filePath)) {
+  if (filePath.startsWith('/') && !filePath.startsWith('/api/files/serve/')) {
     return { isValid: false, error: 'Path outside allowed directory' }
   }
 
@@ -425,7 +420,7 @@ async function handleExternalUrl(
 
     return parseResult
   } catch (error) {
-    logger.error(`Error handling external URL ${sanitizeUrlForLog(url)}:`, error)
+    logger.error(`Error handling external URL ${url}:`, error)
     return {
       success: false,
       error: `Error fetching URL: ${(error as Error).message}`,

apps/sim/app/api/tools/a2a/send-message/route.ts

@@ -4,7 +4,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient, extractTextContent, isTerminalState } from '@/lib/a2a/utils'
 import { checkHybridAuth } from '@/lib/auth/hybrid'
-import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
 
 export const dynamic = 'force-dynamic'
@@ -96,14 +95,6 @@ export async function POST(request: NextRequest) {
     if (validatedData.files && validatedData.files.length > 0) {
       for (const file of validatedData.files) {
         if (file.type === 'url') {
-          const urlValidation = await validateUrlWithDNS(file.data, 'fileUrl')
-          if (!urlValidation.isValid) {
-            return NextResponse.json(
-              { success: false, error: urlValidation.error },
-              { status: 400 }
-            )
-          }
-
           const filePart: FilePart = {
             kind: 'file',
             file: {

apps/sim/app/api/tools/a2a/set-push-notification/route.ts

@@ -3,7 +3,7 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createA2AClient } from '@/lib/a2a/utils'
 import { checkHybridAuth } from '@/lib/auth/hybrid'
-import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
+import { validateExternalUrl } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
 
 export const dynamic = 'force-dynamic'
@@ -40,7 +40,7 @@ export async function POST(request: NextRequest) {
     const body = await request.json()
     const validatedData = A2ASetPushNotificationSchema.parse(body)
 
-    const urlValidation = await validateUrlWithDNS(validatedData.webhookUrl, 'Webhook URL')
+    const urlValidation = validateExternalUrl(validatedData.webhookUrl, 'Webhook URL')
     if (!urlValidation.isValid) {
       logger.warn(`[${requestId}] Invalid webhook URL`, { error: urlValidation.error })
       return NextResponse.json(

apps/sim/app/api/tools/confluence/upload-attachment/route.ts

@@ -92,9 +92,6 @@ export async function POST(request: NextRequest) {
       formData.append('comment', comment)
     }
 
-    // Add minorEdit field as required by Confluence API
-    formData.append('minorEdit', 'false')
-
     const response = await fetch(url, {
       method: 'POST',
       headers: {

apps/sim/app/api/tools/discord/send-message/route.ts

@@ -4,7 +4,6 @@ import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { validateNumericId } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -16,7 +15,7 @@ const DiscordSendMessageSchema = z.object({
   botToken: z.string().min(1, 'Bot token is required'),
   channelId: z.string().min(1, 'Channel ID is required'),
   content: z.string().optional().nullable(),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {
@@ -102,12 +101,6 @@ export async function POST(request: NextRequest) {
     logger.info(`[${requestId}] Processing ${validatedData.files.length} file(s)`)
 
     const userFiles = processFilesToUserFiles(validatedData.files, requestId, logger)
-    const filesOutput: Array<{
-      name: string
-      mimeType: string
-      data: string
-      size: number
-    }> = []
 
     if (userFiles.length === 0) {
       logger.warn(`[${requestId}] No valid files to upload, falling back to text-only`)
@@ -144,12 +137,6 @@ export async function POST(request: NextRequest) {
       logger.info(`[${requestId}] Downloading file ${i}: ${userFile.name}`)
 
       const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-      filesOutput.push({
-        name: userFile.name,
-        mimeType: userFile.type || 'application/octet-stream',
-        data: buffer.toString('base64'),
-        size: buffer.length,
-      })
 
       const blob = new Blob([new Uint8Array(buffer)], { type: userFile.type })
       formData.append(`files[${i}]`, blob, userFile.name)
@@ -186,7 +173,6 @@ export async function POST(request: NextRequest) {
         message: data.content,
         data: data,
         fileCount: userFiles.length,
-        files: filesOutput,
       },
     })
   } catch (error) {

apps/sim/app/api/tools/github/latest-commit/route.ts

@@ -1,195 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('GitHubLatestCommitAPI')
-
-interface GitHubErrorResponse {
-  message?: string
-}
-
-interface GitHubCommitResponse {
-  sha: string
-  html_url: string
-  commit: {
-    message: string
-    author: { name: string; email: string; date: string }
-    committer: { name: string; email: string; date: string }
-  }
-  author?: { login: string; avatar_url: string; html_url: string }
-  committer?: { login: string; avatar_url: string; html_url: string }
-  stats?: { additions: number; deletions: number; total: number }
-  files?: Array<{
-    filename: string
-    status: string
-    additions: number
-    deletions: number
-    changes: number
-    patch?: string
-    raw_url?: string
-    blob_url?: string
-  }>
-}
-
-const GitHubLatestCommitSchema = z.object({
-  owner: z.string().min(1, 'Owner is required'),
-  repo: z.string().min(1, 'Repo is required'),
-  branch: z.string().optional().nullable(),
-  apiKey: z.string().min(1, 'API key is required'),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized GitHub latest commit attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = GitHubLatestCommitSchema.parse(body)
-
-    const { owner, repo, branch, apiKey } = validatedData
-
-    const baseUrl = `https://api.github.com/repos/${owner}/${repo}`
-    const commitUrl = branch ? `${baseUrl}/commits/${branch}` : `${baseUrl}/commits/HEAD`
-
-    logger.info(`[${requestId}] Fetching latest commit from GitHub`, { owner, repo, branch })
-
-    const urlValidation = await validateUrlWithDNS(commitUrl, 'commitUrl')
-    if (!urlValidation.isValid) {
-      return NextResponse.json({ success: false, error: urlValidation.error }, { status: 400 })
-    }
-
-    const response = await secureFetchWithPinnedIP(commitUrl, urlValidation.resolvedIP!, {
-      method: 'GET',
-      headers: {
-        Accept: 'application/vnd.github.v3+json',
-        Authorization: `Bearer ${apiKey}`,
-        'X-GitHub-Api-Version': '2022-11-28',
-      },
-    })
-
-    if (!response.ok) {
-      const errorData = (await response.json().catch(() => ({}))) as GitHubErrorResponse
-      logger.error(`[${requestId}] GitHub API error`, {
-        status: response.status,
-        error: errorData,
-      })
-      return NextResponse.json(
-        { success: false, error: errorData.message || `GitHub API error: ${response.status}` },
-        { status: 400 }
-      )
-    }
-
-    const data = (await response.json()) as GitHubCommitResponse
-
-    const content = `Latest commit: "${data.commit.message}" by ${data.commit.author.name} on ${data.commit.author.date}. SHA: ${data.sha}`
-
-    const files = data.files || []
-    const fileDetailsWithContent = []
-
-    for (const file of files) {
-      const fileDetail: Record<string, any> = {
-        filename: file.filename,
-        additions: file.additions,
-        deletions: file.deletions,
-        changes: file.changes,
-        status: file.status,
-        raw_url: file.raw_url,
-        blob_url: file.blob_url,
-        patch: file.patch,
-        content: undefined,
-      }
-
-      if (file.status !== 'removed' && file.raw_url) {
-        try {
-          const rawUrlValidation = await validateUrlWithDNS(file.raw_url, 'rawUrl')
-          if (rawUrlValidation.isValid) {
-            const contentResponse = await secureFetchWithPinnedIP(
-              file.raw_url,
-              rawUrlValidation.resolvedIP!,
-              {
-                headers: {
-                  Authorization: `Bearer ${apiKey}`,
-                  'X-GitHub-Api-Version': '2022-11-28',
-                },
-              }
-            )
-
-            if (contentResponse.ok) {
-              fileDetail.content = await contentResponse.text()
-            }
-          }
-        } catch (error) {
-          logger.warn(`[${requestId}] Failed to fetch content for ${file.filename}:`, error)
-        }
-      }
-
-      fileDetailsWithContent.push(fileDetail)
-    }
-
-    logger.info(`[${requestId}] Latest commit fetched successfully`, {
-      sha: data.sha,
-      fileCount: files.length,
-    })
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        content,
-        metadata: {
-          sha: data.sha,
-          html_url: data.html_url,
-          commit_message: data.commit.message,
-          author: {
-            name: data.commit.author.name,
-            login: data.author?.login || 'Unknown',
-            avatar_url: data.author?.avatar_url || '',
-            html_url: data.author?.html_url || '',
-          },
-          committer: {
-            name: data.commit.committer.name,
-            login: data.committer?.login || 'Unknown',
-            avatar_url: data.committer?.avatar_url || '',
-            html_url: data.committer?.html_url || '',
-          },
-          stats: data.stats
-            ? {
-                additions: data.stats.additions,
-                deletions: data.stats.deletions,
-                total: data.stats.total,
-              }
-            : undefined,
-          files: fileDetailsWithContent.length > 0 ? fileDetailsWithContent : undefined,
-        },
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error fetching GitHub latest commit:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/gmail/draft/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import {
@@ -29,7 +28,7 @@ const GmailDraftSchema = z.object({
   replyToMessageId: z.string().optional().nullable(),
   cc: z.string().optional().nullable(),
   bcc: z.string().optional().nullable(),
-  attachments: RawFileInputArraySchema.optional().nullable(),
+  attachments: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {

apps/sim/app/api/tools/gmail/send/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import {
@@ -29,7 +28,7 @@ const GmailSendSchema = z.object({
   replyToMessageId: z.string().optional().nullable(),
   cc: z.string().optional().nullable(),
   bcc: z.string().optional().nullable(),
-  attachments: RawFileInputArraySchema.optional().nullable(),
+  attachments: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {

apps/sim/app/api/tools/google_drive/download/route.ts

@@ -1,252 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-import type { GoogleDriveFile, GoogleDriveRevision } from '@/tools/google_drive/types'
-import {
-  ALL_FILE_FIELDS,
-  ALL_REVISION_FIELDS,
-  DEFAULT_EXPORT_FORMATS,
-  GOOGLE_WORKSPACE_MIME_TYPES,
-} from '@/tools/google_drive/utils'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('GoogleDriveDownloadAPI')
-
-/** Google API error response structure */
-interface GoogleApiErrorResponse {
-  error?: {
-    message?: string
-    code?: number
-    status?: string
-  }
-}
-
-/** Google Drive revisions list response */
-interface GoogleDriveRevisionsResponse {
-  revisions?: GoogleDriveRevision[]
-  nextPageToken?: string
-}
-
-const GoogleDriveDownloadSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  fileId: z.string().min(1, 'File ID is required'),
-  mimeType: z.string().optional().nullable(),
-  fileName: z.string().optional().nullable(),
-  includeRevisions: z.boolean().optional().default(true),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Google Drive download attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = GoogleDriveDownloadSchema.parse(body)
-
-    const {
-      accessToken,
-      fileId,
-      mimeType: exportMimeType,
-      fileName,
-      includeRevisions,
-    } = validatedData
-    const authHeader = `Bearer ${accessToken}`
-
-    logger.info(`[${requestId}] Getting file metadata from Google Drive`, { fileId })
-
-    const metadataUrl = `https://www.googleapis.com/drive/v3/files/${fileId}?fields=${ALL_FILE_FIELDS}&supportsAllDrives=true`
-    const metadataUrlValidation = await validateUrlWithDNS(metadataUrl, 'metadataUrl')
-    if (!metadataUrlValidation.isValid) {
-      return NextResponse.json(
-        { success: false, error: metadataUrlValidation.error },
-        { status: 400 }
-      )
-    }
-
-    const metadataResponse = await secureFetchWithPinnedIP(
-      metadataUrl,
-      metadataUrlValidation.resolvedIP!,
-      {
-        headers: { Authorization: authHeader },
-      }
-    )
-
-    if (!metadataResponse.ok) {
-      const errorDetails = (await metadataResponse
-        .json()
-        .catch(() => ({}))) as GoogleApiErrorResponse
-      logger.error(`[${requestId}] Failed to get file metadata`, {
-        status: metadataResponse.status,
-        error: errorDetails,
-      })
-      return NextResponse.json(
-        { success: false, error: errorDetails.error?.message || 'Failed to get file metadata' },
-        { status: 400 }
-      )
-    }
-
-    const metadata = (await metadataResponse.json()) as GoogleDriveFile
-    const fileMimeType = metadata.mimeType
-
-    let fileBuffer: Buffer
-    let finalMimeType = fileMimeType
-
-    if (GOOGLE_WORKSPACE_MIME_TYPES.includes(fileMimeType)) {
-      const exportFormat = exportMimeType || DEFAULT_EXPORT_FORMATS[fileMimeType] || 'text/plain'
-      finalMimeType = exportFormat
-
-      logger.info(`[${requestId}] Exporting Google Workspace file`, {
-        fileId,
-        mimeType: fileMimeType,
-        exportFormat,
-      })
-
-      const exportUrl = `https://www.googleapis.com/drive/v3/files/${fileId}/export?mimeType=${encodeURIComponent(exportFormat)}&supportsAllDrives=true`
-      const exportUrlValidation = await validateUrlWithDNS(exportUrl, 'exportUrl')
-      if (!exportUrlValidation.isValid) {
-        return NextResponse.json(
-          { success: false, error: exportUrlValidation.error },
-          { status: 400 }
-        )
-      }
-
-      const exportResponse = await secureFetchWithPinnedIP(
-        exportUrl,
-        exportUrlValidation.resolvedIP!,
-        { headers: { Authorization: authHeader } }
-      )
-
-      if (!exportResponse.ok) {
-        const exportError = (await exportResponse
-          .json()
-          .catch(() => ({}))) as GoogleApiErrorResponse
-        logger.error(`[${requestId}] Failed to export file`, {
-          status: exportResponse.status,
-          error: exportError,
-        })
-        return NextResponse.json(
-          {
-            success: false,
-            error: exportError.error?.message || 'Failed to export Google Workspace file',
-          },
-          { status: 400 }
-        )
-      }
-
-      const arrayBuffer = await exportResponse.arrayBuffer()
-      fileBuffer = Buffer.from(arrayBuffer)
-    } else {
-      logger.info(`[${requestId}] Downloading regular file`, { fileId, mimeType: fileMimeType })
-
-      const downloadUrl = `https://www.googleapis.com/drive/v3/files/${fileId}?alt=media&supportsAllDrives=true`
-      const downloadUrlValidation = await validateUrlWithDNS(downloadUrl, 'downloadUrl')
-      if (!downloadUrlValidation.isValid) {
-        return NextResponse.json(
-          { success: false, error: downloadUrlValidation.error },
-          { status: 400 }
-        )
-      }
-
-      const downloadResponse = await secureFetchWithPinnedIP(
-        downloadUrl,
-        downloadUrlValidation.resolvedIP!,
-        { headers: { Authorization: authHeader } }
-      )
-
-      if (!downloadResponse.ok) {
-        const downloadError = (await downloadResponse
-          .json()
-          .catch(() => ({}))) as GoogleApiErrorResponse
-        logger.error(`[${requestId}] Failed to download file`, {
-          status: downloadResponse.status,
-          error: downloadError,
-        })
-        return NextResponse.json(
-          { success: false, error: downloadError.error?.message || 'Failed to download file' },
-          { status: 400 }
-        )
-      }
-
-      const arrayBuffer = await downloadResponse.arrayBuffer()
-      fileBuffer = Buffer.from(arrayBuffer)
-    }
-
-    const canReadRevisions = metadata.capabilities?.canReadRevisions === true
-    if (includeRevisions && canReadRevisions) {
-      try {
-        const revisionsUrl = `https://www.googleapis.com/drive/v3/files/${fileId}/revisions?fields=revisions(${ALL_REVISION_FIELDS})&pageSize=100`
-        const revisionsUrlValidation = await validateUrlWithDNS(revisionsUrl, 'revisionsUrl')
-        if (revisionsUrlValidation.isValid) {
-          const revisionsResponse = await secureFetchWithPinnedIP(
-            revisionsUrl,
-            revisionsUrlValidation.resolvedIP!,
-            { headers: { Authorization: authHeader } }
-          )
-
-          if (revisionsResponse.ok) {
-            const revisionsData = (await revisionsResponse.json()) as GoogleDriveRevisionsResponse
-            metadata.revisions = revisionsData.revisions
-            logger.info(`[${requestId}] Fetched file revisions`, {
-              fileId,
-              revisionCount: metadata.revisions?.length || 0,
-            })
-          }
-        }
-      } catch (error) {
-        logger.warn(`[${requestId}] Error fetching revisions, continuing without them`, { error })
-      }
-    }
-
-    const resolvedName = fileName || metadata.name || 'download'
-
-    logger.info(`[${requestId}] File downloaded successfully`, {
-      fileId,
-      name: resolvedName,
-      size: fileBuffer.length,
-      mimeType: finalMimeType,
-    })
-
-    const base64Data = fileBuffer.toString('base64')
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        file: {
-          name: resolvedName,
-          mimeType: finalMimeType,
-          data: base64Data,
-          size: fileBuffer.length,
-        },
-        metadata,
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error downloading Google Drive file:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/google_drive/upload/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
 import { processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import {
@@ -21,7 +20,7 @@ const GOOGLE_DRIVE_API_BASE = 'https://www.googleapis.com/upload/drive/v3/files'
 const GoogleDriveUploadSchema = z.object({
   accessToken: z.string().min(1, 'Access token is required'),
   fileName: z.string().min(1, 'File name is required'),
-  file: RawFileInputSchema.optional().nullable(),
+  file: z.any().optional().nullable(),
   mimeType: z.string().optional().nullable(),
   folderId: z.string().optional().nullable(),
 })

apps/sim/app/api/tools/google_vault/download-export-file/route.ts

@@ -1,132 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { enhanceGoogleVaultError } from '@/tools/google_vault/utils'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('GoogleVaultDownloadExportFileAPI')
-
-const GoogleVaultDownloadExportFileSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  matterId: z.string().min(1, 'Matter ID is required'),
-  bucketName: z.string().min(1, 'Bucket name is required'),
-  objectName: z.string().min(1, 'Object name is required'),
-  fileName: z.string().optional().nullable(),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Google Vault download attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = GoogleVaultDownloadExportFileSchema.parse(body)
-
-    const { accessToken, bucketName, objectName, fileName } = validatedData
-
-    const bucket = encodeURIComponent(bucketName)
-    const object = encodeURIComponent(objectName)
-    const downloadUrl = `https://storage.googleapis.com/storage/v1/b/${bucket}/o/${object}?alt=media`
-
-    logger.info(`[${requestId}] Downloading file from Google Vault`, { bucketName, objectName })
-
-    const urlValidation = await validateUrlWithDNS(downloadUrl, 'downloadUrl')
-    if (!urlValidation.isValid) {
-      return NextResponse.json(
-        { success: false, error: enhanceGoogleVaultError(urlValidation.error || 'Invalid URL') },
-        { status: 400 }
-      )
-    }
-
-    const downloadResponse = await secureFetchWithPinnedIP(downloadUrl, urlValidation.resolvedIP!, {
-      method: 'GET',
-      headers: {
-        Authorization: `Bearer ${accessToken}`,
-      },
-    })
-
-    if (!downloadResponse.ok) {
-      const errorText = await downloadResponse.text().catch(() => '')
-      const errorMessage = `Failed to download file: ${errorText || downloadResponse.statusText}`
-      logger.error(`[${requestId}] Failed to download Vault export file`, {
-        status: downloadResponse.status,
-        error: errorText,
-      })
-      return NextResponse.json(
-        { success: false, error: enhanceGoogleVaultError(errorMessage) },
-        { status: 400 }
-      )
-    }
-
-    const contentType = downloadResponse.headers.get('content-type') || 'application/octet-stream'
-    const disposition = downloadResponse.headers.get('content-disposition') || ''
-    const match = disposition.match(/filename\*=UTF-8''([^;]+)|filename="([^"]+)"/)
-
-    let resolvedName = fileName
-    if (!resolvedName) {
-      if (match?.[1]) {
-        try {
-          resolvedName = decodeURIComponent(match[1])
-        } catch {
-          resolvedName = match[1]
-        }
-      } else if (match?.[2]) {
-        resolvedName = match[2]
-      } else if (objectName) {
-        const parts = objectName.split('/')
-        resolvedName = parts[parts.length - 1] || 'vault-export.bin'
-      } else {
-        resolvedName = 'vault-export.bin'
-      }
-    }
-
-    const arrayBuffer = await downloadResponse.arrayBuffer()
-    const buffer = Buffer.from(arrayBuffer)
-
-    logger.info(`[${requestId}] Vault export file downloaded successfully`, {
-      name: resolvedName,
-      size: buffer.length,
-      mimeType: contentType,
-    })
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        file: {
-          name: resolvedName,
-          mimeType: contentType,
-          data: buffer.toString('base64'),
-          size: buffer.length,
-        },
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error downloading Google Vault export file:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/image/route.ts

@@ -1,10 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
+import { validateImageUrl } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
 
 const logger = createLogger('ImageProxyAPI')
@@ -29,7 +26,7 @@ export async function GET(request: NextRequest) {
     return new NextResponse('Missing URL parameter', { status: 400 })
   }
 
-  const urlValidation = await validateUrlWithDNS(imageUrl, 'imageUrl')
+  const urlValidation = validateImageUrl(imageUrl)
   if (!urlValidation.isValid) {
     logger.warn(`[${requestId}] Blocked image proxy request`, {
       url: imageUrl.substring(0, 100),
@@ -41,8 +38,7 @@ export async function GET(request: NextRequest) {
   logger.info(`[${requestId}] Proxying image request for: ${imageUrl}`)
 
   try {
-    const imageResponse = await secureFetchWithPinnedIP(imageUrl, urlValidation.resolvedIP!, {
-      method: 'GET',
+    const imageResponse = await fetch(imageUrl, {
       headers: {
         'User-Agent':
           'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36',
@@ -68,14 +64,14 @@ export async function GET(request: NextRequest) {
 
     const contentType = imageResponse.headers.get('content-type') || 'image/jpeg'
 
-    const imageArrayBuffer = await imageResponse.arrayBuffer()
+    const imageBlob = await imageResponse.blob()
 
-    if (imageArrayBuffer.byteLength === 0) {
-      logger.error(`[${requestId}] Empty image received`)
+    if (imageBlob.size === 0) {
+      logger.error(`[${requestId}] Empty image blob received`)
       return new NextResponse('Empty image received', { status: 404 })
     }
 
-    return new NextResponse(imageArrayBuffer, {
+    return new NextResponse(imageBlob, {
       headers: {
         'Content-Type': contentType,
         'Access-Control-Allow-Origin': '*',

apps/sim/app/api/tools/jira/add-attachment/route.ts

@@ -1,121 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
-import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
-import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
-import { getJiraCloudId } from '@/tools/jira/utils'
-
-const logger = createLogger('JiraAddAttachmentAPI')
-
-export const dynamic = 'force-dynamic'
-
-const JiraAddAttachmentSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  domain: z.string().min(1, 'Domain is required'),
-  issueKey: z.string().min(1, 'Issue key is required'),
-  files: RawFileInputArraySchema,
-  cloudId: z.string().optional().nullable(),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = `jira-attach-${Date.now()}`
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-    if (!authResult.success) {
-      return NextResponse.json(
-        { success: false, error: authResult.error || 'Unauthorized' },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = JiraAddAttachmentSchema.parse(body)
-
-    const userFiles = processFilesToUserFiles(validatedData.files, requestId, logger)
-    if (userFiles.length === 0) {
-      return NextResponse.json(
-        { success: false, error: 'No valid files provided for upload' },
-        { status: 400 }
-      )
-    }
-
-    const cloudId =
-      validatedData.cloudId ||
-      (await getJiraCloudId(validatedData.domain, validatedData.accessToken))
-
-    const formData = new FormData()
-    const filesOutput: Array<{ name: string; mimeType: string; data: string; size: number }> = []
-
-    for (const file of userFiles) {
-      const buffer = await downloadFileFromStorage(file, requestId, logger)
-      filesOutput.push({
-        name: file.name,
-        mimeType: file.type || 'application/octet-stream',
-        data: buffer.toString('base64'),
-        size: buffer.length,
-      })
-      const blob = new Blob([new Uint8Array(buffer)], {
-        type: file.type || 'application/octet-stream',
-      })
-      formData.append('file', blob, file.name)
-    }
-
-    const url = `https://api.atlassian.com/ex/jira/${cloudId}/rest/api/3/issue/${validatedData.issueKey}/attachments`
-
-    const response = await fetch(url, {
-      method: 'POST',
-      headers: {
-        Authorization: `Bearer ${validatedData.accessToken}`,
-        'X-Atlassian-Token': 'no-check',
-      },
-      body: formData,
-    })
-
-    if (!response.ok) {
-      const errorText = await response.text()
-      logger.error(`[${requestId}] Jira attachment upload failed`, {
-        status: response.status,
-        statusText: response.statusText,
-        error: errorText,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: `Failed to upload attachments: ${response.statusText}`,
-        },
-        { status: response.status }
-      )
-    }
-
-    const attachments = await response.json()
-    const attachmentIds = Array.isArray(attachments)
-      ? attachments.map((attachment) => attachment.id).filter(Boolean)
-      : []
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        ts: new Date().toISOString(),
-        issueKey: validatedData.issueKey,
-        attachmentIds,
-        files: filesOutput,
-      },
-    })
-  } catch (error) {
-    if (error instanceof z.ZodError) {
-      return NextResponse.json(
-        { success: false, error: 'Invalid request data', details: error.errors },
-        { status: 400 }
-      )
-    }
-
-    logger.error(`[${requestId}] Jira attachment upload error`, error)
-    return NextResponse.json(
-      { success: false, error: error instanceof Error ? error.message : 'Internal server error' },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/microsoft_teams/write_channel/route.ts

@@ -2,15 +2,10 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { secureFetchWithValidation } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
-import type { GraphApiErrorResponse, GraphChatMessage } from '@/tools/microsoft_teams/types'
-import {
-  resolveMentionsForChannel,
-  type TeamsMention,
-  uploadFilesForTeamsMessage,
-} from '@/tools/microsoft_teams/utils'
+import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
+import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
+import { resolveMentionsForChannel, type TeamsMention } from '@/tools/microsoft_teams/utils'
 
 export const dynamic = 'force-dynamic'
 
@@ -21,7 +16,7 @@ const TeamsWriteChannelSchema = z.object({
   teamId: z.string().min(1, 'Team ID is required'),
   channelId: z.string().min(1, 'Channel ID is required'),
   content: z.string().min(1, 'Message content is required'),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {
@@ -58,12 +53,93 @@ export async function POST(request: NextRequest) {
       fileCount: validatedData.files?.length || 0,
     })
 
-    const { attachments, filesOutput } = await uploadFilesForTeamsMessage({
-      rawFiles: validatedData.files || [],
-      accessToken: validatedData.accessToken,
-      requestId,
-      logger,
-    })
+    const attachments: any[] = []
+    if (validatedData.files && validatedData.files.length > 0) {
+      const rawFiles = validatedData.files
+      logger.info(`[${requestId}] Processing ${rawFiles.length} file(s) for upload to OneDrive`)
+
+      const userFiles = processFilesToUserFiles(rawFiles, requestId, logger)
+
+      for (const file of userFiles) {
+        try {
+          logger.info(`[${requestId}] Uploading file to Teams: ${file.name} (${file.size} bytes)`)
+
+          const buffer = await downloadFileFromStorage(file, requestId, logger)
+
+          const uploadUrl =
+            'https://graph.microsoft.com/v1.0/me/drive/root:/TeamsAttachments/' +
+            encodeURIComponent(file.name) +
+            ':/content'
+
+          logger.info(`[${requestId}] Uploading to Teams: ${uploadUrl}`)
+
+          const uploadResponse = await fetch(uploadUrl, {
+            method: 'PUT',
+            headers: {
+              Authorization: `Bearer ${validatedData.accessToken}`,
+              'Content-Type': file.type || 'application/octet-stream',
+            },
+            body: new Uint8Array(buffer),
+          })
+
+          if (!uploadResponse.ok) {
+            const errorData = await uploadResponse.json().catch(() => ({}))
+            logger.error(`[${requestId}] Teams upload failed:`, errorData)
+            throw new Error(
+              `Failed to upload file to Teams: ${errorData.error?.message || 'Unknown error'}`
+            )
+          }
+
+          const uploadedFile = await uploadResponse.json()
+          logger.info(`[${requestId}] File uploaded to Teams successfully`, {
+            id: uploadedFile.id,
+            webUrl: uploadedFile.webUrl,
+          })
+
+          const fileDetailsUrl = `https://graph.microsoft.com/v1.0/me/drive/items/${uploadedFile.id}?$select=id,name,webDavUrl,eTag,size`
+
+          const fileDetailsResponse = await fetch(fileDetailsUrl, {
+            headers: {
+              Authorization: `Bearer ${validatedData.accessToken}`,
+            },
+          })
+
+          if (!fileDetailsResponse.ok) {
+            const errorData = await fileDetailsResponse.json().catch(() => ({}))
+            logger.error(`[${requestId}] Failed to get file details:`, errorData)
+            throw new Error(
+              `Failed to get file details: ${errorData.error?.message || 'Unknown error'}`
+            )
+          }
+
+          const fileDetails = await fileDetailsResponse.json()
+          logger.info(`[${requestId}] Got file details`, {
+            webDavUrl: fileDetails.webDavUrl,
+            eTag: fileDetails.eTag,
+          })
+
+          const attachmentId = fileDetails.eTag?.match(/\{([a-f0-9-]+)\}/i)?.[1] || fileDetails.id
+
+          attachments.push({
+            id: attachmentId,
+            contentType: 'reference',
+            contentUrl: fileDetails.webDavUrl,
+            name: file.name,
+          })
+
+          logger.info(`[${requestId}] Created attachment reference for ${file.name}`)
+        } catch (error) {
+          logger.error(`[${requestId}] Failed to process file ${file.name}:`, error)
+          throw new Error(
+            `Failed to process file "${file.name}": ${error instanceof Error ? error.message : 'Unknown error'}`
+          )
+        }
+      }
+
+      logger.info(
+        `[${requestId}] All ${attachments.length} file(s) uploaded and attachment references created`
+      )
+    }
 
     let messageContent = validatedData.content
     let contentType: 'text' | 'html' = 'text'
@@ -121,21 +197,17 @@ export async function POST(request: NextRequest) {
 
     const teamsUrl = `https://graph.microsoft.com/v1.0/teams/${encodeURIComponent(validatedData.teamId)}/channels/${encodeURIComponent(validatedData.channelId)}/messages`
 
-    const teamsResponse = await secureFetchWithValidation(
-      teamsUrl,
-      {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          Authorization: `Bearer ${validatedData.accessToken}`,
-        },
-        body: JSON.stringify(messageBody),
+    const teamsResponse = await fetch(teamsUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${validatedData.accessToken}`,
       },
-      'teamsUrl'
-    )
+      body: JSON.stringify(messageBody),
+    })
 
     if (!teamsResponse.ok) {
-      const errorData = (await teamsResponse.json().catch(() => ({}))) as GraphApiErrorResponse
+      const errorData = await teamsResponse.json().catch(() => ({}))
       logger.error(`[${requestId}] Microsoft Teams API error:`, errorData)
       return NextResponse.json(
         {
@@ -146,7 +218,7 @@ export async function POST(request: NextRequest) {
       )
     }
 
-    const responseData = (await teamsResponse.json()) as GraphChatMessage
+    const responseData = await teamsResponse.json()
     logger.info(`[${requestId}] Teams channel message sent successfully`, {
       messageId: responseData.id,
       attachmentCount: attachments.length,
@@ -165,7 +237,6 @@ export async function POST(request: NextRequest) {
           url: responseData.webUrl || '',
           attachmentCount: attachments.length,
         },
-        files: filesOutput,
       },
     })
   } catch (error) {

apps/sim/app/api/tools/microsoft_teams/write_chat/route.ts

@@ -2,15 +2,10 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { secureFetchWithValidation } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
-import type { GraphApiErrorResponse, GraphChatMessage } from '@/tools/microsoft_teams/types'
-import {
-  resolveMentionsForChat,
-  type TeamsMention,
-  uploadFilesForTeamsMessage,
-} from '@/tools/microsoft_teams/utils'
+import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
+import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
+import { resolveMentionsForChat, type TeamsMention } from '@/tools/microsoft_teams/utils'
 
 export const dynamic = 'force-dynamic'
 
@@ -20,7 +15,7 @@ const TeamsWriteChatSchema = z.object({
   accessToken: z.string().min(1, 'Access token is required'),
   chatId: z.string().min(1, 'Chat ID is required'),
   content: z.string().min(1, 'Message content is required'),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {
@@ -56,12 +51,93 @@ export async function POST(request: NextRequest) {
       fileCount: validatedData.files?.length || 0,
     })
 
-    const { attachments, filesOutput } = await uploadFilesForTeamsMessage({
-      rawFiles: validatedData.files || [],
-      accessToken: validatedData.accessToken,
-      requestId,
-      logger,
-    })
+    const attachments: any[] = []
+    if (validatedData.files && validatedData.files.length > 0) {
+      const rawFiles = validatedData.files
+      logger.info(`[${requestId}] Processing ${rawFiles.length} file(s) for upload to Teams`)
+
+      const userFiles = processFilesToUserFiles(rawFiles, requestId, logger)
+
+      for (const file of userFiles) {
+        try {
+          logger.info(`[${requestId}] Uploading file to Teams: ${file.name} (${file.size} bytes)`)
+
+          const buffer = await downloadFileFromStorage(file, requestId, logger)
+
+          const uploadUrl =
+            'https://graph.microsoft.com/v1.0/me/drive/root:/TeamsAttachments/' +
+            encodeURIComponent(file.name) +
+            ':/content'
+
+          logger.info(`[${requestId}] Uploading to Teams: ${uploadUrl}`)
+
+          const uploadResponse = await fetch(uploadUrl, {
+            method: 'PUT',
+            headers: {
+              Authorization: `Bearer ${validatedData.accessToken}`,
+              'Content-Type': file.type || 'application/octet-stream',
+            },
+            body: new Uint8Array(buffer),
+          })
+
+          if (!uploadResponse.ok) {
+            const errorData = await uploadResponse.json().catch(() => ({}))
+            logger.error(`[${requestId}] Teams upload failed:`, errorData)
+            throw new Error(
+              `Failed to upload file to Teams: ${errorData.error?.message || 'Unknown error'}`
+            )
+          }
+
+          const uploadedFile = await uploadResponse.json()
+          logger.info(`[${requestId}] File uploaded to Teams successfully`, {
+            id: uploadedFile.id,
+            webUrl: uploadedFile.webUrl,
+          })
+
+          const fileDetailsUrl = `https://graph.microsoft.com/v1.0/me/drive/items/${uploadedFile.id}?$select=id,name,webDavUrl,eTag,size`
+
+          const fileDetailsResponse = await fetch(fileDetailsUrl, {
+            headers: {
+              Authorization: `Bearer ${validatedData.accessToken}`,
+            },
+          })
+
+          if (!fileDetailsResponse.ok) {
+            const errorData = await fileDetailsResponse.json().catch(() => ({}))
+            logger.error(`[${requestId}] Failed to get file details:`, errorData)
+            throw new Error(
+              `Failed to get file details: ${errorData.error?.message || 'Unknown error'}`
+            )
+          }
+
+          const fileDetails = await fileDetailsResponse.json()
+          logger.info(`[${requestId}] Got file details`, {
+            webDavUrl: fileDetails.webDavUrl,
+            eTag: fileDetails.eTag,
+          })
+
+          const attachmentId = fileDetails.eTag?.match(/\{([a-f0-9-]+)\}/i)?.[1] || fileDetails.id
+
+          attachments.push({
+            id: attachmentId,
+            contentType: 'reference',
+            contentUrl: fileDetails.webDavUrl,
+            name: file.name,
+          })
+
+          logger.info(`[${requestId}] Created attachment reference for ${file.name}`)
+        } catch (error) {
+          logger.error(`[${requestId}] Failed to process file ${file.name}:`, error)
+          throw new Error(
+            `Failed to process file "${file.name}": ${error instanceof Error ? error.message : 'Unknown error'}`
+          )
+        }
+      }
+
+      logger.info(
+        `[${requestId}] All ${attachments.length} file(s) uploaded and attachment references created`
+      )
+    }
 
     let messageContent = validatedData.content
     let contentType: 'text' | 'html' = 'text'
@@ -118,21 +194,17 @@ export async function POST(request: NextRequest) {
 
     const teamsUrl = `https://graph.microsoft.com/v1.0/chats/${encodeURIComponent(validatedData.chatId)}/messages`
 
-    const teamsResponse = await secureFetchWithValidation(
-      teamsUrl,
-      {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          Authorization: `Bearer ${validatedData.accessToken}`,
-        },
-        body: JSON.stringify(messageBody),
+    const teamsResponse = await fetch(teamsUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${validatedData.accessToken}`,
       },
-      'teamsUrl'
-    )
+      body: JSON.stringify(messageBody),
+    })
 
     if (!teamsResponse.ok) {
-      const errorData = (await teamsResponse.json().catch(() => ({}))) as GraphApiErrorResponse
+      const errorData = await teamsResponse.json().catch(() => ({}))
       logger.error(`[${requestId}] Microsoft Teams API error:`, errorData)
       return NextResponse.json(
         {
@@ -143,7 +215,7 @@ export async function POST(request: NextRequest) {
       )
     }
 
-    const responseData = (await teamsResponse.json()) as GraphChatMessage
+    const responseData = await teamsResponse.json()
     logger.info(`[${requestId}] Teams message sent successfully`, {
       messageId: responseData.id,
       attachmentCount: attachments.length,
@@ -161,7 +233,6 @@ export async function POST(request: NextRequest) {
           url: responseData.webUrl || '',
           attachmentCount: attachments.length,
         },
-        files: filesOutput,
       },
     })
   } catch (error) {

apps/sim/app/api/tools/mistral/parse/route.ts

@@ -2,17 +2,15 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { FileInputSchema } from '@/lib/uploads/utils/file-schemas'
-import { isInternalFileUrl, processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+import { StorageService } from '@/lib/uploads'
 import {
-  downloadFileFromStorage,
-  resolveInternalFileUrl,
-} from '@/lib/uploads/utils/file-utils.server'
+  extractStorageKey,
+  inferContextFromKey,
+  isInternalFileUrl,
+} from '@/lib/uploads/utils/file-utils'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 
 export const dynamic = 'force-dynamic'
 
@@ -20,9 +18,7 @@ const logger = createLogger('MistralParseAPI')
 
 const MistralParseSchema = z.object({
   apiKey: z.string().min(1, 'API key is required'),
-  filePath: z.string().min(1, 'File path is required').optional(),
-  fileData: FileInputSchema.optional(),
-  file: FileInputSchema.optional(),
+  filePath: z.string().min(1, 'File path is required'),
   resultType: z.string().optional(),
   pages: z.array(z.number()).optional(),
   includeImageBase64: z.boolean().optional(),
@@ -53,130 +49,66 @@ export async function POST(request: NextRequest) {
     const body = await request.json()
     const validatedData = MistralParseSchema.parse(body)
 
-    const fileData = validatedData.file || validatedData.fileData
-    const filePath = typeof fileData === 'string' ? fileData : validatedData.filePath
-
-    if (!fileData && (!filePath || filePath.trim() === '')) {
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'File input is required',
-        },
-        { status: 400 }
-      )
-    }
-
     logger.info(`[${requestId}] Mistral parse request`, {
-      hasFileData: Boolean(fileData),
-      filePath,
-      isWorkspaceFile: filePath ? isInternalFileUrl(filePath) : false,
+      filePath: validatedData.filePath,
+      isWorkspaceFile: isInternalFileUrl(validatedData.filePath),
       userId,
     })
 
-    const mistralBody: any = {
-      model: 'mistral-ocr-latest',
+    let fileUrl = validatedData.filePath
+
+    if (isInternalFileUrl(validatedData.filePath)) {
+      try {
+        const storageKey = extractStorageKey(validatedData.filePath)
+
+        const context = inferContextFromKey(storageKey)
+
+        const hasAccess = await verifyFileAccess(
+          storageKey,
+          userId,
+          undefined, // customConfig
+          context, // context
+          false // isLocal
+        )
+
+        if (!hasAccess) {
+          logger.warn(`[${requestId}] Unauthorized presigned URL generation attempt`, {
+            userId,
+            key: storageKey,
+            context,
+          })
+          return NextResponse.json(
+            {
+              success: false,
+              error: 'File not found',
+            },
+            { status: 404 }
+          )
+        }
+
+        fileUrl = await StorageService.generatePresignedDownloadUrl(storageKey, context, 5 * 60)
+        logger.info(`[${requestId}] Generated presigned URL for ${context} file`)
+      } catch (error) {
+        logger.error(`[${requestId}] Failed to generate presigned URL:`, error)
+        return NextResponse.json(
+          {
+            success: false,
+            error: 'Failed to generate file access URL',
+          },
+          { status: 500 }
+        )
+      }
+    } else if (validatedData.filePath?.startsWith('/')) {
+      const baseUrl = getBaseUrl()
+      fileUrl = `${baseUrl}${validatedData.filePath}`
     }
 
-    if (fileData && typeof fileData === 'object') {
-      const rawFile = fileData
-      let userFile
-      try {
-        userFile = processSingleFileToUserFile(rawFile, requestId, logger)
-      } catch (error) {
-        return NextResponse.json(
-          {
-            success: false,
-            error: error instanceof Error ? error.message : 'Failed to process file',
-          },
-          { status: 400 }
-        )
-      }
-
-      const mimeType = userFile.type || 'application/pdf'
-      let base64 = userFile.base64
-      if (!base64) {
-        const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-        base64 = buffer.toString('base64')
-      }
-      const base64Payload = base64.startsWith('data:')
-        ? base64
-        : `data:${mimeType};base64,${base64}`
-
-      // Mistral API uses different document types for images vs documents
-      const isImage = mimeType.startsWith('image/')
-      if (isImage) {
-        mistralBody.document = {
-          type: 'image_url',
-          image_url: base64Payload,
-        }
-      } else {
-        mistralBody.document = {
-          type: 'document_url',
-          document_url: base64Payload,
-        }
-      }
-    } else if (filePath) {
-      let fileUrl = filePath
-
-      const isInternalFilePath = isInternalFileUrl(filePath)
-      if (isInternalFilePath) {
-        const resolution = await resolveInternalFileUrl(filePath, userId, requestId, logger)
-        if (resolution.error) {
-          return NextResponse.json(
-            {
-              success: false,
-              error: resolution.error.message,
-            },
-            { status: resolution.error.status }
-          )
-        }
-        fileUrl = resolution.fileUrl || fileUrl
-      } else if (filePath.startsWith('/')) {
-        logger.warn(`[${requestId}] Invalid internal path`, {
-          userId,
-          path: filePath.substring(0, 50),
-        })
-        return NextResponse.json(
-          {
-            success: false,
-            error: 'Invalid file path. Only uploaded files are supported for internal paths.',
-          },
-          { status: 400 }
-        )
-      } else {
-        const urlValidation = await validateUrlWithDNS(fileUrl, 'filePath')
-        if (!urlValidation.isValid) {
-          return NextResponse.json(
-            {
-              success: false,
-              error: urlValidation.error,
-            },
-            { status: 400 }
-          )
-        }
-      }
-
-      // Detect image URLs by extension for proper Mistral API type
-      const lowerUrl = fileUrl.toLowerCase()
-      const isImageUrl =
-        lowerUrl.endsWith('.png') ||
-        lowerUrl.endsWith('.jpg') ||
-        lowerUrl.endsWith('.jpeg') ||
-        lowerUrl.endsWith('.gif') ||
-        lowerUrl.endsWith('.webp') ||
-        lowerUrl.endsWith('.avif')
-
-      if (isImageUrl) {
-        mistralBody.document = {
-          type: 'image_url',
-          image_url: fileUrl,
-        }
-      } else {
-        mistralBody.document = {
-          type: 'document_url',
-          document_url: fileUrl,
-        }
-      }
+    const mistralBody: any = {
+      model: 'mistral-ocr-latest',
+      document: {
+        type: 'document_url',
+        document_url: fileUrl,
+      },
     }
 
     if (validatedData.pages) {
@@ -192,34 +124,15 @@ export async function POST(request: NextRequest) {
       mistralBody.image_min_size = validatedData.imageMinSize
     }
 
-    const mistralEndpoint = 'https://api.mistral.ai/v1/ocr'
-    const mistralValidation = await validateUrlWithDNS(mistralEndpoint, 'Mistral API URL')
-    if (!mistralValidation.isValid) {
-      logger.error(`[${requestId}] Mistral API URL validation failed`, {
-        error: mistralValidation.error,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'Failed to reach Mistral API',
-        },
-        { status: 502 }
-      )
-    }
-
-    const mistralResponse = await secureFetchWithPinnedIP(
-      mistralEndpoint,
-      mistralValidation.resolvedIP!,
-      {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          Accept: 'application/json',
-          Authorization: `Bearer ${validatedData.apiKey}`,
-        },
-        body: JSON.stringify(mistralBody),
-      }
-    )
+    const mistralResponse = await fetch('https://api.mistral.ai/v1/ocr', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Accept: 'application/json',
+        Authorization: `Bearer ${validatedData.apiKey}`,
+      },
+      body: JSON.stringify(mistralBody),
+    })
 
     if (!mistralResponse.ok) {
       const errorText = await mistralResponse.text()

apps/sim/app/api/tools/onedrive/download/route.ts

@@ -1,177 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-
-export const dynamic = 'force-dynamic'
-
-/** Microsoft Graph API error response structure */
-interface GraphApiError {
-  error?: {
-    code?: string
-    message?: string
-  }
-}
-
-/** Microsoft Graph API drive item metadata response */
-interface DriveItemMetadata {
-  id?: string
-  name?: string
-  folder?: Record<string, unknown>
-  file?: {
-    mimeType?: string
-  }
-}
-
-const logger = createLogger('OneDriveDownloadAPI')
-
-const OneDriveDownloadSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  fileId: z.string().min(1, 'File ID is required'),
-  fileName: z.string().optional().nullable(),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized OneDrive download attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = OneDriveDownloadSchema.parse(body)
-
-    const { accessToken, fileId, fileName } = validatedData
-    const authHeader = `Bearer ${accessToken}`
-
-    logger.info(`[${requestId}] Getting file metadata from OneDrive`, { fileId })
-
-    const metadataUrl = `https://graph.microsoft.com/v1.0/me/drive/items/${fileId}`
-    const metadataUrlValidation = await validateUrlWithDNS(metadataUrl, 'metadataUrl')
-    if (!metadataUrlValidation.isValid) {
-      return NextResponse.json(
-        { success: false, error: metadataUrlValidation.error },
-        { status: 400 }
-      )
-    }
-
-    const metadataResponse = await secureFetchWithPinnedIP(
-      metadataUrl,
-      metadataUrlValidation.resolvedIP!,
-      {
-        headers: { Authorization: authHeader },
-      }
-    )
-
-    if (!metadataResponse.ok) {
-      const errorDetails = (await metadataResponse.json().catch(() => ({}))) as GraphApiError
-      logger.error(`[${requestId}] Failed to get file metadata`, {
-        status: metadataResponse.status,
-        error: errorDetails,
-      })
-      return NextResponse.json(
-        { success: false, error: errorDetails.error?.message || 'Failed to get file metadata' },
-        { status: 400 }
-      )
-    }
-
-    const metadata = (await metadataResponse.json()) as DriveItemMetadata
-
-    if (metadata.folder && !metadata.file) {
-      logger.error(`[${requestId}] Attempted to download a folder`, {
-        itemId: metadata.id,
-        itemName: metadata.name,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: `Cannot download folder "${metadata.name}". Please select a file instead.`,
-        },
-        { status: 400 }
-      )
-    }
-
-    const mimeType = metadata.file?.mimeType || 'application/octet-stream'
-
-    logger.info(`[${requestId}] Downloading file from OneDrive`, { fileId, mimeType })
-
-    const downloadUrl = `https://graph.microsoft.com/v1.0/me/drive/items/${fileId}/content`
-    const downloadUrlValidation = await validateUrlWithDNS(downloadUrl, 'downloadUrl')
-    if (!downloadUrlValidation.isValid) {
-      return NextResponse.json(
-        { success: false, error: downloadUrlValidation.error },
-        { status: 400 }
-      )
-    }
-
-    const downloadResponse = await secureFetchWithPinnedIP(
-      downloadUrl,
-      downloadUrlValidation.resolvedIP!,
-      {
-        headers: { Authorization: authHeader },
-      }
-    )
-
-    if (!downloadResponse.ok) {
-      const downloadError = (await downloadResponse.json().catch(() => ({}))) as GraphApiError
-      logger.error(`[${requestId}] Failed to download file`, {
-        status: downloadResponse.status,
-        error: downloadError,
-      })
-      return NextResponse.json(
-        { success: false, error: downloadError.error?.message || 'Failed to download file' },
-        { status: 400 }
-      )
-    }
-
-    const arrayBuffer = await downloadResponse.arrayBuffer()
-    const fileBuffer = Buffer.from(arrayBuffer)
-
-    const resolvedName = fileName || metadata.name || 'download'
-
-    logger.info(`[${requestId}] File downloaded successfully`, {
-      fileId,
-      name: resolvedName,
-      size: fileBuffer.length,
-      mimeType,
-    })
-
-    const base64Data = fileBuffer.toString('base64')
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        file: {
-          name: resolvedName,
-          mimeType,
-          data: base64Data,
-          size: fileBuffer.length,
-        },
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error downloading OneDrive file:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/onedrive/upload/route.ts

@@ -3,9 +3,8 @@ import { type NextRequest, NextResponse } from 'next/server'
 import * as XLSX from 'xlsx'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { secureFetchWithValidation } from '@/lib/core/security/input-validation.server'
+import { validateMicrosoftGraphId } from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
 import {
   getExtensionFromMimeType,
   processSingleFileToUserFile,
@@ -30,55 +29,12 @@ const ExcelValuesSchema = z.union([
 const OneDriveUploadSchema = z.object({
   accessToken: z.string().min(1, 'Access token is required'),
   fileName: z.string().min(1, 'File name is required'),
-  file: RawFileInputSchema.optional(),
+  file: z.any().optional(),
   folderId: z.string().optional().nullable(),
   mimeType: z.string().nullish(),
   values: ExcelValuesSchema.optional().nullable(),
-  conflictBehavior: z.enum(['fail', 'replace', 'rename']).optional().nullable(),
 })
 
-/** Microsoft Graph DriveItem response */
-interface OneDriveFileData {
-  id: string
-  name: string
-  size: number
-  webUrl: string
-  createdDateTime: string
-  lastModifiedDateTime: string
-  file?: { mimeType: string }
-  parentReference?: { id: string; path: string }
-  '@microsoft.graph.downloadUrl'?: string
-}
-
-/** Microsoft Graph Excel range response */
-interface ExcelRangeData {
-  address?: string
-  addressLocal?: string
-  values?: unknown[][]
-}
-
-/** Validates Microsoft Graph item IDs (alphanumeric with some special chars) */
-function validateMicrosoftGraphId(
-  id: string,
-  paramName: string
-): { isValid: boolean; error?: string } {
-  // Microsoft Graph IDs are typically alphanumeric, may include hyphens and exclamation marks
-  const validIdPattern = /^[a-zA-Z0-9!-]+$/
-  if (!validIdPattern.test(id)) {
-    return {
-      isValid: false,
-      error: `Invalid ${paramName}: contains invalid characters`,
-    }
-  }
-  if (id.length > 256) {
-    return {
-      isValid: false,
-      error: `Invalid ${paramName}: exceeds maximum length`,
-    }
-  }
-  return { isValid: true }
-}
-
 export async function POST(request: NextRequest) {
   const requestId = generateRequestId()
 
@@ -132,9 +88,25 @@ export async function POST(request: NextRequest) {
         )
       }
 
+      let fileToProcess
+      if (Array.isArray(rawFile)) {
+        if (rawFile.length === 0) {
+          return NextResponse.json(
+            {
+              success: false,
+              error: 'No file provided',
+            },
+            { status: 400 }
+          )
+        }
+        fileToProcess = rawFile[0]
+      } else {
+        fileToProcess = rawFile
+      }
+
       let userFile
       try {
-        userFile = processSingleFileToUserFile(rawFile, requestId, logger)
+        userFile = processSingleFileToUserFile(fileToProcess, requestId, logger)
       } catch (error) {
         return NextResponse.json(
           {
@@ -207,23 +179,14 @@ export async function POST(request: NextRequest) {
       uploadUrl = `${MICROSOFT_GRAPH_BASE}/me/drive/root:/${encodeURIComponent(fileName)}:/content`
     }
 
-    // Add conflict behavior if specified (defaults to replace by Microsoft Graph API)
-    if (validatedData.conflictBehavior) {
-      uploadUrl += `?@microsoft.graph.conflictBehavior=${validatedData.conflictBehavior}`
-    }
-
-    const uploadResponse = await secureFetchWithValidation(
-      uploadUrl,
-      {
-        method: 'PUT',
-        headers: {
-          Authorization: `Bearer ${validatedData.accessToken}`,
-          'Content-Type': mimeType,
-        },
-        body: fileBuffer,
+    const uploadResponse = await fetch(uploadUrl, {
+      method: 'PUT',
+      headers: {
+        Authorization: `Bearer ${validatedData.accessToken}`,
+        'Content-Type': mimeType,
       },
-      'uploadUrl'
-    )
+      body: new Uint8Array(fileBuffer),
+    })
 
     if (!uploadResponse.ok) {
       const errorText = await uploadResponse.text()
@@ -237,7 +200,7 @@ export async function POST(request: NextRequest) {
       )
     }
 
-    const fileData = (await uploadResponse.json()) as OneDriveFileData
+    const fileData = await uploadResponse.json()
 
     let excelWriteResult: any | undefined
     const shouldWriteExcelContent =
@@ -246,11 +209,8 @@ export async function POST(request: NextRequest) {
     if (shouldWriteExcelContent) {
       try {
         let workbookSessionId: string | undefined
-        const sessionUrl = `${MICROSOFT_GRAPH_BASE}/me/drive/items/${encodeURIComponent(
-          fileData.id
-        )}/workbook/createSession`
-        const sessionResp = await secureFetchWithValidation(
-          sessionUrl,
+        const sessionResp = await fetch(
+          `${MICROSOFT_GRAPH_BASE}/me/drive/items/${encodeURIComponent(fileData.id)}/workbook/createSession`,
           {
             method: 'POST',
             headers: {
@@ -258,12 +218,11 @@ export async function POST(request: NextRequest) {
               'Content-Type': 'application/json',
             },
             body: JSON.stringify({ persistChanges: true }),
-          },
-          'sessionUrl'
+          }
         )
 
         if (sessionResp.ok) {
-          const sessionData = (await sessionResp.json()) as { id?: string }
+          const sessionData = await sessionResp.json()
           workbookSessionId = sessionData?.id
         }
 
@@ -272,19 +231,14 @@ export async function POST(request: NextRequest) {
           const listUrl = `${MICROSOFT_GRAPH_BASE}/me/drive/items/${encodeURIComponent(
             fileData.id
           )}/workbook/worksheets?$select=name&$orderby=position&$top=1`
-          const listResp = await secureFetchWithValidation(
-            listUrl,
-            {
-              method: 'GET',
-              headers: {
-                Authorization: `Bearer ${validatedData.accessToken}`,
-                ...(workbookSessionId ? { 'workbook-session-id': workbookSessionId } : {}),
-              },
+          const listResp = await fetch(listUrl, {
+            headers: {
+              Authorization: `Bearer ${validatedData.accessToken}`,
+              ...(workbookSessionId ? { 'workbook-session-id': workbookSessionId } : {}),
             },
-            'listUrl'
-          )
+          })
           if (listResp.ok) {
-            const listData = (await listResp.json()) as { value?: Array<{ name?: string }> }
+            const listData = await listResp.json()
             const firstSheetName = listData?.value?.[0]?.name
             if (firstSheetName) {
               sheetName = firstSheetName
@@ -343,19 +297,15 @@ export async function POST(request: NextRequest) {
           )}')/range(address='${encodeURIComponent(computedRangeAddress)}')`
         )
 
-        const excelWriteResponse = await secureFetchWithValidation(
-          url.toString(),
-          {
-            method: 'PATCH',
-            headers: {
-              Authorization: `Bearer ${validatedData.accessToken}`,
-              'Content-Type': 'application/json',
-              ...(workbookSessionId ? { 'workbook-session-id': workbookSessionId } : {}),
-            },
-            body: JSON.stringify({ values: processedValues }),
+        const excelWriteResponse = await fetch(url.toString(), {
+          method: 'PATCH',
+          headers: {
+            Authorization: `Bearer ${validatedData.accessToken}`,
+            'Content-Type': 'application/json',
+            ...(workbookSessionId ? { 'workbook-session-id': workbookSessionId } : {}),
           },
-          'excelWriteUrl'
-        )
+          body: JSON.stringify({ values: processedValues }),
+        })
 
         if (!excelWriteResponse || !excelWriteResponse.ok) {
           const errorText = excelWriteResponse ? await excelWriteResponse.text() : 'no response'
@@ -370,7 +320,7 @@ export async function POST(request: NextRequest) {
             details: errorText,
           }
         } else {
-          const writeData = (await excelWriteResponse.json()) as ExcelRangeData
+          const writeData = await excelWriteResponse.json()
           const addr = writeData.address || writeData.addressLocal
           const v = writeData.values || []
           excelWriteResult = {
@@ -378,25 +328,21 @@ export async function POST(request: NextRequest) {
             updatedRange: addr,
             updatedRows: Array.isArray(v) ? v.length : undefined,
             updatedColumns: Array.isArray(v) && v[0] ? v[0].length : undefined,
-            updatedCells: Array.isArray(v) && v[0] ? v.length * v[0].length : undefined,
+            updatedCells: Array.isArray(v) && v[0] ? v.length * (v[0] as any[]).length : undefined,
           }
         }
 
         if (workbookSessionId) {
           try {
-            const closeUrl = `${MICROSOFT_GRAPH_BASE}/me/drive/items/${encodeURIComponent(
-              fileData.id
-            )}/workbook/closeSession`
-            const closeResp = await secureFetchWithValidation(
-              closeUrl,
+            const closeResp = await fetch(
+              `${MICROSOFT_GRAPH_BASE}/me/drive/items/${encodeURIComponent(fileData.id)}/workbook/closeSession`,
               {
                 method: 'POST',
                 headers: {
                   Authorization: `Bearer ${validatedData.accessToken}`,
                   'workbook-session-id': workbookSessionId,
                 },
-              },
-              'closeSessionUrl'
+              }
             )
             if (!closeResp.ok) {
               const closeText = await closeResp.text()

apps/sim/app/api/tools/outlook/draft/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -19,7 +18,7 @@ const OutlookDraftSchema = z.object({
   contentType: z.enum(['text', 'html']).optional().nullable(),
   cc: z.string().optional().nullable(),
   bcc: z.string().optional().nullable(),
-  attachments: RawFileInputArraySchema.optional().nullable(),
+  attachments: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {

apps/sim/app/api/tools/outlook/send/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -21,7 +20,7 @@ const OutlookSendSchema = z.object({
   bcc: z.string().optional().nullable(),
   replyToMessageId: z.string().optional().nullable(),
   conversationId: z.string().optional().nullable(),
-  attachments: RawFileInputArraySchema.optional().nullable(),
+  attachments: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {
@@ -96,14 +95,14 @@ export async function POST(request: NextRequest) {
 
       if (attachments.length > 0) {
         const totalSize = attachments.reduce((sum, file) => sum + file.size, 0)
-        const maxSize = 3 * 1024 * 1024 // 3MB - Microsoft Graph API limit for inline attachments
+        const maxSize = 4 * 1024 * 1024 // 4MB
 
         if (totalSize > maxSize) {
           const sizeMB = (totalSize / (1024 * 1024)).toFixed(2)
           return NextResponse.json(
             {
               success: false,
-              error: `Total attachment size (${sizeMB}MB) exceeds Microsoft Graph API limit of 3MB per request`,
+              error: `Total attachment size (${sizeMB}MB) exceeds Outlook's limit of 4MB per request`,
             },
             { status: 400 }
           )

apps/sim/app/api/tools/pipedrive/get-files/route.ts

@@ -1,165 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { getFileExtension, getMimeTypeFromExtension } from '@/lib/uploads/utils/file-utils'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('PipedriveGetFilesAPI')
-
-interface PipedriveFile {
-  id?: number
-  name?: string
-  url?: string
-}
-
-interface PipedriveApiResponse {
-  success: boolean
-  data?: PipedriveFile[]
-  error?: string
-}
-
-const PipedriveGetFilesSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  deal_id: z.string().optional().nullable(),
-  person_id: z.string().optional().nullable(),
-  org_id: z.string().optional().nullable(),
-  limit: z.string().optional().nullable(),
-  downloadFiles: z.boolean().optional().default(false),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Pipedrive get files attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = PipedriveGetFilesSchema.parse(body)
-
-    const { accessToken, deal_id, person_id, org_id, limit, downloadFiles } = validatedData
-
-    const baseUrl = 'https://api.pipedrive.com/v1/files'
-    const queryParams = new URLSearchParams()
-
-    if (deal_id) queryParams.append('deal_id', deal_id)
-    if (person_id) queryParams.append('person_id', person_id)
-    if (org_id) queryParams.append('org_id', org_id)
-    if (limit) queryParams.append('limit', limit)
-
-    const queryString = queryParams.toString()
-    const apiUrl = queryString ? `${baseUrl}?${queryString}` : baseUrl
-
-    logger.info(`[${requestId}] Fetching files from Pipedrive`, { deal_id, person_id, org_id })
-
-    const urlValidation = await validateUrlWithDNS(apiUrl, 'apiUrl')
-    if (!urlValidation.isValid) {
-      return NextResponse.json({ success: false, error: urlValidation.error }, { status: 400 })
-    }
-
-    const response = await secureFetchWithPinnedIP(apiUrl, urlValidation.resolvedIP!, {
-      method: 'GET',
-      headers: {
-        Authorization: `Bearer ${accessToken}`,
-        Accept: 'application/json',
-      },
-    })
-
-    const data = (await response.json()) as PipedriveApiResponse
-
-    if (!data.success) {
-      logger.error(`[${requestId}] Pipedrive API request failed`, { data })
-      return NextResponse.json(
-        { success: false, error: data.error || 'Failed to fetch files from Pipedrive' },
-        { status: 400 }
-      )
-    }
-
-    const files = data.data || []
-    const downloadedFiles: Array<{
-      name: string
-      mimeType: string
-      data: string
-      size: number
-    }> = []
-
-    if (downloadFiles) {
-      for (const file of files) {
-        if (!file?.url) continue
-
-        try {
-          const fileUrlValidation = await validateUrlWithDNS(file.url, 'fileUrl')
-          if (!fileUrlValidation.isValid) continue
-
-          const downloadResponse = await secureFetchWithPinnedIP(
-            file.url,
-            fileUrlValidation.resolvedIP!,
-            {
-              method: 'GET',
-              headers: { Authorization: `Bearer ${accessToken}` },
-            }
-          )
-
-          if (!downloadResponse.ok) continue
-
-          const arrayBuffer = await downloadResponse.arrayBuffer()
-          const buffer = Buffer.from(arrayBuffer)
-          const extension = getFileExtension(file.name || '')
-          const mimeType =
-            downloadResponse.headers.get('content-type') || getMimeTypeFromExtension(extension)
-          const fileName = file.name || `pipedrive-file-${file.id || Date.now()}`
-
-          downloadedFiles.push({
-            name: fileName,
-            mimeType,
-            data: buffer.toString('base64'),
-            size: buffer.length,
-          })
-        } catch (error) {
-          logger.warn(`[${requestId}] Failed to download file ${file.id}:`, error)
-        }
-      }
-    }
-
-    logger.info(`[${requestId}] Pipedrive files fetched successfully`, {
-      fileCount: files.length,
-      downloadedCount: downloadedFiles.length,
-    })
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        files,
-        downloadedFiles: downloadedFiles.length > 0 ? downloadedFiles : undefined,
-        total_items: files.length,
-        success: true,
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error fetching Pipedrive files:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/pulse/parse/route.ts

@@ -2,14 +2,15 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
-import { isInternalFileUrl } from '@/lib/uploads/utils/file-utils'
-import { resolveFileInputToUrl } from '@/lib/uploads/utils/file-utils.server'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+import { StorageService } from '@/lib/uploads'
+import {
+  extractStorageKey,
+  inferContextFromKey,
+  isInternalFileUrl,
+} from '@/lib/uploads/utils/file-utils'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 
 export const dynamic = 'force-dynamic'
 
@@ -17,8 +18,7 @@ const logger = createLogger('PulseParseAPI')
 
 const PulseParseSchema = z.object({
   apiKey: z.string().min(1, 'API key is required'),
-  filePath: z.string().optional(),
-  file: RawFileInputSchema.optional(),
+  filePath: z.string().min(1, 'File path is required'),
   pages: z.string().optional(),
   extractFigure: z.boolean().optional(),
   figureDescription: z.boolean().optional(),
@@ -51,30 +51,50 @@ export async function POST(request: NextRequest) {
     const validatedData = PulseParseSchema.parse(body)
 
     logger.info(`[${requestId}] Pulse parse request`, {
-      fileName: validatedData.file?.name,
       filePath: validatedData.filePath,
-      isWorkspaceFile: validatedData.filePath ? isInternalFileUrl(validatedData.filePath) : false,
+      isWorkspaceFile: isInternalFileUrl(validatedData.filePath),
       userId,
     })
 
-    const resolution = await resolveFileInputToUrl({
-      file: validatedData.file,
-      filePath: validatedData.filePath,
-      userId,
-      requestId,
-      logger,
-    })
+    let fileUrl = validatedData.filePath
 
-    if (resolution.error) {
-      return NextResponse.json(
-        { success: false, error: resolution.error.message },
-        { status: resolution.error.status }
-      )
-    }
+    if (isInternalFileUrl(validatedData.filePath)) {
+      try {
+        const storageKey = extractStorageKey(validatedData.filePath)
+        const context = inferContextFromKey(storageKey)
 
-    const fileUrl = resolution.fileUrl
-    if (!fileUrl) {
-      return NextResponse.json({ success: false, error: 'File input is required' }, { status: 400 })
+        const hasAccess = await verifyFileAccess(storageKey, userId, undefined, context, false)
+
+        if (!hasAccess) {
+          logger.warn(`[${requestId}] Unauthorized presigned URL generation attempt`, {
+            userId,
+            key: storageKey,
+            context,
+          })
+          return NextResponse.json(
+            {
+              success: false,
+              error: 'File not found',
+            },
+            { status: 404 }
+          )
+        }
+
+        fileUrl = await StorageService.generatePresignedDownloadUrl(storageKey, context, 5 * 60)
+        logger.info(`[${requestId}] Generated presigned URL for ${context} file`)
+      } catch (error) {
+        logger.error(`[${requestId}] Failed to generate presigned URL:`, error)
+        return NextResponse.json(
+          {
+            success: false,
+            error: 'Failed to generate file access URL',
+          },
+          { status: 500 }
+        )
+      }
+    } else if (validatedData.filePath?.startsWith('/')) {
+      const baseUrl = getBaseUrl()
+      fileUrl = `${baseUrl}${validatedData.filePath}`
     }
 
     const formData = new FormData()
@@ -99,36 +119,13 @@ export async function POST(request: NextRequest) {
       formData.append('chunk_size', String(validatedData.chunkSize))
     }
 
-    const pulseEndpoint = 'https://api.runpulse.com/extract'
-    const pulseValidation = await validateUrlWithDNS(pulseEndpoint, 'Pulse API URL')
-    if (!pulseValidation.isValid) {
-      logger.error(`[${requestId}] Pulse API URL validation failed`, {
-        error: pulseValidation.error,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'Failed to reach Pulse API',
-        },
-        { status: 502 }
-      )
-    }
-
-    const pulsePayload = new Response(formData)
-    const contentType = pulsePayload.headers.get('content-type') || 'multipart/form-data'
-    const bodyBuffer = Buffer.from(await pulsePayload.arrayBuffer())
-    const pulseResponse = await secureFetchWithPinnedIP(
-      pulseEndpoint,
-      pulseValidation.resolvedIP!,
-      {
-        method: 'POST',
-        headers: {
-          'x-api-key': validatedData.apiKey,
-          'Content-Type': contentType,
-        },
-        body: bodyBuffer,
-      }
-    )
+    const pulseResponse = await fetch('https://api.runpulse.com/extract', {
+      method: 'POST',
+      headers: {
+        'x-api-key': validatedData.apiKey,
+      },
+      body: formData,
+    })
 
     if (!pulseResponse.ok) {
       const errorText = await pulseResponse.text()

apps/sim/app/api/tools/reducto/parse/route.ts

@@ -2,14 +2,15 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
-import { isInternalFileUrl } from '@/lib/uploads/utils/file-utils'
-import { resolveFileInputToUrl } from '@/lib/uploads/utils/file-utils.server'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+import { StorageService } from '@/lib/uploads'
+import {
+  extractStorageKey,
+  inferContextFromKey,
+  isInternalFileUrl,
+} from '@/lib/uploads/utils/file-utils'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 
 export const dynamic = 'force-dynamic'
 
@@ -17,8 +18,7 @@ const logger = createLogger('ReductoParseAPI')
 
 const ReductoParseSchema = z.object({
   apiKey: z.string().min(1, 'API key is required'),
-  filePath: z.string().optional(),
-  file: RawFileInputSchema.optional(),
+  filePath: z.string().min(1, 'File path is required'),
   pages: z.array(z.number()).optional(),
   tableOutputFormat: z.enum(['html', 'md']).optional(),
 })
@@ -47,30 +47,56 @@ export async function POST(request: NextRequest) {
     const validatedData = ReductoParseSchema.parse(body)
 
     logger.info(`[${requestId}] Reducto parse request`, {
-      fileName: validatedData.file?.name,
       filePath: validatedData.filePath,
-      isWorkspaceFile: validatedData.filePath ? isInternalFileUrl(validatedData.filePath) : false,
+      isWorkspaceFile: isInternalFileUrl(validatedData.filePath),
       userId,
     })
 
-    const resolution = await resolveFileInputToUrl({
-      file: validatedData.file,
-      filePath: validatedData.filePath,
-      userId,
-      requestId,
-      logger,
-    })
+    let fileUrl = validatedData.filePath
 
-    if (resolution.error) {
-      return NextResponse.json(
-        { success: false, error: resolution.error.message },
-        { status: resolution.error.status }
-      )
-    }
+    if (isInternalFileUrl(validatedData.filePath)) {
+      try {
+        const storageKey = extractStorageKey(validatedData.filePath)
+        const context = inferContextFromKey(storageKey)
 
-    const fileUrl = resolution.fileUrl
-    if (!fileUrl) {
-      return NextResponse.json({ success: false, error: 'File input is required' }, { status: 400 })
+        const hasAccess = await verifyFileAccess(
+          storageKey,
+          userId,
+          undefined, // customConfig
+          context, // context
+          false // isLocal
+        )
+
+        if (!hasAccess) {
+          logger.warn(`[${requestId}] Unauthorized presigned URL generation attempt`, {
+            userId,
+            key: storageKey,
+            context,
+          })
+          return NextResponse.json(
+            {
+              success: false,
+              error: 'File not found',
+            },
+            { status: 404 }
+          )
+        }
+
+        fileUrl = await StorageService.generatePresignedDownloadUrl(storageKey, context, 5 * 60)
+        logger.info(`[${requestId}] Generated presigned URL for ${context} file`)
+      } catch (error) {
+        logger.error(`[${requestId}] Failed to generate presigned URL:`, error)
+        return NextResponse.json(
+          {
+            success: false,
+            error: 'Failed to generate file access URL',
+          },
+          { status: 500 }
+        )
+      }
+    } else if (validatedData.filePath?.startsWith('/')) {
+      const baseUrl = getBaseUrl()
+      fileUrl = `${baseUrl}${validatedData.filePath}`
     }
 
     const reductoBody: Record<string, unknown> = {
@@ -78,13 +104,8 @@ export async function POST(request: NextRequest) {
     }
 
     if (validatedData.pages && validatedData.pages.length > 0) {
-      // Reducto API expects page_range as an object with start/end, not an array
-      const pages = validatedData.pages
       reductoBody.settings = {
-        page_range: {
-          start: Math.min(...pages),
-          end: Math.max(...pages),
-        },
+        page_range: validatedData.pages,
       }
     }
 
@@ -94,34 +115,15 @@ export async function POST(request: NextRequest) {
       }
     }
 
-    const reductoEndpoint = 'https://platform.reducto.ai/parse'
-    const reductoValidation = await validateUrlWithDNS(reductoEndpoint, 'Reducto API URL')
-    if (!reductoValidation.isValid) {
-      logger.error(`[${requestId}] Reducto API URL validation failed`, {
-        error: reductoValidation.error,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'Failed to reach Reducto API',
-        },
-        { status: 502 }
-      )
-    }
-
-    const reductoResponse = await secureFetchWithPinnedIP(
-      reductoEndpoint,
-      reductoValidation.resolvedIP!,
-      {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          Accept: 'application/json',
-          Authorization: `Bearer ${validatedData.apiKey}`,
-        },
-        body: JSON.stringify(reductoBody),
-      }
-    )
+    const reductoResponse = await fetch('https://platform.reducto.ai/parse', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Accept: 'application/json',
+        Authorization: `Bearer ${validatedData.apiKey}`,
+      },
+      body: JSON.stringify(reductoBody),
+    })
 
     if (!reductoResponse.ok) {
       const errorText = await reductoResponse.text()

apps/sim/app/api/tools/s3/put-object/route.ts

@@ -4,7 +4,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
 import { processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -18,7 +17,7 @@ const S3PutObjectSchema = z.object({
   region: z.string().min(1, 'Region is required'),
   bucketName: z.string().min(1, 'Bucket name is required'),
   objectKey: z.string().min(1, 'Object key is required'),
-  file: RawFileInputSchema.optional().nullable(),
+  file: z.any().optional().nullable(),
   content: z.string().optional().nullable(),
   contentType: z.string().optional().nullable(),
   acl: z.string().optional().nullable(),

apps/sim/app/api/tools/sftp/download/route.ts

@@ -4,7 +4,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { getFileExtension, getMimeTypeFromExtension } from '@/lib/uploads/utils/file-utils'
 import { createSftpConnection, getSftp, isPathSafe, sanitizePath } from '@/app/api/tools/sftp/utils'
 
 export const dynamic = 'force-dynamic'
@@ -112,8 +111,6 @@ export async function POST(request: NextRequest) {
 
       const buffer = Buffer.concat(chunks)
       const fileName = path.basename(remotePath)
-      const extension = getFileExtension(fileName)
-      const mimeType = getMimeTypeFromExtension(extension)
 
       let content: string
       if (params.encoding === 'base64') {
@@ -127,12 +124,6 @@ export async function POST(request: NextRequest) {
       return NextResponse.json({
         success: true,
         fileName,
-        file: {
-          name: fileName,
-          mimeType,
-          data: buffer.toString('base64'),
-          size: buffer.length,
-        },
         content,
         size: buffer.length,
         encoding: params.encoding,

apps/sim/app/api/tools/sftp/upload/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import {
@@ -27,7 +26,14 @@ const UploadSchema = z.object({
   privateKey: z.string().nullish(),
   passphrase: z.string().nullish(),
   remotePath: z.string().min(1, 'Remote path is required'),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z
+    .union([z.array(z.any()), z.string(), z.number(), z.null(), z.undefined()])
+    .transform((val) => {
+      if (Array.isArray(val)) return val
+      if (val === null || val === undefined || val === '') return undefined
+      return undefined
+    })
+    .nullish(),
   fileContent: z.string().nullish(),
   fileName: z.string().nullish(),
   overwrite: z.boolean().default(true),

apps/sim/app/api/tools/sharepoint/upload/route.ts

@@ -2,9 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { secureFetchWithValidation } from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -18,7 +16,7 @@ const SharepointUploadSchema = z.object({
   driveId: z.string().optional().nullable(),
   folderPath: z.string().optional().nullable(),
   fileName: z.string().optional().nullable(),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {
@@ -81,23 +79,18 @@ export async function POST(request: NextRequest) {
     let effectiveDriveId = validatedData.driveId
     if (!effectiveDriveId) {
       logger.info(`[${requestId}] No driveId provided, fetching default drive for site`)
-      const driveUrl = `https://graph.microsoft.com/v1.0/sites/${validatedData.siteId}/drive`
-      const driveResponse = await secureFetchWithValidation(
-        driveUrl,
+      const driveResponse = await fetch(
+        `https://graph.microsoft.com/v1.0/sites/${validatedData.siteId}/drive`,
         {
-          method: 'GET',
           headers: {
             Authorization: `Bearer ${validatedData.accessToken}`,
             Accept: 'application/json',
           },
-        },
-        'driveUrl'
+        }
       )
 
       if (!driveResponse.ok) {
-        const errorData = (await driveResponse.json().catch(() => ({}))) as {
-          error?: { message?: string }
-        }
+        const errorData = await driveResponse.json().catch(() => ({}))
         logger.error(`[${requestId}] Failed to get default drive:`, errorData)
         return NextResponse.json(
           {
@@ -108,7 +101,7 @@ export async function POST(request: NextRequest) {
         )
       }
 
-      const driveData = (await driveResponse.json()) as { id: string }
+      const driveData = await driveResponse.json()
       effectiveDriveId = driveData.id
       logger.info(`[${requestId}] Using default drive: ${effectiveDriveId}`)
     }
@@ -152,94 +145,34 @@ export async function POST(request: NextRequest) {
 
       logger.info(`[${requestId}] Uploading to: ${uploadUrl}`)
 
-      const uploadResponse = await secureFetchWithValidation(
-        uploadUrl,
-        {
-          method: 'PUT',
-          headers: {
-            Authorization: `Bearer ${validatedData.accessToken}`,
-            'Content-Type': userFile.type || 'application/octet-stream',
-          },
-          body: buffer,
+      const uploadResponse = await fetch(uploadUrl, {
+        method: 'PUT',
+        headers: {
+          Authorization: `Bearer ${validatedData.accessToken}`,
+          'Content-Type': userFile.type || 'application/octet-stream',
         },
-        'uploadUrl'
-      )
+        body: new Uint8Array(buffer),
+      })
 
       if (!uploadResponse.ok) {
         const errorData = await uploadResponse.json().catch(() => ({}))
         logger.error(`[${requestId}] Failed to upload file ${fileName}:`, errorData)
 
         if (uploadResponse.status === 409) {
-          // File exists - retry with conflict behavior set to replace
-          logger.warn(`[${requestId}] File ${fileName} already exists, retrying with replace`)
-          const replaceUrl = `${uploadUrl}?@microsoft.graph.conflictBehavior=replace`
-          const replaceResponse = await secureFetchWithValidation(
-            replaceUrl,
-            {
-              method: 'PUT',
-              headers: {
-                Authorization: `Bearer ${validatedData.accessToken}`,
-                'Content-Type': userFile.type || 'application/octet-stream',
-              },
-              body: buffer,
-            },
-            'replaceUrl'
-          )
-
-          if (!replaceResponse.ok) {
-            const replaceErrorData = (await replaceResponse.json().catch(() => ({}))) as {
-              error?: { message?: string }
-            }
-            logger.error(`[${requestId}] Failed to replace file ${fileName}:`, replaceErrorData)
-            return NextResponse.json(
-              {
-                success: false,
-                error: replaceErrorData.error?.message || `Failed to replace file: ${fileName}`,
-              },
-              { status: replaceResponse.status }
-            )
-          }
-
-          const replaceData = (await replaceResponse.json()) as {
-            id: string
-            name: string
-            webUrl: string
-            size: number
-            createdDateTime: string
-            lastModifiedDateTime: string
-          }
-          logger.info(`[${requestId}] File replaced successfully: ${fileName}`)
-
-          uploadedFiles.push({
-            id: replaceData.id,
-            name: replaceData.name,
-            webUrl: replaceData.webUrl,
-            size: replaceData.size,
-            createdDateTime: replaceData.createdDateTime,
-            lastModifiedDateTime: replaceData.lastModifiedDateTime,
-          })
+          logger.warn(`[${requestId}] File ${fileName} already exists, attempting to replace`)
           continue
         }
 
         return NextResponse.json(
           {
             success: false,
-            error:
-              (errorData as { error?: { message?: string } }).error?.message ||
-              `Failed to upload file: ${fileName}`,
+            error: errorData.error?.message || `Failed to upload file: ${fileName}`,
           },
           { status: uploadResponse.status }
         )
       }
 
-      const uploadData = (await uploadResponse.json()) as {
-        id: string
-        name: string
-        webUrl: string
-        size: number
-        createdDateTime: string
-        lastModifiedDateTime: string
-      }
+      const uploadData = await uploadResponse.json()
       logger.info(`[${requestId}] File uploaded successfully: ${fileName}`)
 
       uploadedFiles.push({

apps/sim/app/api/tools/slack/download/route.ts

@@ -1,170 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('SlackDownloadAPI')
-
-const SlackDownloadSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  fileId: z.string().min(1, 'File ID is required'),
-  fileName: z.string().optional().nullable(),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Slack download attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    logger.info(`[${requestId}] Authenticated Slack download request via ${authResult.authType}`, {
-      userId: authResult.userId,
-    })
-
-    const body = await request.json()
-    const validatedData = SlackDownloadSchema.parse(body)
-
-    const { accessToken, fileId, fileName } = validatedData
-
-    logger.info(`[${requestId}] Getting file info from Slack`, { fileId })
-
-    const infoResponse = await fetch(`https://slack.com/api/files.info?file=${fileId}`, {
-      method: 'GET',
-      headers: {
-        Authorization: `Bearer ${accessToken}`,
-      },
-    })
-
-    if (!infoResponse.ok) {
-      const errorDetails = await infoResponse.json().catch(() => ({}))
-      logger.error(`[${requestId}] Failed to get file info from Slack`, {
-        status: infoResponse.status,
-        statusText: infoResponse.statusText,
-        error: errorDetails,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: errorDetails.error || 'Failed to get file info',
-        },
-        { status: 400 }
-      )
-    }
-
-    const data = await infoResponse.json()
-
-    if (!data.ok) {
-      logger.error(`[${requestId}] Slack API returned error`, { error: data.error })
-      return NextResponse.json(
-        {
-          success: false,
-          error: data.error || 'Slack API error',
-        },
-        { status: 400 }
-      )
-    }
-
-    const file = data.file
-    const resolvedFileName = fileName || file.name || 'download'
-    const mimeType = file.mimetype || 'application/octet-stream'
-    const urlPrivate = file.url_private
-
-    if (!urlPrivate) {
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'File does not have a download URL',
-        },
-        { status: 400 }
-      )
-    }
-
-    const urlValidation = await validateUrlWithDNS(urlPrivate, 'urlPrivate')
-    if (!urlValidation.isValid) {
-      return NextResponse.json(
-        {
-          success: false,
-          error: urlValidation.error,
-        },
-        { status: 400 }
-      )
-    }
-
-    logger.info(`[${requestId}] Downloading file from Slack`, {
-      fileId,
-      fileName: resolvedFileName,
-      mimeType,
-    })
-
-    const downloadResponse = await secureFetchWithPinnedIP(urlPrivate, urlValidation.resolvedIP!, {
-      headers: {
-        Authorization: `Bearer ${accessToken}`,
-      },
-    })
-
-    if (!downloadResponse.ok) {
-      logger.error(`[${requestId}] Failed to download file content`, {
-        status: downloadResponse.status,
-        statusText: downloadResponse.statusText,
-      })
-      return NextResponse.json(
-        {
-          success: false,
-          error: 'Failed to download file content',
-        },
-        { status: 400 }
-      )
-    }
-
-    const arrayBuffer = await downloadResponse.arrayBuffer()
-    const fileBuffer = Buffer.from(arrayBuffer)
-
-    logger.info(`[${requestId}] File downloaded successfully`, {
-      fileId,
-      name: resolvedFileName,
-      size: fileBuffer.length,
-      mimeType,
-    })
-
-    const base64Data = fileBuffer.toString('base64')
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        file: {
-          name: resolvedFileName,
-          mimeType,
-          data: base64Data,
-          size: fileBuffer.length,
-        },
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error downloading Slack file:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/slack/send-message/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { sendSlackMessage } from '../utils'
 
 export const dynamic = 'force-dynamic'
@@ -17,7 +16,7 @@ const SlackSendMessageSchema = z
     userId: z.string().optional().nullable(),
     text: z.string().min(1, 'Message text is required'),
     thread_ts: z.string().optional().nullable(),
-    files: RawFileInputArraySchema.optional().nullable(),
+    files: z.array(z.any()).optional().nullable(),
   })
   .refine((data) => data.channel || data.userId, {
     message: 'Either channel or userId is required',

apps/sim/app/api/tools/slack/utils.ts

@@ -1,8 +1,6 @@
 import type { Logger } from '@sim/logger'
-import { secureFetchWithValidation } from '@/lib/core/security/input-validation.server'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
-import type { ToolFileData } from '@/tools/types'
 
 /**
  * Sends a message to a Slack channel using chat.postMessage
@@ -72,21 +70,14 @@ export async function uploadFilesToSlack(
   accessToken: string,
   requestId: string,
   logger: Logger
-): Promise<{ fileIds: string[]; files: ToolFileData[] }> {
+): Promise<string[]> {
   const userFiles = processFilesToUserFiles(files, requestId, logger)
   const uploadedFileIds: string[] = []
-  const uploadedFiles: ToolFileData[] = []
 
   for (const userFile of userFiles) {
     logger.info(`[${requestId}] Uploading file: ${userFile.name}`)
 
     const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-    uploadedFiles.push({
-      name: userFile.name,
-      mimeType: userFile.type || 'application/octet-stream',
-      data: buffer.toString('base64'),
-      size: buffer.length,
-    })
 
     const getUrlResponse = await fetch('https://slack.com/api/files.getUploadURLExternal', {
       method: 'POST',
@@ -109,14 +100,10 @@ export async function uploadFilesToSlack(
 
     logger.info(`[${requestId}] Got upload URL for ${userFile.name}, file_id: ${urlData.file_id}`)
 
-    const uploadResponse = await secureFetchWithValidation(
-      urlData.upload_url,
-      {
-        method: 'POST',
-        body: buffer,
-      },
-      'uploadUrl'
-    )
+    const uploadResponse = await fetch(urlData.upload_url, {
+      method: 'POST',
+      body: new Uint8Array(buffer),
+    })
 
     if (!uploadResponse.ok) {
       logger.error(`[${requestId}] Failed to upload file data: ${uploadResponse.status}`)
@@ -127,7 +114,7 @@ export async function uploadFilesToSlack(
     uploadedFileIds.push(urlData.file_id)
   }
 
-  return { fileIds: uploadedFileIds, files: uploadedFiles }
+  return uploadedFileIds
 }
 
 /**
@@ -137,8 +124,7 @@ export async function completeSlackFileUpload(
   uploadedFileIds: string[],
   channel: string,
   text: string,
-  accessToken: string,
-  threadTs?: string | null
+  accessToken: string
 ): Promise<{ ok: boolean; files?: any[]; error?: string }> {
   const response = await fetch('https://slack.com/api/files.completeUploadExternal', {
     method: 'POST',
@@ -150,7 +136,6 @@ export async function completeSlackFileUpload(
       files: uploadedFileIds.map((id) => ({ id })),
       channel_id: channel,
       initial_comment: text,
-      ...(threadTs && { thread_ts: threadTs }),
     }),
   })
 
@@ -232,13 +217,7 @@ export async function sendSlackMessage(
   logger: Logger
 ): Promise<{
   success: boolean
-  output?: {
-    message: any
-    ts: string
-    channel: string
-    fileCount?: number
-    files?: ToolFileData[]
-  }
+  output?: { message: any; ts: string; channel: string; fileCount?: number }
   error?: string
 }> {
   const { accessToken, text, threadTs, files } = params
@@ -270,15 +249,10 @@ export async function sendSlackMessage(
 
   // Process files
   logger.info(`[${requestId}] Processing ${files.length} file(s)`)
-  const { fileIds, files: uploadedFiles } = await uploadFilesToSlack(
-    files,
-    accessToken,
-    requestId,
-    logger
-  )
+  const uploadedFileIds = await uploadFilesToSlack(files, accessToken, requestId, logger)
 
   // No valid files uploaded - send text-only
-  if (fileIds.length === 0) {
+  if (uploadedFileIds.length === 0) {
     logger.warn(`[${requestId}] No valid files to upload, sending text-only message`)
 
     const data = await postSlackMessage(accessToken, channel, text, threadTs)
@@ -290,8 +264,8 @@ export async function sendSlackMessage(
     return { success: true, output: formatMessageSuccessResponse(data, text) }
   }
 
-  // Complete file upload with thread support
-  const completeData = await completeSlackFileUpload(fileIds, channel, text, accessToken, threadTs)
+  // Complete file upload
+  const completeData = await completeSlackFileUpload(uploadedFileIds, channel, text, accessToken)
 
   if (!completeData.ok) {
     logger.error(`[${requestId}] Failed to complete upload:`, completeData.error)
@@ -308,8 +282,7 @@ export async function sendSlackMessage(
       message: fileMessage,
       ts: fileMessage.ts,
       channel,
-      fileCount: fileIds.length,
-      files: uploadedFiles,
+      fileCount: uploadedFileIds.length,
     },
   }
 }

apps/sim/app/api/tools/smtp/send/route.ts

@@ -4,7 +4,6 @@ import nodemailer from 'nodemailer'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -29,7 +28,7 @@ const SmtpSendSchema = z.object({
   cc: z.string().optional().nullable(),
   bcc: z.string().optional().nullable(),
   replyTo: z.string().optional().nullable(),
-  attachments: RawFileInputArraySchema.optional().nullable(),
+  attachments: z.array(z.any()).optional().nullable(),
 })
 
 export async function POST(request: NextRequest) {

apps/sim/app/api/tools/ssh/download-file/route.ts

@@ -5,7 +5,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import type { Client, SFTPWrapper } from 'ssh2'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { getFileExtension, getMimeTypeFromExtension } from '@/lib/uploads/utils/file-utils'
 import { createSSHConnection, sanitizePath } from '@/app/api/tools/ssh/utils'
 
 const logger = createLogger('SSHDownloadFileAPI')
@@ -80,16 +79,6 @@ export async function POST(request: NextRequest) {
         })
       })
 
-      // Check file size limit (50MB to prevent memory exhaustion)
-      const maxSize = 50 * 1024 * 1024
-      if (stats.size > maxSize) {
-        const sizeMB = (stats.size / (1024 * 1024)).toFixed(2)
-        return NextResponse.json(
-          { error: `File size (${sizeMB}MB) exceeds download limit of 50MB` },
-          { status: 400 }
-        )
-      }
-
       // Read file content
       const content = await new Promise<Buffer>((resolve, reject) => {
         const chunks: Buffer[] = []
@@ -107,8 +96,6 @@ export async function POST(request: NextRequest) {
       })
 
       const fileName = path.basename(remotePath)
-      const extension = getFileExtension(fileName)
-      const mimeType = getMimeTypeFromExtension(extension)
 
       // Encode content as base64 for binary safety
       const base64Content = content.toString('base64')
@@ -117,12 +104,6 @@ export async function POST(request: NextRequest) {
 
       return NextResponse.json({
         downloaded: true,
-        file: {
-          name: fileName,
-          mimeType,
-          data: base64Content,
-          size: stats.size,
-        },
         content: base64Content,
         fileName: fileName,
         remotePath: remotePath,

apps/sim/app/api/tools/stagehand/agent/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { env } from '@/lib/core/config/env'
-import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
 import { isSensitiveKey, REDACTED_MARKER } from '@/lib/core/security/redaction'
 import { ensureZodObject, normalizeUrl } from '@/app/api/tools/stagehand/utils'
 
@@ -124,10 +123,6 @@ export async function POST(request: NextRequest) {
     const variablesObject = processVariables(params.variables)
 
     const startUrl = normalizeUrl(rawStartUrl)
-    const urlValidation = await validateUrlWithDNS(startUrl, 'startUrl')
-    if (!urlValidation.isValid) {
-      return NextResponse.json({ error: urlValidation.error }, { status: 400 })
-    }
 
     logger.info('Starting Stagehand agent process', {
       rawStartUrl,

apps/sim/app/api/tools/stagehand/extract/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { env } from '@/lib/core/config/env'
-import { validateUrlWithDNS } from '@/lib/core/security/input-validation.server'
 import { ensureZodObject, normalizeUrl } from '@/app/api/tools/stagehand/utils'
 
 const logger = createLogger('StagehandExtractAPI')
@@ -52,10 +51,6 @@ export async function POST(request: NextRequest) {
     const params = validationResult.data
     const { url: rawUrl, instruction, selector, provider, apiKey, schema } = params
     const url = normalizeUrl(rawUrl)
-    const urlValidation = await validateUrlWithDNS(url, 'url')
-    if (!urlValidation.isValid) {
-      return NextResponse.json({ error: urlValidation.error }, { status: 400 })
-    }
 
     logger.info('Starting Stagehand extraction process', {
       rawUrl,

apps/sim/app/api/tools/stt/route.ts

@@ -2,15 +2,7 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { extractAudioFromVideo, isVideoFile } from '@/lib/audio/extractor'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { isInternalFileUrl } from '@/lib/uploads/utils/file-utils'
-import {
-  downloadFileFromStorage,
-  resolveInternalFileUrl,
-} from '@/lib/uploads/utils/file-utils.server'
+import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import type { UserFile } from '@/executor/types'
 import type { TranscriptSegment } from '@/tools/stt/types'
 
@@ -53,7 +45,6 @@ export async function POST(request: NextRequest) {
       return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
     }
 
-    const userId = authResult.userId
     const body: SttRequestBody = await request.json()
     const {
       provider,
@@ -81,9 +72,6 @@ export async function POST(request: NextRequest) {
     let audioMimeType: string
 
     if (body.audioFile) {
-      if (Array.isArray(body.audioFile) && body.audioFile.length !== 1) {
-        return NextResponse.json({ error: 'audioFile must be a single file' }, { status: 400 })
-      }
       const file = Array.isArray(body.audioFile) ? body.audioFile[0] : body.audioFile
       logger.info(`[${requestId}] Processing uploaded file: ${file.name}`)
 
@@ -91,12 +79,6 @@ export async function POST(request: NextRequest) {
       audioFileName = file.name
       audioMimeType = file.type
     } else if (body.audioFileReference) {
-      if (Array.isArray(body.audioFileReference) && body.audioFileReference.length !== 1) {
-        return NextResponse.json(
-          { error: 'audioFileReference must be a single file' },
-          { status: 400 }
-        )
-      }
       const file = Array.isArray(body.audioFileReference)
         ? body.audioFileReference[0]
         : body.audioFileReference
@@ -108,48 +90,14 @@ export async function POST(request: NextRequest) {
     } else if (body.audioUrl) {
       logger.info(`[${requestId}] Downloading from URL: ${body.audioUrl}`)
 
-      let audioUrl = body.audioUrl.trim()
-      if (audioUrl.startsWith('/') && !isInternalFileUrl(audioUrl)) {
-        return NextResponse.json(
-          {
-            error: 'Invalid file path. Only uploaded files are supported for internal paths.',
-          },
-          { status: 400 }
-        )
-      }
-
-      if (isInternalFileUrl(audioUrl)) {
-        if (!userId) {
-          return NextResponse.json(
-            { error: 'Authentication required for internal file access' },
-            { status: 401 }
-          )
-        }
-        const resolution = await resolveInternalFileUrl(audioUrl, userId, requestId, logger)
-        if (resolution.error) {
-          return NextResponse.json(
-            { error: resolution.error.message },
-            { status: resolution.error.status }
-          )
-        }
-        audioUrl = resolution.fileUrl || audioUrl
-      }
-
-      const urlValidation = await validateUrlWithDNS(audioUrl, 'audioUrl')
-      if (!urlValidation.isValid) {
-        return NextResponse.json({ error: urlValidation.error }, { status: 400 })
-      }
-
-      const response = await secureFetchWithPinnedIP(audioUrl, urlValidation.resolvedIP!, {
-        method: 'GET',
-      })
+      const response = await fetch(body.audioUrl)
       if (!response.ok) {
         throw new Error(`Failed to download audio from URL: ${response.statusText}`)
       }
 
       const arrayBuffer = await response.arrayBuffer()
       audioBuffer = Buffer.from(arrayBuffer)
-      audioFileName = audioUrl.split('/').pop() || 'audio_file'
+      audioFileName = body.audioUrl.split('/').pop() || 'audio_file'
       audioMimeType = response.headers.get('content-type') || 'audio/mpeg'
     } else {
       return NextResponse.json(
@@ -201,9 +149,7 @@ export async function POST(request: NextRequest) {
           translateToEnglish,
           model,
           body.prompt,
-          body.temperature,
-          audioMimeType,
-          audioFileName
+          body.temperature
         )
         transcript = result.transcript
         segments = result.segments
@@ -216,8 +162,7 @@ export async function POST(request: NextRequest) {
           language,
           timestamps,
           diarization,
-          model,
-          audioMimeType
+          model
         )
         transcript = result.transcript
         segments = result.segments
@@ -307,9 +252,7 @@ async function transcribeWithWhisper(
   translate?: boolean,
   model?: string,
   prompt?: string,
-  temperature?: number,
-  mimeType?: string,
-  fileName?: string
+  temperature?: number
 ): Promise<{
   transcript: string
   segments?: TranscriptSegment[]
@@ -318,11 +261,8 @@ async function transcribeWithWhisper(
 }> {
   const formData = new FormData()
 
-  // Use actual MIME type and filename if provided
-  const actualMimeType = mimeType || 'audio/mpeg'
-  const actualFileName = fileName || 'audio.mp3'
-  const blob = new Blob([new Uint8Array(audioBuffer)], { type: actualMimeType })
-  formData.append('file', blob, actualFileName)
+  const blob = new Blob([new Uint8Array(audioBuffer)], { type: 'audio/mpeg' })
+  formData.append('file', blob, 'audio.mp3')
   formData.append('model', model || 'whisper-1')
 
   if (language && language !== 'auto') {
@@ -339,11 +279,10 @@ async function transcribeWithWhisper(
 
   formData.append('response_format', 'verbose_json')
 
-  // OpenAI API uses array notation for timestamp_granularities
   if (timestamps === 'word') {
-    formData.append('timestamp_granularities[]', 'word')
+    formData.append('timestamp_granularities', 'word')
   } else if (timestamps === 'sentence') {
-    formData.append('timestamp_granularities[]', 'segment')
+    formData.append('timestamp_granularities', 'segment')
   }
 
   const endpoint = translate ? 'translations' : 'transcriptions'
@@ -386,8 +325,7 @@ async function transcribeWithDeepgram(
   language?: string,
   timestamps?: 'none' | 'sentence' | 'word',
   diarization?: boolean,
-  model?: string,
-  mimeType?: string
+  model?: string
 ): Promise<{
   transcript: string
   segments?: TranscriptSegment[]
@@ -419,7 +357,7 @@ async function transcribeWithDeepgram(
     method: 'POST',
     headers: {
       Authorization: `Token ${apiKey}`,
-      'Content-Type': mimeType || 'audio/mpeg',
+      'Content-Type': 'audio/mpeg',
     },
     body: new Uint8Array(audioBuffer),
   })
@@ -575,8 +513,7 @@ async function transcribeWithAssemblyAI(
     audio_url: upload_url,
   }
 
-  // AssemblyAI supports 'best', 'slam-1', or 'universal' for speech_model
-  if (model === 'best' || model === 'slam-1' || model === 'universal') {
+  if (model === 'best' || model === 'nano') {
     transcriptRequest.speech_model = model
   }
 

apps/sim/app/api/tools/supabase/storage-upload/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { FileInputSchema } from '@/lib/uploads/utils/file-schemas'
 import { processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
@@ -17,7 +16,7 @@ const SupabaseStorageUploadSchema = z.object({
   bucket: z.string().min(1, 'Bucket name is required'),
   fileName: z.string().min(1, 'File name is required'),
   path: z.string().optional().nullable(),
-  fileData: FileInputSchema,
+  fileData: z.any(),
   contentType: z.string().optional().nullable(),
   upsert: z.boolean().optional().default(false),
 })

apps/sim/app/api/tools/telegram/send-document/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputArraySchema } from '@/lib/uploads/utils/file-schemas'
 import { processFilesToUserFiles } from '@/lib/uploads/utils/file-utils'
 import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 import { convertMarkdownToHTML } from '@/tools/telegram/utils'
@@ -15,7 +14,7 @@ const logger = createLogger('TelegramSendDocumentAPI')
 const TelegramSendDocumentSchema = z.object({
   botToken: z.string().min(1, 'Bot token is required'),
   chatId: z.string().min(1, 'Chat ID is required'),
-  files: RawFileInputArraySchema.optional().nullable(),
+  files: z.array(z.any()).optional().nullable(),
   caption: z.string().optional().nullable(),
 })
 
@@ -94,14 +93,6 @@ export async function POST(request: NextRequest) {
     logger.info(`[${requestId}] Uploading document: ${userFile.name}`)
 
     const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-    const filesOutput = [
-      {
-        name: userFile.name,
-        mimeType: userFile.type || 'application/octet-stream',
-        data: buffer.toString('base64'),
-        size: buffer.length,
-      },
-    ]
 
     logger.info(`[${requestId}] Downloaded file: ${buffer.length} bytes`)
 
@@ -144,7 +135,6 @@ export async function POST(request: NextRequest) {
       output: {
         message: 'Document sent successfully',
         data: data.result,
-        files: filesOutput,
       },
     })
   } catch (error) {

apps/sim/app/api/tools/textract/parse/route.ts

@@ -3,18 +3,19 @@ import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import { validateAwsRegion, validateS3BucketName } from '@/lib/core/security/input-validation'
 import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
+  validateAwsRegion,
+  validateExternalUrl,
+  validateS3BucketName,
+} from '@/lib/core/security/input-validation'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
-import { isInternalFileUrl, processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
+import { StorageService } from '@/lib/uploads'
 import {
-  downloadFileFromStorage,
-  resolveInternalFileUrl,
-} from '@/lib/uploads/utils/file-utils.server'
+  extractStorageKey,
+  inferContextFromKey,
+  isInternalFileUrl,
+} from '@/lib/uploads/utils/file-utils'
+import { verifyFileAccess } from '@/app/api/files/authorization'
 
 export const dynamic = 'force-dynamic'
 export const maxDuration = 300 // 5 minutes for large multi-page PDF processing
@@ -34,7 +35,6 @@ const TextractParseSchema = z
     region: z.string().min(1, 'AWS region is required'),
     processingMode: z.enum(['sync', 'async']).optional().default('sync'),
     filePath: z.string().optional(),
-    file: RawFileInputSchema.optional(),
     s3Uri: z.string().optional(),
     featureTypes: z
       .array(z.enum(['TABLES', 'FORMS', 'QUERIES', 'SIGNATURES', 'LAYOUT']))
@@ -50,20 +50,6 @@ const TextractParseSchema = z
         path: ['region'],
       })
     }
-    if (data.processingMode === 'async' && !data.s3Uri) {
-      ctx.addIssue({
-        code: z.ZodIssueCode.custom,
-        message: 'S3 URI is required for multi-page processing (s3://bucket/key)',
-        path: ['s3Uri'],
-      })
-    }
-    if (data.processingMode !== 'async' && !data.file && !data.filePath) {
-      ctx.addIssue({
-        code: z.ZodIssueCode.custom,
-        message: 'File input is required for single-page processing',
-        path: ['filePath'],
-      })
-    }
   })
 
 function getSignatureKey(
@@ -125,14 +111,7 @@ function signAwsRequest(
 }
 
 async function fetchDocumentBytes(url: string): Promise<{ bytes: string; contentType: string }> {
-  const urlValidation = await validateUrlWithDNS(url, 'Document URL')
-  if (!urlValidation.isValid) {
-    throw new Error(urlValidation.error || 'Invalid document URL')
-  }
-
-  const response = await secureFetchWithPinnedIP(url, urlValidation.resolvedIP!, {
-    method: 'GET',
-  })
+  const response = await fetch(url)
   if (!response.ok) {
     throw new Error(`Failed to fetch document: ${response.statusText}`)
   }
@@ -339,8 +318,8 @@ export async function POST(request: NextRequest) {
 
     logger.info(`[${requestId}] Textract parse request`, {
       processingMode,
-      hasFile: Boolean(validatedData.file),
-      hasS3Uri: Boolean(validatedData.s3Uri),
+      filePath: validatedData.filePath?.substring(0, 50),
+      s3Uri: validatedData.s3Uri?.substring(0, 50),
       featureTypes,
       userId,
     })
@@ -435,89 +414,90 @@ export async function POST(request: NextRequest) {
       })
     }
 
-    let bytes = ''
-    let contentType = 'application/octet-stream'
-    let isPdf = false
-
-    if (validatedData.file) {
-      let userFile
-      try {
-        userFile = processSingleFileToUserFile(validatedData.file, requestId, logger)
-      } catch (error) {
-        return NextResponse.json(
-          {
-            success: false,
-            error: error instanceof Error ? error.message : 'Failed to process file',
-          },
-          { status: 400 }
-        )
-      }
-
-      const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-      bytes = buffer.toString('base64')
-      contentType = userFile.type || 'application/octet-stream'
-      isPdf = contentType.includes('pdf') || userFile.name?.toLowerCase().endsWith('.pdf')
-    } else if (validatedData.filePath) {
-      let fileUrl = validatedData.filePath
-
-      const isInternalFilePath = isInternalFileUrl(fileUrl)
-
-      if (isInternalFilePath) {
-        const resolution = await resolveInternalFileUrl(fileUrl, userId, requestId, logger)
-        if (resolution.error) {
-          return NextResponse.json(
-            {
-              success: false,
-              error: resolution.error.message,
-            },
-            { status: resolution.error.status }
-          )
-        }
-        fileUrl = resolution.fileUrl || fileUrl
-      } else if (fileUrl.startsWith('/')) {
-        logger.warn(`[${requestId}] Invalid internal path`, {
-          userId,
-          path: fileUrl.substring(0, 50),
-        })
-        return NextResponse.json(
-          {
-            success: false,
-            error: 'Invalid file path. Only uploaded files are supported for internal paths.',
-          },
-          { status: 400 }
-        )
-      } else {
-        const urlValidation = await validateUrlWithDNS(fileUrl, 'Document URL')
-        if (!urlValidation.isValid) {
-          logger.warn(`[${requestId}] SSRF attempt blocked`, {
-            userId,
-            url: fileUrl.substring(0, 100),
-            error: urlValidation.error,
-          })
-          return NextResponse.json(
-            {
-              success: false,
-              error: urlValidation.error,
-            },
-            { status: 400 }
-          )
-        }
-      }
-
-      const fetched = await fetchDocumentBytes(fileUrl)
-      bytes = fetched.bytes
-      contentType = fetched.contentType
-      isPdf = contentType.includes('pdf') || fileUrl.toLowerCase().endsWith('.pdf')
-    } else {
+    if (!validatedData.filePath) {
       return NextResponse.json(
         {
           success: false,
-          error: 'File input is required for single-page processing',
+          error: 'File path is required for single-page processing',
         },
         { status: 400 }
       )
     }
 
+    let fileUrl = validatedData.filePath
+
+    const isInternalFilePath = validatedData.filePath && isInternalFileUrl(validatedData.filePath)
+
+    if (isInternalFilePath) {
+      try {
+        const storageKey = extractStorageKey(validatedData.filePath)
+        const context = inferContextFromKey(storageKey)
+
+        const hasAccess = await verifyFileAccess(storageKey, userId, undefined, context, false)
+
+        if (!hasAccess) {
+          logger.warn(`[${requestId}] Unauthorized presigned URL generation attempt`, {
+            userId,
+            key: storageKey,
+            context,
+          })
+          return NextResponse.json(
+            {
+              success: false,
+              error: 'File not found',
+            },
+            { status: 404 }
+          )
+        }
+
+        fileUrl = await StorageService.generatePresignedDownloadUrl(storageKey, context, 5 * 60)
+        logger.info(`[${requestId}] Generated presigned URL for ${context} file`)
+      } catch (error) {
+        logger.error(`[${requestId}] Failed to generate presigned URL:`, error)
+        return NextResponse.json(
+          {
+            success: false,
+            error: 'Failed to generate file access URL',
+          },
+          { status: 500 }
+        )
+      }
+    } else if (validatedData.filePath?.startsWith('/')) {
+      // Reject arbitrary absolute paths that don't contain /api/files/serve/
+      logger.warn(`[${requestId}] Invalid internal path`, {
+        userId,
+        path: validatedData.filePath.substring(0, 50),
+      })
+      return NextResponse.json(
+        {
+          success: false,
+          error: 'Invalid file path. Only uploaded files are supported for internal paths.',
+        },
+        { status: 400 }
+      )
+    } else {
+      const urlValidation = validateExternalUrl(fileUrl, 'Document URL')
+      if (!urlValidation.isValid) {
+        logger.warn(`[${requestId}] SSRF attempt blocked`, {
+          userId,
+          url: fileUrl.substring(0, 100),
+          error: urlValidation.error,
+        })
+        return NextResponse.json(
+          {
+            success: false,
+            error: urlValidation.error,
+          },
+          { status: 400 }
+        )
+      }
+    }
+
+    const { bytes, contentType } = await fetchDocumentBytes(fileUrl)
+
+    // Track if this is a PDF for better error messaging
+    const isPdf = contentType.includes('pdf') || fileUrl.toLowerCase().endsWith('.pdf')
+
     const uri = '/'
 
     let textractBody: Record<string, unknown>

apps/sim/app/api/tools/twilio/get-recording/route.ts

@@ -1,250 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { getExtensionFromMimeType } from '@/lib/uploads/utils/file-utils'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('TwilioGetRecordingAPI')
-
-interface TwilioRecordingResponse {
-  sid?: string
-  call_sid?: string
-  duration?: string
-  status?: string
-  channels?: number
-  source?: string
-  price?: string
-  price_unit?: string
-  uri?: string
-  error_code?: number
-  message?: string
-  error_message?: string
-}
-
-interface TwilioErrorResponse {
-  message?: string
-}
-
-interface TwilioTranscription {
-  transcription_text?: string
-  status?: string
-  price?: string
-  price_unit?: string
-}
-
-interface TwilioTranscriptionsResponse {
-  transcriptions?: TwilioTranscription[]
-}
-
-const TwilioGetRecordingSchema = z.object({
-  accountSid: z.string().min(1, 'Account SID is required'),
-  authToken: z.string().min(1, 'Auth token is required'),
-  recordingSid: z.string().min(1, 'Recording SID is required'),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Twilio get recording attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = TwilioGetRecordingSchema.parse(body)
-
-    const { accountSid, authToken, recordingSid } = validatedData
-
-    if (!accountSid.startsWith('AC')) {
-      return NextResponse.json(
-        {
-          success: false,
-          error: `Invalid Account SID format. Account SID must start with "AC" (you provided: ${accountSid.substring(0, 2)}...)`,
-        },
-        { status: 400 }
-      )
-    }
-
-    const twilioAuth = Buffer.from(`${accountSid}:${authToken}`).toString('base64')
-
-    logger.info(`[${requestId}] Getting recording info from Twilio`, { recordingSid })
-
-    const infoUrl = `https://api.twilio.com/2010-04-01/Accounts/${accountSid}/Recordings/${recordingSid}.json`
-    const infoUrlValidation = await validateUrlWithDNS(infoUrl, 'infoUrl')
-    if (!infoUrlValidation.isValid) {
-      return NextResponse.json({ success: false, error: infoUrlValidation.error }, { status: 400 })
-    }
-
-    const infoResponse = await secureFetchWithPinnedIP(infoUrl, infoUrlValidation.resolvedIP!, {
-      method: 'GET',
-      headers: { Authorization: `Basic ${twilioAuth}` },
-    })
-
-    if (!infoResponse.ok) {
-      const errorData = (await infoResponse.json().catch(() => ({}))) as TwilioErrorResponse
-      logger.error(`[${requestId}] Twilio API error`, {
-        status: infoResponse.status,
-        error: errorData,
-      })
-      return NextResponse.json(
-        { success: false, error: errorData.message || `Twilio API error: ${infoResponse.status}` },
-        { status: 400 }
-      )
-    }
-
-    const data = (await infoResponse.json()) as TwilioRecordingResponse
-
-    if (data.error_code) {
-      return NextResponse.json({
-        success: false,
-        output: {
-          success: false,
-          error: data.message || data.error_message || 'Failed to retrieve recording',
-        },
-        error: data.message || data.error_message || 'Failed to retrieve recording',
-      })
-    }
-
-    const baseUrl = 'https://api.twilio.com'
-    const mediaUrl = data.uri ? `${baseUrl}${data.uri.replace('.json', '')}` : undefined
-
-    let transcriptionText: string | undefined
-    let transcriptionStatus: string | undefined
-    let transcriptionPrice: string | undefined
-    let transcriptionPriceUnit: string | undefined
-    let file:
-      | {
-          name: string
-          mimeType: string
-          data: string
-          size: number
-        }
-      | undefined
-
-    try {
-      const transcriptionUrl = `https://api.twilio.com/2010-04-01/Accounts/${accountSid}/Transcriptions.json?RecordingSid=${data.sid}`
-      logger.info(`[${requestId}] Checking for transcriptions`)
-
-      const transcriptionUrlValidation = await validateUrlWithDNS(
-        transcriptionUrl,
-        'transcriptionUrl'
-      )
-      if (transcriptionUrlValidation.isValid) {
-        const transcriptionResponse = await secureFetchWithPinnedIP(
-          transcriptionUrl,
-          transcriptionUrlValidation.resolvedIP!,
-          {
-            method: 'GET',
-            headers: { Authorization: `Basic ${twilioAuth}` },
-          }
-        )
-
-        if (transcriptionResponse.ok) {
-          const transcriptionData =
-            (await transcriptionResponse.json()) as TwilioTranscriptionsResponse
-
-          if (transcriptionData.transcriptions && transcriptionData.transcriptions.length > 0) {
-            const transcription = transcriptionData.transcriptions[0]
-            transcriptionText = transcription.transcription_text
-            transcriptionStatus = transcription.status
-            transcriptionPrice = transcription.price
-            transcriptionPriceUnit = transcription.price_unit
-            logger.info(`[${requestId}] Transcription found`, {
-              status: transcriptionStatus,
-              textLength: transcriptionText?.length,
-            })
-          }
-        }
-      }
-    } catch (error) {
-      logger.warn(`[${requestId}] Failed to fetch transcription:`, error)
-    }
-
-    if (mediaUrl) {
-      try {
-        const mediaUrlValidation = await validateUrlWithDNS(mediaUrl, 'mediaUrl')
-        if (mediaUrlValidation.isValid) {
-          const mediaResponse = await secureFetchWithPinnedIP(
-            mediaUrl,
-            mediaUrlValidation.resolvedIP!,
-            {
-              method: 'GET',
-              headers: { Authorization: `Basic ${twilioAuth}` },
-            }
-          )
-
-          if (mediaResponse.ok) {
-            const contentType =
-              mediaResponse.headers.get('content-type') || 'application/octet-stream'
-            const extension = getExtensionFromMimeType(contentType) || 'dat'
-            const arrayBuffer = await mediaResponse.arrayBuffer()
-            const buffer = Buffer.from(arrayBuffer)
-            const fileName = `${data.sid || recordingSid}.${extension}`
-
-            file = {
-              name: fileName,
-              mimeType: contentType,
-              data: buffer.toString('base64'),
-              size: buffer.length,
-            }
-          }
-        }
-      } catch (error) {
-        logger.warn(`[${requestId}] Failed to download recording media:`, error)
-      }
-    }
-
-    logger.info(`[${requestId}] Twilio recording fetched successfully`, {
-      recordingSid: data.sid,
-      hasFile: !!file,
-      hasTranscription: !!transcriptionText,
-    })
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        success: true,
-        recordingSid: data.sid,
-        callSid: data.call_sid,
-        duration: data.duration ? Number.parseInt(data.duration, 10) : undefined,
-        status: data.status,
-        channels: data.channels,
-        source: data.source,
-        mediaUrl,
-        file,
-        price: data.price,
-        priceUnit: data.price_unit,
-        uri: data.uri,
-        transcriptionText,
-        transcriptionStatus,
-        transcriptionPrice,
-        transcriptionPriceUnit,
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error fetching Twilio recording:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/api/tools/vision/analyze/route.ts

@@ -1,20 +1,10 @@
-import { GoogleGenAI } from '@google/genai'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
-import { isInternalFileUrl, processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
-import {
-  downloadFileFromStorage,
-  resolveInternalFileUrl,
-} from '@/lib/uploads/utils/file-utils.server'
-import { convertUsageMetadata, extractTextContent } from '@/providers/google/utils'
+import { processSingleFileToUserFile } from '@/lib/uploads/utils/file-utils'
+import { downloadFileFromStorage } from '@/lib/uploads/utils/file-utils.server'
 
 export const dynamic = 'force-dynamic'
 
@@ -23,8 +13,8 @@ const logger = createLogger('VisionAnalyzeAPI')
 const VisionAnalyzeSchema = z.object({
   apiKey: z.string().min(1, 'API key is required'),
   imageUrl: z.string().optional().nullable(),
-  imageFile: RawFileInputSchema.optional().nullable(),
-  model: z.string().optional().default('gpt-5.2'),
+  imageFile: z.any().optional().nullable(),
+  model: z.string().optional().default('gpt-4o'),
   prompt: z.string().optional().nullable(),
 })
 
@@ -49,7 +39,6 @@ export async function POST(request: NextRequest) {
       userId: authResult.userId,
     })
 
-    const userId = authResult.userId
     const body = await request.json()
     const validatedData = VisionAnalyzeSchema.parse(body)
 
@@ -88,72 +77,18 @@ export async function POST(request: NextRequest) {
         )
       }
 
-      let base64 = userFile.base64
-      let bufferLength = 0
-      if (!base64) {
-        const buffer = await downloadFileFromStorage(userFile, requestId, logger)
-        base64 = buffer.toString('base64')
-        bufferLength = buffer.length
-      }
+      const buffer = await downloadFileFromStorage(userFile, requestId, logger)
+
+      const base64 = buffer.toString('base64')
       const mimeType = userFile.type || 'image/jpeg'
       imageSource = `data:${mimeType};base64,${base64}`
-      if (bufferLength > 0) {
-        logger.info(`[${requestId}] Converted image to base64 (${bufferLength} bytes)`)
-      }
-    }
-
-    let imageUrlValidation: Awaited<ReturnType<typeof validateUrlWithDNS>> | null = null
-    if (imageSource && !imageSource.startsWith('data:')) {
-      if (imageSource.startsWith('/') && !isInternalFileUrl(imageSource)) {
-        return NextResponse.json(
-          {
-            success: false,
-            error: 'Invalid file path. Only uploaded files are supported for internal paths.',
-          },
-          { status: 400 }
-        )
-      }
-
-      if (isInternalFileUrl(imageSource)) {
-        if (!userId) {
-          return NextResponse.json(
-            {
-              success: false,
-              error: 'Authentication required for internal file access',
-            },
-            { status: 401 }
-          )
-        }
-        const resolution = await resolveInternalFileUrl(imageSource, userId, requestId, logger)
-        if (resolution.error) {
-          return NextResponse.json(
-            {
-              success: false,
-              error: resolution.error.message,
-            },
-            { status: resolution.error.status }
-          )
-        }
-        imageSource = resolution.fileUrl || imageSource
-      }
-
-      imageUrlValidation = await validateUrlWithDNS(imageSource, 'imageUrl')
-      if (!imageUrlValidation.isValid) {
-        return NextResponse.json(
-          {
-            success: false,
-            error: imageUrlValidation.error,
-          },
-          { status: 400 }
-        )
-      }
+      logger.info(`[${requestId}] Converted image to base64 (${buffer.length} bytes)`)
     }
 
     const defaultPrompt = 'Please analyze this image and describe what you see in detail.'
     const prompt = validatedData.prompt || defaultPrompt
 
-    const isClaude = validatedData.model.startsWith('claude-')
-    const isGemini = validatedData.model.startsWith('gemini-')
+    const isClaude = validatedData.model.startsWith('claude-3')
     const apiUrl = isClaude
       ? 'https://api.anthropic.com/v1/messages'
       : 'https://api.openai.com/v1/chat/completions'
@@ -171,72 +106,6 @@ export async function POST(request: NextRequest) {
 
     let requestBody: any
 
-    if (isGemini) {
-      let base64Payload = imageSource
-      if (!base64Payload.startsWith('data:')) {
-        const urlValidation =
-          imageUrlValidation || (await validateUrlWithDNS(base64Payload, 'imageUrl'))
-        if (!urlValidation.isValid) {
-          return NextResponse.json({ success: false, error: urlValidation.error }, { status: 400 })
-        }
-
-        const response = await secureFetchWithPinnedIP(base64Payload, urlValidation.resolvedIP!, {
-          method: 'GET',
-        })
-        if (!response.ok) {
-          return NextResponse.json(
-            { success: false, error: 'Failed to fetch image for Gemini' },
-            { status: 400 }
-          )
-        }
-        const contentType =
-          response.headers.get('content-type') || validatedData.imageFile?.type || 'image/jpeg'
-        const arrayBuffer = await response.arrayBuffer()
-        const base64 = Buffer.from(arrayBuffer).toString('base64')
-        base64Payload = `data:${contentType};base64,${base64}`
-      }
-      const base64Marker = ';base64,'
-      const markerIndex = base64Payload.indexOf(base64Marker)
-      if (!base64Payload.startsWith('data:') || markerIndex === -1) {
-        return NextResponse.json(
-          { success: false, error: 'Invalid base64 image format' },
-          { status: 400 }
-        )
-      }
-      const rawMimeType = base64Payload.slice('data:'.length, markerIndex)
-      const mediaType = rawMimeType.split(';')[0] || 'image/jpeg'
-      const base64Data = base64Payload.slice(markerIndex + base64Marker.length)
-      if (!base64Data) {
-        return NextResponse.json(
-          { success: false, error: 'Invalid base64 image format' },
-          { status: 400 }
-        )
-      }
-
-      const ai = new GoogleGenAI({ apiKey: validatedData.apiKey })
-      const geminiResponse = await ai.models.generateContent({
-        model: validatedData.model,
-        contents: [
-          {
-            role: 'user',
-            parts: [{ text: prompt }, { inlineData: { mimeType: mediaType, data: base64Data } }],
-          },
-        ],
-      })
-
-      const content = extractTextContent(geminiResponse.candidates?.[0])
-      const usage = convertUsageMetadata(geminiResponse.usageMetadata)
-
-      return NextResponse.json({
-        success: true,
-        output: {
-          content,
-          model: validatedData.model,
-          tokens: usage.totalTokenCount || undefined,
-        },
-      })
-    }
-
     if (isClaude) {
       if (imageSource.startsWith('data:')) {
         const base64Match = imageSource.match(/^data:([^;]+);base64,(.+)$/)
@@ -303,7 +172,7 @@ export async function POST(request: NextRequest) {
             ],
           },
         ],
-        max_completion_tokens: 1000,
+        max_tokens: 1000,
       }
     }
 

apps/sim/app/api/tools/wordpress/upload/route.ts

@@ -3,7 +3,6 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { checkInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
-import { RawFileInputSchema } from '@/lib/uploads/utils/file-schemas'
 import {
   getFileExtension,
   getMimeTypeFromExtension,
@@ -20,7 +19,7 @@ const WORDPRESS_COM_API_BASE = 'https://public-api.wordpress.com/wp/v2/sites'
 const WordPressUploadSchema = z.object({
   accessToken: z.string().min(1, 'Access token is required'),
   siteId: z.string().min(1, 'Site ID is required'),
-  file: RawFileInputSchema.optional().nullable(),
+  file: z.any().optional().nullable(),
   filename: z.string().optional().nullable(),
   title: z.string().optional().nullable(),
   caption: z.string().optional().nullable(),

apps/sim/app/api/tools/zoom/get-recordings/route.ts

@@ -1,216 +0,0 @@
-import { createLogger } from '@sim/logger'
-import { type NextRequest, NextResponse } from 'next/server'
-import { z } from 'zod'
-import { checkInternalAuth } from '@/lib/auth/hybrid'
-import {
-  secureFetchWithPinnedIP,
-  validateUrlWithDNS,
-} from '@/lib/core/security/input-validation.server'
-import { generateRequestId } from '@/lib/core/utils/request'
-import { getExtensionFromMimeType } from '@/lib/uploads/utils/file-utils'
-
-export const dynamic = 'force-dynamic'
-
-const logger = createLogger('ZoomGetRecordingsAPI')
-
-interface ZoomRecordingFile {
-  id?: string
-  meeting_id?: string
-  recording_start?: string
-  recording_end?: string
-  file_type?: string
-  file_extension?: string
-  file_size?: number
-  play_url?: string
-  download_url?: string
-  status?: string
-  recording_type?: string
-}
-
-interface ZoomRecordingsResponse {
-  uuid?: string
-  id?: string | number
-  account_id?: string
-  host_id?: string
-  topic?: string
-  type?: number
-  start_time?: string
-  duration?: number
-  total_size?: number
-  recording_count?: number
-  share_url?: string
-  recording_files?: ZoomRecordingFile[]
-}
-
-interface ZoomErrorResponse {
-  message?: string
-  code?: number
-}
-
-const ZoomGetRecordingsSchema = z.object({
-  accessToken: z.string().min(1, 'Access token is required'),
-  meetingId: z.string().min(1, 'Meeting ID is required'),
-  includeFolderItems: z.boolean().optional(),
-  ttl: z.number().optional(),
-  downloadFiles: z.boolean().optional().default(false),
-})
-
-export async function POST(request: NextRequest) {
-  const requestId = generateRequestId()
-
-  try {
-    const authResult = await checkInternalAuth(request, { requireWorkflowId: false })
-
-    if (!authResult.success) {
-      logger.warn(`[${requestId}] Unauthorized Zoom get recordings attempt: ${authResult.error}`)
-      return NextResponse.json(
-        {
-          success: false,
-          error: authResult.error || 'Authentication required',
-        },
-        { status: 401 }
-      )
-    }
-
-    const body = await request.json()
-    const validatedData = ZoomGetRecordingsSchema.parse(body)
-
-    const { accessToken, meetingId, includeFolderItems, ttl, downloadFiles } = validatedData
-
-    const baseUrl = `https://api.zoom.us/v2/meetings/${encodeURIComponent(meetingId)}/recordings`
-    const queryParams = new URLSearchParams()
-
-    if (includeFolderItems != null) {
-      queryParams.append('include_folder_items', String(includeFolderItems))
-    }
-    if (ttl) {
-      queryParams.append('ttl', String(ttl))
-    }
-
-    const queryString = queryParams.toString()
-    const apiUrl = queryString ? `${baseUrl}?${queryString}` : baseUrl
-
-    logger.info(`[${requestId}] Fetching recordings from Zoom`, { meetingId })
-
-    const urlValidation = await validateUrlWithDNS(apiUrl, 'apiUrl')
-    if (!urlValidation.isValid) {
-      return NextResponse.json({ success: false, error: urlValidation.error }, { status: 400 })
-    }
-
-    const response = await secureFetchWithPinnedIP(apiUrl, urlValidation.resolvedIP!, {
-      method: 'GET',
-      headers: {
-        'Content-Type': 'application/json',
-        Authorization: `Bearer ${accessToken}`,
-      },
-    })
-
-    if (!response.ok) {
-      const errorData = (await response.json().catch(() => ({}))) as ZoomErrorResponse
-      logger.error(`[${requestId}] Zoom API error`, {
-        status: response.status,
-        error: errorData,
-      })
-      return NextResponse.json(
-        { success: false, error: errorData.message || `Zoom API error: ${response.status}` },
-        { status: 400 }
-      )
-    }
-
-    const data = (await response.json()) as ZoomRecordingsResponse
-    const files: Array<{
-      name: string
-      mimeType: string
-      data: string
-      size: number
-    }> = []
-
-    if (downloadFiles && Array.isArray(data.recording_files)) {
-      for (const file of data.recording_files) {
-        if (!file?.download_url) continue
-
-        try {
-          const fileUrlValidation = await validateUrlWithDNS(file.download_url, 'downloadUrl')
-          if (!fileUrlValidation.isValid) continue
-
-          const downloadResponse = await secureFetchWithPinnedIP(
-            file.download_url,
-            fileUrlValidation.resolvedIP!,
-            {
-              method: 'GET',
-              headers: { Authorization: `Bearer ${accessToken}` },
-            }
-          )
-
-          if (!downloadResponse.ok) continue
-
-          const contentType =
-            downloadResponse.headers.get('content-type') || 'application/octet-stream'
-          const arrayBuffer = await downloadResponse.arrayBuffer()
-          const buffer = Buffer.from(arrayBuffer)
-          const extension =
-            file.file_extension?.toString().toLowerCase() ||
-            getExtensionFromMimeType(contentType) ||
-            'dat'
-          const fileName = `zoom-recording-${file.id || file.recording_start || Date.now()}.${extension}`
-
-          files.push({
-            name: fileName,
-            mimeType: contentType,
-            data: buffer.toString('base64'),
-            size: buffer.length,
-          })
-        } catch (error) {
-          logger.warn(`[${requestId}] Failed to download recording file:`, error)
-        }
-      }
-    }
-
-    logger.info(`[${requestId}] Zoom recordings fetched successfully`, {
-      recordingCount: data.recording_files?.length || 0,
-      downloadedCount: files.length,
-    })
-
-    return NextResponse.json({
-      success: true,
-      output: {
-        recording: {
-          uuid: data.uuid,
-          id: data.id,
-          account_id: data.account_id,
-          host_id: data.host_id,
-          topic: data.topic,
-          type: data.type,
-          start_time: data.start_time,
-          duration: data.duration,
-          total_size: data.total_size,
-          recording_count: data.recording_count,
-          share_url: data.share_url,
-          recording_files: (data.recording_files || []).map((file: ZoomRecordingFile) => ({
-            id: file.id,
-            meeting_id: file.meeting_id,
-            recording_start: file.recording_start,
-            recording_end: file.recording_end,
-            file_type: file.file_type,
-            file_extension: file.file_extension,
-            file_size: file.file_size,
-            play_url: file.play_url,
-            download_url: file.download_url,
-            status: file.status,
-            recording_type: file.recording_type,
-          })),
-        },
-        files: files.length > 0 ? files : undefined,
-      },
-    })
-  } catch (error) {
-    logger.error(`[${requestId}] Error fetching Zoom recordings:`, error)
-    return NextResponse.json(
-      {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error occurred',
-      },
-      { status: 500 }
-    )
-  }
-}

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/chat/chat.tsx

@@ -807,7 +807,7 @@ export function Chat() {
 
       const newReservedFields: StartInputFormatField[] = missingStartReservedFields.map(
         (fieldName) => {
-          const defaultType = fieldName === 'files' ? 'file[]' : 'string'
+          const defaultType = fieldName === 'files' ? 'files' : 'string'
 
           return {
             id: crypto.randomUUID(),

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/deploy/components/deploy-modal/components/a2a/a2a.tsx

@@ -179,7 +179,7 @@ export function A2aDeploy({
       newFields.push({
         id: crypto.randomUUID(),
         name: 'files',
-        type: 'file[]',
+        type: 'files',
         value: '',
         collapsed: false,
       })

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/starter/input-format.tsx

@@ -26,7 +26,7 @@ import { useAccessibleReferencePrefixes } from '@/app/workspace/[workspaceId]/w/
 interface Field {
   id: string
   name: string
-  type?: 'string' | 'number' | 'boolean' | 'object' | 'array' | 'file[]'
+  type?: 'string' | 'number' | 'boolean' | 'object' | 'array' | 'files'
   value?: string
   description?: string
   collapsed?: boolean
@@ -57,7 +57,7 @@ const TYPE_OPTIONS: ComboboxOption[] = [
   { label: 'Boolean', value: 'boolean' },
   { label: 'Object', value: 'object' },
   { label: 'Array', value: 'array' },
-  { label: 'Files', value: 'file[]' },
+  { label: 'Files', value: 'files' },
 ]
 
 /**
@@ -448,7 +448,7 @@ export function FieldFormat({
       )
     }
 
-    if (field.type === 'file[]') {
+    if (field.type === 'files') {
       const lineCount = fieldValue.split('\n').length
       const gutterWidth = calculateGutterWidth(lineCount)
 

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/tag-dropdown/tag-dropdown.tsx

@@ -225,7 +225,7 @@ const getOutputTypeForPath = (
       const chatModeTypes: Record<string, string> = {
         input: 'string',
         conversationId: 'string',
-        files: 'file[]',
+        files: 'files',
       }
       return chatModeTypes[outputPath] || 'any'
     }
@@ -1563,11 +1563,16 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
     blockTagGroups.sort((a, b) => a.distance - b.distance)
     finalBlockTagGroups.push(...blockTagGroups)
 
-    const groupTags = finalBlockTagGroups.flatMap((group) => group.tags)
-    const tags = [...groupTags, ...variableTags]
+    const contextualTags: string[] = []
+    if (loopBlockGroup) {
+      contextualTags.push(...loopBlockGroup.tags)
+    }
+    if (parallelBlockGroup) {
+      contextualTags.push(...parallelBlockGroup.tags)
+    }
 
     return {
-      tags,
+      tags: [...allBlockTags, ...variableTags, ...contextualTags],
       variableInfoMap,
       blockTagGroups: finalBlockTagGroups,
     }
@@ -1741,7 +1746,7 @@ export const TagDropdown: React.FC<TagDropdownProps> = ({
           mergedSubBlocks
         )
 
-        if (fieldType === 'file' || fieldType === 'file[]' || fieldType === 'array') {
+        if (fieldType === 'files' || fieldType === 'file[]' || fieldType === 'array') {
           const blockName = parts[0]
           const remainingPath = parts.slice(2).join('.')
           processedTag = `${blockName}.${arrayFieldName}[0].${remainingPath}`

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/hooks/use-block-output-fields.ts

@@ -188,7 +188,7 @@ export function useBlockOutputFields({
           baseOutputs = {
             input: { type: 'string', description: 'User message' },
             conversationId: { type: 'string', description: 'Conversation ID' },
-            files: { type: 'file[]', description: 'Uploaded files' },
+            files: { type: 'files', description: 'Uploaded files' },
           }
         } else {
           const inputFormatValue = mergedSubBlocks?.inputFormat?.value

apps/sim/background/webhook-execution.ts

@@ -417,11 +417,11 @@ async function executeWebhookJobInternal(
         if (triggerBlock?.subBlocks?.inputFormat?.value) {
           const inputFormat = triggerBlock.subBlocks.inputFormat.value as unknown as Array<{
             name: string
-            type: 'string' | 'number' | 'boolean' | 'object' | 'array' | 'file[]'
+            type: 'string' | 'number' | 'boolean' | 'object' | 'array' | 'files'
           }>
           logger.debug(`[${requestId}] Processing generic webhook files from inputFormat`)
 
-          const fileFields = inputFormat.filter((field) => field.type === 'file[]')
+          const fileFields = inputFormat.filter((field) => field.type === 'files')
 
           if (fileFields.length > 0 && typeof input === 'object' && input !== null) {
             const executionContext = {

apps/sim/blocks/blocks.test.ts

@@ -442,17 +442,7 @@ describe('Blocks Module', () => {
     })
 
     it('should have valid output types', () => {
-      const validPrimitiveTypes = [
-        'string',
-        'number',
-        'boolean',
-        'json',
-        'array',
-        'files',
-        'file',
-        'file[]',
-        'any',
-      ]
+      const validPrimitiveTypes = ['string', 'number', 'boolean', 'json', 'array', 'files', 'any']
       const blocks = getAllBlocks()
       for (const block of blocks) {
         for (const [key, outputConfig] of Object.entries(block.outputs)) {

apps/sim/blocks/blocks/chat_trigger.ts

@@ -26,7 +26,7 @@ export const ChatTriggerBlock: BlockConfig = {
   outputs: {
     input: { type: 'string', description: 'User message' },
     conversationId: { type: 'string', description: 'Conversation ID' },
-    files: { type: 'file[]', description: 'Uploaded files' },
+    files: { type: 'files', description: 'Uploaded files' },
   },
   triggers: {
     enabled: true,

apps/sim/blocks/blocks/discord.ts

@@ -578,20 +578,13 @@ export const DiscordBlock: BlockConfig<DiscordResponse> = {
         if (!params.serverId) throw new Error('Server ID is required')
 
         switch (params.operation) {
-          case 'discord_send_message': {
-            const fileParam = params.attachmentFiles || params.files
-            const normalizedFiles = fileParam
-              ? Array.isArray(fileParam)
-                ? fileParam
-                : [fileParam]
-              : undefined
+          case 'discord_send_message':
             return {
               ...commonParams,
               channelId: params.channelId,
               content: params.content,
-              files: normalizedFiles,
+              files: params.attachmentFiles || params.files,
             }
-          }
           case 'discord_get_messages':
             return {
               ...commonParams,
@@ -796,7 +789,6 @@ export const DiscordBlock: BlockConfig<DiscordResponse> = {
   },
   outputs: {
     message: { type: 'string', description: 'Status message' },
-    files: { type: 'file[]', description: 'Files attached to the message' },
     data: { type: 'json', description: 'Response data' },
   },
 }

apps/sim/blocks/blocks/dropbox.ts

@@ -59,26 +59,13 @@ export const DropboxBlock: BlockConfig<DropboxResponse> = {
       condition: { field: 'operation', value: 'dropbox_upload' },
       required: true,
     },
-    {
-      id: 'uploadFile',
-      title: 'File',
-      type: 'file-upload',
-      canonicalParamId: 'fileContent',
-      placeholder: 'Upload file to send to Dropbox',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      condition: { field: 'operation', value: 'dropbox_upload' },
-    },
     {
       id: 'fileContent',
-      title: 'File',
-      type: 'short-input',
-      canonicalParamId: 'fileContent',
-      placeholder: 'Reference file from previous blocks',
-      mode: 'advanced',
-      required: true,
+      title: 'File Content',
+      type: 'long-input',
+      placeholder: 'Base64 encoded file content or file reference',
       condition: { field: 'operation', value: 'dropbox_upload' },
+      required: true,
     },
     {
       id: 'mode',
@@ -350,8 +337,7 @@ Return ONLY the timestamp string - no explanations, no quotes, no extra text.`,
     path: { type: 'string', description: 'Path in Dropbox' },
     autorename: { type: 'boolean', description: 'Auto-rename on conflict' },
     // Upload inputs
-    uploadFile: { type: 'json', description: 'Uploaded file (UserFile)' },
-    fileContent: { type: 'json', description: 'File reference or UserFile object' },
+    fileContent: { type: 'string', description: 'Base64 encoded file content' },
     fileName: { type: 'string', description: 'Optional filename' },
     mode: { type: 'string', description: 'Write mode: add or overwrite' },
     mute: { type: 'boolean', description: 'Mute notifications' },
@@ -374,7 +360,7 @@ Return ONLY the timestamp string - no explanations, no quotes, no extra text.`,
   },
   outputs: {
     // Upload/Download outputs
-    file: { type: 'file', description: 'Downloaded file stored in execution files' },
+    file: { type: 'json', description: 'File metadata' },
     content: { type: 'string', description: 'File content (base64)' },
     temporaryLink: { type: 'string', description: 'Temporary download link' },
     // List folder outputs

apps/sim/blocks/blocks/elevenlabs.ts

@@ -73,6 +73,5 @@ export const ElevenLabsBlock: BlockConfig<ElevenLabsBlockResponse> = {
 
   outputs: {
     audioUrl: { type: 'string', description: 'Generated audio URL' },
-    audioFile: { type: 'file', description: 'Generated audio file' },
   },
 }

apps/sim/blocks/blocks/enrich.ts

@@ -0,0 +1,625 @@
+import { EnrichSoIcon } from '@/components/icons'
+import type { BlockConfig } from '@/blocks/types'
+import { AuthMode } from '@/blocks/types'
+
+export const EnrichBlock: BlockConfig = {
+  type: 'enrich',
+  name: 'Enrich',
+  description: 'B2B data enrichment and LinkedIn intelligence with Enrich.so',
+  authMode: AuthMode.ApiKey,
+  longDescription:
+    'Access real-time B2B data intelligence with Enrich.so. Enrich profiles from email addresses, find work emails from LinkedIn, verify email deliverability, search for people and companies, and analyze LinkedIn post engagement.',
+  docsLink: 'https://docs.enrich.so/',
+  category: 'tools',
+  bgColor: '#E5E5E6',
+  icon: EnrichSoIcon,
+  subBlocks: [
+    {
+      id: 'operation',
+      title: 'Operation',
+      type: 'dropdown',
+      options: [
+        // Person/Profile Enrichment
+        { label: 'Email to Profile', id: 'email_to_profile' },
+        { label: 'Email to Person (Lite)', id: 'email_to_person_lite' },
+        { label: 'LinkedIn Profile Enrichment', id: 'linkedin_profile' },
+        // Email Finding
+        { label: 'Find Email', id: 'find_email' },
+        { label: 'LinkedIn to Work Email', id: 'linkedin_to_work_email' },
+        { label: 'LinkedIn to Personal Email', id: 'linkedin_to_personal_email' },
+        // Phone Finding
+        { label: 'Phone Finder (LinkedIn)', id: 'phone_finder' },
+        { label: 'Email to Phone', id: 'email_to_phone' },
+        // Email Verification
+        { label: 'Verify Email', id: 'verify_email' },
+        { label: 'Disposable Email Check', id: 'disposable_email_check' },
+        // IP/Company Lookup
+        { label: 'Email to IP', id: 'email_to_ip' },
+        { label: 'IP to Company', id: 'ip_to_company' },
+        // Company Enrichment
+        { label: 'Company Lookup', id: 'company_lookup' },
+        { label: 'Company Funding & Traffic', id: 'company_funding' },
+        { label: 'Company Revenue', id: 'company_revenue' },
+        // Search
+        { label: 'Search People', id: 'search_people' },
+        { label: 'Search Company', id: 'search_company' },
+        { label: 'Search Company Employees', id: 'search_company_employees' },
+        { label: 'Search Similar Companies', id: 'search_similar_companies' },
+        { label: 'Sales Pointer (People)', id: 'sales_pointer_people' },
+        // LinkedIn Posts/Activities
+        { label: 'Search Posts', id: 'search_posts' },
+        { label: 'Get Post Details', id: 'get_post_details' },
+        { label: 'Search Post Reactions', id: 'search_post_reactions' },
+        { label: 'Search Post Comments', id: 'search_post_comments' },
+        { label: 'Search People Activities', id: 'search_people_activities' },
+        { label: 'Search Company Activities', id: 'search_company_activities' },
+        // Other
+        { label: 'Reverse Hash Lookup', id: 'reverse_hash_lookup' },
+        { label: 'Search Logo', id: 'search_logo' },
+        { label: 'Check Credits', id: 'check_credits' },
+      ],
+      value: () => 'email_to_profile',
+    },
+    {
+      id: 'apiKey',
+      title: 'Enrich API Key',
+      type: 'short-input',
+      placeholder: 'Enter your Enrich.so API key',
+      password: true,
+      required: true,
+    },
+
+    {
+      id: 'email',
+      title: 'Email Address',
+      type: 'short-input',
+      placeholder: 'john.doe@company.com',
+      condition: {
+        field: 'operation',
+        value: [
+          'email_to_profile',
+          'email_to_person_lite',
+          'email_to_phone',
+          'verify_email',
+          'disposable_email_check',
+          'email_to_ip',
+        ],
+      },
+      required: {
+        field: 'operation',
+        value: [
+          'email_to_profile',
+          'email_to_person_lite',
+          'email_to_phone',
+          'verify_email',
+          'disposable_email_check',
+          'email_to_ip',
+        ],
+      },
+    },
+
+    {
+      id: 'inRealtime',
+      title: 'Fetch Fresh Data',
+      type: 'switch',
+      condition: { field: 'operation', value: 'email_to_profile' },
+      mode: 'advanced',
+    },
+
+    {
+      id: 'linkedinUrl',
+      title: 'LinkedIn Profile URL',
+      type: 'short-input',
+      placeholder: 'linkedin.com/in/williamhgates',
+      condition: {
+        field: 'operation',
+        value: [
+          'linkedin_profile',
+          'linkedin_to_work_email',
+          'linkedin_to_personal_email',
+          'phone_finder',
+        ],
+      },
+      required: {
+        field: 'operation',
+        value: [
+          'linkedin_profile',
+          'linkedin_to_work_email',
+          'linkedin_to_personal_email',
+          'phone_finder',
+        ],
+      },
+    },
+
+    {
+      id: 'fullName',
+      title: 'Full Name',
+      type: 'short-input',
+      placeholder: 'John Doe',
+      condition: { field: 'operation', value: 'find_email' },
+      required: { field: 'operation', value: 'find_email' },
+    },
+    {
+      id: 'companyDomain',
+      title: 'Company Domain',
+      type: 'short-input',
+      placeholder: 'example.com',
+      condition: { field: 'operation', value: 'find_email' },
+      required: { field: 'operation', value: 'find_email' },
+    },
+
+    {
+      id: 'ip',
+      title: 'IP Address',
+      type: 'short-input',
+      placeholder: '86.92.60.221',
+      condition: { field: 'operation', value: 'ip_to_company' },
+      required: { field: 'operation', value: 'ip_to_company' },
+    },
+
+    {
+      id: 'companyName',
+      title: 'Company Name',
+      type: 'short-input',
+      placeholder: 'Google',
+      condition: { field: 'operation', value: 'company_lookup' },
+    },
+    {
+      id: 'domain',
+      title: 'Domain',
+      type: 'short-input',
+      placeholder: 'google.com',
+      condition: {
+        field: 'operation',
+        value: ['company_lookup', 'company_funding', 'company_revenue', 'search_logo'],
+      },
+      required: {
+        field: 'operation',
+        value: ['company_funding', 'company_revenue', 'search_logo'],
+      },
+    },
+
+    {
+      id: 'firstName',
+      title: 'First Name',
+      type: 'short-input',
+      placeholder: 'John',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+    {
+      id: 'lastName',
+      title: 'Last Name',
+      type: 'short-input',
+      placeholder: 'Doe',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+    {
+      id: 'subTitle',
+      title: 'Job Title',
+      type: 'short-input',
+      placeholder: 'Software Engineer',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+    {
+      id: 'locationCountry',
+      title: 'Country',
+      type: 'short-input',
+      placeholder: 'United States',
+      condition: { field: 'operation', value: ['search_people', 'search_company'] },
+    },
+    {
+      id: 'locationCity',
+      title: 'City',
+      type: 'short-input',
+      placeholder: 'San Francisco',
+      condition: { field: 'operation', value: ['search_people', 'search_company'] },
+    },
+    {
+      id: 'industry',
+      title: 'Industry',
+      type: 'short-input',
+      placeholder: 'Technology',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+    {
+      id: 'currentJobTitles',
+      title: 'Current Job Titles (JSON)',
+      type: 'code',
+      placeholder: '["CEO", "CTO", "VP Engineering"]',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+    {
+      id: 'skills',
+      title: 'Skills (JSON)',
+      type: 'code',
+      placeholder: '["Python", "Machine Learning"]',
+      condition: { field: 'operation', value: 'search_people' },
+    },
+
+    {
+      id: 'searchCompanyName',
+      title: 'Company Name',
+      type: 'short-input',
+      placeholder: 'Google',
+      condition: { field: 'operation', value: 'search_company' },
+    },
+    {
+      id: 'industries',
+      title: 'Industries (JSON)',
+      type: 'code',
+      placeholder: '["Technology", "Software"]',
+      condition: { field: 'operation', value: 'search_company' },
+    },
+    {
+      id: 'staffCountMin',
+      title: 'Min Employees',
+      type: 'short-input',
+      placeholder: '50',
+      condition: { field: 'operation', value: 'search_company' },
+    },
+    {
+      id: 'staffCountMax',
+      title: 'Max Employees',
+      type: 'short-input',
+      placeholder: '500',
+      condition: { field: 'operation', value: 'search_company' },
+    },
+
+    {
+      id: 'companyIds',
+      title: 'Company IDs (JSON)',
+      type: 'code',
+      placeholder: '[12345, 67890]',
+      condition: { field: 'operation', value: 'search_company_employees' },
+    },
+    {
+      id: 'country',
+      title: 'Country',
+      type: 'short-input',
+      placeholder: 'United States',
+      condition: { field: 'operation', value: 'search_company_employees' },
+    },
+    {
+      id: 'city',
+      title: 'City',
+      type: 'short-input',
+      placeholder: 'San Francisco',
+      condition: { field: 'operation', value: 'search_company_employees' },
+    },
+    {
+      id: 'jobTitles',
+      title: 'Job Titles (JSON)',
+      type: 'code',
+      placeholder: '["Software Engineer", "Product Manager"]',
+      condition: { field: 'operation', value: 'search_company_employees' },
+    },
+
+    {
+      id: 'linkedinCompanyUrl',
+      title: 'LinkedIn Company URL',
+      type: 'short-input',
+      placeholder: 'linkedin.com/company/google',
+      condition: { field: 'operation', value: 'search_similar_companies' },
+      required: { field: 'operation', value: 'search_similar_companies' },
+    },
+    {
+      id: 'accountLocation',
+      title: 'Locations (JSON)',
+      type: 'code',
+      placeholder: '["germany", "france"]',
+      condition: { field: 'operation', value: 'search_similar_companies' },
+    },
+    {
+      id: 'employeeSizeType',
+      title: 'Employee Size Filter Type',
+      type: 'dropdown',
+      options: [
+        { label: 'Range', id: 'RANGE' },
+        { label: 'Exact', id: 'EXACT' },
+      ],
+      condition: { field: 'operation', value: 'search_similar_companies' },
+      mode: 'advanced',
+    },
+    {
+      id: 'employeeSizeRange',
+      title: 'Employee Size Range (JSON)',
+      type: 'code',
+      placeholder: '[{"start": 50, "end": 200}]',
+      condition: { field: 'operation', value: 'search_similar_companies' },
+    },
+    {
+      id: 'num',
+      title: 'Results Per Page',
+      type: 'short-input',
+      placeholder: '10',
+      condition: { field: 'operation', value: 'search_similar_companies' },
+    },
+
+    {
+      id: 'filters',
+      title: 'Filters (JSON)',
+      type: 'code',
+      placeholder:
+        '[{"type": "POSTAL_CODE", "values": [{"id": "101041448", "text": "San Francisco", "selectionType": "INCLUDED"}]}]',
+      condition: { field: 'operation', value: 'sales_pointer_people' },
+      required: { field: 'operation', value: 'sales_pointer_people' },
+    },
+
+    {
+      id: 'keywords',
+      title: 'Keywords',
+      type: 'short-input',
+      placeholder: 'AI automation',
+      condition: { field: 'operation', value: 'search_posts' },
+      required: { field: 'operation', value: 'search_posts' },
+    },
+    {
+      id: 'datePosted',
+      title: 'Date Posted',
+      type: 'dropdown',
+      options: [
+        { label: 'Any time', id: '' },
+        { label: 'Past 24 hours', id: 'past_24_hours' },
+        { label: 'Past week', id: 'past_week' },
+        { label: 'Past month', id: 'past_month' },
+      ],
+      condition: { field: 'operation', value: 'search_posts' },
+    },
+
+    {
+      id: 'postUrl',
+      title: 'LinkedIn Post URL',
+      type: 'short-input',
+      placeholder: 'https://www.linkedin.com/posts/...',
+      condition: { field: 'operation', value: 'get_post_details' },
+      required: { field: 'operation', value: 'get_post_details' },
+    },
+
+    {
+      id: 'postUrn',
+      title: 'Post URN',
+      type: 'short-input',
+      placeholder: 'urn:li:activity:7231931952839196672',
+      condition: {
+        field: 'operation',
+        value: ['search_post_reactions', 'search_post_comments'],
+      },
+      required: {
+        field: 'operation',
+        value: ['search_post_reactions', 'search_post_comments'],
+      },
+    },
+    {
+      id: 'reactionType',
+      title: 'Reaction Type',
+      type: 'dropdown',
+      options: [
+        { label: 'All', id: 'all' },
+        { label: 'Like', id: 'like' },
+        { label: 'Love', id: 'love' },
+        { label: 'Celebrate', id: 'celebrate' },
+        { label: 'Insightful', id: 'insightful' },
+        { label: 'Funny', id: 'funny' },
+      ],
+      condition: { field: 'operation', value: 'search_post_reactions' },
+    },
+
+    {
+      id: 'profileId',
+      title: 'Profile ID',
+      type: 'short-input',
+      placeholder: 'ACoAAC1wha0BhoDIRAHrP5rgzVDyzmSdnl-KuEk',
+      condition: { field: 'operation', value: 'search_people_activities' },
+      required: { field: 'operation', value: 'search_people_activities' },
+    },
+    {
+      id: 'activityType',
+      title: 'Activity Type',
+      type: 'dropdown',
+      options: [
+        { label: 'Posts', id: 'posts' },
+        { label: 'Comments', id: 'comments' },
+        { label: 'Articles', id: 'articles' },
+      ],
+      condition: {
+        field: 'operation',
+        value: ['search_people_activities', 'search_company_activities'],
+      },
+    },
+
+    {
+      id: 'companyId',
+      title: 'Company ID',
+      type: 'short-input',
+      placeholder: '100746430',
+      condition: { field: 'operation', value: 'search_company_activities' },
+      required: { field: 'operation', value: 'search_company_activities' },
+    },
+    {
+      id: 'offset',
+      title: 'Offset',
+      type: 'short-input',
+      placeholder: '0',
+      condition: { field: 'operation', value: 'search_company_activities' },
+      mode: 'advanced',
+    },
+
+    {
+      id: 'hash',
+      title: 'MD5 Hash',
+      type: 'short-input',
+      placeholder: '5f0efb20de5ecfedbe0bf5e7c12353fe',
+      condition: { field: 'operation', value: 'reverse_hash_lookup' },
+      required: { field: 'operation', value: 'reverse_hash_lookup' },
+    },
+
+    {
+      id: 'page',
+      title: 'Page Number',
+      type: 'short-input',
+      placeholder: '1',
+      condition: {
+        field: 'operation',
+        value: [
+          'search_people',
+          'search_company',
+          'search_company_employees',
+          'search_similar_companies',
+          'sales_pointer_people',
+          'search_posts',
+          'search_post_reactions',
+          'search_post_comments',
+        ],
+      },
+      required: { field: 'operation', value: 'sales_pointer_people' },
+    },
+    {
+      id: 'pageSize',
+      title: 'Results Per Page',
+      type: 'short-input',
+      placeholder: '20',
+      condition: {
+        field: 'operation',
+        value: ['search_people', 'search_company', 'search_company_employees'],
+      },
+    },
+    {
+      id: 'paginationToken',
+      title: 'Pagination Token',
+      type: 'short-input',
+      placeholder: 'Token from previous response',
+      condition: {
+        field: 'operation',
+        value: ['search_people_activities', 'search_company_activities'],
+      },
+      mode: 'advanced',
+    },
+  ],
+  tools: {
+    access: [
+      'enrich_check_credits',
+      'enrich_email_to_profile',
+      'enrich_email_to_person_lite',
+      'enrich_linkedin_profile',
+      'enrich_find_email',
+      'enrich_linkedin_to_work_email',
+      'enrich_linkedin_to_personal_email',
+      'enrich_phone_finder',
+      'enrich_email_to_phone',
+      'enrich_verify_email',
+      'enrich_disposable_email_check',
+      'enrich_email_to_ip',
+      'enrich_ip_to_company',
+      'enrich_company_lookup',
+      'enrich_company_funding',
+      'enrich_company_revenue',
+      'enrich_search_people',
+      'enrich_search_company',
+      'enrich_search_company_employees',
+      'enrich_search_similar_companies',
+      'enrich_sales_pointer_people',
+      'enrich_search_posts',
+      'enrich_get_post_details',
+      'enrich_search_post_reactions',
+      'enrich_search_post_comments',
+      'enrich_search_people_activities',
+      'enrich_search_company_activities',
+      'enrich_reverse_hash_lookup',
+      'enrich_search_logo',
+    ],
+    config: {
+      tool: (params) => `enrich_${params.operation}`,
+      params: (params) => {
+        const { operation, ...rest } = params
+        const parsedParams: Record<string, any> = { ...rest }
+
+        try {
+          if (rest.currentJobTitles && typeof rest.currentJobTitles === 'string') {
+            parsedParams.currentJobTitles = JSON.parse(rest.currentJobTitles)
+          }
+          if (rest.skills && typeof rest.skills === 'string') {
+            parsedParams.skills = JSON.parse(rest.skills)
+          }
+          if (rest.industries && typeof rest.industries === 'string') {
+            parsedParams.industries = JSON.parse(rest.industries)
+          }
+          if (rest.companyIds && typeof rest.companyIds === 'string') {
+            parsedParams.companyIds = JSON.parse(rest.companyIds)
+          }
+          if (rest.jobTitles && typeof rest.jobTitles === 'string') {
+            parsedParams.jobTitles = JSON.parse(rest.jobTitles)
+          }
+          if (rest.accountLocation && typeof rest.accountLocation === 'string') {
+            parsedParams.accountLocation = JSON.parse(rest.accountLocation)
+          }
+          if (rest.employeeSizeRange && typeof rest.employeeSizeRange === 'string') {
+            parsedParams.employeeSizeRange = JSON.parse(rest.employeeSizeRange)
+          }
+          if (rest.filters && typeof rest.filters === 'string') {
+            parsedParams.filters = JSON.parse(rest.filters)
+          }
+        } catch (error: any) {
+          throw new Error(`Invalid JSON input: ${error.message}`)
+        }
+
+        if (operation === 'linkedin_profile') {
+          parsedParams.url = rest.linkedinUrl
+          parsedParams.linkedinUrl = undefined
+        }
+        if (
+          operation === 'linkedin_to_work_email' ||
+          operation === 'linkedin_to_personal_email' ||
+          operation === 'phone_finder'
+        ) {
+          parsedParams.linkedinProfile = rest.linkedinUrl
+          parsedParams.linkedinUrl = undefined
+        }
+        if (operation === 'company_lookup') {
+          parsedParams.name = rest.companyName
+          parsedParams.companyName = undefined
+        }
+        if (operation === 'search_company') {
+          parsedParams.name = rest.searchCompanyName
+          parsedParams.searchCompanyName = undefined
+        }
+        if (operation === 'search_similar_companies') {
+          parsedParams.url = rest.linkedinCompanyUrl
+          parsedParams.linkedinCompanyUrl = undefined
+        }
+        if (operation === 'get_post_details') {
+          parsedParams.url = rest.postUrl
+          parsedParams.postUrl = undefined
+        }
+        if (operation === 'search_logo') {
+          parsedParams.url = rest.domain
+        }
+
+        if (parsedParams.page) {
+          const pageNum = Number(parsedParams.page)
+          if (operation === 'search_people' || operation === 'search_company') {
+            parsedParams.currentPage = pageNum
+            parsedParams.page = undefined
+          } else {
+            parsedParams.page = pageNum
+          }
+        }
+        if (parsedParams.pageSize) parsedParams.pageSize = Number(parsedParams.pageSize)
+        if (parsedParams.num) parsedParams.num = Number(parsedParams.num)
+        if (parsedParams.offset) parsedParams.offset = Number(parsedParams.offset)
+        if (parsedParams.staffCountMin)
+          parsedParams.staffCountMin = Number(parsedParams.staffCountMin)
+        if (parsedParams.staffCountMax)
+          parsedParams.staffCountMax = Number(parsedParams.staffCountMax)
+
+        return parsedParams
+      },
+    },
+  },
+  inputs: {
+    operation: { type: 'string', description: 'Enrich operation to perform' },
+  },
+  outputs: {
+    success: { type: 'boolean', description: 'Whether the operation was successful' },
+    output: { type: 'json', description: 'Output data from the Enrich operation' },
+  },
+}

apps/sim/blocks/blocks/file.ts

@@ -1,48 +1,11 @@
 import { createLogger } from '@sim/logger'
 import { DocumentIcon } from '@/components/icons'
-import { inferContextFromKey } from '@/lib/uploads/utils/file-utils'
 import type { BlockConfig, SubBlockType } from '@/blocks/types'
 import { createVersionedToolSelector } from '@/blocks/utils'
-import type { FileParserOutput, FileParserV3Output } from '@/tools/file/types'
+import type { FileParserOutput } from '@/tools/file/types'
 
 const logger = createLogger('FileBlock')
 
-const resolveFilePathFromInput = (fileInput: unknown): string | null => {
-  if (!fileInput || typeof fileInput !== 'object') {
-    return null
-  }
-
-  const record = fileInput as Record<string, unknown>
-  if (typeof record.path === 'string' && record.path.trim() !== '') {
-    return record.path
-  }
-  if (typeof record.url === 'string' && record.url.trim() !== '') {
-    return record.url
-  }
-  if (typeof record.key === 'string' && record.key.trim() !== '') {
-    const key = record.key.trim()
-    const context = typeof record.context === 'string' ? record.context : inferContextFromKey(key)
-    return `/api/files/serve/${encodeURIComponent(key)}?context=${context}`
-  }
-
-  return null
-}
-
-const resolveFilePathsFromInput = (fileInput: unknown): string[] => {
-  if (!fileInput) {
-    return []
-  }
-
-  if (Array.isArray(fileInput)) {
-    return fileInput
-      .map((file) => resolveFilePathFromInput(file))
-      .filter((path): path is string => Boolean(path))
-  }
-
-  const resolved = resolveFilePathFromInput(fileInput)
-  return resolved ? [resolved] : []
-}
-
 export const FileBlock: BlockConfig<FileParserOutput> = {
   type: 'file',
   name: 'File (Legacy)',
@@ -116,14 +79,24 @@ export const FileBlock: BlockConfig<FileParserOutput> = {
 
         // Handle file upload input
         if (inputMethod === 'upload') {
-          const filePaths = resolveFilePathsFromInput(params.file)
-          if (filePaths.length > 0) {
+          // Handle case where 'file' is an array (multiple files)
+          if (params.file && Array.isArray(params.file) && params.file.length > 0) {
+            const filePaths = params.file.map((file) => file.path)
+
             return {
               filePath: filePaths.length === 1 ? filePaths[0] : filePaths,
               fileType: params.fileType || 'auto',
             }
           }
 
+          // Handle case where 'file' is a single file object
+          if (params.file?.path) {
+            return {
+              filePath: params.file.path,
+              fileType: params.fileType || 'auto',
+            }
+          }
+
           // If no files, return error
           logger.error('No files provided for upload method')
           throw new Error('Please upload a file')
@@ -143,7 +116,7 @@ export const FileBlock: BlockConfig<FileParserOutput> = {
   },
   outputs: {
     files: {
-      type: 'file[]',
+      type: 'json',
       description: 'Array of parsed file objects with content, metadata, and file properties',
     },
     combinedContent: {
@@ -151,7 +124,7 @@ export const FileBlock: BlockConfig<FileParserOutput> = {
       description: 'All file contents merged into a single text string',
     },
     processedFiles: {
-      type: 'file[]',
+      type: 'files',
       description: 'Array of UserFile objects for downstream use (attachments, uploads, etc.)',
     },
   },
@@ -160,9 +133,9 @@ export const FileBlock: BlockConfig<FileParserOutput> = {
 export const FileV2Block: BlockConfig<FileParserOutput> = {
   ...FileBlock,
   type: 'file_v2',
-  name: 'File (Legacy)',
+  name: 'File',
   description: 'Read and parse multiple files',
-  hideFromToolbar: true,
+  hideFromToolbar: false,
   subBlocks: [
     {
       id: 'file',
@@ -209,17 +182,16 @@ export const FileV2Block: BlockConfig<FileParserOutput> = {
         }
 
         if (Array.isArray(fileInput) && fileInput.length > 0) {
-          const filePaths = resolveFilePathsFromInput(fileInput)
+          const filePaths = fileInput.map((file) => file.path)
           return {
             filePath: filePaths.length === 1 ? filePaths[0] : filePaths,
             fileType: params.fileType || 'auto',
           }
         }
 
-        const resolvedSingle = resolveFilePathsFromInput(fileInput)
-        if (resolvedSingle.length > 0) {
+        if (fileInput?.path) {
           return {
-            filePath: resolvedSingle[0],
+            filePath: fileInput.path,
             fileType: params.fileType || 'auto',
           }
         }
@@ -237,7 +209,7 @@ export const FileV2Block: BlockConfig<FileParserOutput> = {
   },
   outputs: {
     files: {
-      type: 'file[]',
+      type: 'json',
       description: 'Array of parsed file objects with content, metadata, and file properties',
     },
     combinedContent: {
@@ -246,108 +218,3 @@ export const FileV2Block: BlockConfig<FileParserOutput> = {
     },
   },
 }
-
-export const FileV3Block: BlockConfig<FileParserV3Output> = {
-  type: 'file_v3',
-  name: 'File',
-  description: 'Read and parse multiple files',
-  longDescription: 'Upload files or reference files from previous blocks to extract text content.',
-  docsLink: 'https://docs.sim.ai/tools/file',
-  category: 'tools',
-  bgColor: '#40916C',
-  icon: DocumentIcon,
-  subBlocks: [
-    {
-      id: 'file',
-      title: 'Files',
-      type: 'file-upload' as SubBlockType,
-      canonicalParamId: 'fileInput',
-      acceptedTypes:
-        '.pdf,.csv,.doc,.docx,.txt,.md,.xlsx,.xls,.html,.htm,.pptx,.ppt,.json,.xml,.rtf',
-      placeholder: 'Upload files to process',
-      multiple: true,
-      mode: 'basic',
-      maxSize: 100,
-      required: true,
-    },
-    {
-      id: 'fileRef',
-      title: 'Files',
-      type: 'short-input' as SubBlockType,
-      canonicalParamId: 'fileInput',
-      placeholder: 'File reference from previous block',
-      mode: 'advanced',
-      required: true,
-    },
-  ],
-  tools: {
-    access: ['file_parser_v3'],
-    config: {
-      tool: () => 'file_parser_v3',
-      params: (params) => {
-        const fileInput = params.fileInput ?? params.file ?? params.filePath
-        if (!fileInput) {
-          logger.error('No file input provided')
-          throw new Error('File input is required')
-        }
-
-        if (typeof fileInput === 'string') {
-          return {
-            filePath: fileInput.trim(),
-            fileType: params.fileType || 'auto',
-            workspaceId: params._context?.workspaceId,
-            workflowId: params._context?.workflowId,
-            executionId: params._context?.executionId,
-          }
-        }
-
-        if (Array.isArray(fileInput)) {
-          const filePaths = resolveFilePathsFromInput(fileInput)
-          if (filePaths.length === 0) {
-            logger.error('No valid file paths found in file input array')
-            throw new Error('File input is required')
-          }
-          return {
-            filePath: filePaths.length === 1 ? filePaths[0] : filePaths,
-            fileType: params.fileType || 'auto',
-            workspaceId: params._context?.workspaceId,
-            workflowId: params._context?.workflowId,
-            executionId: params._context?.executionId,
-          }
-        }
-
-        if (typeof fileInput === 'object') {
-          const resolvedPaths = resolveFilePathsFromInput(fileInput)
-          if (resolvedPaths.length === 0) {
-            logger.error('File input object missing path, url, or key')
-            throw new Error('File input is required')
-          }
-          return {
-            filePath: resolvedPaths[0],
-            fileType: params.fileType || 'auto',
-            workspaceId: params._context?.workspaceId,
-            workflowId: params._context?.workflowId,
-            executionId: params._context?.executionId,
-          }
-        }
-
-        logger.error('Invalid file input format')
-        throw new Error('File input is required')
-      },
-    },
-  },
-  inputs: {
-    fileInput: { type: 'json', description: 'File input (upload or UserFile reference)' },
-    fileType: { type: 'string', description: 'File type' },
-  },
-  outputs: {
-    files: {
-      type: 'file[]',
-      description: 'Parsed files as UserFile objects',
-    },
-    combinedContent: {
-      type: 'string',
-      description: 'All file contents merged into a single text string',
-    },
-  },
-}

apps/sim/blocks/blocks/fireflies.ts

@@ -1,5 +1,4 @@
 import { FirefliesIcon } from '@/components/icons'
-import { resolveHttpsUrlFromFileInput } from '@/lib/uploads/utils/file-utils'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
 import type { FirefliesResponse } from '@/tools/fireflies/types'
@@ -7,9 +6,8 @@ import { getTrigger } from '@/triggers'
 
 export const FirefliesBlock: BlockConfig<FirefliesResponse> = {
   type: 'fireflies',
-  name: 'Fireflies (Legacy)',
+  name: 'Fireflies',
   description: 'Interact with Fireflies.ai meeting transcripts and recordings',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   triggerAllowed: true,
   longDescription:
@@ -589,74 +587,3 @@ Return ONLY the summary text - no quotes, no labels.`,
     available: ['fireflies_transcription_complete'],
   },
 }
-
-const firefliesV2SubBlocks = (FirefliesBlock.subBlocks || []).filter(
-  (subBlock) => subBlock.id !== 'audioUrl'
-)
-const firefliesV2Inputs = FirefliesBlock.inputs
-  ? Object.fromEntries(Object.entries(FirefliesBlock.inputs).filter(([key]) => key !== 'audioUrl'))
-  : {}
-
-export const FirefliesV2Block: BlockConfig<FirefliesResponse> = {
-  ...FirefliesBlock,
-  type: 'fireflies_v2',
-  name: 'Fireflies',
-  description: 'Interact with Fireflies.ai meeting transcripts and recordings',
-  hideFromToolbar: false,
-  subBlocks: firefliesV2SubBlocks,
-  tools: {
-    ...FirefliesBlock.tools,
-    config: {
-      ...FirefliesBlock.tools?.config,
-      tool: (params) =>
-        FirefliesBlock.tools?.config?.tool
-          ? FirefliesBlock.tools.config.tool(params)
-          : params.operation || 'fireflies_list_transcripts',
-      params: (params) => {
-        const baseParams = FirefliesBlock.tools?.config?.params
-        if (!baseParams) {
-          return params
-        }
-
-        if (params.operation === 'fireflies_upload_audio') {
-          let audioInput = params.audioFile || params.audioFileReference
-          if (!audioInput) {
-            throw new Error('Audio file is required.')
-          }
-          if (typeof audioInput === 'string') {
-            try {
-              audioInput = JSON.parse(audioInput)
-            } catch {
-              throw new Error('Audio file must be a valid file reference.')
-            }
-          }
-          if (Array.isArray(audioInput)) {
-            throw new Error(
-              'File reference must be a single file, not an array. Use <block.files[0]> to select one file.'
-            )
-          }
-          if (typeof audioInput !== 'object' || audioInput === null) {
-            throw new Error('Audio file must be a file reference.')
-          }
-          const audioUrl = resolveHttpsUrlFromFileInput(audioInput)
-          if (!audioUrl) {
-            throw new Error('Audio file must include a https URL.')
-          }
-
-          return baseParams({
-            ...params,
-            audioUrl,
-            audioFile: undefined,
-            audioFileReference: undefined,
-          })
-        }
-
-        return baseParams(params)
-      },
-    },
-  },
-  inputs: {
-    ...firefliesV2Inputs,
-    audioFileReference: { type: 'json', description: 'Audio/video file reference' },
-  },
-}

apps/sim/blocks/blocks/gmail.ts

@@ -516,7 +516,7 @@ Return ONLY the search query - no explanations, no extra text.`,
     // Tool outputs
     content: { type: 'string', description: 'Response content' },
     metadata: { type: 'json', description: 'Email metadata' },
-    attachments: { type: 'file[]', description: 'Email attachments array' },
+    attachments: { type: 'json', description: 'Email attachments array' },
     // Trigger outputs
     email_id: { type: 'string', description: 'Gmail message ID' },
     thread_id: { type: 'string', description: 'Gmail thread ID' },
@@ -579,7 +579,7 @@ export const GmailV2Block: BlockConfig<GmailToolResponse> = {
     date: { type: 'string', description: 'Date' },
     body: { type: 'string', description: 'Email body text (best-effort)' },
     results: { type: 'json', description: 'Search/read summary results' },
-    attachments: { type: 'file[]', description: 'Downloaded attachments (if enabled)' },
+    attachments: { type: 'json', description: 'Downloaded attachments (if enabled)' },
 
     // Draft-specific outputs
     draftId: {

apps/sim/blocks/blocks/google_drive.ts

@@ -861,7 +861,7 @@ Return ONLY the message text - no subject line, no greetings/signatures, no extr
     permissionId: { type: 'string', description: 'Permission ID to remove' },
   },
   outputs: {
-    file: { type: 'file', description: 'Downloaded file stored in execution files' },
+    file: { type: 'json', description: 'File metadata or downloaded file data' },
     files: { type: 'json', description: 'List of files' },
     metadata: { type: 'json', description: 'Complete file metadata (from download)' },
     content: { type: 'string', description: 'File content as text' },

apps/sim/blocks/blocks/google_sheets.ts

@@ -1,7 +1,6 @@
 import { GoogleSheetsIcon } from '@/components/icons'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { GoogleSheetsResponse, GoogleSheetsV2Response } from '@/tools/google_sheets/types'
 
 // Legacy block - hidden from toolbar
@@ -682,38 +681,34 @@ Return ONLY the JSON array - no explanations, no markdown, no extra text.`,
       'google_sheets_copy_sheet_v2',
     ],
     config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: (params) => {
-          switch (params.operation) {
-            case 'read':
-              return 'google_sheets_read'
-            case 'write':
-              return 'google_sheets_write'
-            case 'update':
-              return 'google_sheets_update'
-            case 'append':
-              return 'google_sheets_append'
-            case 'clear':
-              return 'google_sheets_clear'
-            case 'get_info':
-              return 'google_sheets_get_spreadsheet'
-            case 'create':
-              return 'google_sheets_create_spreadsheet'
-            case 'batch_get':
-              return 'google_sheets_batch_get'
-            case 'batch_update':
-              return 'google_sheets_batch_update'
-            case 'batch_clear':
-              return 'google_sheets_batch_clear'
-            case 'copy_sheet':
-              return 'google_sheets_copy_sheet'
-            default:
-              throw new Error(`Invalid Google Sheets operation: ${params.operation}`)
-          }
-        },
-        suffix: '_v2',
-        fallbackToolId: 'google_sheets_read_v2',
-      }),
+      tool: (params) => {
+        switch (params.operation) {
+          case 'read':
+            return 'google_sheets_read_v2'
+          case 'write':
+            return 'google_sheets_write_v2'
+          case 'update':
+            return 'google_sheets_update_v2'
+          case 'append':
+            return 'google_sheets_append_v2'
+          case 'clear':
+            return 'google_sheets_clear_v2'
+          case 'get_info':
+            return 'google_sheets_get_spreadsheet_v2'
+          case 'create':
+            return 'google_sheets_create_spreadsheet_v2'
+          case 'batch_get':
+            return 'google_sheets_batch_get_v2'
+          case 'batch_update':
+            return 'google_sheets_batch_update_v2'
+          case 'batch_clear':
+            return 'google_sheets_batch_clear_v2'
+          case 'copy_sheet':
+            return 'google_sheets_copy_sheet_v2'
+          default:
+            throw new Error(`Invalid Google Sheets V2 operation: ${params.operation}`)
+        }
+      },
       params: (params) => {
         const {
           credential,

apps/sim/blocks/blocks/google_slides.ts

@@ -1,14 +1,12 @@
 import { GoogleSlidesIcon } from '@/components/icons'
-import { resolveHttpsUrlFromFileInput } from '@/lib/uploads/utils/file-utils'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
 import type { GoogleSlidesResponse } from '@/tools/google_slides/types'
 
 export const GoogleSlidesBlock: BlockConfig<GoogleSlidesResponse> = {
   type: 'google_slides',
-  name: 'Google Slides (Legacy)',
+  name: 'Google Slides',
   description: 'Read, write, and create presentations',
-  hideFromToolbar: true,
   authMode: AuthMode.OAuth,
   longDescription:
     'Integrate Google Slides into the workflow. Can read, write, create presentations, replace text, add slides, add images, get thumbnails, get page details, delete objects, duplicate objects, reorder slides, create tables, create shapes, and insert text.',
@@ -316,27 +314,13 @@ Return ONLY the JSON array - no explanations, no markdown, no extra text.`,
       condition: { field: 'operation', value: 'add_image' },
       required: true,
     },
-    {
-      id: 'imageFile',
-      title: 'Image',
-      type: 'file-upload',
-      canonicalParamId: 'imageSource',
-      placeholder: 'Upload image (PNG, JPEG, or GIF)',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.png,.jpg,.jpeg,.gif',
-      condition: { field: 'operation', value: 'add_image' },
-    },
     {
       id: 'imageUrl',
-      title: 'Image',
+      title: 'Image URL',
       type: 'short-input',
-      canonicalParamId: 'imageSource',
-      placeholder: 'Reference image from previous blocks or enter URL',
-      mode: 'advanced',
-      required: true,
+      placeholder: 'Public URL of the image (PNG, JPEG, or GIF)',
       condition: { field: 'operation', value: 'add_image' },
+      required: true,
     },
     {
       id: 'imageWidth',
@@ -825,9 +809,7 @@ Return ONLY the text content - no explanations, no markdown formatting markers,
     placeholderIdMappings: { type: 'string', description: 'JSON array of placeholder ID mappings' },
     // Add image operation
     pageObjectId: { type: 'string', description: 'Slide object ID for image' },
-    imageFile: { type: 'json', description: 'Uploaded image (UserFile)' },
-    imageUrl: { type: 'string', description: 'Image URL or reference' },
-    imageSource: { type: 'json', description: 'Image source (file or URL)' },
+    imageUrl: { type: 'string', description: 'Image URL' },
     imageWidth: { type: 'number', description: 'Image width in points' },
     imageHeight: { type: 'number', description: 'Image height in points' },
     positionX: { type: 'number', description: 'X position in points' },
@@ -905,99 +887,3 @@ Return ONLY the text content - no explanations, no markdown formatting markers,
     text: { type: 'string', description: 'Text that was inserted' },
   },
 }
-
-const googleSlidesV2SubBlocks = (GoogleSlidesBlock.subBlocks || []).flatMap((subBlock) => {
-  if (subBlock.id === 'imageFile') {
-    return [
-      {
-        ...subBlock,
-        canonicalParamId: 'imageFile',
-      },
-    ]
-  }
-
-  if (subBlock.id !== 'imageUrl') {
-    return [subBlock]
-  }
-
-  return [
-    {
-      id: 'imageFileReference',
-      title: 'Image',
-      type: 'short-input' as const,
-      canonicalParamId: 'imageFile',
-      placeholder: 'Reference image from previous blocks',
-      mode: 'advanced' as const,
-      required: true,
-      condition: { field: 'operation', value: 'add_image' },
-    },
-  ]
-})
-
-const googleSlidesV2Inputs = GoogleSlidesBlock.inputs
-  ? Object.fromEntries(
-      Object.entries(GoogleSlidesBlock.inputs).filter(
-        ([key]) => key !== 'imageUrl' && key !== 'imageSource'
-      )
-    )
-  : {}
-
-export const GoogleSlidesV2Block: BlockConfig<GoogleSlidesResponse> = {
-  ...GoogleSlidesBlock,
-  type: 'google_slides_v2',
-  name: 'Google Slides',
-  description: 'Read, write, and create presentations',
-  hideFromToolbar: false,
-  subBlocks: googleSlidesV2SubBlocks,
-  tools: {
-    access: GoogleSlidesBlock.tools!.access,
-    config: {
-      tool: GoogleSlidesBlock.tools!.config!.tool,
-      params: (params) => {
-        const baseParams = GoogleSlidesBlock.tools?.config?.params
-        if (!baseParams) {
-          return params
-        }
-
-        if (params.operation === 'add_image') {
-          let imageInput = params.imageFile || params.imageFileReference || params.imageSource
-          if (!imageInput) {
-            throw new Error('Image file is required.')
-          }
-          if (typeof imageInput === 'string') {
-            try {
-              imageInput = JSON.parse(imageInput)
-            } catch {
-              throw new Error('Image file must be a valid file reference.')
-            }
-          }
-          if (Array.isArray(imageInput)) {
-            throw new Error(
-              'File reference must be a single file, not an array. Use <block.files[0]> to select one file.'
-            )
-          }
-          if (typeof imageInput !== 'object' || imageInput === null) {
-            throw new Error('Image file must be a file reference.')
-          }
-          const imageUrl = resolveHttpsUrlFromFileInput(imageInput)
-          if (!imageUrl) {
-            throw new Error('Image file must include a https URL.')
-          }
-
-          return baseParams({
-            ...params,
-            imageUrl,
-            imageFileReference: undefined,
-            imageSource: undefined,
-          })
-        }
-
-        return baseParams(params)
-      },
-    },
-  },
-  inputs: {
-    ...googleSlidesV2Inputs,
-    imageFileReference: { type: 'json', description: 'Image file reference' },
-  },
-}

apps/sim/blocks/blocks/google_vault.ts

@@ -526,7 +526,7 @@ Return ONLY the description text - no explanations, no quotes, no extra text.`,
       description:
         'Single hold object (for create_matters_holds or list_matters_holds with holdId)',
     },
-    file: { type: 'file', description: 'Downloaded export file (UserFile) from execution files' },
+    file: { type: 'json', description: 'Downloaded export file (UserFile) from execution files' },
     nextPageToken: {
       type: 'string',
       description: 'Token for fetching next page of results (for list operations)',

apps/sim/blocks/blocks/image_generator.ts

@@ -149,7 +149,7 @@ export const ImageGeneratorBlock: BlockConfig<DalleResponse> = {
   },
   outputs: {
     content: { type: 'string', description: 'Generation response' },
-    image: { type: 'file', description: 'Generated image file (UserFile)' },
+    image: { type: 'string', description: 'Generated image URL' },
     metadata: { type: 'json', description: 'Generation metadata' },
   },
 }

apps/sim/blocks/blocks/imap.ts

@@ -44,7 +44,7 @@ export const ImapBlock: BlockConfig = {
     bodyHtml: { type: 'string', description: 'HTML email body' },
     mailbox: { type: 'string', description: 'Mailbox/folder where email was received' },
     hasAttachments: { type: 'boolean', description: 'Whether email has attachments' },
-    attachments: { type: 'file[]', description: 'Array of email attachments' },
+    attachments: { type: 'json', description: 'Array of email attachments' },
     timestamp: { type: 'string', description: 'Event timestamp' },
   },
   triggers: {

apps/sim/blocks/blocks/jira.ts

@@ -34,7 +34,6 @@ export const JiraBlock: BlockConfig<JiraResponse> = {
         { label: 'Update Comment', id: 'update_comment' },
         { label: 'Delete Comment', id: 'delete_comment' },
         { label: 'Get Attachments', id: 'get_attachments' },
-        { label: 'Add Attachment', id: 'add_attachment' },
         { label: 'Delete Attachment', id: 'delete_attachment' },
         { label: 'Add Worklog', id: 'add_worklog' },
         { label: 'Get Worklogs', id: 'get_worklogs' },
@@ -138,7 +137,6 @@ export const JiraBlock: BlockConfig<JiraResponse> = {
           'update_comment',
           'delete_comment',
           'get_attachments',
-          'add_attachment',
           'add_worklog',
           'get_worklogs',
           'update_worklog',
@@ -170,7 +168,6 @@ export const JiraBlock: BlockConfig<JiraResponse> = {
           'update_comment',
           'delete_comment',
           'get_attachments',
-          'add_attachment',
           'add_worklog',
           'get_worklogs',
           'update_worklog',
@@ -410,27 +407,6 @@ Return ONLY the comment text - no explanations.`,
       condition: { field: 'operation', value: ['update_comment', 'delete_comment'] },
     },
     // Attachment fields
-    {
-      id: 'attachmentFiles',
-      title: 'Attachments',
-      type: 'file-upload',
-      canonicalParamId: 'files',
-      placeholder: 'Upload files',
-      condition: { field: 'operation', value: 'add_attachment' },
-      mode: 'basic',
-      multiple: true,
-      required: true,
-    },
-    {
-      id: 'files',
-      title: 'File References',
-      type: 'short-input',
-      canonicalParamId: 'files',
-      placeholder: 'File reference from previous block',
-      condition: { field: 'operation', value: 'add_attachment' },
-      mode: 'advanced',
-      required: true,
-    },
     {
       id: 'attachmentId',
       title: 'Attachment ID',
@@ -600,7 +576,6 @@ Return ONLY the comment text - no explanations.`,
       'jira_update_comment',
       'jira_delete_comment',
       'jira_get_attachments',
-      'jira_add_attachment',
       'jira_delete_attachment',
       'jira_add_worklog',
       'jira_get_worklogs',
@@ -648,8 +623,6 @@ Return ONLY the comment text - no explanations.`,
             return 'jira_delete_comment'
           case 'get_attachments':
             return 'jira_get_attachments'
-          case 'add_attachment':
-            return 'jira_add_attachment'
           case 'delete_attachment':
             return 'jira_delete_attachment'
           case 'add_worklog':
@@ -865,21 +838,6 @@ Return ONLY the comment text - no explanations.`,
               issueKey: effectiveIssueKey,
             }
           }
-          case 'add_attachment': {
-            if (!effectiveIssueKey) {
-              throw new Error('Issue Key is required to add attachments.')
-            }
-            const fileParam = params.attachmentFiles || params.files
-            if (!fileParam || (Array.isArray(fileParam) && fileParam.length === 0)) {
-              throw new Error('At least one attachment file is required.')
-            }
-            const normalizedFiles = Array.isArray(fileParam) ? fileParam : [fileParam]
-            return {
-              ...baseParams,
-              issueKey: effectiveIssueKey,
-              files: normalizedFiles,
-            }
-          }
           case 'delete_attachment': {
             return {
               ...baseParams,
@@ -1024,8 +982,6 @@ Return ONLY the comment text - no explanations.`,
     commentBody: { type: 'string', description: 'Text content for comment operations' },
     commentId: { type: 'string', description: 'Comment ID for update/delete operations' },
     // Attachment operation inputs
-    attachmentFiles: { type: 'json', description: 'Files to attach (UI upload)' },
-    files: { type: 'array', description: 'Files to attach (UserFile array)' },
     attachmentId: { type: 'string', description: 'Attachment ID for delete operation' },
     // Worklog operation inputs
     timeSpentSeconds: {
@@ -1096,8 +1052,6 @@ Return ONLY the comment text - no explanations.`,
       type: 'json',
       description: 'Array of attachments with id, filename, size, mimeType, created, author',
     },
-    files: { type: 'file[]', description: 'Uploaded attachment files' },
-    attachmentIds: { type: 'json', description: 'Uploaded attachment IDs' },
 
     // jira_delete_attachment, jira_delete_comment, jira_delete_issue, jira_delete_worklog, jira_delete_issue_link outputs
     attachmentId: { type: 'string', description: 'Deleted attachment ID' },

apps/sim/blocks/blocks/linear.ts

@@ -668,44 +668,17 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
         generationType: 'timestamp',
       },
     },
-    // Attachment file
-    {
-      id: 'attachmentFileUpload',
-      title: 'Attachment',
-      type: 'file-upload',
-      canonicalParamId: 'file',
-      placeholder: 'Upload attachment',
-      condition: {
-        field: 'operation',
-        value: ['linear_create_attachment'],
-      },
-      mode: 'basic',
-      multiple: false,
-    },
-    {
-      id: 'file',
-      title: 'File Reference',
-      type: 'short-input',
-      canonicalParamId: 'file',
-      placeholder: 'File reference from previous block',
-      condition: {
-        field: 'operation',
-        value: ['linear_create_attachment'],
-      },
-      mode: 'advanced',
-    },
     // Attachment URL
     {
       id: 'url',
       title: 'URL',
       type: 'short-input',
       placeholder: 'Enter URL',
-      required: false,
+      required: true,
       condition: {
         field: 'operation',
         value: ['linear_create_attachment'],
       },
-      mode: 'advanced',
     },
     // Attachment title
     {
@@ -1769,31 +1742,16 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
               teamId: effectiveTeamId,
             }
 
-          case 'linear_create_attachment': {
-            if (!params.issueId?.trim()) {
-              throw new Error('Issue ID is required.')
-            }
-            if (Array.isArray(params.file)) {
-              throw new Error('Attachment file must be a single file.')
-            }
-            if (Array.isArray(params.attachmentFileUpload)) {
-              throw new Error('Attachment file must be a single file.')
-            }
-            const attachmentFile = params.attachmentFileUpload || params.file
-            const attachmentUrl =
-              params.url?.trim() ||
-              (attachmentFile && !Array.isArray(attachmentFile) ? attachmentFile.url : undefined)
-            if (!attachmentUrl) {
-              throw new Error('URL or file is required.')
+          case 'linear_create_attachment':
+            if (!params.issueId?.trim() || !params.url?.trim()) {
+              throw new Error('Issue ID and URL are required.')
             }
             return {
               ...baseParams,
               issueId: params.issueId.trim(),
-              url: attachmentUrl,
-              file: attachmentFile,
+              url: params.url.trim(),
               title: params.attachmentTitle,
             }
-          }
 
           case 'linear_list_attachments':
             if (!params.issueId?.trim()) {
@@ -2290,8 +2248,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
     endDate: { type: 'string', description: 'End date' },
     targetDate: { type: 'string', description: 'Target date' },
     url: { type: 'string', description: 'URL' },
-    attachmentFileUpload: { type: 'json', description: 'File to attach (UI upload)' },
-    file: { type: 'json', description: 'File to attach (UserFile)' },
     attachmentTitle: { type: 'string', description: 'Attachment title' },
     attachmentId: { type: 'string', description: 'Attachment identifier' },
     relationType: { type: 'string', description: 'Relation type' },

apps/sim/blocks/blocks/microsoft_excel.ts

@@ -1,7 +1,6 @@
 import { MicrosoftExcelIcon } from '@/components/icons'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type {
   MicrosoftExcelResponse,
   MicrosoftExcelV2Response,
@@ -490,20 +489,16 @@ Return ONLY the JSON array - no explanations, no markdown, no extra text.`,
   tools: {
     access: ['microsoft_excel_read_v2', 'microsoft_excel_write_v2'],
     config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: (params) => {
-          switch (params.operation) {
-            case 'read':
-              return 'microsoft_excel_read'
-            case 'write':
-              return 'microsoft_excel_write'
-            default:
-              throw new Error(`Invalid Microsoft Excel operation: ${params.operation}`)
-          }
-        },
-        suffix: '_v2',
-        fallbackToolId: 'microsoft_excel_read_v2',
-      }),
+      tool: (params) => {
+        switch (params.operation) {
+          case 'read':
+            return 'microsoft_excel_read_v2'
+          case 'write':
+            return 'microsoft_excel_write_v2'
+          default:
+            throw new Error(`Invalid Microsoft Excel V2 operation: ${params.operation}`)
+        }
+      },
       params: (params) => {
         const {
           credential,

apps/sim/blocks/blocks/microsoft_teams.ts

@@ -346,10 +346,7 @@ export const MicrosoftTeamsBlock: BlockConfig<MicrosoftTeamsResponse> = {
         // Add files if provided
         const fileParam = attachmentFiles || files
         if (fileParam && (operation === 'write_chat' || operation === 'write_channel')) {
-          const normalizedFiles = Array.isArray(fileParam) ? fileParam : [fileParam]
-          if (normalizedFiles.length > 0) {
-            baseParams.files = normalizedFiles
-          }
+          baseParams.files = fileParam
         }
 
         // Add messageId if provided
@@ -465,8 +462,7 @@ export const MicrosoftTeamsBlock: BlockConfig<MicrosoftTeamsResponse> = {
     messages: { type: 'json', description: 'Array of message objects' },
     totalAttachments: { type: 'number', description: 'Total number of attachments' },
     attachmentTypes: { type: 'json', description: 'Array of attachment content types' },
-    attachments: { type: 'file[]', description: 'Downloaded message attachments' },
-    files: { type: 'file[]', description: 'Files attached to the message' },
+    attachments: { type: 'array', description: 'Downloaded message attachments' },
     updatedContent: {
       type: 'boolean',
       description: 'Whether content was successfully updated/sent',

apps/sim/blocks/blocks/mistral_parse.ts

@@ -94,7 +94,7 @@ export const MistralParseBlock: BlockConfig<MistralParserOutput> = {
           if (!params.fileUpload) {
             throw new Error('Please upload a PDF document')
           }
-          parameters.file = params.fileUpload
+          parameters.fileUpload = params.fileUpload
         }
 
         let pagesArray: number[] | undefined
@@ -159,16 +159,14 @@ export const MistralParseV2Block: BlockConfig<MistralParserOutput> = {
       placeholder: 'Upload a PDF document',
       mode: 'basic',
       maxSize: 50,
-      required: true,
     },
     {
-      id: 'fileReference',
-      title: 'File Reference',
+      id: 'filePath',
+      title: 'PDF Document',
       type: 'short-input' as SubBlockType,
       canonicalParamId: 'document',
-      placeholder: 'File reference from previous block',
+      placeholder: 'Document URL',
       mode: 'advanced',
-      required: true,
     },
     {
       id: 'resultType',
@@ -213,26 +211,15 @@ export const MistralParseV2Block: BlockConfig<MistralParserOutput> = {
           resultType: params.resultType || 'markdown',
         }
 
-        let documentInput = params.fileUpload || params.fileReference || params.document
+        const documentInput = params.fileUpload || params.filePath || params.document
         if (!documentInput) {
           throw new Error('PDF document is required')
         }
-        if (typeof documentInput === 'string') {
-          try {
-            documentInput = JSON.parse(documentInput)
-          } catch {
-            throw new Error('PDF document must be a valid file reference')
-          }
+        if (typeof documentInput === 'object') {
+          parameters.fileUpload = documentInput
+        } else if (typeof documentInput === 'string') {
+          parameters.filePath = documentInput.trim()
         }
-        if (Array.isArray(documentInput)) {
-          throw new Error(
-            'File reference must be a single file, not an array. Use <block.attachments[0]> to select one file.'
-          )
-        }
-        if (typeof documentInput !== 'object' || documentInput === null) {
-          throw new Error('PDF document must be a file reference')
-        }
-        parameters.file = documentInput
 
         let pagesArray: number[] | undefined
         if (params.pages && params.pages.trim() !== '') {
@@ -267,8 +254,8 @@ export const MistralParseV2Block: BlockConfig<MistralParserOutput> = {
     },
   },
   inputs: {
-    document: { type: 'json', description: 'Document input (file upload or file reference)' },
-    fileReference: { type: 'json', description: 'File reference (advanced mode)' },
+    document: { type: 'json', description: 'Document input (file upload or URL reference)' },
+    filePath: { type: 'string', description: 'PDF document URL (advanced mode)' },
     fileUpload: { type: 'json', description: 'Uploaded PDF file (basic mode)' },
     apiKey: { type: 'string', description: 'Mistral API key' },
     resultType: { type: 'string', description: 'Output format type' },

apps/sim/blocks/blocks/notion.ts

@@ -412,7 +412,6 @@ export const NotionV2Block: BlockConfig<any> = {
       'notion_read_database_v2',
       'notion_write_v2',
       'notion_create_page_v2',
-      'notion_update_page_v2',
       'notion_query_database_v2',
       'notion_search_v2',
       'notion_create_database_v2',

apps/sim/blocks/blocks/onedrive.ts

@@ -393,7 +393,7 @@ export const OneDriveBlock: BlockConfig<OneDriveResponse> = {
     deleted: { type: 'boolean', description: 'Whether the file was deleted' },
     fileId: { type: 'string', description: 'The ID of the deleted file' },
     file: {
-      type: 'file',
+      type: 'json',
       description: 'The OneDrive file object, including details such as id, name, size, and more.',
     },
     files: {

apps/sim/blocks/blocks/outlook.ts

@@ -440,7 +440,7 @@ export const OutlookBlock: BlockConfig<OutlookResponse> = {
     sentDateTime: { type: 'string', description: 'Email sent timestamp' },
     hasAttachments: { type: 'boolean', description: 'Whether email has attachments' },
     attachments: {
-      type: 'file[]',
+      type: 'json',
       description: 'Email attachments (if includeAttachments is enabled)',
     },
     isRead: { type: 'boolean', description: 'Whether email is read' },

apps/sim/blocks/blocks/pipedrive.ts

@@ -804,7 +804,6 @@ Return ONLY the date string in YYYY-MM-DD format - no explanations, no quotes, n
     deals: { type: 'json', description: 'Array of deal objects' },
     deal: { type: 'json', description: 'Single deal object' },
     files: { type: 'json', description: 'Array of file objects' },
-    downloadedFiles: { type: 'file[]', description: 'Downloaded files from Pipedrive' },
     messages: { type: 'json', description: 'Array of mail message objects' },
     pipelines: { type: 'json', description: 'Array of pipeline objects' },
     projects: { type: 'json', description: 'Array of project objects' },

apps/sim/blocks/blocks/pulse.ts

@@ -1,13 +1,11 @@
 import { PulseIcon } from '@/components/icons'
 import { AuthMode, type BlockConfig, type SubBlockType } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { PulseParserOutput } from '@/tools/pulse/types'
 
 export const PulseBlock: BlockConfig<PulseParserOutput> = {
   type: 'pulse',
   name: 'Pulse',
   description: 'Extract text from documents using Pulse OCR',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   longDescription:
     'Integrate Pulse into the workflow. Extract text from PDF documents, images, and Office files via URL or upload.',
@@ -79,7 +77,7 @@ export const PulseBlock: BlockConfig<PulseParserOutput> = {
           throw new Error('Document is required')
         }
         if (typeof documentInput === 'object') {
-          parameters.file = documentInput
+          parameters.fileUpload = documentInput
         } else if (typeof documentInput === 'string') {
           parameters.filePath = documentInput.trim()
         }
@@ -128,78 +126,3 @@ export const PulseBlock: BlockConfig<PulseParserOutput> = {
     figures: { type: 'json', description: 'Extracted figures if figure extraction was enabled' },
   },
 }
-
-const pulseV2Inputs = PulseBlock.inputs
-  ? Object.fromEntries(Object.entries(PulseBlock.inputs).filter(([key]) => key !== 'filePath'))
-  : {}
-const pulseV2SubBlocks = (PulseBlock.subBlocks || []).filter(
-  (subBlock) => subBlock.id !== 'filePath'
-)
-
-export const PulseV2Block: BlockConfig<PulseParserOutput> = {
-  ...PulseBlock,
-  type: 'pulse_v2',
-  name: 'Pulse (File Only)',
-  hideFromToolbar: false,
-  longDescription:
-    'Integrate Pulse into the workflow. Extract text from PDF documents, images, and Office files via upload.',
-  subBlocks: pulseV2SubBlocks,
-  tools: {
-    access: ['pulse_parser_v2'],
-    config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: () => 'pulse_parser',
-        suffix: '_v2',
-        fallbackToolId: 'pulse_parser_v2',
-      }),
-      params: (params) => {
-        if (!params || !params.apiKey || params.apiKey.trim() === '') {
-          throw new Error('Pulse API key is required')
-        }
-
-        const parameters: Record<string, unknown> = {
-          apiKey: params.apiKey.trim(),
-        }
-
-        let documentInput = params.fileUpload || params.document
-        if (!documentInput) {
-          throw new Error('Document file is required')
-        }
-        if (typeof documentInput === 'string') {
-          try {
-            documentInput = JSON.parse(documentInput)
-          } catch {
-            throw new Error('Document file must be a valid file reference')
-          }
-        }
-        if (Array.isArray(documentInput)) {
-          throw new Error(
-            'File reference must be a single file, not an array. Use <block.attachments[0]> to select one file.'
-          )
-        }
-        if (typeof documentInput !== 'object' || documentInput === null) {
-          throw new Error('Document file must be a file reference')
-        }
-        parameters.file = documentInput
-
-        if (params.pages && params.pages.trim() !== '') {
-          parameters.pages = params.pages.trim()
-        }
-
-        if (params.chunking && params.chunking.trim() !== '') {
-          parameters.chunking = params.chunking.trim()
-        }
-
-        if (params.chunkSize && params.chunkSize.trim() !== '') {
-          const size = Number.parseInt(params.chunkSize.trim(), 10)
-          if (!Number.isNaN(size) && size > 0) {
-            parameters.chunkSize = size
-          }
-        }
-
-        return parameters
-      },
-    },
-  },
-  inputs: pulseV2Inputs,
-}

apps/sim/blocks/blocks/reducto.ts

@@ -1,13 +1,11 @@
 import { ReductoIcon } from '@/components/icons'
 import { AuthMode, type BlockConfig, type SubBlockType } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { ReductoParserOutput } from '@/tools/reducto/types'
 
 export const ReductoBlock: BlockConfig<ReductoParserOutput> = {
   type: 'reducto',
   name: 'Reducto',
   description: 'Extract text from PDF documents',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   longDescription: `Integrate Reducto Parse into the workflow. Can extract text from uploaded PDF documents, or from a URL.`,
   docsLink: 'https://docs.sim.ai/tools/reducto',
@@ -76,7 +74,7 @@ export const ReductoBlock: BlockConfig<ReductoParserOutput> = {
         }
 
         if (typeof documentInput === 'object') {
-          parameters.file = documentInput
+          parameters.fileUpload = documentInput
         } else if (typeof documentInput === 'string') {
           parameters.filePath = documentInput.trim()
         }
@@ -134,94 +132,3 @@ export const ReductoBlock: BlockConfig<ReductoParserOutput> = {
     studio_link: { type: 'string', description: 'Link to Reducto studio interface' },
   },
 }
-
-const reductoV2Inputs = ReductoBlock.inputs
-  ? Object.fromEntries(Object.entries(ReductoBlock.inputs).filter(([key]) => key !== 'filePath'))
-  : {}
-const reductoV2SubBlocks = (ReductoBlock.subBlocks || []).filter(
-  (subBlock) => subBlock.id !== 'filePath'
-)
-
-export const ReductoV2Block: BlockConfig<ReductoParserOutput> = {
-  ...ReductoBlock,
-  type: 'reducto_v2',
-  name: 'Reducto (File Only)',
-  hideFromToolbar: false,
-  longDescription: `Integrate Reducto Parse into the workflow. Can extract text from uploaded PDF documents.`,
-  subBlocks: reductoV2SubBlocks,
-  tools: {
-    access: ['reducto_parser_v2'],
-    config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: () => 'reducto_parser',
-        suffix: '_v2',
-        fallbackToolId: 'reducto_parser_v2',
-      }),
-      params: (params) => {
-        if (!params || !params.apiKey || params.apiKey.trim() === '') {
-          throw new Error('Reducto API key is required')
-        }
-
-        const parameters: Record<string, unknown> = {
-          apiKey: params.apiKey.trim(),
-        }
-
-        let documentInput = params.fileUpload || params.document
-        if (!documentInput) {
-          throw new Error('PDF document file is required')
-        }
-        if (typeof documentInput === 'string') {
-          try {
-            documentInput = JSON.parse(documentInput)
-          } catch {
-            throw new Error('PDF document file must be a valid file reference')
-          }
-        }
-        if (Array.isArray(documentInput)) {
-          throw new Error(
-            'File reference must be a single file, not an array. Use <block.attachments[0]> to select one file.'
-          )
-        }
-        if (typeof documentInput !== 'object' || documentInput === null) {
-          throw new Error('PDF document file must be a file reference')
-        }
-        parameters.file = documentInput
-
-        let pagesArray: number[] | undefined
-        if (params.pages && params.pages.trim() !== '') {
-          try {
-            pagesArray = params.pages
-              .split(',')
-              .map((p: string) => p.trim())
-              .filter((p: string) => p.length > 0)
-              .map((p: string) => {
-                const num = Number.parseInt(p, 10)
-                if (Number.isNaN(num) || num < 0) {
-                  throw new Error(`Invalid page number: ${p}`)
-                }
-                return num
-              })
-
-            if (pagesArray && pagesArray.length === 0) {
-              pagesArray = undefined
-            }
-          } catch (error: unknown) {
-            const errorMessage = error instanceof Error ? error.message : String(error)
-            throw new Error(`Page number format error: ${errorMessage}`)
-          }
-        }
-
-        if (pagesArray && pagesArray.length > 0) {
-          parameters.pages = pagesArray
-        }
-
-        if (params.tableOutputFormat) {
-          parameters.tableOutputFormat = params.tableOutputFormat
-        }
-
-        return parameters
-      },
-    },
-  },
-  inputs: reductoV2Inputs,
-}

apps/sim/blocks/blocks/s3.ts

@@ -418,7 +418,6 @@ export const S3Block: BlockConfig<S3Response> = {
       type: 'string',
       description: 'S3 URI (s3://bucket/key) for use with other AWS services',
     },
-    file: { type: 'file', description: 'Downloaded file stored in execution files' },
     objects: { type: 'json', description: 'List of objects (for list operation)' },
     deleted: { type: 'boolean', description: 'Deletion status' },
     metadata: { type: 'json', description: 'Operation metadata' },

apps/sim/blocks/blocks/sftp.ts

@@ -293,7 +293,6 @@ export const SftpBlock: BlockConfig<SftpUploadResult> = {
   outputs: {
     success: { type: 'boolean', description: 'Whether the operation was successful' },
     uploadedFiles: { type: 'json', description: 'Array of uploaded file details' },
-    file: { type: 'file', description: 'Downloaded file stored in execution files' },
     fileName: { type: 'string', description: 'Downloaded file name' },
     content: { type: 'string', description: 'Downloaded file content' },
     size: { type: 'number', description: 'File size in bytes' },

apps/sim/blocks/blocks/slack.ts

@@ -622,10 +622,7 @@ Return ONLY the timestamp string - no explanations, no quotes, no extra text.`,
             }
             const fileParam = attachmentFiles || files
             if (fileParam) {
-              const normalizedFiles = Array.isArray(fileParam) ? fileParam : [fileParam]
-              if (normalizedFiles.length > 0) {
-                baseParams.files = normalizedFiles
-              }
+              baseParams.files = fileParam
             }
             break
           }
@@ -799,7 +796,6 @@ Return ONLY the timestamp string - no explanations, no quotes, no extra text.`,
       type: 'number',
       description: 'Number of files uploaded (when files are attached)',
     },
-    files: { type: 'file[]', description: 'Files attached to the message' },
 
     // slack_canvas outputs
     canvas_id: { type: 'string', description: 'Canvas identifier for created canvases' },
@@ -863,7 +859,7 @@ Return ONLY the timestamp string - no explanations, no quotes, no extra text.`,
 
     // slack_download outputs
     file: {
-      type: 'file',
+      type: 'json',
       description: 'Downloaded file stored in execution files',
     },
 

apps/sim/blocks/blocks/spotify.ts

@@ -450,24 +450,10 @@ export const SpotifyBlock: BlockConfig<ToolResponse> = {
 
     // === PLAYLIST COVER ===
     {
-      id: 'coverImageFile',
-      title: 'Cover Image',
-      type: 'file-upload',
-      canonicalParamId: 'coverImage',
-      placeholder: 'Upload cover image (JPEG, max 256KB)',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.jpg,.jpeg',
-      condition: { field: 'operation', value: 'spotify_add_playlist_cover' },
-    },
-    {
-      id: 'coverImageRef',
-      title: 'Cover Image',
-      type: 'short-input',
-      canonicalParamId: 'coverImage',
-      placeholder: 'Reference image from previous blocks',
-      mode: 'advanced',
+      id: 'imageBase64',
+      title: 'Image (Base64)',
+      type: 'long-input',
+      placeholder: 'Base64-encoded JPEG image (max 256KB)',
       required: true,
       condition: { field: 'operation', value: 'spotify_add_playlist_cover' },
     },
@@ -818,9 +804,7 @@ export const SpotifyBlock: BlockConfig<ToolResponse> = {
     newName: { type: 'string', description: 'New playlist name' },
     description: { type: 'string', description: 'Playlist description' },
     public: { type: 'boolean', description: 'Whether playlist is public' },
-    coverImage: { type: 'json', description: 'Cover image (UserFile)' },
-    coverImageFile: { type: 'json', description: 'Cover image upload (basic mode)' },
-    coverImageRef: { type: 'json', description: 'Cover image reference (advanced mode)' },
+    imageBase64: { type: 'string', description: 'Base64-encoded JPEG image' },
     range_start: { type: 'number', description: 'Start index for reorder' },
     insert_before: { type: 'number', description: 'Insert before index' },
     range_length: { type: 'number', description: 'Number of items to move' },

apps/sim/blocks/blocks/ssh.ts

@@ -507,7 +507,6 @@ export const SSHBlock: BlockConfig<SSHResponse> = {
     stderr: { type: 'string', description: 'Command standard error' },
     exitCode: { type: 'number', description: 'Command exit code' },
     success: { type: 'boolean', description: 'Operation success status' },
-    file: { type: 'file', description: 'Downloaded file stored in execution files' },
     fileContent: { type: 'string', description: 'Downloaded/read file content' },
     entries: { type: 'json', description: 'Directory entries' },
     exists: { type: 'boolean', description: 'File/directory existence' },

apps/sim/blocks/blocks/stt.ts

@@ -1,13 +1,11 @@
 import { STTIcon } from '@/components/icons'
 import { AuthMode, type BlockConfig } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { SttBlockResponse } from '@/tools/stt/types'
 
 export const SttBlock: BlockConfig<SttBlockResponse> = {
   type: 'stt',
   name: 'Speech-to-Text',
   description: 'Convert speech to text using AI',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   longDescription:
     'Transcribe audio and video files to text using leading AI providers. Supports multiple languages, timestamps, and speaker diarization.',
@@ -82,7 +80,10 @@ export const SttBlock: BlockConfig<SttBlockResponse> = {
       title: 'Model',
       type: 'dropdown',
       condition: { field: 'provider', value: 'assemblyai' },
-      options: [{ label: 'Best', id: 'best' }],
+      options: [
+        { label: 'Best', id: 'best' },
+        { label: 'Nano', id: 'nano' },
+      ],
       value: () => 'best',
       required: true,
     },
@@ -344,78 +345,3 @@ export const SttBlock: BlockConfig<SttBlockResponse> = {
     },
   },
 }
-
-const sttV2Inputs = SttBlock.inputs
-  ? Object.fromEntries(Object.entries(SttBlock.inputs).filter(([key]) => key !== 'audioUrl'))
-  : {}
-const sttV2SubBlocks = (SttBlock.subBlocks || []).filter((subBlock) => subBlock.id !== 'audioUrl')
-
-export const SttV2Block: BlockConfig<SttBlockResponse> = {
-  ...SttBlock,
-  type: 'stt_v2',
-  name: 'Speech-to-Text (File Only)',
-  hideFromToolbar: false,
-  subBlocks: sttV2SubBlocks,
-  tools: {
-    access: [
-      'stt_whisper_v2',
-      'stt_deepgram_v2',
-      'stt_elevenlabs_v2',
-      'stt_assemblyai_v2',
-      'stt_gemini_v2',
-    ],
-    config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: (params) => {
-          switch (params.provider) {
-            case 'whisper':
-              return 'stt_whisper'
-            case 'deepgram':
-              return 'stt_deepgram'
-            case 'elevenlabs':
-              return 'stt_elevenlabs'
-            case 'assemblyai':
-              return 'stt_assemblyai'
-            case 'gemini':
-              return 'stt_gemini'
-            default:
-              return 'stt_whisper'
-          }
-        },
-        suffix: '_v2',
-        fallbackToolId: 'stt_whisper_v2',
-      }),
-      params: (params) => {
-        let audioInput = params.audioFile || params.audioFileReference
-        if (audioInput && typeof audioInput === 'string') {
-          try {
-            audioInput = JSON.parse(audioInput)
-          } catch {
-            throw new Error('Audio file must be a valid file reference')
-          }
-        }
-        if (audioInput && Array.isArray(audioInput)) {
-          throw new Error(
-            'File reference must be a single file, not an array. Use <block.files[0]> to select one file.'
-          )
-        }
-        return {
-          provider: params.provider,
-          apiKey: params.apiKey,
-          model: params.model,
-          audioFile: audioInput,
-          audioFileReference: undefined,
-          language: params.language,
-          timestamps: params.timestamps,
-          diarization: params.diarization,
-          translateToEnglish: params.translateToEnglish,
-          sentiment: params.sentiment,
-          entityDetection: params.entityDetection,
-          piiRedaction: params.piiRedaction,
-          summarization: params.summarization,
-        }
-      },
-    },
-  },
-  inputs: sttV2Inputs,
-}

apps/sim/blocks/blocks/supabase.ts

@@ -675,9 +675,9 @@ Return ONLY the PostgREST filter expression - no explanations, no markdown, no e
     {
       id: 'fileContent',
       title: 'File Content',
-      type: 'short-input',
+      type: 'code',
       canonicalParamId: 'fileData',
-      placeholder: 'File reference from previous block',
+      placeholder: 'Base64 encoded for binary files, or plain text',
       condition: { field: 'operation', value: 'storage_upload' },
       mode: 'advanced',
       required: true,
@@ -1173,7 +1173,7 @@ Return ONLY the PostgREST filter expression - no explanations, no markdown, no e
       description: 'Row count for count operations',
     },
     file: {
-      type: 'file',
+      type: 'files',
       description: 'Downloaded file stored in execution files',
     },
     publicUrl: {

apps/sim/blocks/blocks/telegram.ts

@@ -65,91 +65,39 @@ export const TelegramBlock: BlockConfig<TelegramResponse> = {
       required: true,
       condition: { field: 'operation', value: 'telegram_message' },
     },
-    {
-      id: 'photoFile',
-      title: 'Photo',
-      type: 'file-upload',
-      canonicalParamId: 'photo',
-      placeholder: 'Upload photo',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.jpg,.jpeg,.png,.gif,.webp',
-      condition: { field: 'operation', value: 'telegram_send_photo' },
-    },
     {
       id: 'photo',
       title: 'Photo',
       type: 'short-input',
-      canonicalParamId: 'photo',
-      placeholder: 'Reference photo from previous blocks or enter URL/file_id',
-      mode: 'advanced',
+      placeholder: 'Enter photo URL or file_id',
+      description: 'Photo to send. Pass a file_id or HTTP URL',
       required: true,
       condition: { field: 'operation', value: 'telegram_send_photo' },
     },
-    {
-      id: 'videoFile',
-      title: 'Video',
-      type: 'file-upload',
-      canonicalParamId: 'video',
-      placeholder: 'Upload video',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.mp4,.mov,.avi,.mkv,.webm',
-      condition: { field: 'operation', value: 'telegram_send_video' },
-    },
     {
       id: 'video',
       title: 'Video',
       type: 'short-input',
-      canonicalParamId: 'video',
-      placeholder: 'Reference video from previous blocks or enter URL/file_id',
-      mode: 'advanced',
+      placeholder: 'Enter video URL or file_id',
+      description: 'Video to send. Pass a file_id or HTTP URL',
       required: true,
       condition: { field: 'operation', value: 'telegram_send_video' },
     },
-    {
-      id: 'audioFile',
-      title: 'Audio',
-      type: 'file-upload',
-      canonicalParamId: 'audio',
-      placeholder: 'Upload audio',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.mp3,.m4a,.wav,.ogg,.flac',
-      condition: { field: 'operation', value: 'telegram_send_audio' },
-    },
     {
       id: 'audio',
       title: 'Audio',
       type: 'short-input',
-      canonicalParamId: 'audio',
-      placeholder: 'Reference audio from previous blocks or enter URL/file_id',
-      mode: 'advanced',
+      placeholder: 'Enter audio URL or file_id',
+      description: 'Audio file to send. Pass a file_id or HTTP URL',
       required: true,
       condition: { field: 'operation', value: 'telegram_send_audio' },
     },
-    {
-      id: 'animationFile',
-      title: 'Animation',
-      type: 'file-upload',
-      canonicalParamId: 'animation',
-      placeholder: 'Upload animation (GIF)',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.gif,.mp4',
-      condition: { field: 'operation', value: 'telegram_send_animation' },
-    },
     {
       id: 'animation',
       title: 'Animation',
       type: 'short-input',
-      canonicalParamId: 'animation',
-      placeholder: 'Reference animation from previous blocks or enter URL/file_id',
-      mode: 'advanced',
+      placeholder: 'Enter animation URL or file_id',
+      description: 'Animation (GIF) to send. Pass a file_id or HTTP URL',
       required: true,
       condition: { field: 'operation', value: 'telegram_send_animation' },
     },
@@ -267,61 +215,48 @@ export const TelegramBlock: BlockConfig<TelegramResponse> = {
               ...commonParams,
               messageId: params.messageId,
             }
-          case 'telegram_send_photo': {
-            const photoSource = params.photoFile || params.photo
-            if (!photoSource) {
-              throw new Error('Photo is required.')
+          case 'telegram_send_photo':
+            if (!params.photo) {
+              throw new Error('Photo URL or file_id is required.')
             }
             return {
               ...commonParams,
-              photo: photoSource,
+              photo: params.photo,
               caption: params.caption,
             }
-          }
-          case 'telegram_send_video': {
-            const videoSource = params.videoFile || params.video
-            if (!videoSource) {
-              throw new Error('Video is required.')
+          case 'telegram_send_video':
+            if (!params.video) {
+              throw new Error('Video URL or file_id is required.')
             }
             return {
               ...commonParams,
-              video: videoSource,
+              video: params.video,
               caption: params.caption,
             }
-          }
-          case 'telegram_send_audio': {
-            const audioSource = params.audioFile || params.audio
-            if (!audioSource) {
-              throw new Error('Audio is required.')
+          case 'telegram_send_audio':
+            if (!params.audio) {
+              throw new Error('Audio URL or file_id is required.')
             }
             return {
               ...commonParams,
-              audio: audioSource,
+              audio: params.audio,
               caption: params.caption,
             }
-          }
-          case 'telegram_send_animation': {
-            const animationSource = params.animationFile || params.animation
-            if (!animationSource) {
-              throw new Error('Animation is required.')
+          case 'telegram_send_animation':
+            if (!params.animation) {
+              throw new Error('Animation URL or file_id is required.')
             }
             return {
               ...commonParams,
-              animation: animationSource,
+              animation: params.animation,
               caption: params.caption,
             }
-          }
           case 'telegram_send_document': {
             // Handle file upload
             const fileParam = params.attachmentFiles || params.files
-            const normalizedFiles = fileParam
-              ? Array.isArray(fileParam)
-                ? fileParam
-                : [fileParam]
-              : undefined
             return {
               ...commonParams,
-              files: normalizedFiles,
+              files: fileParam,
               caption: params.caption,
             }
           }
@@ -339,14 +274,10 @@ export const TelegramBlock: BlockConfig<TelegramResponse> = {
     botToken: { type: 'string', description: 'Telegram bot token' },
     chatId: { type: 'string', description: 'Chat identifier' },
     text: { type: 'string', description: 'Message text' },
-    photoFile: { type: 'json', description: 'Uploaded photo (UserFile)' },
-    photo: { type: 'json', description: 'Photo reference or URL/file_id' },
-    videoFile: { type: 'json', description: 'Uploaded video (UserFile)' },
-    video: { type: 'json', description: 'Video reference or URL/file_id' },
-    audioFile: { type: 'json', description: 'Uploaded audio (UserFile)' },
-    audio: { type: 'json', description: 'Audio reference or URL/file_id' },
-    animationFile: { type: 'json', description: 'Uploaded animation (UserFile)' },
-    animation: { type: 'json', description: 'Animation reference or URL/file_id' },
+    photo: { type: 'string', description: 'Photo URL or file_id' },
+    video: { type: 'string', description: 'Video URL or file_id' },
+    audio: { type: 'string', description: 'Audio URL or file_id' },
+    animation: { type: 'string', description: 'Animation URL or file_id' },
     attachmentFiles: {
       type: 'json',
       description: 'Files to attach (UI upload)',
@@ -364,7 +295,6 @@ export const TelegramBlock: BlockConfig<TelegramResponse> = {
     },
     message: { type: 'string', description: 'Success or error message' },
     data: { type: 'json', description: 'Response data' },
-    files: { type: 'file[]', description: 'Files attached to the message' },
     // Specific result fields
     messageId: { type: 'number', description: 'Sent message ID' },
     chatId: { type: 'number', description: 'Chat ID where message was sent' },

apps/sim/blocks/blocks/textract.ts

@@ -1,13 +1,11 @@
 import { TextractIcon } from '@/components/icons'
 import { AuthMode, type BlockConfig, type SubBlockType } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { TextractParserOutput } from '@/tools/textract/types'
 
 export const TextractBlock: BlockConfig<TextractParserOutput> = {
   type: 'textract',
   name: 'AWS Textract',
   description: 'Extract text, tables, and forms from documents',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   longDescription: `Integrate AWS Textract into your workflow to extract text, tables, forms, and key-value pairs from documents. Single-page mode supports JPEG, PNG, and single-page PDF. Multi-page mode supports multi-page PDF and TIFF.`,
   docsLink: 'https://docs.sim.ai/tools/textract',
@@ -142,7 +140,7 @@ export const TextractBlock: BlockConfig<TextractParserOutput> = {
             throw new Error('Document is required')
           }
           if (typeof documentInput === 'object') {
-            parameters.file = documentInput
+            parameters.fileUpload = documentInput
           } else if (typeof documentInput === 'string') {
             parameters.filePath = documentInput.trim()
           }
@@ -191,88 +189,3 @@ export const TextractBlock: BlockConfig<TextractParserOutput> = {
     },
   },
 }
-
-const textractV2Inputs = TextractBlock.inputs
-  ? Object.fromEntries(Object.entries(TextractBlock.inputs).filter(([key]) => key !== 'filePath'))
-  : {}
-const textractV2SubBlocks = (TextractBlock.subBlocks || []).filter(
-  (subBlock) => subBlock.id !== 'filePath'
-)
-
-export const TextractV2Block: BlockConfig<TextractParserOutput> = {
-  ...TextractBlock,
-  type: 'textract_v2',
-  name: 'AWS Textract (File Only)',
-  hideFromToolbar: false,
-  subBlocks: textractV2SubBlocks,
-  tools: {
-    access: ['textract_parser_v2'],
-    config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: () => 'textract_parser',
-        suffix: '_v2',
-        fallbackToolId: 'textract_parser_v2',
-      }),
-      params: (params) => {
-        if (!params.accessKeyId || params.accessKeyId.trim() === '') {
-          throw new Error('AWS Access Key ID is required')
-        }
-        if (!params.secretAccessKey || params.secretAccessKey.trim() === '') {
-          throw new Error('AWS Secret Access Key is required')
-        }
-        if (!params.region || params.region.trim() === '') {
-          throw new Error('AWS Region is required')
-        }
-
-        const processingMode = params.processingMode || 'sync'
-        const parameters: Record<string, unknown> = {
-          accessKeyId: params.accessKeyId.trim(),
-          secretAccessKey: params.secretAccessKey.trim(),
-          region: params.region.trim(),
-          processingMode,
-        }
-
-        if (processingMode === 'async') {
-          if (!params.s3Uri || params.s3Uri.trim() === '') {
-            throw new Error('S3 URI is required for multi-page processing')
-          }
-          parameters.s3Uri = params.s3Uri.trim()
-        } else {
-          let documentInput = params.fileUpload || params.document
-          if (!documentInput) {
-            throw new Error('Document file is required')
-          }
-          if (typeof documentInput === 'string') {
-            try {
-              documentInput = JSON.parse(documentInput)
-            } catch {
-              throw new Error('Document file must be a valid file reference')
-            }
-          }
-          if (Array.isArray(documentInput)) {
-            throw new Error(
-              'File reference must be a single file, not an array. Use <block.attachments[0]> to select one file.'
-            )
-          }
-          if (typeof documentInput !== 'object' || documentInput === null) {
-            throw new Error('Document file must be a file reference')
-          }
-          parameters.file = documentInput
-        }
-
-        const featureTypes: string[] = []
-        if (params.extractTables) featureTypes.push('TABLES')
-        if (params.extractForms) featureTypes.push('FORMS')
-        if (params.detectSignatures) featureTypes.push('SIGNATURES')
-        if (params.analyzeLayout) featureTypes.push('LAYOUT')
-
-        if (featureTypes.length > 0) {
-          parameters.featureTypes = featureTypes
-        }
-
-        return parameters
-      },
-    },
-  },
-  inputs: textractV2Inputs,
-}

apps/sim/blocks/blocks/tts.ts

@@ -578,7 +578,7 @@ export const TtsBlock: BlockConfig<TtsBlockResponse> = {
 
   outputs: {
     audioUrl: { type: 'string', description: 'URL to the generated audio file' },
-    audioFile: { type: 'file', description: 'Generated audio file object (UserFile)' },
+    audioFile: { type: 'json', description: 'Generated audio file object (UserFile)' },
     duration: {
       type: 'number',
       description: 'Audio duration in seconds',

apps/sim/blocks/blocks/video_generator.ts

@@ -420,7 +420,7 @@ export const VideoGeneratorBlock: BlockConfig<VideoBlockResponse> = {
 
   outputs: {
     videoUrl: { type: 'string', description: 'Generated video URL' },
-    videoFile: { type: 'file', description: 'Video file object with metadata' },
+    videoFile: { type: 'json', description: 'Video file object with metadata' },
     duration: { type: 'number', description: 'Video duration in seconds' },
     width: { type: 'number', description: 'Video width in pixels' },
     height: { type: 'number', description: 'Video height in pixels' },

apps/sim/blocks/blocks/vision.ts

@@ -1,30 +1,12 @@
 import { EyeIcon } from '@/components/icons'
 import type { BlockConfig } from '@/blocks/types'
 import { AuthMode } from '@/blocks/types'
-import { createVersionedToolSelector } from '@/blocks/utils'
 import type { VisionResponse } from '@/tools/vision/types'
 
-const VISION_MODEL_OPTIONS = [
-  { label: 'GPT 5.2', id: 'gpt-5.2' },
-  { label: 'GPT 5.1', id: 'gpt-5.1' },
-  { label: 'GPT 5', id: 'gpt-5' },
-  { label: 'GPT 5 Mini', id: 'gpt-5-mini' },
-  { label: 'GPT 5 Nano', id: 'gpt-5-nano' },
-  { label: 'Claude Opus 4.5', id: 'claude-opus-4-5' },
-  { label: 'Claude Sonnet 4.5', id: 'claude-sonnet-4-5' },
-  { label: 'Claude Haiku 4.5', id: 'claude-haiku-4-5' },
-  { label: 'Gemini 3 Pro Preview', id: 'gemini-3-pro-preview' },
-  { label: 'Gemini 3 Flash Preview', id: 'gemini-3-flash-preview' },
-  { label: 'Gemini 2.5 Pro', id: 'gemini-2.5-pro' },
-  { label: 'Gemini 2.5 Flash', id: 'gemini-2.5-flash' },
-  { label: 'Gemini 2.5 Flash Lite', id: 'gemini-2.5-flash-lite' },
-]
-
 export const VisionBlock: BlockConfig<VisionResponse> = {
   type: 'vision',
-  name: 'Vision (Legacy)',
+  name: 'Vision',
   description: 'Analyze images with vision models',
-  hideFromToolbar: true,
   authMode: AuthMode.ApiKey,
   longDescription: 'Integrate Vision into the workflow. Can analyze images with vision models.',
   docsLink: 'https://docs.sim.ai/tools/vision',
@@ -65,8 +47,12 @@ export const VisionBlock: BlockConfig<VisionResponse> = {
       id: 'model',
       title: 'Vision Model',
       type: 'dropdown',
-      options: VISION_MODEL_OPTIONS,
-      value: () => 'gpt-5.2',
+      options: [
+        { label: 'gpt-4o', id: 'gpt-4o' },
+        { label: 'claude-3-opus', id: 'claude-3-opus-20240229' },
+        { label: 'claude-3-sonnet', id: 'claude-3-sonnet-20240229' },
+      ],
+      value: () => 'gpt-4o',
     },
     {
       id: 'prompt',
@@ -101,92 +87,3 @@ export const VisionBlock: BlockConfig<VisionResponse> = {
     tokens: { type: 'number', description: 'Token usage' },
   },
 }
-
-export const VisionV2Block: BlockConfig<VisionResponse> = {
-  ...VisionBlock,
-  type: 'vision_v2',
-  name: 'Vision',
-  description: 'Analyze images with vision models',
-  hideFromToolbar: false,
-  tools: {
-    access: ['vision_tool_v2'],
-    config: {
-      tool: createVersionedToolSelector({
-        baseToolSelector: () => 'vision_tool',
-        suffix: '_v2',
-        fallbackToolId: 'vision_tool_v2',
-      }),
-      params: (params) => {
-        let imageInput = params.imageFile || params.imageFileReference
-        if (imageInput && typeof imageInput === 'string') {
-          try {
-            imageInput = JSON.parse(imageInput)
-          } catch {
-            throw new Error('Image file must be a valid file reference')
-          }
-        }
-        if (imageInput && Array.isArray(imageInput)) {
-          throw new Error(
-            'File reference must be a single file, not an array. Use <block.files[0]> to select one file.'
-          )
-        }
-        return {
-          ...params,
-          imageFile: imageInput,
-          imageFileReference: undefined,
-        }
-      },
-    },
-  },
-  subBlocks: [
-    {
-      id: 'imageFile',
-      title: 'Image File',
-      type: 'file-upload',
-      canonicalParamId: 'imageFile',
-      placeholder: 'Upload an image file',
-      mode: 'basic',
-      multiple: false,
-      required: true,
-      acceptedTypes: '.jpg,.jpeg,.png,.gif,.webp',
-    },
-    {
-      id: 'imageFileReference',
-      title: 'Image File Reference',
-      type: 'short-input',
-      canonicalParamId: 'imageFile',
-      placeholder: 'Reference an image from previous blocks',
-      mode: 'advanced',
-      required: true,
-    },
-    {
-      id: 'model',
-      title: 'Vision Model',
-      type: 'dropdown',
-      options: VISION_MODEL_OPTIONS,
-      value: () => 'gpt-5.2',
-    },
-    {
-      id: 'prompt',
-      title: 'Prompt',
-      type: 'long-input',
-      placeholder: 'Enter prompt for image analysis',
-      required: true,
-    },
-    {
-      id: 'apiKey',
-      title: 'API Key',
-      type: 'short-input',
-      placeholder: 'Enter your API key',
-      password: true,
-      required: true,
-    },
-  ],
-  inputs: {
-    apiKey: { type: 'string', description: 'Provider API key' },
-    imageFile: { type: 'json', description: 'Image file (UserFile)' },
-    imageFileReference: { type: 'json', description: 'Image file reference' },
-    model: { type: 'string', description: 'Vision model' },
-    prompt: { type: 'string', description: 'Analysis prompt' },
-  },
-}