legionio 1.7.4 → 1.7.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e258eb5ccc6e84f396bfd5ea054003c9f12f39eae03bf799a48fd56126e9754
-  data.tar.gz: 4a6e13b1061f3b2dd5e382a67d350f0880e6dad06510f1dfce95bc44483dbe45
+  metadata.gz: 6741515579e2c24f64b301136e023fb6ddd73b27f41779caace7df02cd15f667
+  data.tar.gz: c90f66af48bd6705b58c6c31344dd0a9486b8519cc48b98f3b1965d2571527db
 SHA512:
-  metadata.gz: 819e3c3bc599a5d47e189e36151eef39cac69d48eb64ef8e482a37c013bfcd8ed07e54b24685cef736b61066d7e86a4004cae91e7b3a7423ff11f0ca2b89eb8b
-  data.tar.gz: a936e7fd4f0f8b72b732419029c3e3b2634947077281c1e1ece84c20038068d4ade021a575a163e07246584597f1a4d643bf22553dabf339f570d4e410bc18f2
+  metadata.gz: 5409680125318327c866c9f59dde8ce2b7b5a33cea5082bf2d654c763184c25e4658a24ef43d4b292f12546b314692da1b5d71ca6e25ca55e6095ea376d66d5f
+  data.tar.gz: 68a9358035224f600dfc673272d2cc82ecdfc7236a7225a2974721ad61b081571dbb190c77d25c8442bc3ff13c7cea44274b8331fd2942213a714167c56017c4

data/.rubocop.yml

@@ -18,6 +18,7 @@ Metrics/MethodLength:
   Exclude:
     - 'lib/legion/cli/chat_command.rb'
     - 'lib/legion/api/openapi.rb'
+    - 'lib/legion/api/llm.rb'
     - 'lib/legion/digital_worker/lifecycle.rb'
 
 Metrics/ClassLength:
@@ -53,6 +54,7 @@ Metrics/BlockLength:
     - 'lib/legion/cli/prompt_command.rb'
     - 'lib/legion/cli/image_command.rb'
     - 'lib/legion/cli/notebook_command.rb'
+    - 'lib/legion/api/llm.rb'
     - 'lib/legion/api/acp.rb'
     - 'lib/legion/api/auth_saml.rb'
     - 'lib/legion/cli/failover_command.rb'
@@ -66,6 +68,7 @@ Metrics/AbcSize:
   Max: 60
   Exclude:
     - 'lib/legion/cli/chat_command.rb'
+    - 'lib/legion/api/llm.rb'
     - 'lib/legion/digital_worker/lifecycle.rb'
 
 Metrics/CyclomaticComplexity:
@@ -73,12 +76,14 @@ Metrics/CyclomaticComplexity:
   Exclude:
     - 'lib/legion/cli/chat_command.rb'
     - 'lib/legion/api/auth_human.rb'
+    - 'lib/legion/api/llm.rb'
     - 'lib/legion/digital_worker/lifecycle.rb'
 
 Metrics/PerceivedComplexity:
   Max: 17
   Exclude:
     - 'lib/legion/api/auth_human.rb'
+    - 'lib/legion/api/llm.rb'
     - 'lib/legion/digital_worker/lifecycle.rb'
 
 Style/Documentation:

data/CHANGELOG.md

@@ -2,15 +2,52 @@
 
 ## [Unreleased]
 
-## [1.7.3] - 2026-03-31
+## [1.7.8] - 2026-04-01
+
+### Added
+- `Legion::API::Settings` module with registered defaults via `merge_settings('api', ...)`, matching the pattern used by all other LegionIO gems
+- Puma `persistent_timeout` (20s) and `first_data_timeout` (30s) now configurable via `Settings[:api][:puma]`
+
+### Changed
+- Removed all inline `||` and `.fetch(..., default)` fallbacks for API settings in `service.rb` and `check_command.rb` — defaults now guaranteed by `merge_settings`
+
+## [1.7.7] - 2026-04-01
+
+### Changed
+- Integrated legion-logging 1.4.3 Helper refactor: all log output now uses structured segment tagging, colored exception output, and thread-local task context
+- Slimmed `Extensions::Helpers::Logger` to thin override; `derive_component_type`, `lex_gem_name`, `gem_spec_for_lex`, `log_lex_name` now live in legion-logging gem
+- Added `handle_runner_exception` for runner-specific exception handling (TaskLog publish + HandledTask raise)
+- Added `Legion::Context.with_task_context` and `.current_task_context` for thread-local task propagation
+- Wrapped all 5 dispatch paths (Runner.run, Subscription#dispatch_runner, Base#runner, Ingress local/remote) with context propagation
+- Migrated 13 `log.log_exception` call sites to `handle_exception` across actors, core, transport, and task helpers
+
+## [1.7.6] - 2026-04-01
+
+### Changed
+- `POST /api/llm/inference` now routes through `Legion::LLM::Pipeline::Executor` instead of raw `Legion::LLM.chat` session, enabling the full 18-step pipeline (RBAC, RAG context, MCP discovery, metering, audit, knowledge capture)
+- GAIA bridge added: user prompt from `/api/llm/inference` is pushed as an `InputFrame` to the GAIA sensory buffer when GAIA is started
+- SSE streaming support added: `stream: true` + `Accept: text/event-stream` returns `text/event-stream` with `text-delta`, `tool-call`, `enrichment`, and `done` events
+- `build_client_tool` renamed to `build_client_tool_class`; now returns a `Class` (not an instance) so the pipeline can inject it correctly via `tool.is_a?(Class)` check
+- Typed error mapping added: `AuthError` → 401, `RateLimitError` → 429, `TokenBudgetExceeded` → 413, `ProviderDown`/`ProviderError` → 502
+
+## [1.7.5] - 2026-04-01
 
 ### Added
 - `POST /api/reload` endpoint to trigger daemon reload from CLI mode command
-- `GET /api/mesh/status` and `GET /api/mesh/peers` endpoints for mesh topology visibility
+- `GET /api/mesh/status` and `GET /api/mesh/peers` endpoints with 10s cache
+- `GET /api/metering`, `/api/metering/rollup`, `/api/metering/by_model` endpoints wired to lex-metering
+- `GET /api/webhooks` and `GET /api/tenants` routes registered (were defined but never mounted)
+- Knowledge monitor v2/v3 route aliases for Interlink compatibility
+- Server-side MCP tool injection into `/api/llm/inference` via `McpToolAdapter` (64 tools)
+- Deferred tool loading: 18 always-loaded tools, ~46 on-demand (cuts inference from 24s to 6-9s)
+- Client-side tools (`sh`, `file_read`, `list_directory`, etc.) now execute server-side in the inference endpoint
 
 ### Fixed
 - Knowledge ingest API route calls `ingest_content` instead of `ingest_file` when `content` body param is present
 - Catalog API queries `extensions.name` instead of non-existent `gem_name` column
+- Inference endpoint tool declarations use `RubyLLM::Tool` subclass with proper `name` instance method
+- Prompts API guards against missing `prompts` table (returns 503 instead of 500)
+- All API rescue blocks use `Legion::Logging.log_exception` instead of swallowing errors
 
 ## [1.7.0] - 2026-03-31
 

data/lib/legion/api/default_settings.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'sinatra/base'
+
+module Legion
+  class API < Sinatra::Base
+    module Settings
+      def self.default
+        {
+          enabled:         true,
+          port:            4567,
+          bind:            '0.0.0.0',
+          puma:            puma_defaults,
+          bind_retries:    3,
+          bind_retry_wait: 2,
+          tls:             tls_defaults
+        }
+      end
+
+      def self.puma_defaults
+        {
+          min_threads:        10,
+          max_threads:        16,
+          persistent_timeout: 20,
+          first_data_timeout: 30
+        }
+      end
+
+      def self.tls_defaults
+        {
+          enabled: false
+        }
+      end
+    end
+  end
+end
+
+begin
+  Legion::Settings.merge_settings('api', Legion::API::Settings.default) if Legion.const_defined?('Settings', false)
+rescue StandardError => e
+  if Legion.const_defined?('Logging', false) && Legion::Logging.respond_to?(:fatal)
+    Legion::Logging.fatal(e.message)
+    Legion::Logging.fatal(e.backtrace)
+  else
+    puts e.message
+    puts e.backtrace
+  end
+end

data/lib/legion/api/knowledge.rb

@@ -103,13 +103,13 @@ module Legion
         end
 
         def self.register_monitor_routes(app)
-          app.get '/api/knowledge/monitors' do
+          monitor_list = lambda do
             require_knowledge_monitor!
             monitors = Legion::Extensions::Knowledge::Runners::Monitor.list_monitors
             json_response(monitors)
           end
 
-          app.post '/api/knowledge/monitors' do
+          monitor_add = lambda do
             require_knowledge_monitor!
             body = parse_request_body
             result = Legion::Extensions::Knowledge::Runners::Monitor.add_monitor(
@@ -120,7 +120,7 @@ module Legion
             json_response(result, status_code: 201)
           end
 
-          app.delete '/api/knowledge/monitors' do
+          monitor_remove = lambda do
             require_knowledge_monitor!
             body = parse_request_body
             result = Legion::Extensions::Knowledge::Runners::Monitor.remove_monitor(
@@ -129,6 +129,21 @@ module Legion
             json_response(result)
           end
 
+          # Primary routes
+          app.get('/api/knowledge/monitors', &monitor_list)
+          app.post('/api/knowledge/monitors', &monitor_add)
+          app.delete('/api/knowledge/monitors', &monitor_remove)
+
+          # Interlink v3 aliases
+          app.get('/api/extensions/knowledge/runners/monitors/list', &monitor_list)
+          app.post('/api/extensions/knowledge/runners/monitors/create', &monitor_add)
+          app.delete('/api/extensions/knowledge/runners/monitors/delete', &monitor_remove)
+
+          # Interlink v2 aliases
+          app.get('/api/lex/knowledge/monitors', &monitor_list)
+          app.post('/api/lex/knowledge/monitors', &monitor_add)
+          app.delete('/api/lex/knowledge/monitors', &monitor_remove)
+
           app.get '/api/knowledge/monitors/status' do
             require_knowledge_monitor!
             result = Legion::Extensions::Knowledge::Runners::Monitor.monitor_status

data/lib/legion/api/llm.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'securerandom'
+require 'open3'
 
 begin
   require 'legion/cli/chat/tools/search_traces'
@@ -8,9 +9,30 @@ begin
     Legion::LLM::ToolRegistry.register(Legion::CLI::Chat::Tools::SearchTraces)
   end
 rescue LoadError => e
-  Legion::Logging.debug("SearchTraces not available for API: #{e.message}") if defined?(Legion::Logging)
+  Legion::Logging.log_exception(e, payload_summary: 'SearchTraces not available for API', component_type: :api) if defined?(Legion::Logging)
 end
 
+ALWAYS_LOADED_TOOLS = %w[
+  legion_do
+  legion_get_status
+  legion_run_task
+  legion_describe_runner
+  legion_list_extensions
+  legion_get_extension
+  legion_list_tasks
+  legion_get_task
+  legion_get_task_logs
+  legion_query_knowledge
+  legion_knowledge_health
+  legion_knowledge_context
+  legion_list_workers
+  legion_show_worker
+  legion_mesh_status
+  legion_list_peers
+  legion_tools
+  legion_search_sessions
+].freeze
+
 module Legion
   class API < Sinatra::Base
     module Routes
@@ -36,16 +58,123 @@ module Legion
             define_method(:gateway_available?) do
               defined?(Legion::Extensions::LLM::Gateway::Runners::Inference)
             end
+
+            define_method(:cached_mcp_tools) do
+              @cached_mcp_tools ||= begin
+                all = []
+                begin
+                  require 'legion/mcp' unless defined?(Legion::MCP) && Legion::MCP.respond_to?(:server)
+                rescue LoadError => e
+                  Legion::Logging.log_exception(e, payload_summary: 'cached_mcp_tools: failed to require legion/mcp', component_type: :api)
+                end
+                if defined?(Legion::MCP::Server) && Legion::MCP::Server.respond_to?(:tool_registry)
+                  require 'legion/llm/pipeline/mcp_tool_adapter' unless defined?(Legion::LLM::Pipeline::McpToolAdapter)
+                  Legion::MCP::Server.tool_registry.each do |tc|
+                    all << Legion::LLM::Pipeline::McpToolAdapter.new(tc)
+                  rescue StandardError => e
+                    Legion::Logging.log_exception(e, payload_summary: "cached_mcp_tools: failed to adapt #{tc}", component_type: :api)
+                  end
+                end
+                {
+                  always:   all.select { |t| ALWAYS_LOADED_TOOLS.include?(t.name) }.freeze,
+                  deferred: all.reject { |t| ALWAYS_LOADED_TOOLS.include?(t.name) }.freeze,
+                  all:      all.freeze
+                }.freeze
+              end
+            end
+
+            define_method(:inject_mcp_tools) do |session, requested_tools: []|
+              cache = cached_mcp_tools
+              cache[:always].each { |t| session.with_tool(t) }
+
+              return if requested_tools.empty?
+
+              requested = requested_tools.map { |n| n.to_s.tr('.', '_') }
+              cache[:deferred].each do |t|
+                session.with_tool(t) if requested.include?(t.name)
+              end
+            end
+
+            define_method(:build_client_tool_class) do |tname, tdesc, tschema|
+              klass = Class.new(RubyLLM::Tool) do
+                description tdesc
+                define_method(:name) { tname }
+                tool_ref = tname
+                define_method(:execute) do |**kwargs|
+                  case tool_ref
+                  when 'sh'
+                    cmd = kwargs[:command] || kwargs[:cmd] || kwargs.values.first.to_s
+                    output, status = ::Open3.capture2e(cmd, chdir: Dir.pwd)
+                    "exit=#{status.exitstatus}\n#{output}"
+                  when 'file_read'
+                    path = kwargs[:path] || kwargs[:file_path] || kwargs.values.first.to_s
+                    ::File.exist?(path) ? ::File.read(path, encoding: 'utf-8') : "File not found: #{path}"
+                  when 'file_write'
+                    path = kwargs[:path] || kwargs[:file_path]
+                    content = kwargs[:content] || kwargs[:contents]
+                    ::File.write(path, content)
+                    "Written #{content.to_s.bytesize} bytes to #{path}"
+                  when 'file_edit'
+                    path = kwargs[:path] || kwargs[:file_path]
+                    old_text = kwargs[:old_text] || kwargs[:search]
+                    new_text = kwargs[:new_text] || kwargs[:replace]
+                    content = ::File.read(path, encoding: 'utf-8')
+                    content.sub!(old_text, new_text)
+                    ::File.write(path, content)
+                    "Edited #{path}"
+                  when 'list_directory'
+                    path = kwargs[:path] || kwargs[:dir] || Dir.pwd
+                    Dir.entries(path).reject { |e| e.start_with?('.') }.sort.join("\n")
+                  when 'grep'
+                    pattern = kwargs[:pattern] || kwargs[:query] || kwargs.values.first.to_s
+                    path = kwargs[:path] || Dir.pwd
+                    output, = ::Open3.capture2e('grep', '-rn', '--include=*.rb', pattern, path)
+                    output.lines.first(50).join
+                  when 'glob'
+                    pattern = kwargs[:pattern] || kwargs.values.first.to_s
+                    Dir.glob(pattern).first(100).join("\n")
+                  when 'web_fetch'
+                    url = kwargs[:url] || kwargs.values.first.to_s
+                    require 'net/http'
+                    uri = URI(url)
+                    Net::HTTP.get(uri)
+                  else
+                    "Tool #{tool_ref} is not executable server-side. Use a legion_ prefixed tool instead."
+                  end
+                rescue StandardError => e
+                  Legion::Logging.log_exception(e, payload_summary: "client tool #{tool_ref} failed", component_type: :api)
+                  "Tool error: #{e.message}"
+                end
+              end
+              klass.params(tschema) if tschema.is_a?(Hash) && tschema[:properties]
+              klass
+            rescue StandardError => e
+              Legion::Logging.log_exception(e, payload_summary: "build_client_tool_class failed for #{tname}", component_type: :api)
+              nil
+            end
+
+            define_method(:extract_tool_calls) do |pipeline_response|
+              tools_data = pipeline_response.tools
+              return nil unless tools_data.is_a?(Array) && !tools_data.empty?
+
+              tools_data.map do |tc|
+                {
+                  id:        tc.respond_to?(:id) ? tc.id : nil,
+                  name:      tc.respond_to?(:name) ? tc.name : tc.to_s,
+                  arguments: tc.respond_to?(:arguments) ? tc.arguments : {}
+                }
+              end
+            end
           end
 
           register_chat(app)
           register_providers(app)
         end
 
-        def self.register_chat(app) # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
+        def self.register_chat(app)
           register_inference(app)
 
-          app.post '/api/llm/chat' do # rubocop:disable Metrics/BlockLength
+          app.post '/api/llm/chat' do
             Legion::Logging.debug "API: POST /api/llm/chat params=#{params.keys}"
             require_llm!
 
@@ -138,7 +267,7 @@ module Legion
                   }
                 )
               rescue StandardError => e
-                Legion::Logging.error "API POST /api/llm/chat async: #{e.class} — #{e.message}"
+                Legion::Logging.log_exception(e, payload_summary: 'api/llm/chat async failed', component_type: :api)
                 rc.fail_request(request_id, code: 'llm_error', message: e.message)
               end
 
@@ -165,71 +294,136 @@ module Legion
           end
         end
 
-        def self.register_inference(app) # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity,Metrics/PerceivedComplexity
-          app.post '/api/llm/inference' do # rubocop:disable Metrics/BlockLength
+        def self.register_inference(app)
+          app.post '/api/llm/inference' do
             require_llm!
             body = parse_request_body
             validate_required!(body, :messages)
 
-            messages = body[:messages]
-            tools    = body[:tools] || []
-            model    = body[:model]
-            provider = body[:provider]
+            messages        = body[:messages]
+            tools           = body[:tools] || []
+            model           = body[:model]
+            provider        = body[:provider]
+            requested_tools = body[:requested_tools] || []
 
             unless messages.is_a?(Array)
               halt 400, { 'Content-Type' => 'application/json' },
                    Legion::JSON.dump({ error: { code: 'invalid_messages', message: 'messages must be an array' } })
             end
 
-            session = Legion::LLM.chat(
-              model:    model,
-              provider: provider,
-              caller:   { source: 'api', path: request.path }
-            )
+            caller_identity = env['legion.tenant_id'] || 'api:inference'
 
-            unless tools.empty?
-              tool_declarations = tools.map do |t|
-                ts = t.respond_to?(:transform_keys) ? t.transform_keys(&:to_sym) : t
-                tname = ts[:name].to_s
-                tdesc = ts[:description].to_s
-                tparams = ts[:parameters] || {}
-                Class.new do
-                  define_singleton_method(:tool_name) { tname }
-                  define_singleton_method(:description)  { tdesc }
-                  define_singleton_method(:parameters)   { tparams }
-                  define_method(:call) { |**_| raise NotImplementedError, "#{tname} executes client-side only" }
-                end
+            # GAIA bridge — push InputFrame to sensory buffer
+            last_user = messages.select { |m| (m[:role] || m['role']).to_s == 'user' }.last
+            prompt    = (last_user || {})[:content] || (last_user || {})['content'] || ''
+
+            if defined?(Legion::Gaia) && Legion::Gaia.respond_to?(:started?) && Legion::Gaia.started? && prompt.length.positive?
+              begin
+                frame = Legion::Gaia::InputFrame.new(
+                  content:      prompt,
+                  channel_id:   :api,
+                  content_type: :text,
+                  auth_context: { identity: caller_identity },
+                  metadata:     { source_type: :human_direct, salience: 0.5 }
+                )
+                Legion::Gaia.ingest(frame)
+              rescue StandardError => e
+                Legion::Logging.log_exception(e, payload_summary: 'gaia ingest failed in inference', component_type: :api)
               end
-              session.with_tools(*tool_declarations)
             end
 
-            messages.each { |m| session.add_message(m) }
+            # Build client-side tool classes from Interlink definitions
+            tool_classes = tools.filter_map do |t|
+              ts = t.respond_to?(:transform_keys) ? t.transform_keys(&:to_sym) : t
+              build_client_tool_class(ts[:name].to_s, ts[:description].to_s, ts[:parameters] || ts[:input_schema])
+            end
 
-            last_user = messages.select { |m| (m[:role] || m['role']).to_s == 'user' }.last
-            prompt    = (last_user || {})[:content] || (last_user || {})['content'] || ''
+            # Detect streaming mode
+            streaming = body[:stream] == true && env['HTTP_ACCEPT']&.include?('text/event-stream')
+
+            # Build pipeline request
+            require 'legion/llm/pipeline/request' unless defined?(Legion::LLM::Pipeline::Request)
+            require 'legion/llm/pipeline/executor' unless defined?(Legion::LLM::Pipeline::Executor)
+
+            req = Legion::LLM::Pipeline::Request.build(
+              messages:        messages,
+              system:          body[:system],
+              routing:         { provider: provider, model: model },
+              tools:           tool_classes,
+              caller:          { requested_by: { identity: caller_identity, type: :user, credential: :api } },
+              conversation_id: body[:conversation_id],
+              metadata:        { requested_tools: requested_tools },
+              stream:          streaming,
+              cache:           { strategy: :default, cacheable: true }
+            )
+            executor = Legion::LLM::Pipeline::Executor.new(req)
 
-            response = session.ask(prompt)
+            if streaming
+              content_type 'text/event-stream'
+              headers 'Cache-Control' => 'no-cache', 'Connection' => 'keep-alive',
+                      'X-Accel-Buffering' => 'no'
 
-            tc_list = if response.respond_to?(:tool_calls) && response.tool_calls
-                        Array(response.tool_calls).map do |tc|
-                          {
-                            id:        tc.respond_to?(:id) ? tc.id : nil,
-                            name:      tc.respond_to?(:name) ? tc.name : tc.to_s,
-                            arguments: tc.respond_to?(:arguments) ? tc.arguments : {}
-                          }
-                        end
-                      end
+              stream do |out|
+                full_text = +''
+                pipeline_response = executor.call_stream do |chunk|
+                  text = chunk.respond_to?(:content) ? chunk.content.to_s : chunk.to_s
+                  next if text.empty?
 
-            json_response({
-                            content:       response.content,
-                            tool_calls:    tc_list,
-                            stop_reason:   response.respond_to?(:stop_reason) ? response.stop_reason : nil,
-                            model:         session.model.to_s,
-                            input_tokens:  response.respond_to?(:input_tokens) ? response.input_tokens : nil,
-                            output_tokens: response.respond_to?(:output_tokens) ? response.output_tokens : nil
-                          }, status_code: 200)
+                  full_text << text
+                  out << "event: text-delta\ndata: #{Legion::JSON.dump({ delta: text })}\n\n"
+                end
+
+                if pipeline_response.tools.is_a?(Array) && !pipeline_response.tools.empty?
+                  pipeline_response.tools.each do |tc|
+                    out << "event: tool-call\ndata: #{Legion::JSON.dump({
+                                                                          id:        tc.respond_to?(:id) ? tc.id : nil,
+                                                                          name:      tc.respond_to?(:name) ? tc.name : tc.to_s,
+                                                                          arguments: tc.respond_to?(:arguments) ? tc.arguments : {}
+                                                                        })}\n\n"
+                  end
+                end
+
+                enrichments = pipeline_response.enrichments
+                out << "event: enrichment\ndata: #{Legion::JSON.dump(enrichments)}\n\n" if enrichments.is_a?(Hash) && !enrichments.empty?
+
+                tokens = pipeline_response.tokens
+                out << "event: done\ndata: #{Legion::JSON.dump({
+                                                                 content:       full_text,
+                                                                 model:         pipeline_response.routing&.dig(:model),
+                                                                 input_tokens:  tokens.respond_to?(:input_tokens) ? tokens.input_tokens : nil,
+                                                                 output_tokens: tokens.respond_to?(:output_tokens) ? tokens.output_tokens : nil
+                                                               })}\n\n"
+              rescue StandardError => e
+                Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference stream failed', component_type: :api)
+                out << "event: error\ndata: #{Legion::JSON.dump({ code: 'stream_error', message: e.message })}\n\n"
+              end
+            else
+              pipeline_response = executor.call
+              tokens = pipeline_response.tokens
+
+              json_response({
+                              content:       pipeline_response.message&.dig(:content),
+                              tool_calls:    extract_tool_calls(pipeline_response),
+                              stop_reason:   pipeline_response.stop&.dig(:reason),
+                              model:         pipeline_response.routing&.dig(:model) || model,
+                              input_tokens:  tokens.respond_to?(:input_tokens) ? tokens.input_tokens : nil,
+                              output_tokens: tokens.respond_to?(:output_tokens) ? tokens.output_tokens : nil
+                            }, status_code: 200)
+            end
+          rescue Legion::LLM::AuthError => e
+            Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference auth failed', component_type: :api)
+            json_response({ error: { code: 'auth_error', message: e.message } }, status_code: 401)
+          rescue Legion::LLM::RateLimitError => e
+            Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference rate limited', component_type: :api)
+            json_response({ error: { code: 'rate_limit', message: e.message } }, status_code: 429)
+          rescue Legion::LLM::TokenBudgetExceeded => e
+            Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference token budget exceeded', component_type: :api)
+            json_response({ error: { code: 'token_budget_exceeded', message: e.message } }, status_code: 413)
+          rescue Legion::LLM::ProviderDown, Legion::LLM::ProviderError => e
+            Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference provider error', component_type: :api)
+            json_response({ error: { code: 'provider_error', message: e.message } }, status_code: 502)
           rescue StandardError => e
-            Legion::Logging.error "[api/llm/inference] #{e.class}: #{e.message}" if defined?(Legion::Logging)
+            Legion::Logging.log_exception(e, payload_summary: 'api/llm/inference failed', component_type: :api)
             json_response({ error: { code: 'inference_error', message: e.message } }, status_code: 500)
           end
         end

data/lib/legion/api/mesh.rb

@@ -4,20 +4,52 @@ module Legion
   class API < Sinatra::Base
     module Routes
       module Mesh
+        @cache = {}
+        @cache_mutex = Mutex.new
+        MESH_CACHE_TTL = 10
+
+        def self.cached_fetch(key)
+          @cache_mutex.synchronize do
+            entry = @cache[key]
+            return entry[:data] if entry && (Time.now - entry[:at]) < MESH_CACHE_TTL
+          end
+
+          data = yield
+          @cache_mutex.synchronize { @cache[key] = { data: data, at: Time.now } }
+          data
+        end
+
         def self.registered(app)
           app.get '/api/mesh/status' do
             require_mesh!
-            result = Legion::Extensions::Mesh::Runners::Mesh.mesh_status
+            result = Mesh.cached_fetch(:status) do
+              Legion::Ingress.run(
+                runner_class: 'Legion::Extensions::Mesh::Runners::Mesh',
+                function:     'mesh_status',
+                source:       :api,
+                payload:      {}
+              )
+            end
             json_response(result)
+          rescue StandardError => e
+            Legion::Logging.log_exception(e, payload_summary: 'GET /api/mesh/status', component_type: :api)
+            json_error('mesh_error', e.message, status_code: 500)
           end
 
           app.get '/api/mesh/peers' do
             require_mesh!
-            registry = Legion::Extensions::Mesh.mesh_registry
-            agents = registry.all_agents.map do |agent|
-              agent.slice(:agent_id, :capabilities, :endpoint, :status, :last_seen, :registered_at)
+            result = Mesh.cached_fetch(:peers) do
+              Legion::Ingress.run(
+                runner_class: 'Legion::Extensions::Mesh::Runners::Mesh',
+                function:     'find_agents',
+                source:       :api,
+                payload:      { capability: nil }
+              )
             end
-            json_response(agents)
+            json_response(result)
+          rescue StandardError => e
+            Legion::Logging.log_exception(e, payload_summary: 'GET /api/mesh/peers', component_type: :api)
+            json_error('mesh_error', e.message, status_code: 500)
           end
         end
       end