npm - @a5c-ai/kradle - Versions diffs - 5.0.1-staging.3abdf9534c25 - Mend

@a5c-ai/kradle 5.0.1-staging.3abdf9534c25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (295) hide show

package/Dockerfile +31 -0
package/README.md +187 -0
package/bin/kradle-demo.mjs +23 -0
package/bin/kradle-server.mjs +14 -0
package/dist/kradle-controller-ui.json +3482 -0
package/dist/kradle-lifecycle.json +201 -0
package/dist/kradle-runtime-snapshot.json +3125 -0
package/dist/kradle-summary.json +724 -0
package/docs/README.md +61 -0
package/docs/agents/README.md +83 -0
package/docs/agents/acceptance-test-matrix.md +193 -0
package/docs/agents/agent-mux-adapter-contract.md +167 -0
package/docs/agents/agent-mux-source-map.md +310 -0
package/docs/agents/agent-run-memory-import-spec.md +256 -0
package/docs/agents/agent-stack-management-spec.md +421 -0
package/docs/agents/api-contract-spec.md +309 -0
package/docs/agents/artifacts-writeback-spec.md +145 -0
package/docs/agents/chart-packaging-spec.md +128 -0
package/docs/agents/ci-orchestration-spec.md +140 -0
package/docs/agents/context-assembly-spec.md +219 -0
package/docs/agents/controller-reconciliation-spec.md +255 -0
package/docs/agents/crd-schema-spec.md +315 -0
package/docs/agents/decision-log-open-questions.md +169 -0
package/docs/agents/developer-implementation-checklist.md +329 -0
package/docs/agents/dispatching-design.md +262 -0
package/docs/agents/gaps-agent-mux-to-kradle-crds.md +298 -0
package/docs/agents/glossary.md +66 -0
package/docs/agents/implementation-blueprint.md +324 -0
package/docs/agents/implementation-rollout-slices.md +251 -0
package/docs/agents/memory-context-integration-spec.md +194 -0
package/docs/agents/memory-ontology-schema-spec.md +253 -0
package/docs/agents/memory-operations-runbook.md +121 -0
package/docs/agents/mvp-vertical-slice-spec.md +146 -0
package/docs/agents/observability-audit-spec.md +265 -0
package/docs/agents/operator-runbook.md +174 -0
package/docs/agents/org-memory-api-payload-examples.md +333 -0
package/docs/agents/org-memory-controller-sequence-spec.md +181 -0
package/docs/agents/org-memory-e2e-fixture-plan.md +161 -0
package/docs/agents/org-memory-ui-implementation-map.md +114 -0
package/docs/agents/org-memory-vertical-slice-spec.md +168 -0
package/docs/agents/org-resource-model-delta-spec.md +111 -0
package/docs/agents/org-route-resource-model-spec.md +183 -0
package/docs/agents/org-scoping-namespace-spec.md +114 -0
package/docs/agents/rbac-secrets-management-spec.md +406 -0
package/docs/agents/repository-page-integration-spec.md +255 -0
package/docs/agents/resource-contract-examples.md +808 -0
package/docs/agents/resource-relationship-map.md +190 -0
package/docs/agents/security-threat-model.md +188 -0
package/docs/agents/shared-memory-company-brain-spec.md +358 -0
package/docs/agents/storage-migration-spec.md +168 -0
package/docs/agents/subagent-orchestration-spec.md +152 -0
package/docs/agents/system-overview.md +88 -0
package/docs/agents/tools-mcp-skills-spec.md +189 -0
package/docs/agents/traceability-matrix.md +79 -0
package/docs/agents/ui-flow-spec.md +211 -0
package/docs/agents/ui-ux-system-spec.md +426 -0
package/docs/agents/workspace-lifecycle-spec.md +166 -0
package/docs/architecture-spec.md +78 -0
package/docs/architecture-v2.md +2759 -0
package/docs/components/control-plane.md +78 -0
package/docs/components/data-plane.md +69 -0
package/docs/components/hooks-events.md +67 -0
package/docs/components/identity-rbac-policy.md +73 -0
package/docs/components/kubevela-oam.md +70 -0
package/docs/components/operations-publishing.md +81 -0
package/docs/components/runners-ci.md +66 -0
package/docs/components/web-ui.md +94 -0
package/docs/crd-behaviors-and-relationships.md +3926 -0
package/docs/external/README.md +47 -0
package/docs/external/bidirectional-sync-design.md +134 -0
package/docs/external/cicd-interface.md +64 -0
package/docs/external/external-backend-controllers.md +170 -0
package/docs/external/external-backend-crds.md +234 -0
package/docs/external/external-backend-ui-spec.md +151 -0
package/docs/external/external-backend-ux-flows.md +115 -0
package/docs/external/external-object-mapping.md +125 -0
package/docs/external/git-forge-interface.md +68 -0
package/docs/external/github-integration-design.md +151 -0
package/docs/external/issue-tracking-interface.md +66 -0
package/docs/external/provider-capability-manifests.md +204 -0
package/docs/external/provider-catalog.md +139 -0
package/docs/external/provider-rollout-testing.md +78 -0
package/docs/external/research-results.md +48 -0
package/docs/external/security-auth-permissions.md +81 -0
package/docs/external/sync-state-machines.md +108 -0
package/docs/external/unified-external-backend-model.md +107 -0
package/docs/external/user-facing-changes.md +67 -0
package/docs/gaps.md +161 -0
package/docs/install.md +94 -0
package/docs/integration-and-design-decisions.md +1530 -0
package/docs/kradle-design.md +334 -0
package/docs/local-minikube.md +55 -0
package/docs/ontology/README.md +32 -0
package/docs/ontology/bounded-contexts.md +29 -0
package/docs/ontology/events-and-hooks.md +32 -0
package/docs/ontology/oam-kubevela.md +32 -0
package/docs/ontology/operations-and-release.md +25 -0
package/docs/ontology/personas-and-actors.md +32 -0
package/docs/ontology/policies-and-invariants.md +33 -0
package/docs/ontology/problem-space.md +30 -0
package/docs/ontology/resource-contracts.md +40 -0
package/docs/ontology/resource-taxonomy.md +42 -0
package/docs/ontology/runners-and-ci.md +29 -0
package/docs/ontology/solution-space.md +24 -0
package/docs/ontology/storage-and-data-boundaries.md +29 -0
package/docs/ontology/validation-matrix.md +24 -0
package/docs/ontology/web-ui-excellent-flows.md +32 -0
package/docs/ontology/workflows.md +39 -0
package/docs/ontology/world.md +35 -0
package/docs/openapi.yaml +1291 -0
package/docs/product-requirements.md +62 -0
package/docs/requirements-v2.md +235 -0
package/docs/roadmap-mvp.md +87 -0
package/docs/sdk-api-reference.md +1108 -0
package/docs/system-requirements.md +90 -0
package/docs/system-spec-v2.md +1230 -0
package/docs/tests/README.md +53 -0
package/docs/tests/agent-qa-plan.md +63 -0
package/docs/tests/browser-ui-tests.md +62 -0
package/docs/tests/ci-quality-gates.md +48 -0
package/docs/tests/coverage-model.md +64 -0
package/docs/tests/e2e-scenario-tests.md +53 -0
package/docs/tests/fixtures-test-data.md +63 -0
package/docs/tests/observability-reliability-tests.md +54 -0
package/docs/tests/product-test-matrix.md +145 -0
package/docs/tests/qa-adoption-roadmap.md +130 -0
package/docs/tests/qa-automation-plan.md +101 -0
package/docs/tests/security-compliance-tests.md +57 -0
package/docs/tests/test-framework-tools.md +88 -0
package/docs/tests/test-suite-layout.md +121 -0
package/docs/tests/unit-integration-tests.md +48 -0
package/docs/todo-kyverno +714 -0
package/docs/todos.md +4 -0
package/docs/user-stories.md +78 -0
package/docs/web-console-spec.md +533 -0
package/examples/minikube-demo.yaml +190 -0
package/examples/oam-application.yaml +23 -0
package/examples/policy-kyverno-pr-title.yaml +18 -0
package/package.json +66 -0
package/scripts/build.mjs +29 -0
package/scripts/setup-minikube.mjs +65 -0
package/scripts/smoke.mjs +37 -0
package/scripts/validate-doc-coverage.mjs +152 -0
package/scripts/validate-package.mjs +95 -0
package/scripts/validate-ui.mjs +305 -0
package/src/agent-adapter-controller.js +169 -0
package/src/agent-approval-controller.js +170 -0
package/src/agent-context-bundles.js +242 -0
package/src/agent-dispatch-controller.js +549 -0
package/src/agent-gateway-config-controller.js +147 -0
package/src/agent-identity-migration.js +115 -0
package/src/agent-memory-controller.js +357 -0
package/src/agent-memory-import.js +327 -0
package/src/agent-memory-query.js +292 -0
package/src/agent-memory-repository-source-controller.js +255 -0
package/src/agent-mux-client.js +589 -0
package/src/agent-permission-review.js +250 -0
package/src/agent-persona-controller.js +135 -0
package/src/agent-project-controller.js +117 -0
package/src/agent-prompt-composition.js +55 -0
package/src/agent-provider-config-controller.js +151 -0
package/src/agent-secret-config-grant-controller.js +282 -0
package/src/agent-session-transcript-controller.js +189 -0
package/src/agent-stack-controller.js +421 -0
package/src/agent-subagent-controller.js +160 -0
package/src/agent-transport-binding-controller.js +121 -0
package/src/agent-trigger-controller.js +387 -0
package/src/agent-workspace-controller.js +702 -0
package/src/agent-writeback-controller.js +302 -0
package/src/api-controller.js +621 -0
package/src/argocd-gitops.js +43 -0
package/src/artifact-registry-controller.js +542 -0
package/src/assistant-runtime.js +284 -0
package/src/async-controller.js +207 -0
package/src/audit-controller.js +191 -0
package/src/auth.js +310 -0
package/src/component-catalog.js +41 -0
package/src/control-plane.js +136 -0
package/src/controller-client.js +112 -0
package/src/controller-ui.js +620 -0
package/src/data-plane.js +179 -0
package/src/event-bus.js +397 -0
package/src/external/conflict-controller.js +225 -0
package/src/external/github/auth.js +96 -0
package/src/external/github/cicd.js +180 -0
package/src/external/github/git-forge.js +240 -0
package/src/external/github/index.js +144 -0
package/src/external/github/issue-tracking.js +163 -0
package/src/external/provider-adapter.js +161 -0
package/src/external/provider-resource-factory.js +221 -0
package/src/external/sync-controller.js +235 -0
package/src/external/webhook-controller.js +144 -0
package/src/external/write-controller.js +283 -0
package/src/gitea-backend.js +131 -0
package/src/gitea-service.js +173 -0
package/src/handoff.js +98 -0
package/src/health-probes.js +134 -0
package/src/hooks-events.js +63 -0
package/src/hooks-lifecycle.js +117 -0
package/src/http-server.js +409 -0
package/src/identity-policy.js +86 -0
package/src/index.js +71 -0
package/src/jitsi-agent-bridge.js +141 -0
package/src/jitsi-meeting-controller.js +291 -0
package/src/jitsi-sync-controller.js +198 -0
package/src/kradle-inference-service-controller.js +246 -0
package/src/kubernetes-controller-async.js +531 -0
package/src/kubernetes-controller.js +904 -0
package/src/kubernetes-resource-gateway.js +48 -0
package/src/model-route-controller.js +364 -0
package/src/notification-controller.js +178 -0
package/src/operations.js +112 -0
package/src/org-scoping.js +5 -0
package/src/resource-model.js +282 -0
package/src/runner-controller.js +272 -0
package/src/runners-ci.js +48 -0
package/src/runtime.js +196 -0
package/src/snapshot-cache.js +157 -0
package/src/virtual-model-controller.js +538 -0
package/src/virtual-model-hook-bridge.js +200 -0
package/src/web-ui.js +40 -0
package/tests/agent-adapter-controller.test.js +361 -0
package/tests/agent-approval-controller.test.js +173 -0
package/tests/agent-context-bundles.test.js +278 -0
package/tests/agent-dispatch-controller.test.js +679 -0
package/tests/agent-gateway-config-controller.test.js +386 -0
package/tests/agent-identity-migration.test.js +87 -0
package/tests/agent-memory-controller.test.js +461 -0
package/tests/agent-memory-import-snapshot.test.js +477 -0
package/tests/agent-memory-query.test.js +404 -0
package/tests/agent-memory-repository-source.test.js +514 -0
package/tests/agent-mux-client.test.js +389 -0
package/tests/agent-mux-integration.test.js +971 -0
package/tests/agent-permission-review-v2.test.js +317 -0
package/tests/agent-permission-review.test.js +209 -0
package/tests/agent-persona-controller.test.js +127 -0
package/tests/agent-project-controller.test.js +302 -0
package/tests/agent-prompt-composition.test.js +76 -0
package/tests/agent-provider-config-controller.test.js +376 -0
package/tests/agent-resources.test.js +303 -0
package/tests/agent-secret-config-grant.test.js +231 -0
package/tests/agent-session-transcript-controller.test.js +499 -0
package/tests/agent-stack-controller.test.js +283 -0
package/tests/agent-subagent-controller.test.js +201 -0
package/tests/agent-transport-binding-controller.test.js +294 -0
package/tests/agent-trigger-controller.test.js +271 -0
package/tests/agent-trigger-routes.test.js +190 -0
package/tests/agent-trigger-sources.test.js +245 -0
package/tests/agent-workspace-controller.test.js +181 -0
package/tests/agent-writeback.test.js +292 -0
package/tests/approval-persistence.test.js +171 -0
package/tests/artifact-registry.test.js +511 -0
package/tests/assistant-runtime.test.js +506 -0
package/tests/async-controller.test.js +252 -0
package/tests/audit-controller.test.js +227 -0
package/tests/codespace-controller.test.js +318 -0
package/tests/controller-client.test.js +133 -0
package/tests/deployment.test.js +527 -0
package/tests/e2e/lifecycle.test.js +120 -0
package/tests/event-bus-integration.test.js +355 -0
package/tests/external-github-forge.test.js +560 -0
package/tests/external-github-issues-cicd.test.js +520 -0
package/tests/external-integration.test.js +470 -0
package/tests/external-persistence.test.js +415 -0
package/tests/external-provider-adapter.test.js +365 -0
package/tests/external-resource-model.test.js +223 -0
package/tests/external-webhook-sync.test.js +287 -0
package/tests/external-write-conflict.test.js +353 -0
package/tests/gitea-service.test.js +253 -0
package/tests/health-check-real.test.js +165 -0
package/tests/health-probes.test.js +90 -0
package/tests/hooks-lifecycle.test.js +364 -0
package/tests/integration/full-flow.test.js +266 -0
package/tests/jitsi-agent-bridge.test.js +119 -0
package/tests/jitsi-helm-integration.test.js +77 -0
package/tests/jitsi-meeting-controller.test.js +170 -0
package/tests/jitsi-resource-model.test.js +73 -0
package/tests/jitsi-sync-controller.test.js +112 -0
package/tests/kradle-inference-service.test.js +689 -0
package/tests/kradle.test.js +779 -0
package/tests/memory-search-wiring.test.js +270 -0
package/tests/model-route-controller.test.js +733 -0
package/tests/notification-controller.test.js +196 -0
package/tests/notification-integration.test.js +179 -0
package/tests/org-scoping.test.js +687 -0
package/tests/runner-controller.test.js +327 -0
package/tests/runner-integration.test.js +231 -0
package/tests/session-cookie-hmac.test.js +151 -0
package/tests/snapshot-performance.test.js +315 -0
package/tests/sse-events.test.js +107 -0
package/tests/virtual-model-controller.test.js +877 -0
package/tests/virtual-model-hook-bridge.test.js +384 -0
package/tests/webhook-trigger.test.js +198 -0
package/tests/workspace-volumes.test.js +312 -0
package/tests/writeback-persistence.test.js +207 -0

package/docs/todos.md ADDED Viewed

@@ -0,0 +1,4 @@
+https://kradle-staging.a5c.ai/api/orgs/default/policy-reports shows: Kyverno CRDs are not installed or are not readable by the Kradle service account - helm should install everything needed.
+❯ refactor the C:\Users\tmusk\IdeaProjects\babysitter\packages\kradle\web to 3 packages , kradle\sdk, kradle\web and kradle\cli (web and cli
+  should depend on sdk), the sdk is the client sdk. the cli should have a command to run itself as an mcp server.

package/docs/user-stories.md ADDED Viewed

@@ -0,0 +1,78 @@
+# User Stories
+## Developer stories
+### Open and review a PR
+As a developer, I want to review a PR in a three-pane view with file tree, diff, conversation, inline comments, suggested edits, and CI status so that I can complete reviews quickly.
+Acceptance criteria:
+- Given I open a PR, when the page loads, then I see changed files, diff, discussion, reviewers, merge state, and related pipeline runs.
+- Given I use keyboard shortcuts, when I press navigation keys, then I can move between files and comments without leaving the keyboard.
+- Given I add a suggested edit, when I submit it, then the UI exposes the equivalent resource/YAML mutation.
+### Debug a failing run
+As a developer, I want a live run view with step navigation, log streaming, failure copy, similar-run search, and rerun controls so that I can diagnose failures without switching tools.
+Acceptance criteria:
+- Given a job is running, when logs are emitted, then the UI streams them through SSE without polling.
+- Given a step fails, when I click find similar runs, then Kradle queries pipelines by failure signature labels.
+- Given I rerun from a step, when I submit, then Kradle creates a new `Pipeline` with `resumeFrom`.
+## Platform engineer stories
+### Configure a runner pool
+As a platform engineer, I want a split form/YAML runner pool editor so that pool configuration is easy to edit and still GitOps-auditable.
+Acceptance criteria:
+- Given I edit image, resources, node selector, warm replicas, max replicas, trust tier, and cache backend, when fields change, then YAML updates live.
+- Given I save, when the operation succeeds, then the same manifest can be copied as `kubectl apply`.
+- Given I click save to repo, when configured, then Kradle opens a PR against the platform config repo.
+### Roll out PR policy safely
+As a platform engineer, I want policy templates, CEL/raw modes, audit preview, and enforcement controls so that I can govern PRs without breaking teams unexpectedly.
+Acceptance criteria:
+- Given I select a policy template, when I preview it, then existing PRs that would violate the policy are listed.
+- Given the policy is in audit mode, when a violating PR is created, then it is recorded but not blocked.
+- Given I switch to enforce mode, when a violating PR is created, then admission blocks it with an actionable message.
+## Repo admin stories
+### Add and verify a webhook
+As a repo admin, I want to create a webhook, send a test delivery, inspect failures, and replay deliveries so integrations are operationally transparent.
+Acceptance criteria:
+- Given I create a subscription, when I send a test delivery, then a `WebhookDelivery` resource appears within seconds.
+- Given delivery fails, when I open the log, then I see request headers, body, response, latency, retries, and error details.
+- Given I click replay, when secrets are current, then Kradle re-fires the event and records a new delivery attempt.
+## Team lead stories
+### Cross-repo triage
+As a team lead, I want inbox filters and saved views stored as resources so that triage workflows can be versioned and shared.
+Acceptance criteria:
+- Given I create a filter for priority issues and PRs, when I save it, then Kradle stores a `Selector` or `View` resource.
+- Given another user applies the resource, when they open the inbox, then they see the same triage view.
+- Given the view is exported, when committed to Git, then it can be reviewed and applied like any other config.
+## Excellent-flow coverage
+- Open and review a PR.
+- Debug a failing run.
+- Configure a runner pool.
+- Add a webhook and verify it works.
+- Write a PR policy with audit-to-enforce rollout.
+- Cross-repo triage with saved filters.

package/docs/web-console-spec.md ADDED Viewed

@@ -0,0 +1,533 @@
+# Kradle Web Console Specification
+> Exhaustive reference for the Kradle web console.
+> Source: `packages/kradle/web/`
+> Framework: Next.js 16 + React 19 (App Router)
+---
+## 1. Page Inventory (57 pages)
+### 1.1 Top-Level Pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 1 | `/` | `page.jsx` | None | Landing/home page | Login CTA, org selector |
+| 2 | `/login` | `login/page.jsx` | `listEnabledAuthProviders()` | Authentication login | Provider buttons (GitHub, SSO) |
+| 3 | `/logout` | `logout/page.jsx` | None | Session logout | Auto-redirect to /login |
+| 4 | `/orgs` | `orgs/page.jsx` | `fetchControllerUiModel()` | Organization list | Org cards, create org button |
+| 5 | `/people` | `people/page.jsx` | `fetchControllerUiModel()` | People directory | User search, team filter |
+### 1.2 Organization Dashboard (5 pages)
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 6 | `/orgs/[org]` | `orgs/[org]/page.jsx` | `uiModel.views.dashboard` | Org dashboard overview | Cards (repos, PRs, issues, runs), activity feed, quick actions |
+| 7 | `/orgs/[org]/profile` | `orgs/[org]/profile/page.jsx` | `uiModel.identity` | User profile | Edit display name, email; linked identities |
+| 8 | `/orgs/[org]/people` | `orgs/[org]/people/page.jsx` | `uiModel.identity.users` | Org members | Invite button, team assignment, role toggle |
+| 9 | `/orgs/[org]/inbox` | `orgs/[org]/inbox/page.jsx` | `notifications.listNotifications()` | Notification inbox | Mark as read, filter by type, clear all |
+| 10 | `/orgs/[org]/insights` | `orgs/[org]/insights/page.jsx` | `uiModel.metrics` | Analytics and insights | Time range selector, metric cards |
+### 1.3 Ship (Repositories & Code) — 9 pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 11 | `/orgs/[org]/repositories` | `orgs/[org]/repositories/page.jsx` | `uiModel.views.dashboard.repositories` | Repository list | Create repo form, visibility filter, search |
+| 12 | `/orgs/[org]/repositories/[repo]/code` | `repositories/[repo]/code/page.jsx` | `git-proxy` API | Code browser | File tree, branch selector, breadcrumb |
+| 13 | `/orgs/[org]/repositories/[repo]/pull-requests` | `repositories/[repo]/pull-requests/page.jsx` | `uiModel resources PullRequest` | PR list | Status filter, create PR button |
+| 14 | `/orgs/[org]/repositories/[repo]/issues` | `repositories/[repo]/issues/page.jsx` | `uiModel resources Issue` | Issue list | Label filter, assignee, new issue |
+| 15 | `/orgs/[org]/repositories/[repo]/issues/[issue]` | `issues/[issue]/page.jsx` | Issue resource | Issue detail | Comment form, label editor, close/reopen |
+| 16 | `/orgs/[org]/repositories/[repo]/hooks` | `repositories/[repo]/hooks/page.jsx` | `WebhookSubscription` | Webhook config | Add webhook form, delivery list, replay |
+| 17 | `/orgs/[org]/repositories/[repo]/runs` | `repositories/[repo]/runs/page.jsx` | `AgentDispatchRun` filtered by repo | Repo agent runs | Run list, dispatch button, status filter |
+| 18 | `/orgs/[org]/repositories/[repo]/settings` | `repositories/[repo]/settings/page.jsx` | Repository resource | Repo settings | Rename, visibility toggle, danger zone (delete) |
+| 19 | `/orgs/[org]/runs` | `orgs/[org]/runs/page.jsx` | `uiModel.agents.runs` | All runs overview | Filter by stack, status, repository |
+### 1.4 Manage (Access & Policy) — 8 pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 20 | `/orgs/[org]/access/permissions` | `access/permissions/page.jsx` | `uiModel.identity.permissions` | Permission management | Grant/revoke, subject selector, permission level |
+| 21 | `/orgs/[org]/access/ssh-keys` | `access/ssh-keys/page.jsx` | `uiModel.identity.sshKeys` | SSH key management | Add key form, revoke button, scope filter |
+| 22 | `/orgs/[org]/access/branch-protection` | `access/branch-protection/page.jsx` | `BranchProtection` resources | Branch rules | Ref pattern input, toggle required reviews |
+| 23 | `/orgs/[org]/settings` | `orgs/[org]/settings/page.jsx` | Organization resource | Org settings | Display name, slug, namespace info, danger zone |
+| 24 | `/orgs/[org]/settings/secrets` | `settings/secrets/page.jsx` | `/api/orgs/:org/secrets` | Secret management | Add secret form, delete, grant management |
+| 25 | `/orgs/[org]/hooks-events` | `orgs/[org]/hooks-events/page.jsx` | `WebhookSubscription + Delivery` | Webhook events | Subscription list, delivery inspector, replay |
+| 26 | `/orgs/[org]/deployments` | `orgs/[org]/deployments/page.jsx` | `uiModel.delivery` | Deployments | Application list, release history, health |
+| 27 | `/orgs/[org]/runners-ci` | `orgs/[org]/runners-ci/page.jsx` | `RunnerPool + Pipeline + Job` | Runner pools & CI | Pool editor, pipeline list, job detail |
+### 1.5 Agents — 24 pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 28 | `/orgs/[org]/agents` | `agents/page.jsx` | `uiModel.agents` | Agent overview | Stack count cards, active runs, pending approvals |
+| 29 | `/orgs/[org]/agents/stacks` | `agents/stacks/page.jsx` | `uiModel.agents.stacks` | Stack list | Readiness indicators, create button |
+| 30 | `/orgs/[org]/agents/stacks/new` | `agents/stacks/new/page.jsx` | `STACK_LAYERS, COMPOSITION_FACETS` | Create stack | Multi-step StackBuilder form |
+| 31 | `/orgs/[org]/agents/stacks/[name]` | `agents/stacks/[name]/page.jsx` | AgentStack resource | Stack detail | Conditions list, capabilities graph, edit |
+| 32 | `/orgs/[org]/agents/runs` | `agents/runs/page.jsx` | `uiModel.agents.runs` | Dispatch run list | Phase filter, repository filter, cost summary |
+| 33 | `/orgs/[org]/agents/runs/[runId]` | `agents/runs/[runId]/page.jsx` | AgentDispatchRun + Attempt | Run detail | Attempt timeline, transcript, workspace link |
+| 34 | `/orgs/[org]/agents/sessions` | `agents/sessions/page.jsx` | `uiModel.agents.sessions` | Session list | Active/completed filter, cost column |
+| 35 | `/orgs/[org]/agents/sessions/[sessionId]` | `agents/sessions/[sessionId]/page.jsx` | AgentSession + Transcript | Session detail | SessionTabs: transcript, tools, cost, shell |
+| 36 | `/orgs/[org]/agents/rules` | `agents/rules/page.jsx` | `uiModel.agents.rules` | Trigger rule list | Source type badges, enable/disable toggle |
+| 37 | `/orgs/[org]/agents/rules/new` | `agents/rules/new/page.jsx` | Stack list for dropdown | Create trigger rule | TriggerRuleForm with source type selector |
+| 38 | `/orgs/[org]/agents/rules/[ruleName]` | `agents/rules/[ruleName]/page.jsx` | AgentTriggerRule resource | Rule detail | Edit form, execution history |
+| 39 | `/orgs/[org]/agents/approvals` | `agents/approvals/page.jsx` | `uiModel.agents.approvals` | Approval queue | Approve/Deny buttons, filter by action type |
+| 40 | `/orgs/[org]/agents/workspaces` | `agents/workspaces/page.jsx` | `uiModel.agents.workspaces` | Workspace list | Phase badges, repository links |
+| 41 | `/orgs/[org]/agents/workspaces/[workspaceId]` | `agents/workspaces/[workspaceId]/page.jsx` | KradleWorkspace resource | Workspace detail | Codespace launch, associations, run history |
+| 42 | `/orgs/[org]/agents/settings` | `agents/settings/page.jsx` | Adapter + Provider + Gateway | Agent settings | Adapter config, provider forms, gateway URL |
+| 43 | `/orgs/[org]/agents/projects` | `agents/projects/page.jsx` | `uiModel.agents.projects` | Project list | Create project, kanban toggle |
+| 44 | `/orgs/[org]/agents/projects/[projectId]` | `agents/projects/[projectId]/page.jsx` | KradleProject resource | Project detail | Kanban board, issue list, settings |
+| 45 | `/orgs/[org]/agents/projects/[projectId]/issues` | `projects/[projectId]/issues/page.jsx` | Issues filtered by project | Project issues | Filter, create issue |
+| 46 | `/orgs/[org]/agents/projects/[projectId]/issues/[issue]` | `issues/[issue]/page.jsx` | Issue resource | Project issue detail | Comment, labels, assign |
+| 47 | `/orgs/[org]/agents/memory` | `agents/memory/page.jsx` | `uiModel.agents.memoryRepositories` | Memory overview | Repository list, snapshot count |
+| 48 | `/orgs/[org]/agents/memory/search` | `agents/memory/search/page.jsx` | Memory query API | Memory search | MemorySearchForm, results display |
+| 49 | `/orgs/[org]/agents/memory/ontology` | `agents/memory/ontology/page.jsx` | AgentMemoryOntology | Ontology editor | MemoryOntologyEditor, node/edge kind editors |
+| 50 | `/orgs/[org]/agents/memory/imports` | `agents/memory/imports/page.jsx` | `uiModel.agents.memoryImports` | Import list | Status badges, review button |
+| 51 | `/orgs/[org]/agents/memory/imports/[importId]` | `agents/memory/imports/[importId]/page.jsx` | AgentRunMemoryImport | Import detail | MemoryImportReview, approve/reject |
+### 1.6 External — 4 pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 52 | `/orgs/[org]/external` | `orgs/[org]/external/page.jsx` | ExternalBackendProvider list | External overview | Provider cards, add button |
+| 53 | `/orgs/[org]/external/providers/new` | `external/providers/new/page.jsx` | Provider type list | Add provider | ExternalProviderWizard (multi-step) |
+| 54 | `/orgs/[org]/external/sync` | `external/sync/page.jsx` | ExternalSyncState | Sync dashboard | ExternalSyncDashboard, trigger sync |
+| 55 | `/orgs/[org]/external/conflicts` | `external/conflicts/page.jsx` | ExternalSyncConflict list | Conflict list | ExternalConflictResolver, strategy selector |
+### 1.7 Observe & Tools — 4 pages
+| # | Route | File | Data Source | Purpose | Interactive Elements |
+|---|-------|------|-------------|---------|---------------------|
+| 56 | `/orgs/[org]/api-docs` | `orgs/[org]/api-docs/page.jsx` | controllerEndpoints | API documentation | Endpoint list, try-it panel |
+| 57 | `/orgs/[org]/controller-api` | `orgs/[org]/controller-api/page.jsx` | Full snapshot | Controller API explorer | ApiExplorer with request/response |
+| 58 | `/orgs/[org]/advanced-plans` | `orgs/[org]/advanced-plans/page.jsx` | Resource YAML | Advanced plans | YAML editor, apply button |
+| 59 | `/orgs/[org]/operations-install` | `orgs/[org]/operations-install/page.jsx` | uiModel.operations | Operations install guide | Copy commands, step indicators |
+---
+## 2. Component Library (56 components)
+### 2.1 Agent Components
+| # | Component | File | Props | State | API Calls | Key Behavior |
+|---|-----------|------|-------|-------|-----------|--------------|
+| 1 | ApprovalActions | `approval-actions.jsx` | `{ approval, org, onDecide }` | — | POST approvals/:name/decide | Approve/Deny buttons with reason modal |
+| 2 | ApprovalModeToggle | `approval-mode-toggle.jsx` | `{ stack, onToggle }` | `useState(mode)` | — | Toggle between yolo/prompt/deny |
+| 3 | DispatchButton | `dispatch-button.jsx` | `{ stack, repo, org, onDispatch }` | `useState(loading)` | POST agents/dispatch | One-click dispatch with loading state |
+| 4 | RunActions | `run-actions.jsx` | `{ run, org }` | — | — | Retry, cancel, view workspace links |
+| 5 | RuleActions | `rule-actions.jsx` | `{ rule, org }` | — | — | Edit, disable, delete trigger rule |
+| 6 | StackActions | `stack-actions.jsx` | `{ stack, org }` | — | — | Edit, dispatch, delete stack |
+| 7 | StackBuilder | `stack-builder.jsx` | `{ org, layers, onSave }` | Multi-step form state | POST resources | Multi-step agent stack creation wizard |
+| 8 | StackBuilderGraph | `stack-builder-graph.jsx` | `{ stack, capabilities }` | — | — | Visual capability graph |
+| 9 | SessionCost | `session-cost.jsx` | `{ session, transcript }` | — | — | Token count and cost display |
+| 10 | SessionShell | `session-shell.jsx` | `{ sessionId, org }` | SSE subscription | SSE stream | Terminal-style live session viewer |
+| 11 | SessionTabs | `session-tabs.jsx` | `{ session, transcript }` | `useState(activeTab)` | — | Tabbed: Transcript, Tools, Cost, Shell |
+| 12 | ToolInspector | `tool-inspector.jsx` | `{ mcpServers, toolProfiles }` | — | — | MCP tool listing with status |
+| 13 | TriggerRuleForm | `trigger-rule-form.jsx` | `{ org, stacks, onSave }` | Form state | POST resources | Source type selector, cron/webhook/comment/label fields |
+### 2.2 Memory Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 14 | MemorySearchForm | `memory-search-form.jsx` | `{ org, onSearch }` | Mode selector (graph/grep/both), query input, kind filter, depth |
+| 15 | MemoryOntologyEditor | `memory-ontology-editor.jsx` | `{ ontology, org }` | Node kind editor, edge kind editor, vocabulary |
+| 16 | MemoryImportReview | `memory-import-review.jsx` | `{ importResource, org }` | Diff view, approve/reject buttons |
+### 2.3 External Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 17 | ExternalConflictResolver | `external-conflict-resolver.jsx` | `{ conflict, org }` | Side-by-side diff, strategy buttons |
+| 18 | ExternalProviderList | `external-provider-list.jsx` | `{ providers }` | Cards with status indicators |
+| 19 | ExternalProviderWizard | `external-provider-wizard.jsx` | `{ org, onComplete }` | Multi-step: type → credentials → scope → confirm |
+| 20 | ExternalSyncDashboard | `external-sync-dashboard.jsx` | `{ syncStates, org }` | Status overview with metrics |
+### 2.4 Kanban Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 21 | KanbanCard | `kanban-card.jsx` | `{ item, onDragStart }` | Draggable card with issue/PR preview |
+| 22 | KanbanColumn | `kanban-column.jsx` | `{ status, items, onDrop }` | Drop target column |
+| 23 | KanbanEnhanced | `kanban-enhanced.jsx` | `{ project, issues }` | Full board with columns |
+| 24 | KanbanFilters | `kanban-filters.jsx` | `{ onFilter }` | Label, assignee, repository filters |
+| 25 | KanbanInteractive | `kanban-interactive.jsx` | `{ project, org }` | SSE-powered live kanban with drag-drop |
+### 2.5 Workspace Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 26 | WorkspacePanel | `workspace-panel.jsx` | `{ workspace }` | Overview: phase, repo, branch, PVC |
+| 27 | WorkspaceCodespace | `workspace-codespace.jsx` | `{ workspace, org }` | Launch/stop codespace, URL display |
+| 28 | WorkspaceAssociations | `workspace-associations.jsx` | `{ workspace }` | Add/remove run, user, session links |
+| 29 | WorkspaceRunHistory | `workspace-run-history.jsx` | `{ workspace, runs }` | Active runs, historical runs table |
+### 2.6 Repository Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 30 | RepoCodeBrowser | `repo-code-browser.jsx` | `{ org, repo, branch }` | File tree + content viewer via git-proxy |
+| 31 | RepoRuns | `repo-runs.jsx` | `{ runs, org }` | Filtered run list for a repository |
+| 32 | PullRequestList | `pull-request-list.jsx` | `{ pullRequests, org }` | PR list with status indicators |
+| 33 | IssueList | `issue-list.jsx` | `{ issues, org }` | Filterable issue list |
+| 34 | IssueEditor | `issue-editor.jsx` | `{ issue, org }` | Rich issue create/edit form |
+| 35 | WebhookManager | `webhook-manager.jsx` | `{ subscriptions, deliveries }` | CRUD webhooks, delivery inspector |
+### 2.7 Global Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 36 | CommandPalette | `command-palette.jsx` | `{ org }` | Cmd+K / Ctrl+K; full-text search, quick nav |
+| 37 | KeyboardShortcuts | `keyboard-shortcuts.jsx` | — | ? overlay; nav shortcuts, action shortcuts |
+| 38 | GlobalSearch | `global-search.jsx` | `{ org }` | Full-text search across all resources |
+| 39 | NotificationBell | `notification-bell.jsx` | `{ org }` | Badge with unread count, dropdown panel |
+| 40 | ActivityFeed | `activity-feed.jsx` | `{ org, events }` | Time-grouped activity entries |
+| 41 | HealthMonitor | `health-monitor.jsx` | `{ connection }` | System component status indicators |
+| 42 | LiveUpdates | `live-updates.jsx` | `{ org, onEvent }` | SSE connection, auto-reconnect |
+| 43 | ThemeRuntime | `theme-runtime.jsx` | — | Dark/light toggle, system preference detection |
+| 44 | KradleLoading | `kradle-loading.jsx` | `{ label? }` | Branded loading spinner |
+### 2.8 Settings Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 45 | AgentSettingsForm | `agent-settings-form.jsx` | `{ org }` | Combined adapters + providers + gateway form |
+| 46 | SettingsAdapters | `settings-adapters.jsx` | `{ adapters, org }` | Adapter CRUD |
+| 47 | SettingsProviders | `settings-providers.jsx` | `{ providers, org }` | Provider CRUD |
+| 48 | SettingsGateway | `settings-gateway.jsx` | `{ gateway, org }` | Gateway URL + feature flags |
+| 49 | AppSettings | `app-settings.jsx` | `{ org }` | App-level settings |
+| 50 | SecretManager | `secret-manager.jsx` | `{ org }` | Secret CRUD with masked values |
+| 51 | RunnerPoolManager | `runner-pool-manager.jsx` | `{ pools, org }` | Pool sizing with warm/max sliders |
+| 52 | UserProfile | `user-profile.jsx` | `{ user, org }` | Profile display and edit |
+### 2.9 Utility Components
+| # | Component | File | Props | Key Behavior |
+|---|-----------|------|-------|--------------|
+| 53 | ResourceActions | `resource-actions.jsx` | `{ resource, org }` | View/Edit/Delete menu |
+| 54 | ResourceCrudActions | `resource-crud-actions.jsx` | `{ kind, org }` | Full CRUD buttons |
+| 55 | CodeEditor | `code-editor.jsx` | `{ value, language, onChange }` | Syntax-highlighted editor |
+| 56 | ApiExplorer | `api-explorer.jsx` | `{ endpoints }` | Interactive API testing |
+| 57 | DeploymentPipeline | `deployment-pipeline.jsx` | `{ applications }` | Visual pipeline progress |
+---
+## 3. Data Flow Architecture
+### 3.1 Fetch Pipeline
+```
+Page Component (Server Component)
+    → loadKradleUi() / fetchControllerUiModel({ baseUrl, org })
+        → HTTP GET /api/controller?org=<org>
+            → createKradleHttpHandler matches route
+                → createControllerUiModel(snapshot, { organization })
+                    → Stale-while-revalidate cache (30s TTL)
+    → Pass data as props to Client Components
+```
+### 3.2 Controller UI Model Shape
+`createControllerUiModel()` produces:
+```javascript
+{
+  product: 'Kradle',
+  status: 'ready' | 'degraded',
+  namespace: 'kradle-org-acme',
+  platformNamespace: 'kradle-system',
+  org: { name, slug, displayName, namespace },
+  orgs: [...],
+  generatedAt: ISO timestamp,
+  controller: { mode, endpoints, architecture, storage, connection, apiService, commands },
+  metrics: { components, resources, events, users, teams, repositories, pullRequests, issues, projects, pipelines, ... },
+  components: [...runtimeComponents],
+  resources: [...KRADLE_RESOURCES mapped with items],
+  events: [...last 8 K8s events],
+  delivery: { applications, runtime, capabilityCatalog },
+  policyEngine: { mode, health, profiles, templates, bindings, violations },
+  agents: { stacks, runs, rules, sessions, workspaces, approvals, adapters, providers, projects, gateway, transcripts, memoryRepositories, memorySnapshots, memoryImports },
+  identity: { counts, providers, users, teams, invites, mappings, permissions, sshKeys, reconciliation },
+  validation: [...healthChecks],
+  views: { dashboard, pullRequestReview, failingRun, runnerPoolEditor, webhookInspector, triageView }
+}
+```
+### 3.3 API Proxy Routes (Web)
+| Route | Target | Method |
+|-------|--------|--------|
+| `/api/orgs` | Kradle API | GET |
+| `/api/orgs/[org]/repositories` | Resource CRUD | GET/POST |
+| `/api/auth/[provider]` | OAuth redirect | GET |
+| `/api/auth/callback/[provider]` | OAuth callback | GET |
+| `/api/auth/logout` | Session destruction | POST |
+| `/api/auth/delegated` | Delegated identity | GET |
+| `/api/atlas/search` | Atlas graph search | POST |
+| `/api/git-proxy` | Gitea tree/blob proxy | POST |
+| `/api/watch/[...resource]` | SSE watch endpoint | GET |
+---
+## 4. Navigation Architecture
+### 4.1 Navigation Groups
+| Group | Icon | Pages | Section |
+|-------|------|-------|---------|
+| **Ship** | Code | Repositories, PRs, Issues, Code, Runs | Primary development |
+| **Manage** | Settings | Permissions, SSH Keys, Branch Protection, Settings, Secrets, Deployments, Runners | Administration |
+| **Agents** | Bot | Stacks, Runs, Sessions, Rules, Approvals, Workspaces, Projects, Memory | AI orchestration |
+| **Observe** | Eye | Hooks & Events, Insights, Inbox, Health, API Docs | Monitoring |
+| **External** | Link | Providers, Sync, Conflicts | Integration |
+### 4.2 Command Palette
+- Trigger: `Cmd+K` (macOS) / `Ctrl+K` (Windows/Linux)
+- Features: full-text search across resources, quick page navigation, recent items
+- Implementation: `command-palette.jsx`
+### 4.3 Keyboard Shortcuts
+- `?` — Show shortcut overlay
+- `j/k` — Navigate items in lists
+- `n` — New (context-dependent)
+- `Escape` — Close modal/palette
+---
+## 5. Real-Time Updates
+### 5.1 LiveUpdates Component
+```jsx
+// Connection lifecycle:
+// 1. Connect to /api/orgs/:org/agents/events/stream
+// 2. Receive {"type":"connected"} — mark as connected
+// 3. Process {"type":"resource-change", kind, name, operation}
+// 4. On disconnect: auto-reconnect with backoff
+// 5. Receive {"type":"heartbeat"} every 30s — keepalive
+```
+### 5.2 SSE-Powered Components
+| Component | SSE Usage |
+|-----------|-----------|
+| KanbanInteractive | Live card movement on issue/PR status changes |
+| NotificationBell | Real-time unread count updates |
+| ActivityFeed | New events prepended |
+| SessionShell | Live transcript streaming |
+| HealthMonitor | Connection status indicator |
+---
+## 6. Theme System
+### 6.1 Implementation
+- CSS custom properties for all colors
+- Two theme sets: `light` and `dark`
+- Applied via `data-theme` attribute on `<html>`
+- ThemeRuntime component manages state
+### 6.2 Persistence
+```javascript
+// Read: localStorage.getItem('kradle-theme')
+// Write: localStorage.setItem('kradle-theme', theme)
+// Default: window.matchMedia('(prefers-color-scheme: dark)').matches
+// Auto-update: mediaQuery.addEventListener('change', handler)
+```
+---
+## 7. Form Patterns
+### 7.1 Multi-Step Forms
+| Form | Steps | Source |
+|------|-------|--------|
+| StackBuilder | Model → Provider → Transport → Tools → Skills → Review | `stack-builder.jsx` |
+| ExternalProviderWizard | Type → Credentials → Scope → Confirm | `external-provider-wizard.jsx` |
+| TriggerRuleForm | Source Type → Config → Stack Selection → Review | `trigger-rule-form.jsx` |
+### 7.2 Error Handling
+- Inline field errors below inputs
+- Toast notifications for operation failures (auto-dismiss)
+- Error boundary component (`error.jsx`) for unhandled errors
+- Form-level validation before submission
+### 7.3 Loading States
+- `KradleLoading` spinner for full-page loads
+- Disabled buttons with spinner during submission
+- Skeleton loading for list views
+- Optimistic updates on create/edit (revert on failure)
+---
+## 8. Authentication Flow (Web)
+### 8.1 Login Flow
+```
+/login → Click provider → /api/auth/[provider]
+    → 302 to OAuth provider
+    → User authorizes
+    → /api/auth/callback/[provider]?code=...
+    → Exchange code → Create session cookie
+    → 302 to /orgs/[org]
+```
+### 8.2 Session Validation
+- Cookie `kradle_session` sent on every request
+- Web API routes verify via `parseSessionCookie()`
+- Invalid sessions: redirect to `/login`
+- Logout: clear cookie with `Max-Age=0`, redirect to `/login`
+---
+## 9. Error Page
+Source: `packages/kradle/web/app/error.jsx`
+- React Error Boundary component
+- Displays error message and stack trace (dev mode)
+- "Try Again" button to reset error state
+- Falls back to minimal UI on catastrophic failure
+---
+## ML Navigation Group
+### Inference Service List
+**Route:** `/orgs/{org}/inference/services`
+**Components:**
+- Service table: name, model format badge, inference protocol, phase badge (Pending/Ready/Failed), endpoint URL
+- Create button opens an inline form
+**Actions:** Create service, delete (confirmation dialog)
+**Data source:** `GET /api/orgs/{org}/inference/services`
+### Inference Service Detail
+**Route:** `/orgs/{org}/inference/services/{name}`
+**Sections:**
+- Spec viewer: predictor model config (modelFormat, storageUri, protocolVersion), resource limits/requests
+- Status panel: phase, endpoint URL, conditions timeline, error message
+- Test panel: send inference request (JSON input editor -> response panel), protocol selector (V1/V2)
+**Data source:** `GET /api/orgs/{org}/inference/services/{name}`
+### Inference Test Panel
+Embedded within service detail. Sends `POST /api/orgs/{org}/inference/services/{name}/infer`.
+- Input: JSON editor with schema hint for the selected model format
+- Output: formatted JSON response panel
+- Protocol toggle: V1 / V2
+- Response time display
+### Serving Runtime Manager
+**Route:** `/orgs/{org}/inference/runtimes`
+**Components:**
+- Runtime table: name, supported model formats (comma-separated), container image
+- Create runtime button and form
+**Data source:** `GET /api/orgs/{org}/inference/runtimes`
+---
+## Artifacts Navigation Group
+### Registry List
+**Route:** `/orgs/{org}/artifacts/registries`
+**Components:**
+- Registry cards: name, type badge (npm/pip/docker/generic), storage backend, feed count
+- Create registry button and modal form
+**Data source:** `GET /api/orgs/{org}/artifacts/registries`
+### Feed Browser
+**Route:** `/orgs/{org}/artifacts/registries/{registry}/feeds`
+**Components:**
+- Feed list: name, visibility badge (public/private), version count, install command code snippet
+- Create feed button, manage access policies button
+**Data source:** `GET /api/orgs/{org}/artifacts/feeds`
+### Version Table
+**Route:** `/orgs/{org}/artifacts/registries/{registry}/feeds/{feed}`
+**Components:**
+- Paginated version table: package name, version, size (human-readable), publishedBy, publishedAt, checksum (truncated SHA-256)
+- Publish version button (file upload + metadata form)
+- Download button per version
+**Data source:** `GET /api/orgs/{org}/artifacts/feeds/{feed}/versions`
+### Access Policies
+Embedded as a tab within feed detail.
+- Table: subject, permission badge (read/write/admin), expiresAt
+- Add policy form, revoke button per entry
+---
+## Assistant Navigation Group
+### Chat Interface
+**Route:** `/orgs/{org}/assistant`
+**Components:**
+- Session sidebar: scrollable list of sessions (org:sessionId), new session button, session delete button
+- Chat panel: message thread with user/assistant bubbles, SSE streaming renders chunks in real time
+- Input bar: expandable textarea, send button, model selector dropdown
+**Data source:**
+- `POST /api/orgs/{org}/assistant/chat` (SSE stream)
+- `GET /api/orgs/{org}/assistant/sessions` (session list)
+### Generation Form
+**Route:** `/orgs/{org}/assistant/generate`
+**Components:**
+- Prompt textarea
+- Optional JSON schema editor (collapsible)
+- Generate button
+- Response viewer: formatted JSON when schema provided, markdown otherwise
+**Data source:** `POST /api/orgs/{org}/assistant/generate`
+### Session Sidebar
+Embedded in the chat interface. Lists all sessions for the current org. Clicking a session loads its message history. Delete button calls `DELETE /api/orgs/{org}/assistant/sessions/{sessionId}` and clears the thread.
+---
+## Updated Navigation Structure
+| Group | Routes |
+|-------|--------|
+| Repositories | `/repos`, `/repos/{name}/*` |
+| Agents | `/agents`, `/agents/stacks`, `/agents/runs`, `/agents/memory` |
+| **ML** | `/inference/services`, `/inference/runtimes` |
+| **Artifacts** | `/artifacts/registries`, feeds, versions |
+| **Assistant** | `/assistant`, `/assistant/generate` |
+| Policy | `/policies`, `/policy-exceptions` |
+| Settings | `/settings/*` |