@geminilight/mindos 0.6.63 → 0.6.65

package/app/app/api/ask/route.ts

@@ -24,6 +24,7 @@ import { isProviderId, type ProviderId, toPiProvider } from '@/lib/agent/provide
 import { getRequestScopedTools, getOrganizeTools, getChatTools, WRITE_TOOLS, truncate } from '@/lib/agent/tools';
 import { isCustomProviderId, findCustomProvider } from '@/lib/custom-endpoints';
 import { AGENT_SYSTEM_PROMPT, ORGANIZE_SYSTEM_PROMPT, CHAT_SYSTEM_PROMPT } from '@/lib/agent/prompt';
+import { estimateStringTokens, getOllamaContextWindow } from '@/lib/agent/context';
 import type { AskModeApi } from '@/lib/types';
 import { toAgentMessages } from '@/lib/agent/to-agent-messages';
 import { logAgentOp } from '@/lib/agent/log';
@@ -39,6 +40,48 @@ import type { Message as FrontendMessage } from '@/lib/types';
 
 const MAX_DIR_FILES = 30;
 
+/**
+ * Load attached and current files into context parts for the system prompt.
+ * Returns the context parts array and a list of file paths that failed to load.
+ * Deduplicates files and logs failures with the given mode label.
+ */
+function loadAttachedFileContext(
+  attachedFiles: string[] | undefined,
+  currentFile: string | undefined,
+  mode: string,
+): { contextParts: string[]; failedFiles: string[] } {
+  const contextParts: string[] = [];
+  const failedFiles: string[] = [];
+  const seen = new Set<string>();
+
+  if (Array.isArray(attachedFiles) && attachedFiles.length > 0) {
+    for (const filePath of attachedFiles) {
+      if (seen.has(filePath)) continue;
+      seen.add(filePath);
+      try {
+        const content = truncate(getFileContent(filePath));
+        contextParts.push(`## Attached: ${filePath}\n\n${content}`);
+      } catch (err) {
+        console.warn(`[ask] ${mode}: failed to read attached file "${filePath}":`, err instanceof Error ? err.message : err);
+        failedFiles.push(filePath);
+      }
+    }
+  }
+
+  if (currentFile && !seen.has(currentFile)) {
+    seen.add(currentFile);
+    try {
+      const content = truncate(getFileContent(currentFile));
+      contextParts.push(`## Current file: ${currentFile}\n\n${content}`);
+    } catch (err) {
+      console.warn(`[ask] ${mode}: failed to read currentFile "${currentFile}":`, err instanceof Error ? err.message : err);
+      failedFiles.push(currentFile);
+    }
+  }
+
+  return { contextParts, failedFiles };
+}
+
 /** Expand attachedFiles entries: directory paths (trailing /) become individual file paths. */
 function expandAttachedFiles(raw: string[]): string[] {
   const result: string[] = [];
@@ -722,6 +765,11 @@ export async function POST(req: NextRequest) {
     : body.mode === 'chat' ? 'chat'
     : 'agent';
 
+  // Diagnostic: log attached files so silent failures are visible
+  if (Array.isArray(attachedFiles) && attachedFiles.length > 0) {
+    console.log(`[ask] mode=${askMode} attachedFiles=${JSON.stringify(attachedFiles)} currentFile=${currentFile ?? 'none'}`);
+  }
+
   // Read agent config from settings
   const serverSettings = readSettings();
   const agentConfig = serverSettings.agent ?? {};
@@ -758,7 +806,7 @@ export async function POST(req: NextRequest) {
   let systemPrompt: string;
 
   if (askMode === 'organize') {
-    // Organize mode: minimal prompt — only KB structure + uploaded files
+    // Organize mode: minimal prompt — only KB structure + attached/uploaded files
     const promptParts: string[] = [ORGANIZE_SYSTEM_PROMPT];
 
     promptParts.push(`---\n\nmind_root=${getMindRoot()}`);
@@ -769,6 +817,15 @@ export async function POST(req: NextRequest) {
       promptParts.push(`---\n\n## Knowledge Base Structure\n\n${bootstrapIndex.content}`);
     }
 
+    // Include attached KB files (@ mentions) — same pattern as chat/agent modes
+    const { contextParts, failedFiles } = loadAttachedFileContext(attachedFiles, currentFile, 'organize');
+    if (contextParts.length > 0) {
+      promptParts.push(`---\n\nThe user is currently viewing these files:\n\n${contextParts.join('\n\n---\n\n')}`);
+    }
+    if (failedFiles.length > 0) {
+      promptParts.push(`---\n\n⚠️ The following attached files could not be read: ${failedFiles.join(', ')}. Inform the user that these files were not loaded.`);
+    }
+
     if (uploadedParts.length > 0) {
       promptParts.push(
         `---\n\n## ⚠️ USER-UPLOADED FILES\n\n` +
@@ -794,28 +851,13 @@ export async function POST(req: NextRequest) {
     const now = new Date();
     promptParts.push(`---\n\n## Current Time Context\n- Current UTC Time: ${now.toISOString()}\n- System Local Time: ${new Intl.DateTimeFormat('en-US', { dateStyle: 'full', timeStyle: 'long' }).format(now)}`);
 
-    const contextParts: string[] = [];
-    const seen = new Set<string>();
-    if (Array.isArray(attachedFiles) && attachedFiles.length > 0) {
-      for (const filePath of attachedFiles!) {
-        if (seen.has(filePath)) continue;
-        seen.add(filePath);
-        try {
-          const content = truncate(getFileContent(filePath));
-          contextParts.push(`## Attached: ${filePath}\n\n${content}`);
-        } catch { /* ignore missing files */ }
-      }
-    }
-    if (currentFile && !seen.has(currentFile)) {
-      seen.add(currentFile);
-      try {
-        const content = truncate(getFileContent(currentFile));
-        contextParts.push(`## Current file: ${currentFile}\n\n${content}`);
-      } catch { /* ignore */ }
-    }
+    const { contextParts, failedFiles } = loadAttachedFileContext(attachedFiles, currentFile, 'chat');
     if (contextParts.length > 0) {
       promptParts.push(`---\n\nThe user is currently viewing these files:\n\n${contextParts.join('\n\n---\n\n')}`);
     }
+    if (failedFiles.length > 0) {
+      promptParts.push(`---\n\n⚠️ The following attached files could not be read: ${failedFiles.join(', ')}. Inform the user that these files were not loaded.`);
+    }
 
     if (uploadedParts.length > 0) {
       promptParts.push(
@@ -927,28 +969,7 @@ export async function POST(req: NextRequest) {
     if (bootstrap.target_config_json?.ok) initContextBlocks.push(`## bootstrap_target_config_json\n\n${bootstrap.target_config_json.content}`);
 
     // Build initial context from attached/current files
-    const contextParts: string[] = [];
-    const seen = new Set<string>();
-    const hasAttached = Array.isArray(attachedFiles) && attachedFiles.length > 0;
-
-    if (hasAttached) {
-      for (const filePath of attachedFiles!) {
-        if (seen.has(filePath)) continue;
-        seen.add(filePath);
-        try {
-          const content = truncate(getFileContent(filePath));
-          contextParts.push(`## Attached: ${filePath}\n\n${content}`);
-        } catch { /* ignore missing files */ }
-      }
-    }
-
-    if (currentFile && !seen.has(currentFile)) {
-      seen.add(currentFile);
-      try {
-        const content = truncate(getFileContent(currentFile));
-        contextParts.push(`## Current file: ${currentFile}\n\n${content}`);
-      } catch { /* ignore */ }
-    }
+    const { contextParts, failedFiles } = loadAttachedFileContext(attachedFiles, currentFile, 'agent');
 
     const now = new Date();
     const timeContext = `## Current Time Context
@@ -973,6 +994,9 @@ export async function POST(req: NextRequest) {
     if (contextParts.length > 0) {
       promptParts.push(`---\n\nThe user is currently viewing these files:\n\n${contextParts.join('\n\n---\n\n')}`);
     }
+    if (failedFiles.length > 0) {
+      promptParts.push(`---\n\n⚠️ The following attached files could not be read: ${failedFiles.join(', ')}. Inform the user that these files were not loaded.`);
+    }
 
     if (uploadedParts.length > 0) {
       promptParts.push(
@@ -987,6 +1011,9 @@ export async function POST(req: NextRequest) {
     systemPrompt = promptParts.join('\n\n');
   }
 
+  // Log system prompt size for diagnosing context truncation issues (e.g. Ollama)
+  console.log(`[ask] mode=${askMode} systemPrompt=${systemPrompt.length} chars (~${Math.ceil(systemPrompt.length / 4)} tokens)`);
+
   try {
     let provOverride: ProviderId | undefined;
     let customProviderConfig: { apiKey: string; model: string; baseUrl: string } | undefined;
@@ -995,11 +1022,11 @@ export async function POST(req: NextRequest) {
     if (body.providerOverride) {
       if (isCustomProviderId(body.providerOverride)) {
         const settings = readSettings();
-        const customProvider = findCustomProvider(settings.customProviders ?? [], body.providerOverride);
+        const customProvider = findCustomProvider(settings.ai.providers ?? [], body.providerOverride);
         if (!customProvider) {
           return apiError(ErrorCodes.INVALID_REQUEST, 'Custom provider not found', 400);
         }
-        provOverride = customProvider.baseProviderId;
+        provOverride = customProvider.protocol;
         customProviderConfig = {
           apiKey: customProvider.apiKey,
           model: customProvider.model,
@@ -1022,6 +1049,59 @@ export async function POST(req: NextRequest) {
       hasImages: hasImages(messages),
     });
 
+    // ── Ollama context window guard ──
+    // Ollama silently truncates input that exceeds the model's actual context window.
+    // Detect this and compact the system prompt to prevent attached files from being dropped.
+    if (provider === 'ollama') {
+      const ollamaBase = baseUrl || 'http://localhost:11434/v1';
+      const actualCtx = await getOllamaContextWindow(ollamaBase, modelName);
+      const promptTokens = estimateStringTokens(systemPrompt);
+      // Reserve ~30% of context for conversation history + model output
+      const maxPromptTokens = actualCtx ? Math.floor(actualCtx * 0.7) : undefined;
+
+      if (actualCtx) {
+        console.log(`[ask] Ollama model="${modelName}" context=${actualCtx} promptTokens=${promptTokens} maxPromptTokens=${maxPromptTokens}`);
+      }
+
+      if (maxPromptTokens && promptTokens > maxPromptTokens) {
+        console.warn(`[ask] Ollama context overflow: prompt ${promptTokens} tokens > ${maxPromptTokens} max (${actualCtx} ctx). Compacting...`);
+        // Compact by progressively stripping lower-priority sections from system prompt.
+        // Priority order (keep first, strip last):
+        //   1. Core system prompt (AGENT/CHAT/ORGANIZE base) — must keep
+        //   2. Attached/current file content — user explicitly requested these
+        //   3. KB structure (README.md) — important for navigation
+        //   4. Time context — low priority
+        //   5. SKILL.md + write-supplement — largest sections, can be stripped
+        //   6. bootstrap INSTRUCTION/CONFIG — can be stripped for local models
+
+        // Strategy: strip sections between "---" delimiters from the end,
+        // but preserve sections containing "Attached:" or "Current file:" or "USER-UPLOADED"
+        const sections = systemPrompt.split('\n\n---\n\n');
+        const preserved: string[] = [];
+        let currentTokens = 0;
+
+        for (const section of sections) {
+          const sectionTokens = estimateStringTokens(section);
+          const isAttachment = section.includes('## Attached:') || section.includes('## Current file:') || section.includes('USER-UPLOADED');
+          const isCore = preserved.length === 0; // first section = base system prompt
+
+          if (isCore || isAttachment) {
+            // Always keep core prompt and user attachments
+            preserved.push(section);
+            currentTokens += sectionTokens;
+          } else if (currentTokens + sectionTokens <= maxPromptTokens) {
+            preserved.push(section);
+            currentTokens += sectionTokens;
+          } else {
+            console.log(`[ask] Ollama compact: stripping section (${sectionTokens} tokens): ${section.slice(0, 80)}...`);
+          }
+        }
+
+        systemPrompt = preserved.join('\n\n---\n\n');
+        console.log(`[ask] Ollama compacted: ${promptTokens} → ${estimateStringTokens(systemPrompt)} tokens`);
+      }
+    }
+
     // Convert frontend messages to AgentMessage[]
     const agentMessages = toAgentMessages(messages);
 

package/app/app/api/mcp/agents/route.ts

@@ -20,7 +20,7 @@ import { readSettings } from '@/lib/settings';
 import { scanSkillDirs } from '@/lib/pi-integration/skills';
 import { getMindRoot } from '@/lib/fs';
 
-function enrichMindOsAgent(agent: Record<string, unknown>) {
+async function enrichMindOsAgent(agent: Record<string, unknown>) {
   agent.present = true;
   agent.installed = true;
   agent.scope = 'builtin';
@@ -35,7 +35,7 @@ function enrichMindOsAgent(agent: Record<string, unknown>) {
 
   try {
     const projectRoot = process.env.MINDOS_PROJECT_ROOT || path.resolve(process.cwd(), '..');
-    const skills = scanSkillDirs({ projectRoot, mindRoot: getMindRoot() });
+    const skills = await scanSkillDirs({ projectRoot, mindRoot: getMindRoot() });
     const enabledSkills = skills.filter(s => s.enabled);
     agent.installedSkillNames = enabledSkills.map(s => s.name);
     agent.installedSkillCount = enabledSkills.length;
@@ -217,7 +217,7 @@ export async function GET() {
     });
 
     const mindos = agents.find(a => a.key === 'mindos');
-    if (mindos) enrichMindOsAgent(mindos as unknown as Record<string, unknown>);
+    if (mindos) await enrichMindOsAgent(mindos as unknown as Record<string, unknown>);
 
     // Runtime verification: for agents marked as installed with HTTP endpoint,
     // verify endpoint is reachable (1s timeout to avoid blocking)

package/app/app/api/settings/list-models/route.ts

@@ -1,45 +1,34 @@
 export const dynamic = 'force-dynamic';
 import { NextRequest, NextResponse } from 'next/server';
 import { getModels as piGetModels } from '@mariozechner/pi-ai';
-import { effectiveAiConfig } from '@/lib/settings';
+import { effectiveAiConfig, readSettings } from '@/lib/settings';
 import { type ProviderId, isProviderId, PROVIDER_PRESETS, toPiProvider, getDefaultBaseUrl } from '@/lib/agent/providers';
-import { isCustomProviderId, parseCustomProviders } from '@/lib/custom-endpoints';
+import { isProviderEntryId, findProvider } from '@/lib/custom-endpoints';
 
 const TIMEOUT = 10_000;
 
 export async function POST(req: NextRequest) {
   try {
     const body = await req.json();
-    const { provider, customProviderId, apiKey, baseUrl } = body as {
+    const { provider, apiKey, baseUrl } = body as {
       provider?: string;
-      customProviderId?: string;
       apiKey?: string;
       baseUrl?: string;
     };
 
-    // Handle custom provider
-    if (customProviderId) {
-      if (!isCustomProviderId(customProviderId)) {
-        return NextResponse.json({ ok: false, error: 'Invalid custom provider ID' }, { status: 400 });
+    // Handle provider entry ID (p_*) — look up from unified providers list
+    if (provider && isProviderEntryId(provider)) {
+      const settings = readSettings();
+      const entry = findProvider(settings.ai.providers, provider);
+      if (!entry) {
+        return NextResponse.json({ ok: false, error: 'Provider not found' }, { status: 404 });
       }
-      
-      // Fetch custom provider from settings
-      const settings = await fetch(new URL('/api/settings', req.url), {
-        headers: req.headers,
-      }).then(r => r.json() as Promise<any>);
-      
-      const customProviders = parseCustomProviders(settings.customProviders);
-      const cp = customProviders.find(p => p.id === customProviderId);
-      if (!cp) {
-        return NextResponse.json({ ok: false, error: 'Custom provider not found' }, { status: 404 });
-      }
-      
-      // Use the custom provider's base provider type to fetch models
+
       const ctrl = new AbortController();
       const timer = setTimeout(() => ctrl.abort(), TIMEOUT);
-      
+
       try {
-        const models = await fetchModels(cp.baseProviderId as ProviderId, cp.apiKey, cp.baseUrl, ctrl.signal);
+        const models = await fetchModels(entry.protocol, apiKey || entry.apiKey, baseUrl || entry.baseUrl, ctrl.signal);
         return NextResponse.json({ ok: true, models });
       } catch (e: unknown) {
         if (e instanceof Error && e.name === 'AbortError') {
@@ -51,7 +40,7 @@ export async function POST(req: NextRequest) {
       }
     }
 
-    // Handle built-in provider
+    // Handle built-in protocol ID (openai, anthropic, etc.)
     if (!provider || !isProviderId(provider)) {
       return NextResponse.json({ ok: false, error: 'Invalid provider' }, { status: 400 });
     }
@@ -64,9 +53,9 @@ export async function POST(req: NextRequest) {
       return NextResponse.json({ ok: true, models });
     }
 
-    const cfg = effectiveAiConfig(provider as ProviderId);
+    const cfg = effectiveAiConfig();
     let resolvedKey = apiKey || '';
-    if (!resolvedKey || resolvedKey === '***set***') {
+    if (!resolvedKey) {
       resolvedKey = cfg.apiKey;
     }
 

package/app/app/api/settings/route.ts

@@ -2,8 +2,8 @@ export const dynamic = 'force-dynamic';
 import { NextRequest, NextResponse } from 'next/server';
 import { readSettings, writeSettings, ServerSettings } from '@/lib/settings';
 import { invalidateCache } from '@/lib/fs';
-import { PROVIDER_PRESETS, ALL_PROVIDER_IDS, getApiKeyEnvVar, getApiKeyFromEnv } from '@/lib/agent/providers';
-import { maskCustomProviderKey, parseCustomProviders, type CustomProvider } from '@/lib/custom-endpoints';
+import { ALL_PROVIDER_IDS, getApiKeyEnvVar, getApiKeyFromEnv } from '@/lib/agent/providers';
+import { parseProviders } from '@/lib/custom-endpoints';
 
 function maskToken(token: string | undefined): string {
   if (!token) return '';
@@ -35,32 +35,19 @@ export async function GET() {
     }
   }
 
-  // Mask API keys for all configured providers
-  const maskedProviders: Record<string, { apiKey: string; model: string; baseUrl?: string }> = {};
-  for (const [id, cfg] of Object.entries(settings.ai.providers)) {
-    if (!cfg) continue;
-    maskedProviders[id] = {
-      apiKey: cfg.apiKey ? '***set***' : '',
-      model: cfg.model ?? '',
-      ...(cfg.baseUrl !== undefined ? { baseUrl: cfg.baseUrl } : {}),
-    };
-  }
-
-  const masked = {
+  return NextResponse.json({
     ai: {
-      provider: settings.ai.provider,
-      providers: maskedProviders,
+      activeProvider: settings.ai.activeProvider,
+      providers: settings.ai.providers,
     },
     mindRoot: settings.mindRoot,
-    webPassword: settings.webPassword ? '***set***' : '',
+    webPassword: settings.webPassword ?? '',
     authToken: maskToken(settings.authToken),
     mcpPort: settings.mcpPort ?? 8781,
     agent: settings.agent ?? {},
     envOverrides,
     envValues,
-    customProviders: (settings.customProviders ?? []).map(maskCustomProviderKey),
-  };
-  return NextResponse.json(masked);
+  });
 }
 
 export async function POST(req: NextRequest) {
@@ -68,28 +55,14 @@ export async function POST(req: NextRequest) {
     const body = await req.json() as Partial<ServerSettings>;
     const current = readSettings();
 
-    // Merge providers dynamically, preserving masked keys ('***set***' = keep existing)
-    const mergedProviders = { ...current.ai.providers };
-    if (body.ai?.providers) {
-      for (const [id, incoming] of Object.entries(body.ai.providers)) {
-        if (!incoming) continue;
-        const cur = mergedProviders[id as keyof typeof mergedProviders] ?? { apiKey: '', model: '' };
-        mergedProviders[id as keyof typeof mergedProviders] = {
-          ...cur,
-          ...incoming,
-          apiKey: incoming.apiKey === '***set***'
-            ? (cur.apiKey ?? '')
-            : (incoming.apiKey ?? cur.apiKey ?? ''),
-          model: incoming.model ?? cur.model ?? '',
-        };
-      }
+    // Resolve AI config
+    const resolvedAi = { ...current.ai };
+    if (body.ai) {
+      if (body.ai.activeProvider !== undefined) resolvedAi.activeProvider = body.ai.activeProvider;
+      if (body.ai.providers !== undefined) resolvedAi.providers = parseProviders(body.ai.providers);
     }
 
-    // Resolve webPassword: '***set***' means keep existing, '' means clear, anything else = new value
-    const incomingWebPassword = body.webPassword;
-    const resolvedWebPassword = incomingWebPassword === '***set***'
-      ? current.webPassword
-      : (incomingWebPassword ?? current.webPassword);
+    const resolvedWebPassword = body.webPassword ?? current.webPassword;
 
     // authToken is read-only via POST (use /api/settings/reset-token to regenerate)
     // but allow clearing it by passing empty string
@@ -110,25 +83,8 @@ export async function POST(req: NextRequest) {
       }
     }
 
-    // Handle customProviders: merge with existing, preserving masked keys
-    let resolvedCustomProviders = current.customProviders ?? [];
-    if (body.customProviders !== undefined) {
-      const incoming = parseCustomProviders(body.customProviders);
-      resolvedCustomProviders = incoming.map(cp => {
-        // If API key is masked, keep existing key
-        if (cp.apiKey === '***set***') {
-          const existing = (current.customProviders ?? []).find(e => e.id === cp.id);
-          return { ...cp, apiKey: existing?.apiKey ?? '' };
-        }
-        return cp;
-      });
-    }
-
     const next: ServerSettings = {
-      ai: {
-        provider: body.ai?.provider ?? current.ai.provider,
-        providers: mergedProviders,
-      },
+      ai: resolvedAi,
       mindRoot: body.mindRoot ?? current.mindRoot,
       agent: body.agent ?? current.agent,
       webPassword: resolvedWebPassword,
@@ -137,7 +93,6 @@ export async function POST(req: NextRequest) {
       mcpPort: typeof body.mcpPort === 'number' ? body.mcpPort : current.mcpPort,
       startMode: body.startMode ?? current.startMode,
       connectionMode: resolvedConnectionMode,
-      customProviders: resolvedCustomProviders,
     };
 
     writeSettings(next);

package/app/app/api/settings/test-key/route.ts

@@ -4,7 +4,7 @@ import { complete } from '@mariozechner/pi-ai';
 import { effectiveAiConfig, readBaseUrlCompat, writeSettings, readSettings } from '@/lib/settings';
 import { getModelConfig } from '@/lib/agent/model';
 import { type ProviderId, isProviderId } from '@/lib/agent/providers';
-import { isCustomProviderId, findCustomProvider } from '@/lib/custom-endpoints';
+import { isProviderEntryId, findProvider } from '@/lib/custom-endpoints';
 
 const TIMEOUT = 15_000;
 
@@ -40,26 +40,60 @@ function classifyPiAiError(err: unknown): { code: ErrorCode; error: string } {
 export async function POST(req: NextRequest) {
   try {
     const body = await req.json();
-    const { provider, apiKey, model, baseUrl } = body as {
+    const { provider, apiKey, model, baseUrl, baseProviderId } = body as {
       provider?: string;
       apiKey?: string;
       model?: string;
       baseUrl?: string;
+      /** When set, run an inline test using only the supplied params (no settings fallback). */
+      baseProviderId?: string;
     };
 
-    // Support custom provider IDs (cp_*)
-    if (provider && isCustomProviderId(provider)) {
+    // Inline test for unsaved custom providers — uses only the supplied params.
+    if (baseProviderId && isProviderId(baseProviderId)) {
+      if (!apiKey) {
+        return NextResponse.json({ ok: false, code: 'auth_error', error: 'No API key configured' });
+      }
+      if (!model) {
+        return NextResponse.json({ ok: false, code: 'unknown', error: 'Model is required' }, { status: 400 });
+      }
+      const start = Date.now();
+      const ctrl = new AbortController();
+      const timer = setTimeout(() => ctrl.abort(), TIMEOUT);
+      try {
+        const { model: piModel } = getModelConfig({
+          provider: baseProviderId as ProviderId,
+          apiKey,
+          model,
+          baseUrl: baseUrl || undefined,
+        });
+        await complete(piModel, {
+          messages: [{ role: 'user', content: 'hi', timestamp: Date.now() }],
+        }, {
+          apiKey,
+          signal: ctrl.signal,
+        });
+        return NextResponse.json({ ok: true, latency: Date.now() - start });
+      } catch (e) {
+        return NextResponse.json({ ok: false, ...classifyPiAiError(e) });
+      } finally {
+        clearTimeout(timer);
+      }
+    }
+
+    // Support provider entry IDs (p_*) — look up from unified providers list
+    if (provider && isProviderEntryId(provider)) {
       const settings = readSettings();
-      const cp = findCustomProvider(settings.customProviders ?? [], provider);
-      if (!cp) {
+      const entry = findProvider(settings.ai.providers, provider);
+      if (!entry) {
         return NextResponse.json(
-          { ok: false, code: 'unknown', error: 'Custom provider not found' },
+          { ok: false, code: 'unknown', error: 'Provider not found' },
           { status: 400 },
         );
       }
-      const resolvedKey = (apiKey && apiKey !== '***set***') ? apiKey : cp.apiKey;
-      const resolvedModel = model || cp.model;
-      const resolvedBaseUrl = baseUrl || cp.baseUrl;
+      const resolvedKey = apiKey || entry.apiKey;
+      const resolvedModel = model || entry.model;
+      const resolvedBaseUrl = baseUrl || entry.baseUrl;
       if (!resolvedKey) {
         return NextResponse.json({ ok: false, code: 'auth_error', error: 'No API key configured' });
       }
@@ -68,7 +102,7 @@ export async function POST(req: NextRequest) {
       const timer = setTimeout(() => ctrl.abort(), TIMEOUT);
       try {
         const { model: piModel } = getModelConfig({
-          provider: cp.baseProviderId,
+          provider: entry.protocol,
           apiKey: resolvedKey,
           model: resolvedModel || undefined,
           baseUrl: resolvedBaseUrl || undefined,
@@ -87,6 +121,7 @@ export async function POST(req: NextRequest) {
       }
     }
 
+    // Legacy: support raw protocol IDs (openai, anthropic, etc.)
     if (!provider || !isProviderId(provider)) {
       return NextResponse.json(
         { ok: false, code: 'unknown', error: 'Invalid provider' },
@@ -96,7 +131,7 @@ export async function POST(req: NextRequest) {
 
     const cfg = effectiveAiConfig(provider as ProviderId);
     let resolvedKey = apiKey || '';
-    if (!resolvedKey || resolvedKey === '***set***') {
+    if (!resolvedKey) {
       resolvedKey = cfg.apiKey;
     }
 

package/app/app/api/setup/route.ts

@@ -6,6 +6,7 @@ import { readSettings, writeSettings, ServerSettings } from '@/lib/settings';
 import { applyTemplate } from '@/lib/template';
 import { expandSetupPathHome } from './path-utils';
 import { type ProviderId, isProviderId, PROVIDER_PRESETS } from '@/lib/agent/providers';
+import { type Provider, generateProviderId, findProvider } from '@/lib/custom-endpoints';
 
 function maskApiKey(key: string): string {
   if (!key || key.length < 6) return key ? '***' : '';
@@ -20,15 +21,14 @@ export async function GET() {
     const defaultMindRoot = s.mindRoot || [home, 'MindOS', 'mind'].join(sep);
 
     // Build providerConfigs for frontend (masked keys)
-    const providerConfigs: Record<string, { model: string; baseUrl?: string; apiKeyMask: string }> = {};
-    for (const [id, cfg] of Object.entries(s.ai.providers)) {
-      if (!cfg) continue;
-      providerConfigs[id] = {
-        model: cfg.model,
-        baseUrl: cfg.baseUrl,
-        apiKeyMask: maskApiKey(cfg.apiKey),
-      };
-    }
+    const providerConfigs = s.ai.providers.map(p => ({
+      id: p.id,
+      name: p.name,
+      protocol: p.protocol,
+      model: p.model,
+      baseUrl: p.baseUrl,
+      apiKeyMask: maskApiKey(p.apiKey),
+    }));
 
     return NextResponse.json({
       mindRoot: defaultMindRoot,
@@ -38,7 +38,7 @@ export async function GET() {
       mcpPort: s.mcpPort ?? 8781,
       authToken: s.authToken ?? '',
       webPassword: s.webPassword ?? '',
-      provider: s.ai.provider,
+      activeProvider: s.ai.activeProvider,
       providerConfigs,
       guideState: s.guideState ?? null,
     });
@@ -104,23 +104,41 @@ export async function POST(req: NextRequest) {
     // configured key with blank just because the user didn't re-enter it.
     let mergedAi = current.ai;
     if (ai) {
-      const newProvider = ai.provider && isProviderId(ai.provider) ? ai.provider : current.ai.provider;
-      const mergedProviders = { ...current.ai.providers };
+      const mergedProviders = [...current.ai.providers];
 
       // Merge each provider's config from the incoming payload
       if (ai.providers && typeof ai.providers === 'object') {
         for (const [id, inCfg] of Object.entries(ai.providers as Record<string, any>)) {
           if (!isProviderId(id) || !inCfg) continue;
-          const existing = mergedProviders[id] ?? { apiKey: '', model: PROVIDER_PRESETS[id].defaultModel };
-          mergedProviders[id] = {
-            apiKey: inCfg.apiKey || existing.apiKey,
-            model: inCfg.model || existing.model,
-            ...(inCfg.baseUrl !== undefined ? { baseUrl: inCfg.baseUrl } : existing.baseUrl ? { baseUrl: existing.baseUrl } : {}),
+          const preset = PROVIDER_PRESETS[id];
+          const existingIdx = mergedProviders.findIndex(p => p.protocol === id);
+          const existing = existingIdx >= 0 ? mergedProviders[existingIdx] : null;
+
+          const merged: Provider = {
+            id: existing?.id ?? generateProviderId(),
+            name: existing?.name ?? preset?.name ?? id,
+            protocol: id,
+            apiKey: inCfg.apiKey || existing?.apiKey || '',
+            model: inCfg.model || existing?.model || preset?.defaultModel || '',
+            baseUrl: inCfg.baseUrl !== undefined ? (inCfg.baseUrl || '') : (existing?.baseUrl ?? ''),
           };
+
+          if (existingIdx >= 0) {
+            mergedProviders[existingIdx] = merged;
+          } else {
+            mergedProviders.push(merged);
+          }
         }
       }
 
-      mergedAi = { provider: newProvider, providers: mergedProviders };
+      // Determine active provider
+      let newActiveProvider = current.ai.activeProvider;
+      if (ai.provider && isProviderId(ai.provider)) {
+        const match = mergedProviders.find(p => p.protocol === ai.provider);
+        if (match) newActiveProvider = match.id;
+      }
+
+      mergedAi = { activeProvider: newActiveProvider, providers: mergedProviders };
     }
 
     const disabledSkills = body.template === 'zh' ? ['mindos'] : ['mindos-zh'];