npm - @nordsym/apiclaw - Versions diffs - 2.1.0 → 2.2.1 - Mend

@nordsym/apiclaw 2.1.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (185) hide show

package/README.md +15 -2
package/dist/bin-http.js +0 -0
package/dist/bin.bundled.js +79288 -0
package/dist/funnel-client.d.ts +24 -0
package/dist/funnel-client.d.ts.map +1 -0
package/dist/funnel-client.js +131 -0
package/dist/funnel-client.js.map +1 -0
package/dist/funnel.test.d.ts +2 -0
package/dist/funnel.test.d.ts.map +1 -0
package/dist/funnel.test.js +145 -0
package/dist/funnel.test.js.map +1 -0
package/dist/gateway-client.d.ts.map +1 -1
package/dist/gateway-client.js +24 -2
package/dist/gateway-client.js.map +1 -1
package/dist/index.bundled.js +61263 -0
package/dist/index.js +161 -74
package/dist/index.js.map +1 -1
package/dist/postinstall.d.ts +0 -5
package/dist/postinstall.d.ts.map +1 -1
package/dist/postinstall.js +24 -3
package/dist/postinstall.js.map +1 -1
package/dist/registration-guard.d.ts +29 -0
package/dist/registration-guard.d.ts.map +1 -0
package/dist/registration-guard.js +87 -0
package/dist/registration-guard.js.map +1 -0
package/package.json +7 -2
package/.claude/settings.local.json +0 -9
package/.env.prod +0 -1
package/apiclaw-README.md +0 -494
package/convex/_generated/api.d.ts +0 -137
package/convex/_generated/api.js +0 -23
package/convex/_generated/dataModel.d.ts +0 -60
package/convex/_generated/server.d.ts +0 -143
package/convex/_generated/server.js +0 -93
package/convex/adminActivate.ts +0 -53
package/convex/adminStats.ts +0 -306
package/convex/agents.ts +0 -939
package/convex/analytics.ts +0 -187
package/convex/apiKeys.ts +0 -220
package/convex/backfillAnalytics.ts +0 -272
package/convex/backfillSearchLogs.ts +0 -35
package/convex/billing.ts +0 -834
package/convex/capabilities.ts +0 -157
package/convex/chains.ts +0 -1318
package/convex/credits.ts +0 -211
package/convex/crons.ts +0 -50
package/convex/debugFilestackLogs.ts +0 -16
package/convex/debugGetToken.ts +0 -18
package/convex/directCall.ts +0 -713
package/convex/earnProgress.ts +0 -753
package/convex/email.ts +0 -329
package/convex/feedback.ts +0 -265
package/convex/http.ts +0 -3430
package/convex/inbound.ts +0 -32
package/convex/logs.ts +0 -701
package/convex/migrateFilestack.ts +0 -81
package/convex/migratePartnersProd.ts +0 -174
package/convex/migratePratham.ts +0 -126
package/convex/migrateProviderWorkspaces.ts +0 -175
package/convex/mou.ts +0 -91
package/convex/providerKeys.ts +0 -289
package/convex/providers.ts +0 -1135
package/convex/purchases.ts +0 -183
package/convex/ratelimit.ts +0 -104
package/convex/schema.ts +0 -869
package/convex/searchLogs.ts +0 -265
package/convex/seedAPILayerAPIs.ts +0 -191
package/convex/seedDirectCallConfigs.ts +0 -336
package/convex/seedPratham.ts +0 -149
package/convex/spendAlerts.ts +0 -442
package/convex/stripeActions.ts +0 -607
package/convex/teams.ts +0 -243
package/convex/telemetry.ts +0 -81
package/convex/tsconfig.json +0 -25
package/convex/updateAPIStatus.ts +0 -44
package/convex/usage.ts +0 -260
package/convex/usageReports.ts +0 -357
package/convex/waitlist.ts +0 -55
package/convex/webhooks.ts +0 -494
package/convex/workspaceSettings.ts +0 -143
package/convex/workspaces.ts +0 -1331
package/convex.json +0 -3
package/direct-test.mjs +0 -51
package/email-templates/filestack-provider-outreach.html +0 -162
package/email-templates/partnership-template.html +0 -116
package/email-templates/pratham-draft-preview.txt +0 -57
package/email-templates/pratham-partnership-draft.html +0 -141
package/reports/APIClaw-Session-Report-2026-04-05.pdf +0 -0
package/reports/pipeline/PIPELINE-REPORT.json +0 -153
package/reports/pipeline/acquire_apisguru.json +0 -17
package/reports/pipeline/capabilities.json +0 -38
package/reports/pipeline/discover_azure_recursive.json +0 -1551
package/reports/pipeline/discover_github.json +0 -25
package/reports/pipeline/discover_github_repos.json +0 -49
package/reports/pipeline/discover_swaggerhub.json +0 -24
package/reports/pipeline/discover_well_known.json +0 -23
package/reports/pipeline/fetch_specs.json +0 -19
package/reports/pipeline/generate_providers.json +0 -14
package/reports/pipeline/match_registry.json +0 -11
package/reports/pipeline/parse_specs.json +0 -17
package/reports/pipeline/promote_candidates.json +0 -34
package/reports/pipeline/validate.json +0 -30
package/reports/pipeline/validate_smoke_details.json +0 -3835
package/reports/session-report-2026-04-05.html +0 -433
package/seed-apis-direct.mjs +0 -106
package/src/access-control.ts +0 -174
package/src/adapters/base.ts +0 -364
package/src/adapters/claude-desktop.ts +0 -41
package/src/adapters/cline.ts +0 -88
package/src/adapters/continue.ts +0 -91
package/src/adapters/cursor.ts +0 -43
package/src/adapters/custom.ts +0 -188
package/src/adapters/detect.ts +0 -202
package/src/adapters/index.ts +0 -47
package/src/adapters/windsurf.ts +0 -44
package/src/bin-http.ts +0 -45
package/src/bin.ts +0 -34
package/src/capability-router.ts +0 -331
package/src/chainExecutor.ts +0 -730
package/src/chainResolver.test.ts +0 -246
package/src/chainResolver.ts +0 -658
package/src/cli/commands/demo.ts +0 -109
package/src/cli/commands/doctor.ts +0 -435
package/src/cli/commands/index.ts +0 -9
package/src/cli/commands/login.ts +0 -203
package/src/cli/commands/mcp-install.ts +0 -373
package/src/cli/commands/restore.ts +0 -333
package/src/cli/commands/setup.ts +0 -297
package/src/cli/commands/uninstall.ts +0 -240
package/src/cli/index.ts +0 -148
package/src/cli.ts +0 -370
package/src/confirmation.ts +0 -296
package/src/credentials.ts +0 -455
package/src/credits.ts +0 -329
package/src/crypto.ts +0 -75
package/src/discovery.ts +0 -568
package/src/enterprise/env.ts +0 -156
package/src/enterprise/index.ts +0 -7
package/src/enterprise/script-generator.ts +0 -481
package/src/execute-dynamic.ts +0 -617
package/src/execute.ts +0 -2386
package/src/gateway-client.ts +0 -192
package/src/hivr-whitelist.ts +0 -110
package/src/http-api.ts +0 -286
package/src/http-server-minimal.ts +0 -154
package/src/index.ts +0 -2611
package/src/intelligent-gateway.ts +0 -339
package/src/mcp-analytics.ts +0 -156
package/src/metered.ts +0 -149
package/src/open-apis-generated.ts +0 -157
package/src/open-apis.ts +0 -558
package/src/postinstall.ts +0 -18
package/src/product-whitelist.ts +0 -246
package/src/proxy.ts +0 -36
package/src/session.ts +0 -129
package/src/stripe.ts +0 -497
package/src/telemetry.ts +0 -71
package/src/test.ts +0 -135
package/src/types/convex-api.d.ts +0 -20
package/src/types/convex-api.ts +0 -21
package/src/types.ts +0 -109
package/src/ui/colors.ts +0 -219
package/src/ui/errors.ts +0 -394
package/src/ui/index.ts +0 -17
package/src/ui/prompts.ts +0 -390
package/src/ui/spinner.ts +0 -325
package/src/utils/backup.ts +0 -224
package/src/utils/config.ts +0 -318
package/src/utils/os.ts +0 -124
package/src/utils/paths.ts +0 -203
package/src/webhook.ts +0 -107
package/test-10-working.cjs +0 -97
package/test-14-final.cjs +0 -96
package/test-actual-handlers.ts +0 -92
package/test-apilayer-all-14.ts +0 -249
package/test-apilayer-fixed.ts +0 -248
package/test-direct-endpoints.ts +0 -174
package/test-exact-endpoints.ts +0 -144
package/test-final.ts +0 -83
package/test-full-routing.ts +0 -100
package/test-handlers-correct.ts +0 -217
package/test-numverify-key.ts +0 -41
package/test-via-handlers.ts +0 -92
package/test-worldnews.mjs +0 -26
package/tsconfig.json +0 -20

package/convex/directCall.ts DELETED Viewed

@@ -1,713 +0,0 @@
-import { v } from "convex/values";
-import { mutation, query } from "./_generated/server";
-// ============================================
-// MUTATIONS
-// ============================================
-/**
- * Save/update provider's Direct Call configuration
- */
-export const saveDirectCallConfig = mutation({
-  args: {
-    id: v.optional(v.id("providerDirectCall")),
-    providerId: v.id("providers"),
-    apiId: v.optional(v.id("providerAPIs")),
-    baseUrl: v.string(),
-    authType: v.string(),
-    authHeader: v.string(),
-    authPrefix: v.string(),
-    encryptedMasterKey: v.string(),
-    rateLimitPerUser: v.number(),
-    rateLimitPerDay: v.number(),
-    pricePerRequest: v.number(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    if (args.id) {
-      // Update existing
-      await ctx.db.patch(args.id, {
-        baseUrl: args.baseUrl,
-        authType: args.authType,
-        authHeader: args.authHeader,
-        authPrefix: args.authPrefix,
-        encryptedMasterKey: args.encryptedMasterKey,
-        rateLimitPerUser: args.rateLimitPerUser,
-        rateLimitPerDay: args.rateLimitPerDay,
-        pricePerRequest: args.pricePerRequest,
-        updatedAt: now,
-      });
-      return args.id;
-    }
-    // Create new
-    return await ctx.db.insert("providerDirectCall", {
-      providerId: args.providerId,
-      apiId: args.apiId,
-      baseUrl: args.baseUrl,
-      authType: args.authType,
-      authHeader: args.authHeader,
-      authPrefix: args.authPrefix,
-      encryptedMasterKey: args.encryptedMasterKey,
-      rateLimitPerUser: args.rateLimitPerUser,
-      rateLimitPerDay: args.rateLimitPerDay,
-      pricePerRequest: args.pricePerRequest,
-      status: "draft",
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-/**
- * Save Direct Call config with token auth (used by frontend)
- */
-export const saveConfig = mutation({
-  args: {
-    token: v.string(),
-    config: v.object({
-      apiId: v.string(),
-      baseUrl: v.string(),
-      authType: v.string(),
-      authHeader: v.string(),
-      authPrefix: v.string(),
-      masterApiKey: v.optional(v.string()),
-      rateLimitPerUser: v.number(),
-      rateLimitPerDay: v.number(),
-      pricePerRequest: v.number(),
-      status: v.string(),
-      allowCustomerKeys: v.optional(v.boolean()),
-      requireCustomerKeys: v.optional(v.boolean()),
-    }),
-  },
-  handler: async (ctx, args) => {
-    // Verify session (unified: agentSessions first, fallback to legacy sessions)
-    let providerId: any = null;
-    const agentSession = await ctx.db
-      .query("agentSessions")
-      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
-      .first();
-    if (agentSession) {
-      const provider = await ctx.db
-        .query("providers")
-        .withIndex("by_workspaceId", (q) => q.eq("workspaceId", agentSession.workspaceId))
-        .first();
-      if (!provider) throw new Error("No provider linked to workspace");
-      providerId = provider._id;
-    } else {
-      // Fallback: legacy sessions
-      const session = await ctx.db
-        .query("sessions")
-        .withIndex("by_token", (q) => q.eq("token", args.token))
-        .first();
-      if (!session || session.expiresAt < Date.now()) {
-        throw new Error("Invalid or expired session");
-      }
-      providerId = session.providerId;
-    }
-    const now = Date.now();
-    const { config } = args;
-    // Check if config already exists for this API
-    const existing = await ctx.db
-      .query("providerDirectCall")
-      .filter((q) => q.eq(q.field("apiId"), config.apiId as any))
-      .first();
-    if (existing) {
-      // Update existing
-      const updateData: Record<string, unknown> = {
-        baseUrl: config.baseUrl,
-        authType: config.authType,
-        authHeader: config.authHeader,
-        authPrefix: config.authPrefix,
-        rateLimitPerUser: config.rateLimitPerUser,
-        rateLimitPerDay: config.rateLimitPerDay,
-        pricePerRequest: config.pricePerRequest,
-        status: config.status,
-        allowCustomerKeys: config.allowCustomerKeys ?? true,
-        requireCustomerKeys: config.requireCustomerKeys ?? false,
-        updatedAt: now,
-      };
-      // Only update master key if provided (not empty)
-      if (config.masterApiKey) {
-        updateData.encryptedMasterKey = config.masterApiKey; // In prod: encrypt this
-      }
-      await ctx.db.patch(existing._id, updateData);
-      return existing._id;
-    }
-    // Create new config
-    return await ctx.db.insert("providerDirectCall", {
-      providerId,
-      apiId: config.apiId as any,
-      baseUrl: config.baseUrl,
-      authType: config.authType,
-      authHeader: config.authHeader,
-      authPrefix: config.authPrefix,
-      encryptedMasterKey: config.masterApiKey || "",
-      rateLimitPerUser: config.rateLimitPerUser,
-      rateLimitPerDay: config.rateLimitPerDay,
-      pricePerRequest: config.pricePerRequest,
-      status: config.status as "draft" | "testing" | "live",
-      allowCustomerKeys: config.allowCustomerKeys ?? true,
-      requireCustomerKeys: config.requireCustomerKeys ?? false,
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-/**
- * Create/update an action for a Direct Call config
- */
-export const saveAction = mutation({
-  args: {
-    id: v.optional(v.id("providerActions")),
-    directCallId: v.id("providerDirectCall"),
-    name: v.string(),
-    displayName: v.string(),
-    description: v.string(),
-    method: v.string(),
-    path: v.string(),
-    params: v.array(v.object({
-      name: v.string(),
-      type: v.string(),
-      required: v.boolean(),
-      description: v.string(),
-      default: v.optional(v.any()),
-      in: v.string(),
-    })),
-    responseMapping: v.array(v.object({
-      name: v.string(),
-      path: v.string(),
-    })),
-    enabled: v.boolean(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    if (args.id) {
-      // Update existing
-      await ctx.db.patch(args.id, {
-        name: args.name,
-        displayName: args.displayName,
-        description: args.description,
-        method: args.method,
-        path: args.path,
-        params: args.params,
-        responseMapping: args.responseMapping,
-        enabled: args.enabled,
-        updatedAt: now,
-      });
-      return args.id;
-    }
-    // Create new
-    return await ctx.db.insert("providerActions", {
-      directCallId: args.directCallId,
-      name: args.name,
-      displayName: args.displayName,
-      description: args.description,
-      method: args.method,
-      path: args.path,
-      params: args.params,
-      responseMapping: args.responseMapping,
-      enabled: args.enabled,
-      createdAt: now,
-      updatedAt: now,
-    });
-  },
-});
-/**
- * Delete an action
- */
-export const deleteAction = mutation({
-  args: {
-    id: v.id("providerActions"),
-  },
-  handler: async (ctx, args) => {
-    await ctx.db.delete(args.id);
-    return { success: true };
-  },
-});
-/**
- * Publish Direct Call - set status to live
- * Also marks apiListed earn progress for the provider's workspace
- */
-export const publishDirectCall = mutation({
-  args: {
-    id: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    // Get the direct call config to find the provider
-    const config = await ctx.db.get(args.id);
-    if (!config) {
-      throw new Error("Direct Call config not found");
-    }
-    await ctx.db.patch(args.id, {
-      status: "live",
-      publishedAt: now,
-      updatedAt: now,
-    });
-    // Try to mark apiListed for earn progress
-    // First, get the provider to find their session/workspace
-    const provider = await ctx.db.get(config.providerId);
-    if (provider) {
-      // Find workspace by provider email
-      const workspace = await ctx.db
-        .query("workspaces")
-        .withIndex("by_email", (q) => q.eq("email", provider.email))
-        .first();
-      if (workspace) {
-        // Update earn progress
-        const earnProgress = await ctx.db
-          .query("earnProgress")
-          .withIndex("by_workspaceId", (q) => q.eq("workspaceId", workspace._id))
-          .first();
-        if (earnProgress && !earnProgress.apiListed) {
-          const newTotal = calculateEarnTotal({ ...earnProgress, apiListed: true });
-          await ctx.db.patch(earnProgress._id, {
-            apiListed: true,
-            apiListedAt: now,
-            totalEarned: newTotal,
-            updatedAt: now,
-          });
-          // Add 10 calls to workspace limit
-          await ctx.db.patch(workspace._id, {
-            usageLimit: workspace.usageLimit + 10,
-            updatedAt: now,
-          });
-        } else if (!earnProgress) {
-          // Create earn progress with apiListed
-          await ctx.db.insert("earnProgress", {
-            workspaceId: workspace._id,
-            firstDirectCall: false,
-            apisUsed: [],
-            apisUsedComplete: false,
-            agentListed: false,
-            apiListed: true,
-            apiListedAt: now,
-            byokSetup: false,
-            githubStarred: false,
-            twitterFollowed: false,
-            referralCount: 0,
-            totalEarned: 10,
-            createdAt: now,
-            updatedAt: now,
-          });
-          // Add 10 calls to workspace limit
-          await ctx.db.patch(workspace._id, {
-            usageLimit: workspace.usageLimit + 10,
-            updatedAt: now,
-          });
-        }
-      }
-    }
-    return { success: true, publishedAt: now };
-  },
-});
-// Helper to calculate earn total (duplicated to avoid circular import)
-function calculateEarnTotal(progress: any): number {
-  let total = 0;
-  if (progress.firstDirectCall) total += 15;
-  if (progress.apisUsedComplete) total += 10;
-  if (progress.agentListed) total += 10;
-  if (progress.apiListed) total += 10;
-  if (progress.byokSetup) total += 5;
-  if (progress.githubStarred) total += 10;
-  if (progress.twitterFollowed) total += 5;
-  total += (progress.referralCount || 0) * 10;
-  return total;
-}
-/**
- * Set Direct Call status (draft, testing, live)
- */
-export const setStatus = mutation({
-  args: {
-    id: v.id("providerDirectCall"),
-    status: v.string(),
-  },
-  handler: async (ctx, args) => {
-    const now = Date.now();
-    const update: { status: string; updatedAt: number; publishedAt?: number } = {
-      status: args.status,
-      updatedAt: now,
-    };
-    if (args.status === "live") {
-      update.publishedAt = now;
-    }
-    await ctx.db.patch(args.id, update);
-    return { success: true };
-  },
-});
-// ============================================
-// QUERIES
-// ============================================
-/**
- * Get Direct Call config by providerId
- */
-export const getDirectCallConfig = query({
-  args: {
-    providerId: v.id("providers"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_providerId", (q) => q.eq("providerId", args.providerId))
-      .first();
-  },
-});
-/**
- * Get Direct Call config by ID
- */
-export const getDirectCallConfigById = query({
-  args: {
-    id: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db.get(args.id);
-  },
-});
-/**
- * Get Direct Call config by API ID
- */
-export const getDirectCallConfigByApiId = query({
-  args: {
-    apiId: v.string(), // Accept string since that's what frontend passes
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .filter((q) => q.eq(q.field("apiId"), args.apiId as any))
-      .first();
-  },
-});
-/**
- * Get all actions for a Direct Call config
- */
-export const getActions = query({
-  args: {
-    directCallId: v.id("providerDirectCall"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerActions")
-      .withIndex("by_directCallId", (q) => q.eq("directCallId", args.directCallId))
-      .collect();
-  },
-});
-/**
- * Get single action by directCallId + name
- */
-export const getActionByName = query({
-  args: {
-    directCallId: v.id("providerDirectCall"),
-    name: v.string(),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerActions")
-      .withIndex("by_directCallId_name", (q) =>
-        q.eq("directCallId", args.directCallId).eq("name", args.name)
-      )
-      .first();
-  },
-});
-/**
- * Get action by ID
- */
-export const getActionById = query({
-  args: {
-    id: v.id("providerActions"),
-  },
-  handler: async (ctx, args) => {
-    return await ctx.db.get(args.id);
-  },
-});
-/**
- * DEBUG: Get all Direct Call configs
- */
-export const getAllConfigs = query({
-  args: {},
-  handler: async (ctx) => {
-    return await ctx.db.query("providerDirectCall").collect();
-  },
-});
-/**
- * Get all live Direct Call configs (for public API discovery)
- */
-export const getLiveConfigs = query({
-  args: {},
-  handler: async (ctx) => {
-    return await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_status", (q) => q.eq("status", "live"))
-      .collect();
-  },
-});
-/**
- * Get Direct Call config by API ID (for test console)
- */
-export const getConfig = query({
-  args: {
-    apiId: v.string(),
-  },
-  handler: async (ctx, args) => {
-    // Try as providerAPIs ID first
-    const config = await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_apiId")
-      .filter((q) => q.eq(q.field("apiId"), args.apiId as any))
-      .first();
-    return config;
-  },
-});
-/**
- * Get Direct Call config by API slug (for MCP/agent execution)
- * Looks up API by name, then gets the Direct Call config
- */
-export const getByApiSlug = query({
-  args: {
-    slug: v.string(),
-  },
-  handler: async (ctx, args) => {
-    // Normalize slug (lowercase, replace spaces/dashes)
-    const normalizedSlug = args.slug.toLowerCase().replace(/[\s-]/g, '_');
-    // Find API by name (case-insensitive match)
-    const apis = await ctx.db.query("providerAPIs").collect();
-    const api = apis.find(a =>
-      a.name.toLowerCase().replace(/[\s-]/g, '_') === normalizedSlug ||
-      a.name.toLowerCase() === args.slug.toLowerCase()
-    );
-    if (!api) {
-      return null;
-    }
-    // Get Direct Call config for this API
-    const config = await ctx.db
-      .query("providerDirectCall")
-      .withIndex("by_apiId")
-      .filter((q) => q.eq(q.field("apiId"), api._id))
-      .first();
-    if (!config || config.status !== 'live') {
-      return null;
-    }
-    return {
-      ...config,
-      apiName: api.name,
-      apiSlug: normalizedSlug,
-    };
-  },
-});
-// ============================================
-// TEST ACTION
-// ============================================
-/**
- * Test an action by calling the actual provider API
- * For V1: Provider passes their own test key
- */
-export const testAction = mutation({
-  args: {
-    token: v.string(),
-    directCallId: v.id("providerDirectCall"),
-    actionId: v.id("providerActions"),
-    params: v.record(v.string(), v.any()),
-    testKey: v.optional(v.string()),
-  },
-  handler: async (ctx, args) => {
-    const startTime = Date.now();
-    // 1. Verify provider session (unified: agentSessions first, fallback to legacy)
-    let sessionProviderId: any = null;
-    const agentSession = await ctx.db
-      .query("agentSessions")
-      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
-      .first();
-    if (agentSession) {
-      const provider = await ctx.db
-        .query("providers")
-        .withIndex("by_workspaceId", (q) => q.eq("workspaceId", agentSession.workspaceId))
-        .first();
-      if (provider) sessionProviderId = provider._id;
-    } else {
-      const session = await ctx.db
-        .query("sessions")
-        .withIndex("by_token", (q) => q.eq("token", args.token))
-        .first();
-      if (session && session.expiresAt >= Date.now()) {
-        sessionProviderId = session.providerId;
-      }
-    }
-    if (!sessionProviderId) {
-      return {
-        success: false,
-        error: "Unauthorized - invalid or expired session",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    // 2. Get directCallConfig
-    const config = await ctx.db.get(args.directCallId);
-    if (!config) {
-      return {
-        success: false,
-        error: "Direct Call config not found",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    // Verify ownership
-    if (config.providerId !== sessionProviderId) {
-      return {
-        success: false,
-        error: "Unauthorized - you don't own this config",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    // 3. Get action
-    const action = await ctx.db.get(args.actionId);
-    if (!action) {
-      return {
-        success: false,
-        error: "Action not found",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    // 4. Get API key (use testKey if provided, else use stored key)
-    // Note: For production, encryptedMasterKey would need server-side decryption
-    // For V1 test console, we use testKey directly
-    const apiKey = args.testKey || config.encryptedMasterKey;
-    if (!apiKey) {
-      return {
-        success: false,
-        error: "No API key provided. Add a test key or configure master key.",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-    // 5. Build URL with path params
-    let path = action.path;
-    const queryParams: Record<string, string> = {};
-    const bodyParams: Record<string, unknown> = {};
-    for (const paramDef of action.params) {
-      const value = args.params[paramDef.name];
-      if (value === undefined || value === "") continue;
-      if (paramDef.in === "path") {
-        // Replace {paramName} in path
-        path = path.replace(`{${paramDef.name}}`, String(value));
-      } else if (paramDef.in === "query") {
-        queryParams[paramDef.name] = String(value);
-      } else if (paramDef.in === "body") {
-        bodyParams[paramDef.name] = value;
-      }
-    }
-    // Build full URL
-    let url = config.baseUrl.replace(/\/$/, "") + path;
-    const queryString = new URLSearchParams(queryParams).toString();
-    if (queryString) {
-      url += (url.includes("?") ? "&" : "?") + queryString;
-    }
-    // 6. Build headers with auth
-    const headers: Record<string, string> = {
-      "Content-Type": "application/json",
-      "Accept": "application/json",
-    };
-    // Add auth header
-    if (config.authType !== "none" && apiKey) {
-      const authValue = config.authPrefix
-        ? `${config.authPrefix}${apiKey}`
-        : apiKey;
-      headers[config.authHeader] = authValue;
-    }
-    // 7. Build fetch options
-    const fetchOptions: RequestInit = {
-      method: action.method,
-      headers,
-    };
-    // Add body for non-GET requests
-    if (action.method !== "GET" && Object.keys(bodyParams).length > 0) {
-      fetchOptions.body = JSON.stringify(bodyParams);
-    }
-    // 8. Execute request
-    try {
-      const response = await fetch(url, fetchOptions);
-      const latencyMs = Date.now() - startTime;
-      // Try to parse response as JSON, fallback to text
-      let data: unknown;
-      const contentType = response.headers.get("content-type") || "";
-      if (contentType.includes("application/json")) {
-        try {
-          data = await response.json();
-        } catch {
-          data = await response.text();
-        }
-      } else {
-        data = await response.text();
-      }
-      return {
-        success: response.ok,
-        status: response.status,
-        data,
-        latencyMs,
-      };
-    } catch (error) {
-      return {
-        success: false,
-        error: error instanceof Error ? error.message : "Request failed",
-        latencyMs: Date.now() - startTime,
-      };
-    }
-  },
-});