@promptbook/cli 0.112.0-95 → 0.112.0-97

package/apps/agents-server/README.md

@@ -12,10 +12,10 @@ ptbk agents-server init
 ptbk agents-server start --agent github-copilot --model gpt-5.4 --thinking-level xhigh
 ```
 
-`ptbk agents-server init` adds missing placeholders to `.env` and local runtime exclusions to `.gitignore` without deleting existing configuration. Use `PTBK_AGENTS_SERVER_DATABASE=supabase` for a Supabase-backed server or `PTBK_AGENTS_SERVER_DATABASE=sqlite` for a standalone local database in `.promptbook`. When using Supabase, fill the initialized values from your project before starting the server. The Supabase project URL and API keys are available in the [Supabase project API settings](https://supabase.com/docs/guides/api/api-keys), and the PostgreSQL connection string is available from the [Supabase database connection guide](https://supabase.com/docs/guides/database/connecting-to-postgres).
+`ptbk agents-server init` adds missing placeholders to `.env` and local runtime exclusions to `.gitignore` without deleting existing configuration. Use `PTBK_AGENTS_SERVER_DATABASE=supabase` for a Supabase-backed server, `PTBK_AGENTS_SERVER_DATABASE=postgres` for a standalone PostgreSQL server, or `PTBK_AGENTS_SERVER_DATABASE=sqlite` for a standalone local database in `.promptbook`. When using Supabase, fill the initialized values from your project before starting the server. When using standalone PostgreSQL, set `POSTGRES_URL` (or `DATABASE_URL`) to your local connection string. The Supabase project URL and API keys are available in the [Supabase project API settings](https://supabase.com/docs/guides/api/api-keys), and the PostgreSQL connection string is available from the [Supabase database connection guide](https://supabase.com/docs/guides/database/connecting-to-postgres).
 
 <a id="agents-server-env-ptbk-agents-server-database"></a>
--   `PTBK_AGENTS_SERVER_DATABASE`: Database backend used by Agents Server. Use `supabase` for the current hosted setup or `sqlite` for a standalone local database.
+-   `PTBK_AGENTS_SERVER_DATABASE`: Database backend used by Agents Server. Use `supabase` for the current hosted setup, `postgres` for standalone PostgreSQL, or `sqlite` for a standalone SQLite database.
 
 <a id="agents-server-env-ptbk-agents-server-sqlite-path"></a>
 -   `PTBK_AGENTS_SERVER_SQLITE_PATH`: SQLite database file used when `PTBK_AGENTS_SERVER_DATABASE=sqlite`. Defaults to `.promptbook/agents-server.sqlite` in the launch directory.
@@ -24,7 +24,7 @@ ptbk agents-server start --agent github-copilot --model gpt-5.4 --thinking-level
 -   `OPENAI_API_KEY`: OpenAI API key used for Agents Server chat and agent execution. Create one in the [OpenAI API key settings](https://platform.openai.com/api-keys).
 
 <a id="agents-server-env-postgres-url"></a>
--   `POSTGRES_URL`: PostgreSQL connection string used by Agents Server SQL access and migrations. Copy a connection string from your Supabase database connection settings.
+-   `POSTGRES_URL`: PostgreSQL connection string used by Agents Server SQL access and migrations. Use this for standalone PostgreSQL installs or copy a connection string from your Supabase database connection settings.
 
 <a id="agents-server-env-next-public-supabase-url"></a>
 -   `NEXT_PUBLIC_SUPABASE_URL`: Public Supabase project URL used by Agents Server clients. Copy the project URL from your Supabase project API settings.

package/apps/agents-server/next.config.ts

@@ -36,7 +36,14 @@ const nextConfig: NextConfig = {
     eslint: {
         ignoreDuringBuilds: isNextValidationIgnored,
     },
-    serverExternalPackages: ['pg', '@napi-rs/canvas', 'playwright', 'playwright-core'],
+    serverExternalPackages: [
+        'pg',
+        'better-sqlite3',
+        '@prisma/studio-core',
+        '@napi-rs/canvas',
+        'playwright',
+        'playwright-core',
+    ],
     typescript: {
         ignoreBuildErrors: isNextValidationIgnored,
     },

package/apps/agents-server/playwright.config.ts

@@ -28,6 +28,8 @@ const APP_E2E_ENV = {
     ADMIN_PASSWORD: 'e2e-admin-password',
     NEXT_DIST_DIR: '.next-e2e',
     NEXT_PUBLIC_SITE_URL: APP_URL,
+    PTBK_AGENTS_SERVER_DATABASE: 'supabase',
+    PTBK_AGENTS_SERVER_SQLITE_PATH: '',
     SUPABASE_TABLE_PREFIX: '',
     POSTGRES_URL: '',
     DATABASE_URL: '',
@@ -87,7 +89,8 @@ const config = defineConfig({
             },
         },
         {
-            command: 'npm run prebuild && next build && npm run start',
+            command:
+                'npm run prebuild && node -r ./scripts/ignore-kill-eperm.js ../../node_modules/next/dist/bin/next build && npm run start',
             cwd: __dirname,
             url: APP_URL,
             reuseExistingServer: false,

package/apps/agents-server/src/app/admin/code-runners/CodeRunnersClient.tsx

@@ -1,7 +1,7 @@
 'use client';
 
-import { Loader2, Save, ServerCog } from 'lucide-react';
-import { useEffect, useState } from 'react';
+import { Loader2, Play, Save, Send, ServerCog, SquareTerminal } from 'lucide-react';
+import { useCallback, useEffect, useRef, useState } from 'react';
 import { Card } from '../../../components/Homepage/Card';
 
 /**
@@ -19,6 +19,28 @@ type CodeRunnersResponse = {
     readonly error?: string;
 };
 
+/**
+ * Browser-safe snapshot of one authentication terminal session.
+ */
+type CodeRunnerAuthenticationSession = {
+    readonly id: string;
+    readonly agent: string;
+    readonly isRunning: boolean;
+    readonly output: string;
+    readonly startedAt: string;
+    readonly finishedAt: string | null;
+    readonly exitCode: number | null;
+    readonly signal: string | null;
+};
+
+/**
+ * Authentication session API response.
+ */
+type CodeRunnerAuthenticationResponse = {
+    readonly session: CodeRunnerAuthenticationSession | null;
+    readonly error?: string;
+};
+
 /**
  * Supported runner options shown by the standalone UI.
  */
@@ -30,6 +52,22 @@ const RUNNER_OPTIONS = [
     { value: 'gemini', label: 'Gemini' },
 ] as const;
 
+/**
+ * Contextual UI copy for the runner authentication terminal.
+ */
+const AUTHENTICATION_HINTS: Record<string, string> = {
+    'github-copilot':
+        'Start the terminal, run `/login` if Copilot asks for it, trust the installation directory, and exit the CLI once the signed-in status is shown.',
+    'openai-codex':
+        'Start the terminal and follow the Codex CLI login flow there. Paste any prompted device or browser code in your browser, then exit the CLI when authentication succeeds.',
+    'claude-code':
+        'Start the terminal and complete the Claude Code login or project-trust prompts directly in the embedded terminal, then exit the CLI once it is ready.',
+    opencode:
+        'Start the terminal and complete the Opencode authentication flow directly there, including any browser/device confirmation, then exit the CLI.',
+    gemini:
+        'Start the terminal and complete the Gemini CLI authentication prompts there, then exit the CLI after it confirms that the runner is ready.',
+};
+
 /**
  * Shared input styling for code-runner controls.
  */
@@ -46,21 +84,38 @@ export function CodeRunnersClient() {
     const [status, setStatus] = useState('');
     const [isLoading, setIsLoading] = useState(true);
     const [isSaving, setIsSaving] = useState(false);
+    const [isStartingAuthentication, setIsStartingAuthentication] = useState(false);
+    const [isSendingAuthenticationInput, setIsSendingAuthenticationInput] = useState(false);
+    const [isStoppingAuthentication, setIsStoppingAuthentication] = useState(false);
     const [errorMessage, setErrorMessage] = useState<string | null>(null);
     const [successMessage, setSuccessMessage] = useState<string | null>(null);
     const [applyOutput, setApplyOutput] = useState<string | null>(null);
+    const [authenticationSession, setAuthenticationSession] = useState<CodeRunnerAuthenticationSession | null>(null);
+    const [authenticationInput, setAuthenticationInput] = useState('');
+    const authenticationOutputReference = useRef<HTMLPreElement | null>(null);
 
-    useEffect(() => {
-        void loadConfiguration();
+    /**
+     * Loads the latest saved-runner authentication session snapshot.
+     */
+    const loadAuthenticationSession = useCallback(async (): Promise<void> => {
+        const response = await fetch('/api/admin/code-runners/authentication', { cache: 'no-store' });
+        const payload = (await response.json()) as CodeRunnerAuthenticationResponse;
+
+        if (!response.ok) {
+            throw new Error(payload.error || 'Failed to load the authentication session.');
+        }
+
+        setAuthenticationSession(payload.session);
     }, []);
 
     /**
      * Loads current code-runner settings.
      */
-    async function loadConfiguration(): Promise<void> {
+    const loadConfiguration = useCallback(async (): Promise<void> => {
         try {
             setIsLoading(true);
             setErrorMessage(null);
+
             const response = await fetch('/api/admin/code-runners', { cache: 'no-store' });
             const payload = (await response.json()) as CodeRunnersResponse;
 
@@ -72,12 +127,86 @@ export function CodeRunnersClient() {
             setModel(payload.model || 'gpt-5.4');
             setThinkingLevel(payload.thinkingLevel || 'xhigh');
             setStatus(payload.status || '');
+
+            await loadAuthenticationSession();
         } catch (error) {
             setErrorMessage(error instanceof Error ? error.message : 'Failed to load code-runner configuration.');
         } finally {
             setIsLoading(false);
         }
-    }
+    }, [loadAuthenticationSession]);
+
+    useEffect(() => {
+        void loadConfiguration();
+    }, [loadConfiguration]);
+
+    useEffect(() => {
+        const sessionId = authenticationSession?.id;
+        if (!sessionId) {
+            return;
+        }
+
+        const eventSource = new EventSource(
+            `/api/admin/code-runners/authentication?sessionId=${encodeURIComponent(sessionId)}&stream=1`,
+        );
+
+        const handleSnapshot = (event: MessageEvent<string>) => {
+            const payload = JSON.parse(event.data) as CodeRunnerAuthenticationSession;
+            setAuthenticationSession(payload);
+        };
+        const handleOutput = (event: MessageEvent<string>) => {
+            const payload = JSON.parse(event.data) as { readonly chunk: string };
+            setAuthenticationSession((currentSession) => {
+                if (!currentSession || currentSession.id !== sessionId) {
+                    return currentSession;
+                }
+
+                return {
+                    ...currentSession,
+                    output: currentSession.output + payload.chunk,
+                };
+            });
+        };
+        const handleExit = (event: MessageEvent<string>) => {
+            const payload = JSON.parse(event.data) as CodeRunnerAuthenticationSession;
+            setAuthenticationSession(payload);
+            setIsStartingAuthentication(false);
+            setIsSendingAuthenticationInput(false);
+            setIsStoppingAuthentication(false);
+
+            if (payload.exitCode === 0) {
+                setSuccessMessage('Runner authentication finished.');
+            } else {
+                setErrorMessage('Runner authentication session ended with an error.');
+            }
+
+            eventSource.close();
+            void loadConfiguration();
+        };
+
+        eventSource.addEventListener('snapshot', handleSnapshot as EventListener);
+        eventSource.addEventListener('output', handleOutput as EventListener);
+        eventSource.addEventListener('exit', handleExit as EventListener);
+        eventSource.onerror = () => {
+            eventSource.close();
+        };
+
+        return () => {
+            eventSource.close();
+        };
+    }, [authenticationSession?.id, loadConfiguration]);
+
+    useEffect(() => {
+        if (!authenticationOutputReference.current) {
+            return;
+        }
+
+        authenticationOutputReference.current.scrollTop = authenticationOutputReference.current.scrollHeight;
+    }, [authenticationSession?.output]);
+
+    const authenticationHint =
+        AUTHENTICATION_HINTS[agent] ||
+        'Start the terminal, complete the runner authentication flow there, and exit the CLI when the runner is ready.';
 
     /**
      * Saves code-runner settings into `.env`.
@@ -119,6 +248,108 @@ export function CodeRunnersClient() {
         }
     }
 
+    /**
+     * Starts or reconnects to the saved-runner authentication terminal.
+     */
+    async function startAuthenticationSession(): Promise<void> {
+        try {
+            setIsStartingAuthentication(true);
+            setErrorMessage(null);
+            setSuccessMessage(null);
+
+            const response = await fetch('/api/admin/code-runners/authentication', {
+                method: 'POST',
+            });
+            const payload = (await response.json()) as CodeRunnerAuthenticationResponse;
+
+            if (!response.ok || !payload.session) {
+                throw new Error(payload.error || 'Failed to start the authentication session.');
+            }
+
+            setAuthenticationSession(payload.session);
+            setSuccessMessage('Runner authentication terminal started.');
+        } catch (error) {
+            setErrorMessage(error instanceof Error ? error.message : 'Failed to start the authentication session.');
+        } finally {
+            setIsStartingAuthentication(false);
+        }
+    }
+
+    /**
+     * Sends one line of text to the running authentication terminal.
+     */
+    async function sendAuthenticationInput(input: string): Promise<void> {
+        if (!authenticationSession) {
+            return;
+        }
+
+        try {
+            setIsSendingAuthenticationInput(true);
+            setErrorMessage(null);
+
+            const response = await fetch('/api/admin/code-runners/authentication', {
+                method: 'PATCH',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    sessionId: authenticationSession.id,
+                    input,
+                }),
+            });
+            const payload = (await response.json()) as CodeRunnerAuthenticationResponse;
+
+            if (!response.ok) {
+                throw new Error(payload.error || 'Failed to send authentication input.');
+            }
+
+            if (payload.session) {
+                setAuthenticationSession(payload.session);
+            }
+        } catch (error) {
+            setErrorMessage(error instanceof Error ? error.message : 'Failed to send authentication input.');
+        } finally {
+            setIsSendingAuthenticationInput(false);
+        }
+    }
+
+    /**
+     * Stops the active authentication terminal.
+     */
+    async function stopAuthenticationSession(): Promise<void> {
+        if (!authenticationSession) {
+            return;
+        }
+
+        try {
+            setIsStoppingAuthentication(true);
+            setErrorMessage(null);
+
+            const response = await fetch('/api/admin/code-runners/authentication', {
+                method: 'DELETE',
+                headers: {
+                    'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                    sessionId: authenticationSession.id,
+                }),
+            });
+            const payload = (await response.json()) as CodeRunnerAuthenticationResponse;
+
+            if (!response.ok) {
+                throw new Error(payload.error || 'Failed to stop the authentication session.');
+            }
+
+            if (payload.session) {
+                setAuthenticationSession(payload.session);
+            }
+        } catch (error) {
+            setErrorMessage(error instanceof Error ? error.message : 'Failed to stop the authentication session.');
+        } finally {
+            setIsStoppingAuthentication(false);
+        }
+    }
+
     return (
         <div className="container mx-auto space-y-6 px-4 py-8">
             <div className="mt-20">
@@ -146,7 +377,7 @@ export function CodeRunnersClient() {
                         <select
                             value={agent}
                             onChange={(event) => setAgent(event.target.value)}
-                            disabled={isLoading || isSaving}
+                            disabled={isLoading || isSaving || isStartingAuthentication}
                             className={INPUT_CLASS_NAME}
                         >
                             {RUNNER_OPTIONS.map((option) => (
@@ -162,7 +393,7 @@ export function CodeRunnersClient() {
                             type="text"
                             value={model}
                             onChange={(event) => setModel(event.target.value)}
-                            disabled={isLoading || isSaving}
+                            disabled={isLoading || isSaving || isStartingAuthentication}
                             className={INPUT_CLASS_NAME}
                         />
                     </label>
@@ -172,7 +403,7 @@ export function CodeRunnersClient() {
                             type="text"
                             value={thinkingLevel}
                             onChange={(event) => setThinkingLevel(event.target.value)}
-                            disabled={isLoading || isSaving}
+                            disabled={isLoading || isSaving || isStartingAuthentication}
                             className={INPUT_CLASS_NAME}
                         />
                     </label>
@@ -182,7 +413,7 @@ export function CodeRunnersClient() {
                     <button
                         type="button"
                         onClick={() => void saveConfiguration(false)}
-                        disabled={isLoading || isSaving}
+                        disabled={isLoading || isSaving || isStartingAuthentication}
                         className="inline-flex items-center gap-2 rounded-md bg-blue-600 px-4 py-2 text-sm font-semibold text-white hover:bg-blue-700 disabled:cursor-not-allowed disabled:opacity-60"
                     >
                         {isSaving ? <Loader2 className="h-4 w-4 animate-spin" /> : <Save className="h-4 w-4" />}
@@ -191,7 +422,7 @@ export function CodeRunnersClient() {
                     <button
                         type="button"
                         onClick={() => void saveConfiguration(true)}
-                        disabled={isLoading || isSaving}
+                        disabled={isLoading || isSaving || isStartingAuthentication}
                         className="inline-flex items-center gap-2 rounded-md border border-slate-300 bg-white px-4 py-2 text-sm font-semibold text-slate-700 hover:bg-slate-50 disabled:cursor-not-allowed disabled:opacity-60"
                     >
                         {isSaving ? <Loader2 className="h-4 w-4 animate-spin" /> : <ServerCog className="h-4 w-4" />}
@@ -207,17 +438,125 @@ export function CodeRunnersClient() {
             ) : null}
 
             <Card className="hover:border-gray-200 hover:shadow-md">
-                <div className="space-y-3">
-                    <h2 className="text-lg font-semibold text-slate-900">Authentication</h2>
-                    <p className="text-sm text-slate-600">
-                        GitHub Copilot still requires an interactive CLI login and project trust setup on the VPS
-                        terminal. Use <span className="font-mono">sudo -u $USER copilot</span>, run{' '}
-                        <span className="font-mono">/login</span> when prompted, trust the install directory, then
-                        restart the pm2 process.
-                    </p>
+                <div className="space-y-4">
+                    <div className="space-y-2">
+                        <h2 className="text-lg font-semibold text-slate-900">Authentication</h2>
+                        <p className="text-sm text-slate-600">
+                            Save runner changes first if you want to authenticate a different CLI, then start the saved-runner
+                            terminal here instead of SSHing into the VPS.
+                        </p>
+                        <p className="text-sm text-slate-600">{authenticationHint}</p>
+                    </div>
+
+                    <div className="flex flex-wrap items-center gap-3">
+                        <button
+                            type="button"
+                            onClick={() => void startAuthenticationSession()}
+                            disabled={isLoading || isSaving || isStartingAuthentication || authenticationSession?.isRunning}
+                            className="inline-flex items-center gap-2 rounded-md bg-slate-900 px-4 py-2 text-sm font-semibold text-white hover:bg-slate-800 disabled:cursor-not-allowed disabled:opacity-60"
+                        >
+                            {isStartingAuthentication ? (
+                                <Loader2 className="h-4 w-4 animate-spin" />
+                            ) : (
+                                <Play className="h-4 w-4" />
+                            )}
+                            {authenticationSession?.isRunning ? 'Authentication running' : 'Authenticate saved runner'}
+                        </button>
+                        <button
+                            type="button"
+                            onClick={() => void stopAuthenticationSession()}
+                            disabled={!authenticationSession?.isRunning || isStoppingAuthentication}
+                            className="inline-flex items-center gap-2 rounded-md border border-slate-300 bg-white px-4 py-2 text-sm font-semibold text-slate-700 hover:bg-slate-50 disabled:cursor-not-allowed disabled:opacity-60"
+                        >
+                            {isStoppingAuthentication ? (
+                                <Loader2 className="h-4 w-4 animate-spin" />
+                            ) : (
+                                <SquareTerminal className="h-4 w-4" />
+                            )}
+                            Stop terminal
+                        </button>
+                    </div>
+
                     <pre className="max-h-64 overflow-auto rounded-xl border border-slate-200 bg-slate-950 p-4 text-xs text-slate-100">
                         {status || 'Runner status was not available.'}
                     </pre>
+
+                    <div className="space-y-2">
+                        <div className="flex flex-wrap items-center justify-between gap-3">
+                            <h3 className="text-sm font-semibold text-slate-700">Live authentication terminal</h3>
+                            {authenticationSession ? (
+                                <span className="text-xs text-slate-500">
+                                    {authenticationSession.isRunning
+                                        ? 'Running'
+                                        : authenticationSession.exitCode === 0
+                                          ? 'Finished successfully'
+                                          : 'Finished with an error'}
+                                </span>
+                            ) : (
+                                <span className="text-xs text-slate-500">No session started yet.</span>
+                            )}
+                        </div>
+                        <pre
+                            ref={authenticationOutputReference}
+                            className="max-h-96 overflow-auto rounded-xl border border-slate-200 bg-slate-950 p-4 text-xs text-slate-100"
+                        >
+                            {authenticationSession?.output ||
+                                'No authentication session output yet. Start the saved-runner terminal to see the live authentication log here.'}
+                        </pre>
+                    </div>
+
+                    <form
+                        className="flex flex-col gap-3 md:flex-row"
+                        onSubmit={(event) => {
+                            event.preventDefault();
+
+                            if (!authenticationInput.trim()) {
+                                return;
+                            }
+
+                            const input = authenticationInput.endsWith('\n')
+                                ? authenticationInput
+                                : `${authenticationInput}\n`;
+
+                            void sendAuthenticationInput(input);
+                            setAuthenticationInput('');
+                        }}
+                    >
+                        <input
+                            type="text"
+                            value={authenticationInput}
+                            onChange={(event) => setAuthenticationInput(event.target.value)}
+                            disabled={!authenticationSession?.isRunning || isSendingAuthenticationInput}
+                            placeholder="Type a terminal command such as /login and send it to the running runner CLI"
+                            className={INPUT_CLASS_NAME}
+                        />
+                        <div className="flex gap-3">
+                            <button
+                                type="submit"
+                                disabled={
+                                    !authenticationSession?.isRunning ||
+                                    isSendingAuthenticationInput ||
+                                    authenticationInput.trim() === ''
+                                }
+                                className="inline-flex items-center justify-center gap-2 rounded-md bg-blue-600 px-4 py-2 text-sm font-semibold text-white hover:bg-blue-700 disabled:cursor-not-allowed disabled:opacity-60"
+                            >
+                                {isSendingAuthenticationInput ? (
+                                    <Loader2 className="h-4 w-4 animate-spin" />
+                                ) : (
+                                    <Send className="h-4 w-4" />
+                                )}
+                                Send
+                            </button>
+                            <button
+                                type="button"
+                                onClick={() => void sendAuthenticationInput('\n')}
+                                disabled={!authenticationSession?.isRunning || isSendingAuthenticationInput}
+                                className="inline-flex items-center justify-center rounded-md border border-slate-300 bg-white px-4 py-2 text-sm font-semibold text-slate-700 hover:bg-slate-50 disabled:cursor-not-allowed disabled:opacity-60"
+                            >
+                                Send Enter
+                            </button>
+                        </div>
+                    </form>
                 </div>
             </Card>
         </div>

package/apps/agents-server/src/app/admin/database/DatabaseAdminClient.tsx

@@ -0,0 +1,38 @@
+'use client';
+
+import dynamic from 'next/dynamic';
+import type { AgentsServerDatabaseMode } from '../../../database/agentsServerDatabaseMode';
+
+/**
+ * Props consumed by the lazy Embedded Prisma Studio client.
+ *
+ * @private route component props of DatabaseAdminPage
+ */
+type DatabaseAdminClientProps = {
+    readonly databaseMode: AgentsServerDatabaseMode;
+};
+
+/**
+ * Client-only Embedded Prisma Studio surface.
+ */
+const DatabaseAdminStudioSurface = dynamic(
+    () => import('./DatabaseAdminStudioSurface').then((module) => module.DatabaseAdminStudioSurface),
+    {
+        ssr: false,
+        loading: () => (
+            <div className="flex h-full items-center justify-center text-sm text-gray-500">Loading database...</div>
+        ),
+    },
+);
+
+/**
+ * Renders the Embedded Prisma Studio client after hydration.
+ *
+ * @param props - Active database mode.
+ * @returns Database admin client.
+ *
+ * @private route component of DatabaseAdminPage
+ */
+export function DatabaseAdminClient({ databaseMode }: DatabaseAdminClientProps) {
+    return <DatabaseAdminStudioSurface databaseMode={databaseMode} />;
+}

package/apps/agents-server/src/app/admin/database/DatabaseAdminStudioSurface.tsx

@@ -0,0 +1,42 @@
+'use client';
+
+import { createStudioBFFClient } from '@prisma/studio-core/data/bff';
+import { createPostgresAdapter } from '@prisma/studio-core/data/postgres-core';
+import { createSQLiteAdapter } from '@prisma/studio-core/data/sqlite-core';
+import { Studio } from '@prisma/studio-core/ui';
+import { useMemo } from 'react';
+import type { AgentsServerDatabaseMode } from '../../../database/agentsServerDatabaseMode';
+
+/**
+ * Backend endpoint used by Embedded Prisma Studio.
+ */
+const DATABASE_ADMIN_STUDIO_ENDPOINT = '/api/admin/database/studio';
+
+/**
+ * Props consumed by the hydrated Embedded Prisma Studio surface.
+ *
+ * @private route component props of DatabaseAdminPage
+ */
+type DatabaseAdminStudioSurfaceProps = {
+    readonly databaseMode: AgentsServerDatabaseMode;
+};
+
+/**
+ * Renders Prisma Studio with an adapter matching the configured database backend.
+ *
+ * @param props - Active database mode.
+ * @returns Embedded Prisma Studio surface.
+ *
+ * @private route component of DatabaseAdminPage
+ */
+export function DatabaseAdminStudioSurface({ databaseMode }: DatabaseAdminStudioSurfaceProps) {
+    const adapter = useMemo(() => {
+        const executor = createStudioBFFClient({
+            url: DATABASE_ADMIN_STUDIO_ENDPOINT,
+        });
+
+        return databaseMode === 'sqlite' ? createSQLiteAdapter({ executor }) : createPostgresAdapter({ executor });
+    }, [databaseMode]);
+
+    return <Studio adapter={adapter} />;
+}

package/apps/agents-server/src/app/admin/database/page.tsx

@@ -0,0 +1,34 @@
+import { ForbiddenPage } from '../../../components/ForbiddenPage/ForbiddenPage';
+import { resolveAgentsServerDatabaseMode } from '../../../database/agentsServerDatabaseMode';
+import { isUserGlobalAdmin } from '../../../utils/isUserGlobalAdmin';
+import { DatabaseAdminClient } from './DatabaseAdminClient';
+
+/**
+ * Super-admin page exposing raw database access through Embedded Prisma Studio.
+ */
+export default async function DatabaseAdminPage() {
+    if (!(await isUserGlobalAdmin())) {
+        return <ForbiddenPage />;
+    }
+
+    const databaseMode = resolveAgentsServerDatabaseMode();
+    const databaseModeLabel =
+        databaseMode === 'sqlite' ? 'SQLite' : databaseMode === 'postgres' ? 'PostgreSQL' : 'Supabase';
+
+    return (
+        <div className="flex h-[calc(100vh-60px)] flex-col overflow-hidden bg-white text-gray-900 dark:bg-gray-950 dark:text-gray-100">
+            <div className="flex flex-wrap items-center justify-between gap-3 border-b border-gray-200 px-5 py-3 dark:border-gray-800">
+                <div>
+                    <p className="text-xs uppercase tracking-[0.25em] text-gray-400">Super Admin</p>
+                    <h1 className="text-xl font-semibold">Database</h1>
+                </div>
+                <span className="rounded border border-gray-200 px-2 py-1 text-xs font-medium text-gray-600 dark:border-gray-700 dark:text-gray-300">
+                    {databaseModeLabel}
+                </span>
+            </div>
+            <div className="min-h-0 flex-1">
+                <DatabaseAdminClient databaseMode={databaseMode} />
+            </div>
+        </div>
+    );
+}