@victor-software-house/pi-openai-proxy 1.0.0 → 2.1.0

package/README.md

@@ -5,10 +5,10 @@ A local OpenAI-compatible HTTP proxy built on [pi](https://github.com/badlogic/p
 ## Why
 
 - **Single gateway** to 20+ LLM providers (Anthropic, OpenAI, Google, Bedrock, Mistral, xAI, Groq, OpenRouter, Vertex, etc.) via one OpenAI-compatible API
-- **No duplicate config** -- reuses pi's `~/.pi/agent/auth.json` and `models.json` for credentials and model definitions
-- **Self-hosted** -- runs locally, no third-party proxy services
-- **Streaming** -- full SSE streaming with token usage and cost tracking
-- **Strict validation** -- unsupported parameters are rejected clearly, not silently ignored
+- **No duplicate config** — reuses pi's `~/.pi/agent/auth.json` and `models.json` for credentials and model definitions
+- **Self-hosted** — runs locally, no third-party proxy services
+- **Streaming** — full SSE streaming with token usage and cost tracking
+- **Strict validation** — unsupported parameters are rejected clearly, not silently ignored
 
 ## Prerequisites
 
@@ -77,9 +77,14 @@ OPENAI_API_BASE=http://localhost:4141/v1 aider --model anthropic/claude-sonnet-4
 # Set "OpenAI API Base URL" to http://localhost:4141/v1
 ```
 
-### Shorthand model names
+### Model resolution
 
-If a model ID is unique across providers, you can omit the provider prefix:
+The proxy resolves model references in this order:
+
+1. **Exact public ID match** — the ID from `GET /v1/models`
+2. **Canonical ID fallback** — `provider/model-id` format (only for exposed models)
+
+With the default `collision-prefixed` mode and no collisions, model IDs are exposed without prefixes:
 
 ```bash
 curl http://localhost:4141/v1/chat/completions \
@@ -87,33 +92,31 @@ curl http://localhost:4141/v1/chat/completions \
   -d '{"model": "gpt-4o", "messages": [{"role": "user", "content": "Hi"}]}'
 ```
 
-Ambiguous shorthand requests fail with a clear error listing the matching canonical IDs.
-
 ## Supported Endpoints
 
 | Endpoint | Description |
 |---|---|
-| `GET /v1/models` | List all available models (only those with configured credentials) |
-| `GET /v1/models/{model}` | Model details by canonical ID (supports URL-encoded IDs with `/`) |
+| `GET /v1/models` | List exposed models (filtered by exposure mode, only those with configured credentials) |
+| `GET /v1/models/{model}` | Model details by public ID or canonical ID (supports URL-encoded IDs with `/`) |
 | `POST /v1/chat/completions` | Chat completions (streaming and non-streaming) |
 
 ## Supported Chat Completions Features
 
 | Feature | Notes |
 |---|---|
-| `model` | Canonical (`provider/model-id`) or unique shorthand |
+| `model` | Public ID, canonical (`provider/model-id`), or collision-prefixed shorthand |
 | `messages` (text) | `system`, `developer`, `user`, `assistant`, `tool` roles |
 | `messages` (base64 images) | Base64 data URI image content parts (`image/png`, `image/jpeg`, `image/gif`, `image/webp`) |
 | `stream` | SSE with `text_delta` and `toolcall_delta` mapping |
 | `temperature` | Direct passthrough |
-| `max_tokens` / `max_completion_tokens` | Normalized to `maxTokens` |
+| `max_completion_tokens` | Preferred; `max_tokens` accepted as deprecated fallback |
 | `stop` | Via passthrough |
 | `user` | Via passthrough |
 | `stream_options.include_usage` | Final usage chunk in SSE stream |
 | `tools` / `tool_choice` | JSON Schema -> TypeBox conversion (supported subset) |
 | `tool_calls` in messages | Assistant tool call + tool result roundtrip |
-| `reasoning_effort` | Maps to pi's `ThinkingLevel` (`low`, `medium`, `high`) |
-| `response_format` | `text` and `json_object` via passthrough |
+| `reasoning_effort` | Maps to pi's `ThinkingLevel` (`none`, `minimal`, `low`, `medium`, `high`, `xhigh`) |
+| `response_format` | `text`, `json_object`, and `json_schema` via passthrough |
 | `top_p` | Via passthrough |
 | `frequency_penalty` | Via passthrough |
 | `presence_penalty` | Via passthrough |
@@ -121,9 +124,33 @@ Ambiguous shorthand requests fail with a clear error listing the matching canoni
 
 **Not supported:** `n > 1`, `logprobs`, `logit_bias`, remote image URLs (disabled by default).
 
-## Model Naming
+## Model Naming and Exposure
 
-Models use the `provider/model-id` canonical format, matching pi's registry:
+### Public model IDs
+
+The proxy generates public model IDs based on a configurable ID mode:
+
+| Mode | Behavior | Example |
+|---|---|---|
+| `collision-prefixed` (default) | Raw model IDs; prefix only providers that share a model name | `gpt-4o` or `openai/gpt-4o` if `codex` also has `gpt-4o` |
+| `universal` | Raw model IDs only; rejects config if duplicates exist | `gpt-4o`, `claude-sonnet-4-20250514` |
+| `always-prefixed` | Always `<prefix>/<model-id>` | `openai/gpt-4o`, `anthropic/claude-sonnet-4-20250514` |
+
+The `collision-prefixed` mode prefixes **all** models from providers that form a connected conflict group (not just the colliding model names).
+
+### Exposure modes
+
+Control which models appear in the API:
+
+| Mode | Behavior |
+|---|---|
+| `all` (default) | Expose every model with configured credentials |
+| `scoped` | Expose models from selected providers only (`scopedProviders`) |
+| `custom` | Expose an explicit allowlist of canonical IDs (`customModels`) |
+
+### Canonical model IDs
+
+Internal canonical IDs use the `provider/model-id` format matching pi's registry:
 
 ```
 anthropic/claude-sonnet-4-20250514
@@ -133,6 +160,8 @@ xai/grok-3
 openrouter/anthropic/claude-sonnet-4-20250514
 ```
 
+Canonical IDs are accepted as backward-compatible fallback in requests, but only for models that are currently exposed. Hidden models cannot be reached by canonical ID.
+
 ## Configuration
 
 ### What comes from pi
@@ -159,22 +188,27 @@ Proxy-specific settings are configured via environment variables or the `/proxy
 | Max body size | `PI_PROXY_MAX_BODY_SIZE` | `52428800` (50 MB) | Maximum request body size in bytes |
 | Upstream timeout | `PI_PROXY_UPSTREAM_TIMEOUT_MS` | `120000` (120s) | Upstream request timeout in milliseconds |
 
-When used as a pi package, these settings are persisted in `~/.pi/agent/proxy-config.json` and applied when the extension spawns the proxy.
+Model exposure settings are configured via the JSON config file (`~/.pi/agent/proxy-config.json`):
+
+| Setting | Default | Description |
+|---|---|---|
+| `publicModelIdMode` | `collision-prefixed` | Public ID format: `collision-prefixed`, `universal`, `always-prefixed` |
+| `modelExposureMode` | `all` | Which models to expose: `all`, `scoped`, `custom` |
+| `scopedProviders` | `[]` | Provider keys for `scoped` mode |
+| `customModels` | `[]` | Canonical model IDs for `custom` mode |
+| `providerPrefixes` | `{}` | Provider key -> custom prefix label overrides |
+
+When used as a pi package, all settings are persisted in `~/.pi/agent/proxy-config.json` and applied when the extension spawns the proxy.
 
 ### Discovering available models
 
-List all models the proxy can reach (models with configured credentials):
+List all models the proxy exposes (filtered by the active exposure mode):
 
 ```bash
 curl http://localhost:4141/v1/models | jq '.data[].id'
 ```
 
-Each model includes extended metadata under `x_pi`:
-
-```bash
-curl http://localhost:4141/v1/models/anthropic%2Fclaude-sonnet-4-20250514 | jq '.x_pi'
-# { "api": "anthropic", "reasoning": true, "input": ["text", "image"], ... }
-```
+Model objects follow the standard OpenAI shape (`id`, `object`, `created`, `owned_by`) with no proprietary extensions.
 
 ### Per-request API key override
 
@@ -250,29 +284,33 @@ The extension detects externally running instances and shows their status via `/
 
 ## Architecture
 
-```
-HTTP Client                       pi-openai-proxy
-(curl, Aider, Continue,      +--------------------------+
- LiteLLM, Open WebUI, etc.)  |                          |
-         |                    |  Hono HTTP Server         |
-         |  POST /v1/chat/   |  +-- Request parser       |
-         +--completions------>|  +-- Message converter    |
-         |                    |  +-- Model resolver       |
-         |  GET /v1/models    |  +-- Tool converter       |
-         +------------------>|  +-- SSE encoder          |
-         |                    |                          |
-         |                    |  Pi SDK                   |
-         |  SSE / JSON        |  +-- ModelRegistry        |
-         |<------------------+  +-- AuthStorage          |
-                              |  +-- streamSimple()       |
-                              |  +-- completeSimple()     |
-                              +--------------------------+
+```text
+┌─────────────────────────────┐         ┌──────────────────────────────────┐
+│       HTTP Client           │         │        pi-openai-proxy           │
+│  (curl, Aider, Continue,    │         │                                  │
+│   LiteLLM, Open WebUI, etc.)│         │  ┌────────────────────────────┐  │
+└─────────────┬───────────────┘         │  │     Hono HTTP Server       │  │
+              │                         │  │  ├─ Request parser         │  │
+              │  POST /v1/chat/         │  │  ├─ Message converter      │  │
+              │  completions            │  │  ├─ Model resolver         │  │
+              ├────────────────────────►│  │  ├─ Tool converter         │  │
+              │                         │  │  └─ SSE encoder            │  │
+              │  GET /v1/models         │  └────────────────────────────┘  │
+              ├────────────────────────►│                                  │
+              │                         │  ┌────────────────────────────┐  │
+              │                         │  │        Pi SDK              │  │
+              │  SSE / JSON             │  │  ├─ ModelRegistry          │  │
+              │◄────────────────────────┤  │  ├─ AuthStorage            │  │
+              │                         │  │  ├─ streamSimple()         │  │
+                                        │  │  └─ completeSimple()       │  │
+                                        │  └────────────────────────────┘  │
+                                        └──────────────────────────────────┘
 ```
 
 ### Pi SDK layers used
 
-- **`@mariozechner/pi-ai`** -- `streamSimple()`, `completeSimple()`, `Model`, `Usage`, `AssistantMessageEvent`
-- **`@mariozechner/pi-coding-agent`** -- `ModelRegistry`, `AuthStorage`
+- **`@mariozechner/pi-ai`** — `streamSimple()`, `completeSimple()`, `Model`, `Usage`, `AssistantMessageEvent`
+- **`@mariozechner/pi-coding-agent`** — `ModelRegistry`, `AuthStorage`
 
 ## Security defaults
 
@@ -296,14 +334,14 @@ bun test              # Run all tests
 
 ### Tooling
 
-- **Bun** -- runtime, test runner, package manager
-- **tsdown** -- npm build (ESM + .d.ts)
-- **Biome** -- format + lint
-- **oxlint** -- type-aware lint with strict rules (`.oxlintrc.json`)
-- **lefthook** -- pre-commit hooks (format, lint, typecheck), pre-push hooks (test)
-- **commitlint** -- conventional commits
-- **semantic-release** -- automated versioning and npm publish
-- **mise** -- tool version management (node, bun)
+- **Bun** — runtime, test runner, package manager
+- **tsdown** — npm build (ESM + .d.ts)
+- **Biome** — format + lint
+- **oxlint** — type-aware lint with strict rules (`.oxlintrc.json`)
+- **lefthook** — pre-commit hooks (format, lint, typecheck), pre-push hooks (test)
+- **commitlint** — conventional commits
+- **semantic-release** — automated versioning and npm publish
+- **mise** — tool version management (node, bun)
 
 ## License
 

package/dist/config.d.mts

@@ -7,6 +7,22 @@
  * The server reads the JSON config file as defaults, with env vars and CLI args as overrides.
  * The pi extension reads and writes the JSON config file via the /proxy config panel.
  */
+/**
+ * How public model IDs are generated from canonical provider/model-id pairs.
+ *
+ * - "collision-prefixed": prefix only providers in conflict groups that share a raw model ID
+ * - "universal": expose raw model IDs only; duplicates are a config error
+ * - "always-prefixed": always expose <prefix>/<model-id> for every model
+ */
+type PublicModelIdMode = "collision-prefixed" | "universal" | "always-prefixed";
+/**
+ * Which models are exposed on the public HTTP API.
+ *
+ * - "all": every available model
+ * - "scoped": all available models from selected providers only
+ * - "custom": explicit allowlist of canonical model IDs
+ */
+type ModelExposureMode = "all" | "scoped" | "custom";
 interface ProxyConfig {
   /** Bind address. Default: "127.0.0.1" */
   readonly host: string;
@@ -22,6 +38,16 @@ interface ProxyConfig {
   readonly upstreamTimeoutSec: number;
   /** "detached" = background daemon, "session" = dies with pi session. Default: "detached" */
   readonly lifetime: "detached" | "session";
+  /** How public model IDs are generated. Default: "collision-prefixed" */
+  readonly publicModelIdMode: PublicModelIdMode;
+  /** Which models are exposed. Default: "all" */
+  readonly modelExposureMode: ModelExposureMode;
+  /** Provider keys to expose when modelExposureMode is "scoped". */
+  readonly scopedProviders: readonly string[];
+  /** Canonical model IDs to expose when modelExposureMode is "custom". */
+  readonly customModels: readonly string[];
+  /** Provider key -> custom public prefix label. Default prefix = provider key. */
+  readonly providerPrefixes: Readonly<Record<string, string>>;
 }
 declare const DEFAULT_CONFIG: Readonly<ProxyConfig>;
 declare function normalizeConfig(raw: unknown): ProxyConfig;
@@ -30,4 +56,4 @@ declare function loadConfigFromFile(): ProxyConfig;
 declare function saveConfigToFile(config: ProxyConfig): void;
 declare function configToEnv(config: ProxyConfig): Record<string, string>;
 //#endregion
-export { DEFAULT_CONFIG, ProxyConfig, configToEnv, getConfigPath, loadConfigFromFile, normalizeConfig, saveConfigToFile };
+export { DEFAULT_CONFIG, ModelExposureMode, ProxyConfig, PublicModelIdMode, configToEnv, getConfigPath, loadConfigFromFile, normalizeConfig, saveConfigToFile };

package/dist/config.mjs

@@ -16,7 +16,12 @@ const DEFAULT_CONFIG = {
 	remoteImages: false,
 	maxBodySizeMb: 50,
 	upstreamTimeoutSec: 120,
-	lifetime: "detached"
+	lifetime: "detached",
+	publicModelIdMode: "collision-prefixed",
+	modelExposureMode: "all",
+	scopedProviders: [],
+	customModels: [],
+	providerPrefixes: {}
 };
 function isRecord(value) {
 	return value !== null && value !== void 0 && typeof value === "object" && !Array.isArray(value);
@@ -25,11 +30,41 @@ function clampInt(raw, min, max, fallback) {
 	if (typeof raw !== "number" || !Number.isFinite(raw)) return fallback;
 	return Math.max(min, Math.min(max, Math.round(raw)));
 }
+const VALID_PUBLIC_ID_MODES = new Set([
+	"collision-prefixed",
+	"universal",
+	"always-prefixed"
+]);
+function isPublicModelIdMode(value) {
+	return VALID_PUBLIC_ID_MODES.has(value);
+}
+const VALID_EXPOSURE_MODES = new Set([
+	"all",
+	"scoped",
+	"custom"
+]);
+function isModelExposureMode(value) {
+	return VALID_EXPOSURE_MODES.has(value);
+}
+function normalizeStringArray(raw) {
+	if (!Array.isArray(raw)) return [];
+	const result = [];
+	for (const item of raw) if (typeof item === "string" && item.length > 0) result.push(item);
+	return result;
+}
+function normalizeStringRecord(raw) {
+	if (!isRecord(raw)) return {};
+	const result = {};
+	for (const [key, val] of Object.entries(raw)) if (typeof val === "string" && val.length > 0) result[key] = val;
+	return result;
+}
 function normalizeConfig(raw) {
 	const v = isRecord(raw) ? raw : {};
 	const rawHost = v["host"];
 	const rawAuthToken = v["authToken"];
 	const rawRemoteImages = v["remoteImages"];
+	const rawPublicIdMode = v["publicModelIdMode"];
+	const rawExposureMode = v["modelExposureMode"];
 	return {
 		host: typeof rawHost === "string" && rawHost.length > 0 ? rawHost : DEFAULT_CONFIG.host,
 		port: clampInt(v["port"], 1, 65535, DEFAULT_CONFIG.port),
@@ -37,7 +72,12 @@ function normalizeConfig(raw) {
 		remoteImages: typeof rawRemoteImages === "boolean" ? rawRemoteImages : DEFAULT_CONFIG.remoteImages,
 		maxBodySizeMb: clampInt(v["maxBodySizeMb"], 1, 500, DEFAULT_CONFIG.maxBodySizeMb),
 		upstreamTimeoutSec: clampInt(v["upstreamTimeoutSec"], 5, 600, DEFAULT_CONFIG.upstreamTimeoutSec),
-		lifetime: v["lifetime"] === "session" ? "session" : "detached"
+		lifetime: v["lifetime"] === "session" ? "session" : "detached",
+		publicModelIdMode: typeof rawPublicIdMode === "string" && isPublicModelIdMode(rawPublicIdMode) ? rawPublicIdMode : DEFAULT_CONFIG.publicModelIdMode,
+		modelExposureMode: typeof rawExposureMode === "string" && isModelExposureMode(rawExposureMode) ? rawExposureMode : DEFAULT_CONFIG.modelExposureMode,
+		scopedProviders: normalizeStringArray(v["scopedProviders"]),
+		customModels: normalizeStringArray(v["customModels"]),
+		providerPrefixes: normalizeStringRecord(v["providerPrefixes"])
 	};
 }
 function getConfigPath() {

package/dist/exposure.d.mts

@@ -0,0 +1,52 @@
+
+import { ModelExposureMode, PublicModelIdMode } from "./config.mjs";
+import { Api, Model } from "@mariozechner/pi-ai";
+
+//#region src/openai/model-exposure.d.ts
+interface ExposedModel {
+  /** The public ID exposed on the HTTP API. */
+  readonly publicId: string;
+  /** The canonical internal ID: "provider/model-id". */
+  readonly canonicalId: string;
+  /** The underlying pi model. */
+  readonly model: Model<Api>;
+  /** The provider key. */
+  readonly provider: string;
+}
+interface ModelExposureConfig {
+  readonly publicModelIdMode: PublicModelIdMode;
+  readonly modelExposureMode: ModelExposureMode;
+  readonly scopedProviders: readonly string[];
+  readonly customModels: readonly string[];
+  readonly providerPrefixes: Readonly<Record<string, string>>;
+}
+interface ModelExposureResult {
+  readonly ok: true;
+  /** All exposed models with public IDs. */
+  readonly models: readonly ExposedModel[];
+  /** Public ID -> ExposedModel for O(1) lookup. */
+  readonly byPublicId: ReadonlyMap<string, ExposedModel>;
+  /** Canonical ID -> ExposedModel for backward-compat fallback. */
+  readonly byCanonicalId: ReadonlyMap<string, ExposedModel>;
+}
+interface ModelExposureError {
+  readonly ok: false;
+  readonly message: string;
+}
+type ModelExposureOutcome = ModelExposureResult | ModelExposureError;
+/**
+ * Compute the full model-exposure result from config and available models.
+ *
+ * Call this at startup and whenever config or the model registry changes.
+ */
+declare function computeModelExposure(available: readonly Model<Api>[], config: ModelExposureConfig): ModelExposureOutcome;
+/**
+ * Resolve a model ID from an incoming request against the exposure result.
+ *
+ * Resolution order:
+ *   1. Exact public ID match
+ *   2. Exact canonical ID match (backward compat, only if model is exposed)
+ */
+declare function resolveExposedModel(exposure: ModelExposureResult, requestModelId: string): ExposedModel | undefined;
+//#endregion
+export { ExposedModel, ModelExposureConfig, ModelExposureError, ModelExposureOutcome, ModelExposureResult, computeModelExposure, resolveExposedModel };

package/dist/exposure.mjs

@@ -0,0 +1,192 @@
+#!/usr/bin/env bun
+//#region src/openai/model-exposure.ts
+function filterExposedModels(available, config) {
+	switch (config.modelExposureMode) {
+		case "all": return [...available];
+		case "scoped": {
+			const providers = new Set(config.scopedProviders);
+			return available.filter((m) => providers.has(m.provider));
+		}
+		case "custom": {
+			const allowed = new Set(config.customModels);
+			return available.filter((m) => allowed.has(`${m.provider}/${m.id}`));
+		}
+	}
+}
+/**
+* Get the public prefix label for a provider.
+* Uses the configured override if present, otherwise the provider key itself.
+*/
+function getPublicPrefix(provider, prefixes) {
+	const override = prefixes[provider];
+	return override !== void 0 && override.length > 0 ? override : provider;
+}
+/**
+* Find connected conflict groups: sets of providers that share at least one raw model ID.
+*
+* If provider A and B share a model ID, and B and C share a different model ID,
+* then {A, B, C} form one connected conflict group.
+*/
+function findConflictGroups(models) {
+	const modelToProviders = /* @__PURE__ */ new Map();
+	for (const m of models) {
+		const existing = modelToProviders.get(m.id);
+		if (existing !== void 0) existing.add(m.provider);
+		else modelToProviders.set(m.id, new Set([m.provider]));
+	}
+	const parent = /* @__PURE__ */ new Map();
+	function find(x) {
+		let root = x;
+		while (parent.get(root) !== root) {
+			const p = parent.get(root);
+			if (p === void 0) break;
+			root = p;
+		}
+		let current = x;
+		while (current !== root) {
+			const next = parent.get(current);
+			if (next === void 0) break;
+			parent.set(current, root);
+			current = next;
+		}
+		return root;
+	}
+	function union(a, b) {
+		const ra = find(a);
+		const rb = find(b);
+		if (ra !== rb) parent.set(ra, rb);
+	}
+	for (const m of models) if (!parent.has(m.provider)) parent.set(m.provider, m.provider);
+	for (const providers of modelToProviders.values()) {
+		if (providers.size <= 1) continue;
+		const arr = [...providers];
+		const first = arr[0];
+		if (first === void 0) continue;
+		for (let i = 1; i < arr.length; i++) {
+			const other = arr[i];
+			if (other !== void 0) union(first, other);
+		}
+	}
+	const groupsByRoot = /* @__PURE__ */ new Map();
+	for (const provider of parent.keys()) {
+		const root = find(provider);
+		const existing = groupsByRoot.get(root);
+		if (existing !== void 0) existing.add(provider);
+		else groupsByRoot.set(root, new Set([provider]));
+	}
+	return [...groupsByRoot.values()].filter((g) => g.size > 1);
+}
+function generateCollisionPrefixedIds(models, prefixes) {
+	const conflictGroups = findConflictGroups(models);
+	const prefixedProviders = /* @__PURE__ */ new Set();
+	for (const group of conflictGroups) for (const provider of group) prefixedProviders.add(provider);
+	const result = /* @__PURE__ */ new Map();
+	for (const m of models) if (prefixedProviders.has(m.provider)) {
+		const prefix = getPublicPrefix(m.provider, prefixes);
+		result.set(m, `${prefix}/${m.id}`);
+	} else result.set(m, m.id);
+	return result;
+}
+function generateUniversalIds(models) {
+	const seen = /* @__PURE__ */ new Map();
+	for (const m of models) {
+		const existing = seen.get(m.id);
+		if (existing !== void 0) return `Universal mode conflict: model ID '${m.id}' is provided by both '${existing}' and '${m.provider}'. Use 'collision-prefixed' or 'always-prefixed' mode, or reduce the exposed model set.`;
+		seen.set(m.id, m.provider);
+	}
+	const result = /* @__PURE__ */ new Map();
+	for (const m of models) result.set(m, m.id);
+	return result;
+}
+function generateAlwaysPrefixedIds(models, prefixes) {
+	const result = /* @__PURE__ */ new Map();
+	for (const m of models) {
+		const prefix = getPublicPrefix(m.provider, prefixes);
+		result.set(m, `${prefix}/${m.id}`);
+	}
+	return result;
+}
+function validatePrefixUniqueness(models, prefixes, mode) {
+	if (mode === "universal") return void 0;
+	const providers = /* @__PURE__ */ new Set();
+	if (mode === "always-prefixed") for (const m of models) providers.add(m.provider);
+	else {
+		const conflictGroups = findConflictGroups(models);
+		for (const group of conflictGroups) for (const provider of group) providers.add(provider);
+	}
+	const labelToProvider = /* @__PURE__ */ new Map();
+	for (const provider of providers) {
+		const label = getPublicPrefix(provider, prefixes);
+		const existing = labelToProvider.get(label);
+		if (existing !== void 0) return `Duplicate prefix label '${label}' used by providers '${existing}' and '${provider}'. Configure distinct providerPrefixes.`;
+		labelToProvider.set(label, provider);
+	}
+}
+/**
+* Compute the full model-exposure result from config and available models.
+*
+* Call this at startup and whenever config or the model registry changes.
+*/
+function computeModelExposure(available, config) {
+	const exposed = filterExposedModels(available, config);
+	const prefixError = validatePrefixUniqueness(exposed, config.providerPrefixes, config.publicModelIdMode);
+	if (prefixError !== void 0) return {
+		ok: false,
+		message: prefixError
+	};
+	let idMap;
+	switch (config.publicModelIdMode) {
+		case "collision-prefixed":
+			idMap = generateCollisionPrefixedIds(exposed, config.providerPrefixes);
+			break;
+		case "universal": {
+			const result = generateUniversalIds(exposed);
+			if (typeof result === "string") return {
+				ok: false,
+				message: result
+			};
+			idMap = result;
+			break;
+		}
+		case "always-prefixed":
+			idMap = generateAlwaysPrefixedIds(exposed, config.providerPrefixes);
+			break;
+	}
+	const models = [];
+	const byPublicId = /* @__PURE__ */ new Map();
+	const byCanonicalId = /* @__PURE__ */ new Map();
+	for (const m of exposed) {
+		const publicId = idMap.get(m);
+		if (publicId === void 0) continue;
+		const canonicalId = `${m.provider}/${m.id}`;
+		const entry = {
+			publicId,
+			canonicalId,
+			model: m,
+			provider: m.provider
+		};
+		models.push(entry);
+		byPublicId.set(publicId, entry);
+		byCanonicalId.set(canonicalId, entry);
+	}
+	return {
+		ok: true,
+		models,
+		byPublicId,
+		byCanonicalId
+	};
+}
+/**
+* Resolve a model ID from an incoming request against the exposure result.
+*
+* Resolution order:
+*   1. Exact public ID match
+*   2. Exact canonical ID match (backward compat, only if model is exposed)
+*/
+function resolveExposedModel(exposure, requestModelId) {
+	const byPublic = exposure.byPublicId.get(requestModelId);
+	if (byPublic !== void 0) return byPublic;
+	return exposure.byCanonicalId.get(requestModelId);
+}
+//#endregion
+export { computeModelExposure, resolveExposedModel };

package/dist/index.mjs

@@ -1,5 +1,6 @@
 #!/usr/bin/env bun
 import { getConfigPath, loadConfigFromFile } from "./config.mjs";
+import { computeModelExposure, resolveExposedModel } from "./exposure.mjs";
 import { AuthStorage, ModelRegistry } from "@mariozechner/pi-coding-agent";
 import { randomBytes } from "node:crypto";
 import * as z from "zod";
@@ -9,15 +10,6 @@ import { Hono } from "hono";
 import { stream } from "hono/streaming";
 import { defineCommand, runMain } from "citty";
 //#region src/config/env.ts
-/**
-* Server configuration loading.
-*
-* Priority: CLI args > env vars > JSON config file > defaults.
-*
-* The JSON config file (~/.pi/agent/proxy-config.json) is the shared config
-* written by the pi extension's /proxy config panel. Env vars and CLI args
-* override it for one-off adjustments or container use.
-*/
 function parsePositiveInt(raw, fallback) {
 	if (raw === void 0) return fallback;
 	const n = Number.parseInt(raw, 10);
@@ -43,7 +35,12 @@ function loadConfig(cli = {}) {
 		agenticEnabled: process.env.PI_PROXY_AGENTIC === "true",
 		remoteImagesEnabled,
 		maxBodySize,
-		upstreamTimeoutMs
+		upstreamTimeoutMs,
+		publicModelIdMode: file.publicModelIdMode,
+		modelExposureMode: file.modelExposureMode,
+		scopedProviders: file.scopedProviders,
+		customModels: file.customModels,
+		providerPrefixes: file.providerPrefixes
 	};
 }
 //#endregion
@@ -474,21 +471,14 @@ function parseAndValidateDataUri(uri) {
 //#endregion
 //#region src/openai/models.ts
 /**
-* Convert a pi Model to an OpenAI model object.
+* Convert an ExposedModel to an OpenAI model object.
 */
-function toOpenAIModel(model) {
+function toOpenAIModel(exposed) {
 	return {
-		id: `${model.provider}/${model.id}`,
+		id: exposed.publicId,
 		object: "model",
 		created: 0,
-		owned_by: model.provider,
-		x_pi: {
-			api: model.api,
-			reasoning: model.reasoning,
-			input: model.input,
-			context_window: model.contextWindow,
-			max_tokens: model.maxTokens
-		}
+		owned_by: exposed.provider
 	};
 }
 /**
@@ -1067,7 +1057,20 @@ const toolChoiceSchema = z.union([z.enum([
 	"auto",
 	"required"
 ]), namedToolChoiceSchema]);
-const responseFormatSchema = z.discriminatedUnion("type", [z.object({ type: z.literal("text") }), z.object({ type: z.literal("json_object") })]);
+const jsonSchemaResponseFormatSchema = z.object({
+	type: z.literal("json_schema"),
+	json_schema: z.object({
+		name: z.string().trim(),
+		description: z.string().trim().optional(),
+		schema: z.record(z.string().trim(), z.unknown()).optional(),
+		strict: z.boolean().nullable().optional()
+	})
+});
+const responseFormatSchema = z.discriminatedUnion("type", [
+	z.object({ type: z.literal("text") }),
+	z.object({ type: z.literal("json_object") }),
+	jsonSchemaResponseFormatSchema
+]);
 const chatCompletionRequestSchema = z.object({
 	model: z.string().trim(),
 	messages: z.array(messageSchema).min(1),
@@ -1081,9 +1084,12 @@ const chatCompletionRequestSchema = z.object({
 	tools: z.array(functionToolSchema).optional(),
 	tool_choice: toolChoiceSchema.optional(),
 	reasoning_effort: z.enum([
+		"none",
+		"minimal",
 		"low",
 		"medium",
-		"high"
+		"high",
+		"xhigh"
 	]).optional(),
 	top_p: z.number().min(0).max(1).optional(),
 	frequency_penalty: z.number().min(-2).max(2).optional(),
@@ -1164,15 +1170,18 @@ function isRecord(value) {
 /**
 * Map OpenAI reasoning_effort to pi ThinkingLevel.
 *
-* OpenAI: "low" | "medium" | "high"
+* OpenAI: "none" | "minimal" | "low" | "medium" | "high" | "xhigh"
 * Pi: "minimal" | "low" | "medium" | "high" | "xhigh"
 *
-* Direct mapping for the three shared values.
+* "none" maps to "minimal" (pi has no "none" level).
 */
 const REASONING_EFFORT_MAP = {
+	none: "minimal",
+	minimal: "minimal",
 	low: "low",
 	medium: "medium",
-	high: "high"
+	high: "high",
+	xhigh: "xhigh"
 };
 /**
 * APIs where onPayload passthrough fields are not supported.
@@ -1267,75 +1276,33 @@ async function piStream(model, context, request, options) {
 	return streamSimple(model, context, await buildStreamOptions(model, request, options));
 }
 //#endregion
-//#region src/pi/resolve-model.ts
+//#region src/server/routes.ts
 /**
-* Parse a canonical model ID string into provider and model-id.
-*
-* "openai/gpt-4o" -> { provider: "openai", modelId: "gpt-4o" }
-* "openrouter/anthropic/claude-sonnet-4-20250514" -> { provider: "openrouter", modelId: "anthropic/claude-sonnet-4-20250514" }
-* "gpt-4o" -> null (shorthand, no slash)
+* Build a ModelExposureConfig from the server config.
 */
-function parseCanonicalId(input) {
-	const slashIndex = input.indexOf("/");
-	if (slashIndex === -1) return null;
+function buildExposureConfig(config) {
 	return {
-		provider: input.slice(0, slashIndex),
-		modelId: input.slice(slashIndex + 1)
+		publicModelIdMode: config.publicModelIdMode,
+		modelExposureMode: config.modelExposureMode,
+		scopedProviders: config.scopedProviders,
+		customModels: config.customModels,
+		providerPrefixes: config.providerPrefixes
 	};
 }
 /**
-* Resolve a model string (canonical or shorthand) to a pi Model.
+* Compute or refresh the model exposure from the current registry and config.
+* Returns the exposure result or throws on config errors.
 */
-function resolveModel(input) {
-	const registry = getRegistry();
-	const parsed = parseCanonicalId(input);
-	if (parsed !== null) {
-		const model = registry.find(parsed.provider, parsed.modelId);
-		if (model === void 0) return {
-			ok: false,
-			status: 404,
-			message: `Model '${input}' not found`
-		};
-		return {
-			ok: true,
-			model
-		};
-	}
-	const allModels = registry.getAll();
-	const matches = [];
-	for (const m of allModels) if (m.id === input) matches.push(m);
-	if (matches.length === 0) return {
-		ok: false,
-		status: 404,
-		message: `Model '${input}' not found`
-	};
-	if (matches.length === 1) {
-		const match = matches[0];
-		if (match === void 0) return {
-			ok: false,
-			status: 404,
-			message: `Model '${input}' not found`
-		};
-		return {
-			ok: true,
-			model: match
-		};
-	}
-	const candidates = matches.map((m) => `${m.provider}/${m.id}`);
-	return {
-		ok: false,
-		status: 400,
-		message: `Ambiguous model '${input}'. Matches: ${candidates.join(", ")}. Use the canonical form 'provider/model-id'.`,
-		candidates
-	};
+function getExposure(config) {
+	const outcome = computeModelExposure(getAvailableModels(), buildExposureConfig(config));
+	if (!outcome.ok) throw new Error(`Model exposure configuration error: ${outcome.message}`);
+	return outcome;
 }
-//#endregion
-//#region src/server/routes.ts
 function createRoutes(config) {
 	const routes = new Hono();
 	routes.get("/v1/models", (c) => {
-		const models = getAvailableModels();
-		return c.json(buildModelList(models));
+		const exposure = getExposure(config);
+		return c.json(buildModelList(exposure.models));
 	});
 	routes.get("/v1/models/*", (c) => {
 		const rawPath = c.req.path;
@@ -1343,12 +1310,9 @@ function createRoutes(config) {
 		const modelIdEncoded = rawPath.slice(11);
 		if (modelIdEncoded.length === 0) return c.json(modelNotFound(""), 404);
 		const modelId = decodeURIComponent(modelIdEncoded);
-		const resolution = resolveModel(modelId);
-		if (!resolution.ok) {
-			if (resolution.status === 400) return c.json(invalidRequest(resolution.message, "model"), 400);
-			return c.json(modelNotFound(modelId), 404);
-		}
-		return c.json(toOpenAIModel(resolution.model));
+		const resolved = resolveExposedModel(getExposure(config), modelId);
+		if (resolved === void 0) return c.json(modelNotFound(modelId), 404);
+		return c.json(toOpenAIModel(resolved));
 	});
 	routes.post("/v1/chat/completions", async (c) => {
 		const requestId = c.get("requestId");
@@ -1366,13 +1330,10 @@ function createRoutes(config) {
 			return c.json(invalidRequest(validation.message, validation.param ?? void 0), 400);
 		}
 		const request = validation.data;
-		const resolution = resolveModel(request.model);
-		if (!resolution.ok) {
-			if (resolution.status === 400) return c.json(invalidRequest(resolution.message, "model"), 400);
-			return c.json(modelNotFound(request.model), 404);
-		}
-		const model = resolution.model;
-		const canonicalModelId = `${model.provider}/${model.id}`;
+		const resolved = resolveExposedModel(getExposure(config), request.model);
+		if (resolved === void 0) return c.json(modelNotFound(request.model), 404);
+		const model = resolved.model;
+		const canonicalModelId = resolved.canonicalId;
 		const conversion = convertMessages(request.messages);
 		if (!conversion.ok) return c.json(invalidRequest(conversion.message, conversion.param), 400);
 		const context = conversion.context;

package/extensions/proxy.ts

@@ -6,24 +6,29 @@
  *   /proxy start      Start the proxy server
  *   /proxy stop       Stop the proxy server
  *   /proxy status     Show proxy status
+ *   /proxy verify     Validate model exposure config against available models
  *   /proxy config     Open settings panel (alias)
- *   /proxy show       Summarize current config
+ *   /proxy show       Summarize current config and exposure policy
  *   /proxy path       Show config file location
  *   /proxy reset      Restore default settings
  *   /proxy help       Usage line
  *
  * Config schema imported from @victor-software-house/pi-openai-proxy/config (SSOT).
+ * Model-exposure engine imported from @victor-software-house/pi-openai-proxy/exposure.
  */
 
 import { type ChildProcess, spawn } from "node:child_process";
 import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from "node:fs";
 import { dirname, resolve } from "node:path";
 import { fileURLToPath } from "node:url";
+import type { Api, Model } from "@mariozechner/pi-ai";
 import {
+	AuthStorage,
 	type ExtensionAPI,
 	type ExtensionCommandContext,
 	type ExtensionContext,
 	getSettingsListTheme,
+	ModelRegistry,
 } from "@mariozechner/pi-coding-agent";
 import { Container, type SettingItem, SettingsList, Text } from "@mariozechner/pi-tui";
 
@@ -33,9 +38,17 @@ import {
 	DEFAULT_CONFIG,
 	getConfigPath,
 	loadConfigFromFile,
+	type ModelExposureMode,
+	type PublicModelIdMode,
 	saveConfigToFile,
 } from "@victor-software-house/pi-openai-proxy/config";
 
+// Model-exposure engine
+import {
+	computeModelExposure,
+	type ModelExposureConfig,
+} from "@victor-software-house/pi-openai-proxy/exposure";
+
 // ---------------------------------------------------------------------------
 // Runtime status
 // ---------------------------------------------------------------------------
@@ -56,6 +69,32 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 	const extensionDir = dirname(fileURLToPath(import.meta.url));
 	const packageRoot = resolve(extensionDir, "..");
 
+	// --- Model registry access (for verify/show/selectors) ---
+
+	function getAvailableModels(): Model<Api>[] {
+		const auth = AuthStorage.create();
+		const registry = new ModelRegistry(auth);
+		return registry.getAvailable();
+	}
+
+	function getUniqueProviders(models: readonly Model<Api>[]): string[] {
+		const seen = new Set<string>();
+		for (const m of models) {
+			seen.add(m.provider);
+		}
+		return [...seen].sort();
+	}
+
+	function buildExposureConfig(): ModelExposureConfig {
+		return {
+			publicModelIdMode: config.publicModelIdMode,
+			modelExposureMode: config.modelExposureMode,
+			scopedProviders: config.scopedProviders,
+			customModels: config.customModels,
+			providerPrefixes: config.providerPrefixes,
+		};
+	}
+
 	// Resolve pi-proxy binary: try workspace node_modules, then global
 	function findProxyBinary(): string {
 		// In workspace: node_modules/pi-proxy/dist/index.mjs
@@ -85,8 +124,18 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 
 	// --- Command family ---
 
-	const SUBCOMMANDS = ["start", "stop", "status", "config", "show", "path", "reset", "help"];
-	const USAGE = "/proxy [start|stop|status|config|show|path|reset|help]";
+	const SUBCOMMANDS = [
+		"start",
+		"stop",
+		"status",
+		"verify",
+		"config",
+		"show",
+		"path",
+		"reset",
+		"help",
+	];
+	const USAGE = "/proxy [start|stop|status|verify|config|show|path|reset|help]";
 
 	pi.registerCommand("proxy", {
 		description: "Manage the OpenAI-compatible proxy",
@@ -108,8 +157,11 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 				case "status":
 					await showStatus(ctx);
 					return;
+				case "verify":
+					verifyExposure(ctx);
+					return;
 				case "show":
-					await showConfig(ctx);
+					showConfig(ctx);
 					return;
 				case "path":
 					ctx.ui.notify(getConfigPath(), "info");
@@ -358,11 +410,13 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 		await refreshStatus(ctx);
 	}
 
-	async function showConfig(ctx: ExtensionContext): Promise<void> {
+	function showConfig(ctx: ExtensionContext): void {
 		config = loadConfigFromFile();
 		const authDisplay =
 			config.authToken.length > 0 ? `enabled (token: ${config.authToken})` : "disabled";
-		const lines = [
+
+		// Server settings
+		const serverLines = [
 			`lifetime: ${config.lifetime}`,
 			`host: ${config.host}`,
 			`port: ${String(config.port)}`,
@@ -371,8 +425,96 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 			`max body: ${String(config.maxBodySizeMb)} MB`,
 			`timeout: ${String(config.upstreamTimeoutSec)}s`,
 		];
-		ctx.ui.notify(lines.join(" | "), "info");
-		await refreshStatus(ctx);
+
+		// Exposure policy
+		const exposureLines = [
+			`id mode: ${config.publicModelIdMode}`,
+			`exposure: ${config.modelExposureMode}`,
+		];
+
+		if (config.modelExposureMode === "scoped" && config.scopedProviders.length > 0) {
+			exposureLines.push(`providers: ${config.scopedProviders.join(", ")}`);
+		}
+		if (config.modelExposureMode === "custom" && config.customModels.length > 0) {
+			exposureLines.push(`models: ${String(config.customModels.length)} custom`);
+		}
+
+		const prefixKeys = Object.keys(config.providerPrefixes);
+		if (prefixKeys.length > 0) {
+			const pairs = prefixKeys.map((k) => `${k}=${config.providerPrefixes[k] ?? k}`);
+			exposureLines.push(`prefixes: ${pairs.join(", ")}`);
+		}
+
+		// Public ID preview (first 5 exposed models)
+		const models = getAvailableModels();
+		const outcome = computeModelExposure(models, buildExposureConfig());
+		if (outcome.ok && outcome.models.length > 0) {
+			const preview = outcome.models.slice(0, 5).map((m) => m.publicId);
+			const suffix =
+				outcome.models.length > 5 ? ` (+${String(outcome.models.length - 5)} more)` : "";
+			exposureLines.push(`exposed: ${preview.join(", ")}${suffix}`);
+		} else if (outcome.ok) {
+			exposureLines.push("exposed: none");
+		} else {
+			exposureLines.push(`error: ${outcome.message}`);
+		}
+
+		ctx.ui.notify(`${serverLines.join(" | ")}\n${exposureLines.join(" | ")}`, "info");
+	}
+
+	// --- /proxy verify ---
+
+	function verifyExposure(ctx: ExtensionContext): void {
+		config = loadConfigFromFile();
+		const models = getAvailableModels();
+		const issues: string[] = [];
+
+		// Check available models
+		if (models.length === 0) {
+			issues.push("No models have auth configured. The proxy will expose 0 models.");
+		}
+
+		// Check scoped providers reference valid providers
+		if (config.modelExposureMode === "scoped") {
+			const availableProviders = new Set(getUniqueProviders(models));
+			for (const p of config.scopedProviders) {
+				if (!availableProviders.has(p)) {
+					issues.push(`Scoped provider '${p}' has no available models (no auth or unknown).`);
+				}
+			}
+			if (config.scopedProviders.length === 0) {
+				issues.push("Scoped mode with empty provider list will expose 0 models.");
+			}
+		}
+
+		// Check custom models reference valid canonical IDs
+		if (config.modelExposureMode === "custom") {
+			const canonicalSet = new Set(models.map((m) => `${m.provider}/${m.id}`));
+			for (const id of config.customModels) {
+				if (!canonicalSet.has(id)) {
+					issues.push(`Custom model '${id}' is not available (no auth or unknown).`);
+				}
+			}
+			if (config.customModels.length === 0) {
+				issues.push("Custom mode with empty model list will expose 0 models.");
+			}
+		}
+
+		// Run the full exposure computation to catch ID/prefix errors
+		const outcome = computeModelExposure(models, buildExposureConfig());
+		if (!outcome.ok) {
+			issues.push(outcome.message);
+		}
+
+		if (issues.length === 0) {
+			const count = outcome.ok ? outcome.models.length : 0;
+			ctx.ui.notify(`Verification passed. ${String(count)} models exposed.`, "info");
+		} else {
+			ctx.ui.notify(
+				`Verification found ${String(issues.length)} issue(s):\n${issues.join("\n")}`,
+				"warning",
+			);
+		}
 	}
 
 	async function waitForReady(timeoutMs: number): Promise<RuntimeStatus> {
@@ -391,7 +533,28 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 	let lastGeneratedToken = "";
 
 	function buildSettingItems(): SettingItem[] {
+		// Build dynamic choices for scoped providers and custom models
+		const models = getAvailableModels();
+		const availableProviders = getUniqueProviders(models);
+
+		// Scoped providers: show available + current selection indicator
+		const scopedSet = new Set(config.scopedProviders);
+		const scopedDisplay =
+			config.scopedProviders.length > 0 ? config.scopedProviders.join(", ") : "(none)";
+
+		// Custom models: show count
+		const customDisplay =
+			config.customModels.length > 0 ? `${String(config.customModels.length)} selected` : "(none)";
+
+		// Prefix overrides: show current
+		const prefixKeys = Object.keys(config.providerPrefixes);
+		const prefixDisplay =
+			prefixKeys.length > 0
+				? prefixKeys.map((k) => `${k}=${config.providerPrefixes[k] ?? k}`).join(", ")
+				: "(defaults)";
+
 		return [
+			// --- Server ---
 			{
 				id: "lifetime",
 				label: "Lifetime",
@@ -444,9 +607,90 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 				currentValue: `${String(config.upstreamTimeoutSec)}s`,
 				values: ["30s", "60s", "120s", "300s"],
 			},
+			// --- Model exposure ---
+			{
+				id: "publicModelIdMode",
+				label: "Public ID mode",
+				description: "How public model IDs are generated from canonical provider/model-id",
+				currentValue: config.publicModelIdMode,
+				values: ["collision-prefixed", "universal", "always-prefixed"],
+			},
+			{
+				id: "modelExposureMode",
+				label: "Exposure mode",
+				description: "Which models are exposed on the API",
+				currentValue: config.modelExposureMode,
+				values: ["all", "scoped", "custom"],
+			},
+			{
+				id: "scopedProviders",
+				label: "Scoped providers",
+				description: `Toggle providers for scoped mode. Available: ${availableProviders.join(", ") || "(none)"}`,
+				currentValue: scopedDisplay,
+				values: availableProviders.map((p) => {
+					const selected = scopedSet.has(p);
+					return selected ? `[-] ${p}` : `[+] ${p}`;
+				}),
+			},
+			{
+				id: "customModels",
+				label: "Custom models",
+				description: "Toggle individual models for custom mode",
+				currentValue: customDisplay,
+				values: buildCustomModelValues(models),
+			},
+			{
+				id: "providerPrefixes",
+				label: "Prefix overrides",
+				description: "Custom prefix labels for providers (provider=label)",
+				currentValue: prefixDisplay,
+				values: buildPrefixValues(availableProviders),
+			},
 		];
 	}
 
+	/**
+	 * Build toggle values for custom model selection.
+	 * Each model is shown as "[+] provider/id" or "[-] provider/id".
+	 */
+	function buildCustomModelValues(models: readonly Model<Api>[]): string[] {
+		const customSet = new Set(config.customModels);
+		return models.map((m) => {
+			const canonical = `${m.provider}/${m.id}`;
+			const selected = customSet.has(canonical);
+			return selected ? `[-] ${canonical}` : `[+] ${canonical}`;
+		});
+	}
+
+	/**
+	 * Build toggle values for prefix override editing.
+	 * Each provider is shown as "provider=label" or "provider (default)".
+	 */
+	function buildPrefixValues(providers: readonly string[]): string[] {
+		const values: string[] = [];
+		for (const p of providers) {
+			const override = config.providerPrefixes[p];
+			if (override !== undefined && override.length > 0) {
+				values.push(`clear ${p}`);
+			} else {
+				values.push(`set ${p}`);
+			}
+		}
+		return values;
+	}
+
+	const VALID_ID_MODES = new Set<string>(["collision-prefixed", "universal", "always-prefixed"]);
+
+	function isPublicModelIdMode(v: string): v is PublicModelIdMode {
+		return VALID_ID_MODES.has(v);
+	}
+
+	const VALID_EXPOSURE_MODES = new Set<string>(["all", "scoped", "custom"]);
+
+	function isModelExposureMode(v: string): v is ModelExposureMode {
+		return VALID_EXPOSURE_MODES.has(v);
+	}
+
 	function applySetting(id: string, value: string): void {
 		switch (id) {
 			case "lifetime":
@@ -489,11 +733,98 @@ export default function proxyExtension(pi: ExtensionAPI): void {
 				if (Number.isFinite(sec) && sec > 0) config = { ...config, upstreamTimeoutSec: sec };
 				break;
 			}
+			case "publicModelIdMode":
+				if (isPublicModelIdMode(value)) {
+					config = { ...config, publicModelIdMode: value };
+				}
+				break;
+			case "modelExposureMode":
+				if (isModelExposureMode(value)) {
+					config = { ...config, modelExposureMode: value };
+				}
+				break;
+			case "scopedProviders":
+				applyScopedProviderToggle(value);
+				break;
+			case "customModels":
+				applyCustomModelToggle(value);
+				break;
+			case "providerPrefixes":
+				applyPrefixAction(value);
+				break;
 		}
 		saveConfigToFile(config);
 		config = loadConfigFromFile();
 	}
 
+	/**
+	 * Toggle a provider in/out of the scoped providers list.
+	 * Value format: "[+] provider" to add, "[-] provider" to remove.
+	 */
+	function applyScopedProviderToggle(value: string): void {
+		const match = /^\[([+-])\]\s+(.+)$/.exec(value);
+		if (match === null) return;
+		const action = match[1];
+		const provider = match[2];
+		if (provider === undefined) return;
+
+		const current = new Set(config.scopedProviders);
+		if (action === "+") {
+			current.add(provider);
+		} else {
+			current.delete(provider);
+		}
+		config = { ...config, scopedProviders: [...current] };
+	}
+
+	/**
+	 * Toggle a model in/out of the custom models list.
+	 * Value format: "[+] provider/model-id" to add, "[-] provider/model-id" to remove.
+	 */
+	function applyCustomModelToggle(value: string): void {
+		const match = /^\[([+-])\]\s+(.+)$/.exec(value);
+		if (match === null) return;
+		const action = match[1];
+		const canonicalId = match[2];
+		if (canonicalId === undefined) return;
+
+		const current = new Set(config.customModels);
+		if (action === "+") {
+			current.add(canonicalId);
+		} else {
+			current.delete(canonicalId);
+		}
+		config = { ...config, customModels: [...current] };
+	}
+
+	/**
+	 * Apply a prefix override action.
+	 * Value format: "set provider" to prompt for a label, "clear provider" to remove override.
+	 */
+	function applyPrefixAction(value: string): void {
+		const clearMatch = /^clear\s+(.+)$/.exec(value);
+		if (clearMatch !== null) {
+			const provider = clearMatch[1];
+			if (provider === undefined) return;
+			const next = { ...config.providerPrefixes };
+			delete next[provider];
+			config = { ...config, providerPrefixes: next };
+			return;
+		}
+
+		// "set provider" -- set a simple abbreviated prefix
+		const setMatch = /^set\s+(.+)$/.exec(value);
+		if (setMatch !== null) {
+			const provider = setMatch[1];
+			if (provider === undefined) return;
+			// Use first 3 characters as a short prefix (user can edit JSON for custom values)
+			const shortPrefix = provider.slice(0, 3);
+			const next = { ...config.providerPrefixes };
+			next[provider] = shortPrefix;
+			config = { ...config, providerPrefixes: next };
+		}
+	}
+
 	async function openSettingsPanel(ctx: ExtensionCommandContext): Promise<void> {
 		config = loadConfigFromFile();
 

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@victor-software-house/pi-openai-proxy",
-	"version": "1.0.0",
+	"version": "2.1.0",
 	"description": "OpenAI-compatible HTTP proxy for pi's multi-provider model registry",
 	"license": "MIT",
 	"author": "Victor Software House",
@@ -37,6 +37,10 @@
 		"./config": {
 			"import": "./dist/config.mjs",
 			"types": "./dist/config.d.mts"
+		},
+		"./exposure": {
+			"import": "./dist/exposure.mjs",
+			"types": "./dist/exposure.d.mts"
 		}
 	},
 	"main": "dist/index.mjs",