apteva 0.4.17 → 0.4.19

package/src/db.ts

@@ -194,6 +194,56 @@ export interface SkillRow {
   updated_at: string;
 }
 
+// Subscription: maps trigger events to agents for routing
+export interface Subscription {
+  id: string;
+  trigger_slug: string;
+  trigger_instance_id: string | null;
+  agent_id: string;
+  enabled: boolean;
+  project_id: string | null;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface SubscriptionRow {
+  id: string;
+  trigger_slug: string;
+  trigger_instance_id: string | null;
+  agent_id: string;
+  enabled: number;
+  project_id: string | null;
+  created_at: string;
+  updated_at: string;
+}
+
+// Channel: external messaging platform bound to an agent
+export interface Channel {
+  id: string;
+  type: "telegram"; // future: "slack", "discord"
+  name: string;
+  agent_id: string;
+  config: string; // encrypted JSON
+  status: "stopped" | "running" | "error";
+  error: string | null;
+  project_id: string | null;
+  created_at: string;
+  updated_at: string;
+}
+
+export interface ChannelRow {
+  id: string;
+  type: string;
+  name: string;
+  agent_id: string;
+  config: string;
+  status: string;
+  error: string | null;
+  project_id: string | null;
+  created_at: string;
+  updated_at: string;
+}
+
 export interface McpServerRow {
   id: string;
   name: string;
@@ -256,11 +306,21 @@ export function initDatabase(dataDir: string): Database {
 
   // Enable WAL mode for better concurrent access
   db.run("PRAGMA journal_mode = WAL");
+  db.run("PRAGMA busy_timeout = 5000");
   db.run("PRAGMA foreign_keys = ON");
 
   // Run migrations
   runMigrations();
 
+  // Auto-set instance_url from env if not already configured
+  const envInstanceUrl = process.env.INSTANCE_URL || process.env.PUBLIC_URL;
+  if (envInstanceUrl) {
+    const current = SettingsDB.get("instance_url");
+    if (!current) {
+      SettingsDB.set("instance_url", envInstanceUrl.replace(/\/+$/, ""));
+    }
+  }
+
   // Database initialized silently
   return db;
 }
@@ -685,6 +745,52 @@ function runMigrations() {
         CREATE INDEX IF NOT EXISTS idx_mcp_server_tools_server ON mcp_server_tools(server_id);
       `,
     },
+    {
+      name: "031_create_subscriptions",
+      sql: `
+        CREATE TABLE IF NOT EXISTS subscriptions (
+          id TEXT PRIMARY KEY,
+          trigger_slug TEXT NOT NULL,
+          trigger_instance_id TEXT,
+          agent_id TEXT NOT NULL,
+          enabled INTEGER NOT NULL DEFAULT 1,
+          project_id TEXT,
+          created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+          updated_at TEXT DEFAULT CURRENT_TIMESTAMP,
+          FOREIGN KEY (agent_id) REFERENCES agents(id) ON DELETE CASCADE
+        );
+        CREATE INDEX IF NOT EXISTS idx_subscriptions_agent ON subscriptions(agent_id);
+        CREATE INDEX IF NOT EXISTS idx_subscriptions_trigger_slug ON subscriptions(trigger_slug);
+        CREATE INDEX IF NOT EXISTS idx_subscriptions_trigger_instance ON subscriptions(trigger_instance_id);
+      `,
+    },
+    {
+      name: "032_create_channels",
+      sql: `
+        CREATE TABLE IF NOT EXISTS channels (
+          id TEXT PRIMARY KEY,
+          type TEXT NOT NULL,
+          name TEXT NOT NULL,
+          agent_id TEXT NOT NULL,
+          config TEXT NOT NULL,
+          status TEXT DEFAULT 'stopped',
+          error TEXT,
+          project_id TEXT,
+          created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+          updated_at TEXT DEFAULT CURRENT_TIMESTAMP,
+          FOREIGN KEY (agent_id) REFERENCES agents(id) ON DELETE CASCADE
+        );
+        CREATE INDEX IF NOT EXISTS idx_channels_agent ON channels(agent_id);
+        CREATE INDEX IF NOT EXISTS idx_channels_status ON channels(status);
+      `,
+    },
+    {
+      name: "033_add_telemetry_seen",
+      sql: `
+        ALTER TABLE telemetry_events ADD COLUMN seen INTEGER DEFAULT 0;
+        CREATE INDEX IF NOT EXISTS idx_telemetry_seen ON telemetry_events(seen);
+      `,
+    },
     {
       name: "029_fix_provider_keys_unique_constraint",
       sql: `
@@ -723,8 +829,8 @@ function runMigrations() {
   for (const migration of migrations) {
     if (!applied.has(migration.name)) {
       try {
-        // Migration runs silently
-        db.run(migration.sql);
+        // Migration runs silently (exec supports multi-statement SQL)
+        db.exec(migration.sql);
         db.run("INSERT INTO migrations (name) VALUES (?)", [migration.name]);
       } catch (err) {
         // Log error but continue - some migrations may fail if partially applied
@@ -853,12 +959,13 @@ export const AgentDB = {
     return rows.map(rowToAgent);
   },
 
-  // Get running agents (for auto-restart)
+  // Get running agents
   findRunning(): Agent[] {
     const rows = db.query("SELECT * FROM agents WHERE status = 'running'").all() as AgentRow[];
     return rows.map(rowToAgent);
   },
 
+
   // Update agent
   update(id: string, updates: Partial<Omit<Agent, "id" | "created_at">>): Agent | null {
     const agent = this.findById(id);
@@ -907,7 +1014,6 @@ export const AgentDB = {
       fields.push("project_id = ?");
       values.push(updates.project_id);
     }
-
     if (fields.length > 0) {
       fields.push("updated_at = ?");
       values.push(new Date().toISOString());
@@ -1076,8 +1182,12 @@ export const ProjectDB = {
     return this.findById(id);
   },
 
-  // Delete project (agents will have project_id set to NULL)
+  // Delete project with full cleanup
+  // FK constraints handle: agents, mcp_servers, skills (SET NULL), provider_keys (CASCADE)
+  // Manual cleanup: subscriptions, test_cases (no FK on project_id)
   delete(id: string): boolean {
+    db.run("UPDATE subscriptions SET project_id = NULL WHERE project_id = ?", [id]);
+    db.run("UPDATE test_cases SET project_id = NULL WHERE project_id = ?", [id]);
     const result = db.run("DELETE FROM projects WHERE id = ?", [id]);
     return result.changes > 0;
   },
@@ -1386,6 +1496,15 @@ export const McpServerDB = {
     return row ? rowToMcpServer(row) : null;
   },
 
+  findByIds(ids: string[]): Map<string, McpServer> {
+    if (ids.length === 0) return new Map();
+    const placeholders = ids.map(() => "?").join(",");
+    const rows = db.query(`SELECT * FROM mcp_servers WHERE id IN (${placeholders})`).all(...ids) as McpServerRow[];
+    const map = new Map<string, McpServer>();
+    for (const row of rows) map.set(row.id, rowToMcpServer(row));
+    return map;
+  },
+
   findAll(): McpServer[] {
     const rows = db.query("SELECT * FROM mcp_servers ORDER BY created_at DESC").all() as McpServerRow[];
     return rows.map(rowToMcpServer);
@@ -1703,6 +1822,7 @@ export interface TelemetryEvent {
   duration_ms: number | null;
   error: string | null;
   received_at: string;
+  seen?: boolean;
 }
 
 interface TelemetryEventRow {
@@ -1720,6 +1840,7 @@ interface TelemetryEventRow {
   duration_ms: number | null;
   error: string | null;
   received_at: string;
+  seen?: number;
 }
 
 // Telemetry operations
@@ -2001,6 +2122,45 @@ export const TelemetryDB = {
     const row = db.query("SELECT COUNT(*) as count FROM telemetry_events").get() as { count: number };
     return row.count;
   },
+
+  // --- Notification helpers (piggyback on telemetry with `seen` flag) ---
+
+  // Notification-worthy filter: errors + agent crashes
+  getNotifications(limit = 50): TelemetryEvent[] {
+    const rows = db.query(`
+      SELECT * FROM telemetry_events
+      WHERE (level = 'error' OR (category = 'system' AND type = 'agent_stopped') OR category = 'ERROR')
+      ORDER BY timestamp DESC
+      LIMIT ?
+    `).all(limit) as TelemetryEventRow[];
+    return rows.map(rowToTelemetryEvent);
+  },
+
+  getUnseenCount(): number {
+    const row = db.query(`
+      SELECT COUNT(*) as count FROM telemetry_events
+      WHERE seen = 0
+        AND (level = 'error' OR (category = 'system' AND type = 'agent_stopped') OR category = 'ERROR')
+    `).get() as { count: number };
+    return row.count;
+  },
+
+  markSeen(ids: string[]): number {
+    if (ids.length === 0) return 0;
+    const placeholders = ids.map(() => "?").join(",");
+    const result = db.run(
+      `UPDATE telemetry_events SET seen = 1 WHERE id IN (${placeholders})`,
+      ids
+    );
+    return result.changes;
+  },
+
+  markAllSeen(): number {
+    const result = db.run(
+      `UPDATE telemetry_events SET seen = 1 WHERE seen = 0 AND (level = 'error' OR (category = 'system' AND type = 'agent_stopped') OR category = 'ERROR')`
+    );
+    return result.changes;
+  },
 };
 
 function rowToTelemetryEvent(row: TelemetryEventRow): TelemetryEvent {
@@ -2019,6 +2179,7 @@ function rowToTelemetryEvent(row: TelemetryEventRow): TelemetryEvent {
     duration_ms: row.duration_ms,
     error: row.error,
     received_at: row.received_at,
+    seen: row.seen === 1,
   };
 }
 
@@ -2388,6 +2549,15 @@ export const SkillDB = {
     return row ? rowToSkill(row) : null;
   },
 
+  findByIds(ids: string[]): Map<string, Skill> {
+    if (ids.length === 0) return new Map();
+    const placeholders = ids.map(() => "?").join(",");
+    const rows = db.query(`SELECT * FROM skills WHERE id IN (${placeholders})`).all(...ids) as SkillRow[];
+    const map = new Map<string, Skill>();
+    for (const row of rows) map.set(row.id, rowToSkill(row));
+    return map;
+  },
+
   // Find skill by name
   findByName(name: string): Skill | null {
     const row = db.query("SELECT * FROM skills WHERE name = ?").get(name) as SkillRow | null;
@@ -2503,12 +2673,6 @@ export const SkillDB = {
     return row.count;
   },
 
-  // Check if skill with name exists
-  exists(name: string): boolean {
-    const row = db.query("SELECT COUNT(*) as count FROM skills WHERE name = ?").get(name) as { count: number };
-    return row.count > 0;
-  },
-
   // Find skills by project (null = global only)
   findByProject(projectId: string | null): Skill[] {
     if (projectId === null) {
@@ -2575,6 +2739,173 @@ function rowToSkill(row: SkillRow): Skill {
   };
 }
 
+// Subscription row → Subscription
+function rowToSubscription(row: SubscriptionRow): Subscription {
+  return {
+    id: row.id,
+    trigger_slug: row.trigger_slug,
+    trigger_instance_id: row.trigger_instance_id,
+    agent_id: row.agent_id,
+    enabled: row.enabled === 1,
+    project_id: row.project_id,
+    created_at: row.created_at,
+    updated_at: row.updated_at,
+  };
+}
+
+export const SubscriptionDB = {
+  create(sub: Omit<Subscription, "id" | "created_at" | "updated_at">): Subscription {
+    const id = generateId();
+    const now = new Date().toISOString();
+    db.run(
+      `INSERT INTO subscriptions (id, trigger_slug, trigger_instance_id, agent_id, enabled, project_id, created_at, updated_at)
+       VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+      [id, sub.trigger_slug, sub.trigger_instance_id || null, sub.agent_id, sub.enabled ? 1 : 0, sub.project_id || null, now, now]
+    );
+    return this.findById(id)!;
+  },
+
+  findById(id: string): Subscription | null {
+    const row = db.query("SELECT * FROM subscriptions WHERE id = ?").get(id) as SubscriptionRow | null;
+    return row ? rowToSubscription(row) : null;
+  },
+
+  findByTriggerInstanceId(instanceId: string): Subscription[] {
+    const rows = db.query("SELECT * FROM subscriptions WHERE trigger_instance_id = ?").all(instanceId) as SubscriptionRow[];
+    return rows.map(rowToSubscription);
+  },
+
+  findByTriggerSlug(slug: string): Subscription[] {
+    const rows = db.query("SELECT * FROM subscriptions WHERE trigger_slug = ?").all(slug) as SubscriptionRow[];
+    return rows.map(rowToSubscription);
+  },
+
+  findByAgentId(agentId: string): Subscription[] {
+    const rows = db.query("SELECT * FROM subscriptions WHERE agent_id = ?").all(agentId) as SubscriptionRow[];
+    return rows.map(rowToSubscription);
+  },
+
+  findAll(projectId?: string | null): Subscription[] {
+    if (projectId) {
+      const rows = db.query("SELECT * FROM subscriptions WHERE project_id = ? ORDER BY created_at DESC").all(projectId) as SubscriptionRow[];
+      return rows.map(rowToSubscription);
+    }
+    const rows = db.query("SELECT * FROM subscriptions ORDER BY created_at DESC").all() as SubscriptionRow[];
+    return rows.map(rowToSubscription);
+  },
+
+  update(id: string, updates: Partial<Pick<Subscription, "trigger_slug" | "trigger_instance_id" | "agent_id" | "enabled">>): Subscription | null {
+    const sub = this.findById(id);
+    if (!sub) return null;
+
+    const fields: string[] = [];
+    const values: (string | number | null)[] = [];
+
+    if (updates.trigger_slug !== undefined) { fields.push("trigger_slug = ?"); values.push(updates.trigger_slug); }
+    if (updates.trigger_instance_id !== undefined) { fields.push("trigger_instance_id = ?"); values.push(updates.trigger_instance_id || null); }
+    if (updates.agent_id !== undefined) { fields.push("agent_id = ?"); values.push(updates.agent_id); }
+    if (updates.enabled !== undefined) { fields.push("enabled = ?"); values.push(updates.enabled ? 1 : 0); }
+
+    if (fields.length === 0) return sub;
+
+    fields.push("updated_at = ?");
+    values.push(new Date().toISOString());
+    values.push(id);
+
+    db.run(`UPDATE subscriptions SET ${fields.join(", ")} WHERE id = ?`, values);
+    return this.findById(id);
+  },
+
+  delete(id: string): boolean {
+    const result = db.run("DELETE FROM subscriptions WHERE id = ?", [id]);
+    return result.changes > 0;
+  },
+};
+
+// --- Channel DB ---
+
+function rowToChannel(row: ChannelRow): Channel {
+  return {
+    id: row.id,
+    type: row.type as Channel["type"],
+    name: row.name,
+    agent_id: row.agent_id,
+    config: row.config,
+    status: row.status as Channel["status"],
+    error: row.error,
+    project_id: row.project_id,
+    created_at: row.created_at,
+    updated_at: row.updated_at,
+  };
+}
+
+export const ChannelDB = {
+  create(channel: { type: string; name: string; agent_id: string; config: string; project_id?: string | null }): Channel {
+    const id = generateId();
+    const now = new Date().toISOString();
+    db.run(
+      `INSERT INTO channels (id, type, name, agent_id, config, status, project_id, created_at, updated_at)
+       VALUES (?, ?, ?, ?, ?, 'stopped', ?, ?, ?)`,
+      [id, channel.type, channel.name, channel.agent_id, channel.config, channel.project_id || null, now, now]
+    );
+    return this.findById(id)!;
+  },
+
+  findById(id: string): Channel | null {
+    const row = db.query("SELECT * FROM channels WHERE id = ?").get(id) as ChannelRow | null;
+    return row ? rowToChannel(row) : null;
+  },
+
+  findAll(): Channel[] {
+    const rows = db.query("SELECT * FROM channels ORDER BY created_at DESC").all() as ChannelRow[];
+    return rows.map(rowToChannel);
+  },
+
+  findByAgentId(agentId: string): Channel[] {
+    const rows = db.query("SELECT * FROM channels WHERE agent_id = ?").all(agentId) as ChannelRow[];
+    return rows.map(rowToChannel);
+  },
+
+  findRunning(): Channel[] {
+    const rows = db.query("SELECT * FROM channels WHERE status = 'running'").all() as ChannelRow[];
+    return rows.map(rowToChannel);
+  },
+
+  update(id: string, updates: { name?: string; agent_id?: string; config?: string; project_id?: string | null }): Channel | null {
+    const channel = this.findById(id);
+    if (!channel) return null;
+
+    const fields: string[] = [];
+    const values: (string | null)[] = [];
+
+    if (updates.name !== undefined) { fields.push("name = ?"); values.push(updates.name); }
+    if (updates.agent_id !== undefined) { fields.push("agent_id = ?"); values.push(updates.agent_id); }
+    if (updates.config !== undefined) { fields.push("config = ?"); values.push(updates.config); }
+    if (updates.project_id !== undefined) { fields.push("project_id = ?"); values.push(updates.project_id || null); }
+
+    if (fields.length === 0) return channel;
+
+    fields.push("updated_at = ?");
+    values.push(new Date().toISOString());
+    values.push(id);
+
+    db.run(`UPDATE channels SET ${fields.join(", ")} WHERE id = ?`, values);
+    return this.findById(id);
+  },
+
+  setStatus(id: string, status: Channel["status"], error?: string | null): void {
+    db.run(
+      "UPDATE channels SET status = ?, error = ?, updated_at = ? WHERE id = ?",
+      [status, error || null, new Date().toISOString(), id]
+    );
+  },
+
+  delete(id: string): boolean {
+    const result = db.run("DELETE FROM channels WHERE id = ?", [id]);
+    return result.changes > 0;
+  },
+};
+
 // Generate unique ID
 export function generateId(): string {
   return Math.random().toString(36).substring(2, 15);

package/src/integrations/agentdojo.ts

@@ -127,7 +127,7 @@ export const AgentDojoProvider: IntegrationProvider = {
 
     return credentials.map((cred: any) => ({
       id: String(cred.id),
-      appId: String(cred.provider_id || cred.toolkit_id || cred.provider_name),
+      appId: cred.provider_name || cred.toolkit_name || String(cred.provider_id || cred.toolkit_id),
       appName: cred.provider_name || cred.name || cred.toolkit_name || String(cred.provider_id),
       status: (cred.status === "active" || cred.is_valid !== false) ? "active" as const : "failed" as const,
       createdAt: cred.created_at || new Date().toISOString(),

package/src/mcp-handler.ts

@@ -73,34 +73,28 @@ function evaluateExpression(
   args: Record<string, any>,
   helpers: ReturnType<typeof templateHelpers>,
 ): any {
-  // Handle args.* references
+  // Handle args.* references (e.g. args.name, args.query)
   if (expr.startsWith("args.")) {
     const key = expr.slice(5);
     return args[key] ?? null;
   }
 
-  // Handle helper functions and values
-  try {
-    const fn = new Function(
-      "args",
-      "uuid",
-      "now",
-      "timestamp",
-      "random_int",
-      "random_float",
-      `return ${expr}`,
-    );
-    return fn(
-      args,
-      helpers.uuid,
-      helpers.now,
-      helpers.timestamp,
-      helpers.random_int,
-      helpers.random_float,
-    );
-  } catch {
-    return expr;
-  }
+  // Handle known helper values
+  if (expr === "now") return helpers.now;
+  if (expr === "timestamp") return helpers.timestamp;
+
+  // Handle known helper function calls
+  const uuidMatch = expr.match(/^uuid\(\)$/);
+  if (uuidMatch) return helpers.uuid();
+
+  const randIntMatch = expr.match(/^random_int\(\s*(\d+)\s*,\s*(\d+)\s*\)$/);
+  if (randIntMatch) return helpers.random_int(Number(randIntMatch[1]), Number(randIntMatch[2]));
+
+  const randFloatMatch = expr.match(/^random_float\(\s*([\d.]+)\s*,\s*([\d.]+)\s*\)$/);
+  if (randFloatMatch) return helpers.random_float(Number(randFloatMatch[1]), Number(randFloatMatch[2]));
+
+  // Return expression as-is if not recognized — never execute arbitrary code
+  return expr;
 }
 
 // Execute a mock handler — returns the rendered mock_response
@@ -197,7 +191,11 @@ async function executeHttp(
   }
 }
 
-// Execute a JavaScript handler — runs code string with args + credentials
+// Execute a JavaScript handler — runs user-defined code in a restricted scope.
+// SECURITY NOTE: This intentionally allows authenticated admins to define custom tool logic.
+// The code runs in a restricted Function scope with only args, credentials, and helpers exposed.
+// process, require, import, Bun, fetch etc. are NOT passed in — but note that new Function()
+// still has access to globalThis. For full sandboxing, consider using a Worker or subprocess.
 function executeJavascript(
   tool: McpServerTool,
   args: Record<string, any>,
@@ -210,6 +208,15 @@ function executeJavascript(
     };
   }
 
+  // Basic static checks — block obvious dangerous patterns
+  const dangerous = /\b(process|require|import|Bun|Deno|eval|Function|child_process|exec|spawn)\b/;
+  if (dangerous.test(tool.code)) {
+    return {
+      content: [{ type: "text", text: "Error: Tool code contains disallowed keywords (process, require, import, eval, exec, spawn)" }],
+      isError: true,
+    };
+  }
+
   try {
     const helpers = templateHelpers();
     const fn = new Function(

package/src/mcp-platform.ts

@@ -346,6 +346,25 @@ After creating, assign to agents with assign_mcp_server_to_agent. HTTP servers w
       required: ["agent_id", "skill_id"],
     },
   },
+  {
+    name: "create_skill",
+    description: "Create a new skill. Skills are reusable instruction sets (markdown content) that give agents specialized capabilities. Provide a name, description, and the full instructions content (markdown). Optionally specify allowed MCP tools. If the user is working within a project, set project_id to scope the skill to that project.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: { type: "string", description: "The skill name" },
+        description: { type: "string", description: "Short description of what the skill does" },
+        content: { type: "string", description: "Full skill instructions in markdown format" },
+        allowed_tools: {
+          type: "array",
+          items: { type: "string" },
+          description: "Optional list of MCP tool names this skill is allowed to use",
+        },
+        project_id: { type: "string", description: "Project ID to scope the skill to. Use the current project ID from context when the user is working within a project. Omit for a global skill." },
+      },
+      required: ["name", "description", "content"],
+    },
+  },
   {
     name: "delete_skill",
     description: "Delete a skill. It will be unassigned from all agents.",
@@ -824,6 +843,27 @@ async function executeTool(name: string, args: Record<string, any>): Promise<{ c
         return { content: [{ type: "text", text: `Removed skill from agent "${agent.name}". Restart the agent for changes to take effect.` }] };
       }
 
+      case "create_skill": {
+        if (!args.name || !args.description || !args.content) {
+          return { content: [{ type: "text", text: "name, description, and content are required" }], isError: true };
+        }
+        const newSkill = SkillDB.create({
+          name: args.name,
+          description: args.description,
+          content: args.content,
+          version: "1.0.0",
+          license: null,
+          compatibility: null,
+          metadata: {},
+          allowed_tools: args.allowed_tools || [],
+          source: "local",
+          source_url: null,
+          enabled: true,
+          project_id: args.project_id || null,
+        });
+        return { content: [{ type: "text", text: `Skill "${newSkill.name}" created (ID: ${newSkill.id}). You can now assign it to an agent with assign_skill_to_agent.` }] };
+      }
+
       case "delete_skill": {
         const skill = SkillDB.findById(args.skill_id);
         if (!skill) {
@@ -977,7 +1017,7 @@ You can manage:
 - AGENTS: Create, configure, start, stop, and delete AI agents. Each agent has a provider (LLM), model, system prompt, and optional features (memory, tasks, vision, MCP tools, files).
 - PROJECTS: Organize agents into projects for grouping.
 - MCP SERVERS: Tool integrations that give agents capabilities (web search, file access, APIs). Assign servers to agents.
-- SKILLS: Reusable instruction sets that specialize agent behavior. Assign skills to agents.
+- SKILLS: Reusable instruction sets that specialize agent behavior. Use create_skill to create new skills (pass project_id from context to scope to the current project), then assign them to agents. Use list_skills, get_skill, create_skill, toggle_skill, assign_skill_to_agent, unassign_skill_from_agent, delete_skill.
 - PROVIDERS: View which LLM providers have API keys configured.
 - TESTS: Create and run automated tests for agent workflows. Tests send a message to an agent, then an LLM judge evaluates the response against success criteria. Use list_tests, create_test, run_test, run_all_tests, get_test_results, delete_test.
 

package/src/providers.ts

@@ -198,35 +198,48 @@ export const ProviderKeys = {
     }
   },
 
-  // Get decrypted API key for a provider (global key)
+  // Get decrypted API key for a provider (global key, falls back to env var)
   getDecrypted(providerId: string): string | null {
     const record = ProviderKeysDB.findByProvider(providerId);
-    if (!record) return null;
+    if (record) {
+      try {
+        return decrypt(record.encrypted_key);
+      } catch (err) {
+        console.error(`Failed to decrypt key for ${providerId}:`, err);
+      }
+    }
 
-    try {
-      return decrypt(record.encrypted_key);
-    } catch (err) {
-      console.error(`Failed to decrypt key for ${providerId}:`, err);
-      return null;
+    // Fall back to environment variable
+    const provider = PROVIDERS[providerId as ProviderId];
+    if (provider?.envVar) {
+      const envVal = process.env[provider.envVar];
+      if (envVal) return envVal;
     }
+    return null;
   },
 
   // Get decrypted API key for a provider and project
   // Falls back to global key if no project-specific key exists
   getDecryptedForProject(providerId: string, projectId: string | null): string | null {
+    console.log(`[ProviderKeys.getDecryptedForProject] providerId=${providerId}, projectId=${projectId}`);
     // Try project-specific key first
     if (projectId) {
       const projectRecord = ProviderKeysDB.findByProviderAndProject(providerId, projectId);
+      console.log(`[ProviderKeys.getDecryptedForProject] project record found: ${!!projectRecord}`);
       if (projectRecord) {
         try {
-          return decrypt(projectRecord.encrypted_key);
+          const key = decrypt(projectRecord.encrypted_key);
+          console.log(`[ProviderKeys.getDecryptedForProject] decrypted project key OK, length=${key?.length}`);
+          return key;
         } catch (err) {
           console.error(`Failed to decrypt project key for ${providerId}/${projectId}:`, err);
         }
       }
     }
     // Fall back to global key
-    return this.getDecrypted(providerId);
+    const globalKey = this.getDecrypted(providerId);
+    console.log(`[ProviderKeys.getDecryptedForProject] global fallback: found=${!!globalKey}, length=${globalKey?.length || 0}`);
+    return globalKey;
   },
 
   // Check if a provider has a key configured (global)