hedgequantx 2.5.23 → 2.5.25

package/README.md

@@ -6,7 +6,7 @@
 
 ### Prop Futures Algo Trading CLI
 
-*Connect to 37+ prop firms and automate your futures trading*
+*Connect to 38+ prop firms and automate your futures trading with AI supervision*
 
 [![Website](https://img.shields.io/badge/Website-hedgequantx.com-00D4AA?style=for-the-badge&logo=google-chrome&logoColor=white)](https://hedgequantx.com)
 [![npm version](https://img.shields.io/npm/v/hedgequantx?style=for-the-badge&logo=npm&logoColor=white&color=CB3837)](https://www.npmjs.com/package/hedgequantx)
@@ -21,10 +21,11 @@
 
 [![Futures](https://img.shields.io/badge/Futures-Trading-F7931A?style=flat-square&logo=bitcoin&logoColor=white)](https://hedgequantx.com)
 [![Algo](https://img.shields.io/badge/Algo-Trading-00D4AA?style=flat-square&logo=probot&logoColor=white)](https://hedgequantx.com)
-[![Prop Firms](https://img.shields.io/badge/37+-Prop%20Firms-8B5CF6?style=flat-square&logo=building&logoColor=white)](https://hedgequantx.com)
+[![AI Powered](https://img.shields.io/badge/AI-Powered-8B5CF6?style=flat-square&logo=openai&logoColor=white)](https://hedgequantx.com)
+[![Prop Firms](https://img.shields.io/badge/38+-Prop%20Firms-8B5CF6?style=flat-square&logo=building&logoColor=white)](https://hedgequantx.com)
 [![Secure](https://img.shields.io/badge/AES--256-Encrypted-EF4444?style=flat-square&logo=shield&logoColor=white)](https://hedgequantx.com)
 
-[Website](https://hedgequantx.com) | [Installation](#installation) | [Features](#features) | [Algo Trading](#algo-trading) | [Discord](https://discord.gg/UBKCERctZu)
+[Website](https://hedgequantx.com) | [Installation](#installation) | [Features](#features) | [AI Integration](#ai-integration) | [Algo Trading](#algo-trading) | [Discord](https://discord.gg/UBKCERctZu)
 
 </div>
 
@@ -34,12 +35,13 @@
 
 | Feature | Description |
 |---------|-------------|
-| **Multi-Platform** | ProjectX & Rithmic APIs |
-| **37+ Prop Firms** | TopStep, Apex, Bulenox, and more |
+| **Multi-Platform** | ProjectX, Rithmic & Tradovate APIs |
+| **38+ Prop Firms** | TopStep, Apex, Bulenox, and more |
 | **Multi-Account** | Connect multiple accounts simultaneously |
 | **Real-Time Stats** | Balance, P&L, positions, orders |
 | **Algo Trading** | One Account & Copy Trading modes |
-| **Algo Trading** | Proprietary HQX Strategy |
+| **AI Supervision** | Claude, GPT, Gemini, and 15+ providers |
+| **Claude Pro/Max OAuth** | Login with your Claude subscription |
 | **Market Hours** | Auto-blocks when market closed |
 | **Local Execution** | Direct API trading, no server needed |
 | **Secure Storage** | AES-256-GCM encrypted sessions |
@@ -95,6 +97,55 @@ hqx --version
 
 ---
 
+## AI Integration
+
+HedgeQuantX integrates with leading AI providers for intelligent trading supervision.
+
+### Supported AI Providers
+
+| Provider | Authentication | Models |
+|----------|---------------|--------|
+| **Anthropic Claude** | OAuth (Pro/Max) or API Key | Claude 4, Sonnet, Haiku, Opus |
+| **OpenAI** | API Key | GPT-4o, GPT-4, GPT-3.5 |
+| **Google Gemini** | API Key | Gemini Pro, Gemini Flash |
+| **OpenRouter** | API Key | 100+ models (unified API) |
+| **DeepSeek** | API Key | DeepSeek Chat, Coder |
+| **Groq** | API Key | Llama, Mixtral (fast inference) |
+| **xAI** | API Key | Grok |
+| **Mistral** | API Key | Mistral Large, Medium, Small |
+| **Perplexity** | API Key | Sonar models |
+| **Together AI** | API Key | Open source models |
+| **Ollama** | Local | Any local model |
+| **LM Studio** | Local | Any local model |
+
+### Claude Pro/Max OAuth Login
+
+If you have a Claude Pro or Max subscription, you can login directly without an API key:
+
+```
+1. AI Agent Menu -> [+] Add Agent
+2. Select DIRECT PROVIDERS -> CLAUDE (ANTHROPIC)
+3. Choose "CLAUDE PRO/MAX (OAUTH)"
+4. Browser opens -> Login to claude.ai
+5. Copy the authorization code
+6. Paste in terminal -> Connected!
+```
+
+Benefits:
+- No API key needed
+- Use your existing subscription
+- Unlimited usage with your plan
+- Tokens auto-refresh
+
+### AI Features
+
+- **Trading Analysis**: Real-time position and risk analysis
+- **Multi-Agent Support**: Connect multiple AI providers simultaneously
+- **Auto Token Scanner**: Detects existing AI sessions from VS Code, Cursor, Claude CLI
+- **Token Auto-Refresh**: OAuth tokens refresh automatically when expired
+
+---
+
 ## Algo Trading
 
 ### One Account Mode
@@ -107,12 +158,18 @@ Trade on a single account with HQX algo strategy.
 
 ### Copy Trading Mode
 
-Mirror trades from Lead to Follower accounts.
+Mirror trades from Lead to Follower accounts with real execution.
 
 <div align="center">
 <img src="assets/copy-trading.png" alt="HQX Copy Trading" width="800">
 </div>
 
+Features:
+- Real order execution via API
+- Position synchronization
+- Multi-account support
+- Configurable lot multiplier
+
 ---
 
 ## Supported Prop Firms
@@ -151,13 +208,27 @@ Mirror trades from Lead to Follower accounts.
 | Rate Limiting | API protection |
 | File Permissions | 0600 (owner only) |
 | Credentials | Never stored in plain text |
+| OAuth Tokens | Secure PKCE flow |
 
 ---
 
 ## Changelog
 
 <details>
-<summary><b>v1.8.x (Current)</b></summary>
+<summary><b>v2.5.x (Current)</b></summary>
+
+- **AI Integration**: Multi-provider AI supervision
+- **Claude OAuth**: Login with Pro/Max subscription (no API key needed)
+- **Token Scanner**: Auto-detect AI sessions from VS Code, Cursor, Claude CLI
+- **Real API Models**: Fetch models from provider APIs (no hardcoded lists)
+- **Copy Trading**: Real order execution via API
+- **Multi-Agent**: Connect multiple AI providers simultaneously
+- **Auto Token Refresh**: OAuth tokens refresh automatically
+
+</details>
+
+<details>
+<summary><b>v1.8.x</b></summary>
 
 - Separate UI for One Account and Copy Trading
 - Market hours validation
@@ -194,12 +265,14 @@ Mirror trades from Lead to Follower accounts.
 
 | Done | Done | Coming Soon |
 |------|------|-------------|
-| :white_check_mark: ProjectX integration | :white_check_mark: One Account mode | :hourglass: Tradovate integration |
-| :white_check_mark: Rithmic integration | :white_check_mark: Copy Trading mode | :hourglass: Telegram alerts |
-| :white_check_mark: 38+ prop firms | :white_check_mark: HQX Server | :hourglass: Multi-symbol trading |
-| :white_check_mark: Multi-account | :white_check_mark: Market hours check | :hourglass: Performance analytics |
-| :white_check_mark: Trailing SL & BE | :white_check_mark: Session summary | :hourglass: Trade journal export |
-| :white_check_mark: Encrypted sessions | :white_check_mark: Auto-update | :hourglass: Web dashboard |
+| :white_check_mark: ProjectX integration | :white_check_mark: One Account mode | :hourglass: Telegram alerts |
+| :white_check_mark: Rithmic integration | :white_check_mark: Copy Trading mode | :hourglass: Multi-symbol trading |
+| :white_check_mark: 38+ prop firms | :white_check_mark: HQX Server | :hourglass: Performance analytics |
+| :white_check_mark: Multi-account | :white_check_mark: Market hours check | :hourglass: Trade journal export |
+| :white_check_mark: Trailing SL & BE | :white_check_mark: Session summary | :hourglass: Web dashboard |
+| :white_check_mark: Encrypted sessions | :white_check_mark: Auto-update | :hourglass: Advanced AI strategies |
+| :white_check_mark: AI Integration | :white_check_mark: Claude OAuth | :hourglass: Voice commands |
+| :white_check_mark: Multi-AI Agents | :white_check_mark: Token Scanner | |
 
 ---
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hedgequantx",
-  "version": "2.5.23",
+  "version": "2.5.25",
   "description": "HedgeQuantX - Prop Futures Trading CLI",
   "main": "src/app.js",
   "bin": {

package/src/menus/ai-agent.js

@@ -10,7 +10,7 @@ const { getLogoWidth, drawBoxHeader, drawBoxHeaderContinue, drawBoxFooter, displ
 const { prompts } = require('../utils');
 const aiService = require('../services/ai');
 const { getCategories, getProvidersByCategory } = require('../services/ai/providers');
-const tokenScanner = require('../services/ai/token-scanner');
+const oauthAnthropic = require('../services/ai/oauth-anthropic');
 
 /**
  * Main AI Agent menu
@@ -117,7 +117,7 @@ const aiAgentMenu = async () => {
   
   switch (input) {
     case '+':
-      return await showExistingTokens();
+      return await selectCategory();
     case 's':
       if (agentCount > 1) {
         return await selectActiveAgent();
@@ -366,178 +366,6 @@ const selectAgentToRemove = async () => {
   return await aiAgentMenu();
 };
 
-// Cache for scanned tokens (avoid multiple Keychain prompts)
-let cachedTokens = null;
-let cacheTimestamp = 0;
-const CACHE_TTL = 60000; // 1 minute cache
-
-/**
- * Show existing tokens found on the system
- */
-const showExistingTokens = async () => {
-  const boxWidth = getLogoWidth();
-  const W = boxWidth - 2;
-  
-  const makeLine = (content) => {
-    const plainLen = content.replace(/\x1b\[[0-9;]*m/g, '').length;
-    const padding = W - plainLen;
-    return chalk.cyan('║') + ' ' + content + ' '.repeat(Math.max(0, padding - 1)) + chalk.cyan('║');
-  };
-  
-  // Check cache first
-  const now = Date.now();
-  let tokens;
-  
-  if (cachedTokens && (now - cacheTimestamp) < CACHE_TTL) {
-    tokens = cachedTokens;
-  } else {
-    console.clear();
-    displayBanner();
-    drawBoxHeaderContinue('SCANNING FOR EXISTING SESSIONS...', boxWidth);
-    console.log(makeLine(''));
-    console.log(makeLine(chalk.gray('CHECKING VS CODE, CURSOR, CLAUDE CLI, OPENCODE...')));
-    console.log(makeLine(''));
-    drawBoxFooter(boxWidth);
-    
-    // Scan for tokens and cache
-    tokens = tokenScanner.scanAllSources();
-    cachedTokens = tokens;
-    cacheTimestamp = now;
-  }
-  
-  if (tokens.length === 0) {
-    // No tokens found, go directly to category selection
-    return await selectCategory();
-  }
-  
-  // Show found tokens
-  console.clear();
-  displayBanner();
-  drawBoxHeaderContinue('EXISTING SESSIONS FOUND', boxWidth);
-  
-  console.log(makeLine(chalk.green(`FOUND ${tokens.length} EXISTING SESSION(S)`)));
-  console.log(makeLine(''));
-  
-  const formatted = tokenScanner.formatResults(tokens);
-  
-  for (const t of formatted) {
-    const providerColor = t.provider.includes('CLAUDE') ? chalk.magenta : 
-                          t.provider.includes('OPENAI') ? chalk.green :
-                          t.provider.includes('OPENROUTER') ? chalk.yellow : chalk.cyan;
-    
-    console.log(makeLine(
-      chalk.white(`[${t.index}] `) + 
-      providerColor(t.provider) + 
-      chalk.gray(` (${t.type})`)
-    ));
-    console.log(makeLine(
-      chalk.gray(`    ${t.icon} ${t.source} - ${t.lastUsed}`)
-    ));
-    console.log(makeLine(
-      chalk.gray(`    TOKEN: ${t.tokenPreview}`)
-    ));
-    console.log(makeLine(''));
-  }
-  
-  console.log(chalk.cyan('╠' + '═'.repeat(W) + '╣'));
-  console.log(makeLine(chalk.cyan('[N] CONNECT NEW PROVIDER')));
-  console.log(makeLine(chalk.gray('[<] BACK')));
-  
-  drawBoxFooter(boxWidth);
-  
-  const choice = await prompts.textInput(chalk.cyan('SELECT (1-' + tokens.length + '/N/<):'));
-  
-  if (choice === '<' || choice?.toLowerCase() === 'b') {
-    return await aiAgentMenu();
-  }
-  
-  if (choice?.toLowerCase() === 'n') {
-    return await selectCategory();
-  }
-  
-  const index = parseInt(choice) - 1;
-  if (isNaN(index) || index < 0 || index >= tokens.length) {
-    return await showExistingTokens();
-  }
-  
-  // Use selected token
-  const selectedToken = tokens[index];
-  
-  const spinner = ora({ text: 'VALIDATING TOKEN...', color: 'cyan' }).start();
-  
-  try {
-    // Validate the token - include metadata from scanner
-    const credentials = { 
-      apiKey: selectedToken.token,
-      sessionKey: selectedToken.token,
-      accessToken: selectedToken.token,
-      fromKeychain: selectedToken.sourceId === 'secureStorage' || selectedToken.sourceId === 'keychain',
-      subscriptionType: selectedToken.subscriptionType,
-      refreshToken: selectedToken.refreshToken,
-      expiresAt: selectedToken.expiresAt
-    };
-    const validation = await aiService.validateConnection(selectedToken.provider, selectedToken.type, credentials);
-    
-    if (!validation.valid) {
-      spinner.fail(`TOKEN INVALID OR EXPIRED: ${validation.error}`);
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    // Get provider info
-    const { getProvider } = require('../services/ai/providers');
-    const provider = getProvider(selectedToken.provider);
-    
-    if (!provider) {
-      spinner.fail('PROVIDER NOT SUPPORTED');
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    spinner.text = 'FETCHING AVAILABLE MODELS...';
-    
-    // Fetch models from API with the token
-    const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
-    
-    let models = null;
-    if (selectedToken.provider === 'anthropic') {
-      models = await fetchAnthropicModels(credentials.apiKey);
-    } else {
-      models = await fetchOpenAIModels(provider.endpoint, credentials.apiKey);
-    }
-    
-    if (!models || models.length === 0) {
-      spinner.fail('COULD NOT FETCH MODELS FROM API');
-      await prompts.waitForEnter();
-      return await showExistingTokens();
-    }
-    
-    spinner.succeed(`FOUND ${models.length} MODELS`);
-    
-    // Let user select model
-    const selectedModel = await selectModelFromList(models, provider.name);
-    if (!selectedModel) {
-      return await showExistingTokens();
-    }
-    
-    // Add agent with selected model
-    const agentName = `${provider.name} (${selectedToken.source})`;
-    await aiService.addAgent(selectedToken.provider, 'api_key', credentials, selectedModel, agentName);
-    
-    console.log(chalk.green(`\n  AGENT ADDED: ${provider.name}`));
-    console.log(chalk.gray(`  SOURCE: ${selectedToken.source}`));
-    console.log(chalk.gray(`  MODEL: ${selectedModel}`));
-    
-    await prompts.waitForEnter();
-    return await aiAgentMenu();
-    
-  } catch (error) {
-    spinner.fail(`CONNECTION FAILED: ${error.message}`);
-    await prompts.waitForEnter();
-    return await showExistingTokens();
-  }
-};
-
 /**
  * Select provider category
  */
@@ -845,10 +673,137 @@ const getCredentialInstructions = (provider, option, field) => {
   return instructions[field] || { title: field.toUpperCase(), steps: [] };
 };
 
+/**
+ * Setup OAuth connection for Anthropic Claude Pro/Max
+ */
+const setupOAuthConnection = async (provider) => {
+  const boxWidth = getLogoWidth();
+  const W = boxWidth - 2;
+  
+  const makeLine = (content) => {
+    const plainLen = content.replace(/\x1b\[[0-9;]*m/g, '').length;
+    const padding = W - plainLen;
+    return chalk.cyan('║') + ' ' + content + ' '.repeat(Math.max(0, padding - 1)) + chalk.cyan('║');
+  };
+  
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue('CLAUDE PRO/MAX LOGIN', boxWidth);
+  
+  console.log(makeLine(chalk.yellow('OAUTH AUTHENTICATION')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.white('1. A BROWSER WINDOW WILL OPEN')));
+  console.log(makeLine(chalk.white('2. LOGIN WITH YOUR CLAUDE ACCOUNT')));
+  console.log(makeLine(chalk.white('3. COPY THE AUTHORIZATION CODE')));
+  console.log(makeLine(chalk.white('4. PASTE IT HERE')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('OPENING BROWSER IN 3 SECONDS...')));
+  
+  drawBoxFooter(boxWidth);
+  
+  // Generate OAuth URL
+  const { url, verifier } = oauthAnthropic.authorize('max');
+  
+  // Wait a moment then open browser
+  await new Promise(resolve => setTimeout(resolve, 3000));
+  openBrowser(url);
+  
+  // Redraw with code input
+  console.clear();
+  displayBanner();
+  drawBoxHeaderContinue('CLAUDE PRO/MAX LOGIN', boxWidth);
+  
+  console.log(makeLine(chalk.green('BROWSER OPENED')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.white('AFTER LOGGING IN, YOU WILL SEE A CODE')));
+  console.log(makeLine(chalk.white('COPY THE ENTIRE CODE AND PASTE IT BELOW')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('THE CODE LOOKS LIKE: abc123...#xyz789...')));
+  console.log(makeLine(''));
+  console.log(makeLine(chalk.gray('TYPE < TO CANCEL')));
+  
+  drawBoxFooter(boxWidth);
+  console.log();
+  
+  const code = await prompts.textInput(chalk.cyan('PASTE AUTHORIZATION CODE:'));
+  
+  if (!code || code === '<') {
+    return await selectProviderOption(provider);
+  }
+  
+  // Exchange code for tokens
+  const spinner = ora({ text: 'EXCHANGING CODE FOR TOKENS...', color: 'cyan' }).start();
+  
+  const result = await oauthAnthropic.exchange(code.trim(), verifier);
+  
+  if (result.type === 'failed') {
+    spinner.fail(`AUTHENTICATION FAILED: ${result.error || 'Invalid code'}`);
+    await prompts.waitForEnter();
+    return await selectProviderOption(provider);
+  }
+  
+  spinner.text = 'FETCHING AVAILABLE MODELS...';
+  
+  // Store OAuth credentials
+  const credentials = {
+    oauth: {
+      access: result.access,
+      refresh: result.refresh,
+      expires: result.expires
+    }
+  };
+  
+  // Fetch models using OAuth token
+  const { fetchAnthropicModelsOAuth } = require('../services/ai/client');
+  const models = await fetchAnthropicModelsOAuth(result.access);
+  
+  if (!models || models.length === 0) {
+    // Use default models if API doesn't return list
+    spinner.warn('COULD NOT FETCH MODEL LIST, USING DEFAULTS');
+  } else {
+    spinner.succeed(`FOUND ${models.length} MODELS`);
+  }
+  
+  if (!models || models.length === 0) {
+    spinner.fail('COULD NOT FETCH MODELS FROM API');
+    console.log(chalk.gray('  OAuth authentication may not support model listing.'));
+    console.log(chalk.gray('  Please use API KEY authentication instead.'));
+    await prompts.waitForEnter();
+    return await selectProviderOption(provider);
+  }
+  
+  spinner.succeed(`FOUND ${models.length} MODELS`);
+  
+  // Let user select model
+  const selectedModel = await selectModelFromList(models, 'CLAUDE PRO/MAX');
+  if (!selectedModel) {
+    return await selectProviderOption(provider);
+  }
+  
+  // Add agent with OAuth credentials
+  try {
+    await aiService.addAgent('anthropic', 'oauth_max', credentials, selectedModel, 'Claude Pro/Max');
+    
+    console.log(chalk.green('\n  CONNECTED TO CLAUDE PRO/MAX'));
+    console.log(chalk.gray(`  MODEL: ${selectedModel}`));
+    console.log(chalk.gray('  UNLIMITED USAGE WITH YOUR SUBSCRIPTION'));
+  } catch (error) {
+    console.log(chalk.red(`\n  FAILED TO SAVE: ${error.message}`));
+  }
+  
+  await prompts.waitForEnter();
+  return await aiAgentMenu();
+};
+
 /**
  * Setup connection with credentials
  */
 const setupConnection = async (provider, option) => {
+  // Handle OAuth flow separately
+  if (option.authType === 'oauth') {
+    return await setupOAuthConnection(provider);
+  }
+  
   const boxWidth = getLogoWidth();
   const W = boxWidth - 2;
   
@@ -1047,13 +1002,24 @@ const selectModel = async (agent) => {
   drawBoxFooter(boxWidth);
   
   // Fetch models from real API
-  const { fetchAnthropicModels, fetchOpenAIModels } = require('../services/ai/client');
+  const { fetchAnthropicModels, fetchAnthropicModelsOAuth, fetchOpenAIModels } = require('../services/ai/client');
   
   let models = null;
   const agentCredentials = aiService.getAgentCredentials(agent.id);
   
   if (agent.providerId === 'anthropic') {
-    models = await fetchAnthropicModels(agentCredentials?.apiKey);
+    // Check if OAuth credentials or OAuth-like token (sk-ant-oat...)
+    const token = agentCredentials?.apiKey || agentCredentials?.accessToken || agentCredentials?.sessionKey;
+    const isOAuthToken = agentCredentials?.oauth?.access || (token && token.startsWith('sk-ant-oat'));
+    
+    if (isOAuthToken) {
+      // Use OAuth endpoint with Bearer token
+      const accessToken = agentCredentials?.oauth?.access || token;
+      models = await fetchAnthropicModelsOAuth(accessToken);
+    } else {
+      // Standard API key
+      models = await fetchAnthropicModels(token);
+    }
   } else {
     // OpenAI-compatible providers
     const endpoint = agentCredentials?.endpoint || agent.provider?.endpoint;

package/src/services/ai/client.js

@@ -105,8 +105,32 @@ const callOpenAICompatible = async (agent, prompt, systemPrompt) => {
   }
 };
 
+/**
+ * Get valid OAuth token (refresh if needed)
+ * @param {Object} credentials - Agent credentials with oauth data
+ * @returns {Promise<string|null>} Valid access token or null
+ */
+const getValidOAuthToken = async (credentials) => {
+  if (!credentials?.oauth) return null;
+  
+  const oauthAnthropic = require('./oauth-anthropic');
+  const validToken = await oauthAnthropic.getValidToken(credentials.oauth);
+  
+  if (!validToken) return null;
+  
+  // If token was refreshed, we should update storage (handled by caller)
+  if (validToken.refreshed) {
+    credentials.oauth.access = validToken.access;
+    credentials.oauth.refresh = validToken.refresh;
+    credentials.oauth.expires = validToken.expires;
+  }
+  
+  return validToken.access;
+};
+
 /**
  * Call Anthropic Claude API
+ * Supports both API key and OAuth authentication
  * @param {Object} agent - Agent configuration
  * @param {string} prompt - User prompt
  * @param {string} systemPrompt - System prompt
@@ -116,19 +140,31 @@ const callAnthropic = async (agent, prompt, systemPrompt) => {
   const provider = getProvider('anthropic');
   if (!provider) return null;
   
-  const apiKey = agent.credentials?.apiKey;
   const model = agent.model || provider.defaultModel;
-  
-  if (!apiKey) return null;
-  
   const url = `${provider.endpoint}/messages`;
   
-  const headers = {
+  // Determine authentication method
+  const isOAuth = agent.credentials?.oauth?.refresh;
+  let headers = {
     'Content-Type': 'application/json',
-    'x-api-key': apiKey,
     'anthropic-version': '2023-06-01'
   };
   
+  if (isOAuth) {
+    // OAuth Bearer token authentication
+    const accessToken = await getValidOAuthToken(agent.credentials);
+    if (!accessToken) return null;
+    
+    headers['Authorization'] = `Bearer ${accessToken}`;
+    headers['anthropic-beta'] = 'oauth-2025-04-20,interleaved-thinking-2025-05-14';
+  } else {
+    // Standard API key authentication
+    const apiKey = agent.credentials?.apiKey;
+    if (!apiKey) return null;
+    
+    headers['x-api-key'] = apiKey;
+  }
+  
   const body = {
     model,
     max_tokens: 500,
@@ -273,7 +309,7 @@ Analyze and provide recommendation.`;
 };
 
 /**
- * Fetch available models from Anthropic API
+ * Fetch available models from Anthropic API (API Key auth)
  * @param {string} apiKey - API key
  * @returns {Promise<Array|null>} Array of model IDs or null on error
  * 
@@ -300,6 +336,37 @@ const fetchAnthropicModels = async (apiKey) => {
   }
 };
 
+/**
+ * Fetch available models from Anthropic API (OAuth auth)
+ * @param {string} accessToken - OAuth access token
+ * @returns {Promise<Array|null>} Array of model IDs or null on error
+ * 
+ * Data source: https://api.anthropic.com/v1/models (GET with Bearer token)
+ */
+const fetchAnthropicModelsOAuth = async (accessToken) => {
+  if (!accessToken) return null;
+  
+  const url = 'https://api.anthropic.com/v1/models';
+  
+  const headers = {
+    'Authorization': `Bearer ${accessToken}`,
+    'anthropic-version': '2023-06-01',
+    'anthropic-beta': 'oauth-2025-04-20'
+  };
+  
+  try {
+    const response = await makeRequest(url, { method: 'GET', headers, timeout: 10000 });
+    if (response.data && Array.isArray(response.data)) {
+      const models = response.data.map(m => m.id).filter(Boolean);
+      if (models.length > 0) return models;
+    }
+    return null;
+  } catch (error) {
+    // OAuth token may not support /models endpoint
+    return null;
+  }
+};
+
 /**
  * Fetch available models from OpenAI-compatible API
  * @param {string} endpoint - API endpoint
@@ -339,5 +406,7 @@ module.exports = {
   callAnthropic,
   callGemini,
   fetchAnthropicModels,
-  fetchOpenAIModels
+  fetchAnthropicModelsOAuth,
+  fetchOpenAIModels,
+  getValidOAuthToken
 };