ltcai 3.6.0 → 4.0.0

package/latticeai/services/agent_runtime.py

@@ -242,6 +242,7 @@ class AgentRuntime:
             user_email=user_email or None,
             graph=self._workspace_graph(),
             workspace_id=scope,
+            mode=getattr(result, "mode", "simulation"),
         )
         self._append_audit_event(
             "multi_agent_run",

package/latticeai/services/app_context.py

@@ -1,27 +1,88 @@
 """Application dependency context for router assembly.
 
-The concrete FastAPI app is still assembled in ``server_app``. This dataclass
-documents the shared dependency boundary for routers and services so future
-extractions can receive a typed context instead of importing the app module.
+``latticeai.app_factory.create_app`` builds one ``AppContext`` per app and
+hands it to router factories, replacing the historical 25-30-kwarg closure
+wiring. Every field defaults to ``None``-ish so tests can construct a context
+carrying only the dependencies a router actually touches.
+
+Fields are grouped by the consumer that motivated them; routers must treat the
+context as read-only.
 """
 
 from __future__ import annotations
 
 from dataclasses import dataclass
 from pathlib import Path
-from typing import Any, Callable
+from typing import Any, Callable, Optional
 
 
 @dataclass(frozen=True)
 class AppContext:
-    config: Any
-    data_dir: Path
-    static_dir: Path
-    model_router: Any
-    workspace_store: Any
-    workspace_service: Any
-    knowledge_graph: Any
-    local_kg_watcher: Any
-    require_user: Callable[..., str]
-    require_admin: Callable[..., tuple]
+    # ── core configuration / paths ────────────────────────────────────────
+    config: Any = None
+    data_dir: Optional[Path] = None
+    static_dir: Optional[Path] = None
+    base_dir: Optional[Path] = None
+    skills_dir: Optional[Path] = None
+
+    # ── singletons ────────────────────────────────────────────────────────
+    model_router: Any = None
+    workspace_store: Any = None
+    workspace_service: Any = None
+    knowledge_graph: Any = None
+    local_kg_watcher: Any = None
+    chat_service: Any = None
+    context_assembler: Any = None
+    brain_memory: Any = None
+    gardener: Any = None
+    hooks: Any = None
+    realtime_bus: Any = None
+    capability_registry: Any = None
+
+    # ── auth / session callables ──────────────────────────────────────────
+    require_user: Optional[Callable[..., str]] = None
+    require_admin: Optional[Callable[..., tuple]] = None
+    get_current_user: Optional[Callable[..., Optional[str]]] = None
+    load_users: Optional[Callable[[], dict]] = None
+    get_user_role: Optional[Callable[..., str]] = None
+    enforce_rate_limit: Optional[Callable[..., None]] = None
+
+    # ── audit / history callables ─────────────────────────────────────────
+    append_audit_event: Optional[Callable[..., None]] = None
+    get_audit_log: Optional[Callable[[], list]] = None
+    get_history: Optional[Callable[[], list]] = None
+    get_history_user: Optional[Callable[..., dict]] = None
+    save_to_history: Optional[Callable[..., None]] = None
+    clear_history: Optional[Callable[..., dict]] = None
+    clear_conversation: Optional[Callable[..., dict]] = None
+    group_history_conversations: Optional[Callable[..., list]] = None
+    get_conversation_messages: Optional[Callable[..., list]] = None
+    conversation_title: Optional[Callable[..., str]] = None
+
+    # ── knowledge graph access ────────────────────────────────────────────
+    enable_graph: bool = False
+    require_graph: Optional[Callable[[], None]] = None
+    workspace_graph: Optional[Callable[[], Any]] = None
+    graph_stats: Optional[Callable[[], dict]] = None
+
+    # ── workspace payload providers / skills ──────────────────────────────
+    workspace_models: Optional[Callable[[], dict]] = None
+    workspace_settings: Optional[Callable[[], dict]] = None
+    scan_environment: Optional[Callable[[], Any]] = None
+    local_sysinfo: Optional[Callable[..., Any]] = None
+    get_recommendations: Optional[Callable[..., Any]] = None
+    fetch_skills_marketplace: Optional[Callable[..., Any]] = None
+    install_skill: Optional[Callable[..., Any]] = None
+    remove_skill_directory: Optional[Callable[..., dict]] = None
+    redact_secret_text: Optional[Callable[[str], str]] = None
+    ui_file_response: Optional[Callable[..., Any]] = None
+
+    # ── models ────────────────────────────────────────────────────────────
+    public_model: str = ""
+    local_model: str = ""
 
+    # ── integrations ──────────────────────────────────────────────────────
+    # Fired as on_chat_message(role, text, source) after a chat exchange is
+    # persisted; ``None`` means no external chat mirror is registered. The
+    # telegram bridge subscribes here only when ENABLE_TELEGRAM is truthy.
+    on_chat_message: Optional[Callable[..., None]] = None

package/latticeai/services/ingestion.py

@@ -33,6 +33,15 @@ FILE_SOURCE_TYPES = frozenset({"file", "local_file", "upload", "pdf"})
 TEXT_SOURCE_TYPES = frozenset(
     {"web_url", "browser_tab", "text", "markdown", "note", "code", "clipboard"}
 )
+# Conversational exchanges (read via ingest_message — role/content semantics,
+# conversation chaining). v4: chat and MCP messages stop bypassing the
+# pipeline, so they carry provenance and fire the hook lifecycle like every
+# other source.
+CHAT_SOURCE_TYPES = frozenset({"chat_message", "mcp_message"})
+# Typed memory records (read via ingest_event → Decision/Experience/Event
+# nodes). The Memory System writes through the same door as everything else.
+MEMORY_SOURCE_TYPES = frozenset({"decision", "experience", "workspace_event"})
+_MEMORY_NODE_TYPES = {"decision": "Decision", "experience": "Experience", "workspace_event": "Event"}
 
 DEFAULT_MAX_TEXT_BYTES = 5 * 1024 * 1024  # 5 MB of extracted text per item
 
@@ -143,6 +152,10 @@ class IngestionPipeline:
         }
 
         def _run() -> Dict[str, Any]:
+            if source_type in CHAT_SOURCE_TYPES:
+                return self._ingest_chat(item, source_type=source_type, owner=owner)
+            if source_type in MEMORY_SOURCE_TYPES:
+                return self._ingest_memory_record(item, source_type=source_type, owner=owner)
             if source_type in FILE_SOURCE_TYPES or (item.path and not item.text):
                 return self._ingest_file(item, source_type=source_type, owner=owner, captured_at=captured_at)
             return self._ingest_text(item, source_type=source_type, owner=owner, captured_at=captured_at)
@@ -243,6 +256,40 @@ class IngestionPipeline:
             metadata={"mime_type": item.mime_type, **(item.metadata or {})},
         )
 
+    def _ingest_chat(self, item, *, source_type, owner) -> Dict[str, Any]:
+        text = item.text or ""
+        meta = item.metadata or {}
+        role = str(meta.get("role") or "user")
+        result = self._kg.ingest_message(
+            role,
+            text,
+            user_email=owner,
+            user_nickname=meta.get("user_nickname"),
+            source=meta.get("source") or source_type,
+            conversation_id=item.conversation_id,
+            raw=meta.get("raw"),
+        )
+        # ingest_message reports message/response node ids; normalize the keys
+        # the provenance step expects.
+        result.setdefault("node_id", result.get("node_id") or result.get("message_node_id") or result.get("id"))
+        result.setdefault("title", item.title or text[:80])
+        return result
+
+    def _ingest_memory_record(self, item, *, source_type, owner) -> Dict[str, Any]:
+        node_type = _MEMORY_NODE_TYPES[source_type]
+        meta = item.metadata or {}
+        result = self._kg.ingest_event(
+            node_type,
+            item.title or (item.text or node_type)[:120],
+            user_email=owner,
+            source=meta.get("source") or source_type,
+            conversation_id=item.conversation_id,
+            metadata={**meta, "detail": (item.text or "")[:2000]},
+        )
+        result.setdefault("node_id", result.get("node_id") or result.get("id"))
+        result.setdefault("title", item.title)
+        return result
+
     def _ingest_file(self, item, *, source_type, owner, captured_at) -> Dict[str, Any]:
         if not item.path:
             raise ValueError("File ingestion requires a path.")

package/latticeai/services/kg_portability.py

@@ -44,11 +44,16 @@ def _sha256_file(path: Path) -> str:
 
 
 class KGPortabilityService:
-    def __init__(self, *, knowledge_graph: Any, data_dir, enable_graph: bool = True) -> None:
+    def __init__(self, *, knowledge_graph: Any, data_dir, enable_graph: bool = True, device_identity: Any = None) -> None:
         self._kg = knowledge_graph
         self._data_dir = Path(data_dir)
         self._enable = bool(enable_graph)
         self._exports_dir = self._data_dir / "workspace_exports"
+        # v4 sovereignty: when a DeviceIdentity is wired, exports are signed
+        # and imports record origin provenance. Pre-v4 unsigned bundles stay
+        # importable locally (origin='unsigned-legacy') — signatures are
+        # mandatory only on the Brain Network peer path.
+        self._identity = device_identity
 
     def available(self) -> bool:
         return self._enable and self._kg is not None
@@ -60,7 +65,7 @@ class KGPortabilityService:
     # ── logical export / import ──────────────────────────────────────────────
     def export(self, *, workspace_id: Optional[str] = None) -> Dict[str, Any]:
         self._require()
-        data = self._kg.export_graph_data()
+        data = self._kg.export_graph_data(workspace_id=workspace_id)
         header = {
             "format": FORMAT,
             "format_version": FORMAT_VERSION,
@@ -69,7 +74,10 @@ class KGPortabilityService:
             "workspace_id": workspace_id,
             "counts": data.get("counts"),
         }
-        return {"header": header, **data}
+        artifact = {"header": header, **data}
+        if self._identity is not None:
+            artifact["signature"] = self._identity.sign_manifest(header)
+        return artifact
 
     def export_to_file(self, path=None, *, workspace_id: Optional[str] = None) -> Dict[str, Any]:
         artifact = self.export(workspace_id=workspace_id)
@@ -84,8 +92,30 @@ class KGPortabilityService:
             raise ValueError("Invalid Knowledge Graph export artifact.")
         if mode not in ("merge", "replace"):
             raise ValueError("mode must be 'merge' or 'replace'.")
+        origin = "unsigned-legacy"
+        signature = artifact.get("signature")
+        if signature:
+            from latticeai.brain.identity import verify_manifest
+
+            if not verify_manifest(artifact.get("header") or {}, signature):
+                raise ValueError("Bundle signature verification failed — refusing to import.")
+            origin = f"device:{signature.get('fingerprint') or 'unknown'}"
         result = self._kg.import_graph_data(artifact, mode=mode, dry_run=dry_run)
         result["header"] = artifact.get("header")
+        result["origin"] = origin
+        result["signed"] = bool(signature)
+        if not dry_run:
+            try:
+                self._kg.record_provenance(
+                    node_id="import:" + str((artifact.get("header") or {}).get("exported_at") or _now_iso()),
+                    source_type="bundle_import",
+                    pipeline="kg-portability",
+                    owner=None,
+                    metadata={"origin": origin, "mode": mode,
+                              "counts": (artifact.get("header") or {}).get("counts")},
+                )
+            except Exception:
+                pass
         return result
 
     def import_from_file(self, path, *, mode: str = "merge", dry_run: bool = False) -> Dict[str, Any]:

package/latticeai/services/memory_service.py

@@ -24,7 +24,7 @@ from __future__ import annotations
 import json
 from datetime import datetime
 from pathlib import Path
-from typing import Any, Callable, Dict, List, Optional
+from typing import Any, Dict, List, Optional
 
 # Personal workspace memory kinds (from WorkspaceOS.MEMORY_KINDS).
 WORKSPACE_KINDS = (
@@ -60,12 +60,16 @@ class MemoryService:
         knowledge_graph: Any = None,
         enable_graph: bool = True,
         history_file: Optional[Path] = None,
+        conversation_store: Any = None,
     ):
         self._store = store
         self._kg = knowledge_graph
         self._enable_graph = bool(enable_graph and knowledge_graph is not None)
         self._data_dir = Path(data_dir)
         self._history_file = Path(history_file) if history_file else (self._data_dir / "chat_history.json")
+        # v4: the durable SQLite conversation store supersedes the JSON file
+        # as the conversation tier's backing store when provided.
+        self._conversation_store = conversation_store
 
     # ── helpers over the underlying stores ────────────────────────────────
     def _workspace_memories(self, *, user_email: Optional[str], workspace_id: Optional[str]) -> List[Dict[str, Any]]:
@@ -87,6 +91,14 @@ class MemoryService:
             return []
 
     def _conversations(self) -> List[Dict[str, Any]]:
+        if self._conversation_store is not None:
+            try:
+                grouped: Dict[str, List[Dict[str, Any]]] = {}
+                for item in self._conversation_store.history():
+                    grouped.setdefault(item.get("conversation_id") or "legacy-previous-history", []).append(item)
+                return [{"id": conv_id, "messages": msgs} for conv_id, msgs in grouped.items()]
+            except Exception:
+                return []
         if not self._history_file.exists():
             return []
         try:
@@ -130,7 +142,10 @@ class MemoryService:
 
         ws_bytes = _file_size(self._data_dir / "workspace_os.json")
         kg_bytes = _file_size(self._data_dir / "knowledge_graph.sqlite")
-        conv_bytes = _file_size(self._history_file)
+        if self._conversation_store is not None:
+            conv_bytes = int(getattr(self._conversation_store, "size_bytes", lambda: 0)())
+        else:
+            conv_bytes = _file_size(self._history_file)
 
         node_total = sum((kg_stats or {}).get("nodes", {}).values()) if kg_stats else None
         edge_total = sum((kg_stats or {}).get("edges", {}).values()) if kg_stats else None
@@ -159,7 +174,7 @@ class MemoryService:
             {
                 "id": "conversation", "type": "conversation", "label": "Conversation Memory",
                 "count": len(convs), "size_bytes": conv_bytes,
-                "health": "ok" if self._history_file.exists() else "empty",
+                "health": "ok" if (self._conversation_store is not None or self._history_file.exists()) else "empty",
                 "detail": "Historical interaction memory from chat.",
             },
             {
@@ -202,6 +217,18 @@ class MemoryService:
         limit: int = 20,
     ) -> Dict[str, Any]:
         q = str(query or "").strip()
+        query_tokens = [tok for tok in q.lower().split() if tok]
+
+        def _lexical_score(*texts: Any) -> float:
+            # Honest, comparable relevance: fraction of query tokens present.
+            # Both tiers share this scorer so the cross-tier ranking is real,
+            # not an artifact of per-tier constants.
+            if not query_tokens:
+                return 0.0
+            haystack = " ".join(str(t or "") for t in texts).lower()
+            hits = sum(1 for tok in query_tokens if tok in haystack)
+            return round(hits / len(query_tokens), 4)
+
         results: List[Dict[str, Any]] = []
 
         try:
@@ -215,23 +242,24 @@ class MemoryService:
                 "title": (m.get("kind") or "memory"),
                 "snippet": str(m.get("content") or "")[:240],
                 "kind": m.get("kind"),
-                "score": 0.6,
+                "score": _lexical_score(m.get("content"), " ".join(m.get("tags") or []), m.get("kind")),
                 "tags": m.get("tags") or [],
             })
 
         if self._enable_graph and q:
             try:
-                hits = self._kg.search(q, limit).get("results", [])
+                # KnowledgeGraph.search returns {"query": ..., "matches": [...]}.
+                hits = self._kg.search(q, limit).get("matches", [])
             except Exception:
                 hits = []
-            for hsit in hits[:limit]:
+            for hit in hits[:limit]:
                 results.append({
                     "source": "graph",
-                    "id": hsit.get("id") or hsit.get("node_id"),
-                    "title": hsit.get("title") or hsit.get("name") or "node",
-                    "snippet": str(hsit.get("summary") or hsit.get("content") or "")[:240],
-                    "kind": hsit.get("type") or "node",
-                    "score": float(hsit.get("score") or 0.5),
+                    "id": hit.get("id") or hit.get("node_id"),
+                    "title": hit.get("title") or hit.get("name") or "node",
+                    "snippet": str(hit.get("summary") or hit.get("content") or "")[:240],
+                    "kind": hit.get("type") or "node",
+                    "score": _lexical_score(hit.get("title"), hit.get("name"), hit.get("summary"), hit.get("content")),
                 })
 
         results.sort(key=lambda r: r.get("score", 0), reverse=True)

package/latticeai/services/model_runtime.py

@@ -18,7 +18,6 @@ import re
 import shutil
 import subprocess
 import sys
-import tempfile
 import threading
 import time
 import urllib.error
@@ -26,16 +25,14 @@ import urllib.request
 from pathlib import Path
 from typing import AsyncIterator, Dict, List, Optional
 
-import httpx
 from fastapi import HTTPException, Request
 
-from llm_router import (
+from latticeai.models.router import (
     AsyncOpenAI,
     HF_MODELS_ROOT,
     OPENAI_COMPATIBLE_PROVIDERS,
     ensure_mlx_runtime,
     hf_model_dir,
-    normalize_branding,
     parse_model_ref,
 )
 from latticeai.core.model_compat import (
@@ -89,7 +86,7 @@ def configure_model_runtime(**deps) -> None:
 # Catalog data + version-dedup helpers live in ``model_catalog``; re-exported
 # here so existing ``from ...model_runtime import ENGINE_MODEL_CATALOG`` imports
 # keep working.
-from latticeai.services.model_catalog import (  # noqa: F401  (re-export)
+from latticeai.services.model_catalog import (  # noqa: E402, F401 (re-export after the module globals it documents)
     ENGINE_INSTALLERS,
     ENGINE_MODEL_CATALOG,
     MODEL_ENGINE_ALIASES,

package/latticeai/services/platform_runtime.py

@@ -18,8 +18,9 @@ from typing import Any, Callable, Dict, Optional, Set
 from fastapi import HTTPException, Request
 
 from latticeai.core.hooks import dispatch_tool
-from latticeai.core.multi_agent import MultiAgentOrchestrator, default_role_runner
-from latticeai.core.workflow_engine import WorkflowEngine
+from latticeai.core.multi_agent import MultiAgentOrchestrator, default_role_runner, llm_role_runner
+from latticeai.core.workflow_engine import ApprovalRequired, WorkflowEngine
+from tools import execute_tool
 
 
 class PlatformRuntime:
@@ -34,6 +35,9 @@ class PlatformRuntime:
         workspace_scope_from_request: Callable[[Request], Optional[str]],
         get_tool_permission: Callable[..., Dict[str, Any]],
         hooks: Any = None,
+        llm_generate: Optional[Callable[..., str]] = None,
+        llm_available: Optional[Callable[[], bool]] = None,
+        agent_registry: Any = None,
     ):
         self.store = store
         self.svc = workspace_service
@@ -45,6 +49,12 @@ class PlatformRuntime:
         # Lifecycle hooks registry — wires the workflow runtime + workflow tool
         # nodes into the same pre_*/post_* lifecycle as the HTTP + agent paths.
         self.hooks = hooks
+        # v4 (T7b): a synchronous model bridge. When a model is loaded,
+        # build_orchestrator returns the REAL (mode='llm') runner; otherwise
+        # the deterministic runner, honestly labeled mode='simulation'.
+        self.llm_generate = llm_generate
+        self.llm_available = llm_available or (lambda: False)
+        self.agent_registry = agent_registry
 
     # ── request gating ────────────────────────────────────────────────────
 
@@ -77,31 +87,57 @@ class PlatformRuntime:
     # ── shared node runners ───────────────────────────────────────────────
 
     def _tool_node_runner(self):
-        """Workflow tool node: records the invocation + governance decision but
-        never silently executes exec/destructive tools (those need approval)."""
+        """Workflow tool node: EXECUTES the tool under governance (v4).
+
+        Auto-approve tools run immediately through the shared dispatch_tool
+        lifecycle. Tools whose policy requires approval raise
+        :class:`ApprovalRequired` so the engine pauses the run into
+        ``awaiting_approval`` — never a silent ``{recorded: true}`` success,
+        never an unapproved execution. A resumed run carries the approved
+        node id in ``context['__approved_nodes__']``.
+        """
         def runner(*, node, context):
             cfg = node.get("config") or {}
             name = cfg.get("tool") or ""
             args = cfg.get("args") or {}
-
-            def _record():
-                try:
-                    permission = dict(self.get_tool_permission(name))
-                except Exception:
-                    permission = {"tool": name, "risk": "unknown"}
-                return {"tool": name, "args": args, "recorded": True, "permission": permission}
+            if not name:
+                raise ValueError("tool node has no tool configured")
+            try:
+                permission = dict(self.get_tool_permission(name, args))
+            except TypeError:
+                permission = dict(self.get_tool_permission(name))
+            approved_nodes = set(context.get("__approved_nodes__") or [])
+            if permission.get("requires_approval") and node.get("id") not in approved_nodes:
+                raise ApprovalRequired(
+                    f"tool '{name}' requires explicit approval before a workflow may run it",
+                    tool=name, args=args, permission=permission,
+                )
+
+            def _execute():
+                return execute_tool(name, args)
 
             # Same tool lifecycle as the HTTP + agent paths (a pre_tool block
             # raises PermissionError, surfaced as the node error by the engine).
-            return dispatch_tool(self.hooks, name or "tool", args, _record, source="workflow")
+            result = dispatch_tool(self.hooks, name, args, _execute, source="workflow")
+            return {"tool": name, "args": args, "executed": True,
+                    "permission": permission, "result": result}
         return runner
 
     def _skill_node_runner(self):
+        """Skill nodes refuse honestly: a skill is an instruction package for
+        an LLM; without a model-driven executor there is nothing to run, and
+        pretending otherwise (the pre-v4 existence check that reported 'ok')
+        is exactly the fake functionality v4 bans."""
         def runner(*, node, context):
             cfg = node.get("config") or {}
             name = cfg.get("skill") or ""
             entry = self.store.load_state().get("skill_registry", {}).get(name) or {}
-            return {"skill": name, "found": bool(entry), "enabled": bool(entry.get("enabled"))}
+            if not entry:
+                raise ValueError(f"skill '{name}' is not installed")
+            raise RuntimeError(
+                f"skill '{name}' requires LLM-driven execution, which workflow "
+                "skill nodes do not provide in this build — refusing to fake a result"
+            )
         return runner
 
     def _context_provider(self, user, scope):
@@ -116,15 +152,25 @@ class PlatformRuntime:
     def plugin_capability_runners(self, user, scope) -> Dict[str, Callable[..., Any]]:
         """Runners the Plugin SDK boundary dispatches to (one per capability)."""
         def run_skill(*, plugin_id, action, args, manifest):
-            return {"plugin": plugin_id, "ran_skills": manifest.provides.get("skills", [])}
+            raise RuntimeError(
+                f"plugin '{plugin_id}' skill execution requires an LLM-driven "
+                "runner, which this build does not provide — refusing to fake a result"
+            )
 
         def run_tool(*, plugin_id, action, args, manifest):
             tool = args.get("tool") or (manifest.provides.get("tools") or [None])[0]
-            try:
-                permission = dict(self.get_tool_permission(tool)) if tool else {}
-            except Exception:
-                permission = {}
-            return {"plugin": plugin_id, "tool": tool, "permission": permission, "recorded": True}
+            if not tool:
+                raise ValueError(f"plugin '{plugin_id}' run_tool needs a tool name")
+            permission = dict(self.get_tool_permission(tool))
+            if permission.get("requires_approval"):
+                raise ApprovalRequired(
+                    f"plugin tool '{tool}' requires explicit approval",
+                    tool=tool, args=args, permission=permission,
+                )
+            result = dispatch_tool(self.hooks, tool, args, lambda: execute_tool(tool, args),
+                                   source=f"plugin:{plugin_id}")
+            return {"plugin": plugin_id, "tool": tool, "permission": permission,
+                    "executed": True, "result": result}
 
         def run_workflow(*, plugin_id, action, args, manifest):
             wf_id = args.get("workflow_id")
@@ -175,6 +221,9 @@ class PlatformRuntime:
             workflow_id=workflow_id, name=workflow.get("name") or "workflow",
             status=result.status, timeline=result.timeline, outputs=result.outputs,
             user_email=user, graph=self.workspace_graph(), workspace_id=scope,
+            mode="live",
+            pause={"node": result.paused_node, "pending": result.pending_approval,
+                   "context": result.paused_context} if result.status == "awaiting_approval" else None,
         )
         return {"workflow_run_id": run["id"], "status": result.status}
 
@@ -209,8 +258,36 @@ class PlatformRuntime:
         }
 
     def build_orchestrator(self, user, scope) -> MultiAgentOrchestrator:
+        workflow_runner = lambda wf_ref, ctx: self.run_workflow_by_id(wf_ref, user, scope, with_agent=False, inputs=ctx.inputs)  # noqa: E731
+        plugin_runner = lambda pid, ctx: self.registry.execute_action(pid, "run_skill", {}, runners=self.plugin_capability_runners(user, scope), workspace_id=scope).as_dict()  # noqa: E731
+        context_provider = self._context_provider(user, scope)
+        custom_agents = {}
+        if self.agent_registry is not None:
+            try:
+                custom_agents = {
+                    a["id"]: a for a in self.agent_registry.all()
+                    if str(a.get("id", "")).startswith("agent:custom:") and a.get("enabled", True)
+                }
+            except Exception:
+                custom_agents = {}
+        if self.llm_generate is not None and self.llm_available():
+            from latticeai.core.agent_prompts import CRITIC_PROMPT, PLANNER_PROMPT
+
+            return MultiAgentOrchestrator(
+                role_runner=llm_role_runner(
+                    generate=self.llm_generate,
+                    planner_prompt=PLANNER_PROMPT,
+                    critic_prompt=CRITIC_PROMPT,
+                    context_provider=context_provider,
+                    workflow_runner=workflow_runner,
+                    plugin_runner=plugin_runner,
+                    custom_agents=custom_agents,
+                ),
+                mode="llm",
+                custom_agents=custom_agents,
+            )
         return MultiAgentOrchestrator(role_runner=default_role_runner(
-            workflow_runner=lambda wf_ref, ctx: self.run_workflow_by_id(wf_ref, user, scope, with_agent=False, inputs=ctx.inputs),
-            plugin_runner=lambda pid, ctx: self.registry.execute_action(pid, "run_skill", {}, runners=self.plugin_capability_runners(user, scope), workspace_id=scope).as_dict(),
-            context_provider=self._context_provider(user, scope),
-        ))
+            workflow_runner=workflow_runner,
+            plugin_runner=plugin_runner,
+            context_provider=context_provider,
+        ), mode="simulation", custom_agents=custom_agents)