siclaw 0.1.0 → 0.1.2

package/dist/gateway/rpc-methods.js

@@ -7,6 +7,7 @@
 import crypto from "node:crypto";
 import fs from "node:fs";
 import path from "node:path";
+import { fileURLToPath } from "node:url";
 import { AgentBoxClient } from "./agentbox/client.js";
 import { ChatRepository } from "./db/repositories/chat-repo.js";
 import { SkillRepository } from "./db/repositories/skill-repo.js";
@@ -20,6 +21,8 @@ import { ModelConfigRepository } from "./db/repositories/model-config-repo.js";
 import { CredentialRepository } from "./db/repositories/credential-repo.js";
 import { WorkspaceRepository } from "./db/repositories/workspace-repo.js";
 import { SystemConfigRepository } from "./db/repositories/system-config-repo.js";
+import { EnvironmentRepository } from "./db/repositories/env-repo.js";
+import { UserEnvConfigRepository } from "./db/repositories/user-env-config-repo.js";
 import { getLabelsForSkill, batchGetLabels, listAllLabels } from "./skill-labels.js";
 import { McpServerRepository } from "./db/repositories/mcp-server-repo.js";
 import { SkillFileWriter } from "./skills/file-writer.js";
@@ -28,10 +31,11 @@ import { ScriptEvaluator } from "./skills/script-evaluator.js";
 import { SkillVersionRepository } from "./db/repositories/skill-version-repo.js";
 import { createTwoFilesPatch } from "diff";
 import yaml from "js-yaml";
-import { notifyCronService as notifyCronServiceImpl } from "./cron/notify.js";
 import { buildSkillBundle } from "./skills/skill-bundle.js";
 import { buildRedactionConfig, redactText } from "./output-redactor.js";
 import { RESOURCE_DESCRIPTORS } from "../shared/resource-sync.js";
+import { sql, gte, sum, count } from "drizzle-orm";
+import { sessionStats } from "./db/schema.js";
 function requireAuth(context) {
     const userId = context.auth?.userId;
     if (!userId)
@@ -40,11 +44,32 @@ function requireAuth(context) {
 }
 function requireAdmin(context) {
     const userId = requireAuth(context);
-    if (context.auth?.username !== "admin")
+    if (!isAdminUser(context))
         throw new Error("Forbidden: admin access required");
     return userId;
 }
-export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, activePromptUsers, agentBoxTlsOptions, resourceNotifier) {
+function isAdminUser(context) {
+    return context.auth?.username === "admin";
+}
+/**
+ * Compare two Kubernetes API server URLs by hostname (and port if present).
+ * Prevents substring bypass (e.g. "evil-https://real-server:6443" matching "real-server:6443").
+ */
+function apiServerHostMatch(kubeconfigServer, envApiServer) {
+    try {
+        const a = new URL(kubeconfigServer);
+        const b = new URL(envApiServer.includes("://") ? envApiServer : `https://${envApiServer}`);
+        // Require explicit port on the env side — environments without port are legacy and must be updated
+        if (!b.port)
+            return false;
+        return a.hostname === b.hostname && (a.port || "443") === b.port;
+    }
+    catch {
+        // If URL parsing fails, reject the match — don't fall back to loose comparison
+        return false;
+    }
+}
+export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, activePromptUsers, agentBoxTlsOptions, resourceNotifier, metricsAggregator, cronService) {
     const methods = new Map();
     // Initialize repositories (null-safe — methods check before use)
     const chatRepo = db ? new ChatRepository(db) : null;
@@ -62,13 +87,15 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
     const sysConfigRepo = db ? new SystemConfigRepository(db) : null;
     const mcpRepo = db ? new McpServerRepository(db) : null;
     const skillContentRepo = db ? new SkillContentRepository(db) : null;
+    const envRepo = db ? new EnvironmentRepository(db) : null;
+    const userEnvConfigRepo = db ? new UserEnvConfigRepository(db) : null;
     const scriptEvaluator = new ScriptEvaluator(modelConfigRepo);
-    /** Resolve workspaceId for a session from DB, falling back to "default" */
+    /** Resolve workspaceId for a session from DB */
     async function resolveSessionWorkspace(sessionId) {
         if (!chatRepo)
-            return "default";
+            return undefined;
         const session = await chatRepo.getSession(sessionId);
-        return session?.workspaceId ?? "default";
+        return session?.workspaceId ?? undefined;
     }
     /** Find an AgentBox handle for a user, trying session workspace first, then any active box */
     async function findAgentBoxForSession(userId, sessionId) {
@@ -119,6 +146,56 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             console.warn(`[resource-notify] All skill reload failed:`, err.message);
         });
     }
+    /**
+     * Push updated credentials to all active AgentBoxes for a user (fire-and-forget).
+     * Builds the credential payload per workspace and POSTs to each box's /api/reload-credentials.
+     */
+    function pushCredentialsToUser(userId) {
+        if (!workspaceRepo)
+            return;
+        // Async fire-and-forget
+        (async () => {
+            // Local mode: handles carry workspaceId from cache key
+            let handles = agentBoxManager.getForUser(userId);
+            if (handles.length === 0) {
+                // K8s mode: find running pods via list(), workspace label provides workspaceId
+                const allBoxes = await agentBoxManager.list();
+                const userBoxes = allBoxes.filter((b) => b.userId === userId && b.status === "running" && b.endpoint);
+                if (userBoxes.length === 0)
+                    return;
+                for (const box of userBoxes) {
+                    handles.push({
+                        boxId: box.boxId,
+                        userId: box.userId,
+                        endpoint: box.endpoint,
+                        workspaceId: box.workspaceId,
+                    });
+                }
+            }
+            if (handles.length === 0)
+                return;
+            for (const handle of handles) {
+                try {
+                    // Resolve workspace for this box
+                    const wsId = handle.workspaceId;
+                    const ws = wsId
+                        ? (await workspaceRepo.getById(wsId)) ?? (await workspaceRepo.getOrCreateDefault(userId))
+                        : await workspaceRepo.getOrCreateDefault(userId);
+                    if (!ws)
+                        continue;
+                    const payload = await buildCredentialPayload(userId, ws.id, ws.isDefault);
+                    const client = new AgentBoxClient(handle.endpoint, 15000, agentBoxTlsOptions);
+                    await client.reloadCredentials(payload);
+                    console.log(`[credential-push] Pushed credentials to box=${handle.boxId} ws=${ws.name} (${payload.files.length} files)`);
+                }
+                catch (err) {
+                    console.warn(`[credential-push] Failed for box=${handle.boxId}:`, err instanceof Error ? err.message : err);
+                }
+            }
+        })().catch((err) => {
+            console.warn(`[credential-push] Unexpected error for userId=${userId}:`, err instanceof Error ? err.message : err);
+        });
+    }
     // Initialize skills dir
     skillWriter.init()
         .then(async () => {
@@ -127,10 +204,13 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         .catch((err) => {
         console.error("[rpc] Failed to initialize skills:", err);
     });
-    // Resolve core/extension skills directory: prefer baked-in image path over NFS
-    const builtinCoreDir = path.join(process.cwd(), "skills", "core");
+    // Resolve core/extension skills directory: prefer baked-in package path over NFS
+    // Use import.meta.url to locate the npm package root (dist/gateway/rpc-methods.js → package root)
+    const __rpcDirname = path.dirname(fileURLToPath(import.meta.url));
+    const packageRoot = path.resolve(__rpcDirname, "..", "..");
+    const builtinCoreDir = path.join(packageRoot, "skills", "core");
     const coreSkillsDir = fs.existsSync(builtinCoreDir) ? builtinCoreDir : path.join(skillsDir, "core");
-    const builtinExtDir = path.join(process.cwd(), "skills", "extension");
+    const builtinExtDir = path.join(packageRoot, "skills", "extension");
     const extSkillsDir = fs.existsSync(builtinExtDir) ? builtinExtDir : path.join(skillsDir, "extension");
     /** Resolve the filesystem dir for a builtin skill dirName (core first, then extension) */
     function resolveBuiltinSkillDir(dirName) {
@@ -265,7 +345,9 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
                 workspace = null;
             }
         }
-        const effectiveWorkspaceId = workspace?.id ?? "default";
+        if (!workspace)
+            throw new Error("Failed to resolve workspace");
+        const effectiveWorkspaceId = workspace.id;
         // Ensure session exists in DB
         if (chatRepo) {
             if (sessionId) {
@@ -292,7 +374,7 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             });
         }
         if (!sessionId)
-            sessionId = "default";
+            throw new Error("Failed to create session");
         // Forward model selection and brain type from frontend
         // Use workspace default model if user didn't specify one
         const modelProvider = params.modelProvider ?? workspace?.configJson?.defaultModel?.provider;
@@ -327,9 +409,12 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             }
         }
         // Get or create AgentBox (per workspace)
+        // Encode workspace envType into cert so Gateway trusts the cert, not AgentBox's self-declaration
+        const podEnv = (workspace?.envType === "test" ? "test" : "prod");
         const handle = await agentBoxManager.getOrCreate(userId, effectiveWorkspaceId, {
             workspaceId: effectiveWorkspaceId,
             allowedTools,
+            podEnv,
         });
         const client = new AgentBoxClient(handle.endpoint, 30000, agentBoxTlsOptions);
         // Send prompt
@@ -361,7 +446,9 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         // Async SSE processing
         (async () => {
             let assistantContent = "";
-            let pendingToolInput = ""; // Capture tool input from start event for DB persistence
+            // Map keyed by toolName to handle parallel tool calls correctly
+            const pendingToolInputs = new Map();
+            const pendingToolStartTimes = new Map();
             let sseEventCount = 0;
             const sseStartTime = Date.now();
             // Mark user as having an active prompt so WS teardown won't kill the pod
@@ -387,15 +474,32 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
                             .map((c) => c.text ?? "")
                             .join("") ?? "";
                         const toolName = eventData.toolName || "tool";
+                        // Audit: determine outcome
+                        let outcome = "success";
+                        if (toolResult?.details?.blocked) {
+                            outcome = "blocked";
+                        }
+                        else if (toolResult?.details?.error) {
+                            outcome = "error";
+                        }
+                        const startTime = pendingToolStartTimes.get(toolName);
+                        const durationMs = startTime != null
+                            ? Date.now() - startTime
+                            : undefined;
+                        const toolInput = pendingToolInputs.get(toolName) || "";
                         dbMessageId = await chatRepo.appendMessage({
                             sessionId: result.sessionId,
                             role: "tool",
                             content: redactText(text, redactionConfig),
                             toolName,
-                            toolInput: pendingToolInput ? redactText(pendingToolInput, redactionConfig) : undefined,
+                            toolInput: toolInput ? redactText(toolInput, redactionConfig) : undefined,
+                            userId,
+                            outcome,
+                            durationMs,
                         });
                         await chatRepo.incrementMessageCount(result.sessionId);
-                        pendingToolInput = "";
+                        pendingToolInputs.delete(toolName);
+                        pendingToolStartTimes.delete(toolName);
                     }
                     // Forward event to frontend via sendToUser (targets all WS connections
                     // for this user, so reconnected sessions also receive live events)
@@ -465,9 +569,11 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
                             }
                         }
                         else if (eventType === "tool_execution_start") {
-                            // Capture tool input for DB persistence
+                            // Capture tool input and start time for DB persistence (keyed by toolName for parallel calls)
+                            const startToolName = eventData.toolName || "tool";
                             const args = eventData.args;
-                            pendingToolInput = args ? JSON.stringify(args) : "";
+                            pendingToolInputs.set(startToolName, args ? JSON.stringify(args) : "");
+                            pendingToolStartTimes.set(startToolName, Date.now());
                         }
                         // tool_execution_end already handled above
                     }
@@ -595,9 +701,11 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const providerName = params.provider;
         const baseUrl = params.baseUrl;
         const apiKey = params.apiKey;
+        const api = params.api;
+        const authHeader = params.authHeader;
         if (!providerName)
             throw new Error("Missing provider name");
-        await modelConfigRepo.saveProvider(providerName, baseUrl, apiKey);
+        await modelConfigRepo.saveProvider(providerName, baseUrl, apiKey, api, authHeader);
         return { ok: true };
     });
     methods.set("provider.delete", async (params, context) => {
@@ -643,6 +751,113 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         await modelConfigRepo.removeModel(providerName, modelId);
         return { ok: true };
     });
+    methods.set("provider.testConnection", async (params, context) => {
+        requireAdmin(context);
+        const baseUrl = params.baseUrl;
+        const apiKey = params.apiKey;
+        const api = params.api ?? "openai-completions";
+        if (!baseUrl || !apiKey)
+            throw new Error("Missing required params: baseUrl, apiKey");
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), 10000);
+        const base = baseUrl.replace(/\/+$/, "");
+        try {
+            if (api === "anthropic") {
+                // Anthropic: auth-only check via counting message tokens (free, no completion)
+                const res = await fetch(`${base}/v1/messages/count_tokens`, {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/json",
+                        "x-api-key": apiKey,
+                        "anthropic-version": "2023-06-01",
+                    },
+                    body: JSON.stringify({
+                        model: "claude-sonnet-4-20250514",
+                        messages: [{ role: "user", content: "hi" }],
+                    }),
+                    signal: controller.signal,
+                });
+                if (res.ok)
+                    return { ok: true, message: "Connection successful" };
+                // 404 means endpoint not available — try a simple auth header check
+                if (res.status === 404) {
+                    // Any authenticated GET that returns non-401 means key is valid
+                    const fallback = await fetch(`${base}/v1/models`, {
+                        headers: { "x-api-key": apiKey, "anthropic-version": "2023-06-01" },
+                        signal: controller.signal,
+                    });
+                    if (fallback.status !== 401 && fallback.status !== 403) {
+                        return { ok: true, message: "Connection successful" };
+                    }
+                }
+                const body = await res.text().catch(() => "");
+                return { ok: false, message: `HTTP ${res.status}: ${body.slice(0, 200)}` };
+            }
+            // OpenAI-compatible: try GET /models (auth-only, no completion)
+            const modelsPaths = [`${base}/models`, `${base}/v1/models`];
+            for (const url of modelsPaths) {
+                const res = await fetch(url, {
+                    headers: { Authorization: `Bearer ${apiKey}` },
+                    signal: controller.signal,
+                });
+                if (res.ok) {
+                    return { ok: true, message: "Connection successful" };
+                }
+                // 401/403 = bad key — definitive failure
+                if (res.status === 401 || res.status === 403) {
+                    const body = await res.text().catch(() => "");
+                    return { ok: false, message: `Authentication failed (HTTP ${res.status})` };
+                }
+                // 404 = endpoint not found but server responded — try next path
+            }
+            // All paths returned 404: server is reachable and didn't reject the key
+            return { ok: true, message: "Connection successful" };
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            return { ok: false, message: msg.includes("abort") ? "Connection timed out (10s)" : msg };
+        }
+        finally {
+            clearTimeout(timeout);
+        }
+    });
+    methods.set("provider.quickSetup", async (params, context) => {
+        requireAdmin(context);
+        if (!modelConfigRepo)
+            throw new Error("Database not available");
+        const providerName = params.provider;
+        const baseUrl = params.baseUrl;
+        const apiKey = params.apiKey;
+        const api = params.api ?? "openai-completions";
+        const authHeader = params.authHeader ?? false;
+        const model = params.model;
+        const setAsDefault = params.setAsDefault ?? true;
+        if (!providerName)
+            throw new Error("Missing provider name");
+        // 1. Save provider
+        await modelConfigRepo.saveProvider(providerName, baseUrl, apiKey, api, authHeader);
+        // 2. Add model if provided
+        if (model?.id && model?.name) {
+            try {
+                await modelConfigRepo.addModel(providerName, {
+                    id: model.id,
+                    name: model.name,
+                    reasoning: model.reasoning ?? false,
+                    contextWindow: model.contextWindow ?? 128000,
+                    maxTokens: model.maxTokens ?? 65536,
+                    category: model.category ?? "llm",
+                });
+            }
+            catch {
+                // Model may already exist (e.g. re-running quick setup) — that's fine
+            }
+            // 3. Set as default
+            if (setAsDefault) {
+                await modelConfigRepo.setDefault(providerName, model.id);
+            }
+        }
+        return { ok: true };
+    });
     methods.set("config.getDefaultModel", async (_params, context) => {
         requireAuth(context);
         if (!modelConfigRepo)
@@ -888,12 +1103,14 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const userId = requireAuth(context);
         const sessionId = params.sessionId;
         const snapKey = sessionId ? `${userId}:${sessionId}` : userId;
+        const streamKey = sessionId ? `${userId}:${sessionId}` : undefined;
+        const promptActive = streamKey ? activeStreams.has(streamKey) : false;
         const snap = dpProgressSnapshots.get(snapKey);
         if (!snap || Date.now() - snap.updatedAt > 600_000) {
             dpProgressSnapshots.delete(snapKey);
-            return { events: null };
+            return { events: null, promptActive };
         }
-        return { sessionId: snap.sessionId, events: snap.events };
+        return { sessionId: snap.sessionId, events: snap.events, promptActive };
     });
     methods.set("chat.history", async (params, context) => {
         const userId = requireAuth(context);
@@ -943,34 +1160,27 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
     // ─────────────────────────────────────────────────
     methods.set("session.list", async (params, context) => {
         const userId = requireAuth(context);
+        if (!chatRepo)
+            throw new Error("Database not available");
         const workspaceId = params?.workspaceId;
-        if (chatRepo) {
-            const rows = await chatRepo.listSessions(userId, 20, workspaceId);
-            return {
-                sessions: rows.map((s) => ({
-                    key: s.id,
-                    title: s.title,
-                    preview: s.preview,
-                    createdAt: s.createdAt?.toISOString(),
-                    lastActiveAt: s.lastActiveAt?.toISOString(),
-                    messageCount: s.messageCount,
-                })),
-            };
-        }
-        // Fallback: get from AgentBox
-        const handle = await agentBoxManager.getAsync(userId, workspaceId ?? "default");
-        if (!handle)
-            return { sessions: [] };
-        const client = new AgentBoxClient(handle.endpoint, 30000, agentBoxTlsOptions);
-        return client.listSessions();
+        const rows = await chatRepo.listSessions(userId, 20, workspaceId);
+        return {
+            sessions: rows.map((s) => ({
+                key: s.id,
+                title: s.title,
+                preview: s.preview,
+                createdAt: s.createdAt?.toISOString(),
+                lastActiveAt: s.lastActiveAt?.toISOString(),
+                messageCount: s.messageCount,
+            })),
+        };
     });
     methods.set("session.create", async (_params, context) => {
         const userId = requireAuth(context);
-        if (chatRepo) {
-            const session = await chatRepo.createSession(userId);
-            return { sessionId: session.id, sessionKey: session.id };
-        }
-        return { sessionId: "default", sessionKey: "default" };
+        if (!chatRepo)
+            throw new Error("Database not available");
+        const session = await chatRepo.createSession(userId);
+        return { sessionId: session.id, sessionKey: session.id };
     });
     methods.set("session.delete", async (params, context) => {
         const userId = requireAuth(context);
@@ -987,7 +1197,7 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
     // ─────────────────────────────────────────────────
     methods.set("box.status", async (params, context) => {
         const userId = requireAuth(context);
-        const workspaceId = params?.workspaceId ?? "default";
+        const workspaceId = params?.workspaceId;
         const handle = await agentBoxManager.getAsync(userId, workspaceId);
         if (!handle)
             return { boxStatus: "not_created" };
@@ -1824,12 +2034,17 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             await skillRepo.update(skillId, updates);
         }
         // 5. AI script review using staged files
+        // Clear old reviews first so the UI shows "in progress" while the new review runs
+        if (skillReviewRepo) {
+            await skillReviewRepo.deleteAiReviewsForSkill(skillId);
+        }
         let stagedFiles = null;
         if (skillContentRepo) {
             stagedFiles = await skillContentRepo.read(skillId, "staging");
         }
-        if (stagedFiles?.scripts?.length) {
-            triggerScriptReview(skillId, meta.name, stagedFiles.scripts, stagedFiles.specs).catch(console.error);
+        if (stagedFiles?.scripts?.length || stagedFiles?.specs) {
+            // Review both scripts and specs — specs contain command templates the agent will follow
+            triggerScriptReview(skillId, meta.name, stagedFiles?.scripts ?? [], stagedFiles?.specs).catch(console.error);
         }
         // 6. Notify reviewers (only on first submit to avoid flooding)
         if (!isPending) {
@@ -1865,14 +2080,17 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         if (currentReviewStatus !== "pending") {
             throw new Error("This skill is not pending review");
         }
-        // Record reviewer decision
+        // Record reviewer decision — inherit riskLevel from the latest AI review if available
         if (skillReviewRepo) {
+            const reviews = await skillReviewRepo.listForSkill(skillId);
+            const aiReview = reviews.find((r) => r.reviewerType === "ai");
+            const riskLevel = aiReview?.riskLevel ?? "low";
             await skillReviewRepo.create({
                 skillId,
                 version: meta.version,
                 reviewerType: "admin",
                 reviewerId,
-                riskLevel: "low",
+                riskLevel,
                 summary: reason || (decision === "approve" ? "Approved by reviewer" : "Rejected by reviewer"),
                 findings: [],
                 decision,
@@ -2092,19 +2310,27 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
     // ─────────────────────────────────────────────────
     // Cron Job Methods
     // ─────────────────────────────────────────────────
-    /** Notify all cron instances of job changes (fire-and-forget) */
-    function notifyCronService(payload) {
-        notifyCronServiceImpl(payload, configRepo);
-    }
-    methods.set("cron.list", async (_params, context) => {
+    methods.set("cron.list", async (params, context) => {
         const userId = requireAuth(context);
         if (!configRepo)
             return { jobs: [] };
-        const rows = await configRepo.listCronJobs(userId);
+        const workspaceId = params.workspaceId;
+        const opts = workspaceId ? { workspaceId } : undefined;
+        const rows = await configRepo.listCronJobs(userId, opts);
+        // Enrich with workspace names
+        const wsIds = [...new Set(rows.map((r) => r.workspaceId).filter(Boolean))];
+        const wsNameMap = new Map();
+        if (wsIds.length > 0 && workspaceRepo) {
+            for (const wsId of wsIds) {
+                const ws = await workspaceRepo.getById(wsId);
+                if (ws)
+                    wsNameMap.set(wsId, ws.name);
+            }
+        }
         return {
             jobs: rows.map((r) => ({
                 ...r,
-                envName: null,
+                workspaceName: r.workspaceId ? (wsNameMap.get(r.workspaceId) ?? null) : null,
             })),
         };
     });
@@ -2116,10 +2342,8 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const description = params.description;
         const schedule = params.schedule;
         const status = params.status ?? "active";
-        // For updates: fetch existing job to get current assignedTo
         const existingId = params.id;
-        const existingJob = existingId ? await configRepo.getCronJobById(existingId) : null;
-        const envId = params.envId;
+        const workspaceId = params.workspaceId;
         const id = await configRepo.saveCronJob(userId, {
             id: existingId,
             name,
@@ -2127,38 +2351,20 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             schedule,
             skillId: params.skillId,
             status,
-            envId: envId ?? null,
+            workspaceId: workspaceId ?? null,
         });
-        if (status === "paused") {
-            // Pausing — just cancel the timer, don't reassign
-            notifyCronService({ action: "pause", jobId: id });
-        }
-        else {
-            // Active — keep existing assignment if possible, otherwise assign to least-loaded
-            let assignedTo = existingJob?.assignedTo ?? null;
-            if (!assignedTo) {
-                try {
-                    const leastLoaded = await configRepo.getLeastLoadedInstance();
-                    if (leastLoaded) {
-                        assignedTo = leastLoaded.instanceId;
-                    }
-                }
-                catch {
-                    // No instances available yet — coordinator will pick up unassigned jobs
-                }
-            }
-            if (assignedTo) {
-                await configRepo.assignCronJob(id, assignedTo);
+        if (cronService) {
+            if (status === "paused") {
+                cronService.cancel(id);
             }
-            notifyCronService({
-                action: "upsert",
-                job: {
+            else {
+                cronService.addOrUpdate({
                     id, userId, name, description: description ?? null, schedule, status,
-                    skillId: params.skillId ?? null, assignedTo,
+                    skillId: params.skillId ?? null, assignedTo: null,
                     lastRunAt: null, lastResult: null, lockedBy: null, lockedAt: null,
-                    envId: envId ?? null,
-                },
-            });
+                    workspaceId: workspaceId ?? null,
+                });
+            }
         }
         return { id, name, schedule, status };
     });
@@ -2176,7 +2382,13 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         if (job.userId !== userId)
             throw new Error("Forbidden");
         await configRepo.deleteCronJob(id);
-        notifyCronService({ action: "delete", jobId: id });
+        cronService?.cancel(id);
+        // Auto-dismiss notifications for the deleted job
+        if (notifRepo) {
+            await notifRepo.dismissByTypeAndRelatedId("cron_success", id);
+            await notifRepo.dismissByTypeAndRelatedId("cron_failure", id);
+            await notifRepo.dismissByTypeAndRelatedId("cron_result", id); // legacy type
+        }
         return { status: "deleted" };
     });
     methods.set("cron.setStatus", async (params, context) => {
@@ -2204,21 +2416,23 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             schedule: job.schedule,
             skillId: job.skillId ?? undefined,
             status,
-            envId: job.envId ?? null,
+            workspaceId: job.workspaceId ?? null,
         });
-        // Notify cron service
-        notifyCronService({
-            action: status === "paused" ? "pause" : "upsert",
-            ...(status === "paused" ? { jobId: id } : {
-                job: {
+        // Update scheduler
+        if (cronService) {
+            if (status === "paused") {
+                cronService.cancel(id);
+            }
+            else {
+                cronService.addOrUpdate({
                     id, userId, name: job.name, description: job.description ?? null,
                     schedule: job.schedule, status, skillId: job.skillId ?? null,
-                    assignedTo: job.assignedTo ?? null,
-                    lastRunAt: null, lastResult: null, lockedBy: null, lockedAt: null,
-                    envId: job.envId ?? null,
-                },
-            }),
-        });
+                    assignedTo: null, lastRunAt: null, lastResult: null,
+                    lockedBy: null, lockedAt: null,
+                    workspaceId: job.workspaceId ?? null,
+                });
+            }
+        }
         return { id, status };
     });
     methods.set("cron.rename", async (params, context) => {
@@ -2245,21 +2459,46 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             schedule: job.schedule,
             skillId: job.skillId ?? undefined,
             status: job.status,
-            envId: job.envId ?? null,
+            workspaceId: job.workspaceId ?? null,
         });
-        // Notify cron service
-        notifyCronService({
-            action: "upsert",
-            job: {
+        // Update scheduler (name change — reschedule with updated job data)
+        if (cronService && job.status === "active") {
+            cronService.addOrUpdate({
                 id, userId, name: newName.trim(), description: job.description ?? null,
-                schedule: job.schedule, status: job.status, skillId: job.skillId ?? null,
-                assignedTo: job.assignedTo ?? null,
+                schedule: job.schedule, status: job.status,
+                skillId: job.skillId ?? null, assignedTo: null,
                 lastRunAt: null, lastResult: null, lockedBy: null, lockedAt: null,
-                envId: job.envId ?? null,
-            },
-        });
+                workspaceId: job.workspaceId ?? null,
+            });
+        }
         return { id, name: newName.trim() };
     });
+    methods.set("cron.runs", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!configRepo)
+            throw new Error("Database not available");
+        const jobId = params.jobId;
+        if (!jobId)
+            throw new Error("Missing required param: jobId");
+        // Verify ownership
+        const job = await configRepo.getCronJobById(jobId);
+        if (!job)
+            throw new Error("Job not found");
+        if (job.userId !== userId)
+            throw new Error("Forbidden");
+        const limit = Math.min(Number(params.limit) || 20, 100);
+        const runs = await configRepo.listCronJobRuns(jobId, limit);
+        return {
+            runs: runs.map((r) => ({
+                id: r.id,
+                status: r.status,
+                resultText: r.resultText,
+                error: r.error,
+                durationMs: r.durationMs,
+                createdAt: r.createdAt instanceof Date ? r.createdAt.toISOString() : r.createdAt ? new Date(Number(r.createdAt) * 1000).toISOString() : null,
+            })),
+        };
+    });
     // ─────────────────────────────────────────────────
     // Trigger Methods
     // ─────────────────────────────────────────────────
@@ -2707,6 +2946,9 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const configJson = params.configJson;
         if (!name)
             throw new Error("Missing required param: name");
+        if (type === "kubeconfig") {
+            throw new Error("Kubeconfig credentials are now managed via Environments. Use userEnvConfig.set instead.");
+        }
         if (!type || !CREDENTIAL_TYPES.includes(type)) {
             throw new Error(`Invalid credential type. Must be one of: ${CREDENTIAL_TYPES.join(", ")}`);
         }
@@ -2714,6 +2956,7 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             throw new Error("Missing required param: configJson");
         validateCredentialConfig(type, configJson);
         const id = await credRepo.create({ userId, name, type, description, configJson });
+        pushCredentialsToUser(userId);
         return { id, name, type };
     });
     methods.set("credential.update", async (params, context) => {
@@ -2737,6 +2980,7 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             updates.configJson = configJson;
         }
         await credRepo.update(userId, id, updates);
+        pushCredentialsToUser(userId);
         return { status: "updated" };
     });
     methods.set("credential.delete", async (params, context) => {
@@ -2750,9 +2994,253 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         if (!existing)
             throw new Error("Credential not found");
         await credRepo.delete(userId, id);
+        pushCredentialsToUser(userId);
+        return { status: "deleted" };
+    });
+    // ─────────────────────────────────────────────────
+    // Environment Methods (admin-only)
+    // ─────────────────────────────────────────────────
+    methods.set("environment.list", async (_params, context) => {
+        const userId = requireAuth(context);
+        if (!envRepo)
+            return { environments: [], isAdmin: false };
+        const isAdmin = isAdminUser(context);
+        // Check testOnly
+        let isTestOnly = false;
+        if (userRepo) {
+            const dbUser = await userRepo.getById(userId);
+            isTestOnly = dbUser?.testOnly ?? false;
+        }
+        const allEnvs = await envRepo.list();
+        const visibleEnvs = isTestOnly ? allEnvs.filter((e) => e.isTest) : allEnvs;
+        // Fetch user's kubeconfig status
+        const userConfigs = userEnvConfigRepo ? await userEnvConfigRepo.listForUser(userId) : [];
+        const configMap = new Map(userConfigs.map((c) => [c.envId, c]));
+        return {
+            isAdmin,
+            environments: visibleEnvs.map((e) => ({
+                id: e.id,
+                name: e.name,
+                isTest: e.isTest,
+                apiServer: e.apiServer,
+                allowedServers: e.allowedServers ? e.allowedServers.split(",").map((s) => s.trim()).filter(Boolean) : [],
+                hasDefaultKubeconfig: !!e.defaultKubeconfig,
+                hasUserKubeconfig: configMap.has(e.id),
+                userConfigUpdatedAt: configMap.get(e.id)?.updatedAt?.toISOString?.() ?? configMap.get(e.id)?.updatedAt ?? null,
+                createdBy: e.createdBy,
+                createdAt: e.createdAt,
+                updatedAt: e.updatedAt,
+            })),
+        };
+    });
+    methods.set("environment.create", async (params, context) => {
+        const userId = requireAdmin(context);
+        if (!envRepo)
+            throw new Error("Database not available");
+        const name = params.name;
+        const isTest = params.isTest;
+        const apiServer = params.apiServer;
+        const rawAllowedServers = params.allowedServers;
+        const allowedServers = Array.isArray(rawAllowedServers) ? rawAllowedServers.join(", ") : rawAllowedServers;
+        const defaultKubeconfig = params.defaultKubeconfig;
+        if (!name)
+            throw new Error("Missing required param: name");
+        if (!apiServer)
+            throw new Error("Missing required param: apiServer");
+        // Require explicit port in apiServer (e.g. https://host:6443)
+        try {
+            const u = new URL(apiServer.includes("://") ? apiServer : `https://${apiServer}`);
+            if (!u.port)
+                throw new Error("API Server must include an explicit port (e.g. https://host:6443)");
+        }
+        catch (e) {
+            if (e instanceof Error && e.message.startsWith("API Server"))
+                throw e;
+            throw new Error("API Server must be a valid URL with an explicit port (e.g. https://host:6443)");
+        }
+        // defaultKubeconfig only accepted for test environments
+        if (defaultKubeconfig && !isTest) {
+            throw new Error("defaultKubeconfig can only be set for test environments");
+        }
+        const id = await envRepo.save({ name, isTest, apiServer, allowedServers: allowedServers || null, defaultKubeconfig: defaultKubeconfig ?? null }, userId);
+        return { id, name };
+    });
+    methods.set("environment.update", async (params, context) => {
+        requireAdmin(context);
+        if (!envRepo)
+            throw new Error("Database not available");
+        const id = params.id;
+        if (!id)
+            throw new Error("Missing required param: id");
+        const existing = await envRepo.getById(id);
+        if (!existing)
+            throw new Error("Environment not found");
+        const name = params.name ?? existing.name;
+        const apiServer = params.apiServer ?? existing.apiServer;
+        const isTest = params.isTest !== undefined ? params.isTest : existing.isTest;
+        const rawAllowed = params.allowedServers;
+        const allowedServers = rawAllowed !== undefined
+            ? (Array.isArray(rawAllowed) ? rawAllowed.join(", ") : rawAllowed)
+            : existing.allowedServers;
+        let defaultKubeconfig = params.defaultKubeconfig !== undefined ? params.defaultKubeconfig : existing.defaultKubeconfig;
+        if (!apiServer?.trim()) {
+            throw new Error("apiServer must be a non-empty string");
+        }
+        // Require explicit port in apiServer (e.g. https://host:6443)
+        try {
+            const u = new URL(apiServer.includes("://") ? apiServer : `https://${apiServer}`);
+            if (!u.port)
+                throw new Error("API Server must include an explicit port (e.g. https://host:6443)");
+        }
+        catch (e) {
+            if (e instanceof Error && e.message.startsWith("API Server"))
+                throw e;
+            throw new Error("API Server must be a valid URL with an explicit port (e.g. https://host:6443)");
+        }
+        // If promoting from test to prod, auto-clear defaultKubeconfig
+        if (existing.isTest && !isTest) {
+            defaultKubeconfig = null;
+        }
+        // defaultKubeconfig only valid for test environments
+        if (defaultKubeconfig && !isTest) {
+            throw new Error("defaultKubeconfig can only be set for test environments");
+        }
+        const oldApiServer = existing.apiServer;
+        await envRepo.save({ id, name, isTest, apiServer, allowedServers, defaultKubeconfig });
+        // If apiServer changed, invalidate mismatched user kubeconfigs
+        if (userEnvConfigRepo && apiServer !== oldApiServer) {
+            const fullConfigs = await userEnvConfigRepo.listFullForEnv(id);
+            const affectedUserIds = new Set();
+            for (const cfg of fullConfigs) {
+                try {
+                    const parsed = yaml.load(cfg.kubeconfig);
+                    const clusters = parsed?.clusters ?? [];
+                    const servers = clusters.map((c) => c.cluster?.server).filter(Boolean);
+                    const matches = servers.some((s) => apiServerHostMatch(s, apiServer));
+                    if (!matches) {
+                        await userEnvConfigRepo.remove(cfg.userId, id);
+                        affectedUserIds.add(cfg.userId);
+                    }
+                }
+                catch {
+                    // If kubeconfig can't be parsed, remove it as invalid
+                    await userEnvConfigRepo.remove(cfg.userId, id);
+                    affectedUserIds.add(cfg.userId);
+                }
+            }
+            // Push updated credentials to affected users
+            for (const uid of affectedUserIds) {
+                pushCredentialsToUser(uid);
+            }
+        }
+        return { status: "updated" };
+    });
+    methods.set("environment.delete", async (params, context) => {
+        requireAdmin(context);
+        if (!envRepo)
+            throw new Error("Database not available");
+        const id = params.id;
+        if (!id)
+            throw new Error("Missing required param: id");
+        const existing = await envRepo.getById(id);
+        if (!existing)
+            throw new Error("Environment not found");
+        // Collect affected users before cleanup
+        const affectedUserIds = new Set();
+        if (userEnvConfigRepo) {
+            const envConfigs = await userEnvConfigRepo.listForEnv(id);
+            for (const c of envConfigs)
+                affectedUserIds.add(c.userId);
+            await userEnvConfigRepo.removeAllForEnv(id);
+        }
+        await envRepo.delete(id);
+        // Push updated credentials to all affected users
+        for (const uid of affectedUserIds) {
+            pushCredentialsToUser(uid);
+        }
         return { status: "deleted" };
     });
     // ─────────────────────────────────────────────────
+    // User Environment Config Methods (kubeconfig upload)
+    // ─────────────────────────────────────────────────
+    methods.set("userEnvConfig.list", async (_params, context) => {
+        const userId = requireAuth(context);
+        if (!envRepo || !userEnvConfigRepo)
+            return { configs: [] };
+        // Fetch all environments and user's configs
+        const allEnvs = await envRepo.list();
+        const userConfigs = await userEnvConfigRepo.listForUser(userId);
+        // Check if user is testOnly
+        let isTestOnly = false;
+        if (userRepo) {
+            const dbUser = await userRepo.getById(userId);
+            isTestOnly = dbUser?.testOnly ?? false;
+        }
+        // Filter out production environments for testOnly users
+        const visibleEnvs = isTestOnly ? allEnvs.filter((e) => e.isTest) : allEnvs;
+        const configMap = new Map(userConfigs.map((c) => [c.envId, c]));
+        return {
+            configs: visibleEnvs.map((env) => ({
+                envId: env.id,
+                envName: env.name,
+                isTest: env.isTest,
+                apiServer: env.apiServer,
+                hasKubeconfig: configMap.has(env.id),
+                updatedAt: configMap.get(env.id)?.updatedAt ?? null,
+            })),
+        };
+    });
+    methods.set("userEnvConfig.set", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!envRepo || !userEnvConfigRepo)
+            throw new Error("Database not available");
+        const envId = params.envId;
+        const kubeconfig = params.kubeconfig;
+        if (!envId)
+            throw new Error("Missing required param: envId");
+        if (!kubeconfig)
+            throw new Error("Missing required param: kubeconfig");
+        // Fetch environment
+        const env = await envRepo.getById(envId);
+        if (!env)
+            throw new Error("Environment not found");
+        // testOnly user check
+        if (userRepo) {
+            const dbUser = await userRepo.getById(userId);
+            if (dbUser?.testOnly && !env.isTest) {
+                throw new Error("Test-only users cannot configure production environments");
+            }
+        }
+        // Parse and validate kubeconfig YAML
+        let parsed;
+        try {
+            parsed = yaml.load(kubeconfig);
+        }
+        catch {
+            throw new Error("Invalid kubeconfig: YAML parse error");
+        }
+        // Validate apiServer appears in kubeconfig clusters
+        const clusters = parsed?.clusters ?? [];
+        const servers = clusters.map((c) => c.cluster?.server).filter(Boolean);
+        if (!servers.some((s) => apiServerHostMatch(s, env.apiServer))) {
+            throw new Error(`Kubeconfig does not contain a cluster matching apiServer "${env.apiServer}"`);
+        }
+        await userEnvConfigRepo.set(userId, envId, kubeconfig);
+        pushCredentialsToUser(userId);
+        return { status: "saved" };
+    });
+    methods.set("userEnvConfig.remove", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!userEnvConfigRepo)
+            throw new Error("Database not available");
+        const envId = params.envId;
+        if (!envId)
+            throw new Error("Missing required param: envId");
+        await userEnvConfigRepo.remove(userId, envId);
+        pushCredentialsToUser(userId);
+        return { status: "removed" };
+    });
+    // ─────────────────────────────────────────────────
     // Workspace Methods
     // ─────────────────────────────────────────────────
     methods.set("workspace.list", async (_params, context) => {
@@ -2762,7 +3250,14 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         let list = await workspaceRepo.list(userId);
         // Auto-create default workspace if none exists
         if (list.length === 0) {
-            await workspaceRepo.getOrCreateDefault(userId);
+            // testOnly users get a test-type default workspace
+            let defaultEnvType;
+            if (userRepo) {
+                const dbUser = await userRepo.getById(userId);
+                if (dbUser?.testOnly)
+                    defaultEnvType = "test";
+            }
+            await workspaceRepo.getOrCreateDefault(userId, defaultEnvType);
             list = await workspaceRepo.list(userId);
         }
         return { workspaces: list };
@@ -2774,8 +3269,18 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const name = params.name;
         if (!name)
             throw new Error("Missing required param: name");
+        // Determine envType — testOnly users forced to "test"
+        let envType = params.envType ?? "prod";
+        if (envType !== "prod" && envType !== "test") {
+            throw new Error("envType must be 'prod' or 'test'");
+        }
+        if (userRepo) {
+            const dbUser = await userRepo.getById(userId);
+            if (dbUser?.testOnly)
+                envType = "test";
+        }
         const config = params.config;
-        const ws = await workspaceRepo.create(userId, name, config);
+        const ws = await workspaceRepo.create(userId, name, config, envType);
         // Build workspace skills directory
         await syncWorkspaceSkills(userId, ws.id, ws.isDefault, [], []);
         return { workspace: ws };
@@ -2796,6 +3301,31 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             updates.name = params.name;
         if (params.config !== undefined)
             updates.configJson = params.config;
+        if (params.envType !== undefined) {
+            const envType = params.envType;
+            if (envType !== "prod" && envType !== "test") {
+                throw new Error("envType must be 'prod' or 'test'");
+            }
+            // testOnly users cannot set envType to "prod"
+            if (userRepo) {
+                const dbUser = await userRepo.getById(userId);
+                if (dbUser?.testOnly && envType === "prod") {
+                    throw new Error("Test-only users cannot create production workspaces");
+                }
+            }
+            // If changing to "test", verify all bound environments are test
+            if (params.envType === "test" && envRepo && workspaceRepo) {
+                const boundEnvIds = await workspaceRepo.getEnvironments(id);
+                if (boundEnvIds.length > 0) {
+                    const boundEnvs = await envRepo.listByIds(boundEnvIds);
+                    const nonTest = boundEnvs.filter((e) => !e.isTest);
+                    if (nonTest.length > 0) {
+                        throw new Error(`Cannot change to test type: workspace has ${nonTest.length} non-test environment(s) bound. Unbind them first.`);
+                    }
+                }
+            }
+            updates.envType = params.envType;
+        }
         await workspaceRepo.update(id, updates);
         return { status: "updated" };
     });
@@ -2827,16 +3357,25 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const ws = await workspaceRepo.getById(id);
         if (!ws || ws.userId !== userId)
             throw new Error("Workspace not found");
-        const [wsSkills, wsTools, wsCreds] = await Promise.all([
+        const [wsSkills, wsTools, wsCreds, wsEnvIds] = await Promise.all([
             workspaceRepo.getSkills(id),
             workspaceRepo.getTools(id),
             workspaceRepo.getCredentials(id),
+            workspaceRepo.getEnvironments(id),
         ]);
+        // Fetch full environment details for bound environments
+        let envDetails = [];
+        if (envRepo && wsEnvIds.length > 0) {
+            const envs = await envRepo.listByIds(wsEnvIds);
+            envDetails = envs.map((e) => ({ id: e.id, name: e.name, isTest: e.isTest, apiServer: e.apiServer }));
+        }
         return {
             workspace: ws,
             skills: wsSkills,
             tools: wsTools,
             credentials: wsCreds,
+            environments: wsEnvIds,
+            environmentDetails: envDetails,
         };
     });
     methods.set("workspace.setSkills", async (params, context) => {
@@ -2903,6 +3442,50 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             }
         }
         await workspaceRepo.setCredentials(workspaceId, credentialIds);
+        // Push updated credentials to running AgentBox for this workspace
+        pushCredentialsToUser(userId);
+        return { status: "updated" };
+    });
+    methods.set("workspace.setEnvironments", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!workspaceRepo)
+            throw new Error("Database not available");
+        const workspaceId = params.workspaceId;
+        const envIds = params.envIds;
+        if (!workspaceId || !Array.isArray(envIds))
+            throw new Error("Missing required params");
+        const ws = await workspaceRepo.getById(workspaceId);
+        if (!ws || ws.userId !== userId)
+            throw new Error("Workspace not found");
+        // Validate: if workspace is test, all bound environments must be test
+        if (envIds.length > 0 && !envRepo) {
+            throw new Error("Environment database not available");
+        }
+        if (envIds.length > 0 && envRepo) {
+            const envs = await envRepo.listByIds(envIds);
+            if (envs.length !== envIds.length) {
+                throw new Error("One or more environments not found");
+            }
+            if (ws.envType === "test") {
+                const nonTest = envs.filter((e) => !e.isTest);
+                if (nonTest.length > 0) {
+                    throw new Error("Test workspaces can only bind test environments");
+                }
+            }
+            // testOnly user check
+            if (userRepo) {
+                const dbUser = await userRepo.getById(userId);
+                if (dbUser?.testOnly) {
+                    const nonTest = envs.filter((e) => !e.isTest);
+                    if (nonTest.length > 0) {
+                        throw new Error("Test-only users cannot bind production environments");
+                    }
+                }
+            }
+        }
+        await workspaceRepo.setEnvironments(workspaceId, envIds);
+        // Push updated credentials to running AgentBox for this workspace
+        pushCredentialsToUser(userId);
         return { status: "updated" };
     });
     methods.set("workspace.availableTools", async (_params, context) => {
@@ -2928,8 +3511,12 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
     });
     /**
      * Build credential payload for a workspace.
-     * Default workspace: returns ALL user credentials.
-     * Custom workspace: returns only linked credentials.
+     *
+     * Kubeconfigs: sourced from environment-bound userEnvConfigs (NOT credentials table).
+     * Other credentials: from credentials table, filtered by workspace envType.
+     *   - prod workspace: all workspace-linked credentials
+     *   - test workspace: NO non-kubeconfig credentials (SSH, API tokens hidden)
+     *
      * Returns data only — does NOT write to disk. Agentbox materializes files locally.
      */
     async function buildCredentialPayload(userId, workspaceId, isDefault) {
@@ -2938,16 +3525,83 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         if (!fs.existsSync(agentDataDir)) {
             fs.mkdirSync(agentDataDir, { recursive: true });
         }
-        if (!credRepo)
-            return { manifest: [], files: [] };
-        // Determine which credentials to provision
+        const manifest = [];
+        const files = [];
+        // ── Step 1: Determine workspace envType ──
+        let envType = "prod";
+        if (workspaceRepo) {
+            const ws = await workspaceRepo.getById(workspaceId);
+            if (ws)
+                envType = ws.envType ?? "prod";
+        }
+        // ── Step 2: Kubeconfigs from environments ──
+        if (envRepo && userEnvConfigRepo) {
+            // Default workspace: all environments; non-default: only workspace-bound
+            let envs;
+            if (isDefault) {
+                envs = await envRepo.list();
+            }
+            else if (workspaceRepo) {
+                const boundEnvIds = await workspaceRepo.getEnvironments(workspaceId);
+                envs = boundEnvIds.length > 0 ? await envRepo.listByIds(boundEnvIds) : [];
+            }
+            else {
+                envs = [];
+            }
+            if (envs.length > 0) {
+                for (const env of envs) {
+                    // Runtime filter: test workspace skips prod environments
+                    if (envType === "test" && !env.isTest)
+                        continue;
+                    // Get user's kubeconfig for this environment
+                    const userConfig = await userEnvConfigRepo.get(userId, env.id);
+                    let kubeconfigContent = userConfig?.kubeconfig ?? null;
+                    // Fallback to defaultKubeconfig for test environments
+                    if (!kubeconfigContent && env.isTest && env.defaultKubeconfig) {
+                        kubeconfigContent = env.defaultKubeconfig;
+                    }
+                    if (kubeconfigContent) {
+                        const safeName = env.name.replace(/[^a-zA-Z0-9_-]/g, "_");
+                        const filename = `${safeName}.kubeconfig`;
+                        files.push({ name: filename, content: kubeconfigContent });
+                        const fileNames = [filename];
+                        let metadata;
+                        try {
+                            const kc = yaml.load(kubeconfigContent);
+                            const clusters = kc?.clusters ?? [];
+                            const contexts = kc?.contexts ?? [];
+                            metadata = {
+                                clusters: clusters.map((c) => ({ name: c.name, server: c.cluster?.server })),
+                                contexts: contexts.map((c) => ({ name: c.name, cluster: c.context?.cluster, namespace: c.context?.namespace })),
+                                currentContext: kc?.["current-context"],
+                            };
+                        }
+                        catch {
+                            // ignore parse errors
+                        }
+                        manifest.push({
+                            name: env.name,
+                            type: "kubeconfig",
+                            description: `Kubeconfig for environment: ${env.name}`,
+                            files: fileNames,
+                            ...(metadata ? { metadata } : {}),
+                        });
+                    }
+                }
+            }
+        }
+        // ── Step 3: Non-kubeconfig credentials from credentials table ──
+        // Test workspaces get NO non-kubeconfig credentials
+        if (envType === "test" || !credRepo) {
+            return { manifest, files };
+        }
         let creds;
         if (isDefault) {
             creds = await credRepo.listForUser(userId);
         }
         else {
             if (!workspaceRepo)
-                return { manifest: [], files: [] };
+                return { manifest, files };
             const linkedIds = await workspaceRepo.getCredentials(workspaceId);
             if (linkedIds.length === 0) {
                 creds = [];
@@ -2958,43 +3612,15 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         }
         // IdentityFile path used inside agentbox (resolves to .siclaw/credentials/)
         const credsDirInBox = path.resolve(process.cwd(), ".siclaw/credentials");
-        const manifest = [];
-        const files = [];
         for (const cred of creds) {
+            // Skip kubeconfig type credentials (now handled via environments)
+            if (cred.type === "kubeconfig")
+                continue;
             const config = (cred.configJson ?? {});
             const safeName = cred.name.replace(/[^a-zA-Z0-9_-]/g, "_");
             const fileNames = [];
             let metadata;
             switch (cred.type) {
-                case "kubeconfig": {
-                    const content = config.content;
-                    if (content) {
-                        const filename = `${safeName}.kubeconfig`;
-                        files.push({ name: filename, content });
-                        fileNames.push(filename);
-                        try {
-                            const kc = yaml.load(content);
-                            const clusters = kc?.clusters ?? [];
-                            const contexts = kc?.contexts ?? [];
-                            metadata = {
-                                clusters: clusters.map((c) => ({
-                                    name: c.name,
-                                    server: c.cluster?.server,
-                                })),
-                                contexts: contexts.map((c) => ({
-                                    name: c.name,
-                                    cluster: c.context?.cluster,
-                                    namespace: c.context?.namespace,
-                                })),
-                                currentContext: kc?.["current-context"],
-                            };
-                        }
-                        catch {
-                            // ignore parse errors
-                        }
-                    }
-                    break;
-                }
                 case "ssh_key": {
                     const privateKey = config.privateKey;
                     if (privateKey) {
@@ -3124,11 +3750,17 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             const sessions = await chatRepo.listSessions(userId, 1);
             sessionCount = sessions.length;
         }
-        // PROFILE.md exists?
+        // PROFILE.md exists with meaningful (non-skeleton) content?
+        // A skeleton PROFILE.md (all TBD) doesn't count — the user still needs onboarding.
         const userDataDir = process.env.SICLAW_USER_DATA_DIR || ".siclaw/user-data";
         const profilePath = path.resolve(userDataDir, "memory", "PROFILE.md");
-        const hasProfile = fs.existsSync(profilePath);
-        // Credentials by type count
+        let hasProfile = false;
+        if (fs.existsSync(profilePath)) {
+            const content = fs.readFileSync(profilePath, "utf-8");
+            // Profile is "real" if Name field has been filled (not TBD)
+            hasProfile = /\*\*Name\*\*:\s*(?!TBD).+/i.test(content);
+        }
+        // Credentials by type count (SSH/API + kubeconfigs)
         const credentials = {};
         if (credRepo) {
             const creds = await credRepo.listForUser(userId);
@@ -3136,6 +3768,20 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
                 credentials[c.type] = (credentials[c.type] || 0) + 1;
             }
         }
+        if (envRepo && userEnvConfigRepo) {
+            const allEnvs = await envRepo.list();
+            let kubeconfigCount = 0;
+            for (const env of allEnvs) {
+                // Count if user has a personal kubeconfig, OR if it's a test env with a default kubeconfig
+                const userConfig = await userEnvConfigRepo.get(userId, env.id);
+                if (userConfig?.kubeconfig || (env.isTest && env.defaultKubeconfig)) {
+                    kubeconfigCount++;
+                }
+            }
+            if (kubeconfigCount > 0) {
+                credentials["kubeconfig"] = kubeconfigCount;
+            }
+        }
         return { hasModels, hasProfile, sessionCount, credentials };
     });
     // ─────────────────────────────────────────────────
@@ -3156,7 +3802,8 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
         const values = params.values;
         const ALLOWED_SECTIONS = {
             sso: ["sso.enabled", "sso.issuer", "sso.clientId", "sso.clientSecret", "sso.redirectUri"],
-            system: ["system.baseUrl", "system.platformUrl", "system.agentboxImage"],
+            system: ["system.grafanaUrl"],
+            metrics: ["metrics.port", "metrics.token", "metrics.includeUserId"],
         };
         const allowedKeys = ALLOWED_SECTIONS[section];
         if (!allowedKeys)
@@ -3170,29 +3817,181 @@ export function createRpcMethods(agentBoxManager, broadcast, db, sendToUser, act
             }
         }
         await sysConfigRepo.setMany(entries);
-        // Apply agentbox image change at runtime
-        if (section === "system" && entries["system.agentboxImage"]) {
-            agentBoxManager.setSpawnerImage(entries["system.agentboxImage"]);
-        }
         return { ok: true };
     });
-    /** Build a skill bundle for a given user and environment (used by mTLS bundle API) */
+    /** Build a skill bundle for a given user and environment (used by mTLS bundle API).
+     *  "test" maps to "dev" behavior (working copies of personal skills). */
     async function getSkillBundle(userId, env) {
         if (!skillRepo || !skillContentRepo)
             throw new Error("Database not available");
         const disabled = new Set(await skillRepo.listDisabledSkills(userId));
-        return buildSkillBundle(userId, env, skillWriter, skillRepo, skillContentRepo, disabled);
+        // Map "test" → "dev" for skill bundle purposes (test = dev-like skill access)
+        const bundleEnv = env === "test" ? "dev" : env;
+        return buildSkillBundle(userId, bundleEnv, skillWriter, skillRepo, skillContentRepo, disabled);
     }
-    /** Abort all SSE streams associated with a specific WebSocket connection */
+    /** Detach WebSocket from SSE streams — SSE continues so DB persistence and
+     *  dpProgressSnapshots keep updating. User reconnect resumes live events. */
     function cleanupForWs(ws) {
         for (const [key, stream] of activeStreams.entries()) {
             if (stream.ws === ws) {
-                console.log(`[rpc] Cleaning up SSE stream ${key} (WS closed)`);
-                stream.abort();
-                activeStreams.delete(key);
+                console.log(`[rpc] WS detached from SSE stream ${key} — SSE continues`);
+                stream.ws = undefined;
             }
         }
     }
+    // ── Monitoring Dashboard ──
+    methods.set("metrics.timeseries", async (params, context) => {
+        requireAuth(context);
+        if (!metricsAggregator)
+            return { buckets: [], snapshot: { activeSessions: 0, wsConnections: 0 }, topTools: [], topSkills: [] };
+        const range = params.range || "1h";
+        if (range !== "1h" && range !== "6h" && range !== "24h") {
+            throw new Error("Invalid range: must be 1h, 6h, or 24h");
+        }
+        const buckets = metricsAggregator.query(range).map((b) => ({
+            timestamp: b.timestamp,
+            tokensInput: b.tokensInput,
+            tokensOutput: b.tokensOutput,
+            tokensCacheRead: b.tokensCacheRead,
+            tokensCacheWrite: b.tokensCacheWrite,
+            promptCount: b.promptCount,
+            promptErrors: b.promptErrors,
+            promptDurationAvg: b.promptCount + b.promptErrors > 0
+                ? b.promptDurationSum / (b.promptCount + b.promptErrors)
+                : 0,
+            promptDurationMax: b.promptDurationMax,
+            activeSessions: b.activeSessions,
+            wsConnections: b.wsConnections,
+            toolCalls: b.toolCalls,
+            toolErrors: b.toolErrors,
+            skillSuccesses: b.skillSuccesses,
+            skillErrors: b.skillErrors,
+        }));
+        return {
+            buckets,
+            snapshot: metricsAggregator.snapshot(),
+            topTools: metricsAggregator.topTools(10),
+            topSkills: metricsAggregator.topSkills(10),
+        };
+    });
+    methods.set("metrics.summary", async (params, context) => {
+        requireAuth(context);
+        if (!db)
+            return { totalTokens: 0, totalPrompts: 0, totalSessions: 0, tokenBreakdown: { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 }, byModel: [] };
+        const period = params.period || "today";
+        const now = new Date();
+        let cutoffMs;
+        if (period === "7d") {
+            cutoffMs = now.getTime() - 7 * 86_400_000;
+        }
+        else if (period === "30d") {
+            cutoffMs = now.getTime() - 30 * 86_400_000;
+        }
+        else {
+            // "today" — UTC start of day
+            cutoffMs = new Date(Date.UTC(now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate())).getTime();
+        }
+        const rows = await db.select({
+            provider: sessionStats.provider,
+            model: sessionStats.model,
+            session_count: count(),
+            total_input: sum(sessionStats.inputTokens),
+            total_output: sum(sessionStats.outputTokens),
+            total_cache_read: sum(sessionStats.cacheReadTokens),
+            total_cache_write: sum(sessionStats.cacheWriteTokens),
+            total_prompts: sum(sessionStats.promptCount),
+        })
+            .from(sessionStats)
+            .where(gte(sessionStats.createdAt, cutoffMs))
+            .groupBy(sessionStats.provider, sessionStats.model)
+            .orderBy(sql `(SUM(${sessionStats.inputTokens}) + SUM(${sessionStats.outputTokens})) DESC`);
+        let totalTokens = 0;
+        let totalPrompts = 0;
+        let totalSessions = 0;
+        const tokenBreakdown = { input: 0, output: 0, cacheRead: 0, cacheWrite: 0 };
+        const byModel = [];
+        for (const row of rows) {
+            const input = Number(row.total_input) || 0;
+            const output = Number(row.total_output) || 0;
+            const cacheRead = Number(row.total_cache_read) || 0;
+            const cacheWrite = Number(row.total_cache_write) || 0;
+            const tokens = input + output;
+            const prompts = Number(row.total_prompts) || 0;
+            const sessions = Number(row.session_count) || 0;
+            totalTokens += tokens;
+            totalPrompts += prompts;
+            totalSessions += sessions;
+            tokenBreakdown.input += input;
+            tokenBreakdown.output += output;
+            tokenBreakdown.cacheRead += cacheRead;
+            tokenBreakdown.cacheWrite += cacheWrite;
+            byModel.push({
+                provider: row.provider || "unknown",
+                model: row.model || "unknown",
+                tokens,
+                sessions,
+                percentage: 0, // filled below
+            });
+        }
+        // Calculate percentages
+        for (const entry of byModel) {
+            entry.percentage = totalTokens > 0 ? Math.round((entry.tokens / totalTokens) * 100) : 0;
+        }
+        return { totalTokens, totalPrompts, totalSessions, tokenBreakdown, byModel };
+    });
+    // ── Audit ──────────────────────────────────────────────────────────
+    methods.set("audit.list", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!chatRepo)
+            throw new Error("Database not available");
+        const p = params;
+        const queryUserId = isAdminUser(context) ? (p.userId || undefined) : userId;
+        const limit = Math.min(p.limit ?? 50, 200);
+        const validOutcomes = ["success", "error", "blocked"];
+        const outcome = p.outcome && validOutcomes.includes(p.outcome) ? p.outcome : undefined;
+        const rows = await chatRepo.queryAuditLogs({
+            userId: queryUserId,
+            userName: isAdminUser(context) ? p.userName : undefined,
+            toolName: p.toolName,
+            outcome,
+            startDate: p.startDate ? Math.floor(new Date(p.startDate).getTime() / 1000) : undefined,
+            endDate: p.endDate ? Math.floor(new Date(p.endDate).getTime() / 1000) : undefined,
+            cursorTs: p.cursorTs,
+            cursorId: p.cursorId,
+            limit,
+        });
+        const hasMore = rows.length > limit;
+        const logs = hasMore ? rows.slice(0, limit) : rows;
+        return { logs, hasMore };
+    });
+    methods.set("audit.detail", async (params, context) => {
+        const userId = requireAuth(context);
+        if (!chatRepo)
+            throw new Error("Database not available");
+        const { messageId } = params;
+        if (!messageId)
+            throw new Error("messageId is required");
+        const msg = await chatRepo.getMessageById(messageId);
+        if (!msg || msg.role !== "tool")
+            throw new Error("Message not found");
+        // Ownership check via session
+        const session = await chatRepo.getSession(msg.sessionId);
+        if (!session)
+            throw new Error("Session not found");
+        if (!isAdminUser(context) && session.userId !== userId) {
+            throw new Error("Forbidden: not your message");
+        }
+        return {
+            id: msg.id,
+            userId: msg.userId,
+            content: msg.content,
+            toolName: msg.toolName,
+            toolInput: msg.toolInput,
+            outcome: msg.outcome,
+            durationMs: msg.durationMs,
+            timestamp: msg.timestamp,
+        };
+    });
     return { methods, buildCredentialPayload, getSkillBundle, cleanupForWs };
 }
 //# sourceMappingURL=rpc-methods.js.map