Upload folder using huggingface_hub

.gitattributes

@@ -33,3 +33,4 @@ saved_model/**/* filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
 *tfevents* filter=lfs diff=lfs merge=lfs -text
+knowledge/custom/TED[[:space:]]Podcasts.pdf filter=lfs diff=lfs merge=lfs -text

.hfignore

@@ -0,0 +1,20 @@
+agent-zero-temp/
+anthropic-skills-temp/
+agent-zero-temp-2/
+verification_output.txt
+verify_integration.py
+test_api.py
+.git/
+__pycache__/
+*.pyc
+.env
+logs/
+tmp/
+usr/
+knowledge/
+python/
+searxng/
+webui/
+node_modules/
+.hfignore
+deploy_to_hf.py

Dockerfile

@@ -0,0 +1,104 @@
+# Use a specific Python 3.12 image for compatibility
+FROM python:3.12-slim-bookworm
+
+LABEL description="Dockerfile for Agent-Zero on Hugging Face Spaces"
+
+# Avoid prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Install system dependencies, including openssl for key generation and rsync
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    gcc \
+    g++ \
+    gfortran \
+    libffi-dev \
+    libssl-dev \
+    libopenblas-dev \
+    pkg-config \
+    git \
+    curl \
+    openssl \
+    procps \
+    rsync \
+    && rm -rf /var/lib/apt/lists/*
+
+# Use the official Ollama installation script
+RUN curl -fsSL https://ollama.com/install.sh | sh
+
+# Set the working directory
+WORKDIR /app
+
+# Copy requirements.txt and install dependencies to leverage Docker cache
+COPY requirements.txt .
+RUN pip install --no-cache-dir --upgrade pip wheel setuptools
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Clone the agent-zero repository.
+RUN git clone --depth 1 https://github.com/agent0ai/agent-zero.git /agent-zero-base && \
+    rsync -av /agent-zero-base/ /app/ && \
+    rm -rf /agent-zero-base
+
+# Clone the anthropics skills repository and integrate skills.
+RUN git clone --depth 1 https://github.com/anthropics/skills.git /anthropic-skills && \
+    mkdir -p /app/usr/skills && \
+    cp -r /anthropic-skills/skills/* /app/usr/skills/ && \
+    rm -rf /anthropic-skills
+
+# Copy the local files to overwrite the one from the repository
+COPY run_ui.py /app/run_ui.py
+COPY webui/js/api.js /app/webui/js/api.js
+COPY webui/index.html /app/webui/index.html
+COPY webui/js/index.js /app/webui/js/index.js
+COPY preload.py /app/preload.py
+COPY python/extensions/system_prompt/_10_system_prompt.py /app/python/extensions/system_prompt/_10_system_prompt.py
+COPY python/helpers/searxng.py /app/python/helpers/searxng.py
+COPY python/helpers/settings.py /app/python/helpers/settings.py
+COPY python/helpers/csrf.py /app/python/helpers/csrf.py
+COPY python/api/csrf_token.py /app/python/api/csrf_token.py
+COPY start.sh /app/start.sh
+COPY python/tools/search_engine.py /app/python/tools/search_engine.py
+COPY initialize.py /app/initialize.py
+
+# --- DEFINITIVE FIX: GENERATE KEY AT BUILD TIME ---
+# This creates a permanent .env file with a stable key when the image is built.
+# This eliminates all runtime race conditions and is the most reliable method.
+RUN echo "FLASK_SECRET_KEY=$(openssl rand -hex 32)" > .env
+
+# Declare build-time arguments (Hugging Face injects secrets here) 
+ARG JULES_API_KEY 
+ARG GITHUB_PERSONAL_ACCESS_TOKEN 
+ARG HUGGINGFACE_API_KEY
+
+ENV JULES_API_KEY=$JULES_API_KEY 
+ENV GITHUB_PERSONAL_ACCESS_TOKEN=$GITHUB_PERSONAL_ACCESS_TOKEN 
+ENV HUGGINGFACE_API_KEY=$HUGGINGFACE_API_KEY
+# Pre-download the required spaCy model during the build
+
+
+# Manually create the 'ollama' group
+RUN groupadd -r ollama
+
+# Create a non-root user for security
+RUN useradd --create-home --shell /bin/bash user
+
+# Add the user to the 'ollama' group so it can use the service
+RUN usermod -aG ollama user
+
+# Grant the non-root user ownership of the application directory
+RUN chown -R user:user /app
+
+# Make start.sh executable
+RUN chmod +x /app/start.sh
+
+# Switch to the non-root user
+USER user
+
+# Set the final working directory
+WORKDIR /app
+
+# Expose the application port
+EXPOSE 5000
+
+# Command to start the services (now much simpler)
+CMD ["/app/start.sh"]

README.md

@@ -1,10 +1,95 @@
 ---
-title: Agent Skillset
-emoji: 🚀
-colorFrom: yellow
+title: Agent with Claude Skills
+emoji: 😻
+colorFrom: gray
 colorTo: yellow
 sdk: docker
+app_port: 5000
 pinned: false
+short_description: A powerful and flexible agent framework with a web-based UI.
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+## 🚀 Agent with Claude Skills
+
+This project provides a robust and extensible agent framework with a user-friendly web interface. It's designed to be highly configurable, allowing you to easily integrate with different large language models (LLMs), embedding models, and other services.
+
+### ✨ Features
+
+-   **Web-based UI:** A clean and intuitive web interface for interacting with the agent.
+-   **Dockerized Environment:** The entire application is containerized with Docker, ensuring a consistent and reproducible environment.
+-   **Extensible API:** A flexible API that allows you to add new tools and capabilities to the agent.
+-   **Configurable Models:** Easily configure the chat, utility, and embedding models through a simple settings file.
+-   **Multi-agent Communication:** Supports multi-agent communication through the Multi-agent Communication Protocol (MCP).
+-   **Agent-to-Agent Communication:** Enables direct communication between agents using the Agent-to-Agent (A2A) protocol.
+-   **Authentication:** Secure your agent with basic authentication and API key protection.
+-   **CSRF Protection:** Built-in Cross-Site Request Forgery (CSRF) protection for enhanced security.
+-   **Dynamic Settings:** Modify the agent's settings on the fly without restarting the application.
+
+### 🛠️ Getting Started
+
+#### Prerequisites
+
+-   [Docker](https://docs.docker.com/get-docker/)
+-   [Docker Compose](https://docs.docker.com/compose/install/) (optional, for local development)
+
+#### Running the Application
+
+1.  **Clone the repository:**
+
+    ```bash
+    git clone https://huggingface.co/spaces/harvesthealth/agent-with-claude-skills
+    cd agent-with-claude-skills
+    ```
+
+2.  **Build and run the Docker container:**
+
+    ```bash
+    docker build -t agent-with-claude-skills .
+    docker run -p 5000:5000 agent-with-claude-skills
+    ```
+
+3.  **Access the web UI:**
+
+    Open your web browser and navigate to `http://localhost:5000`.
+
+#### Configuration
+
+The application's settings are managed in the `python/helpers/settings.py` file. You can modify this file to change the default models, API keys, and other parameters.
+
+**Important:** For production environments, it's highly recommended to use a `.env` file to manage your secrets and API keys.
+
+### 🔧 Modifying the API Base URL
+
+By default, the `chat_model_api_base` and `util_model_api_base` are hardcoded in `python/helpers/settings.py`. To make this configurable, you can modify the file to use an environment variable.
+
+1.  **Open `python/helpers/settings.py`:**
+
+2.  **Locate the `get_default_settings` function:**
+
+3.  **Replace the hardcoded URLs with a variable:**
+
+    ```python
+    def get_default_settings() -> Settings:
+        api_base_url = os.getenv("API_BASE_URL", "https://api.helmholtz-blablador.fz-juelich.de/v1")
+        return Settings(
+            version=_get_version(),
+            chat_model_provider="Other OpenAI compatible",
+            chat_model_name="alias-large",
+            chat_model_api_base=api_base_url,
+            ...
+            util_model_provider="Other OpenAI compatible",
+            util_model_name="alias-large",
+            util_model_api_base=api_base_url,
+            ...
+        )
+    ```
+
+4.  **Create a `.env` file in the root of the project:**
+
+    ```
+    API_BASE_URL=https://your-api-base-url.com/v1
+    ```
+
+### 🤝 Contributing
+
+Contributions are welcome! Please feel free to submit a pull request or open an issue if you have any suggestions or find any bugs.

api_app.py

@@ -0,0 +1,78 @@
+from fastapi import FastAPI, HTTPException
+from pydantic import BaseModel
+from typing import Optional, List
+import os
+import asyncio
+from agent import AgentContext, AgentContextType, UserMessage
+import initialize
+from python.helpers import runtime, dotenv
+from python.helpers.print_style import PrintStyle
+
+app = FastAPI(title="Skilled-Agent API")
+
+class ChatRequest(BaseModel):
+    message: str
+    chat_id: Optional[str] = None
+    attachments: Optional[List[str]] = None
+
+class ChatResponse(BaseModel):
+    response: str
+    chat_id: str
+
+@app.on_event("startup")
+async def startup_event():
+    PrintStyle().print("Initializing Skilled-Agent API...")
+    runtime.initialize()
+    dotenv.load_dotenv()
+    
+    # Run migrations if necessary
+    initialize.initialize_migration()
+    
+    # Initialize chats
+    init_chats = initialize.initialize_chats()
+    init_chats.result_sync()
+
+    # Initialize MCP
+    initialize.initialize_mcp()
+    
+    # Start job loop
+    initialize.initialize_job_loop()
+    
+    # Preload
+    initialize.initialize_preload()
+    
+    PrintStyle().print("Skilled-Agent API started.")
+
+@app.post("/chat", response_model=ChatResponse)
+async def chat(request: ChatRequest):
+    context = None
+    if request.chat_id:
+        context = AgentContext.get(request.chat_id)
+        if not context:
+            raise HTTPException(status_code=404, detail=f"Chat session {request.chat_id} not found")
+    else:
+        # Create new context
+        config = initialize.initialize_agent()
+        context = AgentContext(config=config, type=AgentContextType.BACKGROUND)
+
+    if not request.message:
+        raise HTTPException(status_code=400, detail="Message is required")
+
+    try:
+        PrintStyle().print(f"Processing message for chat {context.id}...")
+        task = context.communicate(
+            UserMessage(
+                message=request.message,
+                attachments=request.attachments or []
+            )
+        )
+        # Wait for the agent to finish and return the final message
+        result = await task.result()
+        return ChatResponse(response=result, chat_id=context.id)
+    except Exception as e:
+        PrintStyle().error(f"Error in chat: {e}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+@app.get("/health")
+async def health():
+    return {"status": "healthy"}

check_secrets.py

@@ -0,0 +1,35 @@
+import os
+
+# List of secrets that are commonly used by Agent-Zero and integrated skills
+COMMON_SECRETS = [
+    "ANTHROPIC_API_KEY",
+    "OPENAI_API_KEY",
+    "GITHUB_PERSONAL_ACCESS_TOKEN",
+    "HUGGINGFACE_API_KEY",
+    "GOOGLE_API_KEY",
+    "SERPAPI_API_KEY",
+    "SEARXNG_URL"
+]
+
+def check_secrets():
+    print("=== Skilled-Agent Secret Check ===")
+    missing = []
+    available = []
+    
+    for secret in COMMON_SECRETS:
+        if os.getenv(secret):
+            available.append(secret)
+        else:
+            missing.append(secret)
+            
+    if available:
+        print(f"INFO: Available secrets in environment: {', '.join(available)}")
+    
+    if missing:
+        print(f"WARNING: The following secrets are NOT set: {', '.join(missing)}")
+        print("Please configure them in your Hugging Face Space Settings -> Secrets if your tasks require them.")
+    
+    print("==================================")
+
+if __name__ == "__main__":
+    check_secrets()

initialize.py

@@ -0,0 +1,166 @@
+from agent import AgentConfig
+import models
+from python.helpers import runtime, settings, defer
+from python.helpers.print_style import PrintStyle
+
+
+def initialize_agent():
+    current_settings = settings.get_settings()
+
+    def _normalize_model_kwargs(kwargs: dict) -> dict:
+        # convert string values that represent valid Python numbers to numeric types
+        result = {}
+        for key, value in kwargs.items():
+            if isinstance(value, str):
+                # try to convert string to number if it's a valid Python number
+                try:
+                    # try int first, then float
+                    result[key] = int(value)
+                except ValueError:
+                    try:
+                        result[key] = float(value)
+                    except ValueError:
+                        result[key] = value
+            else:
+                result[key] = value
+        return result
+
+    # chat model from user settings
+    chat_llm = models.ModelConfig(
+        type=models.ModelType.CHAT,
+        provider=current_settings["chat_model_provider"],
+        name=current_settings["chat_model_name"],
+        api_base=current_settings["chat_model_api_base"],
+        ctx_length=current_settings["chat_model_ctx_length"],
+        vision=current_settings["chat_model_vision"],
+        limit_requests=current_settings["chat_model_rl_requests"],
+        limit_input=current_settings["chat_model_rl_input"],
+        limit_output=current_settings["chat_model_rl_output"],
+        kwargs=_normalize_model_kwargs(current_settings["chat_model_kwargs"]),
+    )
+
+    # utility model from user settings
+    utility_llm = models.ModelConfig(
+        type=models.ModelType.CHAT,
+        provider=current_settings["util_model_provider"],
+        name=current_settings["util_model_name"],
+        api_base=current_settings["util_model_api_base"],
+        ctx_length=current_settings["util_model_ctx_length"],
+        limit_requests=current_settings["util_model_rl_requests"],
+        limit_input=current_settings["util_model_rl_input"],
+        limit_output=current_settings["util_model_rl_output"],
+        kwargs=_normalize_model_kwargs(current_settings["util_model_kwargs"]),
+    )
+    # embedding model from user settings
+    embedding_llm = models.ModelConfig(
+        type=models.ModelType.EMBEDDING,
+        provider=current_settings["embed_model_provider"],
+        name=current_settings["embed_model_name"],
+        api_base=current_settings["embed_model_api_base"],
+        limit_requests=current_settings["embed_model_rl_requests"],
+        kwargs=_normalize_model_kwargs(current_settings["embed_model_kwargs"]),
+    )
+    # browser model from user settings
+    browser_llm = models.ModelConfig(
+        type=models.ModelType.CHAT,
+        provider=current_settings["browser_model_provider"],
+        name=current_settings["browser_model_name"],
+        api_base=current_settings["browser_model_api_base"],
+        vision=current_settings["browser_model_vision"],
+        kwargs=_normalize_model_kwargs(current_settings["browser_model_kwargs"]),
+    )
+    # agent configuration
+    config = AgentConfig(
+        chat_model=chat_llm,
+        utility_model=utility_llm,
+        embeddings_model=embedding_llm,
+        browser_model=browser_llm,
+        profile=current_settings["agent_profile"],
+        memory_subdir=current_settings["agent_memory_subdir"],
+        knowledge_subdirs=[current_settings["agent_knowledge_subdir"], "default"],
+        mcp_servers=current_settings.get("mcp_servers"),
+        # code_exec params get initialized in _set_runtime_config
+        # additional = {},
+    )
+
+    # update SSH and docker settings
+    _set_runtime_config(config, current_settings)
+
+    # update config with runtime args
+    _args_override(config)
+
+    # initialize MCP in deferred task to prevent blocking the main thread
+    # async def initialize_mcp_async(mcp_servers_config: str):
+    #     return initialize_mcp(mcp_servers_config)
+    # defer.DeferredTask(thread_name="mcp-initializer").start_task(initialize_mcp_async, config.mcp_servers)
+    # initialize_mcp(config.mcp_servers)
+
+    # import python.helpers.mcp_handler as mcp_helper
+    # import agent as agent_helper
+    # import python.helpers.print_style as print_style_helper
+    # if not mcp_helper.MCPConfig.get_instance().is_initialized():
+    #     try:
+    #         mcp_helper.MCPConfig.update(config.mcp_servers)
+    #     except Exception as e:
+    #         first_context = agent_helper.AgentContext.first()
+    #         if first_context:
+    #             (
+    #                 first_context.log
+    #                 .log(type="warning", content=f"Failed to update MCP settings: {e}", temp=False)
+    #             )
+    #         (
+    #             print_style_helper.PrintStyle(background_color="black", font_color="red", padding=True)
+    #             .print(f"Failed to update MCP settings: {e}")
+    #         )
+
+    # return config object
+    return config
+
+def initialize_chats():
+    from python.helpers import persist_chat
+    async def initialize_chats_async():
+        persist_chat.load_tmp_chats()
+    return defer.DeferredTask().start_task(initialize_chats_async)
+
+def initialize_mcp():
+    set = settings.get_settings()
+    async def initialize_mcp_async():
+        from python.helpers.mcp_handler import initialize_mcp as _initialize_mcp
+        return _initialize_mcp(set["mcp_servers"])
+    return defer.DeferredTask().start_task(initialize_mcp_async)
+
+def initialize_job_loop():
+    from python.helpers.job_loop import run_loop
+    return defer.DeferredTask("JobLoop").start_task(run_loop)
+
+def initialize_preload():
+    import preload
+    return defer.DeferredTask().start_task(preload.preload)
+
+
+def _args_override(config):
+    # update config with runtime args
+    for key, value in runtime.args.items():
+        if hasattr(config, key):
+            # conversion based on type of config[key]
+            if isinstance(getattr(config, key), bool):
+                value = value.lower().strip() == "true"
+            elif isinstance(getattr(config, key), int):
+                value = int(value)
+            elif isinstance(getattr(config, key), float):
+                value = float(value)
+            elif isinstance(getattr(config, key), str):
+                value = str(value)
+            else:
+                raise Exception(
+                    f"Unsupported argument type of '{key}': {type(getattr(config, key))}"
+                )
+
+            setattr(config, key, value)
+
+
+def _set_runtime_config(config: AgentConfig, set: settings.Settings):
+    ssh_conf = settings.get_runtime_config(set)
+    for key, value in ssh_conf.items():
+        if hasattr(config, key):
+            setattr(config, key, value)

knowledge/custom/TED Podcasts.pdf

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ffc5a579932dc6ea1e6c50b386f81c8fd0e9bd2cb4501a4a6856d11623a5bf11
+size 237793

preload.py

@@ -0,0 +1,58 @@
+import asyncio
+from python.helpers import runtime, whisper, settings
+from python.helpers.print_style import PrintStyle
+from python.helpers import kokoro_tts
+import models
+
+
+async def preload():
+    PrintStyle().print("Preloading models...")
+    try:
+        set = settings.get_default_settings()
+
+        # preload whisper model
+        async def preload_whisper():
+            try:
+                return await whisper.preload(set["stt_model_size"])
+            except Exception as e:
+                PrintStyle().error(f"Error in preload_whisper: {e}")
+
+        # preload embedding model
+        async def preload_embedding():
+            if set["embed_model_provider"].lower() == "huggingface":
+                try:
+                    # Use the new LiteLLM-based model system
+                    emb_mod = models.get_embedding_model(
+                        "huggingface", set["embed_model_name"]
+                    )
+                    emb_txt = await emb_mod.aembed_query("test")
+                    return emb_txt
+                except Exception as e:
+                    PrintStyle().error(f"Error in preload_embedding: {e}")
+
+        # preload kokoro tts model if enabled
+        async def preload_kokoro():
+            if set["tts_kokoro"]:
+                try:
+                    return await kokoro_tts.preload()
+                except Exception as e:
+                    PrintStyle().error(f"Error in preload_kokoro: {e}")
+
+        # async tasks to preload
+        tasks = [
+            preload_embedding(),
+            # preload_whisper(),
+            # preload_kokoro()
+        ]
+
+        await asyncio.gather(*tasks, return_exceptions=True)
+        PrintStyle().print("Preload completed")
+    except Exception as e:
+        PrintStyle().error(f"Error in preload: {e}")
+
+
+# preload transcription model
+if __name__ == "__main__":
+    PrintStyle().print("Running preload...")
+    runtime.initialize()
+    asyncio.run(preload())

python/api/csrf_token.py

@@ -0,0 +1,23 @@
+from python.helpers.api import (
+    ApiHandler,
+    Input,
+    Output,
+    Request,
+    Response,
+    session,
+)
+from python.helpers import runtime, csrf
+
+class GetCsrfToken(ApiHandler):
+
+    @classmethod
+    def get_methods(cls) -> list[str]:
+        return ["GET"]
+
+    @classmethod
+    def requires_csrf(cls) -> bool:
+        return False
+
+    async def process(self, input: Input, request: Request) -> Output:
+        token = csrf.generate_csrf_token()
+        return {"token": token, "runtime_id": runtime.get_runtime_id()}

python/extensions/system_prompt/_10_system_prompt.py

@@ -0,0 +1,43 @@
+from typing import Any
+from python.helpers.extension import Extension
+from python.helpers.mcp_handler import MCPConfig
+from agent import Agent, LoopData
+
+
+class SystemPrompt(Extension):
+
+    async def execute(self, system_prompt: list[str] = [], loop_data: LoopData = LoopData(), **kwargs: Any):
+        # append main system prompt and tools
+        main = get_main_prompt(self.agent)
+        tools = get_tools_prompt(self.agent)
+        mcp_tools = get_mcp_tools_prompt(self.agent)
+        final_instruction = "When you are done with the task, use the 'response' tool to return the final answer."
+
+        system_prompt.append(main)
+        system_prompt.append(tools)
+        if mcp_tools:
+            system_prompt.append(mcp_tools)
+        system_prompt.append(final_instruction)
+
+
+def get_main_prompt(agent: Agent):
+    return agent.read_prompt("agent.system.main.md")
+
+
+def get_tools_prompt(agent: Agent):
+    prompt = agent.read_prompt("agent.system.tools.md")
+    if agent.config.chat_model.vision:
+        prompt += '\n\n' + agent.read_prompt("agent.system.tools_vision.md")
+    return prompt
+
+
+def get_mcp_tools_prompt(agent: Agent):
+    mcp_config = MCPConfig.get_instance()
+    if mcp_config.servers:
+        pre_progress = agent.context.log.progress
+        agent.context.log.set_progress("Collecting MCP tools") # MCP might be initializing, better inform via progress bar
+        tools = MCPConfig.get_instance().get_tools_prompt()
+        agent.context.log.set_progress(pre_progress) # return original progress
+        return tools
+    return ""
+        

python/helpers/csrf.py

@@ -0,0 +1,28 @@
+import secrets
+import hmac
+import hashlib
+import time
+
+CSRF_SECRET = secrets.token_bytes(32)
+TOKEN_TTL = 3600  # 1 hour validity
+
+def generate_csrf_token():
+    nonce = secrets.token_hex(16)  # 128-bit random
+    timestamp = str(int(time.time()))
+    data = f"{nonce}:{timestamp}"
+    sig = hmac.new(CSRF_SECRET, data.encode(), hashlib.sha256).hexdigest()
+    return f"{data}.{sig}"
+
+def verify_csrf_token(token):
+    try:
+        data, sig = token.rsplit(".", 1)
+        expected_sig = hmac.new(CSRF_SECRET, data.encode(), hashlib.sha256).hexdigest()
+        if not hmac.compare_digest(sig, expected_sig):
+            return False
+        # check TTL
+        nonce, timestamp = data.split(":")
+        if time.time() - int(timestamp) > TOKEN_TTL:
+            return False
+        return True
+    except Exception:
+        return False

python/helpers/mcp_server.py

@@ -0,0 +1,433 @@
+import os
+from typing import Annotated, Literal, Union
+from urllib.parse import urlparse
+from openai import BaseModel
+from pydantic import Field
+from fastmcp import FastMCP
+
+from agent import AgentContext, AgentContextType, UserMessage
+from python.helpers.persist_chat import remove_chat
+from initialize import initialize_agent
+from python.helpers.print_style import PrintStyle
+from python.helpers import settings
+from starlette.middleware import Middleware
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.exceptions import HTTPException as StarletteHTTPException
+from starlette.types import ASGIApp, Receive, Scope, Send
+from fastmcp.server.http import create_sse_app
+from starlette.requests import Request
+import threading
+
+_PRINTER = PrintStyle(italic=True, font_color="green", padding=False)
+
+
+mcp_server: FastMCP = FastMCP(
+    name="Agent Zero integrated MCP Server",
+    instructions="""
+    Connect to remote Agent Zero instance.
+    Agent Zero is a general AI assistant controlling it's linux environment.
+    Agent Zero can install software, manage files, execute commands, code, use internet, etc.
+    Agent Zero's environment is isolated unless configured otherwise.
+    """,
+)
+
+
+class ToolResponse(BaseModel):
+    status: Literal["success"] = Field(
+        description="The status of the response", default="success"
+    )
+    response: str = Field(
+        description="The response from the remote Agent Zero Instance"
+    )
+    chat_id: str = Field(description="The id of the chat this message belongs to.")
+
+
+class ToolError(BaseModel):
+    status: Literal["error"] = Field(
+        description="The status of the response", default="error"
+    )
+    error: str = Field(
+        description="The error message from the remote Agent Zero Instance"
+    )
+    chat_id: str = Field(description="The id of the chat this message belongs to.")
+
+
+SEND_MESSAGE_DESCRIPTION = """
+Send a message to the remote Agent Zero Instance.
+This tool is used to send a message to the remote Agent Zero Instance connected remotely via MCP.
+"""
+
+
+@mcp_server.tool(
+    name="send_message",
+    description=SEND_MESSAGE_DESCRIPTION,
+    tags={
+        "agent_zero",
+        "chat",
+        "remote",
+        "communication",
+        "dialogue",
+        "sse",
+        "send",
+        "message",
+        "start",
+        "new",
+        "continue",
+    },
+    annotations={
+        "remote": True,
+        "readOnlyHint": False,
+        "destructiveHint": False,
+        "idempotentHint": False,
+        "openWorldHint": False,
+        "title": SEND_MESSAGE_DESCRIPTION,
+    },
+)
+async def send_message(
+    message: Annotated[
+        str,
+        Field(
+            description="The message to send to the remote Agent Zero Instance",
+            title="message",
+        ),
+    ],
+    attachments: (
+        Annotated[
+            list[str],
+            Field(
+                description="Optional: A list of attachments (file paths or web urls) to send to the remote Agent Zero Instance with the message. Default: Empty list",
+                title="attachments",
+            ),
+        ]
+        | None
+    ) = None,
+    chat_id: (
+        Annotated[
+            str,
+            Field(
+                description="Optional: ID of the chat. Used to continue a chat. This value is returned in response to sending previous message. Default: Empty string",
+                title="chat_id",
+            ),
+        ]
+        | None
+    ) = None,
+    persistent_chat: (
+        Annotated[
+            bool,
+            Field(
+                description="Optional: Whether to use a persistent chat. If true, the chat will be saved and can be continued later. Default: False.",
+                title="persistent_chat",
+            ),
+        ]
+        | None
+    ) = None,
+) -> Annotated[
+    Union[ToolResponse, ToolError],
+    Field(
+        description="The response from the remote Agent Zero Instance", title="response"
+    ),
+]:
+    context: AgentContext | None = None
+    if chat_id:
+        context = AgentContext.get(chat_id)
+        if not context:
+            return ToolError(error="Chat not found", chat_id=chat_id)
+        else:
+            # If the chat is found, we use the persistent chat flag to determine
+            # whether we should save the chat or delete it afterwards
+            # If we continue a conversation, it must be persistent
+            persistent_chat = True
+    else:
+        config = initialize_agent()
+        context = AgentContext(config=config, type=AgentContextType.BACKGROUND)
+
+    if not message:
+        return ToolError(
+            error="Message is required", chat_id=context.id if persistent_chat else ""
+        )
+
+    try:
+        response = await _run_chat(context, message, attachments)
+        if not persistent_chat:
+            context.reset()
+            AgentContext.remove(context.id)
+            remove_chat(context.id)
+        return ToolResponse(
+            response=response, chat_id=context.id if persistent_chat else ""
+        )
+    except Exception as e:
+        return ToolError(error=str(e), chat_id=context.id if persistent_chat else "")
+
+
+FINISH_CHAT_DESCRIPTION = """
+Finish a chat with the remote Agent Zero Instance.
+This tool is used to finish a persistent chat (send_message with persistent_chat=True) with the remote Agent Zero Instance connected remotely via MCP.
+If you want to continue the chat, use the send_message tool instead.
+Always use this tool to finish persistent chat conversations with remote Agent Zero.
+"""
+
+
+@mcp_server.tool(
+    name="finish_chat",
+    description=FINISH_CHAT_DESCRIPTION,
+    tags={
+        "agent_zero",
+        "chat",
+        "remote",
+        "communication",
+        "dialogue",
+        "sse",
+        "finish",
+        "close",
+        "end",
+        "stop",
+    },
+    annotations={
+        "remote": True,
+        "readOnlyHint": False,
+        "destructiveHint": True,
+        "idempotentHint": False,
+        "openWorldHint": False,
+        "title": FINISH_CHAT_DESCRIPTION,
+    },
+)
+async def finish_chat(
+    chat_id: Annotated[
+        str,
+        Field(
+            description="ID of the chat to be finished. This value is returned in response to sending previous message.",
+            title="chat_id",
+        ),
+    ]
+) -> Annotated[
+    Union[ToolResponse, ToolError],
+    Field(
+        description="The response from the remote Agent Zero Instance", title="response"
+    ),
+]:
+    if not chat_id:
+        return ToolError(error="Chat ID is required", chat_id="")
+
+    context = AgentContext.get(chat_id)
+    if not context:
+        return ToolError(error="Chat not found", chat_id=chat_id)
+    else:
+        context.reset()
+        AgentContext.remove(context.id)
+        remove_chat(context.id)
+        return ToolResponse(response="Chat finished", chat_id=chat_id)
+
+
+async def _run_chat(
+    context: AgentContext, message: str, attachments: list[str] | None = None
+):
+    try:
+        _PRINTER.print("MCP Chat message received")
+
+        # Attachment filenames for logging
+        attachment_filenames = []
+        if attachments:
+            for attachment in attachments:
+                if os.path.exists(attachment):
+                    attachment_filenames.append(attachment)
+                else:
+                    try:
+                        url = urlparse(attachment)
+                        if url.scheme in ["http", "https", "ftp", "ftps", "sftp"]:
+                            attachment_filenames.append(attachment)
+                        else:
+                            _PRINTER.print(f"Skipping attachment: [{attachment}]")
+                    except Exception:
+                        _PRINTER.print(f"Skipping attachment: [{attachment}]")
+
+        _PRINTER.print("User message:")
+        _PRINTER.print(f"> {message}")
+        if attachment_filenames:
+            _PRINTER.print("Attachments:")
+            for filename in attachment_filenames:
+                _PRINTER.print(f"- {filename}")
+
+        task = context.communicate(
+            UserMessage(
+                message=message, system_message=[], attachments=attachment_filenames
+            )
+        )
+        result = await task.result()
+
+        # Success
+        _PRINTER.print(f"MCP Chat message completed: {result}")
+
+        return result
+
+    except Exception as e:
+        # Error
+        _PRINTER.print(f"MCP Chat message failed: {e}")
+
+        raise RuntimeError(f"MCP Chat message failed: {e}") from e
+
+
+class DynamicMcpProxy:
+    _instance: "DynamicMcpProxy | None" = None
+
+    """A dynamic proxy that allows swapping the underlying MCP applications on the fly."""
+
+    def __init__(self):
+        cfg = settings.get_settings()
+        self.token = ""
+        self.sse_app: ASGIApp | None = None
+        self.http_app: ASGIApp | None = None
+        self.http_session_manager = None
+        self.http_session_task_group = None
+        self._lock = threading.RLock()  # Use RLock to avoid deadlocks
+        self.reconfigure(cfg["mcp_server_token"])
+
+    @staticmethod
+    def get_instance():
+        if DynamicMcpProxy._instance is None:
+            DynamicMcpProxy._instance = DynamicMcpProxy()
+        return DynamicMcpProxy._instance
+
+    def reconfigure(self, token: str):
+        if self.token == token:
+            return
+
+        self.token = token
+        sse_path = f"/t-{self.token}/sse"
+        http_path = f"/t-{self.token}/http"
+        message_path = f"/t-{self.token}/messages/"
+
+        # Update settings in the MCP server instance if provided
+        mcp_server.settings.message_path = message_path
+        mcp_server.settings.sse_path = sse_path
+
+        # Create new MCP apps with updated settings
+        with self._lock:
+            self.sse_app = create_sse_app(
+                server=mcp_server,
+                message_path=mcp_server.settings.message_path,
+                sse_path=mcp_server.settings.sse_path,
+                auth_server_provider=mcp_server._auth_server_provider,
+                auth_settings=mcp_server.settings.auth,
+                debug=mcp_server.settings.debug,
+                routes=mcp_server._additional_http_routes,
+                middleware=[Middleware(BaseHTTPMiddleware, dispatch=mcp_middleware)],
+            )
+
+            # For HTTP, we need to create a custom app since the lifespan manager
+            # doesn't work properly in our Flask/Werkzeug environment
+            self.http_app = self._create_custom_http_app(
+                http_path,
+                mcp_server._auth_server_provider,
+                mcp_server.settings.auth,
+                mcp_server.settings.debug,
+                mcp_server._additional_http_routes,
+            )
+
+    def _create_custom_http_app(self, streamable_http_path, auth_server_provider, auth_settings, debug, routes):
+        """Create a custom HTTP app that manages the session manager manually."""
+        from fastmcp.server.http import setup_auth_middleware_and_routes, create_base_app
+        from mcp.server.streamable_http_manager import StreamableHTTPSessionManager
+        from starlette.routing import Mount
+        from mcp.server.auth.middleware.bearer_auth import RequireAuthMiddleware
+        import anyio
+
+        server_routes = []
+        server_middleware = []
+
+        self.http_session_task_group = None
+
+
+        # Create session manager
+        self.http_session_manager = StreamableHTTPSessionManager(
+            app=mcp_server._mcp_server,
+            event_store=None,
+            json_response=True,
+            stateless=False,
+        )
+
+
+        # Custom ASGI handler that ensures task group is initialized
+        async def handle_streamable_http(scope, receive, send):
+            # Lazy initialization of task group
+            if self.http_session_task_group is None:
+                self.http_session_task_group = anyio.create_task_group()
+                await self.http_session_task_group.__aenter__()
+                if self.http_session_manager:
+                    self.http_session_manager._task_group = self.http_session_task_group
+
+            if self.http_session_manager:
+                await self.http_session_manager.handle_request(scope, receive, send)
+
+        # Get auth middleware and routes
+        auth_middleware, auth_routes, required_scopes = setup_auth_middleware_and_routes(
+            auth_server_provider, auth_settings
+        )
+
+        server_routes.extend(auth_routes)
+        server_middleware.extend(auth_middleware)
+
+        # Add StreamableHTTP routes with or without auth
+        if auth_server_provider:
+            server_routes.append(
+                Mount(
+                    streamable_http_path,
+                    app=RequireAuthMiddleware(handle_streamable_http, required_scopes),
+                )
+            )
+        else:
+            server_routes.append(
+                Mount(
+                    streamable_http_path,
+                    app=handle_streamable_http,
+                )
+            )
+
+        # Add custom routes with lowest precedence
+        if routes:
+            server_routes.extend(routes)
+
+        # Add middleware
+        server_middleware.append(Middleware(BaseHTTPMiddleware, dispatch=mcp_middleware))
+
+        # Create and return the app
+        return create_base_app(
+            routes=server_routes,
+            middleware=server_middleware,
+            debug=debug,
+        )
+
+    async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
+        """Forward the ASGI calls to the appropriate app based on the URL path"""
+        with self._lock:
+            sse_app = self.sse_app
+            http_app = self.http_app
+
+        if not sse_app or not http_app:
+            raise RuntimeError("MCP apps not initialized")
+
+        # Route based on path
+        path = scope.get("path", "")
+
+        if f"/t-{self.token}/sse" in path or f"t-{self.token}/messages" in path:
+            # Route to SSE app
+            await sse_app(scope, receive, send)
+        elif f"/t-{self.token}/http" in path:
+            # Route to HTTP app
+            await http_app(scope, receive, send)
+        else:
+            raise StarletteHTTPException(
+                status_code=403, detail="MCP forbidden"
+            )
+
+
+async def mcp_middleware(request: Request, call_next):
+
+    # check if MCP server is enabled
+    cfg = settings.get_settings()
+    if not cfg["mcp_server_enabled"]:
+        PrintStyle.error("[MCP] Access denied: MCP server is disabled in settings.")
+        raise StarletteHTTPException(
+            status_code=403, detail="MCP server is disabled in settings."
+        )
+
+    return await call_next(request)

python/helpers/searxng.py

@@ -0,0 +1,36 @@
+import aiohttp
+import asyncio
+from python.helpers import runtime
+
+# List of public SearxNG instances
+# Find more at https://searx.space/
+INSTANCES = [
+    "https://searx.be/search",
+    "https://searx.info/search",
+    "https://searx.work/search",
+    "https://searx.priv.au/search",
+    "https://searx.tiekoetter.com/search",
+    "https://searx.baczek.me/search",
+    "https://searx.rodeo/search",
+]
+
+async def search(query:str):
+    return await _search(query=query)
+
+async def _search(query:str):
+    timeout = aiohttp.ClientTimeout(total=30)
+    for instance in INSTANCES:
+        try:
+            async with aiohttp.ClientSession(timeout=timeout) as session:
+                async with session.post(instance, data={"q": query, "format": "json"}) as response:
+                    if response.status == 200:
+                        try:
+                            return await response.json()
+                        except aiohttp.client_exceptions.ContentTypeError:
+                            # This instance is not returning JSON, so we try the next one
+                            continue
+        except (aiohttp.ClientConnectorError, asyncio.TimeoutError):
+            # This instance is not reachable or timed out, so we try the next one
+            continue
+    # If all instances fail, we return an error
+    raise Exception("All SearxNG instances failed to respond.")

python/helpers/settings.py

@@ -0,0 +1,1602 @@
+import base64
+import hashlib
+import json
+import os
+import re
+import subprocess
+from typing import Any, Literal, TypedDict, cast
+
+import models
+from python.helpers import runtime, whisper, defer, git
+from . import files, dotenv
+from python.helpers.print_style import PrintStyle
+from python.helpers.providers import get_providers
+
+
+class Settings(TypedDict):
+    version: str
+
+    chat_model_provider: str
+    chat_model_name: str
+    chat_model_api_base: str
+    chat_model_kwargs: dict[str, str]
+    chat_model_ctx_length: int
+    chat_model_ctx_history: float
+    chat_model_vision: bool
+    chat_model_rl_requests: int
+    chat_model_rl_input: int
+    chat_model_rl_output: int
+
+    util_model_provider: str
+    util_model_name: str
+    util_model_api_base: str
+    util_model_kwargs: dict[str, str]
+    util_model_ctx_length: int
+    util_model_ctx_input: float
+    util_model_rl_requests: int
+    util_model_rl_input: int
+    util_model_rl_output: int
+
+    embed_model_provider: str
+    embed_model_name: str
+    embed_model_api_base: str
+    embed_model_kwargs: dict[str, str]
+    embed_model_rl_requests: int
+    embed_model_rl_input: int
+
+    browser_model_provider: str
+    browser_model_name: str
+    browser_model_api_base: str
+    browser_model_vision: bool
+    browser_model_rl_requests: int
+    browser_model_rl_input: int
+    browser_model_rl_output: int
+    browser_model_kwargs: dict[str, str]
+
+    agent_profile: str
+    agent_memory_subdir: str
+    agent_knowledge_subdir: str
+
+    memory_recall_enabled: bool
+    memory_recall_delayed: bool
+    memory_recall_interval: int
+    memory_recall_history_len: int
+    memory_recall_memories_max_search: int
+    memory_recall_solutions_max_search: int
+    memory_recall_memories_max_result: int
+    memory_recall_solutions_max_result: int
+    memory_recall_similarity_threshold: float
+    memory_recall_query_prep: bool
+    memory_recall_post_filter: bool
+    memory_memorize_enabled: bool
+    memory_memorize_consolidation: bool
+    memory_memorize_replace_threshold: float
+
+    api_keys: dict[str, str]
+
+    auth_login: str
+    auth_password: str
+    root_password: str
+
+    rfc_auto_docker: bool
+    rfc_url: str
+    rfc_password: str
+    rfc_port_http: int
+    rfc_port_ssh: int
+
+    shell_interface: Literal['local','ssh']
+
+    stt_model_size: str
+    stt_language: str
+    stt_silence_threshold: float
+    stt_silence_duration: int
+    stt_waiting_timeout: int
+
+    tts_kokoro: bool
+
+    mcp_servers: str
+    mcp_client_init_timeout: int
+    mcp_client_tool_timeout: int
+    mcp_server_enabled: bool
+    mcp_server_token: str
+
+    a2a_server_enabled: bool
+    
+
+class PartialSettings(Settings, total=False):
+    pass
+
+
+class FieldOption(TypedDict):
+    value: str
+    label: str
+
+
+class SettingsField(TypedDict, total=False):
+    id: str
+    title: str
+    description: str
+    type: Literal[
+        "text",
+        "number",
+        "select",
+        "range",
+        "textarea",
+        "password",
+        "switch",
+        "button",
+        "html",
+    ]
+    value: Any
+    min: float
+    max: float
+    step: float
+    hidden: bool
+    options: list[FieldOption]
+
+
+class SettingsSection(TypedDict, total=False):
+    id: str
+    title: str
+    description: str
+    fields: list[SettingsField]
+    tab: str  # Indicates which tab this section belongs to
+
+
+class SettingsOutput(TypedDict):
+    sections: list[SettingsSection]
+
+
+PASSWORD_PLACEHOLDER = "****PSWD****"
+API_KEY_PLACEHOLDER = "************"
+
+SETTINGS_FILE = files.get_abs_path("tmp/settings.json")
+_settings: Settings | None = None
+
+
+def convert_out(settings: Settings) -> SettingsOutput:
+    default_settings = get_default_settings()
+
+    # main model section
+    chat_model_fields: list[SettingsField] = []
+    chat_model_fields.append(
+        {
+            "id": "chat_model_provider",
+            "title": "Chat model provider",
+            "description": "Select provider for main chat model used by Agent Zero",
+            "type": "select",
+            "value": settings["chat_model_provider"],
+            "options": cast(list[FieldOption], get_providers("chat")),
+        }
+    )
+    chat_model_fields.append(
+        {
+            "id": "chat_model_name",
+            "title": "Chat model name",
+            "description": "Exact name of model from selected provider",
+            "type": "text",
+            "value": settings["chat_model_name"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_api_base",
+            "title": "Chat model API base URL",
+            "description": "API base URL for main chat model. Leave empty for default. Only relevant for Azure, local and custom (other) providers.",
+            "type": "text",
+            "value": settings["chat_model_api_base"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_ctx_length",
+            "title": "Chat model context length",
+            "description": "Maximum number of tokens in the context window for LLM. System prompt, chat history, RAG and response all count towards this limit.",
+            "type": "number",
+            "value": settings["chat_model_ctx_length"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_ctx_history",
+            "title": "Context window space for chat history",
+            "description": "Portion of context window dedicated to chat history visible to the agent. Chat history will automatically be optimized to fit. Smaller size will result in shorter and more summarized history. The remaining space will be used for system prompt, RAG and response.",
+            "type": "range",
+            "min": 0.01,
+            "max": 1,
+            "step": 0.01,
+            "value": settings["chat_model_ctx_history"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_vision",
+            "title": "Supports Vision",
+            "description": "Models capable of Vision can for example natively see the content of image attachments.",
+            "type": "switch",
+            "value": settings["chat_model_vision"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_rl_requests",
+            "title": "Requests per minute limit",
+            "description": "Limits the number of requests per minute to the chat model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["chat_model_rl_requests"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_rl_input",
+            "title": "Input tokens per minute limit",
+            "description": "Limits the number of input tokens per minute to the chat model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["chat_model_rl_input"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_rl_output",
+            "title": "Output tokens per minute limit",
+            "description": "Limits the number of output tokens per minute to the chat model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["chat_model_rl_output"],
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "ollama_base_url",
+            "title": "Ollama Base URL",
+            "description": "The base URL for the Ollama API.",
+            "type": "html",
+            "value": "<code>http://localhost:11434</code>",
+        }
+    )
+
+    chat_model_fields.append(
+        {
+            "id": "chat_model_kwargs",
+            "title": "Chat model additional parameters",
+            "description": "Any other parameters supported by <a href='https://docs.litellm.ai/docs/set_keys' target='_blank'>LiteLLM</a>. Format is KEY=VALUE on individual lines, just like .env file.",
+            "type": "textarea",
+            "value": _dict_to_env(settings["chat_model_kwargs"]),
+        }
+    )
+
+    chat_model_section: SettingsSection = {
+        "id": "chat_model",
+        "title": "Chat Model",
+        "description": "Selection and settings for main chat model used by Agent Zero",
+        "fields": chat_model_fields,
+        "tab": "agent",
+    }
+
+    # main model section
+    util_model_fields: list[SettingsField] = []
+    util_model_fields.append(
+        {
+            "id": "util_model_provider",
+            "title": "Utility model provider",
+            "description": "Select provider for utility model used by the framework",
+            "type": "select",
+            "value": settings["util_model_provider"],
+            "options": cast(list[FieldOption], get_providers("chat")),
+        }
+    )
+    util_model_fields.append(
+        {
+            "id": "util_model_name",
+            "title": "Utility model name",
+            "description": "Exact name of model from selected provider",
+            "type": "text",
+            "value": settings["util_model_name"],
+        }
+    )
+
+    util_model_fields.append(
+        {
+            "id": "util_model_api_base",
+            "title": "Utility model API base URL",
+            "description": "API base URL for utility model. Leave empty for default. Only relevant for Azure, local and custom (other) providers.",
+            "type": "text",
+            "value": settings["util_model_api_base"],
+        }
+    )
+
+    util_model_fields.append(
+        {
+            "id": "util_model_rl_requests",
+            "title": "Requests per minute limit",
+            "description": "Limits the number of requests per minute to the utility model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["util_model_rl_requests"],
+        }
+    )
+
+    util_model_fields.append(
+        {
+            "id": "util_model_rl_input",
+            "title": "Input tokens per minute limit",
+            "description": "Limits the number of input tokens per minute to the utility model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["util_model_rl_input"],
+        }
+    )
+
+    util_model_fields.append(
+        {
+            "id": "util_model_rl_output",
+            "title": "Output tokens per minute limit",
+            "description": "Limits the number of output tokens per minute to the utility model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["util_model_rl_output"],
+        }
+    )
+
+    util_model_fields.append(
+        {
+            "id": "util_model_kwargs",
+            "title": "Utility model additional parameters",
+            "description": "Any other parameters supported by <a href='https://docs.litellm.ai/docs/set_keys' target='_blank'>LiteLLM</a>. Format is KEY=VALUE on individual lines, just like .env file.",
+            "type": "textarea",
+            "value": _dict_to_env(settings["util_model_kwargs"]),
+        }
+    )
+
+    util_model_section: SettingsSection = {
+        "id": "util_model",
+        "title": "Utility model",
+        "description": "Smaller, cheaper, faster model for handling utility tasks like organizing memory, preparing prompts, summarizing.",
+        "fields": util_model_fields,
+        "tab": "agent",
+    }
+
+    # embedding model section
+    embed_model_fields: list[SettingsField] = []
+    embed_model_fields.append(
+        {
+            "id": "embed_model_provider",
+            "title": "Embedding model provider",
+            "description": "Select provider for embedding model used by the framework",
+            "type": "select",
+            "value": settings["embed_model_provider"],
+            "options": cast(list[FieldOption], get_providers("embedding")),
+        }
+    )
+    embed_model_fields.append(
+        {
+            "id": "embed_model_name",
+            "title": "Embedding model name",
+            "description": "Exact name of model from selected provider",
+            "type": "text",
+            "value": settings["embed_model_name"],
+        }
+    )
+
+    embed_model_fields.append(
+        {
+            "id": "embed_model_api_base",
+            "title": "Embedding model API base URL",
+            "description": "API base URL for embedding model. Leave empty for default. Only relevant for Azure, local and custom (other) providers.",
+            "type": "text",
+            "value": settings["embed_model_api_base"],
+        }
+    )
+
+    embed_model_fields.append(
+        {
+            "id": "embed_model_rl_requests",
+            "title": "Requests per minute limit",
+            "description": "Limits the number of requests per minute to the embedding model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["embed_model_rl_requests"],
+        }
+    )
+
+    embed_model_fields.append(
+        {
+            "id": "embed_model_rl_input",
+            "title": "Input tokens per minute limit",
+            "description": "Limits the number of input tokens per minute to the embedding model. Waits if the limit is exceeded. Set to 0 to disable rate limiting.",
+            "type": "number",
+            "value": settings["embed_model_rl_input"],
+        }
+    )
+
+    embed_model_fields.append(
+        {
+            "id": "embed_model_kwargs",
+            "title": "Embedding model additional parameters",
+            "description": "Any other parameters supported by <a href='https://docs.litellm.ai/docs/set_keys' target='_blank'>LiteLLM</a>. Format is KEY=VALUE on individual lines, just like .env file.",
+            "type": "textarea",
+            "value": _dict_to_env(settings["embed_model_kwargs"]),
+        }
+    )
+
+    embed_model_section: SettingsSection = {
+        "id": "embed_model",
+        "title": "Embedding Model",
+        "description": f"Settings for the embedding model used by Agent Zero.<br><h4>⚠️ No need to change</h4>The default HuggingFace model {default_settings['embed_model_name']} is preloaded and runs locally within the docker container and there's no need to change it unless you have a specific requirements for embedding.",
+        "fields": embed_model_fields,
+        "tab": "agent",
+    }
+
+    # embedding model section
+    browser_model_fields: list[SettingsField] = []
+    browser_model_fields.append(
+        {
+            "id": "browser_model_provider",
+            "title": "Web Browser model provider",
+            "description": "Select provider for web browser model used by <a href='https://github.com/browser-use/browser-use' target='_blank'>browser-use</a> framework",
+            "type": "select",
+            "value": settings["browser_model_provider"],
+            "options": cast(list[FieldOption], get_providers("chat")),
+        }
+    )
+    browser_model_fields.append(
+        {
+            "id": "browser_model_name",
+            "title": "Web Browser model name",
+            "description": "Exact name of model from selected provider",
+            "type": "text",
+            "value": settings["browser_model_name"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_api_base",
+            "title": "Web Browser model API base URL",
+            "description": "API base URL for web browser model. Leave empty for default. Only relevant for Azure, local and custom (other) providers.",
+            "type": "text",
+            "value": settings["browser_model_api_base"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_vision",
+            "title": "Use Vision",
+            "description": "Models capable of Vision can use it to analyze web pages from screenshots. Increases quality but also token usage.",
+            "type": "switch",
+            "value": settings["browser_model_vision"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_rl_requests",
+            "title": "Web Browser model rate limit requests",
+            "description": "Rate limit requests for web browser model.",
+            "type": "number",
+            "value": settings["browser_model_rl_requests"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_rl_input",
+            "title": "Web Browser model rate limit input",
+            "description": "Rate limit input for web browser model.",
+            "type": "number",
+            "value": settings["browser_model_rl_input"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_rl_output",
+            "title": "Web Browser model rate limit output",
+            "description": "Rate limit output for web browser model.",
+            "type": "number",
+            "value": settings["browser_model_rl_output"],
+        }
+    )
+
+    browser_model_fields.append(
+        {
+            "id": "browser_model_kwargs",
+            "title": "Web Browser model additional parameters",
+            "description": "Any other parameters supported by <a href='https://docs.litellm.ai/docs/set_keys' target='_blank'>LiteLLM</a>. Format is KEY=VALUE on individual lines, just like .env file.",
+            "type": "textarea",
+            "value": _dict_to_env(settings["browser_model_kwargs"]),
+        }
+    )
+
+    browser_model_section: SettingsSection = {
+        "id": "browser_model",
+        "title": "Web Browser Model",
+        "description": "Settings for the web browser model. Agent Zero uses <a href='https://github.com/browser-use/browser-use' target='_blank'>browser-use</a> agentic framework to handle web interactions.",
+        "fields": browser_model_fields,
+        "tab": "agent",
+    }
+
+    # basic auth section
+    auth_fields: list[SettingsField] = []
+
+    auth_fields.append(
+        {
+            "id": "auth_login",
+            "title": "UI Login",
+            "description": "Set user name for web UI",
+            "type": "text",
+            "value": dotenv.get_dotenv_value(dotenv.KEY_AUTH_LOGIN) or "",
+        }
+    )
+
+    auth_fields.append(
+        {
+            "id": "auth_password",
+            "title": "UI Password",
+            "description": "Set user password for web UI",
+            "type": "password",
+            "value": (
+                PASSWORD_PLACEHOLDER
+                if dotenv.get_dotenv_value(dotenv.KEY_AUTH_PASSWORD)
+                else ""
+            ),
+        }
+    )
+
+    if runtime.is_dockerized():
+        auth_fields.append(
+            {
+                "id": "root_password",
+                "title": "root Password",
+                "description": "Change linux root password in docker container. This password can be used for SSH access. Original password was randomly generated during setup.",
+                "type": "password",
+                "value": "",
+            }
+        )
+
+    auth_section: SettingsSection = {
+        "id": "auth",
+        "title": "Authentication",
+        "description": "Settings for authentication to use Agent Zero Web UI.",
+        "fields": auth_fields,
+        "tab": "external",
+    }
+
+    # api keys model section
+    api_keys_fields: list[SettingsField] = []
+
+    # Collect unique providers from both chat and embedding sections
+    providers_seen: set[str] = set()
+    for p_type in ("chat", "embedding"):
+        for provider in get_providers(p_type):
+            pid_lower = provider["value"].lower()
+            if pid_lower in providers_seen:
+                continue
+            providers_seen.add(pid_lower)
+            api_keys_fields.append(
+                _get_api_key_field(settings, pid_lower, provider["label"])
+            )
+
+    api_keys_section: SettingsSection = {
+        "id": "api_keys",
+        "title": "API Keys",
+        "description": "API keys for model providers and services used by Agent Zero. You can set multiple API keys separated by a comma (,). They will be used in round-robin fashion.",
+        "fields": api_keys_fields,
+        "tab": "external",
+    }
+
+    # Agent config section
+    agent_fields: list[SettingsField] = []
+
+    agent_fields.append(
+        {
+            "id": "agent_profile",
+            "title": "Default agent profile",
+            "description": "Subdirectory of /agents folder to be used by default agent no. 0. Subordinate agents can be spawned with other profiles, that is on their superior agent to decide. This setting affects the behaviour of the top level agent you communicate with.",
+            "type": "select",
+            "value": settings["agent_profile"],
+            "options": [
+                {"value": subdir, "label": subdir}
+                for subdir in files.get_subdirectories("agents")
+                if subdir != "_example"
+            ],
+        }
+    )
+
+    agent_fields.append(
+        {
+            "id": "agent_knowledge_subdir",
+            "title": "Knowledge subdirectory",
+            "description": "Subdirectory of /knowledge folder to use for agent knowledge import. 'default' subfolder is always imported and contains framework knowledge.",
+            "type": "select",
+            "value": settings["agent_knowledge_subdir"],
+            "options": [
+                {"value": subdir, "label": subdir}
+                for subdir in files.get_subdirectories("knowledge", exclude="default")
+            ],
+        }
+    )
+
+    agent_section: SettingsSection = {
+        "id": "agent",
+        "title": "Agent Config",
+        "description": "Agent parameters.",
+        "fields": agent_fields,
+        "tab": "agent",
+    }
+
+    memory_fields: list[SettingsField] = []
+
+    memory_fields.append(
+        {
+            "id": "agent_memory_subdir",
+            "title": "Memory Subdirectory",
+            "description": "Subdirectory of /memory folder to use for agent memory storage. Used to separate memory storage between different instances.",
+            "type": "text",
+            "value": settings["agent_memory_subdir"],
+            # "options": [
+            #     {"value": subdir, "label": subdir}
+            #     for subdir in files.get_subdirectories("memory", exclude="embeddings")
+            # ],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_enabled",
+            "title": "Memory auto-recall enabled",
+            "description": "Agent Zero will automatically recall memories based on convesation context.",
+            "type": "switch",
+            "value": settings["memory_recall_enabled"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_delayed",
+            "title": "Memory auto-recall delayed",
+            "description": "The agent will not wait for auto memory recall. Memories will be delivered one message later. This speeds up agent's response time but may result in less relevant first step.",
+            "type": "switch",
+            "value": settings["memory_recall_delayed"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_query_prep",
+            "title": "Auto-recall AI query preparation",
+            "description": "Enables vector DB query preparation from conversation context by utility LLM for auto-recall. Improves search quality, adds 1 utility LLM call per auto-recall.",
+            "type": "switch",
+            "value": settings["memory_recall_query_prep"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_post_filter",
+            "title": "Auto-recall AI post-filtering",
+            "description": "Enables memory relevance filtering by utility LLM for auto-recall. Improves search quality, adds 1 utility LLM call per auto-recall.",
+            "type": "switch",
+            "value": settings["memory_recall_post_filter"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_interval",
+            "title": "Memory auto-recall interval",
+            "description": "Memories are recalled after every user or superior agent message. During agent's monologue, memories are recalled every X turns based on this parameter.",
+            "type": "range",
+            "min": 1,
+            "max": 10,
+            "step": 1,
+            "value": settings["memory_recall_interval"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_history_len",
+            "title": "Memory auto-recall history length",
+            "description": "The length of conversation history passed to memory recall LLM for context (in characters).",
+            "type": "number",
+            "value": settings["memory_recall_history_len"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_similarity_threshold",
+            "title": "Memory auto-recall similarity threshold",
+            "description": "The threshold for similarity search in memory recall (0 = no similarity, 1 = exact match).",
+            "type": "range",
+            "min": 0,
+            "max": 1,
+            "step": 0.01,
+            "value": settings["memory_recall_similarity_threshold"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_memories_max_search",
+            "title": "Memory auto-recall max memories to search",
+            "description": "The maximum number of memories returned by vector DB for further processing.",
+            "type": "number",
+            "value": settings["memory_recall_memories_max_search"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_memories_max_result",
+            "title": "Memory auto-recall max memories to use",
+            "description": "The maximum number of memories to inject into A0's context window.",
+            "type": "number",
+            "value": settings["memory_recall_memories_max_result"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_solutions_max_search",
+            "title": "Memory auto-recall max solutions to search",
+            "description": "The maximum number of solutions returned by vector DB for further processing.",
+            "type": "number",
+            "value": settings["memory_recall_solutions_max_search"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_recall_solutions_max_result",
+            "title": "Memory auto-recall max solutions to use",
+            "description": "The maximum number of solutions to inject into A0's context window.",
+            "type": "number",
+            "value": settings["memory_recall_solutions_max_result"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_memorize_enabled",
+            "title": "Auto-memorize enabled",
+            "description": "A0 will automatically memorize facts and solutions from conversation history.",
+            "type": "switch",
+            "value": settings["memory_memorize_enabled"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_memorize_consolidation",
+            "title": "Auto-memorize AI consolidation",
+            "description": "A0 will automatically consolidate similar memories using utility LLM. Improves memory quality over time, adds 2 utility LLM calls per memory.",
+            "type": "switch",
+            "value": settings["memory_memorize_consolidation"],
+        }
+    )
+
+    memory_fields.append(
+        {
+            "id": "memory_memorize_replace_threshold",
+            "title": "Auto-memorize replacement threshold",
+            "description": "Only applies when AI consolidation is disabled. Replaces previous similar memories with new ones based on this threshold. 0 = replace even if not similar at all, 1 = replace only if exact match.",
+            "type": "range",
+            "min": 0,
+            "max": 1,
+            "step": 0.01,
+            "value": settings["memory_memorize_replace_threshold"],
+        }
+    )
+
+    memory_section: SettingsSection = {
+        "id": "memory",
+        "title": "Memory",
+        "description": "Configuration of A0's memory system. A0 memorizes and recalls memories automatically to help it's context awareness.",
+        "fields": memory_fields,
+        "tab": "agent",
+    }
+
+    dev_fields: list[SettingsField] = []
+
+    dev_fields.append(
+        {
+            "id": "shell_interface",
+            "title": "Shell Interface",
+            "description": "Terminal interface used for Code Execution Tool. Local Python TTY works locally in both dockerized and development environments. SSH always connects to dockerized environment (automatically at localhost or RFC host address).",
+            "type": "select",
+            "value": settings["shell_interface"],
+            "options": [{"value": "local", "label": "Local Python TTY"}, {"value": "ssh", "label": "SSH"}],
+        }
+    )
+
+    if runtime.is_development():
+        # dev_fields.append(
+        #     {
+        #         "id": "rfc_auto_docker",
+        #         "title": "RFC Auto Docker Management",
+        #         "description": "Automatically create dockerized instance of A0 for RFCs using this instance's code base and, settings and .env.",
+        #         "type": "text",
+        #         "value": settings["rfc_auto_docker"],
+        #     }
+        # )
+
+        dev_fields.append(
+            {
+                "id": "rfc_url",
+                "title": "RFC Destination URL",
+                "description": "URL of dockerized A0 instance for remote function calls. Do not specify port here.",
+                "type": "text",
+                "value": settings["rfc_url"],
+            }
+        )
+
+    dev_fields.append(
+        {
+            "id": "rfc_password",
+            "title": "RFC Password",
+            "description": "Password for remote function calls. Passwords must match on both instances. RFCs can not be used with empty password.",
+            "type": "password",
+            "value": (
+                PASSWORD_PLACEHOLDER
+                if dotenv.get_dotenv_value(dotenv.KEY_RFC_PASSWORD)
+                else ""
+            ),
+        }
+    )
+
+    if runtime.is_development():
+        dev_fields.append(
+            {
+                "id": "rfc_port_http",
+                "title": "RFC HTTP port",
+                "description": "HTTP port for dockerized instance of A0.",
+                "type": "text",
+                "value": settings["rfc_port_http"],
+            }
+        )
+
+        dev_fields.append(
+            {
+                "id": "rfc_port_ssh",
+                "title": "RFC SSH port",
+                "description": "SSH port for dockerized instance of A0.",
+                "type": "text",
+                "value": settings["rfc_port_ssh"],
+            }
+        )
+
+    dev_section: SettingsSection = {
+        "id": "dev",
+        "title": "Development",
+        "description": "Parameters for A0 framework development. RFCs (remote function calls) are used to call functions on another A0 instance. You can develop and debug A0 natively on your local system while redirecting some functions to A0 instance in docker. This is crucial for development as A0 needs to run in standardized environment to support all features.",
+        "fields": dev_fields,
+        "tab": "developer",
+    }
+
+    # code_exec_fields: list[SettingsField] = []
+
+    # code_exec_fields.append(
+    #     {
+    #         "id": "code_exec_ssh_enabled",
+    #         "title": "Use SSH for code execution",
+    #         "description": "Code execution will use SSH to connect to the terminal. When disabled, a local python terminal interface is used instead. SSH should only be used in development environment or when encountering issues with the local python terminal interface.",
+    #         "type": "switch",
+    #         "value": settings["code_exec_ssh_enabled"],
+    #     }
+    # )
+
+    # code_exec_fields.append(
+    #     {
+    #         "id": "code_exec_ssh_addr",
+    #         "title": "Code execution SSH address",
+    #         "description": "Address of the SSH server for code execution. Only applies when SSH is enabled.",
+    #         "type": "text",
+    #         "value": settings["code_exec_ssh_addr"],
+    #     }
+    # )
+
+    # code_exec_fields.append(
+    #     {
+    #         "id": "code_exec_ssh_port",
+    #         "title": "Code execution SSH port",
+    #         "description": "Port of the SSH server for code execution. Only applies when SSH is enabled.",
+    #         "type": "text",
+    #         "value": settings["code_exec_ssh_port"],
+    #     }
+    # )
+
+    # code_exec_section: SettingsSection = {
+    #     "id": "code_exec",
+    #     "title": "Code execution",
+    #     "description": "Configuration of code execution by the agent.",
+    #     "fields": code_exec_fields,
+    #     "tab": "developer",
+    # }
+
+    # Speech to text section
+    stt_fields: list[SettingsField] = []
+
+    stt_fields.append(
+        {
+            "id": "stt_microphone_section",
+            "title": "Microphone device",
+            "description": "Select the microphone device to use for speech-to-text.",
+            "value": "<x-component path='/settings/speech/microphone.html' />",
+            "type": "html",
+        }
+    )
+
+    stt_fields.append(
+        {
+            "id": "stt_model_size",
+            "title": "Speech-to-text model size",
+            "description": "Select the speech-to-text model size",
+            "type": "select",
+            "value": settings["stt_model_size"],
+            "options": [
+                {"value": "tiny", "label": "Tiny (39M, English)"},
+                {"value": "base", "label": "Base (74M, English)"},
+                {"value": "small", "label": "Small (244M, English)"},
+                {"value": "medium", "label": "Medium (769M, English)"},
+                {"value": "large", "label": "Large (1.5B, Multilingual)"},
+                {"value": "turbo", "label": "Turbo (Multilingual)"},
+            ],
+        }
+    )
+
+    stt_fields.append(
+        {
+            "id": "stt_language",
+            "title": "Speech-to-text language code",
+            "description": "Language code (e.g. en, fr, it)",
+            "type": "text",
+            "value": settings["stt_language"],
+        }
+    )
+
+    stt_fields.append(
+        {
+            "id": "stt_silence_threshold",
+            "title": "Microphone silence threshold",
+            "description": "Silence detection threshold. Lower values are more sensitive to noise.",
+            "type": "range",
+            "min": 0,
+            "max": 1,
+            "step": 0.01,
+            "value": settings["stt_silence_threshold"],
+        }
+    )
+
+    stt_fields.append(
+        {
+            "id": "stt_silence_duration",
+            "title": "Microphone silence duration (ms)",
+            "description": "Duration of silence before the system considers speaking to have ended.",
+            "type": "text",
+            "value": settings["stt_silence_duration"],
+        }
+    )
+
+    stt_fields.append(
+        {
+            "id": "stt_waiting_timeout",
+            "title": "Microphone waiting timeout (ms)",
+            "description": "Duration of silence before the system closes the microphone.",
+            "type": "text",
+            "value": settings["stt_waiting_timeout"],
+        }
+    )
+
+    # TTS fields
+    tts_fields: list[SettingsField] = []
+
+    tts_fields.append(
+        {
+            "id": "tts_kokoro",
+            "title": "Enable Kokoro TTS",
+            "description": "Enable higher quality server-side AI (Kokoro) instead of browser-based text-to-speech.",
+            "type": "switch",
+            "value": settings["tts_kokoro"],
+        }
+    )
+
+    speech_section: SettingsSection = {
+        "id": "speech",
+        "title": "Speech",
+        "description": "Voice transcription and speech synthesis settings.",
+        "fields": stt_fields + tts_fields,
+        "tab": "agent",
+    }
+
+    # MCP section
+    mcp_client_fields: list[SettingsField] = []
+
+    mcp_client_fields.append(
+        {
+            "id": "mcp_servers_config",
+            "title": "MCP Servers Configuration",
+            "description": "External MCP servers can be configured here.",
+            "type": "button",
+            "value": "Open",
+        }
+    )
+
+    mcp_client_fields.append(
+        {
+            "id": "mcp_servers",
+            "title": "MCP Servers",
+            "description": "(JSON list of) >> RemoteServer <<: [name, url, headers, timeout (opt), sse_read_timeout (opt), disabled (opt)] / >> Local Server <<: [name, command, args, env, encoding (opt), encoding_error_handler (opt), disabled (opt)]",
+            "type": "textarea",
+            "value": settings["mcp_servers"],
+            "hidden": True,
+        }
+    )
+
+    mcp_client_fields.append(
+        {
+            "id": "mcp_client_init_timeout",
+            "title": "MCP Client Init Timeout",
+            "description": "Timeout for MCP client initialization (in seconds). Higher values might be required for complex MCPs, but might also slowdown system startup.",
+            "type": "number",
+            "value": settings["mcp_client_init_timeout"],
+        }
+    )
+
+    mcp_client_fields.append(
+        {
+            "id": "mcp_client_tool_timeout",
+            "title": "MCP Client Tool Timeout",
+            "description": "Timeout for MCP client tool execution. Higher values might be required for complex tools, but might also result in long responses with failing tools.",
+            "type": "number",
+            "value": settings["mcp_client_tool_timeout"],
+        }
+    )
+
+    mcp_client_section: SettingsSection = {
+        "id": "mcp_client",
+        "title": "External MCP Servers",
+        "description": "Agent Zero can use external MCP servers, local or remote as tools.",
+        "fields": mcp_client_fields,
+        "tab": "mcp",
+    }
+
+    mcp_server_fields: list[SettingsField] = []
+
+    mcp_server_fields.append(
+        {
+            "id": "mcp_server_enabled",
+            "title": "Enable A0 MCP Server",
+            "description": "Expose Agent Zero as an SSE/HTTP MCP server. This will make this A0 instance available to MCP clients.",
+            "type": "switch",
+            "value": settings["mcp_server_enabled"],
+        }
+    )
+
+    mcp_server_fields.append(
+        {
+            "id": "mcp_server_token",
+            "title": "MCP Server Token",
+            "description": "Token for MCP server authentication.",
+            "type": "text",
+            "hidden": True,
+            "value": settings["mcp_server_token"],
+        }
+    )
+
+    mcp_server_section: SettingsSection = {
+        "id": "mcp_server",
+        "title": "A0 MCP Server",
+        "description": "Agent Zero can be exposed as an SSE MCP server. See <a href=\"javascript:openModal('settings/mcp/server/example.html')\">connection example</a>.",
+        "fields": mcp_server_fields,
+        "tab": "mcp",
+    }
+
+    # -------- A2A Section --------
+    a2a_fields: list[SettingsField] = []
+
+    a2a_fields.append(
+        {
+            "id": "a2a_server_enabled",
+            "title": "Enable A2A server",
+            "description": "Expose Agent Zero as A2A server. This allows other agents to connect to A0 via A2A protocol.",
+            "type": "switch",
+            "value": settings["a2a_server_enabled"],
+        }
+    )
+
+    a2a_section: SettingsSection = {
+        "id": "a2a_server",
+        "title": "A0 A2A Server",
+        "description": "Agent Zero can be exposed as an A2A server. See <a href=\"javascript:openModal('settings/a2a/a2a-connection.html')\">connection example</a>.",
+        "fields": a2a_fields,
+        "tab": "mcp",
+    }
+
+
+    # External API section
+    external_api_fields: list[SettingsField] = []
+
+    external_api_fields.append(
+        {
+            "id": "external_api_examples",
+            "title": "API Examples",
+            "description": "View examples for using Agent Zero's external API endpoints with API key authentication.",
+            "type": "button",
+            "value": "Show API Examples",
+        }
+    )
+
+    external_api_section: SettingsSection = {
+        "id": "external_api",
+        "title": "External API",
+        "description": "Agent Zero provides external API endpoints for integration with other applications. "
+                       "These endpoints use API key authentication and support text messages and file attachments.",
+        "fields": external_api_fields,
+        "tab": "external",
+    }
+
+    # Backup & Restore section
+    backup_fields: list[SettingsField] = []
+
+    backup_fields.append(
+        {
+            "id": "backup_create",
+            "title": "Create Backup",
+            "description": "Create a backup archive of selected files and configurations "
+            "using customizable patterns.",
+            "type": "button",
+            "value": "Create Backup",
+        }
+    )
+
+    backup_fields.append(
+        {
+            "id": "backup_restore",
+            "title": "Restore from Backup",
+            "description": "Restore files and configurations from a backup archive "
+            "with pattern-based selection.",
+            "type": "button",
+            "value": "Restore Backup",
+        }
+    )
+
+    backup_section: SettingsSection = {
+        "id": "backup_restore",
+        "title": "Backup & Restore",
+        "description": "Backup and restore Agent Zero data and configurations "
+        "using glob pattern-based file selection.",
+        "fields": backup_fields,
+        "tab": "backup",
+    }
+
+    # Add the section to the result
+    result: SettingsOutput = {
+        "sections": [
+            agent_section,
+            chat_model_section,
+            util_model_section,
+            browser_model_section,
+            embed_model_section,
+            memory_section,
+            speech_section,
+            api_keys_section,
+            auth_section,
+            mcp_client_section,
+            mcp_server_section,
+            a2a_section,
+            external_api_section,
+            backup_section,
+            dev_section,
+            # code_exec_section,
+        ]
+    }
+    return result
+
+
+def _get_api_key_field(settings: Settings, provider: str, title: str) -> SettingsField:
+    key = settings["api_keys"].get(provider, models.get_api_key(provider))
+    # For API keys, use simple asterisk placeholder for existing keys
+    return {
+        "id": f"api_key_{provider}",
+        "title": title,
+        "type": "text",
+        "value": (API_KEY_PLACEHOLDER if key and key != "None" else ""),
+    }
+
+
+def convert_in(settings: dict) -> Settings:
+    current = get_settings()
+    for section in settings["sections"]:
+        if "fields" in section:
+            for field in section["fields"]:
+                # Skip saving if value is a placeholder
+                should_skip = (
+                    field["value"] == PASSWORD_PLACEHOLDER or
+                    field["value"] == API_KEY_PLACEHOLDER
+                )
+
+                if not should_skip:
+                    if field["id"].endswith("_kwargs"):
+                        current[field["id"]] = _env_to_dict(field["value"])
+                    elif field["id"].startswith("api_key_"):
+                        current["api_keys"][field["id"]] = field["value"]
+                    else:
+                        current[field["id"]] = field["value"]
+    return current
+
+
+def get_settings() -> Settings:
+    global _settings
+    if not _settings:
+        _settings = _read_settings_file()
+    if not _settings:
+        _settings = get_default_settings()
+    norm = normalize_settings(_settings)
+    return norm
+
+
+def set_settings(settings: Settings, apply: bool = True):
+    global _settings
+    previous = _settings
+    _settings = normalize_settings(settings)
+    _write_settings_file(_settings)
+    if apply:
+        _apply_settings(previous)
+
+
+def set_settings_delta(delta: dict, apply: bool = True):
+    current = get_settings()
+    new = {**current, **delta}
+    set_settings(new, apply)  # type: ignore
+
+
+def normalize_settings(settings: Settings) -> Settings:
+    copy = settings.copy()
+    default = get_default_settings()
+
+    # adjust settings values to match current version if needed
+    if "version" not in copy or copy["version"] != default["version"]:
+        _adjust_to_version(copy, default)
+        copy["version"] = default["version"]  # sync version
+
+    # remove keys that are not in default
+    keys_to_remove = [key for key in copy if key not in default]
+    for key in keys_to_remove:
+        del copy[key]
+
+    # add missing keys and normalize types
+    for key, value in default.items():
+        if key not in copy:
+            copy[key] = value
+        else:
+            try:
+                copy[key] = type(value)(copy[key])  # type: ignore
+                if isinstance(copy[key], str):
+                    copy[key] = copy[key].strip()  # strip strings
+            except (ValueError, TypeError):
+                copy[key] = value  # make default instead
+
+    # mcp server token is set automatically
+    copy["mcp_server_token"] = create_auth_token()
+
+    return copy
+
+
+def _adjust_to_version(settings: Settings, default: Settings):
+    # starting with 0.9, the default prompt subfolder for agent no. 0 is agent0
+    # switch to agent0 if the old default is used from v0.8
+    if "version" not in settings or settings["version"].startswith("v0.8"):
+        if "agent_profile" not in settings or settings["agent_profile"] == "default":
+            settings["agent_profile"] = "agent0"
+
+
+def _read_settings_file() -> Settings | None:
+    if os.path.exists(SETTINGS_FILE):
+        content = files.read_file(SETTINGS_FILE)
+        parsed = json.loads(content)
+        return normalize_settings(parsed)
+
+
+def _write_settings_file(settings: Settings):
+    settings = settings.copy()
+    _write_sensitive_settings(settings)
+    _remove_sensitive_settings(settings)
+
+    # write settings
+    content = json.dumps(settings, indent=4)
+    files.write_file(SETTINGS_FILE, content)
+
+
+def _remove_sensitive_settings(settings: Settings):
+    settings["api_keys"] = {}
+    settings["auth_login"] = ""
+    settings["auth_password"] = ""
+    settings["rfc_password"] = ""
+    settings["root_password"] = ""
+    settings["mcp_server_token"] = ""
+
+
+def _write_sensitive_settings(settings: Settings):
+    for key, val in settings["api_keys"].items():
+        dotenv.save_dotenv_value(key.upper(), val)
+
+    dotenv.save_dotenv_value(dotenv.KEY_AUTH_LOGIN, settings["auth_login"])
+    if settings["auth_password"]:
+        dotenv.save_dotenv_value(dotenv.KEY_AUTH_PASSWORD, settings["auth_password"])
+    if settings["rfc_password"]:
+        dotenv.save_dotenv_value(dotenv.KEY_RFC_PASSWORD, settings["rfc_password"])
+
+    if settings["root_password"]:
+        dotenv.save_dotenv_value(dotenv.KEY_ROOT_PASSWORD, settings["root_password"])
+    if settings["root_password"]:
+        set_root_password(settings["root_password"])
+
+
+def get_default_settings() -> Settings:
+    api_base_url = os.getenv("API_BASE_URL", "https://api.helmholtz-blablador.fz-juelich.de/v1")
+    return Settings(
+        version=_get_version(),
+        chat_model_provider="Other OpenAI compatible",
+        chat_model_name="alias-large",
+        chat_model_api_base=api_base_url,
+        chat_model_kwargs={"temperature": "0"},
+        chat_model_ctx_length=100000,
+        chat_model_ctx_history=0.7,
+        chat_model_vision=True,
+        chat_model_rl_requests=0,
+        chat_model_rl_input=0,
+        chat_model_rl_output=0,
+        util_model_provider="Other OpenAI compatible",
+        util_model_name="alias-large",
+        util_model_api_base=api_base_url,
+        util_model_ctx_length=100000,
+        util_model_ctx_input=0.7,
+        util_model_kwargs={"temperature": "0"},
+        util_model_rl_requests=0,
+        util_model_rl_input=0,
+        util_model_rl_output=0,
+        embed_model_provider="huggingface",
+        embed_model_name="sentence-transformers/all-MiniLM-L6-v2",
+        embed_model_api_base="",
+        embed_model_kwargs={},
+        embed_model_rl_requests=0,
+        embed_model_rl_input=0,
+        browser_model_provider="Google",
+        browser_model_name="gemini-2.0-flash-lite",
+        browser_model_api_base="",
+        browser_model_vision=True,
+        browser_model_rl_requests=0,
+        browser_model_rl_input=0,
+        browser_model_rl_output=0,
+        browser_model_kwargs={"temperature": "0"},
+        memory_recall_enabled=True,
+        memory_recall_delayed=False,
+        memory_recall_interval=3,
+        memory_recall_history_len=10000,
+        memory_recall_memories_max_search=12,
+        memory_recall_solutions_max_search=8,
+        memory_recall_memories_max_result=5,
+        memory_recall_solutions_max_result=3,
+        memory_recall_similarity_threshold=0.7,
+        memory_recall_query_prep=True,
+        memory_recall_post_filter=True,
+        memory_memorize_enabled=True,
+        memory_memorize_consolidation=True,
+        memory_memorize_replace_threshold=0.9,
+        api_keys={},
+        auth_login="",
+        auth_password="",
+        root_password="",
+        agent_profile="agent0",
+        agent_memory_subdir="default",
+        agent_knowledge_subdir="custom",
+        rfc_auto_docker=True,
+        rfc_url="localhost",
+        rfc_password="",
+        rfc_port_http=55080,
+        rfc_port_ssh=55022,
+        shell_interface="local" if runtime.is_dockerized() else "ssh",
+        stt_model_size="base",
+        stt_language="en",
+        stt_silence_threshold=0.3,
+        stt_silence_duration=1000,
+        stt_waiting_timeout=2000,
+        tts_kokoro=True,
+        mcp_servers='{\n    "mcpServers": {}\n}',
+        mcp_client_init_timeout=10,
+        mcp_client_tool_timeout=120,
+        mcp_server_enabled=False,
+        mcp_server_token=create_auth_token(),
+        a2a_server_enabled=False,
+    )
+
+
+
+def _apply_settings(previous: Settings | None):
+    global _settings
+    if _settings:
+        from agent import AgentContext
+        from initialize import initialize_agent
+
+        config = initialize_agent()
+        for ctx in AgentContext._contexts.values():
+            ctx.config = config  # reinitialize context config with new settings
+            # apply config to agents
+            agent = ctx.agent0
+            while agent:
+                agent.config = ctx.config
+                agent = agent.get_data(agent.DATA_NAME_SUBORDINATE)
+
+        # reload whisper model if necessary
+        if not previous or _settings["stt_model_size"] != previous["stt_model_size"]:
+            task = defer.DeferredTask().start_task(
+                whisper.preload, _settings["stt_model_size"])
+            # TODO overkill, replace with background task
+
+        # force memory reload on embedding model change
+        if not previous or (
+            _settings["embed_model_name"] != previous["embed_model_name"]
+            or _settings["embed_model_provider"] != previous["embed_model_provider"]
+            or _settings["embed_model_kwargs"] != previous["embed_model_kwargs"]
+        ):
+            from python.helpers.memory import reload as memory_reload
+
+            memory_reload()
+
+        # update mcp settings if necessary
+        if not previous or _settings["mcp_servers"] != previous["mcp_servers"]:
+            from python.helpers.mcp_handler import MCPConfig
+
+            async def update_mcp_settings(mcp_servers: str):
+                PrintStyle(
+                    background_color="black", font_color="white", padding=True
+                ).print("Updating MCP config...")
+                AgentContext.log_to_all(
+                    type="info", content="Updating MCP settings...", temp=True
+                )
+
+                mcp_config = MCPConfig.get_instance()
+                try:
+                    MCPConfig.update(mcp_servers)
+                except Exception as e:
+                    AgentContext.log_to_all(
+                        type="error",
+                        content=f"Failed to update MCP settings: {e}",
+                        temp=False,
+                    )
+                    (
+                        PrintStyle(
+                            background_color="red", font_color="black", padding=True
+                        ).print("Failed to update MCP settings")
+                    )
+                    (
+                        PrintStyle(
+                            background_color="black", font_color="red", padding=True
+                        ).print(f"{e}")
+                    )
+
+                PrintStyle(
+                    background_color="#6734C3", font_color="white", padding=True
+                ).print("Parsed MCP config:")
+                (
+                    PrintStyle(
+                        background_color="#334455", font_color="white", padding=False
+                    ).print(mcp_config.model_dump_json())
+                )
+                AgentContext.log_to_all(
+                    type="info", content="Finished updating MCP settings.", temp=True
+                )
+
+            task2 = defer.DeferredTask().start_task(
+                update_mcp_settings, config.mcp_servers
+            )  # TODO overkill, replace with background task
+
+        # update token in mcp server
+        current_token = (
+            create_auth_token()
+        )  # TODO - ugly, token in settings is generated from dotenv and does not always correspond
+        if not previous or current_token != previous["mcp_server_token"]:
+
+            async def update_mcp_token(token: str):
+                from python.helpers.mcp_server import DynamicMcpProxy
+
+                DynamicMcpProxy.get_instance().reconfigure(token=token)
+
+            task3 = defer.DeferredTask().start_task(
+                update_mcp_token, current_token
+            )  # TODO overkill, replace with background task
+
+        # update token in a2a server
+        if not previous or current_token != previous["mcp_server_token"]:
+
+            async def update_a2a_token(token: str):
+                from python.helpers.fasta2a_server import DynamicA2AProxy
+
+                DynamicA2AProxy.get_instance().reconfigure(token=token)
+
+            task4 = defer.DeferredTask().start_task(
+                update_a2a_token, current_token
+            )  # TODO overkill, replace with background task
+
+
+def _env_to_dict(data: str):
+    env_dict = {}
+    line_pattern = re.compile(r"\s*([^#][^=]*)\s*=\s*(.*)")
+    for line in data.splitlines():
+        match = line_pattern.match(line)
+        if match:
+            key, value = match.groups()
+            # Remove optional surrounding quotes (single or double)
+            value = value.strip().strip('"').strip("'")
+            env_dict[key.strip()] = value
+    return env_dict
+
+
+def _dict_to_env(data_dict):
+    lines = []
+    for key, value in data_dict.items():
+        if "\n" in value:
+            value = f"'{value}'"
+        elif " " in value or value == "" or any(c in value for c in "'\""):
+            value = f'"{value}"'
+        lines.append(f"{key}={value}")
+    return "\n".join(lines)
+
+
+def set_root_password(password: str):
+    if not runtime.is_dockerized():
+        raise Exception("root password can only be set in dockerized environments")
+    _result = subprocess.run(
+        ["chpasswd"],
+        input=f"root:{password}".encode(),
+        capture_output=True,
+        check=True,
+    )
+    dotenv.save_dotenv_value(dotenv.KEY_ROOT_PASSWORD, password)
+
+def get_runtime_config(set: Settings):
+    if runtime.is_dockerized():
+        return {
+            "code_exec_ssh_enabled": set["shell_interface"] == "ssh",
+            "code_exec_ssh_addr": "localhost",
+            "code_exec_ssh_port": 22,
+            "code_exec_ssh_user": "root",
+        }
+    else:
+        host = set["rfc_url"]
+        if "//" in host:
+            host = host.split("//")[1]
+        if ":" in host:
+            host, port = host.split(":")
+        if host.endswith("/"):
+            host = host[:-1]
+        return {
+            "code_exec_ssh_enabled": set["shell_interface"] == "ssh",
+            "code_exec_ssh_addr": host,
+            "code_exec_ssh_port": set["rfc_port_ssh"],
+            "code_exec_ssh_user": "root",
+        }
+
+def create_auth_token() -> str:
+    runtime_id = runtime.get_persistent_id()
+    username = dotenv.get_dotenv_value(dotenv.KEY_AUTH_LOGIN) or ""
+    password = dotenv.get_dotenv_value(dotenv.KEY_AUTH_PASSWORD) or ""
+    # use base64 encoding for a more compact token with alphanumeric chars
+    hash_bytes = hashlib.sha256(f"{runtime_id}:{username}:{password}".encode()).digest()
+    # encode as base64 and remove any non-alphanumeric chars (like +, /, =)
+    b64_token = base64.urlsafe_b64encode(hash_bytes).decode().replace("=", "")
+    return b64_token[:16]
+
+
+def _get_version():
+    try:
+        git_info = git.get_git_info()
+        return str(git_info.get("short_tag", "")).strip() or "unknown"
+    except Exception:
+        return "unknown"

python/tools/search_engine.py

@@ -0,0 +1,81 @@
+import requests
+from typing import List, Dict, Any
+from python.helpers.tool import Tool, Response
+
+# The base URL of the public SearXNG instance.
+# WARNING: Using a public, third-party instance is not recommended for production
+# due to significant reliability, security, and privacy risks.
+SEARXNG_BASE_URL = "https://CJJ-on-HF-SearXNG.hf.space"
+
+class SearchEngine(Tool):
+    """
+    A tool to perform web searches using a public SearXNG instance.
+    """
+
+    async def execute(self, query: str, category: str = "general", num_results: int = 5) -> Response:
+        """
+        Performs a web search using a public SearXNG instance and returns formatted results.
+        This tool allows for targeted searches using categories defined in the SearXNG instance.
+
+        Args:
+            query (str): The search query string.
+            category (str): The SearXNG category to search in (e.g., 'science', 'it', 'news').
+                            Defaults to 'general' for a broad search.
+            num_results (int): The maximum number of search results to return. Defaults to 5.
+
+        Returns:
+            Response: A Response object containing the formatted search results or an error message.
+        """
+        if not query:
+            return Response(message="Error: The search query cannot be empty.", break_loop=False)
+
+        # Construct the query with a category prefix if specified.
+        # This leverages the power of SearXNG's engine configuration.
+        search_query = f"!{category} {query}" if category and category != "general" else query
+
+        params = {
+            "q": search_query,
+            "format": "json",  # Essential for machine-readable output
+            "pageno": 1,
+        }
+
+        try:
+            response = requests.get(
+                f"{SEARXNG_BASE_URL}/search",
+                params=params,
+                timeout=15  # A generous but necessary timeout for a public service
+            )
+            # Raise an HTTPError for bad responses (4xx or 5xx)
+            response.raise_for_status()
+
+            data = response.json()
+            results: List[Dict[str, Any]] = data.get("results", [])
+
+            if not results:
+                return Response(message=f"No search results found for the query: '{query}'", break_loop=False)
+
+            # Format the results into a clean, readable string for the agent
+            formatted_output = []
+            for i, res in enumerate(results[:num_results]):
+                title = res.get("title", "No Title Provided")
+                url = res.get("url", "No URL Provided")
+                snippet = res.get("content") or res.get("description", "No Snippet Provided")
+                
+                # Sanitize snippet to remove excessive newlines for cleaner LLM input
+                clean_snippet = ' '.join(snippet.split()) if snippet else "No Snippet Provided"
+
+                formatted_output.append(
+                    f"Result {i+1}:\n"
+                    f"  Title: {title}\n"
+                    f"  URL: {url}\n"
+                    f"  Snippet: {clean_snippet}"
+                )
+            
+            return Response(message="\n---\n".join(formatted_output), break_loop=False)
+
+        except requests.exceptions.Timeout:
+            return Response(message="Error: The search request timed out. The SearXNG instance may be offline or overloaded.", break_loop=False)
+        except requests.exceptions.RequestException as e:
+            return Response(message=f"Error: A network error occurred while contacting the search service: {e}", break_loop=False)
+        except ValueError:  # Catches JSON decoding errors
+            return Response(message="Error: Failed to parse a valid JSON response from the search service. The service might be down or returning malformed data.", break_loop=False)

requirements.txt

@@ -0,0 +1,46 @@
+a2wsgi==1.10.8
+ansio==0.0.2
+browser-use==0.2.5
+docker==7.1.0
+duckduckgo-search==6.1.12
+faiss-cpu==1.11.0
+fastmcp==2.3.4
+fasta2a==0.5.0
+flask[async]==3.0.3
+flask-basicauth==0.2.0
+flaredantic==0.1.4
+GitPython==3.1.43
+inputimeout==1.0.4
+kokoro==0.9.4
+simpleeval==1.0.3
+langchain-core==0.3.49
+langchain-community==0.3.19
+langchain-unstructured[all-docs]==0.1.6
+openai-whisper==20240930
+lxml_html_clean==0.3.1
+markdown==3.7
+mcp==1.9.0
+newspaper3k==0.2.8
+paramiko==3.5.0
+playwright==1.52.0
+pypdf==4.3.1
+python-dotenv==1.1.0
+pytz==2024.2
+sentence-transformers==3.0.1
+tiktoken==0.12.0
+unstructured[all-docs]==0.16.23
+unstructured-client==0.31.0
+webcolors==24.6.0
+nest-asyncio==1.6.0
+crontab==1.0.1
+litellm==1.74.0
+markdownify==1.1.0
+pymupdf==1.25.3
+pytesseract==0.3.13
+pdf2image==1.17.0
+pathspec==0.12.1
+psutil==7.1.3
+soundfile==0.13.1
+gradio_client
+fastapi
+uvicorn

run_ui.py

@@ -0,0 +1,306 @@
+import secrets, hmac, hashlib, time, base64
+from datetime import timedelta
+import os
+import socket
+import struct
+from functools import wraps
+import threading
+from flask import Flask, request, Response, session
+from flask_basicauth import BasicAuth
+import initialize
+from python.helpers import files, git, mcp_server, fasta2a_server
+from python.helpers.files import get_abs_path
+from python.helpers import runtime, dotenv, process
+from python.helpers.extract_tools import load_classes_from_folder
+from python.helpers.api import ApiHandler
+from python.helpers.print_style import PrintStyle
+import atexit
+import asyncio
+
+CSRF_SECRET = secrets.token_bytes(32)  # or os.environ["CSRF_SECRET"].encode()
+TOKEN_TTL = 3600  # 1 hour validity
+
+def generate_csrf_token():
+    nonce = secrets.token_hex(16)  # 128-bit random
+    timestamp = str(int(time.time()))
+    data = f"{nonce}:{timestamp}"
+    sig = hmac.new(CSRF_SECRET, data.encode(), hashlib.sha256).hexdigest()
+    return f"{data}.{sig}"
+
+def verify_csrf_token(token):
+    try:
+        data, sig = token.rsplit(".", 1)
+        expected_sig = hmac.new(CSRF_SECRET, data.encode(), hashlib.sha256).hexdigest()
+        if not hmac.compare_digest(sig, expected_sig):
+            return False
+        # check TTL
+        nonce, timestamp = data.split(":")
+        if time.time() - int(timestamp) > TOKEN_TTL:
+            return False
+        return True
+    except Exception:
+        return False
+
+
+# Set the new timezone to 'UTC'
+os.environ["TZ"] = "UTC"
+os.environ["TOKENIZERS_PARALLELISM"] = "false"
+# Apply the timezone change
+if hasattr(time, 'tzset'):
+    time.tzset()
+
+# initialize the internal Flask server
+webapp = Flask("app", static_folder=get_abs_path("./webui"), static_url_path="/")
+webapp.secret_key = os.getenv("FLASK_SECRET_KEY") or secrets.token_hex(32)
+webapp.config.update(
+    JSON_SORT_KEYS=False,
+    SESSION_COOKIE_NAME="session_" + runtime.get_runtime_id(),  # bind the session cookie name to runtime id to prevent session collision on same host
+    SESSION_COOKIE_SAMESITE="Strict",
+    SESSION_PERMANENT=True,
+    PERMANENT_SESSION_LIFETIME=timedelta(days=1)
+)
+
+
+lock = threading.Lock()
+
+# Set up basic authentication for UI and API but not MCP
+basic_auth = BasicAuth(webapp)
+
+
+def is_loopback_address(address):
+    loopback_checker = {
+        socket.AF_INET: lambda x: struct.unpack("!I", socket.inet_aton(x))[0]
+        >> (32 - 8)
+        == 127,
+        socket.AF_INET6: lambda x: x == "::1",
+    }
+    address_type = "hostname"
+    try:
+        socket.inet_pton(socket.AF_INET6, address)
+        address_type = "ipv6"
+    except socket.error:
+        try:
+            socket.inet_pton(socket.AF_INET, address)
+            address_type = "ipv4"
+        except socket.error:
+            address_type = "hostname"
+
+    if address_type == "ipv4":
+        return loopback_checker[socket.AF_INET](address)
+    elif address_type == "ipv6":
+        return loopback_checker[socket.AF_INET6](address)
+    else:
+        for family in (socket.AF_INET, socket.AF_INET6):
+            try:
+                r = socket.getaddrinfo(address, None, family, socket.SOCK_STREAM)
+            except socket.gaierror:
+                return False
+            for family, _, _, _, sockaddr in r:
+                if not loopback_checker[family](sockaddr[0]):
+                    return False
+        return True
+
+
+def requires_api_key(f):
+    @wraps(f)
+    async def decorated(*args, **kwargs):
+        # Use the auth token from settings (same as MCP server)
+        from python.helpers.settings import get_settings
+        valid_api_key = get_settings()["mcp_server_token"]
+
+        if api_key := request.headers.get("X-API-KEY"):
+            if api_key != valid_api_key:
+                return Response("Invalid API key", 401)
+        elif request.json and request.json.get("api_key"):
+            api_key = request.json.get("api_key")
+            if api_key != valid_api_key:
+                return Response("Invalid API key", 401)
+        else:
+            return Response("API key required", 401)
+        return await f(*args, **kwargs)
+
+    return decorated
+
+
+# allow only loopback addresses
+def requires_loopback(f):
+    @wraps(f)
+    async def decorated(*args, **kwargs):
+        if not is_loopback_address(request.remote_addr):
+            return Response(
+                "Access denied.",
+                403,
+                {},
+            )
+        return await f(*args, **kwargs)
+
+    return decorated
+
+
+# require authentication for handlers
+def requires_auth(f):
+    @wraps(f)
+    async def decorated(*args, **kwargs):
+        user = dotenv.get_dotenv_value("AUTH_LOGIN")
+        password = dotenv.get_dotenv_value("AUTH_PASSWORD")
+        if user and password:
+            auth = request.authorization
+            if not auth or not (auth.username == user and auth.password == password):
+                return Response(
+                    "Could not verify your access level for that URL.\n"
+                    "You have to login with proper credentials",
+                    401,
+                    {"WWW-Authenticate": 'Basic realm="Login Required"'},
+                )
+        return await f(*args, **kwargs)
+
+    return decorated
+
+
+def csrf_protect(f):
+    @wraps(f)
+    async def decorated(*args, **kwargs):
+        header = request.headers.get("X-CSRF-Token")
+        if not header or not verify_csrf_token(header):
+            print("Invalid or missing CSRF token!")
+            return Response("CSRF token missing or invalid", 403)
+        print("CSRF token OK.")
+        return await f(*args, **kwargs)
+
+    return decorated
+
+
+# handle default address, load index
+@webapp.route("/", methods=["GET"])
+@requires_auth
+async def serve_index():
+    PrintStyle().print("Serving index.html")
+    gitinfo = None
+    try:
+        gitinfo = git.get_git_info()
+    except Exception as e:
+        PrintStyle().error(f"Error getting git info: {e}")
+        gitinfo = {
+            "version": "unknown",
+            "commit_time": "unknown",
+        }
+    index_content = files.read_file("webui/index.html")
+    index_content = files.replace_placeholders_text(
+        _content=index_content,
+        version_no=gitinfo["version"],
+        version_time=gitinfo["commit_time"]
+    )
+
+    # Generate and inject CSRF token and runtime_id into meta tags
+    csrf_token = generate_csrf_token()
+    runtime_id = runtime.get_runtime_id()
+    meta_tags = f'''<meta name="csrf-token" content="{csrf_token}">
+    <meta name="runtime-id" content="{runtime_id}">'''
+    index_content = index_content.replace("</head>", f"{meta_tags}</head>")
+    PrintStyle().print("Finished serving index.html")
+    return index_content
+
+def run():
+    PrintStyle().print("Initializing framework...")
+
+    # Suppress only request logs but keep the startup messages
+    from werkzeug.serving import WSGIRequestHandler
+    from werkzeug.serving import make_server
+    from werkzeug.middleware.dispatcher import DispatcherMiddleware
+    from a2wsgi import ASGIMiddleware
+
+    PrintStyle().print("Starting server...")
+
+    class NoRequestLoggingWSGIRequestHandler(WSGIRequestHandler):
+        def log_request(self, code="-", size="-"):
+            pass  # Override to suppress request logging
+
+    # Get configuration from environment
+    port = runtime.get_web_ui_port()
+    host = (
+        runtime.get_arg("host") or dotenv.get_dotenv_value("WEB_UI_HOST") or "localhost"
+    )
+    server = None
+
+    def register_api_handler(app, handler: type[ApiHandler]):
+        name = handler.__module__.split(".")[-1]
+        instance = handler(app, lock)
+
+        async def handler_wrap():
+            return await instance.handle_request(request=request)
+
+        if handler.requires_loopback():
+            handler_wrap = requires_loopback(handler_wrap)
+        if handler.requires_auth():
+            handler_wrap = requires_auth(handler_wrap)
+        if handler.requires_api_key():
+            handler_wrap = requires_api_key(handler_wrap)
+        if handler.requires_csrf():
+            handler_wrap = csrf_protect(handler_wrap)
+
+        app.add_url_rule(
+            f"/{name}",
+            f"/{name}",
+            handler_wrap,
+            methods=handler.get_methods(),
+        )
+
+    # initialize and register API handlers
+    handlers = load_classes_from_folder("python/api", "*.py", ApiHandler)
+    for handler in handlers:
+        register_api_handler(webapp, handler)
+
+    # add the webapp, mcp, and a2a to the app
+    middleware_routes = {
+        "/mcp": ASGIMiddleware(app=mcp_server.DynamicMcpProxy.get_instance()),  # type: ignore
+        "/a2a": ASGIMiddleware(app=fasta2a_server.DynamicA2AProxy.get_instance()),  # type: ignore
+    }
+
+    app = DispatcherMiddleware(webapp, middleware_routes)  # type: ignore
+
+    PrintStyle().debug(f"Starting server at http://{host}:{port} ...")
+
+    server = make_server(
+        host=host,
+        port=port,
+        app=app,
+        request_handler=NoRequestLoggingWSGIRequestHandler,
+        threaded=True,
+    )
+    process.set_server(server)
+    server.log_startup()
+
+    # Start init_a0 in a background thread when server starts
+    # threading.Thread(target=init_a0, daemon=True).start()
+    init_a0()
+
+    # run the server
+    server.serve_forever()
+
+
+def init_a0():
+    # initialize contexts and MCP
+    init_chats = initialize.initialize_chats()
+    # only wait for init chats, otherwise they would seem to disappear for a while on restart
+    init_chats.result_sync()
+
+    initialize.initialize_mcp()
+    # start job loop
+    initialize.initialize_job_loop()
+    # preload
+    initialize.initialize_preload()
+
+
+def shutdown_mcp():
+    proxy = mcp_server.DynamicMcpProxy.get_instance()
+    if proxy:
+        asyncio.run(proxy.close())
+
+atexit.register(shutdown_mcp)
+
+
+# run the internal server
+if __name__ == "__main__":
+    runtime.initialize()
+    dotenv.load_dotenv()
+    run()

start.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+echo "Starting Skilled-Agent..."
+
+# Run secret check
+python check_secrets.py
+
+# Start FastAPI app
+# We use port 5000 as configured in the Space metadata
+uvicorn api_app:app --host 0.0.0.0 --port 5000

webui/js/api.js

@@ -0,0 +1,90 @@
+/**
+ * Call a JSON-in JSON-out API endpoint
+ * Data is automatically serialized
+ * @param {string} endpoint - The API endpoint to call
+ * @param {any} data - The data to send to the API
+ * @returns {Promise<any>} The JSON response from the API
+ */
+export async function callJsonApi(endpoint, data) {
+  const response = await fetchApi(endpoint, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+    },
+    credentials: "same-origin",
+    body: JSON.stringify(data),
+  });
+
+  if (!response.ok) {
+    const error = await response.text();
+    throw new Error(error);
+  }
+  const jsonResponse = await response.json();
+  return jsonResponse;
+}
+
+/**
+ * Fetch wrapper for A0 APIs that ensures token exchange
+ * Automatically adds CSRF token to request headers
+ * @param {string} url - The URL to fetch
+ * @param {Object} [request] - The fetch request options
+ * @returns {Promise<Response>} The fetch response
+ */
+export async function fetchApi(url, request) {
+  async function _wrap(retry) {
+    // get the CSRF token
+    const token = await getCsrfToken();
+
+    // create a new request object if none was provided
+    const finalRequest = request || {};
+
+    // ensure headers object exists
+    finalRequest.headers = finalRequest.headers || {};
+
+    // add the CSRF token to the headers
+    finalRequest.headers["X-CSRF-Token"] = token;
+
+    // perform the fetch with the updated request
+    const response = await fetch(url, finalRequest);
+
+    // check if there was an CSRF error
+    if (response.status === 403 && retry) {
+      // retry the request with new token
+      csrfToken = null;
+      return await _wrap(false);
+    }
+
+    // return the response
+    return response;
+  }
+
+  // perform the request
+  const response = await _wrap(true);
+
+  // return the response
+  return response;
+}
+
+// csrf token stored locally
+let csrfToken = null;
+
+/**
+ * Get the CSRF token for API requests
+ * Caches the token after first request
+ * @returns {Promise<string>} The CSRF token
+ */
+async function getCsrfToken() {
+  if (csrfToken) return csrfToken;
+  const tokenElement = document.querySelector('meta[name="csrf-token"]');
+  if (tokenElement) {
+    csrfToken = tokenElement.content;
+    return csrfToken;
+  }
+  // fallback to fetch, but this should not happen
+  const response = await fetch("/csrf_token", {
+    credentials: "same-origin",
+  }).then((r) => r.json());
+  csrfToken = response.token;
+  document.cookie = `csrf_token_${response.runtime_id}=${csrfToken}; SameSite=Strict; Path=/`;
+  return csrfToken;
+}

webui/js/index.js

@@ -0,0 +1,1275 @@
+import * as msgs from "/js/messages.js";
+import * as api from "/js/api.js";
+import * as css from "/js/css.js";
+import { sleep } from "/js/sleep.js";
+import { store as attachmentsStore } from "/components/chat/attachments/attachmentsStore.js";
+import { store as speechStore } from "/components/chat/speech/speech-store.js";
+import { store as notificationStore } from "/components/notifications/notification-store.js";
+
+globalThis.fetchApi = api.fetchApi; // TODO - backward compatibility for non-modular scripts, remove once refactored to alpine
+
+const leftPanel = document.getElementById("left-panel");
+const rightPanel = document.getElementById("right-panel");
+const container = document.querySelector(".container");
+const chatInput = document.getElementById("chat-input");
+const chatHistory = document.getElementById("chat-history");
+const sendButton = document.getElementById("send-button");
+const inputSection = document.getElementById("input-section");
+const statusSection = document.getElementById("status-section");
+const chatsSection = document.getElementById("chats-section");
+const tasksSection = document.getElementById("tasks-section");
+const progressBar = document.getElementById("progress-bar");
+const autoScrollSwitch = document.getElementById("auto-scroll-switch");
+const timeDate = document.getElementById("time-date-container");
+
+let autoScroll = true;
+let context = "";
+let resetCounter = 0;
+let skipOneSpeech = false;
+let connectionStatus = undefined; // undefined = not checked yet, true = connected, false = disconnected
+
+// Initialize the toggle button
+setupSidebarToggle();
+// Initialize tabs
+setupTabs();
+
+export function getAutoScroll() {
+  return autoScroll;
+}
+
+function isMobile() {
+  return window.innerWidth <= 768;
+}
+
+function toggleSidebar(show) {
+  const overlay = document.getElementById("sidebar-overlay");
+  if (typeof show === "boolean") {
+    leftPanel.classList.toggle("hidden", !show);
+    rightPanel.classList.toggle("expanded", !show);
+    overlay.classList.toggle("visible", show);
+  } else {
+    leftPanel.classList.toggle("hidden");
+    rightPanel.classList.toggle("expanded");
+    overlay.classList.toggle(
+      "visible",
+      !leftPanel.classList.contains("hidden")
+    );
+  }
+}
+
+function handleResize() {
+  const overlay = document.getElementById("sidebar-overlay");
+  if (isMobile()) {
+    leftPanel.classList.add("hidden");
+    rightPanel.classList.add("expanded");
+    overlay.classList.remove("visible");
+  } else {
+    leftPanel.classList.remove("hidden");
+    rightPanel.classList.remove("expanded");
+    overlay.classList.remove("visible");
+  }
+}
+
+globalThis.addEventListener("load", handleResize);
+globalThis.addEventListener("resize", handleResize);
+
+document.addEventListener("DOMContentLoaded", () => {
+  const overlay = document.getElementById("sidebar-overlay");
+  overlay.addEventListener("click", () => {
+    if (isMobile()) {
+      toggleSidebar(false);
+    }
+  });
+});
+
+function setupSidebarToggle() {
+  const leftPanel = document.getElementById("left-panel");
+  const rightPanel = document.getElementById("right-panel");
+  const toggleSidebarButton = document.getElementById("toggle-sidebar");
+  if (toggleSidebarButton) {
+    toggleSidebarButton.addEventListener("click", toggleSidebar);
+  } else {
+    console.error("Toggle sidebar button not found");
+    setTimeout(setupSidebarToggle, 100);
+  }
+}
+document.addEventListener("DOMContentLoaded", setupSidebarToggle);
+
+export async function sendMessage() {
+  const sendButton = document.getElementById("send-button");
+  try {
+    sendButton.classList.add("loading");
+    sendButton.disabled = true;
+
+    const message = chatInput.value.trim();
+    const attachmentsWithUrls = attachmentsStore.getAttachmentsForSending();
+    const hasAttachments = attachmentsWithUrls.length > 0;
+
+    if (message || hasAttachments) {
+      let response;
+      const messageId = generateGUID();
+
+      // Clear input and attachments
+      chatInput.value = "";
+      attachmentsStore.clearAttachments();
+      adjustTextareaHeight();
+
+      // Include attachments in the user message
+      if (hasAttachments) {
+        const heading =
+          attachmentsWithUrls.length > 0
+            ? "Uploading attachments..."
+            : "User message";
+
+        // Render user message with attachments
+        setMessage(messageId, "user", heading, message, false, {
+          // attachments: attachmentsWithUrls, // skip here, let the backend properly log them
+        });
+
+        // sleep one frame to render the message before upload starts - better UX
+        sleep(0);
+
+        const formData = new FormData();
+        formData.append("text", message);
+        formData.append("context", context);
+        formData.append("message_id", messageId);
+
+        for (let i = 0; i < attachmentsWithUrls.length; i++) {
+          formData.append("attachments", attachmentsWithUrls[i].file);
+        }
+
+        response = await api.fetchApi("/message_async", {
+          method: "POST",
+          body: formData,
+        });
+      } else {
+        // For text-only messages
+        const data = {
+          text: message,
+          context,
+          message_id: messageId,
+        };
+        response = await api.fetchApi("/message_async", {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+          },
+          body: JSON.stringify(data),
+        });
+      }
+
+      // Handle response
+      const jsonResponse = await response.json();
+      if (!jsonResponse) {
+        toast("No response returned.", "error");
+      } else {
+        setContext(jsonResponse.context);
+      }
+    }
+  } catch (e) {
+    toastFetchError("Error sending message", e); // Will use new notification system
+  } finally {
+    sendButton.classList.remove("loading");
+    sendButton.disabled = false;
+  }
+}
+
+function toastFetchError(text, error) {
+  console.error(text, error);
+  // Use new frontend error notification system (async, but we don't need to wait)
+  const errorMessage = error?.message || error?.toString() || "Unknown error";
+
+  if (getConnectionStatus()) {
+    // Backend is connected, just show the error
+    toastFrontendError(`${text}: ${errorMessage}`).catch((e) =>
+      console.error("Failed to show error toast:", e)
+    );
+  } else {
+    // Backend is disconnected, show connection error
+    toastFrontendError(
+      `${text} (backend appears to be disconnected): ${errorMessage}`,
+      "Connection Error"
+    ).catch((e) => console.error("Failed to show connection error toast:", e));
+  }
+}
+globalThis.toastFetchError = toastFetchError;
+
+chatInput.addEventListener("keydown", (e) => {
+  if (e.key === "Enter" && !e.shiftKey) {
+    e.preventDefault();
+    sendMessage();
+  }
+});
+
+sendButton.addEventListener("click", sendMessage);
+
+export function updateChatInput(text) {
+  console.log("updateChatInput called with:", text);
+
+  // Append text with proper spacing
+  const currentValue = chatInput.value;
+  const needsSpace = currentValue.length > 0 && !currentValue.endsWith(" ");
+  chatInput.value = currentValue + (needsSpace ? " " : "") + text + " ";
+
+  // Adjust height and trigger input event
+  adjustTextareaHeight();
+  chatInput.dispatchEvent(new Event("input"));
+
+  console.log("Updated chat input value:", chatInput.value);
+}
+
+function updateUserTime() {
+  const now = new Date();
+  const hours = now.getHours();
+  const minutes = now.getMinutes();
+  const seconds = now.getSeconds();
+  const ampm = hours >= 12 ? "pm" : "am";
+  const formattedHours = hours % 12 || 12;
+
+  // Format the time
+  const timeString = `${formattedHours}:${minutes
+    .toString()
+    .padStart(2, "0")}:${seconds.toString().padStart(2, "0")} ${ampm}`;
+
+  // Format the date
+  const options = { year: "numeric", month: "short", day: "numeric" };
+  const dateString = now.toLocaleDateString(undefined, options);
+
+  // Update the HTML
+  const userTimeElement = document.getElementById("time-date");
+  userTimeElement.innerHTML = `${timeString}<br><span id="user-date">${dateString}</span>`;
+}
+
+updateUserTime();
+setInterval(updateUserTime, 1000);
+
+function setMessage(id, type, heading, content, temp, kvps = null) {
+  const result = msgs.setMessage(id, type, heading, content, temp, kvps);
+  if (autoScroll) chatHistory.scrollTop = chatHistory.scrollHeight;
+  return result;
+}
+
+globalThis.loadKnowledge = async function () {
+  const input = document.createElement("input");
+  input.type = "file";
+  input.accept = ".txt,.pdf,.csv,.html,.json,.md";
+  input.multiple = true;
+
+  input.onchange = async () => {
+    try {
+      const formData = new FormData();
+      for (let file of input.files) {
+        formData.append("files[]", file);
+      }
+
+      formData.append("ctxid", getContext());
+
+      const response = await api.fetchApi("/import_knowledge", {
+        method: "POST",
+        body: formData,
+      });
+
+      if (!response.ok) {
+        toast(await response.text(), "error");
+      } else {
+        const data = await response.json();
+        toast(
+          "Knowledge files imported: " + data.filenames.join(", "),
+          "success"
+        );
+      }
+    } catch (e) {
+      toastFetchError("Error loading knowledge", e);
+    }
+  };
+
+  input.click();
+};
+
+function adjustTextareaHeight() {
+  chatInput.style.height = "auto";
+  chatInput.style.height = chatInput.scrollHeight + "px";
+}
+
+export const sendJsonData = async function (url, data) {
+  return await api.callJsonApi(url, data);
+  // const response = await api.fetchApi(url, {
+  //     method: 'POST',
+  //     headers: {
+  //         'Content-Type': 'application/json'
+  //     },
+  //     body: JSON.stringify(data)
+  // });
+
+  // if (!response.ok) {
+  //     const error = await response.text();
+  //     throw new Error(error);
+  // }
+  // const jsonResponse = await response.json();
+  // return jsonResponse;
+};
+globalThis.sendJsonData = sendJsonData;
+
+function generateGUID() {
+  return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, function (c) {
+    var r = (Math.random() * 16) | 0;
+    var v = c === "x" ? r : (r & 0x3) | 0x8;
+    return v.toString(16);
+  });
+}
+
+function getConnectionStatus() {
+  return connectionStatus;
+}
+
+function setConnectionStatus(connected) {
+  connectionStatus = connected;
+  if (globalThis.Alpine && timeDate) {
+    const statusIconEl = timeDate.querySelector(".status-icon");
+    if (statusIconEl) {
+      const statusIcon = Alpine.$data(statusIconEl);
+      if (statusIcon) {
+        statusIcon.connected = connected;
+      }
+    }
+  }
+}
+
+let lastLogVersion = 0;
+let lastLogGuid = "";
+let lastSpokenNo = 0;
+
+async function poll() {
+  let updated = false;
+  try {
+    // Get timezone from navigator
+    const timezone = Intl.DateTimeFormat().resolvedOptions().timeZone;
+
+    const log_from = lastLogVersion;
+    const response = await sendJsonData("/poll", {
+      log_from: log_from,
+      notifications_from: notificationStore.lastNotificationVersion || 0,
+      context: context || null,
+      timezone: timezone,
+    });
+
+    // Check if the response is valid
+    if (!response) {
+      console.error("Invalid response from poll endpoint");
+      return false;
+    }
+
+    if (!context) setContext(response.context);
+    if (response.context != context) return; //skip late polls after context change
+
+    // if the chat has been reset, restart this poll as it may have been called with incorrect log_from
+    if (lastLogGuid != response.log_guid) {
+      chatHistory.innerHTML = "";
+      lastLogVersion = 0;
+      lastLogGuid = response.log_guid;
+      await poll();
+      return;
+    }
+
+    if (lastLogVersion != response.log_version) {
+      updated = true;
+      for (const log of response.logs) {
+        const messageId = log.id || log.no; // Use log.id if available
+        setMessage(
+          messageId,
+          log.type,
+          log.heading,
+          log.content,
+          log.temp,
+          log.kvps
+        );
+      }
+      afterMessagesUpdate(response.logs);
+    }
+
+    lastLogVersion = response.log_version;
+    lastLogGuid = response.log_guid;
+
+    updateProgress(response.log_progress, response.log_progress_active);
+
+    // Update notifications from response
+    notificationStore.updateFromPoll(response);
+
+    //set ui model vars from backend
+    if (globalThis.Alpine && inputSection) {
+      const inputAD = Alpine.$data(inputSection);
+      if (inputAD) {
+        inputAD.paused = response.paused;
+      }
+    }
+
+    // Update status icon state
+    setConnectionStatus(true);
+
+    // Update chats list and sort by created_at time (newer first)
+    let chatsAD = null;
+    let contexts = response.contexts || [];
+    if (globalThis.Alpine && chatsSection) {
+      chatsAD = Alpine.$data(chatsSection);
+      if (chatsAD) {
+        chatsAD.contexts = contexts.sort(
+          (a, b) => (b.created_at || 0) - (a.created_at || 0)
+        );
+      }
+    }
+
+    // Update tasks list and sort by creation time (newer first)
+    const tasksSection = document.getElementById("tasks-section");
+    if (globalThis.Alpine && tasksSection) {
+      const tasksAD = Alpine.$data(tasksSection);
+      if (tasksAD) {
+        let tasks = response.tasks || [];
+
+        // Always update tasks to ensure state changes are reflected
+        if (tasks.length > 0) {
+          // Sort the tasks by creation time
+          const sortedTasks = [...tasks].sort(
+            (a, b) => (b.created_at || 0) - (a.created_at || 0)
+          );
+
+          // Assign the sorted tasks to the Alpine data
+          tasksAD.tasks = sortedTasks;
+        } else {
+          // Make sure to use a new empty array instance
+          tasksAD.tasks = [];
+        }
+      }
+    }
+
+    // Make sure the active context is properly selected in both lists
+    if (context) {
+      // Update selection in the active tab
+      const activeTab = localStorage.getItem("activeTab") || "chats";
+
+      if (activeTab === "chats" && chatsAD) {
+        chatsAD.selected = context;
+        localStorage.setItem("lastSelectedChat", context);
+
+        // Check if this context exists in the chats list
+        const contextExists = contexts.some((ctx) => ctx.id === context);
+
+        // If it doesn't exist in the chats list but we're in chats tab, try to select the first chat
+        if (!contextExists && contexts.length > 0) {
+          // Check if the current context is empty before creating a new one
+          // If there's already a current context and we're just updating UI, don't automatically
+          // create a new context by calling setContext
+          const firstChatId = contexts[0].id;
+
+          // Only create a new context if we're not currently in an existing context
+          // This helps prevent duplicate contexts when switching tabs
+          setContext(firstChatId);
+          chatsAD.selected = firstChatId;
+          localStorage.setItem("lastSelectedChat", firstChatId);
+        }
+      } else if (activeTab === "tasks" && tasksSection) {
+        const tasksAD = Alpine.$data(tasksSection);
+        tasksAD.selected = context;
+        localStorage.setItem("lastSelectedTask", context);
+
+        // Check if this context exists in the tasks list
+        const taskExists = response.tasks?.some((task) => task.id === context);
+
+        // If it doesn't exist in the tasks list but we're in tasks tab, try to select the first task
+        if (!taskExists && response.tasks?.length > 0) {
+          const firstTaskId = response.tasks[0].id;
+          setContext(firstTaskId);
+          tasksAD.selected = firstTaskId;
+          localStorage.setItem("lastSelectedTask", firstTaskId);
+        }
+      }
+    } else if (
+      response.tasks &&
+      response.tasks.length > 0 &&
+      localStorage.getItem("activeTab") === "tasks"
+    ) {
+      // If we're in tasks tab with no selection but have tasks, select the first one
+      const firstTaskId = response.tasks[0].id;
+      setContext(firstTaskId);
+      if (tasksSection) {
+        const tasksAD = Alpine.$data(tasksSection);
+        tasksAD.selected = firstTaskId;
+        localStorage.setItem("lastSelectedTask", firstTaskId);
+      }
+    } else if (
+      contexts.length > 0 &&
+      localStorage.getItem("activeTab") === "chats" &&
+      chatsAD
+    ) {
+      // If we're in chats tab with no selection but have chats, select the first one
+      const firstChatId = contexts[0].id;
+
+      // Only set context if we don't already have one to avoid duplicates
+      if (!context) {
+        setContext(firstChatId);
+        chatsAD.selected = firstChatId;
+        localStorage.setItem("lastSelectedChat", firstChatId);
+      }
+    }
+
+    lastLogVersion = response.log_version;
+    lastLogGuid = response.log_guid;
+  } catch (error) {
+    console.error("Error:", error);
+    setConnectionStatus(false);
+  }
+
+  return updated;
+}
+
+function afterMessagesUpdate(logs) {
+  if (localStorage.getItem("speech") == "true") {
+    speakMessages(logs);
+  }
+}
+
+function speakMessages(logs) {
+  if (skipOneSpeech) {
+    skipOneSpeech = false;
+    return;
+  }
+  // log.no, log.type, log.heading, log.content
+  for (let i = logs.length - 1; i >= 0; i--) {
+    const log = logs[i];
+
+    // if already spoken, end
+    // if(log.no < lastSpokenNo) break;
+
+    // finished response
+    if (log.type == "response") {
+      // lastSpokenNo = log.no;
+      speechStore.speakStream(
+        getChatBasedId(log.no),
+        log.content,
+        log.kvps?.finished
+      );
+      return;
+
+      // finished LLM headline, not response
+    } else if (
+      log.type == "agent" &&
+      log.kvps &&
+      log.kvps.headline &&
+      log.kvps.tool_args &&
+      log.kvps.tool_name != "response"
+    ) {
+      // lastSpokenNo = log.no;
+      speechStore.speakStream(getChatBasedId(log.no), log.kvps.headline, true);
+      return;
+    }
+  }
+}
+
+function updateProgress(progress, active) {
+  if (!progress) progress = "";
+
+  if (!active) {
+    removeClassFromElement(progressBar, "shiny-text");
+  } else {
+    addClassToElement(progressBar, "shiny-text");
+  }
+
+  progress = msgs.convertIcons(progress);
+
+  if (progressBar.innerHTML != progress) {
+    progressBar.innerHTML = progress;
+  }
+}
+
+globalThis.pauseAgent = async function (paused) {
+  try {
+    const resp = await sendJsonData("/pause", { paused: paused, context });
+  } catch (e) {
+    globalThis.toastFetchError("Error pausing agent", e);
+  }
+};
+
+globalThis.resetChat = async function (ctxid = null) {
+  try {
+    const resp = await sendJsonData("/chat_reset", {
+      context: ctxid === null ? context : ctxid,
+    });
+    resetCounter++;
+    if (ctxid === null) updateAfterScroll();
+  } catch (e) {
+    globalThis.toastFetchError("Error resetting chat", e);
+  }
+};
+
+globalThis.newChat = async function () {
+  try {
+    setContext(generateGUID());
+    updateAfterScroll();
+  } catch (e) {
+    globalThis.toastFetchError("Error creating new chat", e);
+  }
+};
+
+globalThis.killChat = async function (id) {
+  if (!id) {
+    console.error("No chat ID provided for deletion");
+    return;
+  }
+
+  console.log("Deleting chat with ID:", id);
+
+  try {
+    const chatsAD = Alpine.$data(chatsSection);
+    console.log(
+      "Current contexts before deletion:",
+      JSON.stringify(chatsAD.contexts.map((c) => ({ id: c.id, name: c.name })))
+    );
+
+    // switch to another context if deleting current
+    switchFromContext(id);
+
+    // Delete the chat on the server
+    await sendJsonData("/chat_remove", { context: id });
+
+    // Update the UI manually to ensure the correct chat is removed
+    // Deep clone the contexts array to prevent reference issues
+    const updatedContexts = chatsAD.contexts.filter((ctx) => ctx.id !== id);
+    console.log(
+      "Updated contexts after deletion:",
+      JSON.stringify(updatedContexts.map((c) => ({ id: c.id, name: c.name })))
+    );
+
+    // Force UI update by creating a new array
+    chatsAD.contexts = [...updatedContexts];
+
+    updateAfterScroll();
+
+    justToast("Chat deleted successfully", "success", 1000, "chat-removal");
+  } catch (e) {
+    console.error("Error deleting chat:", e);
+    globalThis.toastFetchError("Error deleting chat", e);
+  }
+};
+
+export function switchFromContext(id) {
+  // If we're deleting the currently selected chat, switch to another one first
+  if (context === id) {
+    const chatsAD = Alpine.$data(chatsSection);
+
+    // Find an alternate chat to switch to if we're deleting the current one
+    let alternateChat = null;
+    for (let i = 0; i < chatsAD.contexts.length; i++) {
+      if (chatsAD.contexts[i].id !== id) {
+        alternateChat = chatsAD.contexts[i];
+        break;
+      }
+    }
+
+    if (alternateChat) {
+      setContext(alternateChat.id);
+    } else {
+      // If no other chats, create a new empty context
+      setContext(generateGUID());
+    }
+  }
+}
+
+// Function to ensure proper UI state when switching contexts
+function ensureProperTabSelection(contextId) {
+  // Get current active tab
+  const activeTab = localStorage.getItem("activeTab") || "chats";
+
+  // First attempt to determine if this is a task or chat based on the task list
+  const tasksSection = document.getElementById("tasks-section");
+  let isTask = false;
+
+  if (tasksSection) {
+    const tasksAD = Alpine.$data(tasksSection);
+    if (tasksAD && tasksAD.tasks) {
+      isTask = tasksAD.tasks.some((task) => task.id === contextId);
+    }
+  }
+
+  // If we're selecting a task but are in the chats tab, switch to tasks tab
+  if (isTask && activeTab === "chats") {
+    // Store this as the last selected task before switching
+    localStorage.setItem("lastSelectedTask", contextId);
+    activateTab("tasks");
+    return true;
+  }
+
+  // If we're selecting a chat but are in the tasks tab, switch to chats tab
+  if (!isTask && activeTab === "tasks") {
+    // Store this as the last selected chat before switching
+    localStorage.setItem("lastSelectedChat", contextId);
+    activateTab("chats");
+    return true;
+  }
+
+  return false;
+}
+
+globalThis.selectChat = async function (id) {
+  if (id === context) return; //already selected
+
+  // Check if we need to switch tabs based on the context type
+  const tabSwitched = ensureProperTabSelection(id);
+
+  // If we didn't switch tabs, proceed with normal selection
+  if (!tabSwitched) {
+    // Switch to the new context - this will clear chat history and reset tracking variables
+    setContext(id);
+
+    // Update both contexts and tasks lists to reflect the selected item
+    const chatsAD = Alpine.$data(chatsSection);
+    const tasksSection = document.getElementById("tasks-section");
+    if (tasksSection) {
+      const tasksAD = Alpine.$data(tasksSection);
+      tasksAD.selected = id;
+    }
+    chatsAD.selected = id;
+
+    // Store this selection in the appropriate localStorage key
+    const activeTab = localStorage.getItem("activeTab") || "chats";
+    if (activeTab === "chats") {
+      localStorage.setItem("lastSelectedChat", id);
+    } else if (activeTab === "tasks") {
+      localStorage.setItem("lastSelectedTask", id);
+    }
+
+    // Trigger an immediate poll to fetch content
+    poll();
+  }
+
+  updateAfterScroll();
+};
+
+export const setContext = function (id) {
+  if (id == context) return;
+  context = id;
+  // Always reset the log tracking variables when switching contexts
+  // This ensures we get fresh data from the backend
+  lastLogGuid = "";
+  lastLogVersion = 0;
+  lastSpokenNo = 0;
+
+  // Stop speech when switching chats
+  speechStore.stopAudio();
+
+  // Clear the chat history immediately to avoid showing stale content
+  chatHistory.innerHTML = "";
+
+  // Update both selected states
+  if (globalThis.Alpine) {
+    if (chatsSection) {
+      const chatsAD = Alpine.$data(chatsSection);
+      if (chatsAD) chatsAD.selected = id;
+    }
+    if (tasksSection) {
+      const tasksAD = Alpine.$data(tasksSection);
+      if (tasksAD) tasksAD.selected = id;
+    }
+  }
+
+  //skip one speech if enabled when switching context
+  if (localStorage.getItem("speech") == "true") skipOneSpeech = true;
+};
+
+export const getContext = function () {
+  return context;
+};
+
+export const getChatBasedId = function (id) {
+  return context + "-" + resetCounter + "-" + id;
+};
+
+globalThis.toggleAutoScroll = async function (_autoScroll) {
+  autoScroll = _autoScroll;
+};
+
+globalThis.toggleJson = async function (showJson) {
+  css.toggleCssProperty(".msg-json", "display", showJson ? "block" : "none");
+};
+
+globalThis.toggleThoughts = async function (showThoughts) {
+  css.toggleCssProperty(
+    ".msg-thoughts",
+    "display",
+    showThoughts ? undefined : "none"
+  );
+};
+
+globalThis.toggleUtils = async function (showUtils) {
+  css.toggleCssProperty(
+    ".message-util",
+    "display",
+    showUtils ? undefined : "none"
+  );
+};
+
+globalThis.toggleDarkMode = function (isDark) {
+  if (isDark) {
+    document.body.classList.remove("light-mode");
+    document.body.classList.add("dark-mode");
+  } else {
+    document.body.classList.remove("dark-mode");
+    document.body.classList.add("light-mode");
+  }
+  console.log("Dark mode:", isDark);
+  localStorage.setItem("darkMode", isDark);
+};
+
+globalThis.toggleSpeech = function (isOn) {
+  console.log("Speech:", isOn);
+  localStorage.setItem("speech", isOn);
+  if (!isOn) speechStore.stopAudio();
+};
+
+globalThis.nudge = async function () {
+  try {
+    const resp = await sendJsonData("/nudge", { ctxid: getContext() });
+  } catch (e) {
+    toastFetchError("Error nudging agent", e);
+  }
+};
+
+globalThis.restart = async function () {
+  try {
+    if (!getConnectionStatus()) {
+      await toastFrontendError(
+        "Backend disconnected, cannot restart.",
+        "Restart Error"
+      );
+      return;
+    }
+    // First try to initiate restart
+    const resp = await sendJsonData("/restart", {});
+  } catch (e) {
+    // Show restarting message with no timeout and restart group
+    await toastFrontendInfo("Restarting...", "System Restart", 9999, "restart");
+
+    let retries = 0;
+    const maxRetries = 240; // Maximum number of retries (60 seconds with 250ms interval)
+
+    while (retries < maxRetries) {
+      try {
+        const resp = await sendJsonData("/health", {});
+        // Server is back up, show success message that replaces the restarting message
+        await new Promise((resolve) => setTimeout(resolve, 250));
+        await toastFrontendSuccess("Restarted", "System Restart", 5, "restart");
+        return;
+      } catch (e) {
+        // Server still down, keep waiting
+        retries++;
+        await new Promise((resolve) => setTimeout(resolve, 250));
+      }
+    }
+
+    // If we get here, restart failed or took too long
+    await toastFrontendError(
+      "Restart timed out or failed",
+      "Restart Error",
+      8,
+      "restart"
+    );
+  }
+};
+
+// Modify this part
+document.addEventListener("DOMContentLoaded", () => {
+  const isDarkMode = localStorage.getItem("darkMode") !== "false";
+  toggleDarkMode(isDarkMode);
+});
+
+globalThis.loadChats = async function () {
+  try {
+    const fileContents = await readJsonFiles();
+    const response = await sendJsonData("/chat_load", { chats: fileContents });
+
+    if (!response) {
+      toast("No response returned.", "error");
+    }
+    // else if (!response.ok) {
+    //     if (response.message) {
+    //         toast(response.message, "error")
+    //     } else {
+    //         toast("Undefined error.", "error")
+    //     }
+    // }
+    else {
+      setContext(response.ctxids[0]);
+      toast("Chats loaded.", "success");
+    }
+  } catch (e) {
+    toastFetchError("Error loading chats", e);
+  }
+};
+
+globalThis.saveChat = async function () {
+  try {
+    const response = await sendJsonData("/chat_export", { ctxid: context });
+
+    if (!response) {
+      toast("No response returned.", "error");
+    }
+    //  else if (!response.ok) {
+    //     if (response.message) {
+    //         toast(response.message, "error")
+    //     } else {
+    //         toast("Undefined error.", "error")
+    //     }
+    // }
+    else {
+      downloadFile(response.ctxid + ".json", response.content);
+      toast("Chat file downloaded.", "success");
+    }
+  } catch (e) {
+    toastFetchError("Error saving chat", e);
+  }
+};
+
+function downloadFile(filename, content) {
+  // Create a Blob with the content to save
+  const blob = new Blob([content], { type: "application/json" });
+
+  // Create a link element
+  const link = document.createElement("a");
+
+  // Create a URL for the Blob
+  const url = URL.createObjectURL(blob);
+  link.href = url;
+
+  // Set the file name for download
+  link.download = filename;
+
+  // Programmatically click the link to trigger the download
+  link.click();
+
+  // Clean up by revoking the object URL
+  setTimeout(() => {
+    URL.revokeObjectURL(url);
+  }, 0);
+}
+
+function readJsonFiles() {
+  return new Promise((resolve, reject) => {
+    // Create an input element of type 'file'
+    const input = document.createElement("input");
+    input.type = "file";
+    input.accept = ".json"; // Only accept JSON files
+    input.multiple = true; // Allow multiple file selection
+
+    // Trigger the file dialog
+    input.click();
+
+    // When files are selected
+    input.onchange = async () => {
+      const files = input.files;
+      if (!files.length) {
+        resolve([]); // Return an empty array if no files are selected
+        return;
+      }
+
+      // Read each file as a string and store in an array
+      const filePromises = Array.from(files).map((file) => {
+        return new Promise((fileResolve, fileReject) => {
+          const reader = new FileReader();
+          reader.onload = () => fileResolve(reader.result);
+          reader.onerror = fileReject;
+          reader.readAsText(file);
+        });
+      });
+
+      try {
+        const fileContents = await Promise.all(filePromises);
+        resolve(fileContents);
+      } catch (error) {
+        reject(error); // In case of any file reading error
+      }
+    };
+  });
+}
+
+function addClassToElement(element, className) {
+  element.classList.add(className);
+}
+
+function removeClassFromElement(element, className) {
+  element.classList.remove(className);
+}
+
+function justToast(text, type = "info", timeout = 5000, group = "") {
+  notificationStore.addFrontendToastOnly(
+    type,
+    text,
+    "",
+    timeout / 1000,
+    group
+  )
+}
+  
+
+function toast(text, type = "info", timeout = 5000) {
+  // Convert timeout from milliseconds to seconds for new notification system
+  const display_time = Math.max(timeout / 1000, 1); // Minimum 1 second
+
+  // Use new frontend notification system based on type
+    switch (type.toLowerCase()) {
+      case "error":
+        return notificationStore.frontendError(text, "Error", display_time);
+      case "success":
+        return notificationStore.frontendInfo(text, "Success", display_time);
+      case "warning":
+        return notificationStore.frontendWarning(text, "Warning", display_time);
+      case "info":
+      default:
+        return notificationStore.frontendInfo(text, "Info", display_time);
+    }
+
+}
+globalThis.toast = toast;
+
+// OLD: hideToast function removed - now using new notification system
+
+function scrollChanged(isAtBottom) {
+  if (globalThis.Alpine && autoScrollSwitch) {
+    const inputAS = Alpine.$data(autoScrollSwitch);
+    if (inputAS) {
+      inputAS.autoScroll = isAtBottom;
+    }
+  }
+  // autoScrollSwitch.checked = isAtBottom
+}
+
+function updateAfterScroll() {
+  // const toleranceEm = 1; // Tolerance in em units
+  // const tolerancePx = toleranceEm * parseFloat(getComputedStyle(document.documentElement).fontSize); // Convert em to pixels
+  const tolerancePx = 10;
+  const chatHistory = document.getElementById("chat-history");
+  const isAtBottom =
+    chatHistory.scrollHeight - chatHistory.scrollTop <=
+    chatHistory.clientHeight + tolerancePx;
+
+  scrollChanged(isAtBottom);
+}
+
+chatHistory.addEventListener("scroll", updateAfterScroll);
+
+chatInput.addEventListener("input", adjustTextareaHeight);
+
+// setInterval(poll, 250);
+
+async function startPolling() {
+  const shortInterval = 25;
+  const longInterval = 250;
+  const shortIntervalPeriod = 100;
+  let shortIntervalCount = 0;
+
+  async function _doPoll() {
+    let nextInterval = longInterval;
+
+    try {
+      const result = await poll();
+      if (result) shortIntervalCount = shortIntervalPeriod; // Reset the counter when the result is true
+      if (shortIntervalCount > 0) shortIntervalCount--; // Decrease the counter on each call
+      nextInterval = shortIntervalCount > 0 ? shortInterval : longInterval;
+    } catch (error) {
+      console.error("Error:", error);
+    }
+
+    // Call the function again after the selected interval
+    setTimeout(_doPoll.bind(this), nextInterval);
+  }
+
+  _doPoll();
+}
+
+document.addEventListener("DOMContentLoaded", startPolling);
+
+// Setup event handlers once the DOM is fully loaded
+document.addEventListener("DOMContentLoaded", function () {
+  setupSidebarToggle();
+  setupTabs();
+  initializeActiveTab();
+});
+
+// Setup tabs functionality
+function setupTabs() {
+  const chatsTab = document.getElementById("chats-tab");
+  const tasksTab = document.getElementById("tasks-tab");
+
+  if (chatsTab && tasksTab) {
+    chatsTab.addEventListener("click", function () {
+      activateTab("chats");
+    });
+
+    tasksTab.addEventListener("click", function () {
+      activateTab("tasks");
+    });
+  } else {
+    console.error("Tab elements not found");
+    setTimeout(setupTabs, 100); // Retry setup
+  }
+}
+
+function activateTab(tabName) {
+  const chatsTab = document.getElementById("chats-tab");
+  const tasksTab = document.getElementById("tasks-tab");
+  const chatsSection = document.getElementById("chats-section");
+  const tasksSection = document.getElementById("tasks-section");
+
+  // Get current context to preserve before switching
+  const currentContext = context;
+
+  // Store the current selection for the active tab before switching
+  const previousTab = localStorage.getItem("activeTab");
+  if (previousTab === "chats") {
+    localStorage.setItem("lastSelectedChat", currentContext);
+  } else if (previousTab === "tasks") {
+    localStorage.setItem("lastSelectedTask", currentContext);
+  }
+
+  // Reset all tabs and sections
+  chatsTab.classList.remove("active");
+  tasksTab.classList.remove("active");
+  chatsSection.style.display = "none";
+  tasksSection.style.display = "none";
+
+  // Remember the last active tab in localStorage
+  localStorage.setItem("activeTab", tabName);
+
+  // Activate selected tab and section
+  if (tabName === "chats") {
+    chatsTab.classList.add("active");
+    chatsSection.style.display = "";
+
+    // Get the available contexts from Alpine.js data
+    const chatsAD = globalThis.Alpine ? Alpine.$data(chatsSection) : null;
+    const availableContexts = chatsAD?.contexts || [];
+
+    // Restore previous chat selection
+    const lastSelectedChat = localStorage.getItem("lastSelectedChat");
+
+    // Only switch if:
+    // 1. lastSelectedChat exists AND
+    // 2. It's different from current context AND
+    // 3. The context actually exists in our contexts list OR there are no contexts yet
+    if (
+      lastSelectedChat &&
+      lastSelectedChat !== currentContext &&
+      (availableContexts.some((ctx) => ctx.id === lastSelectedChat) ||
+        availableContexts.length === 0)
+    ) {
+      setContext(lastSelectedChat);
+    }
+  } else if (tabName === "tasks") {
+    tasksTab.classList.add("active");
+    tasksSection.style.display = "flex";
+    tasksSection.style.flexDirection = "column";
+
+    // Get the available tasks from Alpine.js data
+    const tasksAD = globalThis.Alpine ? Alpine.$data(tasksSection) : null;
+    const availableTasks = tasksAD?.tasks || [];
+
+    // Restore previous task selection
+    const lastSelectedTask = localStorage.getItem("lastSelectedTask");
+
+    // Only switch if:
+    // 1. lastSelectedTask exists AND
+    // 2. It's different from current context AND
+    // 3. The task actually exists in our tasks list
+    if (
+      lastSelectedTask &&
+      lastSelectedTask !== currentContext &&
+      availableTasks.some((task) => task.id === lastSelectedTask)
+    ) {
+      setContext(lastSelectedTask);
+    }
+  }
+
+  // Request a poll update
+  poll();
+}
+
+// Add function to initialize active tab and selections from localStorage
+function initializeActiveTab() {
+  // Initialize selection storage if not present
+  if (!localStorage.getItem("lastSelectedChat")) {
+    localStorage.setItem("lastSelectedChat", "");
+  }
+  if (!localStorage.getItem("lastSelectedTask")) {
+    localStorage.setItem("lastSelectedTask", "");
+  }
+
+  const activeTab = localStorage.getItem("activeTab") || "chats";
+  activateTab(activeTab);
+}
+
+/*
+ * A0 Chat UI
+ *
+ * Tasks tab functionality:
+ * - Tasks are displayed in the Tasks tab with the same mechanics as chats
+ * - Both lists are sorted by creation time (newest first)
+ * - Selection state is preserved across tab switches
+ * - The active tab is remembered across sessions
+ * - Tasks use the same context system as chats for communication with the backend
+ * - Future support for renaming and deletion will be implemented later
+ */
+
+// Open the scheduler detail view for a specific task
+function openTaskDetail(taskId) {
+  // Wait for Alpine.js to be fully loaded
+  if (globalThis.Alpine) {
+    // Get the settings modal button and click it to ensure all init logic happens
+    const settingsButton = document.getElementById("settings");
+    if (settingsButton) {
+      // Programmatically click the settings button
+      settingsButton.click();
+
+      // Now get a reference to the modal element
+      const modalEl = document.getElementById("settingsModal");
+      if (!modalEl) {
+        console.error("Settings modal element not found after clicking button");
+        return;
+      }
+
+      // Get the Alpine.js data for the modal
+      const modalData = globalThis.Alpine ? Alpine.$data(modalEl) : null;
+
+      // Use a timeout to ensure the modal is fully rendered
+      setTimeout(() => {
+        // Switch to the scheduler tab first
+        modalData.switchTab("scheduler");
+
+        // Use another timeout to ensure the scheduler component is initialized
+        setTimeout(() => {
+          // Get the scheduler component
+          const schedulerComponent = document.querySelector(
+            '[x-data="schedulerSettings"]'
+          );
+          if (!schedulerComponent) {
+            console.error("Scheduler component not found");
+            return;
+          }
+
+          // Get the Alpine.js data for the scheduler component
+          const schedulerData = globalThis.Alpine
+            ? Alpine.$data(schedulerComponent)
+            : null;
+
+          // Show the task detail view for the specific task
+          schedulerData.showTaskDetail(taskId);
+
+          console.log("Task detail view opened for task:", taskId);
+        }, 50); // Give time for the scheduler tab to initialize
+      }, 25); // Give time for the modal to render
+    } else {
+      console.error("Settings button not found");
+    }
+  } else {
+    console.error("Alpine.js not loaded");
+  }
+}
+
+// Make the function available globally
+globalThis.openTaskDetail = openTaskDetail;