chore(release): bump version to 4.10.3

Move the Page Bot (web_page_bot) embed test page out of the repo root into
examples/web-page-bot/ as a proper, LangBot-styled demo: a self-contained
index.html that loads the live widget.js against a running instance, plus
bilingual READMEs mirroring examples/http-bot/.

Dockerfile

@@ -52,6 +52,15 @@ RUN apt-get update \
     && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo \"$VERSION_CODENAME\") stable" > /etc/apt/sources.list.d/docker.list \
     && apt-get update \
     && apt-get install -y --no-install-recommends docker-ce-cli \
+    # Install Node.js LTS so the sandbox (nsjail/Docker box) can run npx-based
+    # stdio MCP servers. node/npx land in /usr/bin, which is on the nsjail
+    # read-only mount whitelist (_READONLY_SYSTEM_MOUNTS), so they are bound
+    # into the sandbox chroot automatically. Without node, any npx-launched
+    # MCP server exits with return_code=127 (command not found).
+    && curl -fsSL https://deb.nodesource.com/setup_22.x -o /tmp/nodesource_setup.sh \
+    && bash /tmp/nodesource_setup.sh \
+    && apt-get install -y --no-install-recommends nodejs \
+    && rm -f /tmp/nodesource_setup.sh \
     && python -m pip install --no-cache-dir uv \
     && uv sync \
     && apt-get purge -y --auto-remove curl gnupg \

README.md

@@ -55,6 +55,12 @@ LangBot is an **open-source, production-grade platform** for building AI-powered
 
 ---
 
+## 😎 Stay Updated
+
+Click the Star and Watch buttons in the top-right corner of the repository to get the latest updates.
+
+![star gif](https://langbot.app/star.gif)
+
 ## Quick Start
 
 ### ☁️ LangBot Cloud (Recommended)
@@ -74,7 +80,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### One-Click Cloud Deploy

README_CN.md

@@ -55,6 +55,12 @@ LangBot 是一个**开源的生产级平台**，用于构建 AI 驱动的即时
 
 ---
 
+## 😎 保持更新
+
+点击[仓库首页](https://github.com/langbot-app/LangBot)右上角 Star 和 Watch 按钮，获取最新动态。
+
+![star gif](https://langbot.app/star.gif)
+
 ## 快速开始
 
 ### ☁️ LangBot Cloud（推荐）
@@ -74,7 +80,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### 一键云部署

README_ES.md

@@ -54,6 +54,12 @@ LangBot es una **plataforma de código abierto y grado de producción** para con
 
 ---
 
+## 😎 Manténgase Actualizado
+
+Haga clic en los botones Star y Watch en la esquina superior derecha del repositorio para obtener las últimas actualizaciones.
+
+![star gif](https://langbot.app/star.gif)
+
 ## Inicio Rápido
 
 ### ☁️ LangBot Cloud (Recomendado)
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### Despliegue en la Nube con un Clic

README_FR.md

@@ -54,6 +54,12 @@ LangBot est une **plateforme open-source de niveau production** pour créer des
 
 ---
 
+## 😎 Restez à Jour
+
+Cliquez sur les boutons Star et Watch dans le coin supérieur droit du dépôt pour obtenir les dernières mises à jour.
+
+![star gif](https://langbot.app/star.gif)
+
 ## Démarrage Rapide
 
 ### ☁️ LangBot Cloud (Recommandé)
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### Déploiement Cloud en un Clic

README_JP.md

@@ -54,6 +54,12 @@ LangBot は、AI搭載のインスタントメッセージングボットを構
 
 ---
 
+## 😎 最新情報を入手
+
+リポジトリの右上にある Star と Watch ボタンをクリックして、最新の更新を取得してください。
+
+![star gif](https://langbot.app/star.gif)
+
 ## クイックスタート
 
 ### ☁️ LangBot Cloud（推奨）
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### ワンクリッククラウドデプロイ

README_KO.md

@@ -54,6 +54,12 @@ LangBot은 AI 기반 인스턴트 메시징 봇을 구축하기 위한 **오픈
 
 ---
 
+## 😎 최신 정보 받기
+
+리포지토리 오른쪽 상단의 Star 및 Watch 버튼을 클릭하여 최신 업데이트를 받으세요.
+
+![star gif](https://langbot.app/star.gif)
+
 ## 빠른 시작
 
 ### ☁️ LangBot Cloud (추천)
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### 원클릭 클라우드 배포

README_RU.md

@@ -54,6 +54,12 @@ LangBot — это **платформа с открытым исходным к
 
 ---
 
+## 😎 Оставайтесь в курсе
+
+Нажмите кнопки Star и Watch в правом верхнем углу репозитория, чтобы получать последние обновления.
+
+![star gif](https://langbot.app/star.gif)
+
 ## Быстрый старт
 
 ### ☁️ LangBot Cloud (Рекомендуется)
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### Облачное развертывание одним кликом

README_TW.md

@@ -56,6 +56,12 @@ LangBot 是一個**開源的生產級平台**，用於建構 AI 驅動的即時
 
 ---
 
+## 😎 保持更新
+
+點擊倉庫右上角 Star 和 Watch 按鈕，獲取最新動態。
+
+![star gif](https://langbot.app/star.gif)
+
 ## 快速開始
 
 ### ☁️ LangBot Cloud（推薦）
@@ -75,7 +81,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### 一鍵雲端部署

README_VI.md

@@ -54,6 +54,12 @@ LangBot là một **nền tảng mã nguồn mở, cấp sản xuất** để x
 
 ---
 
+## 😎 Cập nhật Mới nhất
+
+Nhấp vào các nút Star và Watch ở góc trên bên phải của kho lưu trữ để nhận các bản cập nhật mới nhất.
+
+![star gif](https://langbot.app/star.gif)
+
 ## Bắt đầu nhanh
 
 ### ☁️ LangBot Cloud (Khuyên dùng)
@@ -73,7 +79,7 @@ uvx langbot
 ```bash
 git clone https://github.com/langbot-app/LangBot
 cd LangBot/docker
-docker compose up -d
+docker compose --profile all up -d
 ```
 
 ### Triển khai đám mây một cú nhấp

docs/HTTP_BOT_ADAPTER_DESIGN.md

@@ -0,0 +1,575 @@
+# HTTP Bot Adapter — Design Document
+
+> Status: **Implemented** · Branch: `feat/http-bot-adapter` · Author: LangBot core
+>
+> A first-class, **standalone** message-platform adapter (`http_bot`) that lets
+> any external system (e.g. LangBot Space ticketing, an internal back-office, a
+> CRM, a custom web app) talk to a LangBot pipeline over plain HTTP — **inbound**
+> by POSTing messages in, **outbound** by receiving replies on a callback URL —
+> with full support for the pipeline's native N→1 aggregation and 1→M
+> multi-reply semantics, and **without** holding a long-lived WebSocket
+> connection.
+>
+> **Shipped in this branch:**
+> - `src/langbot/pkg/platform/sources/http_bot.yaml` — adapter manifest (auto-discovered)
+> - `src/langbot/pkg/platform/sources/http_bot.py` — `HttpBotAdapter`
+> - `src/langbot/pkg/platform/sources/http_bot_signing.py` — HMAC helpers
+> - `src/langbot/pkg/platform/sources/http_bot.svg` — icon
+> - `docs/platforms/http-bot.md` — integration guide
+> - `docs/http-bot-openapi.json` — machine-readable contract
+> - `examples/http-bot/` — Python + TypeScript reference clients
+>
+> **Final decisions (resolving the original open questions):**
+> 1. Callback URL is **config-only** — never accepted per-message (SSRF closed).
+> 2. **Session reset is provided** — `POST /bots/<uuid>/reset` keyed by `session_id`.
+> 3. Reference **clients are provided** — `examples/http-bot/client.py` + `client.ts`.
+> 4. **Sync convenience mode is included** — `POST /bots/<uuid>/sync` (opt-in, lossy).
+
+---
+
+## 1. Background & Motivation
+
+### 1.1 The concrete need
+
+LangBot Space wants to use a LangBot pipeline as the brain for **ticket
+handling**. The integration is **server-to-server**: Space's backend pushes a
+user's ticket messages into LangBot and renders LangBot's replies back into the
+ticket thread.
+
+This interaction is **not** request/response shaped:
+
+- **N → 1**: a user may fire several messages in a row ("the app crashed" …
+  "when I click export" … "here's a screenshot"). The pipeline's
+  **message aggregation** feature should debounce and merge these into one turn.
+- **1 → N**: a single turn may yield **multiple** outbound messages — a tool/
+  function call narrating progress, a plugin emitting several cards, a streamed
+  answer split into chunks.
+
+### 1.2 Why the existing options don't fit
+
+LangBot today exposes exactly one externally-reachable way to drive a pipeline
+that is **not** tied to a specific IM vendor: the **WebSocket** path
+(`/api/v1/pipelines/<uuid>/ws/connect` for dashboard debug, and
+`/api/v1/embed/<bot_uuid>/ws/connect` for the embeddable web widget).
+
+For a server-to-server integration the WebSocket path has real friction:
+
+| Problem | Detail |
+|---|---|
+| Long-lived connection | Caller must maintain a socket, heartbeats, and reconnect logic for what is fundamentally a fire-and-collect workload. |
+| Session identity | Inbound messages are keyed by the transient `connection_id` (`websocket_{connection_id}`); the caller **cannot supply a stable, business-meaningful session id** (e.g. a ticket number). Multi-ticket isolation is not expressible. |
+| Auth mismatch | The debug socket is gated by the **dashboard JWT** (must not be handed to an external service); the embed socket is gated by **Cloudflare Turnstile** (a *browser* human-check that a backend cannot satisfy). Neither is a server-to-server credential. |
+| In-memory, single-process state | Session history lives in process memory and is lost on restart. |
+
+> **Key realisation.** The N→1 / 1→M behaviour the caller wants is **not**
+> provided by WebSocket — it is provided by the **pipeline** (aggregation +
+> the adapter being free to call `reply_message` any number of times). It is
+> therefore **transport-independent**. We can deliver the exact same semantics
+> over a far lighter HTTP transport.
+
+### 1.3 Why a *new, standalone* adapter (not a refactor of an existing one)
+
+The brief is explicit: **do not reuse / fork an existing vendor adapter.** The
+vendor adapters (`lark`, `wecom`, `qqofficial`, `slack`, …) carry vendor-specific
+signature schemes, payload shapes, and message-segment mappings. Bending one of
+them into a "generic" mode would couple a public integration surface to one
+vendor's quirks and make the developer experience worse for everyone.
+
+Instead we ship `http_bot` as a clean, independent adapter whose **entire
+contract is LangBot's own** — documented, versioned, and designed front-to-back
+around *integrator* developer experience.
+
+---
+
+## 2. Goals & Non-Goals
+
+### Goals
+
+- **G1** A standalone `http_bot` adapter, selectable like any other platform
+  adapter in the dashboard, with its own config schema and docs.
+- **G2** **Inbound**: external systems POST messages to a stable LangBot URL,
+  carrying a **caller-defined `session_id`** that maps 1:1 to a LangBot session.
+- **G3** **Outbound**: LangBot delivers each reply by POSTing to a
+  caller-configured **callback URL**; one turn may produce **many** callbacks.
+- **G4** Preserve pipeline-native **N→1 aggregation** and **1→M multi-reply**.
+- **G5** Server-to-server **auth**: shared-secret HMAC request signing both
+  directions (no JWT, no Turnstile, no long-lived socket).
+- **G6** **Great DX**: copy-pasteable curl, a tiny reference client, an OpenAPI
+  fragment, idempotency, clear error envelope, and a local echo-server recipe.
+
+### Non-Goals
+
+- Not replacing or deprecating the WebSocket / embed widget path (that remains
+  the right tool for *browser*, real-time, streaming chat UIs).
+- Not a synchronous "one request → one response" RPC (explicitly rejected: it
+  cannot express 1→M; see §9 for the optional sync convenience mode).
+- No built-in message **persistence/replay** in v1 (callbacks are at-least-once
+  best-effort; durability is the caller's responsibility — see §8).
+- No multi-tenant API-key management UI in v1 (one secret per bot; see §11).
+
+---
+
+## 3. How LangBot routes a message (the parts we plug into)
+
+Understanding the existing flow is what makes this adapter cheap. A message
+flows through these stages (verified against current `master`):
+
+```
+                INBOUND                                         OUTBOUND
+ external POST ─┐                                       ┌─ reply_message()
+               ▼                                        │  reply_message_chunk()
+  POST /bots/<bot_uuid>            (unified webhook router, AuthType.NONE)
+               │  webhooks.py → adapter.handle_unified_webhook(bot_uuid, path, request)
+               ▼                                        │
+  HttpBotAdapter.handle_unified_webhook                 │  (called 0..N times
+   • verify HMAC signature                              │   per turn by the
+   • parse {session_id, message[]}                      │   pipeline / plugins)
+   • build FriendMessage / GroupMessage                 │
+   • fire registered listener  ───────────────┐        │
+               │                               │        │
+               ▼                               ▼        │
+  botmgr.on_friend_message / on_group_message           │
+   • (optional) webhook_pusher fan-out                  │
+   • msg_aggregator.add_message(...) ── N→1 debounce ──►│
+               │                                        │
+               ▼                                        │
+  query_pool → pipeline.run()  ─── invokes adapter ─────┘
+                                    reply methods 1..M times
+```
+
+Two framework facts we rely on:
+
+1. **N→1 aggregation is free.** `botmgr` hands every inbound event to
+   `self.ap.msg_aggregator.add_message(...)`, which debounces per
+   `session_id` and merges consecutive messages into one pipeline turn
+   (`pkg/pipeline/aggregator.py`). The adapter does nothing special.
+
+2. **1→M is free.** The pipeline (and any plugin in the chain) calls
+   `adapter.reply_message()` / `reply_message_chunk()` **as many times as it
+   wants** per turn. The adapter's only job is to deliver each call outward.
+   For `http_bot` that means: **one outbound callback POST per call.**
+
+3. **A unified inbound route already exists.** `WebhookRouterGroup`
+   (`pkg/api/http/controller/groups/webhooks.py`) maps
+   `POST /bots/<bot_uuid>[/<path>]` (auth `NONE`) to
+   `adapter.handle_unified_webhook(bot_uuid, path, request)`. `http_bot`
+   implements that method and is reachable **without registering any new
+   route** — it does its own signature verification, exactly like the vendor
+   webhook adapters do.
+
+> Net new code is essentially: one `http_bot.py` adapter, one `http_bot.yaml`
+> schema, signing helpers, and docs. No router, aggregator, or pipeline changes.
+
+---
+
+## 4. Architecture Overview
+
+```
+┌────────────────────┐         (1) inbound: POST signed message
+│  External system   │  ──────────────────────────────────────────────►  ┌──────────────────────┐
+│ (LangBot Space,    │         POST /bots/<bot_uuid>                      │      LangBot         │
+│  CRM, web app …)   │         X-LB-Signature, X-LB-Timestamp             │                      │
+│                    │         { session_id, message:[...] }              │  HttpBotAdapter      │
+│  - callback server │  ◄──────────────────────────────────────────────  │   (platform/sources) │
+│    (receives       │         (4) outbound: POST signed reply(s)         │                      │
+│     replies)       │         POST <callback_url>                        │  pipeline + aggregator│
+└────────────────────┘         X-LB-Signature, X-LB-Timestamp            └──────────────────────┘
+                               { session_id, sequence, is_final,
+                                 message:[...] }      (sent 1..M times)
+```
+
+- The adapter is **stateless across requests** at the HTTP layer; session
+  continuity is carried by `session_id` and resolved by LangBot's normal
+  session manager.
+- **Inbound** and **outbound** are **independent HTTP exchanges**. LangBot does
+  not answer the inbound POST with the pipeline result; it `202 Accepts` it and
+  later POSTs the reply(s) to the callback URL. This is what makes 1→M natural.
+
+---
+
+## 5. Configuration Schema (`http_bot.yaml`)
+
+Follows the existing `MessagePlatformAdapter` manifest convention (cf.
+`slack.yaml`). Fields:
+
+| field | type | required | purpose |
+|---|---|---|---|
+| `inbound_secret` | string (secret) | yes | HMAC key the **caller** uses to sign inbound POSTs; LangBot verifies. |
+| `callback_url` | string (url) | no* | Where LangBot POSTs replies. *Optional if the caller supplies `callback_url` per-message (see §6.1); a static default lives here. |
+| `outbound_secret` | string (secret) | no | HMAC key LangBot uses to sign outbound callbacks; caller verifies. Defaults to `inbound_secret` if empty. |
+| `default_session_type` | enum `person`/`group` | no | Default when a message omits `session_type`. Default `person`. |
+| `signature_required` | bool | no | If `false`, skip inbound signature check (dev only; logs a warning). Default `true`. |
+| `callback_timeout` | int (seconds) | no | Per-callback HTTP timeout. Default `15`. |
+| `callback_max_retries` | int | no | Retries on 5xx/timeout with backoff. Default `3`. |
+| `webhook_url` | webhook-url (display) | — | Read-only field rendering the inbound URL `…/bots/<bot_uuid>` for copy-paste, like other webhook adapters. |
+
+Manifest sketch (i18n labels elided for brevity):
+
+```yaml
+apiVersion: v1
+kind: MessagePlatformAdapter
+metadata:
+  name: http_bot
+  label: { en_US: "HTTP Bot", zh_Hans: "HTTP 通用接入" }
+  description:
+    en_US: "Integrate any backend over plain HTTP. Push messages in, receive replies on a callback URL. Server-to-server, no long-lived connection."
+    zh_Hans: "通过 HTTP 接入任意后端系统。推入消息、在回调地址接收回复。面向服务间集成，无需长连接。"
+  icon: http_bot.svg
+spec:
+  categories: [popular, global]
+  help_links:
+    zh: https://docs.langbot.app/zh/platforms/http-bot
+    en: https://docs.langbot.app/en/platforms/http-bot
+  config:
+    - { name: inbound_secret,       type: string, required: true,  default: "" }
+    - { name: callback_url,         type: string, required: false, default: "" }
+    - { name: outbound_secret,      type: string, required: false, default: "" }
+    - { name: default_session_type, type: select, required: false, default: "person",
+        options: [person, group] }
+    - { name: signature_required,   type: boolean, required: false, default: true }
+    - { name: callback_timeout,     type: integer, required: false, default: 15 }
+    - { name: callback_max_retries, type: integer, required: false, default: 3 }
+    - { name: webhook_url,          type: webhook-url, required: false, default: "" }
+execution:
+  python:
+    path: ./http_bot.py
+    attr: HttpBotAdapter
+```
+
+---
+
+## 6. The HTTP Contract (this is the DX surface)
+
+### 6.1 Inbound — push a message into LangBot
+
+```
+POST /bots/{bot_uuid}
+Content-Type: application/json
+X-LB-Timestamp: 1718000000
+X-LB-Signature: sha256=<hex hmac>
+X-LB-Idempotency-Key: <uuid>        # optional, dedup window
+```
+
+Body:
+
+```jsonc
+{
+  "session_id": "ticket-10293",        // REQUIRED. Caller-defined. Maps 1:1 to a LangBot session.
+  "session_type": "person",            // optional, "person" | "group"; default from config
+  "sender": {                          // optional metadata, surfaced to pipeline/plugins
+    "id": "user-5567",
+    "name": "Alice"
+  },
+  "message": [                         // REQUIRED. A LangBot MessageChain (list of segments).
+    { "type": "Plain", "text": "Export keeps failing on the dashboard." },
+    { "type": "Image", "url": "https://.../screenshot.png" }
+  ]
+}
+```
+
+Response (LangBot does **not** block on the pipeline):
+
+```jsonc
+// 202 Accepted
+{
+  "code": 0,
+  "msg": "accepted",
+  "data": {
+    "session_id": "ticket-10293",
+    "accepted_message_id": "in_01H....",   // server-assigned id for this inbound message
+    "aggregating": true                    // true if buffered by the aggregator
+  }
+}
+```
+
+**N→1 in practice.** Fire three POSTs with the same `session_id` inside the
+aggregation window → the pipeline runs **once** with the three messages merged.
+No special flag needed; this is the aggregator's default behaviour when enabled
+on the pipeline.
+
+### 6.2 Outbound — LangBot delivers replies to your callback
+
+For each `reply_message` / `reply_message_chunk` the pipeline emits, LangBot
+POSTs to `callback_url`:
+
+```
+POST {callback_url}
+Content-Type: application/json
+X-LB-Timestamp: 1718000001
+X-LB-Signature: sha256=<hex hmac over body>
+```
+
+Body:
+
+```jsonc
+{
+  "session_id": "ticket-10293",         // echoes the inbound session
+  "reply_to": "in_01H....",             // the inbound message id this answers
+  "sequence": 1,                        // 1-based ordinal within this turn (for 1→M ordering)
+  "is_final": false,                    // false for intermediate/streamed parts
+  "stream": false,                      // true when this is a streamed chunk
+  "message": [
+    { "type": "Plain", "text": "Looking into it — checking your export logs…" }
+  ],
+  "timestamp": "2026-06-22T09:00:01Z"
+}
+```
+
+**1→M in practice.** A turn that fires a function call then a final answer
+produces e.g.:
+
+```
+POST callback  → { sequence: 1, is_final: false, message: ["Checking logs…"] }
+POST callback  → { sequence: 2, is_final: false, message: ["Found 2 failed exports."] }
+POST callback  → { sequence: 3, is_final: true,  message: ["Fixed. Try again now."] }
+```
+
+The caller stitches by `session_id` + `sequence`, and knows the turn is complete
+when `is_final: true` arrives.
+
+Your callback endpoint should return `200` quickly. A non-2xx triggers retry
+with backoff (`callback_max_retries`).
+
+### 6.3 Error envelope (inbound)
+
+Consistent, machine-readable; never leak internals:
+
+```jsonc
+{ "code": 40101, "msg": "invalid signature", "data": null }
+```
+
+| HTTP | code | meaning |
+|---|---|---|
+| 202 | 0 | accepted |
+| 400 | 40001 | malformed body / missing `session_id` or `message` |
+| 401 | 40101 | bad/expired signature |
+| 403 | 40301 | bot disabled |
+| 404 | 40401 | bot_uuid not found / not an `http_bot` adapter |
+| 409 | 40901 | duplicate idempotency key (already accepted) |
+| 413 | 41301 | message too large |
+| 500 | 50001 | internal error |
+
+---
+
+## 7. Signing scheme (both directions)
+
+Symmetric, dependency-free HMAC-SHA256 — trivial to implement in any language.
+
+```
+signing_string = "{timestamp}.{raw_request_body}"
+signature      = "sha256=" + hex(HMAC_SHA256(secret, signing_string))
+```
+
+Verification rules:
+
+- Reject if `|now - timestamp| > 300s` (replay window).
+- Constant-time compare (`hmac.compare_digest`).
+- Inbound verified with `inbound_secret`; outbound signed with
+  `outbound_secret` (falls back to `inbound_secret`).
+- `signature_required: false` bypasses verification **and logs a warning** —
+  intended only for local development behind a trusted network.
+
+Reference (Python, ~6 lines):
+
+```python
+import hmac, hashlib, time
+
+def sign(secret: str, body: bytes, ts: int | None = None) -> tuple[str, str]:
+    ts = ts or int(time.time())
+    mac = hmac.new(secret.encode(), f"{ts}.".encode() + body, hashlib.sha256)
+    return str(ts), "sha256=" + mac.hexdigest()
+```
+
+---
+
+## 8. Delivery semantics & reliability
+
+- **Inbound**: `202 Accepted` means *queued*, not *processed*. Use
+  `X-LB-Idempotency-Key` to make client retries safe (dedup window, e.g. 10 min).
+- **Outbound**: **at-least-once**, best-effort. Retries on timeout/5xx with
+  exponential backoff up to `callback_max_retries`. Callbacks for one
+  `session_id` are delivered **in `sequence` order** (serialised per session);
+  across sessions they may interleave.
+- **No persistence in v1**: if LangBot restarts mid-turn, in-flight callbacks
+  may be lost. Durable replay is deferred (see §13). Callers needing exactly-once
+  should dedup on `(session_id, reply_to, sequence)`.
+- **Backpressure**: the adapter must not block the pipeline on slow callbacks —
+  outbound POSTs run on a per-session ordered queue with the configured timeout.
+
+---
+
+## 9. Optional: synchronous convenience mode (v1.1, behind a flag)
+
+Some simple callers genuinely want "POST a message, get the reply in the HTTP
+response" and don't care about streaming/multi-part. We can offer an **opt-in**
+sync endpoint that internally waits for `is_final` and **collapses** all 1→M
+parts into one array:
+
+```
+POST /bots/{bot_uuid}/sync     →    200 { session_id, message: [ ...all parts concatenated... ] }
+```
+
+Implemented by attaching a per-request future that resolves on the final reply,
+with a hard timeout. This is a **convenience wrapper** over the same machinery,
+explicitly documented as lossy for streaming/ordering. Not in v1 core.
+
+---
+
+## 10. Adapter implementation sketch (`platform/sources/http_bot.py`)
+
+Implements `AbstractMessagePlatformAdapter`. Key methods:
+
+```python
+class HttpBotAdapter(AbstractMessagePlatformAdapter):
+    listeners: dict = pydantic.Field(default_factory=dict, exclude=True)
+
+    # --- inbound -------------------------------------------------------
+    async def handle_unified_webhook(self, bot_uuid, path, request):
+        body = await request.get_body()
+        if self.config.get("signature_required", True):
+            if not self._verify(request, body):
+                return jsonify({"code": 40101, "msg": "invalid signature"}), 401
+        data = json.loads(body)
+        session_id    = data["session_id"]                 # caller-defined identity
+        session_type  = data.get("session_type", self.config.get("default_session_type", "person"))
+        chain         = MessageChain.model_validate(data["message"])
+        event         = self._build_event(session_type, session_id, data.get("sender"), chain)
+        # remember where to send replies for this session
+        self._callback_for[session_id] = data.get("callback_url") or self.config.get("callback_url")
+        # fire the registered listener → botmgr → msg_aggregator (N→1) → pipeline
+        if type(event) in self.listeners:
+            asyncio.create_task(self.listeners[type(event)](event, self))
+        return jsonify({"code": 0, "msg": "accepted",
+                        "data": {"session_id": session_id, "accepted_message_id": event.message_id}}), 202
+
+    # --- outbound (called 1..M times per turn by the pipeline) ---------
+    async def reply_message(self, message_source, message, quote_origin=False):
+        return await self._post_callback(message_source, message, is_final=True, stream=False)
+
+    async def reply_message_chunk(self, message_source, bot_message, message,
+                                  quote_origin=False, is_final=False):
+        return await self._post_callback(message_source, message, is_final=is_final, stream=True)
+
+    async def is_stream_output_supported(self) -> bool:
+        return True
+
+    def register_listener(self, event_type, func):   self.listeners[event_type] = func
+    def unregister_listener(self, event_type, func): self.listeners.pop(event_type, None)
+    async def run_async(self): pass     # nothing to poll; purely webhook-driven
+    async def kill(self): pass
+```
+
+`_post_callback` resolves the session's callback URL, assigns the next
+`sequence`, signs the body, and enqueues an ordered, retrying POST.
+
+Session→callback mapping is kept in a small in-memory dict keyed by
+`session_id` (acceptable for v1; a turn's callback URL is captured at inbound
+time so replies always have a destination even if config later changes).
+
+---
+
+## 11. Security considerations
+
+- **Inbound route is `AuthType.NONE`** at the framework level (same as all
+  webhook adapters) — the adapter **must** enforce HMAC itself. Default
+  `signature_required: true`.
+- **Timestamp window** (±300s) + idempotency key blunt replay.
+- **SSRF on callback_url**: validate scheme (`https` in prod), and consider an
+  allow-list / block of private CIDRs since LangBot initiates the POST. Document
+  this; enforce in code where feasible.
+- **Secret storage**: secrets live in the bot's `adapter_config` like every
+  other adapter credential; surfaced as `type: string`/secret in the dashboard.
+- **One secret per bot** in v1. Per-caller key rotation / multiple keys is a
+  future enhancement (§13).
+
+---
+
+## 12. Developer Experience (explicit deliverables)
+
+The whole point of a standalone adapter is that **integrating is pleasant**. v1
+ships:
+
+1. **`docs/platforms/http-bot.md`** — task-oriented integration guide:
+   create the bot → copy inbound URL → set secret → stand up a callback
+   endpoint → send first message → handle 1→M.
+2. **Copy-paste curl** for the first message (with a working signing one-liner).
+3. **Reference clients** (≤50 LOC each) in `examples/http-bot/`:
+   `client.py` (push + a Flask/Quart callback receiver) and `client.ts`.
+4. **OpenAPI fragment** `docs/http-bot-openapi.json` describing inbound +
+   callback shapes, so integrators can codegen.
+5. **Local echo recipe**: a one-command callback server that prints every
+   reply, so a developer sees N→1 and 1→M working in under five minutes.
+6. **Postman/Hoppscotch collection** (nice-to-have).
+
+DX acceptance check: *a developer who has never seen LangBot can, from the docs
+alone, push a message and observe a multi-part reply on their callback within
+10 minutes.*
+
+### Quickstart (curl)
+
+```bash
+BOT=https://your-langbot/bots/2f1c....
+SECRET=supersecret
+BODY='{"session_id":"ticket-10293","message":[{"type":"Plain","text":"hello"}]}'
+TS=$(date +%s)
+SIG="sha256=$(printf '%s.%s' "$TS" "$BODY" | openssl dgst -sha256 -hmac "$SECRET" -r | cut -d' ' -f1)"
+curl -sS -X POST "$BOT" \
+  -H "Content-Type: application/json" \
+  -H "X-LB-Timestamp: $TS" \
+  -H "X-LB-Signature: $SIG" \
+  -d "$BODY"
+```
+
+---
+
+## 13. Future work
+
+- **Durable outbound queue** (persist + replay across restarts; exactly-once).
+- **Per-caller API keys** with rotation and scopes (multi-tenant Space usage).
+- **Sync convenience endpoint** (§9) once core is stable.
+- **Server-Sent Events outbound option** for callers that *do* want a stream but
+  not a full duplex socket — single GET, server pushes chunks.
+- **Dashboard "test console"** for `http_bot` (send a message, watch callbacks)
+  mirroring the existing WebSocket debug panel.
+
+---
+
+## 14. Rollout / task breakdown
+
+| # | Task | Touches |
+|---|---|---|
+| 1 | `http_bot.yaml` manifest + icon | `platform/sources/` |
+| 2 | `HttpBotAdapter` (inbound verify, event build, outbound queue) | `platform/sources/http_bot.py` |
+| 3 | Signing helper module (shared) | `platform/sources/` or `utils/` |
+| 4 | i18n strings (en/zh/ja) | adapter yaml + web locale |
+| 5 | Integration docs `docs/platforms/http-bot.md` | `docs/` |
+| 6 | OpenAPI fragment + reference clients | `docs/`, `examples/http-bot/` |
+| 7 | Tests: signature verify, N→1 aggregation, 1→M ordering, retry | `tests/` |
+| 8 | (opt) SSRF guard for callback_url | adapter |
+
+No changes required to: the unified webhook router, the aggregator, the query
+pool, or the pipeline. That is the design's main payoff.
+
+---
+
+## 15. Resolved decisions
+
+1. **Callback URL trust** — **config-only.** The inbound message may not carry a
+   `callback_url`; replies always go to the bot-config URL. Closes the SSRF
+   vector where a leaked inbound secret could redirect replies.
+2. **Session lifecycle** — **`POST /bots/<uuid>/reset`** (body `{session_id,
+   session_type?}`) drops the matching session from the session manager; the
+   next message starts a fresh conversation. Implemented via sub-path routing in
+   `handle_unified_webhook`.
+3. **Group semantics** — for `session_type: group`, `session_id` is the group/
+   launcher id; `sender.id` (and optional `sender.group_name`) identify the
+   member. A Space ticket maps to one `session_id`.
+4. **Backpressure** — bounded per-session outbound queue (maxlen 1000); on
+   overflow the oldest reply is dropped and a warning logged, so a persistently
+   down callback can never exhaust memory.
+
+### Still open / deferred (see §13)
+
+- Durable outbound queue (persist + replay across restarts).
+- Per-caller API keys with rotation/scopes for multi-tenant Space usage.
+- SSE outbound option and a dashboard test console.

docs/http-bot-openapi.json

@@ -0,0 +1,198 @@
+{
+  "openapi": "3.0.3",
+  "info": {
+    "title": "LangBot HTTP Bot Adapter",
+    "version": "1.0.0",
+    "description": "Server-to-server HTTP integration for a LangBot pipeline. Inbound messages are POSTed to the unified webhook route; replies are delivered to a configured callback URL (one POST per reply part). All requests are HMAC-SHA256 signed. See docs/platforms/http-bot.md."
+  },
+  "paths": {
+    "/bots/{bot_uuid}": {
+      "post": {
+        "summary": "Push a message into the pipeline (fire-and-collect)",
+        "description": "Returns 202 immediately. Replies arrive asynchronously on the configured callback URL. Reuse the same session_id within the aggregation window to merge multiple messages into one turn (N->1).",
+        "parameters": [
+          { "$ref": "#/components/parameters/BotUuid" },
+          { "$ref": "#/components/parameters/Timestamp" },
+          { "$ref": "#/components/parameters/Signature" },
+          { "$ref": "#/components/parameters/Idempotency" }
+        ],
+        "requestBody": {
+          "required": true,
+          "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InboundMessage" } } }
+        },
+        "responses": {
+          "202": {
+            "description": "Accepted (queued for the pipeline)",
+            "content": { "application/json": { "schema": { "$ref": "#/components/schemas/AcceptedResponse" } } }
+          },
+          "400": { "$ref": "#/components/responses/Error" },
+          "401": { "$ref": "#/components/responses/Error" },
+          "409": { "$ref": "#/components/responses/Error" },
+          "413": { "$ref": "#/components/responses/Error" }
+        }
+      }
+    },
+    "/bots/{bot_uuid}/sync": {
+      "post": {
+        "summary": "Push a message and wait for the collapsed reply",
+        "description": "Blocking convenience mode. Waits for is_final and returns all reply parts collapsed into one array. Lossy (no sequence/streaming). One in-flight sync per session_id.",
+        "parameters": [
+          { "$ref": "#/components/parameters/BotUuid" },
+          { "$ref": "#/components/parameters/Timestamp" },
+          { "$ref": "#/components/parameters/Signature" }
+        ],
+        "requestBody": {
+          "required": true,
+          "content": { "application/json": { "schema": { "$ref": "#/components/schemas/InboundMessage" } } }
+        },
+        "responses": {
+          "200": {
+            "description": "The collapsed reply",
+            "content": { "application/json": { "schema": { "$ref": "#/components/schemas/SyncResponse" } } }
+          },
+          "400": { "$ref": "#/components/responses/Error" },
+          "401": { "$ref": "#/components/responses/Error" }
+        }
+      }
+    },
+    "/bots/{bot_uuid}/reset": {
+      "post": {
+        "summary": "Reset a session's conversation",
+        "parameters": [
+          { "$ref": "#/components/parameters/BotUuid" },
+          { "$ref": "#/components/parameters/Timestamp" },
+          { "$ref": "#/components/parameters/Signature" }
+        ],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "required": ["session_id"],
+                "properties": {
+                  "session_id": { "type": "string" },
+                  "session_type": { "type": "string", "enum": ["person", "group"] }
+                }
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": { "description": "Reset done" },
+          "400": { "$ref": "#/components/responses/Error" },
+          "401": { "$ref": "#/components/responses/Error" }
+        }
+      }
+    }
+  },
+  "components": {
+    "parameters": {
+      "BotUuid": {
+        "name": "bot_uuid", "in": "path", "required": true,
+        "schema": { "type": "string", "format": "uuid" }
+      },
+      "Timestamp": {
+        "name": "X-LB-Timestamp", "in": "header", "required": true,
+        "description": "Unix seconds; rejected if more than +/-300s from server time.",
+        "schema": { "type": "string" }
+      },
+      "Signature": {
+        "name": "X-LB-Signature", "in": "header", "required": true,
+        "description": "sha256=<hex> of HMAC-SHA256(secret, \"{timestamp}.\" + raw_body).",
+        "schema": { "type": "string" }
+      },
+      "Idempotency": {
+        "name": "X-LB-Idempotency-Key", "in": "header", "required": false,
+        "description": "Dedup key; a repeat within the dedup window returns 409.",
+        "schema": { "type": "string" }
+      }
+    },
+    "schemas": {
+      "Segment": {
+        "type": "object",
+        "required": ["type"],
+        "properties": {
+          "type": { "type": "string", "enum": ["Plain", "Image", "Voice", "File", "At", "Quote"] },
+          "text": { "type": "string", "description": "For type=Plain." },
+          "url": { "type": "string", "description": "For media types." },
+          "base64": { "type": "string", "description": "For media types (data URI or raw base64)." }
+        }
+      },
+      "InboundMessage": {
+        "type": "object",
+        "required": ["session_id", "message"],
+        "properties": {
+          "session_id": { "type": "string", "description": "Caller-defined; maps 1:1 to a LangBot session." },
+          "session_type": { "type": "string", "enum": ["person", "group"], "default": "person" },
+          "sender": {
+            "type": "object",
+            "properties": {
+              "id": { "type": "string" },
+              "name": { "type": "string" },
+              "group_name": { "type": "string", "description": "For session_type=group." }
+            }
+          },
+          "message": { "type": "array", "items": { "$ref": "#/components/schemas/Segment" } }
+        }
+      },
+      "AcceptedResponse": {
+        "type": "object",
+        "properties": {
+          "code": { "type": "integer", "example": 0 },
+          "msg": { "type": "string", "example": "accepted" },
+          "data": {
+            "type": "object",
+            "properties": {
+              "session_id": { "type": "string" },
+              "accepted_message_id": { "type": "string", "example": "in_01H..." },
+              "aggregating": { "type": "boolean" }
+            }
+          }
+        }
+      },
+      "SyncResponse": {
+        "type": "object",
+        "properties": {
+          "code": { "type": "integer", "example": 0 },
+          "msg": { "type": "string", "example": "ok" },
+          "data": {
+            "type": "object",
+            "properties": {
+              "session_id": { "type": "string" },
+              "reply_to": { "type": "string" },
+              "message": { "type": "array", "items": { "$ref": "#/components/schemas/Segment" } }
+            }
+          }
+        }
+      },
+      "Callback": {
+        "type": "object",
+        "description": "Delivered by LangBot to your callback_url, one POST per reply part. Signed with the outbound secret.",
+        "properties": {
+          "session_id": { "type": "string" },
+          "reply_to": { "type": "string", "description": "The accepted_message_id this answers." },
+          "sequence": { "type": "integer", "description": "1-based ordinal within the turn." },
+          "is_final": { "type": "boolean", "description": "True on the last part of the turn." },
+          "stream": { "type": "boolean" },
+          "message": { "type": "array", "items": { "$ref": "#/components/schemas/Segment" } },
+          "timestamp": { "type": "string", "format": "date-time" }
+        }
+      },
+      "ErrorEnvelope": {
+        "type": "object",
+        "properties": {
+          "code": { "type": "integer", "example": 40101 },
+          "msg": { "type": "string", "example": "invalid signature: signature_mismatch" },
+          "data": { "nullable": true }
+        }
+      }
+    },
+    "responses": {
+      "Error": {
+        "description": "Error envelope",
+        "content": { "application/json": { "schema": { "$ref": "#/components/schemas/ErrorEnvelope" } } }
+      }
+    }
+  }
+}

docs/platforms/http-bot.md

@@ -0,0 +1,256 @@
+# HTTP Bot Adapter — Integration Guide
+
+Integrate **any backend system** with a LangBot pipeline over plain HTTP. Push
+messages in via a signed webhook; receive replies on a callback URL. No
+long-lived connection, full support for message **aggregation** (many inbound
+messages merged into one turn) and **multi-part replies** (one turn → many
+outbound messages).
+
+This is the right adapter for **server-to-server** integrations — ticketing
+systems, CRMs, internal tools, custom web backends. (For an in-browser,
+real-time chat widget, use the embeddable Web Page Bot instead.)
+
+> **5-minute goal:** stand up a callback receiver, send a message, and watch a
+> multi-part reply arrive — using the reference client in
+> [`examples/http-bot/`](../../examples/http-bot/).
+
+---
+
+## 1. Mental model
+
+```
+Your backend  ──(1) POST signed message──►  LangBot   /bots/<bot_uuid>
+                                            (pipeline runs: aggregate → think → reply)
+Your callback ◄─(2) POST signed reply(s)──  LangBot   one POST per reply part
+```
+
+- **(1) Inbound** is *fire-and-collect*: LangBot answers `202 Accepted`
+  immediately and does **not** return the pipeline result on that response.
+- **(2) Outbound** replies arrive later as separate signed POSTs to your
+  `callback_url`. A single turn may produce **several** callbacks (e.g. a tool
+  call narration followed by the final answer).
+- Everything is keyed by a **`session_id` you choose** (e.g. a ticket number).
+  Each `session_id` maps to one isolated LangBot conversation.
+
+---
+
+## 2. Create the bot
+
+1. In the LangBot dashboard, add a bot and choose the **HTTP Bot** platform.
+2. Fill in the config:
+
+   | Field | Required | Notes |
+   |---|---|---|
+   | **Inbound Signing Secret** | yes | Your backend signs inbound requests with this. |
+   | **Outbound Callback URL** | yes | Where LangBot POSTs replies. **Config-only** — cannot be overridden per message (SSRF protection). |
+   | **Outbound Signing Secret** | no | LangBot signs callbacks with this; defaults to the inbound secret. |
+   | **Default Session Type** | no | `person` (default) or `group`. |
+   | **Require Inbound Signature** | no | Keep `true` in production. |
+   | **Callback Timeout / Max Retries** | no | Defaults: 15s, 3 retries. |
+
+3. Bind the bot to a **pipeline** and **enable** it.
+4. Copy the **Inbound Webhook URL** shown in the config — it looks like
+   `https://your-langbot/bots/<bot_uuid>`.
+
+---
+
+## 3. The signature scheme
+
+Both directions use the same dependency-free HMAC-SHA256 scheme:
+
+```
+signing_string = "{timestamp}." + raw_body_bytes
+signature      = "sha256=" + hex(HMAC_SHA256(secret, signing_string))
+```
+
+Sent as headers:
+
+| Header | Meaning |
+|---|---|
+| `X-LB-Timestamp` | Unix seconds. Rejected if more than **±300s** from server time. |
+| `X-LB-Signature` | `sha256=<hex>` over `"{timestamp}." + body`. |
+| `X-LB-Idempotency-Key` | *(optional, inbound)* dedup key; retries with the same key return `409`. |
+
+Verify outbound callbacks the same way, using the **outbound** secret (or the
+inbound secret if you left it blank).
+
+A six-line reference implementation is in `examples/http-bot/client.py`
+(`sign()` / `verify()`); a Node/TS version is in `client.ts`.
+
+---
+
+## 4. Send your first message (curl)
+
+```bash
+BOT="https://your-langbot/bots/<bot_uuid>"
+SECRET="your-inbound-secret"
+BODY='{"session_id":"ticket-10293","message":[{"type":"Plain","text":"Export keeps failing on the dashboard."}]}'
+TS=$(date +%s)
+SIG="sha256=$(printf '%s.%s' "$TS" "$BODY" | openssl dgst -sha256 -hmac "$SECRET" -r | cut -d' ' -f1)"
+
+curl -sS -X POST "$BOT" \
+  -H "Content-Type: application/json" \
+  -H "X-LB-Timestamp: $TS" \
+  -H "X-LB-Signature: $SIG" \
+  -d "$BODY"
+# -> 202 {"code":0,"msg":"accepted","data":{"session_id":"ticket-10293","accepted_message_id":"in_...","aggregating":true}}
+```
+
+The reply(s) will be POSTed to your configured callback URL shortly after.
+
+---
+
+## 5. Inbound request format
+
+`POST /bots/{bot_uuid}`
+
+```jsonc
+{
+  "session_id": "ticket-10293",     // REQUIRED. Your stable id. Maps 1:1 to a LangBot session.
+  "session_type": "person",         // optional: "person" | "group"; default from config
+  "sender": {                       // optional metadata, surfaced to the pipeline/plugins
+    "id": "user-5567",
+    "name": "Alice"
+  },
+  "message": [                      // REQUIRED. A LangBot MessageChain (array of segments).
+    { "type": "Plain", "text": "Export keeps failing on the dashboard." },
+    { "type": "Image", "url": "https://example.com/screenshot.png" }
+  ]
+}
+```
+
+**Message segments.** Text uses `{"type":"Plain","text":"..."}`. Images use
+`{"type":"Image","url":"..."}` (or `base64`). Other supported types: `Voice`,
+`File`, `At`, `Quote`.
+
+> Note: the callback URL is **not** accepted in the body — it is taken only from
+> bot config. This is deliberate (prevents an attacker who obtains the inbound
+> secret from redirecting replies to an arbitrary host).
+
+### Aggregation (N → 1)
+
+If your pipeline has **message aggregation** enabled, send several messages with
+the **same `session_id`** within the aggregation window and they are merged into
+**one** pipeline turn. No special flag — just reuse the `session_id`.
+
+---
+
+## 6. Outbound callback format
+
+LangBot POSTs each reply part to your `callback_url`:
+
+```jsonc
+{
+  "session_id": "ticket-10293",     // echoes the inbound session
+  "reply_to": "in_01H...",          // the accepted_message_id this answers
+  "sequence": 1,                    // 1-based ordinal within this turn
+  "is_final": false,                // true on the last part of the turn
+  "stream": false,                  // true for streamed chunks
+  "message": [ { "type": "Plain", "text": "Looking into it…" } ],
+  "timestamp": "2026-06-22T09:00:01Z"
+}
+```
+
+Your endpoint should return `2xx` quickly. Non-2xx / timeout → LangBot retries
+with exponential backoff (up to `callback_max_retries`).
+
+### Multi-part replies (1 → M)
+
+One turn may emit multiple callbacks, delivered **in `sequence` order** for a
+given session:
+
+```
+seq=1 is_final=false  "Checking your export logs…"
+seq=2 is_final=false  "Found 2 failed exports."
+seq=3 is_final=true   "Fixed — please try again."
+```
+
+Stitch by `session_id` + `sequence`; the turn is complete when
+`is_final: true` arrives.
+
+---
+
+## 7. Reset a session
+
+Start a fresh conversation for a `session_id` (drops history):
+
+```
+POST /bots/{bot_uuid}/reset
+{ "session_id": "ticket-10293", "session_type": "person" }
+→ 200 { "code":0, "msg":"reset", "data": { "session_id":"ticket-10293", "removed": true } }
+```
+
+Signed exactly like an inbound message.
+
+---
+
+## 8. Synchronous convenience mode
+
+If you don't need streaming/multi-part and just want one reply back on the same
+HTTP call, POST to `/sync`. LangBot waits for the turn to finish and returns all
+parts **collapsed** into one array:
+
+```
+POST /bots/{bot_uuid}/sync
+{ "session_id": "ticket-10293", "message": [ { "type":"Plain", "text":"hi" } ] }
+→ 200 { "code":0, "msg":"ok",
+        "data": { "session_id":"ticket-10293", "reply_to":"in_...",
+                  "message": [ {"type":"Plain","text":"..."}, ... ] } }
+```
+
+This is **lossy** (you lose `sequence` / streaming boundaries) and blocks up to
+`callback_timeout × 4` seconds. Prefer the callback model for anything
+real-time or multi-part. Only one in-flight `/sync` per `session_id`.
+
+---
+
+## 9. Error envelope
+
+```jsonc
+{ "code": 40101, "msg": "invalid signature: signature_mismatch", "data": null }
+```
+
+| HTTP | code | meaning |
+|---|---|---|
+| 202 | 0 | accepted |
+| 400 | 40001 | malformed body / missing `session_id` or `message` |
+| 401 | 40101 | bad/expired signature |
+| 409 | 40901 | duplicate idempotency key |
+| 413 | 41301 | message too large (>1 MiB) |
+| 500 | 50001 | internal error |
+
+---
+
+## 10. Try it end-to-end in 5 minutes
+
+```bash
+cd examples/http-bot
+pip install flask requests
+
+# Terminal 1 — your callback receiver (point the bot's callback_url here, e.g. via a tunnel):
+python client.py serve --port 8900 --secret SHARED_SECRET
+
+# Terminal 2 — push a message:
+python client.py push \
+  --url https://your-langbot/bots/<bot_uuid> \
+  --secret SHARED_SECRET \
+  --session ticket-1 \
+  --text "hello"
+```
+
+Watch Terminal 1 print each reply part (`[part ]` / `[FINAL]`) with its
+sequence number — that's 1→M working, signatures verified.
+
+A machine-readable contract is in
+[`docs/http-bot-openapi.json`](../http-bot-openapi.json).
+
+---
+
+## 11. Security checklist
+
+- Keep **Require Inbound Signature** on in production.
+- Use **HTTPS** callback URLs; the URL is config-only (no per-message override).
+- Treat the secrets like passwords; rotate via the dashboard.
+- The inbound route is unauthenticated at the framework level **by design** —
+  security comes entirely from the HMAC signature, so never disable it on a
+  public deployment.

examples/http-bot/README.md

@@ -0,0 +1,75 @@
+# HTTP Bot Adapter — Reference Clients
+
+> English | [中文](./README.zh.md)
+
+Minimal, dependency-light clients for the LangBot **HTTP Bot** platform adapter.
+They show the whole loop: signing a request, pushing a message, and receiving
+multi-part replies on a callback endpoint.
+
+Full guide: [docs.langbot.app — HTTP Bot](https://docs.langbot.app/en/usage/platforms/http-bot).
+Machine-readable contract: [`docs/http-bot-openapi.json`](../../docs/http-bot-openapi.json).
+
+## Files
+
+| File | What it is |
+|---|---|
+| `playground.py` | **Interactive browser debug console** — a single-file web app you open in a browser to chat with a running `http_bot` bot and watch signing / 202 / callbacks live. Zero extra deps. |
+| `client.py` | Python client + Flask callback receiver (`pip install flask requests`). |
+| `client.ts` | TypeScript/Node 18+ client + callback receiver, **zero deps** (`npx tsx client.ts`). |
+
+All three implement the identical HMAC-SHA256 scheme
+(`sha256=hex(HMAC(secret, "{timestamp}." + body))`) — verified byte-for-byte
+against the adapter.
+
+## Interactive playground (recommended first run)
+
+A self-contained web console: type a message in your browser, it is signed and
+POSTed to a **running** `http_bot` bot, and the bot's replies stream back into
+the page — with a debug panel showing the signature, the `202` ack, and each
+callback's `sequence` / signature-verification.
+
+```bash
+# From the LangBot repo root, with the backend already running:
+PUBLIC_IP=<your-host-ip> ./.venv/bin/python examples/http-bot/playground.py
+# then open  http://<your-host-ip>:8920/
+```
+
+On startup it reads the LangBot API key + the `http_bot` bot from
+`data/langbot.db`, and configures that bot (inbound/outbound secret +
+`callback_url`) to point back at itself via the LangBot API — the bot reloads
+live, no restart needed. Requirements: an enabled `http_bot` bot bound to a
+working pipeline, and port `8920` reachable from your browser.
+
+Env knobs: `PUBLIC_IP` (default `127.0.0.1`), `PLAYGROUND_PORT` (default `8920`).
+
+## Headless clients
+
+```bash
+# Python — Terminal 1: callback receiver (your callback_url target)
+python client.py serve --port 8900 --secret SHARED_SECRET
+
+# Python — Terminal 2: push a message
+python client.py push --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1 --text "hello"
+
+# blocking sync mode
+python client.py sync  --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1 --text "hello"
+
+# reset a session
+python client.py reset --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1
+```
+
+```bash
+# TypeScript (Node 18+)
+npx tsx client.ts serve 8900 SHARED_SECRET
+npx tsx client.ts push  https://your-langbot/bots/<BOT_UUID> SHARED_SECRET ticket-1 "hello"
+```
+
+When the bot replies, the receiver prints each part with its `sequence` and an
+`[FINAL]` marker on the last one — that's the 1→M multi-reply model in action.
+
+> The bot's `callback_url` must be reachable from LangBot. For local testing,
+> expose your receiver with a tunnel (cloudflared / ngrok) and set that URL in
+> the bot config.

examples/http-bot/README.zh.md

@@ -0,0 +1,71 @@
+# HTTP Bot 适配器 —— 参考客户端
+
+> [English](./README.md) | 中文
+
+面向 LangBot **HTTP Bot** 平台适配器的极简、低依赖客户端示例。
+它们完整展示了整条链路:对请求签名、推送一条消息、在回调端点接收
+1→M 的多段回复。
+
+完整指南:[docs.langbot.app —— HTTP Bot](https://docs.langbot.app/zh/usage/platforms/http-bot)。
+机器可读的接口契约:[`docs/http-bot-openapi.json`](../../docs/http-bot-openapi.json)。
+
+## 文件清单
+
+| 文件 | 是什么 |
+|---|---|
+| `playground.py` | **浏览器交互式调试台** —— 单文件 Web 应用,在浏览器里和一个运行中的 `http_bot` bot 对话,实时观察签名 / 202 / 回调。零额外依赖。 |
+| `client.py` | Python 客户端 + Flask 回调接收端(`pip install flask requests`)。 |
+| `client.ts` | TypeScript/Node 18+ 客户端 + 回调接收端,**零依赖**(`npx tsx client.ts`)。 |
+
+三者实现完全一致的 HMAC-SHA256 签名方案
+(`sha256=hex(HMAC(secret, "{timestamp}." + body))`)—— 已与适配器逐字节比对验证。
+
+## 交互式 playground(推荐先跑这个)
+
+一个自包含的 Web 控制台:在浏览器里输入消息,它会被签名并 POST 给一个
+**运行中**的 `http_bot` bot,bot 的回复会流式回到页面上 —— 调试面板会显示
+签名、`202` 确认,以及每条回调的 `sequence` / 签名验证结果。
+
+```bash
+# 在 LangBot 仓库根目录、后端已启动的前提下:
+PUBLIC_IP=<你的主机IP> ./.venv/bin/python examples/http-bot/playground.py
+# 然后打开  http://<你的主机IP>:8920/
+```
+
+启动时它会从 `data/langbot.db` 读取 LangBot API key 和 `http_bot` bot,
+并通过 LangBot API 把该 bot 配好(入站/出站密钥 + `callback_url`)指回自己 ——
+bot 会热加载,无需重启。前提:有一个已启用、绑定了可用 pipeline 的
+`http_bot` bot,且端口 `8920` 能从你的浏览器访问到。
+
+可调环境变量:`PUBLIC_IP`(默认 `127.0.0.1`)、`PLAYGROUND_PORT`(默认 `8920`)。
+
+## 无头客户端
+
+```bash
+# Python —— 终端 1:回调接收端(你的 callback_url 指向它)
+python client.py serve --port 8900 --secret SHARED_SECRET
+
+# Python —— 终端 2:推送一条消息
+python client.py push --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1 --text "hello"
+
+# 阻塞式同步模式
+python client.py sync  --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1 --text "hello"
+
+# 重置一个会话
+python client.py reset --url https://your-langbot/bots/<BOT_UUID> \
+    --secret SHARED_SECRET --session ticket-1
+```
+
+```bash
+# TypeScript(Node 18+)
+npx tsx client.ts serve 8900 SHARED_SECRET
+npx tsx client.ts push  https://your-langbot/bots/<BOT_UUID> SHARED_SECRET ticket-1 "hello"
+```
+
+当 bot 回复时,接收端会逐条打印,带上各自的 `sequence`,并在最后一条标记
+`[FINAL]` —— 这就是 1→M 多段回复模型的实际效果。
+
+> bot 的 `callback_url` 必须能从 LangBot 访问到。本地测试时,可用隧道
+> (cloudflared / ngrok)把你的接收端暴露出去,并把那个 URL 填进 bot 配置。

examples/http-bot/client.py

@@ -0,0 +1,167 @@
+#!/usr/bin/env python3
+"""LangBot HTTP Bot adapter — reference client (Python).
+
+Two things in one file:
+
+1. ``push()`` / ``push_sync()`` — send a message into a LangBot ``http_bot`` bot.
+2. A tiny Flask callback receiver that verifies signatures and prints replies,
+   so you can watch N->1 aggregation and 1->M multi-reply working live.
+
+Usage
+-----
+    pip install flask requests
+
+    # Terminal 1 — start the callback receiver (this is your callback_url):
+    python client.py serve --port 8900 --secret SHARED_SECRET
+
+    # Terminal 2 — push a message (async; reply lands on the receiver):
+    python client.py push \
+        --url   https://your-langbot/bots/<BOT_UUID> \
+        --secret SHARED_SECRET \
+        --session ticket-10293 \
+        --text "Export keeps failing on the dashboard."
+
+    # Or push and block for the collapsed reply (sync convenience mode):
+    python client.py sync --url https://your-langbot/bots/<BOT_UUID> \
+        --secret SHARED_SECRET --session ticket-10293 --text "hi"
+
+The signing scheme is HMAC-SHA256 over ``"{timestamp}." + raw_body``; see
+``sign()`` below — it is intentionally tiny and easy to port.
+"""
+
+from __future__ import annotations
+
+import argparse
+import hashlib
+import hmac
+import json
+import sys
+import time
+import uuid
+
+HEADER_TIMESTAMP = 'X-LB-Timestamp'
+HEADER_SIGNATURE = 'X-LB-Signature'
+HEADER_IDEMPOTENCY = 'X-LB-Idempotency-Key'
+REPLAY_WINDOW = 300
+
+
+def sign(secret: str, body: bytes, timestamp: int | None = None) -> tuple[str, str]:
+    """Return (timestamp, signature) for *body*."""
+    ts = str(timestamp if timestamp is not None else int(time.time()))
+    mac = hmac.new(secret.encode(), f'{ts}.'.encode() + body, hashlib.sha256)
+    return ts, 'sha256=' + mac.hexdigest()
+
+
+def verify(secret: str, body: bytes, timestamp: str | None, signature: str | None) -> bool:
+    """Verify an inbound signature (used by the callback receiver)."""
+    if not timestamp or not signature:
+        return False
+    try:
+        if abs(int(time.time()) - int(float(timestamp))) > REPLAY_WINDOW:
+            return False
+    except ValueError:
+        return False
+    _, expected = sign(secret, body, int(float(timestamp)))
+    return hmac.compare_digest(expected, signature)
+
+
+def _post(url: str, secret: str, payload: dict, idempotency: bool = True):
+    import requests
+
+    body = json.dumps(payload, ensure_ascii=False).encode()
+    ts, sig = sign(secret, body)
+    headers = {
+        'Content-Type': 'application/json',
+        HEADER_TIMESTAMP: ts,
+        HEADER_SIGNATURE: sig,
+    }
+    if idempotency:
+        headers[HEADER_IDEMPOTENCY] = uuid.uuid4().hex
+    resp = requests.post(url, data=body, headers=headers, timeout=30)
+    print(f'-> {resp.status_code} {resp.text}')
+    return resp
+
+
+def push(url: str, secret: str, session: str, text: str, session_type: str = 'person'):
+    """Fire-and-collect: returns 202 immediately; reply arrives on your callback."""
+    payload = {
+        'session_id': session,
+        'session_type': session_type,
+        'message': [{'type': 'Plain', 'text': text}],
+    }
+    return _post(url.rstrip('/'), secret, payload)
+
+
+def push_sync(url: str, secret: str, session: str, text: str, session_type: str = 'person'):
+    """Blocking convenience: POST to /sync and get the collapsed reply back."""
+    payload = {
+        'session_id': session,
+        'session_type': session_type,
+        'message': [{'type': 'Plain', 'text': text}],
+    }
+    resp = _post(url.rstrip('/') + '/sync', secret, payload, idempotency=False)
+    return resp
+
+
+def reset(url: str, secret: str, session: str, session_type: str = 'person'):
+    """Reset a session's conversation (next message starts fresh)."""
+    payload = {'session_id': session, 'session_type': session_type}
+    return _post(url.rstrip('/') + '/reset', secret, payload, idempotency=False)
+
+
+def serve(port: int, secret: str):
+    """Run a callback receiver that verifies signatures and prints replies."""
+    from flask import Flask, request
+
+    app = Flask(__name__)
+
+    @app.route('/', methods=['POST'])
+    def recv():
+        raw = request.get_data()
+        ok = verify(secret, raw, request.headers.get(HEADER_TIMESTAMP), request.headers.get(HEADER_SIGNATURE))
+        if not ok:
+            print('!! signature verification FAILED — rejecting')
+            return {'error': 'bad signature'}, 401
+        data = json.loads(raw)
+        text_parts = [c.get('text', '') for c in data.get('message', []) if c.get('type') == 'Plain']
+        marker = 'FINAL' if data.get('is_final') else 'part '
+        print(
+            f'[{marker}] session={data["session_id"]} seq={data["sequence"]} '
+            f'reply_to={data.get("reply_to")}: {" ".join(text_parts)}'
+        )
+        return {'ok': True}
+
+    print(f'callback receiver listening on http://0.0.0.0:{port}/  (Ctrl-C to stop)')
+    app.run(host='0.0.0.0', port=port)
+
+
+def main(argv=None):
+    p = argparse.ArgumentParser(description='LangBot HTTP Bot reference client')
+    sub = p.add_subparsers(dest='cmd', required=True)
+
+    sp = sub.add_parser('serve', help='run the callback receiver')
+    sp.add_argument('--port', type=int, default=8900)
+    sp.add_argument('--secret', required=True)
+
+    for name in ('push', 'sync', 'reset'):
+        c = sub.add_parser(name)
+        c.add_argument('--url', required=True, help='https://host/bots/<BOT_UUID>')
+        c.add_argument('--secret', required=True)
+        c.add_argument('--session', required=True)
+        c.add_argument('--session-type', default='person', choices=['person', 'group'])
+        if name != 'reset':
+            c.add_argument('--text', required=True)
+
+    args = p.parse_args(argv)
+    if args.cmd == 'serve':
+        serve(args.port, args.secret)
+    elif args.cmd == 'push':
+        push(args.url, args.secret, args.session, args.text, args.session_type)
+    elif args.cmd == 'sync':
+        push_sync(args.url, args.secret, args.session, args.text, args.session_type)
+    elif args.cmd == 'reset':
+        reset(args.url, args.secret, args.session, args.session_type)
+
+
+if __name__ == '__main__':
+    sys.exit(main())

examples/http-bot/client.ts

@@ -0,0 +1,123 @@
+/**
+ * LangBot HTTP Bot adapter — reference client (TypeScript / Node 18+).
+ *
+ * Zero runtime dependencies (uses global `fetch`, `crypto`, and `http`).
+ *
+ *   - `push()`      : fire-and-collect; reply lands on your callback URL.
+ *   - `pushSync()`  : POST /sync and await the collapsed reply.
+ *   - `reset()`     : reset a session's conversation.
+ *   - `startReceiver()` : a callback server that verifies signatures and logs
+ *                         replies, so you can watch N->1 and 1->M live.
+ *
+ * Run the demos:
+ *   npx tsx client.ts serve   8900 SHARED_SECRET
+ *   npx tsx client.ts push    https://host/bots/<UUID> SHARED_SECRET ticket-1 "hello"
+ *   npx tsx client.ts sync    https://host/bots/<UUID> SHARED_SECRET ticket-1 "hello"
+ *   npx tsx client.ts reset   https://host/bots/<UUID> SHARED_SECRET ticket-1
+ */
+
+import { createHmac, randomUUID, timingSafeEqual } from 'node:crypto';
+import { createServer } from 'node:http';
+
+const HEADER_TIMESTAMP = 'X-LB-Timestamp';
+const HEADER_SIGNATURE = 'X-LB-Signature';
+const HEADER_IDEMPOTENCY = 'X-LB-Idempotency-Key';
+const REPLAY_WINDOW = 300;
+
+/** Compute the `sha256=<hex>` signature over `"{ts}." + body`. */
+export function sign(secret: string, body: Buffer | string, timestamp?: number): [string, string] {
+  const ts = String(timestamp ?? Math.floor(Date.now() / 1000));
+  const buf = typeof body === 'string' ? Buffer.from(body) : body;
+  const mac = createHmac('sha256', secret).update(Buffer.concat([Buffer.from(`${ts}.`), buf])).digest('hex');
+  return [ts, `sha256=${mac}`];
+}
+
+/** Verify an inbound signature (used by the callback receiver). */
+export function verify(secret: string, body: Buffer, timestamp?: string, signature?: string): boolean {
+  if (!timestamp || !signature) return false;
+  if (Math.abs(Math.floor(Date.now() / 1000) - Number(timestamp)) > REPLAY_WINDOW) return false;
+  const [, expected] = sign(secret, body, Number(timestamp));
+  const a = Buffer.from(expected);
+  const b = Buffer.from(signature);
+  return a.length === b.length && timingSafeEqual(a, b);
+}
+
+interface Segment { type: string; text?: string; url?: string; [k: string]: unknown }
+
+async function post(url: string, secret: string, payload: object, idempotency = true) {
+  const body = Buffer.from(JSON.stringify(payload));
+  const [ts, sig] = sign(secret, body);
+  const headers: Record<string, string> = {
+    'Content-Type': 'application/json',
+    [HEADER_TIMESTAMP]: ts,
+    [HEADER_SIGNATURE]: sig,
+  };
+  if (idempotency) headers[HEADER_IDEMPOTENCY] = randomUUID();
+  const resp = await fetch(url, { method: 'POST', headers, body });
+  const text = await resp.text();
+  console.log(`-> ${resp.status} ${text}`);
+  return { status: resp.status, text };
+}
+
+/** Fire-and-collect: 202 now, reply later on your callback URL. */
+export function push(url: string, secret: string, session: string, text: string, sessionType = 'person') {
+  return post(url.replace(/\/$/, ''), secret, {
+    session_id: session,
+    session_type: sessionType,
+    message: [{ type: 'Plain', text }] as Segment[],
+  });
+}
+
+/** Blocking convenience: POST /sync, get the collapsed reply. */
+export function pushSync(url: string, secret: string, session: string, text: string, sessionType = 'person') {
+  return post(`${url.replace(/\/$/, '')}/sync`, secret, {
+    session_id: session,
+    session_type: sessionType,
+    message: [{ type: 'Plain', text }] as Segment[],
+  }, false);
+}
+
+/** Reset a session's conversation. */
+export function reset(url: string, secret: string, session: string, sessionType = 'person') {
+  return post(`${url.replace(/\/$/, '')}/reset`, secret, { session_id: session, session_type: sessionType }, false);
+}
+
+/** Run a callback receiver that verifies signatures and prints replies. */
+export function startReceiver(port: number, secret: string) {
+  const server = createServer((req, res) => {
+    if (req.method !== 'POST') { res.writeHead(405).end(); return; }
+    const chunks: Buffer[] = [];
+    req.on('data', (c) => chunks.push(c));
+    req.on('end', () => {
+      const raw = Buffer.concat(chunks);
+      const ok = verify(secret, raw, req.headers[HEADER_TIMESTAMP.toLowerCase()] as string,
+        req.headers[HEADER_SIGNATURE.toLowerCase()] as string);
+      if (!ok) {
+        console.log('!! signature verification FAILED — rejecting');
+        res.writeHead(401, { 'Content-Type': 'application/json' }).end(JSON.stringify({ error: 'bad signature' }));
+        return;
+      }
+      const data = JSON.parse(raw.toString());
+      const parts = (data.message as Segment[]).filter((c) => c.type === 'Plain').map((c) => c.text).join(' ');
+      const marker = data.is_final ? 'FINAL' : 'part ';
+      console.log(`[${marker}] session=${data.session_id} seq=${data.sequence} reply_to=${data.reply_to}: ${parts}`);
+      res.writeHead(200, { 'Content-Type': 'application/json' }).end(JSON.stringify({ ok: true }));
+    });
+  });
+  server.listen(port, () => console.log(`callback receiver listening on http://0.0.0.0:${port}/  (Ctrl-C to stop)`));
+}
+
+// --- CLI ---
+const [cmd, ...rest] = process.argv.slice(2);
+if (cmd === 'serve') {
+  startReceiver(Number(rest[0] ?? 8900), rest[1] ?? 'SHARED_SECRET');
+} else if (cmd === 'push') {
+  push(rest[0], rest[1], rest[2], rest[3]);
+} else if (cmd === 'sync') {
+  pushSync(rest[0], rest[1], rest[2], rest[3]);
+} else if (cmd === 'reset') {
+  reset(rest[0], rest[1], rest[2]);
+} else if (cmd) {
+  console.error(`unknown command: ${cmd}`);
+  process.exit(1);
+}

examples/http-bot/playground.py

@@ -0,0 +1,349 @@
+#!/usr/bin/env python3
+"""LangBot HTTP Bot — interactive playground (public, browser-based).
+
+This is a REAL end-to-end demo against the RUNNING LangBot instance on this
+host. It is NOT a mock and NOT an in-process import: every message you type in
+the browser is signed and POSTed to the live `http_bot` bot at
+http://127.0.0.1:5300/bots/<uuid>, and the bot's replies come back to this
+server's /callback endpoint over real HTTP, then stream to your browser via SSE.
+
+What it does on startup:
+  1. Reads the LangBot API key + the http_bot bot from data/langbot.db.
+  2. Configures the bot via the LangBot API (PUT /api/v1/platform/bots/<uuid>):
+     sets inbound_secret + outbound_secret + callback_url to point back here.
+     (LangBot reloads the bot live — no server restart needed.)
+  3. Serves a chat page on 0.0.0.0:<PORT> so you can open it from the internet.
+
+Run:  ./.venv/bin/python examples/http-bot/playground.py
+Then open:  http://<this-host-public-ip>:<PORT>/
+"""
+
+from __future__ import annotations
+
+import asyncio
+import json
+import os
+import sqlite3
+import sys
+
+REPO = os.path.abspath(os.path.join(os.path.dirname(__file__), '..', '..'))
+sys.path.insert(0, os.path.join(REPO, 'src'))
+
+from aiohttp import web  # noqa: E402
+import aiohttp  # noqa: E402
+
+from langbot.pkg.platform.sources import http_bot_signing as sg  # noqa: E402
+
+# ---- config -----------------------------------------------------------------
+LANGBOT_BASE = 'http://127.0.0.1:5300'
+DB_PATH = os.path.join(REPO, 'data', 'langbot.db')
+PUBLIC_IP = os.environ.get('PUBLIC_IP', '127.0.0.1')
+PORT = int(os.environ.get('PLAYGROUND_PORT', '8920'))
+SECRET = 'playground-shared-secret'
+
+# SSE subscribers: list of asyncio.Queue
+subscribers: list[asyncio.Queue] = []
+
+
+def db_lookup() -> tuple[str, str]:
+    """Return (api_key, http_bot_uuid) from the LangBot DB."""
+    db = sqlite3.connect(DB_PATH)
+    db.row_factory = sqlite3.Row
+    api_key = db.execute('SELECT key FROM api_keys LIMIT 1').fetchone()['key']
+    bot = db.execute("SELECT uuid FROM bots WHERE adapter='http_bot' LIMIT 1").fetchone()
+    if not bot:
+        raise SystemExit('No http_bot bot found. Create one in the WebUI first.')
+    return api_key, bot['uuid']
+
+
+async def configure_bot(api_key: str, bot_uuid: str, callback_url: str):
+    """Point the live bot at this playground via the LangBot API.
+
+    update_bot() runs a raw SQL UPDATE with whatever keys we send, so we send a
+    MINIMAL payload: only adapter_config (built from scratch, not read back —
+    the GET masks secrets). LangBot reloads + reruns the bot live.
+    """
+    cfg = {
+        'inbound_secret': SECRET,
+        'outbound_secret': SECRET,
+        'callback_url': callback_url,
+        'signature_required': True,
+        'default_session_type': 'person',
+        'callback_timeout': 15,
+        'callback_max_retries': 3,
+    }
+    async with aiohttp.ClientSession() as s:
+        async with s.put(
+            f'{LANGBOT_BASE}/api/v1/platform/bots/{bot_uuid}',
+            headers={'Authorization': f'Bearer {api_key}', 'Content-Type': 'application/json'},
+            json={'adapter_config': cfg},
+        ) as r:
+            txt = await r.text()
+            print(f'[configure] PUT adapter_config -> {r.status} {txt[:200]}')
+            return r.status < 400
+
+
+async def broadcast(event: dict):
+    for q in list(subscribers):
+        try:
+            q.put_nowait(event)
+        except Exception:
+            pass
+
+
+# ---- HTTP handlers ----------------------------------------------------------
+async def index(request: web.Request):
+    return web.Response(text=PAGE, content_type='text/html')
+
+
+async def send(request: web.Request):
+    """Browser -> here -> signed POST -> live LangBot bot."""
+    body_in = await request.json()
+    session_id = body_in.get('session_id') or 'playground-1'
+    text = body_in.get('text', '')
+    bot_uuid = request.app['bot_uuid']
+
+    payload = {
+        'session_id': session_id,
+        'sender': {'id': 'browser-user', 'name': 'You'},
+        'message': [{'type': 'Plain', 'text': text}],
+    }
+    raw = json.dumps(payload, ensure_ascii=False).encode()
+    ts, sig = sg.sign(SECRET, raw)
+    url = f'{LANGBOT_BASE}/bots/{bot_uuid}'
+
+    # echo what we send to the browser timeline
+    await broadcast(
+        {'dir': 'out', 'kind': 'request', 'session_id': session_id, 'text': text, 'url': url, 'sig': sig[:24] + '…'}
+    )
+
+    async with aiohttp.ClientSession() as s:
+        async with s.post(
+            url,
+            data=raw,
+            headers={
+                'Content-Type': 'application/json',
+                sg.HEADER_TIMESTAMP: ts,
+                sg.HEADER_SIGNATURE: sig,
+            },
+        ) as r:
+            status = r.status
+            try:
+                jr = await r.json()
+            except Exception:
+                jr = {'raw': await r.text()}
+    await broadcast({'dir': 'in', 'kind': 'ack', 'status': status, 'data': jr})
+    return web.json_response({'status': status, 'data': jr})
+
+
+async def callback(request: web.Request):
+    """Live LangBot bot -> here. Verify signature, stream to browser."""
+    raw = await request.read()
+    ok, why = sg.verify(SECRET, raw, request.headers.get(sg.HEADER_TIMESTAMP), request.headers.get(sg.HEADER_SIGNATURE))
+    data = json.loads(raw)
+    text = ' '.join(c.get('text', '') for c in data.get('message', []) if c.get('type') == 'Plain')
+    await broadcast(
+        {
+            'dir': 'in',
+            'kind': 'reply',
+            'session_id': data.get('session_id'),
+            'sequence': data.get('sequence'),
+            'is_final': data.get('is_final'),
+            'sig_ok': ok,
+            'sig_why': why,
+            'text': text,
+        }
+    )
+    return web.json_response({'ok': True})
+
+
+async def events(request: web.Request):
+    """SSE stream to the browser."""
+    resp = web.StreamResponse(
+        headers={
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Connection': 'keep-alive',
+            'Access-Control-Allow-Origin': '*',
+        }
+    )
+    await resp.prepare(request)
+    q: asyncio.Queue = asyncio.Queue()
+    subscribers.append(q)
+    try:
+        await resp.write(b': connected\n\n')
+        while True:
+            try:
+                ev = await asyncio.wait_for(q.get(), timeout=15)
+                await resp.write(f'data: {json.dumps(ev, ensure_ascii=False)}\n\n'.encode())
+            except asyncio.TimeoutError:
+                await resp.write(b': ping\n\n')
+    except (asyncio.CancelledError, ConnectionResetError):
+        pass
+    finally:
+        if q in subscribers:
+            subscribers.remove(q)
+    return resp
+
+
+PAGE = r"""<!doctype html>
+<html lang="zh"><head><meta charset="utf-8"/>
+<meta name="viewport" content="width=device-width,initial-scale=1"/>
+<title>LangBot HTTP Bot · 调试台</title>
+<style>
+  :root{
+    --bg:#f7f8fa; --panel:#ffffff; --line:#e8eaed; --ink:#1f2329; --mut:#8a909a;
+    --brand:#2563eb; --brand-soft:#eef3ff; --ok:#16a34a; --bad:#dc2626; --code:#f3f4f6;
+  }
+  *{box-sizing:border-box}
+  html,body{height:100%}
+  body{margin:0;background:var(--bg);color:var(--ink);
+    font:14px/1.6 -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"PingFang SC","Microsoft YaHei",sans-serif}
+  .top{height:52px;background:var(--panel);border-bottom:1px solid var(--line);
+    display:flex;align-items:center;gap:10px;padding:0 18px}
+  .logo{width:26px;height:26px;border-radius:7px;background:var(--brand);display:grid;place-items:center;color:#fff;font-weight:700;font-size:14px}
+  .top b{font-size:15px} .top .ver{font-size:12px;color:var(--mut)}
+  .dot{width:8px;height:8px;border-radius:50%;background:#cbd2dc;display:inline-block;margin-right:5px;vertical-align:middle}
+  .dot.on{background:var(--ok)} .dot.off{background:var(--bad)}
+  .conn{margin-left:auto;font-size:12px;color:var(--mut)}
+  .wrap{max-width:1080px;margin:0 auto;padding:18px;display:grid;grid-template-columns:1fr 360px;gap:16px}
+  @media(max-width:880px){.wrap{grid-template-columns:1fr}}
+  .card{background:var(--panel);border:1px solid var(--line);border-radius:12px;display:flex;flex-direction:column;min-height:0}
+  .card h3{margin:0;padding:12px 16px;font-size:13px;font-weight:600;color:#4b5563;border-bottom:1px solid var(--line);display:flex;align-items:center;gap:8px}
+  .chat{height:62vh}
+  .msgs{flex:1;overflow:auto;padding:16px;display:flex;flex-direction:column;gap:12px}
+  .row{display:flex;flex-direction:column;gap:4px;max-width:82%}
+  .row.me{align-self:flex-end;align-items:flex-end}
+  .row.bot{align-self:flex-start}
+  .bub{padding:9px 13px;border-radius:12px;white-space:pre-wrap;word-break:break-word}
+  .me .bub{background:var(--brand);color:#fff;border-bottom-right-radius:3px}
+  .bot .bub{background:#f1f3f6;color:var(--ink);border-bottom-left-radius:3px}
+  .meta{font-size:11px;color:var(--mut)}
+  .meta .ok{color:var(--ok)} .meta .bad{color:var(--bad)}
+  .sys{align-self:center;font-size:12px;color:var(--mut);background:#f1f3f6;border-radius:8px;padding:4px 12px}
+  .bar{display:flex;gap:8px;padding:12px;border-top:1px solid var(--line)}
+  .bar input{flex:1;border:1px solid var(--line);border-radius:9px;padding:10px 12px;font-size:14px;outline:none}
+  .bar input:focus{border-color:var(--brand);box-shadow:0 0 0 3px var(--brand-soft)}
+  .bar button{background:var(--brand);color:#fff;border:0;border-radius:9px;padding:0 18px;font-size:14px;font-weight:500;cursor:pointer}
+  .bar button:disabled{opacity:.5;cursor:default}
+  .side{height:62vh}
+  .kv{padding:12px 16px;border-bottom:1px solid var(--line);font-size:12px}
+  .kv .k{color:var(--mut)} .kv .v{color:var(--ink);word-break:break-all}
+  .kv code{background:var(--code);border-radius:5px;padding:1px 5px;font-size:11px}
+  .sessrow{display:flex;align-items:center;gap:8px;padding:10px 16px;border-bottom:1px solid var(--line);font-size:12px}
+  .sessrow input{flex:1;border:1px solid var(--line);border-radius:7px;padding:5px 8px;font-size:12px}
+  .sessrow button{border:1px solid var(--line);background:#fff;border-radius:7px;padding:5px 9px;font-size:12px;cursor:pointer;color:#4b5563}
+  .trace{flex:1;overflow:auto;padding:10px 12px;font:11px/1.55 ui-monospace,SFMono-Regular,Menlo,monospace}
+  .ev{padding:6px 8px;border-radius:7px;margin-bottom:6px;border:1px solid var(--line)}
+  .ev .t{font-weight:600;font-size:10px;letter-spacing:.3px;text-transform:uppercase}
+  .ev.out{background:#f5f8ff;border-color:#dbe6ff}.ev.out .t{color:var(--brand)}
+  .ev.ack{background:#f4f6f8}.ev.ack .t{color:#6b7280}
+  .ev.reply{background:#f1faf3;border-color:#cdeed6}.ev.reply .t{color:var(--ok)}
+  .ev pre{margin:3px 0 0;white-space:pre-wrap;word-break:break-all;color:#374151}
+</style></head>
+<body>
+<div class="top">
+  <div class="logo">L</div>
+  <b>HTTP Bot 调试台</b><span class="ver">examples/http-bot</span>
+  <span class="conn"><span class="dot off" id="cdot"></span><span id="conn">连接中…</span></span>
+</div>
+<div class="wrap">
+  <!-- chat -->
+  <div class="card chat">
+    <h3>对话 · 真实发往运行中的 http_bot</h3>
+    <div class="msgs" id="msgs"></div>
+    <div class="bar">
+      <input id="msg" placeholder="输入消息,回车发送…" autofocus/>
+      <button id="send">发送</button>
+    </div>
+  </div>
+  <!-- debug -->
+  <div class="card side">
+    <h3>调试信息</h3>
+    <div class="kv"><span class="k">入站地址</span><br><span class="v"><code id="endpoint">/bots/&lt;uuid&gt;</code></span></div>
+    <div class="kv"><span class="k">签名</span> <span class="v">HMAC-SHA256 · <code>X-LB-Signature</code></span></div>
+    <div class="sessrow">
+      <span class="k">会话</span>
+      <input id="sid" value="playground-1"/>
+      <button id="reset">新会话</button>
+    </div>
+    <div class="trace" id="trace"></div>
+  </div>
+</div>
+<script>
+const $=s=>document.querySelector(s);
+const msgs=$('#msgs'),trace=$('#trace'),inp=$('#msg'),btn=$('#send'),
+      conn=$('#conn'),cdot=$('#cdot'),sidIn=$('#sid');
+function el(c){const d=document.createElement('div');d.className=c;return d}
+function atBottom(n){n.scrollTop=n.scrollHeight}
+function bubble(side,text,metaHtml){
+  const r=el('row '+side),b=el('bub');b.textContent=text;r.appendChild(b);
+  if(metaHtml){const m=el('meta');m.innerHTML=metaHtml;r.appendChild(m)}
+  msgs.appendChild(r);atBottom(msgs)}
+function sys(t){const d=el('sys');d.textContent=t;msgs.appendChild(d);atBottom(msgs)}
+function logEv(kind,title,obj){
+  const e=el('ev '+kind),t=el('t');t.textContent=title;e.appendChild(t);
+  if(obj!==undefined){const p=document.createElement('pre');
+    p.textContent=typeof obj==='string'?obj:JSON.stringify(obj,null,2);e.appendChild(p)}
+  trace.appendChild(e);atBottom(trace)}
+
+const es=new EventSource('/events');
+es.onopen=()=>{conn.textContent='SSE 已连接';cdot.className='dot on'};
+es.onerror=()=>{conn.textContent='SSE 断开,重连…';cdot.className='dot off'};
+es.onmessage=e=>{const ev=JSON.parse(e.data);
+  if(ev.kind==='request'){
+    if(ev.endpoint)$('#endpoint').textContent=ev.url||ev.endpoint;
+    logEv('out','出站 · 已签名 POST',{url:ev.url,session_id:ev.session_id,'X-LB-Signature':ev.sig});
+  }else if(ev.kind==='ack'){
+    const id=ev.data&&ev.data.data&&ev.data.data.accepted_message_id;
+    sys(`LangBot 已接收 · HTTP ${ev.status}`);
+    logEv('ack','入站确认 202',{status:ev.status,accepted_message_id:id||'-'});
+  }else if(ev.kind==='reply'){
+    const sig=ev.sig_ok?'<span class=ok>验签通过</span>':'<span class=bad>验签失败</span>';
+    bubble('bot',ev.text,`seq=${ev.sequence} · ${ev.is_final?'<b>FINAL</b>':'中间段'} · ${sig}`);
+    logEv('reply',`回调 · seq ${ev.sequence}${ev.is_final?' · FINAL':''}`,
+      {session_id:ev.session_id,sequence:ev.sequence,is_final:ev.is_final,sig_ok:ev.sig_ok,text:ev.text});
+  }};
+
+async function send(){
+  const t=inp.value.trim();if(!t)return;inp.value='';btn.disabled=true;
+  bubble('me',t,'已签名 → POST /bots/&lt;uuid&gt;');
+  try{await fetch('/send',{method:'POST',headers:{'Content-Type':'application/json'},
+    body:JSON.stringify({session_id:sidIn.value.trim()||'playground-1',text:t})});}
+  catch(e){sys('发送失败:'+e)}
+  btn.disabled=false;inp.focus();}
+btn.onclick=send;inp.addEventListener('keydown',e=>{if(e.key==='Enter')send()});
+$('#reset').onclick=()=>{sidIn.value='playground-'+Math.random().toString(36).slice(2,7);
+  sys('已切换到新会话 '+sidIn.value);};
+sys('调试台就绪 · 每条消息都会真实发往运行中的 http_bot,右侧可观察签名 / 202 / 回调全过程。');
+</script>
+</body></html>"""
+
+
+async def main():
+    api_key, bot_uuid = db_lookup()
+    callback_url = f'http://{PUBLIC_IP}:{PORT}/callback'
+    print(f'[init] http_bot uuid = {bot_uuid}')
+    print(f'[init] callback_url  = {callback_url}')
+    ok = await configure_bot(api_key, bot_uuid, callback_url)
+    if not ok:
+        print('[warn] bot config update failed; check the API key / payload shape')
+
+    app = web.Application()
+    app['bot_uuid'] = bot_uuid
+    app.router.add_get('/', index)
+    app.router.add_post('/send', send)
+    app.router.add_post('/callback', callback)
+    app.router.add_get('/events', events)
+
+    runner = web.AppRunner(app)
+    await runner.setup()
+    site = web.TCPSite(runner, '0.0.0.0', PORT)
+    await site.start()
+    print(f'\n  ▶ 打开:  http://{PUBLIC_IP}:{PORT}/\n')
+    while True:
+        await asyncio.sleep(3600)
+
+
+if __name__ == '__main__':
+    asyncio.run(main())

examples/web-page-bot/README.md

@@ -0,0 +1,48 @@
+# Page Bot Adapter — Embed Demo
+
+> English | [中文](./README.zh.md)
+
+A single self-contained HTML page that demos the LangBot **Page Bot**
+(`web_page_bot`) embeddable chat widget — the one you drop onto any website with
+a single `<script>` tag.
+
+Full guide: [docs.langbot.app — Page Bot](https://docs.langbot.app/en/usage/platforms/webpage).
+
+## Files
+
+| File | What it is |
+|---|---|
+| `index.html` | **Browser demo** — open it, point it at a running LangBot instance + a Page Bot you created, and it loads the live embed widget so you can chat with the bot exactly as a site visitor would. Zero deps, no build step. |
+
+## How to use
+
+1. In the LangBot WebUI, create a bot with the **Page Bot** (`页面机器人`)
+   adapter and bind it to a working pipeline. Copy its **bot UUID** from the
+   generated embed code.
+2. Open `index.html` in a browser. Any of these work:
+   - double-click the file, or
+   - serve the folder: `python3 -m http.server 8930` then open
+     `http://localhost:8930/examples/web-page-bot/`.
+3. Fill in:
+   - **LangBot base URL** — where your instance is reachable from the browser
+     (e.g. `http://localhost:5300`, or your public address).
+   - **Page Bot UUID** — from step 1.
+   - **Widget title** — optional, sets the `data-title` attribute.
+4. Click **Load widget**. A floating chat bubble appears in the bottom-right
+   corner — click it and chat.
+
+The page also renders the exact `<script>` snippet you'd paste into your own
+site (before `</body>`), and updates it live as you edit the fields.
+
+## What it demonstrates
+
+- The embed contract: `<script data-title="…" src="<base>/api/v1/embed/<uuid>/widget.js"></script>`.
+- `widget.js` is served by LangBot pre-configured for that bot UUID — title,
+  bubble icon, language and optional Cloudflare Turnstile protection all come
+  from the bot's config, no page changes needed.
+- Messages travel over a WebSocket to the bot's bound pipeline; replies stream
+  back into the bubble.
+
+> The widget loads `widget.js` from your LangBot instance, so the **base URL
+> must be reachable from the browser** you open this page in. If LangBot runs on
+> a server, use its public address instead of `localhost`.

examples/web-page-bot/README.zh.md

@@ -0,0 +1,44 @@
+# 页面机器人适配器 —— 嵌入演示
+
+> [English](./README.md) | 中文
+
+一个自包含的单文件 HTML 页面，用于演示 LangBot **页面机器人**
+(`web_page_bot`) 的可嵌入聊天组件 —— 也就是你用一行 `<script>` 标签就能放到任意
+网站上的那个组件。
+
+完整指南：[docs.langbot.app —— 页面机器人](https://docs.langbot.app/zh/usage/platforms/webpage)。
+
+## 文件清单
+
+| 文件 | 是什么 |
+|---|---|
+| `index.html` | **浏览器演示页** —— 打开它，填上一个运行中的 LangBot 实例地址 + 你创建的页面机器人，它就会加载真实的嵌入组件，让你像网站访客一样和机器人对话。零依赖，无需构建。 |
+
+## 使用方法
+
+1. 在 LangBot WebUI 中，用 **页面机器人**（`web_page_bot`）适配器创建一个机器人，
+   并绑定一个可用的流水线。从生成的嵌入代码里复制它的 **机器人 UUID**。
+2. 在浏览器中打开 `index.html`，以下任一方式皆可：
+   - 直接双击该文件；或
+   - 起一个静态服务：`python3 -m http.server 8930`，然后打开
+     `http://localhost:8930/examples/web-page-bot/`。
+3. 填写：
+   - **LangBot base URL** —— 你的实例在该浏览器中可访问的地址
+     （例如 `http://localhost:5300`，或你的公网地址）。
+   - **页面机器人 UUID** —— 第 1 步里复制的。
+   - **组件标题** —— 可选，对应 `data-title` 属性。
+4. 点击 **Load widget**。页面右下角会出现一个浮动聊天气泡 —— 点开即可对话。
+
+页面还会实时渲染出你需要粘贴到自己网站（放在 `</body>` 前）的那段 `<script>`
+代码，并随着你编辑输入框同步更新。
+
+## 它演示了什么
+
+- 嵌入契约：`<script data-title="…" src="<base>/api/v1/embed/<uuid>/widget.js"></script>`。
+- `widget.js` 由 LangBot 针对该机器人 UUID 预配置后下发 —— 标题、气泡图标、语言
+  以及可选的 Cloudflare Turnstile 防护，全部来自机器人配置，无需改动页面。
+- 消息通过 WebSocket 发往机器人绑定的流水线，回复流式回到气泡中。
+
+> 组件会从你的 LangBot 实例加载 `widget.js`，因此 **base URL 必须能从你打开本页
+> 的浏览器访问到**。如果 LangBot 部署在服务器上，请用它的公网地址而非
+> `localhost`。

examples/web-page-bot/index.html

@@ -0,0 +1,205 @@
+<!doctype html>
+<html lang="en">
+<head>
+<meta charset="utf-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<title>LangBot Page Bot · Embed Demo</title>
+<style>
+  :root {
+    --bg: #f7f8fa; --panel: #ffffff; --line: #e8eaed; --ink: #1f2329;
+    --mut: #8a909a; --brand: #2563eb; --brand-soft: #eef3ff;
+    --ok: #16a34a; --bad: #dc2626; --code: #f3f4f6;
+  }
+  * { box-sizing: border-box; }
+  html, body { height: 100%; }
+  body {
+    margin: 0; background: var(--bg); color: var(--ink);
+    font: 14px/1.6 -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
+      "PingFang SC", "Microsoft YaHei", sans-serif;
+  }
+  .top {
+    height: 52px; background: var(--panel); border-bottom: 1px solid var(--line);
+    display: flex; align-items: center; gap: 10px; padding: 0 18px;
+  }
+  .logo {
+    width: 26px; height: 26px; border-radius: 7px; background: var(--brand);
+    display: grid; place-items: center; color: #fff; font-weight: 700; font-size: 14px;
+  }
+  .top b { font-size: 15px; }
+  .top .ver { font-size: 12px; color: var(--mut); }
+  .wrap { max-width: 760px; margin: 0 auto; padding: 28px 18px 80px; }
+  .hero h1 { margin: 8px 0 6px; font-size: 22px; }
+  .hero p { margin: 0 0 4px; color: var(--mut); }
+  .card {
+    background: var(--panel); border: 1px solid var(--line); border-radius: 12px;
+    padding: 20px; margin-top: 20px;
+  }
+  .card h3 {
+    margin: 0 0 14px; font-size: 14px; font-weight: 600; color: #4b5563;
+    display: flex; align-items: center; gap: 8px;
+  }
+  .card h3 .num {
+    width: 20px; height: 20px; border-radius: 50%; background: var(--brand-soft);
+    color: var(--brand); display: grid; place-items: center; font-size: 12px; font-weight: 700;
+  }
+  .field { margin-bottom: 14px; }
+  .field:last-child { margin-bottom: 0; }
+  .field label { display: block; font-size: 12px; color: var(--mut); margin-bottom: 5px; }
+  .field input {
+    width: 100%; border: 1px solid var(--line); border-radius: 9px;
+    padding: 10px 12px; font-size: 14px; outline: none; font-family: inherit;
+  }
+  .field input:focus { border-color: var(--brand); box-shadow: 0 0 0 3px var(--brand-soft); }
+  .hint { font-size: 12px; color: var(--mut); margin-top: 5px; }
+  .hint code { background: var(--code); border-radius: 5px; padding: 1px 5px; font-size: 11px; }
+  .actions { display: flex; gap: 10px; margin-top: 18px; align-items: center; }
+  button {
+    border: 0; border-radius: 9px; padding: 10px 18px; font-size: 14px;
+    font-weight: 500; cursor: pointer; font-family: inherit;
+  }
+  .btn-primary { background: var(--brand); color: #fff; }
+  .btn-primary:disabled { opacity: .5; cursor: default; }
+  .btn-ghost { background: #fff; border: 1px solid var(--line); color: #4b5563; }
+  .status { font-size: 13px; color: var(--mut); }
+  .status .ok { color: var(--ok); }
+  .status .bad { color: var(--bad); }
+  pre {
+    background: #0f172a; color: #e2e8f0; border-radius: 10px; padding: 14px 16px;
+    overflow: auto; font: 12px/1.6 ui-monospace, SFMono-Regular, Menlo, monospace;
+    margin: 0;
+  }
+  .snippet-row { position: relative; }
+  .snippet-row .copy {
+    position: absolute; top: 10px; right: 10px; background: rgba(255,255,255,.12);
+    color: #fff; border: 0; border-radius: 7px; padding: 5px 10px; font-size: 12px; cursor: pointer;
+  }
+  ul.steps { margin: 0; padding-left: 18px; color: #4b5563; }
+  ul.steps li { margin-bottom: 6px; }
+</style>
+</head>
+<body>
+<div class="top">
+  <div class="logo">L</div>
+  <b>Page Bot · Embed Demo</b>
+  <span class="ver">examples/web-page-bot</span>
+</div>
+
+<div class="wrap">
+  <div class="hero">
+    <h1>Try the LangBot Page Bot widget</h1>
+    <p>Point this page at a running LangBot instance and a <strong>Page Bot</strong> you created,</p>
+    <p>then load the live embed widget below to chat with it — exactly as your site visitors would.</p>
+  </div>
+
+  <div class="card">
+    <h3><span class="num">1</span> Connect your Page Bot</h3>
+    <div class="field">
+      <label for="base">LangBot base URL</label>
+      <input id="base" placeholder="http://localhost:5300" value="http://localhost:5300" />
+      <div class="hint">The address where your LangBot instance is reachable from this browser. No trailing slash.</div>
+    </div>
+    <div class="field">
+      <label for="uuid">Page Bot UUID</label>
+      <input id="uuid" placeholder="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" />
+      <div class="hint">Create a bot with the <code>Page Bot</code> adapter in the WebUI, then copy its UUID from the embed code.</div>
+    </div>
+    <div class="field">
+      <label for="title">Widget title (optional)</label>
+      <input id="title" placeholder="LangBot" value="LangBot" />
+    </div>
+    <div class="actions">
+      <button id="load" class="btn-primary">Load widget</button>
+      <button id="unload" class="btn-ghost">Remove widget</button>
+      <span class="status" id="status">Not loaded.</span>
+    </div>
+  </div>
+
+  <div class="card">
+    <h3><span class="num">2</span> The embed snippet</h3>
+    <p style="margin:0 0 12px;color:var(--mut)">This is exactly what you paste into your own site (before <code>&lt;/body&gt;</code>). It updates as you edit the fields above.</p>
+    <div class="snippet-row">
+      <button class="copy" id="copy">Copy</button>
+      <pre id="snippet">&lt;script data-title="LangBot" src="http://localhost:5300/api/v1/embed/&lt;bot-uuid&gt;/widget.js"&gt;&lt;/script&gt;</pre>
+    </div>
+  </div>
+
+  <div class="card">
+    <h3><span class="num">3</span> How it works</h3>
+    <ul class="steps">
+      <li>The <code>&lt;script&gt;</code> tag pulls <code>widget.js</code> from your LangBot instance, pre-configured for that bot UUID.</li>
+      <li>A floating chat bubble appears in the bottom-right corner of the page.</li>
+      <li>Messages travel over a WebSocket to the bot's bound pipeline; replies stream back into the bubble.</li>
+      <li>Title, bubble icon, language and optional Cloudflare Turnstile protection are all set in the bot's config — no page changes needed.</li>
+    </ul>
+  </div>
+</div>
+
+<script>
+  var $ = function (s) { return document.querySelector(s); };
+  var baseEl = $("#base"), uuidEl = $("#uuid"), titleEl = $("#title"),
+      statusEl = $("#status"), snippetEl = $("#snippet");
+  var WIDGET_ID = "langbot-embed-demo-script";
+
+  function clean(v) { return (v || "").trim().replace(/\/+$/, ""); }
+
+  function buildSrc() {
+    var base = clean(baseEl.value) || "http://localhost:5300";
+    var uuid = uuidEl.value.trim() || "<bot-uuid>";
+    return base + "/api/v1/embed/" + uuid + "/widget.js";
+  }
+
+  function refreshSnippet() {
+    var title = titleEl.value.trim() || "LangBot";
+    var src = buildSrc();
+    snippetEl.textContent =
+      '<script data-title="' + title + '" src="' + src + '"><\/script>';
+  }
+
+  function setStatus(html) { statusEl.innerHTML = html; }
+
+  function removeWidget() {
+    var old = document.getElementById(WIDGET_ID);
+    if (old) old.remove();
+    // The widget injects its own DOM (bubble + panel). Clear the common containers it creates.
+    document.querySelectorAll('[id^="langbot-"]').forEach(function (n) {
+      if (n.id !== WIDGET_ID) n.remove();
+    });
+  }
+
+  function loadWidget() {
+    var uuid = uuidEl.value.trim();
+    var uuidRe = /^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/i;
+    if (!uuidRe.test(uuid)) {
+      setStatus('<span class="bad">Enter a valid bot UUID first.</span>');
+      return;
+    }
+    removeWidget();
+    var s = document.createElement("script");
+    s.id = WIDGET_ID;
+    s.setAttribute("data-title", titleEl.value.trim() || "LangBot");
+    s.src = buildSrc();
+    s.onload = function () {
+      setStatus('<span class="ok">Widget loaded — look bottom-right.</span>');
+    };
+    s.onerror = function () {
+      setStatus('<span class="bad">Failed to load widget.js — check the base URL and that the bot is enabled.</span>');
+    };
+    document.body.appendChild(s);
+    setStatus("Loading…");
+  }
+
+  $("#load").onclick = loadWidget;
+  $("#unload").onclick = function () {
+    removeWidget();
+    setStatus("Widget removed.");
+  };
+  $("#copy").onclick = function () {
+    navigator.clipboard.writeText(snippetEl.textContent).then(function () {
+      var b = $("#copy"); b.textContent = "Copied"; setTimeout(function () { b.textContent = "Copy"; }, 1200);
+    });
+  };
+  [baseEl, uuidEl, titleEl].forEach(function (el) { el.addEventListener("input", refreshSnippet); });
+  refreshSnippet();
+</script>
+</body>
+</html>

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "langbot"
-version = "4.10.2"
+version = "4.10.3"
 description = "Production-grade platform for building agentic IM bots"
 readme = "README.md"
 license-files = ["LICENSE"]
@@ -8,7 +8,7 @@ requires-python = ">=3.11,<4.0"
 dependencies = [
     "aiocqhttp>=1.4.4",
     "aiofiles>=24.1.0",
-    "aiohttp>=3.14.0",
+    "aiohttp>=3.14.1",
     "aioshutil>=1.5",
     "aiosqlite>=0.21.0",
     "anthropic>=0.51.0",
@@ -16,7 +16,7 @@ dependencies = [
     "async-lru>=2.0.5",
     "certifi>=2025.4.26",
     "colorlog~=6.6.0",
-    "cryptography>=46.0.7",
+    "cryptography>=48.0.1",
     "dashscope>=1.25.10",
     "dingtalk-stream>=0.24.0",
     "discord-py>=2.5.2",
@@ -61,16 +61,16 @@ dependencies = [
     "beautifulsoup4>=4.12.3",
     "ebooklib>=0.18",
     "html2text>=2024.2.26",
-    "langchain>=0.2.0",
+    "langchain>=1.3.9",
     "langchain-core>=1.3.3",
-    "langsmith>=0.8.0",
+    "langsmith>=0.8.18",
     "python-multipart>=0.0.27",
     "Mako>=1.3.12",
     "langchain-text-splitters>=1.1.2",
     "chromadb>=1.0.0,<2.0.0",
     "qdrant-client (>=1.15.1,<2.0.0)",
     "pyseekdb==1.1.0.post3",
-    "langbot-plugin==0.4.5",
+    "langbot-plugin==0.4.6",
     "asyncpg>=0.30.0",
     "line-bot-sdk>=3.19.0",
     "matrix-nio>=0.25.2",

skills/skills/langbot-plugin-dev/SKILL.md

@@ -42,6 +42,38 @@ MyPlugin/
 
 Each component has a `.yaml` (metadata) and `.py` (implementation).
 
+## README & i18n convention (enforced on the marketplace)
+
+A plugin published to LangBot Space serves a localized README on its detail page.
+The resolver (`langbot-space` `PluginService.GetPluginREADME`) works like this:
+
+- **Root `README.md` MUST be in English.** It is the default and the fallback —
+  when no per-language README matches the viewer's locale, the page serves the
+  root `README.md`. A non-English root README makes the English/default view show
+  the wrong language.
+- **All other languages live under `readme/README_{lang}.md`** — e.g.
+  `readme/README_zh_Hans.md`, `readme/README_ja_JP.md`. The 8 supported locales:
+  `en_US, zh_Hans, zh_Hant, ja_JP, th_TH, vi_VN, es_ES, ru_RU`.
+- `manifest.yaml` `metadata.label` / `metadata.description` should carry the same
+  8-locale i18n set (`repository` must be a real, alive URL).
+
+```
+MyPlugin/
+├── manifest.yaml
+├── README.md                   # English (default + fallback) — REQUIRED, must be English
+└── readme/
+    ├── README_zh_Hans.md
+    ├── README_zh_Hant.md
+    ├── README_ja_JP.md
+    ├── README_th_TH.md
+    ├── README_vi_VN.md
+    ├── README_es_ES.md
+    └── README_ru_RU.md
+```
+
+`manifest.yaml` (incl. `repository`) is the source of truth — the marketplace
+syncs from it, so edit the package and re-publish rather than patching live data.
+
 ## Critical SDK Pitfalls
 
 ### 1. MessageChain is a RootModel — iterate directly

src/langbot/pkg/api/http/service/mcp.py

@@ -141,15 +141,25 @@ class MCPService:
 
         runtime_mcp_session: RuntimeMCPSession | None = None
 
+        ctx = taskmgr.TaskContext.new()
+
         if server_name != '_':
             runtime_mcp_session = self.ap.tool_mgr.mcp_tool_loader.get_session(server_name)
             if runtime_mcp_session is None:
                 raise ValueError(f'Server not found: {server_name}')
 
-            if runtime_mcp_session.status == MCPSessionStatus.ERROR:
-                coroutine = runtime_mcp_session.start()
-            else:
-                coroutine = runtime_mcp_session.refresh()
+            persisted_session = runtime_mcp_session
+
+            async def _refresh_and_report() -> None:
+                if persisted_session.status == MCPSessionStatus.ERROR:
+                    await persisted_session.start()
+                else:
+                    await persisted_session.refresh()
+                # Surface the discovered tools so the config page can render them
+                # even for an already-hosted server.
+                ctx.metadata['runtime_info'] = persisted_session.get_runtime_info_dict()
+
+            coroutine = _refresh_and_report()
         else:
             runtime_mcp_session = await self.ap.tool_mgr.mcp_tool_loader.load_mcp_server(server_config=server_data)
 
@@ -160,6 +170,12 @@ class MCPService:
             async def _run_and_cleanup() -> None:
                 try:
                     await test_session.start()
+                    # Capture the runtime info (status + discovered tools) BEFORE
+                    # shutting the transient session down. The create/edit config
+                    # page has no persisted server to reload from, so without this
+                    # a successful test could only show "no tools found". The
+                    # frontend reads ctx.metadata.runtime_info to render the tools.
+                    ctx.metadata['runtime_info'] = test_session.get_runtime_info_dict()
                 finally:
                     try:
                         await test_session.shutdown()
@@ -171,7 +187,6 @@ class MCPService:
 
             coroutine = _run_and_cleanup()
 
-        ctx = taskmgr.TaskContext.new()
         wrapper = self.ap.task_mgr.create_user_task(
             coroutine,
             kind='mcp-operation',

src/langbot/pkg/entity/persistence/mcp.py

@@ -9,7 +9,7 @@ class MCPServer(Base):
     uuid = sqlalchemy.Column(sqlalchemy.String(255), primary_key=True, unique=True)
     name = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)
     enable = sqlalchemy.Column(sqlalchemy.Boolean, nullable=False, default=False)
-    mode = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)  # stdio, sse, http
+    mode = sqlalchemy.Column(sqlalchemy.String(255), nullable=False)  # stdio, remote (legacy: sse, http)
     extra_args = sqlalchemy.Column(sqlalchemy.JSON, nullable=False, default={})
     # Markdown documentation captured from LangBot Space at install time so the
     # detail page can show docs even when the server is offline / has no tools.

src/langbot/pkg/persistence/alembic/versions/0006_normalize_mcp_remote_mode.py

@@ -0,0 +1,47 @@
+"""normalize mcp_servers transport mode to local/remote
+
+The MCP transport selection for servers LangBot connects to was simplified
+from three persisted modes (``stdio`` / ``sse`` / ``http``) down to two:
+``stdio`` (local, Box-sandboxed) and ``remote`` (the runtime auto-detects
+Streamable HTTP vs. legacy SSE from the URL). This migration rewrites any
+existing ``sse`` / ``http`` rows to ``remote`` so the stored value matches the
+new two-option UI. The connection args (url / headers / timeout /
+ssereadtimeout) live in ``extra_args`` and are left untouched — the
+auto-detecting remote transport consumes them regardless.
+
+Revision ID: 0006_normalize_mcp_remote_mode
+Revises: 0005_add_llm_context_length
+Create Date: 2026-06-21
+"""
+
+import sqlalchemy as sa
+from alembic import op
+
+revision = '0006_normalize_mcp_remote_mode'
+down_revision = '0005_add_llm_context_length'
+branch_labels = None
+depends_on = None
+
+
+def upgrade() -> None:
+    # Idempotent data migration: collapse legacy remote transports into the
+    # unified ``remote`` mode. Guard against the table being absent (truly empty
+    # DB migrated before create_all()).
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    if 'mcp_servers' not in inspector.get_table_names():
+        return
+    conn.execute(sa.text("UPDATE mcp_servers SET mode = 'remote' WHERE mode IN ('sse', 'http')"))
+
+
+def downgrade() -> None:
+    # The legacy distinction between ``sse`` and ``http`` cannot be recovered
+    # from ``remote`` alone (the transport is auto-detected at runtime, not
+    # stored). Map everything that is not ``stdio`` back to ``http`` as a
+    # best-effort reversal — both legacy modes still route correctly in the
+    # backend lifecycle dispatch.
+    conn = op.get_bind()
+    inspector = sa.inspect(conn)
+    if 'mcp_servers' not in inspector.get_table_names():
+        return
+    conn.execute(sa.text("UPDATE mcp_servers SET mode = 'http' WHERE mode = 'remote'"))

src/langbot/pkg/platform/sources/http_bot.py

@@ -0,0 +1,509 @@
+"""HTTP Bot adapter — standalone server-to-server platform adapter.
+
+Lets any external backend drive a LangBot pipeline over plain HTTP:
+
+* **Inbound**  — the backend POSTs a signed message to the unified webhook
+  route ``POST /bots/<bot_uuid>``; this adapter verifies the signature, builds
+  a platform event carrying the caller-defined ``session_id`` as the launcher
+  id, and fires it into the normal pipeline (so message aggregation, N->1,
+  works for free).
+* **Outbound** — every ``reply_message`` / ``reply_message_chunk`` the pipeline
+  emits is delivered as a signed POST to the configured ``callback_url``. A
+  single turn may emit many replies (1->M); each is one callback, ordered per
+  session via a small worker queue.
+
+Design notes:
+
+* The callback URL is taken **only** from adapter config (never from the
+  inbound message) to keep the SSRF surface closed.
+* Replies for one ``session_id`` are delivered in ``sequence`` order; the
+  caller knows a turn is complete when ``is_final: true`` arrives.
+* No new HTTP route is registered — the existing unified webhook dispatcher
+  (``pkg/api/http/controller/groups/webhooks.py``) calls
+  ``handle_unified_webhook`` on this adapter.
+
+See docs/platforms/http-bot.md for the full integration guide.
+"""
+
+from __future__ import annotations
+
+import asyncio
+import json
+import time
+import typing
+import uuid
+from datetime import datetime
+
+import aiohttp
+import pydantic
+import quart
+
+import langbot_plugin.api.definition.abstract.platform.adapter as abstract_platform_adapter
+import langbot_plugin.api.entities.builtin.platform.message as platform_message
+import langbot_plugin.api.entities.builtin.platform.events as platform_events
+import langbot_plugin.api.entities.builtin.platform.entities as platform_entities
+import langbot_plugin.api.definition.abstract.platform.event_logger as abstract_platform_logger
+
+from . import http_bot_signing as signing
+from ...utils import httpclient
+
+
+# Error envelope codes (HTTP status -> body code), documented in the design doc.
+_ERR = {
+    'bad_request': (400, 40001),
+    'bad_signature': (401, 40101),
+    'duplicate': (409, 40901),
+    'too_large': (413, 41301),
+    'internal': (500, 50001),
+}
+
+# Max accepted inbound body size (bytes).
+_MAX_BODY = 1 * 1024 * 1024
+
+# Idempotency dedup window (seconds) and cap.
+_IDEMPOTENCY_TTL = 600
+_IDEMPOTENCY_MAX = 4096
+
+
+class _SessionOutbound:
+    """Per-session outbound state: ordered delivery queue + sequence counter."""
+
+    def __init__(self) -> None:
+        self.queue: asyncio.Queue = asyncio.Queue(maxsize=1000)
+        self.worker: asyncio.Task | None = None
+        self.sequence: int = 0
+        self.last_was_final: bool = True  # so the first reply of a turn starts at seq 1
+
+
+class _SyncCollector:
+    """Collects reply parts for a /sync request and resolves when the turn ends."""
+
+    def __init__(self) -> None:
+        self.parts: list = []
+        self.done: asyncio.Event = asyncio.Event()
+
+
+class HttpBotAdapter(abstract_platform_adapter.AbstractMessagePlatformAdapter):
+    """Standalone HTTP adapter (inbound webhook + outbound callbacks)."""
+
+    bot_uuid: str = pydantic.Field(default='', exclude=True)
+
+    listeners: dict[
+        typing.Type[platform_events.Event],
+        typing.Callable[[platform_events.Event, abstract_platform_adapter.AbstractMessagePlatformAdapter], None],
+    ] = pydantic.Field(default_factory=dict, exclude=True)
+
+    # session_id -> outbound state
+    outbound_states: dict[str, _SessionOutbound] = pydantic.Field(default_factory=dict, exclude=True)
+    # idempotency key -> accepted-at epoch
+    idempotency_cache: dict[str, float] = pydantic.Field(default_factory=dict, exclude=True)
+    # session_id -> sync collector (set while a /sync request is awaiting a turn)
+    sync_waiters: dict[str, '_SyncCollector'] = pydantic.Field(default_factory=dict, exclude=True)
+
+    model_config = pydantic.ConfigDict(arbitrary_types_allowed=True)
+
+    def __init__(self, config: dict, logger: abstract_platform_logger.AbstractEventLogger, **kwargs):
+        super().__init__(config=config, logger=logger, **kwargs)
+        self.bot_account_id = 'http_bot'
+        self.outbound_states = {}
+        self.idempotency_cache = {}
+        self.sync_waiters = {}
+
+    # -- framework hooks ------------------------------------------------------
+
+    def set_bot_uuid(self, bot_uuid: str) -> None:
+        """Called by the bot manager so the adapter knows its own bot uuid."""
+        object.__setattr__(self, 'bot_uuid', bot_uuid)
+
+    def get_launcher_id(self, event: platform_events.MessageEvent) -> str:
+        """Map an inbound event to a LangBot launcher id.
+
+        We return the caller-defined ``session_id`` (stashed on the sender /
+        group id at inbound time) so that each external session maps 1:1 to an
+        isolated LangBot session.
+        """
+        if isinstance(event, platform_events.GroupMessage):
+            return str(event.sender.group.id)
+        return str(event.sender.id)
+
+    def register_listener(
+        self,
+        event_type: typing.Type[platform_events.Event],
+        func: typing.Callable[
+            [platform_events.Event, abstract_platform_adapter.AbstractMessagePlatformAdapter], typing.Awaitable[None]
+        ],
+    ):
+        self.listeners[event_type] = func
+
+    def unregister_listener(
+        self,
+        event_type: typing.Type[platform_events.Event],
+        func: typing.Callable[
+            [platform_events.Event, abstract_platform_adapter.AbstractMessagePlatformAdapter], typing.Awaitable[None]
+        ],
+    ):
+        self.listeners.pop(event_type, None)
+
+    async def is_muted(self, group_id: int) -> bool:
+        return False
+
+    async def is_stream_output_supported(self) -> bool:
+        return True
+
+    async def run_async(self):
+        # Purely webhook-driven; nothing to poll. Stay alive.
+        while True:
+            await asyncio.sleep(3600)
+
+    async def kill(self):
+        # Cancel any outbound workers.
+        for state in self.outbound_states.values():
+            if state.worker and not state.worker.done():
+                state.worker.cancel()
+        return True
+
+    # -- inbound --------------------------------------------------------------
+
+    def _err(self, kind: str, detail: str = ''):
+        status, code = _ERR[kind]
+        return quart.jsonify({'code': code, 'msg': detail or kind, 'data': None}), status
+
+    def _prune_idempotency(self) -> None:
+        now = time.time()
+        if len(self.idempotency_cache) > _IDEMPOTENCY_MAX:
+            self.idempotency_cache.clear()
+            return
+        expired = [k for k, ts in self.idempotency_cache.items() if now - ts > _IDEMPOTENCY_TTL]
+        for k in expired:
+            self.idempotency_cache.pop(k, None)
+
+    async def handle_unified_webhook(self, bot_uuid: str, path: str, request):
+        """Handle an inbound POST from the unified webhook dispatcher.
+
+        Sub-path routing:
+            (no path)  -> push a message
+            "reset"    -> reset a session's conversation (body: {session_id, session_type?})
+            "sync"     -> push a message and wait for the final reply (collapses 1->M)
+        """
+        object.__setattr__(self, 'bot_uuid', bot_uuid)
+
+        if path == 'reset':
+            return await self._handle_reset(request)
+        if path == 'sync':
+            return await self._handle_inbound(request, sync=True)
+        if path in ('', None):
+            return await self._handle_inbound(request, sync=False)
+        return self._err('bad_request', f'unknown sub-path: {path}')
+
+    async def _read_and_verify(self, request) -> tuple[dict | None, typing.Any]:
+        """Read body, enforce size + signature. Returns (data, error_response)."""
+        body = await request.get_data()
+        if body and len(body) > _MAX_BODY:
+            return None, self._err('too_large', 'message too large')
+
+        if self.config.get('signature_required', True):
+            ok, reason = signing.verify(
+                secret=self.config.get('inbound_secret', ''),
+                body=body,
+                timestamp=request.headers.get(signing.HEADER_TIMESTAMP),
+                signature=request.headers.get(signing.HEADER_SIGNATURE),
+            )
+            if not ok:
+                await self.logger.warning(f'http_bot inbound signature rejected: {reason}')
+                return None, self._err('bad_signature', f'invalid signature: {reason}')
+
+        try:
+            data = json.loads(body)
+        except (json.JSONDecodeError, ValueError):
+            return None, self._err('bad_request', 'body is not valid JSON')
+        if not isinstance(data, dict):
+            return None, self._err('bad_request', 'body must be a JSON object')
+        return data, None
+
+    def _build_event(self, data: dict) -> tuple[platform_events.MessageEvent, str, str, str]:
+        """Build a platform event from inbound data.
+
+        Returns (event, session_id, session_type, message_id).
+        """
+        session_id = str(data['session_id'])
+        session_type = data.get('session_type') or self.config.get('default_session_type', 'person')
+        sender_meta = data.get('sender') or {}
+        sender_name = str(sender_meta.get('name', 'User'))
+
+        message_id = 'in_' + uuid.uuid4().hex
+        chain = platform_message.MessageChain.model_validate(data['message'])
+        # Carry the inbound message id + timestamp as the Source component.
+        chain.insert(0, platform_message.Source(id=message_id, time=datetime.now()))
+
+        if session_type == 'group':
+            group = platform_entities.Group(
+                id=session_id,
+                name=str(sender_meta.get('group_name', session_id)),
+                permission=platform_entities.Permission.Member,
+            )
+            sender = platform_entities.GroupMember(
+                id=str(sender_meta.get('id', session_id)),
+                member_name=sender_name,
+                group=group,
+                permission=platform_entities.Permission.Member,
+            )
+            event = platform_events.GroupMessage(sender=sender, message_chain=chain, time=datetime.now().timestamp())
+        else:
+            sender = platform_entities.Friend(id=session_id, nickname=sender_name, remark=sender_name)
+            event = platform_events.FriendMessage(sender=sender, message_chain=chain, time=datetime.now().timestamp())
+        return event, session_id, session_type, message_id
+
+    async def _handle_inbound(self, request, sync: bool):
+        data, err = await self._read_and_verify(request)
+        if err is not None:
+            return err
+
+        if 'session_id' not in data or 'message' not in data:
+            return self._err('bad_request', 'session_id and message are required')
+
+        # Idempotency.
+        idem = request.headers.get(signing.HEADER_IDEMPOTENCY)
+        if idem:
+            self._prune_idempotency()
+            if idem in self.idempotency_cache:
+                return self._err('duplicate', 'idempotency key already accepted')
+            self.idempotency_cache[idem] = time.time()
+
+        try:
+            event, session_id, session_type, message_id = self._build_event(data)
+        except Exception as e:  # noqa: BLE001
+            return self._err('bad_request', f'failed to parse message: {e}')
+
+        listener = self.listeners.get(type(event))
+        if listener is None:
+            return self._err('internal', 'no listener registered for event type')
+
+        if sync:
+            return await self._run_sync(event, listener, session_id, message_id)
+
+        # Fire-and-collect: kick the pipeline, return 202 immediately.
+        asyncio.create_task(listener(event, self))
+        return quart.jsonify(
+            {
+                'code': 0,
+                'msg': 'accepted',
+                'data': {
+                    'session_id': session_id,
+                    'accepted_message_id': message_id,
+                    'aggregating': True,
+                },
+            }
+        ), 202
+
+    async def _handle_reset(self, request):
+        data, err = await self._read_and_verify(request)
+        if err is not None:
+            return err
+        if 'session_id' not in data:
+            return self._err('bad_request', 'session_id is required')
+
+        session_id = str(data['session_id'])
+        session_type = data.get('session_type') or self.config.get('default_session_type', 'person')
+        launcher_type = 'group' if session_type == 'group' else 'person'
+
+        removed = await self._reset_session(launcher_type, session_id)
+        return quart.jsonify({'code': 0, 'msg': 'reset', 'data': {'session_id': session_id, 'removed': removed}}), 200
+
+    async def _reset_session(self, launcher_type: str, launcher_id: str) -> bool:
+        """Drop the matching session so the next message starts a fresh conversation."""
+        sess_mgr = self.ap.sess_mgr
+        before = len(sess_mgr.session_list)
+        sess_mgr.session_list = [
+            s
+            for s in sess_mgr.session_list
+            if not (
+                str(s.launcher_type.value if hasattr(s.launcher_type, 'value') else s.launcher_type) == launcher_type
+                and str(s.launcher_id) == launcher_id
+            )
+        ]
+        return len(sess_mgr.session_list) < before
+
+    # -- outbound -------------------------------------------------------------
+
+    @staticmethod
+    def _extract_session_id(message_source: platform_events.MessageEvent) -> str:
+        if isinstance(message_source, platform_events.GroupMessage):
+            return str(message_source.sender.group.id)
+        return str(message_source.sender.id)
+
+    @staticmethod
+    def _extract_reply_to(message_source: platform_events.MessageEvent) -> str:
+        for comp in message_source.message_chain:
+            if isinstance(comp, platform_message.Source):
+                return str(comp.id)
+        return ''
+
+    def _next_sequence(self, session_id: str, is_final: bool) -> int:
+        state = self.outbound_states.setdefault(session_id, _SessionOutbound())
+        if state.last_was_final:
+            state.sequence = 1
+        else:
+            state.sequence += 1
+        state.last_was_final = is_final
+        return state.sequence
+
+    async def _enqueue_callback(self, session_id: str, payload: dict) -> None:
+        state = self.outbound_states.setdefault(session_id, _SessionOutbound())
+        if state.worker is None or state.worker.done():
+            state.worker = asyncio.create_task(self._outbound_worker(session_id, state))
+        try:
+            state.queue.put_nowait(payload)
+        except asyncio.QueueFull:
+            # Drop oldest to bound memory, then enqueue (best-effort, at-least-once).
+            try:
+                state.queue.get_nowait()
+            except asyncio.QueueEmpty:
+                pass
+            await self.logger.warning(f'http_bot outbound queue full for session {session_id}; dropped oldest')
+            state.queue.put_nowait(payload)
+
+    async def _outbound_worker(self, session_id: str, state: _SessionOutbound) -> None:
+        while True:
+            payload = await state.queue.get()
+            try:
+                await self._deliver_callback(payload)
+            except Exception as e:  # noqa: BLE001
+                await self.logger.error(f'http_bot callback delivery failed for {session_id}: {e}')
+            finally:
+                state.queue.task_done()
+
+    async def _deliver_callback(self, payload: dict) -> None:
+        callback_url = self.config.get('callback_url', '')
+        if not callback_url:
+            await self.logger.warning('http_bot has no callback_url configured; dropping reply')
+            return
+
+        body = json.dumps(payload, ensure_ascii=False).encode()
+        secret = self.config.get('outbound_secret') or self.config.get('inbound_secret', '')
+        ts, sig = signing.sign(secret, body)
+        headers = {
+            'Content-Type': 'application/json',
+            signing.HEADER_TIMESTAMP: ts,
+            signing.HEADER_SIGNATURE: sig,
+        }
+        timeout = aiohttp.ClientTimeout(total=int(self.config.get('callback_timeout', 15)))
+        max_retries = int(self.config.get('callback_max_retries', 3))
+
+        session = httpclient.get_session()
+        attempt = 0
+        while True:
+            attempt += 1
+            try:
+                async with session.post(callback_url, data=body, headers=headers, timeout=timeout) as resp:
+                    if resp.status < 400:
+                        return
+                    if resp.status < 500 or attempt > max_retries:
+                        await self.logger.warning(f'http_bot callback {callback_url} -> {resp.status}, giving up')
+                        return
+            except (aiohttp.ClientError, asyncio.TimeoutError) as e:
+                if attempt > max_retries:
+                    await self.logger.warning(f'http_bot callback {callback_url} failed after {attempt} tries: {e}')
+                    return
+            await asyncio.sleep(min(2 ** (attempt - 1), 30))
+
+    async def _emit_reply(
+        self,
+        message_source: platform_events.MessageEvent,
+        message: platform_message.MessageChain,
+        is_final: bool,
+        stream: bool,
+    ) -> dict:
+        session_id = self._extract_session_id(message_source)
+        reply_to = self._extract_reply_to(message_source)
+        sequence = self._next_sequence(session_id, is_final)
+        parts = [c.model_dump() if hasattr(c, 'model_dump') else c.__dict__ for c in message]
+        payload = {
+            'session_id': session_id,
+            'reply_to': reply_to,
+            'sequence': sequence,
+            'is_final': is_final,
+            'stream': stream,
+            'message': parts,
+            'timestamp': datetime.now().isoformat(),
+        }
+
+        # If a /sync request is awaiting this session, collect instead of POSTing.
+        collector = self.sync_waiters.get(session_id)
+        if collector is not None:
+            collector.parts.extend(parts)
+            if is_final:
+                collector.done.set()
+            return payload
+
+        await self._enqueue_callback(session_id, payload)
+        return payload
+
+    async def send_message(self, target_type: str, target_id: str, message: platform_message.MessageChain) -> dict:
+        """Proactively push a message to a session (target_id == session_id)."""
+        sequence = self._next_sequence(str(target_id), is_final=True)
+        payload = {
+            'session_id': str(target_id),
+            'reply_to': '',
+            'sequence': sequence,
+            'is_final': True,
+            'stream': False,
+            'message': [c.model_dump() if hasattr(c, 'model_dump') else c.__dict__ for c in message],
+            'timestamp': datetime.now().isoformat(),
+        }
+        await self._enqueue_callback(str(target_id), payload)
+        return payload
+
+    async def reply_message(
+        self,
+        message_source: platform_events.MessageEvent,
+        message: platform_message.MessageChain,
+        quote_origin: bool = False,
+    ) -> dict:
+        return await self._emit_reply(message_source, message, is_final=True, stream=False)
+
+    async def reply_message_chunk(
+        self,
+        message_source: platform_events.MessageEvent,
+        bot_message,
+        message: platform_message.MessageChain,
+        quote_origin: bool = False,
+        is_final: bool = False,
+    ) -> dict:
+        message_is_final = is_final and getattr(bot_message, 'tool_calls', None) is None
+        return await self._emit_reply(message_source, message, is_final=message_is_final, stream=True)
+
+    # -- sync convenience mode ------------------------------------------------
+
+    async def _run_sync(self, event, listener, session_id: str, message_id: str):
+        """Push a message and wait for the final reply, collapsing 1->M parts.
+
+        Lossy by design (drops streaming/ordering nuance); documented as such.
+        Concurrency-safe: routing is via the per-session ``_sync_waiters``
+        registry that ``_emit_reply`` consults, not by patching methods.
+        """
+        if session_id in self.sync_waiters:
+            return self._err('duplicate', 'a sync request is already in flight for this session')
+
+        collector = _SyncCollector()
+        self.sync_waiters[session_id] = collector
+        try:
+            asyncio.create_task(listener(event, self))
+            timeout = int(self.config.get('callback_timeout', 15)) * 4
+            try:
+                await asyncio.wait_for(collector.done.wait(), timeout=timeout)
+            except asyncio.TimeoutError:
+                await self.logger.warning(f'http_bot sync wait timed out for session {session_id}')
+        finally:
+            self.sync_waiters.pop(session_id, None)
+
+        return quart.jsonify(
+            {
+                'code': 0,
+                'msg': 'ok',
+                'data': {
+                    'session_id': session_id,
+                    'reply_to': message_id,
+                    'message': collector.parts,
+                },
+            }
+        ), 200

src/langbot/pkg/platform/sources/http_bot.svg

@@ -0,0 +1,9 @@
+<svg width="800px" height="800px" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <rect x="2" y="2" width="60" height="60" rx="14" fill="#2563EB"/>
+  <g stroke="#FFFFFF" stroke-width="3.6" stroke-linecap="round" stroke-linejoin="round" fill="none">
+    <!-- </> code icon -->
+    <path d="M24 22 L14 32 L24 42"/>
+    <path d="M40 22 L50 32 L40 42"/>
+    <path d="M36 18 L28 46"/>
+  </g>
+</svg>

src/langbot/pkg/platform/sources/http_bot.yaml

@@ -0,0 +1,153 @@
+apiVersion: v1
+kind: MessagePlatformAdapter
+metadata:
+  name: http_bot
+  label:
+    en_US: HTTP Bot
+    zh_Hans: HTTP 通用接入
+    zh_Hant: HTTP 通用接入
+    ja_JP: HTTP ボット
+  description:
+    en_US: Integrate any backend over plain HTTP. Push messages in via a signed webhook, receive replies on a callback URL. Server-to-server, no long-lived connection. Preserves message aggregation (N->1) and multi-part replies (1->M).
+    zh_Hans: 通过 HTTP 接入任意后端系统。以签名 Webhook 推入消息，在回调地址接收回复。面向服务间集成，无需长连接。完整保留消息聚合（多条合一）与多段回复（一条问、多条回）能力。
+    zh_Hant: 透過 HTTP 接入任意後端系統。以簽名 Webhook 推入訊息，在回調地址接收回覆。面向服務間整合，無需長連線。完整保留訊息聚合（多條合一）與多段回覆（一條問、多條回）能力。
+    ja_JP: 任意のバックエンドを HTTP で接続。署名付き Webhook でメッセージを送信し、コールバック URL で返信を受信します。サーバー間連携、長時間接続不要。メッセージ集約（N→1）とマルチパート返信（1→M）に対応。
+  icon: http_bot.svg
+spec:
+  categories:
+    - popular
+    - global
+  help_links:
+    zh: https://docs.langbot.app/zh/platforms/http-bot
+    en: https://docs.langbot.app/en/platforms/http-bot
+    ja: https://docs.langbot.app/ja/platforms/http-bot
+  config:
+    - name: webhook_url
+      label:
+        en_US: Inbound Webhook URL
+        zh_Hans: 入站 Webhook 地址
+        zh_Hant: 入站 Webhook 地址
+        ja_JP: 受信 Webhook URL
+      description:
+        en_US: Copy this URL. Your backend POSTs messages here (signed with the inbound secret).
+        zh_Hans: 复制此地址。你的后端将消息以签名方式 POST 到这里。
+        zh_Hant: 複製此地址。你的後端將訊息以簽名方式 POST 到這裡。
+        ja_JP: この URL をコピーしてください。バックエンドは署名付きでここにメッセージを POST します。
+      type: webhook-url
+      required: false
+      default: ""
+    - name: inbound_secret
+      label:
+        en_US: Inbound Signing Secret
+        zh_Hans: 入站签名密钥
+        zh_Hant: 入站簽名密鑰
+        ja_JP: 受信署名シークレット
+      description:
+        en_US: HMAC-SHA256 secret your backend uses to sign inbound requests. LangBot verifies every inbound POST with it.
+        zh_Hans: 你的后端用于对入站请求做 HMAC-SHA256 签名的密钥；LangBot 据此校验每个入站 POST。
+        zh_Hant: 你的後端用於對入站請求做 HMAC-SHA256 簽名的密鑰；LangBot 據此校驗每個入站 POST。
+        ja_JP: バックエンドが受信リクエストの署名に使う HMAC-SHA256 シークレット。LangBot は受信 POST ごとに検証します。
+      type: string
+      required: true
+      default: ""
+    - name: callback_url
+      label:
+        en_US: Outbound Callback URL
+        zh_Hans: 出站回调地址
+        zh_Hant: 出站回調地址
+        ja_JP: 送信コールバック URL
+      description:
+        en_US: Where LangBot POSTs replies. One turn may trigger multiple callbacks (1->M). For security the callback URL is taken ONLY from this config and cannot be overridden per-message.
+        zh_Hans: LangBot 将回复 POST 到此地址。一轮对话可能触发多次回调（一问多答）。出于安全考虑，回调地址只取自此配置，不允许逐条消息覆盖。
+        zh_Hant: LangBot 將回覆 POST 到此地址。一輪對話可能觸發多次回調（一問多答）。出於安全考慮，回調地址只取自此配置，不允許逐條訊息覆蓋。
+        ja_JP: LangBot が返信を POST する先。1 ターンで複数回のコールバック（1→M）が発生し得ます。セキュリティ上、コールバック URL はこの設定からのみ取得し、メッセージ単位で上書きできません。
+      type: string
+      required: true
+      default: ""
+    - name: outbound_secret
+      label:
+        en_US: Outbound Signing Secret
+        zh_Hans: 出站签名密钥
+        zh_Hant: 出站簽名密鑰
+        ja_JP: 送信署名シークレット
+      description:
+        en_US: HMAC-SHA256 secret LangBot uses to sign outbound callbacks so your receiver can verify them. Falls back to the inbound secret when empty.
+        zh_Hans: LangBot 用于对出站回调签名的密钥，供你的接收端校验。留空时回退使用入站密钥。
+        zh_Hant: LangBot 用於對出站回調簽名的密鑰，供你的接收端校驗。留空時回退使用入站密鑰。
+        ja_JP: LangBot が送信コールバックの署名に使う HMAC-SHA256 シークレット。受信側で検証できます。空の場合は受信シークレットを使用します。
+      type: string
+      required: false
+      default: ""
+    - name: default_session_type
+      label:
+        en_US: Default Session Type
+        zh_Hans: 默认会话类型
+        zh_Hant: 預設會話類型
+        ja_JP: デフォルトセッションタイプ
+      description:
+        en_US: Session type used when an inbound message omits session_type.
+        zh_Hans: 入站消息未携带 session_type 时使用的会话类型。
+        zh_Hant: 入站訊息未攜帶 session_type 時使用的會話類型。
+        ja_JP: 受信メッセージに session_type がない場合に使用するセッションタイプ。
+      type: select
+      options:
+        - name: person
+          label:
+            en_US: Person (1-on-1)
+            zh_Hans: 个人（一对一）
+            zh_Hant: 個人（一對一）
+            ja_JP: 個人（1 対 1）
+        - name: group
+          label:
+            en_US: Group
+            zh_Hans: 群组
+            zh_Hant: 群組
+            ja_JP: グループ
+      required: false
+      default: person
+    - name: signature_required
+      label:
+        en_US: Require Inbound Signature
+        zh_Hans: 强制入站签名校验
+        zh_Hant: 強制入站簽名校驗
+        ja_JP: 受信署名を必須にする
+      description:
+        en_US: When enabled (recommended), every inbound POST must carry a valid signature. Disable ONLY for local development behind a trusted network.
+        zh_Hans: 开启（推荐）后，每个入站 POST 都必须带有效签名。仅在受信任内网的本地开发时关闭。
+        zh_Hant: 開啟（推薦）後，每個入站 POST 都必須帶有效簽名。僅在受信任內網的本地開發時關閉。
+        ja_JP: 有効（推奨）にすると、すべての受信 POST に有効な署名が必要です。信頼できるネットワーク内のローカル開発時のみ無効化してください。
+      type: boolean
+      required: false
+      default: true
+    - name: callback_timeout
+      label:
+        en_US: Callback Timeout (seconds)
+        zh_Hans: 回调超时（秒）
+        zh_Hant: 回調逾時（秒）
+        ja_JP: コールバックタイムアウト（秒）
+      description:
+        en_US: Per-callback HTTP timeout.
+        zh_Hans: 单次回调的 HTTP 超时时间。
+        zh_Hant: 單次回調的 HTTP 逾時時間。
+        ja_JP: コールバックごとの HTTP タイムアウト。
+      type: integer
+      required: false
+      default: 15
+    - name: callback_max_retries
+      label:
+        en_US: Callback Max Retries
+        zh_Hans: 回调最大重试次数
+        zh_Hant: 回調最大重試次數
+        ja_JP: コールバック最大リトライ回数
+      description:
+        en_US: Retries on timeout or 5xx, with exponential backoff.
+        zh_Hans: 超时或 5xx 时按指数退避重试的次数。
+        zh_Hant: 逾時或 5xx 時按指數退避重試的次數。
+        ja_JP: タイムアウトまたは 5xx 時に指数バックオフでリトライする回数。
+      type: integer
+      required: false
+      default: 3
+execution:
+  python:
+    path: ./http_bot.py
+    attr: HttpBotAdapter

src/langbot/pkg/platform/sources/http_bot_signing.py

@@ -0,0 +1,95 @@
+"""HMAC signing utilities for the HTTP Bot adapter.
+
+A dependency-free, symmetric HMAC-SHA256 scheme used in *both* directions:
+
+    signing_string = "{timestamp}." + raw_body_bytes
+    signature      = "sha256=" + hex(HMAC_SHA256(secret, signing_string))
+
+Inbound requests are signed by the caller and verified here; outbound
+callbacks are signed here and verified by the caller. The scheme is trivial to
+reproduce in any language (see docs/platforms/http-bot.md for JS/curl).
+"""
+
+from __future__ import annotations
+
+import hashlib
+import hmac
+import time
+
+# Header names (kept here so adapter + clients agree on a single source).
+HEADER_TIMESTAMP = 'X-LB-Timestamp'
+HEADER_SIGNATURE = 'X-LB-Signature'
+HEADER_IDEMPOTENCY = 'X-LB-Idempotency-Key'
+
+# Maximum allowed clock skew between signer and verifier (seconds).
+DEFAULT_REPLAY_WINDOW = 300
+
+
+def compute_signature(secret: str, body: bytes, timestamp: str | int) -> str:
+    """Compute the ``sha256=<hex>`` signature for *body* at *timestamp*.
+
+    Args:
+        secret: Shared HMAC secret.
+        body: Raw request body bytes (exactly as sent on the wire).
+        timestamp: Unix timestamp (seconds) as str or int.
+
+    Returns:
+        The signature string, e.g. ``sha256=ab12...``.
+    """
+    signing_string = f'{timestamp}.'.encode() + body
+    digest = hmac.new(secret.encode(), signing_string, hashlib.sha256).hexdigest()
+    return f'sha256={digest}'
+
+
+def sign(secret: str, body: bytes, timestamp: int | None = None) -> tuple[str, str]:
+    """Produce ``(timestamp, signature)`` for an outbound request.
+
+    Args:
+        secret: Shared HMAC secret.
+        body: Raw request body bytes.
+        timestamp: Optional fixed timestamp; defaults to ``int(time.time())``.
+
+    Returns:
+        ``(timestamp_str, signature_str)``.
+    """
+    ts = str(timestamp if timestamp is not None else int(time.time()))
+    return ts, compute_signature(secret, body, ts)
+
+
+def verify(
+    secret: str,
+    body: bytes,
+    timestamp: str | None,
+    signature: str | None,
+    replay_window: int = DEFAULT_REPLAY_WINDOW,
+) -> tuple[bool, str]:
+    """Verify an inbound signature.
+
+    Args:
+        secret: Shared HMAC secret.
+        body: Raw request body bytes.
+        timestamp: Value of the timestamp header.
+        signature: Value of the signature header.
+        replay_window: Max allowed skew in seconds.
+
+    Returns:
+        ``(ok, reason)``. ``reason`` is empty when ``ok`` is True, otherwise a
+        short machine-friendly cause (``missing_headers`` / ``bad_timestamp`` /
+        ``expired`` / ``signature_mismatch``).
+    """
+    if not timestamp or not signature:
+        return False, 'missing_headers'
+
+    try:
+        ts_int = int(float(timestamp))
+    except (ValueError, TypeError):
+        return False, 'bad_timestamp'
+
+    if abs(int(time.time()) - ts_int) > replay_window:
+        return False, 'expired'
+
+    expected = compute_signature(secret, body, timestamp)
+    if not hmac.compare_digest(expected, signature):
+        return False, 'signature_mismatch'
+
+    return True, ''

src/langbot/pkg/plugin/connector.py

@@ -248,6 +248,15 @@ class PluginRuntimeConnector(ManagedRuntimeConnector):
 
         mode = mcp_data.get('mode') or 'stdio'
         extra_args = mcp_data.get('extra_args') or {}
+        # The MCP transport selection was simplified to two modes: 'stdio'
+        # (local, Box-sandboxed) and 'remote' (the runtime auto-detects
+        # Streamable HTTP vs. legacy SSE from the URL). Marketplace records may
+        # still carry the older 'http'/'sse' modes — normalize them to 'remote'
+        # so the installed server shows up correctly in the two-option UI. The
+        # connection args (url/headers/timeout/ssereadtimeout) are preserved and
+        # consumed by the auto-detecting remote transport regardless.
+        if mode in ('http', 'sse'):
+            mode = 'remote'
         # Marketplace records carry the rendered README markdown; persist it so
         # the detail page Docs tab works offline and without a marketplace round-trip.
         readme = mcp_data.get('readme') or ''

src/langbot/pkg/provider/tools/loaders/mcp.py

@@ -167,6 +167,36 @@ class RuntimeMCPSession:
 
         await self.session.initialize()
 
+    async def _init_remote_server(self):
+        """Connect to a remote MCP server, auto-detecting the transport.
+
+        The user only supplies a URL ("remote" mode); they should not have to
+        know whether the server speaks the modern Streamable HTTP transport or
+        the legacy HTTP+SSE transport. Following the MCP backwards-compatibility
+        guidance, we try Streamable HTTP first and fall back to SSE when it
+        fails (e.g. the endpoint returns 4xx to the initialize POST).
+        """
+        try:
+            await self._init_streamable_http_server()
+            return
+        except Exception as e:
+            self.ap.logger.info(
+                f'MCP server {self.server_name}: Streamable HTTP transport failed '
+                f'({self._describe_exception(e)}), falling back to SSE'
+            )
+
+        # The Streamable HTTP attempt may have partially entered the transport /
+        # session into the exit stack before failing. Tear it down and start
+        # from a clean stack before trying SSE so we do not leak connections.
+        try:
+            await self.exit_stack.aclose()
+        except Exception as cleanup_err:
+            self.ap.logger.debug(f'MCP server {self.server_name}: error cleaning up before SSE fallback: {cleanup_err}')
+        self.exit_stack = AsyncExitStack()
+        self.session = None
+
+        await self._init_sse_server()
+
     _MAX_RETRIES = 3
     _RETRY_DELAYS = [2, 4, 8]
 
@@ -175,6 +205,8 @@ class RuntimeMCPSession:
         try:
             if self.server_config['mode'] == 'stdio':
                 await self._init_stdio_python_server()
+            elif self.server_config['mode'] == 'remote':
+                await self._init_remote_server()
             elif self.server_config['mode'] == 'sse':
                 await self._init_sse_server()
             elif self.server_config['mode'] == 'http':

test-embed.html

@@ -1,21 +0,0 @@
-<!DOCTYPE html>
-<html lang="zh">
-<head>
-  <meta charset="UTF-8">
-  <title>LangBot Embed Widget Test</title>
-  <style>
-    body { font-family: sans-serif; padding: 40px; background: #f5f5f5; }
-    h1 { margin-bottom: 10px; }
-    p { color: #666; }
-    code { background: #e0e0e0; padding: 2px 6px; border-radius: 3px; }
-  </style>
-</head>
-<body>
-  <h1>LangBot Embed Widget Test Page</h1>
-  <p>If the widget loaded correctly, you should see a blue chat bubble in the bottom-right corner.</p>
-  <p>Replace the <code>BOT_UUID</code> below with your actual bot UUID.</p>
-
-  <!-- Replace BOT_UUID with your real bot UUID -->
-<script data-title="LangBot" src="http://localhost:5300/api/v1/embed/a0ab80e7-742a-445f-bd0e-7d9758f1cfa7/widget.js"></script>
-</body>
-</html>

tests/integration/persistence/test_migrations.py

@@ -17,7 +17,21 @@ from langbot.pkg.persistence.alembic_runner import (
     run_alembic_upgrade,
     run_alembic_stamp,
     get_alembic_current,
+    _ALEMBIC_DIR,
 )
+from alembic.config import Config
+from alembic.script import ScriptDirectory
+
+
+def _get_script_head() -> str:
+    """Resolve the current Alembic head revision from the script directory.
+
+    Avoids hardcoding a revision number in assertions so adding a new
+    migration doesn't require editing the migration tests.
+    """
+    cfg = Config()
+    cfg.set_main_option('script_location', _ALEMBIC_DIR)
+    return ScriptDirectory.from_config(cfg).get_current_head()
 
 
 pytestmark = pytest.mark.integration
@@ -103,8 +117,10 @@ class TestSQLiteMigrationUpgrade:
         # Verify revision
         rev = await get_alembic_current(sqlite_engine)
         assert rev is not None, 'Expected a revision after upgrade'
-        # Head should be the latest migration
-        assert rev.startswith('0005'), f'Expected head to be 0005_*, got {rev}'
+        # Head should be the latest migration. Resolve the actual head from the
+        # Alembic script directory instead of hardcoding a revision number, so
+        # adding a new migration doesn't require editing this assertion.
+        assert rev == _get_script_head(), f'Expected head {_get_script_head()}, got {rev}'
 
     @pytest.mark.asyncio
     async def test_upgrade_idempotent(self, sqlite_engine):

tests/integration/persistence/test_migrations_postgres.py

@@ -23,7 +23,21 @@ from langbot.pkg.persistence.alembic_runner import (
     run_alembic_upgrade,
     run_alembic_stamp,
     get_alembic_current,
+    _ALEMBIC_DIR,
 )
+from alembic.config import Config
+from alembic.script import ScriptDirectory
+
+
+def _get_script_head() -> str:
+    """Resolve the current Alembic head revision from the script directory.
+
+    Avoids hardcoding a revision number in assertions so adding a new
+    migration doesn't require editing the migration tests.
+    """
+    cfg = Config()
+    cfg.set_main_option('script_location', _ALEMBIC_DIR)
+    return ScriptDirectory.from_config(cfg).get_current_head()
 
 
 pytestmark = [pytest.mark.integration, pytest.mark.slow]
@@ -144,8 +158,10 @@ class TestPostgreSQLMigrationUpgrade:
         # Verify revision
         rev = await get_alembic_current(postgres_engine)
         assert rev is not None, 'Expected a revision after upgrade'
-        # Head should be the latest migration (0005 for current state)
-        assert rev.startswith('0005'), f'Expected head to be 0005_*, got {rev}'
+        # Head should be the latest migration. Resolve the actual head from the
+        # Alembic script directory instead of hardcoding a revision number, so
+        # adding a new migration doesn't require editing this assertion.
+        assert rev == _get_script_head(), f'Expected head {_get_script_head()}, got {rev}'
 
     @pytest.mark.asyncio
     async def test_postgres_upgrade_idempotent(self, postgres_engine, clean_tables, clean_alembic_version):

web/package-lock.json

@@ -65,10 +65,11 @@
         "tailwind-merge": "^3.2.0",
         "tailwindcss": "^4.1.5",
         "uuidjs": "^5.1.0",
-        "vite": "^8.0.5",
+        "vite": "^8.0.16",
         "zod": "^3.24.4"
       },
       "devDependencies": {
+        "@playwright/test": "^1.61.0",
         "@types/debug": "^4.1.12",
         "@types/estree": "^1.0.8",
         "@types/estree-jsx": "^1.0.5",
@@ -530,6 +531,22 @@
         "url": "https://opencollective.com/pkgr"
       }
     },
+    "node_modules/@playwright/test": {
+      "version": "1.61.0",
+      "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.61.0.tgz",
+      "integrity": "sha512-cKA5B6lpFEMyMGjxF54QihfYpB4FkEGH+qZhtArDEG+wezQAJY8Pq6C7T1SjWz+FFzt3TbyoXBQYk/0292TdJA==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "playwright": "1.61.0"
+      },
+      "bin": {
+        "playwright": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
     "node_modules/@radix-ui/number": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/@radix-ui/number/-/number-1.1.1.tgz",
@@ -2016,9 +2033,6 @@
       "cpu": [
         "arm64"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2035,9 +2049,6 @@
       "cpu": [
         "arm64"
       ],
-      "libc": [
-        "musl"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2054,9 +2065,6 @@
       "cpu": [
         "ppc64"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2073,9 +2081,6 @@
       "cpu": [
         "s390x"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2092,9 +2097,6 @@
       "cpu": [
         "x64"
       ],
-      "libc": [
-        "glibc"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2111,9 +2113,6 @@
       "cpu": [
         "x64"
       ],
-      "libc": [
-        "musl"
-      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -4771,16 +4770,16 @@
       }
     },
     "node_modules/form-data": {
-      "version": "4.0.5",
-      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.5.tgz",
-      "integrity": "sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==",
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.6.tgz",
+      "integrity": "sha512-vKatAh4SlVfgbv+YtmhiRjhEMJsYpsG1Y2rMQtR+SVSbytsSD1YGzDIcrAJmdFec88u/+VoGmxnl+80gL1tRCQ==",
       "license": "MIT",
       "dependencies": {
         "asynckit": "^0.4.0",
         "combined-stream": "^1.0.8",
         "es-set-tostringtag": "^2.1.0",
-        "hasown": "^2.0.2",
-        "mime-types": "^2.1.12"
+        "hasown": "^2.0.4",
+        "mime-types": "^2.1.35"
       },
       "engines": {
         "node": ">= 6"
@@ -6025,10 +6024,20 @@
       "license": "MIT"
     },
     "node_modules/js-yaml": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-      "integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+      "integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
       "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/puzrin"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/nodeca"
+        }
+      ],
       "license": "MIT",
       "dependencies": {
         "argparse": "^2.0.1"
@@ -7919,6 +7928,53 @@
         "node": ">=0.10"
       }
     },
+    "node_modules/playwright": {
+      "version": "1.61.0",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.61.0.tgz",
+      "integrity": "sha512-Z+7BeeqQPRRzklHsVFP4KTGIyMxKUmfeRA4WisM6G3/XW6nwGeX6fX9qYaDa+CiUqpOkb2f6X3nar05R3kSuJQ==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "playwright-core": "1.61.0"
+      },
+      "bin": {
+        "playwright": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "fsevents": "2.3.2"
+      }
+    },
+    "node_modules/playwright-core": {
+      "version": "1.61.0",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.61.0.tgz",
+      "integrity": "sha512-caX7TrY3Ml6egyDX0WUcTHDxodl/b51y5wJOdCEA36QviK/s2g081hvmGs8eaE3DWb6NYZQ6BjO/QkNRPenoPA==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "playwright-core": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/playwright/node_modules/fsevents": {
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
     "node_modules/pngjs": {
       "version": "5.0.0",
       "resolved": "https://registry.npmjs.org/pngjs/-/pngjs-5.0.0.tgz",

web/package.json

@@ -17,6 +17,8 @@
     ]
   },
   "overrides": {
+    "js-yaml": ">=4.2.0 <5",
+    "form-data": ">=4.0.6",
     "@radix-ui/react-focus-scope": "1.1.7",
     "flatted": ">=3.4.2",
     "follow-redirects": ">=1.16.0",
@@ -83,7 +85,7 @@
     "tailwind-merge": "^3.2.0",
     "tailwindcss": "^4.1.5",
     "uuidjs": "^5.1.0",
-    "vite": "^8.0.5",
+    "vite": "^8.0.16",
     "zod": "^3.24.4"
   },
   "devDependencies": {
@@ -115,6 +117,8 @@
   "packageManager": "pnpm@8.9.2+sha512.b9d35fe91b2a5854dadc43034a3e7b2e675fa4b56e20e8e09ef078fa553c18f8aed44051e7b36e8b8dd435f97eb0c44c4ff3b44fc7c6fa7d21e1fac17bbe661e",
   "pnpm": {
     "overrides": {
+      "js-yaml": ">=4.2.0 <5",
+      "form-data": ">=4.0.6",
       "minimatch@>=3.0.0 <3.1.3": "3.1.3",
       "minimatch@>=9.0.0 <9.0.7": "9.0.7",
       "picomatch@>=2.0.0 <2.3.2": "2.3.2",

web/pnpm-lock.yaml

@@ -5,6 +5,8 @@ settings:
   excludeLinksFromLockfile: false
 
 overrides:
+  js-yaml: '>=4.2.0 <5'
+  form-data: '>=4.0.6'
   minimatch@>=3.0.0 <3.1.3: 3.1.3
   minimatch@>=9.0.0 <9.0.7: 9.0.7
   picomatch@>=2.0.0 <2.3.2: 2.3.2
@@ -93,7 +95,7 @@ dependencies:
     version: 8.21.3(react-dom@19.2.1)(react@19.2.1)
   '@vitejs/plugin-react':
     specifier: ^6.0.1
-    version: 6.0.1(vite@8.0.8)
+    version: 6.0.1(vite@8.0.16)
   axios:
     specifier: ^1.16.0
     version: 1.17.0
@@ -185,8 +187,8 @@ dependencies:
     specifier: ^5.1.0
     version: 5.1.0
   vite:
-    specifier: ^8.0.5
-    version: 8.0.8(@types/node@20.19.30)
+    specifier: ^8.0.16
+    version: 8.0.16(@types/node@20.19.30)
   zod:
     specifier: ^3.24.4
     version: 3.25.76
@@ -320,8 +322,8 @@ packages:
       tslib: 2.8.1
     dev: false
 
-  /@emnapi/core@1.9.2:
-    resolution: {integrity: sha512-UC+ZhH3XtczQYfOlu3lNEkdW/p4dsJ1r/bP7H8+rhao3TTTMO1ATq/4DdIi23XuGoFY+Cz0JmCbdVl0hz9jZcA==}
+  /@emnapi/core@1.10.0:
+    resolution: {integrity: sha512-yq6OkJ4p82CAfPl0u9mQebQHKPJkY7WrIuk205cTYnYe+k2Z8YBh11FrbRG/H6ihirqcacOgl2BIO8oyMQLeXw==}
     requiresBuild: true
     dependencies:
       '@emnapi/wasi-threads': 1.2.1
@@ -329,8 +331,8 @@ packages:
     dev: false
     optional: true
 
-  /@emnapi/runtime@1.9.2:
-    resolution: {integrity: sha512-3U4+MIWHImeyu1wnmVygh5WlgfYDtyf0k8AbLhMFxOipihf6nrWC4syIm/SwEeec0mNSafiiNnMJwbza/Is6Lw==}
+  /@emnapi/runtime@1.10.0:
+    resolution: {integrity: sha512-ewvYlk86xUoGI0zQRNq/mC+16R1QeDlKQy21Ki3oSYXNgLb45GV1P6A0M+/s6nyCuNDqe5VpaY84BzXGwVbwFA==}
     requiresBuild: true
     dependencies:
       tslib: 2.8.1
@@ -395,7 +397,7 @@ packages:
       globals: 14.0.0
       ignore: 5.3.2
       import-fresh: 3.3.1
-      js-yaml: 4.1.1
+      js-yaml: 4.2.0
       minimatch: 3.1.3
       strip-json-comments: 3.1.1
     transitivePeerDependencies:
@@ -510,21 +512,21 @@ packages:
       '@jridgewell/sourcemap-codec': 1.5.5
     dev: false
 
-  /@napi-rs/wasm-runtime@1.1.4(@emnapi/core@1.9.2)(@emnapi/runtime@1.9.2):
+  /@napi-rs/wasm-runtime@1.1.4(@emnapi/core@1.10.0)(@emnapi/runtime@1.10.0):
     resolution: {integrity: sha512-3NQNNgA1YSlJb/kMH1ildASP9HW7/7kYnRI2szWJaofaS1hWmbGI4H+d3+22aGzXXN9IJ+n+GiFVcGipJP18ow==}
     requiresBuild: true
     peerDependencies:
       '@emnapi/core': ^1.7.1
       '@emnapi/runtime': ^1.7.1
     dependencies:
-      '@emnapi/core': 1.9.2
-      '@emnapi/runtime': 1.9.2
+      '@emnapi/core': 1.10.0
+      '@emnapi/runtime': 1.10.0
       '@tybys/wasm-util': 0.10.1
     dev: false
     optional: true
 
-  /@oxc-project/types@0.124.0:
-    resolution: {integrity: sha512-VBFWMTBvHxS11Z5Lvlr3IWgrwhMTXV+Md+EQF0Xf60+wAdsGFTBx7X7K/hP4pi8N7dcm1RvcHwDxZ16Qx8keUg==}
+  /@oxc-project/types@0.133.0:
+    resolution: {integrity: sha512-KzkdCd6Uxqnf6l3HOw1xfatAlUURA0g14cvBYFyJ5SaNOQbOUvBr9PKArcPcrNIeRsBdgcUzOGrhKveVpvOIGA==}
     dev: false
 
   /@pkgr/core@0.2.9:
@@ -1578,8 +1580,8 @@ packages:
     resolution: {integrity: sha512-HPwpGIzkl28mWyZqG52jiqDJ12waP11Pa1lGoiyUkIEuMLBP0oeK/C89esbXrxsky5we7dfd8U58nm0SgAWpVw==}
     dev: false
 
-  /@rolldown/binding-android-arm64@1.0.0-rc.15:
-    resolution: {integrity: sha512-YYe6aWruPZDtHNpwu7+qAHEMbQ/yRl6atqb/AhznLTnD3UY99Q1jE7ihLSahNWkF4EqRPVC4SiR4O0UkLK02tA==}
+  /@rolldown/binding-android-arm64@1.0.3:
+    resolution: {integrity: sha512-454rs7jHngixp/NMxd5srYD57OnzSlZ/eFTETjORQHLwJG1lRtmNOJcBerZlfu4GjKqeq8aCCIQrMdHyhI51Hw==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [android]
@@ -1587,8 +1589,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-darwin-arm64@1.0.0-rc.15:
-    resolution: {integrity: sha512-oArR/ig8wNTPYsXL+Mzhs0oxhxfuHRfG7Ikw7jXsw8mYOtk71W0OkF2VEVh699pdmzjPQsTjlD1JIOoHkLP1Fg==}
+  /@rolldown/binding-darwin-arm64@1.0.3:
+    resolution: {integrity: sha512-PcAhP+ynjURNyy8SKGl5DQP94aGuB/7JrXJb/t7P+hanXvQVMWzUvRRhBAcg/lNRadBhoUPqSoP4xw5tR/KBEA==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [darwin]
@@ -1596,8 +1598,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-darwin-x64@1.0.0-rc.15:
-    resolution: {integrity: sha512-YzeVqOqjPYvUbJSWJ4EDL8ahbmsIXQpgL3JVipmN+MX0XnXMeWomLN3Fb+nwCmP/jfyqte5I3XRSm7OfQrbyxw==}
+  /@rolldown/binding-darwin-x64@1.0.3:
+    resolution: {integrity: sha512-9YpfeUvSE2RS7wysJ81uOZkXJz7f7Q55H2Gvp3VEw/EsahqDtrphrZ0EwDLK5vvKOzaCrBsjF8JmnMLcUt78Gg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [darwin]
@@ -1605,8 +1607,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-freebsd-x64@1.0.0-rc.15:
-    resolution: {integrity: sha512-9Erhx956jeQ0nNTyif1+QWAXDRD38ZNjr//bSHrt6wDwB+QkAfl2q6Mn1k6OBPerznjRmbM10lgRb1Pli4xZPw==}
+  /@rolldown/binding-freebsd-x64@1.0.3:
+    resolution: {integrity: sha512-yB1IlAsSNHncV6SCTL27/MVGR5htvQsoGxIv5KMGXALp+Ll1wYsn+x98M9MW7qa+NdSbvrrY7ANI4wLJ0n1e6g==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [freebsd]
@@ -1614,8 +1616,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-arm-gnueabihf@1.0.0-rc.15:
-    resolution: {integrity: sha512-cVwk0w8QbZJGTnP/AHQBs5yNwmpgGYStL88t4UIaqcvYJWBfS0s3oqVLZPwsPU6M0zlW4GqjP0Zq5MnAGwFeGA==}
+  /@rolldown/binding-linux-arm-gnueabihf@1.0.3:
+    resolution: {integrity: sha512-Yi30IVAAfLUCy2MseFjbB1jAMDl1VMCAas5StnYp8da9+CKvMd2H2cbEjWcw5NPaPqzvYkVIaF1nNUG+b7u/sw==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm]
     os: [linux]
@@ -1623,8 +1625,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-arm64-gnu@1.0.0-rc.15:
-    resolution: {integrity: sha512-eBZ/u8iAK9SoHGanqe/jrPnY0JvBN6iXbVOsbO38mbz+ZJsaobExAm1Iu+rxa4S1l2FjG0qEZn4Rc6X8n+9M+w==}
+  /@rolldown/binding-linux-arm64-gnu@1.0.3:
+    resolution: {integrity: sha512-jsO7R8To+AdlYgUmN5sHSCZbfhtMBkO0WUx8iORQnPcMMdgr7qM2DQmMwgabs3GhNztdmoKkMKQFHD6DTMCIQw==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [linux]
@@ -1632,8 +1634,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-arm64-musl@1.0.0-rc.15:
-    resolution: {integrity: sha512-ZvRYMGrAklV9PEkgt4LQM6MjQX2P58HPAuecwYObY2DhS2t35R0I810bKi0wmaYORt6m/2Sm+Z+nFgb0WhXNcQ==}
+  /@rolldown/binding-linux-arm64-musl@1.0.3:
+    resolution: {integrity: sha512-VWkUHwWriDciit80wleYwKILoR/KMvxh/IdwS/paX+ZgpuRpCrKLUdadJbc0NpBEiyhpYawsJ73j9aCvOH+f7Q==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [linux]
@@ -1641,8 +1643,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-ppc64-gnu@1.0.0-rc.15:
-    resolution: {integrity: sha512-VDpgGBzgfg5hLg+uBpCLoFG5kVvEyafmfxGUV0UHLcL5irxAK7PKNeC2MwClgk6ZAiNhmo9FLhRYgvMmedLtnQ==}
+  /@rolldown/binding-linux-ppc64-gnu@1.0.3:
+    resolution: {integrity: sha512-5f1laC0SlIR0yDbFCd8acUhvJIag6N3zC5P7oUPN6wX0aOma+uKJ0wBDH5aq7I1PVI2ttTlhJwzwRIBnLiSGEg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [ppc64]
     os: [linux]
@@ -1650,8 +1652,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-s390x-gnu@1.0.0-rc.15:
-    resolution: {integrity: sha512-y1uXY3qQWCzcPgRJATPSOUP4tCemh4uBdY7e3EZbVwCJTY3gLJWnQABgeUetvED+bt1FQ01OeZwvhLS2bpNrAQ==}
+  /@rolldown/binding-linux-s390x-gnu@1.0.3:
+    resolution: {integrity: sha512-Iq4ko0r4XsgbrF/LunNgHtAGLRRVE2kXonAXQ/MV0mC6jQpMOhW1SvtZja2EhC/kd05++bP78dsqBeIQyYJ6Yg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [s390x]
     os: [linux]
@@ -1659,8 +1661,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-x64-gnu@1.0.0-rc.15:
-    resolution: {integrity: sha512-023bTPBod7J3Y/4fzAN6QtpkSABR0rigtrwaP+qSEabUh5zf6ELr9Nc7GujaROuPY3uwdSIXWrvhn1KxOvurWA==}
+  /@rolldown/binding-linux-x64-gnu@1.0.3:
+    resolution: {integrity: sha512-B8m6tD5+/N5FeNQFbKlLA/2yVq9ycQP1SeedyEYYKWBNR3ZQbkvIUcNnDNM03lO1l5F2roiiFJGgvoLLyZXtSg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [linux]
@@ -1668,8 +1670,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-linux-x64-musl@1.0.0-rc.15:
-    resolution: {integrity: sha512-witB2O0/hU4CgfOOKUoeFgQ4GktPi1eEbAhaLAIpgD6+ZnhcPkUtPsoKKHRzmOoWPZue46IThdSgdo4XneOLYw==}
+  /@rolldown/binding-linux-x64-musl@1.0.3:
+    resolution: {integrity: sha512-pSdpdUJHkuCxun9LE7jvgUB9qsRgaiyNNCX7m/AvHTcq67AiT/Yhoxvw5zPfhrM8k/BfP8ce/hMOpthKDpEUow==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [linux]
@@ -1677,8 +1679,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-openharmony-arm64@1.0.0-rc.15:
-    resolution: {integrity: sha512-UCL68NJ0Ud5zRipXZE9dF5PmirzJE4E4BCIOOssEnM7wLDsxjc6Qb0sGDxTNRTP53I6MZpygyCpY8Aa8sPfKPg==}
+  /@rolldown/binding-openharmony-arm64@1.0.3:
+    resolution: {integrity: sha512-OXXS3RKJgX2uLwM+gYyuH5omcH8fL1LJs96pZGgtetVCahON57+d4SJHzTgZiOjxgGkSnpXpOsWuPDGAKAigEg==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [openharmony]
@@ -1686,20 +1688,20 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-wasm32-wasi@1.0.0-rc.15:
-    resolution: {integrity: sha512-ApLruZq/ig+nhaE7OJm4lDjayUnOHVUa77zGeqnqZ9pn0ovdVbbNPerVibLXDmWeUZXjIYIT8V3xkT58Rm9u5Q==}
-    engines: {node: '>=14.0.0'}
+  /@rolldown/binding-wasm32-wasi@1.0.3:
+    resolution: {integrity: sha512-JTtb8BWFynicNSoPrehsCzBtOKjZ6jhMiPFEmOiuXg1Fl8dn2KHQob+GuPSGR0dryQa1PQJbzjF3dqO/whhjLg==}
+    engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [wasm32]
     requiresBuild: true
     dependencies:
-      '@emnapi/core': 1.9.2
-      '@emnapi/runtime': 1.9.2
-      '@napi-rs/wasm-runtime': 1.1.4(@emnapi/core@1.9.2)(@emnapi/runtime@1.9.2)
+      '@emnapi/core': 1.10.0
+      '@emnapi/runtime': 1.10.0
+      '@napi-rs/wasm-runtime': 1.1.4(@emnapi/core@1.10.0)(@emnapi/runtime@1.10.0)
     dev: false
     optional: true
 
-  /@rolldown/binding-win32-arm64-msvc@1.0.0-rc.15:
-    resolution: {integrity: sha512-KmoUoU7HnN+Si5YWJigfTws1jz1bKBYDQKdbLspz0UaqjjFkddHsqorgiW1mxcAj88lYUE6NC/zJNwT+SloqtA==}
+  /@rolldown/binding-win32-arm64-msvc@1.0.3:
+    resolution: {integrity: sha512-gEdFFEN70A/jxb2svrWsN3aDL7OUtmvlOy+6fa2jxG8K0wQ1ZbdeLGnidov6Yu5/733dI5ySfzFlQ/cb0bSz1g==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [arm64]
     os: [win32]
@@ -1707,8 +1709,8 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/binding-win32-x64-msvc@1.0.0-rc.15:
-    resolution: {integrity: sha512-3P2A8L+x75qavWLe/Dll3EYBJLQmtkJN8rfh+U/eR3MqMgL/h98PhYI+JFfXuDPgPeCB7iZAKiqii5vqOvnA0g==}
+  /@rolldown/binding-win32-x64-msvc@1.0.3:
+    resolution: {integrity: sha512-eXB7CHuaQdqmJcc3koCNtNPmT/bj2gc999kUFgBxG8Ac0NdgXc4rkCHhqrgrhN3zddvvvrgzj1e90SuSfmyIXA==}
     engines: {node: ^20.19.0 || >=22.12.0}
     cpu: [x64]
     os: [win32]
@@ -1716,14 +1718,14 @@ packages:
     dev: false
     optional: true
 
-  /@rolldown/pluginutils@1.0.0-rc.15:
-    resolution: {integrity: sha512-UromN0peaE53IaBRe9W7CjrZgXl90fqGpK+mIZbA3qSTeYqg3pqpROBdIPvOG3F5ereDHNwoHBI2e50n1BDr1g==}
-    dev: false
-
   /@rolldown/pluginutils@1.0.0-rc.7:
     resolution: {integrity: sha512-qujRfC8sFVInYSPPMLQByRh7zhwkGFS4+tyMQ83srV1qrxL4g8E2tyxVVyxd0+8QeBM1mIk9KbWxkegRr76XzA==}
     dev: false
 
+  /@rolldown/pluginutils@1.0.1:
+    resolution: {integrity: sha512-2j9bGt5Jh8hj+vPtgzPtl72j0yRxHAyumoo6TNfAjsLB04UtpSvPbPcDcBMxz7n+9CYB0c1GxQFxYRg2jimqGw==}
+    dev: false
+
   /@standard-schema/utils@0.3.0:
     resolution: {integrity: sha512-e7Mew686owMaPJVNNLs55PUvgz371nKgwsc4vxE49zsODpJEnxgxRo2y/OKrqueavXgZNMDVj3DdHFlaSAeU8g==}
     dev: false
@@ -2171,7 +2173,7 @@ packages:
     resolution: {integrity: sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g==}
     dev: false
 
-  /@vitejs/plugin-react@6.0.1(vite@8.0.8):
+  /@vitejs/plugin-react@6.0.1(vite@8.0.16):
     resolution: {integrity: sha512-l9X/E3cDb+xY3SWzlG1MOGt2usfEHGMNIaegaUGFsLkb3RCn/k8/TOXBcab+OndDI4TBtktT8/9BwwW8Vi9KUQ==}
     engines: {node: ^20.19.0 || >=22.12.0}
     peerDependencies:
@@ -2185,7 +2187,7 @@ packages:
         optional: true
     dependencies:
       '@rolldown/pluginutils': 1.0.0-rc.7
-      vite: 8.0.8(@types/node@20.19.30)
+      vite: 8.0.16(@types/node@20.19.30)
     dev: false
 
   /acorn-jsx@5.3.2(acorn@8.15.0):
@@ -2357,7 +2359,7 @@ packages:
     resolution: {integrity: sha512-J8SwNxprqqpbfenehxWYXE7CW+wM1BB4w3+N+g+/Wx40xM4rsLrfPmHHxSWIxJLYDgSY/HqlFPIYb2/S3rxafw==}
     dependencies:
       follow-redirects: 1.16.0
-      form-data: 4.0.5
+      form-data: 4.0.6
       https-proxy-agent: 5.0.1
       proxy-from-env: 2.1.0
     transitivePeerDependencies:
@@ -3199,14 +3201,14 @@ packages:
       is-callable: 1.2.7
     dev: true
 
-  /form-data@4.0.5:
-    resolution: {integrity: sha512-8RipRLol37bNs2bhoV67fiTEvdTrbMUYcFTiy3+wuuOnUog2QBHCZWXDRijWQfAkhBj2Uf5UnVaiWwA5vdd82w==}
+  /form-data@4.0.6:
+    resolution: {integrity: sha512-vKatAh4SlVfgbv+YtmhiRjhEMJsYpsG1Y2rMQtR+SVSbytsSD1YGzDIcrAJmdFec88u/+VoGmxnl+80gL1tRCQ==}
     engines: {node: '>= 6'}
     dependencies:
       asynckit: 0.4.0
       combined-stream: 1.0.8
       es-set-tostringtag: 2.1.0
-      hasown: 2.0.2
+      hasown: 2.0.4
       mime-types: 2.1.35
     dev: false
 
@@ -3377,6 +3379,13 @@ packages:
     dependencies:
       function-bind: 1.1.2
 
+  /hasown@2.0.4:
+    resolution: {integrity: sha512-T2UbfbBEF32wiepXIsMlTW9+dDYC6wMh/t/vYA4tuOMKqWz/n3vr1NFSxQiyP+zk2mXsoMA/i/7qV6LKut1t1A==}
+    engines: {node: '>= 0.4'}
+    dependencies:
+      function-bind: 1.1.2
+    dev: false
+
   /hast-util-from-parse5@8.0.3:
     resolution: {integrity: sha512-3kxEVkEKt0zvcZ3hCRYI8rqrgwtlIOFMWkbclACvjlDw8Li9S2hk/d51OI0nr/gIpdMHNepwgOKqZ/sy0Clpyg==}
     dependencies:
@@ -3867,8 +3876,8 @@ packages:
   /js-tokens@4.0.0:
     resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==}
 
-  /js-yaml@4.1.1:
-    resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==}
+  /js-yaml@4.2.0:
+    resolution: {integrity: sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==}
     hasBin: true
     dependencies:
       argparse: 2.0.1
@@ -5443,29 +5452,29 @@ packages:
     resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==}
     dev: true
 
-  /rolldown@1.0.0-rc.15:
-    resolution: {integrity: sha512-Ff31guA5zT6WjnGp0SXw76X6hzGRk/OQq2hE+1lcDe+lJdHSgnSX6nK3erbONHyCbpSj9a9E+uX/OvytZoWp2g==}
+  /rolldown@1.0.3:
+    resolution: {integrity: sha512-i00lAJ2ks1BYr7rjNjKC7BcqAS7nVfiT3QX1SI5aY+AFHblCmaUf9OE9dbdzDvW6dJxbi2ZCZiy9v3CcwOiX3g==}
     engines: {node: ^20.19.0 || >=22.12.0}
     hasBin: true
     dependencies:
-      '@oxc-project/types': 0.124.0
-      '@rolldown/pluginutils': 1.0.0-rc.15
+      '@oxc-project/types': 0.133.0
+      '@rolldown/pluginutils': 1.0.1
     optionalDependencies:
-      '@rolldown/binding-android-arm64': 1.0.0-rc.15
-      '@rolldown/binding-darwin-arm64': 1.0.0-rc.15
-      '@rolldown/binding-darwin-x64': 1.0.0-rc.15
-      '@rolldown/binding-freebsd-x64': 1.0.0-rc.15
-      '@rolldown/binding-linux-arm-gnueabihf': 1.0.0-rc.15
-      '@rolldown/binding-linux-arm64-gnu': 1.0.0-rc.15
-      '@rolldown/binding-linux-arm64-musl': 1.0.0-rc.15
-      '@rolldown/binding-linux-ppc64-gnu': 1.0.0-rc.15
-      '@rolldown/binding-linux-s390x-gnu': 1.0.0-rc.15
-      '@rolldown/binding-linux-x64-gnu': 1.0.0-rc.15
-      '@rolldown/binding-linux-x64-musl': 1.0.0-rc.15
-      '@rolldown/binding-openharmony-arm64': 1.0.0-rc.15
-      '@rolldown/binding-wasm32-wasi': 1.0.0-rc.15
-      '@rolldown/binding-win32-arm64-msvc': 1.0.0-rc.15
-      '@rolldown/binding-win32-x64-msvc': 1.0.0-rc.15
+      '@rolldown/binding-android-arm64': 1.0.3
+      '@rolldown/binding-darwin-arm64': 1.0.3
+      '@rolldown/binding-darwin-x64': 1.0.3
+      '@rolldown/binding-freebsd-x64': 1.0.3
+      '@rolldown/binding-linux-arm-gnueabihf': 1.0.3
+      '@rolldown/binding-linux-arm64-gnu': 1.0.3
+      '@rolldown/binding-linux-arm64-musl': 1.0.3
+      '@rolldown/binding-linux-ppc64-gnu': 1.0.3
+      '@rolldown/binding-linux-s390x-gnu': 1.0.3
+      '@rolldown/binding-linux-x64-gnu': 1.0.3
+      '@rolldown/binding-linux-x64-musl': 1.0.3
+      '@rolldown/binding-openharmony-arm64': 1.0.3
+      '@rolldown/binding-wasm32-wasi': 1.0.3
+      '@rolldown/binding-win32-arm64-msvc': 1.0.3
+      '@rolldown/binding-win32-x64-msvc': 1.0.3
     dev: false
 
   /safe-array-concat@1.1.3:
@@ -5816,6 +5825,15 @@ packages:
     dependencies:
       fdir: 6.5.0(picomatch@4.0.4)
       picomatch: 4.0.4
+    dev: true
+
+  /tinyglobby@0.2.17:
+    resolution: {integrity: sha512-wXR/dYpcqKmfWpEdZjiKJOwCNFndD0DMnrW/cYjVGttEkBfVgcLFHoNrlj47mjOVic9yyNu65alsgF4NQyTa2g==}
+    engines: {node: '>=12.0.0'}
+    dependencies:
+      fdir: 6.5.0(picomatch@4.0.4)
+      picomatch: 4.0.4
+    dev: false
 
   /to-regex-range@5.0.1:
     resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==}
@@ -6078,13 +6096,13 @@ packages:
       d3-timer: 3.0.1
     dev: false
 
-  /vite@8.0.8(@types/node@20.19.30):
-    resolution: {integrity: sha512-dbU7/iLVa8KZALJyLOBOQ88nOXtNG8vxKuOT4I2mD+Ya70KPceF4IAmDsmU0h1Qsn5bPrvsY9HJstCRh3hG6Uw==}
+  /vite@8.0.16(@types/node@20.19.30):
+    resolution: {integrity: sha512-h9bXPmJichP5fLmVQo3PyaGSDE2n3aPuomeAlVRm0JLmt4rY6zmPKd59HYI4LNW8oTK7tlTsuC7l/m7awx9Jcw==}
     engines: {node: ^20.19.0 || >=22.12.0}
     hasBin: true
     peerDependencies:
       '@types/node': ^20.19.0 || >=22.12.0
-      '@vitejs/devtools': ^0.1.0
+      '@vitejs/devtools': ^0.1.18
       esbuild: ^0.27.0 || ^0.28.0
       jiti: '>=1.21.0'
       less: ^4.0.0
@@ -6125,8 +6143,8 @@ packages:
       lightningcss: 1.32.0
       picomatch: 4.0.4
       postcss: 8.5.15
-      rolldown: 1.0.0-rc.15
-      tinyglobby: 0.2.15
+      rolldown: 1.0.3
+      tinyglobby: 0.2.17
     optionalDependencies:
       fsevents: 2.3.3
     dev: false

web/src/app/home/components/home-sidebar/sidbarConfigList.tsx

@@ -89,9 +89,9 @@ export const sidebarConfigList = [
     route: '/home/extensions',
     description: t('plugins.description'),
     helpLink: {
-      en_US: 'https://link.langbot.app/en/docs/plugins',
-      zh_Hans: 'https://link.langbot.app/zh/docs/plugins',
-      ja_JP: 'https://link.langbot.app/ja/docs/plugins',
+      en_US: 'https://docs.langbot.app/en/plugin/plugin-intro',
+      zh_Hans: 'https://docs.langbot.app/zh/plugin/plugin-intro',
+      ja_JP: 'https://docs.langbot.app/ja/plugin/plugin-intro',
     },
     section: 'extensions',
   }),
@@ -102,9 +102,9 @@ export const sidebarConfigList = [
     route: '/home/add-extension',
     description: t('plugins.description'),
     helpLink: {
-      en_US: 'https://link.langbot.app/en/docs/plugins',
-      zh_Hans: 'https://link.langbot.app/zh/docs/plugins',
-      ja_JP: 'https://link.langbot.app/ja/docs/plugins',
+      en_US: 'https://docs.langbot.app/en/plugin/plugin-intro',
+      zh_Hans: 'https://docs.langbot.app/zh/plugin/plugin-intro',
+      ja_JP: 'https://docs.langbot.app/ja/plugin/plugin-intro',
     },
     section: 'extensions',
   }),

web/src/app/home/components/models-dialog/components/ProviderCard.tsx

@@ -150,9 +150,9 @@ export default function ProviderCard({
   return (
     <Card className="mb-2">
       <Collapsible open={isExpanded} onOpenChange={onToggle}>
-        <CardHeader className="py-0 px-4">
-          <div className="flex items-center justify-between">
-            <div className="flex items-center gap-2 flex-1">
+        <CardHeader className="py-0 px-4 min-w-0 [&]:grid-cols-[minmax(0,1fr)]">
+          <div className="flex items-center justify-between gap-2 min-w-0">
+            <div className="flex items-center gap-2 flex-1 min-w-0">
               {isLangBotModels ? (
                 <div className="w-9 h-9 rounded-lg overflow-hidden flex-shrink-0">
                   <img
@@ -171,9 +171,11 @@ export default function ProviderCard({
                 />
               )}
               <div className="flex-1 min-w-0">
-                <div className="flex items-center gap-2">
-                  <CardTitle className="text-base">{provider.name}</CardTitle>
-                  <Badge variant="outline" className="text-xs">
+                <div className="flex items-center gap-2 min-w-0">
+                  <CardTitle className="text-base truncate">
+                    {provider.name}
+                  </CardTitle>
+                  <Badge variant="outline" className="text-xs shrink-0">
                     {t('models.modelsCount', { count: totalModels })}
                   </Badge>
                 </div>
@@ -193,7 +195,7 @@ export default function ProviderCard({
                 </p>
               </div>
             </div>
-            <div className="flex items-center gap-1 ml-2">
+            <div className="flex items-center gap-1 ml-2 shrink-0">
               {isLangBotModels && accountType !== 'space' && (
                 <Button
                   variant="outline"

web/src/app/home/components/settings-dialog/panel-layout.tsx

@@ -21,7 +21,7 @@ export function PanelToolbar({
   return (
     <div
       className={cn(
-        'flex shrink-0 items-center justify-between gap-3 border-b px-6 py-3',
+        'flex shrink-0 flex-wrap items-center justify-between gap-2 border-b px-3 py-3 sm:gap-3 sm:px-6',
         className,
       )}
     >

web/src/app/home/mcp/components/mcp-form/MCPForm.tsx

@@ -47,8 +47,7 @@ import {
   MCPTool,
   MCPServer,
   MCPSessionStatus,
-  MCPServerExtraArgsSSE,
-  MCPServerExtraArgsHttp,
+  MCPServerExtraArgsRemote,
   MCPServerExtraArgsStdio,
 } from '@/app/infra/entities/api';
 import { CustomApiError } from '@/app/infra/entities/common';
@@ -246,17 +245,18 @@ function ToolsList({ tools, t }: { tools: MCPTool[]; t: TFunction }) {
 }
 
 function RuntimePanel({
-  isEditMode,
   mcpTesting,
   runtimeInfo,
   t,
 }: {
-  isEditMode: boolean;
   mcpTesting: boolean;
   runtimeInfo: MCPServerRuntimeInfo | null;
   t: TFunction;
 }) {
-  if (!isEditMode || !runtimeInfo) {
+  // Show tools whenever we have runtime info — either an edit-mode server or a
+  // create-mode test result captured from the transient session. Only fall back
+  // to the placeholder when there is genuinely nothing to show.
+  if (!runtimeInfo) {
     return (
       <div className="flex min-h-[280px] items-center justify-center rounded-lg border border-dashed text-sm text-muted-foreground">
         {t('mcp.noToolsFound')}
@@ -293,7 +293,7 @@ const getFormSchema = (t: TFunction) =>
       name: z
         .string({ required_error: t('mcp.nameRequired') })
         .min(1, { message: t('mcp.nameRequired') }),
-      mode: z.enum(['sse', 'stdio', 'http']),
+      mode: z.enum(['stdio', 'remote']),
       timeout: z
         .number({ invalid_type_error: t('mcp.timeoutMustBeNumber') })
         .positive({ message: t('mcp.timeoutMustBePositive') })
@@ -316,7 +316,7 @@ const getFormSchema = (t: TFunction) =>
         .optional(),
     })
     .superRefine((data, ctx) => {
-      if (data.mode === 'sse' || data.mode === 'http') {
+      if (data.mode === 'remote') {
         if (!data.url || data.url.length === 0) {
           ctx.addIssue({
             code: z.ZodIssueCode.custom,
@@ -391,7 +391,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
     resolver: zodResolver(formSchema) as unknown as Resolver<FormValues>,
     defaultValues: {
       name: '',
-      mode: 'sse',
+      mode: 'remote',
       url: '',
       command: '',
       args: [],
@@ -465,7 +465,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
     } else {
       form.reset({
         name: '',
-        mode: 'sse',
+        mode: 'remote',
         url: '',
         command: '',
         args: [],
@@ -535,9 +535,15 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
       const resp = await httpClient.getMCPServer(serverName);
       const server = resp.server ?? resp;
 
+      // Transport selection collapsed to two modes: 'stdio' (local) and
+      // 'remote' (URL, auto-detected transport). Servers persisted under the
+      // legacy 'sse'/'http' modes are surfaced as 'remote' so they remain
+      // editable; saving rewrites them to 'remote'.
+      const isRemote = server.mode !== 'stdio';
+
       const formValues: FormValues = {
         name: server.name.replace(/__/g, '/'),
-        mode: server.mode,
+        mode: isRemote ? 'remote' : 'stdio',
         url: '',
         command: '',
         args: [],
@@ -553,12 +559,10 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
       }[] = [];
       let newStdioArgs: { value: string }[] = [];
 
-      if (server.mode === 'sse' || server.mode === 'http') {
+      if (isRemote) {
         formValues.url = server.extra_args.url;
-        formValues.timeout = server.extra_args.timeout;
-
-        if (server.mode === 'sse') {
-          formValues.ssereadtimeout = server.extra_args.ssereadtimeout;
+        if (typeof server.extra_args.timeout === 'number') {
+          formValues.timeout = server.extra_args.timeout;
         }
 
         if (server.extra_args.headers) {
@@ -571,7 +575,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
           );
           formValues.extra_args = newExtraArgs;
         }
-      } else if (server.mode === 'stdio') {
+      } else {
         formValues.command = server.extra_args.command;
         newStdioArgs = (server.extra_args.args || []).map((arg: string) => ({
           value: arg,
@@ -611,36 +615,22 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
     try {
       let serverConfig: MCPServer;
 
-      if (value.mode === 'sse' || value.mode === 'http') {
+      if (value.mode === 'remote') {
         const headers: Record<string, string> = {};
         value.extra_args?.forEach((arg) => {
           headers[arg.key] = String(arg.value);
         });
 
-        if (value.mode === 'sse') {
-          serverConfig = {
-            name: value.name,
-            mode: 'sse',
-            enable: true,
-            extra_args: {
-              url: value.url!,
-              headers,
-              timeout: value.timeout,
-              ssereadtimeout: value.ssereadtimeout,
-            },
-          };
-        } else {
-          serverConfig = {
-            name: value.name,
-            mode: 'http',
-            enable: true,
-            extra_args: {
-              url: value.url!,
-              headers,
-              timeout: value.timeout,
-            },
-          };
-        }
+        serverConfig = {
+          name: value.name,
+          mode: 'remote',
+          enable: true,
+          extra_args: {
+            url: value.url!,
+            headers,
+            timeout: value.timeout,
+          },
+        };
       } else {
         const env: Record<string, string> = {};
         value.extra_args?.forEach((arg) => {
@@ -694,21 +684,9 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
       // are always current.
       const formExtraArgs = form.getValues('extra_args') ?? [];
       const formStdioArgs = form.getValues('args') ?? [];
-      let extraArgsData:
-        | MCPServerExtraArgsSSE
-        | MCPServerExtraArgsHttp
-        | MCPServerExtraArgsStdio;
+      let extraArgsData: MCPServerExtraArgsRemote | MCPServerExtraArgsStdio;
 
-      if (mode === 'sse') {
-        extraArgsData = {
-          url: form.getValues('url')!,
-          timeout: form.getValues('timeout'),
-          headers: Object.fromEntries(
-            formExtraArgs.map((arg) => [arg.key, arg.value]),
-          ),
-          ssereadtimeout: form.getValues('ssereadtimeout'),
-        };
-      } else if (mode === 'http') {
+      if (mode === 'remote') {
         extraArgsData = {
           url: form.getValues('url')!,
           timeout: form.getValues('timeout'),
@@ -758,6 +736,17 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
             } else {
               if (isEditMode) {
                 await loadServerForEdit(form.getValues('name'));
+              } else {
+                // Create mode has no persisted server to reload tools from.
+                // The backend stashes the discovered runtime info (status +
+                // tools) in the test task's metadata before tearing the
+                // transient session down — surface it so a successful test
+                // shows the tool list instead of "no tools found".
+                const runtimeInfoFromTest = taskResp.task_context?.metadata
+                  ?.runtime_info as MCPServerRuntimeInfo | undefined;
+                if (runtimeInfoFromTest) {
+                  setRuntimeInfo(runtimeInfoFromTest);
+                }
               }
               toast.success(t('mcp.testSuccess'));
             }
@@ -871,18 +860,22 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
                   </SelectTrigger>
                 </FormControl>
                 <SelectContent>
-                  <SelectItem value="http">{t('mcp.http')}</SelectItem>
+                  <SelectItem value="remote">{t('mcp.remote')}</SelectItem>
                   <SelectItem value="stdio" disabled={!boxAvailable}>
-                    {t('mcp.stdio')}
+                    {t('mcp.local')}
                     {!boxAvailable && (
                       <span className="ml-2 text-xs text-muted-foreground">
                         ({t('mcp.boxRequired')})
                       </span>
                     )}
                   </SelectItem>
-                  <SelectItem value="sse">{t('mcp.sse')}</SelectItem>
                 </SelectContent>
               </Select>
+              <FormDescription>
+                {watchMode === 'stdio'
+                  ? t('mcp.localModeDescription')
+                  : t('mcp.remoteModeDescription')}
+              </FormDescription>
               {stdioBlockedByBox && (
                 <BoxUnavailableNotice
                   hint={boxHint}
@@ -895,7 +888,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
           )}
         />
 
-        {(watchMode === 'sse' || watchMode === 'http') && (
+        {watchMode === 'remote' && (
           <>
             <FormField
               control={form.control}
@@ -907,8 +900,14 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
                     <span className="text-destructive">*</span>
                   </FormLabel>
                   <FormControl>
-                    <Input {...field} />
+                    <Input
+                      {...field}
+                      placeholder={t('mcp.remoteUrlPlaceholder')}
+                    />
                   </FormControl>
+                  <FormDescription>
+                    {t('mcp.remoteUrlDescription')}
+                  </FormDescription>
                   <FormMessage />
                 </FormItem>
               )}
@@ -932,27 +931,6 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
                 </FormItem>
               )}
             />
-
-            {watchMode === 'sse' && (
-              <FormField
-                control={form.control}
-                name="ssereadtimeout"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>{t('mcp.sseTimeout')}</FormLabel>
-                    <FormControl>
-                      <Input
-                        type="number"
-                        placeholder={t('mcp.sseTimeoutDescription')}
-                        {...field}
-                        onChange={(e) => field.onChange(Number(e.target.value))}
-                      />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-            )}
           </>
         )}
 
@@ -1006,9 +984,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
 
         <FormItem>
           <FormLabel>
-            {watchMode === 'sse' || watchMode === 'http'
-              ? t('mcp.headers')
-              : t('mcp.env')}
+            {watchMode === 'remote' ? t('mcp.headers') : t('mcp.env')}
           </FormLabel>
           <div className="space-y-2">
             {extraArgs.map((arg, index) => (
@@ -1037,9 +1013,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
               </div>
             ))}
             <Button type="button" variant="outline" onClick={addExtraArg}>
-              {watchMode === 'sse' || watchMode === 'http'
-                ? t('mcp.addHeader')
-                : t('mcp.addEnvVar')}
+              {watchMode === 'remote' ? t('mcp.addHeader') : t('mcp.addEnvVar')}
             </Button>
           </div>
           <FormDescription>
@@ -1052,12 +1026,7 @@ const MCPForm = forwardRef<MCPFormHandle, MCPFormProps>(function MCPForm(
   );
 
   const runtimePanel = (
-    <RuntimePanel
-      isEditMode={isEditMode}
-      mcpTesting={mcpTesting}
-      runtimeInfo={runtimeInfo}
-      t={t}
-    />
+    <RuntimePanel mcpTesting={mcpTesting} runtimeInfo={runtimeInfo} t={t} />
   );
 
   // In edit mode the right side shows a tablist switching between the live

web/src/app/home/plugins/components/plugin-installed/ExtensionCardVO.ts

@@ -17,7 +17,7 @@ export interface IExtensionCardVO {
   hasUpdate?: boolean;
   runtimeStatus?: 'connecting' | 'connected' | 'error' | 'disabled';
   tools?: number;
-  mode?: 'stdio' | 'sse' | 'http';
+  mode?: 'stdio' | 'sse' | 'http' | 'remote';
 }
 
 export class ExtensionCardVO implements IExtensionCardVO {
@@ -37,7 +37,7 @@ export class ExtensionCardVO implements IExtensionCardVO {
   hasUpdate?: boolean;
   runtimeStatus?: 'connecting' | 'connected' | 'error' | 'disabled';
   tools?: number;
-  mode?: 'stdio' | 'sse' | 'http';
+  mode?: 'stdio' | 'sse' | 'http' | 'remote';
 
   constructor(prop: IExtensionCardVO) {
     this.id = prop.id;

web/src/app/home/plugins/components/plugin-installed/plugin-logs/PluginLogs.tsx

@@ -3,6 +3,8 @@ import { httpClient } from '@/app/infra/http/HttpClient';
 import { useTranslation } from 'react-i18next';
 import { PluginLogEntry } from '@/app/infra/entities/plugin';
 import { Button } from '@/components/ui/button';
+import { Switch } from '@/components/ui/switch';
+import { Label } from '@/components/ui/label';
 import {
   Select,
   SelectContent,
@@ -116,17 +118,19 @@ export default function PluginLogs({
           />
           {t('plugins.logsRefresh')}
         </Button>
-        <Button
-          type="button"
-          variant={autoRefresh ? 'default' : 'outline'}
-          size="sm"
-          className="h-8"
-          onClick={() => setAutoRefresh((v) => !v)}
-        >
-          {autoRefresh
-            ? t('plugins.logsAutoRefreshOn')
-            : t('plugins.logsAutoRefreshOff')}
-        </Button>
+        <div className="flex items-center gap-2">
+          <Switch
+            id="plugin-logs-auto-refresh"
+            checked={autoRefresh}
+            onCheckedChange={setAutoRefresh}
+          />
+          <Label
+            htmlFor="plugin-logs-auto-refresh"
+            className="cursor-pointer text-sm font-normal text-muted-foreground"
+          >
+            {t('plugins.logsAutoRefresh')}
+          </Label>
+        </div>
       </div>
 
       <div

web/src/app/home/plugins/components/plugin-market/PluginMarketComponent.tsx

@@ -862,7 +862,7 @@ function MarketPageContent({
           </div>
         ) : (
           <>
-            <div className="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-3 2xl:grid-cols-4 gap-6 mt-6">
+            <div className="grid gap-6 mt-6 [grid-template-columns:repeat(auto-fill,minmax(min(100%,24rem),1fr))]">
               {visiblePlugins.map((plugin) => (
                 <PluginMarketCardComponent
                   key={plugin.pluginId}

web/src/app/home/plugins/components/plugin-market/RecommendationLists.tsx

@@ -1,5 +1,5 @@
 import { useState, useRef, useEffect, useCallback } from 'react';
-import { ChevronLeft, ChevronRight, Star } from 'lucide-react';
+import { ChevronLeft, ChevronRight, Star, Pause, Play } from 'lucide-react';
 import { Button } from '@/components/ui/button';
 import PluginMarketCardComponent from './plugin-market-card/PluginMarketCardComponent';
 import { PluginMarketCardVO } from './plugin-market-card/PluginMarketCardVO';
@@ -16,7 +16,7 @@ export interface RecommendationList {
   plugins: PluginV4[];
 }
 
-// Match the main plugin grid: grid-cols-1 sm:grid-cols-2 lg:grid-cols-3 2xl:grid-cols-4
+// Match the main plugin grid: auto-fill columns with a 24rem minimum width
 
 function pluginToVO(
   plugin: PluginV4,
@@ -63,8 +63,19 @@ function RecommendationListRow({
   const { t } = useTranslation();
   const [page, setPage] = useState(0);
   const [perPage, setPerPage] = useState(4);
+  // Countdown progress to the next auto-advance, 0 → 1 over AUTO_ADVANCE_MS.
+  const [progress, setProgress] = useState(0);
+  const [paused, setPaused] = useState(false);
+  // Accumulated elapsed time in the current cycle and the timestamp of the last
+  // animation frame. Kept in refs so the interval reads live values without
+  // re-subscribing, and so pausing freezes progress in place.
+  const elapsedRef = useRef<number>(0);
+  const lastFrameRef = useRef<number>(Date.now());
+  const pausedRef = useRef<boolean>(false);
   const gridRef = useRef<HTMLDivElement>(null);
 
+  const AUTO_ADVANCE_MS = 10000;
+
   const plugins = (list.plugins || []).filter((plugin) => {
     // Hide plugins that only contain deprecated KnowledgeRetriever components
     const keys = Object.keys(plugin.components || {});
@@ -86,22 +97,65 @@ function RecommendationListRow({
     return () => observer.disconnect();
   }, [measureCols]);
 
-  // Auto-advance every 5 seconds
+  // Restart the countdown from zero. Called on manual navigation so the user's
+  // click resets the time-to-next-page indicator.
+  const resetCountdown = useCallback(() => {
+    elapsedRef.current = 0;
+    lastFrameRef.current = Date.now();
+    setProgress(0);
+  }, []);
+
+  const togglePaused = () => {
+    setPaused((prev) => {
+      const next = !prev;
+      pausedRef.current = next;
+      // Resync the frame clock on resume so the paused gap isn't counted.
+      lastFrameRef.current = Date.now();
+      return next;
+    });
+  };
+
+  // Auto-advance every AUTO_ADVANCE_MS, driving a smooth countdown ring. The
+  // interval accumulates elapsed time from refs, so resetCountdown() restarts
+  // the cycle on manual navigation and pause freezes it without re-creating the
+  // interval.
   useEffect(() => {
     if (plugins.length <= perPage) return;
+    resetCountdown();
     const timer = setInterval(() => {
-      setPage((p) => {
-        const tp = Math.max(1, Math.ceil(plugins.length / perPage));
-        return p >= tp - 1 ? 0 : p + 1;
-      });
-    }, 5000);
+      const now = Date.now();
+      const delta = now - lastFrameRef.current;
+      lastFrameRef.current = now;
+      if (pausedRef.current) return;
+
+      elapsedRef.current += delta;
+      if (elapsedRef.current >= AUTO_ADVANCE_MS) {
+        elapsedRef.current = 0;
+        setProgress(0);
+        setPage((p) => {
+          const tp = Math.max(1, Math.ceil(plugins.length / perPage));
+          return p >= tp - 1 ? 0 : p + 1;
+        });
+      } else {
+        setProgress(elapsedRef.current / AUTO_ADVANCE_MS);
+      }
+    }, 50);
     return () => clearInterval(timer);
-  }, [plugins.length, perPage]);
+  }, [plugins.length, perPage, resetCountdown]);
 
   const totalPages = Math.max(1, Math.ceil(plugins.length / perPage));
   const safePage = Math.min(page, totalPages - 1);
   if (safePage !== page) setPage(safePage);
 
+  const goPrev = () => {
+    setPage((p) => Math.max(0, p - 1));
+    resetCountdown();
+  };
+  const goNext = () => {
+    setPage((p) => Math.min(totalPages - 1, p + 1));
+    resetCountdown();
+  };
+
   const start = safePage * perPage;
   const visiblePlugins = plugins.slice(start, start + perPage);
 
@@ -121,7 +175,7 @@ function RecommendationListRow({
             <Button
               variant="ghost"
               size="sm"
-              onClick={() => setPage((p) => Math.max(0, p - 1))}
+              onClick={goPrev}
               disabled={safePage === 0}
               className="h-7 w-7 p-0"
             >
@@ -130,10 +184,66 @@ function RecommendationListRow({
             <span className="text-xs text-muted-foreground px-1">
               {safePage + 1} / {totalPages}
             </span>
+            {/* Auto-advance countdown ring doubles as a pause/resume toggle.
+                The ring fills as the next flip approaches; click to pause. */}
+            <button
+              type="button"
+              onClick={togglePaused}
+              title={
+                paused
+                  ? t('market.recommendation.resume')
+                  : t('market.recommendation.pause')
+              }
+              aria-label={
+                paused
+                  ? t('market.recommendation.resume')
+                  : t('market.recommendation.pause')
+              }
+              className="relative inline-flex h-7 w-7 items-center justify-center text-muted-foreground transition-colors hover:text-foreground"
+            >
+              <svg
+                width="18"
+                height="18"
+                viewBox="0 0 16 16"
+                className="-rotate-90 shrink-0"
+                aria-hidden="true"
+              >
+                <circle
+                  cx="8"
+                  cy="8"
+                  r="6"
+                  fill="none"
+                  stroke="currentColor"
+                  strokeWidth="2"
+                  className="text-muted-foreground/25"
+                />
+                <circle
+                  cx="8"
+                  cy="8"
+                  r="6"
+                  fill="none"
+                  stroke="currentColor"
+                  strokeWidth="2"
+                  strokeLinecap="round"
+                  className={
+                    paused ? 'text-muted-foreground/50' : 'text-yellow-500'
+                  }
+                  strokeDasharray={2 * Math.PI * 6}
+                  strokeDashoffset={2 * Math.PI * 6 * (1 - progress)}
+                />
+              </svg>
+              <span className="absolute inset-0 flex items-center justify-center">
+                {paused ? (
+                  <Play className="h-2.5 w-2.5" />
+                ) : (
+                  <Pause className="h-2.5 w-2.5" />
+                )}
+              </span>
+            </button>
             <Button
               variant="ghost"
               size="sm"
-              onClick={() => setPage((p) => Math.min(totalPages - 1, p + 1))}
+              onClick={goNext}
               disabled={safePage >= totalPages - 1}
               className="h-7 w-7 p-0"
             >
@@ -144,7 +254,7 @@ function RecommendationListRow({
       </div>
       <div
         ref={gridRef}
-        className="grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-3 2xl:grid-cols-4 gap-6"
+        className="grid gap-6 [grid-template-columns:repeat(auto-fill,minmax(min(100%,24rem),1fr))]"
       >
         {visiblePlugins.map((plugin) => (
           <PluginMarketCardComponent

web/src/app/home/plugins/mcp-server/MCPCardVO.ts

@@ -1,29 +0,0 @@
-import { MCPServer, MCPSessionStatus } from '@/app/infra/entities/api';
-
-export class MCPCardVO {
-  name: string;
-  mode: 'stdio' | 'sse' | 'http';
-  enable: boolean;
-  status: MCPSessionStatus;
-  tools: number;
-  error?: string;
-
-  constructor(data: MCPServer) {
-    this.name = data.name;
-    this.mode = data.mode;
-    this.enable = data.enable;
-
-    // Determine status from runtime_info
-    if (!data.runtime_info) {
-      this.status = MCPSessionStatus.ERROR;
-      this.tools = 0;
-    } else if (data.runtime_info.status === MCPSessionStatus.CONNECTED) {
-      this.status = data.runtime_info.status;
-      this.tools = data.runtime_info.tool_count || 0;
-    } else {
-      this.status = data.runtime_info.status;
-      this.tools = 0;
-      this.error = data.runtime_info.error_message;
-    }
-  }
-}

web/src/app/home/plugins/mcp-server/MCPServerComponent.tsx

@@ -1,106 +0,0 @@
-import { useEffect, useState, useRef } from 'react';
-import MCPCardComponent from '@/app/home/plugins/mcp-server/mcp-card/MCPCardComponent';
-import { MCPCardVO } from '@/app/home/plugins/mcp-server/MCPCardVO';
-import { useTranslation } from 'react-i18next';
-import { MCPSessionStatus } from '@/app/infra/entities/api';
-import { Hexagon } from 'lucide-react';
-
-import { httpClient } from '@/app/infra/http/HttpClient';
-
-export default function MCPComponent({
-  onEditServer,
-}: {
-  askInstallServer?: (githubURL: string) => void;
-  onEditServer?: (serverName: string) => void;
-}) {
-  const { t } = useTranslation();
-  const [installedServers, setInstalledServers] = useState<MCPCardVO[]>([]);
-  const [loading, setLoading] = useState(false);
-  const pollingIntervalRef = useRef<NodeJS.Timeout | null>(null);
-
-  useEffect(() => {
-    fetchInstalledServers();
-
-    return () => {
-      // Cleanup: clear polling interval when component unmounts
-      if (pollingIntervalRef.current) {
-        clearInterval(pollingIntervalRef.current);
-      }
-    };
-  }, []);
-
-  // Check if any enabled server is connecting and start/stop polling accordingly
-  useEffect(() => {
-    const hasConnecting = installedServers.some(
-      (server) =>
-        server.enable && server.status === MCPSessionStatus.CONNECTING,
-    );
-
-    if (hasConnecting && !pollingIntervalRef.current) {
-      // Start polling every 3 seconds
-      pollingIntervalRef.current = setInterval(() => {
-        fetchInstalledServers();
-      }, 3000);
-    } else if (!hasConnecting && pollingIntervalRef.current) {
-      // Stop polling when no enabled server is connecting
-      clearInterval(pollingIntervalRef.current);
-      pollingIntervalRef.current = null;
-    }
-
-    return () => {
-      if (pollingIntervalRef.current) {
-        clearInterval(pollingIntervalRef.current);
-        pollingIntervalRef.current = null;
-      }
-    };
-  }, [installedServers]);
-
-  function fetchInstalledServers() {
-    setLoading(true);
-    httpClient
-      .getMCPServers()
-      .then((resp) => {
-        const servers = resp.servers.map((server) => new MCPCardVO(server));
-        setInstalledServers(servers);
-        setLoading(false);
-      })
-      .catch((error) => {
-        console.error('Failed to fetch MCP servers:', error);
-        setLoading(false);
-      });
-  }
-
-  return (
-    <div className="w-full h-full">
-      {/* Server list */}
-      <div className="w-full h-full px-[0.8rem] pt-[0rem]">
-        {loading ? (
-          <div className="flex flex-col items-center justify-center text-gray-500 min-h-[60vh] w-full gap-2">
-            {t('mcp.loading')}
-          </div>
-        ) : installedServers.length === 0 ? (
-          <div className="flex flex-col items-center justify-center text-gray-500 min-h-[60vh] w-full gap-2">
-            <Hexagon className="h-[3rem] w-[3rem]" />
-            <div className="text-lg mb-2">{t('mcp.noServerInstalled')}</div>
-          </div>
-        ) : (
-          <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6 pt-[2rem] pb-6">
-            {installedServers.map((server, index) => (
-              <div key={`${server.name}-${index}`}>
-                <MCPCardComponent
-                  cardVO={server}
-                  onCardClick={() => {
-                    if (onEditServer) {
-                      onEditServer(server.name);
-                    }
-                  }}
-                  onRefresh={fetchInstalledServers}
-                />
-              </div>
-            ))}
-          </div>
-        )}
-      </div>
-    </div>
-  );
-}

web/src/app/home/plugins/mcp-server/mcp-card/MCPCardComponent.tsx

@@ -1,180 +0,0 @@
-import { MCPCardVO } from '@/app/home/plugins/mcp-server/MCPCardVO';
-import { useState, useEffect } from 'react';
-import { httpClient } from '@/app/infra/http/HttpClient';
-import { Switch } from '@/components/ui/switch';
-import { Button } from '@/components/ui/button';
-import { Badge } from '@/components/ui/badge';
-import { toast } from 'sonner';
-import { useTranslation } from 'react-i18next';
-import {
-  RefreshCcw,
-  Wrench,
-  Ban,
-  AlertCircle,
-  Loader2,
-  Link,
-} from 'lucide-react';
-import { MCPSessionStatus } from '@/app/infra/entities/api';
-
-export default function MCPCardComponent({
-  cardVO,
-  onCardClick,
-  onRefresh,
-}: {
-  cardVO: MCPCardVO;
-  onCardClick: () => void;
-  onRefresh: () => void;
-}) {
-  const { t } = useTranslation();
-  const [enabled, setEnabled] = useState(cardVO.enable);
-  const [switchEnable, setSwitchEnable] = useState(true);
-  const [testing, setTesting] = useState(false);
-  const [toolsCount, setToolsCount] = useState(cardVO.tools);
-  const [status, setStatus] = useState(cardVO.status);
-
-  useEffect(() => {
-    setStatus(cardVO.status);
-    setToolsCount(cardVO.tools);
-    setEnabled(cardVO.enable);
-  }, [cardVO.status, cardVO.tools, cardVO.enable]);
-
-  function handleEnable(checked: boolean) {
-    setSwitchEnable(false);
-    httpClient
-      .toggleMCPServer(cardVO.name, checked)
-      .then(() => {
-        setEnabled(checked);
-        toast.success(t('mcp.saveSuccess'));
-        onRefresh();
-        setSwitchEnable(true);
-      })
-      .catch((err) => {
-        toast.error(t('mcp.modifyFailed') + err.msg);
-        setSwitchEnable(true);
-      });
-  }
-
-  function handleTest(e: React.MouseEvent) {
-    e.stopPropagation();
-    setTesting(true);
-
-    httpClient
-      .testMCPServer(cardVO.name, {})
-      .then((resp) => {
-        const taskId = resp.task_id;
-
-        const interval = setInterval(() => {
-          httpClient.getAsyncTask(taskId).then((taskResp) => {
-            if (taskResp.runtime.done) {
-              clearInterval(interval);
-              setTesting(false);
-
-              if (taskResp.runtime.exception) {
-                toast.error(
-                  t('mcp.refreshFailed') + taskResp.runtime.exception,
-                );
-              } else {
-                toast.success(t('mcp.refreshSuccess'));
-              }
-
-              // Refresh to get updated runtime_info
-              onRefresh();
-            }
-          });
-        }, 1000);
-      })
-      .catch((err) => {
-        toast.error(t('mcp.refreshFailed') + err.msg);
-        setTesting(false);
-      });
-  }
-
-  return (
-    <div
-      className="w-[100%] h-[10rem] bg-white dark:bg-[#1f1f22] rounded-[10px] border border-[#e4e4e7] dark:border-[#27272a] p-[1.2rem] cursor-pointer transition-all duration-200 hover:border-[#a1a1aa] dark:hover:border-[#3f3f46]"
-      onClick={onCardClick}
-    >
-      <div className="w-full h-full flex flex-row items-start justify-start gap-[1.2rem]">
-        <Link
-          className="w-16 h-16 flex-shrink-0"
-          style={{ color: 'rgba(70,146,221,1)' }}
-        />
-
-        <div className="w-full h-full flex flex-col items-start justify-between gap-[0.6rem]">
-          <div className="flex flex-col items-start justify-start gap-[0.3rem]">
-            <div className="flex flex-row items-center gap-[0.5rem]">
-              <div className="text-[1.2rem] text-black dark:text-[#f0f0f0] font-medium">
-                {cardVO.name}
-              </div>
-              <Badge variant="secondary" className="text-[0.65rem] px-1.5 py-0">
-                {cardVO.mode.toUpperCase()}
-              </Badge>
-            </div>
-          </div>
-
-          <div className="w-full flex flex-row items-start justify-start gap-[0.6rem]">
-            {!enabled ? (
-              // 未启用 - 橙色
-              <div className="flex flex-row items-center gap-[0.4rem]">
-                <Ban className="w-4 h-4 text-orange-500 dark:text-orange-400" />
-                <div className="text-sm text-orange-500 dark:text-orange-400 font-medium">
-                  {t('mcp.statusDisabled')}
-                </div>
-              </div>
-            ) : status === MCPSessionStatus.CONNECTED ? (
-              // 连接成功 - 显示工具数量
-              <div className="flex h-full flex-row items-center justify-center gap-[0.4rem]">
-                <Wrench className="w-5 h-5" />
-                <div className="text-base text-black dark:text-[#f0f0f0] font-medium">
-                  {t('mcp.toolCount', { count: toolsCount })}
-                </div>
-              </div>
-            ) : status === MCPSessionStatus.ERROR ? (
-              // 连接失败 - 红色（仅在明确报错时）
-              <div className="flex flex-row items-center gap-[0.4rem]">
-                <AlertCircle className="w-4 h-4 text-red-500 dark:text-red-400" />
-                <div className="text-sm text-red-500 dark:text-red-400 font-medium">
-                  {t('mcp.connectionFailedStatus')}
-                </div>
-              </div>
-            ) : (
-              // 连接中 - 蓝色加载（CONNECTING 或初始/未知状态，避免误报失败）
-              <div className="flex flex-row items-center gap-[0.4rem]">
-                <Loader2 className="w-4 h-4 text-blue-500 dark:text-blue-400 animate-spin" />
-                <div className="text-sm text-blue-500 dark:text-blue-400 font-medium">
-                  {t('mcp.connecting')}
-                </div>
-              </div>
-            )}
-          </div>
-        </div>
-
-        <div className="flex flex-col items-center justify-between h-full">
-          <div
-            className="flex items-center justify-center"
-            onClick={(e) => e.stopPropagation()}
-          >
-            <Switch
-              className="cursor-pointer"
-              checked={enabled}
-              onCheckedChange={handleEnable}
-              disabled={!switchEnable}
-            />
-          </div>
-
-          <div className="flex items-center justify-center gap-[0.4rem]">
-            <Button
-              variant="ghost"
-              size="sm"
-              className="p-1 h-8 w-8"
-              onClick={(e) => handleTest(e)}
-              disabled={testing}
-            >
-              <RefreshCcw className="w-4 h-4" />
-            </Button>
-          </div>
-        </div>
-      </div>
-    </div>
-  );
-}

web/src/app/home/plugins/mcp-server/mcp-form/MCPDeleteConfirmDialog.tsx

@@ -1,66 +0,0 @@
-import React from 'react';
-import { useTranslation } from 'react-i18next';
-import { toast } from 'sonner';
-import {
-  Dialog,
-  DialogContent,
-  DialogHeader,
-  DialogTitle,
-  DialogFooter,
-  DialogDescription,
-} from '@/components/ui/dialog';
-import { Button } from '@/components/ui/button';
-import { httpClient } from '@/app/infra/http/HttpClient';
-
-interface MCPDeleteConfirmDialogProps {
-  open: boolean;
-  onOpenChange: (open: boolean) => void;
-  serverName: string | null;
-  onSuccess?: () => void;
-}
-
-export default function MCPDeleteConfirmDialog({
-  open,
-  onOpenChange,
-  serverName,
-  onSuccess,
-}: MCPDeleteConfirmDialogProps) {
-  const { t } = useTranslation();
-
-  async function handleDelete() {
-    if (!serverName) return;
-
-    try {
-      await httpClient.deleteMCPServer(serverName);
-      toast.success(t('mcp.deleteSuccess'));
-
-      onOpenChange(false);
-
-      if (onSuccess) {
-        onSuccess();
-      }
-    } catch (error) {
-      console.error('Failed to delete server:', error);
-      toast.error(t('mcp.deleteFailed'));
-    }
-  }
-
-  return (
-    <Dialog open={open} onOpenChange={onOpenChange}>
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>{t('mcp.confirmDeleteTitle')}</DialogTitle>
-        </DialogHeader>
-        <DialogDescription>{t('mcp.confirmDeleteServer')}</DialogDescription>
-        <DialogFooter>
-          <Button variant="outline" onClick={() => onOpenChange(false)}>
-            {t('common.cancel')}
-          </Button>
-          <Button variant="destructive" onClick={handleDelete}>
-            {t('common.confirm')}
-          </Button>
-        </DialogFooter>
-      </DialogContent>
-    </Dialog>
-  );
-}

web/src/app/home/plugins/mcp-server/mcp-form/MCPFormDialog.tsx

@@ -1,907 +0,0 @@
-import React, { useState, useEffect, useRef } from 'react';
-import { useTranslation } from 'react-i18next';
-import { Loader2, XCircle, Trash2 } from 'lucide-react';
-import { Resolver, useForm } from 'react-hook-form';
-import { zodResolver } from '@hookform/resolvers/zod';
-import { z } from 'zod';
-import { toast } from 'sonner';
-import {
-  Dialog,
-  DialogContent,
-  DialogHeader,
-  DialogTitle,
-  DialogFooter,
-} from '@/components/ui/dialog';
-import {
-  Card,
-  CardHeader,
-  CardTitle,
-  CardDescription,
-} from '@/components/ui/card';
-import {
-  Form,
-  FormControl,
-  FormDescription,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from '@/components/ui/form';
-import {
-  Select,
-  SelectTrigger,
-  SelectValue,
-  SelectContent,
-  SelectItem,
-} from '@/components/ui/select';
-import { Input } from '@/components/ui/input';
-import { Button } from '@/components/ui/button';
-import { httpClient } from '@/app/infra/http/HttpClient';
-import {
-  MCPServerRuntimeInfo,
-  MCPTool,
-  MCPServer,
-  MCPSessionStatus,
-  MCPServerExtraArgsSSE,
-  MCPServerExtraArgsHttp,
-  MCPServerExtraArgsStdio,
-} from '@/app/infra/entities/api';
-import { CustomApiError } from '@/app/infra/entities/common';
-import { BoxUnavailableNotice } from '@/app/home/components/BoxUnavailableNotice';
-import { useBoxStatus } from '@/app/infra/hooks/useBoxStatus';
-
-// Status Display Component - 在测试中、连接中或连接失败时使用
-function StatusDisplay({
-  testing,
-  runtimeInfo,
-  t,
-}: {
-  testing: boolean;
-  runtimeInfo: MCPServerRuntimeInfo;
-  t: (key: string) => string;
-}) {
-  if (testing) {
-    return (
-      <div className="flex items-center gap-2 text-blue-600">
-        <Loader2 className="w-5 h-5 animate-spin" />
-        <span className="font-medium">{t('mcp.testing')}</span>
-      </div>
-    );
-  }
-
-  // 连接中
-  if (runtimeInfo.status === MCPSessionStatus.CONNECTING) {
-    return (
-      <div className="flex items-center gap-2 text-blue-600">
-        <Loader2 className="w-5 h-5 animate-spin" />
-        <span className="font-medium">{t('mcp.connecting')}</span>
-      </div>
-    );
-  }
-
-  // Stdio MCP refused because Box is disabled / unreachable. The backend
-  // marks the phase so we can show a localized, actionable message instead
-  // of the raw "box_disabled_in_config" / "box_unavailable" marker.
-  if (runtimeInfo.error_phase === 'box_unavailable') {
-    const isDisabledByConfig =
-      runtimeInfo.error_message === 'box_disabled_in_config';
-    return (
-      <div className="space-y-1">
-        <div className="flex items-center gap-2 text-red-600">
-          <XCircle className="w-5 h-5" />
-          <span className="font-medium">{t('mcp.connectionFailed')}</span>
-        </div>
-        <div className="text-sm text-red-500 pl-7 space-y-0.5">
-          <div>
-            {isDisabledByConfig
-              ? t('mcp.boxDisabledStdioRefused')
-              : t('mcp.boxUnavailableStdioRefused')}
-          </div>
-          <div className="text-muted-foreground">
-            {t('mcp.boxStdioRefusedSuggestion')}
-          </div>
-        </div>
-      </div>
-    );
-  }
-
-  // 连接失败
-  return (
-    <div className="space-y-1">
-      <div className="flex items-center gap-2 text-red-600">
-        <XCircle className="w-5 h-5" />
-        <span className="font-medium">{t('mcp.connectionFailed')}</span>
-      </div>
-      {runtimeInfo.error_message && (
-        <div className="text-sm text-red-500 pl-7">
-          {runtimeInfo.error_message}
-        </div>
-      )}
-    </div>
-  );
-}
-
-// Tools List Component
-function ToolsList({ tools }: { tools: MCPTool[] }) {
-  return (
-    <div className="space-y-2 max-h-[300px] overflow-y-auto">
-      {tools.map((tool, index) => (
-        <Card key={index} className="py-3 shadow-none">
-          <CardHeader>
-            <CardTitle className="text-sm">{tool.name}</CardTitle>
-            {tool.description && (
-              <CardDescription className="text-xs">
-                {tool.description}
-              </CardDescription>
-            )}
-          </CardHeader>
-        </Card>
-      ))}
-    </div>
-  );
-}
-
-const getFormSchema = (t: (key: string) => string) =>
-  z
-    .object({
-      name: z
-        .string({ required_error: t('mcp.nameRequired') })
-        .min(1, { message: t('mcp.nameRequired') }),
-      mode: z.enum(['sse', 'stdio', 'http']),
-      timeout: z
-        .number({ invalid_type_error: t('mcp.timeoutMustBeNumber') })
-        .positive({ message: t('mcp.timeoutMustBePositive') })
-        .default(30),
-      ssereadtimeout: z
-        .number({ invalid_type_error: t('mcp.sseTimeoutMustBeNumber') })
-        .positive({ message: t('mcp.timeoutMustBePositive') })
-        .default(300),
-      url: z.string().optional(),
-      command: z.string().optional(),
-      args: z.array(z.object({ value: z.string() })).optional(),
-      extra_args: z
-        .array(
-          z.object({
-            key: z.string(),
-            type: z.enum(['string', 'number', 'boolean']),
-            value: z.string(),
-          }),
-        )
-        .optional(),
-    })
-    .superRefine((data, ctx) => {
-      if (data.mode === 'sse' || data.mode === 'http') {
-        if (!data.url || data.url.length === 0) {
-          ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: t('mcp.urlRequired'),
-            path: ['url'],
-          });
-        }
-      } else if (data.mode === 'stdio') {
-        if (!data.command || data.command.length === 0) {
-          ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: t('mcp.commandRequired'),
-            path: ['command'],
-          });
-        }
-      }
-    });
-
-type FormValues = z.infer<ReturnType<typeof getFormSchema>> & {
-  timeout: number;
-  ssereadtimeout: number;
-};
-
-interface MCPFormDialogProps {
-  open: boolean;
-  onOpenChange: (open: boolean) => void;
-  serverName?: string | null;
-  isEditMode?: boolean;
-  onSuccess?: () => void;
-  onDelete?: () => void;
-}
-
-export default function MCPFormDialog({
-  open,
-  onOpenChange,
-  serverName,
-  isEditMode = false,
-  onSuccess,
-  onDelete,
-}: MCPFormDialogProps) {
-  const { t } = useTranslation();
-  const formSchema = getFormSchema(t);
-
-  const form = useForm<FormValues>({
-    resolver: zodResolver(formSchema) as unknown as Resolver<FormValues>,
-    defaultValues: {
-      name: '',
-      mode: 'sse',
-      url: '',
-      command: '',
-      args: [],
-      timeout: 30,
-      ssereadtimeout: 300,
-      extra_args: [],
-    },
-  });
-
-  const [extraArgs, setExtraArgs] = useState<
-    { key: string; type: 'string' | 'number' | 'boolean'; value: string }[]
-  >([]);
-  const [stdioArgs, setStdioArgs] = useState<{ value: string }[]>([]);
-  const [mcpTesting, setMcpTesting] = useState(false);
-  const [runtimeInfo, setRuntimeInfo] = useState<MCPServerRuntimeInfo | null>(
-    null,
-  );
-  const pollingIntervalRef = useRef<NodeJS.Timeout | null>(null);
-
-  const watchMode = form.watch('mode');
-  const {
-    available: boxAvailable,
-    hint: boxHint,
-    reason: boxReason,
-  } = useBoxStatus();
-  // stdio mode requires the Box sandbox at runtime. Block creation here
-  // so users aren't surprised by a connection failure on the detail page.
-  const stdioBlockedByBox = watchMode === 'stdio' && !boxAvailable;
-
-  // Load server data when editing
-  useEffect(() => {
-    if (open && isEditMode && serverName) {
-      loadServerForEdit(serverName);
-    } else if (open && !isEditMode) {
-      // Reset form when creating new server
-      form.reset({
-        name: '',
-        mode: 'sse',
-        url: '',
-        command: '',
-        args: [],
-        timeout: 30,
-        ssereadtimeout: 300,
-        extra_args: [],
-      });
-      setExtraArgs([]);
-      setStdioArgs([]);
-      setRuntimeInfo(null);
-    }
-
-    // Cleanup polling interval when dialog closes
-    return () => {
-      if (pollingIntervalRef.current) {
-        clearInterval(pollingIntervalRef.current);
-        pollingIntervalRef.current = null;
-      }
-    };
-  }, [open, isEditMode, serverName]);
-
-  // Poll for updates when runtime_info status is CONNECTING
-  useEffect(() => {
-    if (
-      !open ||
-      !isEditMode ||
-      !serverName ||
-      !runtimeInfo ||
-      runtimeInfo.status !== MCPSessionStatus.CONNECTING
-    ) {
-      // Stop polling if conditions are not met
-      if (pollingIntervalRef.current) {
-        clearInterval(pollingIntervalRef.current);
-        pollingIntervalRef.current = null;
-      }
-      return;
-    }
-
-    // Start polling if not already running
-    if (!pollingIntervalRef.current) {
-      pollingIntervalRef.current = setInterval(() => {
-        loadServerForEdit(serverName);
-      }, 3000);
-    }
-
-    return () => {
-      if (pollingIntervalRef.current) {
-        clearInterval(pollingIntervalRef.current);
-        pollingIntervalRef.current = null;
-      }
-    };
-  }, [open, isEditMode, serverName, runtimeInfo?.status]);
-
-  async function loadServerForEdit(serverName: string) {
-    try {
-      const resp = await httpClient.getMCPServer(serverName);
-      const server = resp.server ?? resp;
-
-      form.setValue('name', server.name);
-      form.setValue('mode', server.mode);
-
-      if (server.mode === 'sse' || server.mode === 'http') {
-        form.setValue('url', server.extra_args.url);
-        form.setValue('timeout', server.extra_args.timeout);
-
-        if (server.mode === 'sse') {
-          form.setValue('ssereadtimeout', server.extra_args.ssereadtimeout);
-        }
-
-        if (server.extra_args.headers) {
-          const headers = Object.entries(server.extra_args.headers).map(
-            ([key, value]) => ({
-              key,
-              type: 'string' as const,
-              value: String(value),
-            }),
-          );
-          setExtraArgs(headers);
-          form.setValue('extra_args', headers);
-        }
-      } else if (server.mode === 'stdio') {
-        form.setValue('command', server.extra_args.command);
-        const args = (server.extra_args.args || []).map((arg: string) => ({
-          value: arg,
-        }));
-        setStdioArgs(args);
-        form.setValue('args', args);
-
-        if (server.extra_args.env) {
-          const envs = Object.entries(server.extra_args.env).map(
-            ([key, value]) => ({
-              key,
-              type: 'string' as const,
-              value: String(value),
-            }),
-          );
-          setExtraArgs(envs);
-          form.setValue('extra_args', envs);
-        }
-      }
-
-      if (server.runtime_info) {
-        setRuntimeInfo(server.runtime_info);
-      } else {
-        setRuntimeInfo(null);
-      }
-    } catch (error) {
-      console.error('Failed to load server:', error);
-      toast.error(t('mcp.loadFailed'));
-    }
-  }
-
-  async function handleFormSubmit(value: z.infer<typeof formSchema>) {
-    // Belt-and-suspenders: Save button is also disabled in this case, but
-    // a programmatic submit (e.g. Enter key) should still be refused.
-    if (value.mode === 'stdio' && !boxAvailable) {
-      toast.error(t('mcp.stdioBlockedByBoxToast'));
-      return;
-    }
-    try {
-      let serverConfig: MCPServer;
-
-      if (value.mode === 'sse' || value.mode === 'http') {
-        const headers: Record<string, string> = {};
-        value.extra_args?.forEach((arg) => {
-          headers[arg.key] = String(arg.value);
-        });
-
-        if (value.mode === 'sse') {
-          serverConfig = {
-            name: value.name,
-            mode: 'sse',
-            enable: true,
-            extra_args: {
-              url: value.url!,
-              headers: headers,
-              timeout: value.timeout,
-              ssereadtimeout: value.ssereadtimeout,
-            },
-          };
-        } else {
-          serverConfig = {
-            name: value.name,
-            mode: 'http',
-            enable: true,
-            extra_args: {
-              url: value.url!,
-              headers: headers,
-              timeout: value.timeout,
-            },
-          };
-        }
-      } else {
-        // Convert extra_args to env
-        const env: Record<string, string> = {};
-        value.extra_args?.forEach((arg) => {
-          env[arg.key] = String(arg.value);
-        });
-
-        // Convert args object array to string array
-        const args = value.args?.map((arg) => arg.value) || [];
-
-        serverConfig = {
-          name: value.name,
-          mode: 'stdio',
-          enable: true,
-          extra_args: {
-            command: value.command!,
-            args: args,
-            env: env,
-          },
-        };
-      }
-
-      if (isEditMode && serverName) {
-        await httpClient.updateMCPServer(serverName, serverConfig);
-        toast.success(t('mcp.updateSuccess'));
-      } else {
-        await httpClient.createMCPServer(serverConfig);
-        toast.success(t('mcp.createSuccess'));
-      }
-
-      handleDialogClose(false);
-      onSuccess?.();
-    } catch (error) {
-      console.error('Failed to save MCP server:', error);
-      const errMsg = (error as CustomApiError).msg || '';
-      toast.error(
-        (isEditMode ? t('mcp.updateFailed') : t('mcp.createFailed')) + errMsg,
-      );
-    }
-  }
-
-  async function testMcp() {
-    setMcpTesting(true);
-
-    try {
-      const mode = form.getValues('mode');
-      let extraArgsData:
-        | MCPServerExtraArgsSSE
-        | MCPServerExtraArgsHttp
-        | MCPServerExtraArgsStdio;
-
-      if (mode === 'sse') {
-        extraArgsData = {
-          url: form.getValues('url')!,
-          timeout: form.getValues('timeout'),
-          headers: Object.fromEntries(
-            extraArgs.map((arg) => [arg.key, arg.value]),
-          ),
-          ssereadtimeout: form.getValues('ssereadtimeout'),
-        };
-      } else if (mode === 'http') {
-        extraArgsData = {
-          url: form.getValues('url')!,
-          timeout: form.getValues('timeout'),
-          headers: Object.fromEntries(
-            extraArgs.map((arg) => [arg.key, arg.value]),
-          ),
-        };
-      } else {
-        extraArgsData = {
-          command: form.getValues('command')!,
-          args: stdioArgs.map((arg) => arg.value),
-          env: Object.fromEntries(extraArgs.map((arg) => [arg.key, arg.value])),
-        };
-      }
-
-      const { task_id } = await httpClient.testMCPServer('_', {
-        name: form.getValues('name'),
-        mode: mode,
-        enable: true,
-        extra_args: extraArgsData,
-      } as MCPServer);
-
-      if (!task_id) {
-        throw new Error(t('mcp.noTaskId'));
-      }
-
-      const interval = setInterval(async () => {
-        try {
-          const taskResp = await httpClient.getAsyncTask(task_id);
-
-          if (taskResp.runtime?.done) {
-            clearInterval(interval);
-            setMcpTesting(false);
-
-            if (taskResp.runtime.exception) {
-              const errorMsg =
-                taskResp.runtime.exception || t('mcp.unknownError');
-              toast.error(`${t('mcp.testError')}: ${errorMsg}`);
-              setRuntimeInfo({
-                status: MCPSessionStatus.ERROR,
-                error_message: errorMsg,
-                tool_count: 0,
-                tools: [],
-              });
-            } else {
-              if (isEditMode) {
-                await loadServerForEdit(form.getValues('name'));
-              }
-              toast.success(t('mcp.testSuccess'));
-            }
-          }
-        } catch (err) {
-          clearInterval(interval);
-          setMcpTesting(false);
-          const errorMsg =
-            (err as CustomApiError).msg || t('mcp.getTaskFailed');
-          toast.error(`${t('mcp.testError')}: ${errorMsg}`);
-        }
-      }, 1000);
-    } catch (err) {
-      setMcpTesting(false);
-      const errorMsg = (err as Error).message || t('mcp.unknownError');
-      toast.error(`${t('mcp.testError')}: ${errorMsg}`);
-    }
-  }
-
-  const addExtraArg = () => {
-    const newArgs = [
-      ...extraArgs,
-      { key: '', type: 'string' as const, value: '' },
-    ];
-    setExtraArgs(newArgs);
-    form.setValue('extra_args', newArgs);
-  };
-
-  const removeExtraArg = (index: number) => {
-    const newArgs = extraArgs.filter((_, i) => i !== index);
-    setExtraArgs(newArgs);
-    form.setValue('extra_args', newArgs);
-  };
-
-  const updateExtraArg = (
-    index: number,
-    field: 'key' | 'type' | 'value',
-    value: string,
-  ) => {
-    const newArgs = [...extraArgs];
-    newArgs[index] = { ...newArgs[index], [field]: value };
-    setExtraArgs(newArgs);
-    form.setValue('extra_args', newArgs);
-  };
-
-  const addStdioArg = () => {
-    const newArgs = [...stdioArgs, { value: '' }];
-    setStdioArgs(newArgs);
-    form.setValue('args', newArgs);
-  };
-
-  const removeStdioArg = (index: number) => {
-    const newArgs = stdioArgs.filter((_, i) => i !== index);
-    setStdioArgs(newArgs);
-    form.setValue('args', newArgs);
-  };
-
-  const updateStdioArg = (index: number, value: string) => {
-    const newArgs = [...stdioArgs];
-    newArgs[index] = { value };
-    setStdioArgs(newArgs);
-    form.setValue('args', newArgs);
-  };
-
-  const handleDialogClose = (open: boolean) => {
-    onOpenChange(open);
-    if (!open) {
-      form.reset();
-      setExtraArgs([]);
-      setStdioArgs([]);
-      setRuntimeInfo(null);
-    }
-  };
-
-  return (
-    <Dialog open={open} onOpenChange={handleDialogClose}>
-      <DialogContent>
-        <DialogHeader>
-          <DialogTitle>
-            {isEditMode ? t('mcp.editServer') : t('mcp.createServer')}
-          </DialogTitle>
-        </DialogHeader>
-
-        {isEditMode && runtimeInfo && (
-          <div className="mb-0 space-y-3">
-            {/* 测试中或连接失败时显示状态 */}
-            {(mcpTesting ||
-              runtimeInfo.status !== MCPSessionStatus.CONNECTED) && (
-              <div className="p-3 rounded-lg border">
-                <StatusDisplay
-                  testing={mcpTesting}
-                  runtimeInfo={runtimeInfo}
-                  t={t}
-                />
-              </div>
-            )}
-
-            {/* 连接成功时只显示工具列表 */}
-            {!mcpTesting &&
-              runtimeInfo.status === MCPSessionStatus.CONNECTED &&
-              runtimeInfo.tools?.length > 0 && (
-                <>
-                  <div className="text-sm font-medium">
-                    {t('mcp.toolCount', {
-                      count: runtimeInfo.tools?.length || 0,
-                    })}
-                  </div>
-                  <ToolsList tools={runtimeInfo.tools} />
-                </>
-              )}
-          </div>
-        )}
-
-        <Form {...form}>
-          <form
-            onSubmit={form.handleSubmit(handleFormSubmit)}
-            className="space-y-4"
-          >
-            <div className="space-y-4">
-              <FormField
-                control={form.control}
-                name="name"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>{t('mcp.name')}</FormLabel>
-                    <FormControl>
-                      <Input {...field} />
-                    </FormControl>
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              <FormField
-                control={form.control}
-                name="mode"
-                render={({ field }) => (
-                  <FormItem>
-                    <FormLabel>{t('mcp.serverMode')}</FormLabel>
-                    <Select
-                      onValueChange={field.onChange}
-                      defaultValue={field.value}
-                      value={field.value}
-                    >
-                      <FormControl>
-                        <SelectTrigger>
-                          <SelectValue placeholder={t('mcp.selectMode')} />
-                        </SelectTrigger>
-                      </FormControl>
-                      <SelectContent>
-                        <SelectItem value="http">{t('mcp.http')}</SelectItem>
-                        <SelectItem value="stdio" disabled={!boxAvailable}>
-                          {t('mcp.stdio')}
-                          {!boxAvailable && (
-                            <span className="ml-2 text-xs text-muted-foreground">
-                              ({t('mcp.boxRequired')})
-                            </span>
-                          )}
-                        </SelectItem>
-                        <SelectItem value="sse">{t('mcp.sse')}</SelectItem>
-                      </SelectContent>
-                    </Select>
-                    {stdioBlockedByBox && (
-                      <BoxUnavailableNotice
-                        hint={boxHint}
-                        reason={boxReason}
-                        className="mt-2"
-                      />
-                    )}
-                    <FormMessage />
-                  </FormItem>
-                )}
-              />
-
-              {(watchMode === 'sse' || watchMode === 'http') && (
-                <>
-                  <FormField
-                    control={form.control}
-                    name="url"
-                    render={({ field }) => (
-                      <FormItem>
-                        <FormLabel>{t('mcp.url')}</FormLabel>
-                        <FormControl>
-                          <Input {...field} />
-                        </FormControl>
-                        <FormMessage />
-                      </FormItem>
-                    )}
-                  />
-
-                  <FormField
-                    control={form.control}
-                    name="timeout"
-                    render={({ field }) => (
-                      <FormItem>
-                        <FormLabel>{t('mcp.timeout')}</FormLabel>
-                        <FormControl>
-                          <Input
-                            type="number"
-                            placeholder={t('mcp.timeout')}
-                            {...field}
-                            onChange={(e) =>
-                              field.onChange(Number(e.target.value))
-                            }
-                          />
-                        </FormControl>
-                        <FormMessage />
-                      </FormItem>
-                    )}
-                  />
-
-                  {watchMode === 'sse' && (
-                    <FormField
-                      control={form.control}
-                      name="ssereadtimeout"
-                      render={({ field }) => (
-                        <FormItem>
-                          <FormLabel>{t('mcp.sseTimeout')}</FormLabel>
-                          <FormControl>
-                            <Input
-                              type="number"
-                              placeholder={t('mcp.sseTimeoutDescription')}
-                              {...field}
-                              onChange={(e) =>
-                                field.onChange(Number(e.target.value))
-                              }
-                            />
-                          </FormControl>
-                          <FormMessage />
-                        </FormItem>
-                      )}
-                    />
-                  )}
-                </>
-              )}
-
-              {watchMode === 'stdio' && (
-                <>
-                  <FormField
-                    control={form.control}
-                    name="command"
-                    render={({ field }) => (
-                      <FormItem>
-                        <FormLabel>{t('mcp.command')}</FormLabel>
-                        <FormControl>
-                          <Input {...field} />
-                        </FormControl>
-                        <FormMessage />
-                      </FormItem>
-                    )}
-                  />
-
-                  <FormItem>
-                    <FormLabel>{t('mcp.args')}</FormLabel>
-                    <div className="space-y-2">
-                      {stdioArgs.map((arg, index) => (
-                        <div key={index} className="flex gap-2">
-                          <Input
-                            placeholder={t('mcp.args')}
-                            value={arg.value}
-                            onChange={(e) =>
-                              updateStdioArg(index, e.target.value)
-                            }
-                          />
-                          <button
-                            type="button"
-                            className="p-2 hover:bg-gray-100 rounded"
-                            onClick={() => removeStdioArg(index)}
-                          >
-                            <Trash2 className="w-5 h-5 text-red-500" />
-                          </button>
-                        </div>
-                      ))}
-                      <Button
-                        type="button"
-                        variant="outline"
-                        onClick={addStdioArg}
-                      >
-                        {t('mcp.addArgument')}
-                      </Button>
-                    </div>
-                  </FormItem>
-                </>
-              )}
-
-              <FormItem>
-                <FormLabel>
-                  {watchMode === 'sse' || watchMode === 'http'
-                    ? t('mcp.headers')
-                    : t('mcp.env')}
-                </FormLabel>
-                <div className="space-y-2">
-                  {extraArgs.map((arg, index) => (
-                    <div key={index} className="flex gap-2">
-                      <Input
-                        placeholder={t('models.keyName')}
-                        value={arg.key}
-                        onChange={(e) =>
-                          updateExtraArg(index, 'key', e.target.value)
-                        }
-                      />
-                      {/* Only show type select for SSE headers if needed, but usually headers are strings. Env vars are definitely strings.
-                          The original code had type selector. Let's keep it for compatibility or remove if not needed.
-                          Headers are strings. Env vars are strings.
-                          Let's hide the type selector as it was confusing anyway, or force it to string.
-                       */}
-                      {/* <Select
-                        value={arg.type}
-                        onValueChange={(value) =>
-                          updateExtraArg(index, 'type', value)
-                        }
-                      >
-                        <SelectTrigger className="w-[120px] bg-[#ffffff] dark:bg-[#2a2a2e]">
-                          <SelectValue placeholder={t('models.type')} />
-                        </SelectTrigger>
-                        <SelectContent className="bg-[#ffffff] dark:bg-[#2a2a2e]">
-                          <SelectItem value="string">
-                            {t('models.string')}
-                          </SelectItem>
-                        </SelectContent>
-                      </Select> */}
-                      <Input
-                        placeholder={t('models.value')}
-                        value={arg.value}
-                        onChange={(e) =>
-                          updateExtraArg(index, 'value', e.target.value)
-                        }
-                      />
-                      <button
-                        type="button"
-                        className="p-2 hover:bg-gray-100 rounded"
-                        onClick={() => removeExtraArg(index)}
-                      >
-                        <Trash2 className="w-5 h-5 text-red-500" />
-                      </button>
-                    </div>
-                  ))}
-                  <Button type="button" variant="outline" onClick={addExtraArg}>
-                    {watchMode === 'sse' || watchMode === 'http'
-                      ? t('mcp.addHeader')
-                      : t('mcp.addEnvVar')}
-                  </Button>
-                </div>
-                <FormDescription>
-                  {t('mcp.extraParametersDescription')}
-                </FormDescription>
-                <FormMessage />
-              </FormItem>
-
-              <DialogFooter>
-                {isEditMode && onDelete && (
-                  <Button
-                    type="button"
-                    variant="destructive"
-                    onClick={onDelete}
-                  >
-                    {t('common.delete')}
-                  </Button>
-                )}
-
-                <Button type="submit" disabled={stdioBlockedByBox}>
-                  {isEditMode ? t('common.save') : t('common.submit')}
-                </Button>
-
-                <Button
-                  type="button"
-                  variant="outline"
-                  onClick={() => testMcp()}
-                  disabled={mcpTesting}
-                >
-                  {t('common.test')}
-                </Button>
-
-                <Button
-                  type="button"
-                  variant="outline"
-                  onClick={() => handleDialogClose(false)}
-                >
-                  {t('common.cancel')}
-                </Button>
-              </DialogFooter>
-            </div>
-          </form>
-        </Form>
-      </DialogContent>
-    </Dialog>
-  );
-}

web/src/app/infra/entities/api/index.ts

@@ -531,6 +531,15 @@ export interface MCPServerExtraArgsHttp {
   timeout: number;
 }
 
+// "remote" mode: the user only supplies a URL; the backend auto-detects the
+// transport (Streamable HTTP first, falling back to legacy SSE). headers /
+// timeout are optional advanced settings.
+export interface MCPServerExtraArgsRemote {
+  url: string;
+  headers?: Record<string, string>;
+  timeout?: number;
+}
+
 export enum MCPSessionStatus {
   CONNECTING = 'connecting',
   CONNECTED = 'connected',
@@ -577,6 +586,17 @@ export type MCPServer =
       created_at?: string;
       updated_at?: string;
     }
+  | {
+      uuid?: string;
+      name: string;
+      mode: 'remote';
+      enable: boolean;
+      extra_args: MCPServerExtraArgsRemote;
+      runtime_info?: MCPServerRuntimeInfo;
+      readme?: string;
+      created_at?: string;
+      updated_at?: string;
+    }
   | {
       uuid?: string;
       name: string;

web/src/components/ui/language-selector.tsx

@@ -56,7 +56,16 @@ export function LanguageSelector({
 
     const savedLanguage = localStorage.getItem('langbot_language');
     if (savedLanguage) {
-      i18n.changeLanguage(savedLanguage);
+      // Only switch when the active language actually differs. Calling
+      // i18n.changeLanguage() unconditionally on every mount emits a
+      // `languageChanged` event even when nothing changed, which hands every
+      // useTranslation() consumer a fresh `t` reference and re-runs effects
+      // that depend on `t` (e.g. data refetches). Since this selector mounts
+      // each time the account dropdown opens, that surfaced as a spurious
+      // page "refresh". Guard the call to keep mounts side-effect-free.
+      if (i18n.language !== savedLanguage) {
+        i18n.changeLanguage(savedLanguage);
+      }
       setCurrentLanguage(savedLanguage);
     } else {
       const browserLanguage = navigator.language;

web/src/components/ui/tooltip.tsx

@@ -3,6 +3,34 @@ import * as TooltipPrimitive from '@radix-ui/react-tooltip';
 
 import { cn } from '@/lib/utils';
 
+// Radix tooltips open on hover/focus only and deliberately stay closed on
+// touch input. To make every tooltip usable on mobile, we expose a small
+// context so the trigger can toggle the tooltip open on tap when the device
+// has no hover capability (coarse / touch pointer).
+interface TooltipTouchContextValue {
+  isTouch: boolean;
+  open: boolean;
+  setOpen: (open: boolean) => void;
+}
+
+const TooltipTouchContext =
+  React.createContext<TooltipTouchContextValue | null>(null);
+
+function useIsTouchDevice(): boolean {
+  const [isTouch, setIsTouch] = React.useState(false);
+
+  React.useEffect(() => {
+    if (typeof window === 'undefined' || !window.matchMedia) return;
+    const mq = window.matchMedia('(hover: none), (pointer: coarse)');
+    const update = () => setIsTouch(mq.matches);
+    update();
+    mq.addEventListener?.('change', update);
+    return () => mq.removeEventListener?.('change', update);
+  }, []);
+
+  return isTouch;
+}
+
 function TooltipProvider({
   delayDuration = 0,
   ...props
@@ -17,19 +45,66 @@ function TooltipProvider({
 }
 
 function Tooltip({
+  open: openProp,
+  onOpenChange,
   ...props
 }: React.ComponentProps<typeof TooltipPrimitive.Root>) {
+  const isTouch = useIsTouchDevice();
+  const [openState, setOpenState] = React.useState(false);
+  const isControlled = openProp !== undefined;
+  const open = isControlled ? (openProp ?? false) : openState;
+
+  const setOpen = React.useCallback(
+    (next: boolean) => {
+      if (!isControlled) setOpenState(next);
+      onOpenChange?.(next);
+    },
+    [isControlled, onOpenChange],
+  );
+
   return (
     <TooltipProvider>
-      <TooltipPrimitive.Root data-slot="tooltip" {...props} />
+      <TooltipTouchContext.Provider value={{ isTouch, open, setOpen }}>
+        {/* Drive open state ourselves so we can toggle on tap for touch
+            devices while still forwarding Radix's hover/focus changes on
+            desktop. */}
+        <TooltipPrimitive.Root
+          data-slot="tooltip"
+          open={open}
+          onOpenChange={setOpen}
+          {...props}
+        />
+      </TooltipTouchContext.Provider>
     </TooltipProvider>
   );
 }
 
 function TooltipTrigger({
+  onClick,
   ...props
 }: React.ComponentProps<typeof TooltipPrimitive.Trigger>) {
-  return <TooltipPrimitive.Trigger data-slot="tooltip-trigger" {...props} />;
+  const ctx = React.useContext(TooltipTouchContext);
+
+  const handleClick = React.useCallback(
+    (event: React.MouseEvent<HTMLButtonElement>) => {
+      // On touch devices Radix never opens the tooltip via hover, so a tap on
+      // the trigger toggles it. The underlying element's own onClick still
+      // fires (e.g. an actionable button keeps working).
+      if (ctx?.isTouch) {
+        ctx.setOpen(!ctx.open);
+      }
+      onClick?.(event);
+    },
+    [ctx, onClick],
+  );
+
+  return (
+    <TooltipPrimitive.Trigger
+      data-slot="tooltip-trigger"
+      onClick={handleClick}
+      {...props}
+    />
+  );
 }
 
 function TooltipContent({

web/src/i18n/locales/en-US.ts

@@ -593,8 +593,7 @@ const enUS = {
     tabLogs: 'Logs',
     logsLevelAll: 'All levels',
     logsRefresh: 'Refresh',
-    logsAutoRefreshOn: 'Auto-refresh: On',
-    logsAutoRefreshOff: 'Auto-refresh: Off',
+    logsAutoRefresh: 'Auto-refresh',
     logsEmpty:
       'No logs yet. Logs printed by the plugin via logger will appear here.',
     fileUpload: {
@@ -674,6 +673,10 @@ const enUS = {
     installFailed: 'Installation failed, please try again later',
     loadFailed: 'Failed to get plugin list, please try again later',
     noDescription: 'No description available',
+    recommendation: {
+      pause: 'Pause auto-rotation',
+      resume: 'Resume auto-rotation',
+    },
     notFound: 'Plugin information not found',
     sortBy: 'Sort by',
     sort: {
@@ -754,6 +757,15 @@ const enUS = {
     stdio: 'Stdio Mode',
     sse: 'SSE Mode',
     http: 'HTTP Mode',
+    local: 'Local (Stdio)',
+    remote: 'Remote',
+    localModeDescription:
+      'Run an MCP server locally as a subprocess inside the Box sandbox.',
+    remoteModeDescription:
+      'Connect to a remote MCP server by URL. The transport (Streamable HTTP or SSE) is detected automatically.',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'Paste the MCP server URL. Both Streamable HTTP and legacy SSE endpoints are supported.',
     noServerInstalled: 'No MCP servers configured',
     serverNameRequired: 'Server name cannot be empty',
     commandRequired: 'Command cannot be empty',

web/src/i18n/locales/es-ES.ts

@@ -605,8 +605,7 @@ const esES = {
     tabLogs: 'Registros',
     logsLevelAll: 'Todos los niveles',
     logsRefresh: 'Actualizar',
-    logsAutoRefreshOn: 'Auto-actualizar: Activado',
-    logsAutoRefreshOff: 'Auto-actualizar: Desactivado',
+    logsAutoRefresh: 'Auto-actualizar',
     logsEmpty:
       'Aún no hay registros. Los registros que el plugin imprima mediante logger aparecerán aquí.',
     fileUpload: {
@@ -687,6 +686,10 @@ const esES = {
     loadFailed:
       'Error al obtener la lista de plugins, por favor inténtalo más tarde',
     noDescription: 'No hay descripción disponible',
+    recommendation: {
+      pause: 'Pausar rotación automática',
+      resume: 'Reanudar rotación automática',
+    },
     notFound: 'No se encontró la información del plugin',
     sortBy: 'Ordenar por',
     sort: {
@@ -768,6 +771,15 @@ const esES = {
     stdio: 'Modo Stdio',
     sse: 'Modo SSE',
     http: 'Modo HTTP',
+    local: 'Local (Stdio)',
+    remote: 'Remoto',
+    localModeDescription:
+      'Ejecuta un servidor MCP localmente como subproceso dentro del sandbox de Box.',
+    remoteModeDescription:
+      'Conéctate a un servidor MCP remoto por URL. El transporte (Streamable HTTP o SSE) se detecta automáticamente.',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'Pega la URL del servidor MCP. Se admiten tanto endpoints Streamable HTTP como SSE heredados.',
     noServerInstalled: 'No hay servidores MCP configurados',
     serverNameRequired: 'El nombre del servidor no puede estar vacío',
     commandRequired: 'El comando no puede estar vacío',

web/src/i18n/locales/ja-JP.ts

@@ -598,8 +598,7 @@ const jaJP = {
     tabLogs: 'ログ',
     logsLevelAll: 'すべてのレベル',
     logsRefresh: '更新',
-    logsAutoRefreshOn: '自動更新：オン',
-    logsAutoRefreshOff: '自動更新：オフ',
+    logsAutoRefresh: '自動更新',
     logsEmpty:
       'ログはまだありません。プラグインが logger で出力したログがここに表示されます。',
     fileUpload: {
@@ -680,6 +679,10 @@ const jaJP = {
     loadFailed:
       'プラグインリストの取得に失敗しました。後でもう一度お試しください',
     noDescription: '説明がありません',
+    recommendation: {
+      pause: '自動ローテーションを一時停止',
+      resume: '自動ローテーションを再開',
+    },
     notFound: 'プラグイン情報が見つかりません',
     sortBy: '並び順',
     sort: {
@@ -759,6 +762,15 @@ const jaJP = {
     stdio: 'Stdioモード',
     sse: 'SSEモード',
     http: 'HTTPモード',
+    local: 'ローカル（Stdio）',
+    remote: 'リモート',
+    localModeDescription:
+      'Box サンドボックス内でサブプロセスとして MCP サーバーをローカル実行します。',
+    remoteModeDescription:
+      'URL でリモート MCP サーバーに接続します。トランスポート（Streamable HTTP または SSE）は自動検出されます。',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'MCP サーバーの URL を貼り付けてください。Streamable HTTP と従来の SSE エンドポイントの両方に対応しています。',
     selectMode: '接続モードを選択',
     noServerInstalled: 'MCPサーバーが設定されていません',
     serverNameRequired: 'サーバー名は必須です',

web/src/i18n/locales/ru-RU.ts

@@ -604,8 +604,7 @@ const ruRU = {
     tabLogs: 'Журналы',
     logsLevelAll: 'Все уровни',
     logsRefresh: 'Обновить',
-    logsAutoRefreshOn: 'Автообновление: вкл.',
-    logsAutoRefreshOff: 'Автообновление: выкл.',
+    logsAutoRefresh: 'Автообновление',
     logsEmpty:
       'Журналов пока нет. Здесь появятся логи, выводимые плагином через logger.',
     fileUpload: {
@@ -685,6 +684,10 @@ const ruRU = {
     installFailed: 'Ошибка установки, попробуйте позже',
     loadFailed: 'Не удалось получить список плагинов, попробуйте позже',
     noDescription: 'Описание отсутствует',
+    recommendation: {
+      pause: 'Приостановить авто-прокрутку',
+      resume: 'Возобновить авто-прокрутку',
+    },
     notFound: 'Информация о плагине не найдена',
     sortBy: 'Сортировать по',
     sort: {
@@ -765,6 +768,15 @@ const ruRU = {
     stdio: 'Режим Stdio',
     sse: 'Режим SSE',
     http: 'Режим HTTP',
+    local: 'Локально (Stdio)',
+    remote: 'Удалённо',
+    localModeDescription:
+      'Запуск MCP-сервера локально как подпроцесса внутри песочницы Box.',
+    remoteModeDescription:
+      'Подключение к удалённому MCP-серверу по URL. Транспорт (Streamable HTTP или SSE) определяется автоматически.',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'Вставьте URL MCP-сервера. Поддерживаются как Streamable HTTP, так и устаревшие SSE-эндпоинты.',
     noServerInstalled: 'MCP-серверы не настроены',
     serverNameRequired: 'Имя сервера не может быть пустым',
     commandRequired: 'Команда не может быть пустой',

web/src/i18n/locales/th-TH.ts

@@ -585,8 +585,7 @@ const thTH = {
     tabLogs: 'บันทึก',
     logsLevelAll: 'ทุกระดับ',
     logsRefresh: 'รีเฟรช',
-    logsAutoRefreshOn: 'รีเฟรชอัตโนมัติ: เปิด',
-    logsAutoRefreshOff: 'รีเฟรชอัตโนมัติ: ปิด',
+    logsAutoRefresh: 'รีเฟรชอัตโนมัติ',
     logsEmpty: 'ยังไม่มีบันทึก บันทึกที่ปลั๊กอินพิมพ์ผ่าน logger จะแสดงที่นี่',
     fileUpload: {
       tooLarge: 'ขนาดไฟล์เกินขีดจำกัด 10MB',
@@ -664,6 +663,10 @@ const thTH = {
     installFailed: 'ติดตั้งล้มเหลว กรุณาลองใหม่ภายหลัง',
     loadFailed: 'ไม่สามารถดึงรายการปลั๊กอินได้ กรุณาลองใหม่ภายหลัง',
     noDescription: 'ไม่มีคำอธิบาย',
+    recommendation: {
+      pause: 'หยุดการหมุนอัตโนมัติชั่วคราว',
+      resume: 'เล่นการหมุนอัตโนมัติต่อ',
+    },
     notFound: 'ไม่พบข้อมูลปลั๊กอิน',
     sortBy: 'เรียงตาม',
     sort: {
@@ -743,6 +746,15 @@ const thTH = {
     stdio: 'โหมด Stdio',
     sse: 'โหมด SSE',
     http: 'โหมด HTTP',
+    local: 'ภายในเครื่อง (Stdio)',
+    remote: 'ระยะไกล',
+    localModeDescription:
+      'รันเซิร์ฟเวอร์ MCP ภายในเครื่องเป็นโปรเซสย่อยภายในแซนด์บ็อกซ์ Box',
+    remoteModeDescription:
+      'เชื่อมต่อกับเซิร์ฟเวอร์ MCP ระยะไกลด้วย URL ระบบจะตรวจจับการขนส่ง (Streamable HTTP หรือ SSE) โดยอัตโนมัติ',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'วาง URL ของเซิร์ฟเวอร์ MCP รองรับทั้งเอนด์พอยต์ Streamable HTTP และ SSE แบบเดิม',
     noServerInstalled: 'ยังไม่มีเซิร์ฟเวอร์ MCP ที่กำหนดค่า',
     serverNameRequired: 'ชื่อเซิร์ฟเวอร์ต้องไม่ว่างเปล่า',
     commandRequired: 'คำสั่งต้องไม่ว่างเปล่า',

web/src/i18n/locales/vi-VN.ts

@@ -599,8 +599,7 @@ const viVN = {
     tabLogs: 'Nhật ký',
     logsLevelAll: 'Tất cả cấp độ',
     logsRefresh: 'Làm mới',
-    logsAutoRefreshOn: 'Tự động làm mới: Bật',
-    logsAutoRefreshOff: 'Tự động làm mới: Tắt',
+    logsAutoRefresh: 'Tự động làm mới',
     logsEmpty:
       'Chưa có nhật ký. Nhật ký do plugin in qua logger sẽ hiển thị ở đây.',
     fileUpload: {
@@ -679,6 +678,10 @@ const viVN = {
     installFailed: 'Cài đặt thất bại, vui lòng thử lại sau',
     loadFailed: 'Lấy danh sách plugin thất bại, vui lòng thử lại sau',
     noDescription: 'Không có mô tả',
+    recommendation: {
+      pause: 'Tạm dừng tự động xoay',
+      resume: 'Tiếp tục tự động xoay',
+    },
     notFound: 'Không tìm thấy thông tin plugin',
     sortBy: 'Sắp xếp theo',
     sort: {
@@ -758,6 +761,15 @@ const viVN = {
     stdio: 'Chế độ Stdio',
     sse: 'Chế độ SSE',
     http: 'Chế độ HTTP',
+    local: 'Cục bộ (Stdio)',
+    remote: 'Từ xa',
+    localModeDescription:
+      'Chạy máy chủ MCP cục bộ dưới dạng tiến trình con bên trong sandbox Box.',
+    remoteModeDescription:
+      'Kết nối đến máy chủ MCP từ xa bằng URL. Phương thức truyền tải (Streamable HTTP hoặc SSE) được phát hiện tự động.',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      'Dán URL của máy chủ MCP. Hỗ trợ cả endpoint Streamable HTTP và SSE cũ.',
     noServerInstalled: 'Chưa cấu hình máy chủ MCP nào',
     serverNameRequired: 'Tên máy chủ không được để trống',
     commandRequired: 'Lệnh không được để trống',

web/src/i18n/locales/zh-Hans.ts

@@ -566,8 +566,7 @@ const zhHans = {
     tabLogs: '日志',
     logsLevelAll: '全部级别',
     logsRefresh: '刷新',
-    logsAutoRefreshOn: '自动刷新：开',
-    logsAutoRefreshOff: '自动刷新：关',
+    logsAutoRefresh: '自动刷新',
     logsEmpty: '暂无日志。插件通过 logger 打印的日志会显示在这里。',
     fileUpload: {
       tooLarge: '文件大小超过 10MB 限制',
@@ -643,6 +642,10 @@ const zhHans = {
     installFailed: '安装失败，请稍后重试',
     loadFailed: '获取插件列表失败，请稍后重试',
     noDescription: '暂无描述',
+    recommendation: {
+      pause: '暂停自动轮播',
+      resume: '继续自动轮播',
+    },
     notFound: '插件信息未找到',
     sortBy: '排序方式',
     sort: {
@@ -722,6 +725,14 @@ const zhHans = {
     stdio: 'Stdio模式',
     sse: 'SSE模式',
     http: 'HTTP模式',
+    local: '本地（Stdio）',
+    remote: '远程',
+    localModeDescription: '在 Box 沙箱中以子进程方式本地运行 MCP 服务器。',
+    remoteModeDescription:
+      '通过 URL 连接远程 MCP 服务器，传输方式（Streamable HTTP 或 SSE）将自动检测。',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      '粘贴 MCP 服务器链接即可，同时支持 Streamable HTTP 和旧版 SSE 端点。',
     noServerInstalled: '暂未配置任何 MCP 服务器',
     serverNameRequired: '服务器名称不能为空',
     commandRequired: '命令不能为空',

web/src/i18n/locales/zh-Hant.ts

@@ -566,8 +566,7 @@ const zhHant = {
     tabLogs: '日誌',
     logsLevelAll: '全部級別',
     logsRefresh: '重新整理',
-    logsAutoRefreshOn: '自動重新整理：開',
-    logsAutoRefreshOff: '自動重新整理：關',
+    logsAutoRefresh: '自動重新整理',
     logsEmpty: '暫無日誌。外掛透過 logger 列印的日誌會顯示在這裡。',
     fileUpload: {
       tooLarge: '檔案大小超過 10MB 限制',
@@ -643,6 +642,10 @@ const zhHant = {
     installFailed: '安裝失敗，請稍後重試',
     loadFailed: '取得插件列表失敗，請稍後重試',
     noDescription: '暫無描述',
+    recommendation: {
+      pause: '暫停自動輪播',
+      resume: '繼續自動輪播',
+    },
     notFound: '插件資訊未找到',
     sortBy: '排序方式',
     sort: {
@@ -721,6 +724,14 @@ const zhHant = {
     sse: 'SSE模式',
     selectMode: '選擇連接模式',
     http: 'HTTP模式',
+    local: '本機（Stdio）',
+    remote: '遠端',
+    localModeDescription: '在 Box 沙箱中以子程序方式於本機執行 MCP 伺服器。',
+    remoteModeDescription:
+      '透過 URL 連接遠端 MCP 伺服器，傳輸方式（Streamable HTTP 或 SSE）將自動偵測。',
+    remoteUrlPlaceholder: 'https://example.com/mcp',
+    remoteUrlDescription:
+      '貼上 MCP 伺服器連結即可，同時支援 Streamable HTTP 與舊版 SSE 端點。',
     noServerInstalled: '暫未設定任何MCP伺服器',
     serverNameRequired: '伺服器名稱不能為空',
     commandRequired: '命令不能為空',