fix(skills): bootstrap generated lbs wrapper

feat: MCP server + in-repo skills (agent-friendly platform) (#2269 )
* feat(api): support global API key from config.yaml (api.global_api_key) Accept a config-defined global API key anywhere a web-UI key is accepted (X-API-Key / Bearer), with no login session and no DB record. Useful for automated deployments and AI agents (HTTP API + MCP). Defaults to empty (disabled); does not require the lbk_ prefix. - templates/config.yaml: add api.global_api_key with security notes - service/apikey.py: verify_api_key checks global key first (constant-time) - docs/API_KEY_AUTH.md: document the global key + security guidance - tests: cover global-key match, prefix-free, fallback-to-db, disabled * feat(mcp): expose LangBot management as an MCP server at /mcp Add an MCP (Model Context Protocol) server so external AI agents can manage a LangBot instance. Reuses the same API-key auth as the HTTP API (including the config.yaml global API key). - pkg/api/mcp/server.py: FastMCP server wrapping the service layer; 21 curated tools across system/bots/pipelines/models/knowledge/mcp-servers/skills - pkg/api/mcp/mount.py: ASGI dispatcher fronting Quart; authenticates /mcp requests with an API key, runs the streamable-HTTP session manager lifespan - controller/main.py: serve the wrapped ASGI app via hypercorn (was run_task) - web: new 'MCP' tab in the API integration dialog showing endpoint, auth, and client config; i18n for 8 locales - tests/manual/mcp_smoke.py: e2e check (401 unauth, list tools, call tools) Tool surface is intentionally curated (not all ~25 route groups) to keep the agent surface small, safe, and maintainable. Extend deliberately. * feat(skills): add in-repo skills/ as the single source of truth Migrate the agent skills + QA/e2e test harness from the (now archived) langbot-app/langbot-skills repo into LangBot/skills/, and add four new skills. Migrated: - langbot-plugin-dev, langbot-testing (e2e), langbot-env-setup, langbot-skills-maintenance, langbot-eba-adapter-dev - the bin/lbs CLI (src/, test/, scripts/, schemas/, qa-agent-docs/) New: - langbot-dev core backend + web development - langbot-deploy Docker/K8s deployment + config.yaml + global API key - langbot-mcp-ops operating the LangBot MCP server (/mcp) - langbot-space-ops operating the Space marketplace MCP server - src/cli.ts repoRoot(): recognize the skills assets root (skills.index.json + bin/lbs) so the CLI works when nested inside the LangBot repo - README.md: unified skill catalog; skills.index.json regenerated Parity with source verified: bin/lbs validate + node test suite match the source repo (only the uncommitted .lbpkg build-artifact fixture differs). * docs(agents): document agent-facing surfaces + API/MCP/skills sync rule * docs(readme): add 'Built for AI Agents' section across all locales Highlight MCP server, in-repo skills (single source of truth), AGENTS.md sync rule, and llms.txt. Cross-link LangBot Space MCP marketplace. * style(mcp): fix ruff format + prettier lint in MCP server and API panel * style(web): prettier format MCP i18n locale entries * docs(skills): note MCP instance control in dev/testing skills All development-guidance skills now point to the LangBot instance MCP server (/mcp) and the Space marketplace MCP server, reusing API keys.
2026-06-20 12:34:21 +00:00 · 2026-06-20 17:19:35 +08:00 · 2026-06-20 15:14:47 +08:00 · 2026-06-19 23:20:29 -04:00 · 2026-06-19 23:26:12 +08:00 · 2026-06-19 23:25:54 +08:00
589 changed files with 44839 additions and 10413 deletions
@@ -21,6 +21,7 @@
 *请在方括号间写`x`以打勾 / Please tick the box with `x`*

 - [ ] 阅读仓库[贡献指引](https://github.com/langbot-app/LangBot/blob/master/CONTRIBUTING.md)了吗？ / Have you read the [contribution guide](https://github.com/langbot-app/LangBot/blob/master/CONTRIBUTING.md)?
+- [ ] 我已签署或将在机器人提示后签署 [CLA](https://github.com/langbot-app/LangBot/blob/master/CLA.md)。 / I have signed, or will sign when prompted by the bot, the [CLA](https://github.com/langbot-app/LangBot/blob/master/CLA.md).
 - [ ] 与项目所有者沟通过了吗？ / Have you communicated with the project maintainer?
 - [ ] 我确定已自行测试所作的更改，确保功能符合预期。 / I have tested the changes and ensured they work as expected.

@@ -0,0 +1,41 @@
+name: "CLA Assistant"
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened, closed, synchronize, reopened]
+
+permissions:
+  actions: write          # re-run the failed CLA check after signing
+  contents: read          # signatures are stored in the remote langbot-app/cla repo
+  pull-requests: write    # post guidance comments, lock PR after merge
+  statuses: write         # set the commit status
+
+jobs:
+  CLAAssistant:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "CLA Assistant"
+        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
+        # Upstream repo was archived in 2026-03; pin to the v2.6.1 commit SHA.
+        uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # repo-scope PAT with write access to langbot-app/cla
+          PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_PAT }}
+        with:
+          path-to-document: 'https://github.com/langbot-app/LangBot/blob/master/CLA.md'
+          remote-organization-name: 'langbot-app'
+          remote-repository-name: 'cla'
+          path-to-signatures: 'signatures/version1/cla.json'
+          branch: 'main'
+          allowlist: 'dependabot[bot],github-actions[bot],devin-ai-integration[bot],Copilot,renovate[bot],bot*'
+          custom-notsigned-prcomment: |
+            Thank you for your contribution! :heart: Before we can merge this pull request, we need you to sign the [LangBot Contributor License Agreement (CLA)](https://github.com/langbot-app/LangBot/blob/master/CLA.md). You keep full copyright of your code — the CLA grants us a license to use and distribute your contribution. Signing takes 10 seconds and covers all repositories in this organization, permanently.
+
+            感谢您的贡献！合并前请阅读并签署[贡献者许可协议（CLA）](https://github.com/langbot-app/LangBot/blob/master/CLA.md)。您保留代码的全部版权，签署仅需回复下方指定内容，一次签署对本组织全部仓库永久有效。
+          custom-allsigned-prcomment: 'All contributors have signed the CLA. :white_check_mark: 所有贡献者均已签署 CLA。'
+          lock-pullrequest-aftermerge: true
+        # SECURITY: this workflow runs on pull_request_target (it holds secrets and has
+        # write access to the base repository). NEVER add an actions/checkout step that
+        # checks out the PR's code here.
@@ -0,0 +1,46 @@
+name: Frontend Tests
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    paths:
+      - 'web/**'
+      - '.github/workflows/frontend-tests.yml'
+  push:
+    branches:
+      - master
+      - develop
+    paths:
+      - 'web/**'
+      - '.github/workflows/frontend-tests.yml'
+
+jobs:
+  playwright-smoke:
+    name: Playwright Smoke
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '25'
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 8.9.2
+
+      - name: Install dependencies
+        working-directory: web
+        run: pnpm install --frozen-lockfile
+
+      - name: Install Playwright browsers
+        working-directory: web
+        run: pnpm exec playwright install --with-deps chromium
+
+      - name: Run Playwright smoke tests
+        working-directory: web
+        run: pnpm test:e2e
@@ -29,7 +29,7 @@ jobs:
        run: uv sync --dev

      - name: Run ruff check
-        run: uv run ruff check src
+        run: uv run ruff check src/langbot/ tests/ --output-format=concise

      - name: Run ruff format
        run: uv run ruff format src --check
@@ -84,6 +84,67 @@ jobs:
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY

+  e2e:
+    name: E2E Startup Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Run E2E startup tests
+        run: uv run pytest tests/e2e -q --tb=short
+
+      - name: E2E Test Summary
+        if: always()
+        run: |
+          echo "## E2E Startup Test Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
+
+  box-integration:
+    name: Box Integration Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+
+      - name: Install dependencies
+        run: uv sync --dev
+
+      - name: Check Docker runtime
+        run: docker info
+
+      - name: Run Box integration tests
+        run: uv run pytest tests/integration_tests -q --tb=short
+
+      - name: Box Integration Test Summary
+        if: always()
+        run: |
+          echo "## Box Integration Test Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Test Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
+
  coverage:
    name: Coverage Gate
    runs-on: ubuntu-latest
@@ -129,4 +190,4 @@ jobs:
          echo "## Coverage Results" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "Threshold: 18%" >> $GITHUB_STEP_SUMMARY
-          echo "Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
+          echo "Status: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY
@@ -1,81 +1,163 @@
 # AGENTS.md

-This file is for guiding code agents (like Claude Code, GitHub Copilot, OpenAI Codex, etc.) to work in LangBot project.
+This file guides code agents (Claude Code, GitHub Copilot, OpenAI Codex, etc.) working in the LangBot project. `CLAUDE.md` is a symlink to this file.

 ## Project Overview

-LangBot is a open-source LLM native instant messaging bot development platform, aiming to provide an out-of-the-box IM robot development experience, with Agent, RAG, MCP and other LLM application functions, supporting global instant messaging platforms, and providing rich API interfaces, supporting custom development.
+LangBot is an open-source, LLM-native instant-messaging bot development platform. It aims to provide an out-of-the-box IM bot development experience with Agent, RAG, MCP and other LLM application capabilities, supporting mainstream global IM platforms and exposing rich APIs for custom development.

-LangBot has a comprehensive frontend, all operations can be performed through the frontend. The project splited into these major parts:
+LangBot has a comprehensive web frontend — almost every operation can be performed through it.

- `./src/langbot`: The main python package of the project, below are the main modules in this package:
-    - `./pkg`: The core python package of the project backend.
-        - `./pkg/platform`: The platform module of the project, containing the logic of message platform adapters, bot managers, message session managers, etc.
-        - `./pkg/provider`: The provider module of the project, containing the logic of LLM providers, tool providers, etc.
-        - `./pkg/pipeline`: The pipeline module of the project, containing the logic of pipelines, stages, query pool, etc.
-        - `./pkg/api`: The api module of the project, containing the http api controllers and services.
-        - `./pkg/plugin`: LangBot bridge for connecting with plugin system.
-    - `./libs`: Some SDKs we previously developed for the project, such as `qq_official_api`, `wecom_api`, etc.
-    - `./templates`: Templates of config files, components, etc.
-    - `./web`: Frontend codebase, built with Next.js + **shadcn** + **Tailwind CSS**.
-    - `./docker`: docker-compose deployment files.
+- **Python**: `>=3.11,<4.0`, dependencies managed by `uv`. Package version is in `pyproject.toml`.
+- **Frontend**: `web/` is a **Vite + React Router 7 + shadcn/ui + Tailwind CSS** SPA, managed by `pnpm`. (Note: this is NOT Next.js — the `dev` script is `vite`.)
+- **Backend framework**: Quart (the async flavour of Flask). The HTTP API and the pre-built web UI are both served by the backend on `http://127.0.0.1:5300`.

-## Backend Development
+## Repository Layout

-We use `uv` to manage dependencies.
+```
+LangBot/
+├── main.py                     # Entrypoint shim -> langbot.__main__.main()
+├── pyproject.toml              # Python project + deps (uv), pins langbot-plugin==<x.y.z>
+├── src/langbot/
+│   ├── __main__.py             # Real entrypoint, CLI args (--standalone-runtime, --standalone-box, --debug)
+│   ├── pkg/                    # Core backend package
+│   │   ├── api/                # HTTP API controllers + services (Quart)
+│   │   ├── core/               # App bootstrap, stages, task manager
+│   │   ├── platform/           # IM platform adapters, bot managers, session managers
+│   │   ├── provider/           # LLM providers, requesters, tool providers
+│   │   ├── pipeline/           # Pipelines, stages, query pool
+│   │   ├── plugin/             # Bridge connecting LangBot to the plugin runtime (see below)
+│   │   ├── box/                # Code-sandbox subsystem (Docker / nsjail / E2B backends)
+│   │   ├── skill/              # Skill subsystem
+│   │   ├── rag/ , vector/      # RAG + vector store
+│   │   ├── command/            # Built-in commands
+│   │   ├── persistence/        # ORM models + Alembic migrations (SQLite & PostgreSQL)
+│   │   ├── storage/            # Object/file storage abstractions
+│   │   ├── config/, entity/, discover/, utils/, telemetry/, survey/
+│   ├── libs/                   # Vendored SDKs (qq_official_api, wecom_api, etc.)
+│   └── templates/              # Config/component templates (e.g. templates/config.yaml)
+├── web/                        # Frontend SPA (Vite + React Router 7 + shadcn + Tailwind)
+└── docker/                     # docker-compose deployment files
+```
+
+## Development Environment Setup
+
+Full guide lives in the wiki: **["开发配置" / Dev Config](https://docs.langbot.app/zh/develop/dev-config)**. Summary:
+
+### Backend

 ```bash
 pip install uv
-uv sync --dev
+uv sync --dev          # uv creates a .venv/ for you; point your editor's interpreter at it
+uv run main.py         # serves API + web UI on http://127.0.0.1:5300
 ```

-Start the backend and run the project in development mode.
+On first run the config file is generated at `data/config.yaml`. DB is SQLite by default (zero setup); PostgreSQL is supported. Migrations run automatically on startup.

-```bash
-uv run main.py
-```
+### Frontend

-Then you can access the project at `http://127.0.0.1:5300`.
-
-## Frontend Development
-
-We use `pnpm` to manage dependencies.
+Requires Node.js + [pnpm](https://pnpm.io/installation).

 ```bash
 cd web
-cp .env.example .env
+cp .env.example .env   # Windows: copy .env.example .env
 pnpm install
-pnpm dev
+pnpm dev               # http://127.0.0.1:3000  (npm install / npm run dev also work)
 ```

-Then you can access the project at `http://127.0.0.1:3000`.
+`pnpm dev` reads `VITE_API_BASE_URL` from `web/.env` so the dev frontend can reach the backend on port `5300`. In production the frontend is pre-built into static files served by the backend on the same origin.

-## Plugin System Architecture
+### Code formatting

-LangBot is composed of various internal components such as Large Language Model tools, commands, messaging platform adapters, LLM requesters, and more. To meet extensibility and flexibility requirements, we have implemented a production-grade plugin system.
+The repo runs lint + format checks in CI. Install the pre-commit hooks so the same checks run locally before each commit:

-Each plugin runs in an independent process, managed uniformly by the Plugin Runtime. It has two operating modes: `stdio` and `websocket`. When LangBot is started directly by users (not running in a container), it uses `stdio` mode, which is common for personal users or lightweight environments. When LangBot runs in a container, it uses `websocket` mode, designed specifically for production environments.
+```bash
+uv run pre-commit install
+```

-Plugin Runtime automatically starts each installed plugin and interacts through stdio. In plugin development scenarios, developers can use the lbp command-line tool to start plugins and connect to the running Runtime via WebSocket for debugging.
+## Plugin System

-> Plugin SDK, CLI, Runtime, and entities definitions shared between LangBot and plugins are contained in the [`langbot-plugin-sdk`](https://github.com/langbot-app/langbot-plugin-sdk) repository.
+LangBot's plugin system (Plugin SDK, CLI `lbp`, Plugin Runtime, and the shared entity/API definitions) lives in a **separate repository**: [`langbot-plugin-sdk`](https://github.com/langbot-app/langbot-plugin-sdk). LangBot depends on it via the pinned `langbot-plugin` package in `pyproject.toml`.

-## Some Development Tips and Standards
+### Architecture (what to know inside this repo)

- LangBot is a global project, any comments in code should be in English, and user experience should be considered in all aspects.
- Thus you should consider the i18n support in all aspects.
- LangBot is widely adopted in both toC and toB scenarios, so you should consider the compatibility and security in all aspects.
- If you were asked to make a commit, please follow the commit message format: 
-    - format: <type>(<scope>): <subject>
-    - type: must be a specific type, such as feat (new feature), fix (bug fix), docs (documentation), style (code style), refactor (refactoring), perf (performance optimization), etc.
-    - scope: the scope of the commit, such as the package name, the file name, the function name, the class name, the module name, etc.
-    - subject: the subject of the commit, such as the description of the commit, the reason for the commit, the impact of the commit, etc.
- LangBot uses [Alembic](https://alembic.sqlalchemy.org/) to manage database migrations, supporting both SQLite and PostgreSQL. Migration files are located in `src/langbot/pkg/persistence/alembic/versions/`. If you changed the definition of database entities (ORM models), generate a new migration script by running `uv run python -m langbot.pkg.persistence.alembic_runner autogenerate "description of your change"` in the project root (requires `data/config.yaml` to exist). Review and edit the generated script before committing. Migrations are executed automatically on LangBot startup. For data migrations (e.g. modifying JSON field content), you need to manually add the migration code in the generated script.
+- Plugins run as independent processes managed by the **Plugin Runtime**. The Runtime supports two control transports: `stdio` and `websocket`.
+- When LangBot is started directly by a user (not in a container), it spawns and connects to the Runtime over **stdio** (lightweight/personal use).
+- When LangBot runs in a container, it connects to a standalone Runtime over **WebSocket** (production).
+- The bridge code lives in `src/langbot/pkg/plugin/` (`connector.py`, `handler.py`).
+- Relevant config (`data/config.yaml`): `plugin.runtime_ws_url` (e.g. `ws://langbot_plugin_runtime:5400/control/ws`). Start LangBot with `--standalone-runtime` to make it connect to an externally-launched Runtime over WebSocket instead of spawning one over stdio.
+
+### Debugging the Plugin Runtime / CLI / SDK
+
+This is documented in detail in the **SDK repo's `AGENTS.md`** and in the wiki page **["调试插件运行时、CLI、SDK" / Plugin Runtime](https://docs.langbot.app/zh/develop/plugin-runtime)**. The short version:
+
+- Clone `LangBot` and `langbot-plugin-sdk` as siblings under one parent dir so the editor resolves shared entities.
+- Start a standalone Runtime from the SDK repo: `uv run --no-sync lbp rt` (control port `5400`, debug port `5401`).
+- To make LangBot use a locally-modified SDK: from the SDK dir, with LangBot's `.venv` active, run `uv pip install .`, then launch LangBot with `uv run --no-sync main.py --standalone-runtime` (keep `--no-sync` so your local SDK isn't overwritten).
+
+### Debugging the Box (sandbox) runtime
+
+The Box subsystem (`src/langbot/pkg/box/`) is the code sandbox. It picks the first available backend among **Docker / nsjail / E2B**. The standalone Box runtime is launched via the SDK CLI: `lbp box`. Backend selection details, the `lbp box` flags, and the SDK-side architecture are documented in the SDK repo's `AGENTS.md`.
+
+Relevant config (`data/config.yaml`, `box:` section): `box.enabled` (master switch — disabling it also disables the native sandbox tools, skill add/edit, and stdio-mode MCP servers), `box.backend` (`'local'` = Docker/nsjail auto-pick, or `'docker'` / `'nsjail'` / `'e2b'`; also settable via `BOX__BACKEND`), and `box.runtime.endpoint` (external Box runtime base URL, e.g. `ws://127.0.0.1:5410`; empty = local auto-managed runtime). Like the plugin runtime, LangBot can connect to an externally-launched Box runtime by setting that endpoint and starting with `--standalone-box`.
+
+> A common false "No supported sandbox backend (Docker / nsjail / E2B) is available" comes from Docker being installed and running but the current user not being in the `docker` group → `docker info` gets `permission denied` on the socket. Fix: `sudo usermod -aG docker <user>` and restart the backend in a shell that has the new group.
+
+## Development Standards
+
+- LangBot is a global project: **all code comments and docstrings must be in English**, and every user-facing string must support **i18n** (`en_US` + `zh_Hans` at minimum, plus `ja_JP` where the repo already has it).
+- LangBot is adopted in both toC and toB scenarios — always consider compatibility and security.
+- **Commit message format**: `<type>(<scope>): <subject>`
+  - `type`: one of `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `chore`, etc.
+  - `scope`: the affected package/module/file/class.
+  - `subject`: concise description of the change.
+
+### Database migrations (Alembic)
+
+LangBot uses [Alembic](https://alembic.sqlalchemy.org/) for migrations, supporting both SQLite and PostgreSQL from a single set of scripts. Migration files live in `src/langbot/pkg/persistence/alembic/versions/`.
+
+If you change ORM model definitions, generate a migration:
+
+```bash
+# Run from the project root (requires data/config.yaml to exist)
+uv run python -m langbot.pkg.persistence.alembic_runner autogenerate "description of your change"
+```
+
+Review and edit the generated script before committing. Migrations execute automatically on startup. `autogenerate` detects schema changes (add/drop columns, tables, type changes) but **data migrations** (e.g. mutating JSON field contents) must be hand-written into the generated script. `env.py` sets `render_as_batch=True`, so SQLite's ALTER TABLE limits are handled automatically — no need to branch per database. More in the wiki ["开发配置"](https://docs.langbot.app/zh/develop/dev-config#数据库迁移).
+
+When writing a migration, follow these rules:
+
+- **Revision id ≤ 32 characters.** PostgreSQL stores `alembic_version.version_num` as `varchar(32)`; a longer id raises `StringDataRightTruncationError` at runtime. Prefer short, descriptive ids like `0005_add_llm_context_length`.
+- **Guard every operation against missing tables/columns.** Fresh installs build the schema via `create_all()` and then stamp the Alembic baseline, so a migration may run against a table that already has the change — or, in tests, against an empty database. Check `inspector.get_table_names()` / `inspector.get_columns(...)` before `add_column` / `drop_column`, mirroring the existing migrations.
+- **Keep a single linear head.** Chain `down_revision` to the current head; do not create branches. Run the migration tests after adding one: `uv run pytest tests/integration/persistence/ -q` (the PostgreSQL test needs a running PG via `TEST_POSTGRES_URL`).
+
+> **Legacy migration system (deprecated — do not extend).** The old 3.x migration system under `src/langbot/pkg/persistence/migrations/` (`DBMigration` subclasses in `dbmXXX_*.py`, run from `pkg/persistence/mgr.py`) is **frozen**. Do **not** add new `dbmXXX_*.py` files. The chain is capped at `required_database_version = 25` (`pkg/utils/constants.py`); those files only exist to upgrade pre-existing 3.x databases up to the Alembic baseline and are kept read-only. All new schema changes go through Alembic.
+
+## Agent-Facing Surfaces (MCP + Skills)
+
+LangBot is built to be **agent-friendly**. Three surfaces let AI agents work
+with LangBot, and they MUST be kept in lockstep with the HTTP API:
+
+1. **MCP server** — `src/langbot/pkg/api/mcp/` exposes a curated subset of the
+   API as MCP tools at `/mcp` (API-key authenticated, including the
+   `api.global_api_key` from config.yaml). `server.py` defines the tools (they
+   call the service layer directly); `mount.py` is the ASGI dispatcher.
+2. **In-repo skills** — `skills/` is the **single source of truth** for agent
+   skills (plugin/core/deploy/e2e/MCP-ops). Docs and the landing page link here
+   rather than embedding their own copies.
+3. **API-key auth** — `api.global_api_key` (config.yaml) authenticates the API
+   and MCP without a login session; see `docs/API_KEY_AUTH.md`.
+
+> **Maintenance rule (important).** When you add, remove, or change an HTTP API
+> endpoint that should be agent-accessible, you MUST update **both** the matching
+> MCP tool in `src/langbot/pkg/api/mcp/server.py` **and** the relevant skill under
+> `skills/` (especially `skills/skills/langbot-mcp-ops`). The API, the MCP tool
+> surface, and the skills are one system — drift between them is a bug.

 ## Some Principles

 - Keep it simple, stupid.
- Entities should not be multiplied unnecessarily
+- Entities should not be multiplied unnecessarily.
 - 八荣八耻

    以瞎猜接口为耻，以认真查询为荣。
@@ -85,4 +167,4 @@ Plugin Runtime automatically starts each installed plugin and interacts through
    以跳过验证为耻，以主动测试为荣。
    以破坏架构为耻，以遵循规范为荣。
    以假装理解为耻，以诚实无知为荣。
-    以盲目修改为耻，以谨慎重构为荣。
+    以盲目修改为耻，以谨慎重构为荣。
@@ -0,0 +1,107 @@
+# LangBot Individual Contributor License Agreement (v1.0)
+
+Thank you for your interest in contributing to LangBot (the "Project"), stewarded by Beijing Langbo Intelligent Technology Co., Ltd. (北京浪波智能科技有限公司) ("We" or "Us").
+
+This Individual Contributor License Agreement ("Agreement") documents the rights granted by contributors to Us. By signing this Agreement (see Section 9), You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the Project. Except for the licenses granted herein to Us and recipients of software distributed by Us, You reserve all right, title, and interest in and to Your Contributions.
+
+## 1. Definitions
+
+"You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with Us.
+
+"Contribution" shall mean any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to Us for inclusion in, or documentation of, any of the products or repositories owned or managed by Us (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to Us or our representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, Us for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution."
+
+## 2. Grant of Copyright License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Us and to recipients of software distributed by Us a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works. For clarity, this includes the right for Us to distribute Your Contributions, alone or as part of the Work, under the terms of any license, including without limitation open source licenses and commercial or proprietary licenses.
+
+## 3. Grant of Patent License
+
+Subject to the terms and conditions of this Agreement, You hereby grant to Us and to recipients of software distributed by Us a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that Your Contribution, or the Work to which You have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed.
+
+## 4. Authority; Employer
+
+You represent that You are legally entitled to grant the above licenses. If Your employer(s) has rights to intellectual property that You create that includes Your Contributions, You represent that You have received permission to make Contributions on behalf of that employer, that Your employer has waived such rights for Your Contributions to Us, or that Your employer has executed a separate Corporate Contributor License Agreement with Us.
+
+## 5. Original Creation; Disclosure
+
+You represent that each of Your Contributions is Your original creation (see Section 7 for submissions on behalf of others). You represent that Your Contribution submissions include complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which You are personally aware and which are associated with any part of Your Contributions.
+
+## 6. No Obligation of Support; Disclaimer
+
+You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE.
+
+## 7. Third-Party Works
+
+Should You wish to submit work that is not Your original creation, You may submit it to Us separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which You are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]".
+
+## 8. Notification
+
+You agree to notify Us of any facts or circumstances of which You become aware that would make these representations inaccurate in any respect.
+
+## 9. Electronic Signature
+
+This Agreement is accepted and signed electronically: posting a comment containing the exact phrase designated by Us (currently "I have read the CLA Document and I hereby sign the CLA") from Your GitHub account on a pull request in the Project's repositories constitutes Your binding electronic signature to this Agreement. You represent that the GitHub account used to sign belongs to You and that You are of legal age to form a binding contract. Your signature covers Your present and future Contributions to all repositories owned or managed by Us, until and unless You notify Us in writing that You withdraw from this Agreement for future Contributions (licenses already granted are irrevocable).
+
+## 10. Our Commitment
+
+We commit that the Project's main repository will continue to make an open source version of the Work publicly available.
+
+## 11. Miscellaneous
+
+This Agreement is the entire agreement between You and Us regarding Your Contributions and supersedes any prior agreements on this subject. If any provision is held unenforceable, the remaining provisions remain in effect. This Agreement is executed in English; the Chinese translation below is provided for reference only, and the English version shall prevail in case of any discrepancy.
+
+---
+
+# LangBot 个人贡献者许可协议（v1.0）中文参考译文
+
+> 本译文仅供参考，如与英文版有任何歧义，以英文版为准。
+
+感谢您有意为 LangBot（下称"本项目"）作出贡献。本项目由北京浪波智能科技有限公司（下称"我方"）运营管理。
+
+本《个人贡献者许可协议》（下称"本协议"）旨在记录贡献者授予我方的各项权利。您一经签署本协议（见第 9 条），即接受并同意以下条款与条件，适用于您向本项目提交的现在及未来的全部贡献。除本协议授予我方及我方分发软件之接收者的许可外，您保留对您的贡献的全部权利、所有权和利益。
+
+## 1. 定义
+
+"您"指与我方订立本协议的版权所有人，或经版权所有人授权的法律实体。
+
+"贡献"指您有意提交给我方、用于纳入我方拥有或管理的任何产品或代码仓库（下称"作品"）或其文档的任何原创作品，包括对既有作品的修改或增补。就本定义而言，"提交"指以任何电子、口头或书面形式向我方或我方代表发送的通信，包括但不限于在由我方或代表我方管理的电子邮件列表、源代码管理系统和问题跟踪系统中，为讨论和改进作品而进行的通信；但您以显著方式标注或以书面形式声明为"非贡献"（Not a Contribution）的通信除外。
+
+## 2. 版权许可的授予
+
+在遵守本协议条款与条件的前提下，您特此授予我方及我方分发软件之接收者一项永久的、全球范围的、非独占的、免费的、免版税的、不可撤销的版权许可，以复制您的贡献、基于其创作衍生作品、公开展示、公开表演、再许可以及分发您的贡献及上述衍生作品。为明确起见，上述许可包括我方有权以任何许可条款（包括但不限于开源许可证以及商业或专有许可证）单独或作为作品的一部分分发您的贡献。
+
+## 3. 专利许可的授予
+
+在遵守本协议条款与条件的前提下，您特此授予我方及我方分发软件之接收者一项永久的、全球范围的、非独占的、免费的、免版税的、不可撤销的（本条所述情形除外）专利许可，以制造、委托制造、使用、许诺销售、销售、进口及以其他方式转让作品；该许可仅适用于您可许可的、且因您的贡献本身或您的贡献与其所提交之作品的结合而必然受到侵犯的专利权利要求。如任何实体对您或任何其他实体提起专利诉讼（包括诉讼中的交叉请求或反诉），主张您的贡献或您所贡献的作品构成直接或帮助性专利侵权，则依据本协议就该贡献或作品授予该实体的任何专利许可，自该诉讼提起之日起终止。
+
+## 4. 权利能力与雇主
+
+您声明您在法律上有权授予上述许可。如您的雇主对您创作的、包含您的贡献在内的知识产权享有权利，您声明：您已获得该雇主代表其作出贡献的许可，或该雇主已就您向我方的贡献放弃上述权利，或该雇主已与我方另行签署《企业贡献者许可协议》。
+
+## 5. 原创性声明与披露义务
+
+您声明您的每项贡献均为您的原创作品（代表第三方提交的情形见第 7 条）。您声明您提交的贡献中已完整披露您本人知悉的、与您的贡献任何部分相关的任何第三方许可或其他限制（包括但不限于相关专利和商标）的全部细节。
+
+## 6. 无支持义务；免责声明
+
+您无义务为您的贡献提供支持，除非您自愿提供。您可以免费提供支持、收费提供支持或不提供支持。除非适用法律要求或另有书面约定，您的贡献按"现状"（AS IS）提供，不附带任何明示或默示的保证或条件，包括但不限于关于权属、不侵权、适销性或特定用途适用性的任何保证或条件。
+
+## 7. 第三方作品
+
+如您希望提交非您原创的作品，您可以将其与任何贡献分开单独提交给我方，并完整说明其来源以及您本人知悉的任何许可或其他限制（包括但不限于相关专利、商标和许可协议）的全部细节，同时以显著方式将该作品标注为"代表第三方提交：[此处注明第三方名称]"。
+
+## 8. 通知义务
+
+如您知悉任何事实或情况将导致上述声明在任何方面不准确，您同意通知我方。
+
+## 9. 电子签署
+
+本协议以电子方式接受并签署：您通过您的 GitHub 账号，在本项目代码仓库的拉取请求（pull request）中发表包含我方指定语句（现为 "I have read the CLA Document and I hereby sign the CLA"）的评论，即构成您对本协议具有约束力的电子签名。您声明用于签署的 GitHub 账号归您本人所有，且您已达到订立有约束力合同的法定年龄。您的签署覆盖您对我方拥有或管理的全部代码仓库的现在及未来的贡献，直至您以书面形式通知我方就未来贡献退出本协议为止（已授予的许可不可撤销）。
+
+## 10. 我方承诺
+
+我方承诺本项目主仓库将持续公开提供作品的开源版本。
+
+## 11. 其他
+
+本协议构成您与我方之间就您的贡献达成的完整协议，并取代双方先前就此主题达成的任何协议。如本协议任何条款被认定为不可执行，其余条款仍然有效。本协议以英文签署，中文译文仅供参考，如有歧义以英文版为准。
@@ -14,6 +14,12 @@
 - 在 PR 和 Commit Message 中请使用全英文
 - 对于中文用户，issue 中可以使用中文

+### 贡献者许可协议（CLA）
+
+为了保护项目和每一位贡献者，我们要求所有代码贡献者签署[贡献者许可协议（CLA）](./CLA.md)。这是 Apache、Google、Grafana 等主流开源项目的标准做法：您保留自己代码的全部版权，仅授予项目使用、分发您贡献的许可。
+
+签署只需 10 秒：首次提交 PR 时，机器人会自动评论提示，按提示回复一句话即完成签署，此后对本组织所有仓库永久有效。历史贡献不受影响。
+
 <hr/>

 ## Guidelines
@@ -29,3 +35,9 @@

 - Use English in PRs and Commit Messages
 - For English users, you can use English in issues
+
+### Contributor License Agreement (CLA)
+
+To protect the project and every contributor, we require all code contributors to sign our [Contributor License Agreement](./CLA.md). This is standard practice in major open source projects such as Apache, Google, and Grafana: you keep full copyright of your code — the CLA only grants us a license to use and distribute your contribution.
+
+Signing takes 10 seconds: when you open your first PR, a bot will guide you to reply with a single comment. One signature covers all repositories in this organization, permanently. Past contributions are not affected.
@@ -6,6 +6,25 @@ COPY web ./web

 RUN cd web && npm install && npx vite build

+# Build nsjail from source so the image ships a self-contained sandbox backend
+# that needs no host Docker socket. Pinned to a release tag for reproducibility.
+# Multi-stage keeps the compile toolchain (bison/flex/protobuf-dev/libnl-dev)
+# out of the final image; only the nsjail binary and its small runtime libs
+# (libprotobuf, libnl-route-3) are carried over.
+FROM python:3.12.7-slim AS nsjail-build
+
+ARG NSJAIL_VERSION=3.6
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        ca-certificates git build-essential \
+        autoconf bison flex libtool pkg-config \
+        protobuf-compiler libprotobuf-dev libnl-route-3-dev \
+    && git clone --depth 1 --branch "${NSJAIL_VERSION}" https://github.com/google/nsjail.git /nsjail \
+    && make -C /nsjail \
+    && install -m 0755 /nsjail/nsjail /usr/local/bin/nsjail \
+    && rm -rf /var/lib/apt/lists/*
+
 FROM python:3.12.7-slim

 WORKDIR /app
@@ -14,10 +33,29 @@ COPY . .

 COPY --from=node /app/web/dist ./web/dist

-RUN apt update \
-    && apt install gcc -y \
+# nsjail binary built in the dedicated stage above. Self-contained sandbox
+# backend; lets the Box runtime isolate code without a host Docker socket.
+COPY --from=nsjail-build /usr/local/bin/nsjail /usr/local/bin/nsjail
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends gcc ca-certificates curl gnupg \
+    # nsjail runtime libraries (the build toolchain stays in the nsjail-build
+    # stage; only these shared libs are needed to execute the binary).
+    && apt-get install -y --no-install-recommends libprotobuf32 libnl-route-3-200 \
+    # Install the Docker CLI (client only) so the optional langbot_box
+    # service can drive the mounted host Docker socket and create sandbox
+    # containers. The same image powers langbot / plugin_runtime / box; only
+    # box uses the client. Arch-aware via dpkg so multi-arch builds work.
+    && install -m 0755 -d /etc/apt/keyrings \
+    && curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \
+    && chmod a+r /etc/apt/keyrings/docker.asc \
+    && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo \"$VERSION_CODENAME\") stable" > /etc/apt/sources.list.d/docker.list \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends docker-ce-cli \
    && python -m pip install --no-cache-dir uv \
    && uv sync \
+    && apt-get purge -y --auto-remove curl gnupg \
+    && rm -rf /var/lib/apt/lists/* \
    && touch /.dockerenv

 CMD [ "uv", "run", "--no-sync", "main.py" ]
@@ -36,9 +36,13 @@ English / [简体中文](README_CN.md) / [繁體中文](README_TW.md) / [日本

 LangBot is an **open-source, production-grade platform** for building AI-powered instant messaging bots. It connects Large Language Models (LLMs) to any chat platform, enabling you to create intelligent agents that can converse, execute tasks, and integrate with your existing workflows.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="LangBot web management dashboard — real-time monitoring of message volume, model calls, success rate and active sessions" width="720"/>
+</p>
+
 ### Key Capabilities

- **AI Conversations & Agents** — Multi-turn dialogues, tool calling, multi-modal support, streaming output. Built-in RAG (knowledge base) with deep integration to [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org).
+- **AI Conversations & Agents** — Multi-turn dialogues, tool calling, multi-modal support, streaming output. Built-in RAG (knowledge base) with deep integration to [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech), [Weknora](https://weknora.weixin.qq.com).
 - **Universal IM Platform Support** — One codebase for Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK.
 - **Production-Ready** — Access control, rate limiting, sensitive word filtering, comprehensive monitoring, and exception handling. Trusted by enterprises.
 - **Plugin Ecosystem** — Hundreds of plugins, event-driven architecture, component extensions, and [MCP protocol](https://modelcontextprotocol.io/) support.
@@ -78,7 +82,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**More options:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**More options:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -144,6 +148,19 @@ docker compose up -d

 ---

+## Built for AI Agents 🤖
+
+LangBot is **agent-friendly by design** — your coding agents (Claude Code, Codex, Copilot, Cursor, …) can operate, extend, and deploy LangBot with first-class support:
+
+- **MCP Server** — LangBot exposes a built-in [Model Context Protocol](https://modelcontextprotocol.io/) endpoint at `/mcp`, mirroring the HTTP API so an agent can manage bots, pipelines, plugins, and models programmatically. Authenticate with the same API key (set a global key in `config.yaml` or use a per-user key) — no login flow required. Configure it in the Web panel's **API & MCP** tab.
+- **In-repo Skills** — The [`skills/`](skills/) directory is the **single source of truth** for working with LangBot: plugin development, core development, end-to-end testing, deployment, and operating the LangBot / LangBot Space MCP servers. Point your agent at this directory and it knows how to build.
+- **AGENTS.md** — Every repo ships an [`AGENTS.md`](AGENTS.md) (symlinked to `CLAUDE.md`) describing architecture, conventions, and the rule that API changes must keep the MCP server and skills in sync.
+- **`llms.txt`** — Machine-readable project context for LLMs is published on the website.
+
+> **Cloud / Marketplace:** [LangBot Space](https://space.langbot.app) also exposes an MCP server so agents can search and inspect the plugin / MCP / skill marketplace, authenticated with a Personal Access Token.
+
+---
+
 ## Live Demo

 **Try it now:** https://demo.langbot.dev/
@@ -13,7 +13,7 @@
 [English](README.md) / 简体中文 / [繁體中文](README_TW.md) / [日本語](README_JP.md) / [Español](README_ES.md) / [Français](README_FR.md) / [한국어](README_KO.md) / [Русский](README_RU.md) / [Tiếng Việt](README_VI.md)

 [![Discord](https://img.shields.io/discord/1335141740050649118?logo=discord&labelColor=%20%235462eb&logoColor=%20%23f5f5f5&color=%20%235462eb)](https://discord.gg/wdNEHETs87)
-[![QQ Group](https://img.shields.io/badge/%E7%A4%BE%E5%8C%BAQQ%E7%BE%A4-1030838208-blue)](https://qm.qq.com/q/DxZZcNxM1W)
+[![QQ Group](https://img.shields.io/badge/%E7%A4%BE%E5%8C%BAQQ%E7%BE%A4-1030838208-blue)](https://qm.qq.com/q/IrlV8QFacU)
 [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/langbot-app/LangBot)
 [![GitHub release (latest by date)](https://img.shields.io/github/v/release/langbot-app/LangBot)](https://github.com/langbot-app/LangBot/releases/latest)
 <img src="https://img.shields.io/badge/python-3.10 ~ 3.13 -blue.svg" alt="python">
@@ -36,9 +36,13 @@

 LangBot 是一个**开源的生产级平台**，用于构建 AI 驱动的即时通信机器人。它将大语言模型（LLM）连接到各种聊天平台，帮助你创建能够对话、执行任务、并集成到现有工作流程中的智能 Agent。

+<p align="center">
+<img src="res/dashboard-overview.png" alt="LangBot Web 管理面板仪表盘 — 实时监控消息量、模型调用、成功率与活跃会话" width="720"/>
+</p>
+
 ### 核心能力

- **AI 对话与 Agent** — 多轮对话、工具调用、多模态、流式输出。自带 RAG（知识库），深度集成 [Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org) 等 LLMOps 平台。
+- **AI 对话与 Agent** — 多轮对话、工具调用、多模态、流式输出。自带 RAG（知识库），深度集成 [Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org)、[Deerflow](https://deerflow.tech)、[Weknora](https://weknora.weixin.qq.com)等 LLMOps 平台。
 - **全平台支持** — 一套代码，覆盖 QQ、微信、企业微信、飞书、钉钉、Discord、Telegram、Slack、LINE、KOOK 等平台。
 - **生产就绪** — 访问控制、限速、敏感词过滤、全面监控与异常处理，已被多家企业采用。
 - **插件生态** — 数百个插件，跨进程的事件驱动架构，组件扩展，适配 [MCP 协议](https://modelcontextprotocol.io/)。
@@ -78,7 +82,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/zh-CN/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手动部署](https://link.langbot.app/zh/docs/manual-deploy) · [宝塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手动部署](https://link.langbot.app/zh/docs/manual-deploy) · [宝塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/zh/deploy/langbot/kubernetes)

 ---

@@ -170,6 +174,19 @@ docker compose up -d

 ---

+## 为 AI Agent 而生 🤖
+
+LangBot **从设计上就对 Agent 友好** —— 你的编码 Agent（Claude Code、Codex、Copilot、Cursor 等）可以一等公民般地操作、扩展和部署 LangBot：
+
+- **MCP Server** —— LangBot 内置 [Model Context Protocol](https://modelcontextprotocol.io/) 端点 `/mcp`，与 HTTP API 对齐，Agent 可编程式管理机器人、流水线、插件和模型。使用同一套 API Key 鉴权（可在 `config.yaml` 配置全局 Key，或使用用户 Key），无需登录流程。在 Web 面板的 **API 与 MCP** 标签页中配置。
+- **仓库内 Skills** —— [`skills/`](skills/) 目录是使用 LangBot 的**唯一事实来源**：插件开发、核心开发、端到端测试、部署，以及操作 LangBot / LangBot Space MCP Server。把 Agent 指向这个目录，它就知道如何动手。
+- **AGENTS.md** —— 每个仓库都提供 [`AGENTS.md`](AGENTS.md)（软链到 `CLAUDE.md`），描述架构、规范，以及「API 变更必须同步更新 MCP Server 和 skills」的约定。
+- **`llms.txt`** —— 面向 LLM 的机器可读项目上下文已发布在官网。
+
+> **云端 / 市场：** [LangBot Space](https://space.langbot.app) 同样开放 MCP Server，Agent 可搜索和查看插件 / MCP / Skill 市场，使用 Personal Access Token 鉴权。
+
+---
+
 ## 社区

 [![Discord](https://img.shields.io/discord/1335141740050649118?logo=discord&label=Discord)](https://discord.gg/wdNEHETs87)
@@ -35,9 +35,13 @@

 LangBot es una **plataforma de código abierto y grado de producción** para construir bots de mensajería instantánea impulsados por IA. Conecta modelos de lenguaje de gran escala (LLMs) con cualquier plataforma de chat, permitiéndole crear agentes inteligentes que pueden conversar, ejecutar tareas e integrarse con sus flujos de trabajo existentes.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="Panel de gestión web de LangBot — monitoreo en tiempo real de volumen de mensajes, llamadas a modelos, tasa de éxito y sesiones activas" width="720"/>
+</p>
+
 ### Capacidades Clave

- **Conversaciones e Agentes IA** — Diálogos de múltiples turnos, llamadas a herramientas, soporte multimodal, salida en streaming. RAG (base de conocimientos) incorporado con integración profunda con [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org).
+- **Conversaciones e Agentes IA** — Diálogos de múltiples turnos, llamadas a herramientas, soporte multimodal, salida en streaming. RAG (base de conocimientos) incorporado con integración profunda con [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech)、[Weknora](https://weknora.weixin.qq.com).
 - **Soporte Universal de Plataformas de MI** — Un solo código base para Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK.
 - **Listo para Producción** — Control de acceso, limitación de velocidad, filtrado de palabras sensibles, monitoreo completo y manejo de excepciones. De confianza para empresas.
 - **Ecosistema de Plugins** — Cientos de plugins, arquitectura basada en eventos, extensiones de componentes y soporte del [protocolo MCP](https://modelcontextprotocol.io/).
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Más opciones:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**Más opciones:** [Docker](https://link.langbot.app/en/docs/docker) · [Manual](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *Nota: Entorno de demostración público. No ingrese información confidencial.*

+## Diseñado para Agentes de IA 🤖
+
+LangBot es **agent-friendly por diseño** —— tus agentes de codificación (Claude Code, Codex, Copilot, Cursor, …) pueden operar, extender y desplegar LangBot con soporte de primera clase:
+
+- **Servidor MCP** —— LangBot expone un endpoint integrado de [Model Context Protocol](https://modelcontextprotocol.io/) en `/mcp`, replicando la API HTTP para que un agente gestione bots, pipelines, plugins y modelos de forma programática. Autentícate con la misma API key (configura una clave global en `config.yaml` o usa una clave por usuario) —— sin flujo de login. Configúralo en la pestaña **API & MCP** del panel web.
+- **Skills en el repositorio** —— El directorio [`skills/`](skills/) es la **única fuente de verdad** para trabajar con LangBot: desarrollo de plugins, desarrollo del core, pruebas end-to-end, despliegue y operación de los servidores MCP de LangBot / LangBot Space. Apunta tu agente a este directorio y sabrá cómo construir.
+- **AGENTS.md** —— Cada repo incluye un [`AGENTS.md`](AGENTS.md) (enlazado simbólicamente a `CLAUDE.md`) que describe la arquitectura, las convenciones y la regla de que los cambios en la API deben mantener sincronizados el servidor MCP y los skills.
+- **`llms.txt`** —— El contexto del proyecto legible por máquina para LLMs está publicado en el sitio web.
+
+> **Nube / Marketplace:** [LangBot Space](https://space.langbot.app) también expone un servidor MCP para que los agentes busquen e inspeccionen el marketplace de plugins / MCP / skills, autenticados con un Personal Access Token.
+
 ---

 ## Comunidad
@@ -35,9 +35,13 @@

 LangBot est une **plateforme open-source de niveau production** pour créer des bots de messagerie instantanée alimentés par l'IA. Elle connecte les grands modèles de langage (LLMs) à n'importe quelle plateforme de chat, vous permettant de créer des agents intelligents capables de converser, d'exécuter des tâches et de s'intégrer à vos workflows existants.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="Tableau de bord de gestion web LangBot — surveillance en temps réel du volume de messages, des appels de modèles, du taux de réussite et des sessions actives" width="720"/>
+</p>
+
 ### Capacités Clés

- **Conversations IA & Agents** — Dialogues multi-tours, appels d'outils, support multimodal, sortie en streaming. RAG (base de connaissances) intégré avec intégration profonde de [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org).
+- **Conversations IA & Agents** — Dialogues multi-tours, appels d'outils, support multimodal, sortie en streaming. RAG (base de connaissances) intégré avec intégration profonde de [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech), [Weknora](https://weknora.weixin.qq.com).
 - **Support Universel des Plateformes de MI** — Un seul code pour Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK.
 - **Prêt pour la Production** — Contrôle d'accès, limitation de débit, filtrage de mots sensibles, surveillance complète et gestion des exceptions. Approuvé par les entreprises.
 - **Écosystème de Plugins** — Des centaines de plugins, architecture événementielle, extensions de composants, et support du [protocole MCP](https://modelcontextprotocol.io/).
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Plus d'options :** [Docker](https://link.langbot.app/en/docs/docker) · [Manuel](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**Plus d'options :** [Docker](https://link.langbot.app/en/docs/docker) · [Manuel](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *Note : Environnement de démonstration public. Ne saisissez pas d'informations sensibles.*

+## Conçu pour les agents IA 🤖
+
+LangBot est **agent-friendly par conception** —— vos agents de codage (Claude Code, Codex, Copilot, Cursor, …) peuvent exploiter, étendre et déployer LangBot avec un support de premier ordre :
+
+- **Serveur MCP** —— LangBot expose un endpoint [Model Context Protocol](https://modelcontextprotocol.io/) intégré sur `/mcp`, reflétant l'API HTTP pour qu'un agent gère bots, pipelines, plugins et modèles de façon programmatique. Authentifiez-vous avec la même clé API (définissez une clé globale dans `config.yaml` ou utilisez une clé par utilisateur) —— sans flux de connexion. Configurez-le dans l'onglet **API & MCP** du panneau web.
+- **Skills dans le dépôt** —— Le répertoire [`skills/`](skills/) est la **source unique de vérité** pour travailler avec LangBot : développement de plugins, développement du cœur, tests de bout en bout, déploiement et exploitation des serveurs MCP de LangBot / LangBot Space. Pointez votre agent vers ce répertoire et il saura construire.
+- **AGENTS.md** —— Chaque dépôt fournit un [`AGENTS.md`](AGENTS.md) (lien symbolique vers `CLAUDE.md`) décrivant l'architecture, les conventions et la règle selon laquelle les changements d'API doivent garder le serveur MCP et les skills synchronisés.
+- **`llms.txt`** —— Le contexte projet lisible par machine pour les LLM est publié sur le site web.
+
+> **Cloud / Marketplace :** [LangBot Space](https://space.langbot.app) expose également un serveur MCP pour que les agents recherchent et inspectent le marketplace de plugins / MCP / skills, authentifiés avec un Personal Access Token.
+
 ---

 ## Communauté
@@ -35,9 +35,13 @@

 LangBot は、AI搭載のインスタントメッセージングボットを構築するための**オープンソースの本番グレードプラットフォーム**です。大規模言語モデル（LLM）をあらゆるチャットプラットフォームに接続し、会話、タスク実行、既存のワークフローとの統合が可能なインテリジェントエージェントを作成できます。

+<p align="center">
+<img src="res/dashboard-overview.png" alt="LangBot Web 管理パネルのダッシュボード — メッセージ量、モデル呼び出し、成功率、アクティブセッションをリアルタイム監視" width="720"/>
+</p>
+
 ### 主な機能

- **AI対話とエージェント** — マルチターン対話、ツール呼び出し、マルチモーダル対応、ストリーミング出力。RAG（ナレッジベース）を内蔵し、[Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org) と深く統合。
+- **AI対話とエージェント** — マルチターン対話、ツール呼び出し、マルチモーダル対応、ストリーミング出力。RAG（ナレッジベース）を内蔵し、[Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org)、[Deerflow](https://deerflow.tech)、[Weknora](https://weknora.weixin.qq.com) と深く統合。
 - **ユニバーサルIMプラットフォーム対応** — 単一のコードベースで Discord、Telegram、Slack、LINE、QQ、WeChat、WeCom、Lark、DingTalk、KOOK に対応。
 - **本番環境対応** — アクセス制御、レート制限、センシティブワードフィルタリング、包括的な監視、例外処理を搭載。エンタープライズの信頼に応える品質。
 - **プラグインエコシステム** — 数百のプラグイン、イベント駆動アーキテクチャ、コンポーネント拡張、[MCPプロトコル](https://modelcontextprotocol.io/)対応。
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**その他:** [Docker](https://link.langbot.app/en/docs/docker) · [手動デプロイ](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**その他:** [Docker](https://link.langbot.app/en/docs/docker) · [手動デプロイ](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *注意: 公開デモ環境です。機密情報を入力しないでください。*

+## AI エージェントのために 🤖
+
+LangBot は **設計段階からエージェントフレンドリー** です。お使いのコーディングエージェント（Claude Code、Codex、Copilot、Cursor など）が、ファーストクラスのサポートで LangBot を操作・拡張・デプロイできます：
+
+- **MCP サーバー** —— LangBot は組み込みの [Model Context Protocol](https://modelcontextprotocol.io/) エンドポイント `/mcp` を公開し、HTTP API とミラーリングされているため、エージェントがボット・パイプライン・プラグイン・モデルをプログラム的に管理できます。同じ API キーで認証（`config.yaml` でグローバルキーを設定、またはユーザーキーを使用）—— ログインフロー不要。Web パネルの **API & MCP** タブで設定します。
+- **リポジトリ内 Skills** —— [`skills/`](skills/) ディレクトリは LangBot を扱うための**唯一の信頼できる情報源**です：プラグイン開発、コア開発、E2E テスト、デプロイ、LangBot / LangBot Space MCP サーバーの操作。エージェントをこのディレクトリに向ければ、構築方法を理解します。
+- **AGENTS.md** —— すべてのリポジトリに [`AGENTS.md`](AGENTS.md)（`CLAUDE.md` へのシンボリックリンク）があり、アーキテクチャ・規約、そして「API 変更時は MCP サーバーと skills を同期する」というルールを記述しています。
+- **`llms.txt`** —— LLM 向けの機械可読なプロジェクトコンテキストを公式サイトで公開しています。
+
+> **クラウド / マーケット：** [LangBot Space](https://space.langbot.app) も MCP サーバーを公開しており、エージェントが Personal Access Token で認証してプラグイン / MCP / Skill マーケットを検索・確認できます。
+
 ---

 ## コミュニティ
@@ -35,9 +35,13 @@

 LangBot은 AI 기반 인스턴트 메시징 봇을 구축하기 위한 **오픈소스 프로덕션 등급 플랫폼**입니다. 대규모 언어 모델(LLM)을 모든 채팅 플랫폼에 연결하여 대화, 작업 실행, 기존 워크플로우와의 통합이 가능한 지능형 에이전트를 만들 수 있습니다.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="LangBot 웹 관리 패널 대시보드 — 메시지 양, 모델 호출, 성공률, 활성 세션 실시간 모니터링" width="720"/>
+</p>
+
 ### 핵심 기능

- **AI 대화 및 에이전트** — 멀티턴 대화, 도구 호출, 멀티모달 지원, 스트리밍 출력. 내장 RAG(지식 베이스)와 [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org) 심층 통합.
+- **AI 대화 및 에이전트** — 멀티턴 대화, 도구 호출, 멀티모달 지원, 스트리밍 출력. 내장 RAG(지식 베이스)와 [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech), [Weknora](https://weknora.weixin.qq.com) 심층 통합.
 - **유니버설 IM 플랫폼 지원** — 단일 코드베이스로 Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK 지원.
 - **프로덕션 레디** — 접근 제어, 속도 제한, 민감어 필터링, 종합 모니터링 및 예외 처리. 기업 환경에서 검증됨.
 - **플러그인 생태계** — 수백 개의 플러그인, 이벤트 기반 아키텍처, 컴포넌트 확장, [MCP 프로토콜](https://modelcontextprotocol.io/) 지원.
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**더 많은 옵션:** [Docker](https://link.langbot.app/en/docs/docker) · [수동 배포](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**더 많은 옵션:** [Docker](https://link.langbot.app/en/docs/docker) · [수동 배포](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *참고: 공개 데모 환경입니다. 민감한 정보를 입력하지 마세요.*

+## AI 에이전트를 위한 설계 🤖
+
+LangBot은 **설계 단계부터 에이전트 친화적**입니다 —— 코딩 에이전트(Claude Code, Codex, Copilot, Cursor 등)가 일급 지원으로 LangBot을 운영·확장·배포할 수 있습니다:
+
+- **MCP 서버** —— LangBot은 내장 [Model Context Protocol](https://modelcontextprotocol.io/) 엔드포인트 `/mcp`를 제공하며, HTTP API와 동일하게 미러링되어 에이전트가 봇·파이프라인·플러그인·모델을 프로그래밍 방식으로 관리할 수 있습니다. 동일한 API 키로 인증하며(`config.yaml`에 전역 키 설정 또는 사용자 키 사용) 로그인 절차가 필요 없습니다. 웹 패널의 **API & MCP** 탭에서 설정합니다.
+- **저장소 내 Skills** —— [`skills/`](skills/) 디렉터리는 LangBot 작업의 **단일 진실 공급원**입니다: 플러그인 개발, 코어 개발, E2E 테스트, 배포, LangBot / LangBot Space MCP 서버 운영. 에이전트를 이 디렉터리로 안내하면 빌드 방법을 알게 됩니다.
+- **AGENTS.md** —— 모든 저장소에는 [`AGENTS.md`](AGENTS.md)(`CLAUDE.md`로 심볼릭 링크)가 있으며 아키텍처, 규약, 그리고 API 변경 시 MCP 서버와 skills를 동기화해야 한다는 규칙을 설명합니다.
+- **`llms.txt`** —— LLM을 위한 기계 판독 가능한 프로젝트 컨텍스트가 웹사이트에 게시되어 있습니다.
+
+> **클라우드 / 마켓플레이스:** [LangBot Space](https://space.langbot.app)도 MCP 서버를 제공하여 에이전트가 Personal Access Token으로 인증해 플러그인 / MCP / Skill 마켓플레이스를 검색하고 조회할 수 있습니다.
+
 ---

 ## 커뮤니티
@@ -35,9 +35,13 @@

 LangBot — это **платформа с открытым исходным кодом производственного уровня** для создания ИИ-ботов в мессенджерах. Она связывает большие языковые модели (LLM) с любой чат-платформой, позволяя создавать интеллектуальных агентов, которые могут вести диалоги, выполнять задачи и интегрироваться с вашими существующими рабочими процессами.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="Панель веб-управления LangBot — мониторинг объёма сообщений, вызовов моделей, успешности и активных сессий в реальном времени" width="720"/>
+</p>
+
 ### Ключевые возможности

- **ИИ-диалоги и агенты** — Многораундовые диалоги, вызов инструментов, мультимодальная поддержка, потоковый вывод. Встроенная реализация RAG (база знаний) с глубокой интеграцией в [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org).
+- **ИИ-диалоги и агенты** — Многораундовые диалоги, вызов инструментов, мультимодальная поддержка, потоковый вывод. Встроенная реализация RAG (база знаний) с глубокой интеграцией в [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech), [Weknora](https://weknora.weixin.qq.com).
 - **Универсальная поддержка IM-платформ** — Единая кодовая база для Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK.
 - **Готовность к продакшену** — Контроль доступа, ограничение скорости, фильтрация чувствительных слов, комплексный мониторинг и обработка исключений. Проверено в корпоративной среде.
 - **Экосистема плагинов** — Сотни плагинов, событийно-ориентированная архитектура, расширения компонентов и поддержка [протокола MCP](https://modelcontextprotocol.io/).
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Другие варианты:** [Docker](https://link.langbot.app/en/docs/docker) · [Ручная установка](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**Другие варианты:** [Docker](https://link.langbot.app/en/docs/docker) · [Ручная установка](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *Примечание: Публичная демо-среда. Не вводите конфиденциальную информацию.*

+## Создано для ИИ-агентов 🤖
+
+LangBot **дружелюбен к агентам по своей архитектуре** —— ваши кодинг-агенты (Claude Code, Codex, Copilot, Cursor и др.) могут управлять, расширять и развёртывать LangBot с первоклассной поддержкой:
+
+- **MCP-сервер** —— LangBot предоставляет встроенную конечную точку [Model Context Protocol](https://modelcontextprotocol.io/) по адресу `/mcp`, зеркалирующую HTTP API, чтобы агент мог программно управлять ботами, пайплайнами, плагинами и моделями. Аутентификация той же API-ключом (задайте глобальный ключ в `config.yaml` или используйте пользовательский ключ) —— без процедуры входа. Настраивается на вкладке **API & MCP** веб-панели.
+- **Skills в репозитории** —— Каталог [`skills/`](skills/) является **единственным источником истины** для работы с LangBot: разработка плагинов, разработка ядра, сквозное тестирование, развёртывание и работа с MCP-серверами LangBot / LangBot Space. Направьте агента в этот каталог, и он будет знать, как собирать.
+- **AGENTS.md** —— Каждый репозиторий содержит [`AGENTS.md`](AGENTS.md) (символическая ссылка на `CLAUDE.md`), описывающий архитектуру, соглашения и правило: изменения API должны синхронизировать MCP-сервер и skills.
+- **`llms.txt`** —— Машиночитаемый контекст проекта для LLM опубликован на сайте.
+
+> **Облако / Маркетплейс:** [LangBot Space](https://space.langbot.app) также предоставляет MCP-сервер, чтобы агенты могли искать и просматривать маркетплейс плагинов / MCP / skills, аутентифицируясь с помощью Personal Access Token.
+
 ---

 ## Сообщество
@@ -37,9 +37,13 @@

 LangBot 是一個**開源的生產級平台**，用於建構 AI 驅動的即時通訊機器人。它將大語言模型（LLM）連接到各種聊天平台，幫助你創建能夠對話、執行任務、並整合到現有工作流程中的智能 Agent。

+<p align="center">
+<img src="res/dashboard-overview.png" alt="LangBot Web 管理面板儀表板 — 即時監控訊息量、模型調用、成功率與活躍工作階段" width="720"/>
+</p>
+
 ### 核心能力

- **AI 對話與 Agent** — 多輪對話、工具調用、多模態、流式輸出。自帶 RAG（知識庫），深度整合 [Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org) 等 LLMOps 平台。
+- **AI 對話與 Agent** — 多輪對話、工具調用、多模態、流式輸出。自帶 RAG（知識庫），深度整合 [Dify](https://dify.ai)、[Coze](https://coze.com)、[n8n](https://n8n.io)、[Langflow](https://langflow.org)、 [Deerflow](https://deerflow.tech)、[Weknora](https://weknora.weixin.qq.com)等 LLMOps 平台。
 - **全平台支援** — 一套程式碼，覆蓋 QQ、微信、企業微信、飛書、釘釘、Discord、Telegram、Slack、LINE、KOOK 等平台。
 - **生產就緒** — 存取控制、限速、敏感詞過濾、全面監控與異常處理，已被多家企業採用。
 - **外掛生態** — 數百個外掛，事件驅動架構，組件擴展，適配 [MCP 協議](https://modelcontextprotocol.io/)。
@@ -79,7 +83,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/zh-CN/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手動部署](https://link.langbot.app/zh/docs/manual-deploy) · [寶塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**更多方式：** [Docker](https://link.langbot.app/zh/docs/docker) · [手動部署](https://link.langbot.app/zh/docs/manual-deploy) · [寶塔面板](https://link.langbot.app/zh/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/zh/deploy/langbot/kubernetes)

 ---

@@ -167,6 +171,17 @@ docker compose up -d

 *注意：公開演示環境，請不要在其中填入任何敏感資訊。*

+## 為 AI Agent 而生 🤖
+
+LangBot **從設計上就對 Agent 友善** —— 你的編碼 Agent（Claude Code、Codex、Copilot、Cursor 等）可以一等公民般地操作、擴充和部署 LangBot：
+
+- **MCP Server** —— LangBot 內建 [Model Context Protocol](https://modelcontextprotocol.io/) 端點 `/mcp`，與 HTTP API 對齊，Agent 可程式化管理機器人、流水線、外掛和模型。使用同一套 API Key 鑑權（可在 `config.yaml` 設定全域 Key，或使用使用者 Key），無需登入流程。在 Web 面板的 **API 與 MCP** 分頁中設定。
+- **倉庫內 Skills** —— [`skills/`](skills/) 目錄是使用 LangBot 的**唯一事實來源**：外掛開發、核心開發、端到端測試、部署，以及操作 LangBot / LangBot Space MCP Server。把 Agent 指向這個目錄，它就知道如何動手。
+- **AGENTS.md** —— 每個倉庫都提供 [`AGENTS.md`](AGENTS.md)（軟連結到 `CLAUDE.md`），描述架構、規範，以及「API 變更必須同步更新 MCP Server 和 skills」的約定。
+- **`llms.txt`** —— 面向 LLM 的機器可讀專案上下文已發布在官網。
+
+> **雲端 / 市集：** [LangBot Space](https://space.langbot.app) 同樣開放 MCP Server，Agent 可搜尋和檢視外掛 / MCP / Skill 市集，使用 Personal Access Token 鑑權。
+
 ---

 ## 社群
@@ -35,9 +35,13 @@

 LangBot là một **nền tảng mã nguồn mở, cấp sản xuất** để xây dựng bot nhắn tin tức thời được hỗ trợ bởi AI. Nó kết nối các Mô hình Ngôn ngữ Lớn (LLM) với bất kỳ nền tảng chat nào, cho phép bạn tạo các agent thông minh có thể trò chuyện, thực hiện tác vụ và tích hợp với quy trình làm việc hiện có của bạn.

+<p align="center">
+<img src="res/dashboard-overview.png" alt="Bảng điều khiển quản lý web LangBot — giám sát thời gian thực khối lượng tin nhắn, lệnh gọi mô hình, tỷ lệ thành công và phiên hoạt động" width="720"/>
+</p>
+
 ### Khả năng chính

- **Hội thoại AI & Agent** — Đối thoại nhiều lượt, gọi công cụ, hỗ trợ đa phương thức, đầu ra streaming. RAG (cơ sở kiến thức) tích hợp sẵn với tích hợp sâu vào [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org).
+- **Hội thoại AI & Agent** — Đối thoại nhiều lượt, gọi công cụ, hỗ trợ đa phương thức, đầu ra streaming. RAG (cơ sở kiến thức) tích hợp sẵn với tích hợp sâu vào [Dify](https://dify.ai), [Coze](https://coze.com), [n8n](https://n8n.io), [Langflow](https://langflow.org), [Deerflow](https://deerflow.tech), [Weknora](https://weknora.weixin.qq.com).
 - **Hỗ trợ đa nền tảng IM** — Một mã nguồn cho Discord, Telegram, Slack, LINE, QQ, WeChat, WeCom, Lark, DingTalk, KOOK.
 - **Sẵn sàng cho sản xuất** — Kiểm soát truy cập, giới hạn tốc độ, lọc từ nhạy cảm, giám sát toàn diện và xử lý ngoại lệ. Được doanh nghiệp tin dùng.
 - **Hệ sinh thái Plugin** — Hàng trăm plugin, kiến trúc hướng sự kiện, mở rộng thành phần, và hỗ trợ [giao thức MCP](https://modelcontextprotocol.io/).
@@ -77,7 +81,7 @@ docker compose up -d
 [![Deploy on Zeabur](https://zeabur.com/button.svg)](https://zeabur.com/en-US/templates/ZKTBDH)
 [![Deploy on Railway](https://railway.com/button.svg)](https://railway.app/template/yRrAyL?referralCode=vogKPF)

-**Thêm tùy chọn:** [Docker](https://link.langbot.app/en/docs/docker) · [Thủ công](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](./docker/README_K8S.md)
+**Thêm tùy chọn:** [Docker](https://link.langbot.app/en/docs/docker) · [Thủ công](https://link.langbot.app/en/docs/manual-deploy) · [BTPanel](https://link.langbot.app/en/docs/bt-panel) · [Kubernetes](https://docs.langbot.app/en/deploy/langbot/kubernetes)

 ---

@@ -151,6 +155,17 @@ docker compose up -d

 *Lưu ý: Môi trường demo công khai. Không nhập thông tin nhạy cảm.*

+## Được xây dựng cho AI Agent 🤖
+
+LangBot **thân thiện với agent ngay từ thiết kế** —— các coding agent của bạn (Claude Code, Codex, Copilot, Cursor, …) có thể vận hành, mở rộng và triển khai LangBot với sự hỗ trợ hạng nhất:
+
+- **MCP Server** —— LangBot cung cấp endpoint [Model Context Protocol](https://modelcontextprotocol.io/) tích hợp tại `/mcp`, phản chiếu HTTP API để agent quản lý bot, pipeline, plugin và model theo cách lập trình. Xác thực bằng cùng một API key (đặt key toàn cục trong `config.yaml` hoặc dùng key theo người dùng) —— không cần luồng đăng nhập. Cấu hình tại tab **API & MCP** trong bảng điều khiển Web.
+- **Skills trong repo** —— Thư mục [`skills/`](skills/) là **nguồn sự thật duy nhất** để làm việc với LangBot: phát triển plugin, phát triển core, kiểm thử end-to-end, triển khai và vận hành MCP Server của LangBot / LangBot Space. Trỏ agent của bạn vào thư mục này và nó sẽ biết cách xây dựng.
+- **AGENTS.md** —— Mỗi repo đều có [`AGENTS.md`](AGENTS.md) (liên kết tượng trưng tới `CLAUDE.md`) mô tả kiến trúc, quy ước và quy tắc rằng thay đổi API phải giữ MCP Server và skills đồng bộ.
+- **`llms.txt`** —— Ngữ cảnh dự án có thể đọc bằng máy dành cho LLM được công bố trên website.
+
+> **Cloud / Marketplace:** [LangBot Space](https://space.langbot.app) cũng cung cấp MCP Server để agent tìm kiếm và kiểm tra marketplace plugin / MCP / skill, xác thực bằng Personal Access Token.
+
 ---

 ## Cộng đồng
@@ -1,629 +0,0 @@
-# LangBot Kubernetes 部署指南 / Kubernetes Deployment Guide
-
-[简体中文](#简体中文) | [English](#english)
-
---
-
-## 简体中文
-
-### 概述
-
-本指南提供了在 Kubernetes 集群中部署 LangBot 的完整步骤。Kubernetes 部署配置基于 `docker-compose.yaml`，适用于生产环境的容器化部署。
-
-### 前置要求
-
- Kubernetes 集群（版本 1.19+）
- `kubectl` 命令行工具已配置并可访问集群
- 集群中有可用的存储类（StorageClass）用于持久化存储（可选但推荐）
- 至少 2 vCPU 和 4GB RAM 的可用资源
-
-### 架构说明
-
-Kubernetes 部署包含以下组件：
-
-1. **langbot**: 主应用服务
-   - 提供 Web UI（端口 5300）
-   - 处理平台 webhook（端口 2280-2290）
-   - 数据持久化卷
-   
-2. **langbot-plugin-runtime**: 插件运行时服务
-   - WebSocket 通信（端口 5400）
-   - 插件数据持久化卷
-
-3. **持久化存储**:
-   - `langbot-data`: LangBot 主数据
-   - `langbot-plugins`: 插件文件
-   - `langbot-plugin-runtime-data`: 插件运行时数据
-
-### 快速开始
-
-#### 1. 下载部署文件
-
-```bash
-# 克隆仓库
-git clone https://github.com/langbot-app/LangBot
-cd LangBot/docker
-
-# 或直接下载 kubernetes.yaml
-wget https://raw.githubusercontent.com/langbot-app/LangBot/main/docker/kubernetes.yaml
-```
-
-#### 2. 部署到 Kubernetes
-
-```bash
-# 应用所有配置
-kubectl apply -f kubernetes.yaml
-
-# 检查部署状态
-kubectl get all -n langbot
-
-# 查看 Pod 日志
-kubectl logs -n langbot -l app=langbot -f
-```
-
-#### 3. 访问 LangBot
-
-默认情况下，LangBot 服务使用 ClusterIP 类型，只能在集群内部访问。您可以选择以下方式之一来访问：
-
-**选项 A: 端口转发（推荐用于测试）**
-
-```bash
-kubectl port-forward -n langbot svc/langbot 5300:5300
-```
-
-然后访问 http://localhost:5300
-
-**选项 B: NodePort（适用于开发环境）**
-
-编辑 `kubernetes.yaml`，取消注释 NodePort Service 部分，然后：
-
-```bash
-kubectl apply -f kubernetes.yaml
-# 获取节点 IP
-kubectl get nodes -o wide
-# 访问 http://<NODE_IP>:30300
-```
-
-**选项 C: LoadBalancer（适用于云环境）**
-
-编辑 `kubernetes.yaml`，取消注释 LoadBalancer Service 部分，然后：
-
-```bash
-kubectl apply -f kubernetes.yaml
-# 获取外部 IP
-kubectl get svc -n langbot langbot-loadbalancer
-# 访问 http://<EXTERNAL_IP>
-```
-
-**选项 D: Ingress（推荐用于生产环境）**
-
-确保集群中已安装 Ingress Controller（如 nginx-ingress），然后：
-
-1. 编辑 `kubernetes.yaml` 中的 Ingress 配置
-2. 修改域名为您的实际域名
-3. 应用配置：
-
-```bash
-kubectl apply -f kubernetes.yaml
-# 访问 http://langbot.yourdomain.com
-```
-
-### 配置说明
-
-#### 环境变量
-
-在 `ConfigMap` 中配置环境变量：
-
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: langbot-config
-  namespace: langbot
-data:
-  TZ: "Asia/Shanghai"  # 修改为您的时区
-```
-
-#### 存储配置
-
-默认使用动态存储分配。如果您有特定的 StorageClass，请在 PVC 中指定：
-
-```yaml
-spec:
-  storageClassName: your-storage-class-name
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 10Gi
-```
-
-#### 资源限制
-
-根据您的需求调整资源限制：
-
-```yaml
-resources:
-  requests:
-    memory: "1Gi"
-    cpu: "500m"
-  limits:
-    memory: "4Gi"
-    cpu: "2000m"
-```
-
-### 常用操作
-
-#### 查看日志
-
-```bash
-# 查看 LangBot 主服务日志
-kubectl logs -n langbot -l app=langbot -f
-
-# 查看插件运行时日志
-kubectl logs -n langbot -l app=langbot-plugin-runtime -f
-```
-
-#### 重启服务
-
-```bash
-# 重启 LangBot
-kubectl rollout restart deployment/langbot -n langbot
-
-# 重启插件运行时
-kubectl rollout restart deployment/langbot-plugin-runtime -n langbot
-```
-
-#### 更新镜像
-
-```bash
-# 更新到最新版本
-kubectl set image deployment/langbot -n langbot langbot=rockchin/langbot:latest
-kubectl set image deployment/langbot-plugin-runtime -n langbot langbot-plugin-runtime=rockchin/langbot:latest
-
-# 检查更新状态
-kubectl rollout status deployment/langbot -n langbot
-```
-
-#### 扩容（不推荐）
-
-注意：由于 LangBot 使用 ReadWriteOnce 的持久化存储，不支持多副本扩容。如需高可用，请考虑使用 ReadWriteMany 存储或其他架构方案。
-
-#### 备份数据
-
-```bash
-# 备份 PVC 数据
-kubectl exec -n langbot -it <langbot-pod-name> -- tar czf /tmp/backup.tar.gz /app/data
-kubectl cp langbot/<langbot-pod-name>:/tmp/backup.tar.gz ./backup.tar.gz
-```
-
-### 卸载
-
-```bash
-# 删除所有资源（保留 PVC）
-kubectl delete deployment,service,configmap -n langbot --all
-
-# 删除 PVC（会删除数据）
-kubectl delete pvc -n langbot --all
-
-# 删除命名空间
-kubectl delete namespace langbot
-```
-
-### 故障排查
-
-#### Pod 无法启动
-
-```bash
-# 查看 Pod 状态
-kubectl get pods -n langbot
-
-# 查看详细信息
-kubectl describe pod -n langbot <pod-name>
-
-# 查看事件
-kubectl get events -n langbot --sort-by='.lastTimestamp'
-```
-
-#### 存储问题
-
-```bash
-# 检查 PVC 状态
-kubectl get pvc -n langbot
-
-# 检查 PV
-kubectl get pv
-```
-
-#### 网络访问问题
-
-```bash
-# 检查 Service
-kubectl get svc -n langbot
-
-# 检查端口转发
-kubectl port-forward -n langbot svc/langbot 5300:5300
-```
-
-### 生产环境建议
-
-1. **使用特定版本标签**：避免使用 `latest` 标签，使用具体版本号如 `rockchin/langbot:v1.0.0`
-2. **配置资源限制**：根据实际负载调整 CPU 和内存限制
-3. **使用 Ingress + TLS**：配置 HTTPS 访问和证书管理
-4. **配置监控和告警**：集成 Prometheus、Grafana 等监控工具
-5. **定期备份**：配置自动备份策略保护数据
-6. **使用专用 StorageClass**：为生产环境配置高性能存储
-7. **配置亲和性规则**：确保 Pod 调度到合适的节点
-
-### 高级配置
-
-#### 使用 Secrets 管理敏感信息
-
-如果需要配置 API 密钥等敏感信息：
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: langbot-secrets
-  namespace: langbot
-type: Opaque
-data:
-  api_key: <base64-encoded-value>
-```
-
-然后在 Deployment 中引用：
-
-```yaml
-env:
- name: API_KEY
-  valueFrom:
-    secretKeyRef:
-      name: langbot-secrets
-      key: api_key
-```
-
-#### 配置水平自动扩缩容（HPA）
-
-注意：需要确保使用 ReadWriteMany 存储类型
-
-```yaml
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  name: langbot-hpa
-  namespace: langbot
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: langbot
-  minReplicas: 1
-  maxReplicas: 3
-  metrics:
-  - type: Resource
-    resource:
-      name: cpu
-      target:
-        type: Utilization
-        averageUtilization: 70
-```
-
-### 参考资源
-
- [LangBot 官方文档](https://docs.langbot.app)
- [Docker 部署文档](https://link.langbot.app/zh/docs/docker)
- [Kubernetes 官方文档](https://kubernetes.io/docs/)
-
---
-
-## English
-
-### Overview
-
-This guide provides complete steps for deploying LangBot in a Kubernetes cluster. The Kubernetes deployment configuration is based on `docker-compose.yaml` and is suitable for production containerized deployments.
-
-### Prerequisites
-
- Kubernetes cluster (version 1.19+)
- `kubectl` command-line tool configured with cluster access
- Available StorageClass in the cluster for persistent storage (optional but recommended)
- At least 2 vCPU and 4GB RAM of available resources
-
-### Architecture
-
-The Kubernetes deployment includes the following components:
-
-1. **langbot**: Main application service
-   - Provides Web UI (port 5300)
-   - Handles platform webhooks (ports 2280-2290)
-   - Data persistence volume
-   
-2. **langbot-plugin-runtime**: Plugin runtime service
-   - WebSocket communication (port 5400)
-   - Plugin data persistence volume
-
-3. **Persistent Storage**:
-   - `langbot-data`: LangBot main data
-   - `langbot-plugins`: Plugin files
-   - `langbot-plugin-runtime-data`: Plugin runtime data
-
-### Quick Start
-
-#### 1. Download Deployment Files
-
-```bash
-# Clone repository
-git clone https://github.com/langbot-app/LangBot
-cd LangBot/docker
-
-# Or download kubernetes.yaml directly
-wget https://raw.githubusercontent.com/langbot-app/LangBot/main/docker/kubernetes.yaml
-```
-
-#### 2. Deploy to Kubernetes
-
-```bash
-# Apply all configurations
-kubectl apply -f kubernetes.yaml
-
-# Check deployment status
-kubectl get all -n langbot
-
-# View Pod logs
-kubectl logs -n langbot -l app=langbot -f
-```
-
-#### 3. Access LangBot
-
-By default, LangBot service uses ClusterIP type, accessible only within the cluster. Choose one of the following methods to access:
-
-**Option A: Port Forwarding (Recommended for testing)**
-
-```bash
-kubectl port-forward -n langbot svc/langbot 5300:5300
-```
-
-Then visit http://localhost:5300
-
-**Option B: NodePort (Suitable for development)**
-
-Edit `kubernetes.yaml`, uncomment the NodePort Service section, then:
-
-```bash
-kubectl apply -f kubernetes.yaml
-# Get node IP
-kubectl get nodes -o wide
-# Visit http://<NODE_IP>:30300
-```
-
-**Option C: LoadBalancer (Suitable for cloud environments)**
-
-Edit `kubernetes.yaml`, uncomment the LoadBalancer Service section, then:
-
-```bash
-kubectl apply -f kubernetes.yaml
-# Get external IP
-kubectl get svc -n langbot langbot-loadbalancer
-# Visit http://<EXTERNAL_IP>
-```
-
-**Option D: Ingress (Recommended for production)**
-
-Ensure an Ingress Controller (e.g., nginx-ingress) is installed in the cluster, then:
-
-1. Edit the Ingress configuration in `kubernetes.yaml`
-2. Change the domain to your actual domain
-3. Apply configuration:
-
-```bash
-kubectl apply -f kubernetes.yaml
-# Visit http://langbot.yourdomain.com
-```
-
-### Configuration
-
-#### Environment Variables
-
-Configure environment variables in ConfigMap:
-
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: langbot-config
-  namespace: langbot
-data:
-  TZ: "Asia/Shanghai"  # Change to your timezone
-```
-
-#### Storage Configuration
-
-Uses dynamic storage provisioning by default. If you have a specific StorageClass, specify it in PVC:
-
-```yaml
-spec:
-  storageClassName: your-storage-class-name
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 10Gi
-```
-
-#### Resource Limits
-
-Adjust resource limits based on your needs:
-
-```yaml
-resources:
-  requests:
-    memory: "1Gi"
-    cpu: "500m"
-  limits:
-    memory: "4Gi"
-    cpu: "2000m"
-```
-
-### Common Operations
-
-#### View Logs
-
-```bash
-# View LangBot main service logs
-kubectl logs -n langbot -l app=langbot -f
-
-# View plugin runtime logs
-kubectl logs -n langbot -l app=langbot-plugin-runtime -f
-```
-
-#### Restart Services
-
-```bash
-# Restart LangBot
-kubectl rollout restart deployment/langbot -n langbot
-
-# Restart plugin runtime
-kubectl rollout restart deployment/langbot-plugin-runtime -n langbot
-```
-
-#### Update Images
-
-```bash
-# Update to latest version
-kubectl set image deployment/langbot -n langbot langbot=rockchin/langbot:latest
-kubectl set image deployment/langbot-plugin-runtime -n langbot langbot-plugin-runtime=rockchin/langbot:latest
-
-# Check update status
-kubectl rollout status deployment/langbot -n langbot
-```
-
-#### Scaling (Not Recommended)
-
-Note: Due to LangBot using ReadWriteOnce persistent storage, multi-replica scaling is not supported. For high availability, consider using ReadWriteMany storage or alternative architectures.
-
-#### Backup Data
-
-```bash
-# Backup PVC data
-kubectl exec -n langbot -it <langbot-pod-name> -- tar czf /tmp/backup.tar.gz /app/data
-kubectl cp langbot/<langbot-pod-name>:/tmp/backup.tar.gz ./backup.tar.gz
-```
-
-### Uninstall
-
-```bash
-# Delete all resources (keep PVCs)
-kubectl delete deployment,service,configmap -n langbot --all
-
-# Delete PVCs (will delete data)
-kubectl delete pvc -n langbot --all
-
-# Delete namespace
-kubectl delete namespace langbot
-```
-
-### Troubleshooting
-
-#### Pods Not Starting
-
-```bash
-# Check Pod status
-kubectl get pods -n langbot
-
-# View detailed information
-kubectl describe pod -n langbot <pod-name>
-
-# View events
-kubectl get events -n langbot --sort-by='.lastTimestamp'
-```
-
-#### Storage Issues
-
-```bash
-# Check PVC status
-kubectl get pvc -n langbot
-
-# Check PV
-kubectl get pv
-```
-
-#### Network Access Issues
-
-```bash
-# Check Service
-kubectl get svc -n langbot
-
-# Test port forwarding
-kubectl port-forward -n langbot svc/langbot 5300:5300
-```
-
-### Production Recommendations
-
-1. **Use specific version tags**: Avoid using `latest` tag, use specific version like `rockchin/langbot:v1.0.0`
-2. **Configure resource limits**: Adjust CPU and memory limits based on actual load
-3. **Use Ingress + TLS**: Configure HTTPS access and certificate management
-4. **Configure monitoring and alerts**: Integrate monitoring tools like Prometheus, Grafana
-5. **Regular backups**: Configure automated backup strategy to protect data
-6. **Use dedicated StorageClass**: Configure high-performance storage for production
-7. **Configure affinity rules**: Ensure Pods are scheduled to appropriate nodes
-
-### Advanced Configuration
-
-#### Using Secrets for Sensitive Information
-
-If you need to configure sensitive information like API keys:
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: langbot-secrets
-  namespace: langbot
-type: Opaque
-data:
-  api_key: <base64-encoded-value>
-```
-
-Then reference in Deployment:
-
-```yaml
-env:
- name: API_KEY
-  valueFrom:
-    secretKeyRef:
-      name: langbot-secrets
-      key: api_key
-```
-
-#### Configure Horizontal Pod Autoscaling (HPA)
-
-Note: Requires ReadWriteMany storage type
-
-```yaml
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  name: langbot-hpa
-  namespace: langbot
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: langbot
-  minReplicas: 1
-  maxReplicas: 3
-  metrics:
-  - type: Resource
-    resource:
-      name: cpu
-      target:
-        type: Utilization
-        averageUtilization: 70
-```
-
-### References
-
- [LangBot Official Documentation](https://docs.langbot.app)
- [Docker Deployment Guide](https://link.langbot.app/zh/docs/docker)
- [Kubernetes Official Documentation](https://kubernetes.io/docs/)
@@ -1,5 +1,5 @@
 # Docker Compose configuration for LangBot
-# For Kubernetes deployment, see kubernetes.yaml and README_K8S.md
+# For Kubernetes deployment, see kubernetes.yaml and the deployment guide at https://docs.langbot.app
 version: "3"

 services:
@@ -1,6 +1,8 @@
 # Kubernetes Deployment for LangBot
 # This file provides Kubernetes deployment manifests for LangBot based on docker-compose.yaml
-# 
+#
+# Full deployment guide (zh/en/ja): https://docs.langbot.app -> Installation -> Kubernetes
+#
 # Usage:
 #   kubectl apply -f kubernetes.yaml
 #
@@ -8,13 +10,15 @@
 #   - A Kubernetes cluster (1.19+)
 #   - kubectl configured to communicate with your cluster
 #   - (Optional) A StorageClass for dynamic volume provisioning
+#   - For the Box sandbox runtime: a node with a reachable Docker daemon
+#     (the box mounts the node's /var/run/docker.sock). See the deployment guide.
 #
 # Components:
 #   - Namespace: langbot
 #   - PersistentVolumeClaims for data persistence
-#   - Deployments for langbot and langbot_plugin_runtime
+#   - Deployments for langbot, langbot-plugin-runtime, and langbot-box (sandbox)
 #   - Services for network access
-#   - ConfigMap for timezone configuration
+#   - ConfigMap for timezone + runtime endpoints

 ---
 # Namespace
@@ -83,6 +87,11 @@ metadata:
 data:
  TZ: "Asia/Shanghai"
  PLUGIN__RUNTIME_WS_URL: "ws://langbot-plugin-runtime:5400/control/ws"
+  # Box sandbox runtime endpoint. LangBot connects to the Box runtime over
+  # WebSocket. The hostname MUST match the langbot-box Service name. Note the
+  # in-container default ("langbot_box") uses an underscore, which is an
+  # invalid Kubernetes DNS name — so the endpoint is always set explicitly here.
+  BOX__RUNTIME__ENDPOINT: "ws://langbot-box:5410"

 ---
 # Deployment for LangBot Plugin Runtime
@@ -169,6 +178,136 @@ spec:
    protocol: TCP
    name: runtime

+---
+# Deployment for LangBot Box (sandbox) runtime
+#
+# The Box runtime backs LangBot's sandbox tools (exec / read / write / edit /
+# glob / grep), the `activate` skill tool, skill add/edit, and stdio-mode MCP
+# servers. It is OPTIONAL: if you do not deploy it, set `BOX__ENABLED=false` on
+# the langbot Deployment (or `box.enabled: false` in config.yaml) so the
+# dashboard renders cleanly with sandbox features disabled.
+#
+# IMPORTANT — how the sandbox actually runs:
+#   The bundled image ships only the Docker CLI (no dockerd, no nsjail). The Box
+#   runtime therefore creates sandbox containers by talking to a Docker daemon
+#   over the mounted socket (`/var/run/docker.sock`). Because that daemon
+#   resolves bind-mount paths on the NODE filesystem, the Box workspace root
+#   must be the SAME absolute path inside the box container, inside every
+#   sandbox container it spawns, AND on the node. That is why this manifest uses
+#   a hostPath at a fixed absolute path (/app/data/box) and pins langbot + box
+#   to the same node via podAffinity. A normal PVC will NOT work for the box
+#   workspace, because the node's dockerd cannot see paths that exist only
+#   inside the pod's mount namespace.
+#
+# Security note: mounting the host Docker socket grants the Box runtime (and any
+# code executed in the sandbox) effective root on the node. Only deploy Box on
+# nodes you trust for this workload, ideally a dedicated node pool. For a
+# stronger isolation boundary, switch box.backend to 'e2b' (set E2B_API_KEY) and
+# drop the docker.sock mount + hostPath entirely.
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: langbot-box
+  namespace: langbot
+  labels:
+    app: langbot-box
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: langbot-box
+  template:
+    metadata:
+      labels:
+        app: langbot-box
+    spec:
+      # Pin to the same node as langbot so they share the hostPath box root.
+      affinity:
+        podAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+          - labelSelector:
+              matchLabels:
+                app: langbot
+            topologyKey: kubernetes.io/hostname
+      containers:
+      - name: langbot-box
+        image: rockchin/langbot:latest
+        imagePullPolicy: Always
+        # Launched through the same CLI entry point as the plugin runtime.
+        # No flag => WebSocket control transport (default), listening on 5410.
+        command: ["uv", "run", "--no-sync", "-m", "langbot_plugin.cli.__init__", "box"]
+        ports:
+        - containerPort: 5410
+          name: box-rpc
+          protocol: TCP
+        env:
+        - name: TZ
+          valueFrom:
+            configMapKeyRef:
+              name: langbot-config
+              key: TZ
+        # The Box runtime does NOT read box.local.* / BOX__* from its own env;
+        # it receives its configuration from LangBot via the INIT RPC action.
+        # Do not add BOX__* here — they would be silently ignored.
+        volumeMounts:
+        # Box workspace root — identical path on node, box, and sandbox
+        # containers (see the IMPORTANT note above).
+        - name: box-root
+          mountPath: /app/data/box
+        # Host Docker socket — the sandbox backend uses it to create containers.
+        - name: docker-sock
+          mountPath: /var/run/docker.sock
+        resources:
+          requests:
+            memory: "256Mi"
+            cpu: "100m"
+          limits:
+            memory: "1Gi"
+            cpu: "1000m"
+        livenessProbe:
+          tcpSocket:
+            port: 5410
+          initialDelaySeconds: 20
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 3
+        readinessProbe:
+          tcpSocket:
+            port: 5410
+          initialDelaySeconds: 10
+          periodSeconds: 5
+          timeoutSeconds: 3
+          failureThreshold: 3
+      volumes:
+      - name: box-root
+        hostPath:
+          path: /app/data/box
+          type: DirectoryOrCreate
+      - name: docker-sock
+        hostPath:
+          path: /var/run/docker.sock
+          type: Socket
+      restartPolicy: Always
+
+---
+# Service for LangBot Box runtime
+apiVersion: v1
+kind: Service
+metadata:
+  name: langbot-box
+  namespace: langbot
+  labels:
+    app: langbot-box
+spec:
+  type: ClusterIP
+  selector:
+    app: langbot-box
+  ports:
+  - port: 5410
+    targetPort: 5410
+    protocol: TCP
+    name: box-rpc
+
 ---
 # Deployment for LangBot
 apiVersion: apps/v1
@@ -213,11 +352,36 @@ spec:
            configMapKeyRef:
              name: langbot-config
              key: PLUGIN__RUNTIME_WS_URL
+        # Box (sandbox) runtime endpoint. Connects LangBot to the langbot-box
+        # Service over WebSocket. Remove this (and the langbot-box Deployment)
+        # and set BOX__ENABLED=false if you do not want the sandbox.
+        - name: BOX__RUNTIME__ENDPOINT
+          valueFrom:
+            configMapKeyRef:
+              name: langbot-config
+              key: BOX__RUNTIME__ENDPOINT
+        # box.local.* config — forwarded to the Box runtime via INIT RPC. The
+        # host_root MUST match the box-root hostPath mountPath below AND the box
+        # Deployment's box-root mountPath, so that skill package paths resolve
+        # identically on both sides and on the node's Docker daemon.
+        - name: BOX__LOCAL__HOST_ROOT
+          value: "/app/data/box"
+        - name: BOX__LOCAL__DEFAULT_WORKSPACE
+          value: "default"
+        - name: BOX__LOCAL__SKILLS_ROOT
+          value: "skills"
+        - name: BOX__LOCAL__ALLOWED_MOUNT_ROOTS
+          value: "/app/data/box"
        volumeMounts:
        - name: data
          mountPath: /app/data
        - name: plugins
          mountPath: /app/plugins
+        # Same node-level box root as the langbot-box Deployment. Mounted over
+        # the data PVC's /app/data/box subpath so both LangBot and the Box
+        # runtime (and the node's dockerd) agree on one absolute path.
+        - name: box-root
+          mountPath: /app/data/box
        resources:
          requests:
            memory: "1Gi"
@@ -250,6 +414,13 @@ spec:
      - name: plugins
        persistentVolumeClaim:
          claimName: langbot-plugins
+      # Node-level box workspace root, shared with the langbot-box Deployment.
+      # hostPath (not PVC) because the node's Docker daemon must see the same
+      # absolute path when bind-mounting workspaces into sandbox containers.
+      - name: box-root
+        hostPath:
+          path: /app/data/box
+          type: DirectoryOrCreate
      restartPolicy: Always

 ---
@@ -10,6 +10,38 @@ API keys can be managed through the web interface:
 2. Click the "API Keys" button at the bottom of the sidebar
 3. Create, view, copy, or delete API keys as needed

+## Global API Key (config.yaml)
+
+In addition to web-UI-created keys (stored in the database, prefixed `lbk_`),
+LangBot supports a **global API key** defined directly in `data/config.yaml`.
+This is useful for automated deployments, infrastructure-as-code, and AI agents
+that need API/MCP access **without a login session and without creating a
+database record first**.
+
+```yaml
+api:
+    port: 5300
+    # ...
+    global_api_key: 'your-strong-secret-here'   # leave empty to disable
+```
+
+Behavior:
+
+- When `api.global_api_key` is a non-empty string, that exact value is accepted
+  anywhere a normal API key is accepted — the `X-API-Key` header or
+  `Authorization: Bearer <key>` — across the HTTP service API **and the MCP
+  server**.
+- The global key does **not** require the `lbk_` prefix; use any sufficiently
+  strong secret.
+- Leave it empty (`''`, the default) to disable it entirely; only database-backed
+  `lbk_` keys will then be accepted.
+- Existing installs are unaffected until you add the key — config completion only
+  backfills top-level keys, and the lookup is defensive when the field is absent.
+
+> **Security:** the global key is stored in plaintext in `config.yaml`. Only
+> enable it on trusted/internal deployments, keep the file permissions tight,
+> always serve over HTTPS, and rotate the value if it may have leaked.
+
 ## Using API Keys

 ### Authentication Headers
@@ -1,6 +1,6 @@
 [project]
 name = "langbot"
-version = "4.10.0-beta.2"
+version = "4.10.2"
 description = "Production-grade platform for building agentic IM bots"
 readme = "README.md"
 license-files = ["LICENSE"]
@@ -8,7 +8,7 @@ requires-python = ">=3.11,<4.0"
 dependencies = [
    "aiocqhttp>=1.4.4",
    "aiofiles>=24.1.0",
-    "aiohttp>=3.13.4",
+    "aiohttp>=3.14.0",
    "aioshutil>=1.5",
    "aiosqlite>=0.21.0",
    "anthropic>=0.51.0",
@@ -31,27 +31,27 @@ dependencies = [
    "psutil>=7.0.0",
    "pycryptodome>=3.22.0",
    "pydantic>2.0",
-    "pyjwt>=2.10.1",
+    "pyjwt>=2.12.0",
    "python-telegram-bot>=22.0",
    "pyyaml>=6.0.2",
    "qq-botpy-rc>=1.2.1.6",
    "qrcode>=7.4",
    "quart>=0.20.0",
    "quart-cors>=0.8.0",
-    "requests>=2.32.3",
+    "requests>=2.33.0",
    "slack-sdk>=3.35.0",
    "alembic>=1.15.0",
    "sqlalchemy[asyncio]>=2.0.40",
    "sqlmodel>=0.0.24",
    "telegramify-markdown>=0.5.1",
    "tiktoken>=0.9.0",
-    "urllib3>=2.4.0",
+    "urllib3>=2.7.0",
    "websockets>=15.0.1",
    "python-socks>=2.7.1", # dingtalk missing dependency
-    "pip>=25.1.1",
+    "pip>=26.1",
    "ruff>=0.11.9",
    "pre-commit>=4.2.0",
-    "uv>=0.11.6",
+    "uv>=0.11.15",
    "mypy>=1.16.0",
    "PyPDF2>=3.0.1",
    "python-docx>=1.1.0",
@@ -62,15 +62,15 @@ dependencies = [
    "ebooklib>=0.18",
    "html2text>=2024.2.26",
    "langchain>=0.2.0",
-    "langchain-core>=1.2.28",
-    "langsmith>=0.7.31",
-    "python-multipart>=0.0.26",
-    "Mako>=1.3.11",
+    "langchain-core>=1.3.3",
+    "langsmith>=0.8.0",
+    "python-multipart>=0.0.27",
+    "Mako>=1.3.12",
    "langchain-text-splitters>=1.1.2",
    "chromadb>=1.0.0,<2.0.0",
    "qdrant-client (>=1.15.1,<2.0.0)",
    "pyseekdb==1.1.0.post3",
-    "langbot-plugin==0.4.0",
+    "langbot-plugin==0.4.5",
    "asyncpg>=0.30.0",
    "line-bot-sdk>=3.19.0",
    "matrix-nio>=0.25.2",
@@ -79,6 +79,7 @@ dependencies = [
    "pymilvus>=2.6.4",
    "pgvector>=0.4.1",
    "botocore>=1.42.39",
+    "litellm>=1.0.0",
 ]
 keywords = [
    "bot",
@@ -0,0 +1,9 @@
+node_modules/
+coverage/
+.tap/
+__pycache__/
+*.pyc
+skills/.env.local
+reports/
+skills/*/reports/
+.browser/
@@ -0,0 +1,68 @@
+# Agent Workflow
+
+This repository stores reusable LangBot agent-testing assets. Keep changes structured so the next agent does not need to rediscover paths.
+
+## First Steps
+
+1. Read `skills/.env` before using local URLs, paths, browser profiles, or proxy defaults. If present, `skills/.env.local` overrides it for this machine and must not be committed. On a new machine, copy `skills/.env.example` to `skills/.env.local` first.
+2. Pick the smallest relevant skill:
+   - `langbot-env-setup` for environment, browser, OAuth, proxy, and startup.
+   - `langbot-testing` for WebUI, provider, pipeline, cases, and troubleshooting.
+   - `langbot-skills-maintenance` for adding, deduplicating, or auditing this skills repository.
+3. Prefer existing cases and troubleshooting entries before exploring from scratch.
+
+## Editing Rules
+
+- UI/browser testing is the primary QA path. API/curl checks are diagnostic only and cannot make a UI case pass by themselves.
+- Put skills under `skills/<name>/`.
+- Keep `SKILL.md` concise; move detailed workflows to `references/`.
+- Put reusable test paths in `cases/*.yaml`.
+- New or edited cases must include `priority`, `risk`, `ci_eligible`, and `evidence_required` so agents can select the right test set without rereading every file.
+- Use `env_any` / `automation_env_any` for one-of machine inputs, such as `LANGBOT_PIPELINE_URL|LANGBOT_PIPELINE_NAME`; do not list those alternatives as separate all-required env keys.
+- Put reusable groups of cases in `suites/*.yaml` rather than hardcoding test sets in docs or CLI code.
+- Put growing failure knowledge in `troubleshooting/*.yaml`.
+- Do not hardcode local ports in testing docs; use `skills/.env` variables and machine-local `skills/.env.local` overrides.
+- Do not store secrets, API keys, OAuth tokens, or localStorage token values.
+
+## Required Checks
+
+After structural changes, run:
+
+```bash
+bin/lbs validate
+```
+
+After changing skills, cases, or troubleshooting assets, run:
+
+```bash
+bin/lbs index
+```
+
+Use `bin/lbs env show` to inspect defaults and `bin/lbs env doctor` when diagnosing local environment readiness. Env output is redacted by default; do not work around that by printing raw secrets.
+`bin/lbs` is a generated local wrapper. If it is missing on a fresh checkout, run `npm run bootstrap` from this directory first; `npm install` also regenerates it via `prepare`.
+Use `bin/lbs fixture check` before fixture-heavy cases such as MCP, RAG, multimodal, or plugin smoke tests.
+Use `bin/lbs case list --ready` for cases that have no missing machine inputs and no manual preconditions. Use `bin/lbs case list --machine-ready` when you want to keep `manual-check` candidates and confirm their preconditions yourself.
+
+Before executing a saved QA path, generate the agent-facing plan:
+
+```bash
+bin/lbs test plan <case-id>
+```
+
+Read the plan readiness sections before running the browser path. Missing env,
+automation env, or fixture readiness means the case is not ready to execute and
+should be marked `blocked` or fixed first.
+`manual_check` means machine inputs are present but the agent must verify the
+declared `preconditions` or `setup` items before executing the UI path. Do not
+turn a `manual_check` case into `pass` until those items were checked in the
+same run.
+
+Before executing a group of saved QA paths, generate the suite plan:
+
+```bash
+bin/lbs suite plan <suite-id>
+```
+
+Use `bin/lbs suite start <suite-id>` to create a shared suite run id, suite evidence root, per-case evidence directories, and `suite-start.json`/`suite-start.md` handoff files. Then run `bin/lbs suite report <suite-id> --evidence-dir <dir>` to aggregate case results.
+Automation scripts write `automation-result.json`; write the final per-case `result.json` with `bin/lbs test result <case-id> --result <status> --reason <text> --evidence-dir <dir> --evidence <comma-list>` after collecting the required evidence. A `pass` result must include all required evidence.
+For runner-specific Debug Chat cases, prefer case-specific pipeline env keys such as `LANGBOT_LOCAL_AGENT_PIPELINE_URL` over the generic `LANGBOT_PIPELINE_URL`; otherwise an agent can accidentally test the wrong runner.
@@ -0,0 +1,58 @@
+# LangBot Skills
+
+This directory is the **single source of truth** for LangBot's agent skills —
+reusable, on-demand instruction packs for AI agents (Claude Code, Codex, Cursor,
+and LangBot's own Local Agent) working with the LangBot ecosystem.
+
+> These skills were consolidated here from the former `langbot-app/langbot-skills`
+> repository (now archived). Documentation and the landing page link here; do not
+> re-copy skill content elsewhere — link to this directory instead.
+
+## Skill catalog
+
+| Skill | What it covers |
+| --- | --- |
+| [`langbot-dev`](skills/langbot-dev) | Core backend + web frontend development (Quart, Vite, API, migrations, MCP server) |
+| [`langbot-plugin-dev`](skills/langbot-plugin-dev) | Plugin SDK / component development, debugging, WebSocket testing |
+| [`langbot-deploy`](skills/langbot-deploy) | Docker / Compose / Kubernetes deployment, config.yaml, Box runtime, global API key |
+| [`langbot-testing`](skills/langbot-testing) | WebUI / e2e QA harness, cases, fixtures, troubleshooting (the `bin/lbs` CLI) |
+| [`langbot-env-setup`](skills/langbot-env-setup) | Local dev/test environment, browser access, OAuth, proxy, startup |
+| [`langbot-mcp-ops`](skills/langbot-mcp-ops) | Operating a LangBot instance through its MCP server (`/mcp`) |
+| [`langbot-space-ops`](skills/langbot-space-ops) | Browsing the LangBot Space marketplaces through the Space MCP server |
+| [`langbot-eba-adapter-dev`](skills/langbot-eba-adapter-dev) | Building platform adapters for the Event-Based Agents architecture |
+| [`langbot-skills-maintenance`](skills/langbot-skills-maintenance) | Adding, deduplicating, and auditing skills in this directory |
+
+`skills.index.json` is the machine-readable index (regenerate with `bin/lbs index`).
+
+## Quick start (for an AI agent)
+
+1. Read this README, `AGENTS.md`, and `qa-agent-docs/` to understand the layout.
+2. Read `skills/.env` for shared local defaults. On a new machine, copy
+   `skills/.env.example` to `skills/.env.local` (gitignored) and override
+   machine-specific values there. Never commit secrets.
+3. Pick the smallest relevant skill from the catalog above and follow its
+   `SKILL.md`.
+
+## The `lbs` CLI
+
+The testing assets ship with a small CLI (`bin/lbs`, Node >= 22.6). The
+`bin/lbs` wrapper is a generated local entrypoint; on a fresh checkout, run
+`npm run bootstrap` once if it is missing. `npm install` also regenerates it via
+the `prepare` script.
+
+```bash
+npm run bootstrap    # create bin/lbs if missing
+bin/lbs validate     # validate skills/cases/troubleshooting structure
+bin/lbs index        # regenerate skills.index.json
+bin/lbs env show     # inspect resolved env defaults (redacted)
+bin/lbs env doctor   # diagnose local environment readiness
+bin/lbs case list --ready
+bin/lbs test plan <case-id>
+```
+
+## Maintenance rule
+
+When the LangBot / LangBot Space **API or MCP server changes**, the
+corresponding skill here MUST be updated in the same change. The MCP tool
+surface, the API, and these skills are kept in lockstep — see each repo's
+`AGENTS.md`.
@@ -0,0 +1,29 @@
+{
+  "private": true,
+  "type": "module",
+  "bin": {
+    "lbs": "./bin/lbs"
+  },
+  "scripts": {
+    "bootstrap": "node scripts/bootstrap-lbs.mjs",
+    "prepare": "node scripts/bootstrap-lbs.mjs",
+    "prevalidate": "node scripts/bootstrap-lbs.mjs",
+    "preindex": "node scripts/bootstrap-lbs.mjs",
+    "preindex:check": "node scripts/bootstrap-lbs.mjs",
+    "pretest": "node scripts/bootstrap-lbs.mjs",
+    "precheck": "node scripts/bootstrap-lbs.mjs",
+    "lbs": "node src/lbs.ts",
+    "test": "node test/lbs-cli.test.ts",
+    "validate": "node src/lbs.ts validate",
+    "index": "node src/lbs.ts index",
+    "index:check": "node src/lbs.ts index --check",
+    "check:syntax": "find src test scripts -type f \\( -name '*.ts' -o -name '*.mjs' \\) -print0 | xargs -0 -n1 node --check",
+    "check": "npm run check:syntax && npm run validate && npm test"
+  },
+  "engines": {
+    "node": ">=22.6"
+  },
+  "devDependencies": {
+    "playwright": "^1.60.0"
+  }
+}
@@ -0,0 +1,117 @@
+# LangBot Agent Testing 技术选型
+
+## 状态
+
+这是技术选型背景文档，不是当前路线图。当前黑盒 E2E QA 的实施顺序见：
+
+```text
+docs/qa-agent/04-black-box-e2e-roadmap.md
+```
+
+## 目标
+
+`langbot-skills` 的目标不是替代测试框架，而是沉淀 agent 可复用的测试资产，让开发者 clone 仓库后，可以让 Codex、Claude Code、Computer Use 或 Playwright MCP 复用已有路径完成 LangBot 功能验证。
+
+核心原则：
+
+- Skill 负责路由和少量规则。
+- Reference 负责可读流程和背景知识。
+- Case 负责结构化测试路径。
+- Troubleshooting 负责结构化故障资产。
+- `lbs` 负责结构校验、索引、资产创建和未来的运行/报告能力。
+- UI/browser 是产品 QA 的主路径；API/curl 只用于诊断。
+
+## 浏览器控制层
+
+不同开发者可用的浏览器控制能力不同，所以浏览器层必须可替换。
+
+| 方案 | 适用场景 | 优点 | 代价 |
+|---|---|---|---|
+| Codex / Claude Computer Use | agent 可以直接控制可见浏览器 | 登录和交互路径最自然，通常不需要额外 MCP 浏览器桥接 | 依赖具体 agent 工具能力 |
+| Playwright MCP | 没有 Computer Use，但有 MCP 浏览器工具 | 稳定、可脚本化、适合回归路径 | OAuth 登录通常需要额外 visible profile |
+| 直接 Playwright 脚本 | 测试路径非常稳定，适合 CI | 可重复性强 | 需要维护脚本和 selector |
+| 商业 AI QA 平台 | 团队希望外包测试运行平台 | 报告和 PR 集成完整 | 成本和平台绑定 |
+
+## 当前推荐
+
+先采用分层降级：
+
+```text
+有 Computer Use？
+  是 -> 使用 Computer Use 控制浏览器
+  否 -> 使用 Playwright MCP
+
+需要 GitHub OAuth？
+  是 -> 使用持久浏览器 profile，让用户手动完成登录
+  否 -> 直接使用已有登录态或测试账号状态
+```
+
+具体选择逻辑沉淀在：
+
+```text
+skills/langbot-env-setup/references/browser-access-selection.md
+```
+
+测试原则固定在：
+
+```text
+docs/qa-agent/03-agent-browser-qa-principles.md
+```
+
+## 环境变量层
+
+测试文档不应写死端口。共享默认值放在：
+
+```text
+skills/.env
+```
+
+关键变量：
+
+```text
+LANGBOT_FRONTEND_URL
+LANGBOT_BACKEND_URL
+LANGBOT_DEV_FRONTEND_URL
+LANGBOT_REPO
+LANGBOT_WEB_REPO
+LANGBOT_BROWSER_PROFILE
+```
+
+Agent 执行测试前应先读取 `skills/.env`，再用用户提供的当前环境或已启动服务覆盖默认值。
+
+## 测试资产层
+
+测试资产分两类：
+
+```text
+skills/<skill>/
+  references/        # Markdown 流程说明
+  cases/             # 结构化测试用例
+  troubleshooting/   # 结构化故障记录
+```
+
+当前已实现：
+
+- `SKILL.md` 路由
+- `references/*.md`
+- `lbs case new/list/show`
+- `lbs trouble show/search`
+- `lbs test plan`
+- `lbs test report`
+- `lbs list / validate / index`
+
+下一步重点：
+
+- 日志守卫规则补充
+- 报告产物管理
+
+## 关键判断
+
+不要强制所有内容只能通过 CLI 修改。更好的模式是：
+
+- 新增 case/troubleshooting：优先使用 `lbs`
+- 大段流程说明：允许直接编辑 Markdown
+- 结构性变更后：必须运行 `lbs validate`
+- 任何生成索引的变更后：运行 `lbs index`
+
+这样既能沉淀结构化资产，又不会在 schema 未稳定时拖慢迭代。
@@ -0,0 +1,231 @@
+# LangBot Skills 测试资产库规划
+
+## 状态
+
+这是早期测试资产库规划文档，保留用于解释 `langbot-skills` 的分层来源。
+
+当前路线已经收敛为黑盒 E2E QA：开发者用 agent 通过浏览器测试 LangBot，
+稳定路径沉淀为 case，失败知识沉淀为 troubleshooting。`lbs test report` 和
+日志守卫已有 MVP，后续重点是报告证据、case 元数据和少量稳定路径自动化。当前优先级见：
+
+```text
+docs/qa-agent/04-black-box-e2e-roadmap.md
+```
+
+本文中关于 `case list/show`、`trouble show/search`、`test plan` 的“计划实现”
+内容已经部分过时，因为这些能力已经落地。
+
+## 目标
+
+让开发者 clone `langbot-skills` 后，可以把测试意图交给 agent，由 agent 复用已有环境配置、测试路径和故障知识完成 LangBot 功能验证。
+
+典型场景：
+
+- 冒烟测试：验证 pipeline Debug Chat、provider、常见页面是否正常。
+- Provider 测试：添加 DeepSeek/OpenAI/Claude 等供应商并验证模型可用。
+- 新 feature 测试：探索新 UI 路径，并在稳定后沉淀成 case/reference。
+- 回归测试：复用旧路径，避免每个窗口重新探索登录、模型配置、pipeline 调试。
+- 故障沉淀：把 runtime 超时、代理不一致、WebSocket 问题记录为可搜索资产。
+
+核心方向见 `03-agent-browser-qa-principles.md`：agent 必须以浏览器/UI 为主路径，API/curl 只能作为诊断手段。
+
+## 当前仓库结构
+
+```text
+skills/
+  .env                         # 共享默认变量
+  langbot-env-setup/           # 环境准备、浏览器控制路径、代理、登录态
+  langbot-testing/             # WebUI / provider / pipeline 测试入口
+  langbot-plugin-dev/          # 插件开发测试
+  langbot-eba-adapter-dev/     # 平台适配器开发测试
+src/
+  lbs.ts                       # CLI 源码
+bin/
+  lbs                          # CLI 入口
+docs/
+  qa-agent/                    # 规划文档，历史目录名保留
+```
+
+## 设计分层
+
+### 1. Skill 层
+
+`SKILL.md` 只做触发和路由，不承载大段流程。
+
+例子：
+
+```text
+langbot-env-setup -> 选择 Computer Use / Playwright MCP / OAuth profile / proxy
+langbot-testing -> 选择 WebUI / pipeline / provider / troubleshooting
+```
+
+### 2. Reference 层
+
+Markdown 记录人和 agent 都能读的流程说明。
+
+适合内容：
+
+- 如何选择浏览器控制方式
+- 如何启动/检查服务
+- 如何执行 pipeline Debug Chat
+- 如何处理 OAuth 登录态
+
+### 3. Case 层
+
+使用 YAML 记录可重复测试路径。
+
+建议结构：
+
+```text
+skills/langbot-testing/cases/
+  pipeline-debug-chat.yaml
+  provider-deepseek.yaml
+```
+
+建议格式：
+
+```yaml
+id: pipeline-debug-chat
+title: Pipeline Debug Chat returns a bot response
+mode: agent-browser
+area: pipeline
+type: smoke
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+steps:
+  - Open LANGBOT_FRONTEND_URL
+  - Navigate to Pipelines
+  - Open target pipeline
+  - Select Debug Chat
+  - Send deterministic prompt
+checks:
+  - "UI: User message appears"
+  - "UI: Bot message appears"
+  - "Console: No unexpected frontend errors"
+  - "Logs: Backend log includes Conversation(0) Streaming completed"
+diagnostics:
+  - "Use API/curl only after the UI path is attempted, to distinguish frontend display failure from backend/runtime failure."
+troubleshooting:
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+```
+
+### 4. Troubleshooting 层
+
+故障资产会逐渐变大，适合结构化记录。
+
+历史 Markdown 入口保留在：
+
+```text
+skills/langbot-testing/references/troubleshooting.md
+```
+
+当前 canonical 结构化故障资产在：
+
+```text
+skills/langbot-testing/troubleshooting/
+  plugin-runtime-timeout.yaml
+  proxy-env-mismatch.yaml
+```
+
+### 5. CLI 层
+
+`lbs` 是统一入口，不再引入独立 `qa` 命令。
+
+已实现或当前可用：
+
+```bash
+bin/lbs list
+bin/lbs validate
+bin/lbs index
+bin/lbs new-skill <name>
+bin/lbs new-ref <skill> <name>
+bin/lbs case new pipeline-debug-chat --title "Pipeline Debug Chat"
+bin/lbs case list
+bin/lbs case show pipeline-debug-chat
+bin/lbs trouble list <skill>
+bin/lbs trouble show plugin-runtime-timeout
+bin/lbs trouble search runtime
+bin/lbs trouble add <skill> --title ... --symptom ... --cause ... --fix ...
+bin/lbs test plan pipeline-debug-chat
+bin/lbs test start pipeline-debug-chat
+bin/lbs test run pipeline-debug-chat --dry-run
+bin/lbs test report pipeline-debug-chat
+bin/lbs test report pipeline-debug-chat --backend-log /path/to/backend.log
+```
+
+## 测试库位置
+
+不要使用隐藏 `.qa/` 作为主测试库。测试资产应该和 skill 放在一起，便于触发和维护：
+
+```text
+skills/langbot-testing/
+  references/
+  cases/
+  troubleshooting/
+  reports/          # 可选，本地运行产物可按需忽略或输出到外部目录
+```
+
+如果未来需要项目本地测试库，可以允许 `lbs` 支持 `--workspace` 或项目根目录配置，但 canonical 资产仍保存在 `langbot-skills`。
+
+## 阶段规划
+
+### 阶段一：环境和测试路径沉淀
+
+状态：基本完成，持续维护。
+
+- `skills/.env` 管共享默认变量。
+- `langbot-env-setup` 拆出 Computer Use、Playwright MCP、OAuth profile、proxy、service startup。
+- `langbot-testing` 记录 WebUI、pipeline、provider 测试路径。
+- `lbs validate/index` 维护结构。
+
+完成标准：
+
+- agent 可以从 `skills/.env` 和 references 中找到当前测试入口。
+- pipeline Debug Chat 这类路径不再需要从头探索。
+
+### 阶段二：结构化 case/troubleshooting
+
+状态：主体已完成，继续补齐元数据和资产质量。
+
+目标：
+
+- `lbs case new/list/show`
+- `lbs trouble show/search`
+- case id 去重、字段校验、索引生成
+
+完成标准：
+
+- 冒烟测试路径可以用结构化 case 表示。
+- 下一个 agent 窗口可以直接读取 case 执行。
+
+### 阶段三：计划和报告
+
+状态：已有 MVP，继续完善。
+
+目标：
+
+- `lbs test plan <case>`
+- agent 按 plan 使用浏览器执行 UI QA
+- `lbs test report`
+- 日志守卫集成
+- 报告产物和 evidence 约定
+
+完成标准：
+
+- agent 可以按 case plan 执行浏览器测试。
+- 结果报告包含 UI 结果、后端日志、console 错误和 troubleshooting 建议。
+
+## 执行规则
+
+- agent 可以直接编辑 Markdown reference。
+- 新增结构化 case/troubleshooting 时，优先使用 `lbs`。
+- 每次结构变更后运行 `bin/lbs validate`。
+- 每次索引相关变更后运行 `bin/lbs index`。
+- 测试文档不写死端口，使用 `skills/.env` 中的 URL 变量。
+- 测试 case 的 `mode` 固定为 `agent-browser`。
+- API/curl 只能写入 `diagnostics`，不能替代 UI 步骤和 UI 检查。
@@ -0,0 +1,161 @@
+# 日志守卫规划
+
+## 状态
+
+这是当前活跃设计，已有第一版文件扫描 MVP。实现边界需要和黑盒 E2E 路线保持一致：
+
+- 日志守卫服务于 `lbs test report`。
+- 它不替代浏览器/UI 判断。
+- 它不发展成独立后端 API 测试框架。
+- 第一版默认扫描 `LANGBOT_REPO/data/logs/` 下最新的 `langbot-*.log`，也可扫描 agent
+  显式提供的 backend/frontend/console 日志文件。
+
+当前总体路线见：
+
+```text
+docs/qa-agent/04-black-box-e2e-roadmap.md
+```
+
+## 目标
+
+日志守卫是 `lbs test report` 的一部分，用来在 agent 执行测试期间捕获 UI 断言之外的运行时问题。
+
+当前命令方向已收敛为 `lbs test plan` / `lbs test report`。日志守卫服务于 agent-browser QA，不是独立的后端 API 测试入口。
+
+LangBot 是异步且集成度高的系统，有些问题不会直接表现为页面失败：
+
+- 后台任务异常
+- 未等待的协程
+- Provider 流式调用失败
+- 插件 runtime 超时
+- 平台发送失败
+- 数据库连接问题
+- 敏感信息泄露
+
+日志守卫负责把这些信号结构化地放进测试报告，并关联到 troubleshooting 资产。
+
+## 输入
+
+日志守卫应从环境和运行上下文读取配置：
+
+- `skills/.env` 中的 `LANGBOT_BACKEND_URL`
+- `skills/.env` 中的 `LANGBOT_REPO`，用于自动发现 LangBot 后端日志
+- `lbs test plan` / report 记录的 case id
+- LangBot 后端进程输出
+- 前端 dev server 输出
+- 浏览器 console/network 错误
+- case 声明的 success/failure patterns 和 expected failures
+
+## MVP 范围
+
+- 读取一个或多个日志流或日志文件。
+- 检测错误模式。
+- 支持按 case id 或 pattern 白名单。
+- 输出 JSON/Markdown 摘要。
+- 发现非预期错误时让测试报告标记失败；未来如果有自动执行器，再返回非零退出码。
+
+## 错误分类
+
+### 永远非预期
+
+除非 case 明确声明，否则应失败：
+
+- `Traceback`
+- `Task exception was never retrieved`
+- `RuntimeWarning: coroutine .* was never awaited`
+- `Unclosed client session`
+- `Unclosed connector`
+- `KeyError`
+- `TypeError`
+- `AttributeError`
+- 密钥、token、secret 明文泄露
+
+### Case 预期错误
+
+只有当前 case 声明时允许：
+
+- 无效 provider key
+- Provider 认证失败
+- 无效 webhook payload
+- 插件测试故意抛错
+- 超时测试
+- 限流测试
+
+### 仅警告
+
+报告但默认不失败：
+
+- 可恢复重试
+- 恢复的超时
+- 废弃配置
+- 慢请求
+- 版本检查失败
+
+## 与 Troubleshooting 集成
+
+日志守卫不只输出错误文本，还应尽量匹配已知 troubleshooting id。
+
+例子：
+
+```text
+Action list_plugins call timed out
+Action list_agent_runners call timed out
+Action invoke_llm_stream call timed out
+```
+
+可映射到：
+
+```text
+plugin-runtime-timeout
+```
+
+```text
+uppercase proxy points to one host, lowercase proxy points to another
+```
+
+可映射到：
+
+```text
+proxy-env-mismatch
+```
+
+## 未来命令
+
+```bash
+bin/lbs test plan pipeline-debug-chat
+bin/lbs test start pipeline-debug-chat
+bin/lbs test run pipeline-debug-chat --dry-run
+bin/lbs test report pipeline-debug-chat
+bin/lbs test report --output report.md
+bin/lbs test report pipeline-debug-chat --backend-log /path/to/backend.log --console-log /path/to/console.log
+bin/lbs test report pipeline-debug-chat --since "2026-05-21T10:30:00+08:00"
+bin/lbs test report pipeline-debug-chat --tail-lines 2000
+bin/lbs test report pipeline-debug-chat --since "2026-05-21T10:30:00+08:00" --tail-lines 2000
+bin/lbs test report pipeline-debug-chat --no-auto-log
+```
+
+运行报告应包含：
+
+- case id
+- URL 和环境变量摘要，不能包含 secrets
+- 浏览器可见结果
+- 后端日志摘要
+- console/network 错误
+- 匹配到的 troubleshooting id
+- 通过/失败结论
+
+## MVP 完成标准
+
+- 可以自动扫描最新 LangBot 后端日志，也可以扫描前端日志和 console 日志文件。
+- 可以用 `--since` 或 `--tail-lines` 把扫描范围限制到本次测试窗口。
+- 可以检测明显 Python/运行时错误和 secret 泄露风险。
+- 可以识别 case 声明的 success/failure patterns。
+- 可以识别 troubleshooting pattern，包括 `plugin-runtime-timeout` 和 `proxy-env-mismatch`。
+- 支持 case 级白名单。
+- 输出机器可读摘要。
+- 至少一个 `langbot-testing` case 使用它。
+
+当前 MVP 已覆盖自动发现 LangBot 后端日志、文件扫描、`--since`/`--tail-lines` 扫描窗口、
+基础错误检测、case success/failure signal、troubleshooting 匹配、secret 脱敏和 `--json`
+输出。仍待继续完善的是 live log 采集、更多规则、case 级 expected failure 的资产化和真实
+E2E report 样例。
@@ -0,0 +1,57 @@
+# Agent Browser QA Principles
+
+This document fixes the direction of LangBot agent testing so the project does not drift into a backend API smoke-test framework.
+
+## Primary Goal
+
+`langbot-skills` should help an agent behave like a QA engineer using the product, not like a backend curl script.
+
+The primary path is:
+
+```text
+developer intent -> lbs test plan -> agent controls browser -> UI result + console + logs -> report/assets
+```
+
+## Rules
+
+1. Browser/UI interaction is the source of truth for product QA cases.
+2. A backend API or curl response is never enough to mark a UI case passed.
+3. API/curl/log checks are allowed as diagnostics after a UI path is attempted or when debugging environment readiness.
+4. A case passes only when the user-visible UI result is correct.
+5. The agent should inspect browser console/network output when available.
+6. If screenshot or vision capability is available, the agent should check for blank pages, overlap, hidden actions, broken layout, and error toasts.
+7. If no visual model is available, use DOM/accessibility snapshots and console output instead.
+8. New stable UI paths should be added as `cases/*.yaml`.
+9. New recurring failure modes should be added as `troubleshooting/*.yaml`.
+10. Secrets, tokens, API keys, and localStorage token values must never be printed.
+
+## Command Semantics
+
+`lbs` manages assets and produces plans. It does not replace the agent's browser-control ability.
+
+```bash
+bin/lbs test plan pipeline-debug-chat
+```
+
+This command outputs:
+
+- environment variables to use
+- required skills
+- browser steps
+- UI/console/visual/log checks
+- diagnostic options
+- related troubleshooting patterns
+- report template
+
+The active agent then executes the plan with Computer Use, Playwright MCP, or another available browser-control tool.
+
+## Diagnostics
+
+Diagnostics can include:
+
+- `bin/lbs env doctor`
+- browser console/network inspection
+- backend logs
+- targeted API/curl checks
+
+Diagnostics answer "where did it fail?" They do not replace "did the user-visible UI work?"
@@ -0,0 +1,299 @@
+# 黑盒 E2E QA 路线图
+
+## 定位
+
+LangBot 有大量外部依赖：模型供应商、plugin runtime、浏览器登录态、
+marketplace/network、RAG engine、sandbox backend、平台适配器等。单测仍然有价值，
+但这个 QA 方向当前不优先解决 LangBot core 的单测覆盖率问题，因为重 mock 往往不能
+真实代表产品路径。
+
+`langbot-skills` 当前目标是让黑盒 E2E 测试变得可执行、可沉淀、可复用：
+
+```text
+开发者测试意图
+-> 复用或新增 case
+-> agent 通过浏览器执行
+-> UI + console + network + log 证据
+-> report
+-> 反哺 case / troubleshooting
+```
+
+这是面向开发者的 QA 资产库。开发者可以让 agent 测一个 feature；如果路径稳定，
+就把路径正规化为 case，让下一个开发者或 QA agent 继续复用。
+
+## 非目标
+
+- 这一阶段不优先建设 LangBot core 单测覆盖率。
+- 不把 API/curl 作为 WebUI 行为的通过标准。
+- 不要求每个 case 都能进 CI。
+- 不在 report 和日志守卫有用之前急着做完整 browser runner。
+- 不把外部 provider、OAuth、marketplace 抖动直接判成产品失败，除非证据明确。
+
+## 当前状态
+
+仓库已经具备第一层基础设施：
+
+- `skills/.env` 和 `skills/.env.local` 管理测试环境；
+- `langbot-env-setup`、`langbot-testing`、`langbot-plugin-dev` 等 skill；
+- `skills/langbot-testing/cases` 下的结构化 case；
+- `skills/langbot-testing/troubleshooting` 下的结构化故障资产；
+- RAG、多模态、plugin、MCP 等 fixture；
+- `bin/lbs validate`、`bin/lbs index`、`bin/lbs case`、`bin/lbs trouble`、
+  `bin/lbs test plan`、`bin/lbs test start`、`bin/lbs test report`。
+
+所以当前已经不是“先把路径写进 Markdown”的阶段，而是进入“让每次运行有证据、
+有报告、能沉淀”的阶段。
+
+## 测试模型
+
+UI case 只有在用户可见行为正确时才能通过。辅助证据必须解释同一次运行。
+
+通过一个 UI case 的最低证据：
+
+- 用户可见的成功信号，例如 bot 回复、provider 保存成功、文件上传完成、plugin 页面渲染；
+- 没有意外 browser console error；
+- 相关时间窗口内没有意外后端/runtime 错误；
+- 有截图、DOM snapshot 或同等视觉/结构证据，如果当前 agent 能获取；
+- API/curl 只在解释同一条 UI 路径时作为诊断证据。
+
+失败报告需要保留足够信息，让开发者能复现或分流：
+
+- case id 和实际测试 URL；
+- 使用的 browser path；
+- 最后可见 UI 状态；
+- console/network 症状；
+- 相关后端/前端日志；
+- 匹配到的 troubleshooting id；
+- 这是产品失败、环境问题、外部依赖抖动，还是证据不足。
+
+## 结果词汇
+
+统一使用这些结果：
+
+- `pass`：UI 行为正确，辅助证据干净。
+- `fail`：UI 行为错误，或同一次运行的 console/log 出现意外产品错误。
+- `blocked`：缺登录、缺 provider credentials、服务未启动等原因导致目标路径没有跑起来。
+- `env_issue`：失败在目标行为之外，例如 proxy、OAuth、provider quota、marketplace outage、
+  本地服务启动问题。
+- `flaky`：同一环境下结果不稳定，进入门禁前需要先稳定。
+
+做 merge/release 判断时，`env_issue` 和 `blocked` 不能算产品通过。
+
+## 路线图
+
+### Phase 0：对齐文档
+
+目标：明确当前黑盒 E2E 方向。
+
+交付物：
+
+- `docs/qa-agent/README.md` 文档状态导航；
+- 本路线图；
+- 给旧规划文档加状态说明。
+
+完成标准：
+
+- 新贡献者不用通读所有旧文档，也能知道当前重点。
+
+### Phase 1：Test Report MVP
+
+状态：已有第一版。
+
+目标：让每次 agent browser 测试都有一致报告格式，即使 browser 执行还没自动化。
+
+建议命令：
+
+```bash
+bin/lbs test start <case-id>
+bin/lbs test report <case-id> --output reports/<timestamp>-<case-id>.md
+```
+
+MVP 行为：
+
+- 读取 case 和关联 troubleshooting；
+- 生成 Markdown report 模板；
+- 生成 run handoff，固定本次测试的 start timestamp 和推荐 report command；
+- 写入脱敏后的环境摘要；
+- 提供 `pass/fail/blocked/env_issue/flaky` 结果选项；
+- 包含 UI result、console errors、network symptoms、logs、screenshots、
+  diagnostics、matched troubleshooting、assets to update 等 section；
+- 支持 `--json`，输出机器可读报告。
+
+第一版已经是 report generator，不急着做自动判定。先把 evidence 收集格式统一起来，
+再做自动化更稳。
+
+完成标准：
+
+- agent 可以先跑 `lbs test start <case-id>`，用它给出的时间窗口执行浏览器路径，
+  然后按固定格式填写 report，不需要每次重新发明报告结构。
+
+### Phase 2：日志守卫 MVP
+
+状态：已有第一版文件扫描。
+
+目标：捕获 UI 不一定明显展示的 runtime 问题。
+
+日志守卫应集成进 `lbs test report`，不要发展成独立后端 API 测试框架。
+
+建议命令形态：
+
+```bash
+bin/lbs test report <case-id> \
+  --backend-log /path/to/backend.log \
+  --frontend-log /path/to/frontend.log \
+  --console-log /path/to/console.log \
+  --evidence-dir reports/evidence/<run-id> \
+  --since "2026-05-21T10:30:00+08:00" \
+  --tail-lines 2000 \
+  --output reports/<timestamp>-<case-id>.md
+```
+
+MVP 行为：
+
+- 默认从 `LANGBOT_REPO/data/logs/` 扫描最新 `langbot-*.log`；
+- 支持 agent 显式提供 backend、frontend、console 日志文件；
+- 支持读取 evidence 目录下的 `automation-result.json`，把浏览器自动化脚本结论纳入报告；
+- 支持 `lbs test result` 为人工/agent browser 运行写入标准 `result.json`，供 suite 聚合；
+- 支持 `--since` 和 `--tail-lines`，避免历史日志污染本次报告；
+- 检测默认非预期模式，例如 `Traceback`、未 await coroutine、unclosed client/connector、
+  `KeyError`、`TypeError`、`AttributeError`、明显 secret 泄露；
+- 匹配 case 声明的 `success_patterns` 和 `failure_patterns`；
+- 匹配已知 troubleshooting，先支持 `plugin-runtime-timeout` 和 `proxy-env-mismatch`；
+- 只有 case 明确声明时，才允许 expected failure；
+- 将发现分类为 fail、warning、matched troubleshooting、ignored expected issue；
+- 永远不打印 secret 值。
+
+完成标准：
+
+- 至少 `pipeline-debug-chat` 能生成包含日志摘要和 troubleshooting 匹配结果的 report。
+
+### Phase 3：Case 元数据加固
+
+状态：已有第一版。
+
+目标：让 case 更容易选择、执行和晋级。
+
+字段逐步补充，保持向后兼容：
+
+```yaml
+priority: p0 | p1 | p2
+risk: low | medium | high
+ci_eligible: false
+preconditions:
+  - "Authenticated browser profile is available."
+setup:
+  - "Start LangBot backend and frontend."
+cleanup:
+  - "Remove temporary provider, plugin, or knowledge base if created."
+expected_failures: []
+success_patterns:
+  - "Conversation(0) Streaming completed"
+failure_patterns:
+  - "Action invoke_llm_stream call timed out"
+evidence:
+  required:
+    - ui
+    - console
+    - backend_log
+```
+
+当前实现采用扁平字段 `evidence_required`，避免轻量 YAML 解析器在 case 文件里承载嵌套结构。
+`bin/lbs validate` 会校验 `priority`、`risk`、`ci_eligible`、`evidence_required`、
+`automation` 脚本路径、case 关联 skill 和 troubleshooting 交叉引用。`bin/lbs case list`
+支持 `--json`、`--type`、`--area`、`--tag`、`--priority`、`--risk`、`--automation`、`--ci`
+、`--ready` 和 `--machine-ready` 过滤，方便 agent 快速选择测试集。
+`env_any` 和 `automation_env_any` 用于表达 URL-or-name 这类 one-of 输入，避免把可替代变量误判为全部必填。
+
+当前也有 `skills/<skill>/suites/*.yaml` 和 `bin/lbs suite plan <suite-id>`，用于组织常跑测试集，
+例如 `core-smoke`、`local-agent-gate` 和
+`agent-runner-release-gate`。发布门禁使用 `agent-runner-release-preflight`
+先分类配置 blockers 和 runtime env issues，再运行较重的浏览器 Debug Chat case。
+依赖 fixture 的 case 可以在浏览器执行前先跑 `bin/lbs fixture check`，检查
+`fixtures/fixtures.json` 登记的 deterministic 文件、plugin 包和本地测试 server 是否存在。
+`bin/lbs suite start <suite-id>` 会生成 suite run id、suite evidence root、per-case evidence 目录、
+`suite-start.json`/`suite-start.md` handoff 文件和 per-case evidence 命令；
+浏览器自动化脚本会写入 `automation-result.json`，供 `bin/lbs test report` 展示原始自动化结论；
+`bin/lbs test result <case-id>` 会在人工/agent browser case 完成后写入最终 `result.json`；
+`bin/lbs suite report <suite-id> --evidence-dir <dir>` 会聚合各 case 的 `result.json`，并且
+不会把缺少 required evidence 的 `pass` 当作 suite 通过。
+Runner 专用 Debug Chat case 通过 `automation_pipeline_url_env` 和
+`automation_pipeline_name_env` 绑定专用 pipeline 变量，避免 local-agent、Codex 或
+Claude Code case 误用通用 `LANGBOT_PIPELINE_URL` 后产生假阳性。
+Debug Chat case 还可以通过 `automation_stream_output` 固定流式或非流式发送路径。
+多模态 Debug Chat case 可以通过 `automation_image_base64_fixture` 复用 deterministic 图片 fixture。
+`test plan` 和 `suite plan` 会输出 readiness，让 agent 在执行浏览器前就看到缺失的 env、
+自动化变量、fixture，以及需要人工确认的 `manual_check` 前置条件。
+
+完成标准：
+
+- `lbs case list` 或后续 filter 能回答“smoke 跑哪些”、“哪些适合 CI”、
+  “哪些需要真实 provider credentials”。
+
+### Phase 4：开发者沉淀流程
+
+目标：开发者让 agent 测新 feature 后，稳定路径不会丢在聊天记录里。
+
+流程：
+
+1. 开发者要求 agent 通过浏览器测试某个 feature。
+2. agent 先按 UI 主路径探索。
+3. agent 用 `lbs test start` 固定运行窗口，再用 `lbs test report` 写报告。
+4. 如果路径稳定，agent 新增或更新 case。
+5. 如果出现可复用故障，agent 新增或更新 troubleshooting。
+6. agent 跑 `bin/lbs validate` 和 `bin/lbs index`。
+
+完成标准：
+
+- feature QA 的结果能进入资产库，而不是只留在一次对话里。
+
+### Phase 5：选择性浏览器自动化
+
+状态：已有第一版 `test run` 入口和两个 Playwright 脚本。
+
+目标：只自动化少量稳定、值得重复跑的黑盒路径。
+
+建议顺序：
+
+1. `webui-login-state`
+2. `pipeline-debug-chat`
+3. `local-agent-basic-debug-chat`
+4. `local-agent-rag-debug-chat`
+5. 一个基于 deterministic fixture 的 plugin 或 MCP smoke path
+
+执行策略：
+
+- 继续把 Computer Use 或 Playwright MCP 作为默认交互路径；
+- 只给稳定、确定性的路径补直接 Playwright script；
+- 保存 screenshots、console logs、trace/video；
+- flaky 或强依赖真实 credentials 的 provider case 暂时不要进 CI。
+
+当前已经绑定：
+
+- `webui-login-state` -> `scripts/e2e/webui-login-state.mjs`
+- `pipeline-debug-chat` -> `scripts/e2e/pipeline-debug-chat.mjs`
+
+第一版自动化先产出 `reports/evidence/<run-id>/` 下的 console、network、screenshot 和
+result JSON。真实执行后仍要用 `lbs test report --since ... --console-log ...` 做日志守卫和
+最终报告。开发期间可以先用 `bin/lbs test run <case-id> --dry-run` 检查命令和 evidence 路径。
+Debug Chat 类脚本应复用 `scripts/e2e/lib/debug-chat.mjs`，避免重复实现 visible response leaf
+判断和已知失败信号分类。
+
+完成标准：
+
+- 小规模 smoke subset 可以不靠人工决定每一步点击；更大的资产库仍然服务于人工/agent
+  驱动的探索式 E2E。
+
+## 下一批动工切片
+
+在做 browser runner 之前，继续做这些：
+
+1. 等 LangBot 当前开发状态稳定后，用一次真实 `pipeline-debug-chat` 跑通
+   `test start -> test run -> test report -> test result -> suite report`，产出 sample report。
+2. 只给 smoke/local-agent 首批 case 补必要元数据。
+3. 继续补日志守卫规则，尤其是 WebSocket、plugin runtime、provider streaming、前端
+   chunk/rendering failure。
+4. 约定 report 产物目录、截图和 console/network 导出的命名方式。
+5. 再评估是否开始给 `webui-login-state` 和 `pipeline-debug-chat` 做直接 Playwright
+   自动化。
+
+这样 infra 会立刻有用，同时保留后续自动化 browser execution 的空间。
@@ -0,0 +1,46 @@
+# LangBot QA Agent 文档导航
+
+这个目录记录 `langbot-skills` 当前的 QA 方向和后续建设顺序。
+
+## 当前判断
+
+当前重点是 LangBot 的黑盒 E2E QA，不是 LangBot core 的单测覆盖率建设。
+
+`langbot-skills` 要帮助开发者和 QA agent 做接近人工测试的 WebUI 验证：
+
+- 打开真实 LangBot WebUI；
+- 按用户路径点击和输入；
+- 检查用户可见的 UI 结果；
+- 查看 console、network、截图、后端和前端日志；
+- 输出可复用的测试报告；
+- 把稳定 feature 路径沉淀为 case；
+- 把重复故障沉淀为 troubleshooting。
+
+API 和 curl 只做诊断。它们可以解释失败原因，但不能让一个 UI case 通过。
+
+## 文档状态
+
+| 文档 | 状态 | 用途 |
+| --- | --- | --- |
+| `04-black-box-e2e-roadmap.md` | 当前主路线图 | 决定下一步建设什么。 |
+| `03-agent-browser-qa-principles.md` | 当前原则文档 | 定义 browser-first QA 的通过标准。 |
+| `02-log-guard-plan.md` | 当前活跃设计 | 设计 `lbs test report` 里的日志守卫。 |
+| `../user-guide.md` | 当前使用手册 | 开发者日常使用。 |
+| `00-technology-options.md` | 背景文档 | 选择 Computer Use、Playwright MCP 或未来直接 Playwright。 |
+| `01-qa-agent-harness-plan.md` | 历史规划，部分过时 | 解释最初分层和目录设计；使用前先看状态说明。 |
+
+## 已过时的点
+
+`01-qa-agent-harness-plan.md` 还保留早期规划状态。现在结构化 cases、
+结构化 troubleshooting、`validate`、`index`、`lbs test plan` 都已经落地。
+
+已经补上第一版 `lbs test start`、`lbs test run`、`lbs test report` 和日志守卫文件扫描。
+`webui-login-state`、`pipeline-debug-chat` 已经绑定直接 Playwright 自动化脚本。后续重点是：
+
+- 报告 evidence 字段继续打磨；
+- case success/failure signal 和日志守卫规则继续补充；
+- 报告产物和 evidence 约定；
+- 等 LangBot 当前开发状态稳定后跑真实 sample report。
+
+不要再把旧阶段列表当成当前 source of truth。后续排序以
+`04-black-box-e2e-roadmap.md` 为准。
@@ -0,0 +1,521 @@
+# LangBot Skills 用户使用手册
+
+## 这个仓库解决什么
+
+`langbot-skills` 是给 agent 使用的 LangBot 测试资产库。开发者 clone 后，可以让 Codex、Claude Code、Computer Use 或 Playwright MCP 复用已有环境配置、测试路径和故障知识，像 QA 一样操作 LangBot WebUI。
+
+核心目标：
+
+- 不让下一个 agent 窗口从头探索登录、模型配置、pipeline 调试。
+- 把稳定 UI 测试路径沉淀为 case。
+- 把常见故障沉淀为 troubleshooting。
+- 让 agent 优先通过浏览器点击验证产品行为。
+- API/curl/log 只作为诊断手段，不作为 UI case 通过标准。
+
+## 快速开始
+
+1. Clone 仓库。
+
+2. 检查本地默认变量：
+
+```bash
+bin/lbs env show
+```
+
+默认变量在：
+
+```text
+skills/.env
+```
+
+本机专用覆盖写到：
+
+```text
+skills/.env.local
+```
+
+它会覆盖 `skills/.env` 中的同名变量，并且不应该提交。
+`skills/.env` 是共享默认值，不应写入本机绝对路径、浏览器 profile、provider key 或其他凭据。
+新机器建议从模板开始：
+
+```bash
+cp skills/.env.example skills/.env.local
+```
+
+常用变量：
+
+```text
+LANGBOT_FRONTEND_URL
+LANGBOT_BACKEND_URL
+LANGBOT_DEV_FRONTEND_URL
+LANGBOT_REPO
+LANGBOT_WEB_REPO
+LANGBOT_BROWSER_PROFILE
+```
+
+3. 检查环境是否就绪：
+
+```bash
+bin/lbs env doctor
+bin/lbs fixture check
+```
+
+`env doctor` 会检查 URL、路径、代理变量等。代理变量是可选项；只有大小写代理变量互相冲突时才会报错。失败不一定代表仓库坏了，通常说明本地 LangBot 没启动、代理不一致或浏览器 profile 不存在。
+`fixture check` 会检查仓库内测试 fixture 是否存在，例如 MCP stdio server、RAG 文档、多模态图片、qa-plugin-smoke 包和 QA AgentRunner 包。它也会校验 `.lbpkg` 是 zip 包，并检查 QA AgentRunner fixture 的入口文件未漂移。
+
+4. 查看已有测试 case：
+
+```bash
+bin/lbs case list
+bin/lbs case list --json --priority p0 --automation
+bin/lbs case list --ready
+bin/lbs case list --machine-ready
+bin/lbs suite list
+bin/lbs suite plan core-smoke
+bin/lbs suite plan agent-runner-release-gate
+bin/lbs suite start core-smoke
+bin/lbs suite start core-smoke --run-id core-smoke-local --evidence-dir reports/evidence/core-smoke-local
+```
+
+`case list` 支持按 `--type`、`--area`、`--tag`、`--priority`、`--risk`、`--automation`
+、`--ci`、`--ready` 和 `--machine-ready` 过滤。`--ready` 只显示没有缺机器输入且没有人工前置条件的 case；
+`--machine-ready` 过滤掉缺机器输入的 case，但保留 `manual-check`，表示执行前还要确认前置条件。需要交给 agent 自动选择测试集时，优先使用 `--json`，
+其中包含 `priority`、`risk`、`ci_eligible`、`automation`、`evidence_required` 以及
+env/automation/fixture/manual readiness。
+Case metadata 中的 `env` 和 `automation_env` 表示全部必填；URL 或 name 这类二选一输入会放在
+`env_any` 或 `automation_env_any`，readiness 只要求组合里至少一个变量有值。
+
+如果要跑一组已沉淀的测试路径，优先使用 suite。Suite 位于 `skills/<skill>/suites/*.yaml`，
+只负责组织 case，不改变 UI/browser 作为通过标准的原则。
+`suite plan` 会聚合 readiness：缺环境变量、缺自动化变量、缺 fixture 或需要
+`manual_check` 时，会在执行前标出受影响的 case。`manual_check` 不是产品通过，
+它表示机器配置已满足但 agent 必须先确认 case 里的 `preconditions` 或 `setup`。
+Runner externalization 发布判断使用 `agent-runner-release-gate`。先跑
+`agent-runner-release-preflight`，把缺 pipeline、runner id 错误、插件未安装这类
+`blocked`，以及 provider key、Box、插件运行时这类 `env_issue` 分开，再执行较重的
+浏览器 Debug Chat case。
+
+5. 生成 agent 执行计划：
+
+```bash
+bin/lbs test plan pipeline-debug-chat
+```
+
+然后把计划交给当前 agent 执行。agent 应使用 Computer Use、Playwright MCP 或其他浏览器控制能力去操作 UI。
+`test plan` 中的 Environment、Automation Readiness、Fixture Readiness 和 Manual
+Readiness 是执行前门禁；如果 readiness 缺失，应先补配置或将本次 case 标记为
+`blocked`。如果状态是 `manual_check`，先确认 `preconditions` 和 `setup`，再开始 UI
+执行。不要把后续 curl/API 诊断当成 UI case 通过。
+
+## 推荐使用方式
+
+### 冒烟测试
+
+你可以直接对 agent 说：
+
+```text
+帮我跑一下 LangBot 新前端 smoke test。
+```
+
+agent 应该：
+
+- 读 `skills/.env`
+- 优先查看 `bin/lbs suite plan core-smoke`，或查找 `type: smoke` 的 cases
+- 生成 test plan
+- 用浏览器执行 UI 操作
+- 检查 console、截图、后端日志
+- 输出简短 QA 报告
+
+### Runner Externalization 发布门禁
+
+你可以直接对 agent 说：
+
+```text
+按 agent-runner release gate 跑完整矩阵，先做 preflight，再跑浏览器 case，并把 blocked/env_issue/fail 分开。
+```
+
+agent 应该先查看 `skills/langbot-testing/references/agent-runner-release-gate.md`，
+再执行：
+
+```bash
+bin/lbs test recommend
+bin/lbs suite plan agent-runner-release-gate
+bin/lbs test run agent-runner-release-preflight --dry-run
+bin/lbs suite start agent-runner-release-gate --run-id agent-runner-release-local --evidence-dir reports/evidence/agent-runner-release-local
+```
+
+`test recommend` 输出的 run 命令默认带 `--dry-run`；确认 readiness 和 `manual_check` 前置条件后，再去掉 `--dry-run` 执行。
+
+完成所有 case 后，用：
+
+```bash
+bin/lbs suite report agent-runner-release-gate --evidence-dir reports/evidence/agent-runner-release-local
+```
+
+没有最终 `result.json`、缺 required evidence、或把 `blocked`/`env_issue` 当成 pass，
+都不能算发布门禁通过。
+
+### 新 Feature 测试
+
+你可以说：
+
+```text
+我改了 provider 页面，帮我测一下 DeepSeek provider 添加、测试、绑定 pipeline 是否正常。
+```
+
+agent 应该：
+
+- 查找相关 case 和 reference
+- 如果没有稳定路径，先探索 UI
+- 用浏览器执行真实交互
+- 失败时用日志/API 辅助定位
+- 稳定后新增或更新 case/reference
+- 新故障沉淀为 troubleshooting
+
+### 定点排错
+
+你可以说：
+
+```text
+Debug Chat 点了没回复，帮我查是前端问题还是后端问题。
+```
+
+agent 应该：
+
+- 先通过 UI 复现
+- 看 console/network
+- 看后端日志
+- 必要时用 API/curl 做诊断
+- 匹配 troubleshooting
+- 给出修复建议或直接修复
+
+## 重要原则
+
+这些原则固定在：
+
+```text
+docs/qa-agent/03-agent-browser-qa-principles.md
+```
+
+简化版：
+
+- UI/browser 是测试主路径。
+- API/curl/log 只做诊断。
+- 后端接口成功不等于 UI case 通过。
+- case 通过必须以用户可见 UI 结果为准。
+- 有视觉能力时应检查截图。
+- 没有视觉能力时用 DOM/accessibility snapshot 和 console。
+- 不要打印 token、API key、OAuth secret 或 localStorage token 值。
+
+## 规划文档
+
+如果要判断下一步建设什么，先看：
+
+```text
+docs/qa-agent/README.md
+docs/qa-agent/04-black-box-e2e-roadmap.md
+```
+
+`01-qa-agent-harness-plan.md` 是早期规划，部分内容已经被当前实现和路线图替代。
+
+## 常用命令
+
+### 环境
+
+```bash
+bin/lbs env show
+bin/lbs env show --json
+bin/lbs env doctor
+bin/lbs fixture list
+bin/lbs fixture check
+bin/lbs fixture check --json
+```
+
+`env show` 和 `env doctor` 默认会对 token、API key、password、secret 以及 URL basic auth
+做脱敏。不要把 `.env.local` 里的原始凭据复制进测试报告。
+
+### Skill 和索引
+
+```bash
+bin/lbs list
+bin/lbs validate
+bin/lbs index --check
+bin/lbs index
+```
+
+### Case
+
+```bash
+bin/lbs case list
+bin/lbs case list --type smoke
+bin/lbs case list --json --priority p1 --tag local-agent
+bin/lbs case list --ready
+bin/lbs case list --machine-ready
+bin/lbs case show pipeline-debug-chat
+bin/lbs case new my-feature --title "My Feature Works"
+```
+
+### Suite
+
+```bash
+bin/lbs suite list
+bin/lbs suite list --json --priority p1
+bin/lbs suite show local-agent-gate
+bin/lbs suite plan core-smoke
+bin/lbs suite plan local-agent-gate --json
+bin/lbs suite start core-smoke
+bin/lbs suite start core-smoke --run-id core-smoke-local --evidence-dir reports/evidence/core-smoke-local
+bin/lbs suite run core-smoke --dry-run --json
+bin/lbs suite run core-smoke --run-id core-smoke-local --evidence-dir reports/evidence/core-smoke-local
+bin/lbs suite start core-smoke --json
+bin/lbs suite report core-smoke --evidence-dir reports/evidence/<suite-run-id>
+bin/lbs suite report core-smoke --evidence-dir reports/evidence/<suite-run-id> --json
+bin/lbs suite new my-feature-gate --title "My Feature Gate"
+```
+
+`suite start` 不直接控制浏览器。它生成统一 run id、suite evidence root、每个 case 的 evidence
+目录、`suite-start.json`/`suite-start.md` handoff 文件，以及每个 case 的 `test run`、`test report`
+和 `test result` 命令模板。需要固定路径时，使用 `--run-id` 和 `--evidence-dir`。
+`suite run --dry-run --json` 只预览 planned/skipped case，不创建 evidence，也不执行 automation。
+`suite run` 会顺序执行 suite 中已有 automation、机器 readiness 已满足且不需要 `manual_check` 的 case，并在最后聚合 `suite report`。
+缺 env、automation env 或 fixture 的 case 默认会跳过；确实要强制执行时，加 `--include-not-ready`。
+确认前置条件后，才用 `--include-manual-check` 执行这类 case。
+所有 case 执行完并写入最终 `result.json` 后，
+`suite report` 会读取各 case evidence 目录并汇总为 `pass`、`fail`、`blocked`、`env_issue`、
+`flaky`、`incomplete` 等状态。`pass` 必须声明已经收集 case 的全部 required evidence；
+否则 suite 会保持 `incomplete`，避免把缺证据的运行误判成通过。
+
+### Test Plan
+
+```bash
+bin/lbs test plan pipeline-debug-chat
+bin/lbs test plan pipeline-debug-chat --json
+```
+
+### Test Start
+
+```bash
+bin/lbs test start pipeline-debug-chat
+bin/lbs test start pipeline-debug-chat --json
+```
+
+`test start` 用于 agent 开始一次浏览器测试前记录 run id、开始时间和推荐 report 命令。
+它会把 `--since "<started_at_local>"` 写进后续报告命令，减少历史日志污染本次判断。
+如果 case 绑定了自动化脚本，输出里也会包含 `test run` 命令和 evidence 目录。
+
+### Test Automation
+
+```bash
+bin/lbs test run webui-login-state --dry-run
+bin/lbs test run pipeline-debug-chat --dry-run
+bin/lbs test run webui-login-state --run-id login-smoke --output reports/evidence/login-smoke
+bin/lbs test run pipeline-debug-chat --run-id pipeline-smoke --output reports/evidence/pipeline-smoke
+```
+
+查看当前所有带自动化脚本的 case：
+
+```bash
+bin/lbs case list --automation
+bin/lbs case list --json --automation
+```
+
+当前自动化覆盖包括登录态、通用 Pipeline Debug Chat、local-agent runner 的基础回复、
+PromptPreProcessing、RAG、plugin tool、MCP stdio tool、非流式、多模态和 RAG+多模态路径。
+不要在文档里手工维护静态 case 清单；以 `case list --automation` 和 suite 定义为准。
+
+自动化脚本位于 `scripts/e2e/`。它们会保存：
+
+- `console.log`
+- `network.log`
+- `screenshot.png`
+- `automation-result.json`
+
+新增 Debug Chat 类自动化时，优先复用 `scripts/e2e/lib/debug-chat.mjs` 中的 pipeline 打开、
+prompt 发送、visible response leaf 判断和失败信号分类，不要在新脚本里复制 DOM 扫描逻辑。
+
+脚本需要本地安装 Playwright 后才能真正执行：
+
+```bash
+npm install
+npx playwright install chromium
+```
+
+`pipeline-debug-chat` 通用自动化建议配置 `LANGBOT_PIPELINE_URL`。如果没有 direct URL，
+脚本会尝试通过 `LANGBOT_PIPELINE_NAME` 从 Pipelines 页面进入目标 pipeline。两者都没有时，
+该自动化会返回 `blocked`，不会伪造通过。
+
+Runner 专用 case 不应复用通用 pipeline 变量。Local Agent、Codex AgentRunner 和
+Claude Code AgentRunner 这类 case 会通过 `automation_pipeline_url_env` /
+`automation_pipeline_name_env` 映射到 case-specific env，例如
+`LANGBOT_LOCAL_AGENT_PIPELINE_URL`。这些 case 如果缺少专用变量，会返回 `blocked`，
+不会退回到 `LANGBOT_PIPELINE_URL`，避免跑错 pipeline 后产生假阳性。
+如果 case 声明了 `setup_automation`，只有 `bin/lbs test run <case-id>` 的真实执行路径会先运行这些 setup；
+`test plan`、`suite plan`、`case list` 和 `--dry-run` 只展示它们，不会修改本地环境。
+setup 可以是 `case:<case-id>` 或仓库内 `node:scripts/... --flag`，每一步证据会写到主 evidence 目录下的
+`setup/` 子目录。setup 失败时主 automation 不会继续执行；setup 写入 `.env.local` 后，主 automation
+会重新读取环境。用 `setup_provides_env` 声明 setup 会生成的变量，可以让 readiness 正确显示机器可准备状态。
+如果 Debug Chat case 需要固定流式/非流式路径，可以在 case 中设置
+`automation_stream_output: "1"` 或 `"0"`，脚本会在发送消息前切换 Debug Chat 的 Stream 控件。
+如果 case 需要上传图片，可以设置 `automation_image_base64_fixture` 指向仓库内的 base64 PNG fixture，
+脚本会在 evidence 目录写出临时 PNG 并通过 Debug Chat 上传控件发送。
+`bin/lbs test plan <case-id> --json` 和 `bin/lbs suite plan <suite-id> --json`
+都会显示这些专用变量是否已配置。
+
+### Test Report 和日志守卫
+
+```bash
+bin/lbs test report pipeline-debug-chat
+bin/lbs test report pipeline-debug-chat --output reports/pipeline-debug-chat.md
+bin/lbs test report pipeline-debug-chat \
+  --backend-log /path/to/backend.log \
+  --frontend-log /path/to/frontend.log \
+  --console-log /path/to/console.log
+bin/lbs test report pipeline-debug-chat --evidence-dir reports/evidence/pipeline-smoke
+bin/lbs test report pipeline-debug-chat --backend-log /path/to/backend.log --json
+bin/lbs test report pipeline-debug-chat --since "2026-05-21T10:30:00+08:00"
+bin/lbs test report pipeline-debug-chat --tail-lines 2000
+bin/lbs test report pipeline-debug-chat --since "2026-05-21T10:30:00+08:00" --tail-lines 2000
+```
+
+`test report` 会生成报告模板，并默认从 `LANGBOT_REPO/data/logs/` 自动选择最新的
+`langbot-*.log` 作为 LangBot 后端日志扫描。也可以用 `--backend-log` 覆盖，或用
+`--no-auto-log` 只生成模板。
+
+如果提供 `--evidence-dir`，或 `--console-log` 指向 `reports/evidence/<run-id>/console.log`，
+报告会优先读取同目录的 `automation-result.json`，并展示自动化脚本的 `status`、`reason`、
+起止时间和目标 URL。
+
+日志守卫会扫描常见错误、secret 泄露风险、case 声明的 success/failure patterns，以及已知
+troubleshooting pattern。它不控制浏览器，也不替代 UI 通过判断。`success_patterns`
+命中会作为通过证据写入 `success_signals`；声明了 success pattern 但本次扫描窗口没有命中，
+会给 warning；`failure_patterns` 命中会让本次日志守卫 fail。
+
+建议在执行浏览器 case 前记录当前时间，然后在报告阶段使用 `--since`。如果只想快速看
+最近日志，可以使用 `--tail-lines`。
+
+### Runtime Log Guard
+
+如果还没有进入某个具体 UI case，只是想观察 LangBot 后端日志，可以直接使用 `log`
+命令。它和 `test report` 使用同一套扫描器、secret 脱敏、troubleshooting pattern 和
+case success/failure pattern。
+
+```bash
+bin/lbs log scan --tail-lines 300
+bin/lbs log scan --case pipeline-debug-chat --since "2026-05-21T10:30:00+08:00"
+bin/lbs log scan --backend-log /path/to/langbot.log --json
+bin/lbs log scan --failure-pattern "runner.tool_loop_error|Action invoke_llm_stream call timed out" --strict
+```
+
+`log scan` 默认从 `LANGBOT_REPO/data/logs/` 自动选择最新的 `langbot-*.log`。传入
+`--case <case-id>` 后，会额外应用该 case 声明的 `success_patterns`、`failure_patterns`
+和 related troubleshooting。默认用于观察，返回码保持 0；加 `--strict` 后，`fail` 或
+`env_issue` 会返回非 0，适合脚本门禁。
+
+运行期观察可以用 `watch`：
+
+```bash
+bin/lbs log watch --case pipeline-debug-chat
+bin/lbs log watch --backend-log /path/to/langbot.log --interval-ms 500
+bin/lbs log watch --duration-ms 30000 --strict --json
+```
+
+`log watch` 默认从启动时的文件末尾开始，只观察新追加的日志；加 `--from-start` 可从文件开头扫。
+它会实时打印新命中的 findings 和 success signals。为了避免当前历史日志噪声影响观察，默认不因
+异常返回非 0；加 `--strict` 后，退出时如果看到 `fail` 或 `env_issue` 会返回非 0。
+
+给一次 QA 运行包日志窗口时，用 `guard start/stop`：
+
+```bash
+bin/lbs log guard start --run-id local-debug --case pipeline-debug-chat
+# 执行浏览器或手工测试
+bin/lbs log guard stop --run-id local-debug
+```
+
+`start` 会在 `reports/log-guards/<run-id>.json` 记录起始时间、case 和当前后端日志路径；
+`stop` 会用 start/stop 时间作为扫描窗口，生成 `reports/log-guards/<run-id>.md`，并默认按
+strict guard 返回码处理。临时只想收集报告、不想让命令失败，可以加 `--no-strict`。
+
+当前 LangBot core 日志还不是完全结构化日志，runtime guard 主要依赖时间窗口和文本 pattern。
+已支持 ISO 时间戳和 LangBot 当前的 `[MM-DD HH:mm:ss.SSS]` 前缀；没有时间戳的连续行会跟随上一条
+带时间戳的日志块。如果后续 core 能提供稳定 request id、conversation id、plugin action id 或
+JSON log field，guard 可以从“时间窗口 + 文本匹配”升级为更精确的关联分析。
+
+### Test Result
+
+```bash
+bin/lbs test result pipeline-debug-chat \
+  --result pass \
+  --reason "Debug Chat returned OK and the report log guard was clean." \
+  --evidence-dir reports/evidence/pipeline-smoke \
+  --started-at "2026-05-21T10:30:00+08:00" \
+  --evidence ui,screenshot,console,backend_log
+```
+
+`test result` 用于把一次人工/agent browser 运行的最终判断写成标准 `result.json`，
+供 `suite report` 聚合。它不会替代 UI 测试：如果写 `--result pass`，`--evidence`
+必须覆盖该 case 的 `evidence_required`，否则命令会失败。自动化脚本写
+`automation-result.json`；如果 case 还要求 backend log、API diagnostic 或 filesystem
+evidence，agent 需要在报告和诊断完成后再用 `test result` 写最终 `result.json`。
+
+### Troubleshooting
+
+```bash
+bin/lbs trouble list langbot-testing
+bin/lbs trouble show plugin-runtime-timeout
+bin/lbs trouble search runtime
+bin/lbs trouble add langbot-testing --title "..." --symptom "..." --cause "..." --fix "..."
+```
+
+## 目录说明
+
+```text
+skills/
+  .env                         # 共享默认变量
+  langbot-env-setup/           # 环境、浏览器、登录态、代理
+  langbot-testing/             # WebUI / provider / pipeline 测试
+schemas/                       # 结构化资产 schema
+src/                           # lbs TypeScript 源码
+bin/                           # lbs 入口
+docs/                          # 设计文档和用户手册
+AGENTS.md                      # agent 维护协议
+```
+
+## 添加一个新测试路径
+
+1. 先让 agent 通过浏览器探索并执行路径。
+2. 稳定后创建 case：
+
+```bash
+bin/lbs case new provider-xxx --title "Provider XXX can be configured" --area provider --type provider
+```
+
+3. 编辑生成的 `cases/*.yaml`，补充真实步骤、检查点和 troubleshooting。
+
+4. 校验：
+
+```bash
+bin/lbs validate
+bin/lbs index --check
+bin/lbs index
+```
+
+## 添加一个新故障
+
+```bash
+bin/lbs trouble add langbot-testing \
+  --title "Plugin runtime actions time out" \
+  --symptom "Debug Chat shows Agent runner temporarily unavailable" \
+  --cause "Old plugin runtime survived backend restart" \
+  --fix "Stop old runtime processes and restart LangBot"
+```
+
+然后编辑生成的 YAML，补充 `patterns`、`related_cases` 和验证方式。
+
+## 当前边界
+
+- `lbs test plan` 只生成测试计划，不直接控制浏览器。
+- `lbs test report` 生成报告，默认扫描最新 LangBot 后端日志；也可扫描显式提供的
+  backend/frontend/console 日志文件。
+- 真正的 UI 操作由当前 agent 的浏览器能力执行。
+- `env doctor` 是 readiness check，不是产品测试。
+- `curl/API` 是诊断工具，不是主要测试路径。
@@ -0,0 +1,59 @@
+# Schemas
+
+这个目录存放 LangBot skills 结构化资产的 JSON Schema。
+
+它们不是测试脚本，也不会执行浏览器动作。它们的作用是定义 agent 和维护者后续新增资产时应该遵守的文件结构。
+
+## 文件说明
+
+- `skills/<skill>/fixtures/fixtures.json`
+  不是 JSON Schema，但由 `bin/lbs validate` 校验。
+  它登记 deterministic fixture 文件、类型和关联 case，供 `bin/lbs fixture check` 做 readiness 检查。
+
+- `case.schema.json`
+  约束 `skills/<skill>/cases/*.yaml` 的格式。
+  Case 描述 agent-browser 或 probe QA 路径，包括前置条件、步骤、检查点、诊断手段和关联故障。
+
+- `suite.schema.json`
+  约束 `skills/<skill>/suites/*.yaml` 的格式。
+  Suite 只组织 case 集合，用于 smoke、regression 或 release gate 等测试入口。
+
+- `troubleshooting.schema.json`
+  约束 `skills/<skill>/troubleshooting/*.yaml` 的格式。
+  Troubleshooting 条目描述症状、日志/错误模式、可能原因、修复步骤和验证信号。
+
+- `skill-index.schema.json`
+  约束生成文件 `skills.index.json` 的格式。
+  这个索引用于让 agent 快速发现已有 skills、references、cases、suites 和 troubleshooting。
+
+- `reports/evidence/<run-id>/result.json`
+  不是 catalog schema，而是执行期最终裁定产物，由 `bin/lbs test result` 写入。
+  `suite report` 读取其中的 `status`、`reason`、起止时间和 `evidence_collected`，
+  并用 `evidence_missing` 防止缺证据的 `pass` 被当作完整通过。
+
+- `reports/evidence/<run-id>/automation-result.json`
+  不是 catalog schema，而是浏览器自动化脚本的原始运行结论，供 `bin/lbs test report`
+  展示和推断日志扫描窗口。
+
+## 为什么需要 schemas
+
+Schemas 是基础设施护栏：
+
+- 防止 case、suite 和 troubleshooting 随着增长变得格式混乱
+- 让 `bin/lbs validate` 能发现缺字段和错误结构
+- 为未来编辑器提示和 CI 校验留接口
+- 帮助 agent 新增资产时知道应该写哪些字段
+
+## 当前校验方式
+
+`bin/lbs validate` 做轻量、schema 对齐的校验，不引入额外依赖。它会检查必填字段、
+枚举值、boolean 字段、重复列表项、automation 脚本存在性，以及 case、suite、skill、
+troubleshooting 之间的交叉引用。这里的 schema 仍是格式契约；如果未来引入正式 JSON
+Schema validator，应继续保持这些本地交叉引用检查。
+
+Case 里的 `env` / `automation_env` 表示所有列出的变量都需要配置。遇到二选一输入时，
+使用 `env_any` / `automation_env_any`，每一项写成 `LANGBOT_PIPELINE_URL|LANGBOT_PIPELINE_NAME`
+这类 one-of 组合，避免 agent 因为只配置了 URL 或 name 其中之一而误判未就绪。
+`setup` 和 `preconditions` 是人工确认项，会让 readiness 进入 `manual_check`；
+`setup_automation` 是 `test run` 可以自动执行的准备步骤，配合 `setup_provides_env`
+声明它会生成的机器变量。
@@ -0,0 +1,219 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://langbot.app/schemas/langbot-skills/case.schema.json",
+  "title": "LangBot Skill Test Case",
+  "type": "object",
+  "required": [
+    "id",
+    "title",
+    "mode",
+    "area",
+    "type",
+    "priority",
+    "risk",
+    "ci_eligible",
+    "tags",
+    "skills",
+    "steps",
+    "checks",
+    "evidence_required"
+  ],
+  "allOf": [
+    {
+      "if": {
+        "properties": {
+          "mode": { "const": "agent-browser" }
+        }
+      },
+      "then": {
+        "required": ["env"]
+      }
+    }
+  ],
+  "additionalProperties": true,
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^[a-z0-9][a-z0-9_-]*$"
+    },
+    "title": {
+      "type": "string"
+    },
+    "mode": {
+      "type": "string",
+      "enum": ["agent-browser", "probe"]
+    },
+    "area": {
+      "type": "string"
+    },
+    "type": {
+      "type": "string",
+      "enum": ["smoke", "regression", "feature", "provider", "exploratory"]
+    },
+    "priority": {
+      "type": "string",
+      "enum": ["p0", "p1", "p2"]
+    },
+    "risk": {
+      "type": "string",
+      "enum": ["low", "medium", "high"]
+    },
+    "ci_eligible": {
+      "type": "boolean"
+    },
+    "tags": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "skills": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "env": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "env_any": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "pattern": "^[A-Z][A-Z0-9_]*(\\|[A-Z][A-Z0-9_]*)+$"
+      }
+    },
+    "steps": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "checks": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "evidence_required": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "enum": [
+          "ui",
+          "screenshot",
+          "console",
+          "network",
+          "backend_log",
+          "frontend_log",
+          "api_diagnostic",
+          "filesystem"
+        ]
+      },
+      "minItems": 1
+    },
+    "preconditions": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "setup": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "setup_automation": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "pattern": "^(?:case:[a-z0-9][a-z0-9_-]*|node:scripts/[A-Za-z0-9_./-]+\\.(?:mjs|js|ts)(?:\\s+--[A-Za-z0-9][A-Za-z0-9_-]*(?:=[A-Za-z0-9_./:@-]+)?)*)$"
+      }
+    },
+    "setup_provides_env": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "pattern": "^[A-Z][A-Z0-9_]*$"
+      }
+    },
+    "cleanup": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "diagnostics": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "automation": {
+      "type": "string"
+    },
+    "automation_env": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "automation_env_any": {
+      "type": "array",
+      "items": {
+        "type": "string",
+        "pattern": "^[A-Z][A-Z0-9_]*(\\|[A-Z][A-Z0-9_]*)+$"
+      }
+    },
+    "automation_prompt": {
+      "type": "string"
+    },
+    "automation_prompts_json": {
+      "type": "string"
+    },
+    "automation_expected_text": {
+      "type": "string"
+    },
+    "automation_response_timeout_ms": {
+      "type": "string"
+    },
+    "automation_stream_output": {
+      "type": "string",
+      "enum": ["0", "1", "false", "true"]
+    },
+    "automation_image_base64_fixture": {
+      "type": "string"
+    },
+    "automation_runner_config_patch_json": {
+      "type": "string"
+    },
+    "automation_restore_runner_config": {
+      "type": "string",
+      "enum": ["0", "1", "false", "true"]
+    },
+    "automation_expected_runner_id": {
+      "type": "string"
+    },
+    "automation_reset_debug_chat": {
+      "type": "string",
+      "enum": ["0", "1", "false", "true"]
+    },
+    "automation_debug_chat_session_type": {
+      "type": "string",
+      "enum": ["person", "group"]
+    },
+    "automation_filesystem_checks_json": {
+      "type": "string"
+    },
+    "automation_pipeline_url_env": {
+      "type": "string",
+      "pattern": "^[A-Z][A-Z0-9_]*$"
+    },
+    "automation_pipeline_name_env": {
+      "type": "string",
+      "pattern": "^[A-Z][A-Z0-9_]*$"
+    },
+    "success_patterns": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "failure_patterns": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "expected_failures": {
+      "type": "array",
+      "items": { "type": "string" }
+    },
+    "troubleshooting": {
+      "type": "array",
+      "items": { "type": "string" }
+    }
+  }
+}
@@ -0,0 +1,147 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://langbot.app/schemas/langbot-skills/skill-index.schema.json",
+  "title": "LangBot Skills Index",
+  "type": "object",
+  "required": ["generated_by", "skills"],
+  "additionalProperties": false,
+  "properties": {
+    "generated_by": {
+      "type": "string"
+    },
+    "skills": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "directory",
+          "name",
+          "description",
+          "references",
+          "cases",
+          "case_summaries",
+          "suites",
+          "suite_summaries",
+          "fixtures",
+          "troubleshooting",
+          "troubleshooting_summaries"
+        ],
+        "additionalProperties": false,
+        "properties": {
+          "directory": { "type": "string" },
+          "name": { "type": "string" },
+          "description": { "type": "string" },
+          "references": {
+            "type": "array",
+            "items": { "type": "string" }
+          },
+          "cases": {
+            "type": "array",
+            "items": { "type": "string" }
+          },
+          "case_summaries": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": ["id", "title", "mode", "area", "type", "priority", "risk", "ci_eligible", "tags", "automation", "setup_automation", "setup_provides_env", "evidence_required"],
+              "additionalProperties": false,
+              "properties": {
+                "id": { "type": "string" },
+                "title": { "type": "string" },
+                "mode": { "type": "string", "enum": ["agent-browser", "probe"] },
+                "area": { "type": "string" },
+                "type": { "type": "string" },
+                "priority": { "type": "string" },
+                "risk": { "type": "string" },
+                "ci_eligible": { "type": "boolean" },
+                "tags": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                },
+                "automation": { "type": "string" },
+                "setup_automation": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                },
+                "setup_provides_env": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                },
+                "evidence_required": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                }
+              }
+            }
+          },
+          "suites": {
+            "type": "array",
+            "items": { "type": "string" }
+          },
+          "suite_summaries": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": ["id", "title", "description", "type", "priority", "tags", "cases"],
+              "additionalProperties": false,
+              "properties": {
+                "id": { "type": "string" },
+                "title": { "type": "string" },
+                "description": { "type": "string" },
+                "type": { "type": "string" },
+                "priority": { "type": "string" },
+                "tags": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                },
+                "cases": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                }
+              }
+            }
+          },
+          "fixtures": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": ["id", "title", "kind", "path", "related_cases"],
+              "additionalProperties": false,
+              "properties": {
+                "id": { "type": "string" },
+                "title": { "type": "string" },
+                "kind": { "type": "string" },
+                "path": { "type": "string" },
+                "related_cases": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                }
+              }
+            }
+          },
+          "troubleshooting": {
+            "type": "array",
+            "items": { "type": "string" }
+          },
+          "troubleshooting_summaries": {
+            "type": "array",
+            "items": {
+              "type": "object",
+              "required": ["id", "title", "category", "related_cases"],
+              "additionalProperties": false,
+              "properties": {
+                "id": { "type": "string" },
+                "title": { "type": "string" },
+                "category": { "type": "string" },
+                "related_cases": {
+                  "type": "array",
+                  "items": { "type": "string" }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
@@ -0,0 +1,38 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://langbot.app/schemas/langbot-skills/suite.schema.json",
+  "title": "LangBot Skill Test Suite",
+  "type": "object",
+  "required": ["id", "title", "description", "type", "priority", "tags", "cases"],
+  "additionalProperties": true,
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^[a-z0-9][a-z0-9_-]*$"
+    },
+    "title": {
+      "type": "string"
+    },
+    "description": {
+      "type": "string"
+    },
+    "type": {
+      "type": "string",
+      "enum": ["smoke", "regression", "release_gate", "exploratory"]
+    },
+    "priority": {
+      "type": "string",
+      "enum": ["p0", "p1", "p2"]
+    },
+    "tags": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "cases": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    }
+  }
+}
@@ -0,0 +1,51 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://langbot.app/schemas/langbot-skills/troubleshooting.schema.json",
+  "title": "LangBot Skill Troubleshooting Entry",
+  "type": "object",
+  "required": ["id", "title", "symptoms", "patterns", "likely_causes", "fix_steps", "verification"],
+  "additionalProperties": true,
+  "properties": {
+    "id": {
+      "type": "string",
+      "pattern": "^[a-z0-9][a-z0-9_-]*$"
+    },
+    "title": {
+      "type": "string"
+    },
+    "date": {
+      "type": "string"
+    },
+    "category": {
+      "type": "string",
+      "enum": ["product", "env_issue", "external_dependency", "blocked", "flaky"]
+    },
+    "symptoms": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "patterns": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "likely_causes": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "fix_steps": {
+      "type": "array",
+      "items": { "type": "string" },
+      "minItems": 1
+    },
+    "verification": {
+      "type": "string"
+    },
+    "related_cases": {
+      "type": "array",
+      "items": { "type": "string" }
+    }
+  }
+}
@@ -0,0 +1,31 @@
+#!/usr/bin/env node
+
+import { chmod, mkdir, readFile, writeFile } from "node:fs/promises";
+import { dirname, resolve } from "node:path";
+import { fileURLToPath } from "node:url";
+
+const root = resolve(dirname(fileURLToPath(import.meta.url)), "..");
+const binDir = resolve(root, "bin");
+const lbsPath = resolve(binDir, "lbs");
+const wrapper = [
+  "#!/usr/bin/env bash",
+  "set -euo pipefail",
+  "",
+  'SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"',
+  'exec node "$SCRIPT_DIR/../src/lbs.ts" "$@"',
+  "",
+].join("\n");
+
+await mkdir(binDir, { recursive: true });
+
+let current = "";
+try {
+  current = await readFile(lbsPath, "utf8");
+} catch {
+  // Missing wrapper is the normal first-run path.
+}
+
+if (current !== wrapper) {
+  await writeFile(lbsPath, wrapper, "utf8");
+  await chmod(lbsPath, 0o755);
+}
@@ -0,0 +1,476 @@
+#!/usr/bin/env node
+
+import { existsSync, readFileSync } from "node:fs";
+import { writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  localIsoWithOffset,
+  safeScreenshot,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+function loadEnvDefaults(path) {
+  if (!existsSync(path)) return;
+  for (const rawLine of readFileSync(path, "utf8").split(/\r?\n/)) {
+    const line = rawLine.trim();
+    if (!line || line.startsWith("#")) continue;
+    const sep = line.indexOf("=");
+    if (sep === -1) continue;
+    const key = line.slice(0, sep).trim();
+    if (env[key]) continue;
+    env[key] = line.slice(sep + 1).trim().replace(/^["']|["']$/g, "");
+  }
+}
+
+function boolFromEnv(value, defaultValue) {
+  if (value === undefined || value === "") return defaultValue;
+  if (/^(0|false|no|off)$/i.test(value)) return false;
+  if (/^(1|true|yes|on)$/i.test(value)) return true;
+  return defaultValue;
+}
+
+function firstEnv(...keys) {
+  for (const key of keys) {
+    if (env[key]) return env[key];
+  }
+  return "";
+}
+
+function redactMessage(text) {
+  return String(text ?? "")
+    .replace(/\bbearer\s+[A-Za-z0-9._~+/=-]{8,}/gi, "Bearer [redacted]")
+    .replace(/\bsk-[A-Za-z0-9_-]{6,}\b/g, "[redacted]")
+    .replace(/(api[_-]?key|authorization|credential|jwt|oauth|password|secret|token)\s*[:=]\s*["']?[^"',\s]+/gi, "$1=[redacted]");
+}
+
+function isEnvironmentError(message) {
+  return /Playwright is not installed|LANGBOT_FRONTEND_URL|LANGBOT_BACKEND_URL|ERR_CONNECTION_REFUSED|ECONNREFUSED|net::ERR_|fetch failed|timed out/i
+    .test(message);
+}
+
+loadEnvDefaults("skills/.env");
+loadEnvDefaults("skills/.env.local");
+
+const caseId = env.LBS_CASE_ID || "agent-runner-release-preflight";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const frontendUrl = env.LANGBOT_FRONTEND_URL || backendUrl;
+const testModels = boolFromEnv(env.LANGBOT_PREFLIGHT_TEST_MODELS, true);
+const requireVision = boolFromEnv(env.LANGBOT_PREFLIGHT_REQUIRE_VISION, true);
+const diagnosticPath = resolve(paths.evidenceDir, "api-diagnostic.json");
+const startedAt = new Date();
+
+const targets = [
+  {
+    id: "local-agent",
+    expected_runner_id: "plugin:langbot/local-agent/default",
+    pipeline_url: firstEnv("LANGBOT_LOCAL_AGENT_PIPELINE_URL"),
+    pipeline_name: firstEnv("LANGBOT_LOCAL_AGENT_PIPELINE_NAME"),
+    require_func_call_model: true,
+    require_vision_model: requireVision,
+    require_langbot_mcp: false,
+  },
+  {
+    id: "acp-agent-runner",
+    expected_runner_id: "plugin:langbot/acp-agent-runner/default",
+    pipeline_url: firstEnv("LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL", "LANGBOT_AGENT_RUNNER_PIPELINE_URL"),
+    pipeline_name: firstEnv("LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME", "LANGBOT_AGENT_RUNNER_PIPELINE_NAME"),
+    require_func_call_model: false,
+    require_vision_model: false,
+  },
+];
+
+let browser;
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  frontend_url: frontendUrl,
+  backend_url: backendUrl,
+  test_models: testModels,
+  require_vision_model: requireVision,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    api_diagnostic_json: diagnosticPath,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "screenshot", "console", "network", "api_diagnostic"],
+};
+
+async function run() {
+  if (!backendUrl || !frontendUrl) {
+    result.status = "env_issue";
+    result.reason = "LANGBOT_FRONTEND_URL and LANGBOT_BACKEND_URL must be configured.";
+    return;
+  }
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await page.goto(frontendUrl, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+
+  const diagnostic = await page.evaluate(async ({ backendUrl, targets, testModels }) => {
+    const blockers = [];
+    const envIssues = [];
+    const warnings = [];
+    const checks = [];
+
+    const addCheck = (name, status, detail = {}) => {
+      checks.push({ name, status, ...detail });
+      if (status === "blocked") blockers.push({ name, ...detail });
+      if (status === "env_issue") envIssues.push({ name, ...detail });
+    };
+    const safeMessage = (value) => String(value ?? "")
+      .replace(/\bbearer\s+[A-Za-z0-9._~+/=-]{8,}/gi, "Bearer [redacted]")
+      .replace(/\bsk-[A-Za-z0-9_-]{6,}\b/g, "[redacted]")
+      .replace(/(api[_-]?key|authorization|credential|jwt|oauth|password|secret|token)\s*[:=]\s*["']?[^"',\s]+/gi, "$1=[redacted]");
+
+    const token = localStorage.getItem("token");
+    if (!token) {
+      addCheck("browser-auth", "blocked", { reason: "Browser profile has no localStorage token." });
+      return { authenticated: false, blockers, env_issues: envIssues, warnings, checks };
+    }
+
+    const headers = {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    };
+    const getJson = async (path) => {
+      const response = await fetch(`${backendUrl}${path}`, { headers });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+    const postJson = async (path, body) => {
+      const response = await fetch(`${backendUrl}${path}`, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(body),
+      });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+
+    const tokenCheck = await getJson("/api/v1/user/check-token");
+    addCheck(
+      "browser-auth",
+      tokenCheck.status < 400 && (tokenCheck.json.code ?? 0) === 0 ? "pass" : "blocked",
+      { http_status: tokenCheck.status, code: tokenCheck.json.code ?? null, reason: safeMessage(tokenCheck.json.msg || "") },
+    );
+
+    const systemInfo = await getJson("/api/v1/system/info");
+    addCheck(
+      "backend-system-info",
+      systemInfo.status < 400 ? "pass" : "env_issue",
+      {
+        http_status: systemInfo.status,
+        version: systemInfo.json.data?.version || systemInfo.json.data?.system?.version || "",
+      },
+    );
+
+    const pluginSystem = await getJson("/api/v1/system/status/plugin-system");
+    addCheck(
+      "plugin-system",
+      pluginSystem.status < 400 && (pluginSystem.json.code ?? 0) === 0 ? "pass" : "env_issue",
+      {
+        http_status: pluginSystem.status,
+        code: pluginSystem.json.code ?? null,
+        status: pluginSystem.json.data?.status || pluginSystem.json.data?.state || "",
+        reason: safeMessage(pluginSystem.json.msg || ""),
+      },
+    );
+
+    const boxStatus = await getJson("/api/v1/box/status");
+    addCheck(
+      "box-runtime",
+      boxStatus.status < 400 && (boxStatus.json.code ?? 0) === 0 ? "pass" : "env_issue",
+      {
+        http_status: boxStatus.status,
+        code: boxStatus.json.code ?? null,
+        status: boxStatus.json.data?.status || "",
+        backend: boxStatus.json.data?.backend || "",
+        reason: safeMessage(boxStatus.json.msg || ""),
+      },
+    );
+
+    const plugins = await getJson("/api/v1/plugins");
+    const installedPluginIds = (plugins.json.data?.plugins || [])
+      .map((plugin) => {
+        const metadata = plugin.manifest?.manifest?.metadata || plugin.manifest?.metadata || plugin.metadata || {};
+        return metadata.author && metadata.name ? `${metadata.author}/${metadata.name}` : "";
+      })
+      .filter(Boolean);
+    const requiredPlugins = ["langbot/local-agent", "langbot/acp-agent-runner", "qa/plugin-smoke"];
+    const pluginPresence = Object.fromEntries(requiredPlugins.map((id) => [id, installedPluginIds.includes(id)]));
+    for (const [id, present] of Object.entries(pluginPresence)) {
+      addCheck(`plugin:${id}`, present ? "pass" : "blocked", { plugin_id: id, reason: present ? "" : "Required plugin is not listed by /api/v1/plugins." });
+    }
+
+    const tools = await getJson("/api/v1/tools");
+    const toolNames = (tools.json.data?.tools || [])
+      .map((tool) => tool.name || tool.tool_name || tool.function?.name || "")
+      .filter(Boolean)
+      .sort();
+    addCheck(
+      "tool:qa_plugin_echo",
+      toolNames.includes("qa_plugin_echo") ? "pass" : "blocked",
+      { reason: toolNames.includes("qa_plugin_echo") ? "" : "qa-plugin-smoke tool qa_plugin_echo is not exposed through /api/v1/tools." },
+    );
+    if (!toolNames.includes("qa_mcp_echo")) {
+      warnings.push({
+        name: "tool:qa_mcp_echo",
+        reason: "qa_mcp_echo is not currently exposed. This is acceptable before mcp-stdio-register, but mcp-stdio-tool-call must run after registration.",
+      });
+    }
+
+    const modelResponse = await getJson("/api/v1/provider/models/llm");
+    const models = (modelResponse.json.data?.models || []).map((model) => ({
+      uuid: model.uuid,
+      name: model.name,
+      abilities: Array.isArray(model.abilities) ? model.abilities : [],
+      provider_uuid: model.provider_uuid || model.provider?.uuid || "",
+      provider_name: model.provider_name || model.provider?.name || "",
+      requester: model.requester || model.provider?.requester || "",
+    }));
+    addCheck(
+      "llm-model-list",
+      modelResponse.status < 400 && (modelResponse.json.code ?? 0) === 0 ? "pass" : "env_issue",
+      { http_status: modelResponse.status, model_count: models.length, reason: safeMessage(modelResponse.json.msg || "") },
+    );
+    const modelById = new Map(models.map((model) => [model.uuid, model]));
+
+    const pipelineList = await getJson("/api/v1/pipelines");
+    const pipelines = pipelineList.json.data?.pipelines || [];
+    addCheck(
+      "pipeline-list",
+      pipelineList.status < 400 && (pipelineList.json.code ?? 0) === 0 ? "pass" : "blocked",
+      { http_status: pipelineList.status, pipeline_count: pipelines.length, reason: safeMessage(pipelineList.json.msg || "") },
+    );
+
+    const resolvedPipelines = [];
+    const modelTested = new Set();
+    for (const target of targets) {
+      let pipelineId = "";
+      let matchedBy = "";
+      if (target.pipeline_url) {
+        try {
+          pipelineId = new URL(target.pipeline_url).searchParams.get("id") || "";
+          matchedBy = pipelineId ? "url" : "";
+        } catch {
+          pipelineId = "";
+        }
+      }
+      if (!pipelineId && target.pipeline_name) {
+        const match = pipelines.find((pipeline) => pipeline.name === target.pipeline_name);
+        if (match) {
+          pipelineId = match.uuid;
+          matchedBy = "name";
+        }
+      }
+      if (!pipelineId) {
+        addCheck(`pipeline:${target.id}`, "blocked", {
+          target: target.id,
+          reason: "Required pipeline env is missing or could not resolve to a pipeline id.",
+        });
+        continue;
+      }
+
+      const response = await getJson(`/api/v1/pipelines/${encodeURIComponent(pipelineId)}`);
+      const pipeline = response.json.data?.pipeline;
+      if (response.status >= 400 || !pipeline) {
+        addCheck(`pipeline:${target.id}`, "blocked", {
+          target: target.id,
+          pipeline_id: pipelineId,
+          http_status: response.status,
+          reason: safeMessage(response.json.msg || "Could not load pipeline."),
+        });
+        continue;
+      }
+
+      const config = pipeline.config || {};
+      const aiConfig = config.ai && typeof config.ai === "object" ? config.ai : {};
+      const runner = aiConfig.runner && typeof aiConfig.runner === "object" ? aiConfig.runner : {};
+      const runnerId = runner.id || runner.runner || "";
+      const runnerConfigs = aiConfig.runner_config && typeof aiConfig.runner_config === "object" ? aiConfig.runner_config : {};
+      const runnerConfig = runnerConfigs[runnerId] && typeof runnerConfigs[runnerId] === "object" ? runnerConfigs[runnerId] : {};
+      const pipelineSummary = {
+        target: target.id,
+        pipeline_id: pipelineId,
+        pipeline_name: pipeline.name,
+        matched_by: matchedBy,
+        runner_id: runnerId,
+        expected_runner_id: target.expected_runner_id,
+        runner_config_keys: Object.keys(runnerConfig).sort(),
+      };
+      resolvedPipelines.push(pipelineSummary);
+
+      addCheck(
+        `pipeline:${target.id}:runner`,
+        runnerId === target.expected_runner_id ? "pass" : "blocked",
+        {
+          ...pipelineSummary,
+          reason: runnerId === target.expected_runner_id ? "" : `Expected ${target.expected_runner_id}, got ${runnerId || "<missing>"}.`,
+        },
+      );
+
+      if (target.require_func_call_model || target.require_vision_model || (testModels && target.id === "local-agent")) {
+        const modelConfig = runnerConfig.model;
+        const primaryModelId = typeof modelConfig === "string"
+          ? modelConfig
+          : modelConfig && typeof modelConfig === "object"
+            ? modelConfig.primary || ""
+            : "";
+        if (!primaryModelId) {
+          addCheck(`pipeline:${target.id}:primary-model`, "blocked", {
+            ...pipelineSummary,
+            reason: "Local-agent runner config has no primary model.",
+          });
+          continue;
+        }
+        const model = modelById.get(primaryModelId);
+        if (!model) {
+          addCheck(`pipeline:${target.id}:primary-model`, "blocked", {
+            ...pipelineSummary,
+            model_uuid: primaryModelId,
+            reason: "Primary model is not listed by /api/v1/provider/models/llm.",
+          });
+          continue;
+        }
+        addCheck(`pipeline:${target.id}:primary-model`, "pass", {
+          ...pipelineSummary,
+          model: {
+            uuid: model.uuid,
+            name: model.name,
+            abilities: model.abilities,
+            provider_name: model.provider_name,
+            requester: model.requester,
+          },
+        });
+        if (target.require_func_call_model) {
+          addCheck(
+            `pipeline:${target.id}:func-call-model`,
+            model.abilities.includes("func_call") ? "pass" : "env_issue",
+            {
+              model_uuid: model.uuid,
+              model_name: model.name,
+              abilities: model.abilities,
+              reason: model.abilities.includes("func_call") ? "" : "Release gate includes tool-call cases; the local-agent primary model must advertise func_call.",
+            },
+          );
+        }
+        if (target.require_vision_model) {
+          addCheck(
+            `pipeline:${target.id}:vision-model`,
+            model.abilities.includes("vision") ? "pass" : "env_issue",
+            {
+              model_uuid: model.uuid,
+              model_name: model.name,
+              abilities: model.abilities,
+              reason: model.abilities.includes("vision") ? "" : "Release gate includes multimodal cases; the local-agent primary model must advertise vision.",
+            },
+          );
+        }
+        if (testModels && !modelTested.has(model.uuid)) {
+          modelTested.add(model.uuid);
+          const modelTest = await postJson(`/api/v1/provider/models/llm/${encodeURIComponent(model.uuid)}/test`, { extra_args: {} });
+          const passed = modelTest.status < 400 && (modelTest.json.code ?? 0) === 0;
+          addCheck(
+            `model-test:${model.name}`,
+            passed ? "pass" : "env_issue",
+            {
+              model_uuid: model.uuid,
+              model_name: model.name,
+              http_status: modelTest.status,
+              code: modelTest.json.code ?? null,
+              reason: passed ? "" : safeMessage(modelTest.json.msg || modelTest.json.message || "Model test failed."),
+            },
+          );
+        }
+      }
+    }
+
+    return {
+      authenticated: true,
+      blockers,
+      env_issues: envIssues,
+      warnings,
+      checks,
+      resolved_pipelines: resolvedPipelines,
+      tools: {
+        required: ["qa_plugin_echo"],
+        optional_before_register: ["qa_mcp_echo"],
+        present: toolNames.filter((name) => ["qa_plugin_echo", "qa_mcp_echo"].includes(name)),
+      },
+      models,
+    };
+  }, { backendUrl, targets, testModels });
+
+  diagnostic.blockers = (diagnostic.blockers || []).map((item) => ({ ...item, reason: redactMessage(item.reason || "") }));
+  diagnostic.env_issues = (diagnostic.env_issues || []).map((item) => ({ ...item, reason: redactMessage(item.reason || "") }));
+  await writeFile(diagnosticPath, `${JSON.stringify(diagnostic, null, 2)}\n`, "utf8");
+  await safeScreenshot(page, paths.screenshot);
+
+  const blockers = diagnostic.blockers || [];
+  const envIssues = diagnostic.env_issues || [];
+  if (blockers.length > 0) {
+    result.status = "blocked";
+    result.reason = `Preflight blocked: ${blockers.map((item) => item.name).join(", ")}`;
+  } else if (envIssues.length > 0) {
+    result.status = "env_issue";
+    result.reason = `Preflight environment issue: ${envIssues.map((item) => item.name).join(", ")}`;
+  } else {
+    result.status = "pass";
+    result.reason = "Release gate preflight passed: auth, plugin runtime, required pipelines, runner ids, tools, and local-agent model checks are ready.";
+  }
+  result.check_count = Array.isArray(diagnostic.checks) ? diagnostic.checks.length : 0;
+  result.warning_count = Array.isArray(diagnostic.warnings) ? diagnostic.warnings.length : 0;
+}
+
+try {
+  await run();
+} catch (error) {
+  const message = redactMessage(error instanceof Error ? error.message : String(error));
+  result.status = isEnvironmentError(message) ? "env_issue" : "fail";
+  result.reason = message;
+  await writeFile(diagnosticPath, `${JSON.stringify({
+    authenticated: false,
+    blockers: [],
+    env_issues: result.status === "env_issue" ? [{ name: "preflight-runtime", reason: message }] : [],
+    warnings: [],
+    checks: [
+      {
+        name: "preflight-runtime",
+        status: result.status,
+        reason: message,
+      },
+    ],
+  }, null, 2)}\n`, "utf8").catch(() => {});
+} finally {
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,263 @@
+#!/usr/bin/env node
+
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  apiJson,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const RUNNER_ID = "plugin:langbot/acp-agent-runner/default";
+const DEFAULT_PIPELINE_NAME = "Agent QA ACP Claude Debug Chat";
+const DEFAULT_LOCAL_PASSWORD = "LangBotE2ELocalPass!2026";
+const caseId = "ensure-acp-agent-runner-pipeline";
+
+await loadEnvFiles();
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const writeEnv = process.argv.includes("--write-env");
+const frontendUrl = env.LANGBOT_FRONTEND_URL || "";
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const pipelineName = env.LANGBOT_E2E_CREATE_PIPELINE_NAME || env.LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME || DEFAULT_PIPELINE_NAME;
+const sshTarget = env.LANGBOT_ACP_AGENT_RUNNER_SSH_TARGET || "yhh@101.34.71.12";
+const sshConnectTimeout = env.LANGBOT_ACP_AGENT_RUNNER_SSH_CONNECT_TIMEOUT || "8";
+const sshPort = env.LANGBOT_ACP_AGENT_RUNNER_SSH_PORT || "22";
+const sshIdentityFile = env.LANGBOT_ACP_AGENT_RUNNER_SSH_IDENTITY_FILE || "";
+const sshExtraOptions = env.LANGBOT_ACP_AGENT_RUNNER_SSH_EXTRA_OPTIONS || "";
+const remoteWorkspace = env.LANGBOT_ACP_AGENT_RUNNER_REMOTE_WORKSPACE || "/home/yhh/langbot-e2e/acp-workspace";
+const envLocalPath = resolve("skills/.env.local");
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  frontend_url: frontendUrl,
+  backend_url: backendUrl,
+  pipeline_name: pipelineName,
+  pipeline_id: "",
+  pipeline_url: "",
+  runner_id: RUNNER_ID,
+  ssh_target: sshTarget,
+  ssh_port: sshPort,
+  remote_workspace: remoteWorkspace,
+  wrote_env: false,
+  auth: null,
+  evidence: {
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic"],
+};
+
+try {
+  if (!frontendUrl) throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+
+  const user = env.LANGBOT_E2E_LOGIN_USER || "";
+  const password = env.LANGBOT_E2E_LOGIN_PASSWORD || DEFAULT_LOCAL_PASSWORD;
+  if (!user) {
+    throw new Error("LANGBOT_E2E_LOGIN_USER is required so this setup can create/update the pipeline via backend API.");
+  }
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  result.auth = {
+    source: "local_recovery_login",
+    user,
+    backend_token_check: auth.check,
+  };
+
+  const runnerConfig = {
+    provider: "claude-code",
+    location: "remote-ssh",
+    workspace: remoteWorkspace,
+    "ssh-target": sshTarget,
+    "ssh-port": Number.parseInt(sshPort, 10),
+    "ssh-identity-file": sshIdentityFile,
+    "ssh-connect-timeout": Number.parseInt(sshConnectTimeout, 10),
+    "ssh-extra-options": sshExtraOptions,
+    "langbot-assets-enabled": true,
+    "mcp-bridge-request-timeout": 90,
+    "reuse-session": false,
+    "create-session-if-missing": true,
+    "append-run-scope-prompt": true,
+    "startup-timeout": 30,
+    "initialize-timeout": 120,
+    timeout: 300,
+  };
+
+  const prepared = await ensurePipeline({
+    backendUrl,
+    token: auth.token,
+    pipelineName,
+    runnerId: RUNNER_ID,
+    runnerConfig,
+  });
+  Object.assign(result, prepared);
+  if (result.pipeline_id) {
+    result.pipeline_url = `${frontendUrl.replace(/\/$/, "")}/home/pipelines?id=${encodeURIComponent(result.pipeline_id)}`;
+  }
+
+  if (writeEnv && result.pipeline_id) {
+    await upsertEnvLocal(envLocalPath, {
+      LANGBOT_E2E_LOGIN_USER: user,
+      LANGBOT_ACP_AGENT_RUNNER_SSH_TARGET: sshTarget,
+      LANGBOT_ACP_AGENT_RUNNER_SSH_PORT: sshPort,
+      LANGBOT_ACP_AGENT_RUNNER_SSH_IDENTITY_FILE: sshIdentityFile,
+      LANGBOT_ACP_AGENT_RUNNER_SSH_EXTRA_OPTIONS: sshExtraOptions,
+      LANGBOT_ACP_AGENT_RUNNER_REMOTE_WORKSPACE: remoteWorkspace,
+      LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL: result.pipeline_url,
+      LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME: result.pipeline_name || pipelineName,
+    });
+    result.wrote_env = true;
+  }
+} catch (error) {
+  result.reason = result.reason || error.message;
+} finally {
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : result.status === "env_issue" ? 2 : 1);
+
+async function ensurePipeline({ backendUrl, token, pipelineName, runnerId, runnerConfig }) {
+  const pipelineList = await apiJson(backendUrl, "/api/v1/pipelines", { token });
+  if (isApiFailure(pipelineList)) {
+    return {
+      status: "fail",
+      reason: pipelineList.json.msg || "Failed to list pipelines.",
+      list_status: pipelineList.status,
+    };
+  }
+
+  const pipelines = pipelineList.json.data?.pipelines || [];
+  let pipeline = pipelines.find((item) => item.name === pipelineName) || null;
+  let created = false;
+
+  if (!pipeline) {
+    const createdResponse = await apiJson(backendUrl, "/api/v1/pipelines", {
+      method: "POST",
+      token,
+      body: {
+        name: pipelineName,
+        description: "Local QA pipeline for real ACP Claude AgentRunner Debug Chat smoke tests.",
+        emoji: "QA",
+      },
+    });
+    if (isApiFailure(createdResponse)) {
+      return {
+        status: "fail",
+        reason: createdResponse.json.msg || "Failed to create pipeline.",
+        create_status: createdResponse.status,
+      };
+    }
+    const pipelineId = createdResponse.json.data?.uuid || "";
+    const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipelineId)}`, { token });
+    pipeline = loaded.json.data?.pipeline || null;
+    created = true;
+  }
+
+  if (!pipeline?.uuid) {
+    return {
+      status: "fail",
+      reason: "Pipeline was not created or resolved.",
+    };
+  }
+
+  const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, { token });
+  if (isApiFailure(loaded) || !loaded.json.data?.pipeline) {
+    return {
+      status: "fail",
+      reason: loaded.json.msg || "Failed to load pipeline.",
+      get_status: loaded.status,
+      pipeline_id: pipeline.uuid,
+    };
+  }
+  pipeline = loaded.json.data.pipeline;
+
+  const config = pipeline.config && typeof pipeline.config === "object" ? pipeline.config : {};
+  const ai = config.ai && typeof config.ai === "object" ? config.ai : {};
+  const runnerConfigs = ai.runner_config && typeof ai.runner_config === "object" ? ai.runner_config : {};
+  const updatedConfig = {
+    ...config,
+    ai: {
+      ...ai,
+      runner: {
+        ...(ai.runner && typeof ai.runner === "object" ? ai.runner : {}),
+        id: runnerId,
+        "expire-time": 0,
+      },
+      runner_config: {
+        ...runnerConfigs,
+        [runnerId]: runnerConfig,
+      },
+    },
+  };
+
+  const updateResponse = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, {
+    method: "PUT",
+    token,
+    body: {
+      name: pipelineName,
+      description: "Local QA pipeline for real ACP Claude AgentRunner Debug Chat smoke tests.",
+      emoji: "QA",
+      config: updatedConfig,
+    },
+  });
+  if (isApiFailure(updateResponse)) {
+    return {
+      status: "fail",
+      reason: updateResponse.json.msg || "Failed to update pipeline.",
+      update_status: updateResponse.status,
+      pipeline_id: pipeline.uuid,
+    };
+  }
+
+  return {
+    status: "pass",
+    reason: created ? "ACP AgentRunner pipeline created and configured." : "ACP AgentRunner pipeline updated.",
+    pipeline_id: pipeline.uuid,
+    pipeline_name: pipelineName,
+    created,
+    updated: true,
+  };
+}
+
+function isApiFailure(response) {
+  return response.status >= 400 || (response.json && response.json.code !== undefined && response.json.code !== 0);
+}
+
+async function upsertEnvLocal(path, values) {
+  let text = "";
+  try {
+    text = await readFile(path, "utf8");
+  } catch {
+    text = "";
+  }
+  const lines = text.split(/\r?\n/);
+  const keys = new Set(Object.keys(values));
+  const output = [];
+  for (const line of lines) {
+    const match = line.match(/^([A-Z][A-Z0-9_]*)=/);
+    if (match && keys.has(match[1])) {
+      output.push(`${match[1]}=${values[match[1]]}`);
+      keys.delete(match[1]);
+    } else if (line !== "" || output.length > 0) {
+      output.push(line);
+    }
+  }
+  if (keys.size > 0 && output.length > 0 && output[output.length - 1] !== "") {
+    output.push("");
+  }
+  for (const key of keys) {
+    output.push(`${key}=${values[key]}`);
+  }
+  await writeFile(path, `${output.join("\n").replace(/\n+$/, "")}\n`, "utf8");
+}
@@ -0,0 +1,293 @@
+#!/usr/bin/env node
+
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  apiJson,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = env.LBS_CASE_ID || "ensure-langrag-sentinel-kb";
+
+await loadEnvFiles();
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const user = env.LANGBOT_E2E_LOGIN_USER || "";
+const password = env.LANGBOT_E2E_LOGIN_PASSWORD || "LangBotE2ELocalPass!2026";
+const expectedText = env.LANGBOT_E2E_EXPECTED_TEXT || "azalea-cobalt-7421";
+const query = env.LANGBOT_E2E_RETRIEVE_QUERY || "What is the local agent runner retrieval sentinel?";
+const writeEnv = process.argv.includes("--write-env");
+const checkOnly = process.argv.includes("--check-only");
+const envLocalPath = resolve("skills/.env.local");
+const kbName = env.LANGBOT_E2E_RAG_KB_NAME || "qa-local-agent-rag";
+const sentinelPath = resolve(env.LANGBOT_E2E_RAG_SENTINEL_DOC || "skills/langbot-testing/fixtures/rag/sentinel-doc.txt");
+const waitMs = Number(env.LANGBOT_E2E_RAG_WAIT_MS || 180_000);
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  backend_url: backendUrl,
+  expected_text: expectedText,
+  query,
+  kb_uuid: "",
+  kb_name: "",
+  kb_created: false,
+  uploaded_file_id: "",
+  store_task_id: "",
+  embedding_model_uuid: "",
+  engine_plugin_id: "",
+  checked_bases: [],
+  file_statuses: [],
+  wrote_env: false,
+  evidence: {
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic"],
+};
+
+try {
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+  if (!user) throw new Error("LANGBOT_E2E_LOGIN_USER is required.");
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  const basesResponse = await apiJson(backendUrl, "/api/v1/knowledge/bases", { token: auth.token });
+  if (basesResponse.status >= 400 || basesResponse.json.code !== 0) {
+    throw new Error(basesResponse.json.msg || `Failed to list knowledge bases: HTTP ${basesResponse.status}.`);
+  }
+
+  let bases = basesResponse.json.data?.bases || [];
+  await findSentinelBase(backendUrl, auth.token, bases, result);
+
+  if (!result.kb_uuid && !checkOnly) {
+    const targetBase = bases.find((base) => {
+      const uuid = base.uuid || base.id || "";
+      return (base.name || "") === kbName && !hasRetrieveFailure(result.checked_bases, uuid);
+    });
+    result.kb_uuid = targetBase?.uuid || targetBase?.id || "";
+    result.kb_name = targetBase?.name || kbName;
+
+    if (!result.kb_uuid) {
+      const setup = await createKnowledgeBase(backendUrl, auth.token, kbName);
+      result.kb_uuid = setup.kbUuid;
+      result.kb_name = kbName;
+      result.kb_created = true;
+      result.embedding_model_uuid = setup.embeddingModelUuid;
+      result.engine_plugin_id = setup.enginePluginId;
+    }
+
+    const upload = await uploadDocument(backendUrl, auth.token, sentinelPath);
+    result.uploaded_file_id = upload.fileId;
+
+    const store = await apiJson(backendUrl, `/api/v1/knowledge/bases/${encodeURIComponent(result.kb_uuid)}/files`, {
+      method: "POST",
+      token: auth.token,
+      body: { file_id: upload.fileId },
+    });
+    if (store.status >= 400 || store.json.code !== 0) {
+      throw new Error(store.json.msg || `Failed to store file in knowledge base: HTTP ${store.status}.`);
+    }
+    result.store_task_id = store.json.data?.task_id || "";
+
+    const ready = await waitForSentinel(backendUrl, auth.token, result.kb_uuid, query, expectedText, waitMs);
+    result.file_statuses = ready.fileStatuses;
+    if (ready.matched) {
+      result.checked_bases.push(ready.checked);
+    }
+  }
+
+  if (!result.kb_uuid) {
+    result.status = "env_issue";
+    result.reason = checkOnly
+      ? `No existing knowledge base retrieved expected sentinel: ${expectedText}`
+      : `Could not create or verify LangRAG sentinel knowledge base: ${expectedText}`;
+  } else {
+    if (writeEnv) {
+      await upsertEnvLocal(envLocalPath, {
+        LANGBOT_LOCAL_AGENT_RAG_KB_UUID: result.kb_uuid,
+      });
+      result.wrote_env = true;
+    }
+    result.status = "pass";
+    result.reason = `Found LangRAG sentinel knowledge base: ${result.kb_uuid}`;
+  }
+} catch (error) {
+  result.status = /not configured|required|No existing knowledge base/.test(error.message) ? "env_issue" : "fail";
+  result.reason = error.message;
+} finally {
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : result.status === "env_issue" ? 2 : 1);
+
+async function findSentinelBase(backendUrl, token, bases, result) {
+  for (const base of bases) {
+    const uuid = base.uuid || base.id || "";
+    if (!uuid) continue;
+    const checked = await retrieveSentinel(backendUrl, token, uuid, base.name || "", result.query, result.expected_text);
+    result.checked_bases.push(checked);
+    if (checked.matched) {
+      result.kb_uuid = uuid;
+      result.kb_name = checked.name;
+      return;
+    }
+  }
+}
+
+async function createKnowledgeBase(backendUrl, token, name) {
+  const enginesResponse = await apiJson(backendUrl, "/api/v1/knowledge/engines", { token });
+  if (enginesResponse.status >= 400 || enginesResponse.json.code !== 0) {
+    throw new Error(enginesResponse.json.msg || `Failed to list knowledge engines: HTTP ${enginesResponse.status}.`);
+  }
+  const engines = enginesResponse.json.data?.engines || [];
+  const engine = engines.find((item) => item.plugin_id === "langbot-team/LangRAG")
+    || engines.find((item) => JSON.stringify(item.name || item.label || "").includes("LangRAG"));
+  const enginePluginId = engine?.plugin_id || "";
+  if (!enginePluginId) throw new Error("LangRAG knowledge engine is not installed.");
+
+  const embeddingModelUuid = await pickEmbeddingModel(backendUrl, token);
+  const create = await apiJson(backendUrl, "/api/v1/knowledge/bases", {
+    method: "POST",
+    token,
+    body: {
+      name,
+      description: "Automated LangBot agent-runner RAG sentinel knowledge base.",
+      knowledge_engine_plugin_id: enginePluginId,
+      creation_settings: {
+        embedding_model_uuid: embeddingModelUuid,
+        index_type: "chunk",
+        chunk_size: 512,
+        overlap: 50,
+      },
+      retrieval_settings: {
+        top_k: 5,
+        search_type: "vector",
+        query_rewrite: "off",
+        rerank: "off",
+        context_window: 0,
+      },
+    },
+  });
+  const kbUuid = create.json.data?.uuid || "";
+  if (create.status >= 400 || create.json.code !== 0 || !kbUuid) {
+    throw new Error(create.json.msg || `Failed to create knowledge base: HTTP ${create.status}.`);
+  }
+  return { kbUuid, embeddingModelUuid, enginePluginId };
+}
+
+async function pickEmbeddingModel(backendUrl, token) {
+  const configured = env.LANGBOT_LOCAL_AGENT_RAG_EMBEDDING_MODEL_UUID || env.LANGBOT_RAG_EMBEDDING_MODEL_UUID || "";
+  if (configured) return configured;
+
+  const modelsResponse = await apiJson(backendUrl, "/api/v1/provider/models/embedding", { token });
+  if (modelsResponse.status >= 400 || modelsResponse.json.code !== 0) {
+    throw new Error(modelsResponse.json.msg || `Failed to list embedding models: HTTP ${modelsResponse.status}.`);
+  }
+  const models = modelsResponse.json.data?.models || [];
+  const preferred = models.find((model) => /chroma|MiniLM/i.test(model.name || ""))
+    || models.find((model) => /text-embedding-3-small/i.test(model.name || ""))
+    || [...models].sort((a, b) => (a.prefered_ranking ?? 9999) - (b.prefered_ranking ?? 9999))[0];
+  const uuid = preferred?.uuid || "";
+  if (!uuid) throw new Error("No embedding model is configured.");
+  return uuid;
+}
+
+async function uploadDocument(backendUrl, token, path) {
+  const bytes = await readFile(path);
+  const form = new FormData();
+  form.append("file", new Blob([bytes], { type: "text/plain" }), "sentinel-doc.txt");
+  const response = await fetch(`${backendUrl.replace(/\/$/, "")}/api/v1/files/documents`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${token}`,
+    },
+    body: form,
+  });
+  const json = await response.json().catch(() => ({}));
+  const fileId = json.data?.file_id || "";
+  if (response.status >= 400 || json.code !== 0 || !fileId) {
+    throw new Error(json.msg || `Failed to upload sentinel document: HTTP ${response.status}.`);
+  }
+  return { fileId };
+}
+
+async function waitForSentinel(backendUrl, token, kbUuid, query, expectedText, timeoutMs) {
+  const started = Date.now();
+  let fileStatuses = [];
+  let lastChecked = null;
+  while (Date.now() - started < timeoutMs) {
+    const files = await apiJson(backendUrl, `/api/v1/knowledge/bases/${encodeURIComponent(kbUuid)}/files`, { token });
+    fileStatuses = files.json.data?.files || fileStatuses;
+    lastChecked = await retrieveSentinel(backendUrl, token, kbUuid, kbName, query, expectedText);
+    if (lastChecked.matched) {
+      return { matched: true, fileStatuses, checked: lastChecked };
+    }
+    if (fileStatuses.some((item) => item.status === "failed")) break;
+    await sleep(2_000);
+  }
+  result.reason = lastChecked?.msg
+    || `LangRAG sentinel was not retrievable within ${timeoutMs}ms; file statuses: ${JSON.stringify(fileStatuses)}`;
+  result.kb_uuid = "";
+  return { matched: false, fileStatuses, checked: lastChecked };
+}
+
+async function retrieveSentinel(backendUrl, token, uuid, name, query, expectedText) {
+  const retrieve = await apiJson(backendUrl, `/api/v1/knowledge/bases/${encodeURIComponent(uuid)}/retrieve`, {
+    method: "POST",
+    token,
+    body: { query },
+  });
+  const text = JSON.stringify(retrieve.json.data?.results || []);
+  return {
+    uuid,
+    name,
+    http_status: retrieve.status,
+    code: retrieve.json.code ?? null,
+    msg: retrieve.json.msg || "",
+    matched: text.includes(expectedText),
+  };
+}
+
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+function hasRetrieveFailure(checkedBases, uuid) {
+  const checked = checkedBases.find((item) => item.uuid === uuid);
+  return checked && (checked.http_status >= 500 || (typeof checked.code === "number" && checked.code < 0));
+}
+
+async function upsertEnvLocal(path, values) {
+  let text = "";
+  try {
+    text = await readFile(path, "utf8");
+  } catch {
+    text = "";
+  }
+  const lines = text.split(/\r?\n/);
+  const keys = new Set(Object.keys(values));
+  const output = [];
+  for (const line of lines) {
+    const match = line.match(/^([A-Z][A-Z0-9_]*)=/);
+    if (match && keys.has(match[1])) {
+      output.push(`${match[1]}=${values[match[1]]}`);
+      keys.delete(match[1]);
+    } else if (line !== "" || output.length > 0) {
+      output.push(line);
+    }
+  }
+  if (keys.size > 0 && output.length > 0 && output[output.length - 1] !== "") output.push("");
+  for (const key of keys) output.push(`${key}=${values[key]}`);
+  await writeFile(path, `${output.join("\n").replace(/\n+$/, "")}\n`, "utf8");
+}
@@ -0,0 +1,312 @@
+#!/usr/bin/env node
+
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  apiJson,
+  bodyText,
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  safeScreenshot,
+  setBrowserToken,
+  verifyBrowserToken,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const RUNNER_ID = "plugin:langbot/local-agent/default";
+const DEFAULT_PIPELINE_NAME = "Agent QA Local Agent Debug Chat";
+const DEFAULT_LOCAL_PASSWORD = "LangBotE2ELocalPass!2026";
+const caseId = "ensure-local-agent-pipeline";
+
+await loadEnvFiles();
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const writeEnv = process.argv.includes("--write-env");
+const pipelineName = env.LANGBOT_E2E_CREATE_PIPELINE_NAME || env.LANGBOT_LOCAL_AGENT_PIPELINE_NAME || DEFAULT_PIPELINE_NAME;
+const frontendUrl = env.LANGBOT_FRONTEND_URL || "";
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const envLocalPath = resolve("skills/.env.local");
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  frontend_url: frontendUrl,
+  backend_url: backendUrl,
+  pipeline_name: pipelineName,
+  pipeline_id: "",
+  pipeline_url: "",
+  runner_id: RUNNER_ID,
+  selected_model_id: "",
+  model_count: 0,
+  created: false,
+  updated: false,
+  wrote_env: false,
+  auth: null,
+  browser_token_check: null,
+  page_signal: "",
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic", "console", "network", "screenshot"],
+};
+
+let browser;
+
+try {
+  if (!frontendUrl) throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+
+  const user = env.LANGBOT_E2E_LOGIN_USER || "";
+  const password = env.LANGBOT_E2E_LOGIN_PASSWORD || DEFAULT_LOCAL_PASSWORD;
+  if (!user) {
+    throw new Error("LANGBOT_E2E_LOGIN_USER is required so this setup can create/update the pipeline via backend API.");
+  }
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  result.auth = {
+    source: "local_recovery_login",
+    user,
+    backend_token_check: auth.check,
+  };
+
+  const prepared = await ensureLocalAgentPipeline({
+    backendUrl,
+    token: auth.token,
+    pipelineName,
+    runnerId: RUNNER_ID,
+  });
+  Object.assign(result, prepared);
+  if (result.pipeline_id) {
+    result.pipeline_url = `${frontendUrl.replace(/\/$/, "")}/home/pipelines?id=${encodeURIComponent(result.pipeline_id)}`;
+  }
+
+  if (writeEnv && result.pipeline_id) {
+    await upsertEnvLocal(envLocalPath, {
+      LANGBOT_E2E_LOGIN_USER: user,
+      LANGBOT_PIPELINE_URL: result.pipeline_url,
+      LANGBOT_PIPELINE_NAME: result.pipeline_name || pipelineName,
+      LANGBOT_LOCAL_AGENT_PIPELINE_URL: result.pipeline_url,
+      LANGBOT_LOCAL_AGENT_PIPELINE_NAME: result.pipeline_name || pipelineName,
+    });
+    result.wrote_env = true;
+  }
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await setBrowserToken(page, frontendUrl, auth.token);
+  const browserCheck = await verifyBrowserToken(page, backendUrl);
+  result.browser_token_check = browserCheck;
+  if (!browserCheck.authenticated) {
+    throw new Error(browserCheck.reason || "Browser token check failed after setup.");
+  }
+  await page.goto(result.pipeline_url || frontendUrl, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+  const text = await bodyText(page);
+  result.page_signal = ["Pipelines", "流水线", pipelineName].find((signal) => text.includes(signal)) || "";
+} catch (error) {
+  result.status = result.status === "env_issue" ? "env_issue" : "fail";
+  result.reason = result.reason || error.message;
+} finally {
+  if (browser?.page) await safeScreenshot(browser.page, paths.screenshot);
+  if (browser) await browser.close().catch(() => {});
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : result.status === "env_issue" ? 2 : 1);
+
+async function ensureLocalAgentPipeline({ backendUrl, token, pipelineName, runnerId }) {
+  const [pipelineList, modelList] = await Promise.all([
+    apiJson(backendUrl, "/api/v1/pipelines", { token }),
+    apiJson(backendUrl, "/api/v1/provider/models/llm", { token }),
+  ]);
+
+  if (isApiFailure(pipelineList)) {
+    return {
+      status: "fail",
+      reason: pipelineList.json.msg || "Failed to list pipelines.",
+      list_status: pipelineList.status,
+    };
+  }
+  if (isApiFailure(modelList)) {
+    return {
+      status: "fail",
+      reason: modelList.json.msg || "Failed to list LLM models.",
+      model_status: modelList.status,
+    };
+  }
+
+  const models = modelList.json.data?.models || [];
+  const selectedModel = models.find((model) => model.uuid) || null;
+  const pipelines = pipelineList.json.data?.pipelines || [];
+  let pipeline = pipelines.find((item) => item.name === pipelineName) || null;
+  let created = false;
+
+  if (!pipeline) {
+    const createdResponse = await apiJson(backendUrl, "/api/v1/pipelines", {
+      method: "POST",
+      token,
+      body: {
+        name: pipelineName,
+        description: "Local QA pipeline for AgentRunner Debug Chat smoke tests.",
+        emoji: "QA",
+      },
+    });
+    if (isApiFailure(createdResponse)) {
+      return {
+        status: "fail",
+        reason: createdResponse.json.msg || "Failed to create pipeline.",
+        create_status: createdResponse.status,
+        model_count: models.length,
+      };
+    }
+    const pipelineId = createdResponse.json.data?.uuid || "";
+    const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipelineId)}`, { token });
+    pipeline = loaded.json.data?.pipeline || null;
+    created = true;
+  }
+
+  if (!pipeline?.uuid) {
+    return {
+      status: "fail",
+      reason: "Pipeline was not created or resolved.",
+      model_count: models.length,
+    };
+  }
+
+  const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, { token });
+  if (isApiFailure(loaded) || !loaded.json.data?.pipeline) {
+    return {
+      status: "fail",
+      reason: loaded.json.msg || "Failed to load pipeline.",
+      get_status: loaded.status,
+      pipeline_id: pipeline.uuid,
+      model_count: models.length,
+    };
+  }
+  pipeline = loaded.json.data.pipeline;
+
+  const config = pipeline.config && typeof pipeline.config === "object" ? pipeline.config : {};
+  const ai = config.ai && typeof config.ai === "object" ? config.ai : {};
+  const runnerConfig = ai.runner_config && typeof ai.runner_config === "object" ? ai.runner_config : {};
+  const rawExistingLocalAgentConfig = runnerConfig[runnerId] && typeof runnerConfig[runnerId] === "object"
+    ? runnerConfig[runnerId]
+    : {};
+  const existingLocalAgentConfig = rawExistingLocalAgentConfig;
+  const existingModel = existingLocalAgentConfig.model && typeof existingLocalAgentConfig.model === "object"
+    ? existingLocalAgentConfig.model
+    : {};
+  const requestedModelId = env.LANGBOT_LOCAL_AGENT_MODEL_UUID || env.LANGBOT_E2E_MODEL_UUID || "";
+  const selectedModelId = requestedModelId || existingModel.primary || selectedModel?.uuid || "";
+  const localAgentConfig = {
+    timeout: 300,
+    prompt: [{ role: "system", content: "You are a helpful assistant." }],
+    "remove-think": false,
+    "knowledge-bases": [],
+    "retrieval-top-k": 5,
+    "rerank-model": "",
+    "rerank-top-k": 5,
+    "max-tool-iterations": 20,
+    "tool-execution-mode": "parallel",
+    "max-tool-result-chars": 20000,
+    "context-history-fetch-limit": 50,
+    "context-window-tokens": 200000,
+    "context-reserve-tokens": 16384,
+    "context-keep-recent-tokens": 20000,
+    "context-summary-tokens": 8000,
+    ...existingLocalAgentConfig,
+    model: {
+      primary: selectedModelId,
+      fallbacks: requestedModelId ? [] : Array.isArray(existingModel.fallbacks) ? existingModel.fallbacks : [],
+    },
+  };
+  const updatedConfig = {
+    ...config,
+    ai: {
+      ...ai,
+      runner: {
+        ...(ai.runner && typeof ai.runner === "object" ? ai.runner : {}),
+        id: runnerId,
+        "expire-time": 0,
+      },
+      runner_config: {
+        ...runnerConfig,
+        [runnerId]: localAgentConfig,
+      },
+    },
+  };
+
+  const updateResponse = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, {
+    method: "PUT",
+    token,
+    body: {
+      name: pipelineName,
+      description: "Local QA pipeline for AgentRunner Debug Chat smoke tests.",
+      emoji: "QA",
+      config: updatedConfig,
+    },
+  });
+  if (isApiFailure(updateResponse)) {
+    return {
+      status: "fail",
+      reason: updateResponse.json.msg || "Failed to update pipeline config.",
+      update_status: updateResponse.status,
+      pipeline_id: pipeline.uuid,
+      model_count: models.length,
+      selected_model_id: selectedModelId,
+    };
+  }
+
+  return {
+    status: selectedModelId ? "pass" : "env_issue",
+    reason: selectedModelId
+      ? "Local-agent pipeline is configured for Debug Chat."
+      : "Pipeline was created but no LLM model is configured in this LangBot instance.",
+    pipeline_id: pipeline.uuid,
+    pipeline_name: pipeline.name,
+    model_count: models.length,
+    selected_model_id: selectedModelId,
+    created,
+    updated: true,
+  };
+}
+
+function isApiFailure(response) {
+  return response.status >= 400 || (response.json.code !== undefined && response.json.code !== 0);
+}
+
+async function upsertEnvLocal(path, updates) {
+  let text = "";
+  try {
+    text = await readFile(path, "utf8");
+  } catch {
+    text = "";
+  }
+  const lines = text.split(/\r?\n/);
+  const seen = new Set();
+  const next = lines.map((line) => {
+    const trimmed = line.trim();
+    const equals = trimmed.indexOf("=");
+    if (equals <= 0 || trimmed.startsWith("#")) return line;
+    const key = trimmed.slice(0, equals).trim();
+    if (!(key in updates)) return line;
+    seen.add(key);
+    return `${key}=${updates[key]}`;
+  });
+  for (const [key, value] of Object.entries(updates)) {
+    if (!seen.has(key)) next.push(`${key}=${value}`);
+  }
+  await writeFile(path, `${next.filter((line, index) => line !== "" || index < next.length - 1).join("\n")}\n`, "utf8");
+}
@@ -0,0 +1,230 @@
+#!/usr/bin/env node
+
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  apiJson,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const RUNNER_ID = "plugin:qa/agent-runner/default";
+const DEFAULT_PIPELINE_NAME = "Agent QA Deterministic Runner Debug Chat";
+const DEFAULT_LOCAL_PASSWORD = "LangBotE2ELocalPass!2026";
+const caseId = "ensure-qa-agent-runner-pipeline";
+
+await loadEnvFiles();
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const writeEnv = process.argv.includes("--write-env");
+const frontendUrl = env.LANGBOT_FRONTEND_URL || "";
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const pipelineName = env.LANGBOT_E2E_CREATE_PIPELINE_NAME || env.LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME || DEFAULT_PIPELINE_NAME;
+const envLocalPath = resolve("skills/.env.local");
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  frontend_url: frontendUrl,
+  backend_url: backendUrl,
+  pipeline_name: pipelineName,
+  pipeline_id: "",
+  pipeline_url: "",
+  runner_id: RUNNER_ID,
+  wrote_env: false,
+  auth: null,
+  evidence: {
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic"],
+};
+
+try {
+  if (!frontendUrl) throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+
+  const user = env.LANGBOT_E2E_LOGIN_USER || "";
+  const password = env.LANGBOT_E2E_LOGIN_PASSWORD || DEFAULT_LOCAL_PASSWORD;
+  if (!user) {
+    throw new Error("LANGBOT_E2E_LOGIN_USER is required so this setup can create/update the pipeline via backend API.");
+  }
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  result.auth = {
+    source: "local_recovery_login",
+    user,
+    backend_token_check: auth.check,
+  };
+
+  const prepared = await ensurePipeline({
+    backendUrl,
+    token: auth.token,
+    pipelineName,
+    runnerId: RUNNER_ID,
+    runnerConfig: {},
+  });
+  Object.assign(result, prepared);
+  if (result.pipeline_id) {
+    result.pipeline_url = `${frontendUrl.replace(/\/$/, "")}/home/pipelines?id=${encodeURIComponent(result.pipeline_id)}`;
+  }
+
+  if (writeEnv && result.pipeline_id) {
+    await upsertEnvLocal(envLocalPath, {
+      LANGBOT_E2E_LOGIN_USER: user,
+      LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL: result.pipeline_url,
+      LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME: result.pipeline_name || pipelineName,
+    });
+    result.wrote_env = true;
+  }
+} catch (error) {
+  result.reason = result.reason || error.message;
+} finally {
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : result.status === "env_issue" ? 2 : 1);
+
+async function ensurePipeline({ backendUrl, token, pipelineName, runnerId, runnerConfig }) {
+  const pipelineList = await apiJson(backendUrl, "/api/v1/pipelines", { token });
+  if (isApiFailure(pipelineList)) {
+    return {
+      status: "fail",
+      reason: pipelineList.json.msg || "Failed to list pipelines.",
+      list_status: pipelineList.status,
+    };
+  }
+
+  const pipelines = pipelineList.json.data?.pipelines || [];
+  let pipeline = pipelines.find((item) => item.name === pipelineName) || null;
+  let created = false;
+
+  if (!pipeline) {
+    const createdResponse = await apiJson(backendUrl, "/api/v1/pipelines", {
+      method: "POST",
+      token,
+      body: {
+        name: pipelineName,
+        description: "Local QA pipeline for deterministic QA AgentRunner Debug Chat smoke tests.",
+        emoji: "QA",
+      },
+    });
+    if (isApiFailure(createdResponse)) {
+      return {
+        status: "fail",
+        reason: createdResponse.json.msg || "Failed to create pipeline.",
+        create_status: createdResponse.status,
+      };
+    }
+    const pipelineId = createdResponse.json.data?.uuid || "";
+    const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipelineId)}`, { token });
+    pipeline = loaded.json.data?.pipeline || null;
+    created = true;
+  }
+
+  if (!pipeline?.uuid) {
+    return {
+      status: "fail",
+      reason: "Pipeline was not created or resolved.",
+    };
+  }
+
+  const loaded = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, { token });
+  if (isApiFailure(loaded) || !loaded.json.data?.pipeline) {
+    return {
+      status: "fail",
+      reason: loaded.json.msg || "Failed to load pipeline.",
+      get_status: loaded.status,
+      pipeline_id: pipeline.uuid,
+    };
+  }
+  pipeline = loaded.json.data.pipeline;
+
+  const config = pipeline.config && typeof pipeline.config === "object" ? pipeline.config : {};
+  const ai = config.ai && typeof config.ai === "object" ? config.ai : {};
+  const runnerConfigs = ai.runner_config && typeof ai.runner_config === "object" ? ai.runner_config : {};
+  const updatedConfig = {
+    ...config,
+    ai: {
+      ...ai,
+      runner: {
+        ...(ai.runner && typeof ai.runner === "object" ? ai.runner : {}),
+        id: runnerId,
+        "expire-time": 0,
+      },
+      runner_config: {
+        ...runnerConfigs,
+        [runnerId]: runnerConfig,
+      },
+    },
+  };
+
+  const updateResponse = await apiJson(backendUrl, `/api/v1/pipelines/${encodeURIComponent(pipeline.uuid)}`, {
+    method: "PUT",
+    token,
+    body: {
+      name: pipelineName,
+      description: "Local QA pipeline for deterministic QA AgentRunner Debug Chat smoke tests.",
+      emoji: "QA",
+      config: updatedConfig,
+    },
+  });
+  if (isApiFailure(updateResponse)) {
+    return {
+      status: "fail",
+      reason: updateResponse.json.msg || "Failed to update pipeline.",
+      update_status: updateResponse.status,
+      pipeline_id: pipeline.uuid,
+    };
+  }
+
+  return {
+    status: "pass",
+    reason: created ? "QA AgentRunner pipeline created and configured." : "QA AgentRunner pipeline updated.",
+    pipeline_id: pipeline.uuid,
+    pipeline_name: pipelineName,
+    created,
+    updated: true,
+  };
+}
+
+function isApiFailure(response) {
+  return response.status >= 400 || (response.json && response.json.code !== undefined && response.json.code !== 0);
+}
+
+async function upsertEnvLocal(path, values) {
+  let text = "";
+  try {
+    text = await readFile(path, "utf8");
+  } catch {
+    text = "";
+  }
+  const lines = text.split(/\r?\n/);
+  const keys = new Set(Object.keys(values));
+  const output = [];
+  for (const line of lines) {
+    const match = line.match(/^([A-Z][A-Z0-9_]*)=/);
+    if (match && keys.has(match[1])) {
+      output.push(`${match[1]}=${values[match[1]]}`);
+      keys.delete(match[1]);
+    } else if (line !== "" || output.length > 0) {
+      output.push(line);
+    }
+  }
+  if (keys.size > 0 && output.length > 0 && output[output.length - 1] !== "") {
+    output.push("");
+  }
+  for (const key of keys) {
+    output.push(`${key}=${values[key]}`);
+  }
+  await writeFile(path, `${output.join("\n").replace(/\n+$/, "")}\n`, "utf8");
+}
@@ -0,0 +1,198 @@
+#!/usr/bin/env node
+
+import { readFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  apiJson,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = env.LBS_CASE_ID || "install-qa-plugin-smoke";
+const paths = evidencePaths(caseId);
+await loadEnvFiles();
+await ensureEvidence(paths);
+
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const user = env.LANGBOT_E2E_LOGIN_USER || "";
+const password = env.LANGBOT_E2E_LOGIN_PASSWORD || "LangBotE2ELocalPass!2026";
+const packagePath = resolve(
+  env.LANGBOT_E2E_PLUGIN_PACKAGE
+    || env.LANGBOT_QA_PLUGIN_SMOKE_PACKAGE
+    || "skills/langbot-testing/fixtures/plugins/qa-plugin-smoke/dist/qa-plugin-smoke-0.1.0.lbpkg",
+);
+const expectedPluginId = env.LANGBOT_E2E_EXPECTED_PLUGIN_ID || "qa/plugin-smoke";
+const expectedTool = env.LANGBOT_E2E_EXPECTED_TOOL || (expectedPluginId === "qa/plugin-smoke" ? "qa_plugin_echo" : "");
+const expectedRunnerId = env.LANGBOT_E2E_EXPECTED_RUNNER_ID || "";
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  backend_url: backendUrl,
+  package_path: packagePath,
+  package_preview: null,
+  task_id: null,
+  task: null,
+  plugin_present_before: false,
+  plugin_present_after: false,
+  tool_names: [],
+  runner_ids: [],
+  evidence: {
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic", "filesystem"],
+};
+
+try {
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+  if (!user) throw new Error("LANGBOT_E2E_LOGIN_USER is required.");
+  const bytes = await readFile(packagePath);
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  result.package_preview = await previewPackage(backendUrl, auth.token, bytes, packagePath);
+  const metadata = result.package_preview.metadata || {};
+  if (`${metadata.author}/${metadata.name}` !== expectedPluginId) {
+    throw new Error(`Fixture package metadata is ${metadata.author}/${metadata.name}, expected ${expectedPluginId}.`);
+  }
+  result.plugin_present_before = await hasPlugin(backendUrl, auth.token);
+
+  if (!result.plugin_present_before) {
+    const form = new FormData();
+    form.set("file", new Blob([bytes]), packagePath.split("/").pop());
+    const response = await fetch(`${backendUrl.replace(/\/$/, "")}/api/v1/plugins/install/local`, {
+      method: "POST",
+      headers: { Authorization: `Bearer ${auth.token}` },
+      body: form,
+    });
+    const json = await response.json().catch(() => ({}));
+    if (response.status >= 400 || json.code !== 0) {
+      throw new Error(json.msg || `Plugin install request failed with HTTP ${response.status}.`);
+    }
+    result.task_id = json.data?.task_id ?? null;
+    if (!result.task_id) throw new Error("Plugin install response did not include task_id.");
+    result.task = await waitForTask(backendUrl, auth.token, result.task_id);
+    if (!isTaskComplete(result.task)) {
+      throw new Error(`Plugin install task did not complete successfully: ${JSON.stringify(result.task)}`);
+    }
+  }
+
+  await sleep(1000);
+  result.plugin_present_after = await hasPlugin(backendUrl, auth.token);
+  if (!result.plugin_present_after) throw new Error(`${expectedPluginId} is not listed by /api/v1/plugins after install.`);
+  if (expectedTool) {
+    result.tool_names = await listToolNames(backendUrl, auth.token);
+    if (!result.tool_names.includes(expectedTool)) {
+      throw new Error(`${expectedTool} is not listed by /api/v1/tools after install.`);
+    }
+  }
+  if (expectedRunnerId) {
+    result.runner_ids = await listRunnerIds(backendUrl, auth.token);
+    if (!result.runner_ids.includes(expectedRunnerId)) {
+      throw new Error(`${expectedRunnerId} is not listed by /api/v1/pipelines/_/metadata after install.`);
+    }
+  }
+
+  result.status = "pass";
+  result.reason = `${expectedPluginId} is installed.`;
+} catch (error) {
+  result.status = "fail";
+  result.reason = error.message;
+} finally {
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : 1);
+
+async function hasPlugin(backendUrl, token) {
+  const response = await apiJson(backendUrl, "/api/v1/plugins", { token });
+  const plugins = response.json.data?.plugins || [];
+  return plugins.some((plugin) => {
+    const metadata = plugin.manifest?.manifest?.metadata || plugin.manifest?.metadata || plugin.metadata || {};
+    return `${metadata.author}/${metadata.name}` === expectedPluginId;
+  });
+}
+
+async function previewPackage(backendUrl, token, bytes, packagePath) {
+  const form = new FormData();
+  form.set("file", new Blob([bytes]), packagePath.split("/").pop());
+  const response = await fetch(`${backendUrl.replace(/\/$/, "")}/api/v1/plugins/install/local/preview`, {
+    method: "POST",
+    headers: { Authorization: `Bearer ${token}` },
+    body: form,
+  });
+  const json = await response.json().catch(() => ({}));
+  if (response.status >= 400 || json.code !== 0) {
+    throw new Error(json.msg || `Plugin package preview failed with HTTP ${response.status}.`);
+  }
+  return {
+    metadata: json.data?.metadata || {},
+    component_types: json.data?.component_types || [],
+    file_count: json.data?.file_count ?? null,
+  };
+}
+
+async function listToolNames(backendUrl, token) {
+  const response = await apiJson(backendUrl, "/api/v1/tools", { token });
+  return (response.json.data?.tools || [])
+    .map((tool) => tool.name || tool.tool_name || tool.function?.name || "")
+    .filter(Boolean)
+    .sort();
+}
+
+async function listRunnerIds(backendUrl, token) {
+  const response = await apiJson(backendUrl, "/api/v1/pipelines/_/metadata", { token });
+  const configs = response.json.data?.configs || [];
+  return configs
+    .flatMap((section) => section.stages || [])
+    .flatMap((stage) => stage.config || [])
+    .filter((item) => item.name === "id")
+    .flatMap((item) => item.options || [])
+    .map((option) => option.name || option.value || option.id || "")
+    .filter(Boolean)
+    .sort();
+}
+
+async function waitForTask(backendUrl, token, taskId) {
+  const deadline = Date.now() + Number(env.LANGBOT_PLUGIN_INSTALL_TIMEOUT_MS || 120000);
+  let last = null;
+  while (Date.now() < deadline) {
+    const response = await apiJson(backendUrl, `/api/v1/system/tasks/${encodeURIComponent(taskId)}`, { token });
+    last = response.json.data || response.json;
+    if (isTaskComplete(last) || isTaskFailed(last)) return last;
+    await sleep(1000);
+  }
+  return last;
+}
+
+function isTaskComplete(task) {
+  const status = String(task?.status || task?.state || "").toLowerCase();
+  const runtimeStatus = String(task?.runtime?.status || task?.runtime?.state || "").toLowerCase();
+  return ["done", "completed", "success", "succeeded", "finished"].includes(status)
+    || ["done", "completed", "success", "succeeded", "finished"].includes(runtimeStatus)
+    || task?.done === true
+    || task?.completed === true
+    || (task?.runtime?.done === true && !task?.runtime?.exception);
+}
+
+function isTaskFailed(task) {
+  const status = String(task?.status || task?.state || "").toLowerCase();
+  const runtimeStatus = String(task?.runtime?.status || task?.runtime?.state || "").toLowerCase();
+  return ["failed", "error", "cancelled", "canceled"].includes(status)
+    || ["failed", "error", "cancelled", "canceled"].includes(runtimeStatus)
+    || task?.failed === true
+    || Boolean(task?.error)
+    || Boolean(task?.runtime?.exception);
+}
+
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
@@ -0,0 +1,134 @@
+#!/usr/bin/env node
+
+import {
+  bodyText,
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  isLoginUrl,
+  localIsoWithOffset,
+  safeScreenshot,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = process.env.LBS_CASE_ID || "langrag-kb-retrieve";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const startedAt = new Date();
+const frontendUrl = process.env.LANGBOT_FRONTEND_URL || "";
+const backendUrl = process.env.LANGBOT_BACKEND_URL || "";
+const kbUuid = process.env.LANGBOT_LOCAL_AGENT_RAG_KB_UUID || process.env.LANGBOT_RAG_KB_UUID || "";
+const query = process.env.LANGBOT_E2E_RETRIEVE_QUERY || "What is the local agent runner retrieval sentinel?";
+const expectedText = process.env.LANGBOT_E2E_EXPECTED_TEXT || "azalea-cobalt-7421";
+
+let browser;
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  url: "",
+  kb_uuid: kbUuid,
+  query,
+  expected_text: expectedText,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "screenshot", "console", "network", "api_diagnostic"],
+};
+
+try {
+  if (!frontendUrl) throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+  if (!kbUuid) throw new Error("LANGBOT_LOCAL_AGENT_RAG_KB_UUID or LANGBOT_RAG_KB_UUID is required.");
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await page.goto(`${frontendUrl.replace(/\/$/, "")}/home/knowledge`, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+  result.url = page.url();
+
+  const text = await bodyText(page);
+  if (isLoginUrl(page.url()) || /登录|Login|Sign in/i.test(text)) {
+    result.status = "blocked";
+    result.reason = "Browser profile is not authenticated for LANGBOT_FRONTEND_URL.";
+  } else if (!/Knowledge|知识库|qa-local-agent-rag/i.test(text)) {
+    result.status = "fail";
+    result.reason = "Knowledge page opened, but no Knowledge UI signal or QA KB name was visible.";
+  } else {
+    const retrieve = await page.evaluate(async ({ backendUrl, kbUuid, query }) => {
+      const token = localStorage.getItem("token");
+      if (!token) {
+        return { status: "blocked", authenticated: false, reason: "Browser profile has no localStorage token." };
+      }
+      const response = await fetch(`${backendUrl}/api/v1/knowledge/bases/${encodeURIComponent(kbUuid)}/retrieve`, {
+        method: "POST",
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({ query }),
+      });
+      const json = await response.json().catch(() => ({}));
+      return {
+        status: response.status >= 400 ? "fail" : "ready",
+        authenticated: true,
+        http_status: response.status,
+        code: json.code ?? null,
+        msg: json.msg || "",
+        results: json.data?.results || [],
+      };
+    }, { backendUrl, kbUuid, query });
+
+    result.retrieve = {
+      ...retrieve,
+      results: Array.isArray(retrieve.results)
+        ? retrieve.results.map((item) => ({
+            score: item.score ?? item.distance ?? null,
+            text: String(item.text || item.content || "").slice(0, 500),
+            metadata: item.metadata || {},
+          }))
+        : [],
+    };
+
+    const resultText = JSON.stringify(result.retrieve.results || []);
+    if (retrieve.status === "blocked") {
+      result.status = "blocked";
+      result.reason = retrieve.reason || "Retrieve API blocked.";
+    } else if (retrieve.status === "fail") {
+      result.status = "fail";
+      result.reason = retrieve.msg || "Retrieve API failed.";
+    } else if (!resultText.includes(expectedText)) {
+      result.status = "fail";
+      result.reason = `Retrieve results did not contain expected text: ${expectedText}`;
+    } else {
+      result.status = "pass";
+      result.reason = `Knowledge retrieve returned expected sentinel: ${expectedText}`;
+    }
+  }
+
+  await safeScreenshot(page, paths.screenshot);
+} catch (error) {
+  result.status = /Playwright is not installed|not configured|required/.test(error.message) ? "env_issue" : "fail";
+  result.reason = error.message;
+} finally {
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,416 @@
+import {
+  bodyText,
+  clickFirstVisible,
+  countOccurrences,
+  gotoFrontend,
+  isLoginUrl,
+} from "./langbot-e2e.mjs";
+
+export const DEBUG_CHAT_FAILURE_SIGNALS = [
+  "Agent runner temporarily unavailable",
+  "All models failed during streaming setup",
+  "调用超时",
+  "超时",
+];
+
+export function minExpectedOccurrences(beforeText, expectedText, prompt) {
+  const beforeCount = countOccurrences(beforeText, expectedText);
+  return beforeCount + (String(prompt).includes(expectedText) ? 2 : 1);
+}
+
+export function latestExpectedLeafMatches(latestExpectedLeaf, prompt) {
+  return Boolean(latestExpectedLeaf)
+    && latestExpectedLeaf !== prompt
+    && !String(latestExpectedLeaf).includes(prompt);
+}
+
+export function findNewFailureSignal(beforeText, afterText, failureSignals = DEBUG_CHAT_FAILURE_SIGNALS) {
+  return failureSignals.find((signal) => countOccurrences(afterText, signal) > countOccurrences(beforeText, signal)) || "";
+}
+
+function findFailureSignalInText(text, failureSignals = DEBUG_CHAT_FAILURE_SIGNALS) {
+  return failureSignals.find((signal) => String(text || "").includes(signal)) || "";
+}
+
+function countExpectedInMessages(messages, expectedText) {
+  return messages
+    .filter((message) => message.role === "assistant")
+    .reduce((count, message) => count + countOccurrences(message.text, expectedText), 0);
+}
+
+function debugChatInput(page) {
+  return page
+    .locator('input[placeholder*="message"], input[placeholder*="消息"], textarea[placeholder*="message"], textarea[placeholder*="消息"]')
+    .last();
+}
+
+async function clickDebugChatTab(page) {
+  const tabByRole = page.getByRole("tab", { name: /Debug Chat|调试聊天|调试对话|Debug|调试/i }).first();
+  if (await tabByRole.isVisible({ timeout: 3_000 }).catch(() => false)) {
+    await tabByRole.click();
+    return true;
+  }
+
+  const tabBySelector = page.locator('[role="tab"]').filter({ hasText: /Debug Chat|调试聊天|调试对话|Debug|调试/i }).first();
+  if (await tabBySelector.isVisible({ timeout: 2_000 }).catch(() => false)) {
+    await tabBySelector.click();
+    return true;
+  }
+
+  return Boolean(await clickFirstVisible(page, ["Debug Chat", "调试聊天", "调试对话"], 2_000));
+}
+
+async function waitForDebugChatReady(page, timeout = 20_000) {
+  const input = debugChatInput(page);
+  const visible = await input.isVisible({ timeout }).catch(() => false);
+  if (!visible) {
+    return {
+      ready: false,
+      reason: "Debug Chat tab was clicked, but the Debug Chat input did not become visible.",
+    };
+  }
+
+  const enabled = await input.isEnabled({ timeout }).catch(() => false);
+  if (!enabled) {
+    return {
+      ready: false,
+      reason: "Debug Chat input is visible but disabled; WebSocket may not be connected.",
+    };
+  }
+
+  return { ready: true, reason: "" };
+}
+
+export function classifyDebugChatResult({
+  beforeText,
+  afterText,
+  expectedText,
+  prompt,
+  latestExpectedLeaf,
+  latestFailureLeaf,
+  beforeMessages = null,
+  afterMessages = null,
+  latestAssistantText = "",
+  failureSignals = DEBUG_CHAT_FAILURE_SIGNALS,
+}) {
+  const minExpectedCount = minExpectedOccurrences(beforeText, expectedText, prompt);
+  const finalCount = countOccurrences(afterText, expectedText);
+  const failureText = findNewFailureSignal(beforeText, afterText, failureSignals);
+  const promptContainsExpected = String(prompt).includes(expectedText);
+  const hasMessageEvidence = Array.isArray(beforeMessages) && Array.isArray(afterMessages);
+  const beforeAssistantExpectedCount = hasMessageEvidence
+    ? countExpectedInMessages(beforeMessages, expectedText)
+    : null;
+  const afterAssistantExpectedCount = hasMessageEvidence
+    ? countExpectedInMessages(afterMessages, expectedText)
+    : null;
+  const assistantExpectedIncreased = hasMessageEvidence
+    ? afterAssistantExpectedCount > beforeAssistantExpectedCount
+    : false;
+
+  if (hasMessageEvidence) {
+    const latestAssistantFailure = findFailureSignalInText(latestAssistantText, failureSignals);
+    if (latestAssistantFailure) {
+      return {
+        status: "fail",
+        reason: `Debug Chat displayed a known failure signal in the latest assistant message: ${latestAssistantFailure}`,
+        min_expected_count: minExpectedCount,
+        final_count: finalCount,
+        failure_signal: latestAssistantFailure,
+        before_assistant_expected_count: beforeAssistantExpectedCount,
+        after_assistant_expected_count: afterAssistantExpectedCount,
+      };
+    }
+    if (assistantExpectedIncreased && String(latestAssistantText).includes(expectedText)) {
+      return {
+        status: "pass",
+        reason: `Expected text appeared in a new assistant message: ${expectedText}`,
+        min_expected_count: minExpectedCount,
+        final_count: finalCount,
+        before_assistant_expected_count: beforeAssistantExpectedCount,
+        after_assistant_expected_count: afterAssistantExpectedCount,
+      };
+    }
+    if (failureText) {
+      return {
+        status: "fail",
+        reason: `Debug Chat displayed a known failure signal: ${failureText}`,
+        min_expected_count: minExpectedCount,
+        final_count: finalCount,
+        failure_signal: failureText,
+        before_assistant_expected_count: beforeAssistantExpectedCount,
+        after_assistant_expected_count: afterAssistantExpectedCount,
+      };
+    }
+    return {
+      status: "fail",
+      reason: `Expected text did not appear in a new assistant message. Expected assistant occurrences to increase above ${beforeAssistantExpectedCount}, saw ${afterAssistantExpectedCount}.`,
+      min_expected_count: minExpectedCount,
+      final_count: finalCount,
+      before_assistant_expected_count: beforeAssistantExpectedCount,
+      after_assistant_expected_count: afterAssistantExpectedCount,
+    };
+  }
+  if (failureText) {
+    return {
+      status: "fail",
+      reason: `Debug Chat displayed a known failure signal: ${failureText}`,
+      min_expected_count: minExpectedCount,
+      final_count: finalCount,
+      failure_signal: failureText,
+      before_assistant_expected_count: beforeAssistantExpectedCount,
+      after_assistant_expected_count: afterAssistantExpectedCount,
+    };
+  }
+  if (latestExpectedLeafMatches(latestExpectedLeaf, prompt) && finalCount >= minExpectedCount) {
+    return {
+      status: "pass",
+      reason: `Expected text appeared in the latest visible response leaf: ${expectedText}`,
+      min_expected_count: minExpectedCount,
+      final_count: finalCount,
+    };
+  }
+  if (!promptContainsExpected && finalCount >= minExpectedCount) {
+    return {
+      status: "pass",
+      reason: `Expected text appeared enough times for user prompt plus bot response: ${expectedText}`,
+      min_expected_count: minExpectedCount,
+      final_count: finalCount,
+    };
+  }
+  return {
+    status: "fail",
+    reason: `Bot response did not appear. Expected ${minExpectedCount} occurrences of ${expectedText}, saw ${finalCount}.`,
+    min_expected_count: minExpectedCount,
+    final_count: finalCount,
+  };
+}
+
+export async function openPipelineDebugChat(page, { pipelineUrl, pipelineName, envHint = "LANGBOT_PIPELINE_URL or LANGBOT_PIPELINE_NAME" }) {
+  if (pipelineUrl) {
+    await page.goto(pipelineUrl, { waitUntil: "domcontentloaded" });
+    await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+  } else {
+    if (!pipelineName) {
+      return {
+        opened: false,
+        status: "blocked",
+        reason: `Set ${envHint} before running pipeline-debug-chat automation.`,
+      };
+    }
+    await gotoFrontend(page);
+    if (isLoginUrl(page.url())) {
+      return {
+        opened: false,
+        status: "blocked",
+        reason: "Browser profile is not authenticated for LANGBOT_FRONTEND_URL.",
+      };
+    }
+    const clickedPipelines = await clickFirstVisible(page, ["Pipelines", "流水线"], 4_000);
+    if (!clickedPipelines) {
+      return { opened: false, status: "fail", reason: "Could not find Pipelines navigation." };
+    }
+    await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+    const clickedPipeline = await clickFirstVisible(page, [pipelineName], 5_000);
+    if (!clickedPipeline) {
+      return { opened: false, status: "blocked", reason: `Could not find pipeline named ${pipelineName}.` };
+    }
+  }
+
+  if (isLoginUrl(page.url())) {
+    return {
+      opened: false,
+      status: "blocked",
+      reason: "Browser profile is not authenticated for LANGBOT_FRONTEND_URL.",
+    };
+  }
+
+  const clickedDebug = await clickDebugChatTab(page);
+  if (!clickedDebug) {
+    return { opened: false, status: "fail", reason: "Could not find the Debug Chat tab." };
+  }
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+  const ready = await waitForDebugChatReady(page);
+  if (!ready.ready) {
+    return { opened: false, status: "fail", reason: ready.reason };
+  }
+  return { opened: true };
+}
+
+export async function latestVisibleLeafText(page, needles) {
+  return await page.evaluate((items) => {
+    const isVisible = (element) => {
+      const style = window.getComputedStyle(element);
+      const rect = element.getBoundingClientRect();
+      return style.visibility !== "hidden"
+        && style.display !== "none"
+        && rect.width > 0
+        && rect.height > 0;
+    };
+    const leaves = [];
+    for (const element of document.body.querySelectorAll("*")) {
+      if (!isVisible(element)) continue;
+      const text = element.innerText?.trim();
+      if (!text || text.length > 4000) continue;
+      const visibleChildHasText = Array.from(element.children).some((child) => (
+        isVisible(child) && child.innerText?.trim()
+      ));
+      if (visibleChildHasText) continue;
+      if (!items.some((needle) => text.includes(needle))) continue;
+      leaves.push(text);
+    }
+    return leaves.at(-1) || "";
+  }, needles);
+}
+
+export async function visibleDebugChatMessages(page) {
+  return await page.evaluate(() => {
+    const isVisible = (element) => {
+      const style = window.getComputedStyle(element);
+      const rect = element.getBoundingClientRect();
+      return style.visibility !== "hidden"
+        && style.display !== "none"
+        && rect.width > 0
+        && rect.height > 0;
+    };
+    const classText = (element) => String(element.getAttribute("class") || "");
+    return Array.from(document.querySelectorAll("div.max-w-3xl"))
+      .filter((element) => isVisible(element))
+      .map((element) => {
+        const row = element.parentElement;
+        const text = element.innerText?.trim() || "";
+        const isUser = classText(element).includes("user-message-bubble")
+          || classText(row).includes("justify-end");
+        return {
+          role: isUser ? "user" : "assistant",
+          text,
+        };
+      })
+      .filter((message) => message.text);
+  });
+}
+
+export async function waitForExpectedDebugChatText(page, { expectedText, minExpectedCount, timeoutMs }) {
+  await page.waitForFunction(
+    ({ expected, min }) => {
+      return document.body.innerText.split(expected).length - 1 >= min;
+    },
+    { expected: expectedText, min: minExpectedCount },
+    { timeout: timeoutMs },
+  ).catch(() => {});
+}
+
+export async function waitForDebugChatTextStable(page, { timeoutMs = 5_000, quietMs = 750 } = {}) {
+  const startedAt = Date.now();
+  let lastText = await bodyText(page);
+  let stableSince = Date.now();
+  while (Date.now() - startedAt < timeoutMs) {
+    await page.waitForTimeout(250);
+    const currentText = await bodyText(page);
+    if (currentText !== lastText) {
+      lastText = currentText;
+      stableSince = Date.now();
+      continue;
+    }
+    if (Date.now() - stableSince >= quietMs) return;
+  }
+}
+
+export async function attachDebugChatImage(page, imagePath) {
+  if (!imagePath) return { status: "not_required", reason: "" };
+  const input = page.locator('input[type="file"][accept*="image"], input[type="file"]').first();
+  if (!await input.count()) {
+    return { status: "fail", reason: "Could not find a Debug Chat image upload input." };
+  }
+  await input.setInputFiles(imagePath);
+  await page.locator("img").last().waitFor({ state: "visible", timeout: 10_000 }).catch(() => {});
+  return { status: "ready", reason: `Attached image fixture: ${imagePath}` };
+}
+
+export async function sendDebugChatPrompt(page, prompt, imagePath = "") {
+  const imageResult = await attachDebugChatImage(page, imagePath);
+  if (imageResult.status === "fail") return imageResult;
+
+  const input = debugChatInput(page);
+  const inputVisible = await input.isVisible({ timeout: 5_000 }).catch(() => false);
+  const inputEnabled = inputVisible && await input.isEnabled({ timeout: 10_000 }).catch(() => false);
+  if (!inputVisible || !inputEnabled) return false;
+  await input.fill(prompt).catch(async () => {
+    await input.click();
+    await input.pressSequentially(prompt);
+  });
+  const clickedSend = await clickFirstVisible(page, ["Send", "发送", "提交"], 1_500);
+  if (!clickedSend) await page.keyboard.press("Enter");
+  await page.getByText(prompt, { exact: false }).last().waitFor({ state: "visible", timeout: 10_000 }).catch(() => {});
+  return true;
+}
+
+export async function runDebugChatPrompt(page, { prompt, expectedText, responseTimeoutMs, imagePath = "", failureSignals = DEBUG_CHAT_FAILURE_SIGNALS }) {
+  const beforeText = await bodyText(page);
+  const beforeMessages = await visibleDebugChatMessages(page);
+  const minExpectedCount = minExpectedOccurrences(beforeText, expectedText, prompt);
+  const sent = await sendDebugChatPrompt(page, prompt, imagePath);
+  if (sent !== true) {
+    if (sent && typeof sent === "object" && typeof sent.reason === "string") return sent;
+    return { status: "fail", reason: "Could not find a Debug Chat text input." };
+  }
+
+  await waitForExpectedDebugChatText(page, {
+    expectedText,
+    minExpectedCount,
+    prompt,
+    timeoutMs: responseTimeoutMs,
+  });
+  await waitForDebugChatTextStable(page);
+
+  const afterText = await bodyText(page);
+  const afterMessages = await visibleDebugChatMessages(page);
+  const latestAssistantText = afterMessages.filter((message) => message.role === "assistant").at(-1)?.text || "";
+  const latestExpectedLeaf = await latestVisibleLeafText(page, [expectedText]);
+  const failureText = findNewFailureSignal(beforeText, afterText, failureSignals);
+  const latestFailureLeaf = failureText ? await latestVisibleLeafText(page, [failureText]) : "";
+
+  return classifyDebugChatResult({
+    beforeText,
+    afterText,
+    expectedText,
+    prompt,
+    latestExpectedLeaf,
+    latestFailureLeaf,
+    beforeMessages,
+    afterMessages,
+    latestAssistantText,
+    failureSignals,
+  });
+}
+
+export async function setDebugChatStreamOutput(page, desired) {
+  if (desired === null || desired === undefined) return { status: "not_required", reason: "" };
+
+  const streamSwitch = page.locator('[role="switch"]').first();
+  if (!await streamSwitch.isVisible({ timeout: 5_000 }).catch(() => false)) {
+    return { status: "blocked", reason: "Debug Chat stream switch was not visible." };
+  }
+  if (!await streamSwitch.isEnabled({ timeout: 10_000 }).catch(() => false)) {
+    return { status: "blocked", reason: "Debug Chat stream switch was visible but disabled." };
+  }
+
+  const checked = (await streamSwitch.getAttribute("aria-checked").catch(() => null)) === "true";
+  if (checked !== desired) {
+    await streamSwitch.click();
+    await page.waitForFunction(
+      ({ selector, expected }) => document.querySelector(selector)?.getAttribute("aria-checked") === String(expected),
+      { selector: '[role="switch"]', expected: desired },
+      { timeout: 5_000 },
+    ).catch(() => {});
+  }
+
+  const finalChecked = (await streamSwitch.getAttribute("aria-checked").catch(() => null)) === "true";
+  if (finalChecked !== desired) {
+    return {
+      status: "fail",
+      reason: `Debug Chat stream switch did not reach requested state: ${desired ? "on" : "off"}.`,
+    };
+  }
+  return { status: "ready", reason: `Debug Chat stream switch is ${desired ? "on" : "off"}.` };
+}
@@ -0,0 +1,341 @@
+import { appendFile, mkdir, readFile, stat, writeFile } from "node:fs/promises";
+import { join, resolve } from "node:path";
+import { env } from "node:process";
+
+const secretRe = /(?:authorization|bearer|token|secret|password|api[_-]?key|jwt|oauth)\s*[:=]\s*["']?[^"',\s]+/gi;
+
+export function redact(text) {
+  return String(text ?? "")
+    .replace(secretRe, (match) => match.replace(/[:=]\s*["']?.*$/, "=[redacted]"))
+    .replace(/\bbearer\s+[A-Za-z0-9._~+/=-]{8,}/gi, "Bearer [redacted]")
+    .replace(/\bsk-[A-Za-z0-9_-]{6,}\b/g, "[redacted]");
+}
+
+export function timestampSlug(date = new Date()) {
+  return date.toISOString().replace(/\.\d{3}Z$/, "Z").replace(/[^0-9A-Za-z]+/g, "-").replace(/^-|-$/g, "");
+}
+
+export function localIsoWithOffset(date = new Date()) {
+  const offsetMinutes = -date.getTimezoneOffset();
+  const sign = offsetMinutes >= 0 ? "+" : "-";
+  const absolute = Math.abs(offsetMinutes);
+  const pad = (value) => String(value).padStart(2, "0");
+  const yyyy = date.getFullYear();
+  const mm = pad(date.getMonth() + 1);
+  const dd = pad(date.getDate());
+  const hh = pad(date.getHours());
+  const mi = pad(date.getMinutes());
+  const ss = pad(date.getSeconds());
+  const ms = String(date.getMilliseconds()).padStart(3, "0");
+  return `${yyyy}-${mm}-${dd}T${hh}:${mi}:${ss}.${ms}${sign}${pad(Math.floor(absolute / 60))}:${pad(absolute % 60)}`;
+}
+
+export function evidencePaths(caseId) {
+  const runId = env.LBS_RUN_ID || `${timestampSlug()}-${caseId}`;
+  const evidenceDir = resolve(env.LBS_EVIDENCE_DIR || join("reports", "evidence", runId));
+  return {
+    runId,
+    evidenceDir,
+    consoleLog: join(evidenceDir, "console.log"),
+    networkLog: join(evidenceDir, "network.log"),
+    screenshot: join(evidenceDir, "screenshot.png"),
+    automationResultJson: join(evidenceDir, "automation-result.json"),
+    resultJson: join(evidenceDir, "result.json"),
+  };
+}
+
+export async function ensureEvidence(paths) {
+  await mkdir(paths.evidenceDir, { recursive: true });
+  await appendFile(paths.consoleLog, "", "utf8");
+  await appendFile(paths.networkLog, "", "utf8");
+}
+
+export async function pathExists(path) {
+  try {
+    await stat(path);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+export async function appendLine(path, line) {
+  await appendFile(path, `[${localIsoWithOffset()}] ${redact(line)}\n`, "utf8");
+}
+
+export async function writeResult(paths, result) {
+  const text = `${JSON.stringify(result, null, 2)}\n`;
+  if (paths.automationResultJson) await writeFile(paths.automationResultJson, text, "utf8");
+  if (paths.resultJson && paths.resultJson !== paths.automationResultJson) {
+    await writeFile(paths.resultJson, text, "utf8");
+  }
+}
+
+export async function loadEnvFiles(paths = ["skills/.env", "skills/.env.local"]) {
+  for (const path of paths) {
+    let text = "";
+    try {
+      text = await readFile(path, "utf8");
+    } catch {
+      continue;
+    }
+    for (const line of text.split(/\r?\n/)) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith("#")) continue;
+      const equals = trimmed.indexOf("=");
+      if (equals <= 0) continue;
+      const key = trimmed.slice(0, equals).trim();
+      const value = trimmed.slice(equals + 1).trim().replace(/^["']|["']$/g, "");
+      if (!(key in env)) env[key] = value;
+    }
+  }
+}
+
+export async function readRecoveryKey(repo = env.LANGBOT_REPO || "../LangBot") {
+  const configPath = resolve(repo, "data/config.yaml");
+  const config = await readFile(configPath, "utf8");
+  const match = config.match(/^\s*recovery_key:\s*['"]?([^'"\s#]+)['"]?\s*$/m);
+  return match?.[1] || "";
+}
+
+export async function apiJson(backendUrl, path, { method = "GET", token = "", body } = {}) {
+  const headers = { "Content-Type": "application/json" };
+  if (token) headers.Authorization = `Bearer ${token}`;
+  const response = await fetch(`${backendUrl.replace(/\/$/, "")}${path}`, {
+    method,
+    headers,
+    body: body === undefined ? undefined : JSON.stringify(body),
+  });
+  return {
+    status: response.status,
+    json: await response.json().catch(() => ({})),
+  };
+}
+
+export async function checkBackendToken(backendUrl, token) {
+  if (!token) {
+    return { authenticated: false, http_status: 0, code: null, reason: "No token." };
+  }
+  const response = await apiJson(backendUrl, "/api/v1/user/check-token", { token });
+  const code = response.json.code ?? null;
+  const authenticated = response.status < 400 && code === 0;
+  return {
+    authenticated,
+    http_status: response.status,
+    code,
+    reason: authenticated ? "Token accepted by backend." : response.json.msg || "Backend rejected token.",
+  };
+}
+
+export async function resetAndAuthLocalUser({ backendUrl, user, password, recoveryKey = "" }) {
+  const key = recoveryKey || await readRecoveryKey();
+  if (!key) throw new Error("Could not read recovery_key from LangBot config.");
+
+  const reset = await apiJson(backendUrl, "/api/v1/user/reset-password", {
+    method: "POST",
+    body: {
+      user,
+      recovery_key: key,
+      new_password: password,
+    },
+  });
+  if (reset.status >= 400 || reset.json.code !== 0) {
+    throw new Error(reset.json.msg || `Password reset failed with HTTP ${reset.status}.`);
+  }
+
+  const auth = await apiJson(backendUrl, "/api/v1/user/auth", {
+    method: "POST",
+    body: { user, password },
+  });
+  const token = auth.json.data?.token || "";
+  if (auth.status >= 400 || auth.json.code !== 0 || !token) {
+    throw new Error(auth.json.msg || `Auth failed with HTTP ${auth.status}.`);
+  }
+
+  const check = await checkBackendToken(backendUrl, token);
+  if (!check.authenticated) {
+    throw new Error(check.reason || "Authenticated token failed backend token check.");
+  }
+
+  return { token, check };
+}
+
+export async function setBrowserToken(page, frontendUrl, token) {
+  await page.addInitScript((value) => {
+    localStorage.setItem("token", value);
+  }, token);
+  await page.goto(frontendUrl, { waitUntil: "domcontentloaded" });
+  await page.evaluate((value) => localStorage.setItem("token", value), token);
+}
+
+export async function verifyBrowserToken(page, backendUrl) {
+  return await page.evaluate(async (baseUrl) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return { authenticated: false, http_status: 0, code: null, reason: "No localStorage token." };
+    }
+    try {
+      const response = await fetch(`${baseUrl.replace(/\/$/, "")}/api/v1/user/check-token`, {
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "Content-Type": "application/json",
+        },
+      });
+      const json = await response.json().catch(() => ({}));
+      const code = json.code ?? null;
+      const authenticated = response.status < 400 && code === 0;
+      return {
+        authenticated,
+        http_status: response.status,
+        code,
+        reason: authenticated ? "Token accepted by backend." : json.msg || "Backend rejected token.",
+      };
+    } catch (error) {
+      return {
+        authenticated: false,
+        http_status: 0,
+        code: null,
+        reason: error.message,
+      };
+    }
+  }, backendUrl);
+}
+
+export function exitCode(status) {
+  if (status === "pass") return 0;
+  if (status === "blocked" || status === "env_issue") return 2;
+  return 1;
+}
+
+export async function loadPlaywright() {
+  try {
+    return await import("playwright");
+  } catch {
+    throw new Error(
+      "Playwright is not installed. Install it in this repo with `npm install --save-dev playwright`, then run `npx playwright install chromium`.",
+    );
+  }
+}
+
+export async function createBrowser(paths) {
+  const { chromium } = await loadPlaywright();
+  const headed = env.LBS_HEADED === "1";
+  const launchOptions = {
+    headless: !headed,
+  };
+  if (env.LANGBOT_CHROMIUM_EXECUTABLE && await pathExists(env.LANGBOT_CHROMIUM_EXECUTABLE)) {
+    launchOptions.executablePath = env.LANGBOT_CHROMIUM_EXECUTABLE;
+  }
+
+  let browser;
+  let context;
+  if (env.LANGBOT_BROWSER_PROFILE) {
+    context = await chromium.launchPersistentContext(resolve(env.LANGBOT_BROWSER_PROFILE), {
+      ...launchOptions,
+      viewport: { width: 1440, height: 960 },
+    });
+  } else {
+    browser = await chromium.launch(launchOptions);
+    context = await browser.newContext({ viewport: { width: 1440, height: 960 } });
+  }
+  const page = context.pages()[0] || await context.newPage();
+
+  page.on("console", (message) => {
+    appendLine(paths.consoleLog, `[${message.type()}] ${message.text()}`).catch(() => {});
+  });
+  page.on("pageerror", (error) => {
+    appendLine(paths.consoleLog, `[pageerror] ${error.message}`).catch(() => {});
+  });
+  page.on("requestfailed", (request) => {
+    appendLine(paths.networkLog, `[requestfailed] ${request.method()} ${request.url()} ${request.failure()?.errorText ?? ""}`).catch(() => {});
+  });
+  page.on("response", (response) => {
+    if (response.status() < 400) return;
+    appendLine(paths.networkLog, `[response] ${response.status()} ${response.url()}`).catch(() => {});
+  });
+
+  return {
+    page,
+    context,
+    async close() {
+      await context.close();
+      if (browser) await browser.close();
+    },
+  };
+}
+
+export async function safeScreenshot(page, path) {
+  try {
+    await page.screenshot({ path, fullPage: true });
+  } catch {
+    // Screenshot evidence is useful, but a screenshot failure should not hide the real test result.
+  }
+}
+
+export async function gotoFrontend(page) {
+  const frontendUrl = env.LANGBOT_FRONTEND_URL;
+  if (!frontendUrl) {
+    throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  }
+  await page.goto(frontendUrl, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+}
+
+export function isLoginUrl(url) {
+  return /\/login(?:[/?#]|$)/.test(url);
+}
+
+export async function bodyText(page) {
+  return await page.locator("body").innerText({ timeout: 5_000 }).catch(() => "");
+}
+
+export function countOccurrences(haystack, needle) {
+  if (!needle) return 0;
+  return String(haystack).split(needle).length - 1;
+}
+
+export async function clickFirstVisible(page, labels, timeout = 2_000) {
+  for (const label of labels) {
+    const roleButton = page.getByRole("button", { name: label }).first();
+    if (await roleButton.isVisible({ timeout }).catch(() => false)) {
+      await roleButton.click();
+      return label;
+    }
+
+    const roleLink = page.getByRole("link", { name: label }).first();
+    if (await roleLink.isVisible({ timeout }).catch(() => false)) {
+      await roleLink.click();
+      return label;
+    }
+
+    const text = page.getByText(label, { exact: false }).first();
+    if (await text.isVisible({ timeout }).catch(() => false)) {
+      await text.click();
+      return label;
+    }
+  }
+  return null;
+}
+
+export async function fillFirstTextInput(page, value) {
+  const candidates = [
+    page.getByRole("textbox").last(),
+    page.locator("textarea").last(),
+    page.locator("[contenteditable=true]").last(),
+    page.locator("input[type=text]").last(),
+  ];
+
+  for (const locator of candidates) {
+    if (!await locator.isVisible({ timeout: 2_000 }).catch(() => false)) continue;
+    await locator.fill(value).catch(async () => {
+      await locator.click();
+      await locator.pressSequentially(value);
+    });
+    return true;
+  }
+  return false;
+}
+
+export async function waitForVisibleText(page, text, timeout = 20_000) {
+  await page.getByText(text, { exact: false }).last().waitFor({ state: "visible", timeout });
+}
@@ -0,0 +1,565 @@
+#!/usr/bin/env node
+
+import { writeFile } from "node:fs/promises";
+import { env } from "node:process";
+import {
+  DEBUG_CHAT_FAILURE_SIGNALS,
+  openPipelineDebugChat,
+  setDebugChatStreamOutput,
+  visibleDebugChatMessages,
+  waitForDebugChatTextStable,
+} from "./lib/debug-chat.mjs";
+import {
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  localIsoWithOffset,
+  loadEnvFiles,
+  pathExists,
+  safeScreenshot,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+await loadEnvFiles();
+
+const caseId = env.LBS_CASE_ID || "local-agent-steering-debug-chat";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const backendUrl = (env.LANGBOT_BACKEND_URL || "").replace(/\/$/, "");
+const pipelineUrl = env.LANGBOT_E2E_PIPELINE_URL || env.LANGBOT_LOCAL_AGENT_PIPELINE_URL || env.LANGBOT_PIPELINE_URL || "";
+const pipelineName = env.LANGBOT_E2E_PIPELINE_NAME || env.LANGBOT_LOCAL_AGENT_PIPELINE_NAME || env.LANGBOT_PIPELINE_NAME || "";
+const expectedRunnerId = env.LANGBOT_E2E_EXPECTED_RUNNER_ID || "plugin:langbot/local-agent/default";
+const expectedText = env.LANGBOT_E2E_EXPECTED_TEXT || "qa_steering_sentinel_6194";
+const responseTimeoutMs = positiveInt(env.LANGBOT_E2E_RESPONSE_TIMEOUT_MS, 240000);
+const followupDelayMs = 1000;
+const followupEnabledTimeoutMs = 1500;
+const firstPrompt = env.LANGBOT_E2E_PROMPT || [
+  "You are running the LangBot steering E2E test.",
+  "First call the qa_plugin_sleep tool with seconds=8 and text=steering-e2e-anchor.",
+  "Do not answer before the tool result is available.",
+  "After the tool returns, answer the latest user follow-up.",
+  "If no follow-up was injected, reply only STEERING_NO_FOLLOWUP.",
+].join(" ");
+const followupPrompt = [
+  "This is a steering follow-up sent while the first tool call is still active.",
+  `Return only ${expectedText}.`,
+].join(" ");
+
+const pipelineConfigDiagnosticPath = `${paths.evidenceDir}/pipeline-config-diagnostic.json`;
+const debugChatResetDiagnosticPath = `${paths.evidenceDir}/debug-chat-reset-diagnostic.json`;
+const toolDiagnosticPath = `${paths.evidenceDir}/tool-diagnostic.json`;
+
+let browser;
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  status: "fail",
+  reason: "",
+  started_at: new Date().toISOString(),
+  started_at_local: localIsoWithOffset(new Date()),
+  url: "",
+  backend_url: backendUrl,
+  pipeline_url: pipelineUrl,
+  pipeline_name: pipelineName,
+  expected_runner_id: expectedRunnerId,
+  first_prompt: firstPrompt,
+  followup_prompt: followupPrompt,
+  expected_text: expectedText,
+  followup_delay_ms: followupDelayMs,
+  followup_enabled_timeout_ms: followupEnabledTimeoutMs,
+  response_timeout_ms: responseTimeoutMs,
+  pipeline_config: null,
+  debug_chat_reset: null,
+  tool_diagnostic: null,
+  steering: null,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "console", "network", "screenshot"],
+};
+
+try {
+  if (!backendUrl) {
+    result.status = "env_issue";
+    result.reason = "LANGBOT_BACKEND_URL is required.";
+    throw new Error(result.reason);
+  }
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+
+  const openResult = await openPipelineDebugChat(page, {
+    pipelineUrl,
+    pipelineName,
+    envHint: "case-specific pipeline env mapped to LANGBOT_E2E_PIPELINE_URL or LANGBOT_E2E_PIPELINE_NAME",
+  });
+  result.url = page.url();
+  if (!openResult.opened) {
+    result.status = openResult.status;
+    result.reason = openResult.reason;
+  } else {
+    const pipelineDiagnostic = await inspectPipeline(page, {
+      backendUrl,
+      pipelineUrl,
+      pipelineName,
+      expectedRunnerId,
+    });
+    await writeFile(pipelineConfigDiagnosticPath, `${JSON.stringify(pipelineDiagnostic, null, 2)}\n`, "utf8");
+    result.evidence.pipeline_config_diagnostic_json = pipelineConfigDiagnosticPath;
+    result.pipeline_config = pipelineDiagnostic;
+    if (!result.evidence_collected.includes("api_diagnostic")) result.evidence_collected.push("api_diagnostic");
+
+    const toolDiagnostic = await inspectToolNames(page, { backendUrl });
+    await writeFile(toolDiagnosticPath, `${JSON.stringify(toolDiagnostic, null, 2)}\n`, "utf8");
+    result.evidence.tool_diagnostic_json = toolDiagnosticPath;
+    result.tool_diagnostic = toolDiagnostic;
+
+    if (pipelineDiagnostic.status === "fail" || pipelineDiagnostic.status === "blocked") {
+      result.status = pipelineDiagnostic.status;
+      result.reason = pipelineDiagnostic.reason || "Pipeline diagnostic failed.";
+    } else if (toolDiagnostic.status === "fail" || toolDiagnostic.status === "blocked") {
+      result.status = toolDiagnostic.status;
+      result.reason = toolDiagnostic.reason || "Tool diagnostic failed.";
+    } else if (!toolDiagnostic.tool_names.includes("qa_plugin_sleep")) {
+      result.status = "blocked";
+      result.reason = "qa_plugin_sleep is not exposed by /api/v1/tools; rebuild/reinstall qa-plugin-smoke before running steering E2E.";
+    } else {
+      const resetDiagnostic = await resetPipelineDebugChat(page, {
+        backendUrl,
+        pipelineId: pipelineDiagnostic.pipeline_id,
+        sessionType: "person",
+      });
+      await writeFile(debugChatResetDiagnosticPath, `${JSON.stringify(resetDiagnostic, null, 2)}\n`, "utf8");
+      result.evidence.debug_chat_reset_diagnostic_json = debugChatResetDiagnosticPath;
+      result.debug_chat_reset = resetDiagnostic;
+
+      if (resetDiagnostic.status === "fail" || resetDiagnostic.status === "blocked") {
+        result.status = resetDiagnostic.status;
+        result.reason = resetDiagnostic.reason || "Debug Chat reset failed.";
+      } else {
+        await page.waitForTimeout(1000);
+        const reopenResult = await openPipelineDebugChat(page, {
+          pipelineUrl,
+          pipelineName,
+          envHint: "case-specific pipeline env mapped to LANGBOT_E2E_PIPELINE_URL or LANGBOT_E2E_PIPELINE_NAME",
+        });
+        result.url = page.url();
+        if (!reopenResult.opened) {
+          result.status = reopenResult.status;
+          result.reason = reopenResult.reason;
+        } else {
+          const streamResult = await setDebugChatStreamOutput(page, true);
+          if (streamResult.status === "blocked" || streamResult.status === "fail") {
+            result.status = streamResult.status;
+            result.reason = streamResult.reason;
+          } else {
+            result.steering = await runSteeringProbe(page);
+            result.status = result.steering.status;
+            result.reason = result.steering.reason;
+          }
+        }
+      }
+    }
+  }
+} catch (error) {
+  if (!["env_issue", "blocked", "fail", "pass"].includes(result.status) || !result.reason) {
+    result.status = /Playwright is not installed|LANGBOT_FRONTEND_URL/.test(error.message) ? "env_issue" : "fail";
+  }
+  result.reason = result.reason || error.message;
+} finally {
+  if (browser?.page) await safeScreenshot(browser.page, paths.screenshot);
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  const existingEvidence = {};
+  for (const [key, value] of Object.entries(result.evidence)) {
+    if (typeof value !== "string") continue;
+    const isResultFile = value === paths.automationResultJson || value === paths.resultJson;
+    if (isResultFile || await pathExists(value)) existingEvidence[key] = value;
+  }
+  result.evidence = existingEvidence;
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
+
+async function runSteeringProbe(page) {
+  const beforeMessages = await visibleDebugChatMessages(page);
+  const beforeAssistantCount = countRole(beforeMessages, "assistant");
+  const beforeUserCount = countRole(beforeMessages, "user");
+  const firstStartedAt = Date.now();
+  const firstSend = await sendPrompt(page, firstPrompt, { enabledTimeoutMs: 5000 });
+  if (!firstSend.sent) {
+    return {
+      status: "fail",
+      reason: firstSend.reason || "Could not send first Debug Chat prompt.",
+      first_send: firstSend,
+      before_assistant_count: beforeAssistantCount,
+      before_user_count: beforeUserCount,
+    };
+  }
+
+  await page.waitForTimeout(followupDelayMs);
+  const preFollowupMessages = await visibleDebugChatMessages(page);
+  const preFollowupAssistantCount = countRole(preFollowupMessages, "assistant");
+  const followupStartedAt = Date.now();
+  const followupSend = await sendPrompt(page, followupPrompt, { enabledTimeoutMs: followupEnabledTimeoutMs });
+  const followupSentAt = Date.now();
+  if (!followupSend.sent) {
+    return {
+      status: "fail",
+      reason: followupSend.reason || "Could not send steering follow-up while the first run was active.",
+      first_send: firstSend,
+      followup_send: followupSend,
+      first_to_followup_attempt_ms: followupStartedAt - firstStartedAt,
+      followup_send_latency_ms: followupSentAt - followupStartedAt,
+      before_assistant_count: beforeAssistantCount,
+      pre_followup_assistant_count: preFollowupAssistantCount,
+      before_user_count: beforeUserCount,
+    };
+  }
+
+  const waitResult = await waitForLatestAssistantContaining(page, {
+    expectedText,
+    beforeAssistantCount,
+    timeoutMs: responseTimeoutMs,
+  });
+  await waitForDebugChatTextStable(page);
+  const afterMessages = await visibleDebugChatMessages(page);
+  const afterAssistantCount = countRole(afterMessages, "assistant");
+  const afterUserCount = countRole(afterMessages, "user");
+  const latestAssistantText = latestRoleText(afterMessages, "assistant");
+  const failureSignal = findFailureSignal(latestAssistantText) || findFailureSignal(messagesText(afterMessages));
+  const newAssistantCount = afterAssistantCount - beforeAssistantCount;
+  const newUserCount = afterUserCount - beforeUserCount;
+
+  const base = {
+    first_send: firstSend,
+    followup_send: followupSend,
+    first_to_followup_attempt_ms: followupStartedAt - firstStartedAt,
+    followup_send_latency_ms: followupSentAt - followupStartedAt,
+    before_assistant_count: beforeAssistantCount,
+    pre_followup_assistant_count: preFollowupAssistantCount,
+    after_assistant_count: afterAssistantCount,
+    new_assistant_count: newAssistantCount,
+    before_user_count: beforeUserCount,
+    after_user_count: afterUserCount,
+    new_user_count: newUserCount,
+    latest_assistant_text: latestAssistantText,
+    assistant_containing_expected_seen: waitResult.seen,
+    failure_signal: failureSignal,
+  };
+
+  if (failureSignal) {
+    return {
+      ...base,
+      status: "fail",
+      reason: `Debug Chat displayed a known failure signal: ${failureSignal}`,
+    };
+  }
+  if (!waitResult.seen) {
+    return {
+      ...base,
+      status: "fail",
+      reason: `No new assistant message contained steering sentinel ${expectedText}.`,
+    };
+  }
+  if (!latestAssistantText.includes(expectedText)) {
+    return {
+      ...base,
+      status: "fail",
+      reason: `Latest assistant message did not contain steering sentinel ${expectedText}.`,
+    };
+  }
+  if (newUserCount < 2) {
+    return {
+      ...base,
+      status: "fail",
+      reason: `Expected two new user messages, saw ${newUserCount}.`,
+    };
+  }
+  if (newAssistantCount !== 1) {
+    return {
+      ...base,
+      status: "fail",
+      reason: `Expected one assistant response for one claimed steering run, saw ${newAssistantCount}. More than one usually means the follow-up became a separate run.`,
+    };
+  }
+  if (latestAssistantText.includes("STEERING_NO_FOLLOWUP")) {
+    return {
+      ...base,
+      status: "fail",
+      reason: "Runner answered the no-follow-up branch, so steering was not injected.",
+    };
+  }
+
+  return {
+    ...base,
+    status: "pass",
+    reason: `Follow-up sentinel ${expectedText} appeared in the only new assistant response after two user messages.`,
+  };
+}
+
+function debugChatInput(page) {
+  return page
+    .locator('input[placeholder*="message"], input[placeholder*="消息"], textarea[placeholder*="message"], textarea[placeholder*="消息"]')
+    .last();
+}
+
+async function sendPrompt(page, prompt, { enabledTimeoutMs }) {
+  const input = debugChatInput(page);
+  const inputVisible = await input.isVisible({ timeout: 5000 }).catch(() => false);
+  if (!inputVisible) return { sent: false, reason: "Debug Chat input is not visible." };
+  const inputEnabled = await input.isEnabled({ timeout: enabledTimeoutMs }).catch(() => false);
+  if (!inputEnabled) return { sent: false, reason: `Debug Chat input was not enabled within ${enabledTimeoutMs}ms.` };
+
+  await input.fill(prompt).catch(async () => {
+    await input.click();
+    await input.pressSequentially(prompt);
+  });
+  await input.press("Enter");
+  await page.getByText(prompt, { exact: false }).last().waitFor({ state: "visible", timeout: 10000 }).catch(() => {});
+  return {
+    sent: true,
+    submitted_by: "keyboard_enter",
+  };
+}
+
+async function waitForLatestAssistantContaining(page, { expectedText, beforeAssistantCount, timeoutMs }) {
+  const deadline = Date.now() + timeoutMs;
+  let lastMessages = [];
+  let latestAssistantText = "";
+  while (Date.now() < deadline) {
+    const messages = await visibleDebugChatMessages(page);
+    lastMessages = messages;
+    latestAssistantText = latestRoleText(messages, "assistant");
+    if (countRole(messages, "assistant") > beforeAssistantCount && latestAssistantText.includes(expectedText)) {
+      return {
+        seen: true,
+        latest_assistant_text: latestAssistantText,
+        messages,
+      };
+    }
+    const failureSignal = findFailureSignal(latestAssistantText);
+    if (failureSignal) {
+      return {
+        seen: false,
+        latest_assistant_text: latestAssistantText,
+        messages,
+        failure_signal: failureSignal,
+      };
+    }
+    await page.waitForTimeout(500);
+  }
+  return {
+    seen: false,
+    latest_assistant_text: latestAssistantText,
+    messages: lastMessages,
+  };
+}
+
+async function inspectPipeline(page, { backendUrl, pipelineUrl, pipelineName, expectedRunnerId }) {
+  const pipelineIdFromUrl = pipelineIdFromUrlValue(pipelineUrl);
+  return await page.evaluate(async ({ backendUrl, pipelineIdFromUrl, pipelineName, expectedRunnerId }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+    const getJson = async (path) => {
+      const response = await fetch(`${backendUrl}${path}`, {
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "Content-Type": "application/json",
+        },
+      });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+
+    let pipelineId = pipelineIdFromUrl;
+    let matchedBy = pipelineId ? "url" : "";
+    if (!pipelineId) {
+      if (!pipelineName) {
+        return {
+          status: "blocked",
+          authenticated: true,
+          pipeline_resolved: false,
+          reason: "Set LANGBOT_LOCAL_AGENT_PIPELINE_URL or LANGBOT_LOCAL_AGENT_PIPELINE_NAME.",
+        };
+      }
+      const list = await getJson("/api/v1/pipelines");
+      const pipelines = list.json.data?.pipelines || [];
+      const match = pipelines.find((pipeline) => pipeline.name === pipelineName);
+      if (!match) {
+        return {
+          status: "blocked",
+          authenticated: true,
+          pipeline_resolved: false,
+          list_status: list.status,
+          reason: `Could not find pipeline named ${pipelineName}.`,
+        };
+      }
+      pipelineId = match.uuid;
+      matchedBy = "name";
+    }
+
+    const loaded = await getJson(`/api/v1/pipelines/${encodeURIComponent(pipelineId)}`);
+    const pipeline = loaded.json.data?.pipeline;
+    if (loaded.status >= 400 || !pipeline) {
+      return {
+        status: "fail",
+        authenticated: true,
+        pipeline_resolved: false,
+        pipeline_id: pipelineId,
+        get_status: loaded.status,
+        reason: loaded.json.msg || "Could not load pipeline.",
+      };
+    }
+    const config = pipeline.config || {};
+    const runner = config.ai?.runner || {};
+    const runnerId = runner.id || runner.runner || "";
+    if (!runnerId) {
+      return {
+        status: "blocked",
+        authenticated: true,
+        pipeline_resolved: true,
+        pipeline_id: pipelineId,
+        pipeline_name: pipeline.name,
+        matched_by: matchedBy,
+        reason: "Pipeline has no ai.runner.id or legacy ai.runner.runner.",
+      };
+    }
+    if (expectedRunnerId && runnerId !== expectedRunnerId) {
+      return {
+        status: "blocked",
+        authenticated: true,
+        pipeline_resolved: true,
+        pipeline_id: pipelineId,
+        pipeline_name: pipeline.name,
+        matched_by: matchedBy,
+        runner_id: runnerId,
+        expected_runner_id: expectedRunnerId,
+        reason: `Pipeline runner mismatch: expected ${expectedRunnerId}, got ${runnerId}.`,
+      };
+    }
+    return {
+      status: "ready",
+      authenticated: true,
+      pipeline_resolved: true,
+      pipeline_id: pipelineId,
+      pipeline_name: pipeline.name,
+      matched_by: matchedBy,
+      runner_id: runnerId,
+      expected_runner_id: expectedRunnerId || "",
+    };
+  }, { backendUrl, pipelineIdFromUrl, pipelineName, expectedRunnerId });
+}
+
+async function inspectToolNames(page, { backendUrl }) {
+  return await page.evaluate(async ({ backendUrl }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        tool_names: [],
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+    const response = await fetch(`${backendUrl}/api/v1/tools`, {
+      headers: {
+        Authorization: `Bearer ${token}`,
+        "Content-Type": "application/json",
+      },
+    });
+    const json = await response.json().catch(() => ({}));
+    const toolNames = (json.data?.tools || [])
+      .map((tool) => tool.name || tool.tool_name || tool.function?.name || "")
+      .filter(Boolean)
+      .sort();
+    return {
+      status: response.status >= 400 ? "fail" : "ready",
+      authenticated: true,
+      http_status: response.status,
+      code: json.code ?? null,
+      tool_names: toolNames,
+      reason: response.status >= 400 ? json.msg || "Could not list tools." : "Tool list loaded.",
+    };
+  }, { backendUrl });
+}
+
+async function resetPipelineDebugChat(page, { backendUrl, pipelineId, sessionType }) {
+  return await page.evaluate(async ({ backendUrl, pipelineId, sessionType }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        pipeline_id: pipelineId,
+        session_type: sessionType,
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+    const response = await fetch(
+      `${backendUrl}/api/v1/pipelines/${encodeURIComponent(pipelineId)}/ws/reset/${encodeURIComponent(sessionType)}`,
+      {
+        method: "POST",
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "Content-Type": "application/json",
+        },
+      },
+    );
+    const json = await response.json().catch(() => ({}));
+    return {
+      status: response.status >= 400 ? "fail" : "ready",
+      authenticated: true,
+      pipeline_id: pipelineId,
+      session_type: sessionType,
+      reset_status: response.status,
+      reset_code: json.code ?? null,
+      reason: response.status >= 400 ? json.msg || "Debug Chat reset failed." : "Debug Chat session reset.",
+    };
+  }, { backendUrl, pipelineId, sessionType });
+}
+
+function pipelineIdFromUrlValue(value) {
+  const match = String(value || "").match(/\/pipelines?\/([^/?#]+)/i);
+  return match ? decodeURIComponent(match[1]) : "";
+}
+
+function countRole(messages, role) {
+  return messages.filter((message) => message.role === role).length;
+}
+
+function latestRoleText(messages, role) {
+  return messages.filter((message) => message.role === role).at(-1)?.text || "";
+}
+
+function messagesText(messages) {
+  return messages.map((message) => message.text).join("\n");
+}
+
+function findFailureSignal(text) {
+  return DEBUG_CHAT_FAILURE_SIGNALS.find((signal) => String(text || "").includes(signal)) || "";
+}
+
+function positiveInt(value, fallback) {
+  const parsed = Number.parseInt(String(value || ""), 10);
+  return Number.isFinite(parsed) && parsed > 0 ? parsed : fallback;
+}
@@ -0,0 +1,185 @@
+#!/usr/bin/env node
+
+import { spawn } from "node:child_process";
+import { existsSync, readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  localIsoWithOffset,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+function loadEnvDefaults(path) {
+  if (!existsSync(path)) return;
+  for (const rawLine of readFileSync(path, "utf8").split(/\r?\n/)) {
+    const line = rawLine.trim();
+    if (!line || line.startsWith("#")) continue;
+    const sep = line.indexOf("=");
+    if (sep === -1) continue;
+    const key = line.slice(0, sep).trim();
+    if (env[key]) continue;
+    env[key] = line.slice(sep + 1).trim().replace(/^["']|["']$/g, "");
+  }
+}
+
+loadEnvDefaults("skills/.env");
+loadEnvDefaults("skills/.env.local");
+
+const caseId = env.LBS_CASE_ID || "mcp-stdio-fixture-direct";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const startedAt = new Date();
+const fixturePath = resolve(env.LANGBOT_MCP_FIXTURE_PATH || "skills/langbot-testing/fixtures/mcp/qa_mcp_echo_server.py");
+const langbotRepo = env.LANGBOT_REPO ? resolve(env.LANGBOT_REPO) : "";
+const uvCandidates = [
+  env.LANGBOT_MCP_FIXTURE_UV,
+  "uv",
+].filter(Boolean);
+const uv = uvCandidates.find((candidate) => candidate === "uv" || existsSync(candidate));
+const pythonCandidates = [
+  env.LANGBOT_MCP_FIXTURE_PYTHON,
+  langbotRepo ? `${langbotRepo}/.venv/bin/python` : "",
+  "python3",
+].filter(Boolean);
+const python = pythonCandidates.find((candidate) => candidate === "python3" || existsSync(candidate));
+const command = langbotRepo && uv
+  ? { executable: uv, args: ["run", "python", fixturePath], cwd: langbotRepo, mode: "uv" }
+  : python
+    ? { executable: python, args: [fixturePath], cwd: resolve("."), mode: "python" }
+    : null;
+const expectedText = "qa_mcp_echo:mcp-stdio-fixture-ok";
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  fixture_path: fixturePath,
+  command,
+  expected_text: expectedText,
+  evidence: {
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+};
+
+function parseJsonLines(buffer) {
+  return buffer
+    .split(/\r?\n/)
+    .map((line) => line.trim())
+    .filter(Boolean)
+    .map((line) => {
+      try {
+        return JSON.parse(line);
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean);
+}
+
+async function request(child, id, method, params) {
+  child.stdin.write(`${JSON.stringify({ jsonrpc: "2.0", id, method, params })}\n`);
+}
+
+async function run() {
+  if (!command) {
+    result.status = "env_issue";
+    result.reason = "No uv or Python interpreter found. Set LANGBOT_REPO, LANGBOT_MCP_FIXTURE_UV, or LANGBOT_MCP_FIXTURE_PYTHON.";
+    return;
+  }
+  if (!existsSync(fixturePath)) {
+    result.status = "env_issue";
+    result.reason = `MCP fixture not found: ${fixturePath}`;
+    return;
+  }
+
+  const child = spawn(command.executable, command.args, {
+    cwd: command.cwd,
+    stdio: ["pipe", "pipe", "pipe"],
+  });
+  let stdout = "";
+  let stderr = "";
+  child.stdout.setEncoding("utf8");
+  child.stderr.setEncoding("utf8");
+  child.stdout.on("data", (chunk) => {
+    stdout += chunk;
+  });
+  child.stderr.on("data", (chunk) => {
+    stderr += chunk;
+  });
+
+  const timeout = setTimeout(() => child.kill("SIGTERM"), 10_000);
+  try {
+    await new Promise((resolveReady) => setTimeout(resolveReady, 100));
+    await request(child, 1, "initialize", {
+      protocolVersion: "2024-11-05",
+      capabilities: {},
+      clientInfo: { name: "langbot-skills", version: "0" },
+    });
+    await new Promise((resolveReady) => setTimeout(resolveReady, 200));
+    child.stdin.write(`${JSON.stringify({ jsonrpc: "2.0", method: "notifications/initialized", params: {} })}\n`);
+    await request(child, 2, "tools/list", {});
+    await request(child, 3, "tools/call", {
+      name: "qa_mcp_echo",
+      arguments: { text: "mcp-stdio-fixture-ok" },
+    });
+    await new Promise((resolveDone) => setTimeout(resolveDone, 1500));
+  } finally {
+    clearTimeout(timeout);
+    child.kill("SIGTERM");
+  }
+
+  const messages = parseJsonLines(stdout);
+  if (/No module named ['"]mcp['"]|ModuleNotFoundError/i.test(stderr)) {
+    result.status = "env_issue";
+    result.reason = `Python environment cannot import mcp. Set LANGBOT_MCP_FIXTURE_PYTHON to a LangBot venv Python. stderr=${stderr.trim()}`;
+    return;
+  }
+  const listResult = messages.find((message) => message.id === 2)?.result;
+  const callResult = messages.find((message) => message.id === 3)?.result;
+  const toolNames = Array.isArray(listResult?.tools)
+    ? listResult.tools.map((tool) => tool.name)
+    : [];
+  const callText = Array.isArray(callResult?.content)
+    ? callResult.content.map((item) => item.text || "").join("\n")
+    : "";
+
+  if (!toolNames.includes("qa_mcp_echo")) {
+    result.status = "fail";
+    result.reason = `MCP fixture did not list qa_mcp_echo. stderr=${stderr.trim()}`;
+    return;
+  }
+  if (!callText.includes(expectedText)) {
+    result.status = "fail";
+    result.reason = `MCP fixture call did not return ${expectedText}. stderr=${stderr.trim()}`;
+    return;
+  }
+
+  result.status = "pass";
+  result.reason = "MCP stdio fixture listed qa_mcp_echo and returned the deterministic tool result without a model provider.";
+}
+
+try {
+  await run();
+} catch (error) {
+  result.status = "fail";
+  result.reason = error instanceof Error ? error.message : String(error);
+} finally {
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,234 @@
+#!/usr/bin/env node
+
+import { existsSync, readFileSync } from "node:fs";
+import { writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  localIsoWithOffset,
+  safeScreenshot,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+function loadEnvDefaults(path) {
+  if (!existsSync(path)) return;
+  for (const rawLine of readFileSync(path, "utf8").split(/\r?\n/)) {
+    const line = rawLine.trim();
+    if (!line || line.startsWith("#")) continue;
+    const sep = line.indexOf("=");
+    if (sep === -1) continue;
+    const key = line.slice(0, sep).trim();
+    if (env[key]) continue;
+    env[key] = line.slice(sep + 1).trim().replace(/^["']|["']$/g, "");
+  }
+}
+
+loadEnvDefaults("skills/.env");
+loadEnvDefaults("skills/.env.local");
+
+const caseId = env.LBS_CASE_ID || "mcp-stdio-register";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const startedAt = new Date();
+const serverName = env.LANGBOT_MCP_SERVER_NAME || "qa-local-stdio";
+const expectedTool = env.LANGBOT_MCP_EXPECTED_TOOL || "qa_mcp_echo";
+const fixturePath = resolve(env.LANGBOT_MCP_FIXTURE_PATH || "skills/langbot-testing/fixtures/mcp/qa_mcp_echo_server.py");
+const fixtureCommand = env.LANGBOT_MCP_FIXTURE_COMMAND || "python";
+const fixtureArgs = env.LANGBOT_MCP_FIXTURE_ARGS
+  ? JSON.parse(env.LANGBOT_MCP_FIXTURE_ARGS)
+  : [fixturePath];
+const startupTimeoutSec = Number(env.LANGBOT_MCP_STARTUP_TIMEOUT_SEC || "300");
+const readyTimeoutMs = Number(env.LANGBOT_MCP_READY_TIMEOUT_MS || "360000");
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const apiDiagnosticPath = resolve(paths.evidenceDir, "api-diagnostic.json");
+
+let browser;
+const result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  server_name: serverName,
+  fixture_path: fixturePath,
+  expected_tool: expectedTool,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    api_diagnostic_json: apiDiagnosticPath,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["api_diagnostic"],
+};
+
+async function run() {
+  if (!backendUrl) {
+    result.status = "env_issue";
+    result.reason = "LANGBOT_BACKEND_URL is not configured.";
+    return;
+  }
+  if (!existsSync(fixturePath)) {
+    result.status = "env_issue";
+    result.reason = `MCP fixture not found: ${fixturePath}`;
+    return;
+  }
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await page.goto(env.LANGBOT_FRONTEND_URL, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+
+  const diagnostic = await page.evaluate(async ({
+    backendUrl,
+    serverName,
+    expectedTool,
+    fixturePath,
+    fixtureCommand,
+    fixtureArgs,
+    startupTimeoutSec,
+    readyTimeoutMs,
+  }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        authenticated: false,
+        save_status: 0,
+        save_code: null,
+        save_msg: "Browser profile has no localStorage token.",
+        tool_names: [],
+        has_expected_tool: false,
+        runtime_status: null,
+        runtime_tool_names: [],
+        runtime_error: "",
+      };
+    }
+
+    const headers = {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    };
+    const serverConfig = {
+      name: serverName,
+      mode: "stdio",
+      enable: true,
+      extra_args: {
+        command: fixtureCommand,
+        args: fixtureArgs,
+        env: {},
+        box: {
+          startup_timeout_sec: startupTimeoutSec,
+        },
+      },
+    };
+    const getJson = async (path) => {
+      const response = await fetch(`${backendUrl}${path}`, { headers });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+    const sendJson = async (method, path, body) => {
+      const response = await fetch(`${backendUrl}${path}`, {
+        method,
+        headers,
+        body: JSON.stringify(body),
+      });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+
+    const serverPath = `/api/v1/mcp/servers/${encodeURIComponent(serverName)}`;
+    const beforeServer = await getJson(serverPath);
+    const save = beforeServer.status === 404
+      ? await sendJson("POST", "/api/v1/mcp/servers", serverConfig)
+      : await sendJson("PUT", serverPath, serverConfig);
+
+    const deadline = Date.now() + readyTimeoutMs;
+    let lastTools = [];
+    let lastRuntime = null;
+    while (Date.now() < deadline) {
+      await new Promise((resolveReady) => setTimeout(resolveReady, 500));
+      const tools = await getJson("/api/v1/tools");
+      const server = await getJson(serverPath);
+      lastTools = (tools.json.data?.tools || [])
+        .map((tool) => tool.name || tool.tool_name || tool.function?.name || "")
+        .filter(Boolean)
+        .sort();
+      lastRuntime = server.json.data?.server?.runtime_info || null;
+      if (lastTools.includes(expectedTool)) break;
+    }
+
+    return {
+      authenticated: true,
+      before_status: beforeServer.status,
+      save_status: save.status,
+      save_code: save.json.code ?? null,
+      save_msg: save.json.msg || "",
+      tool_names: lastTools,
+      has_expected_tool: lastTools.includes(expectedTool),
+      runtime_status: lastRuntime?.status || null,
+      runtime_tool_names: (lastRuntime?.tools || [])
+        .map((tool) => tool.name || tool.tool_name || "")
+        .filter(Boolean)
+        .sort(),
+      runtime_tool_count: lastRuntime?.tool_count ?? null,
+      runtime_error: lastRuntime?.error_message || "",
+    };
+  }, { backendUrl, serverName, expectedTool, fixturePath, fixtureCommand, fixtureArgs, startupTimeoutSec, readyTimeoutMs });
+
+  await writeFile(apiDiagnosticPath, `${JSON.stringify(diagnostic, null, 2)}\n`, "utf8");
+  await safeScreenshot(page, paths.screenshot);
+
+  if (!diagnostic.authenticated) {
+    result.status = "blocked";
+    result.reason = "Browser profile is not authenticated for LangBot; cannot update MCP server.";
+    return;
+  }
+  if (diagnostic.save_status >= 400 || diagnostic.save_code !== 0) {
+    result.status = "fail";
+    result.reason = `Failed to save MCP server ${serverName}: ${diagnostic.save_status} ${diagnostic.save_msg}`;
+    return;
+  }
+  if (diagnostic.runtime_status !== "connected") {
+    result.status = "fail";
+    result.reason = `MCP server ${serverName} is not connected after save: ${diagnostic.runtime_status || "missing runtime"}. ${diagnostic.runtime_error}`;
+    return;
+  }
+  if (!diagnostic.has_expected_tool || !diagnostic.runtime_tool_names.includes(expectedTool)) {
+    result.status = "fail";
+    result.reason = `MCP server ${serverName} did not expose ${expectedTool}. See ${apiDiagnosticPath}.`;
+    return;
+  }
+
+  result.status = "pass";
+  result.reason = `MCP server ${serverName} is connected and exposes ${expectedTool} through LangBot /api/v1/tools.`;
+}
+
+try {
+  await run();
+} catch (error) {
+  result.status = /Playwright is not installed|LANGBOT_FRONTEND_URL/.test(error.message) ? "env_issue" : "fail";
+  result.reason = error instanceof Error ? error.message : String(error);
+} finally {
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,728 @@
+#!/usr/bin/env node
+
+import { spawn } from "node:child_process";
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { env } from "node:process";
+import {
+  openPipelineDebugChat,
+  runDebugChatPrompt,
+  setDebugChatStreamOutput,
+} from "./lib/debug-chat.mjs";
+import {
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  localIsoWithOffset,
+  pathExists,
+  safeScreenshot,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = env.LBS_CASE_ID || "pipeline-debug-chat";
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const expectedText = env.LANGBOT_E2E_EXPECTED_TEXT || "OK";
+const prompt = env.LANGBOT_E2E_PROMPT || `请只回复 ${expectedText}，用于前端调试测试。`;
+const responseTimeoutMs = Number.parseInt(env.LANGBOT_E2E_RESPONSE_TIMEOUT_MS || "120000", 10);
+const safeResponseTimeoutMs = Number.isFinite(responseTimeoutMs) && responseTimeoutMs > 0 ? responseTimeoutMs : 120000;
+const streamOutput = /^(0|false)$/i.test(env.LANGBOT_E2E_STREAM_OUTPUT || "")
+  ? false
+  : /^(1|true)$/i.test(env.LANGBOT_E2E_STREAM_OUTPUT || "")
+    ? true
+    : null;
+const failureSignals = (env.LANGBOT_E2E_FAILURE_SIGNALS || "")
+  .split(/\r?\n/)
+  .map((item) => item.trim())
+  .filter(Boolean);
+const imageBase64Path = env.LANGBOT_E2E_IMAGE_BASE64_PATH || "";
+const imagePathEnv = env.LANGBOT_E2E_IMAGE_PATH || "";
+const backendUrl = env.LANGBOT_BACKEND_URL || "";
+const pipelineRequired = env.LANGBOT_E2E_PIPELINE_REQUIRED === "1";
+const pipelineUrl = pipelineRequired
+  ? env.LANGBOT_E2E_PIPELINE_URL
+  : (env.LANGBOT_E2E_PIPELINE_URL || env.LANGBOT_PIPELINE_URL);
+const pipelineName = pipelineRequired
+  ? env.LANGBOT_E2E_PIPELINE_NAME
+  : (env.LANGBOT_E2E_PIPELINE_NAME || env.LANGBOT_PIPELINE_NAME);
+const expectedRunnerId = env.LANGBOT_E2E_EXPECTED_RUNNER_ID || "";
+const resetDebugChat = boolFromEnv(env.LANGBOT_E2E_RESET_DEBUG_CHAT, false);
+const restoreRunnerConfig = boolFromEnv(env.LANGBOT_E2E_RESTORE_RUNNER_CONFIG, true);
+const debugChatSessionType = env.LANGBOT_E2E_DEBUG_CHAT_SESSION_TYPE || "person";
+const pipelineConfigDiagnosticPath = resolve(paths.evidenceDir, "pipeline-config-diagnostic.json");
+const debugChatResetDiagnosticPath = resolve(paths.evidenceDir, "debug-chat-reset-diagnostic.json");
+const pipelineConfigRestoreDiagnosticPath = resolve(paths.evidenceDir, "pipeline-config-restore-diagnostic.json");
+const startedAt = new Date();
+
+let browser;
+let restorePlan = null;
+let result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  url: "",
+  prompt,
+  expected_text: expectedText,
+  response_timeout_ms: safeResponseTimeoutMs,
+  stream_output: streamOutput,
+  image_fixture: imageBase64Path || imagePathEnv,
+  prompt_count: 1,
+  chat_results: [],
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "screenshot", "console", "network"],
+};
+
+function boolFromEnv(value, defaultValue) {
+  if (value === undefined || value === "") return defaultValue;
+  if (/^(0|false|no|off)$/i.test(value)) return false;
+  if (/^(1|true|yes|on)$/i.test(value)) return true;
+  return defaultValue;
+}
+
+function parseJsonEnv(key, fallback) {
+  const raw = env[key];
+  if (!raw) return fallback;
+  try {
+    return JSON.parse(raw);
+  } catch (error) {
+    throw new Error(`${key} must be valid JSON: ${error.message}`);
+  }
+}
+
+function promptStepsFromEnv() {
+  const rawSteps = parseJsonEnv("LANGBOT_E2E_PROMPTS_JSON", null);
+  if (rawSteps === null) {
+    return [{ prompt, expectedText, responseTimeoutMs: safeResponseTimeoutMs }];
+  }
+  if (!Array.isArray(rawSteps) || rawSteps.length === 0) {
+    throw new Error("LANGBOT_E2E_PROMPTS_JSON must be a non-empty JSON array.");
+  }
+  return rawSteps.map((item, index) => {
+    if (typeof item === "string") {
+      return { prompt: item, expectedText, responseTimeoutMs: safeResponseTimeoutMs };
+    }
+    if (!item || typeof item !== "object" || typeof item.prompt !== "string" || !item.prompt) {
+      throw new Error(`LANGBOT_E2E_PROMPTS_JSON[${index}] must be a string or an object with a prompt string.`);
+    }
+    const stepTimeout = Number.parseInt(String(item.response_timeout_ms || item.responseTimeoutMs || safeResponseTimeoutMs), 10);
+    return {
+      prompt: item.prompt,
+      expectedText: String(item.expected_text || item.expectedText || expectedText),
+      responseTimeoutMs: Number.isFinite(stepTimeout) && stepTimeout > 0 ? stepTimeout : safeResponseTimeoutMs,
+    };
+  });
+}
+
+function expandEnvRefs(value) {
+  return String(value || "").replace(/\$\{([A-Z][A-Z0-9_]*)\}|\$([A-Z][A-Z0-9_]*)/g, (_match, braced, bare) => {
+    return env[braced || bare] || "";
+  });
+}
+
+function textList(value) {
+  if (value === undefined || value === null || value === "") return [];
+  return Array.isArray(value) ? value.map(String) : [String(value)];
+}
+
+function runArgv(argv, { cwd = "", timeoutMs = 30_000 } = {}) {
+  return new Promise((resolveRun) => {
+    if (!Array.isArray(argv) || argv.length === 0 || !argv.every((item) => typeof item === "string" && item)) {
+      resolveRun({
+        status: "fail",
+        reason: "Filesystem command check requires a non-empty argv string array.",
+        exit_code: null,
+        stdout: "",
+        stderr: "",
+      });
+      return;
+    }
+
+    const child = spawn(argv[0], argv.slice(1), {
+      cwd: cwd ? resolve(cwd) : undefined,
+      env,
+      shell: false,
+    });
+    let stdout = "";
+    let stderr = "";
+    let timedOut = false;
+    const timer = setTimeout(() => {
+      timedOut = true;
+      child.kill("SIGTERM");
+    }, timeoutMs);
+
+    child.stdout.on("data", (chunk) => {
+      stdout += chunk.toString();
+    });
+    child.stderr.on("data", (chunk) => {
+      stderr += chunk.toString();
+    });
+    child.on("error", (error) => {
+      clearTimeout(timer);
+      resolveRun({
+        status: "fail",
+        reason: error.message,
+        exit_code: null,
+        stdout,
+        stderr,
+      });
+    });
+    child.on("close", (code) => {
+      clearTimeout(timer);
+      resolveRun({
+        status: timedOut ? "fail" : "pass",
+        reason: timedOut ? `Command timed out after ${timeoutMs} ms.` : "",
+        exit_code: code,
+        stdout,
+        stderr,
+      });
+    });
+  });
+}
+
+async function runFilesystemChecks(checks) {
+  if (!Array.isArray(checks) || checks.length === 0) {
+    return { status: "not_required", checks: [] };
+  }
+  const results = [];
+  for (let index = 0; index < checks.length; index += 1) {
+    const check = checks[index];
+    if (!check || typeof check !== "object") {
+      results.push({ index, status: "fail", reason: "Filesystem check must be an object." });
+      continue;
+    }
+    const contains = textList(check.contains);
+    const notContains = textList(check.not_contains || check.notContains);
+    const expectedExitCode = Number.isInteger(check.exit_code)
+      ? check.exit_code
+      : Number.isInteger(check.expected_exit_code)
+        ? check.expected_exit_code
+        : 0;
+    const expectedStdout = textList(check.stdout_contains || check.expected_stdout || check.expectedStdout);
+
+    if (check.path) {
+      const path = resolve(expandEnvRefs(check.path));
+      let text = "";
+      try {
+        text = await readFile(path, "utf8");
+      } catch (error) {
+        results.push({ index, status: "fail", type: "file", path, reason: error.message });
+        continue;
+      }
+      const missing = contains.filter((needle) => !text.includes(needle));
+      const forbidden = notContains.filter((needle) => text.includes(needle));
+      results.push({
+        index,
+        status: missing.length || forbidden.length ? "fail" : "pass",
+        type: "file",
+        path,
+        missing,
+        forbidden,
+        reason: missing.length
+          ? `Missing expected text: ${missing.join(", ")}`
+          : forbidden.length
+            ? `Found forbidden text: ${forbidden.join(", ")}`
+            : "",
+      });
+      continue;
+    }
+
+    if (check.argv) {
+      const cwd = check.cwd ? expandEnvRefs(check.cwd) : "";
+      const timeoutMs = Number.parseInt(String(check.timeout_ms || check.timeoutMs || "30000"), 10);
+      const run = await runArgv(check.argv.map(expandEnvRefs), {
+        cwd,
+        timeoutMs: Number.isFinite(timeoutMs) && timeoutMs > 0 ? timeoutMs : 30_000,
+      });
+      const missingStdout = expectedStdout.filter((needle) => !run.stdout.includes(needle));
+      const exitMatches = run.exit_code === expectedExitCode;
+      results.push({
+        index,
+        status: run.status === "pass" && exitMatches && missingStdout.length === 0 ? "pass" : "fail",
+        type: "command",
+        argv: check.argv,
+        cwd,
+        exit_code: run.exit_code,
+        expected_exit_code: expectedExitCode,
+        missing_stdout: missingStdout,
+        stdout_preview: run.stdout.slice(0, 2000),
+        stderr_preview: run.stderr.slice(0, 2000),
+        reason: run.reason
+          || (!exitMatches ? `Expected exit code ${expectedExitCode}, saw ${run.exit_code}.` : "")
+          || (missingStdout.length ? `Missing stdout text: ${missingStdout.join(", ")}` : ""),
+      });
+      continue;
+    }
+
+    results.push({ index, status: "fail", reason: "Filesystem check requires either path or argv." });
+  }
+  const failed = results.filter((item) => item.status !== "pass");
+  return {
+    status: failed.length ? "fail" : "pass",
+    checks: results,
+    reason: failed.length ? `Filesystem checks failed: ${failed.map((item) => item.index).join(", ")}` : "",
+  };
+}
+
+function pipelineIdFromUrl(url) {
+  if (!url) return "";
+  try {
+    const parsed = new URL(url);
+    return parsed.searchParams.get("id") || "";
+  } catch {
+    return "";
+  }
+}
+
+function sanitizePipelineDiagnostic(diagnostic) {
+  const { restore_config: _restoreConfig, ...safe } = diagnostic || {};
+  return safe;
+}
+
+async function prepareImageFixture(paths) {
+  if (imagePathEnv) return resolve(imagePathEnv);
+  if (!imageBase64Path) return "";
+  const source = resolve(imageBase64Path);
+  const target = resolve(paths.evidenceDir, "image-fixture.png");
+  const encoded = await readFile(source, "utf8");
+  await writeFile(target, Buffer.from(encoded.replace(/\s+/g, ""), "base64"));
+  return target;
+}
+
+async function inspectAndPatchPipelineConfig(page, {
+  backendUrl,
+  pipelineUrl,
+  pipelineName,
+  runnerConfigPatch,
+  expectedRunnerId,
+}) {
+  const pipelineIdFromUrlValue = pipelineIdFromUrl(pipelineUrl) || pipelineIdFromUrl(page.url());
+  return await page.evaluate(async ({
+    backendUrl,
+    pipelineIdFromUrlValue,
+    pipelineName,
+    runnerConfigPatch,
+    expectedRunnerId,
+  }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+
+    const headers = {
+      Authorization: `Bearer ${token}`,
+      "Content-Type": "application/json",
+    };
+    const getJson = async (path) => {
+      const response = await fetch(`${backendUrl}${path}`, { headers });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+    const putJson = async (path, body) => {
+      const response = await fetch(`${backendUrl}${path}`, {
+        method: "PUT",
+        headers,
+        body: JSON.stringify(body),
+      });
+      return {
+        status: response.status,
+        json: await response.json().catch(() => ({})),
+      };
+    };
+
+    let pipelineId = pipelineIdFromUrlValue || "";
+    let matchedBy = pipelineId ? "url" : "";
+    if (!pipelineId && pipelineName) {
+      const list = await getJson("/api/v1/pipelines");
+      const pipelines = list.json.data?.pipelines || [];
+      const match = pipelines.find((pipeline) => pipeline.name === pipelineName);
+      if (!match) {
+        return {
+          status: "blocked",
+          authenticated: true,
+          pipeline_resolved: false,
+          list_status: list.status,
+          reason: `Could not find pipeline named ${pipelineName}.`,
+        };
+      }
+      pipelineId = match.uuid;
+      matchedBy = "name";
+    }
+
+    if (!pipelineId) {
+      return {
+        status: "blocked",
+        authenticated: true,
+        pipeline_resolved: false,
+        reason: "Could not resolve pipeline id from URL or pipeline name.",
+      };
+    }
+
+    const before = await getJson(`/api/v1/pipelines/${encodeURIComponent(pipelineId)}`);
+    const pipeline = before.json.data?.pipeline;
+    if (before.status >= 400 || !pipeline) {
+      return {
+        status: "fail",
+        authenticated: true,
+        pipeline_resolved: false,
+        pipeline_id: pipelineId,
+        get_status: before.status,
+        reason: before.json.msg || "Could not load pipeline.",
+      };
+    }
+
+    const config = JSON.parse(JSON.stringify(pipeline.config || {}));
+    const aiConfig = config.ai && typeof config.ai === "object" ? config.ai : {};
+    const runner = aiConfig.runner && typeof aiConfig.runner === "object" ? aiConfig.runner : {};
+    const runnerId = runner.id || runner.runner || "";
+    if (!runnerId) {
+      return {
+        status: "blocked",
+        authenticated: true,
+        pipeline_resolved: true,
+        pipeline_id: pipelineId,
+        pipeline_name: pipeline.name,
+        matched_by: matchedBy,
+        reason: "Pipeline has no ai.runner.id or legacy ai.runner.runner.",
+      };
+    }
+    if (expectedRunnerId && runnerId !== expectedRunnerId) {
+      return {
+        status: "blocked",
+        authenticated: true,
+        pipeline_resolved: true,
+        pipeline_id: pipelineId,
+        pipeline_name: pipeline.name,
+        matched_by: matchedBy,
+        runner_id: runnerId,
+        expected_runner_id: expectedRunnerId,
+        reason: `Pipeline runner mismatch: expected ${expectedRunnerId}, got ${runnerId}.`,
+      };
+    }
+
+    const runnerConfigs = aiConfig.runner_config && typeof aiConfig.runner_config === "object"
+      ? aiConfig.runner_config
+      : {};
+    const currentRunnerConfig = runnerConfigs[runnerId] && typeof runnerConfigs[runnerId] === "object"
+      ? runnerConfigs[runnerId]
+      : {};
+    const patchKeys = Object.keys(runnerConfigPatch || {});
+    const baseDiagnostic = {
+      status: "ready",
+      authenticated: true,
+      pipeline_resolved: true,
+      pipeline_id: pipelineId,
+      pipeline_name: pipeline.name,
+      matched_by: matchedBy,
+      runner_id: runnerId,
+      expected_runner_id: expectedRunnerId || "",
+      patch_keys: patchKeys,
+      runner_config_before_keys: Object.keys(currentRunnerConfig),
+      patched: patchKeys.length > 0,
+    };
+
+    if (patchKeys.length === 0) {
+      return baseDiagnostic;
+    }
+
+    const updatedRunnerConfig = {
+      ...currentRunnerConfig,
+      ...runnerConfigPatch,
+    };
+    const updatedConfig = {
+      ...config,
+      ai: {
+        ...aiConfig,
+        runner: {
+          ...runner,
+          id: runnerId,
+        },
+        runner_config: {
+          ...runnerConfigs,
+          [runnerId]: updatedRunnerConfig,
+        },
+      },
+    };
+
+    const update = await putJson(`/api/v1/pipelines/${encodeURIComponent(pipelineId)}`, {
+      config: updatedConfig,
+    });
+    if (update.status >= 400) {
+      return {
+        ...baseDiagnostic,
+        status: "fail",
+        put_status: update.status,
+        put_code: update.json.code ?? null,
+        reason: update.json.msg || "Pipeline config update failed.",
+      };
+    }
+
+    return {
+      ...baseDiagnostic,
+      put_status: update.status,
+      put_code: update.json.code ?? null,
+      runner_config_after_keys: Object.keys(updatedRunnerConfig),
+      restore_config: config,
+    };
+  }, {
+    backendUrl,
+    pipelineIdFromUrlValue,
+    pipelineName,
+    runnerConfigPatch,
+    expectedRunnerId,
+  });
+}
+
+async function restorePipelineConfig(page, { backendUrl, pipelineId, config }) {
+  return await page.evaluate(async ({ backendUrl, pipelineId, config }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        pipeline_id: pipelineId,
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+    const response = await fetch(`${backendUrl}/api/v1/pipelines/${encodeURIComponent(pipelineId)}`, {
+      method: "PUT",
+      headers: {
+        Authorization: `Bearer ${token}`,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({ config }),
+    });
+    const json = await response.json().catch(() => ({}));
+    return {
+      status: response.status >= 400 ? "fail" : "ready",
+      authenticated: true,
+      pipeline_id: pipelineId,
+      put_status: response.status,
+      put_code: json.code ?? null,
+      reason: response.status >= 400 ? json.msg || "Pipeline config restore failed." : "Pipeline config restored.",
+    };
+  }, { backendUrl, pipelineId, config });
+}
+
+async function resetPipelineDebugChat(page, { backendUrl, pipelineId, sessionType }) {
+  return await page.evaluate(async ({ backendUrl, pipelineId, sessionType }) => {
+    const token = localStorage.getItem("token");
+    if (!token) {
+      return {
+        status: "blocked",
+        authenticated: false,
+        pipeline_id: pipelineId,
+        session_type: sessionType,
+        reason: "Browser profile has no localStorage token.",
+      };
+    }
+    const response = await fetch(
+      `${backendUrl}/api/v1/pipelines/${encodeURIComponent(pipelineId)}/ws/reset/${encodeURIComponent(sessionType)}`,
+      {
+        method: "POST",
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "Content-Type": "application/json",
+        },
+      },
+    );
+    const json = await response.json().catch(() => ({}));
+    return {
+      status: response.status >= 400 ? "fail" : "ready",
+      authenticated: true,
+      pipeline_id: pipelineId,
+      session_type: sessionType,
+      reset_status: response.status,
+      reset_code: json.code ?? null,
+      reason: response.status >= 400 ? json.msg || "Debug Chat reset failed." : "Debug Chat session reset.",
+    };
+  }, { backendUrl, pipelineId, sessionType });
+}
+
+try {
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  const imagePath = await prepareImageFixture(paths);
+  const promptSteps = promptStepsFromEnv();
+  const filesystemChecks = parseJsonEnv("LANGBOT_E2E_FILESYSTEM_CHECKS_JSON", []);
+  const runnerConfigPatch = parseJsonEnv("LANGBOT_E2E_RUNNER_CONFIG_PATCH_JSON", {});
+  const runnerPatchKeys = Object.keys(runnerConfigPatch);
+  if (runnerPatchKeys.length > 0 || resetDebugChat || expectedRunnerId) {
+    if (!backendUrl) {
+      result.status = "env_issue";
+      result.reason = "LANGBOT_BACKEND_URL is required for runner config patch, runner assertion, or Debug Chat reset.";
+      throw new Error(result.reason);
+    }
+  }
+  result.prompt_count = promptSteps.length;
+  result.prompt = promptSteps.length === 1 ? promptSteps[0].prompt : `${promptSteps.length} prompts`;
+  result.expected_text = promptSteps.at(-1)?.expectedText || expectedText;
+
+  const openResult = await openPipelineDebugChat(page, {
+    pipelineUrl,
+    pipelineName,
+    envHint: pipelineRequired
+      ? "case-specific pipeline env mapped to LANGBOT_E2E_PIPELINE_URL or LANGBOT_E2E_PIPELINE_NAME"
+      : "LANGBOT_PIPELINE_URL or LANGBOT_PIPELINE_NAME",
+  });
+  result.url = page.url();
+
+  if (!openResult.opened) {
+    result.status = openResult.status;
+    result.reason = openResult.reason;
+  } else {
+    result.status = "running";
+    result.reason = "";
+    if (runnerPatchKeys.length > 0 || resetDebugChat || expectedRunnerId) {
+      const pipelineDiagnostic = await inspectAndPatchPipelineConfig(page, {
+        backendUrl,
+        pipelineUrl,
+        pipelineName,
+        runnerConfigPatch,
+        expectedRunnerId,
+      });
+      const safeDiagnostic = sanitizePipelineDiagnostic(pipelineDiagnostic);
+      await writeFile(pipelineConfigDiagnosticPath, `${JSON.stringify(safeDiagnostic, null, 2)}\n`, "utf8");
+      result.evidence.pipeline_config_diagnostic_json = pipelineConfigDiagnosticPath;
+      result.pipeline_config = safeDiagnostic;
+      if (!result.evidence_collected.includes("api_diagnostic")) result.evidence_collected.push("api_diagnostic");
+
+      if (pipelineDiagnostic.status === "fail" || pipelineDiagnostic.status === "blocked") {
+        result.status = pipelineDiagnostic.status;
+        result.reason = pipelineDiagnostic.reason || "Pipeline config preparation failed.";
+      } else {
+        if (pipelineDiagnostic.restore_config && restoreRunnerConfig) {
+          restorePlan = {
+            backendUrl,
+            pipelineId: pipelineDiagnostic.pipeline_id,
+            config: pipelineDiagnostic.restore_config,
+          };
+        }
+        if (resetDebugChat) {
+          const resetDiagnostic = await resetPipelineDebugChat(page, {
+            backendUrl,
+            pipelineId: pipelineDiagnostic.pipeline_id,
+            sessionType: debugChatSessionType,
+          });
+          await writeFile(debugChatResetDiagnosticPath, `${JSON.stringify(resetDiagnostic, null, 2)}\n`, "utf8");
+          result.evidence.debug_chat_reset_diagnostic_json = debugChatResetDiagnosticPath;
+          result.debug_chat_reset = resetDiagnostic;
+          if (resetDiagnostic.status === "fail" || resetDiagnostic.status === "blocked") {
+            result.status = resetDiagnostic.status;
+            result.reason = resetDiagnostic.reason || "Debug Chat reset failed.";
+          } else {
+            await page.waitForTimeout(1000);
+            const reopenResult = await openPipelineDebugChat(page, {
+              pipelineUrl,
+              pipelineName,
+              envHint: pipelineRequired
+                ? "case-specific pipeline env mapped to LANGBOT_E2E_PIPELINE_URL or LANGBOT_E2E_PIPELINE_NAME"
+                : "LANGBOT_PIPELINE_URL or LANGBOT_PIPELINE_NAME",
+            });
+            result.url = page.url();
+            if (!reopenResult.opened) {
+              result.status = reopenResult.status;
+              result.reason = reopenResult.reason;
+            }
+          }
+        }
+      }
+    }
+
+    if (result.status === "fail" || result.status === "blocked" || result.status === "env_issue") {
+      // Preparation already determined the outcome.
+    } else {
+      const streamResult = await setDebugChatStreamOutput(page, streamOutput);
+      if (streamResult.status === "blocked" || streamResult.status === "fail") {
+        result.status = streamResult.status;
+        result.reason = streamResult.reason;
+      } else {
+        for (let index = 0; index < promptSteps.length; index += 1) {
+          const step = promptSteps[index];
+          const chatResult = await runDebugChatPrompt(page, {
+            prompt: step.prompt,
+            expectedText: step.expectedText,
+            responseTimeoutMs: step.responseTimeoutMs,
+            imagePath: index === 0 ? imagePath : "",
+            failureSignals: failureSignals.length > 0 ? failureSignals : undefined,
+          });
+          result.chat_results.push({
+            index,
+            expected_text: step.expectedText,
+            status: chatResult.status,
+            reason: chatResult.reason,
+            min_expected_count: chatResult.min_expected_count,
+            final_count: chatResult.final_count,
+            before_assistant_expected_count: chatResult.before_assistant_expected_count,
+            after_assistant_expected_count: chatResult.after_assistant_expected_count,
+            failure_signal: chatResult.failure_signal || "",
+          });
+          result.status = chatResult.status;
+          result.reason = `Prompt ${index + 1}/${promptSteps.length}: ${chatResult.reason}`;
+          if (chatResult.status !== "pass") break;
+        }
+      }
+    }
+
+    if (result.status === "pass" && filesystemChecks.length > 0) {
+      const filesystemResult = await runFilesystemChecks(filesystemChecks);
+      result.filesystem_checks = filesystemResult;
+      if (!result.evidence_collected.includes("filesystem")) result.evidence_collected.push("filesystem");
+      if (filesystemResult.status === "fail") {
+        result.status = "fail";
+        result.reason = filesystemResult.reason || "Filesystem checks failed.";
+      }
+    }
+  }
+} catch (error) {
+  if (!["env_issue", "blocked", "fail", "pass"].includes(result.status) || !result.reason) {
+    result.status = /Playwright is not installed|LANGBOT_FRONTEND_URL/.test(error.message) ? "env_issue" : "fail";
+  }
+  result.reason = result.reason || error.message;
+} finally {
+  if (browser?.page) await safeScreenshot(browser.page, paths.screenshot);
+  if (browser?.page && restorePlan) {
+    const restoreDiagnostic = await restorePipelineConfig(browser.page, restorePlan).catch((error) => ({
+      status: "fail",
+      pipeline_id: restorePlan.pipelineId,
+      reason: error.message,
+    }));
+    await writeFile(pipelineConfigRestoreDiagnosticPath, `${JSON.stringify(restoreDiagnostic, null, 2)}\n`, "utf8");
+    result.evidence.pipeline_config_restore_diagnostic_json = pipelineConfigRestoreDiagnosticPath;
+    result.pipeline_config_restore = restoreDiagnostic;
+  }
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  const existingEvidence = {};
+  for (const [key, value] of Object.entries(result.evidence)) {
+    if (typeof value !== "string") continue;
+    const isResultFile = value === paths.automationResultJson || value === paths.resultJson;
+    if (isResultFile || await pathExists(value)) existingEvidence[key] = value;
+  }
+  result.evidence = existingEvidence;
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,84 @@
+#!/usr/bin/env node
+
+import { env } from "node:process";
+import {
+  bodyText,
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  loadEnvFiles,
+  resetAndAuthLocalUser,
+  safeScreenshot,
+  setBrowserToken,
+  verifyBrowserToken,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = "refresh-local-login";
+const paths = evidencePaths(caseId);
+await loadEnvFiles();
+await ensureEvidence(paths);
+
+const result = {
+  source: "automation",
+  case_id: caseId,
+  status: "fail",
+  reason: "",
+  user: env.LANGBOT_E2E_LOGIN_USER || "",
+  frontend_url: env.LANGBOT_FRONTEND_URL || "",
+  backend_url: env.LANGBOT_BACKEND_URL || "",
+  backend_token_check: null,
+  browser_token_check: null,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "screenshot", "console", "api_diagnostic"],
+};
+
+let browser;
+
+try {
+  const backendUrl = env.LANGBOT_BACKEND_URL;
+  const frontendUrl = env.LANGBOT_FRONTEND_URL;
+  const user = env.LANGBOT_E2E_LOGIN_USER;
+  const password = env.LANGBOT_E2E_LOGIN_PASSWORD || "LangBotE2ELocalPass!2026";
+  if (!backendUrl) throw new Error("LANGBOT_BACKEND_URL is not configured.");
+  if (!frontendUrl) throw new Error("LANGBOT_FRONTEND_URL is not configured.");
+  if (!user) throw new Error("LANGBOT_E2E_LOGIN_USER is required.");
+
+  const auth = await resetAndAuthLocalUser({ backendUrl, user, password });
+  result.backend_token_check = auth.check;
+
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await setBrowserToken(page, frontendUrl, auth.token);
+  const browserCheck = await verifyBrowserToken(page, backendUrl);
+  result.browser_token_check = browserCheck;
+  if (!browserCheck.authenticated) {
+    throw new Error(browserCheck.reason || "Browser token check failed.");
+  }
+
+  await page.goto(`${frontendUrl.replace(/\/$/, "")}/home/monitoring`, { waitUntil: "domcontentloaded" });
+  await page.waitForLoadState("networkidle", { timeout: 10_000 }).catch(() => {});
+  const text = await bodyText(page);
+  if (!text.includes("Dashboard") && !text.includes("Pipelines") && !text.includes("流水线")) {
+    throw new Error("Token was written, but authenticated navigation was not visible.");
+  }
+
+  result.status = "pass";
+  result.reason = "Browser profile localStorage token refreshed.";
+} catch (error) {
+  result.status = "fail";
+  result.reason = error.message;
+} finally {
+  if (browser?.page) await safeScreenshot(browser.page, paths.screenshot);
+  if (browser) await browser.close().catch(() => {});
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(result.status === "pass" ? 0 : 1);
@@ -0,0 +1,107 @@
+#!/usr/bin/env node
+
+import {
+  bodyText,
+  createBrowser,
+  ensureEvidence,
+  evidencePaths,
+  exitCode,
+  gotoFrontend,
+  isLoginUrl,
+  loadEnvFiles,
+  localIsoWithOffset,
+  safeScreenshot,
+  verifyBrowserToken,
+  writeResult,
+} from "./lib/langbot-e2e.mjs";
+
+const caseId = "webui-login-state";
+await loadEnvFiles();
+const paths = evidencePaths(caseId);
+await ensureEvidence(paths);
+
+const startedAt = new Date();
+let browser;
+let result = {
+  source: "automation",
+  case_id: caseId,
+  run_id: paths.runId,
+  started_at: startedAt.toISOString(),
+  started_at_local: localIsoWithOffset(startedAt),
+  finished_at: "",
+  finished_at_local: "",
+  status: "fail",
+  reason: "",
+  url: "",
+  auth: null,
+  evidence: {
+    console_log: paths.consoleLog,
+    network_log: paths.networkLog,
+    screenshot: paths.screenshot,
+    automation_result_json: paths.automationResultJson,
+    result_json: paths.resultJson,
+  },
+  evidence_collected: ["ui", "screenshot", "console"],
+};
+
+try {
+  browser = await createBrowser(paths);
+  const { page } = browser;
+  await gotoFrontend(page);
+  result.url = page.url();
+
+  const backendUrl = process.env.LANGBOT_BACKEND_URL || "";
+  if (!backendUrl) {
+    result.status = "env_issue";
+    result.reason = "LANGBOT_BACKEND_URL is not configured.";
+    await safeScreenshot(page, paths.screenshot);
+    throw new Error(result.reason);
+  }
+
+  const auth = await verifyBrowserToken(page, backendUrl);
+  result.auth = auth;
+  const text = await bodyText(page);
+  const navigationSignals = [
+    "Dashboard",
+    "Bots",
+    "Pipelines",
+    "Knowledge",
+    "Plugins",
+    "首页",
+    "机器人",
+    "流水线",
+    "知识库",
+    "插件",
+  ];
+  const matchedSignal = navigationSignals.find((signal) => text.includes(signal));
+
+  if (!auth.authenticated) {
+    result.status = "blocked";
+    result.reason = auth.reason || "Browser profile token was not accepted by backend.";
+  } else if (isLoginUrl(page.url()) || /登录|Login|Sign in/i.test(text)) {
+    result.status = "fail";
+    result.reason = "Backend accepted the token, but the WebUI still showed the login page.";
+  } else if (!matchedSignal) {
+    result.status = "fail";
+    result.reason = "Opened WebUI, but no known LangBot navigation signal was visible.";
+  } else {
+    result.status = "pass";
+    result.reason = `Authenticated navigation signal visible: ${matchedSignal}`;
+  }
+
+  await safeScreenshot(page, paths.screenshot);
+} catch (error) {
+  if (!["env_issue", "blocked", "fail", "pass"].includes(result.status) || !result.reason) {
+    result.status = /Playwright is not installed|LANGBOT_FRONTEND_URL/.test(error.message) ? "env_issue" : "fail";
+    result.reason = error.message;
+  }
+} finally {
+  if (browser) await browser.close().catch(() => {});
+  const finishedAt = new Date();
+  result.finished_at = finishedAt.toISOString();
+  result.finished_at_local = localIsoWithOffset(finishedAt);
+  await writeResult(paths, result);
+  console.log(JSON.stringify(result, null, 2));
+}
+
+process.exit(exitCode(result.status));
@@ -0,0 +1,46 @@
+# Shared defaults for LangBot skills.
+# Agents should read this file first, then load machine-local overrides from
+# skills/.env.local. Do not put workstation-specific absolute paths or secrets
+# in this committed file.
+
+# The UI URL that testing skills should open.
+# Default to the standalone Vite frontend. Set this to the backend WebUI URL
+# instead if your LangBot checkout serves the frontend from the backend.
+LANGBOT_FRONTEND_URL=http://127.0.0.1:3000
+
+# LangBot API/backend URL.
+LANGBOT_BACKEND_URL=http://127.0.0.1:5300
+
+# Common standalone frontend dev URL. This is a candidate, not the default.
+LANGBOT_DEV_FRONTEND_URL=http://127.0.0.1:3000
+
+# Local repository paths. Copy skills/.env.example to skills/.env.local and set
+# these for your checkout.
+LANGBOT_REPO=
+LANGBOT_WEB_REPO=
+LANGBOT_RAG_PLUGIN_REPO=
+LANGBOT_PARSER_PLUGIN_REPO=
+
+# Browser profile and Playwright/Chromium paths.
+LANGBOT_BROWSER_PROFILE=
+LANGBOT_CHROMIUM_EXECUTABLE=
+
+# Optional local proxy defaults. Do not store secrets here.
+LANGBOT_PROXY_HTTP=
+LANGBOT_PROXY_SOCKS=
+LANGBOT_NO_PROXY=localhost,127.0.0.1,::1
+
+# Optional case-specific pipeline targets. Put machine-local values in
+# skills/.env.local so runner-specific cases do not accidentally reuse the
+# generic LANGBOT_PIPELINE_URL.
+# LANGBOT_PIPELINE_URL=http://127.0.0.1:3000/home/pipelines?id=<generic-pipeline-uuid>
+# LANGBOT_PIPELINE_NAME=Generic QA Pipeline
+# LANGBOT_LOCAL_AGENT_PIPELINE_URL=http://127.0.0.1:3000/home/pipelines?id=<local-agent-pipeline-uuid>
+# LANGBOT_LOCAL_AGENT_PIPELINE_NAME=Local Agent QA Pipeline
+# LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL=http://127.0.0.1:3000/home/pipelines?id=<acp-agent-runner-pipeline-uuid>
+# LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME=ACP AgentRunner QA Pipeline
+# LANGBOT_ACP_AGENT_RUNNER_SSH_TARGET=yhh@101.34.71.12
+# LANGBOT_ACP_AGENT_RUNNER_SSH_PORT=22
+# LANGBOT_ACP_AGENT_RUNNER_SSH_IDENTITY_FILE=
+# LANGBOT_ACP_AGENT_RUNNER_SSH_EXTRA_OPTIONS=
+# LANGBOT_ACP_AGENT_RUNNER_REMOTE_WORKSPACE=/home/yhh/langbot-e2e/acp-workspace
@@ -0,0 +1,36 @@
+# Copy this file to skills/.env.local and adjust it for your machine.
+# Do not put API keys, OAuth tokens, browser localStorage tokens, or provider
+# credentials in committed files.
+
+# LangBot WebUI and backend endpoints.
+LANGBOT_FRONTEND_URL=http://127.0.0.1:3000
+LANGBOT_BACKEND_URL=http://127.0.0.1:5300
+LANGBOT_DEV_FRONTEND_URL=http://127.0.0.1:3000
+
+# Local repository paths.
+LANGBOT_REPO=/path/to/LangBot
+LANGBOT_WEB_REPO=/path/to/LangBot/web
+LANGBOT_RAG_PLUGIN_REPO=/path/to/langbot-rag
+LANGBOT_PARSER_PLUGIN_REPO=/path/to/langbot-parser
+
+# Browser profile and Playwright/Chromium paths.
+LANGBOT_BROWSER_PROFILE=/path/to/langbot-playwright-profile
+LANGBOT_CHROMIUM_EXECUTABLE=/path/to/ms-playwright/chromium/chrome
+
+# Optional local proxy defaults. Leave blank if not needed.
+LANGBOT_PROXY_HTTP=
+LANGBOT_PROXY_SOCKS=
+LANGBOT_NO_PROXY=localhost,127.0.0.1,::1
+
+# Optional generic pipeline target for generic Debug Chat smoke tests.
+LANGBOT_PIPELINE_URL=
+LANGBOT_PIPELINE_NAME=
+
+# Optional case-specific runner targets. Prefer these for runner-specific cases
+# so the automation cannot silently test the wrong runner.
+LANGBOT_LOCAL_AGENT_PIPELINE_URL=
+LANGBOT_LOCAL_AGENT_PIPELINE_NAME=
+LANGBOT_CODEX_AGENT_PIPELINE_URL=
+LANGBOT_CODEX_AGENT_PIPELINE_NAME=
+LANGBOT_CLAUDE_CODE_AGENT_PIPELINE_URL=
+LANGBOT_CLAUDE_CODE_AGENT_PIPELINE_NAME=
@@ -0,0 +1,84 @@
+---
+name: langbot-deploy
+description: Deploy and configure a LangBot instance — Docker / Docker Compose, Kubernetes, the config.yaml model, the Box sandbox runtime, the plugin runtime, and the global API key. Use when installing, deploying, upgrading, or configuring LangBot in production or self-hosted environments. Triggers on "deploy langbot", "langbot docker", "langbot compose", "langbot kubernetes", "langbot config.yaml", "langbot box runtime", "langbot global api key".
+---
+
+# LangBot Deployment & Configuration
+
+Covers running LangBot in production. For development see `langbot-dev`.
+
+## Docker Compose (recommended)
+
+```bash
+git clone https://github.com/langbot-app/LangBot
+cd LangBot/docker
+
+# Full stack (sandbox/Box + stdio MCP hosting + skill add/edit enabled)
+docker compose --profile all up
+
+# Basic (no Box runtime)
+docker compose up
+```
+
+The `all` / `box` profile starts three services:
+
+- `langbot` — main app, serves API + UI on `:5300`.
+- `langbot_plugin_runtime` — plugin runtime (control `:5400`, debug `:5401`).
+- `langbot_box` — Box sandbox runtime (`:5410`). Uses the host Docker socket to
+  spawn sandbox containers, so the **Box root host path and in-container path
+  must be identical** (`BOX__LOCAL__HOST_ROOT=${LANGBOT_BOX_ROOT:-${PWD}/data/box}`).
+
+With Box off, the dashboard/skills list stays visible (read-only) but sandbox
+tools, skill add/edit, and stdio MCP are disabled. Set `box.enabled: false`
+(or `BOX__ENABLED=false`) to match.
+
+## Kubernetes
+
+See `docker/kubernetes.yaml` and the deployment guide at
+https://docs.langbot.app. `docker/deploy-k8s-test.sh` is a test helper.
+
+## config.yaml (generated at `data/config.yaml` on first run)
+
+Top-level sections: `api`, `system`, `command`, `concurrency`, `proxy`,
+`database`, `vdb`, `storage`, `plugin`, `monitoring`, `box`, `space`.
+
+Key settings:
+
+| Key | Meaning |
+| --- | --- |
+| `api.port` | HTTP API + UI port (default 5300) |
+| `api.global_api_key` | **Global API key** for the HTTP API + MCP server. Non-empty = accepted with no login/DB record; no `lbk_` prefix required. Empty = disabled. Plaintext — trusted/internal only, serve over HTTPS. |
+| `plugin.runtime_ws_url` | Standalone plugin runtime WS URL (e.g. `ws://langbot_plugin_runtime:5400/control/ws`) |
+| `box.enabled` | Master switch for the Box sandbox runtime |
+| `box.backend` | `local` (Docker/nsjail autopick) / `docker` / `nsjail` / `e2b`; env override `BOX__BACKEND` |
+| `box.runtime.endpoint` | External Box runtime URL (e.g. `ws://127.0.0.1:5410`); empty = local auto-managed |
+
+Many keys have `ENV__SUBKEY` overrides (e.g. `BOX__BACKEND`, `BOX__ENABLED`).
+
+## Runtimes & flags
+
+- LangBot started directly spawns the plugin runtime over **stdio**.
+- In containers it connects to a standalone runtime over **WebSocket**; start
+  with `--standalone-runtime`.
+- Box has a parallel `--standalone-box` flag; the Docker box host is
+  `langbot_box:5410`.
+
+## Global API key — enabling for agents/automation
+
+```yaml
+# data/config.yaml
+api:
+    port: 5300
+    global_api_key: 'a-strong-secret'   # empty disables it
+```
+
+This key authenticates both the HTTP API and the MCP server (`/mcp`) without a
+login session. See `langbot-mcp-ops` for using it, and `docs/API_KEY_AUTH.md`.
+
+## Pitfalls
+
+- "No supported sandbox backend (Docker / nsjail / E2B)" with Docker running
+  usually means the user isn't in the `docker` group →
+  `sudo usermod -aG docker <user>` and restart in a new shell.
+- Box root host/container path mismatch breaks sandbox container creation.
+- Don't commit a non-empty `api.global_api_key` to version control.
@@ -0,0 +1,116 @@
+---
+name: langbot-dev
+description: Develop, build, and debug the LangBot core backend and web frontend. Use when working inside the LangBot repository — backend (Python/Quart, src/langbot/pkg), the Vite/React web UI, HTTP API controllers/services, Alembic migrations, or the MCP server. Covers the dev environment (uv, pnpm), repo layout, the API auth model (user token / API key / global key), adding API endpoints, and the rule that API changes must update the MCP server and skills. Triggers on "langbot backend", "langbot dev", "langbot api", "add langbot endpoint", "langbot migration".
+---
+
+# LangBot Core Development
+
+This skill covers developing the LangBot core (the main repo), distinct from
+plugin development (see `langbot-plugin-dev`) and deployment (`langbot-deploy`).
+
+## Stack
+
+- **Backend**: Python `>=3.11,<4.0`, deps via `uv`. Framework: **Quart** (async
+  Flask). Serves the HTTP API + pre-built web UI on `http://127.0.0.1:5300`.
+- **Frontend** (`web/`): **Vite + React Router 7 + shadcn/ui + Tailwind**,
+  managed by `pnpm`. Dev server on `:3000`. (NOT Next.js — `dev` script is `vite`.)
+
+## Dev environment
+
+```bash
+# Backend
+pip install uv
+uv sync --dev
+uv run main.py            # API + UI on http://127.0.0.1:5300
+
+# Frontend (separate terminal)
+cd web
+cp .env.example .env
+pnpm install
+pnpm dev                  # http://127.0.0.1:3000 (reads VITE_API_BASE_URL)
+
+# Lint/format hooks (CI runs the same checks)
+uv run pre-commit install
+```
+
+First run generates `data/config.yaml`; DB defaults to SQLite (PostgreSQL
+supported). Migrations run automatically on startup.
+
+## Repo layout (key paths)
+
+```
+src/langbot/
+├── __main__.py             # entrypoint, CLI flags (--standalone-runtime/-box/--debug)
+├── pkg/
+│   ├── api/
+│   │   ├── http/           # Quart controllers + services
+│   │   │   ├── controller/groups/   # route groups (@group.group_class)
+│   │   │   └── service/             # business logic (called by controllers AND MCP)
+│   │   └── mcp/            # MCP server (server.py = tools, mount.py = ASGI dispatch)
+│   ├── core/               # app bootstrap, stages, task manager
+│   ├── platform/ provider/ pipeline/ plugin/ box/ skill/ rag/ vector/
+│   ├── command/ persistence/ storage/ config/ entity/ telemetry/
+│   └── templates/config.yaml        # config template (top-level: api, system, plugin, box, space...)
+├── web/                    # Vite SPA
+└── docker/                 # compose deployment
+```
+
+## HTTP API auth model
+
+Route auth is declared per-route via `AuthType` in
+`pkg/api/http/controller/group.py`:
+
+- `NONE` — public.
+- `USER_TOKEN` — web UI JWT (`Authorization: Bearer <jwt>`).
+- `API_KEY` — `X-API-Key` or `Authorization: Bearer <key>`.
+- `USER_TOKEN_OR_API_KEY` — either.
+
+API keys are verified by `apikey_service.verify_api_key()`, which accepts:
+1. the **global key** from `config.yaml` `api.global_api_key` (no DB, no login,
+   no `lbk_` prefix required), then
+2. **web-UI keys** (DB-stored, `lbk_` prefix).
+
+Route groups self-register via `@group.group_class(name, path)` and are
+discovered by `importutil.import_modules_in_pkg`.
+
+## Adding an API endpoint
+
+1. Add/extend a controller in `pkg/api/http/controller/groups/` and the matching
+   service method in `pkg/api/http/service/`.
+2. Pick the right `AuthType`.
+3. **If the endpoint should be agent-accessible, add/adjust the matching MCP tool
+   in `pkg/api/mcp/server.py` and update the `langbot-mcp-ops` skill.** API and
+   MCP surface must stay aligned (see `AGENTS.md`).
+4. Update `docs/service-api-openapi.json` if you maintain the OpenAPI overview.
+
+## Database migrations (Alembic)
+
+Single migration set supports SQLite + PostgreSQL. Files in
+`src/langbot/pkg/persistence/alembic/versions/`.
+
+```bash
+# From project root (needs data/config.yaml)
+uv run python -m langbot.pkg.persistence.alembic_runner autogenerate "description"
+```
+
+## Standards
+
+- All code comments/docstrings in **English**; user-facing strings need **i18n**
+  (`en_US` + `zh_Hans` minimum, `ja_JP` where present).
+- Consider toC and toB compatibility + security.
+- Commit format: `<type>(<scope>): <subject>` (feat/fix/docs/refactor/...).
+
+## Tests
+
+```bash
+uv run pytest tests/unit_tests -q          # unit tests
+uv run pytest tests/unit_tests/api -q      # API service tests
+uv run python tests/manual/mcp_smoke.py    # MCP server e2e smoke
+```
+
+## See also
+
+- `langbot-plugin-dev` — plugin SDK / runtime development.
+- `langbot-testing` — WebUI/e2e QA harness (`bin/lbs`).
+- `langbot-deploy` — Docker/compose deployment + config.
+- `langbot-mcp-ops` — operating the LangBot MCP server.
@@ -0,0 +1,301 @@
+---
+name: langbot-eba-adapter-dev
+description: Build, refactor, and test LangBot platform adapters for the Event-Based Agents architecture. Use when adding or migrating Telegram, Discord, or other messaging platform adapters to the EBA adapter layout, validating unified event/message conversion, writing live adapter probes, or using standalone plugin runtime plus Computer Use for end-to-end platform testing.
+---
+
+# LangBot EBA Adapter Development
+
+Use this skill when implementing or reviewing a LangBot platform adapter under the Event-Based Agents architecture.
+
+## Controlling a running instance via MCP
+
+Beyond writing code, you can **drive a live LangBot instance over MCP** — no raw
+HTTP needed. Two MCP servers exist (both reuse existing API keys; see `AGENTS.md`):
+
+- **LangBot instance** — `http://<host>:5300/mcp` (auth: web-UI `lbk_` key or the
+  `api.global_api_key` from `config.yaml`). Manage bots, pipelines, models,
+  knowledge bases, and skills. See the **`langbot-mcp-ops`** skill.
+- **LangBot Space marketplace** — `https://space.langbot.app/mcp` (auth: Personal
+  Access Token). Search plugins / MCP servers / skills. See the
+  **`langbot-space-ops`** skill.
+
+> Any change to an agent-accessible HTTP API endpoint must keep the matching MCP
+> tool and these skills in sync.
+
+## Core Rule
+
+Do not let platform-native event or message shapes leak into LangBot's common path. Each adapter must convert incoming SDK objects into unified EBA entities before dispatch:
+
+- Events: `langbot_plugin.api.entities.builtin.platform.events`
+- Message chains: `langbot_plugin.api.entities.builtin.platform.message.MessageChain`
+- Users/groups/members: `langbot_plugin.api.entities.builtin.platform.entities`
+- Raw platform objects may remain only in `source_platform_object` for debugging or platform-specific escape hatches.
+
+## Start Here
+
+1. Read the EBA design docs in `LangBot/docs/event-based-agents/`.
+2. Read the architecture-level acceptance checklist before writing or validating code:
+   - `LangBot/docs/event-based-agents/adapters/acceptance-checklist.md`
+3. Read the current reference adapter before writing code. Prefer Telegram first:
+   - `LangBot/src/langbot/pkg/platform/adapters/telegram/`
+   - `LangBot/docs/event-based-agents/adapters/telegram.md`
+4. Read the legacy source adapter for the target platform:
+   - `LangBot/src/langbot/pkg/platform/sources/<platform>.py`
+   - `LangBot/src/langbot/pkg/platform/sources/<platform>.yaml`
+5. Inspect SDK entity definitions in `langbot-plugin-sdk/src/langbot_plugin/api/entities/builtin/platform/`.
+6. Search before assuming APIs. Platform SDKs change often.
+
+## Adapter Layout
+
+Create one directory per adapter:
+
+```text
+LangBot/src/langbot/pkg/platform/adapters/<platform>/
+├── __init__.py
+├── adapter.py
+├── api_impl.py
+├── event_converter.py
+├── manifest.yaml
+├── message_converter.py
+├── platform_api.py
+├── types.py
+└── <platform>.svg
+```
+
+Add optional helpers such as `voice.py` only when the platform has a real domain-specific surface.
+
+Ensure `pyproject.toml` package data includes adapter assets:
+
+```toml
+package-data = { "langbot" = ["templates/**", "pkg/platform/sources/*", "pkg/platform/adapters/**", ...] }
+```
+
+## Implementation Checklist
+
+- `manifest.yaml` declares `metadata.name`, config schema, supported events, common APIs, and platform-specific APIs.
+- `adapter.py` creates the platform client, subscribes to native events, filters self/bot loops where appropriate, calls `event_converter.target2yiri(...)`, then dispatches the EBA event.
+- `event_converter.py` maps native events to EBA event classes such as `MessageReceivedEvent`, `MessageEditedEvent`, `MessageDeletedEvent`, `MessageReactionEvent`, `MemberJoinedEvent`, `BotInvitedToGroupEvent`, and `PlatformSpecificEvent`.
+- `message_converter.py` maps native messages to `MessageChain`, and maps `MessageChain` back to the platform send format.
+- `api_impl.py` implements common EBA APIs: send, reply, edit, delete, forward, user/group/member lookup, moderation, upload/file URL, leave group.
+- `platform_api.py` keeps platform-specific calls behind `call_platform_api(action, params)`.
+- Unsupported common APIs must raise explicit SDK platform errors such as `NotSupportedError`; do not silently no-op.
+- Destructive APIs such as kick, ban, leave, delete, or moderation must be gated in live tests and documented.
+
+## Conversion Contract
+
+For message events, the common shape should look like this regardless of platform:
+
+```python
+platform_events.MessageReceivedEvent(
+    type="message.received",
+    adapter_name="<platform>",
+    message_id=<platform_message_id>,
+    message_chain=platform_message.MessageChain([...]),
+    sender=platform_entities.User(...),
+    chat_type=platform_entities.ChatType.PRIVATE or ChatType.GROUP,
+    chat_id=<conversation_or_channel_id>,
+    group=platform_entities.UserGroup(...) or None,
+    source_platform_object=<raw_object>,
+)
+```
+
+Message content should use common components:
+
+- `Source` for original message id/time when available.
+- `Plain` for text.
+- `At` / `AtAll` for mentions.
+- `Image`, `Voice`, `File` for media.
+- `Forward` only when the platform can represent or emulate it safely.
+
+If a platform event cannot cleanly map to a common event, emit `PlatformSpecificEvent` with a compact `action` and structured `data`.
+
+## Unit Tests
+
+Add focused tests under `LangBot/tests/unit_tests/platform/test_<platform>_eba_adapter.py`.
+
+Cover at least:
+
+- Manifest supported events match adapter `supported_events()`.
+- Manifest supported APIs match adapter `supported_apis()`.
+- Platform API map matches manifest actions.
+- Dispatcher chooses the most specific EBA listener.
+- Message converter maps every supported common component both directions where possible:
+  - `Source`
+  - `Plain`
+  - `At`
+  - `AtAll`
+  - `Image`
+  - `Voice`
+  - `File`
+  - `Quote`
+  - `Face`
+  - `Forward`
+  - `Unknown`
+  - mixed chains preserving order
+- Event converter maps message received/edited/deleted/reaction, raw uncached gateway events, member events, and bot join/leave events.
+- Send/reply methods pass correct platform kwargs and return `MessageResult`.
+
+Run the existing reference adapter tests too:
+
+```bash
+cd LangBot
+uv run pytest tests/unit_tests/platform/test_<platform>_eba_adapter.py tests/unit_tests/platform/test_telegram_eba_adapter.py
+uv run python -m py_compile tests/e2e/live_<platform>_eba_probe.py
+git diff --check
+```
+
+## Live Test Workflow
+
+Direct adapter live probes are useful diagnostics, but they are not sufficient acceptance evidence for EBA. Treat `tests/e2e/live_<platform>_eba_probe.py` as an auxiliary tool only. The final adapter record must distinguish:
+
+- `plugin-e2e-ui`: real SDK plugin through standalone runtime, LangBot core, adapter, and a real/simulator UI action. This can mark an inbound UI item complete.
+- `plugin-e2e-protocol`: real SDK plugin through standalone runtime, LangBot core, adapter, and a protocol-boundary injected event. This is useful evidence but must not be claimed as UI coverage.
+- `plugin-e2e-outbound`: real SDK plugin calls an API and the bot output is visible in the real/simulator UI. This can mark send/API coverage complete.
+- `adapter-live`: direct adapter probe connected to a real/simulator endpoint. This is auxiliary only.
+- `unit`: mocked conversion/API-shape coverage. This is auxiliary only.
+- `not-supported`: platform protocol or SDK has no equivalent. Must include the reason.
+- `blocked`: intended capability could not be verified. This is not complete.
+
+Write a live probe in `LangBot/tests/e2e/live_<platform>_eba_probe.py`. It should:
+
+1. Read token/client ids from environment variables or CLI args.
+2. Start the adapter directly.
+3. Register an EBA listener and write JSONL evidence to `LangBot/data/temp/`.
+4. Wait for a real user/platform event instead of fabricating the entrypoint.
+5. Exercise common APIs and `call_platform_api` actions.
+6. Observe returned gateway events for edit/delete/reaction/member/bot lifecycle where available.
+7. Print a summary containing passed, failed, skipped, and observed event types.
+8. Redact or avoid printing secrets.
+9. Keep destructive operations behind flags and run them last.
+
+Use Computer Use when the user asks for real platform end-to-end coverage. Actually send messages/click reactions in the platform UI or otherwise trigger real user-side events; do not replace that with unit tests.
+
+For media/component acceptance, keep the direction and trigger source explicit:
+
+- Real inbound media only counts when a human-side platform UI or simulator UI sends the image/file/voice to the bot and the plugin JSONL records the corresponding common component.
+- Bot outbound media only proves `send_message`/adapter send conversion. It does not prove inbound conversion.
+- Protocol-boundary injection, such as sending a OneBot event directly into a reverse WebSocket adapter, is useful and should be labelled `plugin-e2e-protocol`, but it must not be reported as UI-level end-to-end media upload.
+- If the UI cannot send or upload the media, record the item as `blocked` with the exact client/simulator limitation.
+
+## Standalone Runtime + Plugin Test
+
+When validating the whole LangBot EBA path, test with the SDK standalone runtime and a real test plugin. This is the required acceptance path; direct adapter calls do not prove the EBA architecture path.
+
+The required path is:
+
+```text
+Real platform / simulator UI
+  -> platform SDK native event
+  -> adapter event converter
+  -> unified EBA event/entity/message types
+  -> LangBot core event dispatch
+  -> standalone SDK runtime
+  -> real test plugin listener
+  -> plugin calls platform APIs through SDK
+  -> LangBot core API dispatch
+  -> adapter API implementation
+  -> real platform / simulator UI
+```
+
+Typical shape:
+
+```bash
+# Terminal 1, SDK repo
+cd langbot-plugin-sdk
+uv run python -m langbot_plugin.cli.__init__ rt \
+  --debug-only \
+  --ws-control-port 5400 \
+  --ws-debug-port 5401 \
+  --skip-deps-check
+
+# Terminal 2, LangBot repo
+cd LangBot
+export PYTHONPATH=/absolute/path/to/langbot-plugin-sdk/src:${PYTHONPATH:-}
+uv run main.py --standalone-runtime
+
+# Terminal 3, plugin directory
+export DEBUG_RUNTIME_WS_URL=ws://127.0.0.1:5401/plugin/ws
+export EBA_PROBE_LOG=/absolute/path/to/LangBot/data/temp/<platform>_eba_plugin_probe.jsonl
+export EBA_PROBE_API=1
+export EBA_PROBE_COMPONENT_SWEEP=1
+export EBA_PROBE_PLATFORM_API=1
+uv --project /absolute/path/to/langbot-plugin-sdk run python -m langbot_plugin.cli.__init__ run
+```
+
+Use an EBA probe plugin that subscribes to all relevant EBA event classes and runs SDK API calls after the first `MessageReceived`.
+
+The plugin evidence should be JSONL and include:
+
+- event class and `event.type`
+- adapter name
+- chat type and chat ID
+- sender/user/group IDs with secrets redacted
+- `bot_uuid` and `adapter_name`, proving LangBot filled common routing fields before plugin dispatch
+- received `message_chain` component list
+- API action name, input summary, result or error
+- unsupported or blocked reason when an item is skipped
+
+For full adapter acceptance, enable both probe sweeps:
+
+- `EBA_PROBE_COMPONENT_SWEEP=1` sends the required outbound message components through `send_message`.
+- `EBA_PROBE_PLATFORM_API=1` calls common safe APIs plus selected `call_platform_api` actions for the adapter.
+
+The SDK must support `plugin.call_platform_api(bot_uuid, action, params)` for platform-specific acceptance. If the SDK cannot call a platform-specific action from the plugin, the adapter cannot be fully accepted even if direct adapter probes pass.
+
+## Required EBA Acceptance Coverage
+
+Before marking an adapter migrated, fill out an adapter record against `LangBot/docs/event-based-agents/adapters/acceptance-checklist.md`.
+
+At minimum, the record must cover these categories:
+
+- Message receive component tests through `plugin-e2e-ui`: `Source`, `Plain`, `At`, `AtAll`, `Image`, `Voice`, `File`, `Quote`, `Face`, `Forward`, `Unknown`, and mixed chains where the platform supports them. Protocol-only receive evidence must be labelled `plugin-e2e-protocol`.
+- Message send component tests through `plugin-e2e-outbound`: `Plain`, `At`, `AtAll`, `Image`, `Voice`, `File`, `Quote`, `Face`, `Forward`, and mixed chains where the platform supports them.
+- Every event declared in `manifest.yaml -> spec.supported_events`.
+- Every common API declared in `manifest.yaml -> spec.supported_apis.required` and `optional`.
+- Every action declared in `manifest.yaml -> spec.platform_specific_apis`.
+- Compatibility tests for manifest declarations, legacy message listener fallback, EBA listener specificity, bot self-message filtering, and `source_platform_object` reply/debug behavior.
+
+Do not declare an event or API in the manifest unless it has an implementation path and an acceptance entry. If a platform or simulator lacks a capability, document it as `not-supported` or `blocked` rather than silently omitting the test.
+
+## Common Pitfalls
+
+- `get_bots()` may return bot dictionaries, not UUID strings. Probe plugins should select an enabled dict and pass `bot["uuid"]` to `get_bot_info()` and `send_message()`.
+- Make sure the probe subscribes to every event you claim to verify. Missing `MessageDeleted` subscription can make a working adapter look untested.
+- Some platforms emit both cached and raw gateway events, producing duplicate evidence for delete/reaction. Count this explicitly; do not treat duplicates as failure unless semantics differ.
+- Self-message filtering is platform-specific. Filter bot-originated `message.received` loops, but do not accidentally filter edit/delete events needed for bot-owned API probes.
+- Reaction events may be filtered for bot self reactions. To test user reaction add/remove, use real UI interaction or a real user token path if permitted.
+- File uploads usually happen as message attachments. A standalone `upload_file` API may need to be `NotSupportedError`.
+- Live probes should not leak bot tokens through command output, logs, docs, or final answers.
+- Discord requires privileged intents for message content and members. Missing intents can look like converter bugs.
+- Telegram Bot API exposes only limited member lists; document capability gaps.
+- Do not mark moderation APIs verified unless they ran against a disposable target member/bot.
+- If `leave_group` is tested, run it last because the test bot will be removed from the server/group.
+- Restore local LangBot DB/test state after live runs if you enabled temporary bots or changed plugin settings.
+
+## Documentation Record
+
+Add or update `LangBot/docs/event-based-agents/adapters/<platform>.md` in the same style as Telegram:
+
+- Status and adapter directory.
+- Configuration table matching manifest fields.
+- Supported EBA event list.
+- Common API table with support and limitations.
+- `call_platform_api` action list.
+- Receive component table with evidence level per component.
+- Send component table with evidence level per component.
+- Event table with evidence level per event.
+- Common API table with evidence level per API.
+- Platform-specific API table with evidence level per action.
+- Live test record with exact date, endpoint/simulator, standalone runtime command, test plugin path/name, JSONL evidence path, channel/group type, observed events, APIs exercised, destructive operations, and skipped items.
+
+Be honest. Put untested or skipped APIs in the document with the reason. Do not imply full parity when a platform cannot provide the same information density.
+
+## Before Finishing
+
+- Run unit tests and compile the live probe.
+- Run the standalone runtime plugin E2E path for every required acceptance item that the platform supports.
+- Run `git diff --check`.
+- Summarize live JSONL evidence by event type.
+- Stop all long-running runtimes and probes.
+- Confirm no secrets are staged.
+- Leave unrelated untracked files alone.
@@ -0,0 +1,28 @@
+---
+name: langbot-env-setup
+description: Prepare a local LangBot development and testing environment for an AI agent. Use when setting up WSL or Linux development, shared local URL variables, proxy variables, backend/frontend startup, Playwright MCP browser access, GitHub OAuth browser login, persisted Chrome profiles, or future Codex computer-use environment paths.
+---
+
+# LangBot Environment Setup
+
+Use this skill when a task needs LangBot to be in a testable state before product testing or development verification.
+
+## Routing
+
+- **Shared local variables**: read `../.env` before using URL, path, browser profile, or proxy defaults.
+- **Always start here**: read `references/browser-access-selection.md` to choose the browser-control path.
+- **LangBot service checks and startup**: read `references/service-startup.md`.
+- **Computer Use available**: read `references/computer-use.md`. This path usually needs less browser/MCP setup.
+- **No Computer Use, browser automation required**: read `references/playwright-mcp.md`.
+- **GitHub OAuth or persisted login profile**: read `references/oauth-browser-profile.md`.
+- **WSL-specific notes**: read `references/wsl-notes.md` only when running under WSL.
+- **Proxy setup**: read `references/proxy.md` when external login, model provider tests, or package downloads time out.
+- **Headless-only automation**: use only after a profile already contains a valid LangBot login. Do not ask the agent to enter GitHub credentials or 2FA.
+
+## Rules
+
+- Never handle the user's GitHub password, passkey, recovery code, or 2FA secret.
+- For OAuth login, open a visible browser and let the user complete the credential steps.
+- Reuse a fixed browser profile path so the agent can later access the logged-in LangBot session.
+- Keep environment-specific paths and commands in `references/`, not in this file.
+- Treat environment setup as complete only after the target LangBot services are reachable and the browser profile can access the WebUI.
@@ -0,0 +1,15 @@
+# Browser Access Selection
+
+Choose the lightest browser-control path that can complete the task.
+
+## Decision Order
+
+1. If Codex Computer Use, Claude Computer Use, or another visible browser-control tool is available, use `computer-use.md`.
+2. If no computer-control tool is available but Playwright MCP is available, use `playwright-mcp.md`.
+3. If the browser session must survive restarts or OAuth login is required, also use `oauth-browser-profile.md`.
+4. If running under WSL, add `wsl-notes.md`.
+5. If external sites or model providers time out, add `proxy.md`.
+
+## Principle
+
+Computer Use and Playwright MCP are alternative browser-control paths. Both still need LangBot services to be reachable, so service checks stay in `service-startup.md`.
@@ -0,0 +1,20 @@
+# Computer Use Browser Path
+
+Use this path when Codex Computer Use, Claude Computer Use, or another agent-visible browser-control capability is available.
+
+## Why This Path Is Simpler
+
+Computer Use can interact with a visible browser directly, so it usually does not need Playwright MCP configuration or a separate MCP browser bridge.
+
+## Workflow
+
+1. Verify LangBot backend/frontend with `service-startup.md`.
+2. Open the WebUI in the controlled browser.
+3. If login is needed, let the user complete GitHub OAuth. Never handle credentials or 2FA.
+4. Keep the browser/profile available for later testing.
+5. Hand off to `langbot-testing` after the page shows the logged-in WebUI.
+
+## Still Required
+
+- Proxy may still be needed for GitHub OAuth or model provider tests. Use `proxy.md`.
+- Persisted profile details may still matter if the computer-control browser is restarted. Use `oauth-browser-profile.md` if login state must survive.
@@ -0,0 +1,62 @@
+# OAuth Browser Profile
+
+Use this reference when LangBot or LangBot Space needs GitHub OAuth login and the agent must reuse the authenticated browser state later.
+
+Read `skills/.env` first for `LANGBOT_BACKEND_URL`, `LANGBOT_FRONTEND_URL`, `LANGBOT_BROWSER_PROFILE`, `LANGBOT_CHROMIUM_EXECUTABLE`, and proxy defaults.
+
+## Rules
+
+- Never handle the user's GitHub password, passkey, recovery code, or 2FA secret.
+- Open a visible browser and let the user complete credential steps.
+- Reuse a fixed browser profile path.
+- Do not print token values. It is acceptable to report localStorage key names.
+
+## Manual Visible Login Flow
+
+1. Verify LangBot backend is reachable with `service-startup.md`.
+2. Launch a visible Chromium window with the persistent profile:
+
+```bash
+setsid "$LANGBOT_CHROMIUM_EXECUTABLE" \
+  --no-sandbox \
+  --ozone-platform=x11 \
+  --user-data-dir="$LANGBOT_BROWSER_PROFILE" \
+  --proxy-server="$LANGBOT_PROXY_SOCKS" \
+  --proxy-bypass-list="$LANGBOT_NO_PROXY" \
+  "$LANGBOT_BACKEND_URL/login" \
+  >/tmp/langbot-visible-chrome.log 2>&1 < /dev/null &
+```
+
+3. The user completes:
+
+```text
+Login with Space -> Login with GitHub -> GitHub credentials / 2FA -> authorize
+```
+
+4. The agent can then reuse the same profile for automated checks.
+
+## Expected Successful State
+
+After login, LangBot should redirect away from `/login`, for example to a `/home/...` URL on the selected origin.
+
+Expected visible signals:
+
+```text
+LangBot
+Dashboard
+Home
+Bots
+Pipelines
+Knowledge
+Extensions
+```
+
+Expected localStorage key names:
+
+```text
+token
+userEmail
+langbot_language
+```
+
+If the user logged in on one origin but `LANGBOT_FRONTEND_URL` still shows `/login`, copy only the auth state needed between origins. Do not print token values.
@@ -0,0 +1,30 @@
+# Playwright MCP Browser Path
+
+Use this path when the agent needs browser automation but no Computer Use browser-control path is available.
+
+## Known Paths
+
+- Persistent browser profile: `LANGBOT_BROWSER_PROFILE` from `skills/.env.local`
+- Chromium executable: `LANGBOT_CHROMIUM_EXECUTABLE` from `skills/.env.local`
+- Codex MCP config: `$CODEX_HOME/config.toml` or the config path used by the active agent.
+
+## MCP Config
+
+Keep the profile path fixed so the agent can reuse authenticated state.
+
+```toml
+[mcp_servers.playwright]
+command = "npx"
+args = ["-y", "@playwright/mcp@latest", "--no-sandbox", "--executable-path", "<LANGBOT_CHROMIUM_EXECUTABLE>", "--proxy-server", "<LANGBOT_PROXY_SOCKS>", "--proxy-bypass", "localhost,127.0.0.1", "--user-data-dir", "<LANGBOT_BROWSER_PROFILE>"]
+```
+
+After changing MCP config, restart Codex so the MCP server is relaunched with the new args.
+
+## Visible Login
+
+For OAuth login, Playwright MCP's headless browser is not enough. Launch a visible browser with the same profile and let the user complete login. Use `oauth-browser-profile.md`.
+
+## Common Failures
+
+- MCP still uses old args after editing config: restart Codex or kill old `playwright-mcp` processes and restart the session.
+- Browser is headless during OAuth: use the visible login command from `oauth-browser-profile.md`.
@@ -0,0 +1,30 @@
+# Proxy Setup
+
+Use this reference when GitHub OAuth, package installation, model provider tests, or external API calls time out.
+
+Read defaults from `skills/.env` first.
+
+## Standard Local Proxy
+
+```bash
+export HTTP_PROXY="$LANGBOT_PROXY_HTTP"
+export HTTPS_PROXY="$LANGBOT_PROXY_HTTP"
+export ALL_PROXY="$LANGBOT_PROXY_SOCKS"
+export http_proxy="$LANGBOT_PROXY_HTTP"
+export https_proxy="$LANGBOT_PROXY_HTTP"
+export all_proxy="$LANGBOT_PROXY_SOCKS"
+export NO_PROXY="$LANGBOT_NO_PROXY"
+export no_proxy="$LANGBOT_NO_PROXY"
+```
+
+## Rule
+
+Keep uppercase and lowercase proxy variables consistent. Different libraries read different names.
+
+## Checks
+
+```bash
+env | rg -i '^(http|https|all|no)_?proxy='
+curl -I --max-time 8 --proxy "$LANGBOT_PROXY_SOCKS" https://github.com
+curl -I --max-time 3 "$LANGBOT_BACKEND_URL"
+```
@@ -0,0 +1,73 @@
+# Service Startup
+
+Use this reference for LangBot backend/frontend readiness checks regardless of OS or browser-control method. Read `skills/.env` first and override those defaults with user-provided values or detected running services.
+
+## Variables
+
+- `LANGBOT_REPO`
+- `LANGBOT_WEB_REPO`
+- `LANGBOT_BACKEND_URL`
+- `LANGBOT_FRONTEND_URL`
+- `LANGBOT_DEV_FRONTEND_URL`
+
+## Backend
+
+Start LangBot from the backend repo:
+
+```bash
+cd "$LANGBOT_REPO"
+uv run main.py
+```
+
+Healthy startup includes:
+
+```text
+Running on http://0.0.0.0:<backend-port>
+Connected to plugin runtime.
+Plugin langbot/local-agent initialized
+```
+
+Quick check:
+
+```bash
+curl -I --max-time 3 "$LANGBOT_BACKEND_URL/login"
+```
+
+If `bin/lbs env doctor` reports that `LANGBOT_BACKEND_URL` has no TCP listener,
+the backend is not running at the configured host and port. A reachable
+standalone frontend on `LANGBOT_FRONTEND_URL` does not prove backend readiness.
+
+Prefer a visible terminal session while debugging backend startup. Detached
+background startup methods can hide early process exits in local agent runs; if
+you use one, immediately verify both the process and the listener:
+
+```bash
+ps -eo pid,cmd | rg 'main.py|uv run main|langbot'
+ss -ltnp | rg ':5300'
+curl -I --max-time 3 "$LANGBOT_BACKEND_URL/login"
+```
+
+## Frontend
+
+Start the new frontend from the web repo:
+
+```bash
+cd "$LANGBOT_WEB_REPO"
+npm run dev
+```
+
+Healthy startup includes:
+
+```text
+Local: <frontend-url>
+```
+
+Quick check:
+
+```bash
+curl -I --max-time 3 "$LANGBOT_FRONTEND_URL"
+```
+
+## Completion Signal
+
+Environment setup is not complete until the required frontend/backend URLs are reachable and the chosen browser-control path can open the WebUI.
@@ -0,0 +1,36 @@
+# WSL Notes
+
+Use this reference only for WSL-specific details. Do not put generic LangBot startup or browser-login steps here.
+
+## Network
+
+GitHub login and model provider calls may require proxy access from WSL.
+
+Working proxy form:
+
+```bash
+socks5://127.0.0.1:7890
+```
+
+Bypass local LangBot:
+
+```bash
+localhost,127.0.0.1
+```
+
+Quick checks:
+
+```bash
+curl -I --max-time 8 --proxy socks5h://127.0.0.1:7890 https://github.com
+curl -I --max-time 3 "$LANGBOT_BACKEND_URL"
+```
+
+## Visible Browser
+
+If OAuth requires a visible browser, WSL must have a usable display path. If a visible Chromium launch fails, check the local WSL GUI/X11 setup before changing LangBot config.
+
+## Common Failures
+
+- `ERR_NETWORK_CHANGED` or GitHub timeout: browser is not using the SOCKS proxy.
+- LangBot connection refused: backend is not running or not reachable from WSL.
+- User cannot type credentials: browser is headless or not visible to the user.
@@ -0,0 +1,99 @@
+---
+name: langbot-mcp-ops
+description: Operate a LangBot instance through its built-in MCP (Model Context Protocol) server. Use when an AI agent needs to manage LangBot — list/create/update/delete bots, pipelines, models, knowledge bases, MCP servers, and skills — over MCP instead of raw HTTP. Covers the /mcp endpoint, API-key auth (web-UI lbk_ keys and the config.yaml global key), the tool surface, and client configuration. Triggers on "langbot mcp", "manage langbot via mcp", "langbot /mcp", "langbot mcp server".
+---
+
+# LangBot MCP Operations
+
+LangBot exposes an **MCP server** so AI agents can manage an instance
+programmatically. It mirrors a curated subset of the HTTP service API.
+
+## Endpoint
+
+```
+http://<langbot-host>:5300/mcp
+```
+
+Transport: **streamable HTTP** (stateless, JSON responses). Same host/port as
+the web UI and HTTP API.
+
+## Authentication
+
+Reuses the same API keys as the HTTP API. Send either header:
+
+```
+X-API-Key: <api-key>
+# or
+Authorization: Bearer <api-key>
+```
+
+Two kinds of key are accepted:
+
+1. **Web-UI key** — created in the web UI (sidebar → API Keys), prefixed `lbk_`,
+   stored in the database.
+2. **Global API key** — set in `data/config.yaml` under `api.global_api_key`.
+   Requires no login session and no DB record; does not need the `lbk_` prefix.
+   Leave empty to disable. See the `langbot-deploy` skill for config details.
+
+Requests without a valid key get `401 Unauthorized`.
+
+## Client configuration
+
+```json
+{
+  "mcpServers": {
+    "langbot": {
+      "url": "http://<langbot-host>:5300/mcp",
+      "headers": { "X-API-Key": "<api-key>" }
+    }
+  }
+}
+```
+
+## Tool surface
+
+The tools wrap the LangBot service layer. Current tools (v1):
+
+| Tool | Purpose |
+| --- | --- |
+| `get_system_info` | Version, edition, instance id |
+| `list_bots` / `get_bot` / `create_bot` / `update_bot` / `delete_bot` | Manage messaging-platform bots (secrets redacted on read) |
+| `list_pipelines` / `get_pipeline` / `create_pipeline` / `update_pipeline` / `delete_pipeline` | Manage pipelines |
+| `list_llm_models` / `get_llm_model` / `list_embedding_models` / `list_model_providers` | Inspect models & providers |
+| `list_knowledge_bases` / `get_knowledge_base` / `retrieve_knowledge_base` | RAG knowledge bases (incl. semantic search) |
+| `list_mcp_servers` | External MCP servers LangBot connects to (as a client) |
+| `list_skills` / `get_skill` | Installed skills |
+
+Mutating tools (`create_*`, `update_*`) take a JSON object matching the same
+shape as the corresponding HTTP API request body. Discover resources with the
+`list_*` / `get_*` tools before mutating; identifiers are UUIDs.
+
+## How to use
+
+1. Get an API key (web UI key, or set `api.global_api_key` in config.yaml).
+2. Point your MCP client at `http://<host>:5300/mcp` with the key header.
+3. Call `get_system_info` to confirm connectivity.
+4. Use `list_*` tools to discover, then `get_*` / `create_*` / `update_*` /
+   `delete_*` as needed.
+
+## Implementation & maintenance (for LangBot developers)
+
+- Server: `src/langbot/pkg/api/mcp/server.py` (FastMCP). Tools call the service
+  layer directly, so the MCP surface stays aligned with the API.
+- Mount: `src/langbot/pkg/api/mcp/mount.py` — an ASGI dispatcher fronting Quart,
+  authenticating `/mcp` requests, running the streamable-HTTP session manager.
+- Smoke test: `tests/manual/mcp_smoke.py`.
+
+> When you add, remove, or change an HTTP API endpoint that should be
+> agent-accessible, update the corresponding MCP tool **and** this skill. The
+> MCP tool surface and the API must stay aligned (see `AGENTS.md`).
+
+## Pitfalls
+
+- `/mcp` is the **server** LangBot exposes. The `/api/v1/mcp` routes are the
+  **client** side (managing external MCP servers LangBot connects to). Don't
+  confuse them.
+- A `401` means the key is wrong, missing, or (for the global key)
+  `api.global_api_key` is empty in config.yaml.
+- The global key is plaintext in config.yaml — only enable it on trusted/internal
+  deployments and serve over HTTPS.
@@ -0,0 +1,452 @@
+---
+name: langbot-plugin-dev
+description: Develop, debug, and test LangBot plugins. Use when creating new LangBot plugins, fixing plugin bugs, setting up a LangBot test environment, or testing plugins via WebSocket. Covers plugin component architecture (EventListener, Command, Tool), the plugin SDK API (invoke_llm, get_llm_models, send_message, plugin storage), common pitfalls, and automated WebSocket-based testing. Triggers on "langbot plugin", "lbp", "GroupChatSummary", "plugin debug", "langbot test".
+---
+
+# LangBot Plugin Development & Debugging
+
+## Controlling a running instance via MCP
+
+Beyond writing code, you can **drive a live LangBot instance over MCP** — no raw
+HTTP needed. Two MCP servers exist (both reuse existing API keys; see `AGENTS.md`):
+
+- **LangBot instance** — `http://<host>:5300/mcp` (auth: web-UI `lbk_` key or the
+  `api.global_api_key` from `config.yaml`). Manage bots, pipelines, models,
+  knowledge bases, and skills. See the **`langbot-mcp-ops`** skill.
+- **LangBot Space marketplace** — `https://space.langbot.app/mcp` (auth: Personal
+  Access Token). Search plugins / MCP servers / skills. See the
+  **`langbot-space-ops`** skill.
+
+> Any change to an agent-accessible HTTP API endpoint must keep the matching MCP
+> tool and these skills in sync.
+
+## Plugin Architecture
+
+A LangBot plugin consists of:
+
+```
+MyPlugin/
+├── manifest.yaml          # Plugin metadata, config schema
+├── main.py                # BasePlugin subclass (entry point, shared state)
+├── components/
+│   ├── event_listener/    # Hook pipeline events
+│   │   ├── collector.yaml
+│   │   └── collector.py
+│   ├── commands/          # !command handlers
+│   │   ├── mycommand.yaml
+│   │   └── mycommand.py
+│   └── tools/             # LLM function-call tools
+│       ├── mytool.yaml
+│       └── mytool.py
+```
+
+Each component has a `.yaml` (metadata) and `.py` (implementation).
+
+## Critical SDK Pitfalls
+
+### 1. MessageChain is a RootModel — iterate directly
+
+```python
+# ❌ WRONG — MessageChain has no .components attribute
+for component in event.message_chain.components:
+
+# ✅ CORRECT — MessageChain is a Pydantic RootModel, iterate directly
+for component in event.message_chain:
+```
+
+### 2. Message.content must be `list[ContentElement]` or `str`, not a single ContentElement
+
+```python
+from langbot_plugin.api.entities.builtin.provider import message as provider_message
+
+# ❌ WRONG — single ContentElement
+Message(role="user", content=ContentElement.from_text("hello"))
+
+# ✅ CORRECT — list of ContentElement
+Message(role="user", content=[ContentElement.from_text("hello")])
+
+# ✅ ALSO CORRECT — plain string
+Message(role="user", content="hello")
+```
+
+### 3. invoke_llm does NOT accept timeout
+
+```python
+# ❌ WRONG
+await self.invoke_llm(llm_model_uuid=uuid, messages=msgs, timeout=60)
+
+# ✅ CORRECT
+await self.invoke_llm(llm_model_uuid=uuid, messages=msgs)
+```
+
+### 4. invoke_llm response.content can be str OR list
+
+```python
+response = await self.invoke_llm(...)
+if response.content:
+    if isinstance(response.content, str):
+        return response.content
+    elif isinstance(response.content, list):
+        parts = [e.text for e in response.content if hasattr(e, "text") and e.text]
+        return "\n".join(parts)
+```
+
+### 5. get_llm_models() returns UUIDs
+
+```python
+# Returns list[str] of model UUIDs
+models = await self.get_llm_models()
+model_uuid = models[0]  # First available model UUID
+```
+
+**Known bug (v4.9.3):** The host handler may return `list[dict]` instead of `list[str]`. If you hit `TypeError: unhashable type: 'dict'` in `invoke_llm`, the fix is in `LangBot/src/langbot/pkg/plugin/handler.py` — change `'llm_models': llm_models` to `'llm_models': [m['uuid'] for m in llm_models]`.
+
+### 6. invoke_llm parameter is `llm_model_uuid`, NOT `model_uuid`
+
+```python
+# ❌ WRONG — will throw "got an unexpected keyword argument"
+await self.invoke_llm(messages=msgs, model_uuid=uuid)
+
+# ✅ CORRECT
+await self.invoke_llm(messages=msgs, llm_model_uuid=uuid)
+```
+
+### 7. prevent_default() alone does NOT block LLM response
+
+To fully prevent the default LLM pipeline from responding when your EventListener handles the message, you must call **both**:
+
+```python
+event_context.prevent_default()    # Block default behavior
+event_context.prevent_postorder()  # Block subsequent plugins/pipeline
+```
+
+Using only `prevent_default()` still allows the LLM to generate a response.
+
+### 8. get_plugin_storage / set_plugin_storage may throw KeyError: 'owner'
+
+This is a version mismatch between the SDK and host. Wrap storage calls in try/except:
+
+```python
+try:
+    data = await self.get_plugin_storage("my_key")
+except Exception:
+    data = None  # Fallback gracefully
+```
+
+### 9. Component YAML must have full structure, not just name/description
+
+```yaml
+# ❌ WRONG — will silently fail to register the component
+name: translator
+description:
+  en_US: 'Does stuff'
+
+# ✅ CORRECT — full component YAML
+apiVersion: v1
+kind: EventListener
+metadata:
+  name: translator
+  label:
+    en_US: Translator
+spec:
+execution:
+  python:
+    path: translator.py
+    attr: Translator
+```
+
+### 10. BasePlugin import path
+
+```python
+# ❌ WRONG
+from langbot_plugin.api.definition.base_plugin import BasePlugin
+
+# ✅ CORRECT
+from langbot_plugin.api.definition.plugin import BasePlugin
+```
+
+## Pipeline Events
+
+Events the EventListener can hook (from most general to most specific):
+
+| Event | When |
+|---|---|
+| `GroupMessageReceived` | **Any** group message arrives (before trigger rules) |
+| `PersonMessageReceived` | **Any** private message arrives |
+| `GroupNormalMessageReceived` | Group message passes trigger rules, going to LLM |
+| `PersonNormalMessageReceived` | Private message going to LLM |
+| `GroupCommandSent` | Group message matched as command |
+| `PersonCommandSent` | Private message matched as command |
+| `NormalMessageResponded` | LLM generated a response |
+| `PromptPreProcessing` | About to build LLM context |
+
+**Key insight:** `*MessageReceived` fires for ALL messages regardless of trigger rules. `*NormalMessageReceived` only fires for messages that match the pipeline's trigger rules (e.g., @bot, prefix, random%). Use `*MessageReceived` for message collection/logging.
+
+## EventContext API
+
+```python
+@self.handler(events.GroupMessageReceived)
+async def on_msg(event_context: context.EventContext):
+    event = event_context.event
+    event.launcher_id    # Group ID
+    event.sender_id      # Sender ID
+    event.message_chain  # MessageChain (iterate directly)
+
+    # Reply to the current conversation
+    await event_context.reply(MessageChain([Plain(text="hello")]))
+
+    # Block default pipeline behavior
+    event_context.prevent_default()
+
+    # Block subsequent plugins
+    event_context.prevent_postorder()
+```
+
+## Setting Up a Test Environment
+
+### Deploy via Docker (GitOps + Portainer)
+
+See `references/test-env-setup.md` for full deployment steps.
+
+Quick summary:
+1. Create `docker-compose.yaml` in `server-deploy` repo
+2. Deploy via Portainer git repository method
+3. Set up admin account via `/api/v1/user/init` POST
+4. Configure LLM provider and model via API
+5. Copy plugin to `data/plugins/` directory
+
+### WebSocket Testing
+
+LangBot's WebUI chat uses WebSocket. Connect to test message flow:
+
+```
+ws://<host>:<port>/api/v1/pipelines/<pipeline_uuid>/ws/connect?session_type=group
+```
+
+- `session_type=group` for group chat simulation
+- `session_type=person` for private chat (always triggers pipeline)
+
+**Requires Origin header** to pass CORS:
+```javascript
+const ws = new WebSocket(url, {
+  headers: { Origin: 'https://your-langbot-domain' }
+});
+```
+
+Send messages:
+```json
+{"type": "message", "message": [{"type": "Plain", "text": "hello"}]}
+```
+
+Receive:
+- `{"type": "connected", ...}` — connection established
+- `{"type": "user_message", "data": {...}}` — echo of sent message
+- `{"type": "response", "data": {"content": "...", "is_final": true/false}}` — bot reply (streamed)
+
+### Group Trigger Rules
+
+Group messages only enter the pipeline if trigger rules are met:
+
+```json
+{
+  "group-respond-rules": {
+    "at": true,          // Respond when @bot
+    "prefix": ["ai"],    // Respond to messages starting with "ai"
+    "random": 0.0,       // Probability of responding to any message (0.0-1.0)
+    "regexp": []         // Regex patterns
+  }
+}
+```
+
+For testing, set `random: 1.0` via PUT `/api/v1/pipelines/<uuid>` to respond to all messages.
+
+**Important:** EventListener hooks like `GroupMessageReceived` fire regardless of trigger rules. Only the LLM processing (`GroupNormalMessageReceived` and beyond) requires trigger rules.
+
+### Plugin Hot-Reload
+
+There is **no hot-reload**. After changing plugin files:
+
+```bash
+docker restart <runtime-container>
+# Wait ~5 seconds for plugin to re-mount
+```
+
+The main LangBot container does NOT need restart for plugin changes — only the runtime container.
+
+## API Quick Reference
+
+### Admin Setup
+
+```bash
+# Initialize admin account (first time only)
+curl -X POST $BASE/api/v1/user/init \
+  -H "Content-Type: application/json" \
+  -d '{"user":"admin@test.com","password":"test123"}'
+
+# Login
+curl -X POST $BASE/api/v1/user/auth \
+  -H "Content-Type: application/json" \
+  -d '{"user":"admin@test.com","password":"test123"}'
+# Returns: {"data":{"token":"eyJ..."}}
+```
+
+### Provider & Model Setup
+
+```bash
+# Create provider
+curl -X POST $BASE/api/v1/provider/providers \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"name":"MyProvider","requester":"new-api-chat-completions","base_url":"https://api.example.com/v1","api_keys":["sk-xxx"]}'
+
+# Create LLM model
+curl -X POST $BASE/api/v1/provider/models/llm \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"name":"gpt-4o-mini","provider_uuid":"<uuid>","abilities":["chat","tool-use"]}'
+
+# List models
+curl $BASE/api/v1/provider/models/llm -H "Authorization: Bearer $TOKEN"
+```
+
+### Pipeline Config
+
+```bash
+# Get pipeline
+curl $BASE/api/v1/pipelines -H "Authorization: Bearer $TOKEN"
+
+# Update pipeline (e.g., set model, modify trigger rules)
+curl -X PUT $BASE/api/v1/pipelines/<uuid> \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '<full pipeline JSON>'
+```
+
+## Plugin Config Types
+
+Supported `type` values in `manifest.yaml` `spec.config`:
+
+| Type | Description | Value |
+|---|---|---|
+| `string` | Text input | string |
+| `int` / `integer` | Number input | int |
+| `float` | Decimal input | float |
+| `bool` / `boolean` | Toggle | bool |
+| `select` | Dropdown (needs `options`) | string |
+| `prompt-editor` | Multi-line prompt editor | string |
+| `llm-model-selector` | LLM model picker UI | UUID string |
+| `bot-selector` | Bot picker UI | UUID string |
+
+Example — let users choose which model the plugin uses:
+
+```yaml
+spec:
+  config:
+    - name: model
+      type: llm-model-selector
+      label:
+        en_US: 'LLM Model'
+        zh_Hans: 'LLM 模型'
+      description:
+        en_US: 'Select the LLM model. Falls back to first available if not set.'
+        zh_Hans: '选择 LLM 模型。未设置时使用第一个可用模型。'
+      required: false
+```
+
+Read config in plugin code:
+
+```python
+model_uuid = self.get_config().get("model")
+```
+
+## Container Restart Timing
+
+After plugin file changes, **only the runtime container needs restart**:
+
+```bash
+docker restart langbot-test-runtime
+# Wait ~15 seconds before testing
+```
+
+**When to restart both (runtime first, then host):**
+- Added/removed Command or Tool components (host caches component lists)
+- Changed `manifest.yaml` structure
+
+```bash
+docker restart langbot-test-runtime
+sleep 8
+docker restart langbot-test
+sleep 8
+```
+
+**⚠️ Do NOT restart both simultaneously** — the host may connect before plugins are mounted, causing 502 errors or missing plugin registrations.
+
+## Debugging Checklist
+
+When a plugin doesn't work:
+
+1. **Check runtime logs**: `docker logs <runtime-container>` — look for mount/init errors
+2. **Check host logs**: `docker logs <langbot-container>` — look for pipeline processing errors
+3. **Verify plugin loaded**: `GET /api/v1/plugins` — should list your plugin
+4. **Test person mode first**: `session_type=person` always triggers pipeline, isolating trigger rule issues
+5. **Check trigger rules**: Group mode requires @bot, prefix match, or random% to enter pipeline
+6. **Verify model configured**: Pipeline's `config.ai.local-agent.model.primary` must point to a valid model UUID with working API keys
+
+## Publishing Plugins
+
+After testing, publish via `lbp publish`:
+
+```bash
+cd /path/to/MyPlugin
+lbp publish
+```
+
+This builds `.lbpkg` and uploads to Space marketplace as a draft. Then go to https://space.langbot.app/market to upload screenshots and submit for review.
+
+**Prerequisite:** Must be logged in via `lbp login --token lbpat_xxx` (PAT from Space profile page).
+
+## Reference: EventListener-Only Plugin Pattern
+
+For plugins that react to messages without commands or tools (e.g., auto-summarize URLs, collect messages, translate):
+
+```
+MyPlugin/
+├── manifest.yaml       # Only EventListener in spec.components
+├── main.py             # BasePlugin with shared logic (fetch, LLM calls)
+├── components/
+│   └── event_listener/
+│       ├── detector.yaml
+│       └── detector.py
+└── requirements.txt
+```
+
+**manifest.yaml** — only declare EventListener:
+```yaml
+spec:
+  components:
+    EventListener:
+      fromDirs:
+      - path: components/event_listener/
+```
+
+**detector.py** — hook `*MessageReceived`, extract text, process, reply:
+```python
+@self.handler(events.PersonMessageReceived)
+async def on_msg(event_context: context.EventContext):
+    event = event_context.event
+    text_parts = []
+    for component in event.message_chain:
+        if isinstance(component, platform_message.Plain):
+            text_parts.append(component.text)
+    text = "".join(text_parts).strip()
+    
+    if should_handle(text):
+        event_context.prevent_default()
+        event_context.prevent_postorder()
+        result = await self.plugin.process(text)
+        await event_context.reply(platform_message.MessageChain([
+            platform_message.Plain(text=result)
+        ]))
+```
+
+**Key:** Access shared plugin logic via `self.plugin` (the BasePlugin instance).
@@ -0,0 +1,116 @@
+# Test Environment Setup
+
+## Docker Compose (GitOps)
+
+Create in `server-deploy` repo under `servers/<hostname>/langbot-test/docker-compose.yaml`:
+
+```yaml
+version: "3"
+services:
+  langbot_plugin_runtime:
+    image: rockchin/langbot:latest
+    container_name: langbot-test-runtime
+    volumes:
+      - /opt/docker-data/langbot-test/data/plugins:/app/data/plugins
+    ports:
+      - "5411:5401"
+    restart: on-failure
+    environment:
+      - TZ=Asia/Shanghai
+    command: ["uv", "run", "--no-sync", "-m", "langbot_plugin.cli.__init__", "rt"]
+    networks:
+      - langbot_test_network
+
+  langbot:
+    image: rockchin/langbot:latest
+    container_name: langbot-test
+    volumes:
+      - /opt/docker-data/langbot-test/data:/app/data
+    ports:
+      - "5310:5300"
+    restart: on-failure
+    depends_on:
+      - langbot_plugin_runtime
+    environment:
+      - TZ=Asia/Shanghai
+    networks:
+      - langbot_test_network
+
+networks:
+  langbot_test_network:
+    driver: bridge
+```
+
+## Post-Deploy Configuration
+
+After first start, LangBot auto-generates `data/config.yaml`. You need to update `plugin.runtime_ws_url` to match the runtime container name:
+
+```bash
+# On the host, edit config
+sed -i 's|ws://localhost:5400/control/ws|ws://langbot-test-runtime:5400/control/ws|' \
+  /opt/docker-data/langbot-test/data/config.yaml
+docker restart langbot-test
+```
+
+## Installing a Plugin
+
+Copy plugin directory to `data/plugins/` on the host:
+
+```bash
+scp -r MyPlugin/ user@host:/opt/docker-data/langbot-test/data/plugins/MyPlugin/
+docker restart langbot-test-runtime  # Runtime picks up new plugins on restart
+```
+
+## Caddy Reverse Proxy (Optional)
+
+If testing externally, add to Caddyfile on the same host:
+
+```
+langbot-test.example.com {
+    reverse_proxy langbot-test:5300
+}
+```
+
+Then reload: `docker exec caddy caddy reload --config /etc/caddy/Caddyfile`
+
+The WebSocket endpoint works through Caddy without special config.
+
+## WebSocket Test Script (Node.js)
+
+```javascript
+const WebSocket = require('ws');
+
+const PIPELINE_UUID = '<your-pipeline-uuid>';
+const BASE = 'wss://langbot-test.example.com';
+const URL = `${BASE}/api/v1/pipelines/${PIPELINE_UUID}/ws/connect?session_type=group`;
+
+const ws = new WebSocket(URL, {
+  headers: { Origin: BASE }
+});
+
+const send = (text) => {
+  ws.send(JSON.stringify({
+    type: 'message',
+    message: [{ type: 'Plain', text }]
+  }));
+  console.log('[SENT]', text);
+};
+
+ws.on('message', (data) => {
+  const msg = JSON.parse(data.toString());
+  if (msg.type === 'connected') {
+    console.log('Connected!');
+    // Send test messages
+    send('Message 1');
+    setTimeout(() => send('Message 2'), 500);
+    setTimeout(() => send('!summary'), 2000);
+  } else if (msg.type === 'response' && msg.data?.is_final) {
+    console.log('[BOT]', msg.data.content);
+  }
+});
+
+ws.on('error', (e) => console.error('Error:', e.message));
+setTimeout(() => { ws.close(); process.exit(); }, 60000);
+```
+
+Requires: `npm install ws`
@@ -0,0 +1,40 @@
+---
+name: langbot-skills-maintenance
+description: Maintain the langbot-skills repository with low duplication. Use when adding, editing, or auditing LangBot skills, references, cases, troubleshooting entries, indexes, or periodic entropy-control checks for this skills repository.
+---
+
+# LangBot Skills Maintenance
+
+Use this skill before changing reusable assets in this repository.
+
+## Workflow
+
+1. Read `AGENTS.md`, `skills/.env`, and the relevant existing skill files.
+2. Classify the change:
+   - `SKILL.md` for routing and concise operating rules.
+   - `references/*.md` for canonical detailed workflows.
+   - `cases/*.yaml` for executable test-plan skeletons.
+   - `suites/*.yaml` for reusable groups of case ids.
+   - `fixtures/fixtures.json` for deterministic fixture readiness metadata.
+   - `reports/evidence/<run-id>/automation-result.json` as automation output and `reports/evidence/<run-id>/result.json` as final judgment output; neither is a catalog asset to commit.
+   - `troubleshooting/*.yaml` for one reusable failure mode.
+3. Search existing assets before adding new files:
+   - `rg "<feature|error|case id>" skills`
+   - `bin/lbs case list`
+   - `bin/lbs suite list`
+   - `bin/lbs fixture list`
+4. Put detail in one canonical place and link to it from cases or routing bullets.
+5. Run the checks in `AGENTS.md` after edits.
+
+## Entropy Rules
+
+- Prefer extending an existing reference or troubleshooting entry when the root cause is the same.
+- Keep cases short: setup, action, evidence, pass/fail checks. Do not paste long prompts or debug transcripts when a reference exists.
+- Put machine-checkable inputs in `env`, `automation_env`, or fixtures; put operator-confirmed assumptions in `preconditions` so `test plan` can surface `manual_check`.
+- Keep suites short: title, intent, tags, and ordered case ids. Do not duplicate case steps inside a suite.
+- Keep fixture manifests factual: id, title, path, kind, and related case ids. Do not encode environment-specific absolute paths.
+- Keep troubleshooting entries narrow: symptoms, patterns, likely causes, fixes, related assets.
+- Do not hardcode local ports, browser profile paths, secrets, tokens, or provider keys.
+- Use `bin/lbs index --check` to verify the committed index is current without writing it; run `bin/lbs index` when the index needs regeneration.
+
+For periodic repository audits, read `references/curation-workflow.md`.
@@ -0,0 +1,70 @@
+# Curation Workflow
+
+Use this checklist when the repository starts accumulating repeated cases, copied steps, or overlapping troubleshooting entries.
+
+## Audit Pass
+
+1. Inspect the current surface:
+   - `bin/lbs case list`
+   - `bin/lbs case list --json --priority p0 --automation`
+   - `bin/lbs case list --ready`
+   - `bin/lbs case list --machine-ready`
+   - `bin/lbs suite list`
+   - `bin/lbs fixture list`
+   - `rg "sandbox|provider|pipeline|plugin|knowledge|mcp" skills`
+   - `rg "If .* fails|Known Pitfalls|Debug Chat|/api/v1" skills`
+2. Group nearby assets by intent, not by file path:
+   - user-facing scenario
+   - backend or provider dependency
+   - failure signature
+   - pass/fail evidence
+3. Pick one canonical owner:
+   - stable procedures belong in `references/`
+   - deterministic files and packages belong in `fixtures/` plus `fixtures/fixtures.json`
+   - repeated failure signatures belong in `troubleshooting/`
+   - runnable QA paths belong in `cases/`
+   - reusable groups of QA paths belong in `suites/`
+   - skill entry points belong in `SKILL.md`
+
+## Merge Or Split
+
+Merge when two files share the same trigger, root cause, and fix. Keep the stronger id and move missing patterns into it.
+
+Split when a file mixes unrelated failure modes or requires different fixes. Each troubleshooting id should map to one diagnosis path.
+
+Move repeated step lists out of cases and into a reference when more than one case would need the same prompt, UI path, or log interpretation.
+
+Add or update a suite when developers repeatedly run the same ordered group of cases. Do not copy case steps into suites; use `bin/lbs suite plan <suite-id>` to expand the group.
+Use `bin/lbs suite start <suite-id>` and `bin/lbs suite report <suite-id> --evidence-dir <dir>` when validating that a suite is operational end to end.
+
+Add or update `fixtures/fixtures.json` when a case depends on a deterministic file, plugin package, or local test server. The manifest should use repo-relative paths under the owning skill and should not contain machine-local absolute paths.
+
+When adding Debug Chat Playwright automation, reuse `scripts/e2e/lib/debug-chat.mjs` for navigation, prompt send, response leaf matching, and known failure classification. Keep case-specific prompts and expected sentinels in case YAML automation fields when possible.
+
+## Case Review
+
+For every changed case:
+
+1. Ensure `steps` describe what to execute, not every command in the underlying implementation.
+2. Ensure `checks` contain observable UI, log, network, or filesystem evidence.
+3. Ensure `diagnostics` are fallback investigation hints, not pass criteria.
+4. Ensure `priority`, `risk`, `ci_eligible`, and `evidence_required` match the actual repeatability and evidence burden.
+5. Put must-have env vars in `env` / `automation_env`; put one-of choices such as URL-or-name in `env_any` / `automation_env_any`.
+6. Ensure linked `skills` and `troubleshooting` ids exist.
+7. Run:
+
+   ```bash
+   bin/lbs validate
+   bin/lbs index --check
+   bin/lbs index
+   bin/lbs test plan <case-id>
+   ```
+
+## Final Gate
+
+Before handing off:
+
+- `git diff --stat` should show a focused change set.
+- `skills.index.json` should be regenerated only by `bin/lbs index`.
+- No new asset should contain local credentials, OAuth tokens, API keys, or copied localStorage values.
+- The final note should say which checks ran and which cases or troubleshooting ids changed.
@@ -0,0 +1,79 @@
+---
+name: langbot-space-ops
+description: Browse and search the LangBot Space marketplaces (plugins, MCP servers, skills) through the Space MCP server. Use when an AI agent needs to discover LangBot extensions on space.langbot.app over MCP. Covers the /mcp endpoint, Personal Access Token (PAT) auth, the tool surface, and client configuration. Triggers on "langbot space mcp", "search langbot plugins", "langbot marketplace mcp", "space.langbot.app mcp".
+---
+
+# LangBot Space MCP Operations
+
+LangBot Space (space.langbot.app) exposes an **MCP server** so user-facing AI
+agents can browse and search the marketplaces (plugins, MCP servers, skills).
+
+## Endpoint
+
+```
+https://space.langbot.app/mcp
+```
+
+Transport: **streamable HTTP** (stateless, JSON responses). For a self-hosted
+Space instance: `http://<host>:8383/mcp`.
+
+## Authentication
+
+Reuses the existing **Personal Access Token (PAT)** — the same token the `lbp`
+CLI uses. Create one in your Space account (Profile → Personal Access Tokens),
+then send it as a Bearer token:
+
+```
+Authorization: Bearer lbpat_...uests without a valid PAT get `401 Unauthorized`.
+
+## Client configuration
+
+```json
+{
+  "mcpServers": {
+    "langbot-space": {
+      "url": "https://space.langbot.app/mcp",
+      "headers": { "Authorization": "Bearer <your-pat>" }
+    }
+  }
+}
+```
+
+## Tool surface
+
+| Tool | Purpose |
+| --- | --- |
+| `list_plugins` / `search_plugins` / `get_plugin` | Plugin marketplace |
+| `list_mcp_servers` / `search_mcp_servers` / `get_mcp_server` | MCP-server marketplace |
+| `list_skills` / `search_skills` / `get_skill` | Skill marketplace |
+
+`list_*` and `search_*` are paged (`page`, `page_size`). `get_*` takes
+`author` + `name`. The tool surface mirrors the REST endpoints under
+`/api/v1/marketplace/*` and is read/browse only.
+
+## How to use
+
+1. Create a PAT in your Space account settings.
+2. Point your MCP client at `https://space.langbot.app/mcp` with the Bearer PAT.
+3. Use `search_plugins` / `search_mcp_servers` / `search_skills` to find items,
+   then `get_*` for details (e.g. to obtain author/name for installation in
+   LangBot itself).
+
+## Implementation & maintenance (for Space developers)
+
+- Server: `internal/controller/mcp/server.go` (official Go MCP SDK
+  `github.com/modelcontextprotocol/go-sdk`). Tools call the service layer
+  (`PluginService`, `MCPService`, `SkillService`) directly.
+- Mount: `internal/controller/api.go` at `/mcp` and `/mcp/*any`.
+- Auth: PAT via `AccountService.ValidatePersonalAccessToken`.
+- Docs: `docs/MCP_SERVER.md`.
+
+> When you add, remove, or change a marketplace API endpoint that should be
+> agent-accessible, update the corresponding MCP tool **and** this skill. The
+> MCP tool surface and the API must stay aligned (see `AGENTS.md`).
+
+## Pitfalls
+
+- The PAT prefix is `lbpat_` (Space), distinct from LangBot's `lbk_` API keys.
+- This server is read/browse only; it does not publish or modify marketplace
+  items. Use the web UI or REST API (with appropriate auth) for that.
@@ -0,0 +1,41 @@
+---
+name: langbot-testing
+description: Test LangBot WebUI and core product flows with an automated browser and backend logs. Use when validating the configured LangBot frontend, pipeline Debug Chat, model provider setup and test buttons, bot and knowledge-base UI flows, or troubleshooting failed LangBot end-to-end tests.
+---
+
+# LangBot Testing
+
+Use this skill when an agent needs to verify LangBot behavior through the WebUI instead of only reading code.
+
+## Routing
+
+- **General WebUI testing**: read `references/web-ui-testing.md`.
+- **Pipeline Debug Chat**: read `references/pipeline-debug-chat.md`.
+- **Dify AgentRunner**: read `references/dify-agent-runner.md`.
+- **Model provider setup or test button**: read `references/model-provider-testing.md`.
+- **Plugin install/runtime/tool/page smoke**: read `references/plugin-e2e-smoke.md`.
+- **Local Agent Runner**: read `references/local-agent-runner.md`.
+- **Local Agent Runner path coverage**: read `references/local-agent-runner-coverage.md`.
+- **Diff-aware AgentRunner QA after code changes**: read `references/agent-runner-qa-workflow.md`.
+- **Agent Runner release gate**: read `references/agent-runner-release-gate.md`.
+- **Sandbox-backed skill authoring**: read `references/sandbox-skill-authoring.md`.
+- **LangRAG knowledge bases**: read `references/langrag-knowledge-base.md`.
+- **MCP stdio tool testing**: read `references/mcp-stdio-testing.md`.
+- **Drive a live instance over MCP (not raw HTTP)**: use the `langbot-mcp-ops` skill — the instance exposes an MCP server at `http://<host>:5300/mcp` (reuses API keys). Useful for setting up bots/pipelines/models as test fixtures programmatically.
+- **Known failures and fixes**: read `references/troubleshooting.md`.
+- **Reusable test groups**: run `bin/lbs suite list` and `bin/lbs suite plan <suite-id>` before manually assembling a case set.
+
+## Rules
+
+- Read `../.env` first and use `LANGBOT_FRONTEND_URL` and `LANGBOT_BACKEND_URL` instead of hardcoded ports.
+- If a standalone frontend dev server is running, `LANGBOT_FRONTEND_URL` may point to `LANGBOT_DEV_FRONTEND_URL`; otherwise it may point to the backend WebUI.
+- Confirm the backend and frontend are actually running before testing.
+- Run `bin/lbs fixture check` before fixture-heavy MCP, RAG, multimodal, or plugin smoke tests.
+- For runner externalization release checks, run `bin/lbs test run agent-runner-release-preflight` before the full `agent-runner-release-gate` suite so configuration blockers are separated from product failures.
+- Read `Manual Readiness` in `bin/lbs test plan <case-id>`; `manual_check` means the declared preconditions or setup still need operator confirmation for this run.
+- Use an authenticated browser profile prepared by `langbot-env-setup`.
+- Do not expose API keys, OAuth secrets, tokens, or localStorage token values in output.
+- A WebUI test is not complete until the visible UI result is checked against backend logs or network behavior.
+- For a suite, use `bin/lbs suite start <suite-id>` to create the suite evidence root, per-case directories, and `suite-start.json`/`suite-start.md` handoff files; use `bin/lbs test result <case-id>` to write final per-case `result.json`, then run `bin/lbs suite report <suite-id> --evidence-dir <dir>`.
+- Do not mark a case `pass` until `test result --evidence` covers every value in the case's `evidence_required`.
+- For runner-specific Debug Chat cases, use the case-specific pipeline env declared by `automation_pipeline_url_env` / `automation_pipeline_name_env`; do not silently reuse a generic `LANGBOT_PIPELINE_URL`.
@@ -0,0 +1,79 @@
+id: acp-agent-runner-debug-chat
+title: "ACP AgentRunner can answer through Debug Chat using real remote Claude"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p2
+risk: high
+ci_eligible: false
+tags:
+  - agent-runner
+  - acp
+  - claude
+  - external-runner
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+env_any:
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL|LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+  - LANGBOT_E2E_PROMPT
+  - LANGBOT_E2E_EXPECTED_TEXT
+  - LANGBOT_E2E_EXPECTED_RUNNER_ID
+  - LANGBOT_E2E_RESPONSE_TIMEOUT_MS
+automation_pipeline_url_env: LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+automation_expected_runner_id: "plugin:langbot/acp-agent-runner/default"
+automation_prompt: "Use the injected LangBot MCP server tool langbot_get_current_event once. If the MCP call succeeds, reply with exactly ACP_AGENT_RUNNER_E2E_OK."
+automation_expected_text: "ACP_AGENT_RUNNER_E2E_OK"
+automation_response_timeout_ms: "300000"
+setup_automation:
+  - "node:scripts/e2e/ensure-acp-agent-runner-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+preconditions:
+  - "The remote machine has a working Claude Code login and can run npx -y @agentclientprotocol/claude-agent-acp."
+  - "LangBot can non-interactively SSH to the remote machine; the runner opens the MCP reverse tunnel automatically."
+steps:
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Open the ACP AgentRunner QA pipeline."
+  - "Confirm the pipeline AI runner is plugin:langbot/acp-agent-runner/default."
+  - "Open Debug Chat."
+  - "Ask the real remote Claude ACP agent to call langbot_get_current_event and return ACP_AGENT_RUNNER_E2E_OK exactly."
+checks:
+  - "UI: Debug Chat shows the user prompt."
+  - "UI: Debug Chat shows a Bot response containing ACP_AGENT_RUNNER_E2E_OK."
+  - "Logs: Backend logs include Processing request from person_websocket and Streaming completed for this run."
+  - "Logs: No acp runner request error appears for this run."
+  - "Console: No unexpected frontend errors appear during Debug Chat."
+evidence_required:
+  - ui
+  - console
+  - backend_log
+diagnostics:
+  - "Use scripts/e2e/ensure-acp-agent-runner-pipeline.mjs --write-env to create/update the pipeline."
+  - "For remote Claude on 101, verify ssh yhh@101.34.71.12 can run without password prompts; no separate ssh -R process is required."
+success_patterns:
+  - "ACP_AGENT_RUNNER_E2E_OK"
+  - "Processing request from person_websocket"
+  - "Streaming completed"
+failure_patterns:
+  - "acp.command_not_found"
+  - "acp.process_exited"
+  - "Agent runner plugin:langbot/acp-agent-runner/default execution failed"
+troubleshooting:
+  - backend-not-listening
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
@@ -0,0 +1,34 @@
+id: agent-runner-async-db-readiness
+title: "AgentRunner async DB readiness probe"
+mode: probe
+area: release
+type: smoke
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - async-db
+  - aiosqlite
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-async-db-readiness.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-async-db-readiness --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation checks whether a direct aiosqlite in-memory connection can create a table within the readiness timeout."
+checks:
+  - "automation-result.json status is pass or env_issue."
+  - "pass means async SQLite tests are worth running."
+  - "env_issue means async SQLite-dependent Host pytest probes should be classified as environment-limited until fixed."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "If this probe returns env_issue, run agent-runner-ledger-invariants for fast ledger coverage and skip async ledger pytest as a release blocker in this environment."
+success_patterns:
+  - "AIOSQLITE_READY"
+failure_patterns:
+  - "aiosqlite readiness timed out"
+troubleshooting:
+  - aiosqlite-connect-hangs
@@ -0,0 +1,34 @@
+id: agent-runner-behavior-matrix
+title: "AgentRunner deterministic behavior matrix probe"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - deterministic-runner
+  - protocol
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-behavior-matrix.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-behavior-matrix --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation reads fixtures/agent-runner/qa-runner-behaviors.json and validates each result sequence through the Host AgentResultNormalizer."
+checks:
+  - "automation-result.json status is pass."
+  - "probe-stdout.log contains QA_RUNNER_BEHAVIOR_MATRIX_OK."
+  - "The matrix covers ok, stream_ok, empty_output, malformed_result, and controlled_failure."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "fail means the deterministic behavior fixture and Host result normalization disagree."
+success_patterns:
+  - "QA_RUNNER_BEHAVIOR_MATRIX_OK"
+failure_patterns:
+  - "AssertionError"
+  - "RunnerProtocolError"
+  - "behavior matrix exited"
@@ -0,0 +1,35 @@
+id: agent-runner-fixture-contract
+title: "QA AgentRunner fixture contract probe"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - fixture
+  - deterministic-runner
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-fixture-contract.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-fixture-contract --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation imports the QA AgentRunner fixture source and executes normal, streaming, and controlled-failure paths with SDK entities."
+checks:
+  - "automation-result.json status is pass."
+  - "probe-stdout.log contains QA_AGENT_RUNNER_FIXTURE_CONTRACT_OK."
+  - "Normal input returns QA_AGENT_RUNNER_OK:<input>."
+  - "Streaming input emits message.delta chunks and completes."
+  - "Failure input returns QA_AGENT_RUNNER_CONTROLLED_FAILURE."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "This validates the deterministic fixture source contract. It does not prove the plugin package is installed in a live LangBot instance."
+success_patterns:
+  - "QA_AGENT_RUNNER_FIXTURE_CONTRACT_OK"
+failure_patterns:
+  - "AssertionError"
+  - "fixture contract exited"
@@ -0,0 +1,41 @@
+id: agent-runner-ledger-concurrency
+title: "AgentRunner run ledger concurrency and auth pytest probe"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - pytest
+  - run-ledger
+  - concurrency
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-ledger-concurrency.mjs
+preconditions:
+  - "This Host pytest probe can be slow in the current multi-repo dev environment; keep it in the release gate, but do not treat a timeout as a browser E2E failure without checking pytest logs."
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-ledger-concurrency --dry-run` first; remove `--dry-run` only after `agent-runner-async-db-readiness` is pass."
+  - "Automation resolves LANGBOT_REPO, defaulting to ../LangBot when the env var is unset."
+  - "Automation runs selected high-value tests from test_run_ledger_store.py and test_run_ledger_api_auth.py."
+checks:
+  - "automation-result.json status is pass."
+  - "pytest exit status is 0 for selected run ledger claim, lease, status, token, ownership, and active-claim tests."
+  - "pytest-stdout.log and pytest-stderr.log are written under LBS_EVIDENCE_DIR."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "env_issue means LANGBOT_REPO/default ../LangBot did not resolve, rtk/uv was unavailable, or the expected test files are missing."
+  - "fail means one of the selected LangBot run ledger pytest targets failed or timed out."
+success_patterns:
+  - "pytest passed"
+failure_patterns:
+  - "pytest exited with status"
+  - "pytest timed out"
+  - "Failed to start pytest command"
+troubleshooting:
+  - aiosqlite-connect-hangs
@@ -0,0 +1,34 @@
+id: agent-runner-ledger-contention
+title: "AgentRunner ledger SQLite contention probe"
+mode: probe
+area: release
+type: regression
+priority: p1
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - stress
+  - ledger
+  - concurrency
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-ledger-contention.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-ledger-contention --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation creates 120 queued runs in a file-backed SQLite database and uses eight worker threads to claim runs under write contention."
+checks:
+  - "automation-result.json status is pass."
+  - "probe-stdout.log contains LEDGER_CONTENTION_OK."
+  - "Every run is claimed once, reaches completed status, and has dispatch_attempts = 1."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "This probe catches obvious exactly-once claim regressions under local SQLite contention; it does not replace async Host pytest or PostgreSQL concurrency checks."
+success_patterns:
+  - "LEDGER_CONTENTION_OK"
+failure_patterns:
+  - "AssertionError"
+  - "ledger contention exited"
@@ -0,0 +1,35 @@
+id: agent-runner-ledger-invariants
+title: "AgentRunner ledger schema and status invariants probe"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - ledger
+  - invariant
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-ledger-invariants.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-ledger-invariants --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation resolves LANGBOT_REPO, defaulting to ../LangBot, and imports the sibling SDK from LANGBOT_PLUGIN_SDK_REPO or ../langbot-plugin-sdk/src."
+  - "Automation checks run status sets, terminal status validation, ledger table/index DDL, and a minimal synchronous insert/read path."
+checks:
+  - "automation-result.json status is pass."
+  - "probe-stdout.log contains LEDGER_INVARIANTS_OK."
+  - "The probe does not require aiosqlite or browser UI."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "env_issue means LANGBOT_REPO/default ../LangBot did not resolve or Python dependencies are unavailable."
+  - "fail means a ledger schema/status invariant changed and the release gate needs review."
+success_patterns:
+  - "LEDGER_INVARIANTS_OK"
+failure_patterns:
+  - "AssertionError"
+  - "ledger invariant probe exited"
@@ -0,0 +1,33 @@
+id: agent-runner-ledger-stress
+title: "AgentRunner ledger lightweight stress probe"
+mode: probe
+area: release
+type: regression
+priority: p1
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - stress
+  - ledger
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-ledger-stress.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-ledger-stress --dry-run` first; remove `--dry-run` after checking the planned evidence directory."
+  - "Automation creates 100 queued runs in synchronous SQLite and simulates five runtimes claiming them in priority order."
+checks:
+  - "automation-result.json status is pass."
+  - "probe-stdout.log contains LEDGER_STRESS_OK."
+  - "Every run is claimed once and reaches a terminal completed status."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "This probe is a fast deterministic stress baseline; it does not replace PostgreSQL/async concurrency tests."
+success_patterns:
+  - "LEDGER_STRESS_OK"
+failure_patterns:
+  - "AssertionError"
+  - "ledger stress exited"
@@ -0,0 +1,46 @@
+id: agent-runner-live-install
+title: "QA AgentRunner package installs and registers in LangBot"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: false
+tags:
+  - agent-runner
+  - plugin
+  - local-install
+  - fixture
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_REPO
+  - LANGBOT_E2E_LOGIN_USER
+automation: scripts/e2e/install-qa-plugin-smoke.mjs
+automation_plugin_package: "skills/langbot-testing/fixtures/plugins/qa-agent-runner/dist/qa-agent-runner-0.1.0.lbpkg"
+automation_expected_plugin_id: "qa/agent-runner"
+automation_expected_tool: ""
+automation_expected_runner_id: "plugin:qa/agent-runner/default"
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-live-install --dry-run` first; remove `--dry-run` only after readiness points at a local test LangBot instance."
+  - "Automation authenticates the local test user, uploads the QA AgentRunner .lbpkg package, waits for the install task, and reads pipeline metadata."
+checks:
+  - "automation-result.json status is pass."
+  - "/api/v1/plugins lists qa/agent-runner after install."
+  - "/api/v1/pipelines/_/metadata lists plugin:qa/agent-runner/default as an available runner."
+evidence_required:
+  - api_diagnostic
+  - filesystem
+diagnostics:
+  - "This proves the deterministic package installs and registers a runner. It does not prove Debug Chat execution; use a later browser case for that."
+  - "If installation fails during dependencies, inspect plugin runtime logs and plugin-dependency-install-offline."
+success_patterns:
+  - "qa/agent-runner is installed."
+failure_patterns:
+  - "Plugin install task did not complete successfully"
+  - "plugin:qa/agent-runner/default is not listed"
+troubleshooting:
+  - plugin-runtime-timeout
+  - plugin-dependency-install-offline
@@ -0,0 +1,70 @@
+id: agent-runner-qa-debug-chat
+title: "QA AgentRunner returns deterministic output through Debug Chat"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p0
+risk: high
+ci_eligible: false
+tags:
+  - agent-runner
+  - pipeline
+  - debug-chat
+  - fixture
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME
+automation_expected_runner_id: "plugin:qa/agent-runner/default"
+automation_prompt: "hello-live"
+automation_expected_text: "QA_AGENT_RUNNER_OK:hello-live"
+automation_response_timeout_ms: "120000"
+automation_reset_debug_chat: "1"
+setup_automation:
+  - "case:agent-runner-live-install"
+  - "node:scripts/e2e/ensure-qa-agent-runner-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL
+  - LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME
+steps:
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Open the pipeline from LANGBOT_QA_AGENT_RUNNER_PIPELINE_URL or LANGBOT_QA_AGENT_RUNNER_PIPELINE_NAME."
+  - "Confirm the pipeline AI runner is plugin:qa/agent-runner/default."
+  - "Open Debug Chat."
+  - "Send: hello-live."
+checks:
+  - "UI: The user message appears in Debug Chat."
+  - "UI: A Bot message appears and contains QA_AGENT_RUNNER_OK:hello-live."
+  - "API diagnostic: pipeline config uses plugin:qa/agent-runner/default."
+  - "Console: No unexpected frontend runtime errors appear during the send/receive path."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - network
+  - api_diagnostic
+diagnostics:
+  - "This is the deterministic live execution proof that sits after fixture contract and live install."
+  - "If the runner id mismatch is reported, rerun ensure-qa-agent-runner-pipeline.mjs --write-env."
+success_patterns:
+  - "QA_AGENT_RUNNER_OK:hello-live"
+failure_patterns:
+  - "plugin:qa/agent-runner/default execution failed"
+  - "Action invoke_llm_stream call timed out"
+  - "Agent runner temporarily unavailable"
+troubleshooting:
+  - plugin-runtime-timeout
@@ -0,0 +1,74 @@
+id: agent-runner-release-preflight
+title: "Agent runner release gate preflight validates environment readiness"
+mode: agent-browser
+area: release
+type: smoke
+priority: p0
+risk: high
+ci_eligible: false
+tags:
+  - agent-runner
+  - release-gate
+  - preflight
+  - environment
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+env_any:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL|LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL|LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+automation: scripts/e2e/agent-runner-release-preflight.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+automation_env_any:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL|LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+  - LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL|LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME
+preconditions:
+  - "LANGBOT_LOCAL_AGENT_PIPELINE_URL or LANGBOT_LOCAL_AGENT_PIPELINE_NAME points to the local-agent release pipeline."
+  - "LANGBOT_ACP_AGENT_RUNNER_PIPELINE_URL or LANGBOT_ACP_AGENT_RUNNER_PIPELINE_NAME points to the ACP AgentRunner release pipeline."
+  - "The active browser profile is authenticated for the same LangBot backend."
+  - "By default the preflight performs a cheap model test for the local-agent primary model; set LANGBOT_PREFLIGHT_TEST_MODELS=0 only when deliberately classifying model credentials outside this run."
+steps:
+  - "Open LANGBOT_FRONTEND_URL with the configured browser profile."
+  - "Use the browser token to call LangBot backend readiness APIs without printing token values."
+  - "Check plugin runtime status, Box status, required runner plugins, qa-plugin-smoke, and qa_plugin_echo."
+  - "Resolve the local-agent and ACP AgentRunner QA pipelines from their case-specific env vars."
+  - "Assert each pipeline uses the expected runner id."
+  - "Assert the external runner pipeline uses the expected runner id."
+  - "Assert the local-agent primary model advertises func_call and vision for the full release gate."
+  - "Run the local-agent primary model test endpoint unless LANGBOT_PREFLIGHT_TEST_MODELS=0."
+checks:
+  - "API diagnostic: api-diagnostic.json has no blockers and no env_issues."
+  - "API diagnostic: required pipelines resolve to plugin:langbot/local-agent/default and plugin:langbot/acp-agent-runner/default."
+  - "API diagnostic: qa_plugin_echo is exposed by /api/v1/tools."
+  - "API diagnostic: local-agent model check catches invalid credentials or missing func_call/vision before release E2E starts."
+  - "Secret safety: token values, api keys, and provider secrets are not printed."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - network
+  - api_diagnostic
+diagnostics:
+  - "blocked means the test instance is not configured for the full release gate: missing pipeline, wrong runner id, or missing plugin."
+  - "env_issue means the runtime or upstream dependency is not usable: backend unavailable, plugin runtime down, Box down, or the local-agent model cannot pass a model test."
+  - "If qa_mcp_echo is absent here, continue to mcp-stdio-register before mcp-stdio-tool-call; qa_mcp_echo is not required before registration."
+  - "If the model check fails with invalid api key, switch the local-agent release pipeline to a known-good func_call model before diagnosing runner code."
+success_patterns:
+  - "Release gate preflight passed"
+failure_patterns:
+  - "Preflight blocked"
+  - "Preflight environment issue"
+  - "invalid api key"
+  - "runner.llm_error"
+troubleshooting:
+  - backend-not-listening
+  - plugin-runtime-timeout
+  - local-agent-model-route-unavailable
+  - proxy-env-mismatch
@@ -0,0 +1,38 @@
+id: agent-runner-runtime-chaos
+title: "AgentRunner SDK runtime chaos pytest probe"
+mode: probe
+area: release
+type: regression
+priority: p0
+risk: high
+ci_eligible: true
+tags:
+  - agent-runner
+  - probe
+  - pytest
+  - runtime
+  - sdk
+skills:
+  - langbot-testing
+env:
+automation: skills/langbot-testing/probes/agent-runner-runtime-chaos.mjs
+steps:
+  - "Run `rtk bin/lbs test run agent-runner-runtime-chaos --dry-run` first; remove `--dry-run` after checking the SDK repo target and evidence directory."
+  - "Automation resolves LANGBOT_PLUGIN_SDK_REPO, defaulting to ../langbot-plugin-sdk when the env var is unset."
+  - "Automation runs the existing SDK pytest files tests/runtime/plugin/test_mgr_agent_runner.py and tests/runtime/test_pull_api_handlers.py."
+checks:
+  - "automation-result.json status is pass."
+  - "pytest exit status is 0 for the existing AgentRunner runtime and pull API handler tests."
+  - "pytest-stdout.log and pytest-stderr.log are written under LBS_EVIDENCE_DIR."
+evidence_required:
+  - filesystem
+diagnostics:
+  - "This probe does not open the WebUI; it runs SDK pytest targets directly."
+  - "env_issue means LANGBOT_PLUGIN_SDK_REPO/default ../langbot-plugin-sdk did not resolve, rtk/uv was unavailable, or the expected test files are missing."
+  - "fail means the existing SDK runtime pytest target failed or timed out."
+success_patterns:
+  - "pytest passed"
+failure_patterns:
+  - "pytest exited with status"
+  - "pytest timed out"
+  - "Failed to start pytest command"
@@ -0,0 +1,51 @@
+id: dify-agent-debug-chat
+title: "Dify AgentRunner returns a response through Pipeline Debug Chat"
+mode: agent-browser
+area: pipeline
+type: provider
+priority: p2
+risk: medium
+ci_eligible: false
+tags:
+  - dify
+  - agent-runner
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+preconditions:
+  - "A Dify app Service API key is available from the active secret source and must not be printed in reports."
+  - "The target pipeline is safe to modify for Dify runner configuration."
+steps:
+  - "Ensure a Dify app Service API key is available from the active secret source."
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Pipelines and open the target pipeline."
+  - "Open Configuration > AI."
+  - "Select runner Dify."
+  - "Set Base URL, App Type, API Key, Base Prompt, and Timeout according to references/dify-agent-runner.md."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Send a prompt asking the bot to reply exactly with a unique sentinel, for example LANGBOT_DIFY_OK_<date>."
+checks:
+  - "UI: The runner selector and runner config identify Dify, not a generic Default label."
+  - "UI: Debug Chat shows a Bot message containing the sentinel."
+  - "History/log validation: The sentinel is present in an assistant/bot message, not only in the echoed User message."
+  - "Logs: Backend logs show Dify /chat-messages returned HTTP 200 and Conversation(0) Streaming completed."
+  - "Console: No unexpected frontend errors appear during runner configuration or Debug Chat."
+  - "Secret safety: No Dify API key, JWT, or browser token is printed in reports."
+evidence_required:
+  - ui
+  - console
+  - backend_log
+diagnostics:
+  - "Use direct Dify streaming API only to distinguish invalid Dify credentials from LangBot runner failures."
+  - "If direct Dify blocking mode fails for an Agent Chat app, retry streaming before treating credentials as invalid."
+  - "Use GET /api/v1/pipelines/{uuid} only to confirm saved runner_config."
+troubleshooting:
+  - agent-runner-actor-context-fields
+  - ambiguous-runner-default-label
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
@@ -0,0 +1,57 @@
+id: langrag-kb-retrieve
+title: "LangRAG knowledge base ingests and retrieves a sentinel document"
+mode: agent-browser
+area: knowledge
+type: feature
+priority: p1
+risk: medium
+ci_eligible: false
+tags:
+  - langrag
+  - knowledge
+  - rag
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+automation: scripts/e2e/langrag-kb-retrieve.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+automation_env_any:
+  - LANGBOT_LOCAL_AGENT_RAG_KB_UUID|LANGBOT_RAG_KB_UUID
+automation_expected_text: "azalea-cobalt-7421"
+preconditions:
+  - "LangRAG is installed and initialized in the active LangBot instance."
+  - "A working embedding model is available, preferably chroma-all-MiniLM-L6-v2 for local repeatability."
+  - "LANGBOT_LOCAL_AGENT_RAG_KB_UUID points to a LangRAG knowledge base containing azalea-cobalt-7421."
+steps:
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Knowledge."
+  - "Create a knowledge base with engine LangRAG."
+  - "Select a working embedding model, preferably local Chroma embedding model chroma-all-MiniLM-L6-v2."
+  - "Upload skills/langbot-testing/fixtures/rag/sentinel-doc.txt."
+  - "Wait until the document row status is Completed."
+  - "Open Retrieve Test and query: What is the local agent runner retrieval sentinel?"
+checks:
+  - "UI: The knowledge base appears in the Knowledge sidebar."
+  - "UI: The uploaded document status becomes Completed."
+  - "UI: Retrieve Test shows the uploaded document content."
+  - "UI: Retrieve Test result contains azalea-cobalt-7421."
+  - "Console: No unexpected frontend errors appear during creation, upload, or retrieve."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - backend_log
+diagnostics:
+  - "If no LangRAG engine is available, check /api/v1/knowledge/engines and install langbot-team/LangRAG."
+  - "If the embedding selector does not show a local Chroma model, confirm the model exists under embedding_models, not llm_models."
+troubleshooting:
+  - marketplace-network-flaky
+  - dynamic-form-missing-config-id
+  - pipeline-form-controlled-warning
@@ -0,0 +1,69 @@
+id: langrag-parser-golden-e2e
+title: "LangRAG and GeneralParsers retrieve a structured golden document"
+mode: agent-browser
+area: knowledge
+type: regression
+priority: p1
+risk: high
+ci_eligible: false
+tags:
+  - golden
+  - e2e
+  - langrag
+  - parser
+  - knowledge
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_REPO
+  - LANGBOT_WEB_REPO
+  - LANGBOT_RAG_PLUGIN_REPO
+  - LANGBOT_PARSER_PLUGIN_REPO
+preconditions:
+  - "LANGBOT_REPO and plugin repo env values point to the worktrees intended for this golden parser/RAG run."
+  - "The active LangBot environment can build and install local LangRAG and GeneralParsers plugin packages."
+  - "A working embedding model is available before the Knowledge UI path starts."
+steps:
+  - "Use LANGBOT_REPO as the active LangBot worktree and confirm it is the current master worktree for this run."
+  - "Start or verify the LangBot backend and frontend from LANGBOT_REPO and LANGBOT_WEB_REPO."
+  - "Build local plugin zips from LANGBOT_RAG_PLUGIN_REPO and LANGBOT_PARSER_PLUGIN_REPO using LANGBOT_REPO/.venv/bin/lbp build."
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Plugins and install or update the local LangRAG zip and GeneralParsers zip."
+  - "Wait until both plugins are initialized: langbot-team/LangRAG and langbot-team/GeneralParsers."
+  - "Navigate to Knowledge."
+  - "Create a knowledge base with engine LangRAG and a working embedding model, preferably chroma-all-MiniLM-L6-v2."
+  - "Keep index type Chunk for this golden case."
+  - "Upload skills/langbot-testing/fixtures/rag/parser-golden.html."
+  - "When the upload UI asks for a parser, select GeneralParsers for text/html."
+  - "Wait until the document row status is Completed."
+  - "Open Retrieve Test and query: What is the parser-rag golden sentinel and which parser/engine pair is documented? Return the exact sentinel and pair."
+checks:
+  - "UI: Plugins shows langbot-team/LangRAG initialized."
+  - "UI: Plugins shows langbot-team/GeneralParsers initialized."
+  - "UI: The upload flow selects GeneralParsers for the HTML fixture, or the parser selector clearly defaults to GeneralParsers."
+  - "UI: The uploaded parser-golden.html document status becomes Completed."
+  - "UI: Retrieve Test result contains aurora-parser-rag-9137."
+  - "UI: Retrieve Test result contains GeneralParsers and LangRAG."
+  - "UI: Retrieve Test result preserves the table as Markdown, including '| Parser field | Golden value |'."
+  - "Console: No unexpected frontend errors appear during plugin install, KB creation, upload, or retrieve."
+  - "Logs: Backend/plugin logs show GeneralParsers parsed parser-golden.html and LangRAG used pre-parsed external parser content."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - backend_log
+diagnostics:
+  - "If LangRAG is missing, check /api/v1/knowledge/engines for plugin id langbot-team/LangRAG."
+  - "If GeneralParsers is missing, check /api/v1/knowledge/parsers?mime_type=text/html for plugin id langbot-team/GeneralParsers."
+  - "If GeneralParsers local install fails on PyMuPDF, confirm the active LangBot master venv can import fitz and retry Upload Local."
+  - "If the document completes but table pipes are missing, inspect logs for LangRAG fallback to the internal FileParser instead of external parser content."
+  - "If embedding selection is empty, confirm the test embedding model exists under embedding_models, not llm_models."
+troubleshooting:
+  - plugin-runtime-timeout
+  - plugin-dependency-install-offline
+  - marketplace-network-flaky
+  - dynamic-form-missing-config-id
+  - proxy-env-mismatch
@@ -0,0 +1,38 @@
+id: langrag-sentinel-kb-discover
+title: "Existing LangRAG sentinel knowledge base is discoverable"
+mode: probe
+area: knowledge
+type: regression
+priority: p1
+risk: medium
+ci_eligible: false
+tags:
+  - langrag
+  - knowledge
+  - rag
+  - fixture
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_REPO
+  - LANGBOT_E2E_LOGIN_USER
+automation: scripts/e2e/ensure-langrag-sentinel-kb.mjs
+automation_expected_text: "azalea-cobalt-7421"
+steps:
+  - "Run `rtk bin/lbs test run langrag-sentinel-kb-discover --dry-run` first; remove `--dry-run` only after readiness points at a local test LangBot instance."
+  - "Automation authenticates the local test user, lists knowledge bases, retrieves against each one, and looks for azalea-cobalt-7421."
+checks:
+  - "automation-result.json status is pass when an existing KB retrieves the sentinel."
+  - "When run with `node:scripts/e2e/ensure-langrag-sentinel-kb.mjs --write-env`, LANGBOT_LOCAL_AGENT_RAG_KB_UUID is written to skills/.env.local."
+evidence_required:
+  - api_diagnostic
+diagnostics:
+  - "This case does not create a knowledge base. It only discovers a KB already prepared by langrag-kb-retrieve or by an equivalent local setup."
+success_patterns:
+  - "Found LangRAG sentinel knowledge base"
+failure_patterns:
+  - "No existing knowledge base retrieved expected sentinel"
+troubleshooting:
+  - marketplace-network-flaky
@@ -0,0 +1,71 @@
+id: local-agent-basic-debug-chat
+title: "Local Agent Debug Chat returns a deterministic streaming response"
+mode: agent-browser
+area: pipeline
+type: smoke
+priority: p0
+risk: medium
+ci_eligible: false
+tags:
+  - local-agent
+  - pipeline
+  - streaming
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_prompt: "请只回复 OK，用于前端调试测试。"
+automation_expected_text: "OK"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+steps:
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Pipelines and open the target local-agent pipeline."
+  - "Open Configuration > AI."
+  - "Use runner Default or the pluginized langbot/local-agent runner."
+  - "Select a model that is known to answer Debug Chat in the current environment."
+  - "Clear Knowledge Bases unless this run intentionally combines RAG with the smoke path."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Ensure the stream switch is enabled when the UI exposes it."
+  - "Send: 请只回复 OK，用于前端调试测试。"
+checks:
+  - "UI: The user message appears in Debug Chat."
+  - "UI: A Bot message appears and contains OK."
+  - "Console: No unexpected frontend runtime errors appear during the send/receive path."
+  - "Logs: Backend logs show the debug chat request completed on the streaming path instead of timing out in plugin/runtime calls."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - backend_log
+diagnostics:
+  - "Provider errors such as model_not_found or no available channel mean the selected model is unavailable; switch to a known-good model before diagnosing local-agent."
+  - "Use GET /api/v1/pipelines/{uuid} only to confirm the saved runner and model config."
+success_patterns:
+  - "Processing request from person_websocket"
+  - "Streaming completed"
+failure_patterns:
+  - "Action invoke_llm_stream call timed out"
+  - "Task exception was never retrieved"
+  - "survey widget blocks debug chat"
+troubleshooting:
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
@@ -0,0 +1,87 @@
+id: local-agent-context-compaction-debug-chat
+title: "Local Agent compacts long Debug Chat history and preserves older facts"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p1
+risk: high
+ci_eligible: false
+tags:
+  - local-agent
+  - pipeline
+  - context
+  - compaction
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_expected_runner_id: "plugin:langbot/local-agent/default"
+automation_runner_config_patch_json: '{"context-window-tokens":225,"context-reserve-tokens":50,"context-keep-recent-tokens":30,"context-summary-tokens":105,"knowledge-bases":[]}'
+automation_restore_runner_config: "1"
+automation_reset_debug_chat: "1"
+automation_debug_chat_session_type: "person"
+automation_expected_text: "qa_compaction_sentinel_7391"
+automation_response_timeout_ms: "180000"
+automation_prompts_json: '[{"prompt":"请记住这个用于 local-agent context compaction 回归测试的暗号：qa_compaction_sentinel_7391。请只回复 MEMORY_SET。","expected_text":"MEMORY_SET","response_timeout_ms":"180000"},{"prompt":"下面这轮只用于制造长历史压力，内容没有业务含义。请忽略填充内容，最后只回复 CONTEXT_PRESSURE_READY。填充片段 A001 context padding for local-agent compaction. A002 context padding for local-agent compaction. A003 context padding for local-agent compaction. A004 context padding for local-agent compaction. A005 context padding for local-agent compaction. A006 context padding for local-agent compaction. A007 context padding for local-agent compaction. A008 context padding for local-agent compaction. A009 context padding for local-agent compaction. A010 context padding for local-agent compaction. A011 context padding for local-agent compaction. A012 context padding for local-agent compaction. A013 context padding for local-agent compaction. A014 context padding for local-agent compaction. A015 context padding for local-agent compaction. A016 context padding for local-agent compaction. A017 context padding for local-agent compaction. A018 context padding for local-agent compaction. A019 context padding for local-agent compaction. A020 context padding for local-agent compaction. A021 context padding for local-agent compaction. A022 context padding for local-agent compaction. A023 context padding for local-agent compaction. A024 context padding for local-agent compaction. A025 context padding for local-agent compaction. A026 context padding for local-agent compaction. A027 context padding for local-agent compaction. A028 context padding for local-agent compaction. A029 context padding for local-agent compaction. A030 context padding for local-agent compaction. A031 context padding for local-agent compaction. A032 context padding for local-agent compaction. A033 context padding for local-agent compaction. A034 context padding for local-agent compaction. A035 context padding for local-agent compaction. A036 context padding for local-agent compaction. A037 context padding for local-agent compaction. A038 context padding for local-agent compaction. A039 context padding for local-agent compaction. A040 context padding for local-agent compaction.","expected_text":"CONTEXT_PRESSURE_READY","response_timeout_ms":"180000"},{"prompt":"刚才第一轮我要求你记住的测试暗号是什么？请只回复暗号本身，不要解释。","expected_text":"qa_compaction_sentinel_7391","response_timeout_ms":"180000"}]'
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+preconditions:
+  - "The selected model route can follow short deterministic instructions across multiple Debug Chat turns."
+steps:
+  - "Open the target local-agent pipeline through LANGBOT_FRONTEND_URL."
+  - "Use the authenticated browser token only inside automation to GET and PUT /api/v1/pipelines/{uuid}."
+  - "Assert the saved runner is plugin:langbot/local-agent/default."
+  - "Temporarily set context-window-tokens, context-reserve-tokens, context-keep-recent-tokens, and context-summary-tokens to force compaction, and clear knowledge-bases so RAG does not answer the memory question."
+  - "Reset the person Debug Chat session for the target pipeline."
+  - "Send the sentinel memory prompt and wait for MEMORY_SET."
+  - "Send the long padding prompt and wait for CONTEXT_PRESSURE_READY."
+  - "Ask for the original sentinel and wait for qa_compaction_sentinel_7391."
+  - "Restore the original runner config."
+checks:
+  - "UI: All three user messages appear in Debug Chat."
+  - "UI: The final Bot message contains qa_compaction_sentinel_7391."
+  - "API diagnostic: pipeline-config-diagnostic.json shows patched=true and patch_keys include the four token context compaction fields plus knowledge-bases."
+  - "API diagnostic: pipeline-config-restore-diagnostic.json shows the original runner config was restored."
+  - "Logs: Backend completes the multi-turn Debug Chat path without runner timeout or model setup failure."
+  - "Console: No unexpected frontend runtime errors appear during the run."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - backend_log
+  - api_diagnostic
+diagnostics:
+  - "If the final sentinel is missing, inspect whether pipeline-config-diagnostic.json targeted ai.runner_config[runnerId], cleared knowledge-bases, and whether the backend log shows the local-agent runner loading the small context settings."
+  - "If the model ignores deterministic replies, rerun with a known-good model route before diagnosing ContextAssembler."
+  - "If restore fails, use pipeline-config-restore-diagnostic.json and GET /api/v1/pipelines/{uuid} to confirm the current saved config before retrying."
+success_patterns:
+  - "Processing request from person_websocket"
+  - "Streaming completed"
+failure_patterns:
+  - "Action invoke_llm_stream call timed out"
+  - "All models failed during streaming setup"
+  - "Task exception was never retrieved"
+  - "survey widget blocks debug chat"
+troubleshooting:
+  - local-agent-model-route-unavailable
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
+  - debug-chat-history-contaminates-automation
@@ -0,0 +1,67 @@
+id: local-agent-effective-prompt-debug-chat
+title: "Local Agent consumes host effective prompt after PromptPreProcessing"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p1
+risk: high
+ci_eligible: false
+tags:
+  - local-agent
+  - prompt
+  - plugin
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_prompt: "qa-effective-prompt"
+automation_expected_text: "PROMPT_PREPROCESS_OK"
+automation_response_timeout_ms: "180000"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+  - "case:qa-plugin-smoke-live-install"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+preconditions:
+  - "The target pipeline is safe to modify and can bind the fixture plugin through Extensions."
+steps:
+  - "Install or enable the bundled qa-plugin-smoke fixture plugin."
+  - "Confirm the fixture plugin is bound to the target pipeline through Extensions."
+  - "Open the target local-agent pipeline."
+  - "Open Configuration > AI."
+  - "Use runner Default or the pluginized langbot/local-agent runner."
+  - "Select a model that is known to follow system prompts in Debug Chat."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Send: qa-effective-prompt"
+checks:
+  - "UI: A Bot message appears and contains PROMPT_PREPROCESS_OK."
+  - "Logs: PromptPreProcessing runs for the fixture plugin before the local-agent runner invokes the model."
+  - "Logs: Backend completes the debug-chat request without plugin/runtime timeout."
+  - "Console: No unexpected frontend runtime errors appear during configuration or chat."
+evidence_required:
+  - ui
+  - console
+  - backend_log
+diagnostics:
+  - "If the bot does not return PROMPT_PREPROCESS_OK, verify the fixture plugin is installed, enabled, and bound to the pipeline before diagnosing ctx.adapter.extra.prompt."
+  - "If the plugin event runs but the answer ignores the sentinel, inspect whether the runner is using ctx.adapter.extra.prompt instead of static runner config prompt."
+troubleshooting:
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
@@ -0,0 +1,71 @@
+id: local-agent-multimodal-debug-chat
+title: "Local Agent Debug Chat preserves uploaded image input"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p2
+risk: medium
+ci_eligible: false
+tags:
+  - local-agent
+  - multimodal
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_prompt: "I attached an image. Reply only IMAGE_OK if you received the image."
+automation_expected_text: "IMAGE_OK"
+automation_image_base64_fixture: "skills/langbot-testing/fixtures/multimodal/red-square.png.base64"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+preconditions:
+  - "The selected model route accepts image input, or the case is intentionally checking graceful provider rejection."
+steps:
+  - "Prepare a small PNG file for upload. The bundled fixture base64 is at skills/langbot-testing/fixtures/multimodal/red-square.png.base64 if a temporary file is needed."
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Pipelines and open the target local-agent pipeline."
+  - "Open Configuration > AI."
+  - "Use runner Default or the pluginized langbot/local-agent runner."
+  - "Select a model that supports image input in the current environment, or use a known model that at least accepts the uploaded image payload."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Attach the PNG through the image/file upload control. Prefer the bundled 64x64 red-square fixture; 1x1 images may be rejected by some model providers before runner behavior is exercised."
+  - "Confirm the user compose area or sent message shows the image attachment."
+  - "Send: I attached an image. Reply only IMAGE_OK if you received the image."
+checks:
+  - "UI: The sent User message shows an image attachment, not just text."
+  - "UI: The Bot message contains IMAGE_OK."
+  - "Network or logs: The browser sends an image upload request, or backend logs show the local-agent input contains an image."
+  - "Console: No unexpected frontend runtime errors appear during upload or Debug Chat."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - network
+  - backend_log
+diagnostics:
+  - "If the model cannot process image input, repeat with a multimodal-capable model before diagnosing local-agent."
+  - "For RAG plus multimodal coverage, keep a KB bound and verify the image remains visible while the answer uses the KB sentinel."
+troubleshooting:
+  - local-agent-model-route-unavailable
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - provider-image-parse-error
+  - survey-widget-blocks-debug-chat
@@ -0,0 +1,64 @@
+id: local-agent-nonstreaming-debug-chat
+title: "Local Agent Debug Chat returns a deterministic non-streaming response"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p1
+risk: medium
+ci_eligible: false
+tags:
+  - local-agent
+  - pipeline
+  - non-streaming
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_prompt: "Reply only NONSTREAM_OK."
+automation_expected_text: "NONSTREAM_OK"
+automation_stream_output: "0"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+steps:
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Pipelines and open the target local-agent pipeline."
+  - "Open Configuration > AI."
+  - "Use runner Default or the pluginized langbot/local-agent runner."
+  - "Select a model that is known to answer Debug Chat in the current environment."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Disable the stream switch when the UI exposes it."
+  - "Send: Reply only NONSTREAM_OK."
+checks:
+  - "UI: The user message appears in Debug Chat."
+  - "UI: A Bot message appears and contains NONSTREAM_OK."
+  - "Logs: Backend completes the request as a normal response rather than only relying on the streaming-completed path."
+  - "Console: No unexpected frontend runtime errors appear during the send/receive path."
+evidence_required:
+  - ui
+  - console
+  - backend_log
+diagnostics:
+  - "If the UI still streams after the switch is disabled, inspect the adapter streaming capability and runner config before diagnosing the model."
+  - "Use GET /api/v1/pipelines/{uuid} only to confirm the saved runner and model config."
+troubleshooting:
+  - local-agent-model-route-unavailable
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
@@ -0,0 +1,68 @@
+id: local-agent-plugin-tool-call-debug-chat
+title: "Local Agent can call a plugin-provided tool"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p1
+risk: high
+ci_eligible: false
+tags:
+  - local-agent
+  - plugin
+  - tools
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_prompt: "Call the qa_plugin_echo tool with exactly this text: plugin-tool-ok-local-agent. Return only the tool result."
+automation_expected_text: "qa-plugin-smoke:plugin-tool-ok-local-agent"
+automation_response_timeout_ms: "180000"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+  - "case:qa-plugin-smoke-live-install"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+preconditions:
+  - "The selected model route supports function/tool calling."
+steps:
+  - "Install or enable the bundled qa-plugin-smoke fixture plugin."
+  - "Confirm /api/v1/tools or the plugin detail shows qa_plugin_echo."
+  - "Confirm the fixture plugin is bound to the target pipeline through Extensions, or that all plugins are enabled."
+  - "Open the target local-agent pipeline."
+  - "Use runner Default or the pluginized langbot/local-agent runner."
+  - "Select a model with function-calling ability that is known to work with tools in the current environment."
+  - "Open Debug Chat."
+  - "Send: Call the qa_plugin_echo tool with exactly this text: plugin-tool-ok-local-agent. Return only the tool result."
+checks:
+  - "UI: Debug Chat bot response contains qa-plugin-smoke:plugin-tool-ok-local-agent."
+  - "Logs: Backend logs show the plugin tool call was executed, not only listed."
+  - "Console: No unexpected frontend errors appear during Debug Chat."
+evidence_required:
+  - ui
+  - console
+  - backend_log
+  - api_diagnostic
+diagnostics:
+  - "If qa_plugin_echo is not listed, rebuild and reinstall the qa-plugin-smoke fixture plugin."
+  - "If the selected model returns model_not_found or no available channel only when tools are provided, switch to a known-good function-calling model before diagnosing plugin tools or local-agent."
+troubleshooting:
+  - local-agent-model-route-unavailable
+  - tool-name-collision-between-mcp-and-plugin
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
@@ -0,0 +1,76 @@
+id: local-agent-rag-debug-chat
+title: "Local Agent Debug Chat answers from a LangRAG knowledge base"
+mode: agent-browser
+area: pipeline
+type: regression
+priority: p1
+risk: high
+ci_eligible: false
+tags:
+  - local-agent
+  - langrag
+  - pipeline
+skills:
+  - langbot-env-setup
+  - langbot-testing
+env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation: scripts/e2e/pipeline-debug-chat.mjs
+automation_env:
+  - LANGBOT_FRONTEND_URL
+  - LANGBOT_BACKEND_URL
+  - LANGBOT_BROWSER_PROFILE
+  - LANGBOT_CHROMIUM_EXECUTABLE
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+  - LANGBOT_LOCAL_AGENT_RAG_KB_UUID
+automation_pipeline_url_env: LANGBOT_LOCAL_AGENT_PIPELINE_URL
+automation_pipeline_name_env: LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+automation_expected_runner_id: "plugin:langbot/local-agent/default"
+automation_runner_config_patch_json: '{"knowledge-bases":["${LANGBOT_LOCAL_AGENT_RAG_KB_UUID}"]}'
+automation_restore_runner_config: "1"
+automation_reset_debug_chat: "1"
+automation_prompt: "Using the knowledge base, what is the local agent runner retrieval sentinel? Return only the sentinel."
+automation_expected_text: "azalea-cobalt-7421"
+setup_automation:
+  - "node:scripts/e2e/ensure-local-agent-pipeline.mjs --write-env"
+  - "node:scripts/e2e/ensure-langrag-sentinel-kb.mjs --write-env"
+setup_provides_env:
+  - LANGBOT_LOCAL_AGENT_PIPELINE_URL
+  - LANGBOT_LOCAL_AGENT_PIPELINE_NAME
+  - LANGBOT_LOCAL_AGENT_RAG_KB_UUID
+preconditions:
+  - "The target pipeline already has a text-capable model route that is available for this run."
+steps:
+  - "Ensure case langrag-kb-retrieve has produced a knowledge base containing sentinel azalea-cobalt-7421."
+  - "Open LANGBOT_FRONTEND_URL."
+  - "Navigate to Pipelines and open the target pipeline."
+  - "Open Configuration > AI."
+  - "Use runner Default and add the LangRAG knowledge base to Knowledge Bases."
+  - "Save the pipeline."
+  - "Open Debug Chat."
+  - "Send: Using the knowledge base, what is the local agent runner retrieval sentinel? Return only the sentinel."
+checks:
+  - "UI: The AI config shows the selected knowledge base under Knowledge Bases."
+  - "UI: The pipeline saves successfully."
+  - "UI: Debug Chat shows a Bot message containing azalea-cobalt-7421."
+  - "Console: No unexpected frontend errors appear during configuration or chat."
+  - "Logs: Backend logs show the debug chat request completed instead of plugin/runtime timeout."
+  - "API diagnostic: pipeline-config-diagnostic.json shows knowledge-bases and model were temporarily patched."
+  - "API diagnostic: pipeline-config-restore-diagnostic.json shows the original runner config was restored."
+evidence_required:
+  - ui
+  - screenshot
+  - console
+  - backend_log
+  - api_diagnostic
+diagnostics:
+  - "Use GET /api/v1/pipelines/{uuid} only to confirm the saved runner_config contains the knowledge base uuid."
+  - "If the bot ignores the knowledge base, rerun Retrieve Test before debugging the runner."
+troubleshooting:
+  - plugin-runtime-timeout
+  - proxy-env-mismatch
+  - survey-widget-blocks-debug-chat
--- a/Show More
+++ b/Show More