Merge remote-tracking branch 'upstream/main' into pr-1205

# Conflicts:
#	frontend/src/components/thread/tool-views/command-tool/CommandToolView.tsx

Author: kubet

.gitignore

@@ -192,7 +192,6 @@ supabase/.temp/storage-version
 .env.scripts
 
 redis_data
-rabbitmq_data
 
 .setup_progress
 

backend/.env.example

@@ -14,9 +14,6 @@ REDIS_PORT=6379
 REDIS_PASSWORD=
 REDIS_SSL=false
 
-RABBITMQ_HOST=rabbitmq
-RABBITMQ_PORT=5672
-
 # LLM Providers:
 ANTHROPIC_API_KEY=
 OPENAI_API_KEY=

backend/README.md

@@ -23,10 +23,10 @@ docker compose down && docker compose up --build
 
 You can run individual services from the docker-compose file. This is particularly useful during development:
 
-### Running only Redis and RabbitMQ
+### Running only Redis
 
 ```bash
-docker compose up redis rabbitmq
+docker compose up redis
 ```
 
 ### Running only the API and Worker
@@ -37,16 +37,16 @@ docker compose up api worker
 
 ## Development Setup
 
-For local development, you might only need to run Redis and RabbitMQ, while working on the API locally. This is useful when:
+For local development, you might only need to run Redis, while working on the API locally. This is useful when:
 
 - You're making changes to the API code and want to test them directly
 - You want to avoid rebuilding the API container on every change
 - You're running the API service directly on your machine
 
-To run just Redis and RabbitMQ for development:
+To run just Redis for development:
 
 ```bash
-docker compose up redis rabbitmq
+docker compose up redis
 ```
 
 Then you can run your API service locally with the following commands:
@@ -79,9 +79,6 @@ SUPABASE_SERVICE_ROLE_KEY=your-service-role-key
 # Infrastructure
 REDIS_HOST=redis  # Use 'localhost' when running API locally
 REDIS_PORT=6379
-RABBITMQ_HOST=rabbitmq  # Use 'localhost' when running API locally
-RABBITMQ_PORT=5672
-
 # LLM Providers (at least one required)
 ANTHROPIC_API_KEY=your-anthropic-key
 OPENAI_API_KEY=your-openai-key
@@ -119,8 +116,7 @@ When running services individually, make sure to:
 
 1. Check your `.env` file and adjust any necessary environment variables
 2. Ensure Redis connection settings match your local setup (default: `localhost:6379`)
-3. Ensure RabbitMQ connection settings match your local setup (default: `localhost:5672`)
-4. Update any service-specific environment variables if needed
+3. Update any service-specific environment variables if needed
 
 ### Important: Redis Host Configuration
 
@@ -129,22 +125,12 @@ When running the API locally with Redis in Docker, you need to set the correct R
 - For Docker-to-Docker communication (when running both services in Docker): use `REDIS_HOST=redis`
 - For local-to-Docker communication (when running API locally): use `REDIS_HOST=localhost`
 
-### Important: RabbitMQ Host Configuration
-
-When running the API locally with RabbitMQ in Docker, you need to set the correct RabbitMQ host in your `.env` file:
-
-- For Docker-to-Docker communication (when running both services in Docker): use `RABBITMQ_HOST=rabbitmq`
-- For local-to-Docker communication (when running API locally): use `RABBITMQ_HOST=localhost`
-
 Example `.env` configuration for local development:
 
 ```sh
 REDIS_HOST=localhost # (instead of 'redis')
 REDIS_PORT=6379
 REDIS_PASSWORD=
-
-RABBITMQ_HOST=localhost # (instead of 'rabbitmq')
-RABBITMQ_PORT=5672
 ```
 
 ---

backend/agent/agent_builder_prompt.py

@@ -50,9 +50,7 @@
 ### 🔐 Credential Profile Management
 Securely connect external accounts:
 - **`get_credential_profiles`**: See what's already connected
-- **`create_credential_profile`**: Set up new service connections
-- **`connect_credential_profile`**: Generate secure connection links
-- **`check_profile_connection`**: Verify connections are working
+- **`create_credential_profile`**: Set up new service connections (includes connection link)
 - **`configure_profile_for_agent`**: Add connected services to your agent
 
 ### 🔄 Workflow Management
@@ -326,9 +324,30 @@
 
 ## 🔗 **CRITICAL: Credential Profile Creation & Tool Selection Flow**
 
-When creating credential profiles for external integrations, you MUST follow this EXACT step-by-step process:
+When working with external integrations, you MUST follow this EXACT step-by-step process:
 
-### **Step 1: Search for App** 🔍
+### **Step 1: Check Existing Profiles First** 🔍
+```
+"Let me first check if you already have any credential profiles set up for this service:
+
+<function_calls>
+<invoke name="get_credential_profiles">
+<parameter name="toolkit_slug">[toolkit_slug if known]</parameter>
+</invoke>
+</function_calls>
+```
+
+**Then ask the user:**
+"I can see you have the following existing profiles:
+[List existing profiles]
+
+Would you like to:
+1. **Use an existing profile** - I can configure one of these for your agent
+2. **Create a new profile** - Set up a fresh connection for this service
+
+Which would you prefer?"
+
+### **Step 2: Search for App (if creating new)** 🔍
 ```
 "I need to find the correct app details first to ensure we create the profile for the right service:
 
@@ -340,7 +359,7 @@
 </function_calls>
 ```
 
-### **Step 2: Create Credential Profile** 📋
+### **Step 3: Create Credential Profile (if creating new)** 📋
 ```
 "Perfect! I found the correct app details. Now I'll create the credential profile using the exact app_slug:
 
@@ -352,20 +371,13 @@
 </function_calls>
 ```
 
-### **Step 3: Generate Connection Link** 🔗
+### **Step 4: MANDATORY - User Must Connect Account** ⏳
 ```
-"Great! The credential profile has been created. Now I'll generate your connection link:
+"🔗 **IMPORTANT: Please Connect Your Account**
 
-<function_calls>
-<invoke name="connect_credential_profile">
-<parameter name="profile_id">[profile_id from create response]</parameter>
-</invoke>
-</function_calls>
-```
+The credential profile has been created successfully! I can see from the response that you need to connect your account:
 
-### **Step 4: MANDATORY - Wait for User Connection** ⏳
-```
-"🔗 **IMPORTANT: Please Connect Your Account**
+**Connection Link:** [connection_link from create_credential_profile response]
 
 1. **Click the connection link above** to connect your [app_name] account
 2. **Complete the authorization process** in your browser  
@@ -376,22 +388,11 @@
 **Please reply with 'connected' or 'done' when you've completed the connection process.**"
 ```
 
-### **Step 5: MANDATORY - Check Connection & Get Available Tools** 🔍
-```
-"After user confirms connection, immediately check:
-
-<function_calls>
-<invoke name="check_profile_connection">
-<parameter name="profile_id">[profile_id]</parameter>
-</invoke>
-</function_calls>
-```
-
-### **Step 6: MANDATORY - Tool Selection** ⚙️
+### **Step 5: MANDATORY - Tool Selection** ⚙️
 ```
 "Excellent! Your [app_name] account is connected. I can see the following tools are available:
 
-[List each available tool with descriptions from check_profile_connection response]
+[List each available tool with descriptions from discover_user_mcp_servers response]
 
 **Which tools would you like to enable for your agent?** 
 - **Tool 1**: [description of what it does]
@@ -414,9 +415,11 @@
 ```
 
 ### 🚨 **CRITICAL REMINDERS FOR CREDENTIAL PROFILES**
+- **ALWAYS check existing profiles first** - ask users if they want to use existing or create new
+- **CONNECTION LINK is included in create response** - no separate connection step needed
 - **NEVER skip the user connection step** - always wait for confirmation
 - **NEVER skip tool selection** - always ask user to choose specific tools
-- **NEVER assume tools** - only use tools returned from `check_profile_connection`
+- **NEVER assume tools** - only use tools returned from `discover_user_mcp_servers`
 - **NEVER proceed without confirmation** - wait for user to confirm each step
 - **ALWAYS explain what each tool does** - help users make informed choices
 - **ALWAYS use exact tool names** - character-perfect matches only
@@ -429,10 +432,10 @@
 2. **EXACT NAME ACCURACY**: Tool names and MCP server names MUST be character-perfect matches. Even minor spelling errors will cause complete system failure.
 3. **NO FABRICATED NAMES**: NEVER invent, assume, or guess MCP server names or tool names. Only use names explicitly returned from tool calls.
 4. **MANDATORY VERIFICATION**: Before configuring any MCP server, MUST first verify its existence through `search_mcp_servers` or `get_popular_mcp_servers`.
-5. **APP SEARCH BEFORE CREDENTIAL PROFILE**: Before creating ANY credential profile, MUST first use `search_mcp_servers` to find the correct app and get its exact `app_slug`.
-6. **IMMEDIATE CONNECTION LINK GENERATION**: After successfully creating ANY credential profile, MUST immediately call `connect_credential_profile` to generate the connection link.
-7. **MANDATORY USER CONNECTION**: After generating connection link, MUST ask user to connect their account and WAIT for confirmation before proceeding. Do NOT continue until user confirms connection.
-8. **TOOL SELECTION REQUIREMENT**: After user connects credential profile, MUST call `check_profile_connection` to get available tools, then ask user to select which specific tools to enable. This is CRITICAL - never skip tool selection.
+5. **CHECK EXISTING PROFILES FIRST**: Before creating ANY credential profile, MUST first call `get_credential_profiles` to check existing profiles and ask user if they want to create new or use existing.
+6. **APP SEARCH BEFORE CREDENTIAL PROFILE**: Before creating ANY new credential profile, MUST first use `search_mcp_servers` to find the correct app and get its exact `app_slug`.
+7. **MANDATORY USER CONNECTION**: After creating credential profile, the connection link is provided in the response. MUST ask user to connect their account and WAIT for confirmation before proceeding. Do NOT continue until user confirms connection.
+8. **TOOL SELECTION REQUIREMENT**: After user connects credential profile, MUST call `discover_user_mcp_servers` to get available tools, then ask user to select which specific tools to enable. This is CRITICAL - never skip tool selection.
 9. **WORKFLOW TOOL VALIDATION**: Before creating ANY workflow with tool steps, MUST first call `get_current_agent_config` to verify which tools are available.
 10. **DATA INTEGRITY**: Only use actual data returned from function calls. Never supplement with assumed information.