feat(api): forward user_type for MCP identity forwarding

issue_mcp_token gains a user_type field (account|end_user), derived from invoke_from ({DEBUGGER,EXPLORE}->account else end_user) so the enterprise side routes webapp end-users to the published-webapp token store. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Merge branch 'fix/webapp-signin-ssr-window' into deploy/enterprise
2026-06-16 12:56:22 +08:00 · 2026-06-12 00:41:35 +02:00 · 2026-06-11 01:36:05 -07:00 · 2026-06-11 00:53:34 -07:00 · 2026-06-11 00:36:37 -07:00 · 2026-06-11 06:06:40 +00:00
1781 changed files with 41528 additions and 91425 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -23,8 +23,8 @@
 /docs/ @crazywoola

 # CLI
-/cli/ @GareArc
-/.github/workflows/cli-tests.yml @GareArc
+/cli/ @langgenius/maintainers
+/.github/workflows/cli-tests.yml @langgenius/maintainers

 # Backend (default owner, more specific rules below will override)
 /api/ @QuantumGhost
--- a/.github/workflows/api-tests.yml
+++ b/.github/workflows/api-tests.yml
@ -29,13 +29,13 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: ${{ matrix.python-version }}
@ -91,13 +91,13 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: ${{ matrix.python-version }}
@ -142,13 +142,13 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: "3.12"
@ -195,7 +195,7 @@ jobs:

      - name: Report coverage
        if: ${{ env.CODECOV_TOKEN != '' }}
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
        with:
          files: ./coverage.xml
          disable_search: true
--- a/.github/workflows/autofix.yml
+++ b/.github/workflows/autofix.yml
@ -20,7 +20,7 @@ jobs:
        run: echo "autofix.ci updates pull request branches, not merge group refs."

      - if: github.event_name != 'merge_group'
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Check Docker Compose inputs
        if: github.event_name != 'merge_group'
@ -66,7 +66,7 @@ jobs:
          python-version: "3.11"

      - if: github.event_name != 'merge_group'
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0

      - name: Generate Docker Compose
        if: github.event_name != 'merge_group' && steps.docker-compose-changes.outputs.any_changed == 'true'
--- a/.github/workflows/build-push.yml
+++ b/.github/workflows/build-push.yml
@ -68,7 +68,7 @@ jobs:
          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV

      - name: Login to Docker Hub
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          username: ${{ env.DOCKERHUB_USER }}
          password: ${{ env.DOCKERHUB_TOKEN }}
@ -78,13 +78,13 @@ jobs:

      - name: Extract metadata for Docker
        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          images: ${{ env[matrix.image_name_env] }}

      - name: Build Docker image
        id: build
-        uses: depot/build-push-action@98e78adca7817480b8185f474a400b451d74e287 # v1.18.0
+        uses: depot/build-push-action@5f3b3c2e5a00f0093de47f657aeaefcedff27d18 # v1.17.0
        with:
          project: ${{ vars.DEPOT_PROJECT_ID }}
          context: ${{ matrix.build_context }}
@ -124,10 +124,10 @@ jobs:
            file: "web/Dockerfile"
    steps:
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Validate Docker image
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
        with:
          push: false
          context: ${{ matrix.build_context }}
@ -156,14 +156,14 @@ jobs:
          merge-multiple: true

      - name: Login to Docker Hub
-        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          username: ${{ env.DOCKERHUB_USER }}
          password: ${{ env.DOCKERHUB_TOKEN }}

      - name: Extract metadata for Docker
        id: meta
-        uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6.1.0
+        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          images: ${{ env[matrix.image_name_env] }}
          tags: |
--- a/.github/workflows/cli-e2e.yml
+++ b/.github/workflows/cli-e2e.yml
@ -79,7 +79,7 @@ jobs:
      ws2_app_id:                 ${{ steps.out.outputs.DIFY_E2E_WS2_APP_ID }}

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -88,7 +88,7 @@ jobs:
        with:
          bun-version: latest

-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with:
          package_json_field: packageManager
          run_install: false
@ -123,7 +123,7 @@ jobs:
        shell: bash

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -131,7 +131,7 @@ jobs:
      - uses: ./.github/actions/setup-web
      - uses: oven-sh/setup-bun@v2
        with: { bun-version: latest }
-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with: { package_json_field: packageManager, run_install: false }
      - run: pnpm install --frozen-lockfile
      - run: pnpm tree:gen
@ -170,7 +170,7 @@ jobs:
        shell: bash

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -178,7 +178,7 @@ jobs:
      - uses: ./.github/actions/setup-web
      - uses: oven-sh/setup-bun@v2
        with: { bun-version: latest }
-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with: { package_json_field: packageManager, run_install: false }
      - run: pnpm install --frozen-lockfile
      - run: pnpm tree:gen
@ -233,7 +233,7 @@ jobs:
        shell: bash

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -241,7 +241,7 @@ jobs:
      - uses: ./.github/actions/setup-web
      - uses: oven-sh/setup-bun@v2
        with: { bun-version: latest }
-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with: { package_json_field: packageManager, run_install: false }
      - run: pnpm install --frozen-lockfile
      - run: pnpm tree:gen
@ -274,7 +274,7 @@ jobs:

      - name: Upload results on failure
        if: failure()
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: e2e-run-${{ matrix.name }}-${{ github.run_id }}
          path: cli/test-results/
@ -295,7 +295,7 @@ jobs:
        shell: bash

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -303,7 +303,7 @@ jobs:
      - uses: ./.github/actions/setup-web
      - uses: oven-sh/setup-bun@v2
        with: { bun-version: latest }
-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with: { package_json_field: packageManager, run_install: false }
      - run: pnpm install --frozen-lockfile
      - run: pnpm tree:gen
@ -351,7 +351,7 @@ jobs:
        shell: bash

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
@ -359,7 +359,7 @@ jobs:
      - uses: ./.github/actions/setup-web
      - uses: oven-sh/setup-bun@v2
        with: { bun-version: latest }
-      - uses: pnpm/action-setup@0ebf47130e4866e96fce0953f49152a61190b271 # v6.0.9
+      - uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1 # v4
        with: { package_json_field: packageManager, run_install: false }
      - run: pnpm install --frozen-lockfile
      - run: pnpm tree:gen
@ -408,7 +408,7 @@ jobs:

      - name: Upload results on failure
        if: failure()
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: e2e-last-${{ github.run_id }}
          path: cli/test-results/
--- a/.github/workflows/cli-edge.yml
+++ b/.github/workflows/cli-edge.yml
@ -1,74 +0,0 @@
-name: CLI Edge Publish
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - 'cli/**'
-      - 'packages/contracts/generated/api/openapi/**'
-  workflow_dispatch:
-
-concurrency:
-  group: difyctl-edge-publish
-  cancel-in-progress: false
-
-jobs:
-  publish:
-    name: build + publish edge to R2
-    runs-on: ${{ github.repository == 'langgenius/dify' && 'depot-ubuntu-24.04' || 'ubuntu-24.04' }}
-    if: vars.DIFYCTL_R2_BUCKET != ''
-    defaults:
-      run:
-        shell: bash
-        working-directory: ./cli
-    steps:
-      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Enable cross-arch native prebuilds
-        working-directory: ./
-        run: cat cli/scripts/cross-arch.pnpm.yaml >> pnpm-workspace.yaml
-
-      - name: Setup web environment
-        uses: ./.github/actions/setup-web
-
-      - name: Setup Bun
-        uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.2
-        with:
-          bun-version-file: cli/.bun-version
-
-      - name: Compute edge version
-        id: ver
-        run: echo "version=$(node scripts/release-naming.mjs edge-version "$(git rev-parse --short HEAD)")" >> "$GITHUB_OUTPUT"
-
-      - name: Compile standalone binaries (all targets, all-or-nothing)
-        run: |
-          CLI_VERSION="${{ steps.ver.outputs.version }}" \
-          DIFYCTL_CHANNEL=edge \
-          DIFYCTL_COMMIT="$(git rev-parse HEAD)" \
-          DIFYCTL_BUILD_DATE="$(git log -1 --format=%cI HEAD)" \
-            pnpm build:bin
-
-      - name: Generate sha256 checksums
-        run: CLI_VERSION="${{ steps.ver.outputs.version }}" scripts/release-write-checksums.sh
-
-      - name: Smoke the runner-arch binary
-        run: ./dist/bin/difyctl-v${{ steps.ver.outputs.version }}-linux-x64 version
-
-      - name: Publish to R2
-        env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.DIFYCTL_R2_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.DIFYCTL_R2_SECRET_ACCESS_KEY }}
-          AWS_DEFAULT_REGION: auto
-          AWS_REQUEST_CHECKSUM_CALCULATION: WHEN_REQUIRED
-          AWS_RESPONSE_CHECKSUM_VALIDATION: WHEN_REQUIRED
-          DIFYCTL_R2_S3_ENDPOINT: ${{ vars.DIFYCTL_R2_S3_ENDPOINT }}
-          DIFYCTL_R2_BUCKET: ${{ vars.DIFYCTL_R2_BUCKET }}
-          DIFYCTL_R2_PUBLIC_BASE: ${{ vars.DIFYCTL_R2_PUBLIC_BASE }}
-          DIFYCTL_COMMIT: ${{ github.sha }}
-        run: |
-          DIFYCTL_BUILD_DATE="$(git log -1 --format=%cI HEAD)" \
-            scripts/release-r2-publish.sh edge "${{ steps.ver.outputs.version }}"
--- a/.github/workflows/cli-release.yml
+++ b/.github/workflows/cli-release.yml
@ -35,7 +35,7 @@ jobs:
      dify_tag: ${{ steps.resolve.outputs.dify_tag }}
    steps:
      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -98,7 +98,7 @@ jobs:
      DIFY_TAG: ${{ needs.validate.outputs.dify_tag }}
    steps:
      - name: Checkout
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
          fetch-depth: 1
--- a/.github/workflows/cli-smoke.yml
+++ b/.github/workflows/cli-smoke.yml
@ -24,7 +24,7 @@ jobs:
        shell: bash
    steps:
      - name: Checkout cli ref
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          ref: ${{ inputs.cli_ref || github.ref }}
          persist-credentials: false
--- a/.github/workflows/cli-tests.yml
+++ b/.github/workflows/cli-tests.yml
@ -30,7 +30,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -51,7 +51,7 @@ jobs:

      - name: Report coverage
        if: ${{ env.CODECOV_TOKEN != '' && matrix.os == 'depot-ubuntu-24.04' }}
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
        with:
          directory: cli/coverage
          flags: cli
--- a/.github/workflows/db-migration-test.yml
+++ b/.github/workflows/db-migration-test.yml
@ -13,13 +13,13 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: "3.12"
@ -40,7 +40,7 @@ jobs:
          cp envs/middleware.env.example middleware.env

      - name: Set up Middlewares
-        uses: hoverkraft-tech/compose-action@11beaa1c2dae4e8ed7b1665aa074723b6cecb0e4 # v3.0.0
+        uses: hoverkraft-tech/compose-action@d2bee4f07e8ca410d6b196d00f90c12e7d48c33a # v2.6.0
        with:
          compose-file: |
            docker/docker-compose.middleware.yaml
@ -63,13 +63,13 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: "3.12"
@ -94,7 +94,7 @@ jobs:
          sed -i 's/DB_USERNAME=postgres/DB_USERNAME=mysql/' middleware.env

      - name: Set up Middlewares
-        uses: hoverkraft-tech/compose-action@11beaa1c2dae4e8ed7b1665aa074723b6cecb0e4 # v3.0.0
+        uses: hoverkraft-tech/compose-action@d2bee4f07e8ca410d6b196d00f90c12e7d48c33a # v2.6.0
        with:
          compose-file: |
            docker/docker-compose.middleware.yaml
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@ -53,7 +53,7 @@ jobs:
        uses: depot/setup-action@15c09a5f77a0840ad4bce955686522a257853461 # v1.7.1

      - name: Build Docker Image
-        uses: depot/build-push-action@98e78adca7817480b8185f474a400b451d74e287 # v1.18.0
+        uses: depot/build-push-action@5f3b3c2e5a00f0093de47f657aeaefcedff27d18 # v1.17.0
        with:
          project: ${{ vars.DEPOT_PROJECT_ID }}
          push: false
@ -77,10 +77,10 @@ jobs:
            file: "web/Dockerfile"
    steps:
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0
+        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      - name: Build Docker Image
-        uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0
+        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
        with:
          push: false
          context: ${{ matrix.context }}
--- a/.github/workflows/hotfix-cherry-pick.yml
+++ b/.github/workflows/hotfix-cherry-pick.yml
@ -24,7 +24,7 @@ jobs:
    name: Require cherry-pick provenance
    runs-on: depot-ubuntu-24.04
    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0

--- a/.github/workflows/main-ci.yml
+++ b/.github/workflows/main-ci.yml
@ -48,7 +48,7 @@ jobs:
      vdb-changed: ${{ steps.changes.outputs.vdb }}
      migration-changed: ${{ steps.changes.outputs.migration }}
    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
        id: changes
        with:
--- a/.github/workflows/pyrefly-diff.yml
+++ b/.github/workflows/pyrefly-diff.yml
@ -17,12 +17,12 @@ jobs:
      pull-requests: write
    steps:
      - name: Checkout PR branch
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0

      - name: Setup Python & UV
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true

--- a/.github/workflows/pyrefly-type-coverage-comment.yml
+++ b/.github/workflows/pyrefly-type-coverage-comment.yml
@ -21,10 +21,10 @@ jobs:
    if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.pull_requests[0].head.repo.full_name != github.repository }}
    steps:
      - name: Checkout default branch (trusted code)
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Setup Python & UV
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true

--- a/.github/workflows/pyrefly-type-coverage.yml
+++ b/.github/workflows/pyrefly-type-coverage.yml
@ -17,12 +17,12 @@ jobs:
      pull-requests: write
    steps:
      - name: Checkout PR branch
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0

      - name: Setup Python & UV
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true

--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -18,7 +18,7 @@ jobs:
      pull-requests: write

    steps:
-      - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
        with:
          days-before-issue-stale: 15
          days-before-issue-close: 3
--- a/.github/workflows/style.yml
+++ b/.github/workflows/style.yml
@ -19,7 +19,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -33,7 +33,7 @@ jobs:

      - name: Setup UV and Python
        if: steps.changed-files.outputs.any_changed == 'true'
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: false
          python-version: "3.12"
@ -71,7 +71,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -114,7 +114,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -171,7 +171,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false
--- a/.github/workflows/tool-test-sdks.yaml
+++ b/.github/workflows/tool-test-sdks.yaml
@ -24,7 +24,7 @@ jobs:
        working-directory: sdks/nodejs-client

    steps:
-      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

--- a/.github/workflows/translate-i18n-claude.yml
+++ b/.github/workflows/translate-i18n-claude.yml
@ -40,7 +40,7 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          token: ${{ secrets.GITHUB_TOKEN }}
@ -158,7 +158,7 @@ jobs:

      - name: Run Claude Code for Translation Sync
        if: steps.context.outputs.CHANGED_FILES != ''
-        uses: anthropics/claude-code-action@d5726de019ec4498aa667642bc3a80fca83aa102 # v1.0.148
+        uses: anthropics/claude-code-action@1dc994ee7a008f0ecc866d9ac23ef036b7229f84 # v1.0.127
        with:
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          github_token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/trigger-i18n-sync.yml
+++ b/.github/workflows/trigger-i18n-sync.yml
@ -21,7 +21,7 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0

--- a/.github/workflows/vdb-tests-full.yml
+++ b/.github/workflows/vdb-tests-full.yml
@ -24,7 +24,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -36,7 +36,7 @@ jobs:
          remove_tool_cache: true

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: ${{ matrix.python-version }}
--- a/.github/workflows/vdb-tests.yml
+++ b/.github/workflows/vdb-tests.yml
@ -21,7 +21,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -33,7 +33,7 @@ jobs:
          remove_tool_cache: true

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: ${{ matrix.python-version }}
--- a/.github/workflows/web-e2e.yml
+++ b/.github/workflows/web-e2e.yml
@ -20,7 +20,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -28,7 +28,7 @@ jobs:
        uses: ./.github/actions/setup-web

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0
+        uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
        with:
          enable-cache: true
          python-version: "3.12"
--- a/.github/workflows/web-tests.yml
+++ b/.github/workflows/web-tests.yml
@ -31,7 +31,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -64,7 +64,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -83,7 +83,7 @@ jobs:

      - name: Report coverage
        if: ${{ env.CODECOV_TOKEN != '' }}
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
        with:
          directory: web/coverage
          flags: web
@ -102,7 +102,7 @@ jobs:

    steps:
      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

@ -113,36 +113,13 @@ jobs:
        run: vp exec playwright install --with-deps chromium

      - name: Run dify-ui tests
-        run: vp test run --project unit --coverage --silent=passed-only
+        run: vp test run --coverage --silent=passed-only

      - name: Report coverage
        if: ${{ env.CODECOV_TOKEN != '' }}
-        uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
+        uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1
        with:
          directory: packages/dify-ui/coverage
          flags: dify-ui
        env:
          CODECOV_TOKEN: ${{ env.CODECOV_TOKEN }}
-
-  dify-ui-storybook-test:
-    name: dify-ui Storybook Tests
-    runs-on: depot-ubuntu-24.04-4
-    defaults:
-      run:
-        shell: bash
-        working-directory: ./packages/dify-ui
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
-        with:
-          persist-credentials: false
-
-      - name: Setup web environment
-        uses: ./.github/actions/setup-web
-
-      - name: Install Chromium for Browser Mode
-        run: vp exec playwright install --with-deps chromium
-
-      - name: Run dify-ui Storybook tests
-        run: vp run test:storybook
--- a/2
+++ b/2
@ -157,7 +157,7 @@ build-web:

 build-api:
 	@echo "Building API Docker image: $(API_IMAGE):$(VERSION)..."
-	docker build -t $(API_IMAGE):$(VERSION) -f api/Dockerfile .
+	docker build -t $(API_IMAGE):$(VERSION) ./api
 	@echo "API Docker image built successfully: $(API_IMAGE):$(VERSION)"

 # Push Docker images
--- a/api/Dockerfile.dockerignore
+++ b/api/Dockerfile.dockerignore
@ -8,30 +8,18 @@
 !dify-agent/src/
 !dify-agent/src/**

-# Environment configuration and example
-.env
-*.env.*
-
-# Python related files
+api/.venv
+api/.venv/**
+api/.env
+api/*.env.*
+api/.idea
+api/.mypy_cache
+api/.ruff_cache
+api/storage/generate_files/*
+api/storage/privkeys/*
+api/storage/tools/*
+api/storage/upload_files/*
+api/logs
+api/*.log*
 **/__pycache__
 **/*.pyc
-**/.venv/
-**/.mypy_cache/
-**/.ruff_cache/
-**/.import_linter_cache/
-**/.pytest_cache/
-**/.hypothesis/
-
-
-# Upload files and logs
-api/storage/**
-api/logs/
-api/*.log*
-
-# Tests
-api/tests
-
-
-# Editor configuration
-**/.vscode/
-**/.idea/
--- a/api/app.py
+++ b/api/app.py
@ -55,7 +55,7 @@ else:

 if __name__ == "__main__":
    from gevent import pywsgi
-    from geventwebsocket.handler import WebSocketHandler
+    from geventwebsocket.handler import WebSocketHandler  # type: ignore[reportMissingTypeStubs]

    log_startup_banner(HOST, PORT)
    server = pywsgi.WSGIServer((HOST, PORT), socketio_app, handler_class=WebSocketHandler)
--- a/api/app_factory.py
+++ b/api/app_factory.py
@ -1,7 +1,7 @@
 import logging
 import time

-import socketio
+import socketio  # type: ignore[reportMissingTypeStubs]
 from flask import request
 from opentelemetry.trace import get_current_span
 from opentelemetry.trace.span import INVALID_SPAN_ID, INVALID_TRACE_ID
--- a/api/celery_entrypoint.py
+++ b/api/celery_entrypoint.py
@ -1,5 +1,5 @@
-import psycogreen.gevent as pscycogreen_gevent
-from grpc.experimental import gevent as grpc_gevent
+import psycogreen.gevent as pscycogreen_gevent  # type: ignore
+from grpc.experimental import gevent as grpc_gevent  # type: ignore

 # grpc gevent
 grpc_gevent.init_gevent()
--- a/api/clients/agent_backend/init.py
+++ b/api/clients/agent_backend/init.py
@ -5,8 +5,6 @@ API adapters: request building from Dify product concepts, a thin client wrapper
 event adaptation for future workflow integration, and deterministic fakes.
 """

-from dify_agent.protocol import RuntimeLayerSpec, extract_runtime_layer_specs
-
 from clients.agent_backend.client import AgentBackendRunClient, DifyAgentBackendRunClient
 from clients.agent_backend.errors import (
    AgentBackendError,
@ -41,6 +39,8 @@ from clients.agent_backend.request_builder import (
    AgentBackendOutputConfig,
    AgentBackendRunRequestBuilder,
    AgentBackendWorkflowNodeRunInput,
+    CleanupLayerSpec,
+    extract_cleanup_layer_specs,
    redact_for_agent_backend_log,
 )

@ -72,11 +72,11 @@ __all__ = [
    "AgentBackendTransportError",
    "AgentBackendValidationError",
    "AgentBackendWorkflowNodeRunInput",
+    "CleanupLayerSpec",
    "DifyAgentBackendRunClient",
    "FakeAgentBackendRunClient",
    "FakeAgentBackendScenario",
-    "RuntimeLayerSpec",
    "create_agent_backend_run_client",
-    "extract_runtime_layer_specs",
+    "extract_cleanup_layer_specs",
    "redact_for_agent_backend_log",
 ]
--- a/api/clients/agent_backend/request_builder.py
+++ b/api/clients/agent_backend/request_builder.py
@ -12,7 +12,7 @@ composition-driven.
 from __future__ import annotations

 from collections.abc import Mapping
-from typing import ClassVar
+from typing import ClassVar, cast

 from agenton.compositor import CompositorSessionSnapshot
 from agenton.compositor.schemas import LayerSessionSnapshot
@ -26,7 +26,6 @@ from dify_agent.layers.dify_plugin import (
    DifyPluginLLMLayerConfig,
    DifyPluginToolsLayerConfig,
 )
-from dify_agent.layers.drive import DIFY_DRIVE_LAYER_TYPE_ID, DifyDriveLayerConfig
 from dify_agent.layers.execution_context import (
    DIFY_EXECUTION_CONTEXT_LAYER_TYPE_ID,
    DifyExecutionContextLayerConfig,
@ -42,7 +41,6 @@ from dify_agent.protocol import (
    RunComposition,
    RunLayerSpec,
    RunPurpose,
-    RuntimeLayerSpec,
 )
 from pydantic import BaseModel, ConfigDict, Field, JsonValue, field_validator

@ -51,14 +49,74 @@ WORKFLOW_NODE_JOB_PROMPT_LAYER_ID = "workflow_node_job_prompt"
 WORKFLOW_USER_PROMPT_LAYER_ID = "workflow_user_prompt"
 AGENT_APP_USER_PROMPT_LAYER_ID = "agent_app_user_prompt"
 DIFY_EXECUTION_CONTEXT_LAYER_ID = "execution_context"
-DIFY_DRIVE_LAYER_ID = "drive"
 DIFY_PLUGIN_TOOLS_LAYER_ID = "tools"
 DIFY_SHELL_LAYER_ID = "shell"

+# Layer types that hold credentials in their per-run config. These are excluded
+# from the cleanup-replay composition (and from the snapshot that is sent with
+# the cleanup request) because we deliberately do not persist plaintext
+# credentials between runs.
+_CLEANUP_EXCLUDED_LAYER_TYPES: tuple[str, ...] = (
+    DIFY_PLUGIN_LLM_LAYER_TYPE_ID,
+    DIFY_PLUGIN_TOOLS_LAYER_TYPE_ID,
+)
+
+
+class CleanupLayerSpec(BaseModel):
+    """One layer node replayed by an Agent backend cleanup-only run.
+
+    Cleanup composition cannot include credential-bearing plugin layers, so we
+    persist only the non-plugin layer specs together with the original config.
+    Storing the config (rather than just ``name``/``type``) means cleanup does
+    not depend on the original build-time inputs being re-derivable.
+    """
+
+    name: str
+    type: str
+    deps: dict[str, str] = Field(default_factory=dict)
+    metadata: dict[str, JsonValue] = Field(default_factory=dict)
+    config: JsonValue = None
+
+    model_config: ClassVar[ConfigDict] = ConfigDict(extra="forbid")
+
+
+def extract_cleanup_layer_specs(composition: RunComposition) -> list[CleanupLayerSpec]:
+    """Project the in-flight composition into the persistable cleanup spec list.
+
+    Plugin layers are intentionally dropped (their configs hold credentials and
+    the lifecycle contract says "do not include an LLM layer" during cleanup).
+    The filtered names must later drive snapshot filtering so the agenton
+    compositor's name-order check still passes for the cleanup run.
+    """
+    excluded = set(_CLEANUP_EXCLUDED_LAYER_TYPES)
+    specs: list[CleanupLayerSpec] = []
+    for layer in composition.layers:
+        if layer.type in excluded:
+            continue
+        config_value: JsonValue = None
+        if isinstance(layer.config, BaseModel):
+            config_value = layer.config.model_dump(mode="json", warnings=False)
+        else:
+            # ``RunLayerSpec.config`` is typed as ``LayerConfigInput`` which
+            # includes ``Mapping[str, object] | bytes``. In the cleanup-replay
+            # pipeline our builder only emits BaseModel-derived configs or
+            # ``None``, so the wider input alias narrows safely here.
+            config_value = cast(JsonValue, layer.config)
+        specs.append(
+            CleanupLayerSpec(
+                name=layer.name,
+                type=layer.type,
+                deps=dict(layer.deps),
+                metadata=dict(layer.metadata),
+                config=config_value,
+            )
+        )
+    return specs
+

 def _filter_snapshot_to_specs(
    snapshot: CompositorSessionSnapshot,
-    specs: list[RuntimeLayerSpec],
+    specs: list[CleanupLayerSpec],
 ) -> CompositorSessionSnapshot:
    """Keep only snapshot layers whose names appear in the cleanup spec list.

@ -136,9 +194,6 @@ class AgentBackendWorkflowNodeRunInput(BaseModel):
    idempotency_key: str | None = None
    output: AgentBackendOutputConfig | None = None
    tools: DifyPluginToolsLayerConfig | None = None
-    # Drive Skills & Files declaration (dify.drive) — an index the agent pulls
-    # through the back proxy, never inline content; see AGENT_DRIVE_MANIFEST_ENABLED.
-    drive_config: DifyDriveLayerConfig | None = None
    # Inject the sandboxed shell layer (dify.shell). Requires the agent backend
    # to be wired with a shellctl entrypoint; see configs AGENT_SHELL_ENABLED.
    include_shell: bool = False
@ -175,9 +230,6 @@ class AgentBackendAgentAppRunInput(BaseModel):
    idempotency_key: str | None = None
    output: AgentBackendOutputConfig | None = None
    tools: DifyPluginToolsLayerConfig | None = None
-    # Drive Skills & Files declaration (dify.drive) — an index the agent pulls
-    # through the back proxy, never inline content; see AGENT_DRIVE_MANIFEST_ENABLED.
-    drive_config: DifyDriveLayerConfig | None = None
    # Inject the sandboxed shell layer (dify.shell). Requires the agent backend
    # to be wired with a shellctl entrypoint; see configs AGENT_SHELL_ENABLED.
    include_shell: bool = False
@ -236,18 +288,6 @@ class AgentBackendRunRequestBuilder:
            ]
        )

-        if run_input.drive_config is not None:
-            # Drive Skills & Files declaration (dify.drive): a config-only index;
-            # the agent pulls listed entries through the back proxy by drive_ref.
-            layers.append(
-                RunLayerSpec(
-                    name=DIFY_DRIVE_LAYER_ID,
-                    type=DIFY_DRIVE_LAYER_TYPE_ID,
-                    metadata=run_input.metadata,
-                    config=run_input.drive_config,
-                )
-            )
-
        if run_input.include_history:
            layers.append(
                RunLayerSpec(
@ -327,7 +367,7 @@ class AgentBackendRunRequestBuilder:
        self,
        *,
        session_snapshot: CompositorSessionSnapshot,
-        runtime_layer_specs: list[RuntimeLayerSpec],
+        composition_layer_specs: list[CleanupLayerSpec],
        idempotency_key: str | None = None,
        metadata: dict[str, JsonValue] | None = None,
    ) -> CreateRunRequest:
@ -340,9 +380,9 @@ class AgentBackendRunRequestBuilder:
        composition and the snapshot before submission because their configs
        require credentials that are not persisted between runs.
        """
-        if not runtime_layer_specs:
+        if not composition_layer_specs:
            raise ValueError(
-                "build_cleanup_request requires runtime_layer_specs; an empty "
+                "build_cleanup_request requires composition_layer_specs; an empty "
                "composition would fail the agent backend's snapshot validation."
            )
        request_metadata = dict(metadata or {})
@ -355,9 +395,9 @@ class AgentBackendRunRequestBuilder:
                metadata=dict(spec.metadata),
                config=spec.config,
            )
-            for spec in runtime_layer_specs
+            for spec in composition_layer_specs
        ]
-        filtered_snapshot = _filter_snapshot_to_specs(session_snapshot, runtime_layer_specs)
+        filtered_snapshot = _filter_snapshot_to_specs(session_snapshot, composition_layer_specs)
        return CreateRunRequest(
            composition=RunComposition(layers=layers),
            purpose="workflow_node",
@ -403,18 +443,6 @@ class AgentBackendRunRequestBuilder:
            ]
        )

-        if run_input.drive_config is not None:
-            # Drive Skills & Files declaration (dify.drive): a config-only index;
-            # the agent pulls listed entries through the back proxy by drive_ref.
-            layers.append(
-                RunLayerSpec(
-                    name=DIFY_DRIVE_LAYER_ID,
-                    type=DIFY_DRIVE_LAYER_TYPE_ID,
-                    metadata=run_input.metadata,
-                    config=run_input.drive_config,
-                )
-            )
-
        if run_input.include_history:
            layers.append(
                RunLayerSpec(
--- a/api/clients/agent_backend/workspace_files_client.py
+++ b/api/clients/agent_backend/workspace_files_client.py
@ -0,0 +1,135 @@
+"""API-side client for the agent backend's read-only workspace file endpoints.
+
+The agent backend exposes ``/workspaces/{session_id}/files{,/preview,/download}``
+to inspect a shell-layer sandbox workspace. This thin synchronous client proxies
+those reads for the console FS inspector and normalizes transport/HTTP failures
+into the API backend's ``AgentBackendError`` boundary, preserving the backend's
+status code and ``{code, message}`` detail so the controller can relay them.
+"""
+
+from __future__ import annotations
+
+import base64
+import binascii
+from dataclasses import dataclass
+from typing import Literal
+
+import httpx
+from pydantic import BaseModel
+
+from clients.agent_backend.errors import AgentBackendHTTPError, AgentBackendTransportError
+
+_DEFAULT_TIMEOUT_SECONDS = 30.0
+
+
+class WorkspaceFileEntry(BaseModel):
+    """One entry in a workspace directory listing."""
+
+    name: str
+    type: Literal["file", "dir", "symlink"]
+    size: int
+    mtime: int
+
+
+class WorkspaceListResult(BaseModel):
+    """Directory listing of a workspace path."""
+
+    path: str
+    entries: list[WorkspaceFileEntry]
+    truncated: bool
+
+
+class WorkspacePreviewResult(BaseModel):
+    """Inline preview of a workspace file."""
+
+    path: str
+    size: int
+    truncated: bool
+    binary: bool
+    text: str | None = None
+
+
+@dataclass(frozen=True, slots=True)
+class WorkspaceDownloadResult:
+    """Decoded bytes of a workspace file for download."""
+
+    path: str
+    size: int
+    truncated: bool
+    content: bytes
+
+
+class WorkspaceFilesBackendClient:
+    """Synchronous proxy to the agent backend workspace file endpoints."""
+
+    def __init__(
+        self,
+        base_url: str,
+        *,
+        timeout: float = _DEFAULT_TIMEOUT_SECONDS,
+        transport: httpx.BaseTransport | None = None,
+    ) -> None:
+        self._base_url = base_url.rstrip("/")
+        self._timeout = timeout
+        self._transport = transport
+
+    def list_files(self, session_id: str, path: str) -> WorkspaceListResult:
+        data = self._get(f"/workspaces/{session_id}/files", params={"path": path})
+        return WorkspaceListResult.model_validate(data)
+
+    def preview(self, session_id: str, path: str) -> WorkspacePreviewResult:
+        data = self._get(f"/workspaces/{session_id}/files/preview", params={"path": path})
+        return WorkspacePreviewResult.model_validate(data)
+
+    def download(self, session_id: str, path: str) -> WorkspaceDownloadResult:
+        data = self._get(f"/workspaces/{session_id}/files/download", params={"path": path})
+        encoded = data.get("content_base64")
+        if not isinstance(encoded, str):
+            raise AgentBackendHTTPError("agent backend download response missing content", status_code=502, detail=data)
+        try:
+            content = base64.b64decode(encoded, validate=True)
+        except (binascii.Error, ValueError) as exc:
+            raise AgentBackendHTTPError(
+                "agent backend returned undecodable download content", status_code=502, detail=str(exc)
+            ) from exc
+        size = data.get("size")
+        return WorkspaceDownloadResult(
+            path=str(data.get("path", path)),
+            size=int(size) if isinstance(size, (int, float)) else len(content),
+            truncated=bool(data.get("truncated")),
+            content=content,
+        )
+
+    def _get(self, route: str, *, params: dict[str, str]) -> dict[str, object]:
+        url = f"{self._base_url}{route}"
+        try:
+            with httpx.Client(timeout=self._timeout, transport=self._transport, trust_env=False) as client:
+                response = client.get(url, params=params)
+        except httpx.HTTPError as exc:
+            raise AgentBackendTransportError(f"failed to reach agent backend workspace endpoint: {exc}") from exc
+        if response.status_code >= 400:
+            detail: object
+            try:
+                detail = response.json().get("detail", response.text)
+            except ValueError:
+                detail = response.text
+            raise AgentBackendHTTPError(
+                f"agent backend workspace request failed ({response.status_code})",
+                status_code=response.status_code,
+                detail=detail,
+            )
+        body = response.json()
+        if not isinstance(body, dict):
+            raise AgentBackendHTTPError(
+                "agent backend workspace response was not an object", status_code=502, detail=body
+            )
+        return body
+
+
+__all__ = [
+    "WorkspaceDownloadResult",
+    "WorkspaceFileEntry",
+    "WorkspaceFilesBackendClient",
+    "WorkspaceListResult",
+    "WorkspacePreviewResult",
+]
--- a/api/commands/init.py
+++ b/api/commands/init.py
@ -11,7 +11,6 @@ from .data_migration import (
    migration_data_wizard,
 )
 from .plugin import (
-    backfill_plugin_auto_upgrade,
    extract_plugins,
    extract_unique_plugins,
    install_plugins,
@ -50,7 +49,6 @@ from .vector import (
 __all__ = [
    "add_qdrant_index",
    "archive_workflow_runs",
-    "backfill_plugin_auto_upgrade",
    "clean_expired_messages",
    "clean_workflow_runs",
    "cleanup_orphaned_draft_variables",
--- a/api/commands/data_migrate.py
+++ b/api/commands/data_migrate.py
@ -145,7 +145,7 @@ def legacy_model_types(
        option_name="--model-types",
    )
    selected_model_types = (
-        tuple(ModelType(model_type) for model_type in normalized_model_types)
+        tuple(ModelType.value_of(model_type) for model_type in normalized_model_types)
        if normalized_model_types
        else (
            ModelType.LLM,
--- a/api/commands/plugin.py
+++ b/api/commands/plugin.py
@ -1,11 +1,10 @@
 import json
 import logging
-import time
 from typing import Any, cast

 import click
 from pydantic import TypeAdapter
-from sqlalchemy import delete, func, select
+from sqlalchemy import delete, select
 from sqlalchemy.engine import CursorResult

 from configs import dify_config
@ -16,13 +15,11 @@ from core.plugin.plugin_service import PluginService
 from core.tools.utils.system_encryption import encrypt_system_params
 from extensions.ext_database import db
 from models import Tenant
-from models.account import TenantPluginAutoUpgradeStrategy
 from models.oauth import DatasourceOauthParamConfig, DatasourceProvider
 from models.provider_ids import DatasourceProviderID, ToolProviderID
 from models.source import DataSourceApiKeyAuthBinding, DataSourceOauthBinding
 from models.tools import ToolOAuthSystemClient
 from services.plugin.data_migration import PluginDataMigration
-from services.plugin.plugin_auto_upgrade_service import PluginAutoUpgradeService
 from services.plugin.plugin_migration import PluginMigration

 logger = logging.getLogger(__name__)
@ -405,110 +402,6 @@ def migrate_data_for_plugin():
    click.echo(click.style("Migrate data for plugin completed.", fg="green"))


-def _candidate_auto_upgrade_strategy_tenant_ids_stmt(limit: int | None = None):
-    category_count = len(TenantPluginAutoUpgradeStrategy.PluginCategory)
-    stmt = (
-        select(TenantPluginAutoUpgradeStrategy.tenant_id)
-        .group_by(TenantPluginAutoUpgradeStrategy.tenant_id)
-        .having(func.count(func.distinct(TenantPluginAutoUpgradeStrategy.category)) < category_count)
-        .order_by(TenantPluginAutoUpgradeStrategy.tenant_id)
-    )
-
-    if limit is not None:
-        stmt = stmt.limit(limit)
-
-    return stmt
-
-
-def _count_auto_upgrade_strategy_tenant_ids(limit: int | None) -> int:
-    candidate_stmt = _candidate_auto_upgrade_strategy_tenant_ids_stmt(limit).subquery()
-    return db.session.scalar(select(func.count()).select_from(candidate_stmt)) or 0
-
-
-def _iter_auto_upgrade_strategy_tenant_ids(limit: int | None):
-    stmt = _candidate_auto_upgrade_strategy_tenant_ids_stmt(limit).execution_options(yield_per=1000)
-    yield from db.session.scalars(stmt)
-
-
-@click.command(
-    "backfill-plugin-auto-upgrade",
-    help="Backfill category-scoped plugin auto-upgrade strategies and normalize plugin lists.",
-)
-@click.option("--tenant-id", multiple=True, help="Tenant ID to backfill. Can be passed multiple times.")
-@click.option("--limit", type=int, default=None, help="Maximum number of candidate tenants to process.")
-@click.option("--batch-size", type=int, default=500, show_default=True, help="Progress reporting batch size.")
-@click.option("--dry-run", is_flag=True, help="Only print candidate tenant count.")
-def backfill_plugin_auto_upgrade(
-    tenant_id: tuple[str, ...],
-    limit: int | None,
-    batch_size: int,
-    dry_run: bool,
-):
-    """
-    Backfill historical auto-upgrade strategies after the category column exists.
-
-    Missing category rows are created from the tenant's tool/default row. Pure default
-    strategies become latest for model plugins and fix-only for all other categories.
-    Tenants with include/exclude plugin IDs are split
-    by installed plugin category using plugin daemon metadata.
-    """
-    start_at = time.perf_counter()
-    candidate_count = len(tenant_id) if tenant_id else _count_auto_upgrade_strategy_tenant_ids(limit)
-    click.echo(click.style(f"Found {candidate_count} candidate tenants.", fg="yellow"))
-
-    if dry_run:
-        elapsed = time.perf_counter() - start_at
-        click.echo(click.style(f"Dry run completed. elapsed={elapsed:.2f}s", fg="green"))
-        return
-
-    tenant_ids = list(tenant_id) if tenant_id else _iter_auto_upgrade_strategy_tenant_ids(limit)
-
-    backfilled_count = 0
-    created_count = 0
-    normalized_count = 0
-    skipped_count = 0
-    failed_count = 0
-    for index, current_tenant_id in enumerate(tenant_ids, start=1):
-        try:
-            result = PluginAutoUpgradeService.backfill_strategy_categories(
-                current_tenant_id,
-            )
-        except Exception as e:
-            failed_count += 1
-            click.echo(click.style(f"Failed tenant {current_tenant_id}: {str(e)}", fg="red"))
-            continue
-
-        if result.created_count > 0:
-            backfilled_count += 1
-            created_count += result.created_count
-        elif not result.normalized:
-            skipped_count += 1
-        if result.normalized:
-            normalized_count += 1
-
-        if batch_size > 0 and index % batch_size == 0:
-            click.echo(
-                click.style(
-                    f"Processed {index}/{candidate_count} tenants. "
-                    f"backfilled={backfilled_count}, created_rows={created_count}, "
-                    f"normalized={normalized_count}, skipped={skipped_count}, failed={failed_count}, "
-                    f"elapsed={time.perf_counter() - start_at:.2f}s",
-                    fg="yellow",
-                )
-            )
-
-    elapsed = time.perf_counter() - start_at
-    click.echo(
-        click.style(
-            f"Backfill plugin auto-upgrade strategy categories completed. "
-            f"backfilled={backfilled_count}, created_rows={created_count}, "
-            f"normalized={normalized_count}, skipped={skipped_count}, failed={failed_count}, "
-            f"elapsed={elapsed:.2f}s",
-            fg="green",
-        )
-    )
-
-
@click.command("extract-plugins", help="Extract plugins.")
@click.option("--output_file", prompt=True, help="The file to store the extracted plugins.", default="plugins.jsonl")
@click.option("--workers", prompt=True, help="The number of workers to extract plugins.", default=10)
--- a/api/configs/enterprise/init.py
+++ b/api/configs/enterprise/init.py
@ -16,7 +16,7 @@ class EnterpriseFeatureConfig(BaseSettings):

    CAN_REPLACE_LOGO: bool = Field(
        description="Allow customization of the enterprise logo.",
-        default=True,
+        default=False,
    )

    ENTERPRISE_REQUEST_TIMEOUT: int = Field(
--- a/api/configs/extra/agent_backend_config.py
+++ b/api/configs/extra/agent_backend_config.py
@ -31,13 +31,3 @@ class AgentBackendConfig(BaseSettings):
        ),
        default=False,
    )
-
-    AGENT_DRIVE_MANIFEST_ENABLED: bool = Field(
-        description=(
-            "Inject the dify.drive layer (Skills & Files drive manifest declaration) "
-            "into Agent runs. The declaration is an index only — the agent backend "
-            "pulls the actual SKILL.md / files through the back proxy. Keep it off "
-            "until the agent backend registers the dify.drive layer type."
-        ),
-        default=False,
-    )
--- a/api/configs/feature/init.py
+++ b/api/configs/feature/init.py
@ -943,10 +943,9 @@ class AuthConfig(BaseSettings):
        default=True,
    )

-    OPENAPI_RATE_LIMIT_PER_TOKEN: NonNegativeInt = Field(
+    OPENAPI_RATE_LIMIT_PER_TOKEN: PositiveInt = Field(
        description="Per-token rate limit on /openapi/v1/* (requests per minute). "
-        "Bucket keyed on sha256(token), shared across api replicas via Redis. "
-        "Set to 0 to disable the per-token limit entirely.",
+        "Bucket keyed on sha256(token), shared across api replicas via Redis.",
        default=60,
    )

--- a/api/controllers/common/controller_schemas.py
+++ b/api/controllers/common/controller_schemas.py
@ -62,7 +62,7 @@ class WorkflowListQuery(BaseModel):

 class WorkflowRunPayload(BaseModel):
    inputs: dict[str, Any]
-    files: list[dict[str, Any]] | None = Field(default=None)
+    files: list[dict[str, Any]] | None = None


 class WorkflowUpdatePayload(BaseModel):
--- a/api/controllers/common/fields.py
+++ b/api/controllers/common/fields.py
@ -2,7 +2,7 @@ from __future__ import annotations

 from typing import Any

-from pydantic import BaseModel, ConfigDict, Field, RootModel, computed_field
+from pydantic import BaseModel, ConfigDict, Field, computed_field

 from fields.base import ResponseModel
 from graphon.file import helpers as file_helpers
@ -24,34 +24,6 @@ class SimpleResultResponse(ResponseModel):
    result: str


-class GeneratedAppResponse(RootModel[JSONValue]):
-    root: JSONValue
-
-
-class EventStreamResponse(RootModel[str]):
-    root: str
-
-
-class TextFileResponse(RootModel[str]):
-    root: str
-
-
-class RedirectResponse(RootModel[str]):
-    root: str
-
-
-class BinaryFileResponse(RootModel[bytes]):
-    root: bytes
-
-
-class AudioBinaryResponse(RootModel[bytes]):
-    root: bytes
-
-
-class AudioTranscriptResponse(ResponseModel):
-    text: str
-
-
 class SimpleResultMessageResponse(ResponseModel):
    result: str
    message: str
--- a/api/controllers/common/schema.py
+++ b/api/controllers/common/schema.py
@ -1,9 +1,9 @@
 """Helpers for registering Pydantic models with Flask-RESTX namespaces.

 Flask-RESTX treats `SchemaModel` bodies as opaque JSON schemas; it does not
-promote Pydantic's nested `$defs` into top-level OpenAPI component schemas.
+promote Pydantic's nested `$defs` into top-level Swagger `definitions`.
 These helpers keep that translation centralized so models registered through
-`register_schema_models` emit resolvable OpenAPI 3 references.
+`register_schema_models` emit resolvable Swagger 2.0 references.
 """

 from collections.abc import Iterable, Mapping
@ -14,7 +14,7 @@ from flask import request
 from flask_restx import Namespace
 from pydantic import BaseModel, TypeAdapter

-DEFAULT_REF_TEMPLATE_OPENAPI_3_0 = "#/components/schemas/{model}"
+DEFAULT_REF_TEMPLATE_SWAGGER_2_0 = "#/definitions/{model}"


 QueryParamDoc = TypedDict(
@ -27,18 +27,12 @@ QueryParamDoc = TypedDict(
        "description": NotRequired[str],
        "enum": NotRequired[list[object]],
        "default": NotRequired[object],
-        "format": NotRequired[str],
        "minimum": NotRequired[int | float],
        "maximum": NotRequired[int | float],
-        "exclusiveMinimum": NotRequired[int | float],
-        "exclusiveMaximum": NotRequired[int | float],
        "minLength": NotRequired[int],
        "maxLength": NotRequired[int],
-        "pattern": NotRequired[str],
        "minItems": NotRequired[int],
        "maxItems": NotRequired[int],
-        "uniqueItems": NotRequired[bool],
-        "multipleOf": NotRequired[int | float],
    },
 )

@ -54,6 +48,7 @@ class QueryArgs(Protocol):
 def _register_json_schema(namespace: Namespace, name: str, schema: dict) -> None:
    """Register a JSON schema and promote any nested Pydantic `$defs`."""

+    schema = _swagger_2_compatible_schema(schema)
    nested_definitions = schema.get("$defs")
    schema_to_register = dict(schema)
    if isinstance(nested_definitions, dict):
@ -76,12 +71,41 @@ def _register_schema_model(namespace: Namespace, model: type[BaseModel], *, mode
    _register_json_schema(
        namespace,
        model.__name__,
-        model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0, mode=mode),
+        model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0, mode=mode),
    )


+def _swagger_2_compatible_schema(value: Any) -> Any:
+    if isinstance(value, list):
+        return [_swagger_2_compatible_schema(item) for item in value]
+
+    if not isinstance(value, dict):
+        return value
+
+    converted = {key: _swagger_2_compatible_schema(child) for key, child in value.items()}
+    any_of = value.get("anyOf")
+    if not isinstance(any_of, list):
+        return converted
+
+    non_null_candidates = [
+        candidate for candidate in any_of if isinstance(candidate, Mapping) and candidate.get("type") != "null"
+    ]
+    has_null_candidate = any(isinstance(candidate, Mapping) and candidate.get("type") == "null" for candidate in any_of)
+    if not has_null_candidate or len(non_null_candidates) != 1:
+        return converted
+
+    non_null_schema = _swagger_2_compatible_schema(dict(non_null_candidates[0]))
+    if not isinstance(non_null_schema, dict):
+        return converted
+
+    converted.pop("anyOf", None)
+    converted.update(non_null_schema)
+    converted["x-nullable"] = True
+    return converted
+
+
 def register_schema_model(namespace: Namespace, model: type[BaseModel]) -> None:
-    """Register a BaseModel and its nested component schemas for OpenAPI documentation."""
+    """Register a BaseModel and its nested schema definitions for Swagger documentation."""

    _register_schema_model(namespace, model, mode="validation")

@ -122,7 +146,7 @@ def register_enum_models(namespace: Namespace, *models: type[StrEnum]) -> None:
        _register_json_schema(
            namespace,
            model.__name__,
-            TypeAdapter(model).json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0),
+            TypeAdapter(model).json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0),
        )


@ -131,11 +155,10 @@ def query_params_from_model(model: type[BaseModel]) -> dict[str, QueryParamDoc]:

    `Namespace.expect()` treats Pydantic schema models as request bodies, so GET
    endpoints should keep runtime validation on the Pydantic model and feed this
-    derived mapping to `Namespace.doc(params=...)` for OpenAPI documentation.
+    derived mapping to `Namespace.doc(params=...)` for Swagger documentation.
    """

-    schema = model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0)
-    definitions = _schema_definitions(schema)
+    schema = model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0)
    properties = schema.get("properties", {})
    if not isinstance(properties, Mapping):
        return {}
@ -148,11 +171,7 @@ def query_params_from_model(model: type[BaseModel]) -> dict[str, QueryParamDoc]:
        if not isinstance(name, str) or not isinstance(property_schema, Mapping):
            continue

-        params[name] = _query_param_from_property(
-            property_schema,
-            required=name in required_names,
-            definitions=definitions,
-        )
+        params[name] = _query_param_from_property(property_schema, required=name in required_names)

    return params

@ -184,7 +203,7 @@ def query_params_from_request[ModelT: BaseModel](


 def _drop_malformed_defaulted_integer_params(model: type[BaseModel], params: dict[str, Any]) -> None:
-    properties = model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0).get("properties", {})
+    properties = model.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0).get("properties", {})
    if not isinstance(properties, Mapping):
        return

@ -209,18 +228,8 @@ def _drop_malformed_defaulted_integer_params(model: type[BaseModel], params: dic
            params.pop(name)


-def _schema_definitions(schema: Mapping[str, Any]) -> Mapping[str, Any]:
-    definitions = schema.get("$defs")
-    return definitions if isinstance(definitions, Mapping) else {}
-
-
-def _query_param_from_property(
-    property_schema: Mapping[str, Any],
-    *,
-    required: bool,
-    definitions: Mapping[str, Any],
-) -> QueryParamDoc:
-    param_schema = _resolve_schema_ref(_nullable_property_schema(property_schema), definitions)
+def _query_param_from_property(property_schema: Mapping[str, Any], *, required: bool) -> QueryParamDoc:
+    param_schema = _nullable_property_schema(property_schema)
    param_doc: QueryParamDoc = {"in": "query", "required": required}

    description = param_schema.get("description")
@ -233,16 +242,9 @@ def _query_param_from_property(
        if schema_type == "array":
            items = param_schema.get("items")
            if isinstance(items, Mapping):
-                item_schema = _resolve_schema_ref(items, definitions)
-                item_type = item_schema.get("type")
+                item_type = items.get("type")
                if isinstance(item_type, str):
                    param_doc["items"] = {"type": item_type}
-                item_enum = item_schema.get("enum")
-                if isinstance(item_enum, list):
-                    param_doc.setdefault("items", {})["enum"] = item_enum
-                item_format = item_schema.get("format")
-                if isinstance(item_format, str):
-                    param_doc.setdefault("items", {})["format"] = item_format

    enum = param_schema.get("enum")
    if isinstance(enum, list):
@ -252,10 +254,6 @@ def _query_param_from_property(
    if default is not None:
        param_doc["default"] = default

-    schema_format = param_schema.get("format")
-    if isinstance(schema_format, str):
-        param_doc["format"] = schema_format
-
    minimum = param_schema.get("minimum")
    if isinstance(minimum, int | float):
        param_doc["minimum"] = minimum
@ -264,14 +262,6 @@ def _query_param_from_property(
    if isinstance(maximum, int | float):
        param_doc["maximum"] = maximum

-    exclusive_minimum = param_schema.get("exclusiveMinimum")
-    if isinstance(exclusive_minimum, int | float):
-        param_doc["exclusiveMinimum"] = exclusive_minimum
-
-    exclusive_maximum = param_schema.get("exclusiveMaximum")
-    if isinstance(exclusive_maximum, int | float):
-        param_doc["exclusiveMaximum"] = exclusive_maximum
-
    min_length = param_schema.get("minLength")
    if isinstance(min_length, int):
        param_doc["minLength"] = min_length
@ -280,10 +270,6 @@ def _query_param_from_property(
    if isinstance(max_length, int):
        param_doc["maxLength"] = max_length

-    pattern = param_schema.get("pattern")
-    if isinstance(pattern, str):
-        param_doc["pattern"] = pattern
-
    min_items = param_schema.get("minItems")
    if isinstance(min_items, int):
        param_doc["minItems"] = min_items
@ -292,31 +278,9 @@ def _query_param_from_property(
    if isinstance(max_items, int):
        param_doc["maxItems"] = max_items

-    unique_items = param_schema.get("uniqueItems")
-    if isinstance(unique_items, bool):
-        param_doc["uniqueItems"] = unique_items
-
-    multiple_of = param_schema.get("multipleOf")
-    if isinstance(multiple_of, int | float):
-        param_doc["multipleOf"] = multiple_of
-
    return param_doc


-def _resolve_schema_ref(property_schema: Mapping[str, Any], definitions: Mapping[str, Any]) -> Mapping[str, Any]:
-    ref = property_schema.get("$ref")
-    if not isinstance(ref, str):
-        return property_schema
-
-    ref_name = ref.rsplit("/", 1)[-1]
-    resolved = definitions.get(ref_name)
-    if not isinstance(resolved, Mapping):
-        return property_schema
-
-    property_without_ref = {key: value for key, value in property_schema.items() if key != "$ref"}
-    return {**resolved, **property_without_ref}
-
-
 def _nullable_property_schema(property_schema: Mapping[str, Any]) -> Mapping[str, Any]:
    any_of = property_schema.get("anyOf")
    if not isinstance(any_of, list):
@ -333,7 +297,7 @@ def _nullable_property_schema(property_schema: Mapping[str, Any]) -> Mapping[str


 __all__ = [
-    "DEFAULT_REF_TEMPLATE_OPENAPI_3_0",
+    "DEFAULT_REF_TEMPLATE_SWAGGER_2_0",
    "get_or_create_model",
    "query_params_from_model",
    "query_params_from_request",
--- a/api/controllers/common/wraps.py
+++ b/api/controllers/common/wraps.py
@ -1,30 +0,0 @@
-from collections.abc import Callable
-from functools import wraps
-
-from core.rbac import RBACPermission, RBACResourceScope
-
-__all__ = ["RBACPermission", "RBACResourceScope", "rbac_permission_required"]
-
-
-def rbac_permission_required[**P, R](
-    resource_type: RBACResourceScope,
-    scene: RBACPermission,
-    *,
-    resource_required: bool = True,
-) -> Callable[[Callable[P, R]], Callable[P, R]]:
-    """Check enterprise RBAC permissions for the current user.
-
-    Args:
-        resource_type: The :class:`RBACResourceScope` member (app/dataset/workspace).
-        scene: The :class:`RBACPermission` permission point.
-        resource_required: Whether a concrete resource ID is required.
-    """
-
-    def decorator(view: Callable[P, R]) -> Callable[P, R]:
-        @wraps(view)
-        def decorated(*args: P.args, **kwargs: P.kwargs) -> R:
-            return view(*args, **kwargs)
-
-        return decorated
-
-    return decorator
--- a/api/controllers/console/init.py
+++ b/api/controllers/console/init.py
@ -53,8 +53,7 @@ from .app import (
    agent,
    agent_app_access,
    agent_app_feature,
-    agent_app_sandbox,
-    agent_drive_inspector,
+    agent_app_workspace,
    annotation,
    app,
    audio,
@ -154,9 +153,8 @@ __all__ = [
    "agent",
    "agent_app_access",
    "agent_app_feature",
-    "agent_app_sandbox",
+    "agent_app_workspace",
    "agent_composer",
-    "agent_drive_inspector",
    "agent_providers",
    "agent_roster",
    "annotation",
--- a/api/controllers/console/agent/app_helpers.py
+++ b/api/controllers/console/agent/app_helpers.py
@ -1,10 +0,0 @@
-from uuid import UUID
-
-from extensions.ext_database import db
-from models.model import App
-from services.agent.roster_service import AgentRosterService
-
-
-def resolve_agent_app_model(*, tenant_id: str, agent_id: UUID) -> App:
-    """Resolve the hidden Agent App backing an Agent Console resource."""
-    return AgentRosterService(db.session).get_agent_app_model(tenant_id=tenant_id, agent_id=str(agent_id))
--- a/api/controllers/console/agent/composer.py
+++ b/api/controllers/console/agent/composer.py
@ -1,10 +1,7 @@
-from uuid import UUID
-
 from flask_restx import Resource

 from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
    account_initialization_required,
@ -38,10 +35,6 @@ register_response_schema_models(
 )


-def _resolve_agent_app_id(*, tenant_id: str, agent_id: UUID) -> str:
-    return resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id).id
-
-
@console_ns.route("/apps/<uuid:app_id>/workflows/draft/nodes/<string:node_id>/agent-composer")
 class WorkflowAgentComposerApi(Resource):
    @console_ns.response(
@ -101,13 +94,7 @@ class WorkflowAgentComposerValidateApi(Resource):
    def post(self, tenant_id: str, app_model: App, node_id: str):
        payload = ComposerSavePayload.model_validate(console_ns.payload or {})
        ComposerConfigValidator.validate_save_payload(payload)
-        findings = AgentComposerService.collect_validation_findings(
-            tenant_id=tenant_id,
-            payload=payload,
-            agent_id=AgentComposerService.resolve_workflow_node_agent_id(
-                tenant_id=tenant_id, app_id=app_model.id, node_id=node_id
-            ),
-        )
+        findings = AgentComposerService.collect_validation_findings(tenant_id=tenant_id, payload=payload)
        return dump_response(AgentComposerValidateResponse, {"result": "success", "errors": [], **findings})


@ -183,18 +170,18 @@ class WorkflowAgentComposerSaveToRosterApi(Resource):
        )


-@console_ns.route("/agent/<uuid:agent_id>/composer")
-class AgentComposerApi(Resource):
+@console_ns.route("/apps/<uuid:app_id>/agent-composer")
+class AgentAppComposerApi(Resource):
    @console_ns.response(200, "Agent app composer state", console_ns.models[AgentAppComposerResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        app_id = _resolve_agent_app_id(tenant_id=tenant_id, agent_id=agent_id)
+    def get(self, tenant_id: str, app_model: App):
        return dump_response(
            AgentAppComposerResponse,
-            AgentComposerService.load_agent_app_composer(tenant_id=tenant_id, app_id=app_id),
+            AgentComposerService.load_agent_app_composer(tenant_id=tenant_id, app_id=app_model.id),
        )

    @console_ns.expect(console_ns.models[ComposerSavePayload.__name__])
@ -203,24 +190,24 @@ class AgentComposerApi(Resource):
    @login_required
    @account_initialization_required
    @edit_permission_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_user_id
    @with_current_tenant_id
-    def put(self, tenant_id: str, account_id: str, agent_id: UUID):
-        app_id = _resolve_agent_app_id(tenant_id=tenant_id, agent_id=agent_id)
+    def put(self, tenant_id: str, account_id: str, app_model: App):
        payload = ComposerSavePayload.model_validate(console_ns.payload or {})
        return dump_response(
            AgentAppComposerResponse,
            AgentComposerService.save_agent_app_composer(
                tenant_id=tenant_id,
-                app_id=app_id,
+                app_id=app_model.id,
                account_id=account_id,
                payload=payload,
            ),
        )


-@console_ns.route("/agent/<uuid:agent_id>/composer/validate")
-class AgentComposerValidateApi(Resource):
+@console_ns.route("/apps/<uuid:app_id>/agent-composer/validate")
+class AgentAppComposerValidateApi(Resource):
    @console_ns.expect(console_ns.models[ComposerSavePayload.__name__])
    @console_ns.response(
        200, "Agent app composer validation result", console_ns.models[AgentComposerValidateResponse.__name__]
@ -228,36 +215,32 @@ class AgentComposerValidateApi(Resource):
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_tenant_id
-    def post(self, tenant_id: str, agent_id: UUID):
-        _resolve_agent_app_id(tenant_id=tenant_id, agent_id=agent_id)
+    def post(self, tenant_id: str, app_model: App):
        payload = ComposerSavePayload.model_validate(console_ns.payload or {})
        ComposerConfigValidator.validate_save_payload(payload)
-        findings = AgentComposerService.collect_validation_findings(
-            tenant_id=tenant_id,
-            payload=payload,
-            agent_id=str(agent_id),
-        )
+        findings = AgentComposerService.collect_validation_findings(tenant_id=tenant_id, payload=payload)
        return dump_response(AgentComposerValidateResponse, {"result": "success", "errors": [], **findings})


-@console_ns.route("/agent/<uuid:agent_id>/composer/candidates")
-class AgentComposerCandidatesApi(Resource):
+@console_ns.route("/apps/<uuid:app_id>/agent-composer/candidates")
+class AgentAppComposerCandidatesApi(Resource):
    @console_ns.response(
        200, "Agent app composer candidates", console_ns.models[AgentComposerCandidatesResponse.__name__]
    )
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_user_id
    @with_current_tenant_id
-    def get(self, tenant_id: str, current_user_id: str, agent_id: UUID):
-        app_id = _resolve_agent_app_id(tenant_id=tenant_id, agent_id=agent_id)
+    def get(self, tenant_id: str, current_user_id: str, app_model: App):
        return dump_response(
            AgentComposerCandidatesResponse,
            AgentComposerService.get_agent_app_candidates(
                tenant_id=tenant_id,
-                app_id=app_id,
+                app_id=app_model.id,
                user_id=current_user_id,
            ),
        )
--- a/api/controllers/console/agent/roster.py
+++ b/api/controllers/console/agent/roster.py
@ -6,40 +6,25 @@ from pydantic import BaseModel, Field

 from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
 from controllers.console import console_ns
-from controllers.console.app.app import (
-    AppDetailWithSite,
-    AppListQuery,
-    AppPagination,
-    UpdateAppPayload,
-    _normalize_app_list_query_args,
-)
 from controllers.console.wraps import (
    account_initialization_required,
-    cloud_edition_billing_resource_check,
    edit_permission_required,
-    enterprise_license_required,
    setup_required,
    with_current_tenant_id,
-    with_current_user,
+    with_current_user_id,
 )
 from extensions.ext_database import db
 from fields.agent_fields import (
    AgentConfigSnapshotDetailResponse,
    AgentConfigSnapshotListResponse,
    AgentInviteOptionsResponse,
-    AgentPublishedReferenceResponse,
    AgentRosterListResponse,
+    AgentRosterResponse,
 )
 from libs.helper import dump_response
 from libs.login import login_required
-from models import Account
-from models.model import IconType
-from services.agent.errors import AgentNotFoundError
 from services.agent.roster_service import AgentRosterService
-from services.app_service import AppListParams, AppService, CreateAppParams
-from services.enterprise.enterprise_service import EnterpriseService
-from services.entities.agent_entities import RosterListQuery
-from services.feature_service import FeatureService
+from services.entities.agent_entities import RosterAgentCreatePayload, RosterAgentUpdatePayload, RosterListQuery


 class AgentInviteOptionsQuery(RosterListQuery):
@ -50,32 +35,21 @@ class AgentIdPath(BaseModel):
    agent_id: str


-class AgentAppCreatePayload(BaseModel):
-    name: str = Field(..., min_length=1, description="Agent name")
-    description: str | None = Field(default=None, description="Agent description (max 400 chars)", max_length=400)
-    icon_type: IconType | None = Field(default=None, description="Icon type")
-    icon: str | None = Field(default=None, description="Icon")
-    icon_background: str | None = Field(default=None, description="Icon background color")
-
-
 register_schema_models(
    console_ns,
-    AgentAppCreatePayload,
    AgentInviteOptionsQuery,
    AgentIdPath,
-    AppListQuery,
-    UpdateAppPayload,
+    RosterAgentCreatePayload,
+    RosterAgentUpdatePayload,
    RosterListQuery,
 )
 register_response_schema_models(
    console_ns,
-    AppDetailWithSite,
-    AppPagination,
    AgentConfigSnapshotDetailResponse,
    AgentConfigSnapshotListResponse,
    AgentInviteOptionsResponse,
-    AgentPublishedReferenceResponse,
    AgentRosterListResponse,
+    AgentRosterResponse,
 )


@ -83,138 +57,42 @@ def _agent_roster_service() -> AgentRosterService:
    return AgentRosterService(db.session)


-def _serialize_agent_app_detail(app_model) -> dict:
-    app_model = AppService().get_app(app_model)
-    if FeatureService.get_system_features().webapp_auth.enabled:
-        app_setting = EnterpriseService.WebAppAuth.get_app_access_mode_by_id(app_id=str(app_model.id))
-        app_model.access_mode = app_setting.access_mode  # type: ignore[attr-defined]
-
-    payload = AppDetailWithSite.model_validate(app_model, from_attributes=True).model_dump(mode="json")
-    agent_id = payload.pop("bound_agent_id", None)
-    if not agent_id:
-        raise AgentNotFoundError()
-    payload["id"] = agent_id
-    return payload
-
-
-def _serialize_agent_app_pagination(app_pagination) -> dict:
-    payload = AppPagination.model_validate(app_pagination, from_attributes=True).model_dump(mode="json")
-    for item in payload["data"]:
-        agent_id = item.pop("bound_agent_id", None)
-        if agent_id:
-            item["id"] = agent_id
-    return payload
-
-
-def _resolve_agent_app_model(*, tenant_id: str, agent_id: UUID):
-    return _agent_roster_service().get_agent_app_model(tenant_id=tenant_id, agent_id=str(agent_id))
-
-
-@console_ns.route("/agent")
-class AgentAppListApi(Resource):
-    @console_ns.doc(params=query_params_from_model(AppListQuery))
-    @console_ns.response(200, "Agent app list", console_ns.models[AppPagination.__name__])
+@console_ns.route("/agents")
+class AgentRosterListApi(Resource):
+    @console_ns.doc(params=query_params_from_model(RosterListQuery))
+    @console_ns.response(200, "Agent roster list", console_ns.models[AgentRosterListResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
-    @with_current_user
    @with_current_tenant_id
-    def get(self, current_tenant_id: str, current_user: Account):
-        args = AppListQuery.model_validate(_normalize_app_list_query_args(request.args))
-        params = AppListParams(
-            page=args.page,
-            limit=args.limit,
-            mode="agent",
-            name=args.name,
-            tag_ids=args.tag_ids,
-            creator_ids=args.creator_ids,
-            is_created_by_me=args.is_created_by_me,
-            status="normal",
+    def get(self, tenant_id: str):
+        query = RosterListQuery.model_validate(request.args.to_dict(flat=True))
+        return dump_response(
+            AgentRosterListResponse,
+            _agent_roster_service().list_roster_agents(
+                tenant_id=tenant_id, page=query.page, limit=query.limit, keyword=query.keyword
+            ),
        )

-        app_pagination = AppService().get_paginate_apps(current_user.id, current_tenant_id, params)
-        if app_pagination is None:
-            empty = AppPagination(page=args.page, limit=args.limit, total=0, has_more=False, data=[])
-            return empty.model_dump(mode="json")
-
-        return _serialize_agent_app_pagination(app_pagination)
-
-    @console_ns.expect(console_ns.models[AgentAppCreatePayload.__name__])
-    @console_ns.response(201, "Agent app created successfully", console_ns.models[AppDetailWithSite.__name__])
-    @console_ns.response(403, "Insufficient permissions")
-    @console_ns.response(400, "Invalid request parameters")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @cloud_edition_billing_resource_check("apps")
-    @edit_permission_required
-    @with_current_user
-    @with_current_tenant_id
-    def post(self, current_tenant_id: str, current_user: Account):
-        args = AgentAppCreatePayload.model_validate(console_ns.payload)
-        params = CreateAppParams(
-            name=args.name,
-            description=args.description,
-            mode="agent",
-            icon_type=args.icon_type,
-            icon=args.icon,
-            icon_background=args.icon_background,
-        )
-
-        app = AppService().create_app(current_tenant_id, params, current_user)
-        return _serialize_agent_app_detail(app), 201
-
-
-@console_ns.route("/agent/<uuid:agent_id>")
-class AgentAppApi(Resource):
-    @console_ns.response(200, "Agent app detail", console_ns.models[AppDetailWithSite.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @enterprise_license_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        app_model = _resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _serialize_agent_app_detail(app_model)
-
-    @console_ns.expect(console_ns.models[UpdateAppPayload.__name__])
-    @console_ns.response(200, "Agent app updated successfully", console_ns.models[AppDetailWithSite.__name__])
-    @console_ns.response(403, "Insufficient permissions")
-    @console_ns.response(400, "Invalid request parameters")
+    @console_ns.expect(console_ns.models[RosterAgentCreatePayload.__name__])
+    @console_ns.response(201, "Agent created", console_ns.models[AgentRosterResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
    @edit_permission_required
+    @with_current_user_id
    @with_current_tenant_id
-    def put(self, tenant_id: str, agent_id: UUID):
-        app_model = _resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        args = UpdateAppPayload.model_validate(console_ns.payload)
-        args_dict: AppService.ArgsDict = {
-            "name": args.name,
-            "description": args.description or "",
-            "icon_type": args.icon_type,
-            "icon": args.icon or "",
-            "icon_background": args.icon_background or "",
-            "use_icon_as_answer_icon": args.use_icon_as_answer_icon or False,
-            "max_active_requests": args.max_active_requests or 0,
-        }
-        updated = AppService().update_app(app_model, args_dict)
-        return _serialize_agent_app_detail(updated)
-
-    @console_ns.response(204, "Agent app deleted successfully")
-    @console_ns.response(403, "Insufficient permissions")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @edit_permission_required
-    @with_current_tenant_id
-    def delete(self, tenant_id: str, agent_id: UUID):
-        app_model = _resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        AppService().delete_app(app_model)
-        return "", 204
+    def post(self, tenant_id: str, account_id: str):
+        payload = RosterAgentCreatePayload.model_validate(console_ns.payload or {})
+        service = _agent_roster_service()
+        agent = service.create_roster_agent(tenant_id=tenant_id, account_id=account_id, payload=payload)
+        return dump_response(
+            AgentRosterResponse,
+            service.get_roster_agent_detail(tenant_id=tenant_id, agent_id=agent.id),
+        ), 201


-@console_ns.route("/agent/invite-options")
+@console_ns.route("/agents/invite-options")
 class AgentInviteOptionsApi(Resource):
    @console_ns.doc(params=query_params_from_model(AgentInviteOptionsQuery))
    @console_ns.response(200, "Agent invite options", console_ns.models[AgentInviteOptionsResponse.__name__])
@ -236,7 +114,49 @@ class AgentInviteOptionsApi(Resource):
        )


-@console_ns.route("/agent/<uuid:agent_id>/versions")
+@console_ns.route("/agents/<uuid:agent_id>")
+class AgentRosterDetailApi(Resource):
+    @console_ns.response(200, "Agent detail", console_ns.models[AgentRosterResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @with_current_tenant_id
+    def get(self, tenant_id: str, agent_id: UUID):
+        return dump_response(
+            AgentRosterResponse,
+            _agent_roster_service().get_roster_agent_detail(tenant_id=tenant_id, agent_id=str(agent_id)),
+        )
+
+    @console_ns.expect(console_ns.models[RosterAgentUpdatePayload.__name__])
+    @console_ns.response(200, "Agent updated", console_ns.models[AgentRosterResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @edit_permission_required
+    @with_current_user_id
+    @with_current_tenant_id
+    def patch(self, tenant_id: str, account_id: str, agent_id: UUID):
+        payload = RosterAgentUpdatePayload.model_validate(console_ns.payload or {})
+        return dump_response(
+            AgentRosterResponse,
+            _agent_roster_service().update_roster_agent(
+                tenant_id=tenant_id, agent_id=str(agent_id), account_id=account_id, payload=payload
+            ),
+        )
+
+    @console_ns.response(204, "Agent archived")
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @edit_permission_required
+    @with_current_user_id
+    @with_current_tenant_id
+    def delete(self, tenant_id: str, account_id: str, agent_id: UUID):
+        _agent_roster_service().archive_roster_agent(tenant_id=tenant_id, agent_id=str(agent_id), account_id=account_id)
+        return "", 204
+
+
+@console_ns.route("/agents/<uuid:agent_id>/versions")
 class AgentRosterVersionsApi(Resource):
    @console_ns.response(200, "Agent versions", console_ns.models[AgentConfigSnapshotListResponse.__name__])
    @setup_required
@ -250,7 +170,7 @@ class AgentRosterVersionsApi(Resource):
        )


-@console_ns.route("/agent/<uuid:agent_id>/versions/<uuid:version_id>")
+@console_ns.route("/agents/<uuid:agent_id>/versions/<uuid:version_id>")
 class AgentRosterVersionDetailApi(Resource):
    @console_ns.response(200, "Agent version detail", console_ns.models[AgentConfigSnapshotDetailResponse.__name__])
    @setup_required
--- a/api/controllers/console/app/advanced_prompt_template.py
+++ b/api/controllers/console/app/advanced_prompt_template.py
@ -1,17 +1,9 @@
-from typing import Any
-
 from flask import request
-from flask_restx import Resource
+from flask_restx import Resource, fields
 from pydantic import BaseModel, Field

-from controllers.common.schema import (
-    DEFAULT_REF_TEMPLATE_OPENAPI_3_0,
-    query_params_from_model,
-    register_response_schema_models,
-)
 from controllers.console import console_ns
 from controllers.console.wraps import account_initialization_required, setup_required
-from fields.base import ResponseModel
 from libs.login import login_required
 from services.advanced_prompt_template_service import AdvancedPromptTemplateArgs, AdvancedPromptTemplateService

@ -23,27 +15,19 @@ class AdvancedPromptTemplateQuery(BaseModel):
    model_name: str = Field(..., description="Model name")


-class AdvancedPromptTemplateResponse(ResponseModel):
-    chat_prompt_config: dict[str, Any] | None = Field(default=None)
-    completion_prompt_config: dict[str, Any] | None = Field(default=None)
-
-
 console_ns.schema_model(
    AdvancedPromptTemplateQuery.__name__,
-    AdvancedPromptTemplateQuery.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0),
+    AdvancedPromptTemplateQuery.model_json_schema(ref_template="#/definitions/{model}"),
 )
-register_response_schema_models(console_ns, AdvancedPromptTemplateResponse)


@console_ns.route("/app/prompt-templates")
 class AdvancedPromptTemplateList(Resource):
    @console_ns.doc("get_advanced_prompt_templates")
    @console_ns.doc(description="Get advanced prompt templates based on app mode and model configuration")
-    @console_ns.doc(params=query_params_from_model(AdvancedPromptTemplateQuery))
+    @console_ns.expect(console_ns.models[AdvancedPromptTemplateQuery.__name__])
    @console_ns.response(
-        200,
-        "Prompt templates retrieved successfully",
-        console_ns.models[AdvancedPromptTemplateResponse.__name__],
+        200, "Prompt templates retrieved successfully", fields.List(fields.Raw(description="Prompt template data"))
    )
    @console_ns.response(400, "Invalid request parameters")
    @setup_required
--- a/api/controllers/console/app/agent.py
+++ b/api/controllers/console/app/agent.py
@ -1,56 +1,22 @@
-import logging
-from typing import Any
-from uuid import UUID
-
 from flask import request
-from flask_restx import Resource
+from flask_restx import Resource, fields
 from pydantic import BaseModel, Field, field_validator
-from sqlalchemy import select

-from controllers.common.schema import (
-    query_params_from_model,
-    query_params_from_request,
-    register_response_schema_models,
-    register_schema_models,
-)
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
 from controllers.console.app.wraps import get_app_model
-from controllers.console.wraps import (
-    account_initialization_required,
-    setup_required,
-    with_current_tenant_id,
-    with_current_user,
-)
+from controllers.console.wraps import account_initialization_required, setup_required, with_current_user
 from extensions.ext_database import db
-from fields.base import ResponseModel
 from libs.helper import uuid_value
 from libs.login import login_required
 from models import Account
-from models.agent_config_entities import AgentFileRefConfig, AgentSkillRefConfig
-from models.model import App, AppMode, UploadFile
-from services.agent.composer_service import AgentComposerService
-from services.agent.skill_package_service import SkillManifest, SkillPackageError, SkillPackageService
+from models.model import App, AppMode
+from services.agent.skill_package_service import SkillPackageError, SkillPackageService
 from services.agent.skill_standardize_service import SkillStandardizeService
-from services.agent.skill_tool_inference_service import (
-    SkillToolInferenceError,
-    SkillToolInferenceResult,
-    SkillToolInferenceService,
-)
-from services.agent_drive_service import (
-    AgentDriveError,
-    AgentDriveService,
-    DriveCommitItem,
-    DriveFileRef,
-    normalize_drive_key,
-)
+from services.agent_drive_service import AgentDriveError
 from services.agent_service import AgentService
 from services.file_service import FileService

-logger = logging.getLogger(__name__)
-
-_WORKFLOW_AGENT_DRIVE_APP_MODES = [AppMode.WORKFLOW, AppMode.ADVANCED_CHAT]
-

 class AgentLogQuery(BaseModel):
    message_id: str = Field(..., description="Message UUID")
@ -62,302 +28,7 @@ class AgentLogQuery(BaseModel):
        return uuid_value(value)


-class AgentDriveFilePayload(BaseModel):
-    upload_file_id: str = Field(..., description="UploadFile UUID from POST /console/api/files/upload")
-
-    @field_validator("upload_file_id")
-    @classmethod
-    def validate_upload_file_id(cls, value: str) -> str:
-        return uuid_value(value)
-
-
-class AgentDriveMutationQuery(BaseModel):
-    node_id: str | None = Field(default=None, description="Workflow node ID (workflow composer variant)")
-
-
-class AgentDriveDeleteFileQuery(AgentDriveMutationQuery):
-    key: str = Field(min_length=1, description="Drive key, e.g. files/sample.pdf")
-
-
-class AgentDriveDeleteFileByAgentQuery(BaseModel):
-    key: str = Field(min_length=1, description="Drive key, e.g. files/sample.pdf")
-
-
-class AgentLogMetaResponse(ResponseModel):
-    status: str
-    executor: str
-    start_time: str
-    elapsed_time: float | None = None
-    total_tokens: int
-    agent_mode: str
-    iterations: int
-
-
-class AgentToolCallResponse(ResponseModel):
-    status: str
-    error: str | None = None
-    time_cost: float | int
-    tool_name: str
-    tool_label: str
-    tool_input: dict[str, Any]
-    tool_output: dict[str, Any]
-    tool_parameters: dict[str, Any]
-    tool_icon: Any = Field(default=None)
-
-
-class AgentIterationLogResponse(ResponseModel):
-    tokens: int
-    tool_calls: list[AgentToolCallResponse]
-    tool_raw: dict[str, Any]
-    thought: str | None = None
-    created_at: str
-    files: list[Any] = Field(default_factory=list)
-
-
-class AgentLogResponse(ResponseModel):
-    meta: AgentLogMetaResponse
-    iterations: list[AgentIterationLogResponse]
-    files: list[Any] = Field(default_factory=list)
-
-
-class AgentSkillUploadResponse(ResponseModel):
-    skill: AgentSkillRefConfig
-    manifest: SkillManifest
-
-
-class AgentSkillStandardizeResponse(ResponseModel):
-    skill: AgentSkillRefConfig
-    manifest: SkillManifest
-
-
-class AgentDriveFileResponse(ResponseModel):
-    name: str
-    drive_key: str
-    file_id: str
-    size: int | None = None
-    mime_type: str | None = None
-
-
-class AgentDriveFileCommitResponse(ResponseModel):
-    file: AgentDriveFileResponse
-    config_version_id: str | None = None
-
-
-class AgentDriveDeleteResponse(ResponseModel):
-    result: str
-    removed_keys: list[str] = Field(default_factory=list)
-    config_version_id: str | None = None
-
-
-register_schema_models(console_ns, AgentLogQuery, AgentDriveFilePayload, AgentDriveDeleteFileByAgentQuery)
-register_response_schema_models(
-    console_ns,
-    AgentDriveDeleteResponse,
-    AgentDriveFileCommitResponse,
-    AgentDriveFileResponse,
-    AgentLogResponse,
-    AgentSkillStandardizeResponse,
-    AgentSkillUploadResponse,
-    SkillToolInferenceResult,
-)
-
-
-def _resolve_agent_id(app_model: App, node_id: str | None) -> str | None:
-    if node_id and app_model.mode != AppMode.AGENT:
-        return AgentComposerService.resolve_workflow_node_agent_id(
-            tenant_id=app_model.tenant_id, app_id=app_model.id, node_id=node_id
-        )
-    return app_model.bound_agent_id
-
-
-def _agent_not_bound() -> tuple[dict[str, str], int]:
-    return {"code": "agent_not_bound", "message": "no agent is bound for this app/node"}, 400
-
-
-def _upload_skill_for_app(*, current_user: Account):
-    if "file" not in request.files:
-        return {"code": "no_file", "message": "no skill file uploaded"}, 400
-    if len(request.files) > 1:
-        return {"code": "too_many_files", "message": "only one skill file is allowed"}, 400
-
-    upload = request.files["file"]
-    content = upload.stream.read()
-    try:
-        manifest = SkillPackageService().validate_and_extract(content=content, filename=upload.filename or "")
-    except SkillPackageError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-
-    upload_file = FileService(db.engine).upload_file(
-        filename=upload.filename or "skill.zip",
-        content=content,
-        mimetype=upload.mimetype or "application/zip",
-        user=current_user,
-    )
-    skill_ref = manifest.to_skill_ref(file_id=upload_file.id)
-    return {"skill": skill_ref.model_dump(exclude_none=True), "manifest": manifest.model_dump()}, 201
-
-
-def _standardize_skill_for_app(*, current_user: Account, app_model: App):
-    query = query_params_from_request(AgentDriveMutationQuery)
-    agent_id = _resolve_agent_id(app_model, query.node_id)
-    if not agent_id:
-        return _agent_not_bound()
-    if "file" not in request.files:
-        return {"code": "no_file", "message": "no skill file uploaded"}, 400
-    if len(request.files) > 1:
-        return {"code": "too_many_files", "message": "only one skill file is allowed"}, 400
-
-    upload = request.files["file"]
-    content = upload.stream.read()
-    try:
-        result = SkillStandardizeService().standardize(
-            content=content,
-            filename=upload.filename or "",
-            tenant_id=app_model.tenant_id,
-            user_id=current_user.id,
-            agent_id=agent_id,
-        )
-    except (SkillPackageError, AgentDriveError) as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-    return result, 201
-
-
-def _commit_drive_file_for_app(*, current_user: Account, app_model: App, allow_node_id: bool = True):
-    query = query_params_from_request(AgentDriveMutationQuery)
-    node_id = query.node_id if allow_node_id else None
-    agent_id = _resolve_agent_id(app_model, node_id)
-    if not agent_id:
-        return _agent_not_bound()
-    payload = AgentDriveFilePayload.model_validate(console_ns.payload or {})
-
-    upload_file = db.session.scalar(
-        select(UploadFile).where(
-            UploadFile.id == payload.upload_file_id,
-            UploadFile.tenant_id == app_model.tenant_id,
-        )
-    )
-    if upload_file is None:
-        return {"code": "upload_file_not_found", "message": "upload file not found in this workspace"}, 404
-
-    try:
-        key = normalize_drive_key(f"files/{upload_file.name}")
-        committed = AgentDriveService().commit(
-            tenant_id=app_model.tenant_id,
-            user_id=current_user.id,
-            agent_id=agent_id,
-            items=[
-                DriveCommitItem(
-                    key=key,
-                    file_ref=DriveFileRef(kind="upload_file", id=upload_file.id),
-                    # ADD FILE uploads exist solely to live in the drive, so the
-                    # drive owns (and physically cleans) the value on delete.
-                    value_owned_by_drive=True,
-                )
-            ],
-        )
-    except AgentDriveError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-
-    row = committed[0]
-    file_ref = AgentFileRefConfig.model_validate(
-        {
-            "id": row["key"],
-            "name": upload_file.name,
-            "file_id": upload_file.id,
-            "drive_key": row["key"],
-            "type": row.get("mime_type"),
-            "size": row.get("size"),
-        }
-    )
-    config_version_id = AgentComposerService.add_drive_file_ref(
-        tenant_id=app_model.tenant_id,
-        agent_id=agent_id,
-        account_id=current_user.id,
-        file_ref=file_ref,
-        app_id=app_model.id,
-        node_id=node_id,
-    )
-    return {
-        "file": {
-            "name": upload_file.name,
-            "drive_key": row["key"],
-            "file_id": upload_file.id,
-            "size": row.get("size"),
-            "mime_type": row.get("mime_type"),
-        },
-        "config_version_id": config_version_id,
-    }, 201
-
-
-def _delete_drive_file_for_app(*, current_user: Account, app_model: App, allow_node_id: bool = True):
-    query = query_params_from_request(AgentDriveDeleteFileQuery)
-    node_id = query.node_id if allow_node_id else None
-    agent_id = _resolve_agent_id(app_model, node_id)
-    if not agent_id:
-        return _agent_not_bound()
-    try:
-        key = normalize_drive_key(query.key)
-    except AgentDriveError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-
-    config_version_id = AgentComposerService.remove_drive_refs(
-        tenant_id=app_model.tenant_id,
-        agent_id=agent_id,
-        account_id=current_user.id,
-        file_key=key,
-        app_id=app_model.id,
-        node_id=node_id,
-    )
-    removed_keys: list[str] = []
-    try:
-        removed_keys = AgentDriveService().delete(tenant_id=app_model.tenant_id, agent_id=agent_id, key=key)
-    except AgentDriveError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-    except Exception:
-        # Soul-first ordering: the ref is already gone; orphan KV rows are
-        # harmless and an idempotent DELETE retry cleans them.
-        logger.exception("agent drive delete failed for key %s (soul already updated)", key)
-    return {"result": "success", "removed_keys": removed_keys, "config_version_id": config_version_id}
-
-
-def _delete_skill_for_app(*, current_user: Account, app_model: App, slug: str, allow_node_id: bool = True):
-    query = query_params_from_request(AgentDriveMutationQuery)
-    node_id = query.node_id if allow_node_id else None
-    agent_id = _resolve_agent_id(app_model, node_id)
-    if not agent_id:
-        return _agent_not_bound()
-    if "/" in slug or not slug.strip():
-        return {"code": "drive_key_invalid", "message": "skill slug must be a single path segment"}, 400
-
-    config_version_id = AgentComposerService.remove_drive_refs(
-        tenant_id=app_model.tenant_id,
-        agent_id=agent_id,
-        account_id=current_user.id,
-        skill_slug=slug,
-        app_id=app_model.id,
-        node_id=node_id,
-    )
-    removed_keys: list[str] = []
-    try:
-        removed_keys = AgentDriveService().delete(tenant_id=app_model.tenant_id, agent_id=agent_id, prefix=f"{slug}/")
-    except AgentDriveError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-    except Exception:
-        logger.exception("agent drive delete failed for skill %s (soul already updated)", slug)
-    return {"result": "success", "removed_keys": removed_keys, "config_version_id": config_version_id}
-
-
-def _infer_skill_tools_for_app(*, app_model: App, slug: str):
-    query = query_params_from_request(AgentDriveMutationQuery)
-    agent_id = _resolve_agent_id(app_model, query.node_id)
-    if not agent_id:
-        return _agent_not_bound()
-    if "/" in slug or not slug.strip():
-        return {"code": "drive_key_invalid", "message": "skill slug must be a single path segment"}, 400
-    try:
-        return SkillToolInferenceService().infer(tenant_id=app_model.tenant_id, agent_id=agent_id, slug=slug)
-    except SkillToolInferenceError as exc:
-        return {"code": exc.code, "message": exc.message}, exc.status_code
+register_schema_models(console_ns, AgentLogQuery)


@console_ns.route("/apps/<uuid:app_id>/agent/logs")
@ -365,8 +36,10 @@ class AgentLogApi(Resource):
    @console_ns.doc("get_agent_logs")
    @console_ns.doc(description="Get agent execution logs for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(AgentLogQuery))
-    @console_ns.response(200, "Agent logs retrieved successfully", console_ns.models[AgentLogResponse.__name__])
+    @console_ns.expect(console_ns.models[AgentLogQuery.__name__])
+    @console_ns.response(
+        200, "Agent logs retrieved successfully", fields.List(fields.Raw(description="Agent log entries"))
+    )
    @console_ns.response(400, "Invalid request parameters")
    @setup_required
    @login_required
@ -379,34 +52,17 @@ class AgentLogApi(Resource):
        return AgentService.get_agent_logs(app_model, args.conversation_id, args.message_id)


-@console_ns.route("/agent/<uuid:agent_id>/skills/upload")
-class AgentSkillUploadByAgentApi(Resource):
-    @console_ns.doc("upload_agent_skill_by_agent")
-    @console_ns.doc(description="Upload + validate a Skill package for an Agent App")
-    @console_ns.doc(params={"agent_id": "Agent ID"})
-    @console_ns.response(201, "Skill validated", console_ns.models[AgentSkillUploadResponse.__name__])
-    @console_ns.response(400, "Invalid skill package")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    @with_current_tenant_id
-    def post(self, tenant_id: str, current_user: Account, agent_id: UUID):
-        resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _upload_skill_for_app(current_user=current_user)
-
-
@console_ns.route("/apps/<uuid:app_id>/agent/skills/upload")
 class AgentSkillUploadApi(Resource):
    @console_ns.doc("upload_agent_skill")
    @console_ns.doc(description="Upload + validate a Skill package (.zip/.skill) and extract its manifest")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(201, "Skill validated", console_ns.models[AgentSkillUploadResponse.__name__])
+    @console_ns.response(201, "Skill validated")
    @console_ns.response(400, "Invalid skill package")
    @setup_required
    @login_required
    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_user
    def post(self, current_user: Account, app_model: App):
        """Validate an uploaded Skill package and persist the archive.
@ -414,194 +70,60 @@ class AgentSkillUploadApi(Resource):
        Returns a validated skill ref (to bind into the Agent soul config on save)
        plus its manifest. Standardizing into the agent drive is ENG-594.
        """
-        return _upload_skill_for_app(current_user=current_user)
+        if "file" not in request.files:
+            return {"code": "no_file", "message": "no skill file uploaded"}, 400
+        if len(request.files) > 1:
+            return {"code": "too_many_files", "message": "only one skill file is allowed"}, 400

+        upload = request.files["file"]
+        content = upload.stream.read()
+        try:
+            manifest = SkillPackageService().validate_and_extract(content=content, filename=upload.filename or "")
+        except SkillPackageError as exc:
+            return {"code": exc.code, "message": exc.message}, exc.status_code

-@console_ns.route("/agent/<uuid:agent_id>/skills/standardize")
-class AgentSkillStandardizeByAgentApi(Resource):
-    @console_ns.doc("standardize_agent_skill_by_agent")
-    @console_ns.doc(description="Validate + standardize a Skill into an Agent App drive")
-    @console_ns.doc(params={"agent_id": "Agent ID"})
-    @console_ns.response(
-        201,
-        "Skill standardized into drive",
-        console_ns.models[AgentSkillStandardizeResponse.__name__],
-    )
-    @console_ns.response(400, "Invalid skill package or no bound agent")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    @with_current_tenant_id
-    def post(self, tenant_id: str, current_user: Account, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _standardize_skill_for_app(current_user=current_user, app_model=app_model)
+        upload_file = FileService(db.engine).upload_file(
+            filename=upload.filename or "skill.zip",
+            content=content,
+            mimetype=upload.mimetype or "application/zip",
+            user=current_user,
+        )
+        skill_ref = manifest.to_skill_ref(file_id=upload_file.id)
+        return {"skill": skill_ref.model_dump(exclude_none=True), "manifest": manifest.model_dump()}, 201


@console_ns.route("/apps/<uuid:app_id>/agent/skills/standardize")
 class AgentSkillStandardizeApi(Resource):
    @console_ns.doc("standardize_agent_skill")
    @console_ns.doc(description="Validate + standardize a Skill into the agent drive (ENG-594)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveMutationQuery)})
-    @console_ns.response(
-        201,
-        "Skill standardized into drive",
-        console_ns.models[AgentSkillStandardizeResponse.__name__],
-    )
+    @console_ns.doc(params={"app_id": "Application ID"})
+    @console_ns.response(201, "Skill standardized into drive")
    @console_ns.response(400, "Invalid skill package or no bound agent")
    @setup_required
    @login_required
    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_user
    def post(self, current_user: Account, app_model: App):
        """Upload a Skill, validate it, and standardize it into the app agent's drive."""
-        return _standardize_skill_for_app(current_user=current_user, app_model=app_model)
+        agent_id = app_model.bound_agent_id
+        if not agent_id:
+            return {"code": "no_bound_agent", "message": "app has no bound agent"}, 400
+        if "file" not in request.files:
+            return {"code": "no_file", "message": "no skill file uploaded"}, 400
+        if len(request.files) > 1:
+            return {"code": "too_many_files", "message": "only one skill file is allowed"}, 400

-
-@console_ns.route("/agent/<uuid:agent_id>/files")
-class AgentDriveFilesByAgentApi(Resource):
-    @console_ns.doc("commit_agent_drive_file_by_agent")
-    @console_ns.doc(description="Commit an uploaded file into the Agent App drive under files/<name>")
-    @console_ns.doc(params={"agent_id": "Agent ID"})
-    @console_ns.expect(console_ns.models[AgentDriveFilePayload.__name__])
-    @console_ns.response(
-        201, "File committed into the agent drive", console_ns.models[AgentDriveFileCommitResponse.__name__]
-    )
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    @with_current_tenant_id
-    def post(self, tenant_id: str, current_user: Account, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _commit_drive_file_for_app(current_user=current_user, app_model=app_model, allow_node_id=False)
-
-    @console_ns.doc("delete_agent_drive_file_by_agent")
-    @console_ns.doc(description="Delete one Agent App drive file by key")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentDriveDeleteFileByAgentQuery)})
-    @console_ns.response(200, "File removed", console_ns.models[AgentDriveDeleteResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    @with_current_tenant_id
-    def delete(self, tenant_id: str, current_user: Account, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _delete_drive_file_for_app(current_user=current_user, app_model=app_model, allow_node_id=False)
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/files")
-class AgentDriveFilesApi(Resource):
-    @console_ns.doc("commit_agent_drive_file")
-    @console_ns.doc(description="Commit an uploaded file into the agent drive under files/<name> (ENG-625 D3)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveMutationQuery)})
-    @console_ns.expect(console_ns.models[AgentDriveFilePayload.__name__])
-    @console_ns.response(
-        201, "File committed into the agent drive", console_ns.models[AgentDriveFileCommitResponse.__name__]
-    )
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
-    @with_current_user
-    def post(self, current_user: Account, app_model: App):
-        """ADD FILE: commit one uploaded file into the bound agent's drive."""
-        return _commit_drive_file_for_app(current_user=current_user, app_model=app_model)
-
-    @console_ns.doc("delete_agent_drive_file")
-    @console_ns.doc(description="Delete one drive file by key; soul ref first, then the KV row (ENG-625 D5)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveDeleteFileQuery)})
-    @console_ns.response(200, "File removed", console_ns.models[AgentDriveDeleteResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
-    @with_current_user
-    def delete(self, current_user: Account, app_model: App):
-        return _delete_drive_file_for_app(current_user=current_user, app_model=app_model)
-
-
-@console_ns.route("/agent/<uuid:agent_id>/skills/<string:slug>")
-class AgentSkillByAgentApi(Resource):
-    @console_ns.doc("delete_agent_skill_by_agent")
-    @console_ns.doc(description="Delete a standardized skill from an Agent App drive")
-    @console_ns.doc(params={"agent_id": "Agent ID", "slug": "Skill slug (single path segment)"})
-    @console_ns.response(200, "Skill removed", console_ns.models[AgentDriveDeleteResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    @with_current_tenant_id
-    def delete(self, tenant_id: str, current_user: Account, agent_id: UUID, slug: str):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _delete_skill_for_app(current_user=current_user, app_model=app_model, slug=slug, allow_node_id=False)
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/skills/<string:slug>")
-class AgentSkillApi(Resource):
-    @console_ns.doc("delete_agent_skill")
-    @console_ns.doc(
-        description="Delete a standardized skill: soul ref first, then the <slug>/ drive prefix (ENG-625 D5)"
-    )
-    @console_ns.doc(
-        params={
-            "app_id": "Application ID",
-            "slug": "Skill slug (single path segment)",
-            **query_params_from_model(AgentDriveMutationQuery),
-        }
-    )
-    @console_ns.response(200, "Skill removed", console_ns.models[AgentDriveDeleteResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
-    @with_current_user
-    def delete(self, current_user: Account, app_model: App, slug: str):
-        return _delete_skill_for_app(current_user=current_user, app_model=app_model, slug=slug)
-
-
-@console_ns.route("/agent/<uuid:agent_id>/skills/<string:slug>/infer-tools")
-class AgentSkillInferToolsByAgentApi(Resource):
-    @console_ns.doc("infer_agent_skill_tools_by_agent")
-    @console_ns.doc(description="Infer CLI tool + ENV suggestions from a standardized Agent App skill")
-    @console_ns.doc(params={"agent_id": "Agent ID", "slug": "Skill slug (single path segment)"})
-    @console_ns.response(
-        200,
-        "Inference result (draft suggestions, nothing persisted)",
-        console_ns.models[SkillToolInferenceResult.__name__],
-    )
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def post(self, tenant_id: str, agent_id: UUID, slug: str):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        return _infer_skill_tools_for_app(app_model=app_model, slug=slug)
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/skills/<string:slug>/infer-tools")
-class AgentSkillInferToolsApi(Resource):
-    @console_ns.doc("infer_agent_skill_tools")
-    @console_ns.doc(
-        description="Infer CLI tool + ENV suggestions from a standardized skill's SKILL.md (draft only, ENG-371)"
-    )
-    @console_ns.doc(
-        params={
-            "app_id": "Application ID",
-            "slug": "Skill slug (single path segment)",
-            **query_params_from_model(AgentDriveMutationQuery),
-        }
-    )
-    @console_ns.response(
-        200,
-        "Inference result (draft suggestions, nothing persisted)",
-        console_ns.models[SkillToolInferenceResult.__name__],
-    )
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_AGENT_DRIVE_APP_MODES)
-    def post(self, app_model: App, slug: str):
-        """Suggest CLI tools/env for a skill. Saving still goes through composer validation."""
-        return _infer_skill_tools_for_app(app_model=app_model, slug=slug)
+        upload = request.files["file"]
+        content = upload.stream.read()
+        try:
+            result = SkillStandardizeService().standardize(
+                content=content,
+                filename=upload.filename or "",
+                tenant_id=app_model.tenant_id,
+                user_id=current_user.id,
+                agent_id=agent_id,
+            )
+        except (SkillPackageError, AgentDriveError) as exc:
+            return {"code": exc.code, "message": exc.message}, exc.status_code
+        return result, 201
--- a/api/controllers/console/app/agent_app_access.py
+++ b/api/controllers/console/app/agent_app_access.py
@ -5,18 +5,17 @@ reference. This exposes the read-only "Workflow access" surface from the PRD:
 which workflow apps use this Agent, without leaking the workflows' internals.
 """

-from uuid import UUID
-
 from flask_restx import Resource
 from pydantic import Field

 from controllers.common.schema import register_response_schema_models
 from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
+from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required, with_current_tenant_id
 from extensions.ext_database import db
 from fields.base import ResponseModel
 from libs.login import login_required
+from models.model import App, AppMode
 from services.agent.roster_service import AgentRosterService


@ -35,23 +34,23 @@ class AgentReferencingWorkflowsResponse(ResponseModel):
 register_response_schema_models(console_ns, AgentReferencingWorkflowsResponse)


-@console_ns.route("/agent/<uuid:agent_id>/referencing-workflows")
+@console_ns.route("/apps/<uuid:app_id>/agent-referencing-workflows")
 class AgentAppReferencingWorkflowsResource(Resource):
    @console_ns.doc("list_agent_app_referencing_workflows")
    @console_ns.doc(description="List workflow apps that reference this Agent App's bound Agent (read-only)")
-    @console_ns.doc(params={"agent_id": "Agent ID"})
+    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.response(
        200,
        "Referencing workflows listed successfully",
        console_ns.models[AgentReferencingWorkflowsResponse.__name__],
    )
-    @console_ns.response(404, "Agent not found")
+    @console_ns.response(404, "App not found")
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
+    def get(self, tenant_id: str, app_model: App):
        workflows = AgentRosterService(db.session).list_workflows_referencing_app_agent(
            tenant_id=tenant_id, app_id=app_model.id
        )
--- a/api/controllers/console/app/agent_app_feature.py
+++ b/api/controllers/console/app/agent_app_feature.py
@ -9,20 +9,17 @@ persists them onto the app's ``app_model_config`` without touching anything the
 Soul owns.
 """

-from uuid import UUID
-
 from flask_restx import Resource
 from pydantic import BaseModel, Field

 from controllers.common.fields import SimpleResultResponse
 from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
+from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
    account_initialization_required,
    edit_permission_required,
    setup_required,
-    with_current_tenant_id,
    with_current_user,
 )
 from events.app_event import app_model_config_was_updated
@ -35,6 +32,7 @@ from models.agent_config_entities import (
    AgentSuggestedQuestionsAfterAnswerFeatureConfig,
    AgentTextToSpeechFeatureConfig,
 )
+from models.model import App, AppMode
 from services.agent_app_feature_service import AgentAppFeatureConfigService


@ -66,23 +64,22 @@ register_schema_models(console_ns, AgentAppFeaturesPayload)
 register_response_schema_models(console_ns, SimpleResultResponse)


-@console_ns.route("/agent/<uuid:agent_id>/features")
+@console_ns.route("/apps/<uuid:app_id>/agent-features")
 class AgentAppFeatureConfigResource(Resource):
    @console_ns.doc("update_agent_app_features")
    @console_ns.doc(description="Update an Agent App's presentation features (opener, follow-up, citations, ...)")
-    @console_ns.doc(params={"agent_id": "Agent ID"})
+    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[AgentAppFeaturesPayload.__name__])
    @console_ns.response(200, "Features updated successfully", console_ns.models[SimpleResultResponse.__name__])
    @console_ns.response(400, "Invalid configuration")
-    @console_ns.response(404, "Agent not found")
+    @console_ns.response(404, "App not found")
    @setup_required
    @login_required
    @edit_permission_required
    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
    @with_current_user
-    @with_current_tenant_id
-    def post(self, tenant_id: str, current_user: Account, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
+    def post(self, current_user: Account, app_model: App):
        args = AgentAppFeaturesPayload.model_validate(console_ns.payload or {})

        new_app_model_config = AgentAppFeatureConfigService.update_features(
--- a/api/controllers/console/app/agent_app_sandbox.py
+++ b/api/controllers/console/app/agent_app_sandbox.py
@ -1,307 +0,0 @@
-"""Console routes for Agent App and workflow Agent sandbox file access.
-
-The API keeps product-facing locators (conversation or workflow node identity)
-on this public boundary and proxies list/read/upload to the agent backend's new
-``/sandbox`` contract.
-"""
-
-from __future__ import annotations
-
-from typing import Literal
-from uuid import UUID
-
-from dify_agent.client import DifyAgentClientError, DifyAgentHTTPError, DifyAgentTimeoutError
-from flask import request
-from flask_restx import Resource
-from pydantic import BaseModel, Field
-
-from controllers.common.schema import (
-    query_params_from_model,
-    query_params_from_request,
-    register_response_schema_models,
-    register_schema_models,
-)
-from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
-from controllers.console.app.wraps import get_app_model
-from controllers.console.wraps import account_initialization_required, setup_required, with_current_tenant_id
-from fields.base import ResponseModel
-from libs.login import login_required
-from models.model import App, AppMode
-from services.agent_app_sandbox_service import (
-    AgentAppSandboxService,
-    AgentSandboxInspectorError,
-    WorkflowAgentSandboxService,
-)
-
-_NODE_EXECUTION_ID_DESCRIPTION = (
-    "Optional workflow node execution ID. When omitted, the latest active session for the node is used."
-)
-
-
-class AgentSandboxListQuery(BaseModel):
-    conversation_id: str = Field(min_length=1, description="Agent App conversation ID")
-    path: str = Field(default=".", description="Directory path relative to the sandbox workspace")
-
-
-class AgentSandboxFileQuery(BaseModel):
-    conversation_id: str = Field(min_length=1, description="Agent App conversation ID")
-    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
-
-
-class AgentSandboxUploadPayload(BaseModel):
-    conversation_id: str = Field(min_length=1, description="Agent App conversation ID")
-    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
-
-
-class WorkflowAgentSandboxListQuery(BaseModel):
-    path: str = Field(default=".", description="Directory path relative to the sandbox workspace")
-    node_execution_id: str | None = Field(
-        default=None,
-        description=_NODE_EXECUTION_ID_DESCRIPTION,
-    )
-
-
-class WorkflowAgentSandboxFileQuery(BaseModel):
-    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
-    node_execution_id: str | None = Field(
-        default=None,
-        description=_NODE_EXECUTION_ID_DESCRIPTION,
-    )
-
-
-class WorkflowAgentSandboxUploadPayload(BaseModel):
-    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
-    node_execution_id: str | None = Field(
-        default=None,
-        description=_NODE_EXECUTION_ID_DESCRIPTION,
-    )
-
-
-class SandboxFileEntryResponse(ResponseModel):
-    name: str
-    type: Literal["file", "dir", "symlink", "other"]
-    size: int | None = None
-    mtime: int | None = None
-
-
-class SandboxListResponse(ResponseModel):
-    path: str
-    entries: list[SandboxFileEntryResponse] = Field(default_factory=list)
-    truncated: bool = False
-
-
-class SandboxReadResponse(ResponseModel):
-    path: str
-    size: int | None = None
-    truncated: bool
-    binary: bool
-    text: str | None = None
-
-
-class SandboxToolFileResponse(ResponseModel):
-    transfer_method: Literal["tool_file"] = "tool_file"
-    reference: str
-
-
-class SandboxUploadResponse(ResponseModel):
-    path: str
-    file: SandboxToolFileResponse
-
-
-register_schema_models(
-    console_ns,
-    AgentSandboxUploadPayload,
-    WorkflowAgentSandboxUploadPayload,
-)
-register_response_schema_models(console_ns, SandboxListResponse, SandboxReadResponse, SandboxUploadResponse)
-
-
-def _handle(exc: Exception) -> tuple[dict[str, object], int]:
-    if isinstance(exc, AgentSandboxInspectorError):
-        return {"code": exc.code, "message": exc.message}, exc.status_code
-    if isinstance(exc, DifyAgentHTTPError):
-        detail = exc.detail
-        if isinstance(detail, dict):
-            return {
-                "code": detail.get("code", "agent_backend_error"),
-                "message": detail.get("message", str(exc)),
-            }, exc.status_code
-        return {"code": "agent_backend_error", "message": str(detail)}, exc.status_code
-    if isinstance(exc, DifyAgentTimeoutError | DifyAgentClientError):
-        return {"code": "agent_backend_unreachable", "message": str(exc)}, 502
-    raise exc
-
-
-@console_ns.route("/agent/<uuid:agent_id>/sandbox/files")
-class AgentAppSandboxListResource(Resource):
-    @console_ns.doc("list_agent_app_sandbox_files")
-    @console_ns.doc(description="List a directory in an Agent App conversation sandbox")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentSandboxListQuery)})
-    @console_ns.response(200, "Listing returned", console_ns.models[SandboxListResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        query = query_params_from_request(AgentSandboxListQuery)
-        try:
-            result = AgentAppSandboxService().list_files(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                conversation_id=query.conversation_id,
-                path=query.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
-
-
-@console_ns.route("/agent/<uuid:agent_id>/sandbox/files/read")
-class AgentAppSandboxReadResource(Resource):
-    @console_ns.doc("read_agent_app_sandbox_file")
-    @console_ns.doc(description="Read a text/binary preview file in an Agent App conversation sandbox")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentSandboxFileQuery)})
-    @console_ns.response(200, "Preview returned", console_ns.models[SandboxReadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        query = query_params_from_request(AgentSandboxFileQuery)
-        try:
-            result = AgentAppSandboxService().read_file(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                conversation_id=query.conversation_id,
-                path=query.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
-
-
-@console_ns.route("/agent/<uuid:agent_id>/sandbox/files/upload")
-class AgentAppSandboxUploadResource(Resource):
-    @console_ns.doc("upload_agent_app_sandbox_file")
-    @console_ns.doc(description="Upload one Agent App sandbox file as a Dify ToolFile mapping")
-    @console_ns.expect(console_ns.models[AgentSandboxUploadPayload.__name__])
-    @console_ns.response(200, "Uploaded", console_ns.models[SandboxUploadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def post(self, tenant_id: str, agent_id: UUID):
-        app_model = resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        payload = AgentSandboxUploadPayload.model_validate(request.get_json(silent=True) or {})
-        try:
-            result = AgentAppSandboxService().upload_file(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                conversation_id=payload.conversation_id,
-                path=payload.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
-
-
-@console_ns.route("/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/sandbox/files")
-class WorkflowAgentSandboxListResource(Resource):
-    @console_ns.doc("list_workflow_agent_sandbox_files")
-    @console_ns.doc(description="List a directory in a workflow Agent node sandbox")
-    @console_ns.doc(
-        params={
-            "app_id": "Application ID",
-            "workflow_run_id": "Workflow run ID",
-            "node_id": "Workflow Agent node ID",
-            **query_params_from_model(WorkflowAgentSandboxListQuery),
-        }
-    )
-    @console_ns.response(200, "Listing returned", console_ns.models[SandboxListResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
-    @with_current_tenant_id
-    def get(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
-        query = query_params_from_request(WorkflowAgentSandboxListQuery)
-        try:
-            result = WorkflowAgentSandboxService().list_files(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                workflow_run_id=str(workflow_run_id),
-                node_id=node_id,
-                node_execution_id=query.node_execution_id,
-                path=query.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
-
-
-@console_ns.route(
-    "/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/sandbox/files/read"
-)
-class WorkflowAgentSandboxReadResource(Resource):
-    @console_ns.doc("read_workflow_agent_sandbox_file")
-    @console_ns.doc(description="Read a text/binary preview file in a workflow Agent node sandbox")
-    @console_ns.doc(
-        params={
-            "app_id": "Application ID",
-            "workflow_run_id": "Workflow run ID",
-            "node_id": "Workflow Agent node ID",
-            **query_params_from_model(WorkflowAgentSandboxFileQuery),
-        }
-    )
-    @console_ns.response(200, "Preview returned", console_ns.models[SandboxReadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
-    @with_current_tenant_id
-    def get(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
-        query = query_params_from_request(WorkflowAgentSandboxFileQuery)
-        try:
-            result = WorkflowAgentSandboxService().read_file(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                workflow_run_id=str(workflow_run_id),
-                node_id=node_id,
-                node_execution_id=query.node_execution_id,
-                path=query.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
-
-
-@console_ns.route(
-    "/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/sandbox/files/upload"
-)
-class WorkflowAgentSandboxUploadResource(Resource):
-    @console_ns.doc("upload_workflow_agent_sandbox_file")
-    @console_ns.doc(description="Upload one workflow Agent sandbox file as a Dify ToolFile mapping")
-    @console_ns.expect(console_ns.models[WorkflowAgentSandboxUploadPayload.__name__])
-    @console_ns.response(200, "Uploaded", console_ns.models[SandboxUploadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
-    @with_current_tenant_id
-    def post(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
-        payload = WorkflowAgentSandboxUploadPayload.model_validate(request.get_json(silent=True) or {})
-        try:
-            result = WorkflowAgentSandboxService().upload_file(
-                tenant_id=tenant_id,
-                app_id=app_model.id,
-                workflow_run_id=str(workflow_run_id),
-                node_id=node_id,
-                node_execution_id=payload.node_execution_id,
-                path=payload.path,
-            )
-        except Exception as exc:
-            return _handle(exc)
-        return result.model_dump()
--- a/api/controllers/console/app/agent_app_workspace.py
+++ b/api/controllers/console/app/agent_app_workspace.py
@ -0,0 +1,319 @@
+"""Agent App sandbox file-system inspector (read-only).
+
+Exposes the PRD "rc1-like sandbox file system, downloadable not editable" view
+for an Agent App conversation: list a directory, preview a file, or download a
+file from the conversation's shell-layer workspace. The API never touches
+shellctl directly — it resolves the conversation's sandbox ``session_id`` from
+the stored session snapshot and proxies to the agent backend's read-only
+workspace endpoints.
+"""
+
+from typing import Literal
+from uuid import UUID
+
+from flask import Response
+from flask_restx import Resource, fields
+from pydantic import BaseModel, Field
+
+from clients.agent_backend.errors import AgentBackendHTTPError, AgentBackendTransportError
+from clients.agent_backend.workspace_files_client import WorkspaceDownloadResult
+from controllers.common.schema import (
+    query_params_from_model,
+    query_params_from_request,
+    register_response_schema_models,
+)
+from controllers.console import console_ns
+from controllers.console.app.wraps import get_app_model
+from controllers.console.wraps import account_initialization_required, setup_required, with_current_tenant_id
+from fields.base import ResponseModel
+from libs.login import login_required
+from models.model import App, AppMode
+from services.agent_app_workspace_service import (
+    AgentAppWorkspaceService,
+    AgentWorkspaceInspectorError,
+    WorkflowAgentWorkspaceService,
+)
+
+
+class _WorkspaceFileDownloadField(fields.Raw):
+    __schema_type__ = "string"
+    __schema_format__ = "binary"
+
+
+class AgentWorkspaceListQuery(BaseModel):
+    conversation_id: str = Field(min_length=1, description="Agent App conversation ID")
+    path: str = Field(default=".", description="Directory path relative to the sandbox workspace")
+
+
+class AgentWorkspaceFileQuery(BaseModel):
+    conversation_id: str = Field(min_length=1, description="Agent App conversation ID")
+    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
+
+
+class WorkflowAgentWorkspaceListQuery(BaseModel):
+    path: str = Field(default=".", description="Directory path relative to the sandbox workspace")
+    node_execution_id: str | None = Field(
+        default=None,
+        description=(
+            "Optional workflow node execution ID. When omitted, the latest active session for the node is used."
+        ),
+    )
+
+
+class WorkflowAgentWorkspaceFileQuery(BaseModel):
+    path: str = Field(min_length=1, description="File path relative to the sandbox workspace")
+    node_execution_id: str | None = Field(
+        default=None,
+        description=(
+            "Optional workflow node execution ID. When omitted, the latest active session for the node is used."
+        ),
+    )
+
+
+class WorkspaceFileEntryResponse(ResponseModel):
+    name: str
+    type: Literal["file", "dir", "symlink"]
+    size: int
+    mtime: int
+
+
+class WorkspaceListResponse(ResponseModel):
+    path: str
+    entries: list[WorkspaceFileEntryResponse] = Field(default_factory=list)
+    truncated: bool = False
+
+
+class WorkspacePreviewResponse(ResponseModel):
+    path: str
+    size: int
+    truncated: bool
+    binary: bool
+    text: str | None = None
+
+
+register_response_schema_models(console_ns, WorkspaceListResponse)
+register_response_schema_models(console_ns, WorkspacePreviewResponse)
+
+
+def _handle(exc: Exception) -> tuple[dict[str, object], int]:
+    if isinstance(exc, AgentWorkspaceInspectorError):
+        return {"code": exc.code, "message": exc.message}, exc.status_code
+    if isinstance(exc, AgentBackendHTTPError):
+        detail = exc.detail
+        if isinstance(detail, dict):
+            return {
+                "code": detail.get("code", "agent_backend_error"),
+                "message": detail.get("message", str(exc)),
+            }, exc.status_code
+        return {"code": "agent_backend_error", "message": str(detail)}, exc.status_code
+    if isinstance(exc, AgentBackendTransportError):
+        return {"code": "agent_backend_unreachable", "message": str(exc)}, 502
+    raise exc
+
+
+def _download_response(result: WorkspaceDownloadResult) -> Response | tuple[dict[str, object], int]:
+    if result.truncated:
+        return {
+            "code": "workspace_file_too_large",
+            "message": (
+                "file exceeds the workspace download limit; use preview for partial text or download a smaller file"
+            ),
+            "size": result.size,
+        }, 413
+    filename = result.path.rsplit("/", 1)[-1] or "download"
+    return Response(
+        result.content,
+        mimetype="application/octet-stream",
+        headers={
+            "Content-Disposition": f'attachment; filename="{filename}"',
+            "Content-Length": str(len(result.content)),
+            "X-Workspace-File-Size": str(result.size),
+        },
+    )
+
+
+@console_ns.route("/apps/<uuid:app_id>/agent-workspace/files")
+class AgentAppWorkspaceListResource(Resource):
+    @console_ns.doc("list_agent_app_workspace_files")
+    @console_ns.doc(description="List a directory in an Agent App conversation's sandbox workspace (read-only)")
+    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentWorkspaceListQuery)})
+    @console_ns.response(200, "Listing returned", console_ns.models[WorkspaceListResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App):
+        query = query_params_from_request(AgentWorkspaceListQuery)
+        try:
+            result = AgentAppWorkspaceService().list_files(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                conversation_id=query.conversation_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return result.model_dump()
+
+
+@console_ns.route("/apps/<uuid:app_id>/agent-workspace/files/preview")
+class AgentAppWorkspacePreviewResource(Resource):
+    @console_ns.doc("preview_agent_app_workspace_file")
+    @console_ns.doc(description="Preview a text/binary file in an Agent App conversation's sandbox workspace")
+    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentWorkspaceFileQuery)})
+    @console_ns.response(200, "Preview returned", console_ns.models[WorkspacePreviewResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App):
+        query = query_params_from_request(AgentWorkspaceFileQuery)
+        try:
+            result = AgentAppWorkspaceService().preview(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                conversation_id=query.conversation_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return result.model_dump()
+
+
+@console_ns.route("/apps/<uuid:app_id>/agent-workspace/files/download")
+class AgentAppWorkspaceDownloadResource(Resource):
+    @console_ns.doc("download_agent_app_workspace_file")
+    @console_ns.doc(description="Download a file from an Agent App conversation's sandbox workspace (read-only)")
+    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentWorkspaceFileQuery)})
+    @console_ns.doc(produces=["application/octet-stream"])
+    @console_ns.response(200, "File bytes", _WorkspaceFileDownloadField)
+    @console_ns.response(413, "File exceeds the workspace download limit")
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.AGENT])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App):
+        query = query_params_from_request(AgentWorkspaceFileQuery)
+        try:
+            result = AgentAppWorkspaceService().download(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                conversation_id=query.conversation_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return _download_response(result)
+
+
+@console_ns.route(
+    "/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/workspace/files"
+)
+class WorkflowAgentWorkspaceListResource(Resource):
+    @console_ns.doc("list_workflow_agent_workspace_files")
+    @console_ns.doc(description="List a directory in a Workflow Agent node's sandbox workspace (read-only)")
+    @console_ns.doc(
+        params={
+            "app_id": "Application ID",
+            "workflow_run_id": "Workflow run ID",
+            "node_id": "Workflow Agent node ID",
+            **query_params_from_model(WorkflowAgentWorkspaceListQuery),
+        }
+    )
+    @console_ns.response(200, "Listing returned", console_ns.models[WorkspaceListResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
+        query = query_params_from_request(WorkflowAgentWorkspaceListQuery)
+        try:
+            result = WorkflowAgentWorkspaceService().list_files(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                workflow_run_id=str(workflow_run_id),
+                node_id=node_id,
+                node_execution_id=query.node_execution_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return result.model_dump()
+
+
+@console_ns.route(
+    "/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/workspace/files/preview"
+)
+class WorkflowAgentWorkspacePreviewResource(Resource):
+    @console_ns.doc("preview_workflow_agent_workspace_file")
+    @console_ns.doc(description="Preview a text/binary file in a Workflow Agent node's sandbox workspace")
+    @console_ns.doc(
+        params={
+            "app_id": "Application ID",
+            "workflow_run_id": "Workflow run ID",
+            "node_id": "Workflow Agent node ID",
+            **query_params_from_model(WorkflowAgentWorkspaceFileQuery),
+        }
+    )
+    @console_ns.response(200, "Preview returned", console_ns.models[WorkspacePreviewResponse.__name__])
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
+        query = query_params_from_request(WorkflowAgentWorkspaceFileQuery)
+        try:
+            result = WorkflowAgentWorkspaceService().preview(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                workflow_run_id=str(workflow_run_id),
+                node_id=node_id,
+                node_execution_id=query.node_execution_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return result.model_dump()
+
+
+@console_ns.route(
+    "/apps/<uuid:app_id>/workflow-runs/<uuid:workflow_run_id>/agent-nodes/<string:node_id>/workspace/files/download"
+)
+class WorkflowAgentWorkspaceDownloadResource(Resource):
+    @console_ns.doc("download_workflow_agent_workspace_file")
+    @console_ns.doc(description="Download a file from a Workflow Agent node's sandbox workspace (read-only)")
+    @console_ns.doc(
+        params={
+            "app_id": "Application ID",
+            "workflow_run_id": "Workflow run ID",
+            "node_id": "Workflow Agent node ID",
+            **query_params_from_model(WorkflowAgentWorkspaceFileQuery),
+        }
+    )
+    @console_ns.doc(produces=["application/octet-stream"])
+    @console_ns.response(200, "File bytes", _WorkspaceFileDownloadField)
+    @console_ns.response(413, "File exceeds the workspace download limit")
+    @setup_required
+    @login_required
+    @account_initialization_required
+    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
+    @with_current_tenant_id
+    def get(self, tenant_id: str, app_model: App, workflow_run_id: UUID, node_id: str):
+        query = query_params_from_request(WorkflowAgentWorkspaceFileQuery)
+        try:
+            result = WorkflowAgentWorkspaceService().download(
+                tenant_id=tenant_id,
+                app_id=app_model.id,
+                workflow_run_id=str(workflow_run_id),
+                node_id=node_id,
+                node_execution_id=query.node_execution_id,
+                path=query.path,
+            )
+        except Exception as exc:  # normalized to an HTTP response below
+            return _handle(exc)
+        return _download_response(result)
--- a/api/controllers/console/app/agent_drive_inspector.py
+++ b/api/controllers/console/app/agent_drive_inspector.py
@ -1,235 +0,0 @@
-"""Console read-only inspector for the agent drive (ENG-624).
-
-``agent-drive`` looks at the *static* drive assets (standardized skills and
-committed files); the sibling ``agent-sandbox`` routes look at a *runtime*
-sandbox workspace. Unlike the sandbox routes this never proxies to the agent
-backend — drive data lives in the API's own DB/storage, served straight from
-``AgentDriveService``. Download hands the browser an **external** signed URL
-(the inner manifest hands agents internal ones — the two must never mix).
-"""
-
-from __future__ import annotations
-
-from uuid import UUID
-
-from flask_restx import Resource
-from pydantic import BaseModel, Field
-
-from controllers.common.schema import (
-    query_params_from_model,
-    query_params_from_request,
-    register_response_schema_models,
-)
-from controllers.console import console_ns
-from controllers.console.agent.app_helpers import resolve_agent_app_model
-from controllers.console.app.wraps import get_app_model
-from controllers.console.wraps import account_initialization_required, setup_required, with_current_tenant_id
-from fields.base import ResponseModel
-from libs.login import login_required
-from models.model import App, AppMode
-from services.agent.composer_service import AgentComposerService
-from services.agent_drive_service import AgentDriveError, AgentDriveService
-
-
-class AgentDriveListQuery(BaseModel):
-    prefix: str = Field(default="", description="Key prefix filter: '<slug>/' for one skill, 'files/' for files")
-    node_id: str | None = Field(default=None, description="Workflow node ID (workflow composer variant)")
-
-
-class AgentDriveListByAgentQuery(BaseModel):
-    prefix: str = Field(default="", description="Key prefix filter: '<slug>/' for one skill, 'files/' for files")
-
-
-class AgentDriveFileQuery(BaseModel):
-    key: str = Field(min_length=1, description="Drive key, e.g. tender-analyzer/SKILL.md")
-    node_id: str | None = Field(default=None, description="Workflow node ID (workflow composer variant)")
-
-
-class AgentDriveFileByAgentQuery(BaseModel):
-    key: str = Field(min_length=1, description="Drive key, e.g. tender-analyzer/SKILL.md")
-
-
-class AgentDriveItemResponse(ResponseModel):
-    key: str
-    size: int | None = None
-    mime_type: str | None = None
-    hash: str | None = None
-    file_kind: str
-    created_at: int | None = None
-
-
-class AgentDriveListResponse(ResponseModel):
-    items: list[AgentDriveItemResponse] = Field(default_factory=list)
-
-
-class AgentDrivePreviewResponse(ResponseModel):
-    key: str
-    size: int | None = None
-    truncated: bool
-    binary: bool
-    text: str | None = None
-
-
-class AgentDriveDownloadResponse(ResponseModel):
-    url: str
-
-
-register_response_schema_models(
-    console_ns, AgentDriveListResponse, AgentDrivePreviewResponse, AgentDriveDownloadResponse
-)
-
-
-def _resolve_agent_id(app_model: App, node_id: str | None) -> str | None:
-    """Agent identity for the drive: app-bound agent, or the workflow node binding."""
-    if node_id:
-        return AgentComposerService.resolve_workflow_node_agent_id(
-            tenant_id=app_model.tenant_id, app_id=app_model.id, node_id=node_id
-        )
-    return app_model.bound_agent_id
-
-
-def _agent_not_bound() -> tuple[dict[str, object], int]:
-    return {"code": "agent_not_bound", "message": "no agent is bound for this app/node"}, 400
-
-
-def _handle(exc: AgentDriveError) -> tuple[dict[str, object], int]:
-    return {"code": exc.code, "message": exc.message}, exc.status_code
-
-
-_WORKFLOW_APP_MODES = [AppMode.WORKFLOW, AppMode.ADVANCED_CHAT]
-
-
-@console_ns.route("/agent/<uuid:agent_id>/drive/files")
-class AgentDriveListByAgentApi(Resource):
-    @console_ns.doc("list_agent_drive_files_by_agent")
-    @console_ns.doc(description="List agent drive entries for an Agent App")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentDriveListByAgentQuery)})
-    @console_ns.response(200, "Drive entries", console_ns.models[AgentDriveListResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        query = query_params_from_request(AgentDriveListByAgentQuery)
-        resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        try:
-            items = AgentDriveService().manifest(tenant_id=tenant_id, agent_id=str(agent_id), prefix=query.prefix)
-        except AgentDriveError as exc:
-            return _handle(exc)
-        return {"items": [{k: v for k, v in item.items() if k != "file_id"} for item in items]}
-
-
-@console_ns.route("/agent/<uuid:agent_id>/drive/files/preview")
-class AgentDrivePreviewByAgentApi(Resource):
-    @console_ns.doc("preview_agent_drive_file_by_agent")
-    @console_ns.doc(description="Truncated text preview of one Agent App drive value")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentDriveFileByAgentQuery)})
-    @console_ns.response(200, "Preview", console_ns.models[AgentDrivePreviewResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        query = query_params_from_request(AgentDriveFileByAgentQuery)
-        resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        try:
-            return AgentDriveService().preview(tenant_id=tenant_id, agent_id=str(agent_id), key=query.key)
-        except AgentDriveError as exc:
-            return _handle(exc)
-
-
-@console_ns.route("/agent/<uuid:agent_id>/drive/files/download")
-class AgentDriveDownloadByAgentApi(Resource):
-    @console_ns.doc("download_agent_drive_file_by_agent")
-    @console_ns.doc(description="Time-limited external signed URL for one Agent App drive value")
-    @console_ns.doc(params={"agent_id": "Agent ID", **query_params_from_model(AgentDriveFileByAgentQuery)})
-    @console_ns.response(200, "Signed URL", console_ns.models[AgentDriveDownloadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @with_current_tenant_id
-    def get(self, tenant_id: str, agent_id: UUID):
-        query = query_params_from_request(AgentDriveFileByAgentQuery)
-        resolve_agent_app_model(tenant_id=tenant_id, agent_id=agent_id)
-        try:
-            url = AgentDriveService().download_url(tenant_id=tenant_id, agent_id=str(agent_id), key=query.key)
-        except AgentDriveError as exc:
-            return _handle(exc)
-        return {"url": url}
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/drive/files")
-class AgentDriveListApi(Resource):
-    @console_ns.doc("list_agent_drive_files")
-    @console_ns.doc(description="List agent drive entries (read-only inspector; one endpoint for both tabs)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveListQuery)})
-    @console_ns.response(200, "Drive entries", console_ns.models[AgentDriveListResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_APP_MODES)
-    def get(self, app_model: App):
-        query = query_params_from_request(AgentDriveListQuery)
-        agent_id = _resolve_agent_id(app_model, query.node_id)
-        if not agent_id:
-            return _agent_not_bound()
-        try:
-            items = AgentDriveService().manifest(tenant_id=app_model.tenant_id, agent_id=agent_id, prefix=query.prefix)
-        except AgentDriveError as exc:
-            return _handle(exc)
-        # the inner manifest exposes file_id for agent-side pulls; the console
-        # inspector is a pure read surface and does not need value pointers
-        return {"items": [{k: v for k, v in item.items() if k != "file_id"} for item in items]}
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/drive/files/preview")
-class AgentDrivePreviewApi(Resource):
-    @console_ns.doc("preview_agent_drive_file")
-    @console_ns.doc(description="Truncated text preview of one drive value (binary-safe; SKILL.md is the main case)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveFileQuery)})
-    @console_ns.response(200, "Preview", console_ns.models[AgentDrivePreviewResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_APP_MODES)
-    def get(self, app_model: App):
-        query = query_params_from_request(AgentDriveFileQuery)
-        agent_id = _resolve_agent_id(app_model, query.node_id)
-        if not agent_id:
-            return _agent_not_bound()
-        try:
-            return AgentDriveService().preview(tenant_id=app_model.tenant_id, agent_id=agent_id, key=query.key)
-        except AgentDriveError as exc:
-            return _handle(exc)
-
-
-@console_ns.route("/apps/<uuid:app_id>/agent/drive/files/download")
-class AgentDriveDownloadApi(Resource):
-    @console_ns.doc("download_agent_drive_file")
-    @console_ns.doc(description="Time-limited external signed URL for one drive value (no streaming proxy)")
-    @console_ns.doc(params={"app_id": "Application ID", **query_params_from_model(AgentDriveFileQuery)})
-    @console_ns.response(200, "Signed URL", console_ns.models[AgentDriveDownloadResponse.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @get_app_model(mode=_WORKFLOW_APP_MODES)
-    def get(self, app_model: App):
-        query = query_params_from_request(AgentDriveFileQuery)
-        agent_id = _resolve_agent_id(app_model, query.node_id)
-        if not agent_id:
-            return _agent_not_bound()
-        try:
-            url = AgentDriveService().download_url(tenant_id=app_model.tenant_id, agent_id=agent_id, key=query.key)
-        except AgentDriveError as exc:
-            return _handle(exc)
-        return {"url": url}
-
-
-__all__ = [
-    "AgentDriveDownloadApi",
-    "AgentDriveDownloadByAgentApi",
-    "AgentDriveListApi",
-    "AgentDriveListByAgentApi",
-    "AgentDrivePreviewApi",
-    "AgentDrivePreviewByAgentApi",
-]
--- a/api/controllers/console/app/annotation.py
+++ b/api/controllers/console/app/annotation.py
@ -6,7 +6,7 @@ from flask_restx import Resource
 from pydantic import BaseModel, Field, TypeAdapter, field_validator

 from controllers.common.errors import NoFileUploadedError, TooManyFilesError
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.wraps import (
    account_initialization_required,
@ -24,7 +24,6 @@ from fields.annotation_fields import (
    AnnotationHitHistoryList,
    AnnotationList,
 )
-from fields.base import ResponseModel
 from libs.helper import uuid_value
 from libs.login import login_required
 from services.annotation_service import (
@ -57,10 +56,7 @@ class CreateAnnotationPayload(BaseModel):
    question: str | None = Field(default=None, description="Question text")
    answer: str | None = Field(default=None, description="Answer text")
    content: str | None = Field(default=None, description="Content text")
-    annotation_reply: dict[str, Any] | None = Field(
-        default=None,
-        description="Annotation reply data",
-    )
+    annotation_reply: dict[str, Any] | None = Field(default=None, description="Annotation reply data")

    @field_validator("message_id")
    @classmethod
@ -74,18 +70,13 @@ class UpdateAnnotationPayload(BaseModel):
    question: str | None = None
    answer: str | None = None
    content: str | None = None
-    annotation_reply: dict[str, Any] | None = Field(default=None)
+    annotation_reply: dict[str, Any] | None = None


 class AnnotationReplyStatusQuery(BaseModel):
    action: Literal["enable", "disable"]


-class AnnotationHitHistoryListQuery(BaseModel):
-    page: int = Field(default=1, ge=1, description="Page number")
-    limit: int = Field(default=20, ge=1, description="Page size")
-
-
 class AnnotationFilePayload(BaseModel):
    message_id: str = Field(..., description="Message ID")

@ -95,25 +86,6 @@ class AnnotationFilePayload(BaseModel):
        return uuid_value(value)


-class AnnotationJobStatusResponse(ResponseModel):
-    job_id: str | None = None
-    job_status: str | None = None
-    error_msg: str | None = None
-    record_count: int | None = None
-
-
-class AnnotationEmbeddingModelResponse(ResponseModel):
-    embedding_provider_name: str | None = None
-    embedding_model_name: str | None = None
-
-
-class AnnotationSettingResponse(ResponseModel):
-    id: str | None = None
-    enabled: bool
-    score_threshold: float | None = None
-    embedding_model: AnnotationEmbeddingModelResponse | None = None
-
-
 register_schema_models(
    console_ns,
    Annotation,
@ -127,19 +99,8 @@ register_schema_models(
    CreateAnnotationPayload,
    UpdateAnnotationPayload,
    AnnotationReplyStatusQuery,
-    AnnotationHitHistoryListQuery,
    AnnotationFilePayload,
 )
-register_response_schema_models(
-    console_ns,
-    Annotation,
-    AnnotationList,
-    AnnotationExportList,
-    AnnotationHitHistory,
-    AnnotationHitHistoryList,
-    AnnotationJobStatusResponse,
-    AnnotationSettingResponse,
-)


@console_ns.route("/apps/<uuid:app_id>/annotation-reply/<string:action>")
@ -148,7 +109,7 @@ class AnnotationReplyActionApi(Resource):
    @console_ns.doc(description="Enable or disable annotation reply for an app")
    @console_ns.doc(params={"app_id": "Application ID", "action": "Action to perform (enable/disable)"})
    @console_ns.expect(console_ns.models[AnnotationReplyPayload.__name__])
-    @console_ns.response(200, "Action completed successfully", console_ns.models[AnnotationJobStatusResponse.__name__])
+    @console_ns.response(200, "Action completed successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -175,11 +136,7 @@ class AppAnnotationSettingDetailApi(Resource):
    @console_ns.doc("get_annotation_setting")
    @console_ns.doc(description="Get annotation settings for an app")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Annotation settings retrieved successfully",
-        console_ns.models[AnnotationSettingResponse.__name__],
-    )
+    @console_ns.response(200, "Annotation settings retrieved successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -196,7 +153,7 @@ class AppAnnotationSettingUpdateApi(Resource):
    @console_ns.doc(description="Update annotation settings for an app")
    @console_ns.doc(params={"app_id": "Application ID", "annotation_setting_id": "Annotation setting ID"})
    @console_ns.expect(console_ns.models[AnnotationSettingUpdatePayload.__name__])
-    @console_ns.response(200, "Settings updated successfully", console_ns.models[AnnotationSettingResponse.__name__])
+    @console_ns.response(200, "Settings updated successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -219,11 +176,7 @@ class AnnotationReplyActionStatusApi(Resource):
    @console_ns.doc("get_annotation_reply_action_status")
    @console_ns.doc(description="Get status of annotation reply action job")
    @console_ns.doc(params={"app_id": "Application ID", "job_id": "Job ID", "action": "Action type"})
-    @console_ns.response(
-        200,
-        "Job status retrieved successfully",
-        console_ns.models[AnnotationJobStatusResponse.__name__],
-    )
+    @console_ns.response(200, "Job status retrieved successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -251,8 +204,8 @@ class AnnotationApi(Resource):
    @console_ns.doc("list_annotations")
    @console_ns.doc(description="Get annotations for an app with pagination")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(AnnotationListQuery))
-    @console_ns.response(200, "Annotations retrieved successfully", console_ns.models[AnnotationList.__name__])
+    @console_ns.expect(console_ns.models[AnnotationListQuery.__name__])
+    @console_ns.response(200, "Annotations retrieved successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -304,7 +257,6 @@ class AnnotationApi(Resource):
    @login_required
    @account_initialization_required
    @edit_permission_required
-    @console_ns.response(204, "Annotations deleted successfully")
    def delete(self, app_id: UUID):

        # Use request.args.getlist to get annotation_ids array directly
@ -383,7 +335,6 @@ class AnnotationUpdateDeleteApi(Resource):
    @login_required
    @account_initialization_required
    @edit_permission_required
-    @console_ns.response(204, "Annotation deleted successfully")
    def delete(self, app_id: UUID, annotation_id: UUID):
        AppAnnotationService.delete_app_annotation(str(app_id), str(annotation_id))
        return "", 204
@ -394,11 +345,7 @@ class AnnotationBatchImportApi(Resource):
    @console_ns.doc("batch_import_annotations")
    @console_ns.doc(description="Batch import annotations from CSV file with rate limiting and security checks")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Batch import started successfully",
-        console_ns.models[AnnotationJobStatusResponse.__name__],
-    )
+    @console_ns.response(200, "Batch import started successfully")
    @console_ns.response(403, "Insufficient permissions")
    @console_ns.response(400, "No file uploaded or too many files")
    @console_ns.response(413, "File too large")
@ -451,11 +398,7 @@ class AnnotationBatchImportStatusApi(Resource):
    @console_ns.doc("get_batch_import_status")
    @console_ns.doc(description="Get status of batch import job")
    @console_ns.doc(params={"app_id": "Application ID", "job_id": "Job ID"})
-    @console_ns.response(
-        200,
-        "Job status retrieved successfully",
-        console_ns.models[AnnotationJobStatusResponse.__name__],
-    )
+    @console_ns.response(200, "Job status retrieved successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -481,7 +424,11 @@ class AnnotationHitHistoryListApi(Resource):
    @console_ns.doc("list_annotation_hit_histories")
    @console_ns.doc(description="Get hit histories for an annotation")
    @console_ns.doc(params={"app_id": "Application ID", "annotation_id": "Annotation ID"})
-    @console_ns.doc(params=query_params_from_model(AnnotationHitHistoryListQuery))
+    @console_ns.expect(
+        console_ns.parser()
+        .add_argument("page", type=int, location="args", default=1, help="Page number")
+        .add_argument("limit", type=int, location="args", default=20, help="Page size")
+    )
    @console_ns.response(
        200,
        "Hit histories retrieved successfully",
--- a/api/controllers/console/app/app.py
+++ b/api/controllers/console/app/app.py
@ -1,7 +1,6 @@
 import logging
 import re
 import uuid
-from collections.abc import Sequence
 from datetime import datetime
 from typing import Any, Literal, cast

@ -15,12 +14,7 @@ from werkzeug.exceptions import BadRequest

 from controllers.common.fields import RedirectUrlResponse, SimpleResultResponse
 from controllers.common.helpers import FileInfo
-from controllers.common.schema import (
-    query_params_from_model,
-    register_enum_models,
-    register_response_schema_models,
-    register_schema_models,
-)
+from controllers.common.schema import register_enum_models, register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model, with_session
 from controllers.console.workspace.models import LoadBalancingPayload
@ -42,12 +36,12 @@ from core.trigger.constants import TRIGGER_NODE_TYPES
 from extensions.ext_database import db
 from fields.base import ResponseModel
 from graphon.enums import WorkflowExecutionStatus
-from libs.helper import build_icon_url, dump_response, to_timestamp
+from libs.helper import build_icon_url, to_timestamp
 from libs.login import login_required
 from models import Account, App, DatasetPermissionEnum, Workflow
 from models.model import IconType
 from services.app_dsl_service import AppDslService
-from services.app_service import AppListParams, AppListSortBy, AppService, CreateAppParams, StarredAppListParams
+from services.app_service import AppListParams, AppService, CreateAppParams
 from services.enterprise.enterprise_service import EnterpriseService
 from services.entities.dsl_entities import ImportMode, ImportStatus
 from services.entities.knowledge_entities.knowledge_entities import (
@ -64,7 +58,7 @@ from services.entities.knowledge_entities.knowledge_entities import (
 )
 from services.feature_service import FeatureService

-ALLOW_CREATE_APP_MODES = ["chat", "agent-chat", "advanced-chat", "workflow", "completion"]
+ALLOW_CREATE_APP_MODES = ["chat", "agent-chat", "agent", "advanced-chat", "workflow", "completion"]

 register_enum_models(console_ns, IconType)

@ -74,14 +68,10 @@ _CREATOR_IDS_BRACKET_PATTERN = re.compile(r"^creator_ids\[(\d+)\]$")
 AppListMode = Literal["completion", "chat", "advanced-chat", "workflow", "agent-chat", "agent", "channel", "all"]


-class AppListBaseQuery(BaseModel):
+class AppListQuery(BaseModel):
    page: int = Field(default=1, ge=1, le=99999, description="Page number (1-99999)")
    limit: int = Field(default=20, ge=1, le=100, description="Page size (1-100)")
    mode: AppListMode = Field(default=cast(AppListMode, "all"), description="App mode filter")
-    sort_by: AppListSortBy = Field(
-        default="last_modified",
-        description="Sort apps by last modified, recently created, or earliest created",
-    )
    name: str | None = Field(default=None, description="Filter by app name")
    tag_ids: list[str] | None = Field(default=None, description="Filter by tag IDs")
    creator_ids: list[str] | None = Field(default=None, description="Filter by creator account IDs")
@ -124,14 +114,6 @@ class AppListBaseQuery(BaseModel):
            raise ValueError("Invalid UUID format in creator_ids.") from exc


-class AppListQuery(AppListBaseQuery):
-    pass
-
-
-class StarredAppListQuery(AppListBaseQuery):
-    pass
-
-
 def _normalize_app_list_query_args(query_args: MultiDict[str, str]) -> dict[str, str | list[str]]:
    normalized: dict[str, str | list[str]] = {}
    indexed_tag_ids: list[tuple[int, str]] = []
@ -163,7 +145,9 @@ def _normalize_app_list_query_args(query_args: MultiDict[str, str]) -> dict[str,
 class CreateAppPayload(BaseModel):
    name: str = Field(..., min_length=1, description="App name")
    description: str | None = Field(default=None, description="App description (max 400 chars)", max_length=400)
-    mode: Literal["chat", "agent-chat", "advanced-chat", "workflow", "completion"] = Field(..., description="App mode")
+    mode: Literal["chat", "agent-chat", "agent", "advanced-chat", "workflow", "completion"] = Field(
+        ..., description="App mode"
+    )
    icon_type: IconType | None = Field(default=None, description="Icon type")
    icon: str | None = Field(default=None, description="Icon")
    icon_background: str | None = Field(default=None, description="Icon background color")
@ -222,11 +206,6 @@ class AppTracePayload(BaseModel):
        return value


-class AppTraceResponse(ResponseModel):
-    enabled: bool
-    tracing_provider: str | None = None
-
-
 type JSONValue = Any


@ -398,9 +377,6 @@ class AppPartial(ResponseModel):
    create_user_name: str | None = None
    author_name: str | None = None
    has_draft_trigger: bool | None = None
-    # For Agent App type: the roster Agent backing this app (None otherwise).
-    bound_agent_id: str | None = None
-    is_starred: bool = False

    @computed_field(return_type=str | None)  # type: ignore
    @property
@ -470,54 +446,12 @@ class AppExportResponse(ResponseModel):
    data: str


-def _enrich_app_list_items(session: Session, *, apps: Sequence[App], tenant_id: str) -> None:
-    if FeatureService.get_system_features().webapp_auth.enabled:
-        app_ids = [str(app.id) for app in apps]
-        res = EnterpriseService.WebAppAuth.batch_get_app_access_mode_by_id(app_ids=app_ids)
-        if len(res) != len(app_ids):
-            raise BadRequest("Invalid app id in webapp auth")
-
-        for app in apps:
-            if str(app.id) in res:
-                app.access_mode = res[str(app.id)].access_mode
-
-    workflow_capable_app_ids = [str(app.id) for app in apps if app.mode in {"workflow", "advanced-chat"}]
-    draft_trigger_app_ids: set[str] = set()
-    if workflow_capable_app_ids:
-        draft_workflows = (
-            session.execute(
-                select(Workflow).where(
-                    Workflow.version == Workflow.VERSION_DRAFT,
-                    Workflow.app_id.in_(workflow_capable_app_ids),
-                    Workflow.tenant_id == tenant_id,
-                )
-            )
-            .scalars()
-            .all()
-        )
-        trigger_node_types = TRIGGER_NODE_TYPES
-        for workflow in draft_workflows:
-            node_id = None
-            try:
-                for node_id, node_data in workflow.walk_nodes():
-                    if node_data.get("type") in trigger_node_types:
-                        draft_trigger_app_ids.add(str(workflow.app_id))
-                        break
-            except Exception:
-                _logger.exception("error while walking nodes, workflow_id=%s, node_id=%s", workflow.id, node_id)
-                continue
-
-    for app in apps:
-        app.has_draft_trigger = str(app.id) in draft_trigger_app_ids
-
-
 register_enum_models(console_ns, RetrievalMethod, WorkflowExecutionStatus, DatasetPermissionEnum)
-register_response_schema_models(console_ns, AppTraceResponse, RedirectUrlResponse, SimpleResultResponse)
+register_response_schema_models(console_ns, RedirectUrlResponse, SimpleResultResponse)

 register_schema_models(
    console_ns,
    AppListQuery,
-    StarredAppListQuery,
    CreateAppPayload,
    UpdateAppPayload,
    CopyAppPayload,
@ -561,7 +495,7 @@ register_schema_models(
 class AppListApi(Resource):
    @console_ns.doc("list_apps")
    @console_ns.doc(description="Get list of applications with pagination and filtering")
-    @console_ns.doc(params=query_params_from_model(AppListQuery))
+    @console_ns.expect(console_ns.models[AppListQuery.__name__])
    @console_ns.response(200, "Success", console_ns.models[AppPagination.__name__])
    @setup_required
    @login_required
@ -577,7 +511,6 @@ class AppListApi(Resource):
            page=args.page,
            limit=args.limit,
            mode=args.mode,
-            sort_by=args.sort_by,
            name=args.name,
            tag_ids=args.tag_ids,
            creator_ids=args.creator_ids,
@ -591,7 +524,46 @@ class AppListApi(Resource):
            empty = AppPagination(page=args.page, limit=args.limit, total=0, has_more=False, data=[])
            return empty.model_dump(mode="json"), 200

-        _enrich_app_list_items(session, apps=app_pagination.items, tenant_id=current_tenant_id)
+        if FeatureService.get_system_features().webapp_auth.enabled:
+            app_ids = [str(app.id) for app in app_pagination.items]
+            res = EnterpriseService.WebAppAuth.batch_get_app_access_mode_by_id(app_ids=app_ids)
+            if len(res) != len(app_ids):
+                raise BadRequest("Invalid app id in webapp auth")
+
+            for app in app_pagination.items:
+                if str(app.id) in res:
+                    app.access_mode = res[str(app.id)].access_mode
+
+        workflow_capable_app_ids = [
+            str(app.id) for app in app_pagination.items if app.mode in {"workflow", "advanced-chat"}
+        ]
+        draft_trigger_app_ids: set[str] = set()
+        if workflow_capable_app_ids:
+            draft_workflows = (
+                session.execute(
+                    select(Workflow).where(
+                        Workflow.version == Workflow.VERSION_DRAFT,
+                        Workflow.app_id.in_(workflow_capable_app_ids),
+                        Workflow.tenant_id == current_tenant_id,
+                    )
+                )
+                .scalars()
+                .all()
+            )
+            trigger_node_types = TRIGGER_NODE_TYPES
+            for workflow in draft_workflows:
+                node_id = None
+                try:
+                    for node_id, node_data in workflow.walk_nodes():
+                        if node_data.get("type") in trigger_node_types:
+                            draft_trigger_app_ids.add(str(workflow.app_id))
+                            break
+                except Exception:
+                    _logger.exception("error while walking nodes, workflow_id=%s, node_id=%s", workflow.id, node_id)
+                    continue
+
+        for app in app_pagination.items:
+            app.has_draft_trigger = str(app.id) in draft_trigger_app_ids

        pagination_model = AppPagination.model_validate(app_pagination, from_attributes=True)
        return pagination_model.model_dump(mode="json"), 200
@ -599,7 +571,7 @@ class AppListApi(Resource):
    @console_ns.doc("create_app")
    @console_ns.doc(description="Create a new application")
    @console_ns.expect(console_ns.models[CreateAppPayload.__name__])
-    @console_ns.response(201, "App created successfully", console_ns.models[AppDetailWithSite.__name__])
+    @console_ns.response(201, "App created successfully", console_ns.models[AppDetail.__name__])
    @console_ns.response(403, "Insufficient permissions")
    @console_ns.response(400, "Invalid request parameters")
    @setup_required
@ -623,82 +595,10 @@ class AppListApi(Resource):

        app_service = AppService()
        app = app_service.create_app(current_tenant_id, params, current_user)
-        app_detail = AppDetailWithSite.model_validate(app, from_attributes=True)
+        app_detail = AppDetail.model_validate(app, from_attributes=True)
        return app_detail.model_dump(mode="json"), 201


-@console_ns.route("/apps/starred")
-class StarredAppListApi(Resource):
-    @console_ns.doc("list_starred_apps")
-    @console_ns.doc(description="Get applications starred by the current account")
-    @console_ns.doc(params=query_params_from_model(StarredAppListQuery))
-    @console_ns.response(200, "Success", console_ns.models[AppPagination.__name__])
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @enterprise_license_required
-    @with_session(write=False)
-    @with_current_user_id
-    @with_current_tenant_id
-    def get(self, current_tenant_id: str, current_user_id: str, session: Session):
-        args = StarredAppListQuery.model_validate(_normalize_app_list_query_args(request.args))
-        params = StarredAppListParams(
-            page=args.page,
-            limit=args.limit,
-            mode=args.mode,
-            sort_by=args.sort_by,
-            name=args.name,
-            tag_ids=args.tag_ids,
-            creator_ids=args.creator_ids,
-            is_created_by_me=args.is_created_by_me,
-        )
-
-        app_pagination = AppService().get_paginate_starred_apps(current_user_id, current_tenant_id, params)
-        if not app_pagination:
-            empty = AppPagination(page=args.page, limit=args.limit, total=0, has_more=False, data=[])
-            return empty.model_dump(mode="json"), 200
-
-        _enrich_app_list_items(session, apps=app_pagination.items, tenant_id=current_tenant_id)
-
-        pagination_model = AppPagination.model_validate(app_pagination, from_attributes=True)
-        return pagination_model.model_dump(mode="json"), 200
-
-
-@console_ns.route("/apps/<uuid:app_id>/star")
-class AppStarApi(Resource):
-    @console_ns.doc("star_app")
-    @console_ns.doc(description="Star an application for the current account")
-    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
-    @console_ns.response(404, "App not found")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @enterprise_license_required
-    @with_current_user_id
-    @with_session
-    @get_app_model(mode=None)
-    def post(self, session: Session, current_user_id: str, app_model: App):
-        AppService.star_app(session, app=app_model, account_id=current_user_id)
-        return dump_response(SimpleResultResponse, {"result": "success"})
-
-    @console_ns.doc("unstar_app")
-    @console_ns.doc(description="Remove the current account's star from an application")
-    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
-    @console_ns.response(404, "App not found")
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @enterprise_license_required
-    @with_current_user_id
-    @with_session
-    @get_app_model(mode=None)
-    def delete(self, session: Session, current_user_id: str, app_model: App):
-        AppService.unstar_app(session, app=app_model, account_id=current_user_id)
-        return dump_response(SimpleResultResponse, {"result": "success"})
-
-
@console_ns.route("/apps/<uuid:app_id>")
 class AppApi(Resource):
    @console_ns.doc("get_app_detail")
@ -718,7 +618,7 @@ class AppApi(Resource):

        if FeatureService.get_system_features().webapp_auth.enabled:
            app_setting = EnterpriseService.WebAppAuth.get_app_access_mode_by_id(app_id=str(app_model.id))
-            app_model.access_mode = app_setting.access_mode
+            app_model.access_mode = app_setting.access_mode  # type: ignore[attr-defined]

        response_model = AppDetailWithSite.model_validate(app_model, from_attributes=True)
        return response_model.model_dump(mode="json")
@ -837,7 +737,7 @@ class AppExportApi(Resource):
    @console_ns.doc("export_app")
    @console_ns.doc(description="Export application configuration as DSL")
    @console_ns.doc(params={"app_id": "Application ID to export"})
-    @console_ns.doc(params=query_params_from_model(AppExportQuery))
+    @console_ns.expect(console_ns.models[AppExportQuery.__name__])
    @console_ns.response(200, "App exported successfully", console_ns.models[AppExportResponse.__name__])
    @console_ns.response(403, "Insufficient permissions")
    @get_app_model
@ -912,7 +812,7 @@ class AppIconApi(Resource):
    @console_ns.doc(description="Update application icon")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[AppIconPayload.__name__])
-    @console_ns.response(200, "Icon updated successfully", console_ns.models[AppDetail.__name__])
+    @console_ns.response(200, "Icon updated successfully")
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
    @login_required
@ -982,11 +882,7 @@ class AppTraceApi(Resource):
    @console_ns.doc("get_app_trace")
    @console_ns.doc(description="Get app tracing configuration")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Trace configuration retrieved successfully",
-        console_ns.models[AppTraceResponse.__name__],
-    )
+    @console_ns.response(200, "Trace configuration retrieved successfully")
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/app/audio.py
+++ b/api/controllers/console/app/audio.py
@ -1,14 +1,12 @@
 import logging
-from typing import Any

 from flask import request
-from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel
+from flask_restx import Resource, fields
+from pydantic import BaseModel, Field
 from werkzeug.exceptions import InternalServerError

 import services
-from controllers.common.fields import AudioBinaryResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    AppUnavailableError,
@ -53,12 +51,7 @@ class AudioTranscriptResponse(BaseModel):
    text: str = Field(description="Transcribed text from audio")


-class TextToSpeechVoiceListResponse(RootModel[list[dict[str, Any]]]):
-    root: list[dict[str, Any]]
-
-
 register_schema_models(console_ns, AudioTranscriptResponse, TextToSpeechPayload, TextToSpeechVoiceQuery)
-register_response_schema_models(console_ns, AudioBinaryResponse, TextToSpeechVoiceListResponse)


@console_ns.route("/apps/<uuid:app_id>/audio-to-text")
@ -120,11 +113,7 @@ class ChatMessageTextApi(Resource):
    @console_ns.doc(description="Convert text to speech for chat messages")
    @console_ns.doc(params={"app_id": "App ID"})
    @console_ns.expect(console_ns.models[TextToSpeechPayload.__name__])
-    @console_ns.response(
-        200,
-        "Text to speech conversion successful",
-        console_ns.models[AudioBinaryResponse.__name__],
-    )
+    @console_ns.response(200, "Text to speech conversion successful")
    @console_ns.response(400, "Bad request - Invalid parameters")
    @get_app_model
    @setup_required
@ -173,11 +162,9 @@ class TextModesApi(Resource):
    @console_ns.doc("get_text_to_speech_voices")
    @console_ns.doc(description="Get available TTS voices for a specific language")
    @console_ns.doc(params={"app_id": "App ID"})
-    @console_ns.doc(params=query_params_from_model(TextToSpeechVoiceQuery))
+    @console_ns.expect(console_ns.models[TextToSpeechVoiceQuery.__name__])
    @console_ns.response(
-        200,
-        "TTS voices retrieved successfully",
-        console_ns.models[TextToSpeechVoiceListResponse.__name__],
+        200, "TTS voices retrieved successfully", fields.List(fields.Raw(description="Available voices"))
    )
    @console_ns.response(400, "Invalid language parameter")
    @get_app_model
--- a/api/controllers/console/app/completion.py
+++ b/api/controllers/console/app/completion.py
@ -7,7 +7,7 @@ from pydantic import BaseModel, Field, field_validator
 from werkzeug.exceptions import BadRequest, InternalServerError, NotFound

 import services
-from controllers.common.fields import GeneratedAppResponse, SimpleResultResponse
+from controllers.common.fields import SimpleResultResponse
 from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
@ -64,14 +64,8 @@ class BaseMessagePayload(BaseModel):
    # Soul, so no override ``model_config`` is sent; chat / agent-chat / completion
    # debugging still pass it. Optional here, required in practice by those modes
    # downstream when their config is built from args.
-    model_config_data: dict[str, Any] = Field(
-        default_factory=dict,
-        alias="model_config",
-    )
-    files: list[Any] | None = Field(
-        default=None,
-        description="Uploaded files",
-    )
+    model_config_data: dict[str, Any] = Field(default_factory=dict, alias="model_config")
+    files: list[Any] | None = Field(default=None, description="Uploaded files")
    response_mode: Literal["blocking", "streaming"] = Field(default="blocking", description="Response mode")
    retriever_from: str = Field(default="dev", description="Retriever source")

@ -94,7 +88,7 @@ class ChatMessagePayload(BaseMessagePayload):


 register_schema_models(console_ns, CompletionMessagePayload, ChatMessagePayload)
-register_response_schema_models(console_ns, GeneratedAppResponse, SimpleResultResponse)
+register_response_schema_models(console_ns, SimpleResultResponse)


 # define completion message api for user
@ -104,7 +98,7 @@ class CompletionMessageApi(Resource):
    @console_ns.doc(description="Generate completion message for debugging")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[CompletionMessagePayload.__name__])
-    @console_ns.response(200, "Completion generated successfully", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.response(200, "Completion generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(404, "App not found")
    @setup_required
@ -176,7 +170,7 @@ class ChatMessageApi(Resource):
    @console_ns.doc(description="Generate chat message for debugging")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[ChatMessagePayload.__name__])
-    @console_ns.response(200, "Chat message generated successfully", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.response(200, "Chat message generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(404, "App or conversation not found")
    @setup_required
--- a/api/controllers/console/app/conversation.py
+++ b/api/controllers/console/app/conversation.py
@ -9,7 +9,7 @@ from sqlalchemy import func, or_
 from sqlalchemy.orm import selectinload
 from werkzeug.exceptions import NotFound

-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
@ -91,7 +91,7 @@ class CompletionConversationApi(Resource):
    @console_ns.doc("list_completion_conversations")
    @console_ns.doc(description="Get completion conversations with pagination and filtering")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(CompletionConversationQuery))
+    @console_ns.expect(console_ns.models[CompletionConversationQuery.__name__])
    @console_ns.response(200, "Success", console_ns.models[ConversationPaginationResponse.__name__])
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
@ -206,7 +206,7 @@ class ChatConversationApi(Resource):
    @console_ns.doc("list_chat_conversations")
    @console_ns.doc(description="Get chat conversations with pagination, filtering and summary")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(ChatConversationQuery))
+    @console_ns.expect(console_ns.models[ChatConversationQuery.__name__])
    @console_ns.response(200, "Success", console_ns.models[ConversationWithSummaryPaginationResponse.__name__])
    @console_ns.response(403, "Insufficient permissions")
    @setup_required
--- a/api/controllers/console/app/conversation_variables.py
+++ b/api/controllers/console/app/conversation_variables.py
@ -9,7 +9,7 @@ from pydantic import BaseModel, Field, field_validator
 from sqlalchemy import select
 from sqlalchemy.orm import sessionmaker

-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
@ -84,7 +84,7 @@ class ConversationVariablesApi(Resource):
    @console_ns.doc("get_conversation_variables")
    @console_ns.doc(description="Get conversation variables for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(ConversationVariablesQuery))
+    @console_ns.expect(console_ns.models[ConversationVariablesQuery.__name__])
    @console_ns.response(
        200,
        "Conversation variables retrieved successfully",
--- a/api/controllers/console/app/generator.py
+++ b/api/controllers/console/app/generator.py
@ -1,12 +1,11 @@
 from collections.abc import Sequence
-from typing import Any, Literal
+from typing import Literal

 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel
+from pydantic import BaseModel, Field
 from sqlalchemy.orm import Session

-from controllers.common.fields import SimpleDataResponse
-from controllers.common.schema import register_enum_models, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_enum_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    CompletionRequestError,
@ -37,11 +36,7 @@ class InstructionGeneratePayload(BaseModel):
    current: str = Field(default="", description="Current instruction text")
    language: str = Field(default="javascript", description="Programming language (javascript/python)")
    instruction: str = Field(..., description="Instruction for generation")
-    model_config_data: ModelConfig = Field(
-        ...,
-        alias="model_config",
-        description="Model configuration",
-    )
+    model_config_data: ModelConfig = Field(..., alias="model_config", description="Model configuration")
    ideal_output: str = Field(default="", description="Expected ideal output")


@ -49,13 +44,6 @@ class InstructionTemplatePayload(BaseModel):
    type: str = Field(..., description="Instruction template type")


-# Upper bound for the generator's free-text inputs. Generous for prose (a
-# detailed instruction rarely passes 2k chars) while keeping the
-# planner+builder prompts well inside every mainstream context window.
-# Mirrored by the ``maxLength`` on the frontend generator textarea.
-_MAX_INSTRUCTION_LENGTH = 10_000
-
-
 class WorkflowGeneratePayload(BaseModel):
    """Payload for the cmd+k `/create` and `/refine` workflow generator endpoint.

@ -67,21 +55,13 @@ class WorkflowGeneratePayload(BaseModel):
    mode: Literal["workflow", "advanced-chat"] = Field(..., description="Target app mode for the generated graph")
    instruction: str = Field(..., description="Natural-language workflow description")
    ideal_output: str = Field(default="", description="Optional sample output for grounding")
-    model_config_data: ModelConfig = Field(
-        ...,
-        alias="model_config",
-        description="Model configuration",
-    )
+    model_config_data: ModelConfig = Field(..., alias="model_config", description="Model configuration")
    current_graph: dict | None = Field(
        default=None,
        description="Existing draft graph to refine (cmd+k `/refine`); omit for create-from-scratch",
    )


-class GeneratorResponse(RootModel[Any]):
-    root: Any
-
-
 register_enum_models(console_ns, LLMMode)
 register_schema_models(
    console_ns,
@ -93,7 +73,6 @@ register_schema_models(
    WorkflowGeneratePayload,
    ModelConfig,
 )
-register_response_schema_models(console_ns, GeneratorResponse, SimpleDataResponse)


@console_ns.route("/rule-generate")
@ -101,11 +80,7 @@ class RuleGenerateApi(Resource):
    @console_ns.doc("generate_rule_config")
    @console_ns.doc(description="Generate rule configuration using LLM")
    @console_ns.expect(console_ns.models[RuleGeneratePayload.__name__])
-    @console_ns.response(
-        200,
-        "Rule configuration generated successfully",
-        console_ns.models[GeneratorResponse.__name__],
-    )
+    @console_ns.response(200, "Rule configuration generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(402, "Provider quota exceeded")
    @setup_required
@ -134,7 +109,7 @@ class RuleCodeGenerateApi(Resource):
    @console_ns.doc("generate_rule_code")
    @console_ns.doc(description="Generate code rules using LLM")
    @console_ns.expect(console_ns.models[RuleCodeGeneratePayload.__name__])
-    @console_ns.response(200, "Code rules generated successfully", console_ns.models[GeneratorResponse.__name__])
+    @console_ns.response(200, "Code rules generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(402, "Provider quota exceeded")
    @setup_required
@ -166,7 +141,7 @@ class RuleStructuredOutputGenerateApi(Resource):
    @console_ns.doc("generate_structured_output")
    @console_ns.doc(description="Generate structured output rules using LLM")
    @console_ns.expect(console_ns.models[RuleStructuredOutputPayload.__name__])
-    @console_ns.response(200, "Structured output generated successfully", console_ns.models[GeneratorResponse.__name__])
+    @console_ns.response(200, "Structured output generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(402, "Provider quota exceeded")
    @setup_required
@ -198,7 +173,7 @@ class InstructionGenerateApi(Resource):
    @console_ns.doc("generate_instruction")
    @console_ns.doc(description="Generate instruction for workflow nodes or general use")
    @console_ns.expect(console_ns.models[InstructionGeneratePayload.__name__])
-    @console_ns.response(200, "Instruction generated successfully", console_ns.models[GeneratorResponse.__name__])
+    @console_ns.response(200, "Instruction generated successfully")
    @console_ns.response(400, "Invalid request parameters or flow/workflow not found")
    @console_ns.response(402, "Provider quota exceeded")
    @setup_required
@ -293,7 +268,7 @@ class InstructionGenerationTemplateApi(Resource):
    @console_ns.doc("get_instruction_template")
    @console_ns.doc(description="Get instruction generation template")
    @console_ns.expect(console_ns.models[InstructionTemplatePayload.__name__])
-    @console_ns.response(200, "Template retrieved successfully", console_ns.models[SimpleDataResponse.__name__])
+    @console_ns.response(200, "Template retrieved successfully")
    @console_ns.response(400, "Invalid request parameters")
    @setup_required
    @login_required
@ -325,7 +300,7 @@ class WorkflowGenerateApi(Resource):
    @console_ns.doc("generate_workflow_graph")
    @console_ns.doc(description="Generate a Dify workflow graph from natural language")
    @console_ns.expect(console_ns.models[WorkflowGeneratePayload.__name__])
-    @console_ns.response(200, "Workflow graph generated successfully", console_ns.models[GeneratorResponse.__name__])
+    @console_ns.response(200, "Workflow graph generated successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(402, "Provider quota exceeded")
    @setup_required
@ -345,22 +320,6 @@ class WorkflowGenerateApi(Resource):
                "errors": [{"code": "EMPTY_INSTRUCTION", "detail": "Instruction is required"}],
            }, 400

-        # Bound the prompt at the boundary too: an arbitrarily long
-        # instruction (or pasted document) blows the planner/builder context
-        # window and fails with an opaque provider error after two slow LLM
-        # calls. The cap matches the frontend textarea's maxLength.
-        if len(args.instruction) > _MAX_INSTRUCTION_LENGTH or len(args.ideal_output) > _MAX_INSTRUCTION_LENGTH:
-            return {
-                "error": "Instruction is too long",
-                "errors": [
-                    {
-                        "code": "INSTRUCTION_TOO_LONG",
-                        "detail": f"Instruction and ideal output must each be at most "
-                        f"{_MAX_INSTRUCTION_LENGTH} characters",
-                    }
-                ],
-            }, 400
-
        try:
            result = WorkflowGeneratorService.generate_workflow_graph(
                tenant_id=current_tenant_id,
--- a/api/controllers/console/app/mcp_server.py
+++ b/api/controllers/console/app/mcp_server.py
@ -27,19 +27,13 @@ from models.model import App, AppMCPServer

 class MCPServerCreatePayload(BaseModel):
    description: str | None = Field(default=None, description="Server description")
-    parameters: dict[str, Any] = Field(
-        ...,
-        description="Server parameters configuration",
-    )
+    parameters: dict[str, Any] = Field(..., description="Server parameters configuration")


 class MCPServerUpdatePayload(BaseModel):
    id: str = Field(..., description="Server ID")
    description: str | None = Field(default=None, description="Server description")
-    parameters: dict[str, Any] = Field(
-        ...,
-        description="Server parameters configuration",
-    )
+    parameters: dict[str, Any] = Field(..., description="Server parameters configuration")
    status: str | None = Field(default=None, description="Server status")


--- a/api/controllers/console/app/message.py
+++ b/api/controllers/console/app/message.py
@ -10,8 +10,8 @@ from sqlalchemy import exists, func, select
 from werkzeug.exceptions import InternalServerError, NotFound

 from controllers.common.controller_schemas import MessageFeedbackPayload as _MessageFeedbackPayloadBase
-from controllers.common.fields import SimpleResultResponse, TextFileResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.fields import SimpleResultResponse
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    CompletionRequestError,
@ -166,7 +166,7 @@ register_schema_models(
    MessageDetailResponse,
    MessageInfiniteScrollPaginationResponse,
 )
-register_response_schema_models(console_ns, SimpleResultResponse, TextFileResponse)
+register_response_schema_models(console_ns, SimpleResultResponse)


@console_ns.route("/apps/<uuid:app_id>/chat-messages")
@ -174,7 +174,7 @@ class ChatMessageListApi(Resource):
    @console_ns.doc("list_chat_messages")
    @console_ns.doc(description="Get chat messages for a conversation with pagination")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(ChatMessagesQuery))
+    @console_ns.expect(console_ns.models[ChatMessagesQuery.__name__])
    @console_ns.response(200, "Success", console_ns.models[MessageInfiniteScrollPaginationResponse.__name__])
    @console_ns.response(404, "Conversation not found")
    @login_required
@ -372,12 +372,8 @@ class MessageFeedbackExportApi(Resource):
    @console_ns.doc("export_feedbacks")
    @console_ns.doc(description="Export user feedback data for Google Sheets")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(FeedbackExportQuery))
-    @console_ns.response(
-        200,
-        "Feedback data exported successfully",
-        console_ns.models[TextFileResponse.__name__],
-    )
+    @console_ns.expect(console_ns.models[FeedbackExportQuery.__name__])
+    @console_ns.response(200, "Feedback data exported successfully")
    @console_ns.response(400, "Invalid parameters")
    @console_ns.response(500, "Internal server error")
    @get_app_model
--- a/api/controllers/console/app/model_config.py
+++ b/api/controllers/console/app/model_config.py
@ -5,8 +5,7 @@ from flask import request
 from flask_restx import Resource
 from pydantic import BaseModel, Field

-from controllers.common.fields import SimpleResultResponse
-from controllers.common.schema import register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
@ -30,44 +29,19 @@ from services.app_model_config_service import AppModelConfigService
 class ModelConfigRequest(BaseModel):
    provider: str | None = Field(default=None, description="Model provider")
    model: str | None = Field(default=None, description="Model name")
-    configs: dict[str, Any] | None = Field(
-        default=None,
-        description="Model configuration parameters",
-    )
+    configs: dict[str, Any] | None = Field(default=None, description="Model configuration parameters")
    opening_statement: str | None = Field(default=None, description="Opening statement")
    suggested_questions: list[str] | None = Field(default=None, description="Suggested questions")
-    more_like_this: dict[str, Any] | None = Field(
-        default=None,
-        description="More like this configuration",
-    )
-    speech_to_text: dict[str, Any] | None = Field(
-        default=None,
-        description="Speech to text configuration",
-    )
-    text_to_speech: dict[str, Any] | None = Field(
-        default=None,
-        description="Text to speech configuration",
-    )
-    retrieval_model: dict[str, Any] | None = Field(
-        default=None,
-        description="Retrieval model configuration",
-    )
-    tools: list[dict[str, Any]] | None = Field(
-        default=None,
-        description="Available tools",
-    )
-    dataset_configs: dict[str, Any] | None = Field(
-        default=None,
-        description="Dataset configurations",
-    )
-    agent_mode: dict[str, Any] | None = Field(
-        default=None,
-        description="Agent mode configuration",
-    )
+    more_like_this: dict[str, Any] | None = Field(default=None, description="More like this configuration")
+    speech_to_text: dict[str, Any] | None = Field(default=None, description="Speech to text configuration")
+    text_to_speech: dict[str, Any] | None = Field(default=None, description="Text to speech configuration")
+    retrieval_model: dict[str, Any] | None = Field(default=None, description="Retrieval model configuration")
+    tools: list[dict[str, Any]] | None = Field(default=None, description="Available tools")
+    dataset_configs: dict[str, Any] | None = Field(default=None, description="Dataset configurations")
+    agent_mode: dict[str, Any] | None = Field(default=None, description="Agent mode configuration")


 register_schema_models(console_ns, ModelConfigRequest)
-register_response_schema_models(console_ns, SimpleResultResponse)


@console_ns.route("/apps/<uuid:app_id>/model-config")
@ -76,11 +50,7 @@ class ModelConfigResource(Resource):
    @console_ns.doc(description="Update application model configuration")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[ModelConfigRequest.__name__])
-    @console_ns.response(
-        200,
-        "Model configuration updated successfully",
-        console_ns.models[SimpleResultResponse.__name__],
-    )
+    @console_ns.response(200, "Model configuration updated successfully")
    @console_ns.response(400, "Invalid configuration")
    @console_ns.response(404, "App not found")
    @setup_required
--- a/api/controllers/console/app/ops_trace.py
+++ b/api/controllers/console/app/ops_trace.py
@ -1,16 +1,15 @@
 from typing import Any

 from flask import request
-from flask_restx import Resource
+from flask_restx import Resource, fields
 from pydantic import BaseModel, Field
 from werkzeug.exceptions import BadRequest

-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import TracingConfigCheckError, TracingConfigIsExist, TracingConfigNotExist
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
-from fields.base import ResponseModel
 from libs.login import login_required
 from models import App
 from services.ops_service import OpsService
@ -22,27 +21,10 @@ class TraceProviderQuery(BaseModel):

 class TraceConfigPayload(BaseModel):
    tracing_provider: str = Field(..., description="Tracing provider name")
-    tracing_config: dict[str, Any] = Field(
-        ...,
-        description="Tracing configuration data",
-    )
-
-
-class TraceAppConfigResponse(ResponseModel):
-    result: str | None = None
-    error: str | None = None
-    has_not_configured: bool | None = None
-    id: str | None = None
-    app_id: str | None = None
-    tracing_provider: str | None = None
-    tracing_config: dict[str, Any] | None = Field(default=None)
-    is_active: bool | None = None
-    created_at: str | None = None
-    updated_at: str | None = None
+    tracing_config: dict[str, Any] = Field(..., description="Tracing configuration data")


 register_schema_models(console_ns, TraceProviderQuery, TraceConfigPayload)
-register_response_schema_models(console_ns, TraceAppConfigResponse)


@console_ns.route("/apps/<uuid:app_id>/trace-config")
@ -54,11 +36,9 @@ class TraceAppConfigApi(Resource):
    @console_ns.doc("get_trace_app_config")
    @console_ns.doc(description="Get tracing configuration for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(TraceProviderQuery))
+    @console_ns.expect(console_ns.models[TraceProviderQuery.__name__])
    @console_ns.response(
-        200,
-        "Tracing configuration retrieved successfully",
-        console_ns.models[TraceAppConfigResponse.__name__],
+        200, "Tracing configuration retrieved successfully", fields.Raw(description="Tracing configuration data")
    )
    @console_ns.response(400, "Invalid request parameters")
    @setup_required
@ -83,9 +63,7 @@ class TraceAppConfigApi(Resource):
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[TraceConfigPayload.__name__])
    @console_ns.response(
-        201,
-        "Tracing configuration created successfully",
-        console_ns.models[TraceAppConfigResponse.__name__],
+        201, "Tracing configuration created successfully", fields.Raw(description="Created configuration data")
    )
    @console_ns.response(400, "Invalid request parameters or configuration already exists")
    @setup_required
@ -112,11 +90,7 @@ class TraceAppConfigApi(Resource):
    @console_ns.doc(description="Update an existing tracing configuration for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[TraceConfigPayload.__name__])
-    @console_ns.response(
-        200,
-        "Tracing configuration updated successfully",
-        console_ns.models[TraceAppConfigResponse.__name__],
-    )
+    @console_ns.response(200, "Tracing configuration updated successfully", fields.Raw(description="Success response"))
    @console_ns.response(400, "Invalid request parameters or configuration not found")
    @setup_required
    @login_required
@ -139,7 +113,7 @@ class TraceAppConfigApi(Resource):
    @console_ns.doc("delete_trace_app_config")
    @console_ns.doc(description="Delete an existing tracing configuration for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(TraceProviderQuery))
+    @console_ns.expect(console_ns.models[TraceProviderQuery.__name__])
    @console_ns.response(204, "Tracing configuration deleted successfully")
    @console_ns.response(400, "Invalid request parameters or configuration not found")
    @setup_required
--- a/api/controllers/console/app/statistic.py
+++ b/api/controllers/console/app/statistic.py
@ -2,16 +2,15 @@ from decimal import Decimal

 import sqlalchemy as sa
 from flask import abort, jsonify, request
-from flask_restx import Resource
+from flask_restx import Resource, fields
 from pydantic import BaseModel, Field, field_validator

-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required, with_current_user
 from core.app.entities.app_invoke_entities import InvokeFrom
 from extensions.ext_database import db
-from fields.base import ResponseModel
 from libs.datetime_utils import parse_time_range
 from libs.helper import convert_datetime_to_date
 from libs.login import login_required
@ -32,92 +31,7 @@ class StatisticTimeRangeQuery(BaseModel):
        return value


-class DailyMessageStatisticItem(ResponseModel):
-    date: str
-    message_count: int
-
-
-class DailyMessageStatisticResponse(ResponseModel):
-    data: list[DailyMessageStatisticItem]
-
-
-class DailyConversationStatisticItem(ResponseModel):
-    date: str
-    conversation_count: int
-
-
-class DailyConversationStatisticResponse(ResponseModel):
-    data: list[DailyConversationStatisticItem]
-
-
-class DailyTerminalStatisticItem(ResponseModel):
-    date: str
-    terminal_count: int
-
-
-class DailyTerminalStatisticResponse(ResponseModel):
-    data: list[DailyTerminalStatisticItem]
-
-
-class DailyTokenCostStatisticItem(ResponseModel):
-    date: str
-    token_count: int
-    total_price: str | float
-    currency: str
-
-
-class DailyTokenCostStatisticResponse(ResponseModel):
-    data: list[DailyTokenCostStatisticItem]
-
-
-class AverageSessionInteractionStatisticItem(ResponseModel):
-    date: str
-    interactions: float
-
-
-class AverageSessionInteractionStatisticResponse(ResponseModel):
-    data: list[AverageSessionInteractionStatisticItem]
-
-
-class UserSatisfactionRateStatisticItem(ResponseModel):
-    date: str
-    rate: float
-
-
-class UserSatisfactionRateStatisticResponse(ResponseModel):
-    data: list[UserSatisfactionRateStatisticItem]
-
-
-class AverageResponseTimeStatisticItem(ResponseModel):
-    date: str
-    latency: float
-
-
-class AverageResponseTimeStatisticResponse(ResponseModel):
-    data: list[AverageResponseTimeStatisticItem]
-
-
-class TokensPerSecondStatisticItem(ResponseModel):
-    date: str
-    tps: float
-
-
-class TokensPerSecondStatisticResponse(ResponseModel):
-    data: list[TokensPerSecondStatisticItem]
-
-
 register_schema_models(console_ns, StatisticTimeRangeQuery)
-register_response_schema_models(
-    console_ns,
-    DailyMessageStatisticResponse,
-    DailyConversationStatisticResponse,
-    DailyTerminalStatisticResponse,
-    DailyTokenCostStatisticResponse,
-    AverageSessionInteractionStatisticResponse,
-    UserSatisfactionRateStatisticResponse,
-    AverageResponseTimeStatisticResponse,
-    TokensPerSecondStatisticResponse,
-)


@console_ns.route("/apps/<uuid:app_id>/statistics/daily-messages")
@ -125,11 +39,11 @@ class DailyMessageStatistic(Resource):
    @console_ns.doc("get_daily_message_statistics")
    @console_ns.doc(description="Get daily message statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Daily message statistics retrieved successfully",
-        console_ns.models[DailyMessageStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Daily message count data")),
    )
    @get_app_model
    @setup_required
@ -185,11 +99,11 @@ class DailyConversationStatistic(Resource):
    @console_ns.doc("get_daily_conversation_statistics")
    @console_ns.doc(description="Get daily conversation statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Daily conversation statistics retrieved successfully",
-        console_ns.models[DailyConversationStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Daily conversation count data")),
    )
    @get_app_model
    @setup_required
@ -244,11 +158,11 @@ class DailyTerminalsStatistic(Resource):
    @console_ns.doc("get_daily_terminals_statistics")
    @console_ns.doc(description="Get daily terminal/end-user statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Daily terminal statistics retrieved successfully",
-        console_ns.models[DailyTerminalStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Daily terminal count data")),
    )
    @get_app_model
    @setup_required
@ -304,11 +218,11 @@ class DailyTokenCostStatistic(Resource):
    @console_ns.doc("get_daily_token_cost_statistics")
    @console_ns.doc(description="Get daily token cost statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Daily token cost statistics retrieved successfully",
-        console_ns.models[DailyTokenCostStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Daily token cost data")),
    )
    @get_app_model
    @setup_required
@ -367,11 +281,11 @@ class AverageSessionInteractionStatistic(Resource):
    @console_ns.doc("get_average_session_interaction_statistics")
    @console_ns.doc(description="Get average session interaction statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Average session interaction statistics retrieved successfully",
-        console_ns.models[AverageSessionInteractionStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Average session interaction data")),
    )
    @setup_required
    @login_required
@ -446,11 +360,11 @@ class UserSatisfactionRateStatistic(Resource):
    @console_ns.doc("get_user_satisfaction_rate_statistics")
    @console_ns.doc(description="Get user satisfaction rate statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "User satisfaction rate statistics retrieved successfully",
-        console_ns.models[UserSatisfactionRateStatisticResponse.__name__],
+        fields.List(fields.Raw(description="User satisfaction rate data")),
    )
    @get_app_model
    @setup_required
@ -515,11 +429,11 @@ class AverageResponseTimeStatistic(Resource):
    @console_ns.doc("get_average_response_time_statistics")
    @console_ns.doc(description="Get average response time statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Average response time statistics retrieved successfully",
-        console_ns.models[AverageResponseTimeStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Average response time data")),
    )
    @setup_required
    @login_required
@ -575,11 +489,11 @@ class TokensPerSecondStatistic(Resource):
    @console_ns.doc("get_tokens_per_second_statistics")
    @console_ns.doc(description="Get tokens per second statistics for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(StatisticTimeRangeQuery))
+    @console_ns.expect(console_ns.models[StatisticTimeRangeQuery.__name__])
    @console_ns.response(
        200,
        "Tokens per second statistics retrieved successfully",
-        console_ns.models[TokensPerSecondStatisticResponse.__name__],
+        fields.List(fields.Raw(description="Tokens per second data")),
    )
    @get_app_model
    @setup_required
--- a/api/controllers/console/app/workflow.py
+++ b/api/controllers/console/app/workflow.py
@ -6,16 +6,15 @@ from typing import Any, NotRequired, TypedDict

 from flask import abort, request
 from flask_restx import Resource, fields
-from pydantic import AliasChoices, BaseModel, Field, RootModel, ValidationError, field_validator
+from pydantic import AliasChoices, BaseModel, Field, ValidationError, field_validator
 from sqlalchemy.orm import sessionmaker
 from werkzeug.exceptions import BadRequest, Forbidden, InternalServerError, NotFound

 import services
 from controllers.common.controller_schemas import DefaultBlockConfigQuery, WorkflowListQuery, WorkflowUpdatePayload
 from controllers.common.errors import InvalidArgumentError
-from controllers.common.fields import GeneratedAppResponse, NewAppResponse, SimpleResultResponse
+from controllers.common.fields import NewAppResponse, SimpleResultResponse
 from controllers.common.schema import (
-    query_params_from_model,
    register_response_schema_model,
    register_response_schema_models,
    register_schema_models,
@ -99,20 +98,16 @@ class SyncDraftWorkflowPayload(BaseModel):
    graph: dict[str, Any]
    features: dict[str, Any]
    hash: str | None = None
-    environment_variables: list[dict[str, Any]] = Field(
-        default_factory=list,
-    )
-    conversation_variables: list[dict[str, Any]] = Field(
-        default_factory=list,
-    )
+    environment_variables: list[dict[str, Any]] = Field(default_factory=list)
+    conversation_variables: list[dict[str, Any]] = Field(default_factory=list)


 class BaseWorkflowRunPayload(BaseModel):
-    files: list[dict[str, Any]] | None = Field(default=None)
+    files: list[dict[str, Any]] | None = None


 class AdvancedChatWorkflowRunPayload(BaseWorkflowRunPayload):
-    inputs: dict[str, Any] | None = Field(default=None)
+    inputs: dict[str, Any] | None = None
    query: str = ""
    conversation_id: str | None = None
    parent_message_id: str | None = None
@ -126,11 +121,11 @@ class AdvancedChatWorkflowRunPayload(BaseWorkflowRunPayload):


 class IterationNodeRunPayload(BaseModel):
-    inputs: dict[str, Any] | None = Field(default=None)
+    inputs: dict[str, Any] | None = None


 class LoopNodeRunPayload(BaseModel):
-    inputs: dict[str, Any] | None = Field(default=None)
+    inputs: dict[str, Any] | None = None


 class DraftWorkflowRunPayload(BaseWorkflowRunPayload):
@ -155,10 +150,7 @@ class ConvertToWorkflowPayload(BaseModel):


 class WorkflowFeaturesPayload(BaseModel):
-    features: dict[str, Any] = Field(
-        ...,
-        description="Workflow feature configuration",
-    )
+    features: dict[str, Any] = Field(..., description="Workflow feature configuration")


 class WorkflowOnlineUsersPayload(BaseModel):
@ -174,7 +166,7 @@ class WorkflowConversationVariableResponse(ResponseModel):
    id: str
    name: str
    value_type: str
-    value: Any
+    value: Any = Field(json_schema_extra={"type": "object"})
    description: str

    @field_validator("value_type", mode="before")
@ -193,7 +185,7 @@ class PipelineVariableResponse(ResponseModel):
    max_length: int | None = None
    required: bool
    unit: str | None = None
-    default_value: Any = Field(default=None)
+    default_value: Any = Field(default=None, json_schema_extra={"type": "object"})
    options: list[str] | None = None
    placeholder: str | None = None
    tooltips: str | None = None
@ -210,18 +202,14 @@ class WorkflowEnvironmentVariableResponse(ResponseModel):
    value_type: str
    id: str
    name: str
-    value: Any
+    value: Any = Field(json_schema_extra={"type": "object"})
    description: str


 class WorkflowResponse(ResponseModel):
    id: str
-    graph: dict[str, Any] = Field(
-        validation_alias=AliasChoices("graph_dict", "graph"),
-    )
-    features: dict[str, Any] = Field(
-        validation_alias=AliasChoices("features_dict", "features"),
-    )
+    graph: dict[str, Any] = Field(validation_alias=AliasChoices("graph_dict", "graph"))
+    features: dict[str, Any] = Field(validation_alias=AliasChoices("features_dict", "features"))
    hash: str = Field(validation_alias=AliasChoices("unique_hash", "hash"))
    version: str
    marked_name: str
@ -278,46 +266,6 @@ class WorkflowOnlineUsersResponse(ResponseModel):
    data: list[WorkflowOnlineUsersByApp]


-class WorkflowPublishResponse(ResponseModel):
-    result: str
-    created_at: int
-
-
-class WorkflowRestoreResponse(ResponseModel):
-    result: str
-    hash: str
-    updated_at: int
-
-
-class DefaultBlockConfigsResponse(RootModel[list[dict[str, Any]]]):
-    root: list[dict[str, Any]]
-
-
-class DefaultBlockConfigResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
-class HumanInputFormPreviewResponse(ResponseModel):
-    form_id: str
-    node_id: str
-    node_title: str
-    form_content: str
-    inputs: list[dict[str, Any]] = Field(default_factory=list)
-    actions: list[dict[str, Any]] = Field(default_factory=list)
-    display_in_ui: bool | None = None
-    form_token: str | None = None
-    resolved_default_values: dict[str, Any] = Field(default_factory=dict)
-    expiration_time: int | None = None
-
-
-class HumanInputFormSubmitResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
-class EmptyObjectResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 class DraftWorkflowTriggerRunPayload(BaseModel):
    node_id: str

@ -355,14 +303,6 @@ register_response_schema_models(
    WorkflowOnlineUser,
    WorkflowOnlineUsersByApp,
    WorkflowOnlineUsersResponse,
-    WorkflowPublishResponse,
-    WorkflowRestoreResponse,
-    DefaultBlockConfigsResponse,
-    DefaultBlockConfigResponse,
-    HumanInputFormPreviewResponse,
-    HumanInputFormSubmitResponse,
-    EmptyObjectResponse,
-    GeneratedAppResponse,
    NewAppResponse,
    SimpleResultResponse,
 )
@ -534,7 +474,7 @@ class AdvancedChatDraftWorkflowRunApi(Resource):
    @console_ns.doc(description="Run draft workflow for advanced chat application")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[AdvancedChatWorkflowRunPayload.__name__])
-    @console_ns.response(200, "Workflow run started successfully", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.response(200, "Workflow run started successfully")
    @console_ns.response(400, "Invalid request parameters")
    @console_ns.response(403, "Permission denied")
    @setup_required
@ -579,11 +519,7 @@ class AdvancedChatDraftRunIterationNodeApi(Resource):
    @console_ns.doc(description="Run draft workflow iteration node for advanced chat")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[IterationNodeRunPayload.__name__])
-    @console_ns.response(
-        200,
-        "Iteration node run started successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Iteration node run started successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(404, "Node not found")
    @setup_required
@ -621,11 +557,7 @@ class WorkflowDraftRunIterationNodeApi(Resource):
    @console_ns.doc(description="Run draft workflow iteration node")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[IterationNodeRunPayload.__name__])
-    @console_ns.response(
-        200,
-        "Workflow iteration node run started successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Workflow iteration node run started successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(404, "Node not found")
    @setup_required
@ -663,7 +595,7 @@ class AdvancedChatDraftRunLoopNodeApi(Resource):
    @console_ns.doc(description="Run draft workflow loop node for advanced chat")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[LoopNodeRunPayload.__name__])
-    @console_ns.response(200, "Loop node run started successfully", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.response(200, "Loop node run started successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(404, "Node not found")
    @setup_required
@ -701,11 +633,7 @@ class WorkflowDraftRunLoopNodeApi(Resource):
    @console_ns.doc(description="Run draft workflow loop node")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[LoopNodeRunPayload.__name__])
-    @console_ns.response(
-        200,
-        "Workflow loop node run started successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Workflow loop node run started successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(404, "Node not found")
    @setup_required
@ -745,10 +673,7 @@ class HumanInputFormPreviewPayload(BaseModel):


 class HumanInputFormSubmitPayload(BaseModel):
-    form_inputs: dict[str, Any] = Field(
-        ...,
-        description="Values the user provides for the form's own fields",
-    )
+    form_inputs: dict[str, Any] = Field(..., description="Values the user provides for the form's own fields")
    inputs: dict[str, Any] = Field(
        ...,
        description="Values used to fill missing upstream variables referenced in form_content",
@ -778,7 +703,6 @@ class AdvancedChatDraftHumanInputFormPreviewApi(Resource):
    @console_ns.doc(description="Get human input form preview for advanced chat workflow")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[HumanInputFormPreviewPayload.__name__])
-    @console_ns.response(200, "Human input form preview", console_ns.models[HumanInputFormPreviewResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -808,11 +732,6 @@ class AdvancedChatDraftHumanInputFormRunApi(Resource):
    @console_ns.doc(description="Submit human input form preview for advanced chat workflow")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[HumanInputFormSubmitPayload.__name__])
-    @console_ns.response(
-        200,
-        "Human input form submission result",
-        console_ns.models[HumanInputFormSubmitResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -842,7 +761,6 @@ class WorkflowDraftHumanInputFormPreviewApi(Resource):
    @console_ns.doc(description="Get human input form preview for workflow")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[HumanInputFormPreviewPayload.__name__])
-    @console_ns.response(200, "Human input form preview", console_ns.models[HumanInputFormPreviewResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -872,11 +790,6 @@ class WorkflowDraftHumanInputFormRunApi(Resource):
    @console_ns.doc(description="Submit human input form preview for workflow")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[HumanInputFormSubmitPayload.__name__])
-    @console_ns.response(
-        200,
-        "Human input form submission result",
-        console_ns.models[HumanInputFormSubmitResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -906,7 +819,6 @@ class WorkflowDraftHumanInputDeliveryTestApi(Resource):
    @console_ns.doc(description="Test human input delivery for workflow")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
    @console_ns.expect(console_ns.models[HumanInputDeliveryTestPayload.__name__])
-    @console_ns.response(200, "Human input delivery test result", console_ns.models[EmptyObjectResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -935,11 +847,7 @@ class DraftWorkflowRunApi(Resource):
    @console_ns.doc(description="Run draft workflow")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[DraftWorkflowRunPayload.__name__])
-    @console_ns.response(
-        200,
-        "Draft workflow run started successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Draft workflow run started successfully")
    @console_ns.response(403, "Permission denied")
    @setup_required
    @login_required
@ -1081,7 +989,6 @@ class PublishedWorkflowApi(Resource):
        return dump_response(WorkflowResponse, workflow)

    @console_ns.expect(console_ns.models[PublishWorkflowPayload.__name__])
-    @console_ns.response(200, "Workflow published successfully", console_ns.models[WorkflowPublishResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -1125,11 +1032,7 @@ class DefaultBlockConfigsApi(Resource):
    @console_ns.doc("get_default_block_configs")
    @console_ns.doc(description="Get default block configurations for workflow")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Default block configurations retrieved successfully",
-        console_ns.models[DefaultBlockConfigsResponse.__name__],
-    )
+    @console_ns.response(200, "Default block configurations retrieved successfully")
    @setup_required
    @login_required
    @account_initialization_required
@ -1149,13 +1052,9 @@ class DefaultBlockConfigApi(Resource):
    @console_ns.doc("get_default_block_config")
    @console_ns.doc(description="Get default block configuration by type")
    @console_ns.doc(params={"app_id": "Application ID", "block_type": "Block type"})
-    @console_ns.response(
-        200,
-        "Default block configuration retrieved successfully",
-        console_ns.models[DefaultBlockConfigResponse.__name__],
-    )
+    @console_ns.response(200, "Default block configuration retrieved successfully")
    @console_ns.response(404, "Block type not found")
-    @console_ns.doc(params=query_params_from_model(DefaultBlockConfigQuery))
+    @console_ns.expect(console_ns.models[DefaultBlockConfigQuery.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -1250,7 +1149,7 @@ class WorkflowFeaturesApi(Resource):

@console_ns.route("/apps/<uuid:app_id>/workflows")
 class PublishedAllWorkflowApi(Resource):
-    @console_ns.doc(params=query_params_from_model(WorkflowListQuery))
+    @console_ns.expect(console_ns.models[WorkflowListQuery.__name__])
    @console_ns.doc("get_all_published_workflows")
    @console_ns.doc(description="Get all published workflows for an application")
    @console_ns.doc(params={"app_id": "Application ID"})
@ -1305,7 +1204,7 @@ class DraftWorkflowRestoreApi(Resource):
    @console_ns.doc("restore_workflow_to_draft")
    @console_ns.doc(description="Restore a published workflow version into the draft workflow")
    @console_ns.doc(params={"app_id": "Application ID", "workflow_id": "Published workflow ID"})
-    @console_ns.response(200, "Workflow restored successfully", console_ns.models[WorkflowRestoreResponse.__name__])
+    @console_ns.response(200, "Workflow restored successfully")
    @console_ns.response(400, "Source workflow must be published")
    @console_ns.response(404, "Workflow not found")
    @setup_required
@ -1390,7 +1289,6 @@ class WorkflowByIdApi(Resource):
    @account_initialization_required
    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
    @edit_permission_required
-    @console_ns.response(204, "Workflow deleted successfully")
    def delete(self, app_model: App, workflow_id: str):
        """
        Delete workflow
@ -1462,11 +1360,7 @@ class DraftWorkflowTriggerRunApi(Resource):
            },
        )
    )
-    @console_ns.response(
-        200,
-        "Trigger event received and workflow executed successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Trigger event received and workflow executed successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(500, "Internal server error")
    @setup_required
@ -1530,11 +1424,7 @@ class DraftWorkflowTriggerNodeApi(Resource):
    @console_ns.doc("poll_draft_workflow_trigger_node")
    @console_ns.doc(description="Poll for trigger events and execute single node when event arrives")
    @console_ns.doc(params={"app_id": "Application ID", "node_id": "Node ID"})
-    @console_ns.response(
-        200,
-        "Trigger event received and node executed successfully",
-        console_ns.models[GeneratedAppResponse.__name__],
-    )
+    @console_ns.response(200, "Trigger event received and node executed successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(500, "Internal server error")
    @setup_required
@ -1614,7 +1504,7 @@ class DraftWorkflowTriggerRunAllApi(Resource):
    @console_ns.doc(description="Full workflow debug when the start node is a trigger")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[DraftWorkflowTriggerRunAllPayload.__name__])
-    @console_ns.response(200, "Workflow executed successfully", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.response(200, "Workflow executed successfully")
    @console_ns.response(403, "Permission denied")
    @console_ns.response(500, "Internal server error")
    @setup_required
--- a/api/controllers/console/app/workflow_app_log.py
+++ b/api/controllers/console/app/workflow_app_log.py
@ -7,7 +7,7 @@ from flask_restx import Resource
 from pydantic import BaseModel, Field, field_validator
 from sqlalchemy.orm import sessionmaker

-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
@ -166,7 +166,7 @@ class WorkflowAppLogApi(Resource):
    @console_ns.doc("get_workflow_app_logs")
    @console_ns.doc(description="Get workflow application execution logs")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowAppLogQuery))
+    @console_ns.expect(console_ns.models[WorkflowAppLogQuery.__name__])
    @console_ns.response(
        200,
        "Workflow app logs retrieved successfully",
@ -209,7 +209,7 @@ class WorkflowArchivedLogApi(Resource):
    @console_ns.doc("get_workflow_archived_logs")
    @console_ns.doc(description="Get workflow archived execution logs")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowAppLogQuery))
+    @console_ns.expect(console_ns.models[WorkflowAppLogQuery.__name__])
    @console_ns.response(
        200,
        "Workflow archived logs retrieved successfully",
--- a/api/controllers/console/app/workflow_draft_variable.py
+++ b/api/controllers/console/app/workflow_draft_variable.py
@ -1,7 +1,7 @@
 import logging
 from collections.abc import Callable
 from functools import wraps
-from typing import Any, Concatenate, TypedDict, override
+from typing import Any, Concatenate, TypedDict
 from uuid import UUID

 from flask import Response, request
@ -10,8 +10,7 @@ from pydantic import BaseModel, Field
 from sqlalchemy.orm import sessionmaker

 from controllers.common.errors import InvalidArgumentError, NotFoundError
-from controllers.common.fields import SimpleResultResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    DraftWorkflowNotExist,
@ -29,7 +28,6 @@ from extensions.ext_database import db
 from factories import variable_factory
 from factories.file_factory import build_from_mapping, build_from_mappings
 from factories.variable_factory import build_segment_with_type
-from fields.base import ResponseModel
 from graphon.file import helpers as file_helpers
 from graphon.variables.segment_group import SegmentGroup
 from graphon.variables.segments import ArrayFileSegment, FileSegment, Segment
@ -44,28 +42,6 @@ logger = logging.getLogger(__name__)
 _file_access_controller = DatabaseFileAccessController()


-class OpaqueRawField(fields.Raw):
-    @override
-    def schema(self) -> dict[str, object]:
-        return {"type": "object"}
-
-
-class JsonValueRawField(fields.Raw):
-    @override
-    def schema(self) -> dict[str, object]:
-        return {
-            "anyOf": [
-                {"type": "string"},
-                {"type": "integer"},
-                {"type": "number"},
-                {"type": "boolean"},
-                {"type": "object", "additionalProperties": True},
-                {"type": "array", "items": {}},
-                {"type": "null"},
-            ]
-        }
-
-
 class WorkflowDraftVariableListQuery(BaseModel):
    page: int = Field(default=1, ge=1, le=100_000, description="Page number")
    limit: int = Field(default=20, ge=1, le=100, description="Items per page")
@ -78,33 +54,12 @@ class WorkflowDraftVariableUpdatePayload(BaseModel):

 class ConversationVariableUpdatePayload(BaseModel):
    conversation_variables: list[dict[str, Any]] = Field(
-        ...,
-        description="Conversation variables for the draft workflow",
+        ..., description="Conversation variables for the draft workflow"
    )


 class EnvironmentVariableUpdatePayload(BaseModel):
-    environment_variables: list[dict[str, Any]] = Field(
-        ...,
-        description="Environment variables for the draft workflow",
-    )
-
-
-class EnvironmentVariableItemResponse(ResponseModel):
-    id: str
-    type: str
-    name: str
-    description: str | None = None
-    selector: list[str]
-    value_type: str
-    value: Any
-    edited: bool
-    visible: bool
-    editable: bool
-
-
-class EnvironmentVariableListResponse(ResponseModel):
-    items: list[EnvironmentVariableItemResponse]
+    environment_variables: list[dict[str, Any]] = Field(..., description="Environment variables for the draft workflow")


 register_schema_models(
@ -114,7 +69,6 @@ register_schema_models(
    ConversationVariableUpdatePayload,
    EnvironmentVariableUpdatePayload,
 )
-register_response_schema_models(console_ns, SimpleResultResponse, EnvironmentVariableListResponse)


 def _convert_values_to_json_serializable_object(value: Segment):
@ -201,8 +155,8 @@ _WORKFLOW_DRAFT_VARIABLE_WITHOUT_VALUE_FIELDS = {

 _WORKFLOW_DRAFT_VARIABLE_FIELDS = {
    **_WORKFLOW_DRAFT_VARIABLE_WITHOUT_VALUE_FIELDS,
-    "value": JsonValueRawField(attribute=_serialize_var_value),
-    "full_content": OpaqueRawField(attribute=_serialize_full_content),
+    "value": fields.Raw(attribute=_serialize_var_value),
+    "full_content": fields.Raw(attribute=_serialize_full_content),
 }

 _WORKFLOW_DRAFT_ENV_VARIABLE_FIELDS = {
@ -227,7 +181,7 @@ def _get_items(var_list: WorkflowDraftVariableList) -> list[WorkflowDraftVariabl

 _WORKFLOW_DRAFT_VARIABLE_LIST_WITHOUT_VALUE_FIELDS = {
    "items": fields.List(fields.Nested(_WORKFLOW_DRAFT_VARIABLE_WITHOUT_VALUE_FIELDS), attribute=_get_items),
-    "total": fields.Integer,
+    "total": fields.Raw(),
 }

 _WORKFLOW_DRAFT_VARIABLE_LIST_FIELDS = {
@ -294,7 +248,7 @@ def _api_prerequisite[T, **P, R](

@console_ns.route("/apps/<uuid:app_id>/workflows/draft/variables")
 class WorkflowVariableCollectionApi(Resource):
-    @console_ns.doc(params=query_params_from_model(WorkflowDraftVariableListQuery))
+    @console_ns.expect(console_ns.models[WorkflowDraftVariableListQuery.__name__])
    @console_ns.doc("get_workflow_variables")
    @console_ns.doc(description="Get draft workflow variables")
    @console_ns.doc(params={"app_id": "Application ID"})
@ -590,11 +544,7 @@ class ConversationVariableCollectionApi(Resource):
    @console_ns.doc("update_conversation_variables")
    @console_ns.doc(description="Update conversation variables for workflow draft")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Conversation variables updated successfully",
-        console_ns.models[SimpleResultResponse.__name__],
-    )
+    @console_ns.response(200, "Conversation variables updated successfully")
    @setup_required
    @login_required
    @account_initialization_required
@ -637,11 +587,7 @@ class EnvironmentVariableCollectionApi(Resource):
    @console_ns.doc("get_environment_variables")
    @console_ns.doc(description="Get environment variables for workflow")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Environment variables retrieved successfully",
-        console_ns.models[EnvironmentVariableListResponse.__name__],
-    )
+    @console_ns.response(200, "Environment variables retrieved successfully")
    @console_ns.response(404, "Draft workflow not found")
    @_api_prerequisite
    def get(self, _current_user: Account, app_model: App):
@ -679,11 +625,7 @@ class EnvironmentVariableCollectionApi(Resource):
    @console_ns.doc("update_environment_variables")
    @console_ns.doc(description="Update environment variables for workflow draft")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.response(
-        200,
-        "Environment variables updated successfully",
-        console_ns.models[SimpleResultResponse.__name__],
-    )
+    @console_ns.response(200, "Environment variables updated successfully")
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/app/workflow_node_output_inspector.py
+++ b/api/controllers/console/app/workflow_node_output_inspector.py
@ -30,7 +30,6 @@ from uuid import UUID
 from flask import Response
 from flask_restx import Resource

-from controllers.common.fields import EventStreamResponse
 from controllers.common.schema import register_response_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
@ -63,7 +62,6 @@ _STREAM_HARD_TIMEOUT_TICKS = 1800  # 30 min

 register_response_schema_models(
    console_ns,
-    EventStreamResponse,
    CheckResultView,
    NodeOutputView,
    NodeOutputsView,
@ -329,11 +327,7 @@ class WorkflowDraftRunNodeOutputEventsApi(Resource):
    @console_ns.doc("stream_workflow_draft_run_node_output_events")
    @console_ns.doc(description="Server-Sent Events stream of inspector deltas for a draft workflow run.")
    @console_ns.doc(params={"app_id": "Application ID", "run_id": "Workflow run ID"})
-    @console_ns.response(
-        200,
-        "Workflow run node output event stream",
-        console_ns.models[EventStreamResponse.__name__],
-    )
+    @console_ns.response(200, "Workflow run node output event stream")
    @console_ns.response(404, "Workflow run not found")
    @setup_required
    @login_required
@ -430,11 +424,7 @@ class WorkflowPublishedRunNodeOutputEventsApi(Resource):
    @console_ns.doc("stream_workflow_published_run_node_output_events")
    @console_ns.doc(description="Server-Sent Events stream of inspector deltas for a published workflow run.")
    @console_ns.doc(params={"app_id": "Application ID", "run_id": "Workflow run ID"})
-    @console_ns.response(
-        200,
-        "Workflow run node output event stream",
-        console_ns.models[EventStreamResponse.__name__],
-    )
+    @console_ns.response(200, "Workflow run node output event stream")
    @console_ns.response(404, "Workflow run not found")
    @setup_required
    @login_required
--- a/api/controllers/console/app/workflow_statistic.py
+++ b/api/controllers/console/app/workflow_statistic.py
@ -3,12 +3,11 @@ from flask_restx import Resource
 from pydantic import BaseModel, Field, field_validator
 from sqlalchemy.orm import sessionmaker

-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required, with_current_user
 from extensions.ext_database import db
-from fields.base import ResponseModel
 from libs.datetime_utils import parse_time_range
 from libs.login import login_required
 from models.account import Account
@ -29,50 +28,7 @@ class WorkflowStatisticQuery(BaseModel):
        return value


-class WorkflowDailyRunsStatisticItem(ResponseModel):
-    date: str
-    runs: int
-
-
-class WorkflowDailyRunsStatisticResponse(ResponseModel):
-    data: list[WorkflowDailyRunsStatisticItem]
-
-
-class WorkflowDailyTerminalsStatisticItem(ResponseModel):
-    date: str
-    terminal_count: int
-
-
-class WorkflowDailyTerminalsStatisticResponse(ResponseModel):
-    data: list[WorkflowDailyTerminalsStatisticItem]
-
-
-class WorkflowDailyTokenCostStatisticItem(ResponseModel):
-    date: str
-    token_count: int
-
-
-class WorkflowDailyTokenCostStatisticResponse(ResponseModel):
-    data: list[WorkflowDailyTokenCostStatisticItem]
-
-
-class WorkflowAverageAppInteractionStatisticItem(ResponseModel):
-    date: str
-    interactions: float
-
-
-class WorkflowAverageAppInteractionStatisticResponse(ResponseModel):
-    data: list[WorkflowAverageAppInteractionStatisticItem]
-
-
 register_schema_models(console_ns, WorkflowStatisticQuery)
-register_response_schema_models(
-    console_ns,
-    WorkflowDailyRunsStatisticResponse,
-    WorkflowDailyTerminalsStatisticResponse,
-    WorkflowDailyTokenCostStatisticResponse,
-    WorkflowAverageAppInteractionStatisticResponse,
-)


@console_ns.route("/apps/<uuid:app_id>/workflow/statistics/daily-conversations")
@ -85,12 +41,8 @@ class WorkflowDailyRunsStatistic(Resource):
    @console_ns.doc("get_workflow_daily_runs_statistic")
    @console_ns.doc(description="Get workflow daily runs statistics")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowStatisticQuery))
-    @console_ns.response(
-        200,
-        "Daily runs statistics retrieved successfully",
-        console_ns.models[WorkflowDailyRunsStatisticResponse.__name__],
-    )
+    @console_ns.expect(console_ns.models[WorkflowStatisticQuery.__name__])
+    @console_ns.response(200, "Daily runs statistics retrieved successfully")
    @get_app_model
    @setup_required
    @login_required
@ -128,12 +80,8 @@ class WorkflowDailyTerminalsStatistic(Resource):
    @console_ns.doc("get_workflow_daily_terminals_statistic")
    @console_ns.doc(description="Get workflow daily terminals statistics")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowStatisticQuery))
-    @console_ns.response(
-        200,
-        "Daily terminals statistics retrieved successfully",
-        console_ns.models[WorkflowDailyTerminalsStatisticResponse.__name__],
-    )
+    @console_ns.expect(console_ns.models[WorkflowStatisticQuery.__name__])
+    @console_ns.response(200, "Daily terminals statistics retrieved successfully")
    @get_app_model
    @setup_required
    @login_required
@ -171,12 +119,8 @@ class WorkflowDailyTokenCostStatistic(Resource):
    @console_ns.doc("get_workflow_daily_token_cost_statistic")
    @console_ns.doc(description="Get workflow daily token cost statistics")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowStatisticQuery))
-    @console_ns.response(
-        200,
-        "Daily token cost statistics retrieved successfully",
-        console_ns.models[WorkflowDailyTokenCostStatisticResponse.__name__],
-    )
+    @console_ns.expect(console_ns.models[WorkflowStatisticQuery.__name__])
+    @console_ns.response(200, "Daily token cost statistics retrieved successfully")
    @get_app_model
    @setup_required
    @login_required
@ -214,12 +158,8 @@ class WorkflowAverageAppInteractionStatistic(Resource):
    @console_ns.doc("get_workflow_average_app_interaction_statistic")
    @console_ns.doc(description="Get workflow average app interaction statistics")
    @console_ns.doc(params={"app_id": "Application ID"})
-    @console_ns.doc(params=query_params_from_model(WorkflowStatisticQuery))
-    @console_ns.response(
-        200,
-        "Average app interaction statistics retrieved successfully",
-        console_ns.models[WorkflowAverageAppInteractionStatisticResponse.__name__],
-    )
+    @console_ns.expect(console_ns.models[WorkflowStatisticQuery.__name__])
+    @console_ns.response(200, "Average app interaction statistics retrieved successfully")
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/app/workflow_trigger.py
+++ b/api/controllers/console/app/workflow_trigger.py
@ -9,7 +9,7 @@ from sqlalchemy.orm import sessionmaker
 from werkzeug.exceptions import NotFound

 from configs import dify_config
-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from extensions.ext_database import db
 from fields.base import ResponseModel
 from libs.login import login_required
@ -86,7 +86,7 @@ register_schema_models(
 class WebhookTriggerApi(Resource):
    """Webhook Trigger API"""

-    @console_ns.doc(params=query_params_from_model(Parser))
+    @console_ns.expect(console_ns.models[Parser.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/auth/activate.py
+++ b/api/controllers/console/auth/activate.py
@ -4,7 +4,7 @@ from pydantic import BaseModel, Field, field_validator

 from configs import dify_config
 from constants.languages import supported_language
-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.error import AccountInFreezeError, AlreadyActivateError
 from extensions.ext_database import db
@ -69,7 +69,7 @@ register_schema_models(
 class ActivateCheckApi(Resource):
    @console_ns.doc("check_activation_token")
    @console_ns.doc(description="Check if activation token is valid")
-    @console_ns.doc(params=query_params_from_model(ActivateCheckQuery))
+    @console_ns.expect(console_ns.models[ActivateCheckQuery.__name__])
    @console_ns.response(
        200,
        "Success",
--- a/api/controllers/console/auth/data_source_bearer_auth.py
+++ b/api/controllers/console/auth/data_source_bearer_auth.py
@ -3,7 +3,6 @@ from uuid import UUID
 from flask_restx import Resource
 from pydantic import BaseModel, Field

-from controllers.common.fields import SimpleResultResponse
 from controllers.common.schema import register_response_schema_models, register_schema_models
 from fields.base import ResponseModel
 from libs.login import login_required
@ -34,12 +33,7 @@ class ApiKeyAuthDataSourceListResponse(ResponseModel):


 register_schema_models(console_ns, ApiKeyAuthBindingPayload)
-register_response_schema_models(
-    console_ns,
-    SimpleResultResponse,
-    ApiKeyAuthDataSourceItem,
-    ApiKeyAuthDataSourceListResponse,
-)
+register_response_schema_models(console_ns, ApiKeyAuthDataSourceItem, ApiKeyAuthDataSourceListResponse)


@console_ns.route("/api-key-auth/data-source")
@ -70,7 +64,6 @@ class ApiKeyAuthDataSource(Resource):

@console_ns.route("/api-key-auth/data-source/binding")
 class ApiKeyAuthDataSourceBinding(Resource):
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/auth/data_source_oauth.py
+++ b/api/controllers/console/auth/data_source_oauth.py
@ -7,8 +7,7 @@ from flask_restx import Resource
 from pydantic import BaseModel, Field

 from configs import dify_config
-from controllers.common.fields import RedirectResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from libs.login import login_required
 from libs.oauth_data_source import NotionOAuth

@ -30,24 +29,12 @@ class OAuthDataSourceSyncResponse(BaseModel):
    result: str = Field(description="Operation result")


-class OAuthDataSourceCallbackQuery(BaseModel):
-    code: str | None = Field(default=None, description="Authorization code from OAuth provider")
-    error: str | None = Field(default=None, description="Error message from OAuth provider")
-
-
-class OAuthDataSourceBindingQuery(BaseModel):
-    code: str = Field(description="Authorization code from OAuth provider")
-
-
 register_schema_models(
    console_ns,
    OAuthDataSourceResponse,
    OAuthDataSourceBindingResponse,
    OAuthDataSourceSyncResponse,
-    OAuthDataSourceCallbackQuery,
-    OAuthDataSourceBindingQuery,
 )
-register_response_schema_model(console_ns, RedirectResponse)


 def get_oauth_providers():
@ -97,9 +84,14 @@ class OAuthDataSource(Resource):
 class OAuthDataSourceCallback(Resource):
    @console_ns.doc("oauth_data_source_callback")
    @console_ns.doc(description="Handle OAuth callback from data source provider")
-    @console_ns.doc(params={"provider": "Data source provider name (notion)"})
-    @console_ns.doc(params=query_params_from_model(OAuthDataSourceCallbackQuery))
-    @console_ns.response(302, "Redirect to console with result", console_ns.models[RedirectResponse.__name__])
+    @console_ns.doc(
+        params={
+            "provider": "Data source provider name (notion)",
+            "code": "Authorization code from OAuth provider",
+            "error": "Error message from OAuth provider",
+        }
+    )
+    @console_ns.response(302, "Redirect to console with result")
    @console_ns.response(400, "Invalid provider")
    def get(self, provider: str):
        OAUTH_DATASOURCE_PROVIDERS = get_oauth_providers()
@ -123,8 +115,9 @@ class OAuthDataSourceCallback(Resource):
 class OAuthDataSourceBinding(Resource):
    @console_ns.doc("oauth_data_source_binding")
    @console_ns.doc(description="Bind OAuth data source with authorization code")
-    @console_ns.doc(params={"provider": "Data source provider name (notion)"})
-    @console_ns.doc(params=query_params_from_model(OAuthDataSourceBindingQuery))
+    @console_ns.doc(
+        params={"provider": "Data source provider name (notion)", "code": "Authorization code from OAuth provider"}
+    )
    @console_ns.response(
        200,
        "Data source binding success",
--- a/api/controllers/console/auth/email_register.py
+++ b/api/controllers/console/auth/email_register.py
@ -15,7 +15,6 @@ from controllers.console.auth.error import (
    InvalidTokenError,
    PasswordMismatchError,
 )
-from fields.base import ResponseModel
 from libs.helper import EmailStr, extract_remote_ip
 from libs.helper import timezone as validate_timezone_string
 from libs.password import valid_password
@ -59,24 +58,8 @@ class EmailRegisterResetPayload(BaseModel):
        return validate_timezone_string(value)


-class EmailRegisterTokenPairResponse(ResponseModel):
-    access_token: str
-    refresh_token: str
-    csrf_token: str
-
-
-class EmailRegisterResetResponse(ResponseModel):
-    result: str
-    data: EmailRegisterTokenPairResponse
-
-
 register_schema_models(console_ns, EmailRegisterSendPayload, EmailRegisterValidityPayload, EmailRegisterResetPayload)
-register_response_schema_models(
-    console_ns,
-    SimpleResultDataResponse,
-    VerificationTokenResponse,
-    EmailRegisterResetResponse,
-)
+register_response_schema_models(console_ns, SimpleResultDataResponse, VerificationTokenResponse)


@console_ns.route("/email-register/send-email")
@ -84,7 +67,6 @@ class EmailRegisterSendEmailApi(Resource):
    @setup_required
    @email_password_login_enabled
    @email_register_enabled
-    @console_ns.expect(console_ns.models[EmailRegisterSendPayload.__name__])
    @console_ns.response(200, "Success", console_ns.models[SimpleResultDataResponse.__name__])
    def post(self):
        args = EmailRegisterSendPayload.model_validate(console_ns.payload)
@ -110,7 +92,6 @@ class EmailRegisterCheckApi(Resource):
    @setup_required
    @email_password_login_enabled
    @email_register_enabled
-    @console_ns.expect(console_ns.models[EmailRegisterValidityPayload.__name__])
    @console_ns.response(200, "Success", console_ns.models[VerificationTokenResponse.__name__])
    def post(self):
        args = EmailRegisterValidityPayload.model_validate(console_ns.payload)
@ -152,8 +133,6 @@ class EmailRegisterResetApi(Resource):
    @setup_required
    @email_password_login_enabled
    @email_register_enabled
-    @console_ns.expect(console_ns.models[EmailRegisterResetPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[EmailRegisterResetResponse.__name__])
    def post(self):
        args = EmailRegisterResetPayload.model_validate(console_ns.payload)

--- a/api/controllers/console/auth/oauth.py
+++ b/api/controllers/console/auth/oauth.py
@ -4,13 +4,10 @@ import urllib.parse
 import httpx
 from flask import current_app, redirect, request
 from flask_restx import Resource
-from pydantic import BaseModel, Field
 from werkzeug.exceptions import Unauthorized

 from configs import dify_config
 from constants.languages import languages
-from controllers.common.fields import RedirectResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_model, register_schema_models
 from events.tenant_event import tenant_was_created
 from extensions.ext_database import db
 from libs.datetime_utils import naive_utc_now
@ -34,21 +31,6 @@ from .. import console_ns
 logger = logging.getLogger(__name__)


-class OAuthLoginQuery(BaseModel):
-    invite_token: str | None = Field(default=None, description="Optional invitation token")
-    timezone: str | None = Field(default=None, description="Preferred timezone")
-    language: str | None = Field(default=None, description="Preferred interface language")
-
-
-class OAuthCallbackQuery(BaseModel):
-    code: str = Field(description="Authorization code from OAuth provider")
-    state: str | None = Field(default=None, description="OAuth state parameter")
-
-
-register_schema_models(console_ns, OAuthLoginQuery, OAuthCallbackQuery)
-register_response_schema_model(console_ns, RedirectResponse)
-
-
 def get_oauth_providers():
    with current_app.app_context():
        if not dify_config.GITHUB_CLIENT_ID or not dify_config.GITHUB_CLIENT_SECRET:
@ -101,9 +83,10 @@ def _preferred_interface_language(language: str | None = None) -> str:
 class OAuthLogin(Resource):
    @console_ns.doc("oauth_login")
    @console_ns.doc(description="Initiate OAuth login process")
-    @console_ns.doc(params={"provider": "OAuth provider name (github/google)"})
-    @console_ns.doc(params=query_params_from_model(OAuthLoginQuery))
-    @console_ns.response(302, "Redirect to OAuth authorization URL", console_ns.models[RedirectResponse.__name__])
+    @console_ns.doc(
+        params={"provider": "OAuth provider name (github/google)", "invite_token": "Optional invitation token"}
+    )
+    @console_ns.response(302, "Redirect to OAuth authorization URL")
    @console_ns.response(400, "Invalid provider")
    def get(self, provider: str):
        invite_token = request.args.get("invite_token") or None
@ -127,9 +110,14 @@ class OAuthLogin(Resource):
 class OAuthCallback(Resource):
    @console_ns.doc("oauth_callback")
    @console_ns.doc(description="Handle OAuth callback and complete login process")
-    @console_ns.doc(params={"provider": "OAuth provider name (github/google)"})
-    @console_ns.doc(params=query_params_from_model(OAuthCallbackQuery))
-    @console_ns.response(302, "Redirect to console with access token", console_ns.models[RedirectResponse.__name__])
+    @console_ns.doc(
+        params={
+            "provider": "OAuth provider name (github/google)",
+            "code": "Authorization code from OAuth provider",
+            "state": "Optional state parameter (used for invite token)",
+        }
+    )
+    @console_ns.response(302, "Redirect to console with access token")
    @console_ns.response(400, "OAuth process failed")
    def get(self, provider: str):
        OAUTH_PROVIDERS = get_oauth_providers()
--- a/api/controllers/console/auth/oauth_server.py
+++ b/api/controllers/console/auth/oauth_server.py
@ -1,6 +1,6 @@
 from collections.abc import Callable
 from functools import wraps
-from typing import Any, Concatenate
+from typing import Concatenate

 from flask import jsonify, request
 from flask.typing import ResponseReturnValue
@ -8,7 +8,6 @@ from flask_restx import Resource
 from pydantic import BaseModel
 from werkzeug.exceptions import BadRequest, NotFound

-from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console.wraps import account_initialization_required, setup_required, with_current_user
 from graphon.model_runtime.utils.encoders import jsonable_encoder
 from libs.login import login_required
@ -37,41 +36,6 @@ class OAuthTokenRequest(BaseModel):
    refresh_token: str | None = None


-class OAuthProviderAppResponse(BaseModel):
-    app_icon: str
-    app_label: dict[str, Any]
-    scope: str
-
-
-class OAuthProviderAuthorizeResponse(BaseModel):
-    code: str
-
-
-class OAuthProviderTokenResponse(BaseModel):
-    access_token: str
-    token_type: str
-    expires_in: int
-    refresh_token: str
-
-
-class OAuthProviderAccountResponse(BaseModel):
-    name: str
-    email: str
-    avatar: str | None = None
-    interface_language: str
-    timezone: str
-
-
-register_schema_models(console_ns, OAuthClientPayload, OAuthProviderRequest, OAuthTokenRequest)
-register_response_schema_models(
-    console_ns,
-    OAuthProviderAccountResponse,
-    OAuthProviderAppResponse,
-    OAuthProviderAuthorizeResponse,
-    OAuthProviderTokenResponse,
-)
-
-
 def oauth_server_client_id_required[T, **P, R](
    view: Callable[Concatenate[T, OAuthProviderApp, P], R],
 ) -> Callable[Concatenate[T, P], R]:
@ -146,8 +110,6 @@ def oauth_server_access_token_required[T, **P, R](
@console_ns.route("/oauth/provider")
 class OAuthServerAppApi(Resource):
    @setup_required
-    @console_ns.expect(console_ns.models[OAuthProviderRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[OAuthProviderAppResponse.__name__])
    @oauth_server_client_id_required
    def post(self, oauth_provider_app: OAuthProviderApp):
        payload = OAuthProviderRequest.model_validate(request.get_json())
@ -172,8 +134,6 @@ class OAuthServerUserAuthorizeApi(Resource):
    @login_required
    @account_initialization_required
    @with_current_user
-    @console_ns.expect(console_ns.models[OAuthClientPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[OAuthProviderAuthorizeResponse.__name__])
    @oauth_server_client_id_required
    def post(self, oauth_provider_app: OAuthProviderApp, current_user: Account):
        user_account_id = current_user.id
@ -188,8 +148,6 @@ class OAuthServerUserAuthorizeApi(Resource):
@console_ns.route("/oauth/provider/token")
 class OAuthServerUserTokenApi(Resource):
    @setup_required
-    @console_ns.expect(console_ns.models[OAuthTokenRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[OAuthProviderTokenResponse.__name__])
    @oauth_server_client_id_required
    def post(self, oauth_provider_app: OAuthProviderApp):
        payload = OAuthTokenRequest.model_validate(request.get_json())
@ -240,8 +198,6 @@ class OAuthServerUserTokenApi(Resource):
@console_ns.route("/oauth/provider/account")
 class OAuthServerUserAccountApi(Resource):
    @setup_required
-    @console_ns.expect(console_ns.models[OAuthClientPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[OAuthProviderAccountResponse.__name__])
    @oauth_server_client_id_required
    @oauth_server_access_token_required
    def post(self, oauth_provider_app: OAuthProviderApp, account: Account):
--- a/api/controllers/console/billing/billing.py
+++ b/api/controllers/console/billing/billing.py
@ -1,12 +1,12 @@
 import base64
-from typing import Any, Literal
+from typing import Literal

 from flask import request
 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel
+from pydantic import BaseModel, Field
 from werkzeug.exceptions import BadRequest

-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.wraps import (
    account_initialization_required,
@ -30,18 +30,11 @@ class PartnerTenantsPayload(BaseModel):
    click_id: str = Field(..., description="Click Id from partner referral link")


-class BillingResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 register_schema_models(console_ns, SubscriptionQuery, PartnerTenantsPayload)
-register_response_schema_models(console_ns, BillingResponse)


@console_ns.route("/billing/subscription")
 class Subscription(Resource):
-    @console_ns.doc(params=query_params_from_model(SubscriptionQuery))
-    @console_ns.response(200, "Success", console_ns.models[BillingResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -56,7 +49,6 @@ class Subscription(Resource):

@console_ns.route("/billing/invoices")
 class Invoices(Resource):
-    @console_ns.response(200, "Success", console_ns.models[BillingResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -74,7 +66,7 @@ class PartnerTenants(Resource):
    @console_ns.doc(description="Sync partner tenants bindings")
    @console_ns.doc(params={"partner_key": "Partner key"})
    @console_ns.expect(console_ns.models[PartnerTenantsPayload.__name__])
-    @console_ns.response(200, "Tenants synced to partner successfully", console_ns.models[BillingResponse.__name__])
+    @console_ns.response(200, "Tenants synced to partner successfully")
    @console_ns.response(400, "Invalid partner information")
    @setup_required
    @login_required
--- a/api/controllers/console/billing/compliance.py
+++ b/api/controllers/console/billing/compliance.py
@ -1,16 +1,12 @@
-from typing import Any
-
 from flask import request
 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel
+from pydantic import BaseModel, Field

-from controllers.common.schema import query_params_from_model, register_response_schema_models
 from libs.helper import extract_remote_ip
 from libs.login import login_required
 from models import Account
 from services.billing_service import BillingService

-from ...common.schema import DEFAULT_REF_TEMPLATE_OPENAPI_3_0
 from .. import console_ns
 from ..wraps import (
    account_initialization_required,
@ -25,23 +21,17 @@ class ComplianceDownloadQuery(BaseModel):
    doc_name: str = Field(..., description="Compliance document name")


-class ComplianceDownloadResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 console_ns.schema_model(
    ComplianceDownloadQuery.__name__,
-    ComplianceDownloadQuery.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_OPENAPI_3_0),
+    ComplianceDownloadQuery.model_json_schema(ref_template="#/definitions/{model}"),
 )
-register_response_schema_models(console_ns, ComplianceDownloadResponse)


@console_ns.route("/compliance/download")
 class ComplianceApi(Resource):
-    @console_ns.doc(params=query_params_from_model(ComplianceDownloadQuery))
+    @console_ns.expect(console_ns.models[ComplianceDownloadQuery.__name__])
    @console_ns.doc("download_compliance_document")
    @console_ns.doc(description="Get compliance document download link")
-    @console_ns.response(200, "Success", console_ns.models[ComplianceDownloadResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/datasets/datasets.py
+++ b/api/controllers/console/datasets/datasets.py
@ -95,13 +95,13 @@ class DatasetUpdatePayload(BaseModel):
    indexing_technique: str | None = None
    embedding_model: str | None = None
    embedding_model_provider: str | None = None
-    retrieval_model: dict[str, Any] | None = Field(default=None)
-    summary_index_setting: dict[str, Any] | None = Field(default=None)
+    retrieval_model: dict[str, Any] | None = None
+    summary_index_setting: dict[str, Any] | None = None
    partial_member_list: list[dict[str, str]] | None = None
-    external_retrieval_model: dict[str, Any] | None = Field(default=None)
+    external_retrieval_model: dict[str, Any] | None = None
    external_knowledge_id: str | None = None
    external_knowledge_api_id: str | None = None
-    icon_info: dict[str, Any] | None = Field(default=None)
+    icon_info: dict[str, Any] | None = None
    is_multimodal: bool | None = False

    @field_validator("indexing_technique")
--- a/api/controllers/console/datasets/datasets_document.py
+++ b/api/controllers/console/datasets/datasets_document.py
@ -10,13 +10,13 @@ from uuid import UUID
 import sqlalchemy as sa
 from flask import request, send_file
 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel, field_validator
+from pydantic import BaseModel, Field, field_validator
 from sqlalchemy import asc, desc, func, select
 from werkzeug.exceptions import Forbidden, NotFound

 import services
 from controllers.common.controller_schemas import DocumentBatchDownloadZipPayload
-from controllers.common.fields import BinaryFileResponse, SimpleResultMessageResponse, SimpleResultResponse, UrlResponse
+from controllers.common.fields import SimpleResultMessageResponse, SimpleResultResponse, UrlResponse
 from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from core.errors.error import (
@ -145,10 +145,6 @@ class DocumentWithSegmentsListResponse(ResponseModel):
    page: int


-class OpaqueObjectResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 register_schema_models(
    console_ns,
    KnowledgeConfig,
@ -162,7 +158,6 @@ register_schema_models(
 )
 register_response_schema_models(
    console_ns,
-    BinaryFileResponse,
    SimpleResultMessageResponse,
    SimpleResultResponse,
    UrlResponse,
@ -172,7 +167,6 @@ register_response_schema_models(
    DocumentWithSegmentsResponse,
    DatasetAndDocumentResponse,
    DocumentWithSegmentsListResponse,
-    OpaqueObjectResponse,
 )


@ -222,7 +216,7 @@ class GetProcessRuleApi(Resource):
    @console_ns.doc("get_process_rule")
    @console_ns.doc(description="Get dataset document processing rules")
    @console_ns.doc(params={"document_id": "Document ID (optional)"})
-    @console_ns.response(200, "Process rules retrieved successfully", console_ns.models[OpaqueObjectResponse.__name__])
+    @console_ns.response(200, "Process rules retrieved successfully")
    @setup_required
    @login_required
    @account_initialization_required
@ -543,11 +537,7 @@ class DocumentIndexingEstimateApi(DocumentResource):
    @console_ns.doc("estimate_document_indexing")
    @console_ns.doc(description="Estimate document indexing cost")
    @console_ns.doc(params={"dataset_id": "Dataset ID", "document_id": "Document ID"})
-    @console_ns.response(
-        200,
-        "Indexing estimate calculated successfully",
-        console_ns.models[OpaqueObjectResponse.__name__],
-    )
+    @console_ns.response(200, "Indexing estimate calculated successfully")
    @console_ns.response(404, "Document not found")
    @console_ns.response(400, "Document already finished")
    @setup_required
@ -616,11 +606,6 @@ class DocumentIndexingEstimateApi(DocumentResource):

@console_ns.route("/datasets/<uuid:dataset_id>/batch/<string:batch>/indexing-estimate")
 class DocumentBatchIndexingEstimateApi(DocumentResource):
-    @console_ns.response(
-        200,
-        "Batch indexing estimate calculated successfully",
-        console_ns.models[OpaqueObjectResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -839,7 +824,7 @@ class DocumentApi(DocumentResource):
            "metadata": "Metadata inclusion (all/only/without)",
        }
    )
-    @console_ns.response(200, "Document retrieved successfully", console_ns.models[OpaqueObjectResponse.__name__])
+    @console_ns.response(200, "Document retrieved successfully")
    @console_ns.response(404, "Document not found")
    @setup_required
    @login_required
@ -981,7 +966,6 @@ class DocumentBatchDownloadZipApi(DocumentResource):

    @console_ns.doc("download_dataset_documents_as_zip")
    @console_ns.doc(description="Download selected dataset documents as a single ZIP archive (upload-file only)")
-    @console_ns.response(200, "ZIP archive generated successfully", console_ns.models[BinaryFileResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -1340,11 +1324,6 @@ class WebsiteDocumentSyncApi(DocumentResource):

@console_ns.route("/datasets/<uuid:dataset_id>/documents/<uuid:document_id>/pipeline-execution-log")
 class DocumentPipelineExecutionLogApi(DocumentResource):
-    @console_ns.response(
-        200,
-        "Document pipeline execution log retrieved successfully",
-        console_ns.models[OpaqueObjectResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -1485,7 +1464,7 @@ class DocumentSummaryStatusApi(DocumentResource):
    @console_ns.doc("get_document_summary_status")
    @console_ns.doc(description="Get summary index generation status for a document")
    @console_ns.doc(params={"dataset_id": "Dataset ID", "document_id": "Document ID"})
-    @console_ns.response(200, "Summary status retrieved successfully", console_ns.models[OpaqueObjectResponse.__name__])
+    @console_ns.response(200, "Summary status retrieved successfully")
    @console_ns.response(404, "Document not found")
    @setup_required
    @login_required
--- a/api/controllers/console/datasets/external.py
+++ b/api/controllers/console/datasets/external.py
@ -1,19 +1,13 @@
-from typing import Any
 from uuid import UUID

 from flask import request
 from flask_restx import Resource, fields, marshal
-from pydantic import BaseModel, Field, RootModel
+from pydantic import BaseModel, Field
 from werkzeug.exceptions import Forbidden, InternalServerError, NotFound

 import services
 from controllers.common.fields import UsageCountResponse
-from controllers.common.schema import (
-    get_or_create_model,
-    query_params_from_model,
-    register_response_schema_models,
-    register_schema_models,
-)
+from controllers.common.schema import get_or_create_model, register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.datasets.error import DatasetNameDuplicateError
 from controllers.console.wraps import (
@ -23,7 +17,6 @@ from controllers.console.wraps import (
    with_current_tenant_id,
    with_current_user,
 )
-from fields.base import ResponseModel
 from fields.dataset_fields import (
    dataset_detail_fields,
    dataset_retrieval_model_fields,
@ -95,15 +88,13 @@ class ExternalDatasetCreatePayload(BaseModel):
    external_knowledge_id: str
    name: str = Field(..., min_length=1, max_length=100)
    description: str | None = Field(None, max_length=400)
-    external_retrieval_model: dict[str, object] | None = Field(default=None)
+    external_retrieval_model: dict[str, object] | None = None


 class ExternalHitTestingPayload(BaseModel):
    query: str
-    external_retrieval_model: dict[str, object] | None = Field(default=None)
-    metadata_filtering_conditions: dict[str, object] | None = Field(
-        default=None,
-    )
+    external_retrieval_model: dict[str, object] | None = None
+    metadata_filtering_conditions: dict[str, object] | None = None


 class BedrockRetrievalPayload(BaseModel):
@ -118,34 +109,6 @@ class ExternalApiTemplateListQuery(BaseModel):
    keyword: str | None = Field(default=None, description="Search keyword")


-class ExternalKnowledgeDatasetBindingResponse(ResponseModel):
-    id: str
-    name: str
-
-
-class ExternalKnowledgeApiResponse(ResponseModel):
-    id: str
-    tenant_id: str
-    name: str
-    description: str
-    settings: dict[str, Any] | None = Field(default=None)
-    dataset_bindings: list[ExternalKnowledgeDatasetBindingResponse] = Field(default_factory=list)
-    created_by: str
-    created_at: str
-
-
-class ExternalKnowledgeApiListResponse(ResponseModel):
-    data: list[ExternalKnowledgeApiResponse]
-    has_more: bool
-    limit: int
-    total: int
-    page: int
-
-
-class ExternalRetrievalTestResponse(RootModel[dict[str, Any] | list[dict[str, Any]]]):
-    root: dict[str, Any] | list[dict[str, Any]]
-
-
 register_schema_models(
    console_ns,
    ExternalKnowledgeApiPayload,
@ -154,24 +117,20 @@ register_schema_models(
    BedrockRetrievalPayload,
    ExternalApiTemplateListQuery,
 )
-register_response_schema_models(
-    console_ns,
-    ExternalKnowledgeApiResponse,
-    ExternalKnowledgeApiListResponse,
-    ExternalRetrievalTestResponse,
-)


@console_ns.route("/datasets/external-knowledge-api")
 class ExternalApiTemplateListApi(Resource):
    @console_ns.doc("get_external_api_templates")
    @console_ns.doc(description="Get external knowledge API templates")
-    @console_ns.doc(params=query_params_from_model(ExternalApiTemplateListQuery))
-    @console_ns.response(
-        200,
-        "External API templates retrieved successfully",
-        console_ns.models[ExternalKnowledgeApiListResponse.__name__],
+    @console_ns.doc(
+        params={
+            "page": "Page number (default: 1)",
+            "limit": "Number of items per page (default: 20)",
+            "keyword": "Search keyword",
+        }
    )
+    @console_ns.response(200, "External API templates retrieved successfully")
    @setup_required
    @login_required
    @with_current_tenant_id
@ -195,11 +154,6 @@ class ExternalApiTemplateListApi(Resource):
    @login_required
    @account_initialization_required
    @console_ns.expect(console_ns.models[ExternalKnowledgeApiPayload.__name__])
-    @console_ns.response(
-        201,
-        "External API template created successfully",
-        console_ns.models[ExternalKnowledgeApiResponse.__name__],
-    )
    @with_current_user
    @with_current_tenant_id
    def post(self, current_tenant_id: str, current_user: Account):
@ -226,11 +180,7 @@ class ExternalApiTemplateApi(Resource):
    @console_ns.doc("get_external_api_template")
    @console_ns.doc(description="Get external knowledge API template details")
    @console_ns.doc(params={"external_knowledge_api_id": "External knowledge API ID"})
-    @console_ns.response(
-        200,
-        "External API template retrieved successfully",
-        console_ns.models[ExternalKnowledgeApiResponse.__name__],
-    )
+    @console_ns.response(200, "External API template retrieved successfully")
    @console_ns.response(404, "Template not found")
    @setup_required
    @login_required
@ -246,11 +196,6 @@ class ExternalApiTemplateApi(Resource):

        return external_knowledge_api.to_dict(), 200

-    @console_ns.response(
-        200,
-        "External API template updated successfully",
-        console_ns.models[ExternalKnowledgeApiResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -348,11 +293,7 @@ class ExternalKnowledgeHitTestingApi(Resource):
    @console_ns.doc(description="Test external knowledge retrieval for dataset")
    @console_ns.doc(params={"dataset_id": "Dataset ID"})
    @console_ns.expect(console_ns.models[ExternalHitTestingPayload.__name__])
-    @console_ns.response(
-        200,
-        "External hit testing completed successfully",
-        console_ns.models[ExternalRetrievalTestResponse.__name__],
-    )
+    @console_ns.response(200, "External hit testing completed successfully")
    @console_ns.response(404, "Dataset not found")
    @console_ns.response(400, "Invalid parameters")
    @setup_required
@ -393,11 +334,7 @@ class BedrockRetrievalApi(Resource):
    @console_ns.doc("bedrock_retrieval_test")
    @console_ns.doc(description="Bedrock retrieval test (internal use only)")
    @console_ns.expect(console_ns.models[BedrockRetrievalPayload.__name__])
-    @console_ns.response(
-        200,
-        "Bedrock retrieval test completed",
-        console_ns.models[ExternalRetrievalTestResponse.__name__],
-    )
+    @console_ns.response(200, "Bedrock retrieval test completed")
    def post(self):
        payload = BedrockRetrievalPayload.model_validate(console_ns.payload or {})

--- a/api/controllers/console/datasets/hit_testing_base.py
+++ b/api/controllers/console/datasets/hit_testing_base.py
@ -32,7 +32,7 @@ logger = logging.getLogger(__name__)
 class HitTestingPayload(BaseModel):
    query: str = Field(max_length=250)
    retrieval_model: RetrievalModel | None = None
-    external_retrieval_model: dict[str, Any] | None = Field(default=None)
+    external_retrieval_model: dict[str, Any] | None = None
    attachment_ids: list[str] | None = None


--- a/api/controllers/console/datasets/rag_pipeline/datasource_auth.py
+++ b/api/controllers/console/datasets/rag_pipeline/datasource_auth.py
@ -6,8 +6,8 @@ from pydantic import BaseModel, Field
 from werkzeug.exceptions import Forbidden, NotFound

 from configs import dify_config
-from controllers.common.fields import RedirectResponse, SimpleResultResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.fields import SimpleResultResponse
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.wraps import (
    account_initialization_required,
@ -16,9 +16,7 @@ from controllers.console.wraps import (
    with_current_tenant_id,
    with_current_user,
 )
-from core.plugin.entities.plugin_daemon import PluginOAuthAuthorizationUrlResponse
 from core.plugin.impl.oauth import OAuthHandler
-from fields.base import ResponseModel
 from graphon.model_runtime.errors.validate import CredentialsValidateFailedError
 from graphon.model_runtime.utils.encoders import jsonable_encoder
 from libs.login import login_required
@ -40,11 +38,11 @@ class DatasourceCredentialDeletePayload(BaseModel):
 class DatasourceCredentialUpdatePayload(BaseModel):
    credential_id: str
    name: str | None = Field(default=None, max_length=100)
-    credentials: dict[str, Any] | None = Field(default=None)
+    credentials: dict[str, Any] | None = None


 class DatasourceCustomClientPayload(BaseModel):
-    client_params: dict[str, Any] | None = Field(default=None)
+    client_params: dict[str, Any] | None = None
    enable_oauth_custom_client: bool | None = None


@ -57,25 +55,8 @@ class DatasourceUpdateNamePayload(BaseModel):
    name: str = Field(max_length=100)


-class DatasourceOAuthAuthorizationQuery(BaseModel):
-    credential_id: str | None = Field(default=None, description="Credential ID to reauthorize")
-
-
-class DatasourceOAuthCallbackQuery(BaseModel):
-    code: str | None = Field(default=None, description="Authorization code from OAuth provider")
-    state: str | None = Field(default=None, description="OAuth state parameter")
-    error: str | None = Field(default=None, description="Error message from OAuth provider")
-    context_id: str | None = Field(default=None, description="OAuth proxy context ID")
-
-
-class DatasourceCredentialsResponse(ResponseModel):
-    result: Any
-
-
 register_schema_models(
    console_ns,
-    DatasourceOAuthAuthorizationQuery,
-    DatasourceOAuthCallbackQuery,
    DatasourceCredentialPayload,
    DatasourceCredentialDeletePayload,
    DatasourceCredentialUpdatePayload,
@ -83,23 +64,11 @@ register_schema_models(
    DatasourceDefaultPayload,
    DatasourceUpdateNamePayload,
 )
-register_response_schema_models(
-    console_ns,
-    DatasourceCredentialsResponse,
-    PluginOAuthAuthorizationUrlResponse,
-    RedirectResponse,
-    SimpleResultResponse,
-)
+register_response_schema_models(console_ns, SimpleResultResponse)


@console_ns.route("/oauth/plugin/<path:provider_id>/datasource/get-authorization-url")
 class DatasourcePluginOAuthAuthorizationUrl(Resource):
-    @console_ns.doc(params=query_params_from_model(DatasourceOAuthAuthorizationQuery))
-    @console_ns.response(
-        200,
-        "Authorization URL retrieved successfully",
-        console_ns.models[PluginOAuthAuthorizationUrlResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -149,12 +118,6 @@ class DatasourcePluginOAuthAuthorizationUrl(Resource):

@console_ns.route("/oauth/plugin/<path:provider_id>/datasource/callback")
 class DatasourceOAuthCallback(Resource):
-    @console_ns.doc(params=query_params_from_model(DatasourceOAuthCallbackQuery))
-    @console_ns.response(
-        302,
-        "Redirect to console OAuth callback page",
-        console_ns.models[RedirectResponse.__name__],
-    )
    @setup_required
    def get(self, provider_id: str):
        context_id = request.cookies.get("context_id") or request.args.get("context_id")
@ -213,7 +176,6 @@ class DatasourceOAuthCallback(Resource):
@console_ns.route("/auth/plugin/datasource/<path:provider_id>")
 class DatasourceAuth(Resource):
    @console_ns.expect(console_ns.models[DatasourceCredentialPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -238,7 +200,6 @@ class DatasourceAuth(Resource):
    @setup_required
    @login_required
    @account_initialization_required
-    @console_ns.response(200, "Success", console_ns.models[DatasourceCredentialsResponse.__name__])
    @with_current_user
    @with_current_tenant_id
    def get(self, current_tenant_id: str, user: Account, provider_id: str):
@ -282,7 +243,6 @@ class DatasourceAuthDeleteApi(Resource):
@console_ns.route("/auth/plugin/datasource/<path:provider_id>/update")
 class DatasourceAuthUpdateApi(Resource):
    @console_ns.expect(console_ns.models[DatasourceCredentialUpdatePayload.__name__])
-    @console_ns.response(201, "Success", console_ns.models[SimpleResultResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -306,7 +266,6 @@ class DatasourceAuthUpdateApi(Resource):

@console_ns.route("/auth/plugin/datasource/list")
 class DatasourceAuthListApi(Resource):
-    @console_ns.response(200, "Success", console_ns.models[DatasourceCredentialsResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -319,7 +278,6 @@ class DatasourceAuthListApi(Resource):

@console_ns.route("/auth/plugin/datasource/default-list")
 class DatasourceHardCodeAuthListApi(Resource):
-    @console_ns.response(200, "Success", console_ns.models[DatasourceCredentialsResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -333,7 +291,6 @@ class DatasourceHardCodeAuthListApi(Resource):
@console_ns.route("/auth/plugin/datasource/<path:provider_id>/custom-client")
 class DatasourceAuthOauthCustomClient(Resource):
    @console_ns.expect(console_ns.models[DatasourceCustomClientPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/datasets/rag_pipeline/datasource_content_preview.py
+++ b/api/controllers/console/datasets/rag_pipeline/datasource_content_preview.py
@ -1,11 +1,9 @@
-from typing import Any
-
 from flask_restx import (  # type: ignore
    Resource,  # type: ignore
 )
-from pydantic import BaseModel, RootModel
+from pydantic import BaseModel

-from controllers.common.schema import register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.datasets.wraps import get_rag_pipeline
 from controllers.console.wraps import account_initialization_required, setup_required, with_current_user
@ -16,23 +14,17 @@ from services.rag_pipeline.rag_pipeline import RagPipelineService


 class Parser(BaseModel):
-    inputs: dict[str, Any]
+    inputs: dict
    datasource_type: str
    credential_id: str | None = None


-class DataSourceContentPreviewResponse(RootModel[Any]):
-    root: Any
-
-
 register_schema_models(console_ns, Parser)
-register_response_schema_models(console_ns, DataSourceContentPreviewResponse)


@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/published/datasource/nodes/<string:node_id>/preview")
 class DataSourceContentPreviewApi(Resource):
    @console_ns.expect(console_ns.models[Parser.__name__])
-    @console_ns.response(200, "Success", console_ns.models[DataSourceContentPreviewResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/datasets/rag_pipeline/rag_pipeline.py
+++ b/api/controllers/console/datasets/rag_pipeline/rag_pipeline.py
@ -74,9 +74,7 @@ class PipelineTemplateDetailResponse(ResponseModel):
 class CustomizedPipelineTemplatePayload(BaseModel):
    name: str = Field(..., min_length=1, max_length=40)
    description: str = Field(default="", max_length=400)
-    icon_info: dict[str, object] = Field(
-        default_factory=lambda: IconInfo(icon="").model_dump(),
-    )
+    icon_info: dict[str, object] = Field(default_factory=lambda: IconInfo(icon="").model_dump())


 register_schema_models(
--- a/api/controllers/console/datasets/rag_pipeline/rag_pipeline_draft_variable.py
+++ b/api/controllers/console/datasets/rag_pipeline/rag_pipeline_draft_variable.py
@ -11,14 +11,13 @@ from sqlalchemy.orm import sessionmaker
 from werkzeug.exceptions import Forbidden

 from controllers.common.errors import InvalidArgumentError, NotFoundError
-from controllers.common.schema import query_params_from_model, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    DraftWorkflowNotExist,
 )
 from controllers.console.app.workflow_draft_variable import (
    _WORKFLOW_DRAFT_VARIABLE_FIELDS,  # type: ignore[private-usage]
-    EnvironmentVariableListResponse,
    workflow_draft_variable_list_model,
    workflow_draft_variable_list_without_value_model,
    workflow_draft_variable_model,
@ -41,9 +40,14 @@ logger = logging.getLogger(__name__)
 _file_access_controller = DatabaseFileAccessController()


-class PaginationQuery(BaseModel):
-    page: int = Field(default=1, ge=1, le=100_000)
-    limit: int = Field(default=20, ge=1, le=100)
+def _create_pagination_parser():
+    class PaginationQuery(BaseModel):
+        page: int = Field(default=1, ge=1, le=100_000)
+        limit: int = Field(default=20, ge=1, le=100)
+
+    register_schema_models(console_ns, PaginationQuery)
+
+    return PaginationQuery


 class WorkflowDraftVariablePatchPayload(BaseModel):
@ -51,7 +55,7 @@ class WorkflowDraftVariablePatchPayload(BaseModel):
    value: Any | None = None


-register_schema_models(console_ns, PaginationQuery, WorkflowDraftVariablePatchPayload)
+register_schema_models(console_ns, WorkflowDraftVariablePatchPayload)


 def _api_prerequisite[T, **P, R](
@ -83,19 +87,14 @@ def _api_prerequisite[T, **P, R](

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/variables")
 class RagPipelineVariableCollectionApi(Resource):
-    @console_ns.doc(params=query_params_from_model(PaginationQuery))
-    @console_ns.response(
-        200,
-        "Workflow variables retrieved successfully",
-        workflow_draft_variable_list_without_value_model,
-    )
    @_api_prerequisite
    @marshal_with(workflow_draft_variable_list_without_value_model)
    def get(self, current_user: Account, pipeline: Pipeline):
        """
        Get draft workflow
        """
-        query = PaginationQuery.model_validate(request.args.to_dict())
+        pagination = _create_pagination_parser()
+        query = pagination.model_validate(request.args.to_dict())

        # fetch draft workflow by app_model
        rag_pipeline_service = RagPipelineService()
@ -117,7 +116,6 @@ class RagPipelineVariableCollectionApi(Resource):

        return workflow_vars

-    @console_ns.response(204, "Workflow variables deleted successfully")
    @_api_prerequisite
    def delete(self, current_user: Account, pipeline: Pipeline):
        draft_var_srv = WorkflowDraftVariableService(
@ -148,7 +146,6 @@ def validate_node_id(node_id: str) -> NoReturn | None:

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/nodes/<string:node_id>/variables")
 class RagPipelineNodeVariableCollectionApi(Resource):
-    @console_ns.response(200, "Node variables retrieved successfully", workflow_draft_variable_list_model)
    @_api_prerequisite
    @marshal_with(workflow_draft_variable_list_model)
    def get(self, current_user: Account, pipeline: Pipeline, node_id: str):
@ -161,7 +158,6 @@ class RagPipelineNodeVariableCollectionApi(Resource):

        return node_vars

-    @console_ns.response(204, "Node variables deleted successfully")
    @_api_prerequisite
    def delete(self, current_user: Account, pipeline: Pipeline, node_id: str):
        validate_node_id(node_id)
@ -176,7 +172,6 @@ class RagPipelineVariableApi(Resource):
    _PATCH_NAME_FIELD = "name"
    _PATCH_VALUE_FIELD = "value"

-    @console_ns.response(200, "Variable retrieved successfully", workflow_draft_variable_model)
    @_api_prerequisite
    @marshal_with(workflow_draft_variable_model)
    def get(self, _current_user: Account, pipeline: Pipeline, variable_id: UUID):
@ -191,7 +186,6 @@ class RagPipelineVariableApi(Resource):
            raise NotFoundError(description=f"variable not found, id={variable_id_str}")
        return variable

-    @console_ns.response(200, "Variable updated successfully", workflow_draft_variable_model)
    @_api_prerequisite
    @marshal_with(workflow_draft_variable_model)
    @console_ns.expect(console_ns.models[WorkflowDraftVariablePatchPayload.__name__])
@ -263,7 +257,6 @@ class RagPipelineVariableApi(Resource):
        db.session.commit()
        return variable

-    @console_ns.response(204, "Variable deleted successfully")
    @_api_prerequisite
    def delete(self, _current_user: Account, pipeline: Pipeline, variable_id: UUID):
        draft_var_srv = WorkflowDraftVariableService(
@ -282,8 +275,6 @@ class RagPipelineVariableApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/variables/<uuid:variable_id>/reset")
 class RagPipelineVariableResetApi(Resource):
-    @console_ns.response(200, "Variable reset successfully", workflow_draft_variable_model)
-    @console_ns.response(204, "Variable reset (no content)")
    @_api_prerequisite
    def put(self, _current_user: Account, pipeline: Pipeline, variable_id: UUID):
        draft_var_srv = WorkflowDraftVariableService(
@ -327,7 +318,6 @@ def _get_variable_list(pipeline: Pipeline, node_id: str, current_user_id: str) -

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/system-variables")
 class RagPipelineSystemVariableCollectionApi(Resource):
-    @console_ns.response(200, "System variables retrieved successfully", workflow_draft_variable_list_model)
    @_api_prerequisite
    @marshal_with(workflow_draft_variable_list_model)
    def get(self, current_user: Account, pipeline: Pipeline):
@ -336,11 +326,6 @@ class RagPipelineSystemVariableCollectionApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/environment-variables")
 class RagPipelineEnvironmentVariableCollectionApi(Resource):
-    @console_ns.response(
-        200,
-        "Environment variables retrieved successfully",
-        console_ns.models[EnvironmentVariableListResponse.__name__],
-    )
    @_api_prerequisite
    def get(self, _current_user: Account, pipeline: Pipeline):
        """
--- a/api/controllers/console/datasets/rag_pipeline/rag_pipeline_workflow.py
+++ b/api/controllers/console/datasets/rag_pipeline/rag_pipeline_workflow.py
@ -5,14 +5,14 @@ from uuid import UUID

 from flask import abort, request
 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel, ValidationError
+from pydantic import BaseModel, Field, ValidationError
 from sqlalchemy.orm import sessionmaker
 from werkzeug.exceptions import BadRequest, Forbidden, InternalServerError, NotFound

 import services
 from controllers.common.controller_schemas import DefaultBlockConfigQuery, WorkflowListQuery, WorkflowUpdatePayload
 from controllers.common.fields import SimpleResultResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    ConversationCompletedError,
@ -21,8 +21,6 @@ from controllers.console.app.error import (
 )
 from controllers.console.app.workflow import (
    RESTORE_SOURCE_WORKFLOW_MUST_BE_PUBLISHED_MESSAGE,
-    DefaultBlockConfigResponse,
-    DefaultBlockConfigsResponse,
    WorkflowPaginationResponse,
    WorkflowResponse,
 )
@ -69,14 +67,14 @@ logger = logging.getLogger(__name__)
 class DraftWorkflowSyncPayload(BaseModel):
    graph: dict[str, Any]
    hash: str | None = None
-    environment_variables: list[dict[str, Any]] | None = Field(default=None)
-    conversation_variables: list[dict[str, Any]] | None = Field(default=None)
-    rag_pipeline_variables: list[dict[str, Any]] | None = Field(default=None)
-    features: dict[str, Any] | None = Field(default=None)
+    environment_variables: list[dict[str, Any]] | None = None
+    conversation_variables: list[dict[str, Any]] | None = None
+    rag_pipeline_variables: list[dict[str, Any]] | None = None
+    features: dict[str, Any] | None = None


 class NodeRunPayload(BaseModel):
-    inputs: dict[str, Any] | None = Field(default=None)
+    inputs: dict[str, Any] | None = None


 class NodeRunRequiredPayload(BaseModel):
@ -133,14 +131,6 @@ class RagPipelineWorkflowPublishResponse(ResponseModel):
    created_at: int


-class RagPipelineOpaqueResponse(RootModel[Any]):
-    root: Any
-
-
-class RagPipelineStepParametersResponse(ResponseModel):
-    variables: Any
-
-
 register_schema_models(
    console_ns,
    DraftWorkflowSyncPayload,
@ -159,10 +149,6 @@ register_schema_models(
 )
 register_response_schema_models(
    console_ns,
-    DefaultBlockConfigResponse,
-    DefaultBlockConfigsResponse,
-    RagPipelineOpaqueResponse,
-    RagPipelineStepParametersResponse,
    RagPipelineWorkflowPublishResponse,
    RagPipelineWorkflowSyncResponse,
    SimpleResultResponse,
@ -206,7 +192,6 @@ class DraftRagPipelineApi(Resource):
    @with_current_user
    @get_rag_pipeline
    @edit_permission_required
-    @console_ns.expect(console_ns.models[DraftWorkflowSyncPayload.__name__])
    @console_ns.response(200, "Success", console_ns.models[RagPipelineWorkflowSyncResponse.__name__])
    def post(self, current_user: Account, pipeline: Pipeline):
        """
@ -259,7 +244,6 @@ class DraftRagPipelineApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/iteration/nodes/<string:node_id>/run")
 class RagPipelineDraftRunIterationNodeApi(Resource):
    @console_ns.expect(console_ns.models[NodeRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -293,7 +277,6 @@ class RagPipelineDraftRunIterationNodeApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/loop/nodes/<string:node_id>/run")
 class RagPipelineDraftRunLoopNodeApi(Resource):
    @console_ns.expect(console_ns.models[NodeRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -327,7 +310,6 @@ class RagPipelineDraftRunLoopNodeApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/run")
 class DraftRagPipelineRunApi(Resource):
    @console_ns.expect(console_ns.models[DraftWorkflowRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -358,7 +340,6 @@ class DraftRagPipelineRunApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/published/run")
 class PublishedRagPipelineRunApi(Resource):
    @console_ns.expect(console_ns.models[PublishedWorkflowRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -390,7 +371,6 @@ class PublishedRagPipelineRunApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/published/datasource/nodes/<string:node_id>/run")
 class RagPipelinePublishedDatasourceNodeRunApi(Resource):
    @console_ns.expect(console_ns.models[DatasourceNodeRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -422,7 +402,6 @@ class RagPipelinePublishedDatasourceNodeRunApi(Resource):
@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/datasource/nodes/<string:node_id>/run")
 class RagPipelineDraftDatasourceNodeRunApi(Resource):
    @console_ns.expect(console_ns.models[DatasourceNodeRunPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @edit_permission_required
@ -562,11 +541,6 @@ class PublishedRagPipelineApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/default-workflow-block-configs")
 class DefaultRagPipelineBlockConfigsApi(Resource):
-    @console_ns.response(
-        200,
-        "Default block configs retrieved successfully",
-        console_ns.models[DefaultBlockConfigsResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -583,12 +557,6 @@ class DefaultRagPipelineBlockConfigsApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/default-workflow-block-configs/<string:block_type>")
 class DefaultRagPipelineBlockConfigApi(Resource):
-    @console_ns.doc(params=query_params_from_model(DefaultBlockConfigQuery))
-    @console_ns.response(
-        200,
-        "Default block config retrieved successfully",
-        console_ns.models[DefaultBlockConfigResponse.__name__],
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -614,7 +582,6 @@ class DefaultRagPipelineBlockConfigApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows")
 class PublishedAllRagPipelineApi(Resource):
-    @console_ns.doc(params=query_params_from_model(WorkflowListQuery))
    @console_ns.response(
        200,
        "Published workflows retrieved successfully",
@ -706,7 +673,6 @@ class RagPipelineByIdApi(Resource):
    @edit_permission_required
    @with_current_user
    @get_rag_pipeline
-    @console_ns.expect(console_ns.models[WorkflowUpdatePayload.__name__])
    def patch(self, current_user: Account, pipeline: Pipeline, workflow_id: str):
        """
        Update workflow attributes
@ -768,8 +734,6 @@ class RagPipelineByIdApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/published/processing/parameters")
 class PublishedRagPipelineSecondStepApi(Resource):
-    @console_ns.doc(params=query_params_from_model(NodeIdQuery))
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineStepParametersResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -790,8 +754,6 @@ class PublishedRagPipelineSecondStepApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/published/pre-processing/parameters")
 class PublishedRagPipelineFirstStepApi(Resource):
-    @console_ns.doc(params=query_params_from_model(NodeIdQuery))
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineStepParametersResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -812,8 +774,6 @@ class PublishedRagPipelineFirstStepApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/pre-processing/parameters")
 class DraftRagPipelineFirstStepApi(Resource):
-    @console_ns.doc(params=query_params_from_model(NodeIdQuery))
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineStepParametersResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -834,8 +794,6 @@ class DraftRagPipelineFirstStepApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflows/draft/processing/parameters")
 class DraftRagPipelineSecondStepApi(Resource):
-    @console_ns.doc(params=query_params_from_model(NodeIdQuery))
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineStepParametersResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -857,7 +815,6 @@ class DraftRagPipelineSecondStepApi(Resource):

@console_ns.route("/rag/pipelines/<uuid:pipeline_id>/workflow-runs")
 class RagPipelineWorkflowRunListApi(Resource):
-    @console_ns.doc(params=query_params_from_model(WorkflowRunQuery))
    @console_ns.response(
        200,
        "Workflow runs retrieved successfully",
@ -946,7 +903,6 @@ class RagPipelineWorkflowRunNodeExecutionListApi(Resource):

@console_ns.route("/rag/pipelines/datasource-plugins")
 class DatasourceListApi(Resource):
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -983,7 +939,6 @@ class RagPipelineWorkflowLastRunApi(Resource):

@console_ns.route("/rag/pipelines/transform/datasets/<uuid:dataset_id>")
 class RagPipelineTransformApi(Resource):
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
@ -1031,8 +986,6 @@ class RagPipelineDatasourceVariableApi(Resource):

@console_ns.route("/rag/pipelines/recommended-plugins")
 class RagPipelineRecommendedPluginApi(Resource):
-    @console_ns.doc(params=query_params_from_model(RagPipelineRecommendedPluginQuery))
-    @console_ns.response(200, "Success", console_ns.models[RagPipelineOpaqueResponse.__name__])
    @setup_required
    @login_required
    @account_initialization_required
--- a/api/controllers/console/datasets/website.py
+++ b/api/controllers/console/datasets/website.py
@ -1,10 +1,10 @@
-from typing import Any, Literal
+from typing import Literal

 from flask import request
 from flask_restx import Resource
-from pydantic import BaseModel, RootModel
+from pydantic import BaseModel

-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_schema_models
 from controllers.console import console_ns
 from controllers.console.datasets.error import WebsiteCrawlError
 from controllers.console.wraps import account_initialization_required, setup_required
@ -22,12 +22,7 @@ class WebsiteCrawlStatusQuery(BaseModel):
    provider: Literal["firecrawl", "watercrawl", "jinareader"]


-class WebsiteCrawlResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 register_schema_models(console_ns, WebsiteCrawlPayload, WebsiteCrawlStatusQuery)
-register_response_schema_models(console_ns, WebsiteCrawlResponse)


@console_ns.route("/website/crawl")
@ -35,7 +30,7 @@ class WebsiteCrawlApi(Resource):
    @console_ns.doc("crawl_website")
    @console_ns.doc(description="Crawl website content")
    @console_ns.expect(console_ns.models[WebsiteCrawlPayload.__name__])
-    @console_ns.response(200, "Website crawl initiated successfully", console_ns.models[WebsiteCrawlResponse.__name__])
+    @console_ns.response(200, "Website crawl initiated successfully")
    @console_ns.response(400, "Invalid crawl parameters")
    @setup_required
    @login_required
@ -62,8 +57,8 @@ class WebsiteCrawlStatusApi(Resource):
    @console_ns.doc("get_crawl_status")
    @console_ns.doc(description="Get website crawl status")
    @console_ns.doc(params={"job_id": "Crawl job ID", "provider": "Crawl provider (firecrawl/watercrawl/jinareader)"})
-    @console_ns.doc(params=query_params_from_model(WebsiteCrawlStatusQuery))
-    @console_ns.response(200, "Crawl status retrieved successfully", console_ns.models[WebsiteCrawlResponse.__name__])
+    @console_ns.expect(console_ns.models[WebsiteCrawlStatusQuery.__name__])
+    @console_ns.response(200, "Crawl status retrieved successfully")
    @console_ns.response(404, "Crawl job not found")
    @console_ns.response(400, "Invalid provider")
    @setup_required
--- a/api/controllers/console/explore/audio.py
+++ b/api/controllers/console/explore/audio.py
@ -5,8 +5,7 @@ from werkzeug.exceptions import InternalServerError

 import services
 from controllers.common.controller_schemas import TextToAudioPayload
-from controllers.common.fields import AudioBinaryResponse, AudioTranscriptResponse
-from controllers.common.schema import register_response_schema_models, register_schema_model
+from controllers.common.schema import register_schema_model
 from controllers.console.app.error import (
    AppUnavailableError,
    AudioTooLargeError,
@ -35,7 +34,6 @@ from .. import console_ns
 logger = logging.getLogger(__name__)

 register_schema_model(console_ns, TextToAudioPayload)
-register_response_schema_models(console_ns, AudioBinaryResponse, AudioTranscriptResponse)


@console_ns.route(
@ -43,7 +41,6 @@ register_response_schema_models(console_ns, AudioBinaryResponse, AudioTranscript
    endpoint="installed_app_audio",
 )
 class ChatAudioApi(InstalledAppResource):
-    @console_ns.response(200, "Success", console_ns.models[AudioTranscriptResponse.__name__])
    def post(self, installed_app: InstalledApp):
        app_model = installed_app.app
        if app_model is None:
@ -87,7 +84,6 @@ class ChatAudioApi(InstalledAppResource):
 )
 class ChatTextApi(InstalledAppResource):
    @console_ns.expect(console_ns.models[TextToAudioPayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[AudioBinaryResponse.__name__])
    def post(self, installed_app: InstalledApp):
        app_model = installed_app.app
        if app_model is None:
--- a/api/controllers/console/explore/banner.py
+++ b/api/controllers/console/explore/banner.py
@ -1,44 +1,17 @@
-from typing import Any, cast
-
 from flask import request
-from flask_restx import Namespace, Resource
-from pydantic import BaseModel, Field, RootModel
+from flask_restx import Resource
 from sqlalchemy import select

-from controllers.common.schema import query_params_from_model, register_response_schema_models
 from controllers.console import api
 from controllers.console.explore.wraps import explore_banner_enabled
 from extensions.ext_database import db
-from fields.base import ResponseModel
 from models.enums import BannerStatus
 from models.model import ExporleBanner


-class BannerListQuery(BaseModel):
-    language: str = Field(default="en-US", description="Banner language")
-
-
-class BannerResponse(ResponseModel):
-    id: str
-    content: Any
-    link: str | None = None
-    sort: int
-    status: str
-    created_at: str | None = None
-
-
-class BannerListResponse(RootModel[list[BannerResponse]]):
-    root: list[BannerResponse]
-
-
-register_response_schema_models(cast(Namespace, api), BannerListResponse)
-
-
 class BannerApi(Resource):
    """Resource for banner list."""

-    @api.doc(params=query_params_from_model(BannerListQuery))
-    @api.response(200, "Success", api.models[BannerListResponse.__name__])
    @explore_banner_enabled
    def get(self):
        """Get banner list."""
--- a/api/controllers/console/explore/completion.py
+++ b/api/controllers/console/explore/completion.py
@ -6,7 +6,7 @@ from pydantic import BaseModel, Field, field_validator
 from werkzeug.exceptions import InternalServerError, NotFound

 import services
-from controllers.common.fields import GeneratedAppResponse, SimpleResultResponse
+from controllers.common.fields import SimpleResultResponse
 from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console.app.error import (
    AppUnavailableError,
@ -44,7 +44,7 @@ logger = logging.getLogger(__name__)
 class CompletionMessageExplorePayload(BaseModel):
    inputs: dict[str, Any]
    query: str = ""
-    files: list[dict[str, Any]] | None = Field(default=None)
+    files: list[dict[str, Any]] | None = None
    response_mode: Literal["blocking", "streaming"] | None = None
    retriever_from: str = Field(default="explore_app")

@ -52,7 +52,7 @@ class CompletionMessageExplorePayload(BaseModel):
 class ChatMessagePayload(BaseModel):
    inputs: dict[str, Any]
    query: str
-    files: list[dict[str, Any]] | None = Field(default=None)
+    files: list[dict[str, Any]] | None = None
    conversation_id: str | None = None
    parent_message_id: str | None = None
    retriever_from: str = Field(default="explore_app")
@ -73,7 +73,7 @@ class ChatMessagePayload(BaseModel):


 register_schema_models(console_ns, CompletionMessageExplorePayload, ChatMessagePayload)
-register_response_schema_models(console_ns, GeneratedAppResponse, SimpleResultResponse)
+register_response_schema_models(console_ns, SimpleResultResponse)


 # define completion api for user
@ -83,7 +83,6 @@ register_response_schema_models(console_ns, GeneratedAppResponse, SimpleResultRe
 )
 class CompletionApi(InstalledAppResource):
    @console_ns.expect(console_ns.models[CompletionMessageExplorePayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
    @with_current_user
    def post(self, current_user: Account, installed_app: InstalledApp):
        app_model = installed_app.app
@ -159,7 +158,6 @@ class CompletionStopApi(InstalledAppResource):
 )
 class ChatApi(InstalledAppResource):
    @console_ns.expect(console_ns.models[ChatMessagePayload.__name__])
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
    @with_current_user
    def post(self, current_user: Account, installed_app: InstalledApp):
        app_model = installed_app.app
--- a/api/controllers/console/explore/conversation.py
+++ b/api/controllers/console/explore/conversation.py
@ -7,7 +7,7 @@ from sqlalchemy.orm import sessionmaker
 from werkzeug.exceptions import NotFound

 from controllers.common.controller_schemas import ConversationRenamePayload
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console.app.error import AppUnavailableError
 from controllers.console.explore.error import NotChatAppError
 from controllers.console.explore.wraps import InstalledAppResource
@ -36,12 +36,7 @@ class ConversationListQuery(BaseModel):


 register_schema_models(console_ns, ConversationListQuery, ConversationRenamePayload)
-register_response_schema_models(
-    console_ns,
-    ConversationInfiniteScrollPagination,
-    ResultResponse,
-    SimpleConversation,
-)
+register_response_schema_models(console_ns, ResultResponse)


@console_ns.route(
@ -49,8 +44,7 @@ register_response_schema_models(
    endpoint="installed_app_conversations",
 )
 class ConversationListApi(InstalledAppResource):
-    @console_ns.doc(params=query_params_from_model(ConversationListQuery))
-    @console_ns.response(200, "Success", console_ns.models[ConversationInfiniteScrollPagination.__name__])
+    @console_ns.expect(console_ns.models[ConversationListQuery.__name__])
    @with_current_user
    def get(self, current_user: Account, installed_app: InstalledApp):
        app_model = installed_app.app
@ -124,7 +118,6 @@ class ConversationApi(InstalledAppResource):
 )
 class ConversationRenameApi(InstalledAppResource):
    @console_ns.expect(console_ns.models[ConversationRenamePayload.__name__])
-    @console_ns.response(200, "Conversation renamed successfully", console_ns.models[SimpleConversation.__name__])
    @with_current_user
    def post(self, current_user: Account, installed_app: InstalledApp, c_id: UUID):
        app_model = installed_app.app
--- a/api/controllers/console/explore/installed_app.py
+++ b/api/controllers/console/explore/installed_app.py
@ -9,7 +9,7 @@ from sqlalchemy import and_, exists, or_, select
 from werkzeug.exceptions import BadRequest, Forbidden, NotFound

 from controllers.common.fields import SimpleMessageResponse, SimpleResultMessageResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.explore.wraps import InstalledAppResource
 from controllers.console.wraps import (
@ -153,7 +153,6 @@ register_response_schema_models(console_ns, SimpleMessageResponse, SimpleResultM
 class InstalledAppsListApi(Resource):
    @login_required
    @account_initialization_required
-    @console_ns.doc(params=query_params_from_model(InstalledAppsListQuery))
    @console_ns.response(200, "Success", console_ns.models[InstalledAppListResponse.__name__])
    @with_current_user
    @with_current_tenant_id
@ -235,7 +234,6 @@ class InstalledAppsListApi(Resource):
    @login_required
    @account_initialization_required
    @cloud_edition_billing_resource_check("apps")
-    @console_ns.expect(console_ns.models[InstalledAppCreatePayload.__name__])
    @console_ns.response(200, "Success", console_ns.models[SimpleMessageResponse.__name__])
    @with_current_tenant_id
    def post(self, current_tenant_id: str):
@ -297,7 +295,6 @@ class InstalledAppApi(InstalledAppResource):
        return "", 204

    @console_ns.response(200, "Success", console_ns.models[SimpleResultMessageResponse.__name__])
-    @console_ns.expect(console_ns.models[InstalledAppUpdatePayload.__name__])
    def patch(self, installed_app: InstalledApp):
        payload = InstalledAppUpdatePayload.model_validate(console_ns.payload or {})

--- a/api/controllers/console/explore/message.py
+++ b/api/controllers/console/explore/message.py
@ -7,8 +7,7 @@ from pydantic import BaseModel, TypeAdapter
 from werkzeug.exceptions import InternalServerError, NotFound

 from controllers.common.controller_schemas import MessageFeedbackPayload, MessageListQuery
-from controllers.common.fields import GeneratedAppResponse
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console.app.error import (
    AppMoreLikeThisDisabledError,
    AppUnavailableError,
@ -53,13 +52,7 @@ class MoreLikeThisQuery(BaseModel):


 register_schema_models(console_ns, MessageListQuery, MessageFeedbackPayload, MoreLikeThisQuery)
-register_response_schema_models(
-    console_ns,
-    GeneratedAppResponse,
-    MessageInfiniteScrollPagination,
-    ResultResponse,
-    SuggestedQuestionsResponse,
-)
+register_response_schema_models(console_ns, ResultResponse, SuggestedQuestionsResponse)


@console_ns.route(
@ -67,8 +60,7 @@ register_response_schema_models(
    endpoint="installed_app_messages",
 )
 class MessageListApi(InstalledAppResource):
-    @console_ns.doc(params=query_params_from_model(MessageListQuery))
-    @console_ns.response(200, "Success", console_ns.models[MessageInfiniteScrollPagination.__name__])
+    @console_ns.expect(console_ns.models[MessageListQuery.__name__])
    @with_current_user
    def get(self, current_user: Account, installed_app: InstalledApp):
        app_model = installed_app.app
@ -137,8 +129,7 @@ class MessageFeedbackApi(InstalledAppResource):
    endpoint="installed_app_more_like_this",
 )
 class MessageMoreLikeThisApi(InstalledAppResource):
-    @console_ns.doc(params=query_params_from_model(MoreLikeThisQuery))
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
+    @console_ns.expect(console_ns.models[MoreLikeThisQuery.__name__])
    @with_current_user
    def get(self, current_user: Account, installed_app: InstalledApp, message_id: UUID):
        app_model = installed_app.app
--- a/api/controllers/console/explore/parameter.py
+++ b/api/controllers/console/explore/parameter.py
@ -1,9 +1,6 @@
 from typing import Any, cast

-from pydantic import BaseModel, Field
-
 from controllers.common import fields
-from controllers.common.schema import register_response_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import AppUnavailableError
 from controllers.console.explore.wraps import InstalledAppResource
@ -12,18 +9,10 @@ from models.model import AppMode, InstalledApp
 from services.app_service import AppService


-class ExploreAppMetaResponse(BaseModel):
-    tool_icons: dict[str, Any] = Field(default_factory=dict)
-
-
-register_response_schema_models(console_ns, fields.Parameters, ExploreAppMetaResponse)
-
-
@console_ns.route("/installed-apps/<uuid:installed_app_id>/parameters", endpoint="installed_app_parameters")
 class AppParameterApi(InstalledAppResource):
    """Resource for app variables."""

-    @console_ns.response(200, "Success", console_ns.models[fields.Parameters.__name__])
    def get(self, installed_app: InstalledApp):
        """Retrieve app parameters."""
        app_model = installed_app.app
@ -53,7 +42,6 @@ class AppParameterApi(InstalledAppResource):

@console_ns.route("/installed-apps/<uuid:installed_app_id>/meta", endpoint="installed_app_meta")
 class ExploreAppMetaApi(InstalledAppResource):
-    @console_ns.response(200, "Success", console_ns.models[ExploreAppMetaResponse.__name__])
    def get(self, installed_app: InstalledApp):
        """Get app meta"""
        app_model = installed_app.app
--- a/api/controllers/console/explore/recommended_app.py
+++ b/api/controllers/console/explore/recommended_app.py
@ -3,13 +3,12 @@ from uuid import UUID

 from flask import request
 from flask_restx import Resource
-from pydantic import BaseModel, Field, RootModel, computed_field, field_validator
+from pydantic import BaseModel, Field, computed_field, field_validator

 from constants.languages import languages
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import query_params_from_model, register_schema_models
 from controllers.console import console_ns
 from controllers.console.wraps import account_initialization_required, with_current_user
-from extensions.ext_database import db
 from fields.base import ResponseModel
 from libs.helper import build_icon_url
 from libs.login import login_required
@ -66,31 +65,13 @@ class RecommendedAppListResponse(ResponseModel):
    categories: list[str]


-class LearnDifyAppListResponse(ResponseModel):
-    recommended_apps: list[RecommendedAppResponse]
-
-
-class RecommendedAppDetailResponse(RootModel[dict[str, Any]]):
-    root: dict[str, Any]
-
-
 register_schema_models(
    console_ns,
    RecommendedAppsQuery,
    RecommendedAppInfoResponse,
    RecommendedAppResponse,
    RecommendedAppListResponse,
-    LearnDifyAppListResponse,
 )
-register_response_schema_models(console_ns, RecommendedAppDetailResponse)
-
-
-def _resolve_language(language: str | None, user: Account) -> str:
-    if language and language in languages:
-        return language
-    if user.interface_language:
-        return user.interface_language
-    return languages[0]


@console_ns.route("/explore/apps")
@ -103,35 +84,23 @@ class RecommendedAppListApi(Resource):
    def get(self, current_user: Account):
        # language args
        args = RecommendedAppsQuery.model_validate(request.args.to_dict(flat=True))
-        language_prefix = _resolve_language(args.language, current_user)
+        language = args.language
+        if language and language in languages:
+            language_prefix = language
+        elif current_user.interface_language:
+            language_prefix = current_user.interface_language
+        else:
+            language_prefix = languages[0]

        return RecommendedAppListResponse.model_validate(
-            RecommendedAppService.get_recommended_apps_and_categories(db.session, language_prefix),
-            from_attributes=True,
-        ).model_dump(mode="json")
-
-
-@console_ns.route("/explore/apps/learn-dify")
-class LearnDifyAppListApi(Resource):
-    @console_ns.doc(params=query_params_from_model(RecommendedAppsQuery))
-    @console_ns.response(200, "Success", console_ns.models[LearnDifyAppListResponse.__name__])
-    @login_required
-    @account_initialization_required
-    @with_current_user
-    def get(self, current_user: Account):
-        args = RecommendedAppsQuery.model_validate(request.args.to_dict(flat=True))
-        language_prefix = _resolve_language(args.language, current_user)
-
-        return LearnDifyAppListResponse.model_validate(
-            RecommendedAppService.get_learn_dify_apps(db.session, language_prefix),
+            RecommendedAppService.get_recommended_apps_and_categories(language_prefix),
            from_attributes=True,
        ).model_dump(mode="json")


@console_ns.route("/explore/apps/<uuid:app_id>")
 class RecommendedAppApi(Resource):
-    @console_ns.response(200, "Success", console_ns.models[RecommendedAppDetailResponse.__name__])
    @login_required
    @account_initialization_required
    def get(self, app_id: UUID):
-        return RecommendedAppService.get_recommend_app_detail(db.session, str(app_id))
+        return RecommendedAppService.get_recommend_app_detail(str(app_id))
--- a/api/controllers/console/explore/saved_message.py
+++ b/api/controllers/console/explore/saved_message.py
@ -5,7 +5,7 @@ from pydantic import TypeAdapter
 from werkzeug.exceptions import NotFound

 from controllers.common.controller_schemas import SavedMessageCreatePayload, SavedMessageListQuery
-from controllers.common.schema import query_params_from_model, register_response_schema_models, register_schema_models
+from controllers.common.schema import register_response_schema_models, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import AppUnavailableError
 from controllers.console.explore.error import NotCompletionAppError
@ -19,13 +19,12 @@ from services.errors.message import MessageNotExistsError
 from services.saved_message_service import SavedMessageService

 register_schema_models(console_ns, SavedMessageListQuery, SavedMessageCreatePayload)
-register_response_schema_models(console_ns, ResultResponse, SavedMessageInfiniteScrollPagination)
+register_response_schema_models(console_ns, ResultResponse)


@console_ns.route("/installed-apps/<uuid:installed_app_id>/saved-messages", endpoint="installed_app_saved_messages")
 class SavedMessageListApi(InstalledAppResource):
-    @console_ns.doc(params=query_params_from_model(SavedMessageListQuery))
-    @console_ns.response(200, "Success", console_ns.models[SavedMessageInfiniteScrollPagination.__name__])
+    @console_ns.expect(console_ns.models[SavedMessageListQuery.__name__])
    @with_current_user
    def get(self, current_user: Account, installed_app: InstalledApp):
        app_model = installed_app.app
--- a/api/controllers/console/explore/trial.py
+++ b/api/controllers/console/explore/trial.py
@ -3,25 +3,14 @@ from typing import Any, Literal, cast

 from flask import request
 from flask_restx import Resource, fields, marshal, marshal_with
-from pydantic import BaseModel, Field
+from pydantic import BaseModel
 from sqlalchemy import select
 from werkzeug.exceptions import Forbidden, InternalServerError, NotFound

 import services
-from controllers.common.fields import (
-    AudioBinaryResponse,
-    AudioTranscriptResponse,
-    GeneratedAppResponse,
-    SimpleResultResponse,
-)
 from controllers.common.fields import Parameters as ParametersResponse
 from controllers.common.fields import Site as SiteResponse
-from controllers.common.schema import (
-    get_or_create_model,
-    query_params_from_model,
-    register_response_schema_models,
-    register_schema_models,
-)
+from controllers.common.schema import get_or_create_model, register_schema_models
 from controllers.console import console_ns
 from controllers.console.app.error import (
    AppUnavailableError,
@ -65,7 +54,6 @@ from fields.app_fields import (
 )
 from fields.dataset_fields import dataset_fields
 from fields.member_fields import simple_account_fields
-from fields.message_fields import SuggestedQuestionsResponse
 from fields.workflow_fields import (
    conversation_variable_fields,
    pipeline_variable_fields,
@ -131,28 +119,16 @@ workflow_fields_copy["conversation_variables"] = fields.List(fields.Nested(conve
 workflow_fields_copy["rag_pipeline_variables"] = fields.List(fields.Nested(pipeline_variable_model))
 workflow_model = get_or_create_model("TrialWorkflow", workflow_fields_copy)

-dataset_model = get_or_create_model("TrialDataset", dataset_fields)
-dataset_list_model = get_or_create_model(
-    "TrialDatasetList",
-    {
-        "data": fields.List(fields.Nested(dataset_model)),
-        "has_more": fields.Boolean,
-        "limit": fields.Integer,
-        "total": fields.Integer,
-        "page": fields.Integer,
-    },
-)
-

 class WorkflowRunRequest(BaseModel):
    inputs: dict
-    files: list | None = Field(default=None)
+    files: list | None = None


 class ChatRequest(BaseModel):
    inputs: dict
    query: str
-    files: list | None = Field(default=None)
+    files: list | None = None
    conversation_id: str | None = None
    parent_message_id: str | None = None
    retriever_from: str = "explore_app"
@ -168,41 +144,17 @@ class TextToSpeechRequest(BaseModel):
 class CompletionRequest(BaseModel):
    inputs: dict
    query: str = ""
-    files: list | None = Field(default=None)
+    files: list | None = None
    response_mode: Literal["blocking", "streaming"] | None = None
    retriever_from: str = "explore_app"


-class TrialDatasetListQuery(BaseModel):
-    page: int = Field(default=1, ge=1, description="Page number")
-    limit: int = Field(default=20, ge=1, description="Number of items per page")
-    ids: list[str] = Field(default_factory=list, description="Dataset IDs")
-
-
-register_schema_models(
-    console_ns,
-    WorkflowRunRequest,
-    ChatRequest,
-    TextToSpeechRequest,
-    CompletionRequest,
-    TrialDatasetListQuery,
-)
-register_response_schema_models(
-    console_ns,
-    ParametersResponse,
-    AudioBinaryResponse,
-    AudioTranscriptResponse,
-    GeneratedAppResponse,
-    SimpleResultResponse,
-    SiteResponse,
-    SuggestedQuestionsResponse,
-)
+register_schema_models(console_ns, WorkflowRunRequest, ChatRequest, TextToSpeechRequest, CompletionRequest)


 class TrialAppWorkflowRunApi(TrialAppResource):
    @trial_feature_enable
    @console_ns.expect(console_ns.models[WorkflowRunRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
    @with_current_user
    def post(self, current_user: Account, trial_app):
        """
@ -223,7 +175,7 @@ class TrialAppWorkflowRunApi(TrialAppResource):
            response = AppGenerateService.generate(
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=True
            )
-            RecommendedAppService.add_trial_app_record(db.session, app_id, user_id)
+            RecommendedAppService.add_trial_app_record(app_id, user_id)
            return helper.compact_generate_response(response)
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -243,7 +195,6 @@ class TrialAppWorkflowRunApi(TrialAppResource):


 class TrialAppWorkflowTaskStopApi(TrialAppResource):
-    @console_ns.response(200, "Success", console_ns.models[SimpleResultResponse.__name__])
    @trial_feature_enable
    def post(self, trial_app, task_id: str):
        """
@ -268,7 +219,6 @@ class TrialAppWorkflowTaskStopApi(TrialAppResource):

 class TrialChatApi(TrialAppResource):
    @console_ns.expect(console_ns.models[ChatRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
    @trial_feature_enable
    @with_current_user
    def post(self, current_user: Account, trial_app):
@ -296,7 +246,7 @@ class TrialChatApi(TrialAppResource):
            response = AppGenerateService.generate(
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=True
            )
-            RecommendedAppService.add_trial_app_record(db.session, app_id, user_id)
+            RecommendedAppService.add_trial_app_record(app_id, user_id)
            return helper.compact_generate_response(response)
        except services.errors.conversation.ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -323,7 +273,6 @@ class TrialChatApi(TrialAppResource):


 class TrialMessageSuggestedQuestionApi(TrialAppResource):
-    @console_ns.response(200, "Success", console_ns.models[SuggestedQuestionsResponse.__name__])
    @with_current_user
    def get(self, current_user: Account, trial_app, message_id):
        app_model = trial_app
@ -359,7 +308,6 @@ class TrialMessageSuggestedQuestionApi(TrialAppResource):


 class TrialChatAudioApi(TrialAppResource):
-    @console_ns.response(200, "Success", console_ns.models[AudioTranscriptResponse.__name__])
    @trial_feature_enable
    @with_current_user
    def post(self, current_user: Account, trial_app):
@ -373,7 +321,7 @@ class TrialChatAudioApi(TrialAppResource):
            user_id = current_user.id

            response = AudioService.transcript_asr(app_model=app_model, file=file, end_user=None)
-            RecommendedAppService.add_trial_app_record(db.session, app_id, user_id)
+            RecommendedAppService.add_trial_app_record(app_id, user_id)
            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
            logger.exception("App model config broken.")
@ -403,7 +351,6 @@ class TrialChatAudioApi(TrialAppResource):

 class TrialChatTextApi(TrialAppResource):
    @console_ns.expect(console_ns.models[TextToSpeechRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[AudioBinaryResponse.__name__])
    @trial_feature_enable
    @with_current_user
    def post(self, current_user: Account, trial_app):
@ -420,7 +367,7 @@ class TrialChatTextApi(TrialAppResource):
            user_id = current_user.id

            response = AudioService.transcript_tts(app_model=app_model, text=text, voice=voice, message_id=message_id)
-            RecommendedAppService.add_trial_app_record(db.session, app_id, user_id)
+            RecommendedAppService.add_trial_app_record(app_id, user_id)
            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
            logger.exception("App model config broken.")
@ -450,7 +397,6 @@ class TrialChatTextApi(TrialAppResource):

 class TrialCompletionApi(TrialAppResource):
    @console_ns.expect(console_ns.models[CompletionRequest.__name__])
-    @console_ns.response(200, "Success", console_ns.models[GeneratedAppResponse.__name__])
    @trial_feature_enable
    @with_current_user
    def post(self, current_user: Account, trial_app):
@ -473,7 +419,7 @@ class TrialCompletionApi(TrialAppResource):
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=streaming
            )

-            RecommendedAppService.add_trial_app_record(db.session, app_id, user_id)
+            RecommendedAppService.add_trial_app_record(app_id, user_id)
            return helper.compact_generate_response(response)
        except services.errors.conversation.ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -500,7 +446,6 @@ class TrialCompletionApi(TrialAppResource):
 class TrialSitApi(Resource):
    """Resource for trial app sites."""

-    @console_ns.response(200, "Success", console_ns.models[SiteResponse.__name__])
    @get_app_model_with_trial(None)
    def get(self, app_model):
        """Retrieve app site info.
@ -522,7 +467,6 @@ class TrialSitApi(Resource):
 class TrialAppParameterApi(Resource):
    """Resource for app variables."""

-    @console_ns.response(200, "Success", console_ns.models[ParametersResponse.__name__])
    @get_app_model_with_trial(None)
    def get(self, app_model):
        """Retrieve app parameters."""
@ -551,7 +495,6 @@ class TrialAppParameterApi(Resource):


 class AppApi(Resource):
-    @console_ns.response(200, "Success", app_detail_with_site_model)
    @get_app_model_with_trial(None)
    @marshal_with(app_detail_with_site_model)
    def get(self, app_model):
@ -564,7 +507,6 @@ class AppApi(Resource):


 class AppWorkflowApi(Resource):
-    @console_ns.response(200, "Success", workflow_model)
    @get_app_model_with_trial(None)
    @marshal_with(workflow_model)
    def get(self, app_model):
@ -577,8 +519,6 @@ class AppWorkflowApi(Resource):


 class DatasetListApi(Resource):
-    @console_ns.doc(params=query_params_from_model(TrialDatasetListQuery))
-    @console_ns.response(200, "Success", dataset_list_model)
    @get_app_model_with_trial(None)
    def get(self, app_model):
        page = request.args.get("page", default=1, type=int)
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Charles Yao	90567c537f	feat(api): forward user_type for MCP identity forwarding issue_mcp_token gains a user_type field (account\|end_user), derived from invoke_from ({DEBUGGER,EXPLORE}->account else end_user) so the enterprise side routes webapp end-users to the published-webapp token store. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-12 00:41:35 +02:00
GareArc	7e4b1cadd8	Merge branch 'fix/webapp-signin-ssr-window' into deploy/enterprise	2026-06-11 01:36:05 -07:00
GareArc	83f287ef48	Merge branch 'feat/openapi-error-contract' into deploy/enterprise	2026-06-11 00:53:34 -07:00
GareArc	37a616d1f3	fix(web): SSR crash on webapp-signin when redirect_url present getShareCodeFromRedirectUrl read window.location.origin in the render path of WebAppStoreProvider; since the app-shell bootstrap refactor (#35394) this component server-renders, so any /webapp-signin visit with a redirect_url param threw "window is not defined" and returned a 500 error shell. That shell lacks the body dataset runtime env, so the client fell back to localhost API defaults and the page dead-ended. Parse with a placeholder base instead — only pathname is consumed.	2026-06-11 00:36:37 -07:00
autofix-ci[bot]	4b836b56a9	[autofix.ci] apply automated fixes	2026-06-11 06:06:40 +00:00
GareArc	701b9699b3	chore(contracts): regenerate with OpenApiErrorCode enum definition	2026-06-10 22:54:51 -07:00
GareArc	9e0e23a339	feat(api): expose OpenApiErrorCode enum as standalone swagger definition	2026-06-10 22:49:50 -07:00
GareArc	5b75aae20d	test: dedupe error-path test helpers in cli and api	2026-06-10 19:06:59 -07:00
GareArc	673eb6bff9	refactor(cli): table-drive status classification in error mapper Also narrows classifyResponse return type to HttpClientError (type-level only; the body always returned it).	2026-06-10 18:52:48 -07:00
GareArc	67229339cb	refactor(openapi): own FilenameNotExists error instead of touching the shared class controllers/common/errors.py is consumed by other controllers; keep it untouched and declare the openapi-surface error as an OpenApiError subclass. Wire output is identical.	2026-06-10 04:34:46 -07:00
GareArc	57fb121f8a	fix(api): add override decorators and refresh generated contract after main merge	2026-06-10 04:24:38 -07:00
GareArc	0c661ac06b	Merge remote-tracking branch 'origin/main' into feat/openapi-error-contract	2026-06-10 04:17:37 -07:00
GareArc	525d706bad	fix(openapi): harden formatter against malformed details and document bypass paths Review follow-ups: - finalize() now falls back to a minimal status-derived body instead of letting a ValidationError escape the framework error handler when an already-rewritten e.data carries malformed canonical details - document that a pre-built e.response bypasses the body formatter - note the promote-to-libs seam for transport-generic codes in the module docstring - CLI: skip the loc prefix when a server error detail has an empty loc	2026-06-10 04:04:17 -07:00
GareArc	50573c78b9	docs(openapi): state the ErrorBody field table in the contract module docstring	2026-06-10 03:42:48 -07:00
GareArc	32809403d6	feat(cli): render server error details and semantic code without -v Surfaces server semantic code (server.code ?? e.code), per-field validation details, and the winning hint (server.hint ?? e.hint) in human output so a 422 user sees actionable context without needing --verbose.	2026-06-10 03:32:51 -07:00
GareArc	f3dde631dd	feat(cli): strict ErrorBody parse composed onto HttpClientError Replaces the tolerant WireFields/WireEnvelope parse in error-mapper with a strict zErrorBody.safeParse; non-conforming bodies yield no serverError and a generic message. The parsed body attaches whole as serverError?: ErrorBody on HttpClientError, with classification driven purely by HTTP status.	2026-06-10 03:25:54 -07:00
GareArc	57f527405d	chore(contracts): regenerate openapi contract with canonical ErrorBody	2026-06-10 03:20:22 -07:00
GareArc	27bbbbcf4b	feat(openapi): document canonical error schema in swagger via contract decorators @accepts(query/body) now emits a 422 response with ErrorBody; @returns emits a default error response with ErrorBody. ErrorBody (and auto-promoted ErrorDetail) are registered in openapi_ns so they appear in definitions and are reachable from both error response entries.	2026-06-10 03:15:45 -07:00
GareArc	40df3c26c6	test(openapi): pin error-path matrix to canonical wire codes Adds TestErrorMatrix (23 parametrized rows) covering every exception class raised or mapped in files.py and app_run.py, asserting the exact wire code each path emits and that every emitted code is an OpenApiErrorCode member. Also adds error_code = "filename_not_exists" to FilenameNotExistsError, which had no explicit code and was falling through to the status-map (bad_request).	2026-06-10 03:04:43 -07:00
GareArc	8cf49238af	refactor(openapi): route member-quota errors through the canonical formatter Replaces the _quota_error/.response hack in workspaces.py with two throwable OpenApiError subclasses (MemberLimitExceeded, MemberLicenseExceeded) so all 403 quota responses flow through OpenApiErrorFormatter rather than bypassing it via the early-return in external_api.py. Wire codes rename to member_limit_exceeded and member_license_exceeded.	2026-06-10 02:54:28 -07:00
GareArc	f5c5dbaed5	feat(openapi): emit canonical ErrorBody on every /openapi/v1 error path Install OpenApiErrorFormatter on the openapi blueprint's ExternalApi so all non-2xx responses from /openapi/v1 carry the canonical ErrorBody shape (code, message, status, optional details/hint). RFC 8628 device-flow endpoints are unaffected — their flat {error: ...} shape is passed through unchanged. Also: set catch_all_404s=True when a formatter is present so unknown routes return canonical JSON 404s (not Flask's default HTML 404). Override _help_on_404 to suppress route suggestions, which would corrupt the JSON contract and enumerate routes to unauthenticated callers. Both behaviours are scoped by formatter presence — other blueprints that construct ExternalApi without error_body_formatter are byte-identical. Wire-level tests added to TestWireContract (3 tests, 18 total): - 422 from @accepts validation carries code/status/details - unknown-route 404 is canonical JSON without route suggestions - device token POST returns RFC 8628 flat shape untouched by formatter	2026-06-10 02:48:38 -07:00
GareArc	41f827b609	feat(openapi): add OpenApiErrorFormatter normalizing all error paths to ErrorBody	2026-06-10 02:26:19 -07:00
GareArc	24b6e6f983	chore(openapi): neutral wording for domain-code comments	2026-06-10 02:08:47 -07:00
GareArc	5c657885a9	refactor(api): inject error-body formatter seam into ExternalApi handlers	2026-06-10 02:07:12 -07:00
GareArc	3f53fa605e	feat(openapi): add canonical ErrorBody model and error-code enum	2026-06-10 02:03:59 -07:00