The multi-platform Docker publish job can exhaust the hosted runner disk before BuildKit finishes, causing ENOSPC failures during log writing and cleanup.
Remove unused hosted toolchains and stale local Docker data before QEMU and Buildx setup so release builds have more room without changing Docker image inputs or install scripts.
Advertise message queue support from the Agent Zero connector backend and add WebSocket handlers for queue add, remove, and send operations.
Include queue snapshots in context subscriptions and emit queue updates as the backend state changes so the CLI can stay in sync.
Remove obsolete Office markdown editor UI and handoff code now that Markdown lives in the dedicated Editor surface.
Harden the Editor modal so it opens directly into a Markdown draft and rebinds Ace to the visible root when switching surfaces.
Make Browser address Enter navigation explicit and update the canvas setup expectations for the slimmer Office shell.
Expand the dedicated Editor surface with safe rendered preview mode, ACE-backed source editing, browser-style tabs, toolbar/file actions, preview search, and richer Markdown rendering for code blocks, task lists, images, tables, math, local links, and footnotes.
Keep open Markdown files synchronized with the active context and saved tool edits, including live refresh for document_artifact and text_editor results without routing Markdown through Desktop/Office.
Add inline preview-page editing, clickable preview task-list checkboxes, source editor rehydration after preview-mode refreshes, and regression coverage for the new editor wiring and sync behavior.
Add a builtin _editor plugin that owns Markdown API/WebSocket sessions, canvas and modal UI, live refresh, tabs, prompt Extras for active-context open files, inline close confirmation, and Close All handling.
Route Markdown document artifacts to Editor while keeping Office/Desktop focused on LibreOffice formats, and update Desktop/Office prompts, menus, compatibility shims, and regression coverage.
Forward reset=true from code_execution_remote replacement commands to the connected CLI and document when to use it versus runtime=reset. This lets the CLI tear down stuck host sessions before running the next command.
Tests from /home/eclypso/a0/a0-connector: PYTHONPATH=src conda run -n a0 pytest tests/test_plugin_backend.py::test_code_execution_remote_forwards_reset_true_with_replacement_command -v; ./.venv/bin/python -m pytest tests/test_plugin_backend.py -k 'code_execution_remote or select_remote_exec or ws_connector_exec_result' -v. Mirrored to live container 07e0288dc04f and health check returned HTTP 200.
Treat live usr runtime artifacts as non-blocking during self-update backups. Skip sockets, device nodes, vanished files, and unreadable entries with log messages so update rollback checks are not tripped by active Desktop profile state.
Adds <x-extension id="chats-header-controls"> to the chats list
section-header-row, enabling plugins to inject controls (sort toggles,
view switches) into the chats header area.
This follows the established x-extension pattern used throughout the
sidebar (sidebar-chats-list-start, sidebar-chats-list-end, etc.) and
aligns with the plugin extension architecture introduced in PR #998.
Migrate retired /usr/_office and /usr/_desktop trees from plugin startup into /usr/plugins/<plugin>. Update office document storage, desktop session/runtime paths, and context-scoped screenshots to use the plugin-owned state layout. Add focused tests for retired-state migration and the new path behavior.
Render custom per-chat model overrides in the model switcher instead of hiding them behind a generic Custom label.
Mark model override updates dirty so an already-open Web UI refreshes after CLI or Web UI changes, without exposing API key values in labels.
Add focused regression coverage for switcher rendering hooks and state-sync notifications.
Register Nebius Token Factory as an OpenAI-compatible chat provider using the Token Factory API base URL and NEBIUS_API_KEY-derived provider id.
Expose Nebius in onboarding metadata and add static coverage for the provider endpoint and UI listing.
Route host/local browser requests through the Browser tool instead of desktop or shell fallbacks. Add remote-debugging setup guidance to Browser runtime errors and document the exact Chrome inspect setting in prompts, skills, and Web UI copy.
Teach the Browser content helper to ignore global/delegated framework event bindings so snapshots surface the actual actionable controls instead of broad wrapper elements. Add an accessible name to the Browser address bar for more reliable capture output.
Allow agents to use selector-based reference actions, coordinate click fallbacks, focused-field typing, and string key chords such as CTRL+A across the browser tool, container runtime, and host connector runtime. Cover the behavior with browser regression and host connector tests.
Make file creation opt-in through document_artifact, move document file cards to final responses, and keep the tool payload as a quiet execution record.
Deduplicate response cards by file identity, refresh open Desktop canvas sessions after saved edits, and harden document_artifact edit input normalization for common append/update shapes.
Update prompts, skills, styles, and regression coverage for response-only file actions and explicit-only canvas opening.
Detect stalled automatic history compression so the prompt-prep wait loop cannot spin forever when no further reduction is possible.
Split large manual chat compaction input by verified token budget instead of line midpoint, covering single-line 85k+ character histories.
Add regression tests for stalled compression, max-pass bailout, and large single-line compaction chunking.
Move the project skills section directly after project instructions in the edit modal, before file structure and secrets.
Simplify the skills guidance copy and clarify that global skills are inherited automatically by every project.
Fixesagent0ai/agent-zero#1609.
Issue: "Unauthenticated Path-Containment Bypass in Agent Zero `/api/image_get`"
https://github.com/agent0ai/agent-zero/issues/1609
Resolve the path-containment bypass in /api/image_get by resolving requested images against the Agent Zero base directory before serving them, including symlink-aware validation and the development RFC fallback path.
Harden SVG and SVGZ responses with nosniff and a sandboxed CSP so uploaded SVGs cannot execute scripts in the Agent Zero origin. Add focused regressions for outside paths, symlink escapes, SVG headers, and development-mode remote validation.
Reset the custom API base URL whenever the provider dropdown changes so stale endpoints do not carry across provider tests. Move the chat Supports Vision toggle out of Advanced Settings while keeping dependent vision settings, such as Max embeds, inside Advanced.
Validate and persist API chat lifetime: lifetime_hours is validated as a positive number and stored in the AgentContext data, and context.last_message is set using UTC. Removed the in-class threading-based cleanup state and old _cleanup_expired_chats method. Introduced a new job-loop extension (extensions/python/job_loop/_20_cleanup_expired_api_chats.py) that periodically scans AgentContext instances and removes expired API chats (using persist_chat.remove_chat) in a UTC-aware manner. Added tests (tests/test_api_chat_lifetime.py) to verify lifetime persistence and that the job loop removes expired chats.
Rename high-impact skills to task-oriented names and move plugin-owned skills into their owning plugin folders.\n\nAlign renamed skill frontmatter with the official SKILL.md standard by keeping trigger language in name/description metadata, replacing the old create-skill wizard with build-skill, and updating browser, A0 connector, computer-use, CLI setup, and scheduler skill references.\n\nTighten the recurring cross-provider guidance gaps surfaced by the evidence sweeps: memory requests now avoid promptinclude-file routing, scheduler prompts distinguish cron schedules from planned ISO dates, document questions prefer document_query, skills_tool search/read_file usage is clearer, normal notifications set info/priority 10, and local/host text editors preserve patch intent.\n\nUpdate regression tests for the renamed skills, plugin ownership, prompt budget reality, and standard frontmatter shape.
Summarize the provider evidence sweeps into a scored Agent Zero tool-efficiency chart.\n\nDocument the scoring rubric, ranked provider/model results, recurring failure clusters, applied prompt/skill improvements, and follow-up candidates while keeping the raw EVIDENCE files untracked.
Update the computer-use skill so agents tell users to run /computer-use rearm when the desktop-control backend reports COMPUTER_USE_REARM_REQUIRED, instead of asking them to manually switch modes.
Allow the Linux Desktop state collector to report a healthy canvas when XFCE has no active application window, as long as the display, visible windows, and screenshots are available.
Document the readiness rule in the linux-desktop skill and add regression coverage for the bare-desktop active_window=null case.
Track computer-use CLI status, last error, and restore-token presence in connector metadata so stale Free Run settings are no longer treated as ready.
Materialize CLI-provided screenshot artifacts through Agent Zero's file helpers, stop dispatching computer_use_remote actions when metadata already reports rearm required, and teach the skill to give backend-agnostic rearm guidance without screenshot or vision fallbacks.
Standardize multi-action tools around tool_args.action while keeping parser compatibility for older tool/args, tool_name:action, and method-shaped requests. This keeps new prompts clean without breaking agents that learned the previous dialect.
Move A0 connector remote execution/file tools into stable standard prompts, make remote targeting independent of the active chat context, and skill-gate beta computer-use remote so it no longer weighs down the always-on tool list.
Align text editor, scheduler, skills, office artifact, memory, notify, and browser prompts/tools around the canonical action contract. Add scheduler update/timezone handling, skills_tool read_file, text editor patch coverage, and fixes for memory_forget, behaviour_adjustment, and code execution progress warnings.
Reduce default prompt pressure by compacting browser and scheduler prompts into skill-backed manifests, shortening skill catalog descriptions, and pruning noisy framework knowledge. Remove obsolete connector prompt stubs and root tool-call knowledge examples.
Tests: conda run -n a0 pytest tests/test_a0_connector_prompt_gating.py tests/test_tool_action_contracts.py tests/test_task_scheduler_timezone.py tests/test_text_editor_context_patch.py tests/test_tool_request_normalization.py tests/test_office_document_store.py::test_odf_is_advertised_and_docx_remains_explicit_compatibility tests/test_office_document_store.py::test_document_artifact_accepts_method_alias_for_ods_create tests/test_skills_runtime.py tests/test_default_prompt_budget.py::test_a0_small_profile_removed_and_prompt_text_generic -q
Tighten the final onboarding discovery cards so the setup suggestions take less vertical space.
Add a compact CLI Connector card with macOS/Linux and Windows install commands plus a small A0 terminal preview asset.
Default Bring Your Own Browser mode to the existing browser profile while exposing a clean Agent profile option in Browser settings with a clear warning for existing-profile access.
Forward the selected profile mode through the connector browser runtime, tolerate legacy config modules and old saved configs, and update regression coverage for the new payload shape.
Stop and remove the old a0_office_collabora supervisor program during Docker self-update preparation, before stale Collabora runtime paths are deleted. Add a narrow repo-side retirement hook so older bootstrap managers can clean the checked-out runtime without reinstalling desktop packages during health checks.
Harden XFCE desktop startup with explicit XDG config/data directories so upgraded Desktop sessions avoid the failsafe-session path after the Collabora-to-LibreOffice transition.
Add a screenshot-led guide for the guided onboarding wizard using Agent Zero API as the example setup. Link the guide from the docs hub, quickstart, and installation setup flow, and include optimized screenshots for choosing Cloud, selecting a provider, choosing models, and reaching the ready state.
Introduce a guided Cloud versus Local first-run modal with provider selection, account connection, model picking, and a ready state.\n\nAdd the reusable discovery auto-modal trigger, chat-created startup checks, onboarding-owned provider presentation metadata and assets, OAuth affordances, local provider guidance, and model-search hardening.\n\nKeep runtime provider data centralized while preserving onboarding-specific copy, logos, and docs links in the onboarding plugin.
Update onboarding.html
Update onboarding.html
Configure Ollama Cloud as an OpenAI-compatible chat provider with the hosted API base and model listing endpoint.\n\nAdd a focused provider config test so the integration stays key-required and keeps the expected /models endpoint.
Refresh README, quickstart, and the docs index around Browser, Desktop, A0 CLI, projects, memory, skills, profiles, and model presets.
Add optimized scoped screenshots for Web UI, Browser, Desktop, and CLI workflows.
Trim architecture-heavy developer pages toward DeepWiki handoffs so local docs stay focused on practical user guidance.
Save a static JPEG for each Browser tool call in the chat history folder and render that immutable image in transcript screenshot previews. Keep live Browser surface attachment available through stored browser/context metadata, and ignore generated Playwright CLI artifacts.
Attach the Browser canvas to active Docker sessions by returning an initial snapshot on subscribe and preserving valid frames through state-only updates. Route Markdown document opens through the right-canvas Desktop editor instead of the legacy office modal. Skip automatic office document response affordances for subordinate agents so delegated reviews keep their actual content.
Replace the combined A0 CLI remote workflow skill with separate text-editor and code-execution remote skills, update tool stubs to load the matching per-tool guide, and keep computer-use remote scoped to desktop control. Add prompt-gating coverage for the per-affordance skill split.
Add a protected connector endpoint for reading and updating the Browser plugin runtime backend so the A0 CLI can switch between Docker browser and Bring Your Own Browser mode. Keep legacy host_when_available values normalized to host_required, move the host/container setting to the top of Browser settings, and cover the config normalization path.
Remove the ambiguous Use host when ready option from the Browser plugin settings and present the host-required path as Bring Your Own Browser. Add concise Chrome/Chromium remote-debugging guidance, normalize legacy host_when_available values to the BYOB setting, and make missing host-browser connector setup a repairable error with regression coverage.
Move URL normalization into Agent Zero-owned Browser helper code and expose the content helper's required API contract from the shared asset. Normalize host-browser open/navigate payloads before they cross into the connector, including nested multi actions, and add regression coverage for helper payload delivery and URL edge cases.
Make the Browser plugin the source of truth for browser-page-content.js by attaching its source and sha256 to host-browser operations when the CLI has no matching helper hash. Store the helper hash in connector metadata and cover the routing/ensure path in tests.
Store and surface host-browser preparation and CDP endpoint metadata from A0 CLI.
Let Browser runtime prepare candidate CLIs before the first action, and keep host-required errors more actionable.
Simplify Host Browser settings language and document the Chrome remote-debugging consent flow.
